From 9be56799945edcac639bfb8aea610bc3e952305b Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Fri, 26 Aug 2016 05:06:52 +0000 Subject: [PATCH] DB: 2016-08-26 1 new exploits Too many to list! --- files.csv | 9870 ++++++++--------- .../{mips => linux_mips}/remote/27133.py | 0 2 files changed, 4935 insertions(+), 4935 deletions(-) rename platforms/{mips => linux_mips}/remote/27133.py (100%) diff --git a/files.csv b/files.csv index 7e2b9bad5..e75758d65 100755 --- a/files.csv +++ b/files.csv @@ -3,7 +3,7 @@ id,file,description,date,author,platform,type,port 2,platforms/windows/remote/2.c,"Microsoft Windows IIS 5.0 WebDAV - Remote PoC Exploit",2003-03-24,RoMaNSoFt,windows,remote,80 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow Exploit",2003-04-01,Andi,solaris,local,0 -5,platforms/windows/remote/5.c,"Microsoft Windows RPC Locator Service - Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 +5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 6,platforms/php/webapps/6.php,"WordPress 2.0.2 - (cache) Remote Shell Injection Exploit",2006-05-25,rgod,php,webapps,0 7,platforms/linux/remote/7.pl,"Samba 2.2.x - Remote Root Buffer Overflow Exploit",2003-04-07,"H D Moore",linux,remote,139 8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow Exploit",2003-04-08,zillion,linux,remote,0 @@ -30,7 +30,7 @@ id,file,description,date,author,platform,type,port 29,platforms/bsd/local/29.c,"Firebird 1.0.2 FreeBSD 4.7-RELEASE - Local Root Exploit",2003-05-12,bob,bsd,local,0 30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 - Remote Command Execution Exploit",2003-05-12,anonymous,windows,remote,0 31,platforms/linux/local/31.pl,"CdRecord 2.0 - Mandrake Local Root Exploit",2003-05-14,anonymous,linux,local,0 -32,platforms/windows/local/32.c,"Microsoft Windows XP (explorer.exe) - Buffer Overflow Exploit",2003-05-21,einstein,windows,local,0 +32,platforms/windows/local/32.c,"Microsoft Windows XP - (explorer.exe) Buffer Overflow Exploit",2003-05-21,einstein,windows,local,0 33,platforms/linux/remote/33.c,"WsMp3d 0.x - Remote Root Heap Overflow Exploit",2003-05-22,Xpl017Elz,linux,remote,8000 34,platforms/linux/remote/34.pl,"Webfroot Shoutbox < 2.32 - (Apache) Remote Exploit",2003-05-29,anonymous,linux,remote,80 35,platforms/windows/dos/35.c,"Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service",2003-05-31,Shachank,windows,dos,0 @@ -67,7 +67,7 @@ id,file,description,date,author,platform,type,port 66,platforms/windows/remote/66.c,"Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit (MS03-026)",2003-07-26,"H D Moore",windows,remote,135 67,platforms/multiple/remote/67.c,"Apache 1.3.x mod_mylo - Remote Code Execution Exploit",2003-07-28,"Carl Livitt",multiple,remote,80 68,platforms/linux/dos/68.c,"Linux Kernel 2.4.20 - decode_fh Denial of Service",2003-07-29,"Jared Stanbrough",linux,dos,0 -69,platforms/windows/remote/69.c,"Microsoft Windows RPC - DCOM Remote Exploit (18 Targets)",2003-07-29,pHrail,windows,remote,135 +69,platforms/windows/remote/69.c,"Microsoft Windows - RPC DCOM Remote Exploit (18 Targets)",2003-07-29,pHrail,windows,remote,135 70,platforms/windows/remote/70.c,"Microsoft Windows - (RPC DCOM) Remote Exploit (48 Targets)",2003-07-30,anonymous,windows,remote,135 71,platforms/linux/local/71.c,"XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0)",2003-07-31,c0wboy,linux,local,0 72,platforms/linux/local/72.c,"xtokkaetama 1.0b - Local Game Exploit (Red Hat 9.0)",2003-08-01,brahma,linux,local,0 @@ -91,7 +91,7 @@ id,file,description,date,author,platform,type,port 91,platforms/linux/local/91.c,"Stunnel 3.24/4.00 - Daemon Hijacking Proof of Concept Exploit",2003-09-05,"Steve Grubb",linux,local,0 92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter - Exploit (MS03-036)",2003-09-06,valgasu,windows,remote,0 93,platforms/linux/local/93.c,"RealPlayer 9 *nix - Local Privilege Escalation Exploit",2003-09-09,"Jon Hart",linux,local,0 -94,platforms/multiple/dos/94.c,"MyServer 0.4.3 - DoS",2003-09-08,badpack3t,multiple,dos,80 +94,platforms/multiple/dos/94.c,"MyServer 0.4.3 - Denial of Service",2003-09-08,badpack3t,multiple,dos,80 95,platforms/multiple/remote/95.c,"Roger Wilco 1.x - Client Data Buffer Overflow Exploit",2003-09-10,"Luigi Auriemma",multiple,remote,0 96,platforms/osx/remote/96.c,"4D WebSTAR FTP Server Suite - Remote Buffer Overflow Exploit",2003-09-11,B-r00t,osx,remote,21 97,platforms/windows/remote/97.c,"Microsoft Windows - (RPC DCOM) Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 @@ -119,13 +119,13 @@ id,file,description,date,author,platform,type,port 120,platforms/linux/local/120.c,"TerminatorX 3.81 - Stack Overflow Local Root Exploit",2003-11-13,Li0n7,linux,local,0 121,platforms/windows/remote/121.c,"Microsoft Frontpage Server Extensions - fp30reg.dll Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 122,platforms/windows/local/122.c,"Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0 -123,platforms/windows/remote/123.c,"Microsoft Windows Workstation Service - WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 +123,platforms/windows/remote/123.c,"Microsoft Windows - Workstation Service WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 124,platforms/windows/remote/124.pl,"IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80 125,platforms/bsd/local/125.c,"OpenBSD 2.x - 3.3 exec_ibcs2_coff_prep_zmagic() Kernel Exploit",2003-11-19,"Sinan Eren",bsd,local,0 126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit",2003-11-20,xCrZx,linux,remote,80 127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (Webserver)",2003-11-22,nesumin,windows,remote,0 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept) (1)",2003-12-02,"Christophe Devine",linux,local,0 -130,platforms/windows/remote/130.c,"Microsoft Windows XP Workstation Service - Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 +130,platforms/windows/remote/130.c,"Microsoft Windows XP - Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 131,platforms/linux/local/131.c,"Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (2)",2003-12-05,"Wojciech Purczynski",linux,local,0 132,platforms/linux/remote/132.c,"Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure Exploit",2003-12-06,m00,linux,remote,80 133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow / Denial of Service",2003-12-15,"Peter Winter-Smith",windows,remote,80 @@ -252,7 +252,7 @@ id,file,description,date,author,platform,type,port 263,platforms/solaris/remote/263.pl,"Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Exploit",2001-01-27,Fyodor,solaris,remote,80 264,platforms/novell/dos/264.c,"Novell BorderManager Enterprise Edition 3.5 - Denial of Service",2001-05-07,honoriak,novell,dos,0 265,platforms/irix/local/265.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/bin/lpstat Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 -266,platforms/windows/remote/266.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit",2001-05-07,"Ryan Permeh",windows,remote,80 +266,platforms/windows/remote/266.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit (1)",2001-05-07,"Ryan Permeh",windows,remote,80 268,platforms/windows/remote/268.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit (2)",2001-05-08,"dark spyrit",windows,remote,80 269,platforms/linux/remote/269.c,"BeroFTPD 1.3.4(1) - Remote Root Exploit (Linux x86)",2001-05-08,qitest1,linux,remote,21 270,platforms/irix/local/270.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit",2001-05-08,LSD-PLaNET,irix,local,0 @@ -557,7 +557,7 @@ id,file,description,date,author,platform,type,port 715,platforms/solaris/local/715.c,"Solaris 8/9 - passwd circ() Local Root Exploit",2004-12-24,"Marco Ivaldi",solaris,local,0 716,platforms/solaris/remote/716.c,"Solaris 2.5.1/2.6/7/8 rlogin /bin/login - Buffer Overflow Exploit (SPARC)",2004-12-24,"Marco Ivaldi",solaris,remote,513 718,platforms/linux/local/718.c,"Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Exploit",2004-12-24,"Marco Ivaldi",linux,local,0 -719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer XP SP2 - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 +719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer (XP SP2) - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 720,platforms/php/webapps/720.pl,"Sanity.b - phpBB 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,anonymous,php,webapps,0 721,platforms/windows/dos/721.html,"Microsoft Windows Kernel - ANI File Parsing Crash",2004-12-25,Flashsky,windows,dos,0 725,platforms/php/webapps/725.pl,"PhpInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion",2004-12-25,anonymous,php,webapps,0 @@ -741,7 +741,7 @@ id,file,description,date,author,platform,type,port 920,platforms/windows/local/920.c,"P2P Share Spy 2.2 - Local Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 921,platforms/php/webapps/921.sh,"PHP-Nuke 6.x < 7.6 Top module - SQL Injection",2005-04-07,"Fabrizi Andrea",php,webapps,0 922,platforms/cgi/webapps/922.pl,"The Includer CGI 1.0 - Remote Command Execution (1)",2005-04-08,GreenwooD,cgi,webapps,0 -30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 +30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - Redirect.php Cross-site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 923,platforms/cgi/webapps/923.pl,"The Includer CGI 1.0 - Remote Command Execution (2)",2005-04-08,K-C0d3r,cgi,webapps,0 924,platforms/linux/local/924.c,"sash 3.7 - Local Buffer Overflow Exploit",2005-04-08,lammat,linux,local,0 925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Admin Authentication Bypass SQL Injection",2005-04-09,LaMeR,asp,webapps,0 @@ -752,7 +752,7 @@ id,file,description,date,author,platform,type,port 930,platforms/windows/remote/930.html,"Microsoft Internet Explorer - DHTML Object Memory Corruption Exploit",2005-04-12,Skylined,windows,remote,0 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020)",2005-04-12,Skylined,windows,dos,0 932,platforms/windows/local/932.sql,"Oracle Database Server 10.1.0.2 - Buffer Overflow Exploit",2005-04-13,"Esteban Fayo",windows,local,0 -933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits",2005-04-13,"Esteban Fayo",windows,local,0 +933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement - Multiple SQL Injections Exploits",2005-04-13,"Esteban Fayo",windows,local,0 934,platforms/linux/remote/934.c,"gld 1.4 - (Postfix Greylisting Daemon) Remote Format String Exploit",2005-04-13,Xpl017Elz,linux,remote,2525 935,platforms/windows/local/935.c,"Morpheus 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 @@ -938,7 +938,7 @@ id,file,description,date,author,platform,type,port 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup - (dsconfig.exe) Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup - Auto Scanner / Exploiter",2005-08-03,cybertronic,windows,remote,6070 1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 -1134,platforms/php/webapps/1134.pl,"MySQL Eventum 1.5.5 - (login.php) SQL Injection",2005-08-05,"James Bercegay",php,webapps,0 +1134,platforms/php/webapps/1134.pl,"MySQL Eventum 1.5.5 - 'login.php' SQL Injection",2005-08-05,"James Bercegay",php,webapps,0 1135,platforms/php/webapps/1135.c,"PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection Exploit",2005-08-05,Easyex,php,webapps,0 1137,platforms/windows/dos/1137.pl,"Acunetix HTTP Sniffer - Denial of Service",2005-08-05,basher13,windows,dos,0 1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 @@ -1032,7 +1032,7 @@ id,file,description,date,author,platform,type,port 1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 - (msg_send) SQL Injection",2005-09-28,rgod,php,webapps,0 1238,platforms/linux/remote/1238.c,"Prozilla 1.3.7.4 - (ftpsearch) Results Handling Buffer Overflow Exploit",2005-10-02,taviso,linux,remote,8080 1239,platforms/windows/dos/1239.c,"Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service",2005-10-02,"Luigi Auriemma",windows,dos,0 -1240,platforms/php/webapps/1240.php,"Utopia News Pro 1.1.3 - (news.php) SQL Injection",2005-10-06,rgod,php,webapps,0 +1240,platforms/php/webapps/1240.php,"Utopia News Pro 1.1.3 - 'news.php' SQL Injection",2005-10-06,rgod,php,webapps,0 1241,platforms/php/webapps/1241.php,"Cyphor 0.19 - (board takeover) SQL Injection",2005-10-08,rgod,php,webapps,0 1242,platforms/linux/remote/1242.pl,"xine-lib 1.1 - (media player library) Remote Format String Exploit",2005-10-10,"Ulf Harnhammar",linux,remote,0 1243,platforms/windows/remote/1243.c,"CA iGateway - (debug mode) Remote Buffer Overflow Exploit",2005-10-10,egm,windows,remote,5250 @@ -1064,7 +1064,7 @@ id,file,description,date,author,platform,type,port 1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play - (Umpnpmgr.dll) Denial of Service (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 1272,platforms/linux/remote/1272.c,"Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow Exploit",2005-10-25,rd,linux,remote,0 -1273,platforms/php/webapps/1273.pl,"TClanPortal 1.1.3 - (id) SQL Injection",2005-10-26,Devil-00,php,webapps,0 +1273,platforms/php/webapps/1273.pl,"TClanPortal 1.1.3 - 'id' SQL Injection",2005-10-26,Devil-00,php,webapps,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote DoS",2005-10-27,Expanders,hardware,dos,0 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a - Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 @@ -1098,7 +1098,7 @@ id,file,description,date,author,platform,type,port 1316,platforms/linux/local/1316.pl,"Veritas Storage Foundation 4.0 - VCSI18N_LANG Local Overflow Exploit",2005-11-12,"Kevin Finisterre",linux,local,0 1317,platforms/php/webapps/1317.py,"Coppermine Photo Gallery 1.3.2 - File Retrieval SQL Injection",2005-11-13,DiGiTAL_MiDWAY,php,webapps,0 1319,platforms/php/webapps/1319.php,"Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection",2005-11-14,rgod,php,webapps,0 -1320,platforms/php/webapps/1320.txt,"Arki-DB 1.0 - (catid) SQL Injection",2005-11-14,Devil-00,php,webapps,0 +1320,platforms/php/webapps/1320.txt,"Arki-DB 1.0 - 'catid' SQL Injection",2005-11-14,Devil-00,php,webapps,0 1321,platforms/php/webapps/1321.pl,"Cyphor 0.19 - (show.php id) SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 1322,platforms/php/webapps/1322.pl,"Wizz Forum 1.20 - (TopicID) SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 1324,platforms/php/webapps/1324.php,"PHPWebThings 1.4 - (msg/forum) SQL Injection",2005-11-16,rgod,php,webapps,0 @@ -1184,7 +1184,7 @@ id,file,description,date,author,platform,type,port 1415,platforms/linux/local/1415.c,"Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C)",2006-01-13,Qnix,linux,local,0 1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 - (NLST) Denial of Service",2006-01-14,pi3ch,windows,dos,0 1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 - (FTP) Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 -1418,platforms/asp/webapps/1418.txt,"MiniNuke 1.8.2 - Multiple SQL Injection",2006-01-14,nukedx,asp,webapps,0 +1418,platforms/asp/webapps/1418.txt,"MiniNuke 1.8.2 - Multiple SQL Injections",2006-01-14,nukedx,asp,webapps,0 1419,platforms/asp/webapps/1419.pl,"MiniNuke 1.8.2 - (news.asp hid) SQL Injection",2006-01-14,DetMyl,asp,webapps,0 1420,platforms/windows/remote/1420.c,"Microsoft Windows - Metafile (WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 - Volume Manager Daemon Remote BoF Exploit",2006-01-16,"Patrick Thomassen",windows,remote,13701 @@ -1241,7 +1241,7 @@ id,file,description,date,author,platform,type,port 1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit (3)",2006-02-14,darkeagle,windows,local,0 1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point - (Fragmented UDP) Denial of Service",2006-02-14,"Aaron Portnoy",hardware,dos,0 1498,platforms/php/webapps/1498.php,"webSPELL 4.01 - (title_op) SQL Injection",2006-02-14,x128,php,webapps,0 -1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injection",2006-02-15,"HACKERS PAL",php,webapps,0 +1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injections",2006-02-15,"HACKERS PAL",php,webapps,0 1500,platforms/windows/dos/1500.cpp,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 1501,platforms/php/webapps/1501.php,"PHPKIT 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 @@ -1273,7 +1273,7 @@ id,file,description,date,author,platform,type,port 1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board 6.03 - (login.asp) Remote Auth Bypass",2006-02-25,nukedx,asp,webapps,0 1530,platforms/php/webapps/1530.pl,"SaphpLesson 2.0 - (forumid) SQL Injection",2006-02-25,SnIpEr_SA,php,webapps,0 1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server 1.4.3.5 - Remote Buffer Overflow PoC",2006-02-25,"Jerome Athias",windows,dos,0 -1532,platforms/php/webapps/1532.pl,"PwsPHP 1.2.3 - (index.php) SQL Injection",2006-02-25,papipsycho,php,webapps,0 +1532,platforms/php/webapps/1532.pl,"PwsPHP 1.2.3 - 'index.php' SQL Injection",2006-02-25,papipsycho,php,webapps,0 1533,platforms/php/webapps/1533.php,"4Images 1.7.1 - (Local Inclusion) Remote Code Execution Exploit",2006-02-26,rgod,php,webapps,0 1534,platforms/sco/local/1534.c,"SCO Unixware 7.1.3 - (ptrace) Local Privilege Escalation Exploit",2006-02-26,prdelka,sco,local,0 1535,platforms/windows/dos/1535.c,"CrossFire 1.8.0 - (oldsocketmode) Remote Buffer Overflow PoC",2006-02-27,"Luigi Auriemma",windows,dos,0 @@ -1308,7 +1308,7 @@ id,file,description,date,author,platform,type,port 1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition 5.00 - Multiple Vulnerabilities",2006-03-07,"Luigi Auriemma",windows,dos,0 1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 - (USER) Remote Buffer Overflow Exploit PoC",2006-03-07,"securma massine",windows,remote,110 1566,platforms/php/webapps/1566.php,"Gallery 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 -1567,platforms/php/webapps/1567.php,"RedBLoG 0.5 - (cat_id) SQL Injection",2006-03-08,x128,php,webapps,0 +1567,platforms/php/webapps/1567.php,"RedBLoG 0.5 - 'cat_id' SQL Injection",2006-03-08,x128,php,webapps,0 1569,platforms/asp/webapps/1569.pl,"d2kBlog 1.0.3 - (memName) SQL Injection",2006-03-09,DevilBox,asp,webapps,0 1570,platforms/php/webapps/1570.pl,"Light Weight Calendar 1.x - (date) Remote Code Execution",2006-03-09,Hessam-x,php,webapps,0 1571,platforms/asp/webapps/1571.htm,"JiRos Banner Experience 1.0 - (Create Admin Bypass) Remote Exploit",2006-03-09,nukedx,asp,webapps,0 @@ -1338,7 +1338,7 @@ id,file,description,date,author,platform,type,port 1596,platforms/linux/local/1596.txt,"X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit",2006-03-20,"H D Moore",linux,local,0 1597,platforms/asp/webapps/1597.pl,"ASPPortal 3.1.1 - (downloadid) SQL Injection",2006-03-20,nukedx,asp,webapps,0 1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6.0 - (script action handlers) (mshtml.dll) DoS",2006-03-21,"Michal Zalewski",windows,dos,0 -1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007)",2006-03-21,"Alexey Sintsov",windows,dos,0 +1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)",2006-03-21,"Alexey Sintsov",windows,dos,0 1600,platforms/php/webapps/1600.php,"FreeWPS 2.11 - (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - (COM Components) Remote Crash Exploit",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow Exploit",2006-03-22,"esca zoo",multiple,remote,11000 @@ -1348,7 +1348,7 @@ id,file,description,date,author,platform,type,port 1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution Exploit",2006-03-23,darkeagle,windows,remote,0 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcoded Exploit",2006-03-23,ATmaCA,windows,remote,0 1608,platforms/php/webapps/1608.php,"WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution Exploit",2006-03-25,rgod,php,webapps,0 -1609,platforms/php/webapps/1609.pl,"PHP Ticket 0.71 - (search.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 +1609,platforms/php/webapps/1609.pl,"PHP Ticket 0.71 - 'search.php' SQL Injection",2006-03-25,undefined1_,php,webapps,0 1610,platforms/php/webapps/1610.txt,"phpBookingCalendar 1.0c - (details_view.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 1611,platforms/php/webapps/1611.pl,"TFT Gallery 0.10 - Password Disclosure Remote Exploit",2006-03-25,undefined1_,php,webapps,0 1612,platforms/php/webapps/1612.php,"CuteNews 1.4.1 - (function.php) Local File Inclusion Exploit",2006-03-26,"Hamid Ebadi",php,webapps,0 @@ -1370,7 +1370,7 @@ id,file,description,date,author,platform,type,port 1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcoded Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 1629,platforms/php/webapps/1629.pl,"SQuery 4.5 - (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 - (vwar_root2) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 -1631,platforms/php/webapps/1631.php,"ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution Exploit",2006-04-02,rgod,php,webapps,0 +1631,platforms/php/webapps/1631.php,"ReloadCMS 1.2.5 - Cross-site Scripting / Remote Code Execution Exploit",2006-04-02,rgod,php,webapps,0 1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 - Remote File Inclusion Exploit",2006-04-02,uid0,php,webapps,0 1633,platforms/windows/dos/1633.c,"Total Commander 6.x - (unacev2.dll) Buffer Overflow PoC Exploit",2006-04-02,darkeagle,windows,dos,0 1634,platforms/linux/dos/1634.pl,"mpg123 0.59r Malformed mp3 - (SIGSEGV) Proof of Concept",2006-04-02,nitr0us,linux,dos,0 @@ -1387,7 +1387,7 @@ id,file,description,date,author,platform,type,port 1652,platforms/php/webapps/1652.php,"ADODB < 4.70 (PhpOpenChat 3.0.x) - Server.php SQL Injection",2006-04-09,rgod,php,webapps,0 1653,platforms/php/webapps/1653.txt,"dnGuestbook 2.0 - SQL Injection",2006-04-09,snatcher,php,webapps,0 1654,platforms/php/webapps/1654.txt,"autonomous lan party 0.98.1.0 - Remote File Inclusion",2006-04-09,Codexploder,php,webapps,0 -1655,platforms/php/webapps/1655.php,"XBrite Members 1.1 - (id) SQL Injection",2006-04-09,snatcher,php,webapps,0 +1655,platforms/php/webapps/1655.php,"XBrite Members 1.1 - 'id' SQL Injection",2006-04-09,snatcher,php,webapps,0 1656,platforms/php/webapps/1656.txt,"Sire 2.0 - (lire.php) Remote File Inclusion/Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service",2006-04-09,fingerout,linux,dos,0 1659,platforms/php/webapps/1659.php,"PHPList 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 @@ -1430,7 +1430,7 @@ id,file,description,date,author,platform,type,port 1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System 7.0 - Remote Code Execution Exploit",2006-04-22,nukedx,php,webapps,0 1708,platforms/windows/dos/1708.txt,"Skulltag 0.96f - (Version String) Remote Format String PoC",2006-04-23,"Luigi Auriemma",windows,dos,0 1709,platforms/multiple/dos/1709.txt,"OpenTTD 0.4.7 - Multiple Vulnerabilities",2006-04-23,"Luigi Auriemma",multiple,dos,0 -1710,platforms/php/webapps/1710.txt,"Clansys 1.1 - (index.php page) PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 +1710,platforms/php/webapps/1710.txt,"Clansys 1.1 - 'index.php' PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review 2B - Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 1712,platforms/osx/dos/1712.html,"Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 1713,platforms/php/webapps/1713.pl,"FlexBB 0.5.5 - (function/showprofile.php) SQL Injection",2006-04-24,Devil-00,php,webapps,0 @@ -1466,7 +1466,7 @@ id,file,description,date,author,platform,type,port 1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow PoC",2006-05-04,rewterz,windows,dos,0 1749,platforms/windows/dos/1749.pl,"acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow PoC",2006-05-04,Preddy,windows,dos,0 1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b - R_RemapShader() Remote Client BoF Exploit",2006-05-05,landser,linux,remote,0 -1751,platforms/php/webapps/1751.php,"Limbo CMS 1.0.4.2 - (catid) SQL Injection",2006-05-05,[Oo],php,webapps,0 +1751,platforms/php/webapps/1751.php,"Limbo CMS 1.0.4.2 - 'catid' SQL Injection",2006-05-05,[Oo],php,webapps,0 1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion Exploit",2006-05-05,IGNOR3,php,webapps,0 1753,platforms/php/webapps/1753.txt,"TotalCalendar 2.30 - (inc) Remote File Inclusion",2006-05-05,Aesthetico,php,webapps,0 1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - (USER) Remote Pre-Auth DoS",2006-05-05,Bigeazer,windows,dos,0 @@ -1548,14 +1548,14 @@ id,file,description,date,author,platform,type,port 1837,platforms/asp/webapps/1837.pl,"MiniNuke 2.x - (create an admin) SQL Injection",2006-05-27,nukedx,asp,webapps,0 1838,platforms/windows/dos/1838.html,"Microsoft Internet Explorer - (HTML Tag) Memory Corruption (MS06-013)",2006-05-27,"Thomas Waldegger",windows,dos,0 1839,platforms/php/webapps/1839.txt,"tinyBB 0.3 - Remote File Inclusion / SQL Injection",2006-05-28,nukedx,php,webapps,0 -1840,platforms/asp/webapps/1840.txt,"Enigma Haber 4.3 - Multiple SQL Injection",2006-05-28,nukedx,asp,webapps,0 +1840,platforms/asp/webapps/1840.txt,"Enigma Haber 4.3 - Multiple SQL Injections",2006-05-28,nukedx,asp,webapps,0 1841,platforms/php/webapps/1841.txt,"F@cile Interactive Web 0.8x - Remote File Inclusion / XSS",2006-05-28,nukedx,php,webapps,0 1842,platforms/php/webapps/1842.htm,"Eggblog < 3.07 - Remote SQL Injection / Privilege Escalation Exploit",2006-05-28,nukedx,php,webapps,0 1843,platforms/php/webapps/1843.txt,"UBB Threads 5.x / 6.x - Multiple Remote File Inclusion",2006-05-28,nukedx,php,webapps,0 1844,platforms/php/webapps/1844.txt,"Activity MOD Plus 1.1.0 - (phpBB Mod) File Inclusion",2006-05-28,nukedx,php,webapps,0 -1845,platforms/asp/webapps/1845.txt,"ASPSitem 2.0 - SQL Injection / DB Disclosure",2006-05-28,nukedx,asp,webapps,0 +1845,platforms/asp/webapps/1845.txt,"ASPSitem 2.0 - SQL Injection / Database Disclosure",2006-05-28,nukedx,asp,webapps,0 1846,platforms/php/webapps/1846.txt,"Blend Portal 1.2.0 - (phpBB Mod) Remote File Inclusion",2006-05-28,nukedx,php,webapps,0 -1847,platforms/php/webapps/1847.txt,"CosmicShoppingCart - (search.php) SQL Injection",2006-05-28,Vympel,php,webapps,0 +1847,platforms/php/webapps/1847.txt,"CosmicShoppingCart - 'search.php' SQL Injection",2006-05-28,Vympel,php,webapps,0 1848,platforms/php/webapps/1848.txt,"Fastpublish CMS 1.6.9 - config[fsBase] Remote File Inclusion",2006-05-29,Kacper,php,webapps,0 1849,platforms/asp/webapps/1849.htm,"Speedy ASP Forum - (profileupdate.asp) User Pass Change Exploit",2006-05-29,ajann,asp,webapps,0 1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 @@ -1565,7 +1565,7 @@ id,file,description,date,author,platform,type,port 1854,platforms/php/webapps/1854.txt,"Ottoman CMS 1.1.3 - (default_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 1856,platforms/windows/dos/1856.url,"Microsoft Internet Explorer 6 - (inetconn.dll) Stack Overflow Crash",2006-05-31,Mr.Niega,windows,dos,0 -1857,platforms/php/webapps/1857.pl,"TinyPHP Forum 3.6 - (profile.php) Remote Code Execution Exploit",2006-06-01,Hessam-x,php,webapps,0 +1857,platforms/php/webapps/1857.pl,"TinyPHP Forum 3.6 - 'profile.php' Remote Code Execution Exploit",2006-06-01,Hessam-x,php,webapps,0 1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 - (root_path) Remote File Inclusion",2006-06-01,Kacper,php,webapps,0 1859,platforms/asp/webapps/1859.htm,"aspWebLinks 2.0 - SQL Injection / Admin Pass Change Exploit",2006-06-01,ajann,asp,webapps,0 1860,platforms/php/webapps/1860.txt,"Bytehoard 2.1 - (server.php) Remote File Inclusion",2006-06-01,beford,php,webapps,0 @@ -1581,9 +1581,9 @@ id,file,description,date,author,platform,type,port 1870,platforms/php/webapps/1870.txt,"BlueShoes Framework 4.6 - Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1871,platforms/php/webapps/1871.txt,"WebspotBlogging 3.0.1 - (path) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1872,platforms/php/webapps/1872.txt,"CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 -1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 - (catid) SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 +1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 - 'catid' SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 1874,platforms/php/webapps/1874.php,"LifeType 1.0.4 - SQL Injection",2006-06-03,rgod,php,webapps,0 -1875,platforms/php/webapps/1875.htm,"FunkBoard CF0.71 - (profile.php) Remote User Pass Change Exploit",2006-06-04,ajann,php,webapps,0 +1875,platforms/php/webapps/1875.htm,"FunkBoard CF0.71 - 'profile.php' Remote User Pass Change Exploit",2006-06-04,ajann,php,webapps,0 1876,platforms/php/webapps/1876.pl,"SCart 2.0 - (page) Remote Code Execution Exploit",2006-06-04,K-159,php,webapps,0 1877,platforms/php/webapps/1877.php,"Claroline 1.7.6 - (includePath) Remote Code Execution Exploit",2006-06-05,rgod,php,webapps,0 1878,platforms/php/webapps/1878.txt,"Particle Wiki 1.0.2 - SQL Injection",2006-06-05,FarhadKey,php,webapps,0 @@ -1612,7 +1612,7 @@ id,file,description,date,author,platform,type,port 1901,platforms/php/webapps/1901.pl,"RCblog 1.03 - (post) Remote Command Execution Exploit",2006-06-11,Hessam-x,php,webapps,0 1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - (spaw_root) Remote File Inclusion",2006-06-11,"Federico Fazzi",php,webapps,0 1903,platforms/php/webapps/1903.txt,"Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities",2006-06-11,"Federico Fazzi",php,webapps,0 -1904,platforms/php/webapps/1904.php,"blur6ex 0.3.462 - (ID) Admin Disclosure / Blind SQL Injection",2006-06-12,rgod,php,webapps,0 +1904,platforms/php/webapps/1904.php,"blur6ex 0.3.462 - 'ID' Admin Disclosure / Blind SQL Injection",2006-06-12,rgod,php,webapps,0 1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 1906,platforms/windows/remote/1906.py,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit",2006-06-12,h07,windows,remote,0 1907,platforms/php/webapps/1907.txt,"aWebNews 1.5 - (visview.php) Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 @@ -1675,7 +1675,7 @@ id,file,description,date,author,platform,type,port 1964,platforms/php/webapps/1964.php,"GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution",2006-06-29,rgod,php,webapps,0 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 1967,platforms/windows/dos/1967.c,"Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0 -1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) 1.34 - (id) SQL Injection",2006-07-01,x128,php,webapps,0 +1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) 1.34 - 'id' SQL Injection",2006-07-01,x128,php,webapps,0 1969,platforms/php/webapps/1969.txt,"Stud.IP 1.3.0-2 - Multiple Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1971,platforms/php/webapps/1971.txt,"Randshop 1.1.1 - (header.inc.php) Remote File Inclusion",2006-07-01,OLiBekaS,php,webapps,0 @@ -1749,7 +1749,7 @@ id,file,description,date,author,platform,type,port 2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow Exploit",2006-07-20,"Jacopo Cervini",windows,remote,0 2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - (JBoss) Remote Code Execution Exploit",2006-07-20,"Jon Hart",hardware,remote,0 2049,platforms/php/webapps/2049.txt,"SiteDepth CMS 3.0.1 - (SD_DIR) Remote File Inclusion",2006-07-20,Aesthetico,php,webapps,0 -2050,platforms/php/webapps/2050.php,"LoudBlog 0.5 - (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 +2050,platforms/php/webapps/2050.php,"LoudBlog 0.5 - 'id' SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 2051,platforms/linux/dos/2051.py,"Sendmail 8.13.5 - Remote Signal Handling Exploit PoC",2006-07-21,redsand,linux,dos,0 2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014)",2006-07-21,redsand,windows,remote,0 2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow Exploit (2)",2006-07-21,bannedit,multiple,remote,110 @@ -1798,7 +1798,7 @@ id,file,description,date,author,platform,type,port 2098,platforms/php/webapps/2098.txt,"TSEP 0.942 - (copyright.php) Remote Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 2099,platforms/php/webapps/2099.txt,"WoW Roster 1.5.1 - (subdir) Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 2100,platforms/php/webapps/2100.txt,"PHPAuction 2.1 - (phpAds_path) Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 -2101,platforms/php/webapps/2101.txt,"newsReporter 1.1 - (index.php) Remote Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +2101,platforms/php/webapps/2101.txt,"newsReporter 1.1 - 'index.php' Remote Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2102,platforms/php/webapps/2102.txt,"Voodoo chat 1.0RC1b - (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - (dwl_include_path) Remote Inclusion",2006-08-01,SHiKaA,php,webapps,0 @@ -1832,7 +1832,7 @@ id,file,description,date,author,platform,type,port 2134,platforms/php/webapps/2134.txt,"phpCC 4.2 beta - (base_dir) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - (abs_path) Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 -2137,platforms/php/webapps/2137.txt,"QuestCMS - (main.php) Remote File Inclusion",2006-08-07,Crackers_Child,php,webapps,0 +2137,platforms/php/webapps/2137.txt,"QuestCMS - 'main.php' Remote File Inclusion",2006-08-07,Crackers_Child,php,webapps,0 2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 - SQL Injection",2006-08-07,ASIANEAGLE,asp,webapps,0 2139,platforms/php/webapps/2139.txt,"PHPCodeCabinet 0.5 - (Core.php) Remote File Inclusion",2006-08-07,Minion,php,webapps,0 2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit) (2)",2006-08-07,ri0t,windows,remote,10616 @@ -1848,7 +1848,7 @@ id,file,description,date,author,platform,type,port 2150,platforms/asp/webapps/2150.txt,"CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) - SQL Injection",2006-08-08,ASIANEAGLE,asp,webapps,0 2151,platforms/php/webapps/2151.txt,"Cwfm 0.9.1 - (Language) Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,0 2152,platforms/php/webapps/2152.php,"PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow Exploit PoC",2006-08-08,Heintz,php,webapps,0 -2153,platforms/php/webapps/2153.txt,"Boite de News 4.0.1 - (index.php) Remote File Inclusion",2006-08-09,"the master",php,webapps,0 +2153,platforms/php/webapps/2153.txt,"Boite de News 4.0.1 - 'index.php' Remote File Inclusion",2006-08-09,"the master",php,webapps,0 2154,platforms/php/webapps/2154.txt,"PgMarket 2.2.3 - (CFG[libdir]) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 2155,platforms/php/webapps/2155.txt,"See-Commerce 1.0.625 - (owimg.php3) Remote File Inclusion",2006-08-09,Drago84,php,webapps,0 2156,platforms/hardware/dos/2156.c,"PocketPC Mms Composer - (WAPPush) Denial of Service",2006-08-09,"Collin Mulliner",hardware,dos,0 @@ -1957,11 +1957,11 @@ id,file,description,date,author,platform,type,port 2260,platforms/php/webapps/2260.pl,"AlberT-EasySite 1.0a5 - (PSA_PATH) Remote File Inclusion Exploit",2006-08-27,Kacper,php,webapps,0 2261,platforms/php/webapps/2261.php,"iziContents RC6 - GLOBALS[] Remote Code Execution Exploit",2006-08-27,Kacper,php,webapps,0 2262,platforms/php/webapps/2262.php,"CMS Frogss 0.4 - (podpis) SQL Injection",2006-08-27,Kacper,php,webapps,0 -2263,platforms/php/webapps/2263.txt,"Ay System CMS 2.6 - (main.php) Remote File Inclusion",2006-08-27,SHiKaA,php,webapps,0 +2263,platforms/php/webapps/2263.txt,"Ay System CMS 2.6 - 'main.php' Remote File Inclusion",2006-08-27,SHiKaA,php,webapps,0 2264,platforms/windows/local/2264.htm,"VMware 5.5.1 - (ActiveX) Local Buffer Overflow Exploit",2006-08-27,c0ntex,windows,local,0 2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 -2266,platforms/cgi/webapps/2266.txt,"Cybozu Products - (id) Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 -2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple SQL Injection",2006-08-28,"Tan Chew Keong",cgi,webapps,0 +2266,platforms/cgi/webapps/2266.txt,"Cybozu Products - 'id' Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 +2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple SQL Injections",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0 2269,platforms/php/webapps/2269.txt,"Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion",2006-08-28,SHiKaA,php,webapps,0 2270,platforms/php/webapps/2270.php,"phpGroupWare 0.9.16.010 - GLOBALS[] Remote Code Execution Exploit",2006-08-29,Kacper,php,webapps,0 @@ -1990,7 +1990,7 @@ id,file,description,date,author,platform,type,port 2293,platforms/php/webapps/2293.txt,"FlashChat 4.5.7 - (aedating4CMS.php) Remote File Inclusion",2006-09-04,NeXtMaN,php,webapps,0 2294,platforms/asp/webapps/2294.txt,"Muratsoft Haber Portal 3.6 - (tr) SQL Injection",2006-09-03,ASIANEAGLE,asp,webapps,0 2295,platforms/php/webapps/2295.txt,"In-link 2.3.4 - (ADODB_DIR) Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 -2296,platforms/asp/webapps/2296.txt,"SimpleBlog 2.3 - (id) SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 +2296,platforms/asp/webapps/2296.txt,"SimpleBlog 2.3 - 'id' SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 2297,platforms/php/webapps/2297.pl,"Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit",2006-09-04,DarkFig,php,webapps,0 2298,platforms/php/webapps/2298.php,"pHNews alpha 1 - (templates_dir) Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 2299,platforms/php/webapps/2299.php,"PHP Proxima 6 - completepack Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 @@ -2031,7 +2031,7 @@ id,file,description,date,author,platform,type,port 2334,platforms/windows/dos/2334.py,"Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service",2006-09-08,n00b,windows,dos,0 2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb 1.0.3 - (base) Remote File Inclusion",2006-09-08,ddoshomo,php,webapps,0 2336,platforms/php/webapps/2336.pl,"Socketwiz Bookmarks 2.0 - (root_dir) Remote File Inclusion Exploit",2006-09-09,Kacper,php,webapps,0 -2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager 3.2 - (id) SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 +2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager 3.2 - 'id' SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 2338,platforms/linux/local/2338.c,"openmovieeditor 0.0.20060901 - (name) Local Buffer Overflow Exploit",2006-09-09,Qnix,linux,local,0 2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager 3.2 - (classified_path) File Include",2006-09-09,MercilessTurk,php,webapps,0 2340,platforms/php/webapps/2340.txt,"PUMA 1.0 RC 2 - (config.php) Remote File Inclusion",2006-09-10,"Philipp Niedziela",php,webapps,0 @@ -2111,7 +2111,7 @@ id,file,description,date,author,platform,type,port 2414,platforms/php/webapps/2414.txt,"Wili-CMS 0.1.1 - include / XSS / full path",2006-09-21,"HACKERS PAL",php,webapps,0 2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0 2416,platforms/asp/webapps/2416.txt,"xweblog 2.1 - (kategori.asp) SQL Injection",2006-09-22,Muhacir,asp,webapps,0 -2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 - (index.php) SQL Injection",2006-09-22,"HACKERS PAL",php,webapps,0 +2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 - 'index.php' SQL Injection",2006-09-22,"HACKERS PAL",php,webapps,0 2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 - (all_users.php) SQL Injection",2006-09-22,"HACKERS PAL",php,webapps,0 2419,platforms/php/webapps/2419.txt,"Web-News 1.6.3 - (template.php) Remote File Inclusion",2006-09-24,Drago84,php,webapps,0 2420,platforms/php/webapps/2420.txt,"ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion",2006-09-24,Drago84,php,webapps,0 @@ -2143,11 +2143,11 @@ id,file,description,date,author,platform,type,port 2447,platforms/php/webapps/2447.php,"KGB 1.87 - (Local Inclusion) Remote Code Execution Exploit",2006-09-28,Kacper,php,webapps,0 2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)",2006-09-28,jamikazu,windows,remote,0 2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) 2.0 - (config.inc.php) File Include",2006-09-28,D_7J,php,webapps,0 -2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - (index.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 +2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - 'index.php' Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"phpMyWebmin 1.0 - (window.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"phpSecurePages 0.28b - (secure.php) Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 -2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a - (index.php) Remote File Inclusion",2006-09-29,v1per-haCker,php,webapps,0 +2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a - 'index.php' Remote File Inclusion",2006-09-29,v1per-haCker,php,webapps,0 2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - (pdf.php) Remote File Inclusion Exploit",2006-09-29,Kacper,php,webapps,0 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a - (display.php) SQL Injection",2006-09-29,Trex,php,webapps,0 2457,platforms/php/webapps/2457.php,"UBB.threads 6.5.1.1 - (doeditconfig.php) Code Execution Exploit",2006-09-29,"HACKERS PAL",php,webapps,0 @@ -2172,7 +2172,7 @@ id,file,description,date,author,platform,type,port 2476,platforms/php/webapps/2476.txt,"phpGreetz 0.99 - (footer.php) Remote File Inclusion",2006-10-04,mozi,php,webapps,0 2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpbb_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 2478,platforms/php/webapps/2478.txt,"phpMyTeam 2.0 - (smileys_dir) Remote File Inclusion",2006-10-05,"Mehmet Ince",php,webapps,0 -2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - (index.php) SQL Injection",2006-10-05,Kzar,php,webapps,0 +2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - 'index.php' SQL Injection",2006-10-05,Kzar,php,webapps,0 2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion",2006-10-05,SpiderZ,php,webapps,0 2481,platforms/php/webapps/2481.txt,"Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions",2006-10-05,SpiderZ,php,webapps,0 2482,platforms/windows/remote/2482.pl,"SHTTPD 1.34 - (POST) Remote Buffer Overflow Exploit",2006-10-05,SkOd,windows,remote,0 @@ -2180,7 +2180,7 @@ id,file,description,date,author,platform,type,port 2484,platforms/php/webapps/2484.txt,"FreeForum 0.9.7 - (forum.php) Remote File Inclusion",2006-10-07,"Mehmet Ince",php,webapps,0 2485,platforms/php/webapps/2485.pl,"Cahier de texte 2.0 - (lire.php) SQL Injection",2006-10-07,s4mi,php,webapps,0 2486,platforms/php/webapps/2486.txt,"phpBB Random User Registration Number 1.0 Mod - Inclusion",2006-10-07,bd0rk,php,webapps,0 -2487,platforms/php/webapps/2487.php,"4Images 1.7.x - (search.php) SQL Injection",2006-10-08,Synsta,php,webapps,0 +2487,platforms/php/webapps/2487.php,"4Images 1.7.x - 'search.php' SQL Injection",2006-10-08,Synsta,php,webapps,0 2488,platforms/php/webapps/2488.txt,"PHPMyNews 1.4 - (cfg_include_dir) Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 2489,platforms/php/webapps/2489.pl,"Ciamos CMS 0.9.6b - (config.php) Remote File Inclusion Exploit",2006-10-08,Kacper,php,webapps,0 2490,platforms/php/webapps/2490.txt,"Freenews 1.1 - (moteur.php) Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 @@ -2195,10 +2195,10 @@ id,file,description,date,author,platform,type,port 2499,platforms/php/webapps/2499.php,"Flatnuke 2.5.8 - (userlang) Local Inclusion / Delete All Users Exploit",2006-10-10,rgod,php,webapps,0 2500,platforms/php/webapps/2500.pl,"phpMyAgenda 3.1 - (templates/header.php3) Local File Inclusion Exploit",2006-10-10,"Nima Salehi",php,webapps,0 2501,platforms/php/webapps/2501.txt,"TribunaLibre 3.12 Beta - (ftag.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 -2502,platforms/php/webapps/2502.txt,"registroTL - (main.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2502,platforms/php/webapps/2502.txt,"registroTL - 'main.php' Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 2503,platforms/php/webapps/2503.txt,"compteur 2.0 - (param_editor.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 -2504,platforms/php/webapps/2504.txt,"eboli - (index.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 -2505,platforms/php/webapps/2505.txt,"JASmine 0.0.2 - (index.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2504,platforms/php/webapps/2504.txt,"eboli - 'index.php' Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2505,platforms/php/webapps/2505.txt,"JASmine 0.0.2 - 'index.php' Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 2506,platforms/php/webapps/2506.txt,"Foafgen 0.3 - (redir.php) Local Source Disclosure",2006-10-10,DarkFig,php,webapps,0 2507,platforms/php/webapps/2507.txt,"Album Photo Sans Nom 1.6 - Remote Source Disclosure",2006-10-10,DarkFig,php,webapps,0 2508,platforms/php/webapps/2508.txt,"vtiger CRM 4.2 - (calpath) Multiple Remote File Inclusion",2006-10-10,the_day,php,webapps,0 @@ -2268,7 +2268,7 @@ id,file,description,date,author,platform,type,port 2572,platforms/php/webapps/2572.txt,"Osprey 1.0 - GetRecord.php Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 2573,platforms/php/webapps/2573.php,"Comdev One Admin 4.1 - adminfoot.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 2574,platforms/php/webapps/2574.php,"Simplog 0.9.3.1 - comments.php SQL Injection",2006-10-16,w4ck1ng,php,webapps,0 -2575,platforms/php/webapps/2575.php,"Boonex Dolphin 5.2 - index.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2575,platforms/php/webapps/2575.php,"Boonex Dolphin 5.2 - 'index.php' Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 2576,platforms/php/webapps/2576.txt,"Specimen Image Database - (client.php) Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 2577,platforms/php/webapps/2577.txt,"P-News 1.16 - Remote File Inclusion",2006-10-16,vegas78,php,webapps,0 2578,platforms/php/webapps/2578.txt,"phpMyManga 0.8.1 - (template.php) Multiple File Inclusion",2006-10-16,nuffsaid,php,webapps,0 @@ -2281,7 +2281,7 @@ id,file,description,date,author,platform,type,port 2585,platforms/php/webapps/2585.txt,"PHPmybibli 3.0.1 - Multiple Remote File Inclusion",2006-10-17,the_day,php,webapps,0 2586,platforms/multiple/dos/2586.pl,"Clam AntiVirus 0.88.4 - CHM Chunk Name Length DoS PoC",2006-10-17,"Damian Put",multiple,dos,0 2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus 0.88.4 - (rebuildpe) Remote Heap Overflow PoC",2006-10-17,"Damian Put",multiple,dos,0 -2588,platforms/php/webapps/2588.txt,"Easynews 4.4.1 - (admin.php) Authentication Bypass",2006-10-17,nuffsaid,php,webapps,0 +2588,platforms/php/webapps/2588.txt,"Easynews 4.4.1 - 'admin.php' Authentication Bypass",2006-10-17,nuffsaid,php,webapps,0 2589,platforms/php/webapps/2589.txt,"Brim 1.2.1 - (renderer) Multiple Remote File Inclusion",2006-10-17,mdx,php,webapps,0 2590,platforms/php/webapps/2590.txt,"phpPowerCards 2.10 - (txt.inc.php) Remote Code Execution",2006-10-18,nuffsaid,php,webapps,0 2591,platforms/php/webapps/2591.txt,"Php AMX 0.90 - (plugins/main.php) Remote File Inclusion",2006-10-18,MP,php,webapps,0 @@ -2300,7 +2300,7 @@ id,file,description,date,author,platform,type,port 2604,platforms/php/webapps/2604.txt,"WGCC 0.5.6b - (quiz.php) SQL Injection",2006-10-20,ajann,php,webapps,0 2605,platforms/php/webapps/2605.txt,"RSSonate - (xml2rss.php) Remote File Inclusion Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 2606,platforms/php/webapps/2606.txt,"CASTOR 1.1.1 - (lib/rs.php) Remote File Inclusion Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 -2607,platforms/php/webapps/2607.txt,"kawf 1.0 - (main.php) Remote File Inclusion",2006-10-21,o0xxdark0o,php,webapps,0 +2607,platforms/php/webapps/2607.txt,"kawf 1.0 - 'main.php' Remote File Inclusion",2006-10-21,o0xxdark0o,php,webapps,0 2608,platforms/php/webapps/2608.txt,"Virtual Law Office - (phpc_root_path) Remote File Inclusion",2006-10-21,"Mehmet Ince",php,webapps,0 2609,platforms/php/webapps/2609.txt,"Open Meetings Filing Application - Remote File Inclusion",2006-10-21,"Mehmet Ince",php,webapps,0 2611,platforms/php/webapps/2611.txt,"Trawler Web CMS 1.8.1 - Multiple Remote File Inclusion",2006-10-21,k1tk4t,php,webapps,0 @@ -2332,10 +2332,10 @@ id,file,description,date,author,platform,type,port 2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service",2006-10-24,"Evgeny Legerov",bsd,dos,0 2640,platforms/php/webapps/2640.txt,"UeberProject 1.0 - (login/secure.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - constructor Local Root Exploit",2006-10-24,"Marco Ivaldi",solaris,local,0 -2642,platforms/asp/webapps/2642.asp,"Berty Forum 1.4 - (index.php) Remote Blind SQL Injection",2006-10-24,ajann,asp,webapps,0 +2642,platforms/asp/webapps/2642.asp,"Berty Forum 1.4 - 'index.php' Remote Blind SQL Injection",2006-10-24,ajann,asp,webapps,0 2643,platforms/php/webapps/2643.php,"JaxUltraBB 2.0 - Topic Reply Command Execution Exploit",2006-10-24,BlackHawk,php,webapps,0 2644,platforms/php/webapps/2644.php,"Discuz! 5.0.0 GBK - SQL Injection / Admin Credentials Disclosure Exploit",2006-10-25,rgod,php,webapps,0 -2645,platforms/php/webapps/2645.txt,"ArticleBeach Script 2.0 - (index.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 +2645,platforms/php/webapps/2645.txt,"ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2646,platforms/php/webapps/2646.txt,"TextPattern 1.19 - (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2647,platforms/php/webapps/2647.php,"Imageview 5 - (Cookie/index.php) Remote/Local File Inclusion Exploit",2006-10-25,Kacper,php,webapps,0 2648,platforms/php/webapps/2648.txt,"CommentIT - (PathToComment) Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 @@ -2365,7 +2365,7 @@ id,file,description,date,author,platform,type,port 2672,platforms/windows/dos/2672.py,"Microsoft Windows NAT Helper Components - (ipnathlp.dll) Remote Denial of Service",2006-10-28,h07,windows,dos,0 2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 - (common.php) File Include",2006-10-29,"Mehmet Ince",php,webapps,0 2674,platforms/php/webapps/2674.php,"MySource CMS 2.16.2 - (init_mysource.php) Remote File Inclusion Exploit",2006-10-29,Kacper,php,webapps,0 -2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 - (index.php) SQL Injection",2006-10-29,ajann,php,webapps,0 +2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 - 'index.php' SQL Injection",2006-10-29,ajann,php,webapps,0 2676,platforms/windows/local/2676.cpp,"Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Exploit",2006-10-29,Nanika,windows,local,0 2677,platforms/php/webapps/2677.asp,"Netref 4 - (cat_for_aff.php) Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Inclusion",2006-10-29,v1per-haCker,php,webapps,0 @@ -2433,7 +2433,7 @@ id,file,description,date,author,platform,type,port 2742,platforms/php/webapps/2742.txt,"DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion",2006-11-08,"Cold Zero",php,webapps,0 2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit",2006-11-08,anonymous,windows,remote,0 2744,platforms/php/webapps/2744.txt,"LetterIt 2.0 - (inc/session.php) Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 -2745,platforms/php/webapps/2745.txt,"gtcatalog 0.9.1 - (index.php) Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 +2745,platforms/php/webapps/2745.txt,"gtcatalog 0.9.1 - 'index.php' Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 2746,platforms/asp/webapps/2746.pl,"AspPired2Poll 1.0 - (MoreInfo.asp) SQL Injection",2006-11-09,ajann,asp,webapps,0 2747,platforms/php/webapps/2747.txt,"MyAlbum 3.02 - (language.inc.php) Remote File Inclusion",2006-11-09,"Silahsiz Kuvvetler",php,webapps,0 2748,platforms/php/webapps/2748.pl,"phpManta 1.0.2 - (view-sourcecode.php) Local File Inclusion Exploit",2006-11-09,ajann,php,webapps,0 @@ -2479,7 +2479,7 @@ id,file,description,date,author,platform,type,port 2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 - (libucache.dylib) Privilege Escalation Exploit (OSX)",2006-11-15,"Kevin Finisterre",osx,local,0 2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow Exploit (MS06-070)",2006-11-16,cocoruder,windows,remote,0 2790,platforms/php/webapps/2790.pl,"Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion Exploit",2006-11-16,Revenge,php,webapps,0 -2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool - (download.php) Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 +2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool - 'download.php' Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 2794,platforms/php/webapps/2794.txt,"mg.applanix 1.3.1 - (apx_root_path) Remote File Inclusion",2006-11-17,v1per-haCker,php,webapps,0 2795,platforms/php/webapps/2795.txt,"DoSePa 1.0.4 - (textview.php) Information Disclosure",2006-11-17,"Craig Heffner",php,webapps,0 2796,platforms/php/webapps/2796.php,"miniCWB 1.0.0 - (contact.php) Local File Inclusion Exploit",2006-11-17,Kacper,php,webapps,0 @@ -2518,7 +2518,7 @@ id,file,description,date,author,platform,type,port 2837,platforms/multiple/remote/2837.sql,"Oracle 9i / 10g - (read/write/execute) Exploitation Suite",2006-11-23,"Marco Ivaldi",multiple,remote,0 2838,platforms/php/webapps/2838.txt,"HSRS 1.0 - (addcode.php) Remote File Inclusion",2006-11-23,"Cold Zero",php,webapps,0 2839,platforms/php/webapps/2839.txt,"OWLLib 1.0 - (OWLMemoryProperty.php) Remote File Inclusion",2006-11-23,DeltahackingTEAM,php,webapps,0 -2840,platforms/php/webapps/2840.txt,"PEGames - (index.php) Remote File Inclusion",2006-11-23,DeltahackingTEAM,php,webapps,0 +2840,platforms/php/webapps/2840.txt,"PEGames - 'index.php' Remote File Inclusion",2006-11-23,DeltahackingTEAM,php,webapps,0 2841,platforms/php/webapps/2841.php,"Woltlab Burning Board Lite 1.0.2 - decode_cookie() SQL Injection",2006-11-24,rgod,php,webapps,0 2842,platforms/php/webapps/2842.php,"Woltlab Burning Board Lite 1.0.2 - Blind SQL Injection",2006-11-23,rgod,php,webapps,0 2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b - (util.php) Remote File Inclusion Exploit",2006-11-24,DeltahackingTEAM,php,webapps,0 @@ -2549,7 +2549,7 @@ id,file,description,date,author,platform,type,port 2870,platforms/windows/remote/2870.rb,"VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 2871,platforms/php/webapps/2871.txt,"LDU 8.x - (polls.php) SQL Injection",2006-11-30,ajann,php,webapps,0 2872,platforms/windows/local/2872.c,"VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit",2006-11-30,Expanders,windows,local,0 -2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 +2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - '.m3u' Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 2874,platforms/bsd/dos/2874.pl,"NetBSD FTPd / Tnftpd - Remote Stack Overflow PoC",2006-11-30,kingcope,bsd,dos,0 2876,platforms/php/webapps/2876.txt,"DZCP (deV!L_z Clanportal) 1.3.6 - Arbitrary File Upload",2006-12-01,"Tim Weber",php,webapps,0 2877,platforms/php/webapps/2877.txt,"Invision Community Blog Mod 1.2.4 - SQL Injection",2006-12-01,anonymous,php,webapps,0 @@ -2559,7 +2559,7 @@ id,file,description,date,author,platform,type,port 2881,platforms/asp/webapps/2881.txt,"Ultimate HelpDesk - XSS / Local File Disclosure",2006-12-01,ajann,asp,webapps,0 2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities",2006-12-02,y3dips,php,webapps,0 2883,platforms/php/webapps/2883.txt,"simple file manager 0.24a - Multiple Vulnerabilities",2006-12-02,flame,php,webapps,0 -2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 - (search.php) Remote File Inclusion",2006-12-02,DeltahackingTEAM,php,webapps,0 +2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 - 'search.php' Remote File Inclusion",2006-12-02,DeltahackingTEAM,php,webapps,0 2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies 1.3.0 - Remote File Inclusion",2006-12-02,bd0rk,php,webapps,0 2886,platforms/php/webapps/2886.txt,"PHP Upload Center 2.0 - (activate.php) File Inclusion",2006-12-03,GregStar,php,webapps,0 2887,platforms/windows/remote/2887.pl,"AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow Exploit",2006-12-03,"Jacopo Cervini",windows,remote,69 @@ -2580,8 +2580,8 @@ id,file,description,date,author,platform,type,port 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c - Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 -2905,platforms/php/webapps/2905.txt,"Gizzar 03162002 - (index.php) Remote File Inclusion",2006-12-09,DeltahackingTEAM,php,webapps,0 -2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - (news.php) SQL Injection",2006-12-09,Bl0od3r,php,webapps,0 +2905,platforms/php/webapps/2905.txt,"Gizzar 03162002 - 'index.php' Remote File Inclusion",2006-12-09,DeltahackingTEAM,php,webapps,0 +2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - 'news.php' SQL Injection",2006-12-09,Bl0od3r,php,webapps,0 2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - (login.asp) SQL Injection",2006-12-09,ajann,asp,webapps,0 2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 - (product) SQL Injection",2006-12-09,ajann,asp,webapps,0 2909,platforms/asp/webapps/2909.txt,"HR Assist 1.05 - (vdateUsr.asp) Remote Login ByPass",2006-12-09,ajann,asp,webapps,0 @@ -2617,7 +2617,7 @@ id,file,description,date,author,platform,type,port 2941,platforms/php/webapps/2941.txt,"mxBB Module Meeting 1.1.2 - Remote FileInclusion",2006-12-16,ajann,php,webapps,0 2942,platforms/windows/dos/2942.py,"Star FTP Server 1.10 - (RETR) Remote Denial of Service",2006-12-17,Necro,windows,dos,0 2943,platforms/php/webapps/2943.txt,"Azucar CMS 1.3 - (admin/index_sitios.php) File Inclusion",2006-12-18,nuffsaid,php,webapps,0 -2944,platforms/php/webapps/2944.txt,"VerliAdmin 0.3 - (index.php) Remote File Inclusion Exploit",2006-12-18,Kacper,php,webapps,0 +2944,platforms/php/webapps/2944.txt,"VerliAdmin 0.3 - 'index.php' Remote File Inclusion Exploit",2006-12-18,Kacper,php,webapps,0 2945,platforms/php/webapps/2945.txt,"Uploader & Downloader 3.0 - (id_user) SQL Injection",2006-12-18,"the master",php,webapps,0 2946,platforms/windows/dos/2946.html,"Microsoft Office Outlook Recipient Control - (ole32.dll) Denial of Service",2006-12-18,shinnai,windows,dos,0 2947,platforms/multiple/dos/2947.pl,"wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 @@ -2650,12 +2650,12 @@ id,file,description,date,author,platform,type,port 2974,platforms/windows/remote/2974.pl,"Http explorer Web Server 1.02 - Directory Transversal",2006-12-21,str0ke,windows,remote,0 2975,platforms/php/webapps/2975.pl,"Ixprim CMS 1.2 - Remote Blind SQL Injection",2006-12-21,DarkFig,php,webapps,0 2976,platforms/php/webapps/2976.txt,"inertianews 0.02b - (inertianews_main.php) Remote File Inclusion",2006-12-21,bd0rk,php,webapps,0 -2977,platforms/php/webapps/2977.txt,"MKPortal M1.1.1 - (Urlobox) Cross-Site Request Forgery",2006-12-21,Demential,php,webapps,0 +2977,platforms/php/webapps/2977.txt,"MKPortal M1.1.1 - (Urlobox) Cross-site Request Forgery",2006-12-21,Demential,php,webapps,0 2978,platforms/windows/dos/2978.py,"XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service",2006-12-22,shinnai,windows,dos,0 2979,platforms/php/webapps/2979.txt,"KISGB 5.1.1 - (authenticate.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 2980,platforms/php/webapps/2980.txt,"EternalMart Guestbook 1.10 - (admin/auth.php) Remote Inclusion",2006-12-22,mdx,php,webapps,0 2981,platforms/php/webapps/2981.php,"open newsletter 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 -2982,platforms/php/webapps/2982.txt,"3editor CMS 0.42 - (index.php) Local File Inclusion",2006-12-22,3l3ctric-Cracker,php,webapps,0 +2982,platforms/php/webapps/2982.txt,"3editor CMS 0.42 - 'index.php' Local File Inclusion",2006-12-22,3l3ctric-Cracker,php,webapps,0 2983,platforms/php/webapps/2983.txt,"b2 Blog 0.5 - (b2verifauth.php) Remote File Inclusion",2006-12-23,mdx,php,webapps,0 2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - (misc.php) Remote File Inclusion Exploit",2006-12-23,bd0rk,php,webapps,0 2985,platforms/windows/dos/2985.pl,"acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service",2006-12-23,gbr,windows,dos,0 @@ -2665,13 +2665,13 @@ id,file,description,date,author,platform,type,port 2989,platforms/asp/webapps/2989.txt,"Enthrallweb eCars 1.0 - (types.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 2990,platforms/asp/webapps/2990.pl,"Enthrallweb emates 1.0 - (newsdetail.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 2991,platforms/asp/webapps/2991.pl,"Enthrallweb ePages - (actualpic.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 -2992,platforms/asp/webapps/2992.txt,"Dragon Business Directory 3.01.12 - (ID) SQL Injection",2006-12-23,ajann,asp,webapps,0 -2993,platforms/asp/webapps/2993.txt,"Calendar MX BASIC 1.0.2 - (ID) SQL Injection",2006-12-23,ajann,asp,webapps,0 +2992,platforms/asp/webapps/2992.txt,"Dragon Business Directory 3.01.12 - 'ID' SQL Injection",2006-12-23,ajann,asp,webapps,0 +2993,platforms/asp/webapps/2993.txt,"Calendar MX BASIC 1.0.2 - 'ID' SQL Injection",2006-12-23,ajann,asp,webapps,0 2994,platforms/asp/webapps/2994.htm,"Enthrallweb eClassifieds 1.0 - Remote User Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2995,platforms/asp/webapps/2995.htm,"Enthrallweb eCoupons 1.0 - (myprofile.asp) Remote Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2996,platforms/asp/webapps/2996.htm,"Enthrallweb eNews 1.0 - Remote User Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2997,platforms/asp/webapps/2997.pl,"File Upload Manager 1.0.6 - (detail.asp) SQL Injection",2006-12-24,ajann,asp,webapps,0 -2998,platforms/asp/webapps/2998.pl,"Newsletter MX 1.0.2 - (ID) SQL Injection",2006-12-24,ajann,asp,webapps,0 +2998,platforms/asp/webapps/2998.pl,"Newsletter MX 1.0.2 - 'ID' SQL Injection",2006-12-24,ajann,asp,webapps,0 2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board 2.0b1 - (chat/login.php) Code Execution Exploit",2006-12-24,nuffsaid,php,webapps,0 3000,platforms/php/webapps/3000.pl,"Pagetool CMS 1.07 - (pt_upload.php) Remote File Inclusion",2006-12-24,g00ns,php,webapps,0 3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate 3.4 - (agent) SQL Injection",2006-12-24,ajann,asp,webapps,0 @@ -2763,13 +2763,13 @@ id,file,description,date,author,platform,type,port 3088,platforms/osx/local/3088.rb,"Mac OS X 10.4.8 - DiskManagement BOM (cron) Privilege Escalation Exploit",2007-01-05,MoAB,osx,local,0 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Inclusion",2007-01-06,"Mehmet Ince",php,webapps,0 -3091,platforms/php/webapps/3091.php,"L2J Statistik Script 0.09 - (index.php page) Local File Inclusion Exploit",2007-01-07,Codebreak,php,webapps,0 +3091,platforms/php/webapps/3091.php,"L2J Statistik Script 0.09 - 'index.php' Local File Inclusion Exploit",2007-01-07,Codebreak,php,webapps,0 3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit (Metasploit)",2007-01-07,"Jacopo Cervini",windows,remote,80 3093,platforms/php/webapps/3093.txt,"AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Local Root Exploit",2007-01-07,"Critical Security",bsd,local,0 3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 SQL Injection",2007-01-07,"Stefan Esser",php,webapps,0 -3096,platforms/php/webapps/3096.txt,"AllMyLinks 0.5.0 - (index.php) Remote File Inclusion",2007-01-07,GoLd_M,php,webapps,0 -3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 - (index.php) Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 +3096,platforms/php/webapps/3096.txt,"AllMyLinks 0.5.0 - 'index.php' Remote File Inclusion",2007-01-07,GoLd_M,php,webapps,0 +3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 - 'index.php' Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 - Javascript alert() Remote Format String PoC",2007-01-07,MoAB,osx,dos,0 3099,platforms/linux/remote/3099.pm,"Berlios GPSD 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include",2007-01-08,k1tk4t,php,webapps,0 @@ -2797,7 +2797,7 @@ id,file,description,date,author,platform,type,port 3122,platforms/asp/webapps/3122.pl,"DigiAffiliate 1.4 - (visu_user.asp id) SQL Injection",2007-01-13,ajann,asp,webapps,0 3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre 2.01 - (path) Remote File Inclusion Exploit",2007-01-13,ajann,php,webapps,0 3124,platforms/php/webapps/3124.php,"ThWboard 3.0b2.84-php5 - SQL Injection / Code Execution Exploit",2007-01-14,rgod,php,webapps,0 -3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - (download.php) Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 +3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - 'download.php' Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 3126,platforms/windows/dos/3126.c,"WFTPD Pro Server 3.25 - SITE ADMN Remote Denial of Service",2007-01-14,Marsu,windows,dos,0 3127,platforms/windows/dos/3127.c,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP - (USER) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 @@ -2871,7 +2871,7 @@ id,file,description,date,author,platform,type,port 3200,platforms/osx/dos/3200.rb,"Apple CFNetwork - HTTP Response Denial of Service (Ruby)",2007-01-25,MoAB,osx,dos,0 3201,platforms/php/webapps/3201.txt,"MyPHPcommander 2.0 - (package.php) Remote File Inclusion",2007-01-26,"Cold Zero",php,webapps,0 3202,platforms/php/webapps/3202.txt,"AINS 0.02b - (ains_main.php ains_path) Remote File Inclusion",2007-01-26,"ThE dE@Th",php,webapps,0 -3203,platforms/php/webapps/3203.txt,"FdScript 1.3.2 - (download.php) Remote File Disclosure",2007-01-26,ajann,php,webapps,0 +3203,platforms/php/webapps/3203.txt,"FdScript 1.3.2 - 'download.php' Remote File Disclosure",2007-01-26,ajann,php,webapps,0 3204,platforms/windows/dos/3204.c,"Citrix Metaframe Presentation Server Print Provider - Buffer Overflow PoC",2007-01-26,"Andres Tarasco",windows,dos,0 3205,platforms/php/webapps/3205.txt,"nsGalPHP - (includes/config.inc.php racineTBS) Remote Inclusion",2007-01-27,S.W.A.T.,php,webapps,0 3206,platforms/php/webapps/3206.txt,"ACGVclick 0.2.0 - (path) Remote File Inclusion",2007-01-27,ajann,php,webapps,0 @@ -2895,7 +2895,7 @@ id,file,description,date,author,platform,type,port 3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0 3225,platforms/php/webapps/3225.pl,"Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion Exploit",2007-01-30,ajann,php,webapps,0 3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 - (show.php) Remote Database Disclosure",2007-01-30,ajann,php,webapps,0 -3227,platforms/php/webapps/3227.txt,"CascadianFAQ 4.1 - (index.php) SQL Injection",2007-01-30,ajann,php,webapps,0 +3227,platforms/php/webapps/3227.txt,"CascadianFAQ 4.1 - 'index.php' SQL Injection",2007-01-30,ajann,php,webapps,0 3228,platforms/php/webapps/3228.txt,"MyNews 4.2.2 - (themefunc.php) Remote File Inclusion",2007-01-30,GoLd_M,php,webapps,0 3229,platforms/windows/dos/3229.py,"Dev-C++ 4.9.9.2 - .CPP File Parsing Local Stack Overflow PoC",2007-01-30,shinnai,windows,dos,0 3230,platforms/osx/dos/3230.rb,"Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service",2007-01-30,MoAB,osx,dos,0 @@ -2907,7 +2907,7 @@ id,file,description,date,author,platform,type,port 3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - (phpbb_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework - Remote File Inclusion",2007-01-31,y3dips,php,webapps,0 3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b - (fichier) Remote File Inclusion",2007-01-31,ajann,php,webapps,0 -3239,platforms/php/webapps/3239.htm,"Extcalendar 2 - (profile.php) Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 +3239,platforms/php/webapps/3239.htm,"Extcalendar 2 - 'profile.php' Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery 3.0 - Remote File Inclusion",2007-01-31,"ThE dE@Th",php,webapps,0 3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti - (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 3242,platforms/php/webapps/3242.txt,"Omegaboard 1.0beta4 - (functions.php) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 @@ -2919,7 +2919,7 @@ id,file,description,date,author,platform,type,port 3248,platforms/windows/dos/3248.rb,"CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service",2007-02-01,Shirkdog,windows,dos,0 3249,platforms/php/webapps/3249.txt,"WebBuilder 2.0 - (StageLoader.php) Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 3250,platforms/php/webapps/3250.txt,"Portail Web Php 2.5.1 - (includes.php) Remote File Inclusion",2007-02-01,"laurent gaffié ",php,webapps,0 -3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats 4.2 - (index.php) Remote File Inclusion",2007-02-02,"ThE dE@Th",php,webapps,0 +3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats 4.2 - 'index.php' Remote File Inclusion",2007-02-02,"ThE dE@Th",php,webapps,0 3252,platforms/php/webapps/3252.txt,"EQdkp 1.3.1 - (Referer Spoof) Remote Database Backup",2007-02-02,Eight10,php,webapps,0 3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 - (poll.php root_path) Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 3254,platforms/windows/dos/3254.py,"Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow PoC",2007-02-02,shinnai,windows,dos,0 @@ -2977,7 +2977,7 @@ id,file,description,date,author,platform,type,port 3306,platforms/windows/dos/3306.pl,"MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service",2007-02-14,mu-b,windows,dos,0 3307,platforms/windows/dos/3307.html,"ActSoft DVD-Tools - (dvdtools.ocx) Remote Buffer Overflow Exploit PoC",2007-02-14,shinnai,windows,dos,0 3308,platforms/windows/dos/3308.pl,"MailEnable Professional/Enterprise 2.37 - Denial of Service",2007-02-14,mu-b,windows,dos,0 -3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 - (index.php) Remote/Local File Inclusion",2007-02-14,DarkFig,php,webapps,0 +3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 - 'index.php' Remote/Local File Inclusion",2007-02-14,DarkFig,php,webapps,0 3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 - (Client-IP) SQL Injection",2007-02-14,DarkFig,php,webapps,0 3311,platforms/php/webapps/3311.php,"Jupiter CMS 1.1.5 - Remote File Upload Exploit",2007-02-14,DarkFig,php,webapps,0 3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 @@ -2985,7 +2985,7 @@ id,file,description,date,author,platform,type,port 3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - (zf_path) Remote File Inclusion",2007-02-15,"ThE dE@Th",php,webapps,0 3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - (survey.inc.php path) Remote File Inclusion",2007-02-15,Cr@zy_King,php,webapps,0 3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - (CAT_ID) SQL Injection",2007-02-15,beks,asp,webapps,0 -3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti - (id) SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 +3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti - 'id' SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 3319,platforms/windows/remote/3319.pl,"MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3320,platforms/windows/remote/3320.pl,"MailEnable Professional 2.35 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection",2007-02-16,"Mehmet Ince",asp,webapps,0 @@ -3006,7 +3006,7 @@ id,file,description,date,author,platform,type,port 3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 - (function.php) Remote File Inclusion",2007-02-20,kezzap66345,php,webapps,0 3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 - (nsbypass.php) Blind SQL Injection",2007-02-20,DarkFig,php,webapps,0 3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Exploit",2007-02-20,DarkFig,php,webapps,0 -3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 - (id) SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 +3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 - 'id' SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 3340,platforms/windows/remote/3340.html,"Mozilla Firefox 2.0.0.1 - (location.hostname) Cross-Domain",2007-02-20,"Michal Zalewski",windows,remote,0 3341,platforms/windows/dos/3341.cpp,"TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote Denial of Service",2007-02-20,Marsu,windows,dos,0 3342,platforms/windows/local/3342.c,"News Rover 12.1 Rev 1 - Remote Stack Overflow Exploit",2007-02-20,Marsu,windows,local,0 @@ -3067,7 +3067,7 @@ id,file,description,date,author,platform,type,port 39567,platforms/php/webapps/39567.txt,"Monstra CMS 3.0.3 - Multiple Vulnerabilities",2016-03-16,"Sarim Kiani",php,webapps,80 3398,platforms/php/webapps/3398.txt,"Mani Stats Reader 1.2 - (ipath) Remote File Inclusion",2007-03-02,mozi,php,webapps,0 3399,platforms/windows/dos/3399.txt,"Netrek 2.12.0 - pmessage2() Remote Limited Format String Exploit",2007-03-02,"Luigi Auriemma",windows,dos,0 -3400,platforms/php/webapps/3400.pl,"webSPELL 4.01.02 - Multiple SQL Injection",2007-03-02,DNX,php,webapps,0 +3400,platforms/php/webapps/3400.pl,"webSPELL 4.01.02 - Multiple SQL Injections",2007-03-02,DNX,php,webapps,0 3402,platforms/php/webapps/3402.php,"webSPELL 4.01.02 - Remote PHP Code Execution Exploit",2007-03-03,DarkFig,php,webapps,0 3403,platforms/php/webapps/3403.php,"Rigter Portal System (RPS) 6.2 - Remote Blind SQL Injection",2007-03-04,s0cratex,php,webapps,0 3404,platforms/multiple/dos/3404.php,"PHP - wddx_deserialize() String Append Crash Exploit",2007-03-04,"Stefan Esser",multiple,dos,0 @@ -3119,9 +3119,9 @@ id,file,description,date,author,platform,type,port 3452,platforms/multiple/remote/3452.php,"PHP 5.2.0 - ext/filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 3453,platforms/windows/dos/3453.py,"Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Inclusion Exploit",2007-03-11,bd0rk,php,webapps,0 -3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 - (search.php) SQL Injection",2007-03-11,ajann,php,webapps,0 +3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 - 'search.