From 75085bf1d77c154ef316c25af4d7cb1c93ab47d3 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Wed, 3 Aug 2016 05:06:13 +0000 Subject: [PATCH] DB: 2016-08-03 7 new exploits Real Server 7/8/9 - Remote Root Exploit (Windows & Linux) Real Server 7/8/9 - Remote Root Exploit (Windows / Linux) Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit BSD & Linux - umount Local Root Exploit BSD & Linux umount - Local Root Exploit BSD & Linux - lpr Command Local Root Exploit BSD & Linux lpr - Local Root Exploit Battlefield 1942 <= 1.6.19 + Vietnam 1.2 - Broadcast Client Crash Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash PHP 4.3.9 & phpBB 2.x - unserialize() Remote Exploit (compiled) PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled) Soldier of Fortune 2 <= 1.03 - 'cl_guid' Server Crash Soldier of Fortune 2 1.03 - 'cl_guid' Server Crash Download Center Lite (DCL) <= 1.5 - Remote File Inclusion Download Center Lite (DCL) 1.5 - Remote File Inclusion Linux Mandrake 10.2 - cdrdao Local Root Exploit (unfixed) cdrdao (Mandrake 10.2) - Local Root Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit MyBulletinBoard (MyBB) 1.00 RC4 - SQL Injection Exploit e107 <= 0.617 - XSS Remote Cookie Disclosure Exploit e107 0.617 - XSS Remote Cookie Disclosure Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit MyBulletinBoard (MyBB) 1.00 RC4 SQL Injection Exploit F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit F-Secure Internet Gatekeeper for Linux < 2.15.484 (and Gateway < 2.16) - Local Root Exploit MyBulletinBoard (MyBB) <= 1.03 - Multiple SQL Injection Exploit MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injection Exploit MyBulletinBoard (MyBB) <= 1.03 - (misc.php COMMA) SQL Injection MyBulletinBoard (MyBB) 1.03 - (misc.php COMMA) SQL Injection MyBulletinBoard (MyBB) <= 1.04 - (misc.php COMMA) SQL Injection (2) MyBulletinBoard (MyBB) 1.04 - (misc.php COMMA) SQL Injection (2) Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities MyBulletinBoard (MyBB) <= 1.1.3 - (usercp.php) Create Admin Exploit MyBulletinBoard (MyBB) 1.1.3 - (usercp.php) Create Admin Exploit DZCP (deV!L_z Clanportal) <= 1.34 - (id) SQL Injection Exploit DZCP (deV!L_z Clanportal) 1.34 - (id) SQL Injection Exploit Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit (1) MyBulletinBoard (MyBB) <= 1.1.5 - (CLIENT-IP) SQL Injection Exploit MyBulletinBoard (MyBB) 1.1.5 - (CLIENT-IP) SQL Injection Exploit PHP Live! <= 3.2.1 - (help.php) Remote Inclusion PHP Live! 3.2.1 - (help.php) Remote Inclusion Les Visiteurs (Visitors) <= 2.0 - (config.inc.php) File Include Les Visiteurs (Visitors) 2.0 - (config.inc.php) File Include Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include Electronic Engineering Tool (EE TOOL) 0.4.1 File Include DZCP (deV!L_z Clanportal) <= 1.3.6 - Arbitrary File Upload DZCP (deV!L_z Clanportal) 1.3.6 - Arbitrary File Upload Tucows Client Code Suite (CSS) <= 1.2.1015 File Include Tucows Client Code Suite (CSS) 1.2.1015 File Include KDE 3.5 - (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit DZCP (deV!L_z Clanportal) <= 1.4.5 - Remote File Disclosure DZCP (deV!L_z Clanportal) 1.4.5 - Remote File Disclosure McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit McAfee VirusScan for Mac (Virex) 7.7 - Local Root Exploit WEBO (Web Organizer) <= 1.0 - (baseDir) Remote File Inclusion WEBO (Web Organizer) 1.0 - (baseDir) Remote File Inclusion Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution Katalog Plyt Audio (pl) <= 1.0 - SQL Injection Exploit Katalog Plyt Audio (pl) 1.0 - SQL Injection Exploit study planner (studiewijzer) <= 0.15 - Remote File Inclusion study planner (studiewijzer) 0.15 - Remote File Inclusion MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution Exploit MyBulletinBoard (MyBB) <= 1.2.2 - (CLIENT-IP) SQL Injection Exploit MyBulletinBoard (MyBB) 1.2.2 - (CLIENT-IP) SQL Injection Exploit MyBulletinBoard (MyBB) <= 1.2.5 calendar.php Blind SQL Injection Exploit MyBulletinBoard (MyBB) 1.2.5 calendar.php Blind SQL Injection Exploit Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution (2) Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2) LAN Management System (LMS) <= 1.9.6 - Remote File Inclusion Exploit LAN Management System (LMS) 1.9.6 - Remote File Inclusion Exploit Ripe Website Manager (CMS) <= 0.8.9 - Remote File Inclusion Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion Simple PHP Blog (sphpblog) <= 0.5.1 - Multiple Vulnerabilities Simple PHP Blog (sphpblog) 0.5.1 - Multiple Vulnerabilities TaskFreak! <= 0.6.1 - SQL Injection TaskFreak! 0.6.1 - SQL Injection MyBulletinBoard (MyBB) <= 1.2.10 - Remote Code Execution Exploit mybulletinboard (mybb) <= 1.2.10 - Multiple Vulnerabilities MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution Exploit mybulletinboard (mybb) 1.2.10 - Multiple Vulnerabilities MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit PHP Live! <= 3.2.2 - (questid) SQL Injection (1) PHP Live! 3.2.2 - (questid) SQL Injection (1) Web Group Communication Center (WGCC) <= 1.0.3 - SQL Injection Web Group Communication Center (WGCC) 1.0.3 - SQL Injection C6 Messenger ActiveX Remote Download & Execute Exploit C6 Messenger ActiveX - Remote Download & Execute Exploit eLineStudio Site Composer (ESC) <= 2.6 - Multiple Vulnerabilities eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit Simple PHP Blog (SPHPBlog) 0.5.1 Code Execution Exploit MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit (2) MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit (2) DZCP (deV!L_z Clanportal) <= 1.4.9.6 - Blind SQL Injection Exploit DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection Exploit Amaya Web Editor XML and HTML parser Vulnerabilities Amaya Web Editor - XML and HTML parser Vulnerabilities CMS WEBjump! Multiple SQL Injection CMS WEBjump! - Multiple SQL Injection RQms (Rash) <= 1.2.2 - Multiple SQL Injection RQms (Rash) 1.2.2 - Multiple SQL Injection Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit Apple Safari & Quicktime Denial of Service Apple Safari & Quicktime - Denial of Service AudioPLUS 2.00.215 - (.lst & .m3u) Local Buffer Overflow (SEH) AudioPLUS 2.00.215 - (.lst / .m3u) Local Buffer Overflow (SEH) PHP Live! <= 3.2.2 - (questid) SQL Injection (2) PHP Live! 3.2.2 - (questid) SQL Injection (2) TwonkyMedia Server 4.4.17 & <= 5.0.65 - XSS TwonkyMedia Server 4.4.17 / 5.0.65 - XSS Adobe Shockwave 11.5.1.601 Player Multiple Code Execution Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution NAS Uploader 1.0 & 1.5 - Remote File Upload NAS Uploader 1.0 / 1.5 - Remote File Upload PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit) PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit) Nuked KLan 1.7.7 & <= SP4 DoS Nuked KLan 1.7.7 & SP4 DoS Aqua Real 1.0 & 2.0 - Local Crash PoC Aqua Real 1.0 / 2.0 - Local Crash PoC FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting (XSS) FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting Ipswitch IMAIL 11.01 reversible encryption + weak ACL Ipswitch IMAIL 11.01 - reversible encryption + weak ACL justVisual 2.0 - (index.php) <= LFI justVisual 2.0 - (index.php) LFI Simple Machines Forum (SMF) <= 1.1.8 - (avatar) Remote PHP File Execute PoC Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute PoC SafeSHOP 1.5.6 - Cross-Site Scripting & Multiple Cross-Site Request Forgery SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting (XSS) McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting Local Glibc shared library (.so) <= 2.11.1 Exploit Local Glibc shared library (.so) 2.11.1 Exploit Safari 4.0.3 & 4.0.4 - Stack Exhaustion Safari 4.0.3 / 4.0.4 - Stack Exhaustion Apache Axis2 administration console - Cross-Site Scripting (XSS) (Authenticated) Apache Axis2 administration console - (Authenticated) Cross-Site Scripting CubeCart PHP (shipkey parameter) <= 4.3.x - SQL Injection CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection Joomla Health & Fitness Stats Persistent XSS Joomla Health & Fitness Stats - Persistent XSS PunBB 1.3.4 & Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit PunBB 1.3.4 / Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit MyIT CRM - Multiple Cross-Site Scripting (XSS) MyIT CRM - Multiple Cross-Site Scripting Adobe Dreamweaver CS5 <= 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll) Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll) Avast! <= 5.0.594 - license files DLL Hijacking Exploit (mfc90loc.dll) Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit BlogBird Platform Multiple XSS Vulnerabilities BlogBird Platform - Multiple XSS Vulnerabilities Joomla Component (btg_oglas) HTML & XSS Injection Joomla Component (btg_oglas) - HTML / XSS Injection Lotus CMS Fraise 3.0 - LFI & Remote Code Execution Exploit Lotus CMS Fraise 3.0 - LFI / Remote Code Execution Exploit Novell ZenWorks 10 & 11 - TFTPD Remote Code Execution Novell ZenWorks 10 / 11 - TFTPD Remote Code Execution CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (1) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1) CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (2) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2) CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (3) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3) CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow CA BrightStor ARCserve for Laptops & Desktops LGServer - Multiple Commands Buffer Overflow SmarterMail 7.3 & 7.4 - Multiple Vulnerabilities SmarterMail 7.3 / 7.4 - Multiple Vulnerabilities OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit OpenSLP 1.2.1 / < 1647 trunk - Denial of Service Exploit ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0Day) ScadaTEC ModbusTagServer & ScadaPhone - (.zip) Buffer Overflow Exploit (0Day) MARINET CMS (room.php) <= Blind SQL MARINET CMS (room.php) Blind SQL phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection (Metasploit) phpMyAdmin 3.3.x / 3.4.x - Local File Inclusion via XXE Injection (Metasploit) ContaoCMS (aka TYPOlight) <= 2.11 - CSRF (Delete Admin & Delete Article) ContaoCMS (aka TYPOlight) 2.11 - CSRF (Delete Admin / Delete Article) Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 - Remote Buffer Overflow Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow Simple PHP Agenda 2.2.8 - CSRF (Add Admin & Add Event) Simple PHP Agenda 2.2.8 - CSRF (Add Admin / Add Event) SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption SumatraPDF 2.0.1 - (.chm / .mobi) Memory Corruption Dolibarr ERP & CRM 3 Post-Auth OS Command Injection Dolibarr ERP & CRM OS Command Injection Dolibarr ERP & CRM 3 - Post-Auth OS Command Injection Dolibarr ERP & CRM - OS Command Injection Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1) Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2) Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1) Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2) sflog! <= 1.00 - Multiple Vulnerabilities sflog! 1.00 - Multiple Vulnerabilities Inter7 vpopmail (vchkpw) <= 3.4.11 - Buffer Overflow Inter7 vpopmail (vchkpw) 3.4.11 - Buffer Overflow White Label CMS 1.5 - CSRF & Persistent XSS White Label CMS 1.5 - CSRF / Persistent XSS AIX 3.x/4.x & Windows 95/98/2000/NT 4 & SunOS 5 gethostbyname() - Buffer Overflow AIX 3.x/4.x / Windows 95/98/2000/NT 4 / SunOS 5 gethostbyname() - Buffer Overflow gdb (GNU debugger) <= 7.5.1NULL Pointer Dereference gdb (GNU debugger) 7.5.1NULL Pointer Dereference Adam Webb NukeJokes 1.7/2.0 Module Multiple Parameter XSS Adam Webb NukeJokes 1.7/2.0 - Module Multiple Parameter XSS Polycom HDX Telnet Authorization Bypass (Metasploit) Polycom HDX - Telnet Authorization Bypass (Metasploit) Joomla! <= 3.0.2 - (highlight.php) PHP Object Injection Joomla! 3.0.2 - (highlight.php) PHP Object Injection Joomla! <= 3.0.3 (remember.php) - PHP Object Injection Joomla! 3.0.3 (remember.php) - PHP Object Injection Active Auction House Default.ASP Multiple SQL Injection Active Auction House - Default.ASP Multiple SQL Injection Aenovo Multiple Unspecified Cross-Site Scripting Vulnerabilities Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities Alisveristr E-commerce Login Multiple SQL Injection Alisveristr E-commerce Login - Multiple SQL Injection Cline Communications Multiple SQL Injection Cline Communications - Multiple SQL Injection Andy Mack 35mm Slide Gallery 6.0 popup.php Multiple Parameter XSS Andy Mack 35mm Slide Gallery 6.0 - popup.php Multiple Parameter XSS Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow Apple Safari 6.0.1 for iOS 6.0 / OS X 10.7/8 - Heap Buffer Overflow AIOCP 1.3.x cp_forum_view.php Multiple Parameter XSS AIOCP 1.3.x - cp_forum_view.php Multiple Parameter XSS AIOCP 1.3.x cp_news.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection AIOCP 1.3.x cp_newsletter.php Multiple Parameter SQL Injection AIOCP 1.3.x cp_links.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection AIOCP 1.3.x cp_show_ec_products.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection 20/20 Applications Data Shed 1.0 listings.asp Multiple Parameter SQL Injection 20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection ClickContact Default.ASP Multiple SQL Injection ClickContact - Default.ASP Multiple SQL Injection Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Onpub CMS 1.4 / 1.5 - Multiple SQL Injection Apache + PHP < 5.3.12 & < 5.4.2 - cgi-bin Remote Code Execution Exploit Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit Apache + PHP < 5.3.12 & < 5.4.2 - Remote Code Execution (Multithreaded Scanner) Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) ClientExec 3.0 Index.php Multiple Cross-Site Scripting Vulnerabilities ClientExec 3.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities AbleDesign MyCalendar 2.20.3 Index.php Multiple Cross-Site Scripting Vulnerabilities AbleDesign MyCalendar 2.20.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities AlstraSoft Affiliate Network Pro 8.0 merchants/index.php Multiple Parameter XSS AlstraSoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter XSS File(1) <= 4.13 Command File_PrintF Integer Underflow File(1) 4.13 Command File_PrintF Integer Underflow ACDSee 9.0 Photo Manager Multiple BMP Denial of Service Vulnerabilities ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities Ahhp Portal Page.php Multiple Remote File Inclusion Ahhp Portal - Page.php Multiple Remote File Inclusion Apple QuickTime 7.1.5 Information Disclosure and Multiple Code Execution Vulnerabilities Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities OpenBase 10.0.x - Buffer Overflow / Remote Command Execution AIDA Web Frame.HTML Multiple Unauthorized Access Vulnerabilities AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities Absolute News Manager .NET 5.1 xlaabsolutenm.aspx Multiple Parameter SQL Injection Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple Parameter SQL Injection Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution and Security Vulnerabilities Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution / Security Vulnerabilities Apple iPhone and iPod Touch < 2.0 - Multiple Remote Vulnerabilities Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities HPSystem Management Homepage (SMH) <= 2.1.12 - 'message.php' Cross-Site Scripting HPSystem Management Homepage (SMH) 2.1.12 - 'message.php' Cross-Site Scripting Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit 'alert()' Function Remote Denial of Service Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service 3Com Wireless 8760 Dual-Radio 11a/b/g PoE Multiple Security Vulnerabilities 3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Security Vulnerabilities AlmondSoft Multiple Classifieds Products index.php replid Parameter SQL Injection AlmondSoft Multiple Classifieds Products index.php Multiple Parameter XSS AlmondSoft Multiple Classifieds Products - index.php replid Parameter SQL Injection AlmondSoft Multiple Classifieds Products - index.php Multiple Parameter XSS Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation (1) Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Local Privilege Escalation (1) CMS Source Multiple Input Validation Vulnerabilities CMS Source - Multiple Input Validation Vulnerabilities 123 Flash Chat = Multiple Security Vulnerabilities 123 Flash Chat - Multiple Security Vulnerabilities Pimcore 3.0 & 2.3.0 CMS - SQL Injection Pimcore 3.0 / 2.3.0 CMS - SQL Injection Apple Mac OS X 10.6.5 And iOS 4.3.3 Mail Denial of Service Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service CmyDocument Multiple Cross-Site Scripting Vulnerabilities CmyDocument - Multiple Cross-Site Scripting Vulnerabilities OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS) OTRS < 3.1.x / < 3.2.x / < 3.3.x - Stored Cross-Site Scripting OYO File Manager 1.1 (iOS & Android) - Multiple Vulnerabilities OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities Airdroid iOS_ Android & Win 3.1.3 - Persistent Airdroid iOS / Android / Win 3.1.3 - Persistent SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit Air Drive Plus Multiple Input Vallidation Vulnerabilities Air Drive Plus - Multiple Input Vallidation Vulnerabilities Collabtive Multiple Security Vulnerabilities Collabtive - Multiple Security Vulnerabilities Open Upload 0.4.2 - (Add Admin) CSRF Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service Wireshark 2.0.0 to 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - WSP Dissector Denial of Service Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - RLC Dissector Denial of Service --- files.csv | 315 +++++++++++++++-------------- platforms/multiple/dos/40194.txt | 31 +++ platforms/multiple/dos/40195.txt | 25 +++ platforms/multiple/dos/40197.txt | 32 +++ platforms/multiple/dos/40198.txt | 32 +++ platforms/multiple/dos/40199.txt | 87 ++++++++ platforms/php/webapps/40193.txt | 65 ++++++ platforms/win_x86-64/dos/40196.txt | 27 +++ 8 files changed, 460 insertions(+), 154 deletions(-) create mode 100755 platforms/multiple/dos/40194.txt create mode 100755 platforms/multiple/dos/40195.txt create mode 100755 platforms/multiple/dos/40197.txt create mode 100755 platforms/multiple/dos/40198.txt create mode 100755 platforms/multiple/dos/40199.txt create mode 100755 platforms/php/webapps/40193.txt create mode 100755 platforms/win_x86-64/dos/40196.txt diff --git a/files.csv b/files.csv index cbad31258..f6fa85395 100755 --- a/files.csv +++ b/files.csv @@ -84,7 +84,7 @@ id,file,description,date,author,platform,type,port 82,platforms/windows/dos/82.c,"Piolet Client 1.05 - Remote Denial of Service Exploit",2003-08-20,"Luca Ercoli",windows,dos,0 83,platforms/windows/remote/83.html,"Microsoft Internet Explorer - Object Data Remote Exploit (M03-032)",2003-08-21,malware,windows,remote,0 84,platforms/linux/remote/84.c,"Gopherd 3.0.5 - FTP Gateway Remote Overflow Exploit",2003-08-22,vade79,linux,remote,70 -86,platforms/multiple/remote/86.c,"Real Server 7/8/9 - Remote Root Exploit (Windows & Linux)",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 +86,platforms/multiple/remote/86.c,"Real Server 7/8/9 - Remote Root Exploit (Windows / Linux)",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Remote Root Buffer Overflow Exploit",2003-08-28,vade79,linux,remote,21 89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23 90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String Exploit",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661 @@ -122,7 +122,7 @@ id,file,description,date,author,platform,type,port 123,platforms/windows/remote/123.c,"Microsoft Windows Workstation Service - WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 124,platforms/windows/remote/124.pl,"IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80 125,platforms/bsd/local/125.c,"OpenBSD 2.x - 3.3 exec_ibcs2_coff_prep_zmagic() Kernel Exploit",2003-11-19,"Sinan Eren",bsd,local,0 -126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit",2003-11-20,xCrZx,linux,remote,80 +126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit",2003-11-20,xCrZx,linux,remote,80 127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (Webserver)",2003-11-22,nesumin,windows,remote,0 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept) (1)",2003-12-02,"Christophe Devine",linux,local,0 130,platforms/windows/remote/130.c,"Microsoft Windows XP Workstation Service - Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 @@ -300,10 +300,10 @@ id,file,description,date,author,platform,type,port 317,platforms/linux/local/317.txt,"Resolv+ (RESOLV_HOST_CONF) - Linux Library Local Exploit",1996-01-01,"Jared Mauch",linux,local,0 319,platforms/linux/local/319.c,"sudo.bin - NLSPATH Local Root Exploit",1996-02-13,_Phantom_,linux,local,0 320,platforms/linux/local/320.pl,"suid_perl 5.001",1996-06-01,"Jon Lewis",linux,local,0 -321,platforms/multiple/local/321.c,"BSD & Linux - umount Local Root Exploit",1996-08-13,bloodmask,multiple,local,0 +321,platforms/multiple/local/321.c,"BSD & Linux umount - Local Root Exploit",1996-08-13,bloodmask,multiple,local,0 322,platforms/linux/local/322.c,"Xt Library - Local Root Command Execution Exploit",1996-08-24,"b0z0 bra1n",linux,local,0 324,platforms/windows/dos/324.txt,"Ping of Death Remote Denial of Service Exploit",1996-10-21,anonymous,windows,dos,0 -325,platforms/linux/local/325.c,"BSD & Linux - lpr Command Local Root Exploit",1996-10-25,"Vadim Kolontsov",linux,local,0 +325,platforms/linux/local/325.c,"BSD & Linux lpr - Local Root Exploit",1996-10-25,"Vadim Kolontsov",linux,local,0 328,platforms/solaris/local/328.c,"Solaris 2.4 - /bin/fdformat Local Buffer Overflow Exploits",1997-03-23,"Cristian Schipor",solaris,local,0 329,platforms/windows/dos/329.txt,"Microsoft Windows NT Crash with an Extra Long Username DoS Exploit",1997-04-01,Fyodor,windows,dos,0 330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp and lpsched - Symlink Vulnerabilities",1997-05-03,"Chris Sheldon",solaris,local,0 @@ -524,7 +524,7 @@ id,file,description,date,author,platform,type,port 675,platforms/windows/remote/675.txt,"Hosting Controller 0.6.1 Hotfix 1.4 - Directory Browsing",2004-12-05,Mouse,windows,remote,0 676,platforms/php/webapps/676.c,"phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 677,platforms/windows/dos/677.txt,"GetRight 5.2a - Skin File (.grs) Buffer Overflow Exploit",2004-12-06,ATmaCA,windows,dos,0 -679,platforms/windows/dos/679.c,"Battlefield 1942 <= 1.6.19 + Vietnam 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 +679,platforms/windows/dos/679.c,"Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 680,platforms/osx/local/680.txt,"Mac OS X Adobe Version Cue - Local Root Exploit (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Remote Root Format String Exploit",2004-12-12,CoKi,linux,remote,504 682,platforms/windows/dos/682.c,"Codename Eagle 1.42 - Socket Unreacheable DoS Exploit",2004-12-13,"Luigi Auriemma",windows,dos,0 @@ -541,7 +541,7 @@ id,file,description,date,author,platform,type,port 693,platforms/windows/remote/693.c,"Ability Server 2.34 - Remote APPE Buffer Overflow Exploit",2004-12-16,darkeagle,windows,remote,21 694,platforms/windows/local/694.c,"WinRAR 3.4.1 - Corrupt ZIP File PoC",2004-12-16,"Vafa Khoshaein",windows,local,0 695,platforms/linux/local/695.c,"Cscope 15.5 - Symlink Exploit",2004-12-17,Gangstuck,linux,local,0 -697,platforms/php/webapps/697.c,"PHP 4.3.9 & phpBB 2.x - unserialize() Remote Exploit (compiled)",2004-12-17,overdose,php,webapps,0 +697,platforms/php/webapps/697.c,"PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled)",2004-12-17,overdose,php,webapps,0 698,platforms/ultrix/local/698.c,"Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit",2004-12-20,"Kristoffer BrÃ¥nemyr",ultrix,local,0 699,platforms/aix/local/699.c,"AIX 5.1 < 5.3 - paginit Local Stack Overflow Exploit",2004-12-20,cees-bart,aix,local,0 700,platforms/windows/dos/700.html,"Microsoft Internet Explorer & MSN Memory_Access_Violation DoS",2004-12-21,"Emmanouel Kellinis",windows,dos,0 @@ -663,7 +663,7 @@ id,file,description,date,author,platform,type,port 838,platforms/multiple/dos/838.pl,"webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service Exploit",2005-02-24,karak0rsan,multiple,dos,0 839,platforms/windows/local/839.cpp,"Avaya IP Office Phone Manager Local Password Disclosure Exploit",2005-02-24,"Adrian ""pagvac"" Pastor",windows,local,0 840,platforms/cgi/webapps/840.