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 - (viewcat.php) SQL Injection",2007-03-11,ajann,php,webapps,0 -3457,platforms/php/webapps/3457.pl,"SonicMailer Pro 3.2.3 - (index.php) SQL Injection",2007-03-11,ajann,php,webapps,0 +3457,platforms/php/webapps/3457.pl,"SonicMailer Pro 3.2.3 - 'index.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3458,platforms/php/webapps/3458.txt,"AssetMan 2.4a - (download_pdf.php) Remote File Disclosure",2007-03-11,"BorN To K!LL",php,webapps,0 3459,platforms/php/webapps/3459.txt,"cPanel 10.9.x - (fantastico) Local File Inclusion",2007-03-11,"cyb3rt & 020",php,webapps,0 3460,platforms/osx/local/3460.php,"PHP 5.2.0 - ext/filter Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-12,"Stefan Esser",osx,local,0 @@ -3147,7 +3147,7 @@ id,file,description,date,author,platform,type,port 3481,platforms/asp/webapps/3481.htm,"Orion-Blog 2.0 - (AdminBlogNewsEdit.asp) Remote Auth Bypass",2007-03-15,WiLdBoY,asp,webapps,0 3482,platforms/windows/remote/3482.pl,"WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow Exploit",2007-03-15,"Umesh Wanve",windows,remote,21 3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - (usergroups.php) SQL Injection",2007-03-15,x666,php,webapps,0 -3484,platforms/php/webapps/3484.txt,"WebLog - (index.php) Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 +3484,platforms/php/webapps/3484.txt,"WebLog - 'index.php' Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - (INCLUDE_PATH) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 @@ -3157,7 +3157,7 @@ id,file,description,date,author,platform,type,port 3491,platforms/bsd/remote/3491.py,"OpenBSD - ICMPv6 Fragment Remote Execution Exploit PoC",2007-03-15,"Core Security",bsd,remote,0 3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 - (includedir) Remote File Inclusion",2007-03-15,Drackanz,php,webapps,0 3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 - (gallery.asp categoryid) SQL Injection",2007-03-15,WiLdBoY,asp,webapps,0 -3494,platforms/php/webapps/3494.txt,"McGallery 0.5b - (download.php) Arbitrary File Download",2007-03-15,Piker,php,webapps,0 +3494,platforms/php/webapps/3494.txt,"McGallery 0.5b - 'download.php' Arbitrary File Download",2007-03-15,Piker,php,webapps,0 3495,platforms/windows/remote/3495.txt,"CA BrightStor ARCserve - (msgeng.exe) Remote Stack Overflow Exploit",2007-03-16,"Winny Thomas",windows,remote,6503 3496,platforms/php/webapps/3496.php,"Php-Stats 0.1.9.1b - (PC-REMOTE-ADDR) SQL Injection",2007-03-16,rgod,php,webapps,0 3497,platforms/php/webapps/3497.php,"Php-Stats 0.1.9.1b - (ip) SQL Injection",2007-03-16,rgod,php,webapps,0 @@ -3170,7 +3170,7 @@ id,file,description,date,author,platform,type,port 3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes 0.2.5 - Remote File Inclusion Exploit",2007-03-17,GoLd_M,php,webapps,0 3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution",2007-03-18,DarkFig,php,webapps,0 3506,platforms/php/webapps/3506.htm,"Guestbara 1.2 - Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 -3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder 2.0 - (index.php) SQL Injection",2007-03-18,ajann,php,webapps,0 +3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder 2.0 - 'index.php' SQL Injection",2007-03-18,ajann,php,webapps,0 3508,platforms/php/webapps/3508.txt,"Moodle 1.5.2 - (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes 2.0 - (index.php catid) SQL Injection",2007-03-18,ajann,php,webapps,0 3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes 2.0 - (index.php catid) SQL Injection",2007-03-18,ajann,php,webapps,0 @@ -3200,7 +3200,7 @@ id,file,description,date,author,platform,type,port 3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone - (Digest domain) Denial of Service",2007-03-21,MADYNES,hardware,dos,0 3536,platforms/asp/webapps/3536.txt,"Active Photo Gallery - (default.asp catid) SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 3537,platforms/windows/remote/3537.py,"Mercur Messaging 2005 - IMAP (SUBSCRIBE) Remote Exploit (Windows 2000 SP4)",2007-03-21,"Winny Thomas",windows,remote,143 -3538,platforms/php/webapps/3538.txt,"php-revista 1.1.2 - Multiple SQL Injection",2007-03-21,"Cold Zero",php,webapps,0 +3538,platforms/php/webapps/3538.txt,"php-revista 1.1.2 - Multiple SQL Injections",2007-03-21,"Cold Zero",php,webapps,0 3539,platforms/php/webapps/3539.txt,"mambo component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (egghunter mod)",2007-03-21,muts,windows,remote,143 3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote SEH Overwrite Exploit",2007-03-22,"Umesh Wanve",windows,remote,69 @@ -3263,7 +3263,7 @@ id,file,description,date,author,platform,type,port 3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion Exploit",2007-03-29,GoLd_M,php,webapps,0 3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 -3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix 2.04jp - (index.php) SQL Injection",2007-03-29,ajann,php,webapps,0 +3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix 2.04jp - 'index.php' SQL Injection",2007-03-29,ajann,php,webapps,0 3604,platforms/windows/remote/3604.py,"CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit",2007-03-29,Shirkdog,windows,remote,111 3605,platforms/php/webapps/3605.php,"Picture-Engine 1.2.0 - (wall.php cat) SQL Injection",2007-03-29,Kacper,php,webapps,0 3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 DoS Hang / Crash Exploit",2007-03-29,shinnai,multiple,dos,0 @@ -3278,28 +3278,28 @@ id,file,description,date,author,platform,type,port 3615,platforms/linux/remote/3615.c,"dproxy-nexgen - Remote Root Buffer Overflow Exploit (Linux x86)",2007-03-30,mu-b,linux,remote,53 3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - Pre-Auth Remote Exploit",2007-03-31,muts,windows,remote,143 3617,platforms/windows/local/3617.cpp,"Microsoft Windows - Animated Cursor (.ANI) Stack Overflow Exploit",2007-03-31,devcode,windows,local,0 -3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - (index.php) SQL Injection",2007-03-31,ajann,php,webapps,0 +3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - 'index.php' SQL Injection",2007-03-31,ajann,php,webapps,0 3619,platforms/php/webapps/3619.pl,"XOOPS Module Library - (viewcat.php) SQL Injection",2007-03-31,ajann,php,webapps,0 3620,platforms/php/webapps/3620.pl,"XOOPS Module Core - (viewcat.php) SQL Injection",2007-03-31,ajann,php,webapps,0 3621,platforms/php/webapps/3621.pl,"XOOPS Module Tutoriais - (viewcat.php) SQL Injection",2007-03-31,ajann,php,webapps,0 3622,platforms/php/webapps/3622.php,"WinMail Server 4.4 build 1124 - (WebMail) Remote Add Super User Exploit",2007-04-01,rgod,php,webapps,0 3623,platforms/php/webapps/3623.pl,"XOOPS Module eCal 2.24 - (display.php) SQL Injection",2007-04-01,ajann,php,webapps,0 3624,platforms/php/webapps/3624.txt,"BT-sondage 1.12 - (gestion_sondage.php) Remote File Inclusion",2007-04-01,Crackers_Child,php,webapps,0 -3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event 1.01 - (id) SQL Injection",2007-04-01,ajann,php,webapps,0 -3626,platforms/php/webapps/3626.pl,"XOOPS Module Kshop 1.17 - (id) SQL Injection",2007-04-01,ajann,php,webapps,0 +3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event 1.01 - 'id' SQL Injection",2007-04-01,ajann,php,webapps,0 +3626,platforms/php/webapps/3626.pl,"XOOPS Module Kshop 1.17 - 'id' SQL Injection",2007-04-01,ajann,php,webapps,0 3627,platforms/windows/remote/3627.c,"IPSwitch IMail Server 8.20 - IMAPD Remote Buffer Overflow Exploit",2007-04-01,Heretic2,windows,remote,143 3628,platforms/php/webapps/3628.txt,"CWB PRO 1.5 - (INCLUDE_PATH) Remote File Inclusion",2007-04-01,GoLd_M,php,webapps,0 3629,platforms/php/webapps/3629.pl,"XOOPS Module Camportail 1.1 - (camid) SQL Injection",2007-04-01,ajann,php,webapps,0 3630,platforms/php/webapps/3630.htm,"XOOPS Module debaser 0.92 - (genre.php) BLIND SQL Injection",2007-04-01,ajann,php,webapps,0 3631,platforms/php/webapps/3631.txt,"Flexphpnews 0.0.5 - (news.php newsid) SQL Injection",2007-04-01,Dj7xpl,php,webapps,0 -3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P 2.0 - (cid) SQL Injection",2007-04-01,ajann,php,webapps,0 +3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P 2.0 - 'cid' SQL Injection",2007-04-01,ajann,php,webapps,0 3633,platforms/php/webapps/3633.htm,"XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection",2007-04-01,ajann,php,webapps,0 3634,platforms/windows/remote/3634.txt,"Microsoft Windows XP/Vista - Animated Cursor (.ANI) Remote Overflow Exploit",2007-04-01,jamikazu,windows,remote,0 3635,platforms/windows/remote/3635.txt,"Microsoft Windows XP - Animated Cursor (.ANI) Remote Overflow Exploit (2)",2007-04-01,"Trirat Puttaraksa",windows,remote,0 3636,platforms/windows/remote/3636.txt,"Microsoft Windows - Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)",2007-04-01,jamikazu,windows,remote,0 3638,platforms/php/webapps/3638.txt,"maplab ms4w 2.2.1 - Remote File Inclusion",2007-04-02,ka0x,php,webapps,0 -3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 - (cid) SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 -3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 - (cid) SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 +3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 - 'cid' SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 +3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 - 'cid' SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 3641,platforms/php/webapps/3641.txt,"Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion",2007-04-02,"Hamid Ebadi",php,webapps,0 3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section 1.01 - (articleid) SQL Injection",2007-04-02,ajann,php,webapps,0 3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection 1.07 - (articleid) BLIND SQL Injection",2007-04-02,ajann,php,webapps,0 @@ -3327,9 +3327,9 @@ id,file,description,date,author,platform,type,port 3667,platforms/php/webapps/3667.txt,"Sisplet CMS 05.10 - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3668,platforms/php/webapps/3668.txt,"CodeWand phpBrowse - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3669,platforms/php/webapps/3669.txt,"PHP-Generics 1.0.0 beta - Multiple Remote File Inclusion",2007-04-05,bd0rk,php,webapps,0 -3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links 1.03 - (cid) SQL Injection",2007-04-05,ajann,php,webapps,0 +3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links 1.03 - 'cid' SQL Injection",2007-04-05,ajann,php,webapps,0 3671,platforms/php/webapps/3671.php,"phpMyNewsletter 0.8 (beta5) - Multiple Vulnerabilities",2007-04-05,BlackHawk,php,webapps,0 -3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs 2.4 - (cid) SQL Injection",2007-04-05,ajann,php,webapps,0 +3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs 2.4 - 'cid' SQL Injection",2007-04-05,ajann,php,webapps,0 3673,platforms/php/webapps/3673.txt,"WebSPELL 4.01.02 - (picture.php) File Disclosure",2007-04-05,Trex,php,webapps,0 3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service",2007-04-05,WiLdBoY,windows,dos,0 3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow Exploit (2)",2007-04-06,"Umesh Wanve",windows,remote,21 @@ -3357,7 +3357,7 @@ id,file,description,date,author,platform,type,port 3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 - Kadmind Remote Root Buffer Overflow",2007-04-10,c0ntex,linux,remote,0 3699,platforms/php/webapps/3699.txt,"phpGalleryScript 1.0 - (init.gallery.php include_class) Remote File Inclusion",2007-04-10,anonymous,php,webapps,0 3700,platforms/php/webapps/3700.txt,"Weatimages 1.7.1 - ini[langpack] Remote File Inclusion",2007-04-10,Co-Sarper-Der,php,webapps,0 -3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 - Admin Access Bypass / DB Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 +3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 - Admin Access Bypass / Database Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 3702,platforms/php/webapps/3702.php,"InoutMailingListManager 3.1 - Remote Command Execution Exploit",2007-04-10,BlackHawk,php,webapps,0 3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 - Remote File Inclusion",2007-04-10,"Cold Zero",php,webapps,0 3704,platforms/php/webapps/3704.txt,"pl-php beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 @@ -3414,8 +3414,8 @@ id,file,description,date,author,platform,type,port 3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full - Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String Exploit",2007-04-17,jamikazu,windows,local,0 3758,platforms/php/webapps/3758.php,"ShoutPro 1.5.2 - (shout.php) Remote Code Injection Exploit",2007-04-17,Gammarays,php,webapps,0 -3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - (index.php) Remote File Inclusion Exploit",2007-04-17,"Cold Zero",php,webapps,0 -3760,platforms/php/webapps/3760.txt,"jGallery 1.3 - (index.php) Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 +3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - 'index.php' Remote File Inclusion Exploit",2007-04-17,"Cold Zero",php,webapps,0 +3760,platforms/php/webapps/3760.txt,"jGallery 1.3 - 'index.php' Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 3761,platforms/php/webapps/3761.txt,"Mozzers SubSystem final - (subs.php) Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - (process.php update) Remote Code Execution Exploit",2007-04-18,Dj7xpl,php,webapps,0 3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 - (root) Remote File Inclusion",2007-04-18,GoLd_M,php,webapps,0 @@ -3427,7 +3427,7 @@ id,file,description,date,author,platform,type,port 3769,platforms/linux/dos/3769.c,"eXtremail 2.1.1 - DNS Parsing Bugs Remote Exploit PoC",2007-04-20,mu-b,linux,dos,0 3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - (PDF) Remote Denial of Service",2007-04-20,n00b,windows,dos,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b - Multiple Remote File Inclusion",2007-04-21,GoLd_M,php,webapps,0 -3772,platforms/windows/local/3772.c,"Photofiltre Studio 8.1.1 - (.TIF) Local Buffer Overflow Exploit",2007-04-21,Marsu,windows,local,0 +3772,platforms/windows/local/3772.c,"Photofiltre Studio 8.1.1 - '.tif' Local Buffer Overflow Exploit",2007-04-21,Marsu,windows,local,0 3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 - (imgsrv.php ac) Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 - SQL Injection",2007-04-22,Dj7xpl,php,webapps,0 3775,platforms/php/webapps/3775.txt,"Maran PHP Forum - (forum_write.php) Remote Code Execution",2007-04-22,Dj7xpl,php,webapps,0 @@ -3564,7 +3564,7 @@ id,file,description,date,author,platform,type,port 3908,platforms/php/webapps/3908.txt,"YAAP 1.5 - __autoload() Remote File Inclusion",2007-05-12,3l3ctric-Cracker,php,webapps,0 3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 - (splash.lang.php) Remote File Inclusion",2007-05-12,"ThE TiGeR",php,webapps,0 3910,platforms/windows/dos/3910.html,"PrecisionID Barcode ActiveX 1.3 - Denial of Service",2007-05-12,shinnai,windows,dos,0 -3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 - (id) SQL Injection",2007-05-14,CyberGhost,php,webapps,0 +3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 - 'id' SQL Injection",2007-05-14,CyberGhost,php,webapps,0 3912,platforms/windows/local/3912.c,"notepad++ 4.1 - .ruby file processing Buffer Overflow Exploit (Win32)",2007-05-12,vade79,windows,local,0 3913,platforms/windows/remote/3913.c,"webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow Exploit",2007-05-12,vade79,windows,remote,8080 3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 - (archshow.asp var) SQL Injection",2007-05-13,gsy,asp,webapps,0 @@ -3585,8 +3585,8 @@ id,file,description,date,author,platform,type,port 3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 - (invalid string) Remote Denial of Service",2007-05-15,gbr,windows,dos,0 3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 - (invalid string) Remote Denial of Service",2007-05-15,gbr,windows,dos,0 3931,platforms/php/webapps/3931.htm,"XOOPS Module resmanager 1.21 - Blind SQL Injection",2007-05-15,ajann,php,webapps,0 -3932,platforms/php/webapps/3932.pl,"XOOPS Module Glossarie 1.7 - (sid) SQL Injection",2007-05-15,ajann,php,webapps,0 -3933,platforms/php/webapps/3933.pl,"XOOPS Module MyConference 1.0 - (index.php) SQL Injection",2007-05-15,ajann,php,webapps,0 +3932,platforms/php/webapps/3932.pl,"XOOPS Module Glossarie 1.7 - 'sid' SQL Injection",2007-05-15,ajann,php,webapps,0 +3933,platforms/php/webapps/3933.pl,"XOOPS Module MyConference 1.0 - 'index.php' SQL Injection",2007-05-15,ajann,php,webapps,0 3934,platforms/windows/remote/3934.py,"Eudora 7.1 - SMTP ResponseRemote Remote Buffer Overflow Exploit",2007-05-15,h07,windows,remote,0 3935,platforms/php/webapps/3935.txt,"Glossword 1.8.1 - custom_vars.php Remote File Inclusion",2007-05-16,BeyazKurt,php,webapps,0 3936,platforms/asp/webapps/3936.txt,"runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities",2007-05-16,kerem125,asp,webapps,0 @@ -3597,7 +3597,7 @@ id,file,description,date,author,platform,type,port 3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 - (format_menue) Remote File Inclusion",2007-05-16,kezzap66345,php,webapps,0 3942,platforms/php/webapps/3942.pl,"SimpNews 2.40.01 - (print.php newnr) SQL Injection",2007-05-16,Silentz,php,webapps,0 3943,platforms/php/webapps/3943.pl,"FAQEngine 4.16.03 - (question.php questionref) SQL Injection",2007-05-16,Silentz,php,webapps,0 -3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 beta - (id) SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 +3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 beta - 'id' SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 3945,platforms/linux/dos/3945.rb,"MagicISO 5.4 (build239) - (.cue) Heap Overflow PoC",2007-05-17,n00b,linux,dos,0 3946,platforms/php/webapps/3946.txt,"GeekLog 2.x - ImageImageMagick.php Remote File Inclusion",2007-05-17,diesl0w,php,webapps,0 3947,platforms/php/webapps/3947.txt,"Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusion",2007-05-17,"Alkomandoz Hacker",php,webapps,0 @@ -3664,7 +3664,7 @@ id,file,description,date,author,platform,type,port 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker - ActiveX File Download/Overwrite Exploit",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component - Denial of Service",2007-05-30,shinnai,windows,dos,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component - Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 -4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote BoF",2007-05-30,shinnai,windows,dos,0 +4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow",2007-05-30,shinnai,windows,dos,0 4012,platforms/windows/dos/4012.html,"LeadTools Raster OCR Document Object Library - Memory Corruption Exploit",2007-05-30,shinnai,windows,dos,0 4013,platforms/osx/local/4013.txt,"Mac OS X < 2007-005 - (vpnd) Local Privilege Escalation Exploit",2007-05-30,"Kevin Finisterre",osx,local,0 4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote SEH Overwrite Exploit (0Day)",2007-05-30,h07,windows,remote,0 @@ -3702,7 +3702,7 @@ id,file,description,date,author,platform,type,port 4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote DoS",2007-06-08,mu-b,windows,dos,0 4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker - ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker - ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 -4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - (.lst) Local Buffer Overflow Exploit",2007-06-08,n00b,windows,local,0 +4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - '.lst' Local Buffer Overflow Exploit",2007-06-08,n00b,windows,local,0 4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 4054,platforms/php/webapps/4054.php,"e-Vision CMS 2.02 - SQL Injection/Remote Code Execution Exploit",2007-06-08,Silentz,php,webapps,0 @@ -3775,7 +3775,7 @@ id,file,description,date,author,platform,type,port 4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - (login.php rid) SQL Injection",2007-06-28,r00t,php,webapps,0 4126,platforms/windows/dos/4126.c,"W3Filer 2.1.3 - Remote Stack Overflow PoC",2007-06-29,r0ut3r,windows,dos,0 4127,platforms/php/webapps/4127.txt,"Buddy Zone 1.5 - (view_sub_cat.php cat_id) SQL Injection",2007-06-29,t0pP8uZz,php,webapps,0 -4128,platforms/php/webapps/4128.txt,"Buddy Zone 1.5 - Multiple SQL Injection",2007-06-30,t0pP8uZz,php,webapps,0 +4128,platforms/php/webapps/4128.txt,"Buddy Zone 1.5 - Multiple SQL Injections",2007-06-30,t0pP8uZz,php,webapps,0 4129,platforms/php/webapps/4129.txt,"Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion",2007-06-30,BlackNDoor,php,webapps,0 4130,platforms/php/webapps/4130.txt,"TotalCalendar 2.402 - (view_event.php) SQL Injection",2007-06-30,t0pP8uZz,php,webapps,0 4131,platforms/php/webapps/4131.txt,"XCMS 1.1 - (Galerie.php) Local File Inclusion",2007-06-30,BlackNDoor,php,webapps,0 @@ -3797,7 +3797,7 @@ id,file,description,date,author,platform,type,port 4147,platforms/php/webapps/4147.php,"PNphpBB2 <= 1.2i - viewforum.php SQL Injection",2007-07-03,Coloss,php,webapps,0 4148,platforms/windows/dos/4148.html,"EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 4149,platforms/windows/dos/4149.html,"EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 -4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - (admin.php) Remote Permission Bypass",2007-07-05,R4M!,php,webapps,0 +4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - 'admin.php' Remote Permission Bypass",2007-07-05,R4M!,php,webapps,0 4151,platforms/php/webapps/4151.sh,"AsteriDex 3.0 - (callboth.php) Remote Code Execution Exploit",2007-07-05,"Carl Livitt",php,webapps,0 4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote SEH Overwrite Exploit (0Day)",2007-07-06,h07,windows,remote,0 4153,platforms/php/webapps/4153.txt,"phpVID 0.9.9 - (categories_type.php cat) SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 @@ -3829,17 +3829,17 @@ id,file,description,date,author,platform,type,port 4179,platforms/php/webapps/4179.php,"MkPortal 1.1.1 reviews / gallery modules - SQL Injection",2007-07-12,Coloss,php,webapps,0 4180,platforms/php/webapps/4180.txt,"MKPortal NoBoard Module (BETA) - Remote File Inclusion",2007-07-14,g00ns,php,webapps,0 4181,platforms/multiple/dos/4181.php,"PHP 5.2.3 - glob() Denial of Service",2007-07-14,shinnai,multiple,dos,0 -4182,platforms/php/webapps/4182.txt,"CMScout 1.23 - (index.php) SQL Injection",2007-07-14,g00ns,php,webapps,0 -4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software - Multiple SQL Injection",2007-07-14,d3v1l,php,webapps,0 +4182,platforms/php/webapps/4182.txt,"CMScout 1.23 - 'index.php' SQL Injection",2007-07-14,g00ns,php,webapps,0 +4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software - Multiple SQL Injections",2007-07-14,d3v1l,php,webapps,0 4184,platforms/php/webapps/4184.txt,"Realtor 747 - (index.php categoryid) SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - (directory.php cat_id) SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 -4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - (search.php) SQL Injection",2007-07-14,pUm,php,webapps,0 +4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - 'search.php' SQL Injection",2007-07-14,pUm,php,webapps,0 4187,platforms/php/webapps/4187.txt,"Traffic Stats - (referralUrl.php offset) SQL Injection",2007-07-16,t0pP8uZz,php,webapps,0 4188,platforms/windows/remote/4188.txt,"Flash Player/Plugin Video - File Parsing Remote Code Execution PoC",2007-07-16,yunshu,windows,remote,0 4189,platforms/php/webapps/4189.txt,"Expert Advisior - (index.php id) SQL Injection",2007-07-17,t0pP8uZz,php,webapps,0 4190,platforms/windows/remote/4190.html,"Data Dynamics ActiveBar - ActiveX (actbar3.ocx 3.1) Insecure Methods",2007-07-17,shinnai,windows,remote,0 4191,platforms/php/webapps/4191.txt,"Pictures Rating - (index.php msgid) SQL Injection",2007-07-18,t0pP8uZz,php,webapps,0 -4192,platforms/php/webapps/4192.htm,"Vivvo CMS 3.4 - (index.php) Remote BLIND SQL Injection",2007-07-18,ajann,php,webapps,0 +4192,platforms/php/webapps/4192.htm,"Vivvo CMS 3.4 - 'index.php' Remote BLIND SQL Injection",2007-07-18,ajann,php,webapps,0 4193,platforms/php/webapps/4193.txt,"QuickEStore 8.2 - (insertorder.cfm) SQL Injection",2007-07-18,meoconx,php,webapps,0 4194,platforms/php/webapps/4194.txt,"Joomla Component Expose RC35 - Remote File Upload",2007-07-18,"Cold Zero",php,webapps,0 4195,platforms/php/webapps/4195.txt,"BBS E-Market - (postscript.php p_mode) Remote File Inclusion",2007-07-18,mozi,php,webapps,0 @@ -3860,17 +3860,17 @@ id,file,description,date,author,platform,type,port 4211,platforms/php/webapps/4211.htm,"JBlog 1.0 - Create / Delete Admin Authentication Bypass Exploit",2007-07-21,s4mi,php,webapps,0 4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 beta 2 - (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 4213,platforms/php/webapps/4213.txt,"bwired - (index.php newsID) SQL Injection",2007-07-22,g00ns,php,webapps,0 -4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote BoF",2007-07-23,shinnai,windows,remote,0 +4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow",2007-07-23,shinnai,windows,remote,0 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - Explorer.exe Gif Image Denial of Service",2007-07-23,DeltahackingTEAM,windows,dos,0 4216,platforms/linux/dos/4216.pl,"Xserver 0.1 Alpha - Post Request Remote Buffer Overflow Exploit",2007-07-23,deusconstruct,linux,dos,0 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow Exploit",2007-07-24,"Jared DeMott",windows,remote,0 4218,platforms/windows/local/4218.php,"PHP 5.2.3 - Win32std ext. safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 4219,platforms/php/webapps/4219.txt,"Confixx Pro 3.3.1 - (saveserver.php) Remote File Inclusion",2007-07-24,"H4 / XPK",php,webapps,0 4220,platforms/php/webapps/4220.pl,"Entertainment CMS - (Local Inclusion) Remote Command Execution Exploit",2007-07-24,Kw3[R]Ln,php,webapps,0 -4221,platforms/php/webapps/4221.txt,"Article Directory - (index.php page) Remote File Inclusion",2007-07-24,mozi,php,webapps,0 +4221,platforms/php/webapps/4221.txt,"Article Directory - 'index.php' Remote File Inclusion",2007-07-24,mozi,php,webapps,0 4222,platforms/windows/remote/4222.c,"Windows RSH daemon 1.7 - Remote Buffer Overflow Exploit",2007-07-24,"Joey Mengele",windows,remote,514 4223,platforms/windows/remote/4223.pl,"IPSwitch IMail Server 2006 - SEARCH Remote Stack Overflow Exploit",2007-07-25,ZhenHan.Liu,windows,remote,143 -4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple SQL Injection",2007-07-25,bypass,php,webapps,0 +4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple SQL Injections",2007-07-25,bypass,php,webapps,0 4225,platforms/php/webapps/4225.txt,"IndexScript 2.8 - (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 - Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 4227,platforms/windows/dos/4227.php,"PHP - php_gd2.dll imagepsloadfont Local Buffer Overflow PoC",2007-07-26,r0ut3r,windows,dos,0 @@ -3884,7 +3884,7 @@ id,file,description,date,author,platform,type,port 4235,platforms/php/webapps/4235.txt,"Seditio CMS 121 - (pfs.php) Remote File Upload",2007-07-27,A.D.T,php,webapps,0 4236,platforms/windows/local/4236.php,"PHP 5.x - (Win32service) Local Safe Mode Bypass Exploit",2007-07-27,NetJackal,windows,local,0 4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Execution Exploit",2007-07-27,h07,windows,remote,0 -4238,platforms/php/webapps/4238.txt,"Adult Directory - (cat_id) SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 +4238,platforms/php/webapps/4238.txt,"Adult Directory - 'cat_id' SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - (comments_get.asp id) SQL Injection",2007-07-28,g00ns,asp,webapps,0 4240,platforms/windows/remote/4240.html,"VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit",2007-07-28,callAX,windows,remote,0 4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - (category.php cat) SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 @@ -3904,7 +3904,7 @@ id,file,description,date,author,platform,type,port 4255,platforms/windows/remote/4255.html,"CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Inscure Method",2007-08-05,shinnai,windows,remote,0 4256,platforms/php/webapps/4256.pl,"Envolution 1.1.0 - (topic) SQL Injection",2007-08-05,k1tk4t,php,webapps,0 4257,platforms/windows/local/4257.c,"Panda Antivirus 2008 - Local Privilege Escalation Exploit",2007-08-05,tarkus,windows,local,0 -4258,platforms/php/webapps/4258.txt,"la-nai CMS 1.2.14 - Multiple SQL Injection",2007-08-06,k1tk4t,php,webapps,0 +4258,platforms/php/webapps/4258.txt,"la-nai CMS 1.2.14 - Multiple SQL Injections",2007-08-06,k1tk4t,php,webapps,0 4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - (VDT70.DLL NotSafe) Stack Overflow Exploit",2007-08-06,DeltahackingTEAM,windows,remote,0 4260,platforms/multiple/dos/4260.php,"PHP mSQL (msql_connect) - Local Buffer Overflow PoC",2007-08-06,NetJackal,multiple,dos,0 4261,platforms/cgi/webapps/4261.txt,"YNP Portal System 2.2.0 - (showpage.cgi p) Remote File Disclosure",2007-08-06,GoLd_M,cgi,webapps,0 @@ -3951,7 +3951,7 @@ id,file,description,date,author,platform,type,port 4302,platforms/windows/local/4302.php,"PHP 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit",2007-08-22,Inphex,windows,local,0 4303,platforms/windows/local/4303.php,"PHP 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit (2)",2007-08-22,NetJackal,windows,local,0 4304,platforms/windows/dos/4304.php,"PHP 5.2.3 - php_ntuser ntuser_getuserlist() Local Buffer Overflow PoC",2007-08-23,shinnai,windows,dos,0 -4305,platforms/php/webapps/4305.txt,"Joomla Component NeoRecruit 1.4 - (id) SQL Injection",2007-08-23,ajann,php,webapps,0 +4305,platforms/php/webapps/4305.txt,"Joomla Component NeoRecruit 1.4 - 'id' SQL Injection",2007-08-23,ajann,php,webapps,0 4306,platforms/php/webapps/4306.txt,"Mambo Component RemoSitory - (cat) SQL Injection",2007-08-23,ajann,php,webapps,0 4307,platforms/php/webapps/4307.txt,"Joomla Component RSfiles 1.0.2 - (path) File Download",2007-08-23,ajann,php,webapps,0 4308,platforms/php/webapps/4308.txt,"Joomla Component Nice Talk 0.9.3 - (tagid) SQL Injection",2007-08-23,ajann,php,webapps,0 @@ -3974,7 +3974,7 @@ id,file,description,date,author,platform,type,port 4325,platforms/windows/local/4325.php,"XAMPP for Windows 1.6.3a - Local Privilege Escalation Exploit",2007-08-27,Inphex,windows,local,0 4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 - SQL Injection / Remote File Inclusion",2007-08-27,SmOk3,php,webapps,0 4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - (show) SQL Injection",2007-08-27,D4m14n,php,webapps,0 -4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF",2007-08-28,rgod,windows,remote,0 +4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) Buffer Overflow",2007-08-28,rgod,windows,remote,0 4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 - (revert-content.php) SQL Injection",2007-08-28,"not sec group",php,webapps,0 4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - (aid/catid) SQL Injection",2007-08-28,SmOk3,php,webapps,0 4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 - (viewitem.php ItemID) Blind SQL Injection",2007-08-28,irvian,php,webapps,0 @@ -3984,11 +3984,11 @@ id,file,description,date,author,platform,type,port 4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0 4336,platforms/php/webapps/4336.txt,"xGB 2.0 - (xGB.php) Remote Permission Bypass",2007-08-29,DarkFuneral,php,webapps,0 4337,platforms/windows/dos/4337.c,"Microsoft Windows - (GDI32.DLL) Denial of Service (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 -4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 - (cat_id) Remote Blind SQL Injection",2007-08-29,k1tk4t,php,webapps,0 +4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 - 'cat_id' Remote Blind SQL Injection",2007-08-29,k1tk4t,php,webapps,0 4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - (shownews.php id) SQL Injection",2007-08-29,SmOk3,php,webapps,0 4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 - (rootdir) Remote File Inclusion",2007-08-29,GoLd_M,php,webapps,0 4341,platforms/php/webapps/4341.txt,"Pakupaku CMS 0.4 - Remote File Upload / LFI",2007-08-29,GoLd_M,php,webapps,0 -4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - (id) SQL Injection",2007-08-30,"not sec group",php,webapps,0 +4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - 'id' SQL Injection",2007-08-30,"not sec group",php,webapps,0 4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Remote File Upload",2007-08-30,Don,cgi,webapps,0 4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) Pre-Auth Remote Overflow PoC",2007-08-30,rgod,windows,dos,0 4345,platforms/windows/local/4345.c,"Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0 @@ -4000,9 +4000,9 @@ id,file,description,date,author,platform,type,port 4351,platforms/windows/remote/4351.html,"Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX BoF Exploit",2007-09-01,minhbq,windows,remote,0 4352,platforms/php/webapps/4352.txt,"Weblogicnet - (files_dir) Multiple Remote File Inclusion",2007-09-02,bius,php,webapps,0 4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) SQL Injection",2007-09-02,k1tk4t,php,webapps,0 -4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - (.m3u) Local Buffer OverFlow Exploit",2007-09-02,0x58,windows,local,0 -4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 - (.m3u) Local Buffer Overflow Exploit",2007-09-02,0x58,windows,local,0 -4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - (index.php page) Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 +4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - '.m3u' Local Buffer OverFlow Exploit",2007-09-02,0x58,windows,local,0 +4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 - '.m3u' Local Buffer Overflow Exploit",2007-09-02,0x58,windows,local,0 +4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - 'index.php' Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger - Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary - (STPHPLIB_DIR) Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0 4359,platforms/multiple/dos/4359.txt,"Apple Quicktime < 7.2 - SMIL Remote Integer Overflow PoC",2007-09-03,"David Vaartjes",multiple,dos,0 @@ -4022,16 +4022,16 @@ id,file,description,date,author,platform,type,port 4373,platforms/windows/dos/4373.html,"EDraw Office Viewer Component 5.2 - ActiveX Remote BoF PoC",2007-09-07,shinnai,windows,dos,0 4374,platforms/php/webapps/4374.txt,"Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion",2007-09-07,MhZ91,php,webapps,0 4375,platforms/windows/dos/4375.txt,"BaoFeng2 - Mps.dll ActiveX Multiple Remote Buffer Overflow PoCs",2007-09-08,ZhenHan.Liu,windows,dos,0 -4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 - Multiple SQL Injection",2007-09-08,k1tk4t,php,webapps,0 +4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 - Multiple SQL Injections",2007-09-08,k1tk4t,php,webapps,0 4377,platforms/php/webapps/4377.txt,"Focus/SIS 1.0/2.2 - Remote File Inclusion",2007-09-08,"ThE TiGeR",php,webapps,0 4378,platforms/php/webapps/4378.htm,"fuzzylime CMS 3.0 - Local File Inclusion",2007-09-08,"not sec group",php,webapps,0 -4379,platforms/windows/dos/4379.html,"Microsoft SQL Server Distributed Management Objects - (sqldmo.dll) BoF",2007-09-08,rgod,windows,dos,0 +4379,platforms/windows/dos/4379.html,"Microsoft SQL Server Distributed Management Objects - (sqldmo.dll) Buffer Overflow",2007-09-08,rgod,windows,dos,0 4380,platforms/php/webapps/4380.txt,"Sisfo Kampus 2006 - (blanko.preview.php) Local File Disclosure",2007-09-08,QTRinux,php,webapps,0 4381,platforms/php/webapps/4381.txt,"Txx CMS 0.2 - Multiple Remote File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 4382,platforms/php/webapps/4382.txt,"phpress 0.2.0 - (adisplay.php lang) Local File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 4383,platforms/php/webapps/4383.txt,"Joomla Component Restaurante - Remote File Upload",2007-09-08,"Cold Zero",php,webapps,0 4384,platforms/php/webapps/4384.txt,"WebED 0.8999a - Multiple Remote File Inclusion",2007-09-08,MhZ91,php,webapps,0 -4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple SQL Injection",2007-09-09,k1tk4t,php,webapps,0 +4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple SQL Injections",2007-09-09,k1tk4t,php,webapps,0 4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - (dwoprn.php f) Remote File Download",2007-09-10,k-one,php,webapps,0 4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 - (MGR) Multiple Remote File Inclusion",2007-09-10,QTRinux,php,webapps,0 4388,platforms/windows/remote/4388.html,"Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Inscure Method",2007-09-10,shinnai,windows,remote,0 @@ -4046,7 +4046,7 @@ id,file,description,date,author,platform,type,port 4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 <= 2.2.2 Plugin - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server - Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) - Command Execution PoC (0Day)",2007-09-12,pdp,multiple,remote,0 -4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - (id) SQL Injection",2007-09-13,Houssamix,php,webapps,0 +4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection",2007-09-13,Houssamix,php,webapps,0 4401,platforms/php/webapps/4401.txt,"Joomla Component joomlaradio 5.0 - Remote File Inclusion",2007-09-13,Morgan,php,webapps,0 4403,platforms/windows/dos/4403.py,"JetCast Server 2.0.0.4308 - Remote Denial of Service",2007-09-13,vCore,windows,dos,0 4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 - (skill_delete) SQL Injection",2007-09-13,"Sumit Siddharth",php,webapps,0 @@ -4056,14 +4056,14 @@ id,file,description,date,author,platform,type,port 4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - (index.php id) SQL Injection",2007-09-14,s4mi,php,webapps,0 4409,platforms/windows/dos/4409.html,"HP ActiveX - (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow PoC",2007-09-14,GOODFELLAS,windows,dos,0 4410,platforms/php/webapps/4410.php,"Gelato - (index.php post) SQL Injection",2007-09-14,s0cratex,php,webapps,0 -4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 - (download.php) Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 -4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - (login.php) SQL Injection",2007-09-15,s4mi,php,webapps,0 +4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 - 'download.php' Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 +4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - 'login.php' SQL Injection",2007-09-15,s4mi,php,webapps,0 4413,platforms/php/webapps/4413.pl,"KwsPHP 1.0 Member_Space Module - SQL Injection",2007-09-15,s4mi,php,webapps,0 4414,platforms/php/webapps/4414.pl,"KwsPHP 1.0 stats Module - SQL Injection",2007-09-15,s4mi,php,webapps,0 4415,platforms/php/webapps/4415.txt,"joomla component flash fun! 1.0 - Remote File Inclusion",2007-09-15,Morgan,php,webapps,0 4416,platforms/php/webapps/4416.txt,"joomla component joom12pic 1.0 - Remote File Inclusion",2007-09-16,Morgan,php,webapps,0 4417,platforms/php/webapps/4417.txt,"SimpCMS - (keyword) SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 -4418,platforms/php/webapps/4418.sh,"Omnistar Article Manager Software - (article.php) SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 +4418,platforms/php/webapps/4418.sh,"Omnistar Article Manager Software - 'article.php' SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 4419,platforms/php/webapps/4419.php,"Shop-Script FREE 2.0 - Remote Command Execution Exploit",2007-09-17,InATeam,php,webapps,0 4420,platforms/windows/remote/4420.html,"MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite Exploit",2007-09-18,shinnai,windows,remote,0 4421,platforms/php/webapps/4421.txt,"phpsyncml 0.1.2 - Remote File Inclusion",2007-09-18,S.W.A.T.,php,webapps,0 @@ -4088,11 +4088,11 @@ id,file,description,date,author,platform,type,port 4440,platforms/php/webapps/4440.txt,"Joomla Component com_slideshow - Remote File Inclusion",2007-09-21,ShockShadow,php,webapps,0 4441,platforms/php/webapps/4441.txt,"izicontents rc6 - (RFI/LFI) Multiple Vulnerabilities",2007-09-21,irk4z,php,webapps,0 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 -4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 - (cat_id) SQL Injection",2007-09-22,IHTeam,php,webapps,0 +4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 - 'cat_id' SQL Injection",2007-09-22,IHTeam,php,webapps,0 4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - (products.php class) SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - (emprint.DLL 6.0.1.0) BoF Exploit",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 -4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - LFI",2007-09-23,"BorN To K!LL",php,webapps,0 +4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion",2007-09-23,"BorN To K!LL",php,webapps,0 4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - (show.php) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - SQL Injection",2007-09-23,IHTeam,php,webapps,0 4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0Day)",2007-09-24,h07,windows,remote,80 @@ -4102,7 +4102,7 @@ id,file,description,date,author,platform,type,port 4454,platforms/php/webapps/4454.txt,"sk.log 0.5.3 - (skin_url) Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 4455,platforms/windows/remote/4455.pl,"Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation Exploit",2008-03-11,titon,windows,remote,0 4456,platforms/php/webapps/4456.txt,"FrontAccounting 1.13 - Remote File Inclusion",2007-09-26,kezzap66345,php,webapps,0 -4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS - (id) SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 +4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS - 'id' SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - (notas.asp nota_id) SQL Injection",2007-09-26,ka0x,asp,webapps,0 4459,platforms/php/webapps/4459.txt,"ActiveKB Knowledgebase 2.x - (catId) SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 4460,platforms/linux/local/4460.c,"Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Local Root Exploit",2007-09-27,"Robert Swiecki",linux,local,0 @@ -4117,11 +4117,11 @@ id,file,description,date,author,platform,type,port 4469,platforms/php/webapps/4469.txt,"Mambo Component Mambads 1.5 - SQL Injection",2007-09-29,Sniper456,php,webapps,0 4470,platforms/php/webapps/4470.txt,"mxBB Module mx_glance 2.3.3 - Remote File Inclusion",2007-09-29,bd0rk,php,webapps,0 4471,platforms/php/webapps/4471.txt,"phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion",2007-09-30,"Mehmet Ince",php,webapps,0 -4472,platforms/php/webapps/4472.txt,"actSite 1.56 - (news.php) Local File Inclusion",2007-10-01,DNX,php,webapps,0 +4472,platforms/php/webapps/4472.txt,"actSite 1.56 - 'news.php' Local File Inclusion",2007-10-01,DNX,php,webapps,0 4473,platforms/php/webapps/4473.txt,"actSite 1.991 Beta - (base.php) Remote File Inclusion",2007-10-01,DNX,php,webapps,0 -4474,platforms/windows/dos/4474.html,"EDraw Office Viewer Component 5.3 - FtpDownloadFile() Remote BoF",2007-10-01,shinnai,windows,dos,0 +4474,platforms/windows/dos/4474.html,"EDraw Office Viewer Component 5.3 - FtpDownloadFile() Remote Buffer Overflow",2007-10-01,shinnai,windows,dos,0 4475,platforms/php/webapps/4475.php,"PHP-Fusion module Expanded Calendar 2.x - SQL Injection",2007-10-01,Matrix86,php,webapps,0 -4476,platforms/php/webapps/4476.txt,"Segue CMS 1.8.4 - index.php Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 +4476,platforms/php/webapps/4476.txt,"Segue CMS 1.8.4 - 'index.php' Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 4477,platforms/php/webapps/4477.txt,"php wcms XT 0.0.7 - Multiple Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 4478,platforms/linux/remote/4478.c,"smbftpd 0.96 - SMBDirList-function Remote Format String Exploit",2007-10-01,"Jerry Illikainen",linux,remote,21 4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD - CreateNewFile Arbitrary Remote Rewrite DoS",2007-10-01,rgod,windows,dos,0 @@ -4165,7 +4165,7 @@ id,file,description,date,author,platform,type,port 4517,platforms/windows/local/4517.php,"PHP 5.2.4 ionCube extension - safe_mode / disable_functions Bypass",2007-10-11,shinnai,windows,local,0 4518,platforms/php/webapps/4518.txt,"WebDesktop 0.1 - Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 4519,platforms/php/webapps/4519.txt,"Pindorama 0.1 - client.php Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 -4520,platforms/php/webapps/4520.txt,"PicoFlat CMS 0.4.14 - index.php Remote File Inclusion",2007-10-11,0in,php,webapps,0 +4520,platforms/php/webapps/4520.txt,"PicoFlat CMS 0.4.14 - 'index.php' Remote File Inclusion",2007-10-11,0in,php,webapps,0 4521,platforms/php/webapps/4521.txt,"Joomla Flash uploader 2.5.1 - Remote File Inclusion",2007-10-11,mdx,php,webapps,0 4522,platforms/hardware/remote/4522.html,"Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak Exploit",2007-10-11,"Niacin and Dre",hardware,remote,0 4523,platforms/php/webapps/4523.pl,"KwsPHP 1.0 - Newsletter Module SQL Injection",2007-10-11,s4mi,php,webapps,0 @@ -4176,19 +4176,19 @@ id,file,description,date,author,platform,type,port 4528,platforms/php/webapps/4528.txt,"KwsPHP 1.0 mg2 Module - SQL Injection",2007-10-13,"Mehmet Ince",php,webapps,0 4529,platforms/cgi/webapps/4529.txt,"WWWISIS 7.1 - (IsisScript) Local File Disclosure / XSS",2007-10-13,JosS,cgi,webapps,0 4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit",2007-10-14,eliteboy,multiple,remote,0 -4531,platforms/windows/local/4531.py,"jetAudio 7.x - (m3u) Local SEH Overwrite Exploit",2007-10-14,h07,windows,local,0 +4531,platforms/windows/local/4531.py,"jetAudio 7.x - '.m3u' Local SEH Overwrite Exploit",2007-10-14,h07,windows,local,0 4532,platforms/linux/dos/4532.pl,"eXtremail 2.1.1 - memmove() Remote Denial of Service",2007-10-15,mu-b,linux,dos,0 4533,platforms/linux/remote/4533.c,"eXtremail 2.1.1 - (LOGIN) Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,4501 4534,platforms/linux/remote/4534.c,"eXtremail 2.1.1 - PLAIN authentication Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,143 4535,platforms/linux/dos/4535.pl,"eXtremail 2.1.1 - Remote Heap Overflow PoC",2007-10-15,mu-b,linux,dos,0 4536,platforms/php/webapps/4536.txt,"doop CMS 1.3.7 - (page) Local File Inclusion",2007-10-15,vladii,php,webapps,0 4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 - Remote Buffer Overflow Exploit",2005-05-03,greuff,linux,remote,0 -4538,platforms/php/webapps/4538.txt,"Artmedic CMS 3.4 - (index.php page) Local File Inclusion",2007-10-16,iNs,php,webapps,0 +4538,platforms/php/webapps/4538.txt,"Artmedic CMS 3.4 - 'index.php' Local File Inclusion",2007-10-16,iNs,php,webapps,0 4539,platforms/php/webapps/4539.txt,"Okul Otomasyon Portal 2.0 - SQL Injection",2007-10-16,dumenci,php,webapps,0 4540,platforms/multiple/dos/4540.pl,"GCALDaemon 1.0-beta13 - Remote Denial of Service",2007-10-16,ikki,multiple,dos,0 4541,platforms/linux/remote/4541.c,"Half-Life Server 3.1.1.0 - Remote Buffer Overflow Exploit",2005-10-16,greuff,linux,remote,27015 4542,platforms/linux/remote/4542.py,"Boa 0.93.15 - HTTP Basic Authentication Bypass Exploit",2007-10-16,ikki,linux,remote,0 -4543,platforms/php/webapps/4543.txt,"PHPDJ 0.5 - (djpage.php page) Remote File Inclusion",2007-10-17,GoLd_M,php,webapps,0 +4543,platforms/php/webapps/4543.txt,"PHPDJ 0.5 - 'djpage.php' Remote File Inclusion",2007-10-17,GoLd_M,php,webapps,0 4544,platforms/php/webapps/4544.txt,"LimeSurvey 1.52 - (language.php) Remote File Inclusion",2007-10-17,S.W.A.T.,php,webapps,0 4545,platforms/php/webapps/4545.txt,"awzMB 4.2 beta 1 - Multiple Remote File Inclusion",2007-10-18,S.W.A.T.,php,webapps,0 4546,platforms/php/webapps/4546.txt,"ZZ FlashChat 3.1 - (help.php) Local File Inclusion",2007-10-19,d3hydr8,php,webapps,0 @@ -4203,7 +4203,7 @@ id,file,description,date,author,platform,type,port 4555,platforms/php/webapps/4555.txt,"TOWeLS 0.1 - scripture.php Remote File Inclusion",2007-10-22,GoLd_M,php,webapps,0 4556,platforms/multiple/remote/4556.txt,"LiteSpeed Web Server 3.2.3 - Remote Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 4557,platforms/php/webapps/4557.txt,"Simple PHP Blog (sphpblog) 0.5.1 - Multiple Vulnerabilities",2007-10-22,DarkFig,php,webapps,0 -4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script 1.0 - (index.php) Local File Inclusion",2007-10-22,"BorN To K!LL",php,webapps,0 +4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script 1.0 - 'index.php' Local File Inclusion",2007-10-22,"BorN To K!LL",php,webapps,0 4559,platforms/multiple/dos/4559.txt,"Mozilla Firefox 2.0.0.7 - Remote Denial of Service",2007-10-22,BugReport.IR,multiple,dos,0 4560,platforms/multiple/dos/4560.pl,"DNS Recursion Bandwidth Amplification - Denial of Service PoC",2007-10-23,ShadowHatesYou,multiple,dos,0 4561,platforms/php/webapps/4561.txt,"Flatnuke 3 - Remote Command Execution / Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 @@ -4228,7 +4228,7 @@ id,file,description,date,author,platform,type,port 4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - (dl.php) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 4581,platforms/php/webapps/4581.txt,"Sige 0.1 - sige_init.php Remote File Inclusion",2007-10-28,GoLd_M,php,webapps,0 4582,platforms/php/webapps/4582.txt,"teatro 1.6 - (basePath) Remote File Inclusion",2007-10-28,"Alkomandoz Hacker",php,webapps,0 -4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x - (.m3u) Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0 +4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x - '.m3u' Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0 4584,platforms/windows/local/4584.c,"Kodak Image Viewer - TIF/TIFF Code Execution Exploit PoC (MS07-055)",2007-10-29,"Gil-Dong / Woo-Chi",windows,local,0 4585,platforms/php/webapps/4585.txt,"MySpace Resource Script (MSRS) 1.21 - Remote File Inclusion",2007-10-29,r00t@zapak.com,php,webapps,0 4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Remote File Upload Shell Upload Exploit",2007-10-29,r00t@zapak.com,php,webapps,0 @@ -4267,12 +4267,12 @@ id,file,description,date,author,platform,type,port 4620,platforms/php/webapps/4620.txt,"Softbiz Link Directory Script - SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 4621,platforms/php/webapps/4621.txt,"patBBcode 1.0 - bbcodeSource.php Remote File Inclusion",2007-11-12,p4sswd,php,webapps,0 4622,platforms/php/webapps/4622.txt,"Myspace Clone Script - SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 -4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple SQL Injection",2007-11-14,k1tk4t,php,webapps,0 +4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple SQL Injections",2007-11-14,k1tk4t,php,webapps,0 4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept",2007-11-16,"RISE Security",osx,dos,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - .MDB File Parsing Stack Overflow PoC",2007-11-16,cocoruder,windows,local,0 4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery - Remote File Inclusion",2007-11-16,Crackers_Child,php,webapps,0 -4627,platforms/php/webapps/4627.txt,"ProfileCMS 1.0 - (id) SQL Injection",2007-11-16,K-159,php,webapps,0 -4628,platforms/php/webapps/4628.txt,"Myspace Clone Script - (index.php) Remote File Inclusion",2007-11-16,VerY-SecReT,php,webapps,0 +4627,platforms/php/webapps/4627.txt,"ProfileCMS 1.0 - 'id' SQL Injection",2007-11-16,K-159,php,webapps,0 +4628,platforms/php/webapps/4628.txt,"Myspace Clone Script - 'index.php' Remote File Inclusion",2007-11-16,VerY-SecReT,php,webapps,0 4629,platforms/php/webapps/4629.txt,"net-finity - (links.php) SQL Injection",2007-11-16,VerY-SecReT,php,webapps,0 4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 - (index.php action) Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0 4631,platforms/php/webapps/4631.txt,"phpBBViet 02.03.2007 - (phpbb_root_path) Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 @@ -4309,10 +4309,10 @@ id,file,description,date,author,platform,type,port 4662,platforms/php/webapps/4662.txt,"Tilde CMS 4.x - (aarstal) SQL Injection",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 4663,platforms/windows/remote/4663.html,"BitDefender Online Scanner 8 - ActiveX Heap Overflow Exploit",2007-11-27,Nphinity,windows,remote,0 4664,platforms/windows/remote/4664.txt,"Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit",2007-11-27,"YAG KOHHA",windows,remote,0 -4665,platforms/php/webapps/4665.txt,"Eurologon CMS - Multiple SQL Injection",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 +4665,platforms/php/webapps/4665.txt,"Eurologon CMS - Multiple SQL Injections",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4666,platforms/php/webapps/4666.txt,"Eurologon CMS - files.php Arbitrary File Download",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4667,platforms/php/webapps/4667.txt,"PHP-Nuke NSN Script Depository 1.0.0 - Remote Source Disclosure",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 -4668,platforms/php/webapps/4668.txt,"wpQuiz 2.7 - Multiple SQL Injection",2007-11-27,Kacper,php,webapps,0 +4668,platforms/php/webapps/4668.txt,"wpQuiz 2.7 - Multiple SQL Injections",2007-11-27,Kacper,php,webapps,0 4669,platforms/php/webapps/4669.txt,"project alumni 1.0.9 - (index.php act) Local File Inclusion",2007-11-27,tomplixsee,php,webapps,0 4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 - (include.php) Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 4671,platforms/php/webapps/4671.txt,"EHCP 0.22.8 - Multiple Remote File Inclusion",2007-11-28,MhZ91,php,webapps,0 @@ -4321,7 +4321,7 @@ id,file,description,date,author,platform,type,port 4674,platforms/php/webapps/4674.txt,"TuMusika Evolution 1.7R5 - Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4675,platforms/php/webapps/4675.txt,"NoAh 0.9 pre 1.2 - (filepath) Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 -4677,platforms/php/webapps/4677.txt,"WebED 0.0.9 - (index.php) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 +4677,platforms/php/webapps/4677.txt,"WebED 0.0.9 - 'index.php' Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4678,platforms/php/webapps/4678.php,"Seditio CMS 121 - SQL Injection",2007-11-29,InATeam,php,webapps,0 4679,platforms/php/webapps/4679.txt,"KML share 1.1 - (region.php layer) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 - (sFilePath) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 @@ -4335,7 +4335,7 @@ id,file,description,date,author,platform,type,port 4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization PoC",2007-12-04,"Ricardo Narvaja",windows,dos,0 4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept",2007-12-04,mu-b,osx,dos,0 4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 - (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 -4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery 2.0b5 - (catid) SQL Injection",2007-12-05,K-159,php,webapps,0 +4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery 2.0b5 - 'catid' SQL Injection",2007-12-05,K-159,php,webapps,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service",2007-12-05,MADYNES,hardware,dos,0 4693,platforms/php/webapps/4693.txt,"SineCMS 2.3.4 - Calendar SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 - (index.php link) Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 @@ -4350,8 +4350,8 @@ id,file,description,date,author,platform,type,port 4703,platforms/windows/local/4703.pl,"Nullsoft Winamp 5.32 - MP4 tags Stack Overflow Exploit",2007-12-08,"SYS 49152",windows,local,0 4704,platforms/php/webapps/4704.txt,"PolDoc CMS 0.96 - (download_file.php) File Disclosure",2007-12-08,GoLd_M,php,webapps,0 4705,platforms/php/webapps/4705.txt,"Flat PHP Board 1.2 - Multiple Vulnerabilities",2007-12-09,KiNgOfThEwOrLd,php,webapps,0 -4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - (index.php) SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 -4707,platforms/php/webapps/4707.txt,"Ace Image Hosting Script - (id) SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 +4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - 'index.php' SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 +4707,platforms/php/webapps/4707.txt,"Ace Image Hosting Script - 'id' SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 4708,platforms/php/webapps/4708.txt,"DWdirectory 2.1 - SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 4709,platforms/php/webapps/4709.txt,"SH-News 3.0 - (comments.php id) SQL Injection",2007-12-09,hadihadi,php,webapps,0 4710,platforms/php/webapps/4710.txt,"Lotfian.com DATABASE DRIVEN TRAVEL SITE - SQL Injection",2007-12-10,"Aria-Security Team",php,webapps,0 @@ -4372,7 +4372,7 @@ id,file,description,date,author,platform,type,port 4725,platforms/php/webapps/4725.txt,"Fastpublish CMS 1.9999 - config[fsBase] RFI",2007-12-12,RoMaNcYxHaCkEr,php,webapps,0 4726,platforms/php/webapps/4726.txt,"CityWriter 0.9.7 - head.php Remote File Inclusion",2007-12-13,RoMaNcYxHaCkEr,php,webapps,0 4727,platforms/php/webapps/4727.txt,"CMS Galaxie Software - (category_id) SQL Injection",2007-12-13,MurderSkillz,php,webapps,0 -4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 - (id) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 +4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 - 'id' Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 4731,platforms/php/webapps/4731.php,"Adult Script 1.6 - Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 @@ -4393,7 +4393,7 @@ id,file,description,date,author,platform,type,port 4746,platforms/windows/remote/4746.html,"RavWare Software - .MAS Flic Control Remote Buffer Overflow Exploit",2007-12-18,shinnai,windows,remote,0 4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0 4748,platforms/windows/dos/4748.php,"SurgeMail 38k4 - webmail Host header Denial of Service",2007-12-18,rgod,windows,dos,0 -4749,platforms/windows/local/4749.c,"Rosoft Media Player 4.1.7 - (.m3u) Stack Overflow Exploit",2007-12-18,devcode,windows,local,0 +4749,platforms/windows/local/4749.c,"Rosoft Media Player 4.1.7 - '.m3u' Stack Overflow Exploit",2007-12-18,devcode,windows,local,0 4750,platforms/php/webapps/4750.txt,"phpMyRealty 1.0.x - (search.php type) SQL Injection",2007-12-18,Koller,php,webapps,0 4751,platforms/windows/local/4751.pl,"jetAudio 7.0.5 COWON Media Center MP4 - Stack Overflow Exploit",2007-12-18,"SYS 49152",windows,local,0 4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 - Bypass Upload Shell From Your Profile",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 @@ -4414,14 +4414,14 @@ id,file,description,date,author,platform,type,port 4768,platforms/php/webapps/4768.py,"Shadowed Portal 5.7d3 - Remote Command Execution Exploit",2007-12-21,The:Paradox,php,webapps,0 4769,platforms/php/webapps/4769.txt,"Shadowed Portal 5.7d3 - (POST) Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 - (category.php) SQL Injection",2007-12-22,Koller,php,webapps,0 -4771,platforms/php/webapps/4771.txt,"Ip Reg 0.3 - Multiple SQL Injection",2007-12-22,MhZ91,php,webapps,0 +4771,platforms/php/webapps/4771.txt,"Ip Reg 0.3 - Multiple SQL Injections",2007-12-22,MhZ91,php,webapps,0 4772,platforms/php/webapps/4772.txt,"zBlog 1.2 - SQL Injection",2007-12-22,Houssamix,php,webapps,0 4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash Exploit",2007-12-23,"Noam Rathaus",multiple,dos,0 4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 - (go.php) SQL Injection",2007-12-23,DNX,php,webapps,0 -4775,platforms/php/webapps/4775.txt,"Adult Script 1.6.5 - Multiple SQL Injection",2007-12-23,MhZ91,php,webapps,0 +4775,platforms/php/webapps/4775.txt,"Adult Script 1.6.5 - Multiple SQL Injections",2007-12-23,MhZ91,php,webapps,0 4776,platforms/php/webapps/4776.txt,"MMSLamp - (idpro) SQL Injection",2007-12-23,x0kster,php,webapps,0 4777,platforms/php/webapps/4777.txt,"WebSihirbazi 5.1.1 - (pageid) SQL Injection",2007-12-24,bypass,php,webapps,0 -4778,platforms/php/webapps/4778.txt,"MeGaCheatZ 1.1 - Multiple SQL Injection",2007-12-24,MhZ91,php,webapps,0 +4778,platforms/php/webapps/4778.txt,"MeGaCheatZ 1.1 - Multiple SQL Injections",2007-12-24,MhZ91,php,webapps,0 4779,platforms/php/webapps/4779.php,"CuteNews 1.4.5 - Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - (index.php loadadminpage) Remote File Inclusion",2007-12-24,Koller,php,webapps,0 4781,platforms/php/webapps/4781.php,"Jupiter 1.1.5ex - Privileges Escalation Exploit",2007-12-24,BugReport.IR,php,webapps,0 @@ -4481,7 +4481,7 @@ id,file,description,date,author,platform,type,port 4836,platforms/php/webapps/4836.txt,"samPHPweb - (songinfo.php) SQL Injection",2008-01-05,BackDoor,php,webapps,0 4837,platforms/php/webapps/4837.pl,"ClipShare 2.6 - Remote User Password Change Exploit",2008-01-05,Pr0metheuS,php,webapps,0 4838,platforms/php/webapps/4838.txt,"snetworks php classifieds 5.0 - Remote File Inclusion",2008-01-05,Crackers_Child,php,webapps,0 -4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - (.m3u) Stack Overflow Exploit",2008-01-05,Trancek,windows,local,0 +4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - '.m3u' Stack Overflow Exploit",2008-01-05,Trancek,windows,local,0 4840,platforms/php/webapps/4840.php,"Tribisur 2.0 - SQL Injection",2008-01-05,x0kster,php,webapps,0 4841,platforms/php/webapps/4841.txt,"Invision Power Board 2.1.7 - ACTIVE XSS/SQL Injection",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 @@ -4496,8 +4496,8 @@ id,file,description,date,author,platform,type,port 4851,platforms/php/webapps/4851.txt,"CuteNews 1.1.1 - (html.php) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 4852,platforms/php/webapps/4852.txt,"netrisk 1.9.7 - (XSS/SQL) Multiple Vulnerabilities",2008-01-06,"Virangar Security",php,webapps,0 4853,platforms/php/webapps/4853.php,"DCP-Portal 6.11 - SQL Injection",2008-01-06,x0kster,php,webapps,0 -4854,platforms/php/webapps/4854.txt,"SineCMS 2.3.5 - Local File Inclusion / RCE",2008-01-06,KiNgOfThEwOrLd,php,webapps,0 -4855,platforms/php/webapps/4855.txt,"Shop-Script 2.0 - index.php Remote File Disclosure",2008-01-06,Fisher762,php,webapps,0 +4854,platforms/php/webapps/4854.txt,"SineCMS 2.3.5 - Local File Inclusion / Remote Code Execution",2008-01-06,KiNgOfThEwOrLd,php,webapps,0 +4855,platforms/php/webapps/4855.txt,"Shop-Script 2.0 - 'index.php' Remote File Disclosure",2008-01-06,Fisher762,php,webapps,0 4856,platforms/multiple/dos/4856.php,"Half-Life CSTRIKE Server 1.6 - Denial of Service (no-steam)",2008-01-06,"Eugene Minaev",multiple,dos,0 4857,platforms/php/webapps/4857.txt,"OneCMS 2.4 - SQL Injection / Upload",2008-01-07,BugReport.IR,php,webapps,0 4858,platforms/php/webapps/4858.pl,"FlexBB 0.6.3 - Cookies SQL Injection",2008-01-07,"Eugene Minaev",php,webapps,0 @@ -4524,7 +4524,7 @@ id,file,description,date,author,platform,type,port 4880,platforms/php/webapps/4880.php,"DomPHP 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0 4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash Exploit",2008-01-10,kingcope,solaris,dos,0 4882,platforms/php/webapps/4882.txt,"MTCMS 2.0 - SQL Injection",2008-01-10,"Virangar Security",php,webapps,0 -4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 - (index.php page) Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 +4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 - 'index.php' Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 4884,platforms/php/webapps/4884.php,"Evilsentinel 1.0.9 - (Multiple Vulnerabilities) Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 4885,platforms/windows/dos/4885.txt,"Quicktime Player 7.3.1.70 - (rtsp) Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 4886,platforms/php/webapps/4886.pl,"iGaming CMS 1.3.1/1.5 - SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 @@ -4536,12 +4536,12 @@ id,file,description,date,author,platform,type,port 4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Exploit",2008-01-11,shinnai,windows,local,0 4893,platforms/linux/dos/4893.c,"Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service",2008-01-11,"Clemens Kurtenbach",linux,dos,0 4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager - ccpm_0237.dll BoF Exploit",2008-01-11,Elazar,windows,remote,0 -4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - (id) SQL Injection",2008-01-11,"Raw Security",php,webapps,0 +4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - 'id' SQL Injection",2008-01-11,"Raw Security",php,webapps,0 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - (delete id) Remote Admin Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 4898,platforms/php/webapps/4898.txt,"Agares PhpAutoVideo 2.21 - (articlecat) SQL Injection",2008-01-12,ka0x,php,webapps,0 4899,platforms/php/webapps/4899.txt,"TaskFreak! 0.6.1 - SQL Injection",2008-01-12,TheDefaced,php,webapps,0 -4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injection",2008-01-12,trew,asp,webapps,0 +4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injections",2008-01-12,trew,asp,webapps,0 4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - (userName) SQL Injection",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 - Remote File Disclosure",2008-01-13,Houssamix,php,webapps,0 4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - BoF Exploit",2008-01-13,rgod,windows,remote,0 @@ -4561,7 +4561,7 @@ id,file,description,date,author,platform,type,port 4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) BoF Exploit",2008-01-16,rgod,windows,remote,0 4919,platforms/php/webapps/4919.txt,"blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities",2008-01-16,DSecRG,php,webapps,0 -4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 - (effect.php page) Local File Inclusion",2008-01-16,DSecRG,php,webapps,0 +4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 - 'effect.php' Local File Inclusion",2008-01-16,DSecRG,php,webapps,0 4921,platforms/asp/webapps/4921.txt,"MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure",2008-01-16,-=M.o.B=-,asp,webapps,0 4922,platforms/php/webapps/4922.txt,"alitalk 1.9.1.1 - Multiple Vulnerabilities",2008-01-16,tomplixsee,php,webapps,0 4923,platforms/windows/remote/4923.txt,"miniweb 0.8.19 - Multiple Vulnerabilities",2008-01-16,"Hamid Ebadi",windows,remote,0 @@ -4570,7 +4570,7 @@ id,file,description,date,author,platform,type,port 4926,platforms/php/webapps/4926.pl,"Gradman 0.1.3 - (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution Exploit",2008-01-16,Silentz,php,webapps,0 4928,platforms/php/webapps/4928.txt,"mybulletinboard (mybb) 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 -4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - (id) SQL Injection",2008-01-17,Stack,php,webapps,0 +4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - 'id' SQL Injection",2008-01-17,Stack,php,webapps,0 4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 - (upload.php language) LFI",2008-01-17,Scary-Boys,php,webapps,0 4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX BOF/DoS",2008-01-17,shinnai,windows,dos,0 4932,platforms/windows/remote/4932.html,"Digital Data Communications - (RtspVaPgCtrl) Remote BoF Exploit",2008-01-17,rgod,windows,remote,0 @@ -4594,7 +4594,7 @@ id,file,description,date,author,platform,type,port 4950,platforms/php/webapps/4950.php,"Coppermine Photo Gallery 1.4.10 - SQL Injection",2008-01-21,bazik,php,webapps,0 4951,platforms/php/webapps/4951.txt,"Mooseguy Blog System 1.0 - (blog.php month) SQL Injection",2008-01-21,The_HuliGun,php,webapps,0 4952,platforms/php/webapps/4952.txt,"boastMachine 3.1 - (mail.php id) SQL Injection",2008-01-21,"Virangar Security",php,webapps,0 -4953,platforms/php/webapps/4953.txt,"OZJournals 2.1.1 - (id) File Disclosure",2008-01-21,shinmai,php,webapps,0 +4953,platforms/php/webapps/4953.txt,"OZJournals 2.1.1 - 'id' File Disclosure",2008-01-21,shinmai,php,webapps,0 4954,platforms/php/webapps/4954.txt,"IDM-OS 1.0 - (download.php fileName) File Disclosure",2008-01-21,MhZ91,php,webapps,0 4955,platforms/php/webapps/4955.txt,"Lama Software 14.12.2007 - Multiple Remote File Inclusion",2008-01-21,QTRinux,php,webapps,0 4956,platforms/php/webapps/4956.txt,"AlstraSoft Forum Pay Per Post Exchange 2.0 - SQL Injection",2008-01-21,t0pP8uZz,php,webapps,0 @@ -4605,8 +4605,8 @@ id,file,description,date,author,platform,type,port 4961,platforms/php/webapps/4961.php,"Coppermine Photo Gallery 1.4.14 - SQL Injection",2008-01-22,RST/GHC,php,webapps,0 4962,platforms/php/webapps/4962.pl,"SetCMS 3.6.5 - (setcms.org) Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 4963,platforms/php/webapps/4963.pl,"YaBB SE 1.5.5 - Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 -4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 - (sid) SQL Injection",2008-01-22,RST/GHC,php,webapps,0 -4965,platforms/php/webapps/4965.php,"PHP-Nuke 8.0 Final - (sid) SQL Injection",2008-01-22,RST/GHC,php,webapps,0 +4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 - 'sid' SQL Injection",2008-01-22,RST/GHC,php,webapps,0 +4965,platforms/php/webapps/4965.php,"PHP-Nuke 8.0 Final - 'sid' SQL Injection",2008-01-22,RST/GHC,php,webapps,0 4966,platforms/php/webapps/4966.pl,"Invision Gallery 2.0.7 - SQL Injection",2008-01-22,RST/GHC,php,webapps,0 4967,platforms/windows/remote/4967.html,"Lycos FileUploader Control - ActiveX Remote Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 - (index.php story) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 @@ -4630,7 +4630,7 @@ id,file,description,date,author,platform,type,port 4987,platforms/windows/remote/4987.html,"Persits XUpload 3.0 - AddFile() Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 4988,platforms/asp/webapps/4988.txt,"candypress ecommerce suite 4.1.1.26 - Multiple Vulnerabilities",2008-01-25,BugReport.IR,asp,webapps,0 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 -4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 - Numerous SQL Injection",2008-01-26,"Charles Hooper",php,webapps,0 +4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 - Multiple SQL Injections",2008-01-26,"Charles Hooper",php,webapps,0 4991,platforms/php/webapps/4991.txt,"Bubbling Library 1.32 - Multiple Local File Inclusion",2008-01-26,Stack,php,webapps,0 4992,platforms/php/webapps/4992.txt,"WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 4993,platforms/php/webapps/4993.txt,"WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 @@ -4650,11 +4650,11 @@ id,file,description,date,author,platform,type,port 5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 5008,platforms/php/webapps/5008.txt,"Mambo Component Fq - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 -5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 - (catid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 - 'catid' SQL Injection",2008-01-30,S@BUN,php,webapps,0 5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes - (aid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5012,platforms/php/webapps/5012.pl,"Connectix Boards 0.8.2 - template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 5013,platforms/php/webapps/5013.php,"WordPress Plugin Adserve 0.2 - adclick.php SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 -5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 - (id) SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 - 'id' SQL Injection",2008-01-30,S@BUN,php,webapps,0 5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 - (cat) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - SQL Injection",2008-01-30,S@BUN,php,webapps,0 5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 @@ -4672,22 +4672,22 @@ id,file,description,date,author,platform,type,port 5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5032,platforms/windows/local/5032.c,"Total Video Player 1.03 - .M3U File Local Buffer Overflow Exploit",2008-02-01,"fl0 fl0w",windows,local,0 5033,platforms/php/webapps/5033.txt,"LightBlog 9.5 - cp_upload_image.php Remote File Upload",2008-02-01,Omni,php,webapps,0 -5034,platforms/php/webapps/5034.txt,"Joomla Component NeoReferences 1.3.1 - (catid) SQL Injection",2008-02-01,S@BUN,php,webapps,0 +5034,platforms/php/webapps/5034.txt,"Joomla Component NeoReferences 1.3.1 - 'catid' SQL Injection",2008-02-01,S@BUN,php,webapps,0 5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 - (USER/PASS) Remote Heap Overflow PoC",2008-02-02,securfrog,windows,dos,0 5037,platforms/php/webapps/5037.txt,"The Everything Development System Pre-1.0 - SQL Injection",2008-02-02,sub,php,webapps,0 5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - SQL Injection",2008-02-02,S@BUN,php,webapps,0 5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 - (topicid) SQL Injection",2008-02-02,S@BUN,php,webapps,0 5041,platforms/php/webapps/5041.txt,"phpShop 0.8.1 - SQL Injection / Filter Bypass",2008-02-02,"the redc0ders",php,webapps,0 -5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - (id) XSS / SQL Injection",2008-02-02,"Khashayar Fereidani",php,webapps,0 +5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - 'id' XSS / SQL Injection",2008-02-02,"Khashayar Fereidani",php,webapps,0 5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote BoF PoC Exploit",2008-02-02,h07,windows,dos,0 5044,platforms/windows/dos/5044.pl,"IpSwitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow PoC",2008-02-03,securfrog,windows,dos,0 5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX BoF Exploit",2008-02-03,plan-s,windows,remote,0 5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote BoF Exploit",2008-02-03,anonymous,windows,remote,0 -5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 - (catid) SQL Injection",2008-02-03,GoLd_M,php,webapps,0 +5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 - 'catid' SQL Injection",2008-02-03,GoLd_M,php,webapps,0 5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote BoF Exploit (2)",2008-02-03,exceed,windows,remote,0 5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader - (ImageUploader4.ocx 4.5.57.0) BoF Exploit",2008-02-03,Elazar,windows,remote,0 -5050,platforms/php/webapps/5050.pl,"A-Blog 2 - (id) XSS / SQL Injection",2008-02-03,"Khashayar Fereidani",php,webapps,0 +5050,platforms/php/webapps/5050.pl,"A-Blog 2 - 'id' XSS / SQL Injection",2008-02-03,"Khashayar Fereidani",php,webapps,0 5051,platforms/windows/remote/5051.html,"Yahoo! Music Jukebox 2.2 - AddButton() ActiveX Remote BoF Exploit (3)",2008-02-03,Elazar,windows,remote,0 5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() BoF Exploit",2008-02-03,Elazar,windows,remote,0 5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 @@ -4697,11 +4697,11 @@ id,file,description,date,author,platform,type,port 5057,platforms/php/webapps/5057.txt,"XOOPS 2.0.18 - Local File Inclusion / URL Redirecting",2008-02-04,DSecRG,php,webapps,0 5058,platforms/php/webapps/5058.txt,"Mambo Component Awesom 0.3.2 - (listid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 - (Itemid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 -5060,platforms/php/webapps/5060.txt,"VHD Web Pack 2.0 - (index.php page) Local File Inclusion",2008-02-04,DSecRG,php,webapps,0 -5061,platforms/php/webapps/5061.txt,"All Club CMS 0.0.1f - index.php Local File Inclusion",2008-02-04,Trancek,php,webapps,0 +5060,platforms/php/webapps/5060.txt,"VHD Web Pack 2.0 - 'index.php' Local File Inclusion",2008-02-04,DSecRG,php,webapps,0 +5061,platforms/php/webapps/5061.txt,"All Club CMS 0.0.1f - 'index.php' Local File Inclusion",2008-02-04,Trancek,php,webapps,0 5062,platforms/php/webapps/5062.txt,"RMSOFT Gallery System 2.0 - (images.php id) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 5063,platforms/windows/dos/5063.pl,"NERO Media Player 1.4.0.35b - .M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 -5064,platforms/php/webapps/5064.txt,"All Club CMS 0.0.2 - index.php SQL Injection",2008-02-05,ka0x,php,webapps,0 +5064,platforms/php/webapps/5064.txt,"All Club CMS 0.0.2 - 'index.php' SQL Injection",2008-02-05,ka0x,php,webapps,0 5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 - (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 @@ -4709,7 +4709,7 @@ id,file,description,date,author,platform,type,port 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 5070,platforms/php/webapps/5070.pl,"MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection",2008-02-06,F,php,webapps,0 5071,platforms/php/webapps/5071.txt,"Astanda Directory Project 1.2 - (link_id) SQL Injection",2008-02-06,you_kn0w,php,webapps,0 -5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - (id) SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 +5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - 'id' SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 5073,platforms/php/webapps/5073.txt,"Mambo Component com_downloads - SQL Injection",2008-02-06,S@BUN,php,webapps,0 5074,platforms/php/webapps/5074.php,"Mihalism Multi Host Download - (Username) Blind SQL Injection",2008-02-06,Moubik,php,webapps,0 5075,platforms/php/webapps/5075.txt,"osCommerce Addon Customer Testimonials 3.1 - SQL Injection",2008-02-07,"it's my",php,webapps,0 @@ -4726,7 +4726,7 @@ id,file,description,date,author,platform,type,port 5086,platforms/windows/dos/5086.html,"ImageStation - (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow PoC",2008-02-08,Trancek,windows,dos,0 5087,platforms/windows/remote/5087.html,"Microsoft DirectSpeechSynthesis Module - Remote Buffer Overflow Exploit",2008-02-09,rgod,windows,remote,0 5088,platforms/php/webapps/5088.py,"Limbo CMS 1.0.4.2 - Cuid cookie Blind SQL Injection",2008-02-09,The:Paradox,php,webapps,0 -5089,platforms/php/webapps/5089.txt,"DomPHP 0.82 - (index.php page) Local File Inclusion",2008-02-09,Houssamix,php,webapps,0 +5089,platforms/php/webapps/5089.txt,"DomPHP 0.82 - 'index.php' Local File Inclusion",2008-02-09,Houssamix,php,webapps,0 5090,platforms/php/webapps/5090.pl,"Open-Realty 2.4.3 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 5091,platforms/php/webapps/5091.pl,"Journalness 4.1 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 5092,platforms/linux/local/5092.c,"Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Local Root Exploit (2)",2008-02-09,qaaz,linux,local,0 @@ -4760,14 +4760,14 @@ id,file,description,date,author,platform,type,port 5120,platforms/php/webapps/5120.pl,"Joomla Component mediaslide (albumnum) - Blind SQL Injection",2008-02-14,Inphex,php,webapps,0 5121,platforms/php/webapps/5121.txt,"LookStrike Lan Manager 0.9 - Remote File Inclusion / Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 - .M3U File Remote Buffer Overflow PoC",2008-02-14,securfrog,windows,dos,0 -5123,platforms/php/webapps/5123.txt,"Scribe 0.2 - (index.php page) Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 +5123,platforms/php/webapps/5123.txt,"Scribe 0.2 - 'index.php' Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 - Cookie Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 5125,platforms/php/webapps/5125.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (1)",2008-02-14,Xar,php,webapps,0 5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5128,platforms/php/webapps/5128.txt,"Mambo Component Quran 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0 -5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 - (download.php) Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0 -5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple SQL Injection",2008-02-16,NTOS-Team,php,webapps,0 +5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 - 'download.php' Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0 +5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple SQL Injections",2008-02-16,NTOS-Team,php,webapps,0 5131,platforms/php/webapps/5131.pl,"Simple CMS 1.0.3 - (indexen.php area) SQL Injection",2008-02-16,JosS,php,webapps,0 5132,platforms/php/webapps/5132.txt,"Joomla Component jooget 2.6.8 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 @@ -4783,8 +4783,8 @@ id,file,description,date,author,platform,type,port 5143,platforms/windows/local/5143.c,"DESlock+ <= 3.2.6 - Local Kernel ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 5145,platforms/php/webapps/5145.txt,"Joomla Component com_pccookbook - (user_id) SQL Injection",2008-02-18,S@BUN,php,webapps,0 -5146,platforms/php/webapps/5146.txt,"Joomla Component com_clasifier - (cat_id) SQL Injection",2008-02-18,S@BUN,php,webapps,0 -5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL - (cid) SQL Injection",2008-02-18,S@BUN,php,webapps,0 +5146,platforms/php/webapps/5146.txt,"Joomla Component com_clasifier - 'cat_id' SQL Injection",2008-02-18,S@BUN,php,webapps,0 +5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL - 'cid' SQL Injection",2008-02-18,S@BUN,php,webapps,0 5148,platforms/php/webapps/5148.txt,"XOOPS Module myTopics - (articleid) SQL Injection",2008-02-18,S@BUN,php,webapps,0 5149,platforms/php/webapps/5149.txt,"sCssBoard - (pwnpack) Multiple Versions Remote Exploit",2008-02-18,Inphex,php,webapps,0 5150,platforms/hardware/remote/5150.txt,"Thecus N5200Pro NAS Server Control Panel - Remote File Inclusion",2008-02-18,Crackers_Child,hardware,remote,0 @@ -4793,21 +4793,21 @@ id,file,description,date,author,platform,type,port 5153,platforms/windows/remote/5153.asp,"Ourgame GLWorld 2.x - hgs_startNotify() ActiveX Buffer Overflow Exploit",2008-02-19,luoluo,windows,remote,0 5154,platforms/php/webapps/5154.txt,"PHP-Nuke Module Sections - (artid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 5155,platforms/php/webapps/5155.txt,"PHP-Nuke Module EasyContent - (page_id) SQL Injection",2008-02-19,"Mehmet Ince",php,webapps,0 -5156,platforms/php/webapps/5156.txt,"RunCMS Module MyAnnonces - (cid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 -5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos - (cid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 -5158,platforms/php/webapps/5158.txt,"XOOPS Module classifieds - (cid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 +5156,platforms/php/webapps/5156.txt,"RunCMS Module MyAnnonces - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 +5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 +5158,platforms/php/webapps/5158.txt,"XOOPS Module classifieds - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 - (okulid) SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0 5160,platforms/php/webapps/5160.txt,"Joomla Component com_hwdvideoshare - SQL Injection",2008-02-20,S@BUN,php,webapps,0 5161,platforms/php/webapps/5161.txt,"PHP-Nuke Module Docum - (artid) SQL Injection",2008-02-20,DamaR,php,webapps,0 5162,platforms/php/webapps/5162.txt,"Globsy 1.0 - (file) Remote File Disclosure",2008-02-20,GoLd_M,php,webapps,0 -5163,platforms/php/webapps/5163.txt,"PHP-Nuke Module Inhalt - (cid) SQL Injection",2008-02-20,Crackers_Child,php,webapps,0 +5163,platforms/php/webapps/5163.txt,"PHP-Nuke Module Inhalt - 'cid' SQL Injection",2008-02-20,Crackers_Child,php,webapps,0 5164,platforms/php/webapps/5164.php,"Woltlab Burning Board 3.0.x - Remote Blind SQL Injection",2008-02-20,NBBN,php,webapps,0 5165,platforms/php/webapps/5165.php,"PunBB 1.2.16 - Blind Password Recovery Exploit",2008-02-21,EpiBite,php,webapps,0 5166,platforms/php/webapps/5166.htm,"MultiCart 2.0 - (productdetails.php) SQL Injection",2008-02-20,t0pP8uZz,php,webapps,0 5167,platforms/linux/local/5167.sh,"X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition Exploit",2008-02-21,vl4dZ,linux,local,0 -5168,platforms/php/webapps/5168.txt,"PHP-Nuke Modules Manuales 0.1 - (cid) SQL Injection",2008-02-21,"Mehmet Ince",php,webapps,0 -5169,platforms/php/webapps/5169.txt,"PHP-Nuke Module Siir - (id) SQL Injection",2008-02-21,S@BUN,php,webapps,0 -5170,platforms/php/webapps/5170.txt,"BeContent 031 - (id) SQL Injection",2008-02-21,Cr@zy_King,php,webapps,0 +5168,platforms/php/webapps/5168.txt,"PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection",2008-02-21,"Mehmet Ince",php,webapps,0 +5169,platforms/php/webapps/5169.txt,"PHP-Nuke Module Siir - 'id' SQL Injection",2008-02-21,S@BUN,php,webapps,0 +5170,platforms/php/webapps/5170.txt,"BeContent 031 - 'id' SQL Injection",2008-02-21,Cr@zy_King,php,webapps,0 5171,platforms/php/webapps/5171.txt,"ossim 0.9.9rc5 - (XSS/SQL Injection) Multiple Vulnerabilities",2008-02-21,"Marcin Kopec",php,webapps,0 5172,platforms/php/webapps/5172.txt,"PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection",2008-02-21,DamaR,php,webapps,0 5173,platforms/php/webapps/5173.txt,"phpQLAdmin 2.2.7 - Multiple Remote File Inclusion",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 @@ -4832,7 +4832,7 @@ id,file,description,date,author,platform,type,port 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) BoF Exploit",2008-02-26,rgod,windows,remote,0 5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 -5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 - (catid) SQL Injection",2008-02-27,"it's my",php,webapps,0 +5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 - 'catid' SQL Injection",2008-02-27,"it's my",php,webapps,0 5196,platforms/php/webapps/5196.pl,"EazyPortal 1.0 - (COOKIE) SQL Injection",2008-02-27,Iron,php,webapps,0 5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion",2008-02-27,CraCkEr,php,webapps,0 5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 - (categ) SQL Injection",2008-02-28,Cr@zy_King,php,webapps,0 @@ -4844,7 +4844,7 @@ id,file,description,date,author,platform,type,port 5204,platforms/php/webapps/5204.py,"Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure Exploit",2008-02-28,"Julien CAYSSOL",php,webapps,0 5205,platforms/windows/remote/5205.html,"Symantec BackupExec Calendar Control - (PVCalendar.ocx) BoF Exploit",2008-02-29,Elazar,windows,remote,0 5206,platforms/php/webapps/5206.txt,"Koobi CMS 4.3.0 - 4.2.3 (categ) SQL Injection",2008-02-29,JosS,php,webapps,0 -5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica - (id) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 +5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica - 'id' SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 5208,platforms/php/webapps/5208.txt,"phpArcadeScript 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 - (mod_project_id) SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service",2008-03-01,0in,linux,dos,0 @@ -4853,14 +4853,14 @@ id,file,description,date,author,platform,type,port 5213,platforms/windows/remote/5213.txt,"Versant Object Database 7.0.1.3 - Commands Execution Exploit",2008-03-04,"Luigi Auriemma",windows,remote,0 5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart - SQL Injection",2008-03-04,bius,php,webapps,0 5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal",2008-03-06,DSecRG,multiple,remote,0 -5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 - (sid) SQL Injection",2008-03-06,S@BUN,php,webapps,0 +5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 - 'sid' SQL Injection",2008-03-06,S@BUN,php,webapps,0 5217,platforms/windows/dos/5217.html,"ICQ Toolbar 2.3 - ActiveX Remote Denial of Service",2008-03-06,spdr,windows,dos,0 -5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads - (cid) SQL Injection",2008-03-06,S@BUN,php,webapps,0 +5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads - 'cid' SQL Injection",2008-03-06,S@BUN,php,webapps,0 5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 - Remote Add Admin Exploit",2008-03-07,"Charles Fol",php,webapps,0 5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 - Remote Upload Exploit",2008-03-07,"Charles Fol",php,webapps,0 5221,platforms/php/webapps/5221.txt,"Joomla Component Candle 1.0 - (cID) SQL Injection",2008-03-08,S@BUN,php,webapps,0 5222,platforms/php/webapps/5222.txt,"QuickTicket 1.5 - (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 -5223,platforms/php/webapps/5223.txt,"BM Classifieds 20080409 - Multiple SQL Injection",2008-03-09,xcorpitx,php,webapps,0 +5223,platforms/php/webapps/5223.txt,"BM Classifieds 20080409 - Multiple SQL Injections",2008-03-09,xcorpitx,php,webapps,0 5224,platforms/linux/remote/5224.php,"VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0 5225,platforms/windows/dos/5225.html,"KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow PoC",2008-03-10,void,windows,dos,0 5226,platforms/php/webapps/5226.txt,"Mambo Component eWriting 1.2.1 - (cat) SQL Injection",2008-03-10,Don,php,webapps,0 @@ -4871,9 +4871,9 @@ id,file,description,date,author,platform,type,port 5231,platforms/php/webapps/5231.php,"phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection",2008-03-10,"Charles Fol",php,webapps,0 5232,platforms/php/webapps/5232.txt,"Mapbender 2.4.4 - (mapFiler.php) Remote Code Execution",2008-03-11,"RedTeam Pentesting",php,webapps,0 5233,platforms/php/webapps/5233.txt,"Mapbender 2.4.4 - (gaz) SQL Injection",2008-03-11,"RedTeam Pentesting",php,webapps,0 -5234,platforms/php/webapps/5234.txt,"Bloo 1.00 - Multiple SQL Injection",2008-03-11,MhZ91,php,webapps,0 +5234,platforms/php/webapps/5234.txt,"Bloo 1.00 - Multiple SQL Injections",2008-03-11,MhZ91,php,webapps,0 5235,platforms/windows/dos/5235.py,"MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow DoS",2008-03-11,ryujin,windows,dos,0 -5236,platforms/php/webapps/5236.txt,"phpBB Mod FileBase - (id) SQL Injection",2008-03-11,t0pP8uZz,php,webapps,0 +5236,platforms/php/webapps/5236.txt,"phpBB Mod FileBase - 'id' SQL Injection",2008-03-11,t0pP8uZz,php,webapps,0 5237,platforms/php/webapps/5237.txt,"Joomla Component ProductShowcase 1.5 - SQL Injection",2008-03-11,S@BUN,php,webapps,0 5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 - Path Traversal / Log Injection Exploit",2008-03-11,"Core Security",windows,remote,0 5239,platforms/php/webapps/5239.php,"Danneo CMS 0.5.1 - Remote Blind SQL Injection",2008-03-11,InATeam,php,webapps,0 @@ -4909,12 +4909,12 @@ id,file,description,date,author,platform,type,port 5270,platforms/windows/dos/5270.pl,"Home FTP Server 1.4.5 - Remote Denial of Service",2008-03-17,0in,windows,dos,0 5273,platforms/php/webapps/5273.txt,"Joomla Component Acajoom (com_acajoom) - SQL Injection",2008-03-18,fataku,php,webapps,0 5274,platforms/asp/webapps/5274.txt,"KAPhotoservice - (album.asp) SQL Injection",2008-03-18,JosS,asp,webapps,0 -5275,platforms/php/webapps/5275.txt,"Easy-Clanpage 2.2 - (id) SQL Injection",2008-03-18,n3w7u,php,webapps,0 +5275,platforms/php/webapps/5275.txt,"Easy-Clanpage 2.2 - 'id' SQL Injection",2008-03-18,n3w7u,php,webapps,0 5276,platforms/asp/webapps/5276.txt,"ASPapp - (links.asp CatId) SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 -5277,platforms/php/webapps/5277.txt,"Joomla Component joovideo 1.2.2 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 -5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi 2.1.3 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 -5279,platforms/php/webapps/5279.txt,"Mambo Component accombo 1.x - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 -5280,platforms/php/webapps/5280.txt,"Joomla Component Restaurante 1.0 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5277,platforms/php/webapps/5277.txt,"Joomla Component joovideo 1.2.2 - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi 2.1.3 - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5279,platforms/php/webapps/5279.txt,"Mambo Component accombo 1.x - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5280,platforms/php/webapps/5280.txt,"Joomla Component Restaurante 1.0 - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 5281,platforms/php/webapps/5281.php,"PEEL CMS - Admin Hash Extraction / Remote Upload Exploit",2008-03-19,"Charles Fol",php,webapps,0 5282,platforms/solaris/remote/5282.txt,"Sun Solaris 10 - rpc.ypupdated Remote Root Exploit",2008-03-20,kingcope,solaris,remote,0 5283,platforms/linux/remote/5283.txt,"CenterIM 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0 @@ -4923,19 +4923,19 @@ id,file,description,date,author,platform,type,port 5287,platforms/windows/local/5287.txt,"Microsoft Office Excel - Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0 5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 - Multiple Local File Inclusion",2008-03-21,0x90,php,webapps,0 5289,platforms/hardware/remote/5289.txt,"ZyXEL ZyWALL Quagga/Zebra - (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 -5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - (cid) SQL Injection",2008-03-21,S@BUN,php,webapps,0 -5291,platforms/php/webapps/5291.txt,"D.E. Classifieds - (cat_id) SQL Injection",2008-03-21,S@BUN,php,webapps,0 +5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - 'cid' SQL Injection",2008-03-21,S@BUN,php,webapps,0 +5291,platforms/php/webapps/5291.txt,"D.E. Classifieds - 'cat_id' SQL Injection",2008-03-21,S@BUN,php,webapps,0 5292,platforms/php/webapps/5292.py,"PostNuke 0.764 - Blind SQL Injection",2008-03-21,The:Paradox,php,webapps,0 5293,platforms/php/webapps/5293.pl,"XLPortal 2.2.4 - (search) SQL Injection",2008-03-21,cOndemned,php,webapps,0 5294,platforms/php/webapps/5294.txt,"joomla components custompages 1.1 - Remote File Inclusion",2008-03-22,Sniper456,php,webapps,0 5295,platforms/php/webapps/5295.pl,"PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection",2008-03-22,Inphex,php,webapps,0 -5296,platforms/php/webapps/5296.txt,"Cuteflow Bin 1.5.0 - (login.php) Local File Inclusion",2008-03-22,KnocKout,php,webapps,0 +5296,platforms/php/webapps/5296.txt,"Cuteflow Bin 1.5.0 - 'login.php' Local File Inclusion",2008-03-22,KnocKout,php,webapps,0 5297,platforms/php/webapps/5297.txt,"Joomla Component rekry 1.0.0 - (op_id) SQL Injection",2008-03-23,Sniper456,php,webapps,0 5298,platforms/php/webapps/5298.py,"destar 0.2.2-5 - Arbitrary Add New User Exploit",2008-03-23,nonroot,php,webapps,0 5299,platforms/php/webapps/5299.txt,"Joomla Component d3000 1.0.0 - SQL Injection",2008-03-23,S@BUN,php,webapps,0 5300,platforms/php/webapps/5300.txt,"Joomla Component Cinema 1.0 - SQL Injection",2008-03-23,S@BUN,php,webapps,0 5301,platforms/php/webapps/5301.txt,"phpBB Module XS-Mod 2.3.1 - Local File Inclusion",2008-03-24,bd0rk,php,webapps,0 -5302,platforms/php/webapps/5302.txt,"PowerBook 1.21 - (index.php page) Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 +5302,platforms/php/webapps/5302.txt,"PowerBook 1.21 - 'index.php' Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 5303,platforms/php/webapps/5303.txt,"PowerPHPBoard 1.00b - Multiple Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 5304,platforms/cgi/webapps/5304.txt,"HIS-Webshop - (his-webshop.pl t) Remote File Disclosure",2008-03-24,"Zero X",cgi,webapps,0 5305,platforms/php/webapps/5305.py,"destar 0.2.2-5 - Arbitrary Add Admin User Exploit",2008-03-24,nonroot,php,webapps,0 @@ -4943,7 +4943,7 @@ id,file,description,date,author,platform,type,port 5307,platforms/linux/dos/5307.pl,"MPlayer - sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC",2008-03-25,"Guido Landi",linux,dos,0 5308,platforms/php/webapps/5308.txt,"e107 Plugin My_Gallery 2.3 - Arbitrary File Download",2008-03-25,"Jerome Athias",php,webapps,0 5309,platforms/php/webapps/5309.txt,"BolinOS 4.6.1 - (LFI/XSS) Multiple Security Vulnerabilities",2008-03-25,DSecRG,php,webapps,0 -5310,platforms/php/webapps/5310.txt,"Joomla Component alphacontent 2.5.8 - (id) SQL Injection",2008-03-25,cO2,php,webapps,0 +5310,platforms/php/webapps/5310.txt,"Joomla Component alphacontent 2.5.8 - 'id' SQL Injection",2008-03-25,cO2,php,webapps,0 5311,platforms/php/webapps/5311.txt,"TopperMod 2.0 - SQL Injection",2008-03-25,girex,php,webapps,0 5312,platforms/php/webapps/5312.txt,"TopperMod 1.0 - (mod.php) Local File Inclusion",2008-03-25,girex,php,webapps,0 5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities (1)",2008-03-26,meathive,hardware,remote,0 @@ -4970,7 +4970,7 @@ id,file,description,date,author,platform,type,port 5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto 1.0 - (show.php id) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop 1.51 - (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 5336,platforms/php/webapps/5336.pl,"eggBlog 4.0 - Password Retrieve SQL Injection",2008-04-01,girex,php,webapps,0 -5337,platforms/php/webapps/5337.txt,"Joomla Component actualite 1.0 - (id) SQL Injection",2008-04-01,Stack,php,webapps,0 +5337,platforms/php/webapps/5337.txt,"Joomla Component actualite 1.0 - 'id' SQL Injection",2008-04-01,Stack,php,webapps,0 5338,platforms/windows/remote/5338.html,"ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite Exploit",2008-04-01,shinnai,windows,remote,0 5339,platforms/php/webapps/5339.php,"Nuked-Klan 1.7.6 - Multiple Vulnerabilities",2008-04-01,"Charles Fol",php,webapps,0 5340,platforms/php/webapps/5340.txt,"RunCMS Module bamagalerie3 - SQL Injection",2008-04-01,DreamTurk,php,webapps,0 @@ -4984,7 +4984,7 @@ id,file,description,date,author,platform,type,port 5348,platforms/php/webapps/5348.txt,"PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion",2008-04-02,w0cker,php,webapps,0 5349,platforms/windows/dos/5349.py,"Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow PoC",2008-04-03,shinnai,windows,dos,0 5350,platforms/php/webapps/5350.txt,"KwsPHP Module Galerie - (id_gal) SQL Injection",2008-04-03,S@BUN,php,webapps,0 -5351,platforms/php/webapps/5351.txt,"KwsPHP Module Archives - (id) SQL Injection",2008-04-03,S@BUN,php,webapps,0 +5351,platforms/php/webapps/5351.txt,"KwsPHP Module Archives - 'id' SQL Injection",2008-04-03,S@BUN,php,webapps,0 5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) 1.0 - SQL Injection",2008-04-03,Houssamix,php,webapps,0 5353,platforms/php/webapps/5353.txt,"KwsPHP Module ConcoursPhoto - (C_ID) SQL Injection",2008-04-03,Stack,php,webapps,0 5354,platforms/windows/dos/5354.c,"Xitami Web Server 2.5c2 - LRWP Processing Format String PoC",2008-04-03,bratax,windows,dos,0 @@ -4992,11 +4992,11 @@ id,file,description,date,author,platform,type,port 5356,platforms/sco/local/5356.c,"SCO UnixWare Reliant HA - Local Root Exploit",2008-04-04,qaaz,sco,local,0 5357,platforms/sco/local/5357.c,"SCO UnixWare Merge - mcd Local Root Exploit",2008-04-04,qaaz,sco,local,0 5358,platforms/php/webapps/5358.pl,"XPOZE Pro 3.05 - (reed) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 -5359,platforms/php/webapps/5359.txt,"Vastal I-Tech Software Zone - (cat_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 +5359,platforms/php/webapps/5359.txt,"Vastal I-Tech Software Zone - 'cat_id' SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5360,platforms/php/webapps/5360.txt,"sabros.us 1.75 - (thumbnails.php) Remote File Disclosure",2008-04-04,HaCkeR_EgY,php,webapps,0 5361,platforms/windows/local/5361.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - .DSR File Local BoF Exploit",2008-04-04,shinnai,windows,local,0 5362,platforms/php/webapps/5362.txt,"Comdev News Publisher - SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 -5363,platforms/php/webapps/5363.txt,"Affiliate Directory - (cat_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 +5363,platforms/php/webapps/5363.txt,"Affiliate Directory - 'cat_id' SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 - (photo_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5365,platforms/php/webapps/5365.txt,"Blogator-script 0.95 - (incl_page) Remote File Inclusion",2008-04-04,JIKO,php,webapps,0 5366,platforms/solaris/remote/5366.rb,"Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit)",2008-04-04,I)ruid,solaris,remote,0 @@ -5006,12 +5006,12 @@ id,file,description,date,author,platform,type,port 5370,platforms/php/webapps/5370.txt,"Blogator-script 0.95 - Change User Password",2008-04-05,"Virangar Security",php,webapps,0 5371,platforms/php/webapps/5371.txt,"Entertainment Directory 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5372,platforms/php/webapps/5372.txt,"Easynet Forum Host - (forum.php forum) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5373,platforms/asp/webapps/5373.txt,"CoBaLT 0.1 - Multiple SQL Injection",2008-04-05,U238,asp,webapps,0 -5374,platforms/php/webapps/5374.txt,"Gaming Directory 1.0 - (cat_id) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5373,platforms/asp/webapps/5373.txt,"CoBaLT 0.1 - Multiple SQL Injections",2008-04-05,U238,asp,webapps,0 +5374,platforms/php/webapps/5374.txt,"Gaming Directory 1.0 - 'cat_id' SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5375,platforms/php/webapps/5375.txt,"visualpic 0.3.1 - Remote File Inclusion",2008-04-05,Cr@zy_King,php,webapps,0 5376,platforms/php/webapps/5376.pl,"Picture Rating 1.0 - Blind SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5377,platforms/php/webapps/5377.txt,"Links Directory 1.1 - (cat_id) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5378,platforms/php/webapps/5378.txt,"Software Index 1.1 - (cid) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5377,platforms/php/webapps/5377.txt,"Links Directory 1.1 - 'cat_id' SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5378,platforms/php/webapps/5378.txt,"Software Index 1.1 - 'cid' SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5379,platforms/php/webapps/5379.txt,"MyBB Plugin Custom Pages 1.0 - SQL Injection",2008-04-06,Lidloses_Auge,php,webapps,0 5380,platforms/php/webapps/5380.txt,"Blog PixelMotion - (sauvBase.php) Arbitrary Database Backup",2008-04-06,JIKO,php,webapps,0 5381,platforms/php/webapps/5381.txt,"Blog PixelMotion - (modif_config.php) Remote File Upload",2008-04-06,JIKO,php,webapps,0 @@ -5022,7 +5022,7 @@ id,file,description,date,author,platform,type,port 5386,platforms/linux/remote/5386.txt,"Apache Tomcat Connector jk2-2.0.2 (mod_jk2) - Remote Overflow Exploit",2008-04-06,"INetCop Security",linux,remote,80 5387,platforms/php/webapps/5387.txt,"Prozilla Reviews Script 1.0 - Arbitrary Delete User",2008-04-06,t0pP8uZz,php,webapps,0 5388,platforms/php/webapps/5388.txt,"Prozilla Topsites 1.0 - Arbitrary Edit/Add Users",2008-04-06,t0pP8uZz,php,webapps,0 -5389,platforms/php/webapps/5389.txt,"Prozilla Cheat Script 2.0 - (id) SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 +5389,platforms/php/webapps/5389.txt,"Prozilla Cheat Script 2.0 - 'id' SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 5390,platforms/php/webapps/5390.txt,"Prozilla Freelancers - (project) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 5391,platforms/php/webapps/5391.php,"Drake CMS 0.4.11 - Remote Blind SQL Injection",2008-04-07,EgiX,php,webapps,0 5392,platforms/php/webapps/5392.php,"LinPHA 1.3.3 - (maps plugin) Remote Command Execution Exploit",2008-04-07,EgiX,php,webapps,0 @@ -5035,7 +5035,7 @@ id,file,description,date,author,platform,type,port 5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php) File Disclosure",2008-04-07,Stack,php,webapps,0 5400,platforms/php/webapps/5400.txt,"724CMS 4.01 Enterprise - (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 5401,platforms/php/webapps/5401.txt,"My Gaming Ladder 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 -5402,platforms/php/webapps/5402.txt,"iScripts SocialWare - (id) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 +5402,platforms/php/webapps/5402.txt,"iScripts SocialWare - 'id' SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 5404,platforms/php/webapps/5404.php,"phpTournois G4 - Remote File Upload/Code Execution Exploit",2008-04-08,"Charles Fol",php,webapps,0 5405,platforms/php/webapps/5405.txt,"exbb 0.22 - (LFI/RFI) Multiple Vulnerabilities",2008-04-08,The:Paradox,php,webapps,0 5406,platforms/php/webapps/5406.txt,"Pligg CMS 9.9.0 - (editlink.php id) SQL Injection",2008-04-08,"Guido Landi",php,webapps,0 @@ -5060,7 +5060,7 @@ id,file,description,date,author,platform,type,port 5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 - (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 5426,platforms/php/webapps/5426.txt,"RX Maxsoft - (popup_img.php fotoID) SQL Injection",2008-04-10,S@BUN,php,webapps,0 5427,platforms/windows/dos/5427.pl,"Borland InterBase 2007 - ibserver.exe Buffer Overflow PoC",2008-04-11,"Liu Zhen Hua",windows,dos,0 -5428,platforms/php/webapps/5428.txt,"PHPKB 1.5 Knowledge Base - (ID) SQL Injection",2008-04-11,parad0x,php,webapps,0 +5428,platforms/php/webapps/5428.txt,"PHPKB 1.5 Knowledge Base - 'ID' SQL Injection",2008-04-11,parad0x,php,webapps,0 5429,platforms/php/webapps/5429.txt,"newsoffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 5431,platforms/php/webapps/5431.txt,"Joomla Component joomlaXplorer 1.6.2 - Remote Vulnerabilities",2008-04-11,Houssamix,php,webapps,0 @@ -5079,7 +5079,7 @@ id,file,description,date,author,platform,type,port 5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 - (index.php cat) SQL Injection",2008-04-14,"SoSo H H",php,webapps,0 5445,platforms/windows/remote/5445.cpp,"HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow Exploit",2008-04-14,Heretic2,windows,remote,2954 5446,platforms/php/webapps/5446.txt,"BosNews 4.0 - (article) SQL Injection",2008-04-14,Crackers_Child,php,webapps,0 -5447,platforms/php/webapps/5447.txt,"Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injection",2008-04-14,JosS,php,webapps,0 +5447,platforms/php/webapps/5447.txt,"Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections",2008-04-14,JosS,php,webapps,0 5448,platforms/php/webapps/5448.txt,"Koobi Pro 6.25 - poll SQL Injection",2008-04-14,S@BUN,php,webapps,0 5449,platforms/php/webapps/5449.php,"KwsPHP - (Upload) Remote Code Execution Exploit",2008-04-14,Ajax,php,webapps,0 5450,platforms/php/webapps/5450.txt,"Classifieds Caffe - (index.php cat_id) SQL Injection",2008-04-15,JosS,php,webapps,0 @@ -5089,7 +5089,7 @@ id,file,description,date,author,platform,type,port 5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 - SQL Injection (2)",2008-04-15,cO2,php,webapps,0 5455,platforms/windows/dos/5455.py,"BS.Player 2.27 Build 959 - .SRT File Buffer Overflow PoC",2008-04-16,j0rgan,windows,dos,0 5456,platforms/asp/webapps/5456.txt,"carbon communities 2.4 - Multiple Vulnerabilities",2008-04-16,BugReport.IR,asp,webapps,0 -5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials 2.1 - (id) SQL Injection",2008-04-16,cO2,php,webapps,0 +5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials 2.1 - 'id' SQL Injection",2008-04-16,cO2,php,webapps,0 5458,platforms/linux/dos/5458.txt,"xine-lib 1.1.12 - NSF demuxer Stack Overflow PoC",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 5460,platforms/windows/dos/5460.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service PoC",2008-04-17,"Shennan Wang",windows,dos,0 @@ -5113,7 +5113,7 @@ id,file,description,date,author,platform,type,port 5478,platforms/php/webapps/5478.txt,"acidcat CMS 3.4.1 - Multiple Vulnerabilities",2008-04-20,BugReport.IR,php,webapps,0 5479,platforms/windows/local/5479.txt,"Adobe Album Starter 3.2 - Unchecked Local Buffer Overflow Exploit",2008-04-21,c0ntex,windows,local,0 5480,platforms/php/webapps/5480.txt,"BlogWorx 1.0 - (view.asp id) SQL Injection",2008-04-21,U238,php,webapps,0 -5481,platforms/php/webapps/5481.txt,"Crazy Goomba 1.2.1 - (id) SQL Injection",2008-04-21,ZoRLu,php,webapps,0 +5481,platforms/php/webapps/5481.txt,"Crazy Goomba 1.2.1 - 'id' SQL Injection",2008-04-21,ZoRLu,php,webapps,0 5482,platforms/asp/webapps/5482.py,"RedDot CMS 7.5 - (LngId) SQL Injection",2008-04-21,"IRM Plc.",asp,webapps,0 5483,platforms/php/webapps/5483.txt,"TR News 2.1 - (nb) SQL Injection",2008-04-21,His0k4,php,webapps,0 5484,platforms/php/webapps/5484.txt,"Joomla Component FlippingBook 1.0.4 - SQL Injection",2008-04-22,cO2,php,webapps,0 @@ -5135,8 +5135,8 @@ id,file,description,date,author,platform,type,port 5500,platforms/php/webapps/5500.txt,"PostNuke Module pnFlashGames 2.5 - SQL Injection",2008-04-26,Kacper,php,webapps,0 5501,platforms/php/webapps/5501.txt,"Content Management System for Phprojekt 0.6.1 - Remote File Inclusion",2008-04-26,RoMaNcYxHaCkEr,php,webapps,0 5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 - (postview.php) SQL Injection",2008-04-26,U238,php,webapps,0 -5503,platforms/asp/webapps/5503.txt,"Angelo-Emlak 1.0 - Multiple SQL Injection",2008-04-26,U238,asp,webapps,0 -5504,platforms/php/webapps/5504.txt,"PHP Forge 3 beta 2 - (id) SQL Injection",2008-04-26,JIKO,php,webapps,0 +5503,platforms/asp/webapps/5503.txt,"Angelo-Emlak 1.0 - Multiple SQL Injections",2008-04-26,U238,asp,webapps,0 +5504,platforms/php/webapps/5504.txt,"PHP Forge 3 beta 2 - 'id' SQL Injection",2008-04-26,JIKO,php,webapps,0 5505,platforms/php/webapps/5505.txt,"RunCMS Module MyArticles 0.6 Beta-1 - SQL Injection",2008-04-26,Cr@zy_King,php,webapps,0 5506,platforms/php/webapps/5506.txt,"PHPizabi 0.848b C1 HFP3 - Database Information Disclosure",2008-04-26,YOUCODE,php,webapps,0 5507,platforms/asp/webapps/5507.txt,"megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities",2008-04-27,BugReport.IR,asp,webapps,0 @@ -5159,7 +5159,7 @@ id,file,description,date,author,platform,type,port 5524,platforms/php/webapps/5524.txt,"OxYProject 0.85 - (edithistory.php) Remote Code Execution",2008-04-30,GoLd_M,php,webapps,0 5525,platforms/php/webapps/5525.txt,"Harris WapChat 1 - Multiple Remote File Inclusion",2008-04-30,k1n9k0ng,php,webapps,0 5526,platforms/php/webapps/5526.txt,"interact 2.4.1 - Multiple Remote File Inclusion",2008-04-30,RoMaNcYxHaCkEr,php,webapps,0 -5527,platforms/php/webapps/5527.pl,"Joomla Component Webhosting - (catid) Blind SQL Injection",2008-05-01,cO2,php,webapps,0 +5527,platforms/php/webapps/5527.pl,"Joomla Component Webhosting - 'catid' Blind SQL Injection",2008-05-01,cO2,php,webapps,0 5528,platforms/php/webapps/5528.txt,"ActualAnalyzer Lite (free) 2.78 - Local File Inclusion",2008-05-01,"Khashayar Fereidani",php,webapps,0 5529,platforms/php/webapps/5529.txt,"vlbook 1.21 - (XSS/LFI) Multiple Vulnerabilities",2008-05-01,"Khashayar Fereidani",php,webapps,0 5530,platforms/windows/remote/5530.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Remote BoF Exploit",2008-05-02,lhoang8500,windows,remote,0 @@ -5169,12 +5169,12 @@ id,file,description,date,author,platform,type,port 5534,platforms/multiple/remote/5534.txt,"HLDS WebMod 0.48 - Multiple Remote Vulnerabilities",2008-05-03,"Luigi Auriemma",multiple,remote,0 5535,platforms/php/webapps/5535.txt,"Smartblog - (index.php tid) SQL Injection",2008-05-03,His0k4,php,webapps,0 5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 - (rconpass) Remote Heap Overflow Exploit",2008-05-03,SkOd,windows,remote,0 -5537,platforms/php/webapps/5537.txt,"phpDirectorySource 1.1 - Multiple SQL Injection",2008-05-03,InjEctOr5,php,webapps,0 +5537,platforms/php/webapps/5537.txt,"phpDirectorySource 1.1 - Multiple SQL Injections",2008-05-03,InjEctOr5,php,webapps,0 5538,platforms/php/webapps/5538.txt,"cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities",2008-05-04,InjEctOr5,php,webapps,0 5539,platforms/php/webapps/5539.txt,"ScorpNews 1.0 - (example.php site) Remote File Inclusion",2008-05-04,Silver,php,webapps,0 5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit 1.4.0 - (ParentId) SQL Injection",2008-05-04,JosS,php,webapps,0 5541,platforms/php/webapps/5541.txt,"PostNuke Module pnEncyclopedia 0.2.0 - SQL Injection",2008-05-05,K-159,php,webapps,0 -5542,platforms/php/webapps/5542.txt,"Online Rental Property Script 4.5 - (pid) SQL Injection",2008-05-05,K-159,php,webapps,0 +5542,platforms/php/webapps/5542.txt,"Online Rental Property Script 4.5 - 'pid' SQL Injection",2008-05-05,K-159,php,webapps,0 5543,platforms/php/webapps/5543.txt,"Anserv Auction XL - (viewfaqs.php cat) SQL Injection",2008-05-05,K-159,php,webapps,0 5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend 2.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 5545,platforms/php/webapps/5545.txt,"Kmita Mail 3.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 @@ -5184,19 +5184,19 @@ id,file,description,date,author,platform,type,port 5549,platforms/php/webapps/5549.txt,"Power Editor 2.0 - Remote File Disclosure / Edit",2008-05-05,"Virangar Security",php,webapps,0 5550,platforms/php/webapps/5550.php,"deluxebb 1.2 - Multiple Vulnerabilities",2008-05-05,EgiX,php,webapps,0 5551,platforms/php/webapps/5551.txt,"Pre Shopping Mall 1.1 - (search.php search) SQL Injection",2008-05-06,t0pP8uZz,php,webapps,0 -5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 - (cat_id) SQL Injection",2008-05-06,InjEctOr5,php,webapps,0 +5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 - 'cat_id' SQL Injection",2008-05-06,InjEctOr5,php,webapps,0 5553,platforms/asp/webapps/5553.txt,"fipsCMS - (print.asp lg) SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 5554,platforms/php/webapps/5554.php,"Galleristic 1.0 - (index.php cat) SQL Injection",2008-05-07,cOndemned,php,webapps,0 5555,platforms/php/webapps/5555.txt,"gameCMS Lite 1.0 - (index.php systemId) SQL Injection",2008-05-07,InjEctOr5,php,webapps,0 5556,platforms/asp/webapps/5556.txt,"PostcardMentor - (step1.asp cat_fldAuto) SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 5557,platforms/php/webapps/5557.pl,"OneCMS 2.5 - Remote Blind SQL Injection",2008-05-07,Cod3rZ,php,webapps,0 5558,platforms/php/webapps/5558.txt,"CMS Faethon 2.2 Ultimate - (RFI/XSS) Multiple Remote Vulnerabilities",2008-05-07,RoMaNcYxHaCkEr,php,webapps,0 -5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple SQL Injection",2008-05-07,"Virangar Security",php,webapps,0 +5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple SQL Injections",2008-05-07,"Virangar Security",php,webapps,0 5560,platforms/php/webapps/5560.txt,"Musicbox 2.3.7 - (artistId) SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 5561,platforms/linux/dos/5561.pl,"rdesktop 1.5.0 - iso_recv_msg() Integer Underflow PoC",2008-05-08,"Guido Landi",linux,dos,0 5562,platforms/php/webapps/5562.py,"RunCMS 1.6.1 - (msg_image) SQL Injection",2008-05-08,The:Paradox,php,webapps,0 5563,platforms/windows/remote/5563.pl,"TFTP Server for Windows 1.4 - ST Remote BSS Overflow Exploit",2008-05-08,tixxDZ,windows,remote,69 -5564,platforms/asp/webapps/5564.txt,"Shader TV (Beta) - Multiple SQL Injection",2008-05-08,U238,asp,webapps,0 +5564,platforms/asp/webapps/5564.txt,"Shader TV (Beta) - Multiple SQL Injections",2008-05-08,U238,asp,webapps,0 5565,platforms/php/webapps/5565.pl,"vShare Youtube Clone 2.6 - (tid) SQL Injection",2008-05-08,Saime,php,webapps,0 5566,platforms/php/webapps/5566.txt,"SazCart 1.5.1 - Multiple Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 5567,platforms/php/webapps/5567.txt,"Cyberfolio 7.12 - (rep) Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 @@ -5205,20 +5205,20 @@ id,file,description,date,author,platform,type,port 5576,platforms/php/webapps/5576.pl,"SazCart 1.5.1 - (prodid) SQL Injection",2008-05-09,JosS,php,webapps,0 5577,platforms/php/webapps/5577.txt,"HispaH Model Search - (cat.php cat) SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 5578,platforms/php/webapps/5578.txt,"Phoenix View CMS Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities",2008-05-09,tw8,php,webapps,0 -5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - (index.php) Local File Inclusion Exploit",2008-05-09,cOndemned,php,webapps,0 +5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - 'index.php' Local File Inclusion Exploit",2008-05-09,cOndemned,php,webapps,0 5580,platforms/php/webapps/5580.txt,"Ktools PhotoStore 3.5.1 - (gallery.php gid) SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 5581,platforms/php/webapps/5581.txt,"Advanced Links Management (ALM) 1.52 - SQL Injection",2008-05-10,His0k4,php,webapps,0 -5582,platforms/php/webapps/5582.txt,"Ktools PhotoStore 3.5.2 - Multiple SQL Injection",2008-05-10,DNX,php,webapps,0 +5582,platforms/php/webapps/5582.txt,"Ktools PhotoStore 3.5.2 - Multiple SQL Injections",2008-05-10,DNX,php,webapps,0 5583,platforms/php/webapps/5583.php,"Joomla Component com_datsogallery 1.6 - Blind SQL Injection",2008-05-10,+toxa+,php,webapps,0 5584,platforms/windows/local/5584.c,"Open Office.org 2.31 - swriter Local Code Execution Exploit",2008-05-10,Marsu,windows,local,0 5585,platforms/linux/dos/5585.pl,"rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow PoC",2008-05-11,"Guido Landi",linux,dos,0 5586,platforms/php/webapps/5586.txt,"PhpBlock a8.5 - Multiple Remote File Inclusion",2008-05-11,CraCkEr,php,webapps,0 5587,platforms/php/webapps/5587.pl,"Joomla Component xsstream-dm 0.01b - SQL Injection",2008-05-11,Houssamix,php,webapps,0 -5588,platforms/php/webapps/5588.php,"QuickUpCMS - Multiple SQL Injection Vulnerabilities Exploit",2008-05-11,Lidloses_Auge,php,webapps,0 +5588,platforms/php/webapps/5588.php,"QuickUpCMS - Multiple SQL Injections Vulnerabilities Exploit",2008-05-11,Lidloses_Auge,php,webapps,0 5589,platforms/php/webapps/5589.php,"Vortex CMS - (index.php pageid) Blind SQL Injection",2008-05-11,Lidloses_Auge,php,webapps,0 5590,platforms/php/webapps/5590.txt,"AJ Article 1.0 - (featured_article.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 5591,platforms/php/webapps/5591.txt,"AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -5592,platforms/php/webapps/5592.txt,"AJ Classifieds 2008 - (index.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5592,platforms/php/webapps/5592.txt,"AJ Classifieds 2008 - 'index.php' SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 5594,platforms/php/webapps/5594.txt,"ZeusCart 2.0 - (category_list.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 5595,platforms/php/webapps/5595.txt,"clanlite 2.x - (SQL Injection/XSS) Multiple Vulnerabilities",2008-05-12,ZoRLu,php,webapps,0 5596,platforms/php/webapps/5596.txt,"BIGACE 2.4 - Multiple Remote File Inclusion",2008-05-12,BiNgZa,php,webapps,0 @@ -5233,7 +5233,7 @@ id,file,description,date,author,platform,type,port 5605,platforms/php/webapps/5605.txt,"e-107 Plugin zogo-shop 1.16 Beta 13 - SQL Injection",2008-05-13,Cr@zy_King,php,webapps,0 5606,platforms/php/webapps/5606.txt,"Web Group Communication Center (WGCC) 1.0.3 - SQL Injection",2008-05-13,myvx,php,webapps,0 5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 - (langsel) SQL Injection",2008-05-13,His0k4,php,webapps,0 -5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple SQL Injection",2008-05-13,U238,asp,webapps,0 +5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple SQL Injections",2008-05-13,U238,asp,webapps,0 5609,platforms/php/webapps/5609.txt,"EMO Realty Manager - (news.php ida) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5610,platforms/php/webapps/5610.txt,"The Real Estate Script - (dpage.php docID) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5611,platforms/php/webapps/5611.txt,"Linkspile - (link.php cat_id) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 @@ -5256,7 +5256,7 @@ id,file,description,date,author,platform,type,port 5628,platforms/php/webapps/5628.txt,"RantX 1.0 - Insecure Admin Authentication",2008-05-15,t0pP8uZz,php,webapps,0 5629,platforms/php/webapps/5629.txt,"Web Slider 0.6 - Insecure Cookie/Authentication Handling",2008-05-15,t0pP8uZz,php,webapps,0 5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 - Insecure Cookie Handling",2008-05-15,t0pP8uZz,php,webapps,0 -5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 - Multiple SQL Injection",2008-05-15,cOndemned,php,webapps,0 +5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 - Multiple SQL Injections",2008-05-15,cOndemned,php,webapps,0 5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22 5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS - (default.asp id) SQL Injection",2008-05-16,JosS,asp,webapps,0 5634,platforms/php/webapps/5634.htm,"Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 @@ -5266,32 +5266,32 @@ id,file,description,date,author,platform,type,port 5638,platforms/php/webapps/5638.txt,"How2ASP.net Webboard 4.1 - SQL Injection",2008-05-17,"CWH Underground",php,webapps,0 5639,platforms/php/webapps/5639.pl,"FicHive 1.0 - (category) Remote Blind SQL Injection",2008-05-17,His0k4,php,webapps,0 5640,platforms/php/webapps/5640.py,"Smeego 1.0 - (Cookie lang) Local File Inclusion Exploit",2008-05-17,0in,php,webapps,0 -5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro - Multiple SQL Injection",2008-05-18,dun,php,webapps,0 -5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple SQL Injection",2008-05-18,dun,php,webapps,0 +5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro - Multiple SQL Injections",2008-05-18,dun,php,webapps,0 +5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple SQL Injections",2008-05-18,dun,php,webapps,0 5643,platforms/php/webapps/5643.txt,"Ajax framework - (lang) Local File Inclusion",2008-05-18,dun,php,webapps,0 5644,platforms/php/webapps/5644.txt,"lulieblog 1.2 - Multiple Vulnerabilities",2008-05-18,Cod3rZ,php,webapps,0 5645,platforms/php/webapps/5645.txt,"AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add-Admin",2008-05-18,t0pP8uZz,php,webapps,0 5646,platforms/php/webapps/5646.txt,"easycms 0.4.2 - Multiple Vulnerabilities",2008-05-18,t0pP8uZz,php,webapps,0 -5647,platforms/php/webapps/5647.txt,"GNU/Gallery 1.1.1.0 - (admin.php) Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 +5647,platforms/php/webapps/5647.txt,"GNU/Gallery 1.1.1.0 - 'admin.php' Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 5648,platforms/php/webapps/5648.pl,"MeltingIce File System 1.0 - Remote Arbitrary Add-User Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System 1.1a - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5650,platforms/php/webapps/5650.pl,"MyPicGallery 1.0 - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5651,platforms/php/webapps/5651.txt,"microssys CMS 1.5 - Remote File Inclusion",2008-05-19,Raz0r,php,webapps,0 5652,platforms/php/webapps/5652.pl,"AlkalinePHP 0.80.00 beta - (thread.php id) SQL Injection",2008-05-19,Stack,php,webapps,0 -5653,platforms/php/webapps/5653.php,"MercuryBoard 1.1.5 - (login.php) Remote Blind SQL Injection",2008-05-19,EgiX,php,webapps,0 +5653,platforms/php/webapps/5653.php,"MercuryBoard 1.1.5 - 'login.php' Remote Blind SQL Injection",2008-05-19,EgiX,php,webapps,0 5654,platforms/php/webapps/5654.txt,"EntertainmentScript - (play.php id) SQL Injection",2008-05-19,Mr.SQL,php,webapps,0 -5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 - (page.php page) Local File Inclusion Exploit",2008-05-20,Stack,php,webapps,0 +5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 - 'page.php' Local File Inclusion Exploit",2008-05-20,Stack,php,webapps,0 5656,platforms/php/webapps/5656.txt,"ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities",2008-05-20,"Virangar Security",php,webapps,0 5657,platforms/php/webapps/5657.txt,"Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities",2008-05-20,USH,php,webapps,0 5658,platforms/php/webapps/5658.txt,"ComicShout 2.5 - (index.php comic_id) SQL Injection",2008-05-20,Niiub,php,webapps,0 -5659,platforms/php/webapps/5659.txt,"MX-System 2.7.3 - (index.php page) SQL Injection",2008-05-20,cOndemned,php,webapps,0 -5660,platforms/php/webapps/5660.txt,"Php Jokesite 2.0 - (cat_id) SQL Injection",2008-05-20,InjEctOr5,php,webapps,0 +5659,platforms/php/webapps/5659.txt,"MX-System 2.7.3 - 'index.php' SQL Injection",2008-05-20,cOndemned,php,webapps,0 +5660,platforms/php/webapps/5660.txt,"Php Jokesite 2.0 - 'cat_id' SQL Injection",2008-05-20,InjEctOr5,php,webapps,0 5661,platforms/php/webapps/5661.txt,"Netious CMS 0.4 - (index.php pageid) SQL Injection",2008-05-21,InjEctOr5,php,webapps,0 5662,platforms/cgi/webapps/5662.txt,"Alcatel OmniPCX Office 210/061.1 - Remote Command Execution",2008-05-21,DSecRG,cgi,webapps,0 5663,platforms/php/webapps/5663.txt,"6rbScript - (news.php newsid) SQL Injection",2008-05-21,"Hussin X",php,webapps,0 5664,platforms/php/webapps/5664.txt,"webl?sninger 4 - (XSS/SQL) Multiple Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 5665,platforms/php/webapps/5665.txt,"Netbutikker 4 - SQL Injection",2008-05-21,Mr.SQL,php,webapps,0 -5666,platforms/php/webapps/5666.txt,"e107 Plugin BLOG Engine 2.2 - (uid) Blind SQL Injection",2008-05-22,"Virangar Security",php,webapps,0 +5666,platforms/php/webapps/5666.txt,"e107 Plugin BLOG Engine 2.2 - 'uid' Blind SQL Injection",2008-05-22,"Virangar Security",php,webapps,0 5667,platforms/windows/local/5667.py,"VLC 0.8.6d SSA Parsing Double Sh311 - Universal Exploit",2008-05-23,j0rgan,windows,local,0 5668,platforms/php/webapps/5668.txt,"quate CMS 0.3.4 - (RFI/LFI/XSS/dt) Multiple Vulnerabilities",2008-05-23,DSecRG,php,webapps,0 5669,platforms/php/webapps/5669.txt,"OneCMS 2.5 - (install_mod.php) Local File Inclusion",2008-05-23,DSecRG,php,webapps,0 @@ -5300,7 +5300,7 @@ id,file,description,date,author,platform,type,port 5672,platforms/php/webapps/5672.txt,"plusphp url shortening software 1.6 - Remote File Inclusion",2008-05-25,DR.TOXIC,php,webapps,0 5673,platforms/php/webapps/5673.txt,"Xomol CMS 1.2 - Login Bypass / LFI",2008-05-25,DNX,php,webapps,0 5674,platforms/php/webapps/5674.txt,"RoomPHPlanning 1.5 - Arbitrary Add Admin User",2008-05-26,Stack,php,webapps,0 -5675,platforms/php/webapps/5675.txt,"RoomPHPlanning 1.5 - Multiple SQL Injection",2008-05-26,"Virangar Security",php,webapps,0 +5675,platforms/php/webapps/5675.txt,"RoomPHPlanning 1.5 - Multiple SQL Injections",2008-05-26,"Virangar Security",php,webapps,0 5676,platforms/php/webapps/5676.txt,"CMS MAXSITE 1.10 - (category) SQL Injection",2008-05-26,Tesz,php,webapps,0 5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 - (search) SQL Injection",2008-05-27,The:Paradox,php,webapps,0 5678,platforms/php/webapps/5678.txt,"CKGold Shopping Cart 2.5 - (category_id) SQL Injection",2008-05-27,Cr@zy_King,php,webapps,0 @@ -5308,12 +5308,12 @@ id,file,description,date,author,platform,type,port 5680,platforms/php/webapps/5680.txt,"OtomiGen.X 2.2 - (lang) Local File Inclusion",2008-05-27,Saime,php,webapps,0 5681,platforms/windows/remote/5681.html,"Creative Software AutoUpdate Engine - ActiveX Stack Overflow Exploit",2008-05-27,BitKrush,windows,remote,0 5682,platforms/windows/dos/5682.html,"CA Internet Security Suite 2008 - SaveToFile()File Corruption PoC",2008-05-28,Nine:Situations:Group,windows,dos,0 -5683,platforms/php/webapps/5683.txt,"PHPhotoalbum 0.5 - Multiple SQL Injection",2008-05-28,cOndemned,php,webapps,0 +5683,platforms/php/webapps/5683.txt,"PHPhotoalbum 0.5 - Multiple SQL Injections",2008-05-28,cOndemned,php,webapps,0 5684,platforms/php/webapps/5684.txt,"Joomla Component Artist (idgalery) - SQL Injection",2008-05-28,Cr@zy_King,php,webapps,0 5685,platforms/php/webapps/5685.txt,"FlashBlog - (articulo_id) SQL Injection",2008-05-28,HER0,php,webapps,0 5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader 8.1.2 - Malformed PDF Remote DoS PoC",2008-05-29,securfrog,windows,dos,0 5688,platforms/php/webapps/5688.php,"SyntaxCMS 1.3 - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 -5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - (pid) SQL Injection",2008-05-29,QTRinux,php,webapps,0 +5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - 'pid' SQL Injection",2008-05-29,QTRinux,php,webapps,0 5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 - Local File Inclusion (Windows)",2008-05-29,gmda,php,webapps,0 5691,platforms/php/webapps/5691.php,"CMS from Scratch 1.1.3 - (fckeditor) Remote Shell Upload Exploit",2008-05-29,EgiX,php,webapps,0 5692,platforms/php/webapps/5692.pl,"Mambo Component mambads 1.0 RC1 Beta - SQL Injection",2008-05-29,Houssamix,php,webapps,0 @@ -5322,19 +5322,19 @@ id,file,description,date,author,platform,type,port 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,8800 5696,platforms/php/webapps/5696.pl,"PHP Booking Calendar 10 d - SQL Injection",2008-05-29,Stack,php,webapps,0 5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 -5698,platforms/php/webapps/5698.txt,"HiveMaker Professional 1.0.2 - (cid) SQL Injection",2008-05-30,K-159,php,webapps,0 -5699,platforms/php/webapps/5699.txt,"PsychoStats 2.3.3 - Multiple SQL