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit",2005-02-24,Silentium,cgi,webapps,0 -841,platforms/windows/dos/841.c,"Soldier of Fortune 2 <= 1.03 - 'cl_guid' Server Crash",2005-02-24,"Luigi Auriemma",windows,dos,0 +841,platforms/windows/dos/841.c,"Soldier of Fortune 2 1.03 - 'cl_guid' Server Crash",2005-02-24,"Luigi Auriemma",windows,dos,0 842,platforms/linux/dos/842.c,"wu-ftpd 2.6.2 - File Globbing Denial of Service Exploit",2005-02-25,str0ke,linux,dos,0 843,platforms/windows/dos/843.c,"Knet 1.04c - Buffer Overflow Denial of Service Exploit",2005-02-25,CorryL,windows,dos,0 844,platforms/windows/local/844.asm,"eXeem 0.21 - Local Password Disclosure Exploit (asm)",2005-02-26,illwill,windows,local,0 @@ -690,7 +690,7 @@ id,file,description,date,author,platform,type,port 867,platforms/multiple/dos/867.c,"Ethereal 0.10.9 - Denial of Service",2005-03-08,"Leon Juranic",multiple,dos,0 868,platforms/windows/remote/868.cpp,"Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow",2005-03-09,Arabteam2000,windows,remote,0 869,platforms/bsd/dos/869.c,"OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service Exploit",2005-03-09,RusH,bsd,dos,0 -870,platforms/php/webapps/870.txt,"Download Center Lite (DCL) <= 1.5 - Remote File Inclusion",2005-03-10,"Filip Groszynski",php,webapps,0 +870,platforms/php/webapps/870.txt,"Download Center Lite (DCL) 1.5 - Remote File Inclusion",2005-03-10,"Filip Groszynski",php,webapps,0 871,platforms/php/webapps/871.txt,"phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)",2005-03-11,Ali7,php,webapps,0 872,platforms/php/webapps/872.pl,"SocialMPN Arbitrary File Injection Exploit",2005-03-11,y3dips,php,webapps,0 873,platforms/php/webapps/873.txt,"phpDEV5 - Remote Default Insecure Users",2005-03-11,Ali7,php,webapps,0 @@ -808,7 +808,7 @@ id,file,description,date,author,platform,type,port 989,platforms/php/webapps/989.pl,"PhotoPost Arbitrary Data Remote Exploit",2005-05-13,basher13,php,webapps,0 990,platforms/windows/remote/990.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow",2005-05-17,nolimit,windows,remote,20031 996,platforms/php/webapps/996.pl,"ZPanel 2.5b10 - SQL Injection Exploit",2005-05-17,RusH,php,webapps,0 -997,platforms/linux/local/997.sh,"Linux Mandrake 10.2 - cdrdao Local Root Exploit (unfixed)",2005-05-17,newbug,linux,local,0 +997,platforms/linux/local/997.sh,"cdrdao (Mandrake 10.2) - Local Root Exploit",2005-05-17,newbug,linux,local,0 998,platforms/linux/dos/998.c,"Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Exploit",2005-05-17,alert7,linux,dos,0 999,platforms/linux/dos/999.c,"Gaim 1.2.1 URL Handling Remote Stack Overflow Exploit",2005-05-17,Ron,linux,dos,0 1000,platforms/windows/dos/1000.cpp,"Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Exploit",2005-05-17,"Konrad Malewski",windows,dos,0 @@ -832,7 +832,7 @@ id,file,description,date,author,platform,type,port 1019,platforms/windows/local/1019.c,"Microsoft Windows - COM Structured Storage Local Exploit (MS05-012)",2005-05-31,"Cesar Cerrudo",windows,local,0 1020,platforms/php/webapps/1020.c,"Zeroboard 4.1 preg_replace Remote nobody Shell Exploit",2005-05-31,n0gada,php,webapps,0 1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit",2005-05-31,"Team W00dp3ck3r",linux,remote,0 -1022,platforms/php/webapps/1022.pl,"MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit",2005-05-31,"Alberto Trivero",php,webapps,0 +1022,platforms/php/webapps/1022.pl,"MyBulletinBoard (MyBB) 1.00 RC4 - SQL Injection Exploit",2005-05-31,"Alberto Trivero",php,webapps,0 1023,platforms/php/webapps/1023.pl,"myBloggie 2.1.1 < 2.1.2 - SQL Injection Exploit",2005-05-31,"Alberto Trivero",php,webapps,0 1024,platforms/windows/dos/1024.html,"Microsoft Internet Explorer - Multiple Stack Overflows Crash",2005-05-31,"Benjamin Franz",windows,dos,0 1025,platforms/windows/dos/1025.html,"Microsoft Internet Explorer - javascript 'window()' Crash",2005-05-31,"Benjamin Franz",windows,dos,0 @@ -913,7 +913,7 @@ id,file,description,date,author,platform,type,port 1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - XSS Remote Cookie Disclosure Exploit (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 1104,platforms/windows/dos/1104.cpp,"Microsoft Windows Netman Service Local Denial of Service Exploit",2005-07-14,bkbll,windows,dos,0 1105,platforms/windows/dos/1105.c,"NetPanzer 0.8 - Remote Denial of Service Exploit",2005-07-14,"Luigi Auriemma",windows,dos,0 -1106,platforms/php/webapps/1106.txt,"e107 <= 0.617 - XSS Remote Cookie Disclosure Exploit",2005-07-14,warlord,php,webapps,0 +1106,platforms/php/webapps/1106.txt,"e107 0.617 - XSS Remote Cookie Disclosure Exploit",2005-07-14,warlord,php,webapps,0 1107,platforms/windows/dos/1107.pl,"Remote Control Server 1.6.2 - Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 1108,platforms/windows/remote/1108.pl,"Small HTTP Server 3.05.28 - Arbitrary Data Execution Exploit",2005-07-15,basher13,windows,remote,0 1109,platforms/windows/dos/1109.pl,"DzSoft PHP Editor 3.1.2.8 - Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 @@ -971,7 +971,7 @@ id,file,description,date,author,platform,type,port 1168,platforms/windows/local/1168.c,"WinAce 2.6.0.5 Temporary File Parsing Buffer Overflow",2005-08-19,ATmaCA,windows,local,0 1170,platforms/linux/local/1170.c,"Debian 2.2 - /usr/bin/pileup Local Root Exploit",2001-07-13,"Charles Stevenson",linux,local,0 1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 - (Expires Header) Remote Buffer Overflow Exploit",2005-08-22,c0ntex,linux,remote,0 -1172,platforms/php/webapps/1172.pl,"MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit",2005-08-22,Alpha_Programmer,php,webapps,0 +1172,platforms/php/webapps/1172.pl,"MyBulletinBoard (MyBB) 1.00 RC4 SQL Injection Exploit",2005-08-22,Alpha_Programmer,php,webapps,0 1173,platforms/windows/local/1173.c,"Mercora IMRadio 4.0.0.0 - Local Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 1174,platforms/windows/local/1174.c,"ZipTorrent 1.3.7.3 - Local Proxy Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 1175,platforms/cgi/dos/1175.pl,"GTChat 0.95 Alpha - (adduser) Remote Denial of Service Exploit",2005-08-23,VTECin5th,cgi,dos,0 @@ -1085,7 +1085,7 @@ id,file,description,date,author,platform,type,port 1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x module (vBulletin/IPB) SQL Injection Exploit",2005-11-06,B~HFH,php,webapps,0 -1297,platforms/linux/local/1297.py,"F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit",2005-11-07,"Xavier de Leon",linux,local,0 +1297,platforms/linux/local/1297.py,"F-Secure Internet Gatekeeper for Linux < 2.15.484 (and Gateway < 2.16) - Local Root Exploit",2005-11-07,"Xavier de Leon",linux,local,0 1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 SQL Injection / Command Execution Exploit",2005-11-07,rgod,php,webapps,0 1299,platforms/linux/local/1299.sh,"Linux chfn (SuSE 9.3 / 10) - Local Privilege Escalation Exploit",2005-11-08,Hunger,linux,local,0 1300,platforms/linux/local/1300.sh,"Operator Shell (osh) 1.7-14 - Local Root Exploit",2005-11-09,"Charles Stevenson",linux,local,0 @@ -1241,7 +1241,7 @@ id,file,description,date,author,platform,type,port 1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit (3)",2006-02-14,darkeagle,windows,local,0 1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point (Fragmented UDP) DoS Exploit",2006-02-14,"Aaron Portnoy",hardware,dos,0 1498,platforms/php/webapps/1498.php,"webSPELL 4.01 - (title_op) SQL Injection Exploit",2006-02-14,x128,php,webapps,0 -1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) <= 1.03 - Multiple SQL Injection Exploit",2006-02-15,"HACKERS PAL",php,webapps,0 +1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injection Exploit",2006-02-15,"HACKERS PAL",php,webapps,0 1500,platforms/windows/dos/1500.cpp,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 1501,platforms/php/webapps/1501.php,"PHPKIT 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 @@ -1280,7 +1280,7 @@ id,file,description,date,author,platform,type,port 1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit)",2006-02-28,"H D Moore",windows,remote,0 1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall 2.1.4 - Remote Authentication Packet Overflow (Metasploit)",2006-02-28,y0,windows,remote,44334 1538,platforms/php/webapps/1538.pl,"farsinews 2.5 - Directory Traversal arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 -1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) <= 1.03 - (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 +1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) 1.03 - (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit",2006-02-28,"Evgeny Legerov",bsd,dos,0 1541,platforms/php/webapps/1541.pl,"Limbo CMS 1.0.4.2 - (ItemID) Remote Code Execution Exploit",2006-03-01,str0ke,php,webapps,0 1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 XML Data Decoding Remote Code Execution",2006-03-01,LorD,php,webapps,0 @@ -1289,7 +1289,7 @@ id,file,description,date,author,platform,type,port 1545,platforms/osx/local/1545.pl,"Apple Mac OS X - (/usr/bin/passwd) Custom Passwd Local Root Exploit",2006-03-01,vade79,osx,local,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library 0.7 XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - (XSS/SQL) Multiple Vulnerabilities (PoC)",2006-03-02,lorenzo,php,webapps,0 -1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) <= 1.04 - (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 +1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) 1.04 - (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 1549,platforms/php/webapps/1549.php,"PHP-Stats 0.1.9.1 - Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 1550,platforms/asp/webapps/1550.txt,"TotalECommerce 1.0 - (index.asp id) SQL Injection Exploit",2006-03-04,nukedx,asp,webapps,0 1551,platforms/hardware/dos/1551.txt,"Multiple Routers (IRC Request) Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 @@ -1622,7 +1622,7 @@ id,file,description,date,author,platform,type,port 1911,platforms/windows/local/1911.c,"Microsoft Windows 2000/XP - (Mrxsmb.sys) Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 1912,platforms/php/webapps/1912.txt,"The Bible Portal Project 2.12 - (destination) File Include",2006-06-14,Kacper,php,webapps,0 1913,platforms/php/webapps/1913.txt,"Php Blue Dragon CMS 2.9.1 - (template.php) File Include",2006-06-14,"Federico Fazzi",php,webapps,0 -1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 +1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit)",2006-06-15,c0rrupt,windows,remote,0 1916,platforms/php/webapps/1916.txt,"DeluxeBB 1.06 - (templatefolder) Remote File Inclusion",2006-06-15,"Andreas Sandblad",php,webapps,0 1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 - (Long Filename) Buffer Overflow Exploit",2006-06-15,c0rrupt,windows,local,0 @@ -1658,7 +1658,7 @@ id,file,description,date,author,platform,type,port 1947,platforms/multiple/dos/1947.c,"BitchX 1.1-final do_hook() Remote Denial of Service Exploit",2006-06-24,"Federico L. Bossi Bonin",multiple,dos,0 1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 - (ROOT_PATH) Remote File Inclusion",2006-06-24,Persian-Defacer,php,webapps,0 1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow PoC",2006-06-24,"Jerome Athias",windows,dos,0 -1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) <= 1.1.3 - (usercp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 +1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) 1.1.3 - (usercp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) - Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 1952,platforms/php/webapps/1952.txt,"THoRCMS 1.3.1 - (phpbb_root_path) Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 1953,platforms/php/webapps/1953.pl,"DeluxeBB 1.07 - (cp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 @@ -1675,7 +1675,7 @@ id,file,description,date,author,platform,type,port 1964,platforms/php/webapps/1964.php,"GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 1967,platforms/windows/dos/1967.c,"Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0 -1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) <= 1.34 - (id) SQL Injection Exploit",2006-07-01,x128,php,webapps,0 +1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) 1.34 - (id) SQL Injection Exploit",2006-07-01,x128,php,webapps,0 1969,platforms/php/webapps/1969.txt,"Stud.IP 1.3.0-2 - Multiple Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1971,platforms/php/webapps/1971.txt,"Randshop 1.1.1 - (header.inc.php) Remote File Inclusion",2006-07-01,OLiBekaS,php,webapps,0 @@ -1716,9 +1716,9 @@ id,file,description,date,author,platform,type,port 2007,platforms/php/webapps/2007.php,"phpBB 3 - (memberlist.php) SQL Injection Exploit",2006-07-13,rgod,php,webapps,0 2008,platforms/php/webapps/2008.php,"Phorum 5 - (pm.php) Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0 2009,platforms/php/webapps/2009.txt,"CzarNews 1.14 - (tpath) Remote File Inclusion",2006-07-13,SHiKaA,php,webapps,0 -2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit",2006-07-14,RusH,php,webapps,0 +2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit (1)",2006-07-14,RusH,php,webapps,0 2011,platforms/linux/local/2011.sh,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (4)",2006-07-14,Sunay,linux,local,0 -2012,platforms/php/webapps/2012.php,"MyBulletinBoard (MyBB) <= 1.1.5 - (CLIENT-IP) SQL Injection Exploit",2006-07-15,rgod,php,webapps,0 +2012,platforms/php/webapps/2012.php,"MyBulletinBoard (MyBB) 1.1.5 - (CLIENT-IP) SQL Injection Exploit",2006-07-15,rgod,php,webapps,0 2013,platforms/linux/local/2013.c,"Linux Kernel 2.6.17.4 - 'proc' Local Root Exploit",2006-07-15,h00lyshit,linux,local,0 2014,platforms/windows/remote/2014.pl,"Winlpd 1.2 Build 1076 - Remote Buffer Overflow Exploit",2006-07-15,"Pablo Isola",windows,remote,515 2015,platforms/linux/local/2015.py,"Rocks Clusters 4.1 - (umount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 @@ -1758,7 +1758,7 @@ id,file,description,date,author,platform,type,port 2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 2058,platforms/php/webapps/2058.txt,"PHP Forge 3 beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 -2060,platforms/php/webapps/2060.txt,"PHP Live! <= 3.2.1 - (help.php) Remote Inclusion",2006-07-23,magnific,php,webapps,0 +2060,platforms/php/webapps/2060.txt,"PHP Live! 3.2.1 - (help.php) Remote Inclusion",2006-07-23,magnific,php,webapps,0 2061,platforms/multiple/remote/2061.txt,"Apache Tomcat < 5.5.17 - Remote Directory Listing",2006-07-23,"ScanAlert Security",multiple,remote,0 2062,platforms/php/webapps/2062.txt,"MoSpray Mambo Component 18RC1 - Remote Include",2006-07-23,"Kurdish Security",php,webapps,0 2063,platforms/php/webapps/2063.txt,"ArticlesOne 07232006 - (page) Remote Include",2006-07-23,CyberLord,php,webapps,0 @@ -2142,7 +2142,7 @@ id,file,description,date,author,platform,type,port 2446,platforms/php/webapps/2446.php,"PPA Gallery 1.0 - (functions.inc.php) Remote File Inclusion Exploit",2006-09-28,Kacper,php,webapps,0 2447,platforms/php/webapps/2447.php,"KGB 1.87 - (Local Inclusion) Remote Code Execution Exploit",2006-09-28,Kacper,php,webapps,0 2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)",2006-09-28,jamikazu,windows,remote,0 -2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) <= 2.0 - (config.inc.php) File Include",2006-09-28,D_7J,php,webapps,0 +2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) 2.0 - (config.inc.php) File Include",2006-09-28,D_7J,php,webapps,0 2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - (index.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"phpMyWebmin 1.0 - (window.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"phpSecurePages 0.28b (secure.php) Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 @@ -2357,7 +2357,7 @@ id,file,description,date,author,platform,type,port 2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0beta (viewticket.php) Local File Inclusion Exploit",2006-10-28,Kw3[R]Ln,php,webapps,0 2665,platforms/php/webapps/2665.txt,"FreePBX 2.1.3 - (upgrade.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 - (Core/core.inc.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 -2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include",2006-10-28,"Mehmet Ince",php,webapps,0 +2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) 0.4.1 File Include",2006-10-28,"Mehmet Ince",php,webapps,0 2668,platforms/php/webapps/2668.htm,"MiraksGalerie 2.62 - (pcltar.lib.php) Remote File Inclusion Exploit",2006-10-28,ajann,php,webapps,0 2669,platforms/php/webapps/2669.php,"Free Image Hosting 1.0 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2670,platforms/php/webapps/2670.php,"Free File Hosting 1.1 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 @@ -2551,7 +2551,7 @@ id,file,description,date,author,platform,type,port 2872,platforms/windows/local/2872.c,"VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit",2006-11-30,Expanders,windows,local,0 2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 2874,platforms/bsd/dos/2874.pl,"NetBSD FTPd / Tnftpd - Remote Stack Overflow PoC",2006-11-30,kingcope,bsd,dos,0 -2876,platforms/php/webapps/2876.txt,"DZCP (deV!L_z Clanportal) <= 1.3.6 - Arbitrary File Upload",2006-12-01,"Tim Weber",php,webapps,0 +2876,platforms/php/webapps/2876.txt,"DZCP (deV!L_z Clanportal) 1.3.6 - Arbitrary File Upload",2006-12-01,"Tim Weber",php,webapps,0 2877,platforms/php/webapps/2877.txt,"Invision Community Blog Mod 1.2.4 - SQL Injection",2006-12-01,anonymous,php,webapps,0 2878,platforms/php/webapps/2878.txt,"ContentServ 4.x - (admin/FileServer.php) File Disclosure",2006-12-01,qobaiashi,php,webapps,0 2879,platforms/windows/dos/2879.py,"Microsoft Windows spoolss GetPrinterData() Remote DoS Exploit (0Day)",2006-12-01,h07,windows,dos,0 @@ -2571,7 +2571,7 @@ id,file,description,date,author,platform,type,port 2893,platforms/linux/dos/2893.py,"F-Prot Antivirus 4.6.6 - (CHM) Heap Overflow Exploit PoC",2006-12-04,"Evgeny Legerov",linux,dos,0 2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - (common.php) Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b (link) Remote File Inclusion Exploit",2006-12-07,3l3ctric-Cracker,php,webapps,0 -2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) <= 1.2.1015 File Include",2006-12-08,3l3ctric-Cracker,php,webapps,0 +2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 File Include",2006-12-08,3l3ctric-Cracker,php,webapps,0 2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - (render.php) Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection",2006-12-08,koray,php,webapps,0 @@ -2627,7 +2627,7 @@ id,file,description,date,author,platform,type,port 2951,platforms/multiple/remote/2951.sql,"Oracle 9i / 10g (extproc) - Local/Remote Command Execution Exploit",2006-12-19,"Marco Ivaldi",multiple,remote,0 2952,platforms/windows/dos/2952.py,"WinFtp Server 2.0.2 - (PASV) Remote Denial of Service Exploit",2006-12-19,shinnai,windows,dos,0 2953,platforms/php/webapps/2953.php,"PHP-Update 2.7 extract() Auth Bypass / Shell Inject Exploit",2006-12-19,rgod,php,webapps,0 -2954,platforms/linux/dos/2954.html,"KDE 3.5 - (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 +2954,platforms/linux/dos/2954.html,"KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 2955,platforms/php/webapps/2955.txt,"Paristemi 0.8.3b (buycd.php) Remote File Inclusion",2006-12-19,nuffsaid,php,webapps,0 2956,platforms/php/webapps/2956.txt,"phpProfiles 3.1.2b - Multiple Remote File Inclusion",2006-12-19,nuffsaid,php,webapps,0 2957,platforms/php/webapps/2957.txt,"PHPFanBase 2.x - (protection.php) Remote File Inclusion",2006-12-19,"Cold Zero",php,webapps,0 @@ -3024,7 +3024,7 @@ id,file,description,date,author,platform,type,port 3354,platforms/php/webapps/3354.txt,"DBGuestbook 1.1 - (dbs_base_path) Remote File Inclusion",2007-02-21,Denven,php,webapps,0 3355,platforms/php/webapps/3355.php,"Nabopoll 1.2 - (result.php surv) Remote Blind SQL Injection Exploit",2007-02-21,s0cratex,php,webapps,0 3356,platforms/linux/local/3356.sh,"Nortel SSL VPN Linux Client 6.0.3 - Local Privilege Escalation Exploit",2007-02-21,"Jon Hart",linux,local,0 -3357,platforms/php/webapps/3357.txt,"DZCP (deV!L_z Clanportal) <= 1.4.5 - Remote File Disclosure",2007-02-21,Kiba,php,webapps,0 +3357,platforms/php/webapps/3357.txt,"DZCP (deV!L_z Clanportal) 1.4.5 - Remote File Disclosure",2007-02-21,Kiba,php,webapps,0 3358,platforms/multiple/remote/3358.pl,"Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 3359,platforms/multiple/remote/3359.pl,"Oracle 10g KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 - (index.php func) Remote File Inclusion",2007-02-22,JuMp-Er,php,webapps,0 @@ -3052,7 +3052,7 @@ id,file,description,date,author,platform,type,port 3383,platforms/plan9/local/3383.c,"Plan 9 Kernel - (devenv.c OTRUNC/pwrite) Local Exploit",2007-02-28,"Don Bailey",plan9,local,0 3384,platforms/linux/local/3384.c,"Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit",2007-02-28,"Kristian Hermansen",linux,local,0 3385,platforms/windows/dos/3385.pl,"XM Easy Personal FTP Server 5.30 - (ABOR) Format String DoS Exploit",2007-02-28,"Umesh Wanve",windows,dos,0 -3386,platforms/osx/local/3386.pl,"McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit",2007-02-28,"Kevin Finisterre",osx,local,0 +3386,platforms/osx/local/3386.pl,"McAfee VirusScan for Mac (Virex) 7.7 - Local Root Exploit",2007-02-28,"Kevin Finisterre",osx,local,0 3387,platforms/php/webapps/3387.php,"vBulletin 3.6.4 - (inlinemod.php postids) SQL Injection Exploit",2007-02-28,rgod,php,webapps,0 3388,platforms/windows/remote/3388.pl,"3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl)",2007-02-28,"Umesh Wanve",windows,remote,69 3389,platforms/linux/remote/3389.c,"madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow Exploit",2007-03-01,"Massimiliano Oldani",linux,remote,0 @@ -3102,7 +3102,7 @@ id,file,description,date,author,platform,type,port 3433,platforms/windows/dos/3433.html,"Rediff Toolbar ActiveX Control Remote Denial of Service Exploit",2007-03-08,"Umesh Wanve",windows,dos,0 3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote DoS Exploit",2007-03-08,Antimatt3r,multiple,dos,0 3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - (down.php file_to_download) Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 -3436,platforms/php/webapps/3436.txt,"WEBO (Web Organizer) <= 1.0 - (baseDir) Remote File Inclusion",2007-03-08,K-159,php,webapps,0 +3436,platforms/php/webapps/3436.txt,"WEBO (Web Organizer) 1.0 - (baseDir) Remote File Inclusion",2007-03-08,K-159,php,webapps,0 3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - (kategori.asp) SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php) Remote File Inclusion",2007-03-08,DNX,php,webapps,0 3439,platforms/windows/local/3439.php,"PHP 4.4.6 snmpget() object id Local Buffer Overflow Exploit PoC",2007-03-09,rgod,windows,local,0 @@ -3168,7 +3168,7 @@ id,file,description,date,author,platform,type,port 3502,platforms/php/webapps/3502.php,"Php-Stats 0.1.9.1b (php-stats-options.php) admin 2 exec() eExploit",2007-03-17,rgod,php,webapps,0 3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - (view.php logi) Local File Inclusion",2007-03-17,GoLd_M,php,webapps,0 3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes 0.2.5 - Remote File Inclusion Exploit",2007-03-17,GoLd_M,php,webapps,0 -3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution",2007-03-18,DarkFig,php,webapps,0 +3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution",2007-03-18,DarkFig,php,webapps,0 3506,platforms/php/webapps/3506.htm,"Guestbara 1.2 Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder 2.0 - (index.php) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 3508,platforms/php/webapps/3508.txt,"Moodle 1.5.2 - (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 @@ -3176,7 +3176,7 @@ id,file,description,date,author,platform,type,port 3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes 2.0 - (index.php catid) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 3511,platforms/php/webapps/3511.pl,"ScriptMagix Photo Rating 2.0 - SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 3512,platforms/php/webapps/3512.txt,"PHP-Nuke - iFrame (iframe.php) Remote File Inclusion",2007-03-18,"Cold Zero",php,webapps,0 -3513,platforms/php/webapps/3513.php,"Katalog Plyt Audio (pl) <= 1.0 - SQL Injection Exploit",2007-03-18,Kacper,php,webapps,0 +3513,platforms/php/webapps/3513.php,"Katalog Plyt Audio (pl) 1.0 - SQL Injection Exploit",2007-03-18,Kacper,php,webapps,0 3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash Exploit",2007-03-18,DATA_SNIPER,windows,dos,0 3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics 2.0 - (index.php recid) SQL Injection Exploit",2007-03-19,ajann,php,webapps,0 3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 @@ -3194,7 +3194,7 @@ id,file,description,date,author,platform,type,port 3529,platforms/linux/local/3529.php,"PHP 5.2.1 hash_update_file() Freed Resource Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 3530,platforms/php/webapps/3530.pl,"Monster Top List 1.4.2 - (functions.php root_path) Remote File Inclusion Exploit",2007-03-20,fluffy_bunny,php,webapps,0 3531,platforms/windows/remote/3531.py,"Helix Server 11.0.1 - Remote Heap Overflow Exploit (Windows 2000 SP4)",2007-03-21,"Winny Thomas",windows,remote,554 -3532,platforms/php/webapps/3532.txt,"study planner (studiewijzer) <= 0.15 - Remote File Inclusion",2007-03-21,K-159,php,webapps,0 +3532,platforms/php/webapps/3532.txt,"study planner (studiewijzer) 0.15 - Remote File Inclusion",2007-03-21,K-159,php,webapps,0 3533,platforms/php/webapps/3533.txt,"Digital Eye CMS 0.1.1b (module.php) Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3534,platforms/asp/webapps/3534.txt,"Active Link Engine (default.asp catid) SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit",2007-03-21,MADYNES,hardware,dos,0 @@ -3310,7 +3310,7 @@ id,file,description,date,author,platform,type,port 3650,platforms/windows/remote/3650.c,"Frontbase 4.2.7 - POST-AUTH Remote Buffer Overflow Exploit (2.2)",2007-04-02,Heretic2,windows,remote,0 3651,platforms/windows/remote/3651.txt,"Microsoft Windows - Animated Cursor (.ANI) Universal Exploit Generator",2007-04-03,"YAG KOHHA",windows,remote,0 3652,platforms/windows/local/3652.c,"Microsoft Windows - Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)",2007-04-03,devcode,windows,local,0 -3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 +3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog 2.52 - (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 @@ -3375,7 +3375,7 @@ id,file,description,date,author,platform,type,port 3716,platforms/php/webapps/3716.pl,"mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion Exploit",2007-04-12,bd0rk,php,webapps,0 3717,platforms/php/webapps/3717.txt,"WebKalk2 1.9.0 - (absolute_path) Remote File Inclusion",2007-04-12,GoLd_M,php,webapps,0 3718,platforms/php/webapps/3718.txt,"RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion",2007-04-12,Dj7xpl,php,webapps,0 -3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) <= 1.2.2 - (CLIENT-IP) SQL Injection Exploit",2007-04-12,Elekt,php,webapps,0 +3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) 1.2.2 - (CLIENT-IP) SQL Injection Exploit",2007-04-12,Elekt,php,webapps,0 3721,platforms/php/webapps/3721.pl,"e107 0.7.8 - (mailout.php) Access Escalation Exploit (admin needed)",2007-04-12,Gammarays,php,webapps,0 3722,platforms/php/webapps/3722.txt,"Expow 0.8 - (autoindex.php cfg_file) Remote File Inclusion",2007-04-12,mdx,php,webapps,0 3723,platforms/php/webapps/3723.txt,"Request It 1.0b (index.php id) Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 @@ -3435,7 +3435,7 @@ id,file,description,date,author,platform,type,port 3777,platforms/windows/local/3777.c,"XnView 1.90.3 - (.XPM) Local Buffer Overflow Exploit",2007-04-22,Marsu,windows,local,0 3778,platforms/php/webapps/3778.txt,"WEBInsta FM 0.1.4 login.php absolute_path Remote File Inclusion Exploit",2007-04-23,g00ns,php,webapps,0 3779,platforms/windows/local/3779.c,"Corel Paint Shop Pro Photo 11.20 - (.CLP) Buffer Overflow Exploit",2007-04-23,Marsu,windows,local,0 -3780,platforms/php/webapps/3780.pl,"MyBulletinBoard (MyBB) <= 1.2.5 calendar.php Blind SQL Injection Exploit",2007-04-23,0x86,php,webapps,0 +3780,platforms/php/webapps/3780.pl,"MyBulletinBoard (MyBB) 1.2.5 calendar.php Blind SQL Injection Exploit",2007-04-23,0x86,php,webapps,0 3781,platforms/php/webapps/3781.txt,"Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion",2007-04-23,Omid,php,webapps,0 3782,platforms/windows/dos/3782.pl,"Winamp 5.33 - (.AVI) Remote Denial of Service Exploit",2007-04-23,DeltahackingTEAM,windows,dos,0 3783,platforms/php/webapps/3783.txt,"Pagode 0.5.8 - (navigator_ok.php asolute) Remote File Disclosure",2007-04-23,GoLd_M,php,webapps,0 @@ -3510,7 +3510,7 @@ id,file,description,date,author,platform,type,port 3852,platforms/php/webapps/3852.txt,"PMECMS 1.0 - config[pathMod] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3853,platforms/php/webapps/3853.txt,"Persism CMS 0.9.2 - system[path] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 -3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 +3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 3856,platforms/windows/local/3856.htm,"East Wind Software (advdaudio.ocx 1.5.1.1) Local BoF Exploit",2007-05-05,shinnai,windows,local,0 3857,platforms/php/webapps/3857.txt,"vm watermark for gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution Exploit",2007-05-05,DarkFig,php,webapps,0 @@ -3735,7 +3735,7 @@ id,file,description,date,author,platform,type,port 4083,platforms/asp/webapps/4083.txt,"W1L3D4 WEBmarket 0.1 - SQL Injection",2007-06-20,Crackers_Child,asp,webapps,0 4084,platforms/php/webapps/4084.txt,"xoops module wiwimod 0.4 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 4085,platforms/php/webapps/4085.txt,"Musoo 0.21 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 -4086,platforms/php/webapps/4086.pl,"LAN Management System (LMS) <= 1.9.6 - Remote File Inclusion Exploit",2007-06-20,Kw3[R]Ln,php,webapps,0 +4086,platforms/php/webapps/4086.pl,"LAN Management System (LMS) 1.9.6 - Remote File Inclusion Exploit",2007-06-20,Kw3[R]Ln,php,webapps,0 4087,platforms/linux/remote/4087.c,"BitchX 1.1-final (EXEC) Remote Command Execution Exploit",2007-06-21,clarity_,linux,remote,0 4089,platforms/php/webapps/4089.pl,"SerWeb 0.9.4 - (load_lang.php) Remote File Inclusion Exploit",2007-06-21,Kw3[R]Ln,php,webapps,0 4090,platforms/php/webapps/4090.pl,"Powl 0.94 - (htmledit.php) Remote File Inclusion",2007-06-22,Kw3[R]Ln,php,webapps,0 @@ -3776,7 +3776,7 @@ id,file,description,date,author,platform,type,port 4126,platforms/windows/dos/4126.c,"W3Filer 2.1.3 - Remote Stack Overflow PoC",2007-06-29,r0ut3r,windows,dos,0 4127,platforms/php/webapps/4127.txt,"Buddy Zone 1.5 - (view_sub_cat.php cat_id) SQL Injection",2007-06-29,t0pP8uZz,php,webapps,0 4128,platforms/php/webapps/4128.txt,"Buddy Zone 1.5 - Multiple SQL Injection",2007-06-30,t0pP8uZz,php,webapps,0 -4129,platforms/php/webapps/4129.txt,"Ripe Website Manager (CMS) <= 0.8.9 - Remote File Inclusion",2007-06-30,BlackNDoor,php,webapps,0 +4129,platforms/php/webapps/4129.txt,"Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion",2007-06-30,BlackNDoor,php,webapps,0 4130,platforms/php/webapps/4130.txt,"TotalCalendar 2.402 - (view_event.php) SQL Injection",2007-06-30,t0pP8uZz,php,webapps,0 4131,platforms/php/webapps/4131.txt,"XCMS 1.1 - (Galerie.php) Local File Inclusion",2007-06-30,BlackNDoor,php,webapps,0 4132,platforms/php/webapps/4132.txt,"sPHPell 1.01 - Multiple Remote File Inclusion",2007-06-30,"Mehmet Ince",php,webapps,0 @@ -4202,7 +4202,7 @@ id,file,description,date,author,platform,type,port 4554,platforms/php/webapps/4554.txt,"SocketMail 2.2.8 fnc-readmail3.php Remote File Inclusion",2007-10-22,BiNgZa,php,webapps,0 4555,platforms/php/webapps/4555.txt,"TOWeLS 0.1 scripture.php Remote File Inclusion",2007-10-22,GoLd_M,php,webapps,0 4556,platforms/multiple/remote/4556.txt,"LiteSpeed Web Server 3.2.3 - Remote Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 -4557,platforms/php/webapps/4557.txt,"Simple PHP Blog (sphpblog) <= 0.5.1 - Multiple Vulnerabilities",2007-10-22,DarkFig,php,webapps,0 +4557,platforms/php/webapps/4557.txt,"Simple PHP Blog (sphpblog) 0.5.1 - Multiple Vulnerabilities",2007-10-22,DarkFig,php,webapps,0 4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script (index.php) 1.0 - Local File Inclusion",2007-10-22,"BorN To K!LL",php,webapps,0 4559,platforms/multiple/dos/4559.txt,"Mozilla Firefox 2.0.0.7 - Remote Denial of Service Exploit",2007-10-22,BugReport.IR,multiple,dos,0 4560,platforms/multiple/dos/4560.pl,"DNS Recursion Bandwidth Amplification - Denial of Service PoC",2007-10-23,ShadowHatesYou,multiple,dos,0 @@ -4540,7 +4540,7 @@ id,file,description,date,author,platform,type,port 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - (delete id) Remote Admin Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 4898,platforms/php/webapps/4898.txt,"Agares PhpAutoVideo 2.21 - (articlecat) SQL Injection",2008-01-12,ka0x,php,webapps,0 -4899,platforms/php/webapps/4899.txt,"TaskFreak! <= 0.6.1 - SQL Injection",2008-01-12,TheDefaced,php,webapps,0 +4899,platforms/php/webapps/4899.txt,"TaskFreak! 0.6.1 - SQL Injection",2008-01-12,TheDefaced,php,webapps,0 4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injection",2008-01-12,trew,asp,webapps,0 4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - (userName) SQL Injection",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 - Remote File Disclosure",2008-01-13,Houssamix,php,webapps,0 @@ -4568,8 +4568,8 @@ id,file,description,date,author,platform,type,port 4924,platforms/php/webapps/4924.php,"PixelPost 1.7 - Remote Blind SQL Injection Exploit",2008-01-16,Silentz,php,webapps,0 4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - (Search) SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 4926,platforms/php/webapps/4926.pl,"Gradman 0.1.3 - (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 -4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) <= 1.2.10 - Remote Code Execution Exploit",2008-01-16,Silentz,php,webapps,0 -4928,platforms/php/webapps/4928.txt,"mybulletinboard (mybb) <= 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 +4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution Exploit",2008-01-16,Silentz,php,webapps,0 +4928,platforms/php/webapps/4928.txt,"mybulletinboard (mybb) 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - (id) SQL Injection",2008-01-17,Stack,php,webapps,0 4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 - (upload.php language) LFI",2008-01-17,Scary-Boys,php,webapps,0 4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX BOF/DoS",2008-01-17,shinnai,windows,dos,0 @@ -4707,7 +4707,7 @@ id,file,description,date,author,platform,type,port 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin 0.9.1.1 - Multiple File Inclusion",2008-02-06,Trancek,php,webapps,0 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 -5070,platforms/php/webapps/5070.pl,"MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit",2008-02-06,F,php,webapps,0 +5070,platforms/php/webapps/5070.pl,"MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit",2008-02-06,F,php,webapps,0 5071,platforms/php/webapps/5071.txt,"Astanda Directory Project 1.2 - (link_id) SQL Injection",2008-02-06,you_kn0w,php,webapps,0 5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - (id) SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 5073,platforms/php/webapps/5073.txt,"Mambo Component com_downloads SQL Injection",2008-02-06,S@BUN,php,webapps,0 @@ -4762,7 +4762,7 @@ id,file,description,date,author,platform,type,port 5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 M3U File Remote Buffer Overflow PoC",2008-02-14,securfrog,windows,dos,0 5123,platforms/php/webapps/5123.txt,"Scribe 0.2 - (index.php page) Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 Cookie Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 -5125,platforms/php/webapps/5125.txt,"PHP Live! <= 3.2.2 - (questid) SQL Injection (1)",2008-02-14,Xar,php,webapps,0 +5125,platforms/php/webapps/5125.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (1)",2008-02-14,Xar,php,webapps,0 5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5128,platforms/php/webapps/5128.txt,"Mambo Component Quran 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0 @@ -5231,7 +5231,7 @@ id,file,description,date,author,platform,type,port 5603,platforms/php/webapps/5603.txt,"EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)",2008-05-13,vortfu,php,webapps,0 5604,platforms/php/webapps/5604.txt,"e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection",2008-05-13,Saime,php,webapps,0 5605,platforms/php/webapps/5605.txt,"e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection",2008-05-13,Cr@zy_King,php,webapps,0 -5606,platforms/php/webapps/5606.txt,"Web Group Communication Center (WGCC) <= 1.0.3 - SQL Injection",2008-05-13,myvx,php,webapps,0 +5606,platforms/php/webapps/5606.txt,"Web Group Communication Center (WGCC) 1.0.3 - SQL Injection",2008-05-13,myvx,php,webapps,0 5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 - (langsel) SQL Injection",2008-05-13,His0k4,php,webapps,0 5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple SQL Injection",2008-05-13,U238,asp,webapps,0 5609,platforms/php/webapps/5609.txt,"EMO Realty Manager (news.php ida) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 @@ -5355,7 +5355,7 @@ id,file,description,date,author,platform,type,port 5729,platforms/php/webapps/5729.txt,"Joomla Component joomradio 1.0 - (id) SQL Injection",2008-06-03,His0k4,php,webapps,0 5730,platforms/php/webapps/5730.txt,"Joomla Component iDoBlog b24 - SQL Injection",2008-06-03,His0k4,php,webapps,0 5731,platforms/php/webapps/5731.txt,"Battle Blog 1.25 - (comment.asp) SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 -5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX Remote Download & Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 +5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX - Remote Download & Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 5733,platforms/php/webapps/5733.txt,"quickersite 1.8.5 - Multiple Vulnerabilities",2008-06-03,BugReport.IR,php,webapps,0 5734,platforms/php/webapps/5734.pl,"Joomla Component JooBlog 0.1.1 - Blind SQL Injection Exploit",2008-06-03,His0k4,php,webapps,0 5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script - Code Execution",2008-06-03,JIKO,php,webapps,0 @@ -5480,7 +5480,7 @@ id,file,description,date,author,platform,type,port 5856,platforms/php/webapps/5856.txt,"nweb2fax 0.2.7 - Multiple Vulnerabilities",2008-06-18,dun,php,webapps,0 5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds (index.php cat) SQL Injection",2008-06-18,Stack,php,webapps,0 5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds (index.php type) SQL Injection",2008-06-18,Stack,php,webapps,0 -5859,platforms/php/webapps/5859.txt,"eLineStudio Site Composer (ESC) <= 2.6 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 +5859,platforms/php/webapps/5859.txt,"eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 5860,platforms/php/webapps/5860.txt,"ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities",2008-06-19,"CWH Underground",php,webapps,0 5861,platforms/php/webapps/5861.txt,"Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 5862,platforms/php/webapps/5862.txt,"samart-cms 2.0 - (contentsid) SQL Injection",2008-06-19,dun,php,webapps,0 @@ -5898,12 +5898,12 @@ id,file,description,date,author,platform,type,port 6307,platforms/php/webapps/6307.txt,"Crafty Syntax Live Help 2.14.6 - (department) SQL Injection",2008-08-25,"GulfTech Security",php,webapps,0 6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 - (single.php) SQL Injection",2008-08-26,cOndemned,php,webapps,0 6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 - (id) SQL Injection",2008-08-26,Kacak,php,webapps,0 -6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit",2008-08-26,mAXzA,php,webapps,0 +6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) 0.5.1 Code Execution Exploit",2008-08-26,mAXzA,php,webapps,0 6312,platforms/php/webapps/6312.txt,"k-rate - (SQL/XSS) Multiple Vulnerabilities",2008-08-26,Corwin,php,webapps,0 6313,platforms/php/webapps/6313.txt,"CMME 1.12 - (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities",2008-08-26,SirGod,php,webapps,0 6314,platforms/php/webapps/6314.txt,"Thickbox Gallery 2.0 - (admins.php) Admin Data Disclosure",2008-08-26,SirGod,php,webapps,0 6315,platforms/php/webapps/6315.txt,"iFdate 2.0.3 - SQL Injection",2008-08-26,~!Dok_tOR!~,php,webapps,0 -6316,platforms/php/webapps/6316.php,"MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit (2)",2008-08-26,c411k,php,webapps,0 +6316,platforms/php/webapps/6316.php,"MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit (2)",2008-08-26,c411k,php,webapps,0 6317,platforms/windows/remote/6317.html,"Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BoF Exploit",2008-08-26,Koshi,windows,remote,0 6318,platforms/windows/remote/6318.html,"Ultra Office ActiveX Control Remote Buffer Overflow Exploit",2008-08-27,shinnai,windows,remote,0 6319,platforms/windows/dos/6319.html,"Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 @@ -6524,7 +6524,7 @@ id,file,description,date,author,platform,type,port 6957,platforms/php/webapps/6957.txt,"NetRisk 2.0 - XSS / SQL Injection",2008-11-02,StAkeR,php,webapps,0 6958,platforms/php/webapps/6958.txt,"Maran PHP Shop (prodshow.php) SQL Injection",2008-11-02,d3v1l,php,webapps,0 6960,platforms/php/webapps/6960.txt,"1st News - (products.php id) SQL Injection",2008-11-02,TR-ShaRk,php,webapps,0 -6961,platforms/php/webapps/6961.pl,"DZCP (deV!L_z Clanportal) <= 1.4.9.6 - Blind SQL Injection Exploit",2008-11-02,anonymous,php,webapps,0 +6961,platforms/php/webapps/6961.pl,"DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection Exploit",2008-11-02,anonymous,php,webapps,0 6962,platforms/php/webapps/6962.txt,"BosDev BosClassifieds (cat_id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6963,platforms/windows/remote/6963.html,"Chilkat Crypt - ActiveX Arbitrary File Creation/Execution PoC",2008-11-03,shinnai,windows,remote,0 6964,platforms/php/webapps/6964.txt,"Acc Real Estate 4.0 Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 @@ -7435,7 +7435,7 @@ id,file,description,date,author,platform,type,port 7899,platforms/php/webapps/7899.txt,"Max.Blog 1.0.6 - (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 7900,platforms/php/webapps/7900.txt,"Social Engine (category_id) SQL Injection",2009-01-28,snakespc,php,webapps,0 7901,platforms/php/webapps/7901.py,"SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection Exploit",2009-01-28,certaindeath,php,webapps,0 -7902,platforms/windows/dos/7902.txt,"Amaya Web Editor XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 +7902,platforms/windows/dos/7902.txt,"Amaya Web Editor - XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - ClickJacking",2009-01-28,x0x,windows,remote,0 7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - (.M3U) Crash PoC",2009-01-29,Hakxer,windows,dos,0 7905,platforms/php/webapps/7905.pl,"Personal Site Manager 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 @@ -7704,7 +7704,7 @@ id,file,description,date,author,platform,type,port 8185,platforms/php/webapps/8185.txt,"phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 8186,platforms/php/webapps/8186.txt,"PHP-Fusion Mod Book Panel (bookid) SQL Injection",2009-03-09,elusiven,php,webapps,0 8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter Post-Auth Denial of Service Exploit",2009-03-09,h00die,hardware,dos,0 -8188,platforms/php/webapps/8188.txt,"CMS WEBjump! Multiple SQL Injection",2009-03-10,M3NW5,php,webapps,0 +8188,platforms/php/webapps/8188.txt,"CMS WEBjump! - Multiple SQL Injection",2009-03-10,M3NW5,php,webapps,0 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - (.cue) Universal Buffer Overflow Exploit",2009-03-10,Stack,windows,local,0 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server Remote DoS",2009-03-10,"Bernhard Mueller",windows,dos,0 8191,platforms/multiple/remote/8191.txt,"NextApp Echo < 2.1.1 XML Injection",2009-03-10,"SEC Consult",multiple,remote,0 @@ -7939,7 +7939,7 @@ id,file,description,date,author,platform,type,port 