Injection",2008-05-31,Mr.SQL,php,webapps,0 +5698,platforms/php/webapps/5698.txt,"HiveMaker Professional 1.0.2 - 'cid' SQL Injection",2008-05-30,K-159,php,webapps,0 +5699,platforms/php/webapps/5699.txt,"PsychoStats 2.3.3 - Multiple SQL Injections",2008-05-31,Mr.SQL,php,webapps,0 5700,platforms/php/webapps/5700.htm,"CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload Exploit",2008-05-31,irk4z,php,webapps,0 5701,platforms/php/webapps/5701.txt,"Social Site Generator - (sgc_id) SQL Injection",2008-05-31,"DeAr Ev!L",php,webapps,0 5702,platforms/php/webapps/5702.txt,"Azuresites CMS - Multiple Vulnerabilities",2008-05-31,Lidloses_Auge,php,webapps,0 5703,platforms/php/webapps/5703.txt,"PHP Visit Counter 0.4 - (datespan) SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 5704,platforms/php/webapps/5704.txt,"PassWiki 0.9.16 RC3 - (site_id) Local File Inclusion",2008-05-31,mozi,php,webapps,0 -5705,platforms/asp/webapps/5705.txt,"BP Blog 6.0 - (id) Remote Blind SQL Injection",2008-05-31,JosS,asp,webapps,0 +5705,platforms/asp/webapps/5705.txt,"BP Blog 6.0 - 'id' Remote Blind SQL Injection",2008-05-31,JosS,asp,webapps,0 5706,platforms/php/webapps/5706.php,"EasyWay CMS - (index.php mid) SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 5707,platforms/php/webapps/5707.txt,"Social Site Generator - (path) Remote File Inclusion",2008-05-31,vBmad,php,webapps,0 -5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter 1.4.9 - (id) SQL Injection",2008-05-31,His0k4,php,webapps,0 +5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter 1.4.9 - 'id' SQL Injection",2008-05-31,His0k4,php,webapps,0 5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC (Auth)",2008-05-31,securfrog,windows,dos,0 -5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 - (id) SQL Injection",2008-05-31,Stack,php,webapps,0 +5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 - 'id' SQL Injection",2008-05-31,Stack,php,webapps,0 5711,platforms/php/webapps/5711.txt,"Social Site Generator 2.0 - Multiple Remote File Disclosure Vulnerabilities",2008-06-01,Stack,php,webapps,0 5712,platforms/multiple/dos/5712.pl,"Samba (client) - receive_smb_raw() Buffer Overflow PoC",2008-06-01,"Guido Landi",multiple,dos,0 5713,platforms/php/webapps/5713.txt,"ComicShout 2.8 - (news.php news_id) SQL Injection",2008-06-01,JosS,php,webapps,0 @@ -5352,7 +5352,7 @@ id,file,description,date,author,platform,type,port 5725,platforms/php/webapps/5725.txt,"smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities",2008-06-02,"CWH Underground",php,webapps,0 5727,platforms/windows/dos/5727.pl,"MDaemon 9.6.5 - Multiple Remote Buffer Overflow Exploit PoC",2008-06-02,securfrog,windows,dos,0 5728,platforms/php/webapps/5728.txt,"FlashBlog 0.31b - Remote Arbitrary File Upload",2008-06-03,"ilker Kandemir",php,webapps,0 -5729,platforms/php/webapps/5729.txt,"Joomla Component joomradio 1.0 - (id) SQL Injection",2008-06-03,His0k4,php,webapps,0 +5729,platforms/php/webapps/5729.txt,"Joomla Component joomradio 1.0 - 'id' SQL Injection",2008-06-03,His0k4,php,webapps,0 5730,platforms/php/webapps/5730.txt,"Joomla Component iDoBlog b24 - SQL Injection",2008-06-03,His0k4,php,webapps,0 5731,platforms/php/webapps/5731.txt,"Battle Blog 1.25 - (comment.asp) SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX - Remote Download & Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 @@ -5410,13 +5410,13 @@ id,file,description,date,author,platform,type,port 5785,platforms/php/webapps/5785.txt,"eFiction 3.0 - (toplists.php list) SQL Injection",2008-06-11,Mr.SQL,php,webapps,0 5786,platforms/php/webapps/5786.txt,"IPTBB 0.5.6 - Arbitrary Add-Admin Exploit",2008-06-11,"CWH Underground",php,webapps,0 5787,platforms/php/webapps/5787.txt,"MycroCMS 0.5 - Remote Blind SQL Injection",2008-06-11,"CWH Underground",php,webapps,0 -5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injection",2008-06-11,BugReport.IR,php,webapps,0 -5789,platforms/php/webapps/5789.pl,"JAMM CMS - (id) Remote Blind SQL Injection",2008-06-11,anonymous,php,webapps,0 +5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections",2008-06-11,BugReport.IR,php,webapps,0 +5789,platforms/php/webapps/5789.pl,"JAMM CMS - 'id' Remote Blind SQL Injection",2008-06-11,anonymous,php,webapps,0 5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC validation error Remote Authentication Bypass Exploit",2008-06-12,"Maurizio Agazzini",multiple,remote,161 5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC - Multiple Local File Inclusion",2008-06-12,"CWH Underground",php,webapps,0 5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote BoF Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 -5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - (results.php) SQL Injection",2008-06-12,anonymous,php,webapps,0 +5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - 'results.php' SQL Injection",2008-06-12,anonymous,php,webapps,0 5795,platforms/windows/remote/5795.html,"XChat 2.8.7b - (URI Handler) Remote Code Execution Exploit (ie6/ie7)",2008-06-13,securfrog,windows,remote,0 5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection",2008-06-12,TheDefaced,php,webapps,0 5797,platforms/php/webapps/5797.txt,"butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities",2008-06-13,"CWH Underground",php,webapps,0 @@ -5433,7 +5433,7 @@ id,file,description,date,author,platform,type,port 5808,platforms/php/webapps/5808.txt,"Mambo 4.6.4 - (Output.php) Remote File Inclusion",2008-06-13,irk4z,php,webapps,0 5809,platforms/php/webapps/5809.txt,"Pre Job Board - (JobSearch.php) SQL Injection",2008-06-14,JosS,php,webapps,0 5810,platforms/php/webapps/5810.txt,"contenido 4.8.4 - (RFI/XSS) Multiple Vulnerabilities",2008-06-14,RoMaNcYxHaCkEr,php,webapps,0 -5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple SQL Injection",2008-06-14,"CWH Underground",php,webapps,0 +5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple SQL Injections",2008-06-14,"CWH Underground",php,webapps,0 5812,platforms/php/webapps/5812.txt,"PHPMyCart - (shop.php cat) SQL Injection",2008-06-14,anonymous,php,webapps,0 5813,platforms/php/webapps/5813.txt,"Shoutcast Admin Panel 2.0 - (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0 5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Post-Auth Remote Memory Consumption Exploit",2008-06-14,"Praveen Darshanam",linux,dos,0 @@ -5443,7 +5443,7 @@ id,file,description,date,author,platform,type,port 5818,platforms/php/webapps/5818.txt,"xeCMS 1.0.0 RC2 - Insecure Cookie Handling",2008-06-14,t0pP8uZz,php,webapps,0 5819,platforms/php/webapps/5819.txt,"ezcms 1.2 - (bSQL/admin byapss) Multiple Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 5820,platforms/php/webapps/5820.txt,"PHPEasyNews 1.13 RC2 - (post) SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 -5821,platforms/php/webapps/5821.txt,"AlstraSoft AskMe Pro 2.1 - Multiple SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 +5821,platforms/php/webapps/5821.txt,"AlstraSoft AskMe Pro 2.1 - Multiple SQL Injections",2008-06-14,t0pP8uZz,php,webapps,0 5822,platforms/php/webapps/5822.txt,"Devalcms 1.4a - (currentfile) Local File Inclusion",2008-06-15,"CWH Underground",php,webapps,0 5823,platforms/php/webapps/5823.txt,"AWBS 2.7.1 - (news.php viewnews) SQL Injection",2008-06-15,Mr.SQL,php,webapps,0 5824,platforms/php/webapps/5824.txt,"Anata CMS 1.0b5 - (change.php) Arbitrary Add Admin",2008-06-15,"CWH Underground",php,webapps,0 @@ -5454,16 +5454,16 @@ id,file,description,date,author,platform,type,port 5830,platforms/php/webapps/5830.txt,"NiTrO Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - Blind SQL Injection",2008-06-16,anonymous,php,webapps,0 -5833,platforms/php/webapps/5833.txt,"Joomla Simple Shop Galore Component 3.x - (catid) SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 +5833,platforms/php/webapps/5833.txt,"Joomla Simple Shop Galore Component 3.x - 'catid' SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - (index.php Id) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5836,platforms/php/webapps/5836.txt,"BaSiC-CMS - (index.php r) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer - dne2000.sys kernel ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 -5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - (index.php page) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - (tid) SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - (detail.php id) SQL Injection",2008-06-17,anonymous,php,webapps,0 5841,platforms/php/webapps/5841.txt,"ThaiQuickCart - (sLanguage) Local File Inclusion",2008-06-17,"CWH Underground",php,webapps,0 -5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - (index.php page) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5843,platforms/windows/dos/5843.html,"P2P Foxy - Out of Memory Denial of Service",2008-06-17,Styxosaurus,windows,dos,0 5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0 5845,platforms/php/webapps/5845.txt,"MyShoutPro 1.2 - Final Insecure Cookie Handling",2008-06-17,Stack,php,webapps,0 @@ -5489,22 +5489,22 @@ id,file,description,date,author,platform,type,port 5865,platforms/php/webapps/5865.txt,"CaupoShop Classic 1.3 - (saArticle[ID]) SQL Injection",2008-06-19,anonymous,php,webapps,0 5866,platforms/php/webapps/5866.txt,"Lotus Core CMS 1.0.1 - Remote File Inclusion",2008-06-19,Ciph3r,php,webapps,0 5867,platforms/php/webapps/5867.txt,"AJ Auction Web 2.0 - (cate_id) SQL Injection",2008-06-19,"Hussin X",php,webapps,0 -5868,platforms/php/webapps/5868.txt,"AJ Auction 1.0 - (id) SQL Injection",2008-06-19,"Hussin X",php,webapps,0 +5868,platforms/php/webapps/5868.txt,"AJ Auction 1.0 - 'id' SQL Injection",2008-06-19,"Hussin X",php,webapps,0 5869,platforms/php/webapps/5869.txt,"virtual support office-xp 3.0.29 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 5870,platforms/php/webapps/5870.txt,"gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 -5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 - (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 -5872,platforms/php/webapps/5872.txt,"FubarForum 1.5 - (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 +5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 - 'index.php' Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 +5872,platforms/php/webapps/5872.txt,"FubarForum 1.5 - 'index.php' Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 5873,platforms/php/webapps/5873.txt,"lightweight news portal [lnp] 1.0b - Multiple Vulnerabilities",2008-06-20,storm,php,webapps,0 5874,platforms/php/webapps/5874.txt,"IPTBB 0.5.6 - (index.php act) Local File Inclusion",2008-06-20,storm,php,webapps,0 5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 - (links-extern.php id) SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5876,platforms/php/webapps/5876.txt,"Jamroom 3.3.5 - Remote File Inclusion",2008-06-20,cyberlog,php,webapps,0 5877,platforms/php/webapps/5877.txt,"jaxultrabb 2.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-20,"CWH Underground",php,webapps,0 -5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - (cat_id) SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 +5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - 'cat_id' SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 5879,platforms/php/webapps/5879.txt,"PHPAuction - (profile.php user_id) SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5880,platforms/php/webapps/5880.txt,"sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities",2008-06-21,"CWH Underground",php,webapps,0 5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 - (readarticle.php article_id) SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 5882,platforms/php/webapps/5882.txt,"eNews 0.1 - (delete.php) Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 -5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 - (cat_id) SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 +5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 5884,platforms/php/webapps/5884.txt,"Aprox CMS Engine 5 (1.0.4) - Local File Inclusion",2008-06-21,SkyOut,php,webapps,0 5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase 0.41 - Blind SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5886,platforms/php/webapps/5886.pl,"LaserNet CMS 1.5 - Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 @@ -5513,13 +5513,13 @@ id,file,description,date,author,platform,type,port 5889,platforms/php/webapps/5889.txt,"OFFL 0.2.6 - (teams.php fflteam) SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME - (news.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - (item.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 -5893,platforms/php/webapps/5893.txt,"Joomla Component EXP Shop - (catid) SQL Injection",2008-06-22,His0k4,php,webapps,0 +5893,platforms/php/webapps/5893.txt,"Joomla Component EXP Shop - 'catid' SQL Injection",2008-06-22,His0k4,php,webapps,0 5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 - (forum.asp iFor) SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 5895,platforms/php/webapps/5895.txt,"shibby shop 2.2 - (SQL/update) Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 5896,platforms/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusion",2008-06-22,"CWH Underground",php,webapps,0 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection",2008-06-22,"Guido Landi",php,webapps,0 -5899,platforms/php/webapps/5899.txt,"PageSquid CMS 0.3 Beta - (index.php page) SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 +5899,platforms/php/webapps/5899.txt,"PageSquid CMS 0.3 Beta - 'index.php' SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 5900,platforms/php/webapps/5900.txt,"RSS-Aggregator - (display.php path) Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 @@ -5545,7 +5545,7 @@ id,file,description,date,author,platform,type,port 5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems 3.0 - (listing_id) SQL Injection",2008-06-24,K-159,php,webapps,0 -5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple SQL Injection",2008-06-24,"CWH Underground",php,webapps,0 +5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple SQL Injections",2008-06-24,"CWH Underground",php,webapps,0 5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0 5927,platforms/asp/webapps/5927.txt,"DUcalendar 1.0 - (detail.asp iEve) SQL Injection",2008-06-24,Bl@ckbe@rD,asp,webapps,0 5928,platforms/php/webapps/5928.txt,"HiveMaker Directory - (index.php cid) SQL Injection",2008-06-24,"security fears team",php,webapps,0 @@ -5581,45 +5581,45 @@ id,file,description,date,author,platform,type,port 5960,platforms/php/webapps/5960.txt,"SePortal 2.4 - (poll.php poll_id) SQL Injection",2008-06-27,Mr.SQL,php,webapps,0 5961,platforms/php/webapps/5961.txt,"PHP-Fusion Mod classifieds - (lid) SQL Injection",2008-06-27,boom3rang,php,webapps,0 5962,platforms/php/webapps/5962.txt,"poweraward 1.1.0 rc1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-28,CraCkEr,php,webapps,0 -5963,platforms/php/webapps/5963.txt,"Joomla Component jabode - (id) SQL Injection",2008-06-28,His0k4,php,webapps,0 -5964,platforms/php/webapps/5964.txt,"Online Booking Manager 2.2 - (id) SQL Injection",2008-06-28,"Hussin X",php,webapps,0 +5963,platforms/php/webapps/5963.txt,"Joomla Component jabode - 'id' SQL Injection",2008-06-28,His0k4,php,webapps,0 +5964,platforms/php/webapps/5964.txt,"Online Booking Manager 2.2 - 'id' SQL Injection",2008-06-28,"Hussin X",php,webapps,0 5965,platforms/php/webapps/5965.txt,"Joomla Component beamospetition - SQL Injection",2008-06-28,His0k4,php,webapps,0 -5966,platforms/php/webapps/5966.pl,"Joomla Component Xe webtv - (id) Blind SQL Injection",2008-06-28,His0k4,php,webapps,0 -5967,platforms/php/webapps/5967.txt,"SebracCMS 0.4 - Multiple SQL Injection",2008-06-28,shinmai,php,webapps,0 +5966,platforms/php/webapps/5966.pl,"Joomla Component Xe webtv - 'id' Blind SQL Injection",2008-06-28,His0k4,php,webapps,0 +5967,platforms/php/webapps/5967.txt,"SebracCMS 0.4 - Multiple SQL Injections",2008-06-28,shinmai,php,webapps,0 5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 - Post-Auth IMAP Remote Buffer Overflow DoS",2008-06-30,"Travis Warren",windows,dos,0 5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) SQL Injection",2008-06-30,anonymous,php,webapps,0 5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) SQL Injection",2008-06-30,JuDge,php,webapps,0 5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin Exploit",2008-06-30,"CWH Underground",php,webapps,0 5972,platforms/php/webapps/5972.txt,"RCM Revision Web Development - (products.php) SQL Injection",2008-06-30,Niiub,php,webapps,0 5973,platforms/php/webapps/5973.php,"Pivot 1.40.5 - Dreamwind load_template() Credentials Disclosure Exploit",2008-06-30,Nine:Situations:Group,php,webapps,0 -5974,platforms/php/webapps/5974.txt,"Catviz 0.4.0 beta1 - Multiple SQL Injection",2008-06-30,anonymous,php,webapps,0 -5975,platforms/php/webapps/5975.txt,"myBloggie 2.1.6 - Multiple SQL Injection",2008-06-30,"Jesper Jurcenoks",php,webapps,0 +5974,platforms/php/webapps/5974.txt,"Catviz 0.4.0 beta1 - Multiple SQL Injections",2008-06-30,anonymous,php,webapps,0 +5975,platforms/php/webapps/5975.txt,"myBloggie 2.1.6 - Multiple SQL Injections",2008-06-30,"Jesper Jurcenoks",php,webapps,0 5976,platforms/php/webapps/5976.pl,"AShop Deluxe 4.x - (catalogue.php cat) SQL Injection",2008-06-30,n0c0py,php,webapps,0 5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - (chatbox.php) SQL Injection",2008-06-30,DNX,php,webapps,0 5979,platforms/openbsd/local/5979.c,"OpenBSD 4.0 - Local Root Exploit (vga)",2008-07-01,"lul-disclosure inc.",openbsd,local,0 -5980,platforms/php/webapps/5980.txt,"Mambo Component n-gallery - Multiple SQL Injection",2008-06-30,AlbaniaN-[H],php,webapps,0 +5980,platforms/php/webapps/5980.txt,"Mambo Component n-gallery - Multiple SQL Injections",2008-06-30,AlbaniaN-[H],php,webapps,0 5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion",2008-06-30,"Ghost Hacker",php,webapps,0 -5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 - (index.php page) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 +5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 - 'index.php' Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 5983,platforms/php/webapps/5983.txt,"CAT2 - (spaw_root) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 5984,platforms/php/webapps/5984.txt,"Sisplet CMS - (index.php id) 2008-01-24 SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 - (article_ID) SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution Exploit",2008-07-01,"Charles Fol",php,webapps,0 -5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 - (cat_id) SQL Injection",2008-07-01,Kacak,php,webapps,0 +5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 - 'cat_id' SQL Injection",2008-07-01,Kacak,php,webapps,0 5988,platforms/php/webapps/5988.txt,"plx Ad Trader 3.2 - (adid) SQL Injection",2008-07-01,"Hussin X",php,webapps,0 -5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 - (id) SQL Injection",2008-07-01,"DarkMatter Crew",php,webapps,0 -5990,platforms/php/webapps/5990.txt,"Joomla Component mygallery - (cid) SQL Injection",2008-07-01,Houssamix,php,webapps,0 +5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 - 'id' SQL Injection",2008-07-01,"DarkMatter Crew",php,webapps,0 +5990,platforms/php/webapps/5990.txt,"Joomla Component mygallery - 'cid' SQL Injection",2008-07-01,Houssamix,php,webapps,0 5991,platforms/php/webapps/5991.txt,"XchangeBoard 1.70 - (boardID) SQL Injection",2008-07-02,haZl0oh,php,webapps,0 5992,platforms/php/webapps/5992.txt,"CMS little 0.0.1 - (index.php template) Local File Inclusion",2008-07-02,"CWH Underground",php,webapps,0 -5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks - (catid) SQL Injection",2008-07-02,His0k4,php,webapps,0 +5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks - 'catid' SQL Injection",2008-07-02,His0k4,php,webapps,0 5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 - SQL Injection",2008-07-02,Houssamix,php,webapps,0 -5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 - Multiple SQL Injection",2008-07-02,Houssamix,php,webapps,0 +5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 - Multiple SQL Injections",2008-07-02,Houssamix,php,webapps,0 5996,platforms/php/webapps/5996.txt,"phPortal 1.2 - Multiple Remote File Inclusions Exploit",2008-07-02,Ciph3r,php,webapps,0 -5997,platforms/php/webapps/5997.pl,"CMS WebBlizzard - (index.php page) Blind SQL Injection",2008-07-03,Bl@ckbe@rD,php,webapps,0 +5997,platforms/php/webapps/5997.pl,"CMS WebBlizzard - 'index.php' Blind SQL Injection",2008-07-03,Bl@ckbe@rD,php,webapps,0 5998,platforms/php/webapps/5998.txt,"phpWebNews 0.2 MySQL Edition - (id_kat) SQL Injection",2008-07-03,storm,php,webapps,0 5999,platforms/php/webapps/5999.txt,"phpWebNews 0.2 MySQL Edition - (det) SQL Injection",2008-07-03,"Virangar Security",php,webapps,0 6000,platforms/php/webapps/6000.txt,"pHNews CMS - Multiple Local File Inclusion",2008-07-03,CraCkEr,php,webapps,0 6001,platforms/php/webapps/6001.txt,"1024 CMS 1.4.4 - Multiple Remote/Local File Inclusion",2008-07-04,DSecRG,php,webapps,0 -6002,platforms/php/webapps/6002.pl,"Joomla Component altas 1.0 - Multiple SQL Injection",2008-07-04,Houssamix,php,webapps,0 +6002,platforms/php/webapps/6002.pl,"Joomla Component altas 1.0 - Multiple SQL Injections",2008-07-04,Houssamix,php,webapps,0 6003,platforms/php/webapps/6003.txt,"Joomla Component DBQuery 1.4.1.1 - Remote File Inclusion",2008-07-04,SsEs,php,webapps,0 6004,platforms/windows/remote/6004.txt,"Panda Security ActiveScan 2.0 (Update) - Remote BoF Exploit",2008-07-04,"Karol Wiesek",windows,remote,0 6005,platforms/php/webapps/6005.php,"Site@School 2.4.10 - (fckeditor) Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0 @@ -5627,7 +5627,7 @@ id,file,description,date,author,platform,type,port 6007,platforms/php/webapps/6007.txt,"Kasseler CMS 1.3.0 - (LFI/XSS) Multiple Vulnerabilities",2008-07-05,Cr@zy_King,php,webapps,0 6008,platforms/php/webapps/6008.php,"ImperialBB 2.3.5 - Remote File Upload Exploit",2008-07-05,PHPLizardo,php,webapps,0 6009,platforms/php/webapps/6009.pl,"fuzzylime CMS 3.01 - Remote Command Execution Exploit",2008-07-05,Ams,php,webapps,0 -6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - (uid) SQL Injection",2008-07-06,"HIva Team",php,webapps,0 +6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - 'uid' SQL Injection",2008-07-06,"HIva Team",php,webapps,0 6011,platforms/php/webapps/6011.txt,"contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - (CMailCOM.dll) Remote SEH Overwrite Exploit",2008-07-06,Nine:Situations:Group,windows,remote,80 6013,platforms/osx/remote/6013.pl,"Safari / Quicktime 7.3 - RTSP Content-Type Remote BoF Exploit",2008-07-06,krafty,osx,remote,0 @@ -5646,14 +5646,14 @@ id,file,description,date,author,platform,type,port 6027,platforms/php/webapps/6027.txt,"Mole Group Last Minute Script 4.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6028,platforms/php/webapps/6028.txt,"BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 6029,platforms/multiple/dos/6029.txt,"Firefox/Evince/EOG/Gimp - (.SVG) Denial of Service PoC",2008-07-08,"Kristian Hermansen",multiple,dos,0 -6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - (m3u) Local BoF Exploit (0Day)",2008-07-08,h07,windows,local,0 +6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - '.m3u' Local BoF Exploit (0Day)",2008-07-08,h07,windows,local,0 6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) BoF PoC",2008-07-08,Defsanguje,windows,local,0 6032,platforms/linux/local/6032.py,"Poppler 0.8.4 - libpoppler uninitialized pointer Code Execution PoC",2008-07-08,"Felipe Andres Manzano",linux,local,0 6033,platforms/php/webapps/6033.pl,"AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 6034,platforms/php/webapps/6034.txt,"Dreampics Builder - (page) SQL Injection",2008-07-09,"Hussin X",php,webapps,0 -6035,platforms/php/webapps/6035.txt,"DreamNews Manager - (id) SQL Injection",2008-07-10,"Hussin X",php,webapps,0 +6035,platforms/php/webapps/6035.txt,"DreamNews Manager - 'id' SQL Injection",2008-07-10,"Hussin X",php,webapps,0 6036,platforms/php/webapps/6036.txt,"gapicms 9.0.2 - (dirDepth) Remote File Inclusion",2008-07-10,"Ghost Hacker",php,webapps,0 -6037,platforms/php/webapps/6037.txt,"phpDatingClub - (website.php page) Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 +6037,platforms/php/webapps/6037.txt,"phpDatingClub - 'website.php' Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 6039,platforms/windows/local/6039.c,"Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit",2008-07-11,Shinnok,windows,local,0 6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injection",2008-07-11,"Nu Am Bani",php,webapps,0 6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 @@ -5670,7 +5670,7 @@ id,file,description,date,author,platform,type,port 6053,platforms/php/webapps/6053.php,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (PHP)",2008-07-12,"Inphex and real",php,webapps,0 6054,platforms/php/webapps/6054.pl,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)",2008-07-12,"Inphex and real",php,webapps,0 6055,platforms/php/webapps/6055.pl,"Joomla Component n-forms 1.01 - Blind SQL Injection",2008-07-12,"The Moorish",php,webapps,0 -6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition - (id) SQL Injection",2008-07-12,Mr.SQL,php,webapps,0 +6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition - 'id' SQL Injection",2008-07-12,Mr.SQL,php,webapps,0 6057,platforms/php/webapps/6057.txt,"jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities",2008-07-12,S.W.A.T.,php,webapps,0 6058,platforms/php/webapps/6058.txt,"Avlc Forum - (vlc_forum.php id) SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 6059,platforms/windows/dos/6059.pl,"Simple DNS Plus 5.0/4.1 - Remote Denial of Service",2008-07-13,Exodus,windows,dos,0 @@ -5698,20 +5698,20 @@ id,file,description,date,author,platform,type,port 6081,platforms/php/webapps/6081.txt,"Galatolo Web Manager 1.3a - Insecure Cookie Handling",2008-07-15,"Virangar Security",php,webapps,0 6082,platforms/php/webapps/6082.txt,"PhotoPost vBGallery 2.4.2 - Arbitrary File Upload",2008-07-15,"Cold Zero",php,webapps,0 6083,platforms/windows/dos/6083.html,"Document Imaging SDK 10.95 - ActiveX Buffer Overflow PoC",2008-07-15,r0ut3r,windows,dos,0 -6084,platforms/php/webapps/6084.txt,"HockeySTATS Online 2.0 - Multiple SQL Injection",2008-07-15,Mr.SQL,php,webapps,0 +6084,platforms/php/webapps/6084.txt,"HockeySTATS Online 2.0 - Multiple SQL Injections",2008-07-15,Mr.SQL,php,webapps,0 6085,platforms/php/webapps/6085.pl,"PHPizabi 0.848b C1 HFP1 - Remote Code Execution Exploit",2008-07-16,Inphex,php,webapps,0 6086,platforms/php/webapps/6086.txt,"Joomla Component DT Register - SQL Injection",2008-07-16,His0k4,php,webapps,0 6087,platforms/php/webapps/6087.txt,"AlstraSoft Affiliate Network Pro - (pgm) SQL Injection",2008-07-16,"Hussin X",php,webapps,0 -6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 - Multiple SQL Injection",2008-07-16,Mr.SQL,php,webapps,0 +6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 - Multiple SQL Injections",2008-07-16,Mr.SQL,php,webapps,0 6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector - Code Execution / Denial of Service",2008-07-17,kingcope,windows,remote,80 6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class - ActiveX Control Buffer Overflow PoC",2008-07-17,"Guido Landi",windows,dos,0 6091,platforms/php/webapps/6091.txt,"phpHoo3 <= 5.2.6 - (phpHoo3.php viewCat) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 6092,platforms/php/webapps/6092.txt,"AlstraSoft Video Share Enterprise 4.5.1 - (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0 6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Remote SELinux Privilege Elevation Exploit (Auth)",2008-07-17,eliteboy,linux,remote,0 6095,platforms/php/webapps/6095.pl,"AlstraSoft Article Manager Pro 1.6 - Blind SQL Injection",2008-07-17,GoLd_M,php,webapps,0 -6096,platforms/php/webapps/6096.txt,"preCMS 1 - (index.php page) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 +6096,platforms/php/webapps/6096.txt,"preCMS 1 - 'index.php' SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 6097,platforms/php/webapps/6097.txt,"Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-17,QTRinux,php,webapps,0 -6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 - (index.php page) SQL Injection",2008-07-18,Mr.SQL,php,webapps,0 +6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection",2008-07-18,Mr.SQL,php,webapps,0 6099,platforms/php/webapps/6099.txt,"Siteframe - (folder.php id) SQL Injection",2008-07-18,n0ne,php,webapps,0 6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 - Remote Buffer Overflow Exploit (Win32)",2008-07-18,Unohope,windows,remote,80 6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Pre-Auth Denial of Service",2008-07-19,"Joxean Koret",multiple,dos,0 @@ -5727,7 +5727,7 @@ id,file,description,date,author,platform,type,port 6111,platforms/cgi/webapps/6111.pl,"MojoAuto - (mojoAuto.cgi mojo) Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 6112,platforms/php/webapps/6112.txt,"EZWebAlbum (dlfilename) - Remote File Disclosure",2008-07-21,"Ghost Hacker",php,webapps,0 6113,platforms/php/webapps/6113.pl,"Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-21,ldma,php,webapps,0 -6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - (pid) SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 +6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - 'pid' SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 6115,platforms/php/webapps/6115.txt,"EZWebAlbum - Insecure Cookie Handling",2008-07-21,"Virangar Security",php,webapps,0 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (Perl)",2008-07-22,"Guido Landi",windows,remote,0 6117,platforms/php/webapps/6117.txt,"youtube blog 0.1 - (RFI/SQLl/XSS) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 @@ -5739,20 +5739,20 @@ id,file,description,date,author,platform,type,port 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)",2008-07-24,"Julien Desfossez",multiple,remote,0 6124,platforms/windows/remote/6124.c,"Microsoft Access - (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 - (photoId) SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 -6126,platforms/php/webapps/6126.txt,"ibase 2.03 - (download.php) Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 +6126,platforms/php/webapps/6126.txt,"ibase 2.03 - 'download.php' Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 -6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - (id) SQL Injection",2008-07-24,IRAQI,php,webapps,0 +6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - 'id' SQL Injection",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a - tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 6131,platforms/php/webapps/6131.txt,"xrms 1.99.2 - (RFI/XSS/ig) Multiple Vulnerabilities",2008-07-25,AzzCoder,php,webapps,0 -6132,platforms/php/webapps/6132.txt,"Camera Life 2.6.2 - (id) SQL Injection",2008-07-25,nuclear,php,webapps,0 +6132,platforms/php/webapps/6132.txt,"Camera Life 2.6.2 - 'id' SQL Injection",2008-07-25,nuclear,php,webapps,0 6133,platforms/php/webapps/6133.txt,"FizzMedia 1.51.2 - (comment.php mid) SQL Injection",2008-07-25,Mr.SQL,php,webapps,0 6134,platforms/php/webapps/6134.txt,"phpTest 0.6.3 - (picture.php image_id) SQL Injection",2008-07-25,cOndemned,php,webapps,0 6135,platforms/asp/webapps/6135.txt,"fipsCMS light 2.1 - (r) SQL Injection",2008-07-26,U238,asp,webapps,0 6136,platforms/php/webapps/6136.txt,"phpWebNews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling",2008-07-26,"Virangar Security",php,webapps,0 6137,platforms/php/webapps/6137.txt,"IceBB 1.0-RC9.2 - Blind SQL Injection / Session Hijacking Exploit",2008-07-26,girex,php,webapps,0 6138,platforms/php/webapps/6138.txt,"Mobius 1.4.4.1 - (browse.php id) SQL Injection",2008-07-26,dun,php,webapps,0 -6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 - (pid) SQL Injection",2008-07-26,mikeX,php,webapps,0 +6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 - 'pid' SQL Injection",2008-07-26,mikeX,php,webapps,0 6140,platforms/php/webapps/6140.txt,"phpLinkat 0.1 - Insecure Cookie Handling / SQL Injection",2008-07-26,"Encrypt3d.M!nd ",php,webapps,0 6141,platforms/php/webapps/6141.txt,"TriO 2.1 - (browse.php id) SQL Injection",2008-07-26,dun,php,webapps,0 6142,platforms/php/webapps/6142.txt,"CMScout 2.05 - (common.php bit) Local File Inclusion",2008-07-27,"Khashayar Fereidani",php,webapps,0 @@ -5782,7 +5782,7 @@ id,file,description,date,author,platform,type,port 6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 6167,platforms/php/webapps/6167.txt,"Article Friendly Pro/Standard - (Cat) SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6168,platforms/php/webapps/6168.php,"HIOX Browser Statistics 2.0 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 -6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script - (cid) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 +6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script - 'cid' SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script - (UID) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 - (Calendar Module) SQL Injection",2008-07-30,Jack,php,webapps,0 6172,platforms/php/webapps/6172.pl,"Pligg 9.9.0 - Remote Code Execution Exploit",2008-07-30,"GulfTech Security",php,webapps,0 @@ -5795,29 +5795,29 @@ id,file,description,date,author,platform,type,port 6179,platforms/php/webapps/6179.txt,"LetterIt 2 - (language) Local File Inclusion",2008-07-31,NoGe,php,webapps,0 6180,platforms/php/webapps/6180.txt,"phpMyRealty - (location) SQL Injection",2008-08-01,CraCkEr,php,webapps,0 6181,platforms/windows/dos/6181.php,"RealVNC Windows Client 4.1.2 - Remote DoS Crash PoC",2008-08-01,beford,windows,dos,0 -6182,platforms/php/webapps/6182.txt,"PHPAuction GPL Enhanced 2.51 - (profile.php) SQL Injection",2008-08-01,"Hussin X",php,webapps,0 +6182,platforms/php/webapps/6182.txt,"PHPAuction GPL Enhanced 2.51 - 'profile.php' SQL Injection",2008-08-01,"Hussin X",php,webapps,0 6183,platforms/php/webapps/6183.txt,"ABG Blocking Script 1.0a - (abg_path) Remote File Inclusion",2008-08-01,Lo$er,php,webapps,0 6184,platforms/php/webapps/6184.txt,"E-topbiz Dating 3 PHP Script - (mail_id) SQL Injection",2008-08-01,Corwin,php,webapps,0 -6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 - (id) SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 - (id) SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6187,platforms/php/webapps/6187.txt,"eStoreAff 0.1 - (cid) SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 - 'id' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 - 'id' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6187,platforms/php/webapps/6187.txt,"eStoreAff 0.1 - 'cid' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 6188,platforms/windows/local/6188.c,"IrfanView 3.99 - IFF File Local Stack Buffer Overflow Exploit",2008-08-01,"fl0 fl0w",windows,local,0 -6189,platforms/php/webapps/6189.txt,"GreenCart PHP Shopping Cart - (id) SQL Injection",2008-08-01,"Hussin X",php,webapps,0 -6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple SQL Injection",2008-08-01,cOndemned,php,webapps,0 +6189,platforms/php/webapps/6189.txt,"GreenCart PHP Shopping Cart - 'id' SQL Injection",2008-08-01,"Hussin X",php,webapps,0 +6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple SQL Injections",2008-08-01,cOndemned,php,webapps,0 6191,platforms/php/webapps/6191.txt,"e-vision CMS 2.02 - (SQL/upload/ig) Multiple Vulnerabilities",2008-08-02,"Khashayar Fereidani",php,webapps,0 6192,platforms/php/webapps/6192.txt,"k-links directory - (SQL/XSS) Multiple Vulnerabilities",2008-08-02,Corwin,php,webapps,0 -6193,platforms/php/webapps/6193.txt,"E-Store Kit- <= 2 PayPal Edition - (pid) SQL Injection",2008-08-02,Mr.SQL,php,webapps,0 -6194,platforms/php/webapps/6194.pl,"moziloCMS 1.10.1 - (download.php) Arbitrary Download File Exploit",2008-08-02,Ams,php,webapps,0 +6193,platforms/php/webapps/6193.txt,"E-Store Kit- <= 2 PayPal Edition - 'pid' SQL Injection",2008-08-02,Mr.SQL,php,webapps,0 +6194,platforms/php/webapps/6194.pl,"moziloCMS 1.10.1 - 'download.php' Arbitrary Download File Exploit",2008-08-02,Ams,php,webapps,0 6195,platforms/windows/remote/6195.c,"IntelliTamper 2.07 - (imgsrc) Remote Buffer Overflow Exploit",2008-08-03,r0ut3r,windows,remote,0 6196,platforms/hardware/dos/6196.pl,"Xerox Phaser 8400 - (reboot) Remote Denial of Service",2008-08-03,crit3rion,hardware,dos,0 6199,platforms/php/webapps/6199.pl,"Joomla Component EZ Store Remote - Blind SQL Injection",2008-08-03,His0k4,php,webapps,0 -6200,platforms/php/webapps/6200.txt,"syzygyCMS 0.3 - (index.php page) Local File Inclusion",2008-08-03,SirGod,php,webapps,0 +6200,platforms/php/webapps/6200.txt,"syzygyCMS 0.3 - 'index.php' Local File Inclusion",2008-08-03,SirGod,php,webapps,0 6201,platforms/windows/dos/6201.html,"HydraIrc 0.3.164 - (last) Remote Denial of Service",2008-08-04,securfrog,windows,dos,0 6203,platforms/php/webapps/6203.txt,"Dayfox Blog 4 - Multiple Local File Inclusion",2008-08-04,"Virangar Security",php,webapps,0 6204,platforms/php/webapps/6204.txt,"Plogger 3.0 - SQL Injection",2008-08-05,"GulfTech Security",php,webapps,0 6205,platforms/php/webapps/6205.txt,"iges CMS 2.0 - (XSS/SQL) Multiple Vulnerabilities",2008-08-05,BugReport.IR,php,webapps,0 6206,platforms/php/webapps/6206.txt,"LiteNews 0.1 - Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 -6207,platforms/php/webapps/6207.txt,"LiteNews 0.1 - (id) SQL Injection",2008-08-05,Stack,php,webapps,0 +6207,platforms/php/webapps/6207.txt,"LiteNews 0.1 - 'id' SQL Injection",2008-08-05,Stack,php,webapps,0 6208,platforms/php/webapps/6208.txt,"Multiple Wsn Products - (LFI) Code Execution",2008-08-06,otmorozok428,php,webapps,0 6209,platforms/php/webapps/6209.rb,"LoveCMS 1.6.2 Final - Remote Code Execution Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6210,platforms/php/webapps/6210.rb,"LoveCMS 1.6.2 Final - Update Settings Remote Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 @@ -5830,11 +5830,11 @@ id,file,description,date,author,platform,type,port 6218,platforms/multiple/dos/6218.txt,"Sun xVM VirtualBox < 1.6.4 - Privilege Escalation PoC",2008-08-10,"Core Security",multiple,dos,0 6219,platforms/php/webapps/6219.txt,"e107 <= 0.7.11 - Arbitrary Variable Overwriting",2008-08-10,"GulfTech Security",php,webapps,0 6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager - (atucfobj.dll) ActiveX Remote BoF Exploit",2008-08-10,"Guido Landi",windows,remote,0 -6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - (id) SQL Injection",2008-08-10,CraCkEr,php,webapps,0 +6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - 'id' SQL Injection",2008-08-10,CraCkEr,php,webapps,0 6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 - forums[] SQL Injection",2008-08-10,irk4z,php,webapps,0 6224,platforms/php/webapps/6224.txt,"txtSQL 2.2 Final - (startup.php) Remote File Inclusion",2008-08-10,CraCkEr,php,webapps,0 6225,platforms/php/webapps/6225.txt,"PHP-Ring Webring System 0.9.1 - Insecure Cookie Handling",2008-08-10,"Virangar Security",php,webapps,0 -6226,platforms/php/webapps/6226.txt,"psipuss 1.0 - Multiple SQL Injection",2008-08-10,"Virangar Security",php,webapps,0 +6226,platforms/php/webapps/6226.txt,"psipuss 1.0 - Multiple SQL Injections",2008-08-10,"Virangar Security",php,webapps,0 6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution Exploit",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 6228,platforms/php/webapps/6228.txt,"OpenImpro 1.1 - (image.php id) SQL Injection",2008-08-10,nuclear,php,webapps,0 6229,platforms/multiple/remote/6229.txt,"apache tomcat < 6.0.18 utf8 - Directory Traversal",2008-08-11,"Simon Ryeo",multiple,remote,0 @@ -5850,7 +5850,7 @@ id,file,description,date,author,platform,type,port 6239,platforms/multiple/dos/6239.txt,"Ruby 1.9 - (regex engine) Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié ",multiple,dos,0 6240,platforms/windows/dos/6240.py,"FlashGet 1.9 - (FTP PWD Response) Remote BoF Exploit PoC (0Day)",2008-08-13,h07,windows,dos,0 6244,platforms/windows/dos/6244.js,"Microsoft Visual Studio - (Msmask32.ocx) ActiveX Remote BoF PoC",2008-08-14,Symantec,windows,dos,0 -6247,platforms/php/webapps/6247.txt,"dotCMS 1.6 - (id) Multiple Local File Inclusion",2008-08-15,Don,php,webapps,0 +6247,platforms/php/webapps/6247.txt,"dotCMS 1.6 - 'id' Multiple Local File Inclusion",2008-08-15,Don,php,webapps,0 6248,platforms/windows/remote/6248.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) SEH STACK Overflow Exploit",2008-08-15,SkOd,windows,remote,21 6249,platforms/php/webapps/6249.txt,"ZEEJOBSITE 2.0 - (adid) SQL Injection",2008-08-15,"Hussin X",php,webapps,0 6250,platforms/php/webapps/6250.txt,"deeemm CMS (dmcms) 0.7.4 - Multiple Vulnerabilities",2008-08-15,"Khashayar Fereidani",php,webapps,0 @@ -5863,13 +5863,13 @@ id,file,description,date,author,platform,type,port 6257,platforms/windows/dos/6257.pl,"WS_FTP Home/Professional FTP Client - Remote Format String PoC",2008-08-17,securfrog,windows,dos,0 6258,platforms/php/webapps/6258.txt,"PHPBasket - (product.php pro_id) SQL Injection",2008-08-17,r45c4l,php,webapps,0 6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) - Remote Arbitrary File Upload",2008-08-18,InjEctOr5,php,webapps,0 -6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple SQL Injection",2008-08-18,cOndemned,php,webapps,0 +6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple SQL Injections",2008-08-18,cOndemned,php,webapps,0 6261,platforms/php/webapps/6261.txt,"php live helper 2.0.1 - Multiple Vulnerabilities",2008-08-18,"GulfTech Security",php,webapps,0 6262,platforms/windows/dos/6262.txt,"VMware Workstation - (hcmon.sys 6.0.0.45731) Local DoS",2008-08-18,g_,windows,dos,0 6269,platforms/cgi/webapps/6269.txt,"TWiki 4.2.0 - (configure) Remote File Disclosure",2008-08-19,Th1nk3r,cgi,webapps,0 -6270,platforms/php/webapps/6270.txt,"SFS Affiliate Directory - (id) SQL Injection",2008-08-19,"Hussin X",php,webapps,0 -6271,platforms/php/webapps/6271.txt,"Ad Board - (id) SQL Injection",2008-08-19,"Hussin X",php,webapps,0 -6273,platforms/php/webapps/6273.txt,"SunShop 4.1.4 - (id) SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 +6270,platforms/php/webapps/6270.txt,"SFS Affiliate Directory - 'id' SQL Injection",2008-08-19,"Hussin X",php,webapps,0 +6271,platforms/php/webapps/6271.txt,"Ad Board - 'id' SQL Injection",2008-08-19,"Hussin X",php,webapps,0 +6273,platforms/php/webapps/6273.txt,"SunShop 4.1.4 - 'id' SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 6276,platforms/php/webapps/6276.txt,"Banner Management Script - (tr.php id) SQL Injection",2008-08-19,S.W.A.T.,php,webapps,0 6277,platforms/php/webapps/6277.txt,"Active PHP Bookmarks 1.1.02 - SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6278,platforms/windows/remote/6278.txt,"Anzio Web Print Object 3.2.30 - ActiveX Buffer Overflow Exploit",2008-08-20,"Core Security",windows,remote,0 @@ -5877,17 +5877,17 @@ id,file,description,date,author,platform,type,port 6280,platforms/php/webapps/6280.txt,"phpBazar 2.0.2 - (adid) SQL Injection",2008-08-20,e.wiZz!,php,webapps,0 6281,platforms/php/webapps/6281.pl,"webEdition CMS - (we_objectID) Blind SQL Injection",2008-08-20,Lidloses_Auge,php,webapps,0 6284,platforms/php/webapps/6284.txt,"CustomCMS 4.0 - (CCMS) print.php SQL Injection",2008-08-21,~!Dok_tOR!~,php,webapps,0 -6285,platforms/php/webapps/6285.txt,"PhotoCart 3.9 - Multiple SQL Injection",2008-08-21,~!Dok_tOR!~,php,webapps,0 -6286,platforms/php/webapps/6286.txt,"BandSite CMS 1.1.4 - Download Backup / XSS / CSRF",2008-08-21,SirGod,php,webapps,0 +6285,platforms/php/webapps/6285.txt,"PhotoCart 3.9 - Multiple SQL Injections",2008-08-21,~!Dok_tOR!~,php,webapps,0 +6286,platforms/php/webapps/6286.txt,"BandSite CMS 1.1.4 - Download Backup / XSS / Cross-site Request Forgery",2008-08-21,SirGod,php,webapps,0 6287,platforms/php/webapps/6287.txt,"tinyCMS 1.1.2 - (templater.php) Local File Inclusion",2008-08-21,cOndemned,php,webapps,0 6288,platforms/php/webapps/6288.txt,"easysite 2.3 - Multiple Vulnerabilities",2008-08-21,SirGod,php,webapps,0 6291,platforms/php/webapps/6291.txt,"noname script 1.1 - Multiple Vulnerabilities",2008-08-23,SirGod,php,webapps,0 6292,platforms/php/webapps/6292.txt,"onenews beta 2 - (XSS/hi/SQL) Multiple Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 6293,platforms/multiple/dos/6293.txt,"VLC 0.8.6i - Mms Protocol Handling Heap Overflow PoC",2008-08-23,g_,multiple,dos,0 6294,platforms/php/webapps/6294.txt,"5 star review - (XSS/SQL) Multiple Vulnerabilities",2008-08-24,Mr.SQL,php,webapps,0 -6295,platforms/php/webapps/6295.txt,"MiaCMS 4.6.5 - Multiple SQL Injection",2008-08-24,~!Dok_tOR!~,php,webapps,0 +6295,platforms/php/webapps/6295.txt,"MiaCMS 4.6.5 - Multiple SQL Injections",2008-08-24,~!Dok_tOR!~,php,webapps,0 6296,platforms/php/webapps/6296.txt,"BtiTracker 1.4.7 / xbtit 2.0.542 - SQL Injection",2008-08-25,InATeam,php,webapps,0 -6297,platforms/php/webapps/6297.txt,"Matterdaddy Market 1.1 - Multiple SQL Injection",2008-08-25,~!Dok_tOR!~,php,webapps,0 +6297,platforms/php/webapps/6297.txt,"Matterdaddy Market 1.1 - Multiple SQL Injections",2008-08-25,~!Dok_tOR!~,php,webapps,0 6298,platforms/php/webapps/6298.txt,"Web Directory Script 2.0 - (name) SQL Injection",2008-08-25,~!Dok_tOR!~,php,webapps,0 6300,platforms/php/webapps/6300.txt,"Pluck CMS 4.5.2 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 6301,platforms/php/webapps/6301.txt,"ezContents CMS 2.0.3 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 @@ -5897,7 +5897,7 @@ id,file,description,date,author,platform,type,port 6306,platforms/php/webapps/6306.pl,"GeekLog 1.5.0 - Remote Arbitrary File Upload Exploit",2008-08-25,t0pP8uZz,php,webapps,0 6307,platforms/php/webapps/6307.txt,"Crafty Syntax Live Help 2.14.6 - (department) SQL Injection",2008-08-25,"GulfTech Security",php,webapps,0 6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 - (single.php) SQL Injection",2008-08-26,cOndemned,php,webapps,0 -6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 - (id) SQL Injection",2008-08-26,Kacak,php,webapps,0 +6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 - 'id' SQL Injection",2008-08-26,Kacak,php,webapps,0 6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution Exploit",2008-08-26,mAXzA,php,webapps,0 6312,platforms/php/webapps/6312.txt,"k-rate - (SQL/XSS) Multiple Vulnerabilities",2008-08-26,Corwin,php,webapps,0 6313,platforms/php/webapps/6313.txt,"CMME 1.12 - (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities",2008-08-26,SirGod,php,webapps,0 @@ -5907,7 +5907,7 @@ id,file,description,date,author,platform,type,port 6317,platforms/windows/remote/6317.html,"Microsoft Visual Studio - (Msmask32.ocx) ActiveX Remote BoF Exploit",2008-08-26,Koshi,windows,remote,0 6318,platforms/windows/remote/6318.html,"Ultra Office - ActiveX Control Remote Buffer Overflow Exploit",2008-08-27,shinnai,windows,remote,0 6319,platforms/windows/dos/6319.html,"Ultra Office - ActiveX Control Remote Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 -6320,platforms/php/webapps/6320.txt,"phpMyRealty 1.0.9 - Multiple SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 +6320,platforms/php/webapps/6320.txt,"phpMyRealty 1.0.9 - Multiple SQL Injections",2008-08-27,~!Dok_tOR!~,php,webapps,0 6321,platforms/php/webapps/6321.txt,"YourOwnBux 3.1 / 3.2 Beta - SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - (mx4) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 6323,platforms/windows/remote/6323.html,"Friendly Technologies - (fwRemoteCfg.dll) ActiveX Remote BoF Exploit",2008-08-28,spdr,windows,remote,0 @@ -5931,14 +5931,14 @@ id,file,description,date,author,platform,type,port 6343,platforms/php/webapps/6343.txt,"CMSbright - (id_rub_page) SQL Injection",2008-09-01,"BorN To K!LL",php,webapps,0 6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0 6345,platforms/windows/dos/6345.html,"VMware - COM API ActiveX Remote Buffer Overflow PoC",2008-09-01,shinnai,windows,dos,0 -6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 - (uid) SQL Injection",2008-09-01,"Virangar Security",php,webapps,0 +6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection",2008-09-01,"Virangar Security",php,webapps,0 6347,platforms/php/webapps/6347.txt,"myPHPNuke < 1.8.8_8rc2 - (artid) SQL Injection",2008-09-02,MustLive,php,webapps,0 -6348,platforms/php/webapps/6348.txt,"Coupon Script 4.0 - (id) SQL Injection",2008-09-02,"Hussin X",php,webapps,0 +6348,platforms/php/webapps/6348.txt,"Coupon Script 4.0 - 'id' SQL Injection",2008-09-02,"Hussin X",php,webapps,0 6349,platforms/php/webapps/6349.txt,"Reciprocal Links Manager 1.1 - (site) SQL Injection",2008-09-02,"Hussin X",php,webapps,0 6350,platforms/php/webapps/6350.txt,"AJ HYIP ACME - (comment.php artid) SQL Injection",2008-09-02,"security fears team",php,webapps,0 6351,platforms/php/webapps/6351.txt,"AJ HYIP ACME - (readarticle.php artid) SQL Injection",2008-09-02,InjEctOr5,php,webapps,0 6352,platforms/php/webapps/6352.txt,"CS-Cart 1.3.5 - (Auth Bypass) SQL Injection",2008-09-02,"GulfTech Security",php,webapps,0 -6353,platforms/windows/dos/6353.txt,"Google Chrome Browser 0.2.149.27 - DoS",2008-09-03,"Rishi Narang",windows,dos,0 +6353,platforms/windows/dos/6353.txt,"Google Chrome Browser 0.2.149.27 - Denial of Service",2008-09-03,"Rishi Narang",windows,dos,0 6354,platforms/php/webapps/6354.txt,"Spice Classifieds - (cat_path) SQL Injection",2008-09-03,InjEctOr5,php,webapps,0 6355,platforms/windows/remote/6355.txt,"Google Chrome Browser 0.2.149.27 - Automatic File Download Exploit",2008-09-03,nerex,windows,remote,0 6356,platforms/php/webapps/6356.php,"Moodle 1.8.4 - Remote Code Execution Exploit",2008-09-03,zurlich.lpt,php,webapps,0 @@ -5947,7 +5947,7 @@ id,file,description,date,author,platform,type,port 6361,platforms/php/webapps/6361.txt,"Living Local Website - (listtest.php r) SQL Injection",2008-09-03,"Hussin X",php,webapps,0 6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6363,platforms/php/webapps/6363.txt,"qwicsite pro - (SQL/XSS) Multiple Vulnerabilities",2008-09-04,Cr@zy_King,php,webapps,0 -6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop - (cid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 +6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop - 'cid' SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash PoC",2008-09-04,WHK,windows,dos,0 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 - SNMP write (Set request) PoC",2008-09-05,ShadOS,hardware,remote,0 6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote BoF Exploit",2008-09-05,SVRT,windows,remote,0 @@ -5957,14 +5957,14 @@ id,file,description,date,author,platform,type,port 6371,platforms/php/webapps/6371.txt,"Vastal I-Tech Agent Zone - (ann_id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 6372,platforms/windows/dos/6372.html,"Google Chrome Browser 0.2.149.27 - A HREF Denial of Service",2008-09-05,Shinnok,windows,dos,0 6373,platforms/php/webapps/6373.txt,"Vastal I-Tech Visa Zone - (news_id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 -6374,platforms/php/webapps/6374.txt,"Vastal I-Tech Toner Cart - (id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 -6375,platforms/php/webapps/6375.txt,"Vastal I-Tech Share Zone - (id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 -6376,platforms/php/webapps/6376.txt,"Vastal I-Tech DVD Zone - (cat_id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 +6374,platforms/php/webapps/6374.txt,"Vastal I-Tech Toner Cart - 'id' SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 +6375,platforms/php/webapps/6375.txt,"Vastal I-Tech Share Zone - 'id' SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 +6376,platforms/php/webapps/6376.txt,"Vastal I-Tech DVD Zone - 'cat_id' SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 6378,platforms/php/webapps/6378.txt,"Vastal I-Tech Jobs Zone - (news_id) SQL Injection",2008-09-05,Stack,php,webapps,0 6379,platforms/php/webapps/6379.txt,"Vastal I-Tech MMORPG Zone - (game_id) SQL Injection",2008-09-05,Stack,php,webapps,0 -6380,platforms/php/webapps/6380.txt,"Vastal I-Tech Mag Zone - (cat_id) SQL Injection",2008-09-05,Stack,php,webapps,0 +6380,platforms/php/webapps/6380.txt,"Vastal I-Tech Mag Zone - 'cat_id' SQL Injection",2008-09-05,Stack,php,webapps,0 6381,platforms/php/webapps/6381.txt,"Vastal I-Tech Freelance Zone - (coder_id) SQL Injection",2008-09-05,Stack,php,webapps,0 -6382,platforms/php/webapps/6382.txt,"Vastal I-Tech Cosmetics Zone - (cat_id) SQL Injection",2008-09-05,Stack,php,webapps,0 +6382,platforms/php/webapps/6382.txt,"Vastal I-Tech Cosmetics Zone - 'cat_id' SQL Injection",2008-09-05,Stack,php,webapps,0 6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 - (idcat) SQL Injection",2008-09-05,SuB-ZeRo,php,webapps,0 6385,platforms/php/webapps/6385.txt,"Vastal I-Tech Shaadi Zone 1.0.9 - (tage) SQL Injection",2008-09-05,e.wiZz!,php,webapps,0 6386,platforms/windows/dos/6386.html,"Google Chrome Browser 0.2.149.27 - Inspect Element Denial of Service",2008-09-05,Metacortex,windows,dos,0 @@ -5980,14 +5980,14 @@ id,file,description,date,author,platform,type,port 6396,platforms/php/webapps/6396.txt,"Alstrasoft Forum - (cat) SQL Injection",2008-09-07,r45c4l,php,webapps,0 6397,platforms/php/webapps/6397.txt,"WordPress 2.6.1 - SQL Column Truncation",2008-09-07,irk4z,php,webapps,0 6398,platforms/php/webapps/6398.txt,"E-Shop Shopping Cart Script - (search_results.php) SQL Injection",2008-09-07,Mormoroth,php,webapps,0 -6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum - (catid) SQL Injection",2008-09-09,r45c4l,php,webapps,0 -6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injection",2008-09-09,"Khashayar Fereidani",php,webapps,0 +6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum - 'catid' SQL Injection",2008-09-09,r45c4l,php,webapps,0 +6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injections",2008-09-09,"Khashayar Fereidani",php,webapps,0 6403,platforms/php/webapps/6403.txt,"Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6404,platforms/php/webapps/6404.txt,"Live TV Script - (index.php mid) SQL Injection",2008-09-09,InjEctOr5,php,webapps,0 6405,platforms/asp/webapps/6405.txt,"Creator CMS 5.0 - (sideid) SQL Injection",2008-09-09,"ThE X-HaCkEr",asp,webapps,0 6406,platforms/php/webapps/6406.txt,"Stash 1.0.3 - Insecure Cookie Handling",2008-09-09,Ciph3r,php,webapps,0 6407,platforms/windows/remote/6407.c,"Microworld Mailscan 5.6.a - Password Reveal Exploit",2008-09-09,SlaYeR,windows,remote,0 -6408,platforms/php/webapps/6408.txt,"CMS Buzz - (id) SQL Injection",2008-09-09,"security fears team",php,webapps,0 +6408,platforms/php/webapps/6408.txt,"CMS Buzz - 'id' SQL Injection",2008-09-09,"security fears team",php,webapps,0 6409,platforms/php/webapps/6409.txt,"Availscript Article Script - (articles.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6410,platforms/php/webapps/6410.txt,"Kim Websites 1.0 - (fckeditor) Remote Arbitrary File Upload",2008-09-09,Ciph3r,php,webapps,0 6411,platforms/php/webapps/6411.txt,"Availscript Photo Album - (pics.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 @@ -6009,9 +6009,9 @@ id,file,description,date,author,platform,type,port 6430,platforms/php/webapps/6430.txt,"D-iscussion Board 3.01 - (topic) Local File Inclusion",2008-09-11,SirGod,php,webapps,0 6431,platforms/php/webapps/6431.pl,"phsBlog 0.2 - Bypass SQL Injection Filtering Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 6432,platforms/php/webapps/6432.py,"minb 0.1.0 - Remote Code Execution Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 -6433,platforms/php/webapps/6433.txt,"Autodealers CMS AutOnline - (id) SQL Injection",2008-09-11,ZoRLu,php,webapps,0 +6433,platforms/php/webapps/6433.txt,"Autodealers CMS AutOnline - 'id' SQL Injection",2008-09-11,ZoRLu,php,webapps,0 6434,platforms/windows/dos/6434.html,"Maxthon Browser 2.1.4.443 - UNICODE Remote Denial of Service PoC",2008-09-11,LiquidWorm,windows,dos,0 -6435,platforms/php/webapps/6435.txt,"Sports Clubs Web Panel 0.0.1 - (id) SQL Injection",2008-09-11,"Virangar Security",php,webapps,0 +6435,platforms/php/webapps/6435.txt,"Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection",2008-09-11,"Virangar Security",php,webapps,0 6436,platforms/php/webapps/6436.txt,"PhpWebGallery 1.3.4 - (cat) Blind SQL Injection",2008-09-11,Stack,php,webapps,0 6437,platforms/php/webapps/6437.txt,"Easy Photo Gallery 2.1 - Arbitrary Add Admin / remove user",2008-09-11,Stack,php,webapps,0 6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 - (COOKIE) Authentication Bypass Exploit",2008-09-11,Tec-n0x,php,webapps,0 @@ -6021,7 +6021,7 @@ id,file,description,date,author,platform,type,port 6443,platforms/php/webapps/6443.pl,"WebPortal CMS 0.7.4 - (download.php aid) SQL Injection",2008-09-12,StAkeR,php,webapps,0 6444,platforms/php/webapps/6444.txt,"iBoutique 4.0 - (cat) SQL Injection",2008-09-12,r45c4l,php,webapps,0 6445,platforms/php/webapps/6445.txt,"SkaLinks 1.5 - (register.php) Remote Arbitrary Add Editor",2008-09-12,mr.al7rbi,php,webapps,0 -6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script 1.0 - (cat_id) SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0 +6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0 6447,platforms/php/webapps/6447.txt,"pNews 2.03 - (newsid) SQL Injection",2008-09-12,r45c4l,php,webapps,0 6448,platforms/php/webapps/6448.txt,"WebPortal CMS 0.7.4 - (fckeditor) Arbitrary File Upload",2008-09-12,S.W.A.T.,php,webapps,0 6449,platforms/php/webapps/6449.php,"pLink 2.07 - (linkto.php id) Remote Blind SQL Injection",2008-09-13,Stack,php,webapps,0 @@ -6041,10 +6041,10 @@ id,file,description,date,author,platform,type,port 6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - (Account Hijacking) SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings - (search.php c) SQL Injection",2008-09-15,JosS,php,webapps,0 -6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple SQL Injection",2008-09-15,SirGod,php,webapps,0 +6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple SQL Injections",2008-09-15,SirGod,php,webapps,0 6467,platforms/php/webapps/6467.txt,"iScripts EasyIndex - (produid) SQL Injection",2008-09-16,SirGod,php,webapps,0 6468,platforms/php/webapps/6468.txt,"attachmax dolphin 2.1.0 - Multiple Vulnerabilities",2008-09-16,K-159,php,webapps,0 -6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 - (index.php) SQL Injection",2008-09-16,sl4xUz,php,webapps,0 +6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 - 'index.php' SQL Injection",2008-09-16,sl4xUz,php,webapps,0 6470,platforms/asp/webapps/6470.txt,"Hotel reservation System - (city.asp city) Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / ITunes 8.0 - Remote off by one Crash Exploit",2008-09-16,securfrog,multiple,dos,0 6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local Denial of Service",2008-09-16,"Albert Sellares",multiple,dos,0 @@ -6068,13 +6068,13 @@ id,file,description,date,author,platform,type,port 6492,platforms/php/webapps/6492.php,"Pluck 4.5.3 - (update.php) Remote File Corruption Exploit",2008-09-19,Nine:Situations:Group,php,webapps,0 6493,platforms/linux/dos/6493.pl,"fhttpd 0.4.2 un64() - Remote Denial of Service",2008-09-19,"Jeremy Brown",linux,dos,0 6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 - (detail.php) SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 -6495,platforms/php/webapps/6495.txt,"Explay CMS 2.1 - Persistent XSS / CSRF",2008-09-19,hodik,php,webapps,0 +6495,platforms/php/webapps/6495.txt,"Explay CMS 2.1 - Persistent XSS / Cross-site Request Forgery",2008-09-19,hodik,php,webapps,0 6496,platforms/windows/dos/6496.c,"DESlock+ <= 3.2.7 - Local Kernel Overflow PoC",2008-09-20,mu-b,windows,dos,0 6497,platforms/windows/dos/6497.c,"DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6498,platforms/windows/dos/6498.c,"DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6499,platforms/php/webapps/6499.txt,"Advanced Electron Forum 1.0.6 - Remote Code Execution",2008-09-20,"GulfTech Security",php,webapps,0 6500,platforms/php/webapps/6500.txt,"Explay CMS 2.1 - Insecure Cookie Handling",2008-09-20,Stack,php,webapps,0 -6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 - (index.php page) SQL Injection",2008-09-20,0x90,php,webapps,0 +6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 - 'index.php' SQL Injection",2008-09-20,0x90,php,webapps,0 6502,platforms/php/webapps/6502.txt,"Diesel Pay Script - (area) SQL Injection",2008-09-20,ZoRLu,php,webapps,0 6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 - (p) SQL Injection",2008-09-20,r45c4l,php,webapps,0 6504,platforms/php/webapps/6504.txt,"Oceandir 2.9 - (show_vote.php id) SQL Injection",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 @@ -6083,14 +6083,14 @@ id,file,description,date,author,platform,type,port 6507,platforms/php/webapps/6507.php,"Invision Power Board 2.3.5 - SQL Injection",2008-09-21,waraxe,php,webapps,0 6508,platforms/php/webapps/6508.txt,"Basic PHP Events Lister 1.0 - SQL Injection",2008-09-21,0x90,php,webapps,0 6509,platforms/cgi/webapps/6509.txt,"TWiki 4.2.2 - (action) Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 -6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional - Multiple SQL Injection",2008-09-21,d3v1l,php,webapps,0 +6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional - Multiple SQL Injections",2008-09-21,d3v1l,php,webapps,0 6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6512,platforms/php/webapps/6512.txt,"Diesel Job Site - (job_id) Blind SQL Injection",2008-09-21,Stack,php,webapps,0 6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add-Admin",2008-09-21,"CWH Underground",php,webapps,0 6514,platforms/php/webapps/6514.txt,"Availscript Jobs Portal Script - File Upload (Auth)",2008-09-21,InjEctOr5,php,webapps,0 6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0 6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0 -6517,platforms/php/webapps/6517.txt,"NetArtMedia Jobs Portal 1.3 - Multiple SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 +6517,platforms/php/webapps/6517.txt,"NetArtMedia Jobs Portal 1.3 - Multiple SQL Injections",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6518,platforms/php/webapps/6518.txt,"NetArtMedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) LFI / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 @@ -6112,16 +6112,16 @@ id,file,description,date,author,platform,type,port 6537,platforms/windows/remote/6537.html,"Chilkat XML - ActiveX Remote Arbitrary File Creation/Execution Exploit",2008-09-23,shinnai,windows,remote,0 6538,platforms/php/webapps/6538.txt,"OpenRat 0.8-beta4 - (tpl_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 6539,platforms/php/webapps/6539.txt,"Sofi WebGui 0.6.3 PRE - (mod_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 -6540,platforms/php/webapps/6540.pl,"iGaming CMS 1.5 - Multiple SQL Injection",2008-09-23,StAkeR,php,webapps,0 +6540,platforms/php/webapps/6540.pl,"iGaming CMS 1.5 - Multiple SQL Injections",2008-09-23,StAkeR,php,webapps,0 6541,platforms/php/webapps/6541.txt,"Galmeta Post CMS 0.2 - Remote Code Execution / Arbitrary File Upload",2008-09-23,GoLd_M,php,webapps,0 6542,platforms/php/webapps/6542.txt,"JETIK-WEB Software - (sayfa.php kat) SQL Injection",2008-09-23,d3v1l,php,webapps,0 6543,platforms/php/webapps/6543.txt,"Ol Bookmarks Manager 0.7.5 - Local File Inclusion",2008-09-23,dun,php,webapps,0 6544,platforms/php/webapps/6544.txt,"WebPortal CMS 0.7.4 - (code) Remote Code Execution",2008-09-23,GoLd_M,php,webapps,0 -6545,platforms/php/webapps/6545.txt,"Hotscripts Clone - (cid) SQL Injection",2008-09-24,"Hussin X",php,webapps,0 +6545,platforms/php/webapps/6545.txt,"Hotscripts Clone - 'cid' SQL Injection",2008-09-24,"Hussin X",php,webapps,0 6546,platforms/php/webapps/6546.pl,"Rianxosencabos CMS 0.9 - Remote Add Admin Exploit",2008-09-24,ka0x,php,webapps,0 6547,platforms/php/webapps/6547.txt,"Ol Bookmarks Manager 0.7.5 - RFI / LFI / SQL Injection",2008-09-24,GoLd_M,php,webapps,0 6548,platforms/windows/remote/6548.html,"BurnAware - NMSDVDXU ActiveX Remote Arbitrary File Creation/Execution",2008-09-24,shinnai,windows,remote,0 -6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple SQL Injection",2008-09-24,ZoRLu,php,webapps,0 +6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple SQL Injections",2008-09-24,ZoRLu,php,webapps,0 6550,platforms/php/webapps/6550.txt,"AJ Auction Pro Platinum Skin - (detail.php item_id) SQL Injection",2008-09-24,GoLd_M,php,webapps,0 6551,platforms/php/webapps/6551.txt,"emergecolab 1.0 - (sitecode) Local File Inclusion",2008-09-24,dun,php,webapps,0 6552,platforms/php/webapps/6552.txt,"mailwatch 1.0.4 - (docs.php doc) Local File Inclusion",2008-09-24,dun,php,webapps,0 @@ -6162,15 +6162,15 @@ id,file,description,date,author,platform,type,port 6587,platforms/php/webapps/6587.txt,"The Gemini Portal - (lang) Remote File Inclusion",2008-09-26,ZoRLu,php,webapps,0 6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - (.ico) Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 6589,platforms/php/webapps/6589.txt,"RPG.Board 0.0.8Beta2 - (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 -6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase - (catid) SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 +6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase - 'catid' SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 6591,platforms/php/webapps/6591.txt,"RPG.Board 0.0.8Beta2 - Insecure Cookie Handling",2008-09-27,Stack,php,webapps,0 6592,platforms/php/webapps/6592.txt,"X7 Chat 2.0.1A1 - (mini.php help_file) Local File Inclusion",2008-09-27,NoGe,php,webapps,0 6593,platforms/php/webapps/6593.txt,"Vbgooglemap Hotspot Edition 1.0.3 - SQL Injection",2008-09-27,elusiven,php,webapps,0 6594,platforms/php/webapps/6594.txt,"Camera Life 2.6.2b4 - Arbitrary File Upload",2008-09-27,Mi4night,php,webapps,0 -6595,platforms/php/webapps/6595.txt,"Joovili 3.0 - Multiple SQL Injection",2008-09-27,~!Dok_tOR!~,php,webapps,0 -6596,platforms/php/webapps/6596.txt,"E-Uploader Pro 1.0 - Multiple SQL Injection",2008-09-27,~!Dok_tOR!~,php,webapps,0 +6595,platforms/php/webapps/6595.txt,"Joovili 3.0 - Multiple SQL Injections",2008-09-27,~!Dok_tOR!~,php,webapps,0 +6596,platforms/php/webapps/6596.txt,"E-Uploader Pro 1.0 - Multiple SQL Injections",2008-09-27,~!Dok_tOR!~,php,webapps,0 6598,platforms/php/webapps/6598.txt,"CoAST 0.95 - (sections_file) Remote File Inclusion",2008-09-27,DaRkLiFe,php,webapps,0 -6599,platforms/php/webapps/6599.txt,"Real Estate Manager - (cat_id) SQL Injection",2008-09-27,CraCkEr,php,webapps,0 +6599,platforms/php/webapps/6599.txt,"Real Estate Manager - 'cat_id' SQL Injection",2008-09-27,CraCkEr,php,webapps,0 6600,platforms/windows/remote/6600.html,"Chilkat IMAP ActiveX 7.9 - File Execution / IE Denial of Service",2008-09-27,e.wiZz!,windows,remote,0 6601,platforms/php/webapps/6601.txt,"LnBlog 0.9.0 - (plugin) Local File Inclusion",2008-09-27,dun,php,webapps,0 6602,platforms/php/webapps/6602.txt,"PlugSpace 0.1 - (index.php navi) Local File Inclusion",2008-09-27,dun,php,webapps,0 @@ -6187,7 +6187,7 @@ id,file,description,date,author,platform,type,port 6613,platforms/php/webapps/6613.txt,"Pilot Group eTraining - (news_read.php id) SQL Injection",2008-09-28,S.W.A.T.,php,webapps,0 6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 - User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 6615,platforms/windows/dos/6615.html,"Opera 9.52 - Window Object Suppressing Remote Denial of Service",2008-09-28,"Aditya K Sood",windows,dos,0 -6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - (.zip) Denial of Service",2008-09-28,"fl0 fl0w",windows,dos,0 +6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - '.zip' Denial of Service",2008-09-28,"fl0 fl0w",windows,dos,0 6617,platforms/php/webapps/6617.txt,"BbZL.PhP 0.92 - (lien_2) Local Directory Traversal",2008-09-28,JIKO,php,webapps,0 6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 6619,platforms/windows/dos/6619.html,"Microsoft Internet Explorer GDI+ - Proof of Concept (MS08-052)",2008-09-28,"John Smith",windows,dos,0 @@ -6197,9 +6197,9 @@ id,file,description,date,author,platform,type,port 6623,platforms/php/webapps/6623.txt,"events calendar 1.1 - Remote File Inclusion",2008-09-29,"k3vin mitnick",php,webapps,0 6624,platforms/php/webapps/6624.txt,"Arcadem Pro - (articlecat) SQL Injection",2008-09-29,"Hussin X",php,webapps,0 6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 - Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 -6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script - Multiple SQL Injection",2008-09-29,"Super Cristal",php,webapps,0 +6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script - Multiple SQL Injections",2008-09-29,"Super Cristal",php,webapps,0 6628,platforms/php/webapps/6628.txt,"ArabCMS - (rss.php rss) Local File Inclusion",2008-09-29,JIKO,php,webapps,0 -6629,platforms/php/webapps/6629.txt,"FAQ Management Script - (catid) SQL Injection",2008-09-30,"Hussin X",php,webapps,0 +6629,platforms/php/webapps/6629.txt,"FAQ Management Script - 'catid' SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6630,platforms/windows/remote/6630.html,"Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit",2008-09-30,Nine:Situations:Group,windows,remote,0 6631,platforms/php/webapps/6631.txt,"SG Real Estate Portal 2.0 - Blind SQL Injection/Local File Inclusion",2008-09-30,SirGod,php,webapps,0 6632,platforms/php/webapps/6632.txt,"MiNBank 1.5.0 - Multiple Remote File Inclusion",2008-09-30,DaRkLiFe,php,webapps,0 @@ -6213,8 +6213,8 @@ id,file,description,date,author,platform,type,port 6640,platforms/php/webapps/6640.pl,"ADN Forum 1.0b - Blind SQL Injection",2008-10-01,StAkeR,php,webapps,0 6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin 1.5.5 - (COOKIE) Local File Inclusion",2008-10-01,JosS,php,webapps,0 6642,platforms/php/webapps/6642.txt,"BMForum 5.6 - (tagname) SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 -6643,platforms/php/webapps/6643.txt,"Discussion Forums 2k 3.3 - Multiple SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 -6644,platforms/php/webapps/6644.txt,"Noname CMS 1.0 - Multiple SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 +6643,platforms/php/webapps/6643.txt,"Discussion Forums 2k 3.3 - Multiple SQL Injections",2008-10-01,~!Dok_tOR!~,php,webapps,0 +6644,platforms/php/webapps/6644.txt,"Noname CMS 1.0 - Multiple SQL Injections",2008-10-01,~!Dok_tOR!~,php,webapps,0 6645,platforms/php/webapps/6645.txt,"Crux Gallery 1.32 - (index.php theme) Local File Inclusion",2008-10-01,StAkeR,php,webapps,0 6646,platforms/php/webapps/6646.php,"phpScheduleIt 1.2.10 - (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 6647,platforms/windows/dos/6647.c,"ESET SysInspector - 1.1.1.0 (esiadrv.sys) Proof of Concept Exploit",2008-10-01,"NT Internals",windows,dos,0 @@ -6269,13 +6269,13 @@ id,file,description,date,author,platform,type,port 6698,platforms/php/webapps/6698.txt,"TorrentTrader Classic 1.04 - Blind SQL Injection",2008-10-07,BazOka-HaCkEr,php,webapps,0 6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack PoC",2008-10-08,Nine:Situations:Group,windows,remote,0 6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - Remote File Inclusion",2008-10-08,GoLd_M,php,webapps,0 -6701,platforms/php/webapps/6701.txt,"HispaH textlinksads - (index.php) SQL Injection",2008-10-08,InjEctOr5,php,webapps,0 +6701,platforms/php/webapps/6701.txt,"HispaH textlinksads - 'index.php' SQL Injection",2008-10-08,InjEctOr5,php,webapps,0 6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 - (campaignId) SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0 6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller 1.1 - RFI / RFD",2008-10-08,GoLd_M,php,webapps,0 6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 - (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 6705,platforms/windows/local/6705.txt,"Microsoft Windows 2003 - Token Kidnapping Local Exploit PoC",2008-10-08,"Cesar Cerrudo",windows,local,0 6706,platforms/php/webapps/6706.php,"Kusaba 1.0.4 - Remote Code Execution Exploit (1)",2008-10-09,Sausage,php,webapps,0 -6707,platforms/php/webapps/6707.txt,"Gforge 4.5.19 - Multiple SQL Injection",2008-10-09,beford,php,webapps,0 +6707,platforms/php/webapps/6707.txt,"Gforge 4.5.19 - Multiple SQL Injections",2008-10-09,beford,php,webapps,0 6708,platforms/php/webapps/6708.txt,"Gforge 4.6 rc1 - (skill_edit) SQL Injection",2008-10-09,beford,php,webapps,0 6709,platforms/php/webapps/6709.txt,"Joomla Component Joomtracker 1.01 - SQL Injection",2008-10-09,rsauron,php,webapps,0 6710,platforms/php/webapps/6710.txt,"camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities",2008-10-09,BackDoor,php,webapps,0 @@ -6295,23 +6295,23 @@ id,file,description,date,author,platform,type,port 6724,platforms/php/webapps/6724.txt,"Joomla Component mad4joomla - SQL Injection",2008-10-10,H!tm@N,php,webapps,0 6725,platforms/asp/webapps/6725.txt,"MunzurSoft Wep Portal W3 - (kat) SQL Injection",2008-10-10,LUPUS,asp,webapps,0 6726,platforms/hardware/dos/6726.txt,"Nokia Mini Map Browser - (array sort) Silent Crash",2008-10-10,ikki,hardware,dos,0 -6728,platforms/php/webapps/6728.txt,"Easynet4u Link Host - (cat_id) SQL Injection",2008-10-10,BeyazKurt,php,webapps,0 +6728,platforms/php/webapps/6728.txt,"Easynet4u Link Host - 'cat_id' SQL Injection",2008-10-10,BeyazKurt,php,webapps,0 6729,platforms/php/webapps/6729.php,"SlimCMS 1.0.0 - (redirect.php) Privilege Escalation Exploit",2008-10-10,StAkeR,php,webapps,0 -6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 - (catid) SQL Injection",2008-10-11,H!tm@N,php,webapps,0 +6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 - 'catid' SQL Injection",2008-10-11,H!tm@N,php,webapps,0 6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection",2008-10-11,Hakxer,asp,webapps,0 6732,platforms/windows/dos/6732.txt,"Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0 6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0 6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 - Local Directory Traversal / File Disclosure",2008-10-12,GoLd_M,php,webapps,0 6735,platforms/php/webapps/6735.php,"Globsy 1.0 - Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0 6736,platforms/php/webapps/6736.txt,"Real Estate Scripts 2008 - (index.php cat) SQL Injection",2008-10-12,Hakxer,php,webapps,0 -6737,platforms/php/webapps/6737.txt,"LokiCMS 0.3.4 - (index.php page) Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 +6737,platforms/php/webapps/6737.txt,"LokiCMS 0.3.4 - 'index.php' Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 6738,platforms/windows/dos/6738.py,"GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service",2008-10-12,dmnt,windows,dos,0 6739,platforms/php/webapps/6739.txt,"NewLife Blogger 3.0 - Insecure Cookie Handling / SQL Injection",2008-10-12,Pepelux,php,webapps,0 -6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 - (index.php) Local File Download",2008-10-12,JosS,php,webapps,0 +6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 - 'index.php' Local File Download",2008-10-12,JosS,php,webapps,0 6741,platforms/windows/dos/6741.py,"XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service",2008-10-13,shinnai,windows,dos,0 6742,platforms/windows/dos/6742.py,"RaidenFTPD 2.4 build 3620 - Remote Denial of Service",2008-10-13,dmnt,windows,dos,0 6743,platforms/php/webapps/6743.pl,"LokiCMS 0.3.4 - writeconfig() Remote Command Execution Exploit",2008-10-13,girex,php,webapps,0 -6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - (admin.php) Create Local File Inclusion Exploit",2008-10-13,JosS,php,webapps,0 +6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion Exploit",2008-10-13,JosS,php,webapps,0 6745,platforms/php/webapps/6745.txt,"ParsBlogger - (links.asp id) SQL Injection",2008-10-13,"Hussin X",php,webapps,0 6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0 6747,platforms/php/webapps/6747.php,"WP Comment Remix 1.4.3 - SQL Injection",2008-10-14,g30rg3_x,php,webapps,0 @@ -6325,18 +6325,18 @@ id,file,description,date,author,platform,type,port 6755,platforms/php/webapps/6755.php,"PhpWebGallery 1.7.2 - Session Hijacking / Code Execution Exploit",2008-10-14,EgiX,php,webapps,0 6756,platforms/windows/dos/6756.txt,"VLC 0.9.2 Media Player - XSPF Memory Corruption",2008-10-14,"Core Security",windows,dos,0 6757,platforms/windows/local/6757.txt,"Microsoft Windows 2003/XP - afd.sys Privilege Escalation Exploit (K-plugin)",2008-10-15,"Ruben Santamarta ",windows,local,0 -6758,platforms/php/webapps/6758.txt,"AstroSPACES - (id) SQL Injection",2008-10-15,TurkishWarriorr,php,webapps,0 +6758,platforms/php/webapps/6758.txt,"AstroSPACES - 'id' SQL Injection",2008-10-15,TurkishWarriorr,php,webapps,0 6759,platforms/php/webapps/6759.txt,"mystats - (hits.php) Multiple Vulnerabilities",2008-10-15,JosS,php,webapps,0 6760,platforms/php/webapps/6760.txt,"myEvent 1.6 - (viewevent.php) SQL Injection",2008-10-15,JosS,php,webapps,0 6761,platforms/windows/dos/6761.html,"Hummingbird 13.0 - ActiveX Remote Buffer Overflow PoC",2008-10-16,"Thomas Pollet",windows,dos,0 -6762,platforms/php/webapps/6762.txt,"CafeEngine - Multiple SQL Injection",2008-10-16,0xFFFFFF,php,webapps,0 +6762,platforms/php/webapps/6762.txt,"CafeEngine - Multiple SQL Injections",2008-10-16,0xFFFFFF,php,webapps,0 6763,platforms/php/webapps/6763.txt,"Mosaic Commerce - (category.php cid) SQL Injection",2008-10-16,"Ali Abbasi",php,webapps,0 6764,platforms/php/webapps/6764.php,"Mic_blog 0.0.3 - (SQL Injection/Privilege Escalation) Remote Exploit",2008-10-16,StAkeR,php,webapps,0 -6765,platforms/php/webapps/6765.txt,"IP Reg 0.4 - Multiple SQL Injection",2008-10-16,JosS,php,webapps,0 +6765,platforms/php/webapps/6765.txt,"IP Reg 0.4 - Multiple SQL Injections",2008-10-16,JosS,php,webapps,0 6766,platforms/php/webapps/6766.txt,"PokerMax Poker League - Insecure Cookie Handling",2008-10-16,DaRkLiFe,php,webapps,0 6767,platforms/php/webapps/6767.txt,"Kure 0.6.3 - (index.php post & doc) Local File Inclusion",2008-10-16,JosS,php,webapps,0 6768,platforms/php/webapps/6768.txt,"Mantis Bug Tracker 1.1.3 - Remote Code Execution Exploit",2008-10-16,EgiX,php,webapps,0 -6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 - (search.php) SQL Injection",2008-10-16,StAkeR,php,webapps,0 +6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 - 'search.php' SQL Injection",2008-10-16,StAkeR,php,webapps,0 6770,platforms/php/webapps/6770.txt,"PHP Easy Downloader 1.5 - (file) File Disclosure",2008-10-16,LMaster,php,webapps,0 6771,platforms/cgi/webapps/6771.txt,"Calendars for the Web 4.02 - Admin Auth Bypass",2008-10-16,SecVuln,cgi,webapps,0 6772,platforms/php/webapps/6772.txt,"Post Affiliate Pro 2.0 - (index.php md) Local File Inclusion",2008-10-16,ZeN,php,webapps,0 @@ -6367,8 +6367,8 @@ id,file,description,date,author,platform,type,port 6798,platforms/windows/local/6798.pl,"VLC Media Player - .TY File Stack Based Buffer Overflow Exploit",2008-10-21,"Guido Landi",windows,local,0 6799,platforms/php/webapps/6799.txt,"ShopMaker 1.0 - (product.php id) SQL Injection",2008-10-21,"Hussin X",php,webapps,0 6800,platforms/windows/dos/6800.pl,"freeSSHd 1.2.1 - sftp rename Remote Buffer Overflow PoC (Auth)",2008-10-22,"Jeremy Brown",windows,dos,0 -6801,platforms/windows/remote/6801.txt,"Opera 9.60 - Stored Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0 -6802,platforms/php/webapps/6802.txt,"Joomla Component Daily Message 1.0.3 - (id) SQL Injection",2008-10-22,H!tm@N,php,webapps,0 +6801,platforms/windows/remote/6801.txt,"Opera 9.60 - Persistent Cross-site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0 +6802,platforms/php/webapps/6802.txt,"Joomla Component Daily Message 1.0.3 - 'id' SQL Injection",2008-10-22,H!tm@N,php,webapps,0 6803,platforms/php/webapps/6803.txt,"Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload",2008-10-22,x0r,php,webapps,0 6804,platforms/windows/remote/6804.pl,"GoodTech SSH - (SSH_FXP_OPEN) Remote Buffer Overflow Exploit",2008-10-22,r0ut3r,windows,remote,22 6805,platforms/multiple/dos/6805.txt,"LibSPF2 < 1.2.8 - DNS TXT Record Parsing Bug Heap Overflow PoC",2008-10-22,"Dan Kaminsky",multiple,dos,0 @@ -6378,7 +6378,7 @@ id,file,description,date,author,platform,type,port 6810,platforms/asp/webapps/6810.txt,"DorsaCMS - (ShowPage.aspx) SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 6811,platforms/php/webapps/6811.txt,"YDC - (kdlist.php cat) SQL Injection",2008-10-22,"Hussin X",php,webapps,0 6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - sftp realpath Remote Buffer Overflow PoC (Auth)",2008-10-22,"Jeremy Brown",windows,dos,0 -6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Stored Cross-Site Scripting Code Execution PoC",2008-10-23,"Aviv Raff",windows,remote,0 +6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-site Scripting Code Execution PoC",2008-10-23,"Aviv Raff",windows,remote,0 6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users/SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0 6815,platforms/windows/dos/6815.pl,"SilverSHielD 1.0.2.34 - (opendir) Denial of Service",2008-10-23,"Jeremy Brown",windows,dos,0 6816,platforms/php/webapps/6816.txt,"txtshop 1.0b - (language) Local File Inclusion (Windows)",2008-10-23,Pepelux,php,webapps,0 @@ -6396,13 +6396,13 @@ id,file,description,date,author,platform,type,port 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 6829,platforms/php/webapps/6829.txt,"Aj RSS Reader - (EditUrl.php url) SQL Injection",2008-10-24,yassine_enp,php,webapps,0 6830,platforms/php/webapps/6830.txt,"NEPT Image Uploader 1.0 - Arbitrary Shell Upload",2008-10-24,Dentrasi,php,webapps,0 -6831,platforms/windows/local/6831.cpp,"TUGzip 3.00 archiver - (.zip) Local Buffer Overflow Exploit",2008-10-24,"fl0 fl0w",windows,local,0 +6831,platforms/windows/local/6831.cpp,"TUGzip 3.00 archiver - '.zip' Local Buffer Overflow Exploit",2008-10-24,"fl0 fl0w",windows,local,0 6832,platforms/windows/dos/6832.html,"KVIrc 3.4.0 - Virgo Remote Format String Exploit PoC",2008-10-24,LiquidWorm,windows,dos,0 6833,platforms/php/webapps/6833.txt,"phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities",2008-10-24,0xFFFFFF,php,webapps,0 6834,platforms/windows/dos/6834.c,"vicFTP 5.0 - (LIST) Remote Denial of Service",2008-10-24,"Alfons Luja",windows,dos,0 6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 - (download id) Remote File Disclosure",2008-10-24,b3hz4d,php,webapps,0 6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 - Insecure Cookie Handling",2008-10-25,x0r,php,webapps,0 -6837,platforms/php/webapps/6837.txt,"Kasra CMS - (index.php) Multiple SQL Injection",2008-10-25,G4N0K,php,webapps,0 +6837,platforms/php/webapps/6837.txt,"Kasra CMS - 'index.php' Multiple SQL Injection",2008-10-25,G4N0K,php,webapps,0 6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service (Metasploit)",2008-10-25,"Saint Patrick",windows,dos,0 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - (gotourl.php id) SQL Injection",2008-10-26,"Hussin X",php,webapps,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP module - Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 @@ -6410,11 +6410,11 @@ id,file,description,date,author,platform,type,port 6842,platforms/php/webapps/6842.txt,"WordPress Media Holder - (mediaHolder.php id) SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum - (forum.php id) SQL Injection",2008-10-26,Hurley,php,webapps,0 6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) SQL Injection",2008-10-26,Vrs-hCk,php,webapps,0 -6845,platforms/cgi/webapps/6845.txt,"Ads Pro - (dhtml.pl page) Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 +6845,platforms/cgi/webapps/6845.txt,"Ads Pro - 'dhtml.pl' Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 6846,platforms/php/webapps/6846.txt,"MyForum 1.3 - (padmin) Local File Inclusion",2008-10-27,Vrs-hCk,php,webapps,0 6847,platforms/php/webapps/6847.txt,"Persia BME E-Catalogue - SQL Injection",2008-10-27,BugReport.IR,php,webapps,0 6848,platforms/php/webapps/6848.txt,"TlAds 1.0 - Remote Insecure Cookie Handling",2008-10-27,x0r,php,webapps,0 -6849,platforms/php/webapps/6849.txt,"e107 Plugin alternate_profiles - (id) SQL Injection",2008-10-27,boom3rang,php,webapps,0 +6849,platforms/php/webapps/6849.txt,"e107 Plugin alternate_profiles - 'id' SQL Injection",2008-10-27,boom3rang,php,webapps,0 6850,platforms/php/webapps/6850.txt,"MyKtools 2.4 - (langage) Local File Inclusion",2008-10-27,x0r,php,webapps,0 6851,platforms/linux/local/6851.c,"Linux Kernel < 2.6.22 - ftruncate()/open() Local Root Exploit",2008-10-27,gat3way,linux,local,0 6852,platforms/php/webapps/6852.pl,"e107 Plugin EasyShop - (category_id) Blind SQL Injection",2008-10-27,StAkeR,php,webapps,0 @@ -6467,19 +6467,19 @@ id,file,description,date,author,platform,type,port 6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6901,platforms/php/webapps/6901.txt,"Absolute News Feed 1.0 - Remote Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6902,platforms/php/webapps/6902.txt,"Absolute FAQ Manager 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6903,platforms/php/webapps/6903.txt,"SFS EZ Hotscripts-like Site - (cid) SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 +6903,platforms/php/webapps/6903.txt,"SFS EZ Hotscripts-like Site - 'cid' SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 6904,platforms/php/webapps/6904.txt,"Absolute Newsletter 6.1 - Insecure Cookie Handling",2008-10-31,x0r,php,webapps,0 -6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory - (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6906,platforms/php/webapps/6906.txt,"SFS EZ Gaming Directory - (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6907,platforms/php/webapps/6907.txt,"SFS EZ Home Business Directory - (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6908,platforms/php/webapps/6908.txt,"SFS EZ Link Directory - (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6906,platforms/php/webapps/6906.txt,"SFS EZ Gaming Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6907,platforms/php/webapps/6907.txt,"SFS EZ Home Business Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6908,platforms/php/webapps/6908.txt,"SFS EZ Link Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website - (targetid) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO - (track.php id) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 -6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate - (cat_id) SQL Injection",2008-10-31,d3b4g,php,webapps,0 +6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate - 'cat_id' SQL Injection",2008-10-31,d3b4g,php,webapps,0 6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - (SQL Injection) Auth Bypass",2008-10-31,Hakxer,php,webapps,0 6913,platforms/php/webapps/6913.txt,"SFS EZ Webring - (cat) SQL Injection",2008-10-31,d3b4g,php,webapps,0 6914,platforms/php/webapps/6914.txt,"SFS EZ Hot or Not - (phid) SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6915,platforms/php/webapps/6915.txt,"SFS EZ Software - (id) SQL Injection",2008-10-31,x0r,php,webapps,0 +6915,platforms/php/webapps/6915.txt,"SFS EZ Software - 'id' SQL Injection",2008-10-31,x0r,php,webapps,0 6916,platforms/php/webapps/6916.txt,"ModernBill 4.4.x - XSS / Remote File Inclusion",2008-10-31,nigh7f411,php,webapps,0 6917,platforms/php/webapps/6917.php,"Article Publisher PRO - (userid) SQL Injection",2008-10-31,Stack,php,webapps,0 6918,platforms/php/webapps/6918.txt,"SFS EZ Auction - (viewfaqs.php cat) Blind SQL Injection",2008-10-31,Stack,php,webapps,0 @@ -6488,7 +6488,7 @@ id,file,description,date,author,platform,type,port 6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 - writeFile() API Exploit (Metasploit)",2008-11-01,"Kevin Finisterre",windows,remote,0 6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore - (where) SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - (directory.php cat) SQL Injection",2008-11-01,Hakxer,php,webapps,0 -6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats - (id) SQL Injection",2008-11-01,ZoRLu,php,webapps,0 +6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats - 'id' SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling",2008-11-01,JosS,php,webapps,0 6926,platforms/windows/dos/6926.pl,"FTP Now 2.6 Server - Response Remote Crash PoC",2008-11-01,DeltahackingTEAM,windows,dos,0 6927,platforms/php/webapps/6927.txt,"AJ ARTICLE - (featured_article.php mode) SQL Injection",2008-11-01,Mr.SQL,php,webapps,0 @@ -6499,33 +6499,33 @@ id,file,description,date,author,platform,type,port 6932,platforms/php/webapps/6932.txt,"AJ ARTICLE - (SQL Injection) Remote Auth Bypass",2008-11-01,Hakxer,php,webapps,0 6933,platforms/php/webapps/6933.pl,"Micro CMS 0.3.5 - Remote Add/Delete/Password Change Exploit",2008-11-01,StAkeR,php,webapps,0 6934,platforms/php/webapps/6934.txt,"Shahrood - (ndetail.php id) Blind SQL Injection",2008-11-01,BazOka-HaCkEr,php,webapps,0 -6935,platforms/php/webapps/6935.txt,"YourFreeWorld Downline Builder - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6936,platforms/php/webapps/6936.txt,"YourFreeWorld Banner Management - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6937,platforms/php/webapps/6937.txt,"YourFreeWorld Blog Blaster - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6938,platforms/php/webapps/6938.txt,"YourFreeWorld Autoresponder Hosting - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6939,platforms/php/webapps/6939.txt,"YourFreeWorld Forced Matrix Script - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6940,platforms/php/webapps/6940.txt,"YourFreeWorld Short Url & Url Tracker - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6941,platforms/php/webapps/6941.txt,"YourFreeWorld Viral Marketing - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6942,platforms/php/webapps/6942.txt,"YourFreeWorld Scrolling Text Ads - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6943,platforms/php/webapps/6943.txt,"YourFreeWorld Reminder Service - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6944,platforms/php/webapps/6944.txt,"YourFreeWorld Classifieds Blaster - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6935,platforms/php/webapps/6935.txt,"YourFreeWorld Downline Builder - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6936,platforms/php/webapps/6936.txt,"YourFreeWorld Banner Management - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6937,platforms/php/webapps/6937.txt,"YourFreeWorld Blog Blaster - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6938,platforms/php/webapps/6938.txt,"YourFreeWorld Autoresponder Hosting - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6939,platforms/php/webapps/6939.txt,"YourFreeWorld Forced Matrix Script - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6940,platforms/php/webapps/6940.txt,"YourFreeWorld Short Url & Url Tracker - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6941,platforms/php/webapps/6941.txt,"YourFreeWorld Viral Marketing - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6942,platforms/php/webapps/6942.txt,"YourFreeWorld Scrolling Text Ads - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6943,platforms/php/webapps/6943.txt,"YourFreeWorld Reminder Service - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6944,platforms/php/webapps/6944.txt,"YourFreeWorld Classifieds Blaster - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6945,platforms/php/webapps/6945.txt,"YourFreeWorld Classifieds - (category) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6946,platforms/php/webapps/6946.txt,"Downline Goldmine Builder - (tr.php id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6947,platforms/php/webapps/6947.txt,"Downline Goldmine Category Addon - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6948,platforms/php/webapps/6948.txt,"YourFreeWorld Classifieds Hosting - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6947,platforms/php/webapps/6947.txt,"Downline Goldmine Category Addon - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6948,platforms/php/webapps/6948.txt,"YourFreeWorld Classifieds Hosting - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6950,platforms/php/webapps/6950.txt,"Downline Goldmine paidversion - (tr.php id) SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6951,platforms/php/webapps/6951.txt,"Downline Goldmine newdownlinebuilder - (tr.php id) SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6952,platforms/php/webapps/6952.txt,"YourFreeWorld Shopping Cart - (index.php c) Blind SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6953,platforms/php/webapps/6953.txt,"Maran PHP Shop - (prod.php cat) SQL Injection",2008-11-02,JosS,php,webapps,0 -6954,platforms/php/webapps/6954.txt,"Maran PHP Shop - (admin.php) Insecure Cookie Handling",2008-11-02,JosS,php,webapps,0 +6954,platforms/php/webapps/6954.txt,"Maran PHP Shop - 'admin.php' Insecure Cookie Handling",2008-11-02,JosS,php,webapps,0 6955,platforms/php/webapps/6955.txt,"Joovili 3.1.4 - Insecure Cookie Handling",2008-11-02,ZoRLu,php,webapps,0 6956,platforms/php/webapps/6956.txt,"apartment search script - (RFU/XSS) Multiple Vulnerabilities",2008-11-02,ZoRLu,php,webapps,0 6957,platforms/php/webapps/6957.txt,"NetRisk 2.0 - XSS / SQL Injection",2008-11-02,StAkeR,php,webapps,0 6958,platforms/php/webapps/6958.txt,"Maran PHP Shop - (prodshow.php) SQL Injection",2008-11-02,d3v1l,php,webapps,0 6960,platforms/php/webapps/6960.txt,"1st News - (products.php id) SQL Injection",2008-11-02,TR-ShaRk,php,webapps,0 6961,platforms/php/webapps/6961.pl,"DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection",2008-11-02,anonymous,php,webapps,0 -6962,platforms/php/webapps/6962.txt,"BosDev BosClassifieds - (cat_id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 +6962,platforms/php/webapps/6962.txt,"BosDev BosClassifieds - 'cat_id' SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6963,platforms/windows/remote/6963.html,"Chilkat Crypt - ActiveX Arbitrary File Creation/Execution PoC",2008-11-03,shinnai,windows,remote,0 6964,platforms/php/webapps/6964.txt,"Acc Real Estate 4.0 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6965,platforms/php/webapps/6965.txt,"Acc Statistics 1.1 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 @@ -6539,9 +6539,9 @@ id,file,description,date,author,platform,type,port 6974,platforms/php/webapps/6974.txt,"WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities",2008-11-04,G4N0K,php,webapps,0 6975,platforms/php/webapps/6975.txt,"Joomla Component VirtueMart Google Base 1.1 - Remote File Inclusion",2008-11-04,NoGe,php,webapps,0 6976,platforms/php/webapps/6976.txt,"Joomla Component ongumatimesheet20 4b - Remote File Inclusion",2008-11-04,NoGe,php,webapps,0 -6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card 1.02 - (catid) SQL Injection",2008-11-04,"Hussin X",php,webapps,0 -6978,platforms/php/webapps/6978.txt,"Vibro-CMS - Multiple SQL Injection",2008-11-04,StAkeR,php,webapps,0 -6979,platforms/php/webapps/6979.txt,"nicLOR Puglia Landscape - (id) Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 +6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card 1.02 - 'catid' SQL Injection",2008-11-04,"Hussin X",php,webapps,0 +6978,platforms/php/webapps/6978.txt,"Vibro-CMS - Multiple SQL Injections",2008-11-04,StAkeR,php,webapps,0 +6979,platforms/php/webapps/6979.txt,"nicLOR Puglia Landscape - 'id' Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 6980,platforms/php/webapps/6980.txt,"Joomla Component ProDesk 1.0/1.2 - Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 6981,platforms/php/webapps/6981.txt,"Vibro-School-CMS - (nID) SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 6982,platforms/php/webapps/6982.txt,"CMS-School 2005 - (showarticle.php) SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 @@ -6553,7 +6553,7 @@ id,file,description,date,author,platform,type,port 6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - (cityview.php cityid) SQL Injection",2008-11-04,G4N0K,php,webapps,0 6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card 1.02 - (SQL Injection) Auth Bypass",2008-11-04,x0r,php,webapps,0 6990,platforms/php/webapps/6990.txt,"nicLOR Sito - includefile Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 -6991,platforms/php/webapps/6991.txt,"TR News 2.1 - (login.php) Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 +6991,platforms/php/webapps/6991.txt,"TR News 2.1 - 'login.php' Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 6992,platforms/php/webapps/6992.txt,"wotw 5.0 - Local/Remote File Inclusion",2008-11-04,dun,php,webapps,0 6993,platforms/php/webapps/6993.php,"Simple Machines Forum (SMF) 1.1.6 - Code Execution Exploit",2008-11-04,"Charles Fol",php,webapps,0 6994,platforms/windows/local/6994.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow Exploit",2008-11-05,Elazar,windows,local,0 @@ -6575,7 +6575,7 @@ id,file,description,date,author,platform,type,port 7010,platforms/php/webapps/7010.txt,"Mole Group Taxi Calc Dist Script - (Auth Bypass) SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 7011,platforms/php/webapps/7011.pl,"Simple Machines Forum 1.1.6 - (LFI) Code Execution Exploit",2008-11-05,~elmysterio,php,webapps,0 7012,platforms/php/webapps/7012.txt,"hMAilServer 4.4.2 - (PHPWebAdmin) File Inclusion",2008-11-06,Nine:Situations:Group,php,webapps,0 -7013,platforms/php/webapps/7013.txt,"DevelopItEasy Events Calendar 1.2 - Multiple SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 +7013,platforms/php/webapps/7013.txt,"DevelopItEasy Events Calendar 1.2 - Multiple SQL Injections",2008-11-06,InjEctOr5,php,webapps,0 7014,platforms/php/webapps/7014.txt,"DevelopItEasy News And Article System 1.4 - SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 7015,platforms/php/webapps/7015.txt,"DevelopItEasy Membership System 1.3 - (Auth Bypass) SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 7016,platforms/php/webapps/7016.txt,"DevelopItEasy Photo Gallery 1.2 - SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 @@ -6591,7 +6591,7 @@ id,file,description,date,author,platform,type,port 7026,platforms/php/webapps/7026.txt,"SoftComplex PHP Image Gallery - (ctg) SQL Injection",2008-11-06,"Hussin X",php,webapps,0 7027,platforms/php/webapps/7027.txt,"Prozilla Software Directory - (XSS/SQL) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 7028,platforms/php/webapps/7028.txt,"turnkeyforms Entertainment Portal 2.0 - Insecure Cookie Handling",2008-11-07,G4N0K,php,webapps,0 -7029,platforms/php/webapps/7029.txt,"turnkeyforms Business Survey Pro 1.0 - (id) SQL Injection",2008-11-07,G4N0K,php,webapps,0 +7029,platforms/php/webapps/7029.txt,"turnkeyforms Business Survey Pro 1.0 - 'id' SQL Injection",2008-11-07,G4N0K,php,webapps,0 7030,platforms/php/webapps/7030.txt,"Mole Group Pizza - (manufacturers_id) Script SQL Injection",2008-11-07,InjEctOr5,php,webapps,0 7031,platforms/php/webapps/7031.php,"e-Vision CMS 2.0.2 - Multiple Local File Inclusion Exploit",2008-11-07,StAkeR,php,webapps,0 7032,platforms/php/webapps/7032.txt,"U&M Software Signup 1.1 - Auth Bypass",2008-11-07,G4N0K,php,webapps,0 @@ -6608,11 +6608,11 @@ id,file,description,date,author,platform,type,port 7045,platforms/php/webapps/7045.txt,"MyioSoft EasyBookMarker - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7046,platforms/php/webapps/7046.txt,"MyioSoft EasyCalendar - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7047,platforms/php/webapps/7047.txt,"DeltaScripts PHP Classifieds 7.5 - SQL Injection",2008-11-07,ZoRLu,php,webapps,0 -7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 - (cat_id) SQL Injection",2008-11-07,Stack,php,webapps,0 +7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 - 'cat_id' SQL Injection",2008-11-07,Stack,php,webapps,0 7049,platforms/php/webapps/7049.txt,"Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities",2008-11-07,ahmadbady,php,webapps,0 -7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 - (id) SQL Injection",2008-11-07,"Hussin X",php,webapps,0 +7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 - 'id' SQL Injection",2008-11-07,"Hussin X",php,webapps,0 7051,platforms/windows/local/7051.pl,"VLC Media Player < 0.9.6 - (.rt) Stack Buffer Overflow Exploit",2008-11-07,SkD,windows,local,0 -7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 - (id) SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 +7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 - 'id' SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection",2008-11-07,G4N0K,php,webapps,0 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Exploit",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 @@ -6654,10 +6654,10 @@ id,file,description,date,author,platform,type,port 7092,platforms/php/webapps/7092.txt,"Joomla Component com_books - (book_id) SQL Injection",2008-11-11,boom3rang,php,webapps,0 7093,platforms/php/webapps/7093.txt,"Joomla Component Contact Info 1.0 - SQL Injection",2008-11-11,boom3rang,php,webapps,0 7094,platforms/php/webapps/7094.txt,"Pre Real Estate Listings - File Upload",2008-11-11,BackDoor,php,webapps,0 -7095,platforms/php/webapps/7095.txt,"Joomla/Mambo com_catalogproduction - (id) SQL Injection",2008-11-11,boom3rang,php,webapps,0 +7095,platforms/php/webapps/7095.txt,"Joomla/Mambo com_catalogproduction - 'id' SQL Injection",2008-11-11,boom3rang,php,webapps,0 7096,platforms/php/webapps/7096.txt,"Joomla Component Simple RSS Reader 1.0 - Remote File Inclusion",2008-11-11,NoGe,php,webapps,0 -7097,platforms/php/webapps/7097.txt,"Joomla Component com_marketplace 1.2.1 - (catid) SQL Injection",2008-11-11,TR-ShaRk,php,webapps,0 -7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - (cid) SQL Injection",2008-11-11,"Hussin X",php,webapps,0 +7097,platforms/php/webapps/7097.txt,"Joomla Component com_marketplace 1.2.1 - 'catid' SQL Injection",2008-11-11,TR-ShaRk,php,webapps,0 +7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - 'cid' SQL Injection",2008-11-11,"Hussin X",php,webapps,0 7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote BoF PoC",2008-11-12,"Praveen Darshanam",windows,dos,0 7100,platforms/linux/dos/7100.pl,"Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module - Buffer Overflow PoC",2008-11-12,"Praveen Darshanam",linux,dos,0 7101,platforms/php/webapps/7101.txt,"AlstraSoft SendIt Pro - Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 @@ -6679,17 +6679,17 @@ id,file,description,date,author,platform,type,port 7119,platforms/php/webapps/7119.php,"Discuz! 6.x/7.x - Remote Code Execution Exploit",2008-11-14,80vul,php,webapps,0 7120,platforms/asp/webapps/7120.txt,"Bankoi Webhost Panel 1.20 - (Auth Bypass) SQL Injection",2008-11-14,R3d-D3V!L,asp,webapps,0 7121,platforms/php/webapps/7121.pl,"SlimCMS 1.0.0 - (edit.php) SQL Injection",2008-11-14,StAkeR,php,webapps,0 -7122,platforms/php/webapps/7122.txt,"GS Real Estate Portal - Multiple SQL Injection",2008-11-14,InjEctOr5,php,webapps,0 +7122,platforms/php/webapps/7122.txt,"GS Real Estate Portal - Multiple SQL Injections",2008-11-14,InjEctOr5,php,webapps,0 7123,platforms/php/webapps/7123.txt,"X7 Chat 2.0.5 - (Auth Bypass) SQL Injection",2008-11-14,ZoRLu,php,webapps,0 -7124,platforms/php/webapps/7124.txt,"turnkeyforms Text Link Sales - (id) XSS/SQL Injection",2008-11-14,ZoRLu,php,webapps,0 +7124,platforms/php/webapps/7124.txt,"turnkeyforms Text Link Sales - 'id' XSS/SQL Injection",2008-11-14,ZoRLu,php,webapps,0 7125,platforms/windows/remote/7125.txt,"Windows - SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow PoC",2008-11-15,r0ut3r,windows,dos,0 7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 7129,platforms/multiple/local/7129.sh,"Sudo 1.6.9p18 - (Defaults setenv) Local Privilege Escalation Exploit",2008-11-15,kingcope,multiple,local,0 7130,platforms/php/webapps/7130.php,"Minigal b13 - (index.php list) Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 -7131,platforms/php/webapps/7131.txt,"yahoo answers - (id) SQL Injection",2008-11-16,snakespc,php,webapps,0 +7131,platforms/php/webapps/7131.txt,"yahoo answers - 'id' SQL Injection",2008-11-16,snakespc,php,webapps,0 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution Exploit (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 -7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injection",2008-11-16,Vrs-hCk,php,webapps,0 +7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injections",2008-11-16,Vrs-hCk,php,webapps,0 7134,platforms/php/webapps/7134.txt,"phpstore Wholesale - (track.php?id) SQL Injection",2008-11-16,"Hussin X",php,webapps,0 7135,platforms/windows/local/7135.htm,"Opera 9.62 - file:// Local Heap Overflow Exploit",2008-11-17,"Guido Landi",windows,local,0 7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 - Bypass Config Download",2008-11-17,ahmadbady,php,webapps,0 @@ -6705,7 +6705,7 @@ id,file,description,date,author,platform,type,port 7147,platforms/php/webapps/7147.txt,"SaturnCMS - (view) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7148,platforms/php/webapps/7148.txt,"Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection",2008-11-17,eek,php,webapps,0 7149,platforms/php/webapps/7149.php,"VideoScript 4.0.1.50 - Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 -7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - CSRF (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 +7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-site Request Forgery (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution Exploit",2008-11-18,XenoMuta,linux,remote,0 7152,platforms/php/webapps/7152.txt,"Musicbox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 @@ -6743,7 +6743,7 @@ id,file,description,date,author,platform,type,port 7189,platforms/php/webapps/7189.txt,"getaphpsite Auto Dealers - Remote File Upload",2008-11-22,ZoRLu,php,webapps,0 7190,platforms/php/webapps/7190.txt,"Ez Ringtone Manager - Multiple Remote File Disclosure Vulnerabilities",2008-11-22,b3hz4d,php,webapps,0 7191,platforms/php/webapps/7191.php,"LoveCMS 1.6.2 Final (Simple Forum 3.1d) - Change Admin Password Exploit",2008-11-22,cOndemned,php,webapps,0 -7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index - (id) SQL Injection",2008-11-23,snakespc,php,webapps,0 +7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index - 'id' SQL Injection",2008-11-23,snakespc,php,webapps,0 7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069)",2008-11-23,"Jerome Athias",windows,remote,0 7197,platforms/php/webapps/7197.txt,"Goople CMS 1.7 - Remote File Upload",2008-11-23,x0r,php,webapps,0 7198,platforms/php/webapps/7198.txt,"NetArtMedia Cars Portal 2.0 - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 @@ -6760,7 +6760,7 @@ id,file,description,date,author,platform,type,port 7210,platforms/php/webapps/7210.txt,"Goople CMS 1.7 - Arbitrary Code Execution",2008-11-24,x0r,php,webapps,0 7211,platforms/php/webapps/7211.php,"VideoScript 3.0 <= 4.0.1.50 - Official Shell Injection Exploit",2008-11-24,G4N0K,php,webapps,0 7212,platforms/php/webapps/7212.php,"VideoScript 3.0 <= 4.1.5.55 - Unofficial Shell Injection Exploit",2008-11-24,G4N0K,php,webapps,0 -7213,platforms/windows/dos/7213.pl,"W3C Amaya 10.1 Web Browser - (id) Remote Stack Overflow PoC",2008-11-24,r0ut3r,windows,dos,0 +7213,platforms/windows/dos/7213.pl,"W3C Amaya 10.1 Web Browser - 'id' Remote Stack Overflow PoC",2008-11-24,r0ut3r,windows,dos,0 7214,platforms/php/webapps/7214.txt,"ftpzik - (XSS/LFI) Multiple Vulnerabilities",2008-11-24,JIKO,php,webapps,0 7215,platforms/php/webapps/7215.txt,"bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities",2008-11-24,ZoRLu,php,webapps,0 7216,platforms/php/webapps/7216.txt,"WebStudio CMS - (index.php pageid) Blind SQL Injection",2008-11-24,"Glafkos Charalambous ",php,webapps,0 @@ -6803,7 +6803,7 @@ id,file,description,date,author,platform,type,port 7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - (HotelID) SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 7254,platforms/php/webapps/7254.txt,"Ocean12 Membership Manager Pro - (Auth Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 7255,platforms/php/webapps/7255.txt,"pagetree CMS 0.0.2 beta 0001 - Remote File Inclusion",2008-11-27,NoGe,php,webapps,0 -7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - (id) SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 +7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - 'id' SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 7258,platforms/php/webapps/7258.txt,"Ocean12 FAQ Manager Pro - Database Disclosure",2008-11-27,Stack,php,webapps,0 7259,platforms/asp/webapps/7259.txt,"comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,asp,webapps,0 7260,platforms/php/webapps/7260.txt,"BaSiC-CMS - (acm2000.mdb) Remote Database Disclosure",2008-11-28,Stack,php,webapps,0 @@ -6865,7 +6865,7 @@ id,file,description,date,author,platform,type,port 7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - DD / SQL / XSS",2008-12-02,Pouya_Server,php,webapps,0 7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook - Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 -7323,platforms/php/webapps/7323.txt,"SunByte e-Flower - (id) SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 +7323,platforms/php/webapps/7323.txt,"SunByte e-Flower - 'id' SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 - (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) - Database Disclosure",2008-12-02,AlpHaNiX,asp,webapps,0 7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 - (pics_pre.asp ID) Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 @@ -6873,7 +6873,7 @@ id,file,description,date,author,platform,type,port 7328,platforms/php/webapps/7328.pl,"Check New 4.52 - (findoffice.php search) SQL Injection",2008-12-03,"CWH Underground",php,webapps,0 7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - (.rdp) Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow PoC",2008-12-03,"ilja van sprundel",multiple,dos,0 -7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - (id) SQL Injection",2008-12-03,StAkeR,php,webapps,0 +7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - 'id' SQL Injection",2008-12-03,StAkeR,php,webapps,0 7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET - Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 7333,platforms/php/webapps/7333.txt,"Rae Media Contact MS - (Auth Bypass) SQL Injection",2008-12-03,b3hz4d,php,webapps,0 7334,platforms/windows/local/7334.pl,"RadAsm 2.2.1.5 - (.RAP) WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 @@ -6888,7 +6888,7 @@ id,file,description,date,author,platform,type,port 7343,platforms/php/webapps/7343.txt,"Joomla Component mydyngallery 1.4.2 - (directory) SQL Injection",2008-12-04,"Khashayar Fereidani",php,webapps,0 7344,platforms/php/webapps/7344.txt,"Gravity GTD 0.4.5 - (rpc.php objectname) LFI/RCE",2008-12-04,dun,php,webapps,0 7345,platforms/php/webapps/7345.txt,"BNCwi 1.04 - Local File Inclusion",2008-12-04,dun,php,webapps,0 -7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 - (id) SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 +7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 - 'id' SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 7347,platforms/windows/local/7347.pl,"PEiD 0.92 - Malformed PE File Universal Buffer Overflow Exploit",2008-12-05,SkD,windows,local,0 7348,platforms/asp/webapps/7348.txt,"merlix educate servert - (bypass/DD) Multiple Vulnerabilities",2008-12-05,ZoRLu,asp,webapps,0 7349,platforms/asp/webapps/7349.txt,"RankEm - (rankup.asp siteID) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 @@ -6899,7 +6899,7 @@ id,file,description,date,author,platform,type,port 7354,platforms/php/webapps/7354.txt,"Tizag Countdown Creator .v.3 - Insecure Upload",2008-12-05,ahmadbady,php,webapps,0 7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - SITE Parameters Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 7356,platforms/asp/webapps/7356.txt,"asp autodealer - (SQL/DD) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 -7357,platforms/asp/webapps/7357.txt,"ASP PORTAL - Multiple SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 +7357,platforms/asp/webapps/7357.txt,"ASP PORTAL - Multiple SQL Injections",2008-12-05,AlpHaNiX,asp,webapps,0 7358,platforms/windows/dos/7358.html,"Visagesoft eXPert PDF EditorX - (VSPDFEditorX.ocx) Insecure Method",2008-12-05,"Marco Torti",windows,dos,0 7359,platforms/asp/webapps/7359.txt,"ASPTicker 1.0 - (news.mdb) Remote Database Disclosure",2008-12-05,ZoRLu,asp,webapps,0 7360,platforms/asp/webapps/7360.txt,"ASP AutoDealer - Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 @@ -6916,10 +6916,10 @@ id,file,description,date,author,platform,type,port 7371,platforms/asp/webapps/7371.txt,"Professional Download Assistant 0.1 - Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 7372,platforms/asp/webapps/7372.txt,"Ikon AdManager 2.1 - Remote Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 7373,platforms/asp/webapps/7373.txt,"aspmanage banners - (RFU/DD) Multiple Vulnerabilities",2008-12-07,ZoRLu,asp,webapps,0 -7374,platforms/php/webapps/7374.txt,"Mini Blog 1.0.1 - (index.php) Multiple Local File Inclusion",2008-12-07,cOndemned,php,webapps,0 -7375,platforms/php/webapps/7375.txt,"Mini-CMS 1.0.1 - (index.php) Multiple Local File Inclusion",2008-12-07,cOndemned,php,webapps,0 +7374,platforms/php/webapps/7374.txt,"Mini Blog 1.0.1 - 'index.php' Multiple Local File Inclusion",2008-12-07,cOndemned,php,webapps,0 +7375,platforms/php/webapps/7375.txt,"Mini-CMS 1.0.1 - 'index.php' Multiple Local File Inclusion",2008-12-07,cOndemned,php,webapps,0 7376,platforms/asp/webapps/7376.txt,"QMail Mailing List Manager 1.2 - Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 -7377,platforms/php/webapps/7377.txt,"PHPmyGallery Gold 1.51 - (index.php) Directory Traversal",2008-12-07,zAx,php,webapps,0 +7377,platforms/php/webapps/7377.txt,"PHPmyGallery Gold 1.51 - 'index.php' Directory Traversal",2008-12-07,zAx,php,webapps,0 7378,platforms/asp/webapps/7378.txt,"asp talk - (SQL/css) Multiple Vulnerabilities",2008-12-07,Bl@ckbe@rD,asp,webapps,0 7379,platforms/php/webapps/7379.txt,"MG2 0.5.1 - (filename) Remote Code Execution",2008-12-08,"Alfons Luja",php,webapps,0 7380,platforms/php/webapps/7380.txt,"XOOPS 2.3.1 - Multiple Local File Inclusion",2008-12-08,DSecRG,php,webapps,0 @@ -6937,7 +6937,7 @@ id,file,description,date,author,platform,type,port 7392,platforms/php/webapps/7392.txt,"phpmygallery 1.0beta2 - (RFI/LFI) Multiple Vulnerabilities",2008-12-09,ZoRLu,php,webapps,0 7393,platforms/linux/local/7393.txt,"PHP - safe_mode bypass via proc_open() and custom environment",2008-12-09,gat3way,linux,local,0 7395,platforms/php/webapps/7395.txt,"Peel Shopping 3.1 - (index.php rubid) SQL Injection",2008-12-09,SuB-ZeRo,php,webapps,0 -7396,platforms/php/webapps/7396.txt,"Netref 4.0 - Multiple SQL Injection",2008-12-09,SuB-ZeRo,php,webapps,0 +7396,platforms/php/webapps/7396.txt,"Netref 4.0 - Multiple SQL Injections",2008-12-09,SuB-ZeRo,php,webapps,0 7397,platforms/php/webapps/7397.txt,"ProQuiz 1.0 - (Auth Bypass) SQL Injection",2008-12-09,Osirys,php,webapps,0 7398,platforms/asp/webapps/7398.txt,"postecards - (SQL/DD) Multiple Vulnerabilities",2008-12-09,AlpHaNiX,asp,webapps,0 7399,platforms/php/webapps/7399.txt,"PHPmyGallery 1.5beta - (common-tpl-vars.php) LFI / RFI",2008-12-09,CoBRa_21,php,webapps,0 @@ -6980,7 +6980,7 @@ id,file,description,date,author,platform,type,port 7436,platforms/asp/webapps/7436.txt,"the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities",2008-12-12,Pouya_Server,asp,webapps,0 7437,platforms/php/webapps/7437.txt,"Moodle 1.9.3 - Remote Code Execution",2008-12-12,USH,php,webapps,0 7438,platforms/asp/webapps/7438.txt,"VP-ASP Shopping Cart 6.50 - Database Disclosure",2008-12-12,Dxil,asp,webapps,0 -7439,platforms/php/webapps/7439.txt,"Umer Inc Songs Portal Script - (id) SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 +7439,platforms/php/webapps/7439.txt,"Umer Inc Songs Portal Script - 'id' SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7440,platforms/asp/webapps/7440.txt,"ColdFusion Scripts Red_Reservations - Database Disclosure",2008-12-12,Cyber-Zone,asp,webapps,0 7441,platforms/php/webapps/7441.txt,"joomla live chat - (SQL/proxy) Multiple Vulnerabilities",2008-12-12,jdc,php,webapps,0 7442,platforms/windows/remote/7442.txt,"TmaxSoft JEUS - Alternate Data Streams File Disclosure",2008-12-12,"Simon Ryeo",windows,remote,0 @@ -6996,7 +6996,7 @@ id,file,description,date,author,platform,type,port 7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote BoF Exploit",2008-12-14,SkD,windows,remote,69 7453,platforms/php/webapps/7453.txt,"FLDS 1.2a - (redir.php id) SQL Injection",2008-12-14,nuclear,php,webapps,0 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service",2008-12-14,Adurit-T,linux,dos,0 -7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - (download.php) Remote",2008-12-14,x0r,php,webapps,0 +7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - 'download.php' Remote",2008-12-14,x0r,php,webapps,0 7456,platforms/php/webapps/7456.txt,"Availscript Article Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 7457,platforms/php/webapps/7457.txt,"Availscript Classmate Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 - (index.php lang) Local File Inclusion",2008-12-14,Osirys,php,webapps,0 @@ -7021,14 +7021,14 @@ id,file,description,date,author,platform,type,port 7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer - XML Parsing Buffer Overflow Exploit (allinone)",2008-12-15,krafty,windows,remote,0 7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 - (Auth Bypass) SQL Injection",2008-12-15,x0r,php,webapps,0 7479,platforms/php/webapps/7479.txt,"XOOPS Module Amevents - (print.php id) SQL Injection",2008-12-15,nétRoot,php,webapps,0 -7480,platforms/php/webapps/7480.txt,"CadeNix - (cid) SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 +7480,platforms/php/webapps/7480.txt,"CadeNix - 'cid' SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 7481,platforms/php/webapps/7481.txt,"WorkSimple 1.2.1 - RFI / Sensitive Data Disclosure",2008-12-15,Osirys,php,webapps,0 7482,platforms/php/webapps/7482.txt,"Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection",2008-12-15,NoGe,php,webapps,0 7483,platforms/php/webapps/7483.txt,"CFAGCMS 1 - (right.php title) SQL Injection",2008-12-15,ZoRLu,php,webapps,0 7484,platforms/asp/webapps/7484.txt,"Click&BaneX - Multiple SQL Injections",2008-12-15,AlpHaNiX,asp,webapps,0 7485,platforms/asp/webapps/7485.txt,"clickandemail - (SQL/XSS) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7486,platforms/asp/webapps/7486.txt,"click&rank - SQL / XSS",2008-12-15,AlpHaNiX,asp,webapps,0 -7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - (download.php) SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 +7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - 'download.php' SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - report.php (linkida) SQL Injection",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection",2008-12-16,Lidloses_Auge,php,webapps,0 @@ -7042,7 +7042,7 @@ id,file,description,date,author,platform,type,port 7499,platforms/asp/webapps/7499.txt,"BP Blog 6.0/7.0/8.0/9.0 - Remote Database Disclosure",2008-12-17,Dxil,asp,webapps,0 7500,platforms/php/webapps/7500.txt,"K&S Shopsysteme - Arbitrary Remote File Upload",2008-12-17,mNt,php,webapps,0 7501,platforms/windows/local/7501.asp,"Microsoft SQL Server - sp_replwritetovarbin() Heap Overflow Exploit",2008-12-17,"Guido Landi",windows,local,0 -7502,platforms/php/webapps/7502.txt,"r.cms 2.0 - Multiple SQL Injection",2008-12-17,Lidloses_Auge,php,webapps,0 +7502,platforms/php/webapps/7502.txt,"r.cms 2.0 - Multiple SQL Injections",2008-12-17,Lidloses_Auge,php,webapps,0 7503,platforms/multiple/local/7503.txt,"PHP python extension safe_mode - Bypass Local",2008-12-17,"Amir Salmani",multiple,local,0 7504,platforms/php/webapps/7504.txt,"Joomla Component Tech Article 1.x - (item) SQL Injection",2008-12-17,InjEctOr5,php,webapps,0 7505,platforms/windows/remote/7505.html,"Phoenician Casino FlashAX - ActiveX Remote Code Execution Exploit",2008-12-17,e.wiZz!,windows,remote,0 @@ -7057,14 +7057,14 @@ id,file,description,date,author,platform,type,port 7514,platforms/php/webapps/7514.txt,"I-Rater Basic - (messages.php) SQL Injection",2008-12-18,boom3rang,php,webapps,0 7515,platforms/php/webapps/7515.txt,"phpclanwebsite 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 7516,platforms/windows/local/7516.txt,"ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation Exploit",2008-12-18,"NT Internals",windows,local,0 -7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - (id) SQL Injection",2008-12-18,fuzion,php,webapps,0 +7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - 'id' SQL Injection",2008-12-18,fuzion,php,webapps,0 7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 - Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 7519,platforms/php/webapps/7519.txt,"MyPHPsite - (index.php mod) Local File Inclusion",2008-12-18,Piker,php,webapps,0 7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 7521,platforms/windows/remote/7521.txt,"webcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 7522,platforms/php/webapps/7522.pl,"MyPBS - (index.php seasonID) SQL Injection",2008-12-19,Piker,php,webapps,0 7523,platforms/php/webapps/7523.php,"ReVou Twitter Clone - Admin Password Changing Exploit",2008-12-19,G4N0K,php,webapps,0 -7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - (download.php) File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 +7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - 'download.php' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7525,platforms/php/webapps/7525.txt,"Extract Website - (download.php filename) File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7526,platforms/php/webapps/7526.txt,"myPHPscripts Login Session 2.0 - XSS / Database Disclosure",2008-12-19,Osirys,php,webapps,0 7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 - (source.php p) Remote File Disclosure",2008-12-19,Piker,php,webapps,0 @@ -7097,7 +7097,7 @@ id,file,description,date,author,platform,type,port 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash Exploit",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client - (8010/tcp) Remote Denial of Service (Windows/Linux)",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 -7557,platforms/php/webapps/7557.txt,"PHPmotion 2.1 - CSRF",2008-12-23,Ausome1,php,webapps,0 +7557,platforms/php/webapps/7557.txt,"PHPmotion 2.1 - Cross-site Request Forgery",2008-12-23,Ausome1,php,webapps,0 7558,platforms/php/webapps/7558.txt,"phpLD 3.3 - (page.php name) Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 - (password_recovery.php) Blind SQL Injection",2008-12-23,s4avrd0w,php,webapps,0 7560,platforms/php/webapps/7560.txt,"cms netcat 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 @@ -7107,15 +7107,15 @@ id,file,description,date,author,platform,type,port 7564,platforms/multiple/dos/7564.pl,"Getleft 1.2 - Remote Buffer Overflow Proof of Concept",2008-12-23,Koshi,multiple,dos,0 7565,platforms/php/webapps/7565.txt,"StormBoard 1.0.1 - (thread.php id) SQL Injection",2008-12-23,Samir-M,php,webapps,0 7566,platforms/windows/remote/7566.html,"Google Chrome Browser - (ChromeHTML://) Remote Parameter Injection",2008-12-23,Nine:Situations:Group,windows,remote,0 -7567,platforms/php/webapps/7567.txt,"Joomla Component com_lowcosthotels - (id) Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 -7568,platforms/php/webapps/7568.txt,"Joomla Component com_allhotels - (id) Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 +7567,platforms/php/webapps/7567.txt,"Joomla Component com_lowcosthotels - 'id' Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 +7568,platforms/php/webapps/7568.txt,"Joomla Component com_allhotels - 'id' Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 7569,platforms/php/webapps/7569.txt,"doop CMS 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities",2008-12-24,x0r,php,webapps,0 7570,platforms/php/webapps/7570.txt,"ILIAS 3.7.4 - (ref_id) Blind SQL Injection",2008-12-24,Lidloses_Auge,php,webapps,0 7571,platforms/windows/dos/7571.txt,"BulletProof FTP Client 2.63 - Local Heap Overflow PoC",2008-12-24,His0k4,windows,dos,0 -7572,platforms/php/webapps/7572.txt,"Joomla Component Ice Gallery 0.5b2 - (catid) Blind SQL Injection",2008-12-24,boom3rang,php,webapps,0 +7572,platforms/php/webapps/7572.txt,"Joomla Component Ice Gallery 0.5b2 - 'catid' Blind SQL Injection",2008-12-24,boom3rang,php,webapps,0 7573,platforms/php/webapps/7573.txt,"Joomla Component Live Ticker 1.0 - (tid) Blind SQL Injection",2008-12-24,boom3rang,php,webapps,0 7574,platforms/php/webapps/7574.txt,"Joomla Component mdigg 2.2.8 - (category) SQL Injection",2008-12-24,boom3rang,php,webapps,0 -7575,platforms/php/webapps/7575.pl,"Joomla Component 5starhotels - (id) SQL Injection",2008-12-24,EcHoLL,php,webapps,0 +7575,platforms/php/webapps/7575.pl,"Joomla Component 5starhotels - 'id' SQL Injection",2008-12-24,EcHoLL,php,webapps,0 7576,platforms/php/webapps/7576.pl,"PHP-Fusion 7.0.2 - Remote Blind SQL Injection",2008-12-24,StAkeR,php,webapps,0 7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft 4.2 - Universal Stack Overflow Exploit (SEH)",2008-12-24,SkD,windows,local,0 7578,platforms/windows/dos/7578.pl,"SAWStudio 3.9i - (.prf) Local Buffer Overflow PoC",2008-12-24,"Encrypt3d.M!nd ",windows,dos,0 @@ -7133,9 +7133,9 @@ id,file,description,date,author,platform,type,port 7593,platforms/php/webapps/7593.pl,"DeluxeBB 1.2 - Remote Blind SQL Injection",2008-12-28,StAkeR,php,webapps,0 7594,platforms/windows/remote/7594.html,"Chilkat FTP - ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 7595,platforms/php/webapps/7595.txt,"FubarForum 1.6 - Arbitrary Admin Bypass",2008-12-28,k3yv4n,php,webapps,0 -7596,platforms/php/webapps/7596.txt,"AlstraSoft Web Email Script Enterprise - (id) SQL Injection",2008-12-28,Bgh7,php,webapps,0 +7596,platforms/php/webapps/7596.txt,"AlstraSoft Web Email Script Enterprise - 'id' SQL Injection",2008-12-28,Bgh7,php,webapps,0 7597,platforms/php/webapps/7597.txt,"OwenPoll 1.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 -7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI - (id) SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 +7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI - 'id' SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0 7600,platforms/php/webapps/7600.pl,"Flexphplink Pro - Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 @@ -7174,7 +7174,7 @@ id,file,description,date,author,platform,type,port 7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - (.gro) Local Buffer Overflow PoC",2009-01-01,Houssamix,windows,dos,0 7635,platforms/php/webapps/7635.txt,"ASPThai.Net Webboard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 -7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - (.m3u) Stack Buffer Overflow PoC",2009-01-01,"aBo MoHaMeD",windows,dos,0 +7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - '.m3u' Stack Buffer Overflow PoC",2009-01-01,"aBo MoHaMeD",windows,dos,0 7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Remote PHP File Upload",2009-01-01,Lo$er,php,webapps,0 7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - (user.cfg) Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0 7640,platforms/php/webapps/7640.txt,"w3blabor CMS 3.3.0 - (Admin Bypass) SQL Injection",2009-01-01,DNX,php,webapps,0 @@ -7186,28 +7186,28 @@ id,file,description,date,author,platform,type,port 7646,platforms/multiple/local/7646.txt,"PHP 5.2.8 gd library - imageRotate() Information Leak",2009-01-02,"Hamid Ebadi",multiple,local,0 7647,platforms/multiple/dos/7647.txt,"VMware 2.5.1 - (Vmware-authd) Remote Denial of Service",2009-01-02,"laurent gaffié ",multiple,dos,0 7648,platforms/php/webapps/7648.txt,"phpskelsite 1.4 - (RFI/LFI/XSS) Multiple Vulnerabilities",2009-01-02,ahmadbady,php,webapps,0 -7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - (.m3u) Local Buffer Overflow PoC",2009-01-02,"aBo MoHaMeD",windows,dos,0 -7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection",2009-01-03,darkjoker,php,webapps,0 -7651,platforms/windows/local/7651.py,"Destiny Media Player 1.61 - (.m3u) Local Stack Overflow Exploit",2009-01-03,His0k4,windows,local,0 -7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow PoC",2009-01-03,"Encrypt3d.M!nd ",windows,dos,0 +7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - '.m3u' Local Buffer Overflow PoC",2009-01-02,"aBo MoHaMeD",windows,dos,0 +7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-site Scripting / Blind SQL Injection",2009-01-03,darkjoker,php,webapps,0 +7651,platforms/windows/local/7651.py,"Destiny Media Player 1.61 - '.m3u' Local Stack Overflow Exploit",2009-01-03,His0k4,windows,local,0 +7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow PoC",2009-01-03,"Encrypt3d.M!nd ",windows,dos,0 7653,platforms/php/webapps/7653.txt,"Webspell 4 - (Auth Bypass) SQL Injection",2009-01-03,anonymous,php,webapps,0 -7654,platforms/windows/local/7654.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit",2009-01-04,"Encrypt3d.M!nd ",windows,local,0 -7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (2)",2009-01-04,sCORPINo,windows,local,0 -7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (3)",2009-01-04,Houssamix,windows,local,0 -7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - (id) Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 +7654,platforms/windows/local/7654.