8430,platforms/openbsd/dos/8430.py,"OpenBSD 4.5 IP datagram Null Pointer Deref DoS Exploit",2009-04-14,nonroot,openbsd,dos,0 8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 8432,platforms/php/webapps/8432.txt,"Aqua CMS (username) SQL Injection",2009-04-14,halkfild,php,webapps,0 -8433,platforms/php/webapps/8433.txt,"RQms (Rash) <= 1.2.2 - Multiple SQL Injection",2009-04-14,Dimi4,php,webapps,0 +8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injection",2009-04-14,Dimi4,php,webapps,0 8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - (Long URL) Local Stack Overflow PoC",2009-04-14,SuB-ZeRo,windows,dos,0 8435,platforms/php/webapps/8435.txt,"W2B phpEmployment - (conf.inc) File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 8436,platforms/php/webapps/8436.txt,"Job2C 4.2 - (profile) Remote Shell Upload",2009-04-15,InjEctOr5,php,webapps,0 @@ -8339,7 +8339,7 @@ id,file,description,date,author,platform,type,port 8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 - (tid) Blind SQL Injection",2009-06-01,OzX,php,webapps,0 8841,platforms/php/webapps/8841.txt,"unclassified newsboard 1.6.4 - Multiple Vulnerabilities",2009-06-01,girex,php,webapps,0 8842,platforms/multiple/dos/8842.pl,"Apache mod_dav / svn Remote Denial of Service Exploit",2009-06-01,kingcope,multiple,dos,0 -8843,platforms/php/webapps/8843.pl,"Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit",2009-06-01,YEnH4ckEr,php,webapps,0 +8843,platforms/php/webapps/8843.pl,"Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit",2009-06-01,YEnH4ckEr,php,webapps,0 8844,platforms/php/webapps/8844.txt,"Online Grades & Attendance 3.2.6 - Multiple SQL Injection",2009-06-01,YEnH4ckEr,php,webapps,0 8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console Arbitrary Command Exec",2009-06-01,Securitum,hardware,remote,0 8847,platforms/php/webapps/8847.txt,"Joomla Component Joomlaequipment 2.0.4 - (com_juser) SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 @@ -8447,7 +8447,7 @@ id,file,description,date,author,platform,type,port 8954,platforms/php/webapps/8954.txt,"adaptweb 0.9.2 - (LFI/SQL) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8955,platforms/linux/dos/8955.pl,"LinkLogger 2.4.10.15 - (syslog) Denial of Service Exploit",2009-06-15,h00die,linux,dos,0 8956,platforms/php/webapps/8956.htm,"Evernew Free Joke Script 1.2 - Remote Change Password Exploit",2009-06-15,Hakxer,php,webapps,0 -8957,platforms/multiple/dos/8957.txt,"Apple Safari & Quicktime Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 +8957,platforms/multiple/dos/8957.txt,"Apple Safari & Quicktime - Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 8958,platforms/php/webapps/8958.txt,"torrenttrader classic 1.09 - Multiple Vulnerabilities",2009-06-15,waraxe,php,webapps,0 8959,platforms/php/webapps/8959.pl,"Joomla Component com_ijoomla_rss Blind SQL Injection Exploit",2009-06-15,"Mehmet Ince",php,webapps,0 8960,platforms/linux/dos/8960.py,"Apple QuickTime CRGN Atom Local Crash Exploit",2009-06-15,webDEViL,linux,dos,0 @@ -8546,7 +8546,7 @@ id,file,description,date,author,platform,type,port 9061,platforms/windows/dos/9061.pl,"PEamp 1.02b - (.M3U) Local Buffer Overflow PoC",2009-07-01,"ThE g0bL!N",windows,dos,0 9062,platforms/php/webapps/9062.txt,"Messages Library 2.0 - Arbitrary Delete Message",2009-07-01,Stack,php,webapps,0 9063,platforms/php/webapps/9063.txt,"Messages Library 2.0 Insecure Cookie Handling",2009-07-01,Stack,php,webapps,0 -9064,platforms/windows/local/9064.pl,"AudioPLUS 2.00.215 - (.lst & .m3u) Local Buffer Overflow (SEH)",2009-07-01,hack4love,windows,local,0 +9064,platforms/windows/local/9064.pl,"AudioPLUS 2.00.215 - (.lst / .m3u) Local Buffer Overflow (SEH)",2009-07-01,hack4love,windows,local,0 9065,platforms/windows/remote/9065.c,"Green Dam Remote Change System Time Exploit",2009-07-01,"Anti GD",windows,remote,0 9066,platforms/hardware/remote/9066.txt,"ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure",2009-07-01,Septemb0x,hardware,remote,0 9067,platforms/hardware/dos/9067.py,"ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit",2009-07-01,Stack,hardware,dos,0 @@ -8726,7 +8726,7 @@ id,file,description,date,author,platform,type,port 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection Exploit",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 -9254,platforms/php/webapps/9254.txt,"PHP Live! <= 3.2.2 - (questid) SQL Injection (2)",2009-07-24,skys,php,webapps,0 +9254,platforms/php/webapps/9254.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (2)",2009-07-24,skys,php,webapps,0 9255,platforms/php/webapps/9255.txt,"Clip Bucket 1.7.1 Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure Exploit",2009-07-24,Qabandi,php,webapps,0 @@ -9351,7 +9351,7 @@ id,file,description,date,author,platform,type,port 9973,platforms/multiple/local/9973.sh,"Sun VirtualBox 3.0.6 - Privilege Escalation",2009-10-17,prdelka,multiple,local,0 9974,platforms/windows/local/9974.pl,"AIMP2 Audio Converter - Playlist (SEH)",2009-11-16,corelanc0d3r,windows,local,0 9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - XSS / CSR",2009-11-16,"Alexey Sintsov",hardware,webapps,80 -9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server 4.4.17 & <= 5.0.65 - XSS",2009-10-23,"Davide Canali",php,webapps,0 +9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server 4.4.17 / 5.0.65 - XSS",2009-10-23,"Davide Canali",php,webapps,0 9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 file disclosure",2009-10-22,"Janek Vind",php,webapps,0 9980,platforms/hardware/dos/9980.txt,"Websense Email Security - DoS",2009-10-20,"Nikolas Sotiriu",hardware,dos,0 9981,platforms/hardware/webapps/9981.txt,"Websense Email Security xss",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 @@ -9459,7 +9459,7 @@ id,file,description,date,author,platform,type,port 10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote DoS",2009-10-06,"Francis Provencher",windows,dos,515 10092,platforms/windows/dos/10092.txt,"Yahoo! Messenger 9.0.0.2162 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 -10093,platforms/multiple/remote/10093.txt,"Adobe Shockwave 11.5.1.601 Player Multiple Code Execution",2009-11-04,"Francis Provencher",multiple,remote,0 +10093,platforms/multiple/remote/10093.txt,"Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution",2009-11-04,"Francis Provencher",multiple,remote,0 10094,platforms/jsp/webapps/10094.txt,"IBM Rational RequisitePro 7.10 and ReqWebHelp Multiple Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 10095,platforms/multiple/remote/10095.txt,"Samba 3.0.10 - 3.3.5 - Format String And Security Bypass",2009-11-13,"Jeremy Allison",multiple,remote,0 10096,platforms/php/webapps/10096.txt,"OS Commerce 2.2r2 - authentication bypass",2009-11-13,"Stuart Udall",php,webapps,0 @@ -9694,7 +9694,7 @@ id,file,description,date,author,platform,type,port 10427,platforms/linux/webapps/10427.txt,"DigitalHive - Multiple Vulnerabilities",2009-12-14,"ViRuSMaN ",linux,webapps,80 10428,platforms/windows/webapps/10428.txt,"Maxs AJAX File Uploader Remote File Upload",2009-12-14,"ViRuSMaN ",windows,webapps,80 10429,platforms/linux/webapps/10429.txt,"myPHPupload 0.5.1 - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 -10430,platforms/linux/webapps/10430.txt,"NAS Uploader 1.0 & 1.5 - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 +10430,platforms/linux/webapps/10430.txt,"NAS Uploader 1.0 / 1.5 - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 10431,platforms/multiple/webapps/10431.txt,"Zabbix Agent < 1.6.7 - Remote Bypass",2009-12-14,Nicob,multiple,webapps,80 10432,platforms/multiple/webapps/10432.txt,"zabbix server - Multiple Vulnerabilities",2009-12-14,Nicob,multiple,webapps,80 10433,platforms/linux/webapps/10433.txt,"Mail Manager Pro - CSRF (Change Admin Password)",2009-12-14,"Milos Zivanovic ",linux,webapps,80 @@ -10132,7 +10132,7 @@ id,file,description,date,author,platform,type,port 11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure",2010-01-04,LionTurk,asp,webapps,0 11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 DB Download",2010-01-05,indoushka,asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware CIFS And AFP Remote Memory Consumption DoS",2010-01-05,"Francis Provencher",multiple,dos,0 -11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 +11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz (view_news) SQL Injection",2010-01-06,Err0R,php,webapps,0 11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities",2010-01-06,"Zer0 Thunder",php,webapps,0 11014,platforms/php/webapps/11014.txt,"Myuploader - Upload Shell Exploit",2010-01-06,S2K9,php,webapps,0 @@ -10201,7 +10201,7 @@ id,file,description,date,author,platform,type,port 11101,platforms/hardware/webapps/11101.txt,"D-Link Routers - Authentication Bypass",2010-01-10,"SourceSec DevTeam",hardware,webapps,0 11103,platforms/windows/dos/11103.html,"VLC Player 0.8.6i - ActiveX DoS PoC",2010-01-10,"D3V!L FUCKER and germaya_x",windows,dos,0 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x File Upload",2010-01-11,Cyber_945,php,webapps,0 -11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & <= SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 +11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 @@ -10232,7 +10232,7 @@ id,file,description,date,author,platform,type,port 11147,platforms/php/webapps/11147.txt,"Max's File Uploader Shell Upload",2010-01-15,S2K9,php,webapps,0 11148,platforms/php/webapps/11148.txt,"PonVFTP Bypass and Shell Upload",2010-01-15,S2K9,php,webapps,0 11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - (.rt) Local Buffer Overflow PoC",2010-01-15,"fl0 fl0w",windows,dos,0 -11150,platforms/windows/dos/11150.txt,"Aqua Real 1.0 & 2.0 - Local Crash PoC",2010-01-15,R3d-D3V!L,windows,dos,0 +11150,platforms/windows/dos/11150.txt,"Aqua Real 1.0 / 2.0 - Local Crash PoC",2010-01-15,R3d-D3V!L,windows,dos,0 11151,platforms/windows/remote/11151.html,"Microsoft Internet Explorer - wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0 11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow Exploit",2010-01-16,Dz_attacker,windows,local,0 @@ -10261,7 +10261,7 @@ id,file,description,date,author,platform,type,port 11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 - (.mp3) Local Denial of Service (DoS)",2010-01-18,Red-D3v1L,windows,dos,0 11182,platforms/windows/dos/11182.txt,"Microsoft Internet Explorer 6/7/8 - DoS (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 11183,platforms/php/webapps/11183.txt,"Testlink TestManagement and Execution System 1.8.5 - Multiple Directory Traversal Vulnerabilites",2010-01-18,"Prashant Khandelwal",php,webapps,0 -11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting (XSS)",2010-01-18,"Ivan Huertas",multiple,webapps,0 +11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting",2010-01-18,"Ivan Huertas",multiple,webapps,0 11185,platforms/php/webapps/11185.html,"al3jeb script Remote Change Password Exploit",2010-01-18,alnjm33,php,webapps,0 11186,platforms/multiple/webapps/11186.txt,"FreePBX 2.5.1 - SQL injection",2010-01-18,"Ivan Huertas",multiple,webapps,0 11187,platforms/multiple/webapps/11187.txt,"FreePBX 2.5.x - Information Disclosure",2010-01-18,"Ivan Huertas",multiple,webapps,0 @@ -10382,7 +10382,7 @@ id,file,description,date,author,platform,type,port 11328,platforms/windows/remote/11328.py,"UplusFtp Server 1.7.0.12 - Remote Buffer Overflow",2010-02-04,b0telh0,windows,remote,0 11329,platforms/php/webapps/11329.txt,"MASA2EL Music City 1.0 - SQL Injection",2010-02-04,alnjm33,php,webapps,0 11330,platforms/windows/webapps/11330.txt,"ManageEngine OpUtils 5 - 'Login.DO' SQL Injection",2010-02-04,"Asheesh Anaconda",windows,webapps,0 -11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 reversible encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 +11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 - reversible encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 11332,platforms/windows/dos/11332.pl,"Opera 10.10 - Remote Code Execution DoS Exploit",2010-02-05,"cr4wl3r ",windows,dos,0 11333,platforms/windows/local/11333.pl,"FoxPlayer 1.7.0 - (.m3u) Local Buffer Overflow Exploit",2010-02-05,"cr4wl3r ",windows,local,0 11334,platforms/php/webapps/11334.txt,"Audistats 1.3 - SQL Injection",2010-02-05,kaMtiEz,php,webapps,0 @@ -10852,7 +10852,7 @@ id,file,description,date,author,platform,type,port 11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS SQL Injection",2010-03-25,Inj3ct0r,php,webapps,0 11874,platforms/php/webapps/11874.txt,"INVOhost SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0 11875,platforms/php/webapps/11875.py,"Easy-Clanpage 2.01 - SQL Injection Exploit",2010-03-25,"Easy Laster",php,webapps,0 -11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - (index.php) <= LFI",2010-03-25,eidelweiss,php,webapps,0 +11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - (index.php) LFI",2010-03-25,eidelweiss,php,webapps,0 11877,platforms/windows/remote/11877.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack BOF (2)",2010-03-25,sud0,windows,remote,21 11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 - DoS",2010-03-25,_SuBz3r0_,windows,dos,69 11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 @@ -10879,7 +10879,7 @@ id,file,description,date,author,platform,type,port 11902,platforms/php/webapps/11902.txt,"MyOWNspace 8.2 - Multi Local File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11903,platforms/php/webapps/11903.txt,"Open Web Analytics 1.2.3 - multi file include",2010-03-27,ITSecTeam,php,webapps,0 11904,platforms/php/webapps/11904.txt,"68kb - Multi Remote File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 -11905,platforms/php/webapps/11905.txt,"Simple Machines Forum (SMF) <= 1.1.8 - (avatar) Remote PHP File Execute PoC",2010-03-27,JosS,php,webapps,0 +11905,platforms/php/webapps/11905.txt,"Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute PoC",2010-03-27,JosS,php,webapps,0 11906,platforms/php/webapps/11906.txt,"Uebimiau Webmail 2.7.2 - Multiple Vulnerabilities",2010-03-27,"cp77fk4r ",php,webapps,0 11908,platforms/php/webapps/11908.txt,"Joomla Component com_solution SQL Injection",2010-03-27,"DevilZ TM",php,webapps,0 11909,platforms/windows/local/11909.txt,"Mini-stream Ripper 3.1.0.8 - Local Stack Overflow Exploit",2010-03-28,"Hazem mofeed",windows,local,0 @@ -10980,7 +10980,7 @@ id,file,description,date,author,platform,type,port 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - (.nds) Local Crash Exploit",2010-04-03,l3D,windows,dos,0 12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection Exploit",2010-04-03,Inj3ct0r,php,webapps,0 -12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting & Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 +12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) bof PoC",2010-04-03,d3b4g,windows,dos,0 12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 @@ -11039,7 +11039,7 @@ id,file,description,date,author,platform,type,port 12089,platforms/php/webapps/12089.txt,"Joomla Component Appointment com_appointment Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12090,platforms/freebsd/local/12090.txt,"McAfee Email Gateway (formerly IronMail) - Local Privilege Escalation",2010-04-06,"Nahuel Grisolia",freebsd,local,0 12091,platforms/freebsd/local/12091.txt,"McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure",2010-04-06,"Nahuel Grisolia",freebsd,local,0 -12092,platforms/hardware/webapps/12092.txt,"McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting (XSS)",2010-04-06,"Nahuel Grisolia",hardware,webapps,0 +12092,platforms/hardware/webapps/12092.txt,"McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting",2010-04-06,"Nahuel Grisolia",hardware,webapps,0 12093,platforms/hardware/dos/12093.txt,"McAfee Email Gateway (formerly IronMail) - Denial of Service",2010-04-06,"Nahuel Grisolia",hardware,dos,0 12094,platforms/php/webapps/12094.txt,"ShopSystem SQL Injection",2010-04-06,Valentin,php,webapps,0 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash",2010-04-06,"Jobert Abma",linux,dos,0 @@ -11049,7 +11049,7 @@ id,file,description,date,author,platform,type,port 12100,platforms/asp/webapps/12100.txt,"Espinas CMS SQL Injection",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - LFI",2010-04-07,"Angela Zhang",php,webapps,0 -12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) <= 2.11.1 Exploit",2010-04-07,Rh0,multiple,local,0 +12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) 2.11.1 Exploit",2010-04-07,Rh0,multiple,local,0 12104,platforms/windows/dos/12104.py,"Anyzip 1.1 - (.zip) PoC (SEH) (0Day)",2010-04-07,ITSecTeam,windows,dos,0 12105,platforms/php/webapps/12105.txt,"Free Image & File Hosting Upload",2010-04-07,indoushka,php,webapps,0 12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost - Multiple Vulnerabilities",2010-04-07,indoushka,php,webapps,0 @@ -11344,7 +11344,7 @@ id,file,description,date,author,platform,type,port 12434,platforms/cgi/webapps/12434.py,"NIBE heat pump LFI Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12435,platforms/php/webapps/12435.txt,"Zabbix 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0 12436,platforms/php/webapps/12436.txt,"Pligg CMS (story.php?id) 1.0.4 - SQL Injection",2010-04-28,"Don Tukulesto",php,webapps,0 -12437,platforms/windows/dos/12437.html,"Safari 4.0.3 & 4.0.4 - Stack Exhaustion",2010-04-28,"Fredrik Nordberg Almroth",windows,dos,0 +12437,platforms/windows/dos/12437.html,"Safari 4.0.3 / 4.0.4 - Stack Exhaustion",2010-04-28,"Fredrik Nordberg Almroth",windows,dos,0 12438,platforms/php/webapps/12438.txt,"SoftBizScripts Dating Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 12439,platforms/php/webapps/12439.txt,"SoftBizScripts Hosting Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 12440,platforms/php/webapps/12440.txt,"Joomla Component Wap4Joomla (wapmain.php) SQL Injection",2010-04-28,Manas58,php,webapps,0 @@ -11577,7 +11577,7 @@ id,file,description,date,author,platform,type,port 12686,platforms/php/webapps/12686.txt,"Online University (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - (gallery.php) Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 -12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 administration console - Cross-Site Scripting (XSS) (Authenticated)",2010-05-21,"Richard Brain",multiple,webapps,0 +12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 administration console - (Authenticated) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0 12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - (fckeditor) Arbitrary File Upload Exploit",2010-05-21,Ma3sTr0-Dz,php,webapps,0 12691,platforms/php/webapps/12691.txt,"Online Job Board (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 14322,platforms/php/webapps/14322.txt,"Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 @@ -12421,7 +12421,7 @@ id,file,description,date,author,platform,type,port 14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia 2.5 - CSRF Add Admin Account",2010-06-29,G0D-F4Th3r,php,webapps,0 14112,platforms/php/webapps/14112.txt,"PageDirector CMS (result.php) SQL Injection",2010-06-29,v3n0m,php,webapps,0 14115,platforms/windows/webapps/14115.txt,"Gekko CMS (SQL Injection)",2010-06-29,[]0iZy5,windows,webapps,80 -14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) <= 4.3.x - SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 +14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 30100,platforms/windows/remote/30100.html,"British Telecommunications Consumer Webhelper 2.0.0.7 - Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS (news.php) SQL Injection",2010-06-29,GlaDiaT0R,multiple,webapps,80 14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 @@ -12579,7 +12579,7 @@ id,file,description,date,author,platform,type,port 14310,platforms/php/webapps/14310.js,"DotDefender 3.8-5 - No Authentication Remote Code Execution Through XSS",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0 14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) Upload",2010-07-10,Sid3^effects,php,webapps,0 -14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats Persistent XSS",2010-07-12,Sid3^effects,php,webapps,0 +14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats - Persistent XSS",2010-07-12,Sid3^effects,php,webapps,0 14318,platforms/php/webapps/14318.html,"Elite CMS 1.01 - Multiple XSS/CSRF Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b Remote Command Execution Exploit",2010-07-10,yawn,php,webapps,0 14320,platforms/php/webapps/14320.pl,"PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Remote Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 @@ -12707,7 +12707,7 @@ id,file,description,date,author,platform,type,port 14470,platforms/php/webapps/14470.txt,"Ballettin Forum SQL Injection",2010-07-25,3v0,php,webapps,0 14471,platforms/php/webapps/14471.txt,"CMS Ignition SQL Injection Exploit",2010-07-25,neavorc,php,webapps,0 14472,platforms/php/webapps/14472.txt,"WhiteBoard 0.1.30 - Multiple Blind SQL Injection",2010-07-25,"Salvatore Fresta",php,webapps,0 -14483,platforms/php/webapps/14483.pl,"PunBB 1.3.4 & Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit",2010-07-27,Dante90,php,webapps,0 +14483,platforms/php/webapps/14483.pl,"PunBB 1.3.4 / Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit",2010-07-27,Dante90,php,webapps,0 14474,platforms/php/webapps/14474.txt,"Freeway CMS 1.4.3.210 SQL Injection",2010-07-26,**RoAd_KiLlEr**,php,webapps,0 14476,platforms/php/webapps/14476.txt,"Joomla Component (com_joomla-visites) Remote File inclusion",2010-07-26,Li0n-PaL,php,webapps,0 14477,platforms/windows/dos/14477.txt,"Media Player Classic - Heap Overflow/DoS",2010-07-26,"Praveen Darshanam",windows,dos,0 @@ -12744,7 +12744,7 @@ id,file,description,date,author,platform,type,port 14523,platforms/php/webapps/14523.txt,"SnoGrafx (cat.php?cat) SQL Injection",2010-08-02,CoBRa_21,php,webapps,0 14528,platforms/php/webapps/14528.txt,"APT-WEBSHOP-SYSTEM modules.php SQL Injection",2010-08-02,secret,php,webapps,0 14530,platforms/php/webapps/14530.txt,"Joomla CamelcityDB 2.2 - SQL Injection",2010-08-02,Amine_92,php,webapps,0 -14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting (XSS)",2010-08-02,"Juan Manuel Garcia",php,webapps,0 +14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting",2010-08-02,"Juan Manuel Garcia",php,webapps,0 14532,platforms/windows/local/14532.py,"Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr Stack Buffer Overflow",2010-08-02,"Praveen Darshanam",windows,local,0 14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0 14534,platforms/php/webapps/14534.txt,"68KB 1.0.0rc4 - Remote File Inclusion",2010-08-03,eidelweiss,php,webapps,0 @@ -12904,10 +12904,10 @@ id,file,description,date,author,platform,type,port 14747,platforms/windows/local/14747.c,"TeamMate Audit Management Software Suite DLL Hijacking Exploit (mfc71enu.dll)",2010-08-25,"Beenu Arora",windows,local,0 14737,platforms/php/webapps/14737.txt,"Simple Forum PHP - Multiple Vulnerabilities",2010-08-25,arnab_s,php,webapps,0 14739,platforms/windows/local/14739.c,"BS.Player 2.56 build 1043 DLL Hijacking Exploit (mfc71loc.dll)",2010-08-25,diwr,windows,local,0 -14740,platforms/windows/local/14740.c,"Adobe Dreamweaver CS5 <= 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)",2010-08-25,diwr,windows,local,0 +14740,platforms/windows/local/14740.c,"Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)",2010-08-25,diwr,windows,local,0 14741,platforms/windows/local/14741.c,"Adobe Photoshop CS2 DLL Hijacking Exploit (Wintab32.dll)",2010-08-25,storm,windows,local,0 14742,platforms/php/webapps/14742.txt,"ClanSphere 2010 - Multiple Vulnerabilities",2010-08-25,Sweet,php,webapps,0 -14743,platforms/windows/local/14743.c,"Avast! <= 5.0.594 - license files DLL Hijacking Exploit (mfc90loc.dll)",2010-08-25,diwr,windows,local,0 +14743,platforms/windows/local/14743.c,"Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit",2010-08-25,diwr,windows,local,0 14748,platforms/windows/local/14748.txt,"uTorrent - DLL Hijacking",2010-08-25,Dr_IDE,windows,local,0 14750,platforms/windows/local/14750.txt,"VLC Media Player DLL Hijacking Exploit (wintab32.dll)",2010-08-25,Secfence,windows,local,0 14751,platforms/windows/local/14751.txt,"Microsoft Vista - BitLocker Drive Encryption API Hijacking Exploit (fveapi.dll)",2010-08-25,"Beenu Arora",windows,local,0 @@ -13341,7 +13341,7 @@ id,file,description,date,author,platform,type,port 15329,platforms/php/webapps/15329.txt,"Zomplog 3.9 - CSRF",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15330,platforms/php/webapps/15330.txt,"NinkoBB 1.3RC5 - XSS",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15331,platforms/php/webapps/15331.txt,"Zomplog 3.9 - Multiple XSS / CSRF Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15332,platforms/php/webapps/15332.txt,"BlogBird Platform Multiple XSS Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15332,platforms/php/webapps/15332.txt,"BlogBird Platform - Multiple XSS Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15333,platforms/windows/remote/15333.txt,"MinaliC Webserver 1.0 - Directory Traversal",2010-10-27,"John Leitch",windows,remote,0 15334,platforms/windows/dos/15334.py,"MinaliC Webserver 1.0 - Denial of Service",2010-10-27,"John Leitch",windows,dos,0 15335,platforms/php/webapps/15335.txt,"alstrasoft e-friends 4.96 - Multiple Vulnerabilities",2010-10-27,"Salvatore Fresta",php,webapps,0 @@ -13457,7 +13457,7 @@ id,file,description,date,author,platform,type,port 15466,platforms/php/webapps/15466.txt,"Joomla Component JQuarks4s 1.0.0 - Blind SQL Injection",2010-11-09,"Salvatore Fresta",php,webapps,0 15465,platforms/php/webapps/15465.rb,"Woltlab Burning Board Userlocator 2.5 - SQL Injection Exploit",2010-11-09,"Easy Laster",php,webapps,0 15467,platforms/multiple/dos/15467.txt,"Oracle MySQL < 5.1.49 - 'WITH ROLLUP' Denial of Service",2010-11-09,"Shane Bester",multiple,dos,0 -15468,platforms/php/webapps/15468.txt,"Joomla Component (btg_oglas) HTML & XSS Injection",2010-11-09,CoBRa_21,php,webapps,0 +15468,platforms/php/webapps/15468.txt,"Joomla Component (btg_oglas) - HTML / XSS Injection",2010-11-09,CoBRa_21,php,webapps,0 15469,platforms/php/webapps/15469.txt,"Joomla Component (com_markt) SQL Injection",2010-11-09,CoBRa_21,php,webapps,0 15470,platforms/php/webapps/15470.txt,"Joomla Component (com_img) LFI",2010-11-09,CoBRa_21,php,webapps,0 15484,platforms/php/webapps/15484.txt,"FCKEditor Core 2.x 2.4.3 - (FileManager upload.php) Arbitrary File Upload",2010-11-10,grabz,php,webapps,0 @@ -13831,7 +13831,7 @@ id,file,description,date,author,platform,type,port 15960,platforms/php/webapps/15960.txt,"Maximus CMS 1.1.2 - (fckeditor) Arbitrary File Upload",2011-01-10,eidelweiss,php,webapps,0 15962,platforms/solaris/local/15962.c,"Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Root Exploit",2011-01-10,peri.carding,solaris,local,0 15963,platforms/windows/remote/15963.rb,"Windows Common Control Library (Comctl32) - Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0 -15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - LFI & Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0 +15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - LFI / Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0 15968,platforms/php/webapps/15968.txt,"vam shop 1.6 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15969,platforms/php/webapps/15969.txt,"diafan.cms 4.3 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15970,platforms/php/webapps/15970.txt,"Cambio 0.5a - CSRF",2011-01-11,"High-Tech Bridge SA",php,webapps,0 @@ -14008,7 +14008,7 @@ id,file,description,date,author,platform,type,port 16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file - (avcenter.exe) Local Crash PoC",2011-02-19,KedAns-Dz,windows,dos,0 16204,platforms/windows/dos/16204.pl,"Solar FTP 2.1 - Denial of Service Exploit",2011-02-22,x000,windows,dos,0 16190,platforms/windows/dos/16190.pl,"IBM Lotus Domino LDAP Bind Request Remote Code Execution",2011-02-18,"Francis Provencher",windows,dos,0 -16191,platforms/windows/dos/16191.pl,"Novell ZenWorks 10 & 11 - TFTPD Remote Code Execution",2011-02-18,"Francis Provencher",windows,dos,0 +16191,platforms/windows/dos/16191.pl,"Novell ZenWorks 10 / 11 - TFTPD Remote Code Execution",2011-02-18,"Francis Provencher",windows,dos,0 16192,platforms/linux/dos/16192.pl,"Novell Iprint LPD Remote Code Execution",2011-02-18,"Francis Provencher",linux,dos,0 16254,platforms/windows/dos/16254.txt,"Nitro PDF Reader 1.4.0 - Heap Memory Corruption PoC",2011-02-28,LiquidWorm,windows,dos,0 16225,platforms/cfm/webapps/16225.txt,"Alcassoft's SOPHIA CMS SQL Injection",2011-02-24,p0pc0rn,cfm,webapps,0 @@ -14200,7 +14200,7 @@ id,file,description,date,author,platform,type,port 16397,platforms/windows/remote/16397.rb,"Lyris ListManager MSDE Weak sa Password",2010-09-20,Metasploit,windows,remote,0 16398,platforms/windows/remote/16398.rb,"Microsoft SQL Server Hello Overflow",2010-04-30,Metasploit,windows,remote,0 16399,platforms/windows/remote/16399.rb,"Seattle Lab Mail (SLMail) 5.5 - POP3 Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16400,platforms/windows/remote/16400.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 +16400,platforms/windows/remote/16400.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 16401,platforms/windows/remote/16401.rb,"CA BrightStor ARCserve Message Engine Heap Overflow",2010-04-30,Metasploit,windows,remote,0 16402,platforms/windows/remote/16402.rb,"CA BrightStor HSM Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16403,platforms/windows/remote/16403.rb,"CA BrightStor Agent for Microsoft SQL Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14209,14 +14209,14 @@ id,file,description,date,author,platform,type,port 16406,platforms/windows/remote/16406.rb,"CA BrightStor Discovery Service Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16407,platforms/windows/remote/16407.rb,"CA BrightStor ARCserve Tape Engine Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16408,platforms/windows/remote/16408.rb,"CA BrightStor Discovery Service TCP Overflow",2010-04-30,Metasploit,windows,remote,0 -16409,platforms/windows/remote/16409.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (2)",2010-11-03,Metasploit,windows,remote,0 +16409,platforms/windows/remote/16409.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2)",2010-11-03,Metasploit,windows,remote,0 16410,platforms/windows/remote/16410.rb,"Computer Associates Alert Notification Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16411,platforms/windows/remote/16411.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (3)",2010-11-03,Metasploit,windows,remote,0 +16411,platforms/windows/remote/16411.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3)",2010-11-03,Metasploit,windows,remote,0 16412,platforms/windows/remote/16412.rb,"CA BrightStor ARCserve Message Engine 0x72 - Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 16413,platforms/windows/remote/16413.rb,"CA BrightStor ArcServe Media Service Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16414,platforms/windows/remote/16414.rb,"CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow",2010-11-03,Metasploit,windows,remote,0 16415,platforms/windows/remote/16415.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow",2011-03-10,Metasploit,windows,remote,0 -16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow",2010-11-04,Metasploit,windows,remote,0 +16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Multiple Commands Buffer Overflow",2010-11-04,Metasploit,windows,remote,0 16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (1)",2010-10-05,Metasploit,windows,remote,0 16418,platforms/windows/remote/16418.rb,"CA BrightStor ARCserve Message Engine Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16419,platforms/windows/remote/16419.rb,"Mercury/32 <= 4.01b - PH Server Module Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 @@ -14751,7 +14751,7 @@ id,file,description,date,author,platform,type,port 16952,platforms/linux/dos/16952.c,"Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS (2)",2011-03-10,zx2c4,linux,dos,0 16953,platforms/asp/webapps/16953.txt,"Luch Web Designer Multiple SQL Injection",2011-03-10,p0pc0rn,asp,webapps,0 16954,platforms/php/webapps/16954.txt,"Keynect Ecommerce SQL Injection",2011-03-10,"Arturo Zamora",php,webapps,0 -16955,platforms/asp/webapps/16955.txt,"SmarterMail 7.3 & 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 +16955,platforms/asp/webapps/16955.txt,"SmarterMail 7.3 / 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow",2011-03-07,Metasploit,windows,remote,0 16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows Payload Execution",2011-03-08,Metasploit,windows,remote,0 16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 @@ -15297,7 +15297,7 @@ id,file,description,date,author,platform,type,port 17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal Multiple SQL Injection",2011-08-04,Netrondoank,multiple,webapps,0 17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 -17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 +17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 / < 1647 trunk - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow Exploit",2011-08-05,ZadYree,linux,local,0 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit)",2011-08-05,Rh0,windows,remote,0 17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 @@ -15475,7 +15475,7 @@ id,file,description,date,author,platform,type,port 17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service PoC",2011-09-09,modpr0be,windows,dos,0 17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 -17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0Day)",2011-09-12,mr_me,windows,local,0 +17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - (.zip) Buffer Overflow Exploit (0Day)",2011-09-12,mr_me,windows,local,0 17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 Post Auth Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow Exploit",2011-09-12,blake,windows,remote,0 17820,platforms/windows/local/17820.c,"Aika 0.2 colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 @@ -15560,7 +15560,7 @@ id,file,description,date,author,platform,type,port 17905,platforms/php/webapps/17905.txt,"Typo3 File Disclosure",2011-09-29,"Number 7",php,webapps,0 17906,platforms/php/webapps/17906.txt,"WordPress Plugin Bannerize 2.8.7 - SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 17908,platforms/freebsd/dos/17908.sh,"FreeBSD - UIPC socket heap Overflow Proof of Concept",2011-09-30,"Shaun Colley",freebsd,dos,0 -17909,platforms/php/webapps/17909.txt,"MARINET CMS (room.php) <= Blind SQL",2011-09-30,"BHG Security Center",php,webapps,0 +17909,platforms/php/webapps/17909.txt,"MARINET CMS (room.php) Blind SQL",2011-09-30,"BHG Security Center",php,webapps,0 17911,platforms/php/webapps/17911.php,"Feed on Feeds 0.5 - Remote PHP Code Injection Exploit",2011-09-30,EgiX,php,webapps,0 17918,platforms/windows/dos/17918.txt,"Adobe Photoshop Elements 8.0 - Multiple Arbitrary Code Execution Vulnerabilities",2011-10-02,LiquidWorm,windows,dos,0 17919,platforms/php/webapps/17919.txt,"Banana Dance CMS and Wiki - SQL Injection",2011-10-02,Aodrulez,php,webapps,0 @@ -15916,7 +15916,7 @@ id,file,description,date,author,platform,type,port 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 18374,platforms/php/webapps/18374.txt,"PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities",2012-01-16,Or4nG.M4N,php,webapps,0 18370,platforms/multiple/dos/18370.txt,"php 5.3.8 - Multiple Vulnerabilities",2012-01-14,"Maksymilian Arciemowicz",multiple,dos,0 -18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection (Metasploit)",2012-01-14,"Marco Batista",php,webapps,0 +18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x / 3.4.x - Local File Inclusion via XXE Injection (Metasploit)",2012-01-14,"Marco Batista",php,webapps,0 18372,platforms/windows/local/18372.txt,"Microsoft Windows Assembly Execution (MS12-005)",2012-01-14,"Byoungyoung Lee",windows,local,0 18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow Exploit (Unicode SEH) (Metasploit)",2012-01-17,Metasploit,windows,local,0 18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport Remote Command Execution",2012-01-17,Metasploit,windows,remote,0 @@ -16057,7 +16057,7 @@ id,file,description,date,author,platform,type,port 18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file param) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 18524,platforms/windows/dos/18524.py,"Tiny HTTP Server 1.1.9 - Remote Crash PoC",2012-02-25,localh0t,windows,dos,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery SQL Injection",2012-02-25,CorryL,php,webapps,0 -18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) <= 2.11 - CSRF (Delete Admin & Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 +18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) 2.11 - CSRF (Delete Admin / Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - (.pls) Stack Buffer Overflow",2012-03-02,Metasploit,windows,local,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 @@ -16150,7 +16150,7 @@ id,file,description,date,author,platform,type,port 18640,platforms/windows/remote/18640.txt,"Google Talk gtalk:// Deprecated Uri Handler Parameter Injection",2012-03-22,rgod,windows,remote,0 18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 18642,platforms/windows/remote/18642.rb,"Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002)",2012-03-22,Metasploit,windows,remote,0 -18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 - Remote Buffer Overflow",2012-03-22,"Julien Ahrens",windows,dos,0 +18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow",2012-03-22,"Julien Ahrens",windows,dos,0 18644,platforms/php/webapps/18644.txt,"vBShout Persistent XSS",2012-03-22,ToiL,php,webapps,0 18646,platforms/hardware/webapps/18646.txt,"Cyberoam UTM - Multiple Vulnerabilities",2012-03-22,"Saurabh Harit",hardware,webapps,0 18647,platforms/php/webapps/18647.txt,"PHP Grade Book 1.9.4 Unauthenticated SQL Database Export",2012-03-22,"Mark Stanislav",php,webapps,0 @@ -16194,7 +16194,7 @@ id,file,description,date,author,platform,type,port 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR",2012-04-03,b33f,windows,local,0 -18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - CSRF (Add Admin & Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 +18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - CSRF (Add Admin / Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 18708,platforms/php/webapps/18708.txt,"GENU CMS SQL Injection",2012-04-05,"hordcode security",php,webapps,0 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0 18710,platforms/windows/local/18710.rb,"Csound hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 @@ -16204,11 +16204,11 @@ id,file,description,date,author,platform,type,port 18718,platforms/windows/remote/18718.txt,"distinct tftp server 3.01 - Directory Traversal",2012-04-08,modpr0be,windows,remote,0 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) DoS Exploit",2012-04-08,Death-Shadow-Dark,windows,dos,0 18720,platforms/php/webapps/18720.txt,"Utopia News Pro 1.4.0 - CSRF Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 -18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption",2012-04-23,shinnai,windows,dos,0 +18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - (.chm / .mobi) Memory Corruption",2012-04-23,shinnai,windows,dos,0 18722,platforms/cgi/webapps/18722.txt,"ZTE Change admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 18723,platforms/multiple/remote/18723.rb,"Snort 2 DCE/RPC preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 -18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 Post-Auth OS Command Injection",2012-04-09,Metasploit,php,webapps,0 -18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 +18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 - Post-Auth OS Command Injection",2012-04-09,Metasploit,php,webapps,0 +18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM - OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile() Method Overflow",2012-04-10,Metasploit,windows,remote,0 18728,platforms/php/webapps/18728.txt,"joomla component The Estate Agent (com_estateagent) SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 @@ -16791,8 +16791,8 @@ id,file,description,date,author,platform,type,port 19421,platforms/multiple/remote/19421.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1_HP HP-UX 11.0_Solaris 7.0_SunOS 4.1.4 rpc.cmsd Buffer Overflow (2)",1999-07-13,jGgM,multiple,remote,0 19422,platforms/linux/local/19422.txt,"BMC Software Patrol 3.2.5 Patrol SNMP Agent File Creation/Permission",1999-07-14,"Andrew Alness",linux,local,0 19423,platforms/multiple/dos/19423.c,"Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service",1999-07-15,"Mike Perry",multiple,dos,0 -19424,platforms/windows/remote/19424.pl,"Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1)",1999-07-19,"rain forest puppy",windows,remote,0 -19425,platforms/windows/local/19425.txt,"Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 +19424,platforms/windows/remote/19424.pl,"Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1)",1999-07-19,"rain forest puppy",windows,remote,0 +19425,platforms/windows/local/19425.txt,"Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0_SGI IRIX 6.5.4_SGI UNICOS 10.0 6 - arrayd.auth Default Configuration",1999-07-19,"Last Stage of Delirium",multiple,remote,0 19427,platforms/osx/local/19427.txt,"Apple At Ease 5.0",1999-05-13,"Tim Conrad",osx,local,0 19428,platforms/linux/local/19428.c,"Samba Pre-2.0.5",1999-07-21,"Gerald Britton",linux,local,0 @@ -16994,7 +16994,7 @@ id,file,description,date,author,platform,type,port 19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 login & password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19624,platforms/windows/dos/19624.txt,"Gene6 G6 FTP Server 2.0 - Buffer Overflow DoS",1999-11-17,"Ussr Labs",windows,dos,0 19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 - SEH Overflow Exploit",2012-07-06,"motaz reda",windows,remote,888 -19626,platforms/php/webapps/19626.txt,"sflog! <= 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 +19626,platforms/php/webapps/19626.txt,"sflog! 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 19630,platforms/php/webapps/19630.rb,"Tiki Wiki 8.3 - unserialize() PHP Code Execution",2012-07-09,Metasploit,php,webapps,0 @@ -17089,7 +17089,7 @@ id,file,description,date,author,platform,type,port 19724,platforms/windows/remote/19724.txt,"Mirabilis ICQ 0.99 b 1.1.1.1/3.19 - Remote Buffer Overflow",2000-01-12,"Drew Copley",windows,remote,0 19725,platforms/windows/dos/19725.txt,"Nosque Workshop MsgCore 1.9 - Denial of Service",2000-01-13,"Ussr Labs",windows,dos,0 19726,platforms/bsd/local/19726.c,"FreeBSD 3.4_NetBSD 1.4.1_OpenBSD 2.6 - /proc File Sytem",2000-01-21,Nergal,bsd,local,0 -19727,platforms/linux/local/19727.c,"Inter7 vpopmail (vchkpw) <= 3.4.11 - Buffer Overflow",2000-01-21,K2,linux,local,0 +19727,platforms/linux/local/19727.c,"Inter7 vpopmail (vchkpw) 3.4.11 - Buffer Overflow",2000-01-21,K2,linux,local,0 19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 Default Permissions",1999-12-29,"Frank Monroe",windows,local,0 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow",2000-01-10,Zhodiac,linux,remote,0 19730,platforms/windows/remote/19730.c,"A-V Tronics InetServ 3.0 WebMail Long GET Request",2000-01-17,"Greg Hoglund",windows,remote,0 @@ -19413,7 +19413,7 @@ id,file,description,date,author,platform,type,port 22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin (index.php task parameter) SQL Injection",2012-10-22,D4NB4R,php,webapps,0 22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component (index.php search parameter) SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 22154,platforms/windows/dos/22154.pl,"RealPlayer 15.0.6.14.3gp - Crash PoC",2012-10-22,coolkaveh,windows,dos,0 -22156,platforms/php/webapps/22156.txt,"White Label CMS 1.5 - CSRF & Persistent XSS",2012-10-22,pcsjj,php,webapps,0 +22156,platforms/php/webapps/22156.txt,"White Label CMS 1.5 - CSRF / Persistent XSS",2012-10-22,pcsjj,php,webapps,0 22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 - (index.php id parameter) SQL Injection",2012-10-22,Cumi,php,webapps,0 22158,platforms/php/webapps/22158.txt,"WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 22159,platforms/php/webapps/22159.txt,"subrion CMS 2.2.1 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 @@ -19506,7 +19506,7 @@ id,file,description,date,author,platform,type,port 22248,platforms/hp-ux/local/22248.sh,"HP-UX 10.x rs.F3000 Unspecified Unauthorized Access",2003-02-12,"Last Stage of Delirium",hp-ux,local,0 22249,platforms/aix/dos/22249.txt,"IBM AIX 4.3.3/5.1/5.2 libIM Buffer Overflow",2003-02-12,"Euan Briggs",aix,dos,0 22250,platforms/multiple/dos/22250.sh,"iParty Conferencing Server Denial of Service",1999-05-08,wh00t,multiple,dos,0 -22251,platforms/multiple/remote/22251.sh,"AIX 3.x/4.x & Windows 95/98/2000/NT 4 & SunOS 5 gethostbyname() - Buffer Overflow",2006-09-28,RoMaNSoFt,multiple,remote,0 +22251,platforms/multiple/remote/22251.sh,"AIX 3.x/4.x / Windows 95/98/2000/NT 4 / SunOS 5 gethostbyname() - Buffer Overflow",2006-09-28,RoMaNSoFt,multiple,remote,0 22252,platforms/php/webapps/22252.txt,"PHP-Board 1.0 User Password Disclosure",2003-02-15,frog,php,webapps,0 22253,platforms/php/webapps/22253.txt,"DotBr 0.1 System.php3 - Remote Command Execution",2003-02-15,frog,php,webapps,0 22254,platforms/php/webapps/22254.txt,"DotBr 0.1 Exec.php3 - Remote Command Execution",2003-02-15,frog,php,webapps,0 @@ -20742,7 +20742,7 @@ id,file,description,date,author,platform,type,port 23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 - Search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 Invalid Command Argument Local DoS",2004-02-13,"intuit e.b.",windows,dos,0 23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP Authenticated Admin Command Injection (Metasploit)",2012-12-20,"Spencer McIntyre",multiple,remote,0 -23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) <= 7.5.1NULL Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 +23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) 7.5.1NULL Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 23524,platforms/multiple/dos/23524.c,"IDA Pro 6.3 - Crash PoC",2012-12-20,nitr0us,multiple,dos,0 23525,platforms/php/webapps/23525.txt,"PhpGedView 2.61 - Search Script Cross-Site Scripting",2004-01-06,Windak,php,webapps,0 23526,platforms/php/webapps/23526.txt,"PhpGedView 2.61 PHPInfo Information Disclosure Weakness",2004-01-06,Windak,php,webapps,0 @@ -21290,7 +21290,7 @@ id,file,description,date,author,platform,type,port 24096,platforms/linux/dos/24096.pl,"Qualcomm Eudora 5.2.1/6.x Embedded Hyperlink Buffer Overrun",2004-05-07,"Paul Szabo",linux,dos,0 24097,platforms/windows/remote/24097.c,"MyWeb HTTP Server 3.3 GET Request Buffer Overflow",2004-05-06,badpack3t,windows,remote,0 24098,platforms/windows/remote/24098.txt,"Qualcomm Eudora 6.x Embedded Hyperlink URI Obfuscation Weakness",2004-05-08,"Brett Glass",windows,remote,0 -24099,platforms/php/webapps/24099.txt,"Adam Webb NukeJokes 1.7/2.0 Module Multiple Parameter XSS",2004-05-08,"Janek Vind",php,webapps,0 +24099,platforms/php/webapps/24099.txt,"Adam Webb NukeJokes 1.7/2.0 - Module Multiple Parameter XSS",2004-05-08,"Janek Vind",php,webapps,0 24100,platforms/php/webapps/24100.txt,"Adam Webb NukeJokes 1.7/2.0 Module modules.php jokeid Parameter SQL Injection",2004-05-08,"Janek Vind",php,webapps,0 24101,platforms/windows/remote/24101.txt,"Microsoft Outlook 2003 Predictable File Location Weakness",2004-05-10,http-equiv,windows,remote,0 24102,platforms/windows/remote/24102.txt,"Microsoft Internet Explorer 4/5/6 Embedded Image URI Obfuscation Weakness",2004-05-10,http-equiv,windows,remote,0 @@ -21668,7 +21668,7 @@ id,file,description,date,author,platform,type,port 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Remote Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script (index.php id param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 -24494,platforms/hardware/remote/24494.rb,"Polycom HDX Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 +24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009) (Metasploit)",2013-02-14,"Scott Bell",windows,remote,0 24496,platforms/windows/webapps/24496.txt,"Sonicwall Scrutinizer 9.5.2 - SQL Injection",2013-02-14,Vulnerability-Lab,windows,webapps,0 @@ -21712,7 +21712,7 @@ id,file,description,date,author,platform,type,port 24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 24549,platforms/php/remote/24549.rb,"PolarPearCMS PHP File Upload",2013-02-26,Metasploit,php,remote,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 -24551,platforms/php/webapps/24551.txt,"Joomla! <= 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 +24551,platforms/php/webapps/24551.txt,"Joomla! 