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow Exploit",2009-01-04,"Encrypt3d.M!nd ",windows,local,0 +7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow Exploit (2)",2009-01-04,sCORPINo,windows,local,0 +7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow Exploit (3)",2009-01-04,Houssamix,windows,local,0 +7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - 'id' Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion Exploit",2009-01-04,StAkeR,php,webapps,0 7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - (search) SQL Injection",2009-01-04,DaiMon,php,webapps,0 7660,platforms/php/webapps/7660.txt,"PhpMesFilms 1.0 - (index.php id) SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 -7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (4)",2009-01-04,Stack,windows,local,0 -7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (5)",2009-01-04,suN8Hclf,windows,local,0 -7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - (id) SQL Injection",2009-01-04,ZoRLu,php,webapps,0 +7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow Exploit (4)",2009-01-04,Stack,windows,local,0 +7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow Exploit (5)",2009-01-04,suN8Hclf,windows,local,0 +7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - 'id' SQL Injection",2009-01-04,ZoRLu,php,webapps,0 7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - (viewarticle.php id) Blind SQL Injection",2009-01-04,darkjoker,php,webapps,0 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - (acc.mdb) Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - (Auth Bypass) SQL Injection",2009-01-05,ByALBAYX,asp,webapps,0 7667,platforms/php/webapps/7667.txt,"Joomla Component simple_review 1.x - SQL Injection",2009-01-05,EcHoLL,php,webapps,0 -7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - (index.php) Remote File Inclusion Exploit",2009-01-05,JosS,php,webapps,0 +7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - 'index.php' Remote File Inclusion Exploit",2009-01-05,JosS,php,webapps,0 7669,platforms/php/webapps/7669.pl,"Joomla com_na_newsdescription - (newsid) SQL Injection",2009-01-05,EcHoLL,php,webapps,0 -7670,platforms/php/webapps/7670.pl,"Joomla com_phocadocumentation - (id) SQL Injection",2009-01-05,EcHoLL,php,webapps,0 +7670,platforms/php/webapps/7670.pl,"Joomla com_phocadocumentation - 'id' SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7671,platforms/windows/local/7671.pl,"VUPlayer 2.49 - (.wax) Local Buffer Overflow Exploit",2009-01-05,Houssamix,windows,local,0 7672,platforms/php/webapps/7672.txt,"phpauctionsystem - (XSS/SQL) Multiple Vulnerabilities",2009-01-05,x0r,php,webapps,0 7673,platforms/multiple/dos/7673.html,"Safari - (Arguments) Array Integer Overflow PoC (New Heap Spray)",2009-01-05,Skylined,multiple,dos,0 @@ -7253,9 +7253,9 @@ id,file,description,date,author,platform,type,port 7713,platforms/windows/local/7713.pl,"VUPlayer 2.49 - (.asx) (HREF) Local Buffer Overflow Exploit (2)",2009-01-09,Houssamix,windows,local,0 7714,platforms/windows/local/7714.pl,"VUPlayer 2.49 - (.asx) (HREF) Local Buffer Overflow Exploit (1)",2009-01-11,sCORPINo,windows,local,0 7715,platforms/windows/local/7715.py,"VUPlayer 2.49 - (.asx) (HREF) Universal Buffer Overflow Exploit",2009-01-11,His0k4,windows,local,0 -7716,platforms/php/webapps/7716.pl,"Joomla com_xevidmegahd - (catid) SQL Injection",2009-01-11,EcHoLL,php,webapps,0 -7717,platforms/php/webapps/7717.pl,"Joomla com_jashowcase - (catid) SQL Injection",2009-01-11,EcHoLL,php,webapps,0 -7718,platforms/php/webapps/7718.txt,"Joomla com_newsflash - (id) SQL Injection",2009-01-11,EcHoLL,php,webapps,0 +7716,platforms/php/webapps/7716.pl,"Joomla com_xevidmegahd - 'catid' SQL Injection",2009-01-11,EcHoLL,php,webapps,0 +7717,platforms/php/webapps/7717.pl,"Joomla com_jashowcase - 'catid' SQL Injection",2009-01-11,EcHoLL,php,webapps,0 +7718,platforms/php/webapps/7718.txt,"Joomla com_newsflash - 'id' SQL Injection",2009-01-11,EcHoLL,php,webapps,0 7719,platforms/php/webapps/7719.txt,"Fast Guest Book - (Auth Bypass) SQL Injection",2009-01-11,Moudi,php,webapps,0 7720,platforms/windows/dos/7720.pl,"Microsoft Windows - (.CHM) Denial of Service (html compiled)",2009-01-11,securfrog,windows,dos,0 7721,platforms/windows/dos/7721.pl,"Browse3D 3.5 - (.sfs) Local Buffer Overflow PoC",2009-01-11,Houssamix,windows,dos,0 @@ -7274,7 +7274,7 @@ id,file,description,date,author,platform,type,port 7734,platforms/php/webapps/7734.txt,"Joomla Component Portfol - (vcatid) SQL Injection",2009-01-12,H!tm@N,php,webapps,0 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass",2009-01-12,Xianur0,php,webapps,0 7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 -7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - (.m3u) Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 +7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - '.m3u' Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 @@ -7332,7 +7332,7 @@ id,file,description,date,author,platform,type,port 7792,platforms/php/webapps/7792.txt,"GNUBoard 4.31.03 - (08.12.29) Local File Inclusion",2009-01-15,flyh4t,php,webapps,0 7793,platforms/php/webapps/7793.php,"Joomla com_Eventing 1.6.x - Blind SQL Injection",2009-01-15,InjEctOr5,php,webapps,0 7794,platforms/windows/remote/7794.html,"Ciansoft PDFBuilderX 2.2 - ActiveX Arbitrary File Overwrite Exploit",2009-01-15,"Alfons Luja",windows,remote,0 -7795,platforms/php/webapps/7795.txt,"Joomla Component RD-Autos 1.5.5 - (id) SQL Injection",2009-01-15,H!tm@N,php,webapps,0 +7795,platforms/php/webapps/7795.txt,"Joomla Component RD-Autos 1.5.5 - 'id' SQL Injection",2009-01-15,H!tm@N,php,webapps,0 7796,platforms/php/webapps/7796.txt,"mkportal 1.2.1 - Multiple Vulnerabilities",2009-01-15,waraxe,php,webapps,0 7797,platforms/php/webapps/7797.php,"Blue Eye CMS 1.0.0 - (clanek) Blind SQL Injection",2009-01-15,darkjoker,php,webapps,0 7798,platforms/php/webapps/7798.txt,"Free Bible Search PHP Script - (readbible.php) SQL Injection",2009-01-15,nuclear,php,webapps,0 @@ -7350,8 +7350,8 @@ id,file,description,date,author,platform,type,port 7811,platforms/php/webapps/7811.txt,"Aj Classifieds For Sale 3.0 - Remote Shell Upload",2009-01-16,ZoRLu,php,webapps,0 7812,platforms/multiple/dos/7812.pl,"MPlayer 1.0rc2 - TwinVQ Stack Buffer Overflow PoC",2009-01-16,sCORPINo,multiple,dos,0 7813,platforms/php/webapps/7813.txt,"Simple PHP Newsletter 1.5 - (olang) Local File Inclusion",2009-01-16,ahmadbady,php,webapps,0 -7814,platforms/php/webapps/7814.txt,"BibCiter 1.4 - Multiple SQL Injection",2009-01-16,nuclear,php,webapps,0 -7815,platforms/php/webapps/7815.txt,"Joomla Component Gigcal 1.x - (id) SQL Injection",2009-01-18,Lanti-Net,php,webapps,0 +7814,platforms/php/webapps/7814.txt,"BibCiter 1.4 - Multiple SQL Injections",2009-01-16,nuclear,php,webapps,0 +7815,platforms/php/webapps/7815.txt,"Joomla Component Gigcal 1.x - 'id' SQL Injection",2009-01-18,Lanti-Net,php,webapps,0 7816,platforms/asp/webapps/7816.txt,"DS-IPN.NET Digital Sales IPN - Database Disclosure",2009-01-18,Moudi,asp,webapps,0 7817,platforms/php/webapps/7817.txt,"Click&Email - (Auth Bypass) SQL Injection",2009-01-18,SuB-ZeRo,php,webapps,0 7818,platforms/php/webapps/7818.txt,"SCMS 1 - (index.php p) Local File Inclusion",2009-01-18,ahmadbady,php,webapps,0 @@ -7359,7 +7359,7 @@ id,file,description,date,author,platform,type,port 7820,platforms/php/webapps/7820.pl,"Fhimage 1.2.1 - Remote Index Change Exploit",2009-01-19,Osirys,php,webapps,0 7821,platforms/php/webapps/7821.pl,"Fhimage 1.2.1 - Remote Command Execution Exploit (mq = off)",2009-01-19,Osirys,php,webapps,0 7822,platforms/multiple/dos/7822.c,"D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service",2009-01-19,"Jon Oberheide",multiple,dos,0 -7823,platforms/qnx/dos/7823.txt,"QNX 6.4.0 - bitflipped elf binary (id) Kernel Panic Exploit",2009-01-19,kokanin,qnx,dos,0 +7823,platforms/qnx/dos/7823.txt,"QNX 6.4.0 - bitflipped elf binary 'id' Kernel Panic Exploit",2009-01-19,kokanin,qnx,dos,0 7824,platforms/php/webapps/7824.pl,"Joomla com_pccookbook - (recipe_id) Blind SQL Injection",2009-01-19,InjEctOr5,php,webapps,0 7826,platforms/windows/remote/7826.html,"SmartVmd ActiveX 1.1 - Remote File Overwrite Exploit",2009-01-19,Houssamix,windows,remote,0 7827,platforms/windows/remote/7827.html,"SmartVmd ActiveX 1.1 - Remote File Deletion Exploit",2009-01-19,Houssamix,windows,remote,0 @@ -7371,7 +7371,7 @@ id,file,description,date,author,platform,type,port 7833,platforms/php/webapps/7833.php,"Joomla com_waticketsystem - Blind SQL Injection",2009-01-19,InjEctOr5,php,webapps,0 7834,platforms/php/webapps/7834.txt,"Ninja Blog 4.8 - (CSRF/HTML Injection)",2009-01-19,"Danny Moules",php,webapps,0 7835,platforms/php/webapps/7835.htm,"Max.Blog 1.0.6 - Arbitrary Delete Post Exploit",2009-01-20,SirGod,php,webapps,0 -7836,platforms/php/webapps/7836.txt,"AJ Auction Pro OOPD 2.3 - (id) SQL Injection",2009-01-20,snakespc,php,webapps,0 +7836,platforms/php/webapps/7836.txt,"AJ Auction Pro OOPD 2.3 - 'id' SQL Injection",2009-01-20,snakespc,php,webapps,0 7837,platforms/php/webapps/7837.pl,"LinPHA Photo Gallery 2.0 - Remote Command Execution Exploit",2009-01-20,Osirys,php,webapps,0 7838,platforms/php/webapps/7838.txt,"Dodo's Quiz Script 1.1 - (dodosquiz.php) Local File Inclusion",2009-01-20,Stack,php,webapps,0 7839,platforms/windows/local/7839.py,"Total Video Player 1.31 - (DefaultSkin.ini) Local Stack Overflow Exploit",2009-01-20,His0k4,windows,local,0 @@ -7388,8 +7388,8 @@ id,file,description,date,author,platform,type,port 7850,platforms/asp/webapps/7850.txt,"asp-project 1.0 - Insecure Cookie Method",2009-01-22,"Khashayar Fereidani",asp,webapps,0 7851,platforms/php/webapps/7851.php,"Pardal CMS 0.2.0 - Blind SQL Injection",2009-01-22,darkjoker,php,webapps,0 7852,platforms/windows/dos/7852.pl,"FTPShell Server 4.3 - (licence key) Remote Buffer Overflow PoC",2009-01-22,LiquidWorm,windows,dos,0 -7853,platforms/windows/local/7853.pl,"EleCard MPEG PLAYER - (.m3u) Local Stack Overflow Exploit",2009-01-25,AlpHaNiX,windows,local,0 -7854,platforms/windows/dos/7854.pl,"MediaMonkey 3.0.6 - (.m3u) Local Buffer Overflow PoC",2009-01-25,AlpHaNiX,windows,dos,0 +7853,platforms/windows/local/7853.pl,"EleCard MPEG PLAYER - '.m3u' Local Stack Overflow Exploit",2009-01-25,AlpHaNiX,windows,local,0 +7854,platforms/windows/dos/7854.pl,"MediaMonkey 3.0.6 - '.m3u' Local Buffer Overflow PoC",2009-01-25,AlpHaNiX,windows,dos,0 7855,platforms/linux/local/7855.txt,"PostgreSQL 8.2/8.3/8.4 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7856,platforms/linux/local/7856.txt,"MySQL 4/5/6 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7857,platforms/windows/dos/7857.pl,"Merak Media Player 3.2 - .m3u file Local Buffer Overflow PoC",2009-01-25,Houssamix,windows,dos,0 @@ -7397,7 +7397,7 @@ id,file,description,date,author,platform,type,port 7859,platforms/php/webapps/7859.pl,"MemHT Portal 4.0.1 - (avatar) Remote Code Execution Exploit",2009-01-25,StAkeR,php,webapps,0 7860,platforms/php/webapps/7860.php,"Mambo com_sim 0.8 - Blind SQL Injection",2009-01-25,"Mehmet Ince",php,webapps,0 7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 - (Auth Bypass) SQL Injection",2009-01-25,ByALBAYX,asp,webapps,0 -7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 - (cat_id) SQL Injection",2009-01-25,JIKO,php,webapps,0 +7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 - 'cat_id' SQL Injection",2009-01-25,JIKO,php,webapps,0 7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 - (script_class) Local File Inclusion",2009-01-25,fuzion,php,webapps,0 7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 snv_101b - Remote IPv6 Crash Exploit",2009-01-26,kingcope,solaris,dos,0 @@ -7423,13 +7423,13 @@ id,file,description,date,author,platform,type,port 7886,platforms/php/webapps/7886.txt,"Pixie CMS 1.0 - Multiple Local File Inclusion",2009-01-27,DSecRG,php,webapps,0 7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 - (.pls) Stack Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - (.pls) Local Buffer Overflow Exploit (univ)",2009-01-28,Houssamix,windows,local,0 -7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - (.M3U) Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 +7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - '.m3u' Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - (.gqmpeg) Buffer Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7892,platforms/php/webapps/7892.php,"Community CMS 0.4 - (/index.php id) Blind SQL Injection",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"gamescript 4.6 - (XSS/SQL/LFI) Multiple Vulnerabilities",2009-01-28,"Encrypt3d.M!nd ",php,webapps,0 7894,platforms/php/webapps/7894.txt,"Chipmunk Blog - (Auth Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 7895,platforms/php/webapps/7895.txt,"Gazelle CMS - (template) Local File Inclusion",2009-01-28,fuzion,php,webapps,0 -7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - (article.php) Blind SQL Injection",2009-01-28,OzX,php,webapps,0 +7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - 'article.php' Blind SQL Injection",2009-01-28,OzX,php,webapps,0 7897,platforms/php/webapps/7897.php,"phplist 2.10.x - (RCE by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 7898,platforms/php/webapps/7898.txt,"Max.Blog 1.0.6 - (submit_post.php) SQL Injection",2009-01-28,"Salvatore Fresta",php,webapps,0 7899,platforms/php/webapps/7899.txt,"Max.Blog 1.0.6 - (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 @@ -7437,13 +7437,13 @@ id,file,description,date,author,platform,type,port 7901,platforms/php/webapps/7901.py,"SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection",2009-01-28,certaindeath,php,webapps,0 7902,platforms/windows/dos/7902.txt,"Amaya Web Editor - XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - ClickJacking",2009-01-28,x0x,windows,remote,0 -7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - (.M3U) Crash PoC",2009-01-29,Hakxer,windows,dos,0 +7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - '.m3u' Crash PoC",2009-01-29,Hakxer,windows,dos,0 7905,platforms/php/webapps/7905.pl,"Personal Site Manager 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 7906,platforms/windows/dos/7906.pl,"Amaya Web Editor 11.0 - Remote Buffer Overflow PoC",2009-01-29,Stack,windows,dos,0 7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0 7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload",2009-01-29,"Michael Brooks",php,webapps,0 7910,platforms/windows/remote/7910.html,"WOW Web On Windows ActiveX Control 2 - Remote Code Execution",2009-01-29,"Michael Brooks",windows,remote,0 -7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injection VUlnerabilities",2009-01-29,Zigma,php,webapps,0 +7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injections VUlnerabilities",2009-01-29,Zigma,php,webapps,0 7912,platforms/windows/remote/7912.txt,"Microsoft Internet Explorer 7 - ClickJacking",2009-01-29,UzmiX,windows,remote,0 7913,platforms/windows/remote/7913.pl,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow Exploit",2009-01-29,SkD,windows,remote,21 7915,platforms/hardware/remote/7915.txt,"Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities",2009-01-29,"Usman Saeed",hardware,remote,0 @@ -7454,7 +7454,7 @@ id,file,description,date,author,platform,type,port 7920,platforms/hardware/remote/7920.txt,"D-Link VoIP Phone Adapter - XSS/CSRF Remote Firmware Overwrite",2009-01-29,"Michael Brooks",hardware,remote,0 7921,platforms/hardware/remote/7921.txt,"Zoom VoIP Phone Adapater ATA1+1 1.2.5 - CSRF Exploit",2009-01-29,"Michael Brooks",hardware,remote,0 7922,platforms/php/webapps/7922.txt,"Pligg 9.9.5 - CSRF Protection Bypass / Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0 -7923,platforms/windows/local/7923.c,"Total Video Player 1.3.7 - (.m3u) Local Buffer Overflow Exploit",2009-01-29,SimO-s0fT,windows,local,0 +7923,platforms/windows/local/7923.c,"Total Video Player 1.3.7 - '.m3u' Local Buffer Overflow Exploit",2009-01-29,SimO-s0fT,windows,local,0 7924,platforms/asp/webapps/7924.txt,"SalesCart - (Auth Bypass) SQL Injection",2009-01-30,ByALBAYX,asp,webapps,0 7925,platforms/php/webapps/7925.txt,"revou twitter clone - (XSS/SQL) Multiple Vulnerabilities",2009-01-30,nuclear,php,webapps,0 7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 - Remote SEH Overwrite Exploit",2009-01-30,LiquidWorm,windows,remote,0 @@ -7494,7 +7494,7 @@ id,file,description,date,author,platform,type,port 7961,platforms/php/webapps/7961.php,"WEBalbum 2.4b - (photo.php id) Blind SQL Injection",2009-02-03,"Mehmet Ince",php,webapps,0 7962,platforms/windows/dos/7962.pl,"Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference PoC",2009-02-03,DATA_SNIPER,windows,dos,0 7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 - (Auth Bypass) SQL Injection",2009-02-03,Kacak,asp,webapps,0 -7964,platforms/php/webapps/7964.txt,"4Site CMS 2.6 - Multiple SQL Injection",2009-02-03,D.Mortalov,php,webapps,0 +7964,platforms/php/webapps/7964.txt,"4Site CMS 2.6 - Multiple SQL Injections",2009-02-03,D.Mortalov,php,webapps,0 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0 7966,platforms/windows/remote/7966.txt,"navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities",2009-02-03,e.wiZz!,windows,remote,0 7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha - Remote Command Execution Exploit",2009-02-03,Osirys,php,webapps,0 @@ -7535,10 +7535,10 @@ id,file,description,date,author,platform,type,port 8005,platforms/php/webapps/8005.txt,"phpYabs 0.1.2 - (Azione) Remote File Inclusion",2009-02-06,Arka69,php,webapps,0 8006,platforms/php/webapps/8006.txt,"Traidnt UP 1.0 - Remote File Upload",2009-02-09,fantastic,php,webapps,0 8007,platforms/php/webapps/8007.php,"IF-CMS 2.0 - (frame.php id) Blind SQL Injection",2009-02-09,darkjoker,php,webapps,0 -8008,platforms/hardware/dos/8008.txt,"Netgear embedded Linux for the SSL312 router - DoS",2009-02-09,Rembrandt,hardware,dos,0 +8008,platforms/hardware/dos/8008.txt,"Netgear embedded Linux for the SSL312 router - Denial of Service",2009-02-09,Rembrandt,hardware,dos,0 8009,platforms/php/webapps/8009.pl,"w3bcms 3.5.0 - Multiple Vulnerabilities",2009-02-09,DNX,php,webapps,0 8010,platforms/windows/local/8010.pl,"FeedDemon 2.7 - OPML Outline Tag Buffer Overflow Exploit",2009-02-09,cenjan,windows,local,0 -8011,platforms/php/webapps/8011.txt,"BusinessSpace 1.2 - (id) SQL Injection",2009-02-09,K-159,php,webapps,0 +8011,platforms/php/webapps/8011.txt,"BusinessSpace 1.2 - 'id' SQL Injection",2009-02-09,K-159,php,webapps,0 8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - (entry) SQL Injection",2009-02-09,BackDoor,php,webapps,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - (.JPG) Remote Crash PoC",2009-02-09,"Juan Yacubian",hardware,dos,0 8014,platforms/php/webapps/8014.pl,"PHP Director 0.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 @@ -7577,7 +7577,7 @@ id,file,description,date,author,platform,type,port 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Auth Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / XSS / CM",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - (LFI/SQL) Multiple Vulnerabilities",2009-02-13,nuclear,php,webapps,0 -8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - (id) SQL Injection",2009-02-13,JIKO,php,webapps,0 +8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - 'id' SQL Injection",2009-02-13,JIKO,php,webapps,0 8051,platforms/hardware/dos/8051.html,"Nokia N95-8 - browser (setAttributeNode) Method Crash Exploit",2009-02-13,"Juan Yacubian",hardware,dos,0 8052,platforms/php/webapps/8052.pl,"ea-gBook 0.1 - Remote Command Execution with RFI (c99) Exploit",2009-02-13,bd0rk,php,webapps,0 8053,platforms/php/webapps/8053.pl,"BlogWrite 0.91 - Remote FD / SQL Injection",2009-02-13,Osirys,php,webapps,0 @@ -7613,10 +7613,10 @@ id,file,description,date,author,platform,type,port 8086,platforms/cgi/webapps/8086.txt,"i-dreams GB 5.4 Final - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8087,platforms/cgi/webapps/8087.txt,"i-dreams GB Server - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8088,platforms/php/webapps/8088.txt,"Osmodia Bulletin Board 1.x - (admin.txt) File Disclosure",2009-02-20,Pouya_Server,php,webapps,0 -8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - (id) SQL Command Injection Exploit",2009-02-20,Osirys,php,webapps,0 +8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - 'id' SQL Command Injection Exploit",2009-02-20,Osirys,php,webapps,0 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers - JBIG2 Local Buffer Overflow PoC",2009-02-23,webDEViL,windows,dos,0 8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash Exploit",2009-02-23,Skylined,multiple,dos,0 -8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - (admin.php) No Authentication",2009-02-23,ahmadbady,php,webapps,0 +8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - 'admin.php' No Authentication",2009-02-23,ahmadbady,php,webapps,0 8093,platforms/php/webapps/8093.pl,"pPIM 1.01 - (notes.php id) Remote Command Execution Exploit",2009-02-23,JosS,php,webapps,0 8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - LFI Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - LFI Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 @@ -7624,10 +7624,10 @@ id,file,description,date,author,platform,type,port 8097,platforms/multiple/remote/8097.txt,"MLdonkey 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure",2009-02-23,"Michael Peselnik",multiple,remote,0 8098,platforms/php/webapps/8098.txt,"taifajobs 1.0 - (jobid) SQL Injection",2009-02-23,K-159,php,webapps,0 8099,platforms/windows/dos/8099.pl,"Adobe Acrobat Reader - JBIG2 Local Buffer Overflow PoC (2) (0Day)",2009-02-23,"Guido Landi",windows,dos,0 -8100,platforms/php/webapps/8100.pl,"MDPro Module My_eGallery - (pid) SQL Injection",2009-02-23,StAkeR,php,webapps,0 +8100,platforms/php/webapps/8100.pl,"MDPro Module My_eGallery - 'pid' SQL Injection",2009-02-23,StAkeR,php,webapps,0 8101,platforms/php/webapps/8101.txt,"XGuestBook 2.0 - (Auth Bypass) SQL Injection",2009-02-24,Fireshot,php,webapps,0 8102,platforms/windows/dos/8102.txt,"Counter Strike Source ManiAdminPlugin 1.x - Remote Buffer Overflow PoC",2009-02-24,M4rt1n,windows,dos,0 -8104,platforms/php/webapps/8104.txt,"Qwerty CMS - (id) SQL Injection",2009-02-24,b3,php,webapps,0 +8104,platforms/php/webapps/8104.txt,"Qwerty CMS - 'id' SQL Injection",2009-02-24,b3,php,webapps,0 8105,platforms/php/webapps/8105.txt,"ppim 1.0 - Multiple Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0 8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 - Wireless Router Get Request Denial of Service",2009-02-25,staticrez,hardware,dos,0 8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Auth Bypass) SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 @@ -7655,10 +7655,10 @@ id,file,description,date,author,platform,type,port 8131,platforms/asp/webapps/8131.txt,"Digital Interchange Calendar 5.7.13 - Contents Change",2009-03-02,ByALBAYX,asp,webapps,0 8132,platforms/asp/webapps/8132.txt,"Access2asp - imageLibrary Arbitrary ASP Shell Upload",2009-03-02,mr.al7rbi,asp,webapps,0 8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 - (SQL/CH) Multiple Remote Vulnerabilities",2009-03-02,x0r,php,webapps,0 -8134,platforms/php/webapps/8134.php,"Joomla com_digistore - (pid) Blind SQL Injection",2009-03-02,InjEctOr5,php,webapps,0 +8134,platforms/php/webapps/8134.php,"Joomla com_digistore - 'pid' Blind SQL Injection",2009-03-02,InjEctOr5,php,webapps,0 8135,platforms/windows/dos/8135.pl,"Media Commands - (M3U & M3l & TXT & LRC Files) Local Heap Overflow PoC",2009-03-02,Hakxer,windows,dos,0 8136,platforms/php/webapps/8136.txt,"Joomla/Mambo Component eXtplorer - Code Execution",2009-03-02,"Juan Galiana Lara",php,webapps,0 -8137,platforms/windows/local/8137.py,"Media Commands - (.m3u) Local SEH Overwrite Exploit",2009-03-02,His0k4,windows,local,0 +8137,platforms/windows/local/8137.py,"Media Commands - '.m3u' Local SEH Overwrite Exploit",2009-03-02,His0k4,windows,local,0 8138,platforms/windows/local/8138.c,"VUplayer 2.49 - (.cue) Local Buffer Overflow Exploit",2009-03-02,"Assed Edin",windows,local,0 8139,platforms/php/webapps/8139.txt,"ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities",2009-03-02,"Salvatore Fresta",php,webapps,0 8140,platforms/php/webapps/8140.txt,"Zabbix 1.6.2 Frontend - Multiple Vulnerabilities",2009-03-03,USH,php,webapps,0 @@ -7679,14 +7679,14 @@ id,file,description,date,author,platform,type,port 8159,platforms/windows/local/8159.rb,"Media Commands - .m3l File Local Buffer Overflow Exploit",2009-03-05,Stack,windows,local,0 8160,platforms/windows/remote/8160.html,"SupportSoft DNA Editor Module - (dnaedit.dll) Code Execution Exploit",2009-03-05,Nine:Situations:Group,windows,remote,0 8161,platforms/php/webapps/8161.txt,"celerbb 0.0.2 - Multiple Vulnerabilities",2009-03-05,"Salvatore Fresta",php,webapps,0 -8162,platforms/windows/local/8162.py,"Media Commands - (.m3u) Universal SEH Overwrite Exploit",2009-03-05,His0k4,windows,local,0 +8162,platforms/windows/local/8162.py,"Media Commands - '.m3u' Universal SEH Overwrite Exploit",2009-03-05,His0k4,windows,local,0 8163,platforms/bsd/dos/8163.txt,"Multiple Vendors libc:fts_*() - Local Denial of Service",2009-03-05,SecurityReason,bsd,dos,0 8164,platforms/php/webapps/8164.php,"Joomla com_ijoomla_archive - Blind SQL Injection",2009-03-05,Stack,php,webapps,0 8165,platforms/php/webapps/8165.txt,"Blue Eye CMS 1.0.0 - Remote Cookie SQL Injection",2009-03-06,ka0x,php,webapps,0 8166,platforms/php/webapps/8166.txt,"wili-cms 0.4.0 - (RFI/LFI/ab) Multiple Vulnerabilities",2009-03-06,"Salvatore Fresta",php,webapps,0 8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - (praises.php id) SQL Injection",2009-03-06,dun,php,webapps,0 8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion",2009-03-06,dun,php,webapps,0 -8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple SQL Injection",2009-03-09,"Salvatore Fresta",php,webapps,0 +8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple SQL Injections",2009-03-09,"Salvatore Fresta",php,webapps,0 8171,platforms/windows/local/8171.py,"Nokia Multimedia Player 1.0 - (playlist) Universal SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8172,platforms/php/webapps/8172.txt,"cms s.builder 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 8173,platforms/windows/remote/8173.txt,"Belkin BullDog Plus UPS-Service - Buffer Overflow Exploit",2009-03-09,Elazar,windows,remote,0 @@ -7694,7 +7694,7 @@ id,file,description,date,author,platform,type,port 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation Exploit",2009-03-09,"NT Internals",windows,local,0 8176,platforms/windows/local/8176.py,"EO Video 1.36 - PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8177,platforms/windows/local/8177.py,"RadASM 2.2.1.5 - (.RAP) Local Stack Overflow Exploit",2009-03-09,zAx,windows,local,0 -8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 - (.m3u) Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 +8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 - '.m3u' Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 8179,platforms/windows/local/8179.rb,"MediaCoder 0.6.2.4275 - Universal Buffer Overflow Exploit (SEH)",2009-03-09,Stack,windows,local,0 8180,platforms/windows/dos/8180.c,"eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH)",2009-03-09,"fl0 fl0w",windows,dos,0 8181,platforms/php/webapps/8181.c,"PHP Director 0.21 - (sql into outfile) eval() Injection Exploit",2009-03-09,StAkeR,php,webapps,0 @@ -7704,7 +7704,7 @@ id,file,description,date,author,platform,type,port 8185,platforms/php/webapps/8185.txt,"phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 8186,platforms/php/webapps/8186.txt,"PHP-Fusion Mod Book Panel - (bookid) SQL Injection",2009-03-09,elusiven,php,webapps,0 8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter - Post-Auth Denial of Service",2009-03-09,h00die,hardware,dos,0 -8188,platforms/php/webapps/8188.txt,"CMS WEBjump! - Multiple SQL Injection",2009-03-10,M3NW5,php,webapps,0 +8188,platforms/php/webapps/8188.txt,"CMS WEBjump! - Multiple SQL Injections",2009-03-10,M3NW5,php,webapps,0 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - (.cue) Universal Buffer Overflow Exploit",2009-03-10,Stack,windows,local,0 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server - Remote DoS",2009-03-10,"Bernhard Mueller",windows,dos,0 8191,platforms/multiple/remote/8191.txt,"NextApp Echo < 2.1.1 - XML Injection",2009-03-10,"SEC Consult",multiple,remote,0 @@ -7721,7 +7721,7 @@ id,file,description,date,author,platform,type,port 8204,platforms/php/webapps/8204.txt,"phpmysport 1.4 - (XSS/SQL) Multiple Vulnerabilities",2009-03-12,XaDoS,php,webapps,0 8205,platforms/linux/dos/8205.pl,"JDKChat 1.5 - Remote Integer Overflow PoC",2009-03-12,n3tpr0b3,linux,dos,0 8206,platforms/windows/remote/8206.html,"GeoVision LiveAudio - ActiveX Remote Freed-Memory Access Exploit",2009-03-13,Nine:Situations:Group,windows,remote,0 -8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 - (index.php page) Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 +8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 - 'index.php' Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 - (Auth Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0 8210,platforms/php/webapps/8210.txt,"UBB.threads 5.5.1 - (message) SQL Injection",2009-03-16,s4squatch,php,webapps,0 @@ -7739,13 +7739,13 @@ id,file,description,date,author,platform,type,port 8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow Exploit (SEH)",2009-03-17,LiquidWorm,windows,remote,0 8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 -8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - (id) SQL Injection",2009-03-17,"strange kevin",php,webapps,0 +8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - 'id' SQL Injection",2009-03-17,"strange kevin",php,webapps,0 8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion",2009-03-17,Garry,php,webapps,0 8231,platforms/windows/local/8231.php,"CDex 1.70b2 - (.ogg) Local Buffer Overflow Exploit (xp/ sp3)",2009-03-18,Nine:Situations:Group,windows,local,0 8232,platforms/windows/dos/8232.py,"Chasys Media Player 1.1 - (.pls) Local Buffer Overflow PoC (SEH)",2009-03-18,zAx,windows,dos,0 8233,platforms/windows/local/8233.py,"Chasys Media Player 1.1 - (.pls) Local Stack Overflow Exploit",2009-03-18,His0k4,windows,local,0 8234,platforms/windows/local/8234.py,"Chasys Media Player 1.1 - (.pls) Stack Overflow Exploit (2)",2009-03-18,"Encrypt3d.M!nd ",windows,local,0 -8235,platforms/windows/local/8235.py,"Chasys Media Player 1.1 - (.m3u) Stack Overflow Exploit",2009-03-18,"Encrypt3d.M!nd ",windows,local,0 +8235,platforms/windows/local/8235.py,"Chasys Media Player 1.1 - '.m3u' Stack Overflow Exploit",2009-03-18,"Encrypt3d.M!nd ",windows,local,0 8236,platforms/windows/local/8236.py,"Icarus 2.0 - (.PGN) Local Stack Overflow Exploit (SEH)",2009-03-18,His0k4,windows,local,0 8237,platforms/php/webapps/8237.txt,"facil-cms 0.1rc2 - Multiple Vulnerabilities",2009-03-18,any.zicky,php,webapps,0 8238,platforms/php/webapps/8238.txt,"Advanced Image Hosting (AIH) 2.3 - (gal) Blind SQL Injection",2009-03-18,boom3rang,php,webapps,0 @@ -7814,7 +7814,7 @@ id,file,description,date,author,platform,type,port 8302,platforms/php/webapps/8302.php,"glFusion 1.1.2 - COM_applyFilter()/order SQL Injection",2009-03-29,Nine:Situations:Group,php,webapps,0 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Local Privilege Escalation Exploit",2009-03-29,"Jon Oberheide",linux,local,0 8304,platforms/php/webapps/8304.txt,"Arcadwy Arcade Script - (Auth Bypass) Insecure Cookie Handling",2009-03-29,ZoRLu,php,webapps,0 -8305,platforms/php/webapps/8305.txt,"iWare CMS 5.0.4 - Multiple SQL Injection",2009-03-29,boom3rang,php,webapps,0 +8305,platforms/php/webapps/8305.txt,"iWare CMS 5.0.4 - Multiple SQL Injections",2009-03-29,boom3rang,php,webapps,0 8306,platforms/windows/dos/8306.txt,"Firefox 3.0.x - (XML Parser) Memory Corruption / DoS PoC",2009-03-30,"Wojciech Pawlikowski",windows,dos,0 8307,platforms/asp/webapps/8307.txt,"Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities",2009-03-30,AnGeL25dZ,asp,webapps,0 8308,platforms/multiple/dos/8308.c,"Wireshark 1.0.6 - PN-DCP Format String Exploit PoC",2009-03-30,"THCX Labs",multiple,dos,0 @@ -7832,7 +7832,7 @@ id,file,description,date,author,platform,type,port 8320,platforms/multiple/dos/8320.py,"Opera 9.64 - (7400 nested elements) XML Parsing Remote Crash Exploit",2009-03-30,"Ahmed Obied",multiple,dos,0 8321,platforms/windows/remote/8321.py,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,remote,0 8322,platforms/windows/local/8322.txt,"Trend Micro Internet Security Pro 2009 - Priviliege Escalation PoC",2009-03-30,b1@ckeYe,windows,local,0 -8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injection",2009-03-31,"Salvatore Fresta",php,webapps,0 +8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injections",2009-03-31,"Salvatore Fresta",php,webapps,0 8324,platforms/php/webapps/8324.php,"Podcast Generator 1.1 - Remote Code Execution Exploit",2009-03-31,BlackHawk,php,webapps,0 8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 8326,platforms/php/webapps/8326.rb,"VirtueMart 1.1.2 - SQL Injection Exploit (Metasploit)",2009-03-31,waraxe,php,webapps,0 @@ -7891,7 +7891,7 @@ id,file,description,date,author,platform,type,port 8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 - (Auth Bypass) SQL Injection",2009-04-09,Osirys,php,webapps,0 8383,platforms/php/webapps/8383.txt,"adaptbb 1.0b - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 -8384,platforms/linux/remote/8384.txt,"net2ftp 0.97 - Cross-Site Scripting / Request Forgery",2009-04-09,cicatriz,linux,remote,0 +8384,platforms/linux/remote/8384.txt,"net2ftp 0.97 - Cross-site Scripting / Request Forgery",2009-04-09,cicatriz,linux,remote,0 8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 @@ -7908,21 +7908,21 @@ id,file,description,date,author,platform,type,port 8398,platforms/windows/remote/8398.php,"ftpdmin 0.96 - RNFR Remote Buffer Overflow Exploit (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 8399,platforms/php/webapps/8399.pl,"Flatnuke 2.7.1 - (level) Remote Privilege Escalation Exploit",2009-04-13,StAkeR,php,webapps,0 8401,platforms/windows/local/8401.cpp,"HTML Email Creator 2.1b668 - (html) Local SEH Overwrite Exploit",2009-04-13,dun,windows,local,0 -8402,platforms/windows/dos/8402.pl,"Mini-stream Ripper - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 -8403,platforms/windows/dos/8403.pl,"WM Downloader - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 -8404,platforms/windows/dos/8404.pl,"RM Downloader - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 -8405,platforms/windows/dos/8405.pl,"Mini-stream RM-MP3 Converter - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 +8402,platforms/windows/dos/8402.pl,"Mini-stream Ripper - '.m3u' Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 +8403,platforms/windows/dos/8403.pl,"WM Downloader - '.m3u' Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 +8404,platforms/windows/dos/8404.pl,"RM Downloader - '.m3u' Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 +8405,platforms/windows/dos/8405.pl,"Mini-stream RM-MP3 Converter - '.m3u' Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8406,platforms/openbsd/dos/8406.txt,"OpenBSD 4.5 - (IP datagrams) Remote DoS",2009-04-13,Rembrandt,openbsd,dos,0 -8407,platforms/windows/dos/8407.pl,"ASX to MP3 Converter - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 +8407,platforms/windows/dos/8407.pl,"ASX to MP3 Converter - '.m3u' Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8408,platforms/php/webapps/8408.txt,"X10Media Mp3 - Search Engine < 1.6.2 Admin Access",2009-04-13,THUNDER,php,webapps,0 8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 - (lang) Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0 -8410,platforms/windows/local/8410.pl,"RM Downloader 3.0.0.9 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 -8411,platforms/windows/local/8411.c,"WM Downloader 3.0.0.9 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 -8412,platforms/windows/local/8412.pl,"ASX to MP3 Converter 3.0.0.7 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 -8413,platforms/windows/local/8413.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.m3u) Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 +8410,platforms/windows/local/8410.pl,"RM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 +8411,platforms/windows/local/8411.c,"WM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 +8412,platforms/windows/local/8412.pl,"ASX to MP3 Converter 3.0.0.7 - '.m3u' Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 +8413,platforms/windows/local/8413.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.m3u' Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8414,platforms/php/webapps/8414.txt,"XEngineSoft PMS/MGS/NM/Ams 1.0 - (Auth Bypass) SQL Injection",2009-04-13,Dr-HTmL,php,webapps,0 -8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - (id) SQL Injection",2009-04-13,NoGe,php,webapps,0 -8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 +8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - 'id' SQL Injection",2009-04-13,NoGe,php,webapps,0 +8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - '.m3u' Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu - (blog.id) SQL Injection",2009-04-13,boom3rang,php,webapps,0 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 8419,platforms/windows/remote/8419.pl,"ftpdmin 0.96 - Arbitrary File Disclosure Exploit",2009-04-13,Stack,windows,remote,21 @@ -7932,14 +7932,14 @@ id,file,description,date,author,platform,type,port 8423,platforms/php/webapps/8423.txt,"Jamroom - (index.php t) Local File Inclusion",2009-04-14,zxvf,php,webapps,0 8424,platforms/php/webapps/8424.txt,"ablespace 1.0 - (XSS/bSQL) Multiple Vulnerabilities",2009-04-14,DSecRG,php,webapps,0 8425,platforms/php/webapps/8425.txt,"php-revista 1.1.2 - (RFI/SQLi/cb/XSS) Multiple Vulnerabilities",2009-04-14,SirDarckCat,php,webapps,0 -8426,platforms/windows/local/8426.pl,"Shadow Stream Recorder - (.m3u) Universal Stack Overflow Exploit",2009-04-14,AlpHaNiX,windows,local,0 +8426,platforms/windows/local/8426.pl,"Shadow Stream Recorder - '.m3u' Universal Stack Overflow Exploit",2009-04-14,AlpHaNiX,windows,local,0 8427,platforms/windows/local/8427.py,"Easy RM to MP3 Converter - Universal Stack Overflow Exploit",2009-04-14,Stack,windows,local,0 8428,platforms/windows/remote/8428.txt,"MonGoose 2.4 (Windows) - Webserver Directory Traversal",2009-04-14,e.wiZz!,windows,remote,0 8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b - Remote Denial of Service",2009-04-14,ksa04,multiple,dos,0 8430,platforms/openbsd/dos/8430.py,"OpenBSD 4.5 - IP datagram Null Pointer Deref Denial of Service",2009-04-14,nonroot,openbsd,dos,0 8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 8432,platforms/php/webapps/8432.txt,"Aqua CMS - (username) SQL Injection",2009-04-14,halkfild,php,webapps,0 -8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injection",2009-04-14,Dimi4,php,webapps,0 +8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injections",2009-04-14,Dimi4,php,webapps,0 8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - (Long URL) Local Stack Overflow PoC",2009-04-14,SuB-ZeRo,windows,dos,0 8435,platforms/php/webapps/8435.txt,"W2B phpEmployment - (conf.inc) File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 8436,platforms/php/webapps/8436.txt,"Job2C 4.2 - (profile) Remote Shell Upload",2009-04-15,InjEctOr5,php,webapps,0 @@ -7957,7 +7957,7 @@ id,file,description,date,author,platform,type,port 8448,platforms/php/webapps/8448.php,"Geeklog 1.5.2 - savepreferences()/*blocks[] SQL Injection",2009-04-16,Nine:Situations:Group,php,webapps,0 8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Auth Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 -8451,platforms/windows/dos/8451.pl,"Apollo 37zz - (.m3u) Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 +8451,platforms/windows/dos/8451.pl,"Apollo 37zz - '.m3u' Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player - .XPL Stack Buffer Overflow (SEH) PoC",2009-04-16,"fl0 fl0w",windows,dos,0 8453,platforms/php/webapps/8453.txt,"webSPELL 4.2.0c - Bypass BBCode XSS Cookie Stealing",2009-04-16,YEnH4ckEr,php,webapps,0 8454,platforms/php/webapps/8454.txt,"DNS Tools (PHP Digger) - Remote Command Execution",2009-04-16,SirGod,php,webapps,0 @@ -7990,12 +7990,12 @@ id,file,description,date,author,platform,type,port 8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Shell Upload",2009-04-20,JosS,php,webapps,0 8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin - (c) SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 8483,platforms/php/webapps/8483.txt,"flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities",2009-04-20,girex,php,webapps,0 -8484,platforms/windows/dos/8484.pl,"1by1 1.67 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 -8485,platforms/windows/dos/8485.pl,"Groovy Media Player 1.1.0 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 +8484,platforms/windows/dos/8484.pl,"1by1 1.67 - '.m3u' Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 +8485,platforms/windows/dos/8485.pl,"Groovy Media Player 1.1.0 - '.m3u' Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8486,platforms/php/webapps/8486.txt,"webClassifieds 2005 - (Auth Bypass) Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8487,platforms/php/webapps/8487.txt,"EZ Webitor - (Auth Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0 8488,platforms/php/webapps/8488.pl,"Pligg 9.9.0 - (editlink.php id) Blind SQL Injection",2009-04-20,"Rohit Bansal",php,webapps,0 -8489,platforms/windows/dos/8489.pl,"CoolPlayer Portable 2.19.1 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 +8489,platforms/windows/dos/8489.pl,"CoolPlayer Portable 2.19.1 - '.m3u' Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter - (bts.cgi) Post-Auth Remote Denial of Service",2009-04-20,h00die,hardware,dos,0 8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - (Insecure Cookie Handling) Blind SQL Injection",2009-04-20,YEnH4ckEr,php,webapps,0 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 @@ -8011,7 +8011,7 @@ id,file,description,date,author,platform,type,port 8502,platforms/php/webapps/8502.txt,"pastelcms 0.8.0 - (LFI/SQL) Multiple Vulnerabilities",2009-04-21,SirGod,php,webapps,0 8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 - (include) Local File Inclusion",2009-04-21,SirGod,php,webapps,0 8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - (newlang) Local File Inclusion",2009-04-21,Kacper,php,webapps,0 -8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 - (id) SQL Injection",2009-04-21,Player,php,webapps,0 +8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 - 'id' SQL Injection",2009-04-21,Player,php,webapps,0 8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 - (Cat_ID) SQL Injection",2009-04-21,Player,php,webapps,0 8507,platforms/windows/dos/8507.py,"Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener PoC",2009-04-21,"Dennis Yurichev",windows,dos,0 8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum 4.0 - (Auth Bypass) SQL Injection",2009-04-21,Hakxer,php,webapps,0 @@ -8023,10 +8023,10 @@ id,file,description,date,author,platform,type,port 8514,platforms/php/webapps/8514.txt,"elkagroup Image Gallery 1.0 - Arbitrary File Upload",2009-04-22,Securitylab.ir,php,webapps,0 8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 - (Auth Bypass) SQL Injection",2009-04-22,zer0day,php,webapps,0 8516,platforms/php/webapps/8516.txt,"WebPortal CMS 0.8b - Multiple Remote/Local File Inclusion",2009-04-22,ahmadbady,php,webapps,0 -8517,platforms/php/webapps/8517.txt,"Joomla Component rsmonials - Cross-Site Scripting Exploit",2009-04-22,jdc,php,webapps,0 +8517,platforms/php/webapps/8517.txt,"Joomla Component rsmonials - Cross-site Scripting Exploit",2009-04-22,jdc,php,webapps,0 8518,platforms/windows/remote/8518.pl,"Femitter FTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-04-22,Stack,windows,remote,0 -8519,platforms/windows/local/8519.pl,"CoolPlayer Portable 2.19.1 - (m3u) Buffer Overflow Exploit (1)",2009-04-22,Stack,windows,local,0 -8520,platforms/windows/local/8520.py,"CoolPlayer Portable 2.19.1 - (m3u) Buffer Overflow Exploit (2)",2009-04-22,His0k4,windows,local,0 +8519,platforms/windows/local/8519.pl,"CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow Exploit (1)",2009-04-22,Stack,windows,local,0 +8520,platforms/windows/local/8520.py,"CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow Exploit (2)",2009-04-22,His0k4,windows,local,0 8521,platforms/php/webapps/8521.txt,"fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities",2009-04-23,YEnH4ckEr,php,webapps,0 8522,platforms/windows/dos/8522.pl,"Zervit Web Server 0.3 - (sockets++ crash) Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8523,platforms/windows/dos/8523.txt,"Norton Ghost Support module for EasySetup wizard - Remote DoS PoC",2009-04-23,shinnai,windows,dos,0 @@ -8038,7 +8038,7 @@ id,file,description,date,author,platform,type,port 8530,platforms/asp/webapps/8530.htm,"Absolute Form Processor XE-V 1.5 - Remote Change Pasword Exploit",2009-04-24,"ThE g0bL!N",asp,webapps,0 8531,platforms/windows/dos/8531.pl,"SDP Downloader 2.3.0 - (.ASX) Local Heap Overflow PoC",2009-04-24,Cyber-Zone,windows,dos,0 8532,platforms/php/webapps/8532.txt,"photo-rigma.biz 30 - (SQL/XSS) Multiple Vulnerabilities",2009-04-24,YEnH4ckEr,php,webapps,0 -8533,platforms/php/webapps/8533.txt,"Pragyan CMS 2.6.4 - Multiple SQL Injection",2009-04-24,"Salvatore Fresta",php,webapps,0 +8533,platforms/php/webapps/8533.txt,"Pragyan CMS 2.6.4 - Multiple SQL Injections",2009-04-24,"Salvatore Fresta",php,webapps,0 8534,platforms/linux/local/8534.c,"libvirt_proxy 0.5.1 - Local Privilege Escalation Exploit",2009-04-27,"Jon Oberheide",linux,local,0 8535,platforms/windows/local/8535.pl,"Destiny Media Player 1.61 - (.rdl) Local Buffer Overflow Exploit",2009-04-27,G4N0K,windows,local,0 8536,platforms/windows/local/8536.py,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH)",2009-04-27,His0k4,windows,local,0 @@ -8046,7 +8046,7 @@ id,file,description,date,author,platform,type,port 8538,platforms/php/webapps/8538.txt,"Invision Power Board 3.0.0b5 - Active XSS / Path Disclosure",2009-04-27,brain[pillow],php,webapps,0 8539,platforms/php/webapps/8539.txt,"Opencart 1.1.8 - (route) Local File Inclusion",2009-04-27,OoN_Boy,php,webapps,0 8540,platforms/windows/local/8540.c,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH) (2)",2009-04-27,SimO-s0fT,windows,local,0 -8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - (.m3u) File Buffer Overflow Exploit (seh)",2009-04-27,Nine:Situations:Group,windows,local,0 +8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - '.m3u' File Buffer Overflow Exploit (seh)",2009-04-27,Nine:Situations:Group,windows,local,0 8542,platforms/windows/dos/8542.php,"Icewarp Merak Mail Server 9.4.1 - Base64FileEncode() BoF PoC",2009-04-27,Nine:Situations:Group,windows,dos,0 8543,platforms/php/webapps/8543.php,"LightBlog 9.9.2 - (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 8544,platforms/linux/dos/8544.pl,"iodined 0.4.2-2 - (forged DNS packet) Denial of Service",2009-04-27,"Albert Sellares",linux,dos,0 @@ -8063,7 +8063,7 @@ id,file,description,date,author,platform,type,port 8555,platforms/php/webapps/8555.txt,"ABC Advertise 1.0 - Admin Password Disclosure",2009-04-27,SirGod,php,webapps,0 8556,platforms/linux/remote/8556.c,"Linux Kernel 2.6.20 / 2.6.24 / 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit",2009-04-28,sgrakkyu,linux,remote,0 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 -8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injection",2009-04-28,YEnH4ckEr,php,webapps,0 +8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injections",2009-04-28,YEnH4ckEr,php,webapps,0 8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d - Local File Disclosure Exploit (.c Linux)",2009-04-28,StAkeR,php,webapps,0 8560,platforms/windows/remote/8560.html,"Autodesk IDrop - ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 @@ -8081,21 +8081,21 @@ id,file,description,date,author,platform,type,port 8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - (searchterm) Blind SQL Injection",2009-04-30,YEnH4ckEr,php,webapps,0 8577,platforms/php/webapps/8577.txt,"leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities",2009-04-30,YEnH4ckEr,php,webapps,0 -8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - (.M3U) Local Stack Overflow PoC",2009-04-30,SirGod,windows,dos,0 +8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow PoC",2009-04-30,SirGod,windows,dos,0 8579,platforms/windows/remote/8579.html,"BaoFeng - ActiveX OnBeforeVideoDownload() Remote BoF Exploit",2009-04-30,MITBOY,windows,remote,0 8580,platforms/windows/local/8580.py,"Mercury Audio Player 1.21 - (.b4s) Local Stack Overflow Exploit",2009-04-30,His0k4,windows,local,0 8581,platforms/bsd/dos/8581.txt,"Multiple Vendor - PF Null Pointer Dereference",2009-04-30,Rembrandt,bsd,dos,0 8582,platforms/windows/local/8582.py,"Mercury Audio Player 1.21 - (.pls) SEH Overwrite Exploit",2009-04-30,His0k4,windows,local,0 -8583,platforms/windows/local/8583.py,"Mercury Audio Player 1.21 - (.m3u) Local Stack Overflow Exploit",2009-05-01,His0k4,windows,local,0 +8583,platforms/windows/local/8583.py,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow Exploit",2009-05-01,His0k4,windows,local,0 8584,platforms/hardware/dos/8584.py,"Addonics NAS Adapter FTP - Remote Denial of Service",2009-05-01,h00die,hardware,dos,0 8585,platforms/php/webapps/8585.txt,"Golabi CMS 1.0.1 - Session Poisoning",2009-05-01,CrazyAngel,php,webapps,0 -8586,platforms/php/webapps/8586.txt,"MiniTwitter 0.2b - Multiple SQL Injection",2009-05-01,YEnH4ckEr,php,webapps,0 +8586,platforms/php/webapps/8586.txt,"MiniTwitter 0.2b - Multiple SQL Injections",2009-05-01,YEnH4ckEr,php,webapps,0 8587,platforms/php/webapps/8587.htm,"MiniTwitter 0.2b - Remote User Options Changer Exploit",2009-05-01,YEnH4ckEr,php,webapps,0 -8588,platforms/windows/dos/8588.pl,"Beatport Player 1.0.0.283 - (.M3U) Local Buffer Overflow PoC",2009-05-01,SirGod,windows,dos,0 +8588,platforms/windows/dos/8588.pl,"Beatport Player 1.0.0.283 - '.m3u' Local Buffer Overflow PoC",2009-05-01,SirGod,windows,dos,0 8589,platforms/windows/local/8589.py,"RM Downloader - (.smi) Local Stack Overflow Exploit",2009-05-01,"ThE g0bL!N",windows,local,0 -8590,platforms/windows/local/8590.py,"Beatport Player 1.0.0.283 - (.m3u) Local SEH Overwrite Exploit",2009-05-01,His0k4,windows,local,0 -8591,platforms/windows/local/8591.py,"Beatport Player 1.0.0.283 - (.M3U) Local Stack Overflow Exploit (2)",2009-05-01,"Encrypt3d.M!nd ",windows,local,0 -8592,platforms/windows/local/8592.pl,"Beatport Player 1.0.0.283 - (.M3U) Local Stack Overflow Exploit (3)",2009-05-01,Stack,windows,local,0 +8590,platforms/windows/local/8590.py,"Beatport Player 1.0.0.283 - '.m3u' Local SEH Overwrite Exploit",2009-05-01,His0k4,windows,local,0 +8591,platforms/windows/local/8591.py,"Beatport Player 1.0.0.283 - '.m3u' Local Stack Overflow Exploit (2)",2009-05-01,"Encrypt3d.M!nd ",windows,local,0 +8592,platforms/windows/local/8592.pl,"Beatport Player 1.0.0.283 - '.m3u' Local Stack Overflow Exploit (3)",2009-05-01,Stack,windows,local,0 8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8594,platforms/windows/local/8594.pl,"RM Downloader - (.smi) Universal Local Buffer Overflow Exploit",2009-05-01,Stack,windows,local,0 8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 @@ -8104,7 +8104,7 @@ id,file,description,date,author,platform,type,port 8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 8600,platforms/php/webapps/8600.txt,"BluSky CMS - (news_id) SQL Injection",2009-05-04,snakespc,php,webapps,0 -8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - (.m3u) Local Buffer Overflow PoC",2009-05-04,SirGod,windows,dos,0 +8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - '.m3u' Local Buffer Overflow PoC",2009-05-04,SirGod,windows,dos,0 8602,platforms/php/webapps/8602.txt,"Qt quickteam - Multiple Remote File Inclusion",2009-05-04,ahmadbady,php,webapps,0 8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution Exploit",2009-05-04,G4N0K,php,webapps,0 8604,platforms/php/webapps/8604.txt,"PHP Site Lock 2.0 - Insecure Cookie Handling",2009-05-04,"ThE g0bL!N",php,webapps,0 @@ -8120,10 +8120,10 @@ id,file,description,date,author,platform,type,port 8614,platforms/windows/remote/8614.py,"32bit FTP (09.04.24) - (Banner) Remote Buffer Overflow Exploit",2009-05-05,His0k4,windows,remote,0 8615,platforms/php/webapps/8615.txt,"tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities",2009-05-05,YEnH4ckEr,php,webapps,0 8616,platforms/php/webapps/8616.pl,"TemaTres 1.0.3 - Remote Blind SQL Injection",2009-05-05,YEnH4ckEr,php,webapps,0 -8617,platforms/windows/dos/8617.pl,"Sorinara Streaming Audio Player 0.9 - (.m3u) Local Stack Overflow PoC",2009-05-05,Cyber-Zone,windows,dos,0 +8617,platforms/windows/dos/8617.pl,"Sorinara Streaming Audio Player 0.9 - '.m3u' Local Stack Overflow PoC",2009-05-05,Cyber-Zone,windows,dos,0 8618,platforms/php/webapps/8618.txt,"LinkBase 2.0 - Remote Cookie Grabber",2009-05-05,SirGod,php,webapps,0 8619,platforms/php/webapps/8619.txt,"Joomla Almond Classifieds 5.6.2 - Blind SQL Injection",2009-05-05,InjEctOr5,php,webapps,0 -8620,platforms/windows/local/8620.pl,"Sorinara Streaming Audio Player 0.9 - (.m3u) Local Stack Overflow Exploit",2009-05-05,Stack,windows,local,0 +8620,platforms/windows/local/8620.pl,"Sorinara Streaming Audio Player 0.9 - '.m3u' Local Stack Overflow Exploit",2009-05-05,Stack,windows,local,0 8621,platforms/windows/remote/8621.py,"32bit FTP (09.04.24) - (CWD Response) Universal Seh Overwrite Exploit",2009-05-05,His0k4,windows,remote,0 8622,platforms/php/webapps/8622.pl,"webSPELL 4.2.0e - (page) Remote Blind SQL Injection",2009-05-07,DNX,php,webapps,0 8623,platforms/windows/remote/8623.rb,"32bit FTP - (PASV) Reply Client Remote Overflow Exploit (Metasploit)",2009-05-07,His0k4,windows,remote,0 @@ -8139,7 +8139,7 @@ id,file,description,date,author,platform,type,port 8633,platforms/windows/local/8633.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.RAM) Local BoF Exploit",2009-05-07,G4N0K,windows,local,0 8634,platforms/windows/local/8634.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.asx) Local BoF Exploit",2009-05-07,G4N0K,windows,local,0 8635,platforms/php/webapps/8635.txt,"VIDEOSCRIPT.us - (Auth Bypass) SQL Injection",2009-05-07,snakespc,php,webapps,0 -8636,platforms/php/webapps/8636.txt,"ST-Gallery 0.1a - Multiple SQL Injection",2009-05-07,YEnH4ckEr,php,webapps,0 +8636,platforms/php/webapps/8636.txt,"ST-Gallery 0.1a - Multiple SQL Injections",2009-05-07,YEnH4ckEr,php,webapps,0 8637,platforms/windows/local/8637.pl,"GrabIt 1.7.2x - NZB DTD Reference Buffer Overflow Exploit",2009-05-07,"Jeremy Brown",windows,local,0 8638,platforms/php/webapps/8638.htm,"Simple Customer 1.3 - Arbitrary Change Admin Password Exploit",2009-05-07,ahmadbady,php,webapps,0 8639,platforms/php/webapps/8639.htm,"Job Script 2.0 - Arbitrary Change Admin Password Exploit",2009-05-07,TiGeR-Dz,php,webapps,0 @@ -8163,9 +8163,9 @@ id,file,description,date,author,platform,type,port 8657,platforms/windows/local/8657.txt,"EasyPHP 3.0 - Arbitrary Modify Configuration File",2009-05-11,Zigma,windows,local,0 8658,platforms/php/webapps/8658.txt,"php recommend 1.3 - (ab/RFI/ci) Multiple Vulnerabilities",2009-05-11,scriptjunkie,php,webapps,0 8659,platforms/php/webapps/8659.php,"Bitweaver 2.6 - saveFeed() Remote Code Execution Exploit",2009-05-12,Nine:Situations:Group,php,webapps,0 -8660,platforms/windows/local/8660.pl,"CastRipper 2.50.70 - (.m3u) Local Buffer Overflow Exploit",2009-05-12,[0]x80->[H]4x²0r,windows,local,0 -8661,platforms/windows/local/8661.pl,"CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit",2009-05-12,Stack,windows,local,0 -8662,platforms/windows/local/8662.py,"CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python)",2009-05-12,"Super Cristal",windows,local,0 +8660,platforms/windows/local/8660.pl,"CastRipper 2.50.70 - '.m3u' Local Buffer Overflow Exploit",2009-05-12,[0]x80->[H]4x²0r,windows,local,0 +8661,platforms/windows/local/8661.pl,"CastRipper 2.50.70 - '.m3u' Universal Stack Overflow Exploit",2009-05-12,Stack,windows,local,0 +8662,platforms/windows/local/8662.py,"CastRipper 2.50.70 - '.m3u' Universal Stack Overflow Exploit (Python)",2009-05-12,"Super Cristal",windows,local,0 8663,platforms/windows/local/8663.pl,"CastRipper 2.50.70 - (.pls) Universal Stack Overflow Exploit",2009-05-12,zAx,windows,local,0 8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - (username) SQL Injection",2009-05-12,YEnH4ckEr,php,webapps,0 8665,platforms/windows/dos/8665.html,"Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities",2009-05-13,shinnai,windows,dos,0 @@ -8182,7 +8182,7 @@ id,file,description,date,author,platform,type,port 8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 8677,platforms/windows/dos/8677.txt,"DigiMode Maya 1.0.2 - (.m3u / .m3l files) Buffer Overflow PoCs",2009-05-14,SirGod,windows,dos,0 8678,platforms/linux/local/8678.c,"Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit",2009-05-14,prdelka,linux,local,0 -8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injection",2009-05-14,YEnH4ckEr,php,webapps,0 +8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injections",2009-05-14,YEnH4ckEr,php,webapps,0 8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 - (arch.php arch) Local File Inclusion",2009-05-14,Kacper,php,webapps,0 8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - LFI / Remote Command Execution Exploit",2009-05-14,[AVT],php,webapps,0 8682,platforms/php/webapps/8682.txt,"MRCGIGUY ClickBank Directory 1.0.1 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 @@ -8200,10 +8200,10 @@ id,file,description,date,author,platform,type,port 8695,platforms/multiple/dos/8695.txt,"Eggdrop/Windrop 1.6.19 - ctcpbuf Remote Crash",2009-05-15,"Thomas Sader",multiple,dos,0 8696,platforms/hardware/remote/8696.txt,"D-Link Products - Captcha Bypass",2009-05-15,"SourceSec Dev Team",hardware,remote,0 8697,platforms/php/webapps/8697.txt,"Joomla Component ArtForms 2.1 b7 - Remote File Inclusion",2009-05-15,iskorpitx,php,webapps,0 -8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b - (.m3u) Local Buffer Overflow Exploit",2009-05-15,hack4love,windows,local,0 +8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow Exploit",2009-05-15,hack4love,windows,local,0 8699,platforms/php/webapps/8699.php,"Harland Scripts 11 - Products Remote Command Execution Exploit",2009-05-15,G4N0K,php,webapps,0 -8700,platforms/php/webapps/8700.txt,"Rama CMS 0.9.8 - (download.php) File Disclosure",2009-05-15,Br0ly,php,webapps,0 -8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b - (.m3u) Local Buffer Overflow Exploit (SEH)",2009-05-15,His0k4,windows,local,0 +8700,platforms/php/webapps/8700.txt,"Rama CMS 0.9.8 - 'download.php' File Disclosure",2009-05-15,Br0ly,php,webapps,0 +8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow Exploit (SEH)",2009-05-15,His0k4,windows,local,0 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL/XSS) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 8704,platforms/windows/remote/8704.txt,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass",2009-05-15,kingcope,windows,remote,0 8705,platforms/asp/webapps/8705.txt,"DMXReady Registration Manager 1.1 - Database Disclosure",2009-05-15,S4S-T3rr0r!sT,asp,webapps,0 @@ -8212,7 +8212,7 @@ id,file,description,date,author,platform,type,port 8708,platforms/php/webapps/8708.txt,"my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 8709,platforms/php/webapps/8709.txt,"Pc4Uploader 9.0 - Remote Blind SQL Injection",2009-05-18,Qabandi,php,webapps,0 8710,platforms/php/webapps/8710.txt,"PHP Dir Submit - (Auth Bypass) SQL Injection",2009-05-18,snakespc,php,webapps,0 -8711,platforms/php/webapps/8711.txt,"Online Rental Property Script 5.0 - (pid) SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 +8711,platforms/php/webapps/8711.txt,"Online Rental Property Script 5.0 - 'pid' SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 8712,platforms/windows/dos/8712.txt,"httpdx 0.5b - Multiple Remote Denial of Service Vulnerabilities",2009-05-18,sico2819,windows,dos,0 8713,platforms/php/webapps/8713.txt,"coppermine photo gallery 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 8714,platforms/php/webapps/8714.txt,"Flyspeck CMS 6.8 - Remote LFI / Change Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 @@ -8224,25 +8224,25 @@ id,file,description,date,author,platform,type,port 8720,platforms/multiple/dos/8720.c,"OpenSSL 0.9.8k / 1.0.0-beta2 - DTLS Remote Memory Exhaustion DoS",2009-05-18,"Jon Oberheide",multiple,dos,0 8721,platforms/windows/dos/8721.pl,"Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow PoC",2009-05-18,Stack,windows,dos,0 8722,platforms/windows/dos/8722.py,"Mereo 1.8.0 - (Get Request) Remote Denial of Service",2009-05-18,Stack,windows,dos,0 -8724,platforms/php/webapps/8724.txt,"LightOpenCMS 0.1 - (id) SQL Injection",2009-05-18,Mi4night,php,webapps,0 +8724,platforms/php/webapps/8724.txt,"LightOpenCMS 0.1 - 'id' SQL Injection",2009-05-18,Mi4night,php,webapps,0 8725,platforms/php/webapps/8725.php,"Jieqi CMS 1.5 - Remote Code Execution Exploit",2009-05-18,Securitylab.ir,php,webapps,0 8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 - (inc/ajax.asp) SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 -8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta - (id) SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 +8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta - 'id' SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 8728,platforms/php/webapps/8728.htm,"PHP Article Publisher - Remote Change Admin Password Exploit",2009-05-18,ahmadbady,php,webapps,0 8730,platforms/php/webapps/8730.txt,"VidShare Pro - Arbitrary Shell Upload",2009-05-19,InjEctOr5,php,webapps,0 -8731,platforms/php/webapps/8731.php,"Joomla com_gsticketsystem - (catid) Blind SQL Injection",2009-05-19,InjEctOr5,php,webapps,0 +8731,platforms/php/webapps/8731.php,"Joomla com_gsticketsystem - 'catid' Blind SQL Injection",2009-05-19,InjEctOr5,php,webapps,0 8732,platforms/windows/remote/8732.py,"httpdx 0.5b FTP Server - (CWD) Remote BoF Exploit (SEH)",2009-05-19,His0k4,windows,remote,21 8733,platforms/windows/remote/8733.html,"AOL IWinAmpActiveX Class ConvertFile() - Remote BoF Exploit",2009-05-19,rgod,windows,remote,0 8734,platforms/asp/webapps/8734.txt,"Namad (IMenAfzar) 2.0.0.0 - Remote File Disclosure",2009-05-19,Securitylab.ir,asp,webapps,0 8735,platforms/php/webapps/8735.txt,"PAD Site Scripts 3.6 - Insecure Cookie Handling",2009-05-19,Mr.tro0oqy,php,webapps,0 8736,platforms/php/webapps/8736.pl,"Coppermine Photo Gallery 1.4.22 - Remote Exploit",2009-05-19,girex,php,webapps,0 8737,platforms/php/webapps/8737.txt,"vidshare pro - (SQL/XSS) Multiple Vulnerabilities",2009-05-19,snakespc,php,webapps,0 -8738,platforms/php/webapps/8738.txt,"Dog Pedigree Online Database 1.0.1b - Multiple SQL Injection",2009-05-19,YEnH4ckEr,php,webapps,0 +8738,platforms/php/webapps/8738.txt,"Dog Pedigree Online Database 1.0.1b - Multiple SQL Injections",2009-05-19,YEnH4ckEr,php,webapps,0 8739,platforms/php/webapps/8739.txt,"Dog Pedigree Online Database 1.0.1b - Insecure Cookie Handling",2009-05-19,YEnH4ckEr,php,webapps,0 8740,platforms/php/webapps/8740.pl,"Dog Pedigree Online Database 1.0.1b - Blind SQL Injection",2009-05-19,YEnH4ckEr,php,webapps,0 8741,platforms/php/webapps/8741.txt,"DM FileManager 3.9.2 - (Auth Bypass) SQL Injection",2009-05-19,snakespc,php,webapps,0 8742,platforms/windows/remote/8742.txt,"KingSoft Web Shield 1.1.0.62 - XSS/Code Execution",2009-05-19,inking,windows,remote,0 -8743,platforms/php/webapps/8743.txt,"Joomla Casino 0.3.1 - Multiple SQL Injection Exploits",2009-05-20,ByALBAYX,php,webapps,0 +8743,platforms/php/webapps/8743.txt,"Joomla Casino 0.3.1 - Multiple SQL Injections Exploits",2009-05-20,ByALBAYX,php,webapps,0 8744,platforms/php/webapps/8744.txt,"exjune officer message system 1 - Multiple Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 8745,platforms/php/webapps/8745.txt,"catviz 0.4.0b1 - (LFI/XSS) Multiple Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 8746,platforms/php/webapps/8746.txt,"NC GBook 1.0 - Remote Command Injection Exploit",2009-05-20,"ThE g0bL!N",php,webapps,0 @@ -8258,11 +8258,11 @@ id,file,description,date,author,platform,type,port 8756,platforms/asp/webapps/8756.txt,"asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 8757,platforms/windows/remote/8757.html,"BaoFeng - (config.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8758,platforms/windows/remote/8758.html,"ChinaGames - (CGAgent.