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Local Root (1)",2013-02-27,sd,linux,local,0 24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - (.m3u) Buffer Overflow",2013-03-01,metacom,windows,dos,0 @@ -22243,7 +22243,7 @@ id,file,description,date,author,platform,type,port 25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 Web Access Login Form Remote URI Redirection",2005-02-07,"Morning Wood",asp,webapps,0 25085,platforms/windows/dos/25085.txt,"Microsoft Office XP 2000/2002 HTML Link Processing Remote Buffer Overflow",2005-02-08,"Rafel Ivgi",windows,dos,0 25086,platforms/windows/webapps/25086.pl,"Ipswitch IMail 11.01 - XSS",2013-04-29,DaOne,windows,webapps,0 -25087,platforms/php/webapps/25087.txt,"Joomla! <= 3.0.3 (remember.php) - PHP Object Injection",2013-04-26,EgiX,php,webapps,0 +25087,platforms/php/webapps/25087.txt,"Joomla! 3.0.3 (remember.php) - PHP Object Injection",2013-04-26,EgiX,php,webapps,0 25088,platforms/php/webapps/25088.txt,"Foe CMS 1.6.5 - Multiple Vulnerabilities",2013-04-29,flux77,php,webapps,0 25092,platforms/windows/remote/25092.txt,"Software602 602 Lan Suite 2004 2004.0.04.1221 - Arbitrary File Upload",2005-02-08,"Tan Chew Keong",windows,remote,0 25093,platforms/php/webapps/25093.txt,"MercuryBoard 1.1 INDEX.php SQL Injection",2005-02-09,Zeelock,php,webapps,0 @@ -22485,7 +22485,7 @@ id,file,description,date,author,platform,type,port 25343,platforms/php/webapps/25343.txt,"PHP-Nuke 7.6 Banners.php Cross-Site Scripting",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 25344,platforms/php/webapps/25344.txt,"PHPBB 2.0.13 DLMan Pro Module SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25345,platforms/php/webapps/25345.txt,"PHPBB 2.0.13 Linkz Pro Module SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 -25346,platforms/asp/webapps/25346.txt,"Active Auction House Default.ASP Multiple SQL Injection",2005-04-06,Dcrab,asp,webapps,0 +25346,platforms/asp/webapps/25346.txt,"Active Auction House - Default.ASP Multiple SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25347,platforms/asp/webapps/25347.txt,"Active Auction House ItemInfo.ASP SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25348,platforms/asp/webapps/25348.txt,"Active Auction House start.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 25349,platforms/asp/webapps/25349.txt,"Active Auction House account.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 @@ -23460,7 +23460,7 @@ id,file,description,date,author,platform,type,port 26324,platforms/php/webapps/26324.txt,"TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-05,"Donnie Werner",php,webapps,0 26325,platforms/multiple/dos/26325.txt,"Mozilla Firefox 1.0.6/1.0.7 IFRAME Handling Denial of Service",2005-10-05,"Tom Ferris",multiple,dos,0 26326,platforms/php/webapps/26326.html,"MyBloggie 2.1.3 - Search.php SQL Injection",2005-10-06,trueend5,php,webapps,0 -26335,platforms/asp/webapps/26335.txt,"Aenovo Multiple Unspecified Cross-Site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 +26335,platforms/asp/webapps/26335.txt,"Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 26336,platforms/multiple/dos/26336.txt,"Oracle Forms - Servlet TLS Listener Remote Denial of Service",2005-10-07,"Alexander Kornbrust",multiple,dos,0 26337,platforms/php/webapps/26337.php,"Cyphor 0.19 lostpwd.php nick Field SQL Injection",2005-10-08,rgod,php,webapps,0 26338,platforms/php/webapps/26338.txt,"Cyphor 0.19 newmsg.php fid Parameter SQL Injection",2005-10-08,retrogod@aliceposta.it,php,webapps,0 @@ -23830,7 +23830,7 @@ id,file,description,date,author,platform,type,port 26704,platforms/asp/webapps/26704.txt,"Solupress News 1.0 - Search.ASP Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 Archive.ASP Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26706,platforms/php/webapps/26706.txt,"PHP-Fusion 6.0.109 Messages.php SQL Injection",2005-12-03,"Nolan West",php,webapps,0 -26707,platforms/php/webapps/26707.txt,"Alisveristr E-commerce Login Multiple SQL Injection",2005-12-03,B3g0k,php,webapps,0 +26707,platforms/php/webapps/26707.txt,"Alisveristr E-commerce Login - Multiple SQL Injection",2005-12-03,B3g0k,php,webapps,0 26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 ERS File Handling Buffer Overflow",2013-07-09,Metasploit,windows,local,0 26709,platforms/lin_x86/local/26709.txt,"Solaris Recommended Patch Cluster 6/19 - Local Root on x86",2013-07-09,"Larry W. Cashdollar",lin_x86,local,0 26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10 / 2.6.7 / 2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0 @@ -24793,7 +24793,7 @@ id,file,description,date,author,platform,type,port 27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 login.cgi password Parameter XSS",2006-04-20,r0t,cgi,webapps,0 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Preauth Heap Corruption",2013-09-03,kingcope,hardware,remote,0 -28057,platforms/php/webapps/28057.txt,"Cline Communications Multiple SQL Injection",2006-06-17,Liz0ziM,php,webapps,0 +28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injection",2006-06-17,Liz0ziM,php,webapps,0 28058,platforms/php/webapps/28058.txt,"Eduha Meeting Index.php Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x Web Interface ccmadmin/phonelist.asp pattern Parameter XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x Web Interface ccmuser/logon.asp XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 @@ -25101,7 +25101,7 @@ id,file,description,date,author,platform,type,port 28018,platforms/php/webapps/28018.txt,"VBZoom 1.0/1.1 - Multiple SQL Injection",2006-06-13,"CrAzY CrAcKeR",php,webapps,0 28019,platforms/php/webapps/28019.txt,"Simpnews 2.x Wap_short_news.php Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 28020,platforms/php/webapps/28020.txt,"Andy Mack 35mm Slide Gallery 6.0 index.php imgdir Parameter XSS",2006-06-13,black-cod3,php,webapps,0 -28021,platforms/php/webapps/28021.txt,"Andy Mack 35mm Slide Gallery 6.0 popup.php Multiple Parameter XSS",2006-06-13,black-cod3,php,webapps,0 +28021,platforms/php/webapps/28021.txt,"Andy Mack 35mm Slide Gallery 6.0 - popup.php Multiple Parameter XSS",2006-06-13,black-cod3,php,webapps,0 28022,platforms/php/webapps/28022.txt,"Woltlab Burning Board 2.x - Multiple SQL Injection",2006-06-14,"CrAzY CrAcKeR",php,webapps,0 28023,platforms/php/webapps/28023.txt,"Confixx 3.0/3.1 FTP_index.php Cross-Site Scripting",2006-06-14,kr4ch,php,webapps,0 28024,platforms/php/webapps/28024.txt,"PhpBB BBRSS.php Remote File Inclusion",2006-06-14,SpC-x,php,webapps,0 @@ -25145,7 +25145,7 @@ id,file,description,date,author,platform,type,port 28084,platforms/windows/local/28084.html,"KingView 6.53 - Insecure ActiveX Control (SuperGrid)",2013-09-04,blake,windows,local,0 28079,platforms/windows/dos/28079.py,"jetAudio 8.0.16.2000 Plus VX - (.wav) Crash PoC",2013-09-04,ariarat,windows,dos,0 28080,platforms/windows/dos/28080.py,"GOMPlayer 2.2.53.5169 - (.wav) Crash PoC",2013-09-04,ariarat,windows,dos,0 -28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 +28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,Metasploit,windows,remote,0 28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,Metasploit,windows,remote,0 28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 @@ -25952,20 +25952,20 @@ id,file,description,date,author,platform,type,port 28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 RSS.php SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 28916,platforms/windows/remote/28916.rb,"America Online ICQ 5.1 - ActiveX Control Remote Code Execution",2006-11-06,"Peter Vreugdenhil",windows,remote,0 28912,platforms/linux/dos/28912.txt,"Linux Kernel 2.6.x ISO9660 - Denial of Service",2006-11-05,LMH,linux,dos,0 -28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x cp_forum_view.php Multiple Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 +28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x - cp_forum_view.php Multiple Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 28918,platforms/php/webapps/28918.txt,"AIOCP 1.3.x cp_dpage.php choosed_language Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 28919,platforms/php/webapps/28919.txt,"AIOCP 1.3.x cp_show_ec_products.php order_field Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 28920,platforms/php/webapps/28920.txt,"AIOCP 1.3.x cp_users_online.php order_field Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 28921,platforms/php/webapps/28921.txt,"AIOCP 1.3.x cp_links_search.php orderdir Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 28922,platforms/php/webapps/28922.txt,"AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion",2006-11-06,"laurent gaffie",php,webapps,0 28923,platforms/php/webapps/28923.txt,"AIOCP 1.3.x cp_dpage.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28924,platforms/php/webapps/28924.txt,"AIOCP 1.3.x cp_news.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28924,platforms/php/webapps/28924.txt,"AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28925,platforms/php/webapps/28925.txt,"AIOCP 1.3.x cp_forum_view.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28926,platforms/php/webapps/28926.txt,"AIOCP 1.3.x cp_edit_user.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28927,platforms/php/webapps/28927.txt,"AIOCP 1.3.x cp_newsletter.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28928,platforms/php/webapps/28928.txt,"AIOCP 1.3.x cp_links.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28927,platforms/php/webapps/28927.txt,"AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28928,platforms/php/webapps/28928.txt,"AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28929,platforms/php/webapps/28929.txt,"AIOCP 1.3.x cp_contact_us.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28930,platforms/php/webapps/28930.txt,"AIOCP 1.3.x cp_show_ec_products.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28930,platforms/php/webapps/28930.txt,"AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28931,platforms/php/webapps/28931.txt,"AIOCP 1.3.x cp_login.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28932,platforms/php/webapps/28932.txt,"AIOCP 1.3.x cp_users_online.php order_field Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28933,platforms/php/webapps/28933.txt,"AIOCP 1.3.x cp_codice_fiscale.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 @@ -26116,7 +26116,7 @@ id,file,description,date,author,platform,type,port 29075,platforms/asp/webapps/29075.txt,"20/20 Auto Gallery 3.2 - Multiple SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29076,platforms/windows/dos/29076.html,"Adobe Reader 7.0.x - Multiple Vulnerabilities",2006-11-17,"Michal Bucko",windows,dos,0 29077,platforms/asp/webapps/29077.txt,"20/20 Applications Data Shed 1.0 f-email.asp itemID Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 -29078,platforms/asp/webapps/29078.txt,"20/20 Applications Data Shed 1.0 listings.asp Multiple Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 +29078,platforms/asp/webapps/29078.txt,"20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29079,platforms/php/webapps/29079.txt,"VBulletin 3.6.x Admin Control Panel Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component Multiple Field SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site login_form.asp msg Parameter XSS",2006-11-17,"laurent gaffie",asp,webapps,0 @@ -26220,7 +26220,7 @@ id,file,description,date,author,platform,type,port 29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 park ndomain Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29189,platforms/asp/webapps/29189.txt,"fipsShop Multiple SQL Injection",2006-11-25,"Aria-Security Team",asp,webapps,0 29190,platforms/osx/local/29190.txt,"Apple Mac OS X 10.4.x Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 -29191,platforms/asp/webapps/29191.txt,"ClickContact Default.ASP Multiple SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 +29191,platforms/asp/webapps/29191.txt,"ClickContact - Default.ASP Multiple SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29192,platforms/asp/webapps/29192.txt,"Clickblog Displaycalendar.ASP SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29193,platforms/asp/webapps/29193.txt,"Click Gallery Multiple Input Validation Vulnerabilities",2006-11-27,"Aria-Security Team",asp,webapps,0 29194,platforms/osx/local/29194.c,"Apple Mac OS X 10.4.x AppleTalk AIOCRegLocalZN IOCTL Stack Buffer Overflow",2006-11-27,LMH,osx,local,0 @@ -26275,7 +26275,7 @@ id,file,description,date,author,platform,type,port 29258,platforms/php/webapps/29258.txt,"PHP RSS Reader 2010 - SQL Injection",2013-10-28,"mishal abdullah",php,webapps,0 29273,platforms/hardware/remote/29273.pl,"WatchGuard Firewall XTM 11.7.4u1 - Remote Buffer Overflow",2013-10-29,st3n,hardware,remote,8080 29263,platforms/windows/local/29263.pl,"BlazeDVD 6.2 - (.plf) Buffer Overflow (SEH)",2013-10-28,"Mike Czumak",windows,local,0 -29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4 & 1.5 - Multiple SQL Injection",2013-10-28,Vulnerability-Lab,php,webapps,0 +29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4 / 1.5 - Multiple SQL Injection",2013-10-28,Vulnerability-Lab,php,webapps,0 29265,platforms/php/webapps/29265.txt,"ILIAS eLearning CMS 4.3.4 & 4.4 - Persistent XSS",2013-10-29,Vulnerability-Lab,php,webapps,0 29266,platforms/hardware/webapps/29266.txt,"Stem Innovation 'IZON' Hard-coded Credentials",2013-10-29,"Mark Stanislav",hardware,webapps,0 29267,platforms/php/webapps/29267.txt,"ProNews 1.5 admin/change.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 @@ -26294,7 +26294,7 @@ id,file,description,date,author,platform,type,port 29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",windows,dos,0 29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 Fusion_Forum_View.php Local File Inclusion",2006-12-16,Kacper,php,webapps,0 -29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 & < 5.4.2 - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,php,remote,80 +29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,php,remote,80 29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 Haber.ASP SQL Injection",2006-12-16,ShaFuck31,asp,webapps,0 29294,platforms/php/webapps/29294.html,"Knusperleicht Shoutbox 2.6 Shout.php HTML Injection",2006-12-18,IMHOT3B,php,webapps,0 29295,platforms/windows/dos/29295.html,"Microsoft Outlook ActiveX Control Remote Internet Explorer Denial of Service",2006-12-18,shinnai,windows,dos,0 @@ -26318,7 +26318,7 @@ id,file,description,date,author,platform,type,port 29312,platforms/hardware/webapps/29312.txt,"Unicorn Router WB-3300NR CSRF (Factory Reset/DNS Change)",2013-10-30,absane,hardware,webapps,0 29313,platforms/php/webapps/29313.txt,"Xt-News 0.1 show_news.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 29314,platforms/php/webapps/29314.txt,"Xt-News 0.1 show_news.php id_news Parameter SQL Injection",2006-12-22,Mr_KaLiMaN,php,webapps,0 -29316,platforms/php/remote/29316.py,"Apache + PHP < 5.3.12 & < 5.4.2 - Remote Code Execution (Multithreaded Scanner)",2013-10-31,noptrix,php,remote,0 +29316,platforms/php/remote/29316.py,"Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)",2013-10-31,noptrix,php,remote,0 29994,platforms/php/webapps/29994.txt,"Campsite 2.6.1 - Template.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29995,platforms/php/webapps/29995.txt,"Campsite 2.6.1 - TimeUnit.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29318,platforms/php/webapps/29318.txt,"ImpressPages CMS 3.6 - Multiple XSS/SQLi Vulnerabilities",2013-10-31,LiquidWorm,php,webapps,0 @@ -26526,7 +26526,7 @@ id,file,description,date,author,platform,type,port 30050,platforms/php/webapps/30050.html,"Redoable 1.2 Theme header.php s Parameter XSS",2007-05-17,"John Martinelli",php,webapps,0 30051,platforms/php/webapps/30051.txt,"PsychoStats 2.3 - Server.php Path Disclosure",2007-05-17,kefka,php,webapps,0 30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 -30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 +30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 30054,platforms/jsp/webapps/30054.txt,"Sonicwall Gms 7.x - Filter Bypass & Persistent (0Day)",2013-12-05,Vulnerability-Lab,jsp,webapps,0 30055,platforms/ios/webapps/30055.txt,"Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities",2013-12-05,Vulnerability-Lab,ios,webapps,0 30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 Low.php Cross-Site Scripting",2007-06-18,RMx,php,webapps,0 @@ -26666,7 +26666,7 @@ id,file,description,date,author,platform,type,port 29618,platforms/windows/dos/29618.c,"News File Grabber 4.1.0.1 Subject Line Stack Buffer Overflow (2)",2007-02-19,Marsu,windows,dos,0 29619,platforms/windows/remote/29619.html,"Microsoft Internet Explorer 6.0 - Local File Access Weakness",2007-02-20,"Rajesh Sethumadhavan",windows,remote,0 29620,platforms/osx/dos/29620.txt,"Apple Mac OS X 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 -29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 +29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 29622,platforms/asp/webapps/29622.txt,"Design4Online Userpages2 Page.ASP SQL Injection",2007-02-20,xoron,asp,webapps,0 29623,platforms/cgi/webapps/29623.txt,"Google Desktop Cross-Site Scripting Weakness",2007-02-21,"Yair Amit",cgi,webapps,0 29624,platforms/php/webapps/29624.txt,"CedStat 1.31 Index.php Cross-Site Scripting",2007-02-21,sn0oPy,php,webapps,0 @@ -26749,7 +26749,7 @@ id,file,description,date,author,platform,type,port 29707,platforms/windows/dos/29707.txt,"JPEGView 1.0.29 - Crash PoC",2013-11-19,"Debasish Mandal",windows,dos,0 29709,platforms/hardware/webapps/29709.txt,"Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass",2013-11-19,myexploit,hardware,webapps,80 30368,platforms/php/webapps/30368.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 admin/edituser.php userid Parameter XSS",2007-07-23,Lostmon,php,webapps,0 -30369,platforms/php/webapps/30369.txt,"AlstraSoft Affiliate Network Pro 8.0 merchants/index.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 +30369,platforms/php/webapps/30369.txt,"AlstraSoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30370,platforms/php/webapps/30370.txt,"AlstraSoft Affiliate Network Pro 8.0 merchants/temp.php rowid Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30371,platforms/php/webapps/30371.txt,"AlstraSoft Affiliate Network Pro 8.0 merchants/index.php uploadProducts Action pgmid Parameter SQL Injection",2007-07-23,Lostmon,php,webapps,0 29712,platforms/php/local/29712.txt,"Zend Platform 2.2.1 PHP.INI File Modification",2007-03-03,"Stefan Esser",php,local,0 @@ -26792,7 +26792,7 @@ id,file,description,date,author,platform,type,port 29750,platforms/php/webapps/29750.php,"PHPStats 0.1.9 - Multiple SQL Injection",2007-03-16,rgod,php,webapps,0 29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 PHP-Stats-Options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 Mb_Parse_Str Function Register_Globals Activation Weakness",2007-03-19,"Stefan Esser",php,remote,0 -29753,platforms/linux/remote/29753.c,"File(1) <= 4.13 Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 +29753,platforms/linux/remote/29753.c,"File(1) 4.13 Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 Administrator Password Change",2007-03-19,Kacper,php,webapps,0 29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 @@ -26916,7 +26916,7 @@ id,file,description,date,author,platform,type,port 29815,platforms/hardware/remote/29815.rb,"NETGEAR ReadyNAS Perl Code Evaluation",2013-11-25,Metasploit,hardware,remote,443 29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 BMP Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 Fotokategori.ASP SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 -29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 +29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29819,platforms/windows/dos/29819.c,"IrfanView 3.99 - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29820,platforms/multiple/remote/29820.html,"Firebug 1.03 Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",multiple,remote,0 29821,platforms/php/webapps/29821.txt,"Livor 2.5 Index.php Cross-Site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 @@ -26999,7 +26999,7 @@ id,file,description,date,author,platform,type,port 29900,platforms/multiple/dos/29900.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (1)",2007-03-21,"Barrie Dempster",multiple,dos,0 29901,platforms/multiple/dos/29901.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (2)",2007-03-21,"Barrie Dempster",multiple,dos,0 29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 AddVIP.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 -29903,platforms/php/webapps/29903.txt,"Ahhp Portal Page.php Multiple Remote File Inclusion",2007-04-25,CodeXpLoder'tq,php,webapps,0 +29903,platforms/php/webapps/29903.txt,"Ahhp Portal - Page.php Multiple Remote File Inclusion",2007-04-25,CodeXpLoder'tq,php,webapps,0 29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2categories.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2mail.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 @@ -27215,7 +27215,7 @@ id,file,description,date,author,platform,type,port 30289,platforms/asp/webapps/30289.txt,"EnViVo!CMS Default.ASP ID Parameter SQL Injection",2007-07-11,durito,asp,webapps,0 30290,platforms/php/webapps/30290.txt,"IBM Proventia Sensor Appliance Multiple Input Validation Vulnerabilities",2007-07-11,"Alex Hernandez",php,webapps,0 30291,platforms/linux/remote/30291.txt,"Multiple Vendors - RAR Handling Remote Null Pointer Dereference",2007-07-11,"Metaeye Security Group",linux,remote,0 -30292,platforms/multiple/remote/30292.pl,"Apple QuickTime 7.1.5 Information Disclosure and Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 +30292,platforms/multiple/remote/30292.pl,"Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-Site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 30294,platforms/php/webapps/30294.txt,"Inmostore 4.0 Index.php SQL Injection",2007-07-12,Keniobats,php,webapps,0 30295,platforms/multiple/local/30295.sql,"Oracle Database SQL Compiler Views Unauthorized Manipulation",2007-07-12,bunker,multiple,local,0 @@ -27687,7 +27687,7 @@ id,file,description,date,author,platform,type,port 30739,platforms/php/webapps/30739.txt,"JLMForo System Buscado.php Cross-Site Scripting",2007-11-05,"Jose Luis Gongora Fernandez",php,webapps,0 30740,platforms/hardware/remote/30740.html,"BT Home Hub 6.2.2.6 Login Procedure Authentication Bypass",2007-11-05,"David Smith",hardware,remote,0 30741,platforms/php/webapps/30741.txt,"easyGB 2.1.1 Index.php Local File Inclusion",2007-11-05,"BorN To K!LL",php,webapps,0 -30742,platforms/multiple/remote/30742.txt,"OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities",2007-11-05,"Kevin Finisterre",multiple,remote,0 +30742,platforms/multiple/remote/30742.txt,"OpenBase 10.0.x - Buffer Overflow / Remote Command Execution",2007-11-05,"Kevin Finisterre",multiple,remote,0 30743,platforms/asp/webapps/30743.txt,"i-Gallery 3.4 igallery.ASP Remote Information Disclosure",2007-11-05,hackerbinhphuoc,asp,webapps,0 30744,platforms/linux/dos/30744.txt,"MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service",2007-11-05,"Joe Gallo",linux,dos,0 30745,platforms/php/webapps/30745.html,"Weblord.it MS-TopSites Unauthorized Access and HTML Injection",2007-11-06,0x90,php,webapps,0 @@ -27715,7 +27715,7 @@ id,file,description,date,author,platform,type,port 30767,platforms/windows/dos/30767.html,"Apple Safari 3.0.x for Windows Document.Location.Hash Buffer Overflow",2007-06-25,"Azizov E",windows,dos,0 30768,platforms/multiple/remote/30768.txt,"IBM WebSphere Application Server 5.1.1 WebContainer HTTP Request Header Security Weakness",2007-11-15,anonymous,multiple,remote,0 30769,platforms/php/webapps/30769.txt,"Nuked-Klan 1.7.5 File Parameter News Module Cross-Site Scripting",2007-11-15,Bl@ckM@mba,php,webapps,0 -30770,platforms/cgi/webapps/30770.txt,"AIDA Web Frame.HTML Multiple Unauthorized Access Vulnerabilities",2007-11-14,"MC Iglo",cgi,webapps,0 +30770,platforms/cgi/webapps/30770.txt,"AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities",2007-11-14,"MC Iglo",cgi,webapps,0 30771,platforms/multiple/remote/30771.txt,"Aruba MC-800 Mobility Controller Screens Directory HTML Injection",2007-11-15,"Jan Fry",multiple,remote,0 30772,platforms/windows/remote/30772.html,"ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-15,"Elazar Broad",windows,remote,0 30773,platforms/windows/dos/30773.txt,"Microsoft Jet Database Engine MDB File Parsing Remote Buffer Overflow",2007-11-16,cocoruder,windows,dos,0 @@ -27768,7 +27768,7 @@ id,file,description,date,author,platform,type,port 30839,platforms/linux/local/30839.c,"ZABBIX 1.1.4/1.4.2 - daemon_start Local Privilege Escalation",2007-12-03,"Bas van Schaik",linux,local,0 30840,platforms/windows/dos/30840.txt,"SonicWALL Global VPN Client 4.0.782 - Remote Format String",2007-12-04,"SEC Consult",windows,dos,0 30841,platforms/asp/webapps/30841.txt,"Absolute News Manager .NET 5.1 pages/default.aspx template Variable Remote File Access",2007-12-04,"Adrian Pastor",asp,webapps,0 -30842,platforms/asp/webapps/30842.txt,"Absolute News Manager .NET 5.1 xlaabsolutenm.aspx Multiple Parameter SQL Injection",2007-12-04,"Adrian Pastor",asp,webapps,0 +30842,platforms/asp/webapps/30842.txt,"Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple Parameter SQL Injection",2007-12-04,"Adrian Pastor",asp,webapps,0 30843,platforms/asp/webapps/30843.txt,"Absolute News Manager .NET 5.1 xlaabsolutenm.aspx rmore Parameter XSS",2007-12-04,"Adrian Pastor",asp,webapps,0 30844,platforms/asp/webapps/30844.txt,"Absolute News Manager .NET 5.1 pages/default.aspx template Parameter XSS",2007-12-04,"Adrian Pastor",asp,webapps,0 30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 getpath.aspx Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 @@ -27996,7 +27996,7 @@ id,file,description,date,author,platform,type,port 31111,platforms/php/webapps/31111.txt,"Download Management 1.00 for PHP-Fusion Multiple Local File Inclusion",2008-02-05,Psiczn,php,webapps,0 31112,platforms/php/webapps/31112.txt,"DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities",2008-02-04,Lostmon,php,webapps,0 31113,platforms/windows/remote/31113.html,"GlobalLink 2.6.1.2 - 'HanGamePlugincn18.dll' ActiveX Control Multiple Buffer Overflow Vulnerabilities",2008-02-05,anonymous,windows,remote,0 -31114,platforms/windows/dos/31114.txt,"Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution and Security Vulnerabilities",2008-02-06,"Paul Craig",windows,dos,0 +31114,platforms/windows/dos/31114.txt,"Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution / Security Vulnerabilities",2008-02-06,"Paul Craig",windows,dos,0 31115,platforms/php/webapps/31115.txt,"MyNews 1.6.x - 'hash' Parameter Cross-Site Scripting",2008-02-06,SkyOut,php,webapps,0 31116,platforms/php/webapps/31116.txt,"Pagetool 1.07 - 'search_term' Parameter Cross-Site Scripting",2008-02-06,Phanter-Root,php,webapps,0 31117,platforms/asp/webapps/31117.txt,"WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 @@ -28821,7 +28821,7 @@ id,file,description,date,author,platform,type,port 32135,platforms/php/webapps/32135.txt,"common solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Parameter Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 -32048,platforms/osx/remote/32048.html,"Apple iPhone and iPod Touch < 2.0 - Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0 +32048,platforms/osx/remote/32048.html,"Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80 31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 (get_all_created_by_user.php id param) - SQL Injection",2014-02-28,HauntIT,php,webapps,80 31972,platforms/windows/local/31972.py,"Gold MP4 Player 3.3 - Buffer Overflow Exploit (SEH)",2014-02-28,metacom,windows,local,0 @@ -29118,7 +29118,7 @@ id,file,description,date,author,platform,type,port 32295,platforms/php/webapps/32295.txt,"PHP-Ultimate Webboard 2.0 - 'admindel.php' Multiple Input Validation Vulnerabilities",2008-08-25,t0pP8uZz,php,webapps,0 32296,platforms/php/webapps/32296.txt,"Bluemoon inc. PopnupBlog 3.30 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-25,Lostmon,php,webapps,0 32297,platforms/asp/webapps/32297.txt,"Smart Survey 1.0 - 'surveyresults.asp' Cross-Site Scripting",2008-08-26,"Bug Researchers Group",asp,webapps,0 -32298,platforms/php/webapps/32298.txt,"HPSystem Management Homepage (SMH) <= 2.1.12 - 'message.php' Cross-Site Scripting",2008-08-26,"Luca Carettoni",php,webapps,0 +32298,platforms/php/webapps/32298.txt,"HPSystem Management Homepage (SMH) 2.1.12 - 'message.php' Cross-Site Scripting",2008-08-26,"Luca Carettoni",php,webapps,0 32299,platforms/php/webapps/32299.txt,"MatterDaddy Market 1.1 - 'admin/login.php' Cross-Site Scripting",2008-08-26,"Sam Georgiou",php,webapps,0 32300,platforms/asp/webapps/32300.txt,"Educe ASP Search Engine 1.5.6 - 'search.asp' Cross-Site Scripting",2008-08-26,JoCk3r,asp,webapps,0 32301,platforms/windows/remote/32301.py,"Kyocera Mita Scanner File Utility 3.3.0.1 File Transfer Directory Traversal",2008-08-26,"Seth Fogie",windows,remote,0 @@ -29159,7 +29159,7 @@ id,file,description,date,author,platform,type,port 32338,platforms/php/webapps/32338.txt,"phpAdultSite CMS 'results_per_page' Parameter Cross-Site Scripting",2008-09-07,"David Sopas",php,webapps,0 32339,platforms/windows/remote/32339.txt,"Microsoft Organization Chart 2 - Remote Code Execution",2008-09-08,"Ivan Sanchez",windows,remote,0 32340,platforms/php/webapps/32340.txt,"Gallery 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-08,sl4xUz,php,webapps,0 -32341,platforms/hardware/dos/32341.html,"Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit 'alert()' Function Remote Denial of Service",2008-09-12,"Nicolas Economou",hardware,dos,0 +32341,platforms/hardware/dos/32341.html,"Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service",2008-09-12,"Nicolas Economou",hardware,dos,0 32342,platforms/php/webapps/32342.txt,"eXtrovert software Thyme 1.3 - 'pick_users.php' SQL Injection",2008-09-08,"Omer Singer",php,webapps,0 32343,platforms/php/local/32343.php,"PHP 5.2.5 - Multiple Functions 'safe_mode_exec_dir' and 'open_basedir' Restriction Bypass Vulnerabilities",2008-09-08,Ciph3r,php,local,0 32344,platforms/windows/remote/32344.txt,"Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (1)",2008-09-08,Ciph3r,windows,remote,0 @@ -29365,7 +29365,7 @@ id,file,description,date,author,platform,type,port 32621,platforms/php/remote/32621.rb,"SePortal SQLi - Remote Code Execution",2014-03-31,Metasploit,php,remote,80 32589,platforms/php/webapps/32589.html,"Kimson CMS 'id' Parameter Cross-Site Scripting",2008-11-18,md.r00t,php,webapps,0 32590,platforms/windows/local/32590.c,"Microsoft Windows Vista - 'iphlpapi.dll' Local Kernel Buffer Overflow",2008-11-19,"Marius Wachtler",windows,local,0 -32591,platforms/hardware/remote/32591.txt,"3Com Wireless 8760 Dual-Radio 11a/b/g PoE Multiple Security Vulnerabilities",2008-11-19,"Adrian Pastor",hardware,remote,0 +32591,platforms/hardware/remote/32591.txt,"3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Security Vulnerabilities",2008-11-19,"Adrian Pastor",hardware,remote,0 32592,platforms/php/webapps/32592.txt,"Easyedit CMS subcategory.php intSubCategoryID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32593,platforms/php/webapps/32593.txt,"Easyedit CMS page.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32594,platforms/php/webapps/32594.txt,"Easyedit CMS news.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 @@ -29872,8 +29872,8 @@ id,file,description,date,author,platform,type,port 33112,platforms/php/webapps/33112.txt,"PG Roommate Finder Solution - quick_search.php part Parameter XSS",2009-06-27,Moudi,php,webapps,0 33113,platforms/php/webapps/33113.txt,"PG Roommate Finder Solution - viewprofile.php part Parameter XSS",2009-06-27,Moudi,php,webapps,0 33114,platforms/php/webapps/33114.txt,"Almond Classifieds Component for Joomla! 7.5 - Cross-Site Scripting / SQL Injection",2009-06-27,Moudi,php,webapps,0 -33115,platforms/php/webapps/33115.txt,"AlmondSoft Multiple Classifieds Products index.php replid Parameter SQL Injection",2009-06-27,Moudi,php,webapps,0 -33116,platforms/php/webapps/33116.txt,"AlmondSoft Multiple Classifieds Products index.php Multiple Parameter XSS",2009-06-27,Moudi,php,webapps,0 +33115,platforms/php/webapps/33115.txt,"AlmondSoft Multiple Classifieds Products - index.php replid Parameter SQL Injection",2009-06-27,Moudi,php,webapps,0 +33116,platforms/php/webapps/33116.txt,"AlmondSoft Multiple Classifieds Products - index.php Multiple Parameter XSS",2009-06-27,Moudi,php,webapps,0 33117,platforms/php/webapps/33117.txt,"AlmondSoft Classifieds Pro gmap.php addr Parameter XSS",2009-06-27,Moudi,php,webapps,0 33118,platforms/multiple/remote/33118.html,"Apple Safari 4.0.1 Error Page Address Bar URI Spoofing",2009-06-27,"Juan Pablo Lopez Yacubian",multiple,remote,0 33119,platforms/php/webapps/33119.txt,"Pilot Group eTraining courses_login.php cat_id Parameter XSS",2009-06-24,Moudi,php,webapps,0 @@ -30067,7 +30067,7 @@ id,file,description,date,author,platform,type,port 33318,platforms/bsd/dos/33318.txt,"OpenBSD 4.6 / NetBSD 5.0.1 - 'printf(1)' Format String Parsing Denial of Service",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 33319,platforms/bsd/dos/33319.txt,"Multiple BSD Distributions 'printf(3)' Memory Corruption",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 33320,platforms/php/webapps/33320.txt,"TFTgallery 0.13 - 'sample' Parameter Cross-Site Scripting",2009-11-02,blake,php,webapps,0 -33321,platforms/linux/local/33321.c,"Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation (1)",2009-11-03,"teach & xipe",linux,local,0 +33321,platforms/linux/local/33321.c,"Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Local Privilege Escalation (1)",2009-11-03,"teach & xipe",linux,local,0 33322,platforms/linux/local/33322.c,"Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation (2)",2009-11-03,"teach & xipe",linux,local,0 33591,platforms/linux/dos/33591.sh,"lighttpd 1.4/1.5 Slow Request Handling Remote Denial Of Service",2010-02-02,"Li Ming",linux,dos,0 33592,platforms/linux/dos/33592.txt,"Linux Kernel 2.6.x - KVM 'pit_ioport_read()' Local Denial of Service",2010-02-02,"Marcelo Tosatti",linux,dos,0 @@ -30970,7 +30970,7 @@ id,file,description,date,author,platform,type,port 34379,platforms/php/webapps/34379.html,"SyndeoCMS 2.9 - Multiple HTML Injection Vulnerabilities",2010-07-26,"High-Tech Bridge SA",php,webapps,0 34380,platforms/asp/webapps/34380.txt,"Active Business Directory 2 - 'searchadvance.asp' Cross-Site Scripting",2009-12-22,"Andrea Bocchetti",asp,webapps,0 34381,platforms/php/webapps/34381.txt,"MyBB 1.8 Beta 3 - Multiple Vulnerabilities",2014-08-21,"DemoLisH B3yaZ",php,webapps,0 -34466,platforms/php/webapps/34466.txt,"CMS Source Multiple Input Validation Vulnerabilities",2010-08-13,"High-Tech Bridge SA",php,webapps,0 +34466,platforms/php/webapps/34466.txt,"CMS Source - Multiple Input Validation Vulnerabilities",2010-08-13,"High-Tech Bridge SA",php,webapps,0 34465,platforms/hardware/remote/34465.txt,"F5 Big-IP - Unauthenticated rsync Access",2014-08-29,Security-Assessment.com,hardware,remote,22 34383,platforms/php/webapps/34383.txt,"Social Media 'index.php' Local File Inclusion",2010-07-27,"Harri Johansson",php,webapps,0 34384,platforms/jsp/webapps/34384.txt,"Jira 4.0.1 - Cross-Site Scripting / Information Disclosure",2010-07-28,MaXe,jsp,webapps,0 @@ -31063,7 +31063,7 @@ id,file,description,date,author,platform,type,port 34478,platforms/windows/remote/34478.html,"Microsoft Internet Explorer 8 - 'toStaticHTML()' HTML Sanitization Bypass Weakness",2010-08-16,"Mario Heiderich",windows,remote,0 34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0 34480,platforms/windows/dos/34480.py,"Xilisoft Video Converter 3.1.8.0720b - (.ogg) Buffer Overflow",2010-08-16,"Praveen Darshanam",windows,dos,0 -34481,platforms/php/webapps/34481.txt,"123 Flash Chat = Multiple Security Vulnerabilities",2010-08-16,Lincoln,php,webapps,0 +34481,platforms/php/webapps/34481.txt,"123 Flash Chat - Multiple Security Vulnerabilities",2010-08-16,Lincoln,php,webapps,0 34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone 'questiondetail.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34483,platforms/php/webapps/34483.txt,"Nasim Guest Book 'page' Parameter Cross-Site Scripting",2010-08-10,Moudi,php,webapps,0 34484,platforms/php/webapps/34484.txt,"Joomla! 'com_dirfrm' Component Multiple SQL Injection",2010-08-18,Hieuneo,php,webapps,0 @@ -32098,7 +32098,7 @@ id,file,description,date,author,platform,type,port 35620,platforms/hardware/remote/35620.txt,"Technicolor THOMSON TG585v7 Wireless Router 'url' Parameter Cross-Site Scripting",2011-04-15,"Edgard Chammas",hardware,remote,0 35621,platforms/php/webapps/35621.txt,"4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection",2011-04-16,KedAns-Dz,php,webapps,0 35622,platforms/windows/dos/35622.txt,"Wickr Desktop 2.2.1 Windows - Denial of Service",2014-12-27,Vulnerability-Lab,windows,dos,0 -35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 & 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0 +35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 / 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0 35624,platforms/php/webapps/35624.txt,"PHPLIST 3.0.6 & 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Post-Auth SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 35626,platforms/php/webapps/35626.txt,"Easy File Sharing Webserver 6.8 - Persistent XSS",2014-12-27,"Sick Psycko",php,webapps,0 @@ -32701,7 +32701,7 @@ id,file,description,date,author,platform,type,port 36268,platforms/linux/dos/36268.c,"Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting",2011-10-28,"599eme Man",php,webapps,0 -36271,platforms/osx/dos/36271.py,"Apple Mac OS X 10.6.5 And iOS 4.3.3 Mail Denial of Service",2011-10-29,shebang42,osx,dos,0 +36271,platforms/osx/dos/36271.py,"Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 36272,platforms/php/webapps/36272.txt,"Domain Shop 'index.php' Cross-Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 - Multiple Remote File Inclusion",2011-11-01,indoushka,php,webapps,0 36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 @@ -32713,7 +32713,7 @@ id,file,description,date,author,platform,type,port 36283,platforms/php/webapps/36283.txt,"Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting",2011-11-03,"Stefan Schurtz",php,webapps,0 36280,platforms/php/webapps/36280.txt,"Symphony 2.2.3 symphony/publish/images filter Parameter XSS",2011-11-01,"Mesut Timur",php,webapps,0 36281,platforms/php/webapps/36281.txt,"Symphony 2.2.3 symphony/publish/comments filter Parameter SQL Injection",2011-11-01,"Mesut Timur",php,webapps,0 -36284,platforms/asp/webapps/36284.txt,"CmyDocument Multiple Cross-Site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 +36284,platforms/asp/webapps/36284.txt,"CmyDocument - Multiple Cross-Site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 36285,platforms/windows/dos/36285.c,"Microsoft Windows TCP/IP Stack Reference Counter Integer Overflow",2011-11-08,anonymous,windows,dos,0 36286,platforms/hardware/remote/36286.txt,"DreamBox DM800 - 'file' Parameter Local File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0 36287,platforms/php/webapps/36287.txt,"WordPress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 @@ -33244,7 +33244,7 @@ id,file,description,date,author,platform,type,port 36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 - Stack Overflow RCE for AirTies RT Series (MIPS)",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0 36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash PoC",2015-04-27,"Avinash Thapa",windows,local,0 -36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS)",2015-04-27,"Adam Ziaja",php,webapps,0 +36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x / < 3.2.x / < 3.3.x - Stored Cross-Site Scripting",2015-04-27,"Adam Ziaja",php,webapps,0 36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 - 'DOC' Parameter Directory Traversal",2009-04-17,MustLive,cgi,webapps,0 36995,platforms/hardware/remote/36995.txt,"F5 FirePass 7.0 SQL Injection",2012-03-14,anonymous,hardware,remote,0 37169,platforms/linux/remote/37169.rb,"Realtek SDK Miniigd UPnP SOAP Command Execution",2015-06-01,Metasploit,linux,remote,52869 @@ -33442,7 +33442,7 @@ id,file,description,date,author,platform,type,port 37055,platforms/php/webapps/37055.txt,"Forma LMS 1.3 - Multiple PHP Object Injection Vulnerabilities",2015-05-18,"Filippo Roncari",php,webapps,80 37056,platforms/windows/local/37056.py,"BulletProof FTP Client 2010 - Buffer Overflow (DEP Bypass)",2015-05-18,"Gabor Seljan",windows,local,0 37057,platforms/ios/webapps/37057.txt,"Wireless Photo Transfer 3.0 iOS - File Inclusion",2015-05-18,Vulnerability-Lab,ios,webapps,80 -37058,platforms/multiple/webapps/37058.txt,"OYO File Manager 1.1 (iOS & Android) - Multiple Vulnerabilities",2015-05-18,Vulnerability-Lab,multiple,webapps,8080 +37058,platforms/multiple/webapps/37058.txt,"OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities",2015-05-18,Vulnerability-Lab,multiple,webapps,8080 37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 CSRF",2015-05-18,"Akash S. Chavan",windows,webapps,0 37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 37062,platforms/php/webapps/37062.txt,"VBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 @@ -33995,7 +33995,7 @@ id,file,description,date,author,platform,type,port 37688,platforms/php/remote/37688.txt,"PHP 'header()' HTTP Header Injection",2011-10-06,"Mr. Tokumaru",php,remote,0 37659,platforms/php/webapps/37659.txt,"phpVibe < 4.20 Stored XSS",2015-07-20,"Filippos Mastrogiannis",php,webapps,0 37660,platforms/ios/dos/37660.txt,"Image Transfer IOS - Remote Crash Proof Of Concept",2015-07-20,"Mohammad Reza Espargham",ios,dos,0 -37662,platforms/multiple/webapps/37662.txt,"Airdroid iOS_ Android & Win 3.1.3 - Persistent",2015-07-20,Vulnerability-Lab,multiple,webapps,0 +37662,platforms/multiple/webapps/37662.txt,"Airdroid iOS / Android / Win 3.1.3 - Persistent",2015-07-20,Vulnerability-Lab,multiple,webapps,0 37663,platforms/linux/dos/37663.txt,"TcpDump rpki_rtr_pdu_print Out-of-Bounds Denial of Service",2015-07-20,"Luke Arntson",linux,dos,0 37666,platforms/php/webapps/37666.txt,"Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities",2015-07-21,"Simon Rawet",php,webapps,80 37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' Arbitrary File Upload",2015-07-21,Metasploit,java,remote,0 @@ -34593,7 +34593,7 @@ id,file,description,date,author,platform,type,port 38301,platforms/php/webapps/38301.txt,"WordPress Pinboard Theme 'tab' Parameter