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 -8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple SQL Injection",2009-05-21,YEnH4ckEr,php,webapps,0 +8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple SQL Injections",2009-05-21,YEnH4ckEr,php,webapps,0 8761,platforms/php/webapps/8761.txt,"Article Directory - (Auth Bypass) SQL Injection",2009-05-21,Hakxer,php,webapps,0 8762,platforms/php/webapps/8762.txt,"Article Directory - (page.php) Remote Blind SQL Injection",2009-05-21,"ThE g0bL!N",php,webapps,0 8763,platforms/php/webapps/8763.txt,"ZaoCMS - Insecure Cookie Handling",2009-05-21,"ThE g0bL!N",php,webapps,0 -8764,platforms/php/webapps/8764.txt,"ZaoCMS - (download.php) Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0 +8764,platforms/php/webapps/8764.txt,"ZaoCMS - 'download.php' Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0 8765,platforms/windows/remote/8765.php,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP)",2009-05-22,racle,windows,remote,0 8766,platforms/php/webapps/8766.txt,"Tutorial Share 3.5.0 - Insecure Cookie Handling",2009-05-22,Evil-Cod3r,php,webapps,0 8767,platforms/windows/dos/8767.c,"Winamp 5.551 - MAKI Parsing Integer Overflow PoC",2009-05-22,n00b,windows,dos,0 @@ -8276,7 +8276,7 @@ id,file,description,date,author,platform,type,port 8776,platforms/php/webapps/8776.txt,"photovideotube 1.11 - Multiple Vulnerabilities",2009-05-22,Hakxer,php,webapps,0 8777,platforms/windows/dos/8777.txt,"Soulseek 157 NS x / 156.x - Remote Distributed Search Code Execution",2009-05-26,"laurent gaffié ",windows,dos,0 8778,platforms/php/webapps/8778.txt,"minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities",2009-05-26,YEnH4ckEr,php,webapps,0 -8779,platforms/php/webapps/8779.txt,"Joomla Boy Scout Advancement 0.3 - (id) SQL Injection",2009-05-26,YEnH4ckEr,php,webapps,0 +8779,platforms/php/webapps/8779.txt,"Joomla Boy Scout Advancement 0.3 - 'id' SQL Injection",2009-05-26,YEnH4ckEr,php,webapps,0 8780,platforms/windows/local/8780.php,"COWON America jetCast 2.0.4.1109 - (.mp3) Local Overflow Exploit",2009-05-26,Nine:Situations:Group,windows,local,0 8781,platforms/php/webapps/8781.txt,"Dokuwiki 2009-02-14 - Local File Inclusion",2009-05-26,girex,php,webapps,0 8782,platforms/windows/local/8782.txt,"ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Local Privilege Escalation Exploit",2009-05-26,"NT Internals",windows,local,0 @@ -8298,7 +8298,7 @@ id,file,description,date,author,platform,type,port 8798,platforms/windows/dos/8798.rb,"Safari - RSS feed:// Buffer Overflow via libxml2 Exploit PoC",2009-05-26,"Kevin Finisterre",windows,dos,0 8799,platforms/windows/local/8799.txt,"PHP 5.2.9 - Local Safemod Bypass Exploit (Win32)",2009-05-26,Abysssec,windows,local,0 8801,platforms/php/webapps/8801.txt,"Joomla Component com_rsgallery2 1.14.x/2.x - Remote Backdoor",2009-05-26,"Jan Van Niekerk",php,webapps,0 -8802,platforms/php/webapps/8802.txt,"Kensei Board 2.0.0b - Multiple SQL Injection",2009-05-26,cOndemned,php,webapps,0 +8802,platforms/php/webapps/8802.txt,"Kensei Board 2.0.0b - Multiple SQL Injections",2009-05-26,cOndemned,php,webapps,0 8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Auth Bypass) SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 8804,platforms/windows/remote/8804.py,"Soulseek 157 NS - Remote Buffer Overflow Exploit (SEH)",2009-05-26,His0k4,windows,remote,2242 8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 @@ -8313,7 +8313,7 @@ id,file,description,date,author,platform,type,port 8814,platforms/php/webapps/8814.txt,"Joomla Component AgoraGroup 0.3.5.3 - Blind SQL Injection",2009-05-27,"Chip d3 bi0s",php,webapps,0 8815,platforms/php/webapps/8815.txt,"Easy Px 41 CMS 09.00.00B1 - (fiche) Local File Inclusion",2009-05-27,"ThE g0bL!N",php,webapps,0 8816,platforms/php/webapps/8816.txt,"SiteX 0.7.4.418 - (THEME_FOLDER) Local File Inclusion",2009-05-27,ahmadbady,php,webapps,0 -8817,platforms/php/webapps/8817.txt,"Evernew Free Joke Script 1.2 - (cat_id) SQL Injection",2009-05-27,taRentReXx,php,webapps,0 +8817,platforms/php/webapps/8817.txt,"Evernew Free Joke Script 1.2 - 'cat_id' SQL Injection",2009-05-27,taRentReXx,php,webapps,0 8818,platforms/php/webapps/8818.txt,"AdPeeps 8.5d1 - XSS / HTML Injection",2009-05-27,intern0t,php,webapps,0 8819,platforms/php/webapps/8819.txt,"small pirate 2.1 - (XSS/SQL) Multiple Vulnerabilities",2009-05-29,YEnH4ckEr,php,webapps,0 8820,platforms/php/webapps/8820.txt,"amember 3.1.7 - (XSS/SQL/hi) Multiple Vulnerabilities",2009-05-29,intern0t,php,webapps,0 @@ -8326,21 +8326,21 @@ id,file,description,date,author,platform,type,port 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0 8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - (Auth Bypass) SQL Injection",2009-05-29,"sniper code",php,webapps,0 8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 -8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links 1.0 - (id) SQL Injection",2009-05-29,Qabandi,php,webapps,0 +8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links 1.0 - 'id' SQL Injection",2009-05-29,Qabandi,php,webapps,0 8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - (Auth Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0 8832,platforms/windows/dos/8832.php,"ICQ 6.5 - URL Search Hook (Windows Explorer) Remote BoF PoC",2009-06-01,Nine:Situations:Group,windows,dos,0 8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console - Arbitrary Command Execution",2009-06-01,Securitum,hardware,local,0 8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) SQL Injection",2009-06-01,Br0ly,php,webapps,0 8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote BoF Exploit (heap spray)",2009-06-01,His0k4,windows,remote,0 -8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injection",2009-06-01,"Nico Leidecker",php,webapps,0 +8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injections",2009-06-01,"Nico Leidecker",php,webapps,0 8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack BoF PoC (SEH)",2009-06-01,LiquidWorm,windows,dos,0 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities",2009-06-01,xeno_hive,php,webapps,0 -8839,platforms/php/webapps/8839.txt,"Open-school 1.0 - (id) SQL Injection",2009-06-01,OzX,php,webapps,0 +8839,platforms/php/webapps/8839.txt,"Open-school 1.0 - 'id' SQL Injection",2009-06-01,OzX,php,webapps,0 8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 - (tid) Blind SQL Injection",2009-06-01,OzX,php,webapps,0 8841,platforms/php/webapps/8841.txt,"unclassified newsboard 1.6.4 - Multiple Vulnerabilities",2009-06-01,girex,php,webapps,0 8842,platforms/multiple/dos/8842.pl,"Apache mod_dav / svn - Remote Denial of Service",2009-06-01,kingcope,multiple,dos,0 8843,platforms/php/webapps/8843.pl,"Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit",2009-06-01,YEnH4ckEr,php,webapps,0 -8844,platforms/php/webapps/8844.txt,"Online Grades & Attendance 3.2.6 - Multiple SQL Injection",2009-06-01,YEnH4ckEr,php,webapps,0 +8844,platforms/php/webapps/8844.txt,"Online Grades & Attendance 3.2.6 - Multiple SQL Injections",2009-06-01,YEnH4ckEr,php,webapps,0 8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console - Arbitrary Command Execution",2009-06-01,Securitum,hardware,remote,0 8847,platforms/php/webapps/8847.txt,"Joomla Component Joomlaequipment 2.0.4 - (com_juser) SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection",2009-06-01,taRentReXx,php,webapps,0 @@ -8362,12 +8362,12 @@ id,file,description,date,author,platform,type,port 8864,platforms/php/webapps/8864.txt,"My Mini Bill - (orderid) SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml 1.0.1 - (Auth Bypass) SQL Injection",2009-06-03,Qabandi,php,webapps,0 8866,platforms/php/webapps/8866.php,"Podcast Generator 1.2 - unauthorized Re-Installation Remote Exploit",2009-06-03,StAkeR,php,webapps,0 -8867,platforms/php/webapps/8867.pl,"Joomla Component Seminar 1.28 - (id) Blind SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 +8867,platforms/php/webapps/8867.pl,"Joomla Component Seminar 1.28 - 'id' Blind SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 8868,platforms/php/webapps/8868.txt,"OCS Inventory NG 1.02 - Remote File Disclosure",2009-06-03,"Nico Leidecker",php,webapps,0 8869,platforms/php/webapps/8869.txt,"Supernews 2.6 - (index.php noticia) SQL Injection",2009-06-03,DD3str0y3r,php,webapps,0 8870,platforms/php/webapps/8870.txt,"Joomla Omilen Photo Gallery 0.5b - Local File Inclusion",2009-06-03,ByALBAYX,php,webapps,0 8871,platforms/php/webapps/8871.txt,"Movie PHP Script 2.0 - (init.php anticode) Code Execution",2009-06-03,SirGod,php,webapps,0 -8872,platforms/php/webapps/8872.txt,"Joomla Component com_mosres - Multiple SQL Injection",2009-06-03,"Chip d3 bi0s",php,webapps,0 +8872,platforms/php/webapps/8872.txt,"Joomla Component com_mosres - Multiple SQL Injections",2009-06-03,"Chip d3 bi0s",php,webapps,0 8873,platforms/multiple/dos/8873.c,"OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service",2009-06-04,"Jon Oberheide",multiple,dos,0 8874,platforms/php/webapps/8874.txt,"SuperCali PHP Event Calendar - Arbitrary Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 8875,platforms/windows/local/8875.txt,"Online Armor < 3.5.0.12 - (OAmon.sys) Local Privilege Escalation Exploit",2009-06-04,"NT Internals",windows,local,0 @@ -8386,26 +8386,26 @@ id,file,description,date,author,platform,type,port 8890,platforms/asp/webapps/8890.txt,"fipsCMS Light 2.1 - (db.mdb) Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 8891,platforms/php/webapps/8891.txt,"Joomla Component com_school 1.4 - (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8892,platforms/php/webapps/8892.txt,"Virtue Classifieds - (category) SQL Injection",2009-06-08,OzX,php,webapps,0 -8893,platforms/php/webapps/8893.txt,"Virtue Book Store - (cid) SQL Injection",2009-06-08,OzX,php,webapps,0 -8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall - (cid) SQL Injection",2009-06-08,OzX,php,webapps,0 +8893,platforms/php/webapps/8893.txt,"Virtue Book Store - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 +8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8895,platforms/cgi/webapps/8895.txt,"Interlogy Profile Manager Basic - Insecure Cookie Handling",2009-06-08,ZoRLu,cgi,webapps,0 8896,platforms/osx/local/8896.c,"Apple MACOS X xnu 1228.9.59 - Local Kernel Root Exploit",2009-06-08,mu-b,osx,local,0 8897,platforms/windows/remote/8897.c,"httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 -8898,platforms/php/webapps/8898.txt,"Joomla Component MooFAQ (com_moofaq) - LFI",2009-06-08,"Chip d3 bi0s",php,webapps,0 +8898,platforms/php/webapps/8898.txt,"Joomla Component MooFAQ (com_moofaq) - Local File Inclusion",2009-06-08,"Chip d3 bi0s",php,webapps,0 8899,platforms/windows/dos/8899.txt,"SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow PoC",2009-06-08,DSecRG,windows,dos,0 8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 - (source_class) SQL Injection",2009-06-08,snakespc,php,webapps,0 8901,platforms/php/webapps/8901.txt,"virtue news - (SQL/XSS) Multiple Vulnerabilities",2009-06-08,snakespc,php,webapps,0 8902,platforms/php/webapps/8902.htm,"Grestul 1.2 - Remote Add Administrator Account Exploit",2009-06-08,"ThE g0bL!N",php,webapps,0 8903,platforms/php/webapps/8903.txt,"DM FileManager 3.9.2 - Insecure Cookie Handling",2009-06-08,"ThE g0bL!N",php,webapps,0 8904,platforms/php/webapps/8904.txt,"automated link exchange portal 1.3 - Multiple Vulnerabilities",2009-06-08,TiGeR-Dz,php,webapps,0 -8905,platforms/php/webapps/8905.txt,"Joomla Component com_portafolio - (cid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 +8905,platforms/php/webapps/8905.txt,"Joomla Component com_portafolio - 'cid' SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8906,platforms/php/webapps/8906.pl,"Shop Script Pro 2.12 - SQL Injection",2009-06-08,Ams,php,webapps,0 8907,platforms/multiple/remote/8907.txt,"Apple Safari 3.2.x - (XXE attack) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 8908,platforms/php/webapps/8908.txt,"Joomla Component BookLibrary 1.5.2.4 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8911,platforms/php/webapps/8911.txt,"Joomla Component Akobook 2.3 - (gbid) SQL Injection",2009-06-09,Ab1i,php,webapps,0 8912,platforms/php/webapps/8912.txt,"Joomla Component com_media_library 1.5.3 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8913,platforms/php/webapps/8913.txt,"S-CMS 2.0b3 - Multiple Local File Inclusion",2009-06-09,YEnH4ckEr,php,webapps,0 -8914,platforms/php/webapps/8914.txt,"S-CMS 2.0b3 - Multiple SQL Injection",2009-06-09,YEnH4ckEr,php,webapps,0 +8914,platforms/php/webapps/8914.txt,"S-CMS 2.0b3 - Multiple SQL Injections",2009-06-09,YEnH4ckEr,php,webapps,0 8915,platforms/php/webapps/8915.pl,"S-CMS 2.0b3 - (username) Blind SQL Injection",2009-06-09,YEnH4ckEr,php,webapps,0 8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote BoF Exploit",2009-06-09,His0k4,windows,remote,80 8917,platforms/php/webapps/8917.txt,"mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities",2009-06-09,"ThE g0bL!N",php,webapps,0 @@ -8420,7 +8420,7 @@ id,file,description,date,author,platform,type,port 8926,platforms/php/webapps/8926.txt,"mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities",2009-06-10,"ThE g0bL!N",php,webapps,0 8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - (username) Blind SQL Injection",2009-06-10,YEnH4ckEr,php,webapps,0 8928,platforms/php/webapps/8928.txt,"phpWebThings 1.5.2 - (help.php module) Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 -8929,platforms/php/webapps/8929.txt,"Splog 1.2 Beta - Multiple SQL Injection",2009-06-11,YEnH4ckEr,php,webapps,0 +8929,platforms/php/webapps/8929.txt,"Splog 1.2 Beta - Multiple SQL Injections",2009-06-11,YEnH4ckEr,php,webapps,0 8930,platforms/windows/remote/8930.txt,"ModSecurity 2.5.9 (Core Rules 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 - (deleteTorrent) Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0 8932,platforms/php/webapps/8932.txt,"yogurt 0.3 - (XSS/SQL Injection) Multiple Vulnerabilities",2009-06-11,Br0ly,php,webapps,0 @@ -8451,7 +8451,7 @@ id,file,description,date,author,platform,type,port 8958,platforms/php/webapps/8958.txt,"torrenttrader classic 1.09 - Multiple Vulnerabilities",2009-06-15,waraxe,php,webapps,0 8959,platforms/php/webapps/8959.pl,"Joomla Component com_ijoomla_rss - Blind SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash Exploit",2009-06-15,webDEViL,linux,dos,0 -8961,platforms/php/webapps/8961.txt,"WordPress Plugin Photoracer 1.0 - (id) SQL Injection",2009-06-15,Kacper,php,webapps,0 +8961,platforms/php/webapps/8961.txt,"WordPress Plugin Photoracer 1.0 - 'id' SQL Injection",2009-06-15,Kacper,php,webapps,0 8962,platforms/php/webapps/8962.txt,"phpCollegeExchange 0.1.5c - (listing_view.php itemnr) SQL Injection",2009-06-15,SirGod,php,webapps,0 8963,platforms/hardware/remote/8963.txt,"Netgear DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 8964,platforms/hardware/dos/8964.txt,"Netgear DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 @@ -8465,7 +8465,7 @@ id,file,description,date,author,platform,type,port 8974,platforms/php/webapps/8974.txt,"XOOPS 2.3.3 - Remote File Disclosure (.htaccess)",2009-06-16,daath,php,webapps,0 8975,platforms/php/webapps/8975.txt,"phpFK 7.03 - (page_bottom.php) Local File Inclusion",2009-06-17,ahmadbady,php,webapps,0 8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - Low Bandwidth Denial of Service (slowloris.pl)",2009-06-17,RSnake,multiple,dos,0 -8977,platforms/php/webapps/8977.txt,"TekBase All-in-One 3.1 - Multiple SQL Injection",2009-06-17,n3wb0ss,php,webapps,0 +8977,platforms/php/webapps/8977.txt,"TekBase All-in-One 3.1 - Multiple SQL Injections",2009-06-17,n3wb0ss,php,webapps,0 8978,platforms/php/webapps/8978.txt,"fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption PoC",2009-06-17,StAkeR,php,webapps,0 8979,platforms/php/webapps/8979.txt,"FretsWeb 1.2 - Multiple Local File Inclusion",2009-06-17,YEnH4ckEr,php,webapps,0 8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Remote Blind SQL Injection",2009-06-17,YEnH4ckEr,php,webapps,0 @@ -8485,7 +8485,7 @@ id,file,description,date,author,platform,type,port 8996,platforms/php/webapps/8996.txt,"Gravy Media Photo Host 1.0.8 - Local File Disclosure",2009-06-22,Lo$er,php,webapps,0 8997,platforms/php/webapps/8997.txt,"kasseler CMS - (fd/XSS) Multiple Vulnerabilities",2009-06-22,S(r1pt,php,webapps,0 8998,platforms/php/webapps/8998.txt,"Sourcebans 1.4.2 - Arbitrary Change Admin Email",2009-06-22,"Mr. Anonymous",php,webapps,0 -8999,platforms/php/webapps/8999.txt,"Joomla Component com_tickets 2.1 - (id) SQL Injection",2009-06-22,"Chip d3 bi0s",php,webapps,0 +8999,platforms/php/webapps/8999.txt,"Joomla Component com_tickets 2.1 - 'id' SQL Injection",2009-06-22,"Chip d3 bi0s",php,webapps,0 9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 - (key) SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 9001,platforms/php/webapps/9001.php,"MyBB 1.4.6 - Remote Code Execution Exploit",2009-06-22,The:Paradox,php,webapps,0 9002,platforms/windows/remote/9002.c,"Bopup Communications Server 3.2.26.5460 - Remote SYSTEM Exploit",2009-06-22,mu-b,windows,remote,19810 @@ -8500,24 +8500,24 @@ id,file,description,date,author,platform,type,port 9012,platforms/php/webapps/9012.txt,"tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities",2009-06-24,CraCkEr,php,webapps,0 9014,platforms/php/webapps/9014.txt,"PHPEcho CMS 2.0-rc3 - (forum) XSS Cookie Stealing / Blind",2009-06-24,JosS,php,webapps,0 9015,platforms/php/webapps/9015.txt,"LightOpenCMS 0.1 - (smarty.php cwd) Local File Inclusion",2009-06-24,JosS,php,webapps,0 -9016,platforms/php/webapps/9016.txt,"Joomla Component com_amocourse - (catid) SQL Injection",2009-06-24,"Chip d3 bi0s",php,webapps,0 +9016,platforms/php/webapps/9016.txt,"Joomla Component com_amocourse - 'catid' SQL Injection",2009-06-24,"Chip d3 bi0s",php,webapps,0 9017,platforms/php/webapps/9017.txt,"Joomla Component com_pinboard - (task) SQL Injection",2009-06-25,Stack,php,webapps,0 9018,platforms/php/webapps/9018.txt,"MyFusion 6b - settings[locale] Local File Inclusion",2009-06-25,CraCkEr,php,webapps,0 9019,platforms/php/webapps/9019.txt,"AlumniServer 1.0.1 - (Auth Bypass) SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0 9020,platforms/php/webapps/9020.py,"AlumniServer 1.0.1 - (resetpwemail) Blind SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0 9021,platforms/php/webapps/9021.txt,"MD-Pro 1.083.x - Survey Module (pollID) Blind SQL Injection",2009-06-25,XaDoS,php,webapps,0 9022,platforms/php/webapps/9022.txt,"Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities",2009-06-26,HxH,php,webapps,0 -9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injection",2009-06-26,YEnH4ckEr,php,webapps,0 +9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injections",2009-06-26,YEnH4ckEr,php,webapps,0 9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - (Auth Bypass) SQL Injection",2009-06-26,"ThE g0bL!N",php,webapps,0 -9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - (index.php page) LFI",2009-06-26,SirGod,php,webapps,0 +9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - 'index.php' LFI",2009-06-26,SirGod,php,webapps,0 9026,platforms/php/webapps/9026.txt,"WHOISCART - (Auth Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - (cat.php CatID) SQL Injection",2009-06-29,SecurityRules,php,webapps,0 -9028,platforms/php/webapps/9028.txt,"Joomla Component com_php - (id) Blind SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 +9028,platforms/php/webapps/9028.txt,"Joomla Component com_php - 'id' Blind SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9029,platforms/windows/dos/9029.rb,"VideoLAN VLC Media Player 0.9.9 - smb:// URI Stack BoF PoC",2009-06-29,Trancer,windows,dos,0 9030,platforms/php/webapps/9030.txt,"Joomla Component com_K2 -q 1.0.1b - (category) SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9031,platforms/windows/remote/9031.py,"Bopup Communications Server 3.2.26.5460 - Remote BoF Exploit (SEH)",2009-06-29,His0k4,windows,remote,19810 9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 - Admin Login Blind SQL Injection",2009-06-29,"Adam Baldwin",php,webapps,0 -9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 - (.m3u) Local Heap Overflow PoC",2009-06-29,hack4love,windows,dos,0 +9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 - '.m3u' Local Heap Overflow PoC",2009-06-29,hack4love,windows,dos,0 9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - (.ht3) Local Buffer Overflow Exploit (SEH)",2009-06-29,hack4love,windows,local,0 9035,platforms/php/webapps/9035.txt,"Almnzm - (COOKIE: customer) SQL Injection",2009-06-29,Qabandi,php,webapps,0 9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 - (index.php t) Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0 @@ -8543,7 +8543,7 @@ id,file,description,date,author,platform,type,port 9058,platforms/php/webapps/9058.pl,"PunBB Extension Vote For Us 1.0.1 - Blind SQL Injection",2009-06-30,Dante90,php,webapps,0 9059,platforms/php/webapps/9059.htm,"Messages Library 2.0 - Arbitrary Administrator Account",2009-06-30,"ThE g0bL!N",php,webapps,0 9060,platforms/windows/local/9060.pl,"MP3-Nator 2.0 - (.plf) Universal Buffer Overflow Exploit (SEH)",2009-07-01,"ThE g0bL!N",windows,local,0 -9061,platforms/windows/dos/9061.pl,"PEamp 1.02b - (.M3U) Local Buffer Overflow PoC",2009-07-01,"ThE g0bL!N",windows,dos,0 +9061,platforms/windows/dos/9061.pl,"PEamp 1.02b - '.m3u' Local Buffer Overflow PoC",2009-07-01,"ThE g0bL!N",windows,dos,0 9062,platforms/php/webapps/9062.txt,"Messages Library 2.0 - Arbitrary Delete Message",2009-07-01,Stack,php,webapps,0 9063,platforms/php/webapps/9063.txt,"Messages Library 2.0 - Insecure Cookie Handling",2009-07-01,Stack,php,webapps,0 9064,platforms/windows/local/9064.pl,"AudioPLUS 2.00.215 - (.lst / .m3u) Local Buffer Overflow (SEH)",2009-07-01,hack4love,windows,local,0 @@ -8562,7 +8562,7 @@ id,file,description,date,author,platform,type,port 9077,platforms/php/webapps/9077.txt,"conpresso 3.4.8 - (detail.php) Remote Blind SQL Injection",2009-07-02,tmh,php,webapps,0 9079,platforms/php/webapps/9079.txt,"Opial 1.0 - (Auth Bypass) SQL Injection",2009-07-02,Moudi,php,webapps,0 9080,platforms/php/webapps/9080.txt,"Opial 1.0 - (albumid) SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0 -9081,platforms/php/webapps/9081.txt,"Rentventory - Multiple SQL Injection",2009-07-02,Moudi,php,webapps,0 +9081,platforms/php/webapps/9081.txt,"Rentventory - Multiple SQL Injections",2009-07-02,Moudi,php,webapps,0 9082,platforms/freebsd/local/9082.c,"FreeBSD 7.0/7.1 vfs.usermount - Local Privilege Escalation Exploit",2009-07-09,"Patroklos Argyroudis",freebsd,local,0 9083,platforms/linux/local/9083.c,"Linux Kernel 2.6.24_16-23 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit",2009-07-09,sgrakkyu,linux,local,0 9084,platforms/windows/dos/9084.txt,"Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution PoC",2009-07-09,"laurent gaffié ",windows,dos,0 @@ -8575,7 +8575,7 @@ id,file,description,date,author,platform,type,port 9091,platforms/php/webapps/9091.php,"Mlffat 2.2 - Remote Blind SQL Injection",2009-07-09,Qabandi,php,webapps,0 9092,platforms/php/webapps/9092.txt,"webasyst shop-script - (bSQL/XSS) Multiple Vulnerabilities",2009-07-09,Vrs-hCk,php,webapps,0 9093,platforms/windows/remote/9093.txt,"windows live messenger plus! fileserver 1.0 - Directory Traversal",2009-07-09,joepie91,windows,remote,0 -9094,platforms/php/webapps/9094.txt,"EasyVillaRentalSite - (Id) SQL Injection",2009-07-09,BazOka-HaCkEr,php,webapps,0 +9094,platforms/php/webapps/9094.txt,"EasyVillaRentalSite - 'id' SQL Injection",2009-07-09,BazOka-HaCkEr,php,webapps,0 9095,platforms/php/webapps/9095.txt,"talkback 2.3.14 - Multiple Vulnerabilities",2009-07-09,JIKO,php,webapps,0 9096,platforms/windows/remote/9096.txt,"Sun One WebServer 6.1 - JSP Source Viewing",2009-07-09,kingcope,windows,remote,0 9097,platforms/multiple/local/9097.txt,"xscreensaver 5.01 - Arbitrary File Disclosure Symlink Attack",2009-07-09,kingcope,multiple,local,0 @@ -8583,16 +8583,16 @@ id,file,description,date,author,platform,type,port 9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 - (vnews.php id) SQL Injection",2009-07-09,Mr.tro0oqy,php,webapps,0 9100,platforms/windows/dos/9100.html,"Microsoft Internet Explorer - (AddFavorite) Remote Crash PoC",2009-07-09,Sberry,windows,dos,0 9101,platforms/php/webapps/9101.txt,"phpbms 0.96 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 -9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - (.M3U) Local Heap Overflow PoC",2009-07-10,Cyber-Zone,windows,dos,0 +9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - '.m3u' Local Heap Overflow PoC",2009-07-10,Cyber-Zone,windows,dos,0 9103,platforms/php/webapps/9103.txt,"gencms 2006 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro 8.02 - (.pdm) Local BoF Exploit (SEH)",2009-07-10,His0k4,windows,local,0 -9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - (uid) SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 +9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - 'uid' SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 9106,platforms/windows/remote/9106.txt,"citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities",2009-07-10,"Secure Network",windows,remote,0 9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video - ActiveX Remote Buffer Overflow Exploit",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection/RCE Exploit",2009-07-10,darkjoker,php,webapps,0 9110,platforms/php/webapps/9110.txt,"WordPress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information",2009-07-10,"Core Security",php,webapps,0 -9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injection",2009-07-10,Moudi,php,webapps,0 +9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injections",2009-07-10,Moudi,php,webapps,0 9112,platforms/php/webapps/9112.txt,"Joomla Component com_propertylab - (auction_id) SQL Injection",2009-07-10,"Chip d3 bi0s",php,webapps,0 9113,platforms/windows/dos/9113.txt,"OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs",2009-07-10,Stack,windows,dos,0 9114,platforms/windows/dos/9114.txt,"eEye Retina WiFi Security Scanner 1.0 - (.rws Parsing) Buffer Overflow PoC",2009-07-10,LiquidWorm,windows,dos,0 @@ -8600,13 +8600,13 @@ id,file,description,date,author,platform,type,port 9116,platforms/windows/dos/9116.html,"AwingSoft Web3D Player - (WindsPly.ocx) Remote BoF PoC",2009-07-10,shinnai,windows,dos,0 9117,platforms/hardware/remote/9117.txt,"HTC / Windows Mobile OBEX FTP Service - Directory Traversal",2009-07-10,"Alberto Tablado",hardware,remote,0 9118,platforms/php/webapps/9118.txt,"ebay clone 2009 - (XSS/bSQL) Multiple Vulnerabilities",2009-07-10,Moudi,php,webapps,0 -9119,platforms/php/webapps/9119.txt,"LionWiki - (index.php page) Local File Inclusion",2009-07-10,MoDaMeR,php,webapps,0 +9119,platforms/php/webapps/9119.txt,"LionWiki - 'index.php' Local File Inclusion",2009-07-10,MoDaMeR,php,webapps,0 9121,platforms/php/webapps/9121.php,"Morcego CMS 1.7.6 - Remote Blind SQL Injection",2009-07-10,darkjoker,php,webapps,0 9122,platforms/php/webapps/9122.txt,"Opial 1.0 - Arbitrary File Upload/XSS/SQL Injection",2009-07-11,LMaster,php,webapps,0 9123,platforms/windows/dos/9123.pl,"M3U/M3L to ASX/WPL 1.1 - (ASX & M3U & M3L) Local BoF PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 - (.M3U/M3L/TXT) Local Stack Overflow PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 -9125,platforms/php/webapps/9125.txt,"Ebay Clone 2009 - Multiple SQL Injection",2009-07-11,MizoZ,php,webapps,0 -9126,platforms/php/webapps/9126.txt,"Joomla Component com_category - (catid) SQL Injection",2009-07-11,Prince_Pwn3r,php,webapps,0 +9125,platforms/php/webapps/9125.txt,"Ebay Clone 2009 - Multiple SQL Injections",2009-07-11,MizoZ,php,webapps,0 +9126,platforms/php/webapps/9126.txt,"Joomla Component com_category - 'catid' SQL Injection",2009-07-11,Prince_Pwn3r,php,webapps,0 9127,platforms/php/webapps/9127.txt,"d.net CMS - Arbitrary Reinstall/Blind SQL Injection",2009-07-11,darkjoker,php,webapps,0 9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - (response) Remote BoF Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 9129,platforms/php/webapps/9129.txt,"censura 1.16.04 - (bSQL/XSS) Multiple Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 @@ -8642,13 +8642,13 @@ id,file,description,date,author,platform,type,port 9159,platforms/php/webapps/9159.php,"Infinity 2.0.5 - Arbitrary Create Admin Exploit",2009-07-15,Qabandi,php,webapps,0 9160,platforms/multiple/dos/9160.txt,"Multiple Web Browsers - Denial of Service",2009-07-15,"Thierry Zoller",multiple,dos,0 9161,platforms/php/webapps/9161.txt,"Admin News Tools - Remote Contents Change",2009-07-15,Securitylab.ir,php,webapps,0 -9162,platforms/php/webapps/9162.txt,"WebLeague 2.2.0 - (profile.php) SQL Injection",2009-07-15,Arka69,php,webapps,0 +9162,platforms/php/webapps/9162.txt,"WebLeague 2.2.0 - 'profile.php' SQL Injection",2009-07-15,Arka69,php,webapps,0 9163,platforms/windows/dos/9163.txt,"Microsoft Office Web Components (Spreadsheet) - ActiveX BoF PoC",2009-07-16,anonymous,windows,dos,0 9164,platforms/php/webapps/9164.txt,"webLeague 2.2.0 - (install.php) Remote Change Password Exploit",2009-07-16,TiGeR-Dz,php,webapps,0 9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - (Auth Bypass) SQL Injection",2009-07-16,ka0x,php,webapps,0 9166,platforms/php/webapps/9166.txt,"ZenPhoto Gallery 1.2.5 - Admin Password Reset (CRSF)",2009-07-16,petros,php,webapps,0 9167,platforms/windows/dos/9167.txt,"Music Tag Editor 1.61 build 212 - Remote Buffer Overflow PoC",2009-07-16,LiquidWorm,windows,dos,0 -9168,platforms/windows/dos/9168.pl,"Zortam MP3 Player 1.50 - (m3u) Integer Division by Zero Exploit",2009-07-16,LiquidWorm,windows,dos,0 +9168,platforms/windows/dos/9168.pl,"Zortam MP3 Player 1.50 - '.m3u' Integer Division by Zero Exploit",2009-07-16,LiquidWorm,windows,dos,0 9169,platforms/windows/dos/9169.txt,"Zortam MP3 Media Studio 9.40 - Multiple Memory Corruption Vulnerabilities",2009-07-16,LiquidWorm,windows,dos,0 9170,platforms/windows/dos/9170.txt,"Audio Editor Pro 2.91 - Remote Memory Corruption PoC",2009-07-16,LiquidWorm,windows,dos,0 9171,platforms/php/webapps/9171.txt,"VS PANEL 7.5.5 - (results.php Cat_ID) SQL Injection",2009-07-16,C0D3R-Dz,php,webapps,0 @@ -8657,7 +8657,7 @@ id,file,description,date,author,platform,type,port 9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - (x) Remote Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0 9175,platforms/multiple/dos/9175.txt,"Sguil/PADS - Remote Server Crash",2009-07-17,Ataraxia,multiple,dos,0 9176,platforms/php/webapps/9176.txt,"dB Masters Multimedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0 -9177,platforms/windows/local/9177.pl,"Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Universal BoF Exploit",2009-07-16,Crazy_Hacker,windows,local,0 +9177,platforms/windows/local/9177.pl,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Universal BoF Exploit",2009-07-16,Crazy_Hacker,windows,local,0 9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - (.mp3) Crash Exploit",2009-07-16,prodigy,windows,dos,0 9179,platforms/php/webapps/9179.txt,"Super Simple Blog Script 2.5.4 - Local File Inclusion",2009-07-17,JIKO,php,webapps,0 9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 - (entry) SQL Injection",2009-07-17,JIKO,php,webapps,0 @@ -8666,7 +8666,7 @@ id,file,description,date,author,platform,type,port 9183,platforms/php/webapps/9183.txt,"Battle Blog 1.25 - Auth Bypass SQL Injection / HTML Injection",2009-07-17,$qL_DoCt0r,php,webapps,0 9184,platforms/php/webapps/9184.txt,"Ger Versluis 2000 5.5 24 - SITE_fiche.php SQL Injection",2009-07-17,DeCo017,php,webapps,0 9185,platforms/php/webapps/9185.txt,"good/bad vote - (XSS/LFI) Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 -9186,platforms/windows/local/9186.pl,"Easy RM to MP3 Converter - (.m3u) Universal Stack Overflow Exploit",2009-07-17,Stack,windows,local,0 +9186,platforms/windows/local/9186.pl,"Easy RM to MP3 Converter - '.m3u' Universal Stack Overflow Exploit",2009-07-17,Stack,windows,local,0 9187,platforms/php/webapps/9187.txt,"Joomla Component Jobline 1.3.1 - Blind SQL Injection",2009-07-17,ManhLuat93,php,webapps,0 9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9190,platforms/windows/local/9190.pl,"htmldoc 1.8.27.1 - (.html) Universal Stack Overflow Exploit",2009-07-17,ksa04,windows,local,0 @@ -8689,14 +8689,14 @@ id,file,description,date,author,platform,type,port 9209,platforms/hardware/remote/9209.txt,"DD-WRT - (httpd service) Remote Command Execution",2009-07-20,gat3way,hardware,remote,0 9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - (SQL/bSQL) SQL Injection",2009-07-20,"599eme Man",php,webapps,0 9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - (.sgp) Crash Exploit",2009-07-20,prodigy,windows,dos,0 -9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - (.m3u) Local Heap Overflow PoC",2009-07-20,"D3V!L FUCK3R",windows,dos,0 +9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - '.m3u' Local Heap Overflow PoC",2009-07-20,"D3V!L FUCK3R",windows,dos,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl)",2009-07-20,netsoul,windows,remote,0 9215,platforms/windows/local/9215.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow Exploit (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0 9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 - (Auth Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0 9220,platforms/windows/dos/9220.pl,"KMplayer 2.9.4.1433 - (.srt) Local Buffer Overflow PoC",2009-07-20,b3hz4d,windows,dos,0 -9221,platforms/windows/local/9221.pl,"WINMOD 1.4 - (.lst) Local Buffer Overflow Exploit (SEH)",2009-07-21,hack4love,windows,local,0 +9221,platforms/windows/local/9221.pl,"WINMOD 1.4 - '.lst' Local Buffer Overflow Exploit (SEH)",2009-07-21,hack4love,windows,local,0 9222,platforms/windows/dos/9222.cpp,"FlyHelp - (.CHM) Local Buffer Overflow PoC",2009-07-21,"fl0 fl0w",windows,dos,0 9223,platforms/windows/local/9223.txt,"Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit",2009-07-21,"Jeremy Brown",windows,local,0 9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 @@ -8704,9 +8704,9 @@ id,file,description,date,author,platform,type,port 9226,platforms/php/webapps/9226.txt,"phpdirectorysource - (XSS/SQL) Multiple Vulnerabilities",2009-07-21,Moudi,php,webapps,0 9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0 9228,platforms/windows/dos/9228.pl,"otsAV 1.77.001 - (.ofl) Local Heap Overflow PoC",2009-07-22,hack4love,windows,dos,0 -9229,platforms/windows/local/9229.py,"WINMOD 1.4 - (.lst) Universal Buffer Overflow Exploit (SEH) (2)",2009-07-22,Dz_Girl,windows,local,0 -9231,platforms/php/webapps/9231.txt,"Phorum 5.2.11 - Permanent Cross-Site Scripting",2009-07-22,Crashfr,php,webapps,0 -9234,platforms/windows/local/9234.pl,"WINMOD 1.4 - (.lst) Local Stack Overflow Exploit",2009-07-23,"CWH Underground",windows,local,0 +9229,platforms/windows/local/9229.py,"WINMOD 1.4 - '.lst' Universal Buffer Overflow Exploit (SEH) (2)",2009-07-22,Dz_Girl,windows,local,0 +9231,platforms/php/webapps/9231.txt,"Phorum 5.2.11 - Permanent Cross-site Scripting",2009-07-22,Crashfr,php,webapps,0 +9234,platforms/windows/local/9234.pl,"WINMOD 1.4 - '.lst' Local Stack Overflow Exploit",2009-07-23,"CWH Underground",windows,local,0 9235,platforms/php/webapps/9235.php,"e107 Plugin my_gallery 2.4.1 - readfile() Local File Disclosure Exploit",2009-07-23,NoGe,php,webapps,0 9236,platforms/php/webapps/9236.txt,"GLinks 2.1 - (cat) Remote Blind SQL Injection",2009-07-23,"599eme Man",php,webapps,0 9237,platforms/php/webapps/9237.txt,"AWCM 2.1 - Local File Inclusion / Auth Bypass",2009-07-23,SwEET-DeViL,php,webapps,0 @@ -8722,7 +8722,7 @@ id,file,description,date,author,platform,type,port 9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow Exploit (osx)",2009-07-24,Dr_IDE,osx,remote,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Auth Bypass) SQL Injection",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"Xoops Celepar Module Qas - (codigo) SQL Injection",2009-07-24,s4r4d0,php,webapps,0 -9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 +9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 - findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 @@ -8741,9 +8741,9 @@ id,file,description,date,author,platform,type,port 9266,platforms/php/webapps/9266.txt,"iwiccle 1.01 - (LFI/SQL) Multiple Vulnerabilities",2009-07-27,SirGod,php,webapps,0 9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 - (Cat_ID) SQL Injection (patched?)",2009-07-27,octopos,php,webapps,0 9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)",2009-07-27,"Christoph Bott",hardware,dos,0 -9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script - (home.php page) Remote File Inclusion",2009-07-27,int_main();,php,webapps,0 +9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script - 'home.php' Remote File Inclusion",2009-07-27,int_main();,php,webapps,0 9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection",2009-07-27,MizoZ,php,webapps,0 -9271,platforms/php/webapps/9271.txt,"Inout Adserver - (id) SQL Injection",2009-07-27,boom3rang,php,webapps,0 +9271,platforms/php/webapps/9271.txt,"Inout Adserver - 'id' SQL Injection",2009-07-27,boom3rang,php,webapps,0 9272,platforms/windows/local/9272.py,"Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python)",2009-07-27,Dr_IDE,windows,local,0 9273,platforms/php/webapps/9273.php,"Allomani Mobile 2.5 - Remote Blind SQL Injection",2009-07-27,Qabandi,php,webapps,0 9274,platforms/php/webapps/9274.php,"Allomani Songs & Clips 2.7.0 - Blind SQL Injection",2009-07-27,Qabandi,php,webapps,0 @@ -8770,7 +8770,7 @@ id,file,description,date,author,platform,type,port 9296,platforms/php/webapps/9296.txt,"TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities",2009-07-28,"Aung Khant",php,webapps,0 9297,platforms/php/webapps/9297.txt,"ultrize timesheet 1.2.2 - Remote File Inclusion",2009-07-28,NoGe,php,webapps,0 9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 - (.mpf) Local Stack Overflow Exploit (update)",2009-07-30,corelanc0d3r,windows,local,0 -9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - (.lst) Local Stack Overflow Exploit XP SP3 (RET+SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 +9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - '.lst' Local Stack Overflow Exploit XP SP3 (RET+SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 9300,platforms/multiple/dos/9300.c,"ISC BIND 9 - Remote Dynamic Update Message Denial of Service PoC",2009-07-30,kingcope,multiple,dos,0 9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - (Win32k.sys) Local Privilege Escalation Exploit",2009-07-30,"NT Internals",windows,local,0 9302,platforms/linux/local/9302.py,"Compface 1.1.5 - (.xbm) Local Buffer Overflow Exploit",2009-07-30,His0k4,linux,local,0 @@ -8796,7 +8796,7 @@ id,file,description,date,author,platform,type,port 9322,platforms/php/webapps/9322.txt,"MAXcms 3.11.20b - Multiple Remote File Inclusion",2009-08-01,NoGe,php,webapps,0 9323,platforms/multiple/dos/9323.txt,"VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot PoC",2009-08-01,"Tadas Vilkeliskis",multiple,dos,0 9324,platforms/php/webapps/9324.txt,"Joomla Component com_jfusion - (Itemid) Blind SQL Injection",2009-08-01,"Chip d3 bi0s",php,webapps,0 -9325,platforms/php/webapps/9325.txt,"PortalXP Teacher Edition 1.2 - Multiple SQL Injection",2009-08-01,SirGod,php,webapps,0 +9325,platforms/php/webapps/9325.txt,"PortalXP Teacher Edition 1.2 - Multiple SQL Injections",2009-08-01,SirGod,php,webapps,0 9326,platforms/php/webapps/9326.txt,"aa33code 0.0.1 - (LFI/Auth Bypass/DCD) Multiple Remote Vulnerabilities",2009-08-01,SirGod,php,webapps,0 9327,platforms/php/webapps/9327.txt,"mobilelib gold 3.0 - (auth bypass/SQL) Multiple Vulnerabilities",2009-08-01,SwEET-DeViL,php,webapps,0 9328,platforms/asp/webapps/9328.txt,"AW BannerAd - (Auth Bypass) SQL Injection",2009-08-03,Ro0T-MaFia,asp,webapps,0 @@ -8805,7 +8805,7 @@ id,file,description,date,author,platform,type,port 9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - (pda_projects.php offset) Remote File Inclusion",2009-08-03,"cr4wl3r ",php,webapps,0 9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script - (Auth Bypass) SQL Injection",2009-08-03,Cicklow,php,webapps,0 9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - (confirm.php language) Local File Inclusion",2009-08-03,SirGod,php,webapps,0 -9334,platforms/php/webapps/9334.txt,"QuickDev 4 - (download.php) File Disclosure",2009-08-03,SirGod,php,webapps,0 +9334,platforms/php/webapps/9334.txt,"QuickDev 4 - 'download.php' File Disclosure",2009-08-03,SirGod,php,webapps,0 9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 - (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 - (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 9337,platforms/php/webapps/9337.txt,"simplePHPWeb 0.2 - (files.php) Authentication Bypass",2009-08-03,SirGod,php,webapps,0 @@ -8814,7 +8814,7 @@ id,file,description,date,author,platform,type,port 9340,platforms/php/webapps/9340.txt,"x10 media adult script 1.7 - Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - (Auth Bypass) SQL Injection",2009-08-03,snakespc,php,webapps,0 9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 - (SQL/XSS) Multiple Vulnerabilities",2009-08-03,"599eme Man",php,webapps,0 -9343,platforms/windows/local/9343.pl,"MediaCoder 0.6.2.4275 - (.lst) Stack Buffer Overflow Exploit",2009-08-03,SkuLL-HackeR,windows,local,0 +9343,platforms/windows/local/9343.pl,"MediaCoder 0.6.2.4275 - '.lst' Stack Buffer Overflow Exploit",2009-08-03,SkuLL-HackeR,windows,local,0 9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 - (index php action) SQL Injection",2009-08-03,SarBoT511,php,webapps,0 9345,platforms/windows/dos/9345.pl,"RadASM 2.2.1.5 - (.mnu) Local Format String PoC",2009-08-03,SkuLL-HackeR,windows,dos,0 9346,platforms/windows/local/9346.pl,"Blaze HDTV Player 6.0 - (.PLF) Local Buffer Overflow Exploit (SEH)",2009-08-03,hack4love,windows,local,0 @@ -8825,43 +8825,43 @@ id,file,description,date,author,platform,type,port 9351,platforms/php/webapps/9351.txt,"Payment Processor Script - (shop.htm cid) SQL Injection",2009-08-03,ZoRLu,php,webapps,0 9352,platforms/linux/local/9352.c,"Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure Exploit",2009-08-04,"Jon Oberheide",linux,local,0 9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - (Auth Bypass) SQL Injection",2009-08-04,SirGod,php,webapps,0 -9354,platforms/windows/local/9354.pl,"MediaCoder 0.7.1.4486 - (.lst) Universal Buffer Overflow Exploit (SEH)",2009-08-04,germaya_x,windows,local,0 +9354,platforms/windows/local/9354.pl,"MediaCoder 0.7.1.4486 - '.lst' Universal Buffer Overflow Exploit (SEH)",2009-08-04,germaya_x,windows,local,0 9355,platforms/php/webapps/9355.txt,"elgg 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 9356,platforms/php/webapps/9356.txt,"shopmaker CMS 2.0 - (bSQL/ LFI) Multiple Vulnerabilities",2009-08-04,PLATEN,php,webapps,0 9357,platforms/cgi/webapps/9357.txt,"Perl$hop e-commerce Script - Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 9358,platforms/php/webapps/9358.txt,"In-Portal 4.3.1 - (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 -9359,platforms/windows/dos/9359.pl,"jetAudio 7.1.9.4030 plus vx - (.m3u) Local Buffer Overflow PoC",2009-08-04,hack4love,windows,dos,0 +9359,platforms/windows/dos/9359.pl,"jetAudio 7.1.9.4030 plus vx - '.m3u' Local Buffer Overflow PoC",2009-08-04,hack4love,windows,dos,0 9360,platforms/windows/local/9360.pl,"BlazeDVD 5.1/HDTV Player 6.0 - (.PLF) Universal BoF Exploit (SEH)",2009-08-04,"ThE g0bL!N",windows,local,0 9361,platforms/windows/dos/9361.pl,"RadASM 2.2.1.6 Menu Editor - (.mnu) Stack Overflow PoC",2009-08-04,"Pankaj Kohli",windows,dos,0 9362,platforms/windows/dos/9362.html,"Microsoft Internet Explorer 8.0.7100.0 - Simple HTML Remote Crash PoC",2009-08-05,schnuddelbuddel,windows,dos,0 9363,platforms/linux/local/9363.c,"Linux Kernel < 2.6.14.6 - procfs Kernel Memory Disclosure Exploit",2009-08-05,"Jon Oberheide",linux,local,0 -9364,platforms/windows/local/9364.py,"Tuniac 090517c - (.m3u) Local File Crash PoC",2009-08-05,Dr_IDE,windows,local,0 +9364,platforms/windows/local/9364.py,"Tuniac 090517c - '.m3u' Local File Crash PoC",2009-08-05,Dr_IDE,windows,local,0 9365,platforms/php/webapps/9365.txt,"mybackup 1.4.0 - (afd/RFI) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 -9366,platforms/windows/local/9366.pl,"jetAudio 7.1.9.4030 plus vx - (.m3u) Local Stack Overflow (SEH)",2009-08-05,corelanc0d3r,windows,local,0 +9366,platforms/windows/local/9366.pl,"jetAudio 7.1.9.4030 plus vx - '.m3u' Local Stack Overflow (SEH)",2009-08-05,corelanc0d3r,windows,local,0 9367,platforms/php/webapps/9367.txt,"tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9368,platforms/windows/dos/9368.pl,"UltraPlayer Media Player 2.112 - Local Buffer Overflow PoC",2009-08-05,SarBoT511,windows,dos,0 9369,platforms/php/webapps/9369.txt,"Irokez CMS 0.7.1 - SQL Injection",2009-08-05,Ins3t,php,webapps,0 -9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 - (bSQL-XSS) Multiple Vulnerabilities",2009-08-05,Moudi,php,webapps,0 +9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 - (bSQL/XSS) Multiple Vulnerabilities",2009-08-05,Moudi,php,webapps,0 9371,platforms/php/webapps/9371.txt,"opennews 1.0 - (sqli/rce) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9372,platforms/php/webapps/9372.txt,"Portel 2008 - (decide.php patron) Blind SQL Injection",2009-08-05,"Chip d3 bi0s",php,webapps,0 9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service",2009-08-06,"Shaun Colley",freebsd,dos,0 -9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 - (.m3u) Universal Stack Overflow Exploit (SEH)",2009-08-06,Dr_IDE,windows,local,0 +9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 - '.m3u' Universal Stack Overflow Exploit (SEH)",2009-08-06,Dr_IDE,windows,local,0 9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx - (M3U/ASX/WAX/WVX) Local Crash PoC",2009-09-10,Dr_IDE,windows,dos,0 9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - (.m3u /m3l) Universal Local BoF Exploit (SEH)",2009-08-06,hack4love,windows,local,0 9378,platforms/php/webapps/9378.txt,"PHP Script Forum Hoster - (Topic Delete/XSS) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - (.M3U/M3L) Local Stack Overflow Exploit (seh)",2009-08-06,germaya_x,windows,local,0 9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 -9381,platforms/windows/dos/9381.py,"Groovy Media Player 1.2.0 - (.m3u) Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 +9381,platforms/windows/dos/9381.py,"Groovy Media Player 1.2.0 - '.m3u' Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 9382,platforms/windows/dos/9382.txt,"ImTOO MPEG Encoder 3.1.53 - (.cue/.m3u) Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 9383,platforms/php/webapps/9383.txt,"LM Starmail 2.0 - (SQL Injection/File Inclusion) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 -9384,platforms/php/webapps/9384.txt,"Alwasel 1.5 - Multiple SQL Injection",2009-08-07,SwEET-DeViL,php,webapps,0 +9384,platforms/php/webapps/9384.txt,"Alwasel 1.5 - Multiple SQL Injections",2009-08-07,SwEET-DeViL,php,webapps,0 9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery 1.0 - (Auth Bypass) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 9386,platforms/windows/local/9386.txt,"Steam 54/894 - Local Privilege Escalation",2009-08-07,MrDoug,windows,local,0 9387,platforms/php/webapps/9387.txt,"Banner Exchange Script 1.0 - (targetid) Blind SQL Injection",2009-08-07,"599eme Man",php,webapps,0 9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - (forumid) SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 9390,platforms/php/webapps/9390.txt,"Typing Pal 1.0 - (idTableProduit) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 -9392,platforms/windows/dos/9392.pl,"iRehearse - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 -9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 +9392,platforms/windows/dos/9392.pl,"iRehearse - '.m3u' Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 +9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - '.m3u' Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Auth Bypass) Blind SQL Injection",2009-08-07,"Jafer Al Zidjali",php,webapps,0 9395,platforms/php/webapps/9395.txt,"PHPCityPortal - (Auth Bypass) SQL Injection",2009-08-07,CoBRa_21,php,webapps,0 9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - (RFI/LFI/XSS) Multiples Remote Vulnerabilities",2009-08-07,Moudi,php,webapps,0 @@ -8888,7 +8888,7 @@ id,file,description,date,author,platform,type,port 9421,platforms/php/webapps/9421.txt,"Gallarific 1.1 - (gallery.php) Arbitrary Delete/Edit Category",2009-08-12,"ilker Kandemir",php,webapps,0 9422,platforms/hardware/remote/9422.txt,"2Wire Gateway - Authentication Bypass / Password Reset",2009-08-12,hkm,hardware,remote,0 9423,platforms/windows/dos/9423.pl,"Microsoft Wordpad on winXP SP3 - Local Crash Exploit",2009-08-12,murderkey,windows,dos,0 -9424,platforms/php/webapps/9424.txt,"Plume CMS 1.2.3 - Multiple SQL Injection",2009-08-12,"Sense of Security",php,webapps,0 +9424,platforms/php/webapps/9424.txt,"Plume CMS 1.2.3 - Multiple SQL Injections",2009-08-12,"Sense of Security",php,webapps,0 9425,platforms/php/webapps/9425.sh,"Gazelle CMS 1.0 - Multiple Vulnerabilities / RCE Exploit",2009-08-12,IHTeam,php,webapps,0 9426,platforms/windows/local/9426.java,"FTPShell Client 4.1 RC2 - Name Session Stack Overflow Exploit",2009-08-13,zec,windows,local,0 9427,platforms/windows/dos/9427.py,"VLC Media Player 1.0.0/1.0.1 - smb:// URI Handling BoF PoC",2009-08-13,Dr_IDE,windows,dos,0 @@ -8929,7 +8929,7 @@ id,file,description,date,author,platform,type,port 9463,platforms/php/webapps/9463.php,"Joomla Component MisterEstate - Blind SQL Injection",2009-08-18,jdc,php,webapps,0 9464,platforms/php/webapps/9464.txt,"Fotoshow PRO - (category) SQL Injection",2009-08-18,darkmasking,php,webapps,0 9465,platforms/php/webapps/9465.txt,"phpfreeBB 1.0 - Remote BLIND SQL Injection",2009-08-18,Moudi,php,webapps,0 -9466,platforms/windows/local/9466.pl,"Playlistmaker 1.51 - (.m3u) Local Buffer Overflow Exploit (SEH)",2009-08-18,blake,windows,local,0 +9466,platforms/windows/local/9466.pl,"Playlistmaker 1.51 - '.m3u' Local Buffer Overflow Exploit (SEH)",2009-08-18,blake,windows,local,0 9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - (.mp3) Local Buffer Overflow PoC",2009-08-18,Evil.Man,windows,dos,0 9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote BoF Exploit",2009-08-18,Wraith,windows,remote,69 9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in slideshow 1.51 - Shell Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 @@ -8939,7 +8939,7 @@ id,file,description,date,author,platform,type,port 9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0 9474,platforms/php/webapps/9474.rb,"Traidnt UP 2.0 - SQL Injection",2009-08-18,"Jafer Al Zidjali",php,webapps,0 9475,platforms/php/webapps/9475.txt,"asaher pro 1.0.4 - Remote Database Backup",2009-08-18,alnjm33,php,webapps,0 -9476,platforms/windows/local/9476.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit",2009-08-18,mr_me,windows,local,0 +9476,platforms/windows/local/9476.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow Exploit",2009-08-18,mr_me,windows,local,0 9477,platforms/android/local/9477.txt,"Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (Android)",2009-08-18,Zinx,android,local,0 9478,platforms/windows/dos/9478.pl,"HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service",2007-06-21,Prili,windows,dos,80 9479,platforms/linux/local/9479.c,"Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (5)",2009-08-24,"INetCop Security",linux,local,0 @@ -8949,8 +8949,8 @@ id,file,description,date,author,platform,type,port 9483,platforms/windows/local/9483.pl,"Photodex ProShow Gold 4 - (.psh) Universal BoF Exploit XP SP3 (SEH)",2009-08-24,corelanc0d3r,windows,local,0 9484,platforms/php/webapps/9484.txt,"PHP Dir Submit - (aid) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9485,platforms/php/webapps/9485.txt,"Cuteflow 2.10.3 - edituser.php Security Bypass",2009-08-24,"Hever Costa Rocha",php,webapps,0 -9486,platforms/windows/local/9486.pl,"KSP 2006 FINAL - (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-24,hack4love,windows,local,0 -9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 - (.m3u) Local Buffer Overflow PoC",2009-08-24,hack4love,windows,dos,0 +9486,platforms/windows/local/9486.pl,"KSP 2006 FINAL - '.m3u' Universal Local Buffer Exploit (SEH)",2009-08-24,hack4love,windows,local,0 +9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 - '.m3u' Local Buffer Overflow PoC",2009-08-24,hack4love,windows,dos,0 9488,platforms/freebsd/local/9488.c,"FreeBSD 6.1 - kqueue() NULL pointer Dereference Local Root Exploit",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 9489,platforms/multiple/local/9489.txt,"Multiple BSD Operating Systems - setusercontext() Vulnerabilities",2009-08-24,kingcope,multiple,local,0 9490,platforms/php/webapps/9490.txt,"Lanai Core 0.6 - Remote File Disclosure / Info Disclosure",2009-08-24,"Khashayar Fereidani",php,webapps,0 @@ -8972,9 +8972,9 @@ id,file,description,date,author,platform,type,port 9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - (.fft) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - (.afp) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 - (welcome message) Remote Buffer Overflow Exploit (Metasploit)",2009-08-25,His0k4,windows,remote,0 -9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 -9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 - (sid) SQL Injection",2009-08-25,v3n0m,php,webapps,0 -9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script - (id) SQL Injection (2)",2009-08-25,Red-D3v1L,php,webapps,0 +9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - '.m3u' Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 +9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 - 'sid' SQL Injection",2009-08-25,v3n0m,php,webapps,0 +9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script - 'id' SQL Injection (2)",2009-08-25,Red-D3v1L,php,webapps,0 9512,platforms/php/webapps/9512.txt,"TCPDB 3.8 - Remote Content Change Bypass",2009-08-25,Securitylab.ir,php,webapps,0 9513,platforms/linux/local/9513.c,"Linux Kernel 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept",2009-08-25,"Jon Oberheide",linux,local,0 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre - Multiple Models Denial of Service",2009-08-25,"Henri Lindberg",hardware,dos,0 @@ -8996,9 +8996,9 @@ id,file,description,date,author,platform,type,port 9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 - (list.php string) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 9532,platforms/php/webapps/9532.txt,"allomani 2007 - (cat) SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 9533,platforms/php/webapps/9533.txt,"phpSANE 0.5.0 - (save.php) Remote File Inclusion",2009-08-26,CoBRa_21,php,webapps,0 -9534,platforms/php/webapps/9534.txt,"Joomla Component com_digifolio 1.52 - (id) SQL Injection",2009-08-27,v3n0m,php,webapps,0 +9534,platforms/php/webapps/9534.txt,"Joomla Component com_digifolio 1.52 - 'id' SQL Injection",2009-08-27,v3n0m,php,webapps,0 9535,platforms/php/webapps/9535.txt,"Uiga Church Portal - (year) SQL Injection",2009-08-27,Mr.SQL,php,webapps,0 -9536,platforms/windows/local/9536.py,"PIPL 2.5.0 - (.m3u) Universal Buffer Overflow Exploit (SEH)",2009-08-28,mr_me,windows,local,0 +9536,platforms/windows/local/9536.py,"PIPL 2.5.0 - '.m3u' Universal Buffer Overflow Exploit (SEH)",2009-08-28,mr_me,windows,local,0 9537,platforms/windows/dos/9537.htm,"Kaspersky 2010 - Remote Memory Corruption / DoS PoC",2009-08-28,"Prakhar Prasad",windows,dos,0 9538,platforms/php/webapps/9538.txt,"Silurus Classifieds System - (category.php) SQL Injection",2009-08-28,Mr.SQL,php,webapps,0 9539,platforms/windows/dos/9539.py,"uTorrent 1.8.3 - (Build 15772) Create New Torrent Buffer Overflow PoC",2009-08-28,Dr_IDE,windows,dos,0 @@ -9008,7 +9008,7 @@ id,file,description,date,author,platform,type,port 9543,platforms/linux/local/9543.c,"Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit (2)",2009-08-31,"Jon Oberheide",linux,local,0 9544,platforms/php/webapps/9544.txt,"Modern Script 5.0 - (index.php s) SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 9545,platforms/linux/local/9545.c,"Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - 'sock_sendpage()' Local Root (PPC)",2009-08-31,"Ramon Valle",linux,local,0 -9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - (.M3U) Local Buffer Overflow PoC",2009-08-31,hack4love,windows,dos,0 +9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - '.m3u' Local Buffer Overflow PoC",2009-08-31,hack4love,windows,dos,0 9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service",2009-08-31,"Gaurav Baruah",windows,dos,0 9548,platforms/windows/local/9548.pl,"Ultimate Player 1.56b - (.m3u/upl) Universal Local BoF Exploit (SEH)",2009-08-31,hack4love,windows,local,0 9549,platforms/windows/dos/9549.c,"MailEnable 1.52 - HTTP Mail Service Stack BoF Exploit PoC",2009-08-31,"fl0 fl0w",windows,dos,0 @@ -9024,31 +9024,31 @@ id,file,description,date,author,platform,type,port 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter 2.53b330 - (.pls/.m3u) Unicode Crash PoC",2009-09-01,mr_me,windows,dos,0 9562,platforms/asp/webapps/9562.txt,"JSFTemplating / Mojarra Scales / GlassFish - File Disclosure",2009-09-01,"SEC Consult",asp,webapps,0 9563,platforms/php/webapps/9563.txt,"Joomla Component com_artportal 1.0 - (portalid) SQL Injection",2009-09-01,"599eme Man",php,webapps,0 -9564,platforms/php/webapps/9564.txt,"Joomla Component Agora 3.0.0b (com_agora) - LFI",2009-09-01,ByALBAYX,php,webapps,0 +9564,platforms/php/webapps/9564.txt,"Joomla Component Agora 3.0.0b (com_agora) - Local File Inclusion",2009-09-01,ByALBAYX,php,webapps,0 9565,platforms/php/webapps/9565.txt,"Xstate Real Estate 1.0 - (bSQL/XSS) Multiples Vulnerabilities",2009-09-01,Moudi,php,webapps,0 9566,platforms/php/webapps/9566.txt,"Kingcms 0.6.0 - (menu.php) Remote File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9567,platforms/windows/local/9567.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (1)",2009-09-01,"ThE g0bL!N",windows,local,0 9568,platforms/windows/local/9568.py,"akPlayer 1.9.0 - (.plt) Universal Buffer Overflow Exploit (SEH)",2009-09-01,TiGeR-Dz,windows,local,0 9569,platforms/php/webapps/9569.txt,"phpBB3 - addon prime_quick_style GetAdmin",2009-09-01,-SmoG-,php,webapps,0 9570,platforms/php/webapps/9570.txt,"Ve-EDIT 0.1.4 - (debug_php.php) Local File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 -9571,platforms/php/webapps/9571.txt,"Joomla Component com_gameserver 1.0 - (id) SQL Injection",2009-09-01,v3n0m,php,webapps,0 +9571,platforms/php/webapps/9571.txt,"Joomla Component com_gameserver 1.0 - 'id' SQL Injection",2009-09-01,v3n0m,php,webapps,0 9572,platforms/php/webapps/9572.txt,"DataLife Engine 8.2 - dle_config_api Remote File Inclusion",2009-09-01,Kurd-Team,php,webapps,0 9573,platforms/windows/dos/9573.pl,"dTunes 2.72 - (Filename Processing) Local Format String PoC",2009-09-01,TheLeader,windows,dos,0 9574,platforms/linux/local/9574.txt,"Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit (2)",2009-09-02,spender,linux,local,0 9575,platforms/linux/local/9575.c,"Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Root Exploit (3)",2009-09-02,Andi,linux,local,0 -9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu 1.1 - (id) SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0 +9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0 9577,platforms/php/webapps/9577.txt,"Ve-EDIT 0.1.4 - (highlighter) Remote File Inclusion",2009-09-02,RoMaNcYxHaCkEr,php,webapps,0 9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - (deptid) SQL Injection",2009-09-02,v3n0m,php,webapps,0 9579,platforms/windows/local/9579.txt,"Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit",2009-09-03,kralor,windows,local,0 9580,platforms/windows/local/9580.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (2)",2009-09-03,hack4love,windows,local,0 -9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - (.m3u) Universal Local BoF Exploit (SEH)",2009-09-03,PLATEN,windows,local,0 +9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - '.m3u' Universal Local BoF Exploit (SEH)",2009-09-03,PLATEN,windows,local,0 9582,platforms/php/webapps/9582.txt,"FreeSchool 1.1.0 - Multiple Remote File Inclusion",2009-09-03,"cr4wl3r ",php,webapps,0 9583,platforms/php/webapps/9583.txt,"PHPope 1.0.0 - Multiple Remote File Inclusion",2009-09-03,"cr4wl3r ",php,webapps,0 9584,platforms/windows/dos/9584.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote BoF PoC (1)",2009-09-03,"expose 0day",windows,dos,0 9585,platforms/windows/dos/9585.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote BoF PoC (2)",2009-09-03,"expose 0day",windows,dos,0 9586,platforms/windows/remote/9586.py,"SIDVault 2.0e - Windows Remote Buffer Overflow Exploit",2009-09-03,blake,windows,remote,389 9587,platforms/windows/dos/9587.txt,"Microsoft IIS 5.0/6.0 FTP Server - (Stack Exhaustion) Denial of Service",2009-09-04,kingcope,windows,dos,0 -9588,platforms/php/webapps/9588.txt,"Mambo Component com_zoom - (catid) Blind SQL Injection",2009-09-04,boom3rang,php,webapps,0 +9588,platforms/php/webapps/9588.txt,"Mambo Component com_zoom - 'catid' Blind SQL Injection",2009-09-04,boom3rang,php,webapps,0 9589,platforms/windows/local/9589.pl,"OTSTurntables 1.00.027 - (.m3u/ofl) Local Universal BoF Exploit (SEH)",2009-09-04,hack4love,windows,local,0 9590,platforms/php/webapps/9590.c,"Zeroboard 4.1 pl7 - now_connect() Remote Code Execution Exploit",2009-09-04,SpeeDr00t,php,webapps,0 9591,platforms/php/webapps/9591.txt,"Ticket Support Script - (ticket.php) Remote Shell Upload",2009-09-04,InjEctOr5,php,webapps,0 @@ -9064,13 +9064,13 @@ id,file,description,date,author,platform,type,port 9601,platforms/php/webapps/9601.php,"Joomla Component BF Survey Pro Free - SQL Injection",2009-09-09,jdc,php,webapps,0 9602,platforms/php/webapps/9602.pl,"Joomla Component TPDugg 1.1 - Blind SQL Injection",2009-09-09,NoGe,php,webapps,0 9603,platforms/php/webapps/9603.txt,"Model Agency Manager Pro - (user_id) SQL Injection",2009-09-09,R3d-D3V!L,php,webapps,0 -9604,platforms/php/webapps/9604.txt,"Joomla Component com_joomloc - (id) SQL Injection",2009-09-09,"Chip d3 bi0s",php,webapps,0 +9604,platforms/php/webapps/9604.txt,"Joomla Component com_joomloc - 'id' SQL Injection",2009-09-09,"Chip d3 bi0s",php,webapps,0 9605,platforms/php/webapps/9605.pl,"Agoko CMS 0.4 - Remote Command Execution Exploit",2009-09-09,StAkeR,php,webapps,0 9606,platforms/windows/dos/9606.pl,"Safari 3.2.3 - (Win32) JavaScript (eval) Remote Denial of Service",2009-09-09,"Jeremy Brown",windows,dos,0 9607,platforms/windows/dos/9607.pl,"Ipswitch WS_FTP 12 Professional - Remote Format String PoC",2009-09-09,"Jeremy Brown",windows,dos,0 9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow Exploit",2009-09-09,"Jeremy Brown",linux,local,0 9609,platforms/php/webapps/9609.txt,"Mambo Component com_hestar - SQL Injection",2009-09-09,M3NW5,php,webapps,0 -9610,platforms/windows/local/9610.py,"Audio Lib Player - (.m3u) Buffer Overflow Exploit (SEH)",2009-09-09,blake,windows,local,0 +9610,platforms/windows/local/9610.py,"Audio Lib Player - '.m3u' Buffer Overflow Exploit (SEH)",2009-09-09,blake,windows,local,0 9611,platforms/php/webapps/9611.txt,"phpNagios 1.2.0 - (menu.php) Local File Inclusion",2009-09-09,CoBRa_21,php,webapps,0 9612,platforms/asp/webapps/9612.txt,"ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure",2009-09-09,DokFLeed,asp,webapps,0 9613,platforms/windows/remote/9613.py,"FTPShell Client 4.1 RC2 - Remote Buffer Overflow Exploit (univ)",2009-09-09,His0k4,windows,remote,0 @@ -9082,7 +9082,7 @@ id,file,description,date,author,platform,type,port 9621,platforms/windows/dos/9621.txt,"Kolibri+ Webserver 2 - (Get Request) Denial of Service",2009-09-10,"Usman Saeed",windows,dos,0 9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 - (LIST command) Format String Denial of Service",2009-09-10,corelanc0d3r,windows,dos,0 9623,platforms/php/webapps/9623.txt,"Advanced Comment System 1.0 - Multiple Remote File Inclusion",2009-09-10,Kurd-Team,php,webapps,0 -9624,platforms/windows/local/9624.py,"KSP 2009R2 - (m3u) Universal Local Buffer Overflow Exploit (SEH)",2009-09-10,hack4love,windows,local,0 +9624,platforms/windows/local/9624.py,"KSP 2009R2 - '.m3u' Universal Local Buffer Overflow Exploit (SEH)",2009-09-10,hack4love,windows,local,0 9625,platforms/php/webapps/9625.txt,"nullam blog 0.1.2 - (LFI/fd/SQL/XSS) Multiple Vulnerabilities",2009-09-10,"Salvatore Fresta",php,webapps,0 9626,platforms/windows/dos/9626.py,"INMATRIX Zoom Player Pro 6.0.0 - (.MID) Integer Overflow PoC",2009-09-10,Dr_IDE,windows,dos,0 9627,platforms/linux/local/9627.txt,"Enlightenment - Linux Null PTR Dereference Exploit Framework",2009-09-10,spender,linux,local,0 @@ -9119,7 +9119,7 @@ id,file,description,date,author,platform,type,port 9658,platforms/hardware/remote/9658.txt,"Neufbox NB4-R1.5.10-MAIN - Persistent XSS",2009-09-14,"599eme Man",hardware,remote,0 9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b - .MOR File Stack Buffer Overflow PoC",2009-09-14,"fl0 fl0w",windows,local,0 9660,platforms/windows/remote/9660.pl,"Techlogica HTTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-09-14,"ThE g0bL!N",windows,remote,0 -9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - (.m3u) Local Buffer Overflow Exploit",2009-09-14,dmc,windows,local,0 +9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - '.m3u' Local Buffer Overflow Exploit",2009-09-14,dmc,windows,local,0 9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server 9.20 - Remote Buffer Overflow Exploit",2009-09-14,dmc,windows,remote,143 9663,platforms/windows/remote/9663.py,"Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow Exploit",2009-09-14,dmc,windows,remote,0 9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - Remote Denial of Service (Auth)",2009-09-14,PLATEN,windows,dos,0 @@ -9135,7 +9135,7 @@ id,file,description,date,author,platform,type,port 9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - (Auth Bypass) SQL Injection",2009-09-15,snakespc,php,webapps,0 9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - (details.asp PropId) Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0 9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 -9677,platforms/windows/dos/9677.c,"HERO SUPER PLAYER 3000 - (.m3u) Buffer Overflow PoC",2009-09-15,"fl0 fl0w",windows,dos,0 +9677,platforms/windows/dos/9677.c,"HERO SUPER PLAYER 3000 - '.m3u' Buffer Overflow PoC",2009-09-15,"fl0 fl0w",windows,dos,0 9680,platforms/windows/local/9680.txt,"Protector Plus Antivirus 8/9 - Local Privilege Escalation",2009-09-15,"Maxim A. Kulakov",windows,local,0 9681,platforms/php/webapps/9681.txt,"efront 3.5.4 - (database.php path) Remote File Inclusion",2009-09-15,"cr4wl3r ",php,webapps,0 9682,platforms/windows/dos/9682.txt,"Adobe ShockWave Player 11.5.1.601 - ActiveX Buffer Overflow PoC",2009-09-15,"Francis Provencher",windows,dos,0 @@ -9145,7 +9145,7 @@ id,file,description,date,author,platform,type,port 9686,platforms/windows/dos/9686.py,"VLC Media Player < 0.9.6 - (CUE) Local Buffer Overflow PoC",2009-09-15,Dr_IDE,windows,dos,0 9687,platforms/windows/local/9687.py,"SAP Player 0.9 - (.pla) Universal Local Buffer Overflow Exploit (SEH)",2009-09-15,mr_me,windows,local,0 9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (ping option) Command Injection (Auth)",2009-09-15,r00t,hardware,local,0 -9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - (.m3u) Local Crash PoC",2009-09-15,zAx,windows,dos,0 +9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - '.m3u' Local Crash PoC",2009-09-15,zAx,windows,dos,0 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote BoF Exploit (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - (.PLS) Local Crash Exploit",2009-09-15,prodigy,windows,dos,0 9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - (cat) Remote Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 @@ -9154,7 +9154,7 @@ id,file,description,date,author,platform,type,port 9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 - (.ZIP) Local Buffer Overflow PoC",2009-09-16,Dr_IDE,windows,dos,0 9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - (Auth Bypass) SQL Injection",2009-09-16,snakespc,php,webapps,0 9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 -9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss - (id) Blind SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 +9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss - 'id' Blind SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9699,platforms/php/webapps/9699.txt,"microcms 3.5 - (SQL/LFI) Multiple Vulnerabilities",2009-09-16,"learn3r hacker",php,webapps,0 9700,platforms/php/webapps/9700.rb,"Saphplesson 4.3 - Remote Blind SQL Injection",2009-09-16,"Jafer Al Zidjali",php,webapps,0 9701,platforms/windows/dos/9701.c,"Notepad++ 5.4.5 - Local .C/CPP Stack Buffer Overflow PoC (0Day)",2009-09-16,"fl0 fl0w",windows,dos,0 @@ -9167,9 +9167,9 @@ id,file,description,date,author,platform,type,port 9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - (pageHeader.php path) Remote File Inclusion",2009-09-17,"EA Ngel",php,webapps,0 9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 - Local Privilege Escalation",2009-09-17,Rick,linux,local,0 9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x - (itemid) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 -9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 +9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injections",2009-09-17,"learn3r hacker",php,webapps,0 9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - (Auth Bypass) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 -9713,platforms/php/webapps/9713.pl,"Joomla Component com_jreservation 1.5 - (pid) Blind SQL Injection",2009-09-17,"Chip d3 bi0s",php,webapps,0 +9713,platforms/php/webapps/9713.pl,"Joomla Component com_jreservation 1.5 - 'pid' Blind SQL Injection",2009-09-17,"Chip d3 bi0s",php,webapps,0 9714,platforms/multiple/webapps/9714.txt,"Mambo com_koesubmit 1.0.0 - Remote File Inclusion",2009-10-18,"Don Tukulesto",multiple,webapps,0 9715,platforms/multiple/webapps/9715.txt,"Zainu 1.0 - SQL Injection",2009-09-18,snakespc,multiple,webapps,0 9716,platforms/multiple/webapps/9716.txt,"Network Management/Inventory System - header.php Remote File Inclusion",2009-09-18,"EA Ngel",multiple,webapps,0 @@ -9200,7 +9200,7 @@ id,file,description,date,author,platform,type,port 9807,platforms/windows/local/9807.txt,"Adobe Photoshop Elements 8.0 - Active File Monitor Privilege Escalation",2009-09-29,pyrokinesis,windows,local,0 9809,platforms/asp/webapps/9809.txt,"HEAT Call Logging 8.01 - SQL Injection",2009-09-28,"0 0",asp,webapps,0 9810,platforms/windows/remote/9810.txt,"EnjoySAP 6.4 / 7.1 - File Overwrite",2009-09-28,sh2kerr,windows,remote,0 -9811,platforms/windows/dos/9811.py,"Core FTP Server 1.0 build 304 - DoS",2009-09-28,Dr_IDE,windows,dos,21 +9811,platforms/windows/dos/9811.py,"Core FTP Server 1.0 build 304 - Denial of Service",2009-09-28,Dr_IDE,windows,dos,21 9812,platforms/php/webapps/9812.txt,"Joomla IRCm Basic - SQL Injection",2009-09-28,kaMtiEz,php,webapps,0 9813,platforms/windows/remote/9813.txt,"Mereo Web Server 1.8 - Remote Source Code Disclosure",2009-09-25,Dr_IDE,windows,remote,80 9814,platforms/windows/remote/9814.py,"CDBurnerXP 4.2.4.1351 - Exploit",2009-09-25,Dr_IDE,windows,remote,0 @@ -9212,7 +9212,7 @@ id,file,description,date,author,platform,type,port 9820,platforms/php/webapps/9820.txt,"Regental Medien - Blind SQL Injection",2009-09-24,NoGe,php,webapps,0 9821,platforms/php/webapps/9821.txt,"FSphp 0.2.1 - Remote File Inclusion",2009-09-24,NoGe,php,webapps,0 9822,platforms/php/webapps/9822.txt,"Joomla Fastball component 1.1.0-1.2 - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 -9823,platforms/solaris/dos/9823.c,"Sun Solaris 10 RPC dmispd - DoS",2009-09-24,"Jeremy Brown",solaris,dos,0 +9823,platforms/solaris/dos/9823.c,"Sun Solaris 10 RPC dmispd - Denial of Service",2009-09-24,"Jeremy Brown",solaris,dos,0 9824,platforms/php/webapps/9824.txt,"Swiss Mango CMS - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 9825,platforms/php/webapps/9825.txt,"e107 0.7.16 - Referer header xss",2009-09-24,MustLive,php,webapps,0 9826,platforms/php/webapps/9826.txt,"MindSculpt CMS - SQL