Cross-Site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 38302,platforms/multiple/remote/38302.rb,"w3tw0rk / Pitbul IRC Bot - Remote Code Execution",2015-09-23,Metasploit,multiple,remote,6667 38303,platforms/osx/local/38303.c,"Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script",2015-09-23,"Yorick Koster",osx,local,0 -38304,platforms/php/webapps/38304.py,"SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit",2015-09-24,"Filippo Roncari",php,webapps,0 +38304,platforms/php/webapps/38304.py,"SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit",2015-09-24,"Filippo Roncari",php,webapps,0 38447,platforms/multiple/local/38447.pl,"libsndfile 1.0.25 - Heap Overflow",2015-10-13,"Marco Romano",multiple,local,0 38307,platforms/win_x86/dos/38307.txt,"Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 38308,platforms/hardware/remote/38308.txt,"TP-LINK TL-WR2543ND Admin Panel Multiple Cross Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 @@ -34908,7 +34908,7 @@ id,file,description,date,author,platform,type,port 38629,platforms/php/webapps/38629.txt,"vBulletin 5.1.x - Remote Code Execution Exploit (Pre-Auth) (0Day)",2015-11-05,hhjj,php,webapps,0 38642,platforms/php/webapps/38642.txt,"Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting",2013-07-12,"Omar Kurt",php,webapps,0 38633,platforms/multiple/remote/38633.pl,"Intelligent Platform Management Interface Information Disclosure",2013-07-02,"Dan Farmer",multiple,remote,0 -38634,platforms/ios/remote/38634.txt,"Air Drive Plus Multiple Input Vallidation Vulnerabilities",2013-07-09,"Benjamin Kunz Mejri",ios,remote,0 +38634,platforms/ios/remote/38634.txt,"Air Drive Plus - Multiple Input Vallidation Vulnerabilities",2013-07-09,"Benjamin Kunz Mejri",ios,remote,0 38635,platforms/php/webapps/38635.txt,"iVote 'details.php' SQL Injection",2013-07-10,"Ashiyane Digital Security Team",php,webapps,0 38636,platforms/multiple/remote/38636.txt,"Cryptocat 2.0.21 Chrome Extension - 'img/keygen.gif' File Information Disclosure",2012-11-07,"Mario Heiderich",multiple,remote,0 38637,platforms/multiple/remote/38637.txt,"Cryptocat 2.0.22 - Arbitrary Script Injection",2012-11-07,"Mario Heiderich",multiple,remote,0 @@ -34943,7 +34943,7 @@ id,file,description,date,author,platform,type,port 38684,platforms/php/webapps/38684.txt,"R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities",2015-11-12,LiquidWorm,php,webapps,0 38671,platforms/hardware/remote/38671.txt,"Barracuda CudaTel Multiple Cross-Site Scripting Vulnerabilities",2013-07-17,"Benjamin Kunz Mejri",hardware,remote,0 38672,platforms/windows/local/38672.txt,"YardRadius - Multiple Local Format String Vulnerabilities",2013-06-30,"Hamid Zamani",windows,local,0 -38673,platforms/php/webapps/38673.txt,"Collabtive Multiple Security Vulnerabilities",2013-07-22,"Enrico Cinquini",php,webapps,0 +38673,platforms/php/webapps/38673.txt,"Collabtive - Multiple Security Vulnerabilities",2013-07-22,"Enrico Cinquini",php,webapps,0 38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin 'cID' Parameter Cross-Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 38675,platforms/php/webapps/38675.html,"Magnolia CMS Multiple Cross-Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin Cross-Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 @@ -36283,6 +36283,7 @@ id,file,description,date,author,platform,type,port 40119,platforms/linux/remote/40119.md,"DropBearSSHD 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0 40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution and Escalate Privileges",2016-07-17,b0yd,hardware,remote,0 40182,platforms/arm/dos/40182.txt,"Linux ARM/ARM64 - perf_event_open() Arbitrary Memory Read",2016-07-29,"Google Security Research",arm,dos,0 +40193,platforms/php/webapps/40193.txt,"Open Upload 0.4.2 - (Add Admin) CSRF",2016-08-02,"Vinesh Redkar",php,webapps,80 40181,platforms/linux/dos/40181.c,"AppArmor securityfs < 4.8 - aa_fs_seq_hash_show Reference Count Leak",2016-07-29,"Google Security Research",linux,dos,0 40171,platforms/linux/webapps/40171.txt,"AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector",2016-07-29,Orwelllabs,linux,webapps,80 40122,platforms/lin_x86-64/shellcode/40122.txt,"Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes)",2016-07-19,CripSlick,lin_x86-64,shellcode,0 @@ -36341,3 +36342,9 @@ id,file,description,date,author,platform,type,port 40190,platforms/php/webapps/40190.txt,"WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80 40191,platforms/php/webapps/40191.txt,"WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) CSRF",2016-08-01,"Yorick Koster",php,webapps,80 40192,platforms/windows/dos/40192.py,"Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC",2016-08-01,"Karn Ganeshen",windows,dos,0 +40194,platforms/multiple/dos/40194.txt,"Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0 +40195,platforms/multiple/dos/40195.txt,"Wireshark 2.0.0 to 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service",2016-08-03,"Antti Levomäki",multiple,dos,0 +40196,platforms/win_x86-64/dos/40196.txt,"Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service",2016-08-03,Igor,win_x86-64,dos,0 +40197,platforms/multiple/dos/40197.txt,"Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0 +40198,platforms/multiple/dos/40198.txt,"Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - WSP Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0 +40199,platforms/multiple/dos/40199.txt,"Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - RLC Dissector Denial of Service",2016-08-03,"Antti Levomäki",multiple,dos,0 diff --git a/platforms/multiple/dos/40194.txt b/platforms/multiple/dos/40194.txt new file mode 100755 index 000000000..3f181e4f8 --- /dev/null +++ b/platforms/multiple/dos/40194.txt @@ -0,0 +1,31 @@ +Sample generated with AFL + +Build Information: +TShark 1.12.9 (v1.12.9-0-gfadb421 from (HEAD) + +Copyright 1998-2015 Gerald Combs and contributors. +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +Compiled (64-bit) with GLib 2.48.1, with libpcap, with libz 1.2.8, with POSIX +capabilities (Linux), with libnl 3, without SMI, with c-ares 1.11.0, without +Lua, without Python, with GnuTLS 3.4.13, with Gcrypt 1.7.1, with MIT Kerberos, +with GeoIP. + +Running on Linux 4.6.2-1-ARCH, with locale en_US.utf8, with libpcap version +1.7.4, with libz 1.2.8. + Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz + +Built using clang 4.2.1 Compatible Clang 3.8.0 (tags/RELEASE_380/final). +-- +This issue was uncovered with AFL (http://lcamtuf.coredump.cx/afl/) + +There is a bug in dissect_nds_request located in epan/dissectors/packet-ncp2222.inc. + +dissect_nds_request attempts to call ptvcursor_free() near packet-ncp2222.inc:11806 using the variable ptvc that is set to null at the start of dissect_nds_request. Using the attached sample, the only place ptvc could be set (~ncp2222.inc:11618) is never executed and thus ptvc remains a null pointer. + +Credit goes to Chris Benedict, Aurelien Delaitre, NIST SAMATE Project, https://samate.nist.gov + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40194.zip diff --git a/platforms/multiple/dos/40195.txt b/platforms/multiple/dos/40195.txt new file mode 100755 index 000000000..cfada0398 --- /dev/null +++ b/platforms/multiple/dos/40195.txt @@ -0,0 +1,25 @@ +Build Information: +TShark (Wireshark) 2.0.2 (SVN Rev Unknown from unknown) + +Copyright 1998-2016 Gerald Combs and contributors. +License GPLv2+: GNU GPL version 2 or later +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3, +with libz 1.2.8, with GLib 2.48.0, with SMI 0.4.8, with c-ares 1.10.0, with Lua +5.2, with GnuTLS 3.4.10, with Gcrypt 1.6.5, with MIT Kerberos, with GeoIP. + +Running on Linux 4.4.0-22-generic, with locale en_GB.UTF-8, with libpcap version +1.7.4, with libz 1.2.8, with GnuTLS 3.4.10, with Gcrypt 1.6.5. +Intel Core Processor (Haswell) (with SSE4.2) + +Built using gcc 5.3.1 20160407. + +-- +Fuzzed PCAP eats large amounts of memory ( >4GB ) with a single UDP packet on tshark 2.0.2 and a recent build from repository + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40195.zip + diff --git a/platforms/multiple/dos/40197.txt b/platforms/multiple/dos/40197.txt new file mode 100755 index 000000000..9c0faa1c6 --- /dev/null +++ b/platforms/multiple/dos/40197.txt @@ -0,0 +1,32 @@ +Sample generated by AFL + +Build Information: +TShark 1.12.9 (v1.12.9-0-gfadb421 from (HEAD) + +Copyright 1998-2015 Gerald Combs and contributors. +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +Compiled (64-bit) with GLib 2.48.1, with libpcap, with libz 1.2.8, with POSIX +capabilities (Linux), with libnl 3, without SMI, with c-ares 1.11.0, without +Lua, without Python, with GnuTLS 3.4.13, with Gcrypt 1.7.1, with MIT Kerberos, +with GeoIP. + +Running on Linux 4.6.2-1-ARCH, with locale en_US.utf8, with libpcap version +1.7.4, with libz 1.2.8. + Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz +-- +This issue was uncovered with AFL (http://lcamtuf.coredump.cx/afl/) + +The attached sample evokes a divide-by-zero error in the dissect_pbb_tlvblock() function at packet-packetbb.c:289. + +The variable of interest seems to be 'c' which is set at packet-packetbb.c:285 using two other variables and an addition. When c is zero, the expression "length/c" at packet-packetbb.c:289 results in a divide-by-zero error. + +Divide-by-zero has been observed when sample is parsed by tshark versions 1.12.8, 1.12.9, 1.12.10, 1.12.12, and 2.0.4 among others. + +Credit goes to Chris Benedict, Aurelien Delaitre, NIST SAMATE Project, https://samate.nist.gov + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40197.zip + diff --git a/platforms/multiple/dos/40198.txt b/platforms/multiple/dos/40198.txt new file mode 100755 index 000000000..50f9cacba --- /dev/null +++ b/platforms/multiple/dos/40198.txt @@ -0,0 +1,32 @@ +Sample generated with AFL + +Build Information: +TShark (Wireshark) 2.0.4 + +Copyright 1998-2016 Gerald Combs and contributors. +License GPLv2+: GNU GPL version 2 or later +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3, +with libz 1.2.8, with GLib 2.48.1, without SMI, with c-ares 1.11.0, with Lua +5.2, with GnuTLS 3.4.13, with Gcrypt 1.7.1, with MIT Kerberos, with GeoIP. + +Running on Linux 4.6.3-1-ARCH, with locale en_US.utf8, with libpcap version +1.7.4, with libz 1.2.8, with GnuTLS 3.4.13, with Gcrypt 1.7.1. + Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz (with SSE4.2) + +Built using gcc 6.1.1 20160602. +-- +This issue was uncovered with AFL (http://lcamtuf.coredump.cx/afl/) + +This infinite loop is caused by an offset of 0 being returned by wkh_content_disposition(). This offset of 0 prevents the while loop using "offset < tvb_len" from returning and results in an infinite loop. + +This issue has been observed in both tshark 1.12.x and 2.0.x. + +Credit goes to Chris Benedict, Aurelien Delaitre, NIST SAMATE Project, https://samate.nist.gov + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40198.zip + diff --git a/platforms/multiple/dos/40199.txt b/platforms/multiple/dos/40199.txt new file mode 100755 index 000000000..a2b7518c5 --- /dev/null +++ b/platforms/multiple/dos/40199.txt @@ -0,0 +1,87 @@ +Sample PCAP + +Build Information: +TShark (Wireshark) 2.0.2 (SVN Rev Unknown from unknown) + +Copyright 1998-2016 Gerald Combs and contributors. +License GPLv2+: GNU GPL version 2 or later +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3, +with libz 1.2.8, with GLib 2.48.0, with SMI 0.4.8, with c-ares 1.10.0, with Lua +5.2, with GnuTLS 3.4.10, with Gcrypt 1.6.5, with MIT Kerberos, with GeoIP. + +Running on Linux 4.4.0-22-generic, with locale en_GB.UTF-8, with libpcap version +1.7.4, with libz 1.2.8, with GnuTLS 3.4.10, with Gcrypt 1.6.5. +Intel Core Processor (Haswell) (with SSE4.2) + +Built using gcc 5.3.1 20160407. + +-- +Fuzzed PCAP takes 100% CPU and runs for a long time on tshark 2.0.2 and a recent build from repository ( commit 688d055acd523e645c1e87267dcf4a0a9867adbd ). + +GDB backtrace from 'tshark -2 -V -r ' aborted after running for a while: + +Program received signal SIGABRT, Aborted. +0x00007ffff45bb676 in rlc_decode_li (mode=RLC_AM, tvb=0x9342c0, pinfo=0xb04c18, tree=0x0, li=0x7fffffffbab0, max_li=16 '\020', li_on_2_bytes=0) at packet-rlc.c:1722 +1722 next_bytes = li_on_2_bytes ? tvb_get_ntohs(tvb, hdr_len) : tvb_get_guint8(tvb, hdr_len); +123 tomb gdb execution "thread apply all bt" 321 + +Thread 1 (Thread 0x7ffff7fb9740 (LWP 1578)): +#0 0x00007ffff45bb676 in rlc_decode_li (mode=RLC_AM, tvb=0x9342c0, pinfo=0xb04c18, tree=0x0, li=0x7fffffffbab0, max_li=16 '\020', li_on_2_bytes=0) at packet-rlc.c:1722 +#1 0x00007ffff45bde04 in dissect_rlc_am (channel=RLC_UL_DCCH, tvb=0x9342c0, pinfo=0xb04c18, top_level=0x0, tree=0x0, atm=0x0) at packet-rlc.c:2308 +#2 0x00007ffff45be82a in dissect_rlc_dcch (tvb=0x9342c0, pinfo=0xb04c18, tree=0x0, data=0x0) at packet-rlc.c:2477 +#3 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffedb08f50, tvb=0x9342c0, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:660 +#4 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffedb08f50, tvb=0x9342c0, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0x0) at packet.c:735 +#5 0x00007ffff3cadd25 in call_dissector_only (handle=0x7fffedb08f50, tvb=0x9342c0, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:2791 +#6 0x00007ffff3cadd68 in call_dissector_with_data (handle=0x7fffedb08f50, tvb=0x9342c0, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:2804 +#7 0x00007ffff47e7679 in dissect_mac_fdd_dch (tvb=0xb0ac50, pinfo=0xb04c18, tree=0x0, data=0x0) at packet-umts_mac.c:564 +#8 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffedb13b70, tvb=0xb0ac50, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:660 +#9 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffedb13b70, tvb=0xb0ac50, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0x0) at packet.c:735 +#10 0x00007ffff3cadd25 in call_dissector_only (handle=0x7fffedb13b70, tvb=0xb0ac50, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:2791 +#11 0x00007ffff3cadd68 in call_dissector_with_data (handle=0x7fffedb13b70, tvb=0xb0ac50, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:2804 +#12 0x00007ffff47dab2e in dissect_tb_data (tvb=0xb0ac00, pinfo=0xb04c18, tree=0x0, offset=3, p_fp_info=0x7fffeca74180, data_handle=0x7ffff7aae8e8 , data=0x0) at packet-umts_fp.c:815 +#13 0x00007ffff47decbb in dissect_dch_channel_info (tvb=0xb0ac00, pinfo=0xb04c18, tree=0x0, offset=3, p_fp_info=0x7fffeca74180, data=0x0) at packet-umts_fp.c:2557 +#14 0x00007ffff47e476e in dissect_fp_common (tvb=0xb0ac00, pinfo=0xb04c18, tree=0x0, data=0x0) at packet-umts_fp.c:4419 +#15 0x00007ffff47e4add in dissect_fp (tvb=0xb0ac00, pinfo=0xb04c18, tree=0x0, data=0x0) at packet-umts_fp.c:4507 +#16 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffeda51580, tvb=0xb0ac00, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:660 +#17 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffeda51580, tvb=0xb0ac00, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0x0) at packet.c:735 +#18 0x00007ffff3cadd25 in call_dissector_only (handle=0x7fffeda51580, tvb=0xb0ac00, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:2791 +#19 0x00007ffff3c99819 in try_conversation_dissector (addr_a=0xb04cf0, addr_b=0xb04cd8, ptype=PT_UDP, port_a=65359, port_b=8040, tvb=0xb0ac00, pinfo=0xb04c18, tree=0x0, data=0x0) at conversation.c:1323 +#20 0x00007ffff47d3839 in decode_udp_ports (tvb=0x848b70, offset=8, pinfo=0xb04c18, tree=0x0, uh_sport=8040, uh_dport=65359, uh_ulen=3554) at packet-udp.c:541 +#21 0x00007ffff47d5e21 in dissect (tvb=0x848b70, pinfo=0xb04c18, tree=0x0, ip_proto=17) at packet-udp.c:1080 +#22 0x00007ffff47d5e79 in dissect_udp (tvb=0x848b70, pinfo=0xb04c18, tree=0x0, data=0x7fffec869030) at packet-udp.c:1086 +#23 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffedb13330, tvb=0x848b70, pinfo=0xb04c18, tree=0x0, data=0x7fffec869030) at packet.c:660 +#24 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffedb13330, tvb=0x848b70, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0x7fffec869030) at packet.c:735 +#25 0x00007ffff3cab583 in dissector_try_uint_new (sub_dissectors=0x7b1cc0, uint_val=17, tvb=0x848b70, pinfo=0xb04c18, tree=0x0, add_proto_name=1, data=0x7fffec869030) at packet.c:1199 +#26 0x00007ffff425e409 in ip_try_dissect (heur_first=0, tvb=0x848b70, pinfo=0xb04c18, tree=0x0, iph=0x7fffec869030) at packet-ip.c:1977 +#27 0x00007ffff426037c in dissect_ip_v4 (tvb=0x848b20, pinfo=0xb04c18, parent_tree=0x0, data=0x0) at packet-ip.c:2476 +#28 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffedb78930, tvb=0x848b20, pinfo=0xb04c18, tree=0x0, data=0x0) at packet.c:660 +#29 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffedb78930, tvb=0x848b20, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0x0) at packet.c:735 +#30 0x00007ffff3cab583 in dissector_try_uint_new (sub_dissectors=0x73c040, uint_val=2048, tvb=0x848b20, pinfo=0xb04c18, tree=0x0, add_proto_name=1, data=0x0) at packet.c:1199 +#31 0x00007ffff3cab5e4 in dissector_try_uint (sub_dissectors=0x73c040, uint_val=2048, tvb=0x848b20, pinfo=0xb04c18, tree=0x0) at packet.c:1225 +#32 0x00007ffff40a1c60 in dissect_ethertype (tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0x7fffffffcc20) at packet-ethertype.c:262 +#33 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffeda50000, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0x7fffffffcc20) at packet.c:660 +#34 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffeda50000, tvb=0xb03d20, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0x7fffffffcc20) at packet.c:735 +#35 0x00007ffff3cadd25 in call_dissector_only (handle=0x7fffeda50000, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0x7fffffffcc20) at packet.c:2791 +#36 0x00007ffff3cadd68 in call_dissector_with_data (handle=0x7fffeda50000, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0x7fffffffcc20) at packet.c:2804 +#37 0x00007ffff40a04d5 in dissect_eth_common (tvb=0xb03d20, pinfo=0xb04c18, parent_tree=0x0, fcs_len=-1) at packet-eth.c:540 +#38 0x00007ffff40a106b in dissect_eth (tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0xad6928) at packet-eth.c:836 +#39 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffedb5c7a0, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0xad6928) at packet.c:660 +#40 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffedb5c7a0, tvb=0xb03d20, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0xad6928) at packet.c:735 +#41 0x00007ffff3cab583 in dissector_try_uint_new (sub_dissectors=0x73c2c0, uint_val=1, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, add_proto_name=1, data=0xad6928) at packet.c:1199 +#42 0x00007ffff40e9887 in dissect_frame (tvb=0xb03d20, pinfo=0xb04c18, parent_tree=0x0, data=0x7fffffffd380) at packet-frame.c:507 +#43 0x00007ffff3caa711 in call_dissector_through_handle (handle=0x7fffeda51950, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0x7fffffffd380) at packet.c:660 +#44 0x00007ffff3caa8a2 in call_dissector_work (handle=0x7fffeda51950, tvb=0xb03d20, pinfo_arg=0xb04c18, tree=0x0, add_proto_name=1, data=0x7fffffffd380) at packet.c:735 +#45 0x00007ffff3cadd25 in call_dissector_only (handle=0x7fffeda51950, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0x7fffffffd380) at packet.c:2791 +#46 0x00007ffff3cadd68 in call_dissector_with_data (handle=0x7fffeda51950, tvb=0xb03d20, pinfo=0xb04c18, tree=0x0, data=0x7fffffffd380) at packet.c:2804 +#47 0x00007ffff3caa079 in dissect_record (edt=0xb04c00, file_type_subtype=1, phdr=0xad68c0, tvb=0xb03d20, fd=0x7fffffffd550, cinfo=0x0) at packet.c:543 +#48 0x00007ffff3c9ebf9 in epan_dissect_run (edt=0xb04c00, file_type_subtype=1, phdr=0xad68c0, tvb=0xb03d20, fd=0x7fffffffd550, cinfo=0x0) at epan.c:365 +#49 0x000000000041844c in process_packet_first_pass (cf=0x64f100 , edt=0xb04c00, offset=20928, whdr=0xad68c0, pd=0xb04e20 "4\a\373\024t,\320\320\375+\004\300\b") at tshark.c:2694 +#50 0x0000000000418dd7 in load_cap_file (cf=0x64f100 , save_file=0x0, out_file_type=2, out_file_name_res=0, max_packet_count=-1, max_byte_count=0) at tshark.c:2988 +#51 0x0000000000416fa0 in main (argc=5, argv=0x7fffffffdda8) at tshark.c:1873 + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40199.zip diff --git a/platforms/php/webapps/40193.txt b/platforms/php/webapps/40193.txt new file mode 100755 index 000000000..c93975b3f --- /dev/null +++ b/platforms/php/webapps/40193.txt @@ -0,0 +1,65 @@ +================================================================================================================ +Open Upload 0.4.2 Remote Admin Add CSRF Exploit and Changing Normal user permission +================================================================================================================ +# Exploit Title : Open Upload 0.4.2 Remote Admin Add CSRF Exploit +# Exploit Author : Vinesh Redkar (@b0rn2pwn) +# Email : vineshredkar89[at]gmail[d0t]com +# Date: 21/07/2016 +# Vendor Homepage: http://openupload.sourceforge.net/ +# Software Link: https://sourceforge.net/projects/openupload/ +# Version: 0.4.2 +# Tested on: Windows 10 OS + +Open Upload Application is vulnerable to CSRF attack (No CSRF token in place) meaning +that if an admin user can be tricked to visit a crafted URL created by +attacker (via spear phishing/social engineering). + +Once exploited, the attacker can login as the admin using the username and the password he posted in the form. + +======================CSRF POC (Adding New user with Admin Privileges)================================== +CSRF PoC Code + + +Remote Admin Add CSRF Exploit + +

Remote Admin Add CSRF Exploit by b0rn2pwn

+ +
+ + + + + + + + + + + +
+ + + +======================CSRF POC (Changing privileges from normal user to administer)================================== + + + +Change privilege normal user to administer CSRF Exploit + +

Change privilege normal user to administer CSRF Exploit by b0rn2pwn

+ +
+ + + + + + + + + + + +
+ + diff --git a/platforms/win_x86-64/dos/40196.txt b/platforms/win_x86-64/dos/40196.txt new file mode 100755 index 000000000..b8f40e6d5 --- /dev/null +++ b/platforms/win_x86-64/dos/40196.txt @@ -0,0 +1,27 @@ +GIOP capture + +Build Information: +Version 2.0.3 (v2.0.3-0-geed34f0 from master-2.0) + +Copyright 1998-2016 Gerald Combs and contributors. +License GPLv2+: GNU GPL version 2 or later +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with +GLib 2.42.0, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.2, with GnuTLS +3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia, +with AirPcap. + +Running on 64-bit Windows 8.1, build 9600, with locale C, without WinPcap, with +GnuTLS 3.2.15, with Gcrypt 1.6.2, without AirPcap. + Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz (with SSE4.2), with 16334MB of +physical memory. + + +Built using Microsoft Visual C++ 12.0 build 40629 + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40196.zip +