Injection",2009-09-24,kaMitEz,php,webapps,0 @@ -9237,32 +9237,32 @@ id,file,description,date,author,platform,type,port 9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 9849,platforms/php/webapps/9849.php,"PunBB Extension Attachment 1.0.2 - SQL Injection",2009-11-03,puret_t,php,webapps,0 9850,platforms/php/webapps/9850.txt,"Xerox Fiery Webtools - SQL Injection",2009-11-03,"Bernardo Trigo",php,webapps,0 -9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 - (.m3u) Buffer Overflow",2009-11-03,corelanc0d3r,windows,remote,0 +9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 - '.m3u' Buffer Overflow",2009-11-03,corelanc0d3r,windows,remote,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities - ActiveX Buffer Overflow (Metasploit)",2009-11-02,"Nikolas Sotiriu",windows,remote,0 9854,platforms/php/webapps/9854.txt,"tftgallery .13 - Directory Traversal Exploit",2009-11-02,blake,php,webapps,0 9855,platforms/php/webapps/9855.txt,"Geeklog 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 -9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 -9857,platforms/asp/webapps/9857.txt,"AfterLogic WebMail Pro 4.7.10 - XSS",2009-10-05,"Sébastien Duquette",asp,webapps,0 +9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 - Multiple Cross-site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 +9857,platforms/asp/webapps/9857.txt,"AfterLogic WebMail Pro 4.7.10 - Cross-site Scripting",2009-10-05,"Sébastien Duquette",asp,webapps,0 9858,platforms/hardware/remote/9858.txt,"Riorey RIOS 4.7.0 - Hardcoded Password",2009-10-08,"Marek Kroemeke",hardware,remote,8022 9859,platforms/freebsd/local/9859.c,"FreeBSD 6.4 - pipeclose()/knlist_cleardel() race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs - race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 9861,platforms/unix/webapps/9861.rb,"Nagios3 - statuswml.cgi Command Injection (Metasploit)",2009-10-30,"H D Moore",unix,webapps,0 9862,platforms/hardware/remote/9862.txt,"3Com OfficeConnect - Code Execution",2009-10-19,"Andrea Fabizi",hardware,remote,0 -9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 - XSS",2009-10-14,"Ryan Dewhurst",php,webapps,0 -9865,platforms/windows/local/9865.py,"Adobe Acrobat Reader 7-9 - U3D BoF",2009-10-27,"Felipe Andres Manzano",windows,local,0 -9866,platforms/windows/local/9866.txt,"Alleycode HTML Editor 2.2.1 - BoF",2009-10-29,Dr_IDE,windows,local,0 +9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 - Cross-site Scripting",2009-10-14,"Ryan Dewhurst",php,webapps,0 +9865,platforms/windows/local/9865.py,"Adobe Acrobat Reader 7<9 - U3D Buffer Overflow",2009-10-27,"Felipe Andres Manzano",windows,local,0 +9866,platforms/windows/local/9866.txt,"Alleycode HTML Editor 2.2.1 - Buffer Overflow",2009-10-29,Dr_IDE,windows,local,0 9867,platforms/php/webapps/9867.txt,"Amiro.CMS 5.4.0.0 - folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 9871,platforms/windows/dos/9871.txt,"Boloto Media Player 1.0.0.9 - pls file DoS",2009-10-27,Dr_IDE,windows,dos,0 9872,platforms/multiple/webapps/9872.txt,"boxalino 09.05.25-0421 - Directory Traversal",2009-10-20,"Axel Neumann",multiple,webapps,0 9873,platforms/windows/webapps/9873.txt,"Cherokee 0.5.4 - Directory Traversal",2009-10-28,Dr_IDE,windows,webapps,0 -9874,platforms/windows/dos/9874.txt,"Cherokee Web server 0.5.4 - DoS",2009-10-26,"Usman Saeed",windows,dos,0 +9874,platforms/windows/dos/9874.txt,"Cherokee Web server 0.5.4 - Denial of Service",2009-10-26,"Usman Saeed",windows,dos,0 9875,platforms/php/webapps/9875.txt,"CubeCart 4 - Session Management Bypass",2009-10-30,"Bogdan Calin",php,webapps,0 9876,platforms/php/webapps/9876.txt,"DedeCMS 5.1 - SQL Injection",2009-10-14,"Securitylab Security Research",php,webapps,0 9877,platforms/asp/webapps/9877.txt,"DWebPro - command injection",2009-10-17,"Rafael Sousa",asp,webapps,0 -9879,platforms/windows/dos/9879.txt,"EMC RepliStor Server 6.3.1.3 - DoS",2009-10-20,"bellick ",windows,dos,7144 +9879,platforms/windows/dos/9879.txt,"EMC RepliStor Server 6.3.1.3 - Denial of Service",2009-10-20,"bellick ",windows,dos,7144 9880,platforms/php/webapps/9880.txt,"Endonesia CMS 8.4 - Local File Inclusion",2009-11-04,s4r4d0,php,webapps,0 -9881,platforms/windows/dos/9881.txt,"Eureka Mail Client 2.2q - PoC BoF",2009-10-23,"Francis Provencher",windows,dos,110 +9881,platforms/windows/dos/9881.txt,"Eureka Mail Client 2.2q - PoC Buffer Overflow",2009-10-23,"Francis Provencher",windows,dos,110 9882,platforms/windows/local/9882.txt,"Firefox 3.5.3 - Local Download Manager Temp File Creation",2009-10-28,"Jeremy Brown",windows,local,0 9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 - Malformed certificate PoC",2009-10-21,Dr_IDE,windows,local,0 9885,platforms/windows/webapps/9885.txt,"httpdx 1.4.6b - source disclosure",2009-10-21,Dr_IDE,windows,webapps,0 @@ -9274,14 +9274,14 @@ id,file,description,date,author,platform,type,port 9891,platforms/php/webapps/9891.txt,"Joomla Jshop - SQL Injection",2009-10-23,"Don Tukulesto",php,webapps,0 9892,platforms/php/webapps/9892.txt,"Joomla Photo Blog alpha 3 - alpha 3a SQL Injection",2009-10-23,kaMtiEz,php,webapps,0 9893,platforms/windows/remote/9893.txt,"Microsoft Internet Explorer 5/6/7 - Memory Corruption PoC",2009-10-15,Skylined,windows,remote,80 -9894,platforms/windows/local/9894.txt,"Millenium MP3 Studio 2.0 - (m3u) BoF",2009-10-15,dellnull,windows,local,0 -9895,platforms/windows/local/9895.txt,"Millenium MP3 Studio 2.0 - (mpf) BoF",2009-10-14,dellnull,windows,local,0 +9894,platforms/windows/local/9894.txt,"Millenium MP3 Studio 2.0 - '.m3u' Buffer Overflow",2009-10-15,dellnull,windows,local,0 +9895,platforms/windows/local/9895.txt,"Millenium MP3 Studio 2.0 - (mpf) Buffer Overflow",2009-10-14,dellnull,windows,local,0 9896,platforms/windows/remote/9896.txt,"MiniShare HTTP 1.5.5 - Remote Buffer Overflow Exploit",2009-10-19,iM4n,windows,remote,80 9897,platforms/php/webapps/9897.txt,"Mongoose Web Server 2.8.0 - Source Disclosure",2009-10-23,Dr_IDE,php,webapps,0 9898,platforms/multiple/webapps/9898.txt,"Mura CMS 5.1 - Root folder disclosure",2009-10-29,"Vladimir Vorontsov",multiple,webapps,0 9900,platforms/windows/remote/9900.txt,"NaviCOPA 3.0.1.2 - Source Disclosure",2009-10-14,Dr_IDE,windows,remote,0 9901,platforms/linux/dos/9901.txt,"nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - PoC",2009-10-23,"Zeus Penguin",linux,dos,80 -9902,platforms/windows/remote/9902.txt,"Novell eDirectory 8.8sp5 - BoF",2009-10-26,"karak0rsan, murderkey",windows,remote,80 +9902,platforms/windows/remote/9902.txt,"Novell eDirectory 8.8sp5 - Buffer Overflow",2009-10-26,"karak0rsan, murderkey",windows,remote,80 9903,platforms/php/webapps/9903.txt,"OpenDocMan 1.2.5 - XSS / SQL injection",2009-10-20,"Amol Naik",php,webapps,0 9904,platforms/asp/webapps/9904.txt,"PSArt 1.2 - SQL Injection",2009-10-30,"Securitylab Research",asp,webapps,0 9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 <= 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow",2009-10-30,"Dennis Yurichev",windows,remote,1521 @@ -9332,8 +9332,8 @@ id,file,description,date,author,platform,type,port 9953,platforms/linux/remote/9953.rb,"MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow (Metasploit)",2008-01-04,MC,linux,remote,3306 9954,platforms/linux/remote/9954.rb,"Borland InterBase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 9955,platforms/hardware/local/9955.txt,"Overland Guardian OS 5.1.041 - Privilege Escalation",2009-10-20,trompele,hardware,local,0 -9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 - DoS",2009-10-14,"Townsend Harris",hardware,dos,0 -9957,platforms/windows/remote/9957.txt,"Pegasus Mail Client 4.51 - PoC BoF",2009-10-23,"Francis Provencher",windows,remote,0 +9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 - Denial of Service",2009-10-14,"Townsend Harris",hardware,dos,0 +9957,platforms/windows/remote/9957.txt,"Pegasus Mail Client 4.51 - PoC Buffer Overflow",2009-10-23,"Francis Provencher",windows,remote,0 9958,platforms/jsp/webapps/9958.txt,"Pentaho 1.7.0.1062 - XSS / information disclosure",2009-10-15,antisnatchor,jsp,webapps,0 9961,platforms/php/webapps/9961.txt,"phpCMS 2008 - file disclosure",2009-10-19,"Securitylab Security Research",php,webapps,0 16007,platforms/php/webapps/16007.txt,"AneCMS 1.3 - Persistant XSS",2011-01-17,Penguin,php,webapps,0 @@ -9351,12 +9351,12 @@ id,file,description,date,author,platform,type,port 9973,platforms/multiple/local/9973.sh,"Sun VirtualBox 3.0.6 - Privilege Escalation",2009-10-17,prdelka,multiple,local,0 9974,platforms/windows/local/9974.pl,"AIMP2 Audio Converter - Playlist (SEH)",2009-11-16,corelanc0d3r,windows,local,0 9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - XSS / CSR",2009-11-16,"Alexey Sintsov",hardware,webapps,80 -9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server 4.4.17 / 5.0.65 - XSS",2009-10-23,"Davide Canali",php,webapps,0 +9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server 4.4.17 / 5.0.65 - Cross-site Scripting",2009-10-23,"Davide Canali",php,webapps,0 9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 - file disclosure",2009-10-22,"Janek Vind",php,webapps,0 -9980,platforms/hardware/dos/9980.txt,"Websense Email Security - DoS",2009-10-20,"Nikolas Sotiriu",hardware,dos,0 -9981,platforms/hardware/webapps/9981.txt,"Websense Email Security - XSS",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 +9980,platforms/hardware/dos/9980.txt,"Websense Email Security - Denial of Service",2009-10-20,"Nikolas Sotiriu",hardware,dos,0 +9981,platforms/hardware/webapps/9981.txt,"Websense Email Security - Cross-site Scripting",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 9983,platforms/windows/local/9983.pl,"Xion Audio Player 1.0 121 - .m3u file Buffer Overflow",2009-10-16,"Dragon Rider",windows,local,0 -9984,platforms/windows/local/9984.py,"xp-AntiSpy 3.9.7-4 - .xpas file BoF",2009-10-26,Dr_IDE,windows,local,0 +9984,platforms/windows/local/9984.py,"xp-AntiSpy 3.9.7-4 - .xpas file Buffer Overflow",2009-10-26,Dr_IDE,windows,local,0 9985,platforms/multiple/local/9985.txt,"Xpdf 3.01 - heap Overflow / null pointer dereference",2009-10-17,"Adam Zabrocki",multiple,local,0 14273,platforms/linux/local/14273.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)",2010-07-08,"Kristian Erik Hermansen",linux,local,0 9987,platforms/multiple/dos/9987.txt,"ZoIPer 2.22 - Call-Info Remote Denial Of Service",2009-10-14,"Tomer Bitton",multiple,dos,5060 @@ -9364,24 +9364,24 @@ id,file,description,date,author,platform,type,port 9990,platforms/multiple/local/9990.txt,"Adobe Reader and Acrobat - .U3D File Invalid Array Index Remote",2009-11-09,"Felipe Andres Manzano",multiple,local,0 9991,platforms/windows/local/9991.txt,"AlleyCode 2.21 - SEH Overflow PoC",2009-10-05,"Rafael Sousa",windows,local,0 9992,platforms/windows/remote/9992.txt,"AOL 9.1 SuperBuddy - ActiveX Control Remote code execution",2009-10-01,Trotzkista,windows,remote,0 -9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 +9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 9994,platforms/multiple/remote/9994.txt,"Apache Tomcat - Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 9995,platforms/multiple/remote/9995.txt,"Apache Tomcat - Form Authentication Username Enumeration Weakness",2009-11-09,"D. Matscheko",multiple,remote,0 -9996,platforms/php/webapps/9996.txt,"Article Directory - Index.php Remote File Inclusion",2009-11-12,mozi,php,webapps,0 +9996,platforms/php/webapps/9996.txt,"Article Directory - 'index.php' Remote File Inclusion",2009-11-12,mozi,php,webapps,0 9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - (.blend) Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21 9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 - Pre-Auth DoS",2009-09-30,"Francis Provencher",windows,dos,21 10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway 6.0 - Internal IP disclosure",2009-09-25,nitr0us,hardware,remote,0 -10001,platforms/multiple/remote/10001.txt,"CUPS - 'kerberos' Parameter Cross-Site Scripting",2009-11-11,"Aaron Sigel",multiple,remote,80 +10001,platforms/multiple/remote/10001.txt,"CUPS - 'kerberos' Parameter Cross-site Scripting",2009-11-11,"Aaron Sigel",multiple,remote,80 10002,platforms/php/webapps/10002.txt,"CuteNews and UTF-8 CuteNews - Multiple Security Vulnerabilities",2009-11-10,"Andrew Horton",php,webapps,0 -10003,platforms/php/webapps/10003.txt,"Docebo 3.6.0.3 - Multiple SQL Injection",2009-10-09,"Andrea Fabrizi",php,webapps,0 +10003,platforms/php/webapps/10003.txt,"Docebo 3.6.0.3 - Multiple SQL Injections",2009-10-09,"Andrea Fabrizi",php,webapps,0 10004,platforms/multiple/dos/10004.txt,"Dopewars 1.5.12 Server - Denial of Service",2009-10-06,"Doug Prostko",multiple,dos,7902 10005,platforms/windows/dos/10005.py,"Windows 7 / Server 2008R2 - Remote Kernel Crash",2009-11-11,"laurent gaffie",windows,dos,445 10006,platforms/php/webapps/10006.txt,"DreamPoll 3.1 - Exploit",2009-10-08,"Mark from infosecstuff",php,webapps,0 10007,platforms/windows/remote/10007.html,"EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow",2009-11-12,"Will Dormann",windows,remote,0 10009,platforms/windows/local/10009.txt,"Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)",2009-11-11,"Carsten Eiram",windows,local,0 10010,platforms/windows/local/10010.txt,"Free WMA MP3 Converter 1.1 - (.wav) Local Buffer Overflow",2009-10-09,KriPpLer,windows,local,0 -10011,platforms/hardware/remote/10011.txt,"HP LaserJet printers - Multiple Stored XSS Vulnerabilities",2009-10-07,"Digital Security Research Group",hardware,remote,80 +10011,platforms/hardware/remote/10011.txt,"HP LaserJet printers - Multiple Persistent Cross-site Scripting Vulnerabilities",2009-10-07,"Digital Security Research Group",hardware,remote,80 10012,platforms/multiple/webapps/10012.py,"html2ps - 'include file' Server Side Include Directive Directory Traversal",2009-09-25,epiphant,multiple,webapps,0 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 < 4.2-beta1 - Multiple XSS",2009-10-02,CoreLabs,jsp,webapps,0 10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component 1.5 - 'pid' Parameter SQL Injection",2009-11-10,"Chip d3 bi0s",php,webapps,0 @@ -9420,13 +9420,13 @@ id,file,description,date,author,platform,type,port 10052,platforms/php/webapps/10052.txt,"The BMW - inventory.php SQL Injection",2009-10-08,Dazz,php,webapps,0 10053,platforms/windows/remote/10053.txt,"httpdx 1.4 - Get Request Buffer Overflow",2009-10-08,"Pankaj Kohli",windows,remote,80 10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 -10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - XSS",2009-07-04,sh2kerr,hardware,remote,80 +10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - Cross-site Scripting",2009-07-04,sh2kerr,hardware,remote,80 10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 10057,platforms/php/webapps/10057.txt,"Aiocp 1.4.001 - File Inclusion",2009-10-07,"Hadi Kiamarsi",php,webapps,0 10058,platforms/php/webapps/10058.pl,"Joomla Recerca component - SQL Injection",2009-10-07,"Don Tukulesto",php,webapps,0 10059,platforms/jsp/webapps/10059.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Information Disclosure",2009-11-12,"Daniel King",jsp,webapps,0 10060,platforms/linux/local/10060.sh,"Geany .18 - Local File Overwrite",2009-10-06,"Jeremy Brown",linux,local,0 -10061,platforms/jsp/webapps/10061.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-11-12,"Daniel King",jsp,webapps,0 +10061,platforms/jsp/webapps/10061.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross-site Scripting Vulnerabilities",2009-11-12,"Daniel King",jsp,webapps,0 10062,platforms/windows/dos/10062.py,"Novell eDirectory 883ftf3 - nldap module Denial of Service",2009-11-16,ryujin,windows,dos,389 10064,platforms/php/webapps/10064.txt,"Joomla CB Resume Builder - SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 10067,platforms/php/webapps/10067.txt,"Joomla Soundset 1.0 - SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 @@ -9435,9 +9435,9 @@ id,file,description,date,author,platform,type,port 10070,platforms/windows/remote/10070.php,"IBM Informix Client SDK 3.0 - nfx file integer Overflow Exploit",2009-10-05,bruiser,windows,remote,0 10071,platforms/multiple/remote/10071.txt,"Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass",2009-11-10,"Dan Kaminsky",multiple,remote,0 10072,platforms/multiple/local/10072.c,"Multiple Vendor - TLS Protocol Session Renegotiation Security",2009-11-12,"Marsh Ray",multiple,local,0 -10073,platforms/windows/dos/10073.py,"XM Easy Personal FTP 5.8 - DoS",2009-10-02,PLATEN,windows,dos,21 -10074,platforms/novell/webapps/10074.txt,"Novell eDirectory 8.8 SP5 - 'dconserv.dlm' Cross-Site Scripting",2009-10-01,"Francis Provencher",novell,webapps,8030 -10075,platforms/novell/webapps/10075.txt,"Novell Edirectory 8.8 SP5 - XSS",2009-09-23,"Francis Provencher",novell,webapps,8030 +10073,platforms/windows/dos/10073.py,"XM Easy Personal FTP 5.8 - Denial of Service",2009-10-02,PLATEN,windows,dos,21 +10074,platforms/novell/webapps/10074.txt,"Novell eDirectory 8.8 SP5 - 'dconserv.dlm' Cross-site Scripting",2009-10-01,"Francis Provencher",novell,webapps,8030 +10075,platforms/novell/webapps/10075.txt,"Novell Edirectory 8.8 SP5 - Cross-site Scripting",2009-09-23,"Francis Provencher",novell,webapps,8030 10076,platforms/osx/local/10076.c,"VMware Fusion 2.0.5 - vmx86 kext Kernel Local Root Exploit",2009-10-02,mu-b,osx,local,0 10077,platforms/multiple/dos/10077.txt,"OpenLDAP 2.3.39 - MODRDN Remote Denial of Service",2009-11-09,"Ralf Haferkamp",multiple,dos,389 10078,platforms/osx/local/10078.c,"VMware Fusion 2.0.5 - vmx86 kext Local PoC",2009-10-02,mu-b,osx,local,0 @@ -9456,11 +9456,11 @@ id,file,description,date,author,platform,type,port 10086,platforms/multiple/remote/10086.txt,"WebKit - 'Document()' Function Remote Information Disclosure",2009-11-12,"Chris Evans",multiple,remote,0 10088,platforms/php/webapps/10088.txt,"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0 10089,platforms/php/webapps/10089.txt,"WordPress 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 -10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 +10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote DoS",2009-10-06,"Francis Provencher",windows,dos,515 10092,platforms/windows/dos/10092.txt,"Yahoo! Messenger 9.0.0.2162 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 10093,platforms/multiple/remote/10093.txt,"Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution",2009-11-04,"Francis Provencher",multiple,remote,0 -10094,platforms/jsp/webapps/10094.txt,"IBM Rational RequisitePro 7.10 / ReqWebHelp - Multiple Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 +10094,platforms/jsp/webapps/10094.txt,"IBM Rational RequisitePro 7.10 / ReqWebHelp - Multiple Cross-site Scripting",2009-10-15,IBM,jsp,webapps,0 10095,platforms/multiple/remote/10095.txt,"Samba 3.0.10 < 3.3.5 - Format String And Security Bypass",2009-11-13,"Jeremy Allison",multiple,remote,0 10096,platforms/php/webapps/10096.txt,"OS Commerce 2.2r2 - authentication bypass",2009-11-13,"Stuart Udall",php,webapps,0 10097,platforms/php/remote/10097.php,"PHP 5.2.11/5.3.0 - Multiple Vulnerabilities",2009-11-13,"Maksymilian Arciemowicz",php,remote,0 @@ -9522,9 +9522,9 @@ id,file,description,date,author,platform,type,port 10221,platforms/windows/dos/10221.txt,"XM Easy Personal FTP Server 5.8.0 - Remote DoS",2009-11-24,leinakesi,windows,dos,21 10222,platforms/php/webapps/10222.txt,"W3infotech - (Auth Bypass) SQL Injection",2009-11-24,ViRuS_HiMa,php,webapps,0 10223,platforms/windows/dos/10223.txt,"TYPSoft 1.10 - APPE DELE DoS",2009-11-24,leinakesi,windows,dos,21 -10224,platforms/php/webapps/10224.txt,"Quick.Cart 3.4 and Quick.CMS 2.4 - CSRF",2009-11-24,"Alice Kaerast",php,webapps,0 +10224,platforms/php/webapps/10224.txt,"Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL injection",2006-05-26,KOUSULIN,windows,webapps,1000 -10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist - (.m3u) BOF",2009-11-25,Rick2600,windows,local,0 +10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist - '.m3u' Buffer Overflow",2009-11-25,Rick2600,windows,local,0 10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection",2009-11-25,S@BUN,php,webapps,0 10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus 1.20 Plugin - Exploit",2009-11-25,MustLive,php,webapps,0 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow",2009-11-24,"Chris Evans",multiple,dos,0 @@ -9542,7 +9542,7 @@ id,file,description,date,author,platform,type,port 10242,platforms/php/dos/10242.txt,"PHP < 5.3.1 - 'multipart/form-data' Denial of Service (Python)",2009-11-27,Eren,php,dos,0 10243,platforms/php/dos/10243.txt,"PHP - MultiPart Form-Data Denial of Service PoC",2009-11-22,"Bogdan Calin",php,dos,0 10244,platforms/windows/local/10244.txt,"MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows",2009-11-28,"Christophe Devine",windows,local,0 -10245,platforms/php/webapps/10245.txt,"phpBazar 2.1.1fix - (cid) SQL Injection",2009-11-28,MizoZ,php,webapps,0 +10245,platforms/php/webapps/10245.txt,"phpBazar 2.1.1fix - 'cid' SQL Injection",2009-11-28,MizoZ,php,webapps,0 10246,platforms/php/webapps/10246.txt,"SweetRice 0.5.3 - Remote File Inclusion",2009-11-29,"cr4wl3r ",php,webapps,0 10247,platforms/hardware/webapps/10247.txt,"Micronet SP1910 Data Access Controller UI - XSS / HTML Code Injection",2009-11-27,K053,hardware,webapps,0 10248,platforms/php/webapps/10248.txt,"sugar crm 5.5.0.rc2 / 5.2.0j - Multiple Vulnerabilities",2009-11-29,waraxe,php,webapps,0 @@ -9572,7 +9572,7 @@ id,file,description,date,author,platform,type,port 10275,platforms/php/webapps/10275.txt,"Kide Shoutbox 0.4.6 - XSS / AXFR",2009-12-02,andresg888,php,webapps,0 10276,platforms/hardware/webapps/10276.txt,"Huawei MT882 Modem/Router - Multiple Vulnerabilities",2009-12-03,DecodeX01,hardware,webapps,0 10277,platforms/php/webapps/10277.txt,"Thatware 0.5.3 - Multiple Remote File Inclusion Exploit",2009-12-03,"cr4wl3r ",php,webapps,0 -10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter 2.53 build 330 - Playlist (.pls) Unicode BOF",2009-11-21,mr_me,windows,local,0 +10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter 2.53 build 330 - Playlist (.pls) Unicode Buffer Overflow",2009-11-21,mr_me,windows,local,0 10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow Exploit",2009-12-03,pyrokinesis,windows,local,0 10282,platforms/linux/remote/10282.py,"OrzHTTPd - Format String Exploit",2009-12-03,"Patroklos Argyroudis",linux,remote,80 10284,platforms/php/webapps/10284.txt,"ita-forum 5.1.32 - SQL Injection",2009-11-30,BAYBORA,php,webapps,0 @@ -9582,8 +9582,8 @@ id,file,description,date,author,platform,type,port 10288,platforms/php/webapps/10288.txt,"SAPID SHOP 1.3 - Remote File Inclusion",2009-12-03,"cr4wl3r ",php,webapps,0 10289,platforms/php/webapps/10289.txt,"Power BB 1.8.3 - Remote File Inclusions",2009-11-25,DigitALL,php,webapps,0 10290,platforms/php/webapps/10290.txt,"Theeta CMS - Multiple Vulnerabilities",2009-12-03,c0dy,php,webapps,0 -10291,platforms/php/webapps/10291.txt,"Joomla! ProofReader Component 1.0 RC6 - Cross-Site Scripting",2009-12-01,MustLive,php,webapps,0 -10292,platforms/multiple/webapps/10292.txt,"Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting",2009-12-01,MustLive,multiple,webapps,0 +10291,platforms/php/webapps/10291.txt,"Joomla! ProofReader Component 1.0 RC6 - Cross-site Scripting",2009-12-01,MustLive,php,webapps,0 +10292,platforms/multiple/webapps/10292.txt,"Apache Tomcat 3.2.1 - 404 Error Page Cross-site Scripting",2009-12-01,MustLive,multiple,webapps,0 10293,platforms/php/webapps/10293.txt,"PHP-Nuke 8.0 - XSS / HTML Code Injection in News Module",2009-11-27,K053,php,webapps,0 10294,platforms/php/webapps/10294.txt,"OSI Codes PHP Live! Support 3.1 - Remote File Inclusion",2009-11-24,"Don Tukulesto",php,webapps,0 10295,platforms/windows/local/10295.txt,"DAZ Studio - Arbitrary Command Execution",2009-12-03,"Core Security",windows,local,0 @@ -9596,13 +9596,13 @@ id,file,description,date,author,platform,type,port 10304,platforms/php/webapps/10304.txt,"Invision Power Board 3.0.4 / 3.0.4 / 2.3.6 - LFI / SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0 10305,platforms/php/webapps/10305.txt,"UBB.threads 7.5.4 2 - Multiple File Inclusion",2009-12-04,R3VAN_BASTARD,php,webapps,0 10306,platforms/php/webapps/10306.txt,"Achievo 1.4.2 - Arbitrary File Upload",2009-12-04,"Nahuel Grisolia",php,webapps,0 -10307,platforms/php/webapps/10307.txt,"Achievo 1.4.2 - Permanent Cross-Site Scripting",2009-12-04,"Nahuel Grisolia",php,webapps,0 +10307,platforms/php/webapps/10307.txt,"Achievo 1.4.2 - Permanent Cross-site Scripting",2009-12-04,"Nahuel Grisolia",php,webapps,0 10312,platforms/php/webapps/10312.php,"Joomla 1.5.x - com_joomgallery&func Incorrect Flood Filter",2009-12-04,Jbyte,php,webapps,0 10313,platforms/linux/local/10313.c,"libmodplug - 's3m' Remote Buffer Overflow",2008-02-25,dummy,linux,local,0 10314,platforms/php/webapps/10314.txt,"BM Classifieds Ads - SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10318,platforms/php/webapps/10318.txt,"Joomla yt_color YOOOtheme - XSS / Cookie Stealing",2009-12-04,andresg888,php,webapps,80 10319,platforms/windows/local/10319.py,"IDEAL Administration 2009 9.7 - Local Buffer Overflow Exploit",2009-12-05,Dr_IDE,windows,local,0 -10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - (.m3u) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 +10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - '.m3u' Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - (.gro) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow Exploit (Universal)",2009-12-05,Dz_attacker,windows,local,0 @@ -9634,8 +9634,8 @@ id,file,description,date,author,platform,type,port 10353,platforms/windows/local/10353.pl,"Audio Workstation - (.pls) Local Buffer Overflow Exploit (SEH)",2009-09-24,germaya_x,windows,local,0 10354,platforms/php/webapps/10354.txt,"Viscacha 0.8 Gold - Persistant XSS",2009-12-08,mr_me,php,webapps,0 10356,platforms/php/webapps/10356.txt,"Joomla Component com_job - (showMoreUse) SQL Injection",2009-12-08,Palyo34,php,webapps,0 -10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - (id) SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 -10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - (id) SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 +10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 +10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - (.pls) Universal Local BoF Exploit",2009-12-09,mr_me,windows,local,0 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - (Auth Bypass) SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download",2009-12-09,"AnTi SeCuRe",hardware,remote,0 @@ -9643,7 +9643,7 @@ id,file,description,date,author,platform,type,port 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0 10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow Exploit (Metasploit)",2009-12-09,dookie,windows,remote,0 10366,platforms/php/webapps/10366.txt,"Joomla Component com_jsjobs 1.0.5.6 - SQL Injection",2009-12-10,kaMtiEz,php,webapps,0 -10367,platforms/php/webapps/10367.txt,"Joomla Component com_jphoto SQL Injection - (id)",2009-12-10,kaMtiEz,php,webapps,0 +10367,platforms/php/webapps/10367.txt,"Joomla Component com_jphoto - 'id' SQL Injection",2009-12-10,kaMtiEz,php,webapps,0 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload - Shell Upload",2009-12-10,Mr.aFiR,asp,webapps,0 10369,platforms/php/webapps/10369.txt,"Joomla! Mamboleto Component 2.0 RC3 - Remote File Inclusion",2009-12-10,"Don Tukulesto",php,webapps,0 10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Remote Auth Bypass SQL Injection",2009-12-10,mr_me,php,webapps,0 @@ -9657,12 +9657,12 @@ id,file,description,date,author,platform,type,port 10378,platforms/php/webapps/10378.txt,"Nuggetz CMS 1.0 - Remote Code Execution",2009-12-10,"Amol Naik",php,webapps,0 10379,platforms/php/webapps/10379.txt,"oBlog - Persistant XSS / CSRF / Admin Bruteforce",2009-12-11,"Milos Zivanovic ",php,webapps,0 10380,platforms/windows/remote/10380.pl,"Sunbird 0.9 - Array Overrun Code Execution (0Day)",2009-12-11,"Maksymilian Arciemowicz and sp3x",windows,remote,0 -10383,platforms/php/webapps/10383.txt,"Digital Scribe 1.4.1 - Multiple SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 +10383,platforms/php/webapps/10383.txt,"Digital Scribe 1.4.1 - Multiple SQL Injections",2009-12-11,"Salvatore Fresta",php,webapps,0 10384,platforms/php/webapps/10384.txt,"E-Store - SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 10386,platforms/solaris/webapps/10386.txt,"Sun Solaris AnswerBook2 - Multiple XSS",2005-05-07,"Thomas Liam Romanis",solaris,webapps,0 -10388,platforms/php/webapps/10388.txt,"Chipmunk Newsletter - CSRF",2009-12-11,"Milos Zivanovic ",php,webapps,0 +10388,platforms/php/webapps/10388.txt,"Chipmunk Newsletter - Cross-site Request Forgery",2009-12-11,"Milos Zivanovic ",php,webapps,0 10389,platforms/php/webapps/10389.txt,"Illogator Shop - SQL Injection Bypass",2009-12-11,bi0,php,webapps,0 -10390,platforms/php/webapps/10390.txt,"phpCollegeExchange 0.1.5c - Multiple SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 +10390,platforms/php/webapps/10390.txt,"phpCollegeExchange 0.1.5c - Multiple SQL Injections",2009-12-11,"Salvatore Fresta",php,webapps,0 10391,platforms/php/webapps/10391.txt,"XAMPP 1.7.2 - Change Administrative Password",2009-12-11,bi0,php,webapps,0 10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 - (.pls) Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0 10393,platforms/php/webapps/10393.txt,"B2C Booking Centre Systems - SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 @@ -9675,20 +9675,20 @@ id,file,description,date,author,platform,type,port 10401,platforms/php/webapps/10401.txt,"iDesk - (download.php cat_id) SQL Injection",2009-12-13,Manas58,php,webapps,0 10403,platforms/php/webapps/10403.txt,"Uploadscript 1.0 - Multiple Vulnerabilities",2009-12-13,Mr.aFiR,php,webapps,0 10404,platforms/php/webapps/10404.txt,"Interspire Shopping Cart - Full Path Disclosure",2009-12-13,Mr.aFiR,php,webapps,0 -10406,platforms/php/webapps/10406.txt,"AccStatistics 1.1 - CSRF (Change Admin Settings)",2009-12-13,"Milos Zivanovic ",php,webapps,0 +10406,platforms/php/webapps/10406.txt,"AccStatistics 1.1 - Cross-site Request Forgery (Change Admin Settings)",2009-12-13,"Milos Zivanovic ",php,webapps,0 10407,platforms/php/webapps/10407.txt,"Joomla Component com_virtuemart 1.0 - SQL Injection (product_id)",2009-12-13,"SOA Crew",php,webapps,0 10408,platforms/php/webapps/10408.txt,"SpireCMS 2.0 - SQL Injection",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10410,platforms/php/webapps/10410.txt,"phpldapadmin - Local File Inclusion",2009-12-10,ipsecs,php,webapps,0 -10412,platforms/php/webapps/10412.txt,"Acc PHP eMail 1.1 - CSRF",2009-12-13,bi0,php,webapps,0 -10414,platforms/php/webapps/10414.txt,"Frog CMS 0.9.5 - CSRF",2009-12-13,"Milos Zivanovic ",php,webapps,0 +10412,platforms/php/webapps/10412.txt,"Acc PHP eMail 1.1 - Cross-site Request Forgery",2009-12-13,bi0,php,webapps,0 +10414,platforms/php/webapps/10414.txt,"Frog CMS 0.9.5 - Cross-site Request Forgery",2009-12-13,"Milos Zivanovic ",php,webapps,0 10417,platforms/php/webapps/10417.txt,"Piwigo 2.0.6 - Multiple Vulnerabilities",2009-12-13,mr_me,php,webapps,0 10418,platforms/php/webapps/10418.txt,"Ele Medios CMS - SQL Injection",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10419,platforms/php/webapps/10419.txt,"Chipmunk Board Script 1.x - Multiple CSRF Vulnerabilities",2009-12-13,"Milos Zivanovic ",php,webapps,0 10420,platforms/php/webapps/10420.txt,"Ez Guestbook 1.0 - Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 10421,platforms/php/webapps/10421.txt,"Automne.ws CMS 4.0.0rc2 - Multiple RFI",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10422,platforms/php/webapps/10422.txt,"eoCMS 0.9.03 - Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 -10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1 - (.M3U) Stack Overflow Exploit",2009-12-14,"Vinod Sharma",windows,local,0 -10424,platforms/multiple/webapps/10424.txt,"Redmine 0.8.6 - CSRF Add Admin User Exploit",2009-12-14,p0deje,multiple,webapps,0 +10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1 - '.m3u' Stack Overflow Exploit",2009-12-14,"Vinod Sharma",windows,local,0 +10424,platforms/multiple/webapps/10424.txt,"Redmine 0.8.6 - CSRF (Add Admin User) Exploit",2009-12-14,p0deje,multiple,webapps,0 10425,platforms/asp/webapps/10425.txt,"Quartz Concept Content Manager 3.00 - Auth Bypass",2009-12-14,Mr.aFiR,asp,webapps,0 10426,platforms/linux/webapps/10426.txt,"[WS] upload - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 10427,platforms/linux/webapps/10427.txt,"DigitalHive - Multiple Vulnerabilities",2009-12-14,"ViRuSMaN ",linux,webapps,80 @@ -9697,16 +9697,16 @@ id,file,description,date,author,platform,type,port 10430,platforms/linux/webapps/10430.txt,"NAS Uploader 1.0 / 1.5 - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 10431,platforms/multiple/webapps/10431.txt,"Zabbix Agent < 1.6.7 - Remote Bypass",2009-12-14,Nicob,multiple,webapps,80 10432,platforms/multiple/webapps/10432.txt,"zabbix server - Multiple Vulnerabilities",2009-12-14,Nicob,multiple,webapps,80 -10433,platforms/linux/webapps/10433.txt,"Mail Manager Pro - CSRF (Change Admin Password)",2009-12-14,"Milos Zivanovic ",linux,webapps,80 +10433,platforms/linux/webapps/10433.txt,"Mail Manager Pro - Cross-site Request Forgery (Change Admin Password)",2009-12-14,"Milos Zivanovic ",linux,webapps,80 10434,platforms/windows/remote/10434.py,"Savant Web Server 3.1 - Remote Buffer Overflow Exploit (3)",2009-12-14,DouBle_Zer0,windows,remote,80 10436,platforms/php/webapps/10436.txt,"Link Up Gold CSRF - Create Administrator Account",2009-12-14,bi0,php,webapps,0 10437,platforms/php/webapps/10437.txt,"Smart PHP Subscriber - Multiple Disclosure Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 -10438,platforms/php/webapps/10438.txt,"AdManagerPro - CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 +10438,platforms/php/webapps/10438.txt,"AdManagerPro - CSRF (Create Administrator Account)",2009-12-14,bi0,php,webapps,0 10439,platforms/php/webapps/10439.txt,"Ez Poll Hoster - Multiple XSS / CSRF Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 -10440,platforms/php/webapps/10440.txt,"Easy Banner Pro - CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 -10442,platforms/php/webapps/10442.txt,"Text Exchange Pro - CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 +10440,platforms/php/webapps/10440.txt,"Easy Banner Pro - CSRF (Create Administrator Account)",2009-12-14,bi0,php,webapps,0 +10442,platforms/php/webapps/10442.txt,"Text Exchange Pro - CSRF (Create Administrator Account)",2009-12-14,bi0,php,webapps,0 10444,platforms/php/webapps/10444.txt,"mini Hosting Panel - CSRF Change Admin Settings",2009-12-14,"Milos Zivanovic ",php,webapps,0 -10445,platforms/php/webapps/10445.txt,"Tender System 0.9.5b - LFI",2009-12-14,Packetdeath,php,webapps,0 +10445,platforms/php/webapps/10445.txt,"Tender System 0.9.5b - Local File Inclusion",2009-12-14,Packetdeath,php,webapps,0 10446,platforms/php/webapps/10446.txt,"WSCreator 1.1 - Blind SQL Injection",2009-12-14,"Salvatore Fresta",php,webapps,0 10447,platforms/php/webapps/10447.txt,"Traidnt Discovery - [CSRF] Create Staff Account",2009-12-14,G0D-F4Th3r,php,webapps,0 10448,platforms/multiple/webapps/10448.txt,"Oracle e-Business Suite - Multiple Vulnerabilities",2009-12-14,Hacktics,multiple,webapps,0 @@ -9721,8 +9721,8 @@ id,file,description,date,author,platform,type,port 10457,platforms/asp/webapps/10457.txt,"LinkPal 1.0 - SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0 10458,platforms/php/webapps/10458.txt,"Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0 10461,platforms/php/webapps/10461.txt,"Ez Cart 1.0 - Multiple CSRF Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0 -10462,platforms/php/webapps/10462.txt,"DubSite CMS 1.0 - CSRF",2009-12-15,Connection,php,webapps,0 -10463,platforms/php/webapps/10463.txt,"iGaming CMS 1.5 - CSRF",2009-12-15,Nex,php,webapps,0 +10462,platforms/php/webapps/10462.txt,"DubSite CMS 1.0 - Cross-site Request Forgery",2009-12-15,Connection,php,webapps,0 +10463,platforms/php/webapps/10463.txt,"iGaming CMS 1.5 - Cross-site Request Forgery",2009-12-15,Nex,php,webapps,0 10464,platforms/asp/webapps/10464.txt,"GalleryPal FE 1.5 - Auth Bypass",2009-12-15,R3d-D3V!L,asp,webapps,0 10465,platforms/asp/webapps/10465.txt,"SitePal 1.1 - (Auth Bypass) SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0 10467,platforms/php/webapps/10467.txt,"family connections 2.1.3 - Multiple Vulnerabilities",2009-12-16,"Salvatore Fresta",php,webapps,0 @@ -9740,7 +9740,7 @@ id,file,description,date,author,platform,type,port 10482,platforms/asp/webapps/10482.txt,"Codefixer Membership - Remote Database Disclosure",2009-12-16,"ViRuSMaN ",asp,webapps,0 10483,platforms/asp/webapps/10483.txt,"GuestBookPro Script - Remote Database Disclosure",2009-12-16,"ViRuSMaN ",asp,webapps,0 10484,platforms/windows/local/10484.txt,"Kaspersky Lab - Multiple Products Local Privilege Escalation",2009-12-16,"Maxim A. Kulakov",windows,local,0 -10485,platforms/php/webapps/10485.txt,"Drupal Sections Module - XSS",2009-12-16,"Justin C. Klein Keane",php,webapps,0 +10485,platforms/php/webapps/10485.txt,"Drupal Sections Module - Cross-site Scripting",2009-12-16,"Justin C. Klein Keane",php,webapps,0 14034,platforms/windows/dos/14034.pl,"Wincalc 2 - (.num) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 10487,platforms/linux/local/10487.txt,"VideoCache 1.9.2 - vccleaner Root",2009-12-16,"Dominick LaTrappe",linux,local,0 10488,platforms/php/webapps/10488.txt,"WP-Forum 2.3 - SQL Injection / Blind SQL Injection",2009-12-16,"Juan Galiana Lara",php,webapps,0 @@ -9767,7 +9767,7 @@ id,file,description,date,author,platform,type,port 10514,platforms/windows/webapps/10514.txt,"dblog - (dblog.mdb) Remote Database Disclosure",2009-12-17,"AnTi SeCuRe",windows,webapps,0 10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 - Add Admin Exploit",2009-12-17,RENO,php,webapps,0 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Multiple CSRF",2009-12-17,bi0,php,webapps,0 -10517,platforms/php/webapps/10517.txt,"Matrimony Script - CSRF",2009-12-17,bi0,php,webapps,0 +10517,platforms/php/webapps/10517.txt,"Matrimony Script - Cross-site Request Forgery",2009-12-17,bi0,php,webapps,0 10520,platforms/asp/webapps/10520.txt,"Active Auction House 3.6 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10521,platforms/asp/webapps/10521.txt,"Active Photo Gallery 6.2 - (Auth Bypass) SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 - SQL Bypass",2009-12-17,bi0,php,webapps,0 @@ -9777,10 +9777,10 @@ id,file,description,date,author,platform,type,port 10527,platforms/php/webapps/10527.txt,"ReVou Software - SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 10528,platforms/php/webapps/10528.txt,"V.H.S. Booking - (hotel_habitaciones.php HotelID) SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 10529,platforms/asp/webapps/10529.txt,"eWebquiz 8 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -10531,platforms/php/webapps/10531.txt,"jCore CMS - Cross-Site Scripting",2009-12-17,loneferret,php,webapps,0 +10531,platforms/php/webapps/10531.txt,"jCore CMS - Cross-site Scripting",2009-12-17,loneferret,php,webapps,0 10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart - Remote Code Execution",2009-12-17,"Braeden Thomas",php,webapps,0 10533,platforms/php/webapps/10533.txt,"VirtueMart - 'product_id' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0 -10534,platforms/php/webapps/10534.txt,"Rumba XM - Cross-Site scripting",2009-12-17,"Hadi Kiamarsi",php,webapps,0 +10534,platforms/php/webapps/10534.txt,"Rumba XM - Cross-site Scripting",2009-12-17,"Hadi Kiamarsi",php,webapps,0 10535,platforms/php/webapps/10535.txt,"WordPress Pyrmont 2.x Plugin - SQL Injection",2009-12-18,Gamoscu,php,webapps,0 10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion Exploit",2009-12-18,"cr4wl3r ",php,webapps,0 10540,platforms/asp/webapps/10540.txt,"E-Smartcart - SQL Injection",2009-12-18,R3d-D3V!L,asp,webapps,0 @@ -9799,17 +9799,17 @@ id,file,description,date,author,platform,type,port 10556,platforms/windows/local/10556.c,"PlayMeNow 7.3 / 7.4 - Malformed M3U Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 10557,platforms/php/local/10557.php,"PHP 5.2.12/5.3.1 - symlink() open_basedir Bypass",2009-12-19,"Maksymilian Arciemowicz",php,local,0 10558,platforms/asp/webapps/10558.txt,"Toast Forums 1.8 - Database Disclosure",2009-12-19,"ViRuSMaN ",asp,webapps,0 -10560,platforms/php/webapps/10560.txt,"Lizard Cart - Multiple SQL Injection",2009-12-19,"cr4wl3r ",php,webapps,0 +10560,platforms/php/webapps/10560.txt,"Lizard Cart - Multiple SQL Injections",2009-12-19,"cr4wl3r ",php,webapps,0 10561,platforms/php/webapps/10561.txt,"CFAGCMS - SQL Injection",2009-12-19,"cr4wl3r ",php,webapps,0 10562,platforms/php/webapps/10562.txt,"Ptag 4.0.0 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 10563,platforms/windows/local/10563.py,"PlayMeNow - Malformed M3U Playlist BOF (Windows XP Universal)",2009-12-19,loneferret,windows,local,0 10564,platforms/php/webapps/10564.txt,"SaurusCMS 4.6.4 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 -10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 +10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross-site Scripting",2009-12-20,Metropolis,php,webapps,0 10567,platforms/php/webapps/10567.txt,"Advance Biz Limited 1.0 - (Auth Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Remote File Upload",2009-12-20,"Master Mind",php,webapps,0 10569,platforms/php/webapps/10569.txt,"Ignition 1.2 - Multiple Local File Inclusion",2009-12-20,cOndemned,php,webapps,0 10570,platforms/php/webapps/10570.txt,"Pandora FMS Monitoring Application 2.1.x / 3.x - SQL Injection",2009-12-20,Global-Evolution,php,webapps,0 -10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller - XSS",2009-12-20,K053,php,webapps,0 +10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller - Cross-site Scripting",2009-12-20,K053,php,webapps,0 10572,platforms/php/webapps/10572.txt,"4Images 1.7.1 - SQL Injection",2009-12-20,"Master Mind",php,webapps,0 10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. - Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 10574,platforms/php/webapps/10574.txt,"phUploader 2 - Remote File Upload",2009-12-20,wlhaan-hacker,php,webapps,0 @@ -9828,11 +9828,11 @@ id,file,description,date,author,platform,type,port 10588,platforms/php/webapps/10588.txt,"PDQ Script 1.0 - (listingid) SQL Injection",2009-12-21,SecurityRules,php,webapps,0 10590,platforms/php/webapps/10590.txt,"PHPhotoalbum 0.5 - SQL Injection",2009-12-21,Stack,php,webapps,0 10591,platforms/php/webapps/10591.txt,"Joomla Component com_mediaslide - Directory Traversal",2009-12-21,Mr.tro0oqy,php,webapps,0 -10592,platforms/php/webapps/10592.txt,"PHPOPENCHAT 3.0.2 - Cross-Site Scripting AND/OR FPD",2009-12-21,Dedalo,php,webapps,0 +10592,platforms/php/webapps/10592.txt,"PHPOPENCHAT 3.0.2 - Cross-site Scripting AND/OR FPD",2009-12-21,Dedalo,php,webapps,0 10593,platforms/windows/dos/10593.txt,"Winamp 5.57 - Stack Overflow",2009-12-22,scriptjunkie,windows,dos,0 10594,platforms/php/webapps/10594.txt,"The Uploader 2.0 - Remote File Upload",2009-12-22,"Master Mind",php,webapps,0 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 - M3U Playlist Buffer Overflow Exploit",2009-12-22,data$hack,windows,local,0 -10596,platforms/windows/local/10596.pl,"PlayMeNow - Malformed (M3U) Universal XP Seh BoF",2009-12-22,"ThE g0bL!N",windows,local,0 +10596,platforms/windows/local/10596.pl,"PlayMeNow - Malformed '.m3u' Universal XP Seh Buffer Overflow",2009-12-22,"ThE g0bL!N",windows,local,0 10597,platforms/php/webapps/10597.txt,"Active PHP Bookmarks 1.3 - SQL Injection",2009-12-22,Mr.Elgaarh,php,webapps,0 10598,platforms/php/webapps/10598.txt,"deluxebb 1.3 - Multiple Vulnerabilities",2009-12-22,"cp77fk4r ",php,webapps,0 10599,platforms/php/webapps/10599.txt,"The Uploader 2.0 - File Disclosure",2009-12-22,Stack,php,webapps,0 @@ -9844,7 +9844,7 @@ id,file,description,date,author,platform,type,port 10606,platforms/php/webapps/10606.txt,"weenCompany - SQL Injection",2009-12-22,Gamoscu,php,webapps,0 10609,platforms/php/webapps/10609.txt,"Aurora CMS - SQL Injection",2009-12-22,Sora,php,webapps,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 -10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 +10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-site Scripting",2009-12-23,indoushka,php,webapps,0 10612,platforms/php/webapps/10612.txt,"Add An Ad Script - Remote File Upload",2009-12-23,MR.Z,php,webapps,0 10613,platforms/linux/local/10613.c,"Linux Kernel 2.6.18-20 2009 - Local Root Exploit",2009-12-23,DigitALL,linux,local,0 10614,platforms/php/webapps/10614.txt,"35mm Slide Gallery - Directory Traversal",2009-12-23,Mr.tro0oqy,php,webapps,0 @@ -9854,14 +9854,14 @@ id,file,description,date,author,platform,type,port 10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 - Local BoF xp sp2",2009-12-23,bibi-info,windows,local,0 10620,platforms/windows/local/10620.py,"Easy RM to MP3 2.7.3.700 - BoF Exploit",2009-12-23,dijital1,windows,local,0 10621,platforms/php/webapps/10621.txt,"XP Book 3.0 - login Admin Exploit",2009-12-23,"wlhaan hacker",php,webapps,0 -10624,platforms/php/webapps/10624.txt,"Joomla Component com_carman - Cross-Site Scripting",2009-12-24,FL0RiX,php,webapps,0 +10624,platforms/php/webapps/10624.txt,"Joomla Component com_carman - Cross-site Scripting",2009-12-24,FL0RiX,php,webapps,0 10625,platforms/php/webapps/10625.txt,"Joomla Component com_jeemaarticlecollection - SQL Injection",2009-12-24,FL0RiX,php,webapps,0 10626,platforms/php/webapps/10626.txt,"Jax Guestbook 3.50 - Admin Login Exploit",2009-12-24,Sora,php,webapps,0 10628,platforms/windows/local/10628.pl,"CastRipper 2.50.70 - (.pls) Stack Buffer Overflow Exploit (Windows XP SP3)",2009-12-24,d3b4g,windows,local,0 10629,platforms/php/webapps/10629.txt,"Traidnt Gallery - add Admin Exploit",2009-12-24,wlhaan-hacker,php,webapps,0 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 - Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 10632,platforms/php/webapps/10632.pl,"Wbb3 - Blind SQL Injection",2009-12-24,molli,php,webapps,0 -10633,platforms/php/webapps/10633.txt,"Pragyan CMS 2.6.4 - (Search.php) Remote File Inclusion",2009-12-24,Mr.SeCreT,php,webapps,0 +10633,platforms/php/webapps/10633.txt,"Pragyan CMS 2.6.4 - 'search.php' Remote File Inclusion",2009-12-24,Mr.SeCreT,php,webapps,0 10634,platforms/linux/dos/10634.txt,"Picpuz 2.1.1 - Buffer Overflow DoS/PoC",2009-12-24,sandman,linux,dos,0 10637,platforms/asp/webapps/10637.txt,"Web Wiz NewsPad - Database Disclosure",2009-12-24,"ViRuSMaN ",asp,webapps,0 10638,platforms/asp/webapps/10638.txt,"Web Wiz Forums 9.64 - Database Disclosure",2009-12-24,"ViRuSMaN ",asp,webapps,0 @@ -9869,36 +9869,36 @@ id,file,description,date,author,platform,type,port 10640,platforms/php/webapps/10640.txt,"Joomla Component com_schools - SQL Injection",2009-12-24,Mr.tro0oqy,php,webapps,0 10642,platforms/windows/local/10642.rb,"Exploit Easy RM to MP3 2.7.3.700 - Ruby",2009-12-24,"John Babio",windows,local,0 10645,platforms/php/webapps/10645.txt,"PBX Phone System 2.x - Multiple Vulnerabilities",2009-12-24,Global-Evolution,php,webapps,0 -10646,platforms/windows/local/10646.c,"CastRipper - (.M3U) Stack BoF (Windows XP SP2)",2009-12-24,bibi-info,windows,local,0 +10646,platforms/windows/local/10646.c,"CastRipper - '.m3u' Stack BoF (Windows XP SP2)",2009-12-24,bibi-info,windows,local,0 10647,platforms/php/webapps/10647.txt,"VideoIsland - Remote shell upload",2009-12-24,RENO,php,webapps,0 10648,platforms/php/webapps/10648.txt,"cms -db 0.7.13 - Multiple Vulnerabilities",2009-12-25,"cp77fk4r ",php,webapps,0 10649,platforms/windows/webapps/10649.html,"SoftCab Sound Converter - ActiveX Insecure Method Exploit (sndConverter.ocx)",2009-12-25,"ThE g0bL!N",windows,webapps,0 10650,platforms/windows/dos/10650.pl,"jetAudio 8.0.0.0 - (.asx) Basic Local Crash PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 10651,platforms/windows/dos/10651.pl,"JetAudio Basic 7.5.5.25 - (.asx) Buffer Overflow PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 - Remote File Inclusion",2009-12-25,indoushka,php,webapps,0 -10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 -10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 -10655,platforms/php/webapps/10655.txt,"Best Top List - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4 / Winn.ws - Cross-site Scripting",2009-12-25,indoushka,php,webapps,0 +10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 - Cross-site Scripting",2009-12-25,indoushka,php,webapps,0 +10655,platforms/php/webapps/10655.txt,"Best Top List - Cross-site Scripting",2009-12-25,indoushka,php,webapps,0 10656,platforms/php/webapps/10656.txt,"B2B Trading Marketplace - SQL Injection",2009-12-25,"AnGrY BoY",php,webapps,0 -10658,platforms/php/webapps/10658.txt,"caricatier 2.5 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +10658,platforms/php/webapps/10658.txt,"caricatier 2.5 - Cross-site Scripting",2009-12-25,indoushka,php,webapps,0 10660,platforms/php/webapps/10660.txt,"barbo91 - uploads Upload Shell",2009-12-25,indoushka,php,webapps,0 -10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System - Cross-site Scripting",2009-12-25,indoushka,php,webapps,0 10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 - (build 330) Stack Overflow Exploit",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 10665,platforms/php/webapps/10665.txt,"Jevonweb Guestbook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 10666,platforms/php/webapps/10666.txt,"Simple PHP Guestbook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 -10667,platforms/php/webapps/10667.txt,"paFileDB 3.1 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10668,platforms/php/webapps/10668.txt,"phpPowerCards 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10670,platforms/php/webapps/10670.txt,"vCard PRO 3.1 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10667,platforms/php/webapps/10667.txt,"paFileDB 3.1 - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 +10668,platforms/php/webapps/10668.txt,"phpPowerCards 2.0 - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 +10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 +10670,platforms/php/webapps/10670.txt,"vCard PRO 3.1 - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10671,platforms/php/webapps/10671.txt,"Info Fisier 1.0 - Remote File Upload",2009-12-26,"wlhaan hacker",php,webapps,0 10672,platforms/php/webapps/10672.txt,"kandalf upper 0.1 - Upload Shell",2009-12-26,indoushka,php,webapps,0 -10673,platforms/php/webapps/10673.txt,"DieselScripts jokes - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10673,platforms/php/webapps/10673.txt,"DieselScripts jokes - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10674,platforms/php/webapps/10674.txt,"DieselScripts jokes - Backup",2009-12-26,indoushka,php,webapps,0 -10675,platforms/php/webapps/10675.txt,"Webring - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10675,platforms/php/webapps/10675.txt,"Webring - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 14257,platforms/windows/remote/14257.py,"Hero DVD Remote 1.0 - Buffer Overflow Exploit",2010-07-07,chap0,windows,remote,0 -14158,platforms/windows/local/14158.pl,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.m3u) Buffer Overflow",2010-07-01,Madjix,windows,local,0 +14158,platforms/windows/local/14158.pl,"Mini-Stream RM-MP3 Converter 3.1.2.1 - '.m3u' Buffer Overflow",2010-07-01,Madjix,windows,local,0 10677,platforms/php/webapps/10677.txt,"PHPShop 0.6 - Bypass",2009-12-26,indoushka,php,webapps,0 -10679,platforms/php/webapps/10679.txt,"Quiz - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10679,platforms/php/webapps/10679.txt,"Quiz - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10680,platforms/php/webapps/10680.txt,"E-Pay - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10681,platforms/php/webapps/10681.txt,"Saibal Download Area 2.0 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10682,platforms/php/webapps/10682.txt,"Dros - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 @@ -9907,11 +9907,11 @@ id,file,description,date,author,platform,type,port 10685,platforms/php/webapps/10685.txt,"Best Top List 2.11 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10686,platforms/asp/webapps/10686.txt,"CactuShop 6.0 - Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 10687,platforms/php/webapps/10687.txt,"SaphpLesson 4.0 food - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 -10688,platforms/php/webapps/10688.txt,"FlatPress - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10688,platforms/php/webapps/10688.txt,"FlatPress - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10689,platforms/php/webapps/10689.txt,"file upload Ar Version - Upload Shell",2009-12-26,indoushka,php,webapps,0 -10690,platforms/php/webapps/10690.txt,"IMG2ASCII - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10690,platforms/php/webapps/10690.txt,"IMG2ASCII - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10691,platforms/php/webapps/10691.txt,"EZPX My photoblog 1.2 - Upload Shell",2009-12-26,indoushka,php,webapps,0 -10692,platforms/php/webapps/10692.txt,"FreeForum 1.7 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10692,platforms/php/webapps/10692.txt,"FreeForum 1.7 - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10693,platforms/php/webapps/10693.txt,"FreeForum 1.7 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10694,platforms/php/webapps/10694.txt,"ES Simple Uploader 1.1 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10695,platforms/php/webapps/10695.txt,"Lizard Cart - Upload Shell",2009-12-26,indoushka,php,webapps,0 @@ -9921,14 +9921,14 @@ id,file,description,date,author,platform,type,port 10699,platforms/php/webapps/10699.txt,"dB Masters Multimedia - Insecure Cookie Handling",2009-12-26,indoushka,php,webapps,0 10700,platforms/php/webapps/10700.txt,"Image File Upload - Upload Shell",2009-12-26,indoushka,php,webapps,0 10701,platforms/php/webapps/10701.txt,"HowMany 2.6 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 -10703,platforms/php/webapps/10703.txt,"kooora 3.0 - AR Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10703,platforms/php/webapps/10703.txt,"kooora 3.0 - AR Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10704,platforms/php/webapps/10704.txt,"Mega Upload 1.45 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10705,platforms/php/webapps/10705.txt,"Gallery 2.3 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10706,platforms/php/webapps/10706.txt,"MyCart shopping cart - Upload Shell",2009-12-26,indoushka,php,webapps,0 10707,platforms/php/webapps/10707.txt,"osCommerce 2.2rc2a - Bypass/Create and Download Backup",2009-12-26,indoushka,php,webapps,0 -10708,platforms/php/webapps/10708.txt,"MyShoutPro 1.2 Final - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10708,platforms/php/webapps/10708.txt,"MyShoutPro 1.2 Final - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10710,platforms/php/webapps/10710.txt,"Green Desktiny Customer Support Helpdesk 2.3.1 - SQL Injection",2009-12-26,kaMtiEz,php,webapps,0 -10711,platforms/php/webapps/10711.txt,"PHPAUCTION - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10711,platforms/php/webapps/10711.txt,"PHPAUCTION - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10713,platforms/asp/webapps/10713.txt,"Esinti Web Design Gold Defter - Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager - (OmniInet.exe) Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 @@ -9936,25 +9936,25 @@ id,file,description,date,author,platform,type,port 10717,platforms/php/webapps/10717.txt,"DBHCMS Web Content Management System 1.1.4 - Remote File Inclusion",2009-12-26,Gamoscu,php,webapps,0 10718,platforms/php/webapps/10718.txt,"ta3arof [dating] Script (Arabic Version) - Upload Shell",2009-12-26,indoushka,php,webapps,0 10719,platforms/php/webapps/10719.txt,"PHP Uploader Downloader 2.0 - Upload Shell",2009-12-26,indoushka,php,webapps,0 -10720,platforms/php/webapps/10720.txt,"PHP Football 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10720,platforms/php/webapps/10720.txt,"PHP Football 1.0 - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10721,platforms/php/webapps/10721.txt,"Nuked-Klan 1.7.7 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 -10722,platforms/php/webapps/10722.txt,"PHP Uploader Downloader 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10722,platforms/php/webapps/10722.txt,"PHP Uploader Downloader 2.0 - Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 10725,platforms/php/webapps/10725.txt,"Nuke - SQL Injection",2009-12-27,FormatXformat,php,webapps,0 10726,platforms/php/webapps/10726.txt,"Info Fisier 1.0 - SQL Injection",2009-12-27,"AnGrY BoY",php,webapps,0 10727,platforms/php/webapps/10727.txt,"Smart PHP Uploader 1.0 - Remote File Upload",2009-12-27,Phenom,php,webapps,0 10728,platforms/php/webapps/10728.txt,"info fisier 1.0 - Multiple Vulnerabilities",2009-12-27,kaozc9,php,webapps,0 10729,platforms/php/webapps/10729.txt,"Joomla Component com_adagency - Exploit",2009-12-27,FL0RiX,php,webapps,0 -10730,platforms/php/webapps/10730.txt,"Joomla Component com_intuit - LFI",2009-12-27,FL0RiX,php,webapps,0 +10730,platforms/php/webapps/10730.txt,"Joomla Component com_intuit - Local File Inclusion",2009-12-27,FL0RiX,php,webapps,0 10731,platforms/php/webapps/10731.txt,"joomla component memorybook 1.2 - Multiple Vulnerabilities",2009-12-27,jdc,php,webapps,0 10732,platforms/php/webapps/10732.txt,"PHP upload - (unijimpe) Remote File Upload",2009-12-27,"wlhaan hacker",php,webapps,0 -10733,platforms/php/webapps/10733.txt,"com_webcamxp - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 +10733,platforms/php/webapps/10733.txt,"com_webcamxp - Cross-site Scripting",2009-12-27,Pyske,php,webapps,0 10734,platforms/php/webapps/10734.txt,"Joomla Component com_beeheard - Blind SQL Injection",2009-12-27,FL0RiX,php,webapps,0 -10735,platforms/php/webapps/10735.txt,"com_jm-recommend - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 -10736,platforms/php/webapps/10736.txt,"lineaCMS - Cross-Site Scripting",2009-12-27,Phenom,php,webapps,0 -10737,platforms/php/webapps/10737.txt,"Joomla Component com_facileforms - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 -10738,platforms/php/webapps/10738.txt,"Joomla Component com_qpersonel - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 -10739,platforms/php/webapps/10739.txt,"Joomla Component com_oprykningspoint_mc - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 -10740,platforms/php/webapps/10740.txt,"Joomla Component com_trabalhe_conosco - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 +10735,platforms/php/webapps/10735.txt,"com_jm-recommend - Cross-site Scripting",2009-12-27,Pyske,php,webapps,0 +10736,platforms/php/webapps/10736.txt,"lineaCMS - Cross-site Scripting",2009-12-27,Phenom,php,webapps,0 +10737,platforms/php/webapps/10737.txt,"Joomla Component com_facileforms - Cross-site Scripting",2009-12-27,Pyske,php,webapps,0 +10738,platforms/php/webapps/10738.txt,"Joomla Component com_qpersonel - Cross-site Scripting",2009-12-27,Pyske,php,webapps,0 +10739,platforms/php/webapps/10739.txt,"Joomla Component com_oprykningspoint_mc - Cross-site Scripting",2009-12-27,Pyske,php,webapps,0 +10740,platforms/php/webapps/10740.txt,"Joomla Component com_trabalhe_conosco - Cross-site Scripting",2009-12-27,Pyske,php,webapps,0 10741,platforms/php/webapps/10741.txt,"cybershade CMS 0.2 - Remote File Inclusion",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum - SQL Injection",2009-12-27,"ViRuSMaN ",php,webapps,0 10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup",2009-12-26,indoushka,php,webapps,0 @@ -9971,30 +9971,30 @@ id,file,description,date,author,platform,type,port 10756,platforms/linux/webapps/10756.txt,"MySimpleFileUploader 1.6 - Upload Shell",2009-12-28,FormatXformat,linux,webapps,80 10757,platforms/linux/webapps/10757.txt,"PHP Forum ohne My SQL - Remote File Upload",2009-12-28,"wlhaan hacker",linux,webapps,80 10758,platforms/php/webapps/10758.txt,"Calendar Express 2.0 - SQL Injection",2009-12-28,BAYBORA,php,webapps,0 -10759,platforms/windows/local/10759.pl,"M.J.M. Quick Player 1.2 - Stack BOF",2009-12-28,corelanc0d3r,windows,local,0 +10759,platforms/windows/local/10759.pl,"M.J.M. Quick Player 1.2 - Stack Buffer Overflow",2009-12-28,corelanc0d3r,windows,local,0 10760,platforms/php/webapps/10760.txt,"Joomla Component com_calendario - Blind SQL Injection",2009-12-28,Mr.tro0oqy,php,webapps,0 10762,platforms/php/webapps/10762.txt,"Sunbyte e-Flower - SQL Injection",2009-12-28,"Don Tukulesto",php,webapps,0 10763,platforms/php/webapps/10763.txt,"Dren's PHP Uploader - Remote File Upload",2009-12-28,"Cyb3r IntRue",php,webapps,0 10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - SEH (0Day)",2009-12-29,Lincoln,windows,remote,6660 -10767,platforms/asp/webapps/10767.txt,"jgbbs-3.0beta1 - DB Download",2009-12-29,indoushka,asp,webapps,0 -10770,platforms/asp/webapps/10770.txt,"PSnews - DB Download",2009-12-29,indoushka,asp,webapps,0 +10767,platforms/asp/webapps/10767.txt,"jgbbs-3.0beta1 - Database Download",2009-12-29,indoushka,asp,webapps,0 +10770,platforms/asp/webapps/10770.txt,"PSnews - Database Download",2009-12-29,indoushka,asp,webapps,0 10771,platforms/asp/webapps/10771.txt,"QuickEStore 7.9 - SQL Injection / Path Disclosure Download",2009-12-29,indoushka,asp,webapps,0 -10772,platforms/asp/webapps/10772.txt,"AspBB - Active Server Page Bulletin Board DB Download",2009-12-29,indoushka,asp,webapps,0 -10773,platforms/asp/webapps/10773.txt,"Futility Forum 1.0 Revamp - DB Download",2009-12-29,indoushka,asp,webapps,0 -10774,platforms/asp/webapps/10774.txt,"htmlArea 2.03 - DB Download",2009-12-29,indoushka,asp,webapps,0 -10775,platforms/asp/webapps/10775.txt,"Uguestbook - DB Download",2009-12-29,indoushka,asp,webapps,0 -10776,platforms/asp/webapps/10776.txt,"BaalASP 2.0 - DB Download",2009-12-29,indoushka,asp,webapps,0 -10777,platforms/asp/webapps/10777.txt,"Fully Functional ASP Forum 1.0 - DB Download",2009-12-29,indoushka,asp,webapps,0 -10778,platforms/asp/webapps/10778.txt,"makit news/blog poster 3.1 - DB Download",2009-12-29,indoushka,asp,webapps,0 +10772,platforms/asp/webapps/10772.txt,"AspBB - Active Server Page Bulletin Board Database Download",2009-12-29,indoushka,asp,webapps,0 +10773,platforms/asp/webapps/10773.txt,"Futility Forum 1.0 Revamp - Database Download",2009-12-29,indoushka,asp,webapps,0 +10774,platforms/asp/webapps/10774.txt,"htmlArea 2.03 - Database Download",2009-12-29,indoushka,asp,webapps,0 +10775,platforms/asp/webapps/10775.txt,"Uguestbook - Database Download",2009-12-29,indoushka,asp,webapps,0 +10776,platforms/asp/webapps/10776.txt,"BaalASP 2.0 - Database Download",2009-12-29,indoushka,asp,webapps,0 +10777,platforms/asp/webapps/10777.txt,"Fully Functional ASP Forum 1.0 - Database Download",2009-12-29,indoushka,asp,webapps,0 +10778,platforms/asp/webapps/10778.txt,"makit news/blog poster 3.1 - Database Download",2009-12-29,indoushka,asp,webapps,0 10779,platforms/php/webapps/10779.txt,"DirectAdmin 1.34.0 - CSRF Create Administrator",2009-12-29,SecurityRules,php,webapps,0 -10780,platforms/asp/webapps/10780.txt,"ASP Battle Blog - DB Download",2009-12-29,indoushka,asp,webapps,0 +10780,platforms/asp/webapps/10780.txt,"ASP Battle Blog - Database Download",2009-12-29,indoushka,asp,webapps,0 10781,platforms/php/webapps/10781.txt,"ActiveKB - Remote File Inclusion",2009-12-29,indoushka,php,webapps,0 10782,platforms/windows/local/10782.pl,"Mini-stream Ripper 3.0.1.1 - (.pls) Universal BoF (Perl)",2009-12-29,jacky,windows,local,0 10784,platforms/php/webapps/10784.txt,"eStore 1.0.2 - SQL Injection",2009-12-29,R3VAN_BASTARD,php,webapps,0 10786,platforms/windows/local/10786.py,"Soritong 1.0 - Universal BoF (Python)",2009-12-29,jacky,windows,local,0 10787,platforms/windows/local/10787.py,"Mini-stream Ripper 3.0.1.1 - (.pls) Universal BoF (Python)",2009-12-29,jacky,windows,local,0 10788,platforms/php/webapps/10788.txt,"Helpdesk Pilot Knowledge Base 4.4.0 - SQL Injection",2009-12-29,kaMtiEz,php,webapps,0 -10789,platforms/php/webapps/10789.txt,"Joomla compnent com_noticia - Cross-Site scripting",2009-12-29,Mr.tro0oqy,php,webapps,0 +10789,platforms/php/webapps/10789.txt,"Joomla compnent com_noticia - Cross-site Scripting",2009-12-29,Mr.tro0oqy,php,webapps,0 10790,platforms/php/webapps/10790.txt,"Joomla Component com_kkcontent - Blind SQL Injection",2009-12-29,Pyske,php,webapps,0 10791,platforms/windows/remote/10791.py,"Microsoft IIS - ASP Multiple Extensions Security Bypass 5.x/6.x",2009-12-30,emgent,windows,remote,80 10792,platforms/hardware/webapps/10792.txt,"My Book World Edition NAS - Multiple Vulnerabilities",2009-12-30,emgent,hardware,webapps,80 @@ -10008,19 +10008,19 @@ id,file,description,date,author,platform,type,port 10802,platforms/php/webapps/10802.txt,"PicMe 2.1.0 - Upload Shell",2009-12-30,indoushka,php,webapps,0 10803,platforms/php/webapps/10803.txt,"UBB Threads 6.0 - Remote File Inclusion",2009-12-30,indoushka,php,webapps,0 10805,platforms/php/webapps/10805.txt,"diesel job site 1.4 - Multiple Vulnerabilities",2009-12-30,indoushka,php,webapps,0 -10806,platforms/php/webapps/10806.txt,"LiveZilla 3.1.8.3 - XSS",2009-12-30,MaXe,php,webapps,0 +10806,platforms/php/webapps/10806.txt,"LiveZilla 3.1.8.3 - Cross-site Scripting",2009-12-30,MaXe,php,webapps,0 10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 - (detail.php) SQL Injection",2009-12-30,Palyo34,php,webapps,0 -10808,platforms/php/webapps/10808.txt,"PHP-Fusion Mod avatar_studio - LFI",2009-12-30,bonobug,php,webapps,0 +10808,platforms/php/webapps/10808.txt,"PHP-Fusion Mod avatar_studio - Local File Inclusion",2009-12-30,bonobug,php,webapps,0 10809,platforms/php/webapps/10809.txt,"I-Escorts Directory - (country_escorts.php country_id) SQL Injection",2009-12-30,R3d-D3V!L,php,webapps,0 10810,platforms/php/webapps/10810.txt,"FlashChat 3.9.3.1 - PHP info",2009-12-30,indoushka,php,webapps,0 10811,platforms/php/webapps/10811.txt,"Joomla com_intuit - Apache directory listing Download",2009-12-30,indoushka,php,webapps,0 10812,platforms/php/webapps/10812.txt,"WHOISCART - Scripting",2009-12-30,HAQIQ20,php,webapps,0 -10813,platforms/php/webapps/10813.txt,"ArticleLive PHP 2005.0.0 - Cross-Site Scripting",2009-12-30,indoushka,php,webapps,0 -10816,platforms/php/webapps/10816.txt,"Aptgp.1.3.0c - Cross-Site Scripting",2009-12-30,indoushka,php,webapps,0 +10813,platforms/php/webapps/10813.txt,"ArticleLive PHP 2005.0.0 - Cross-site Scripting",2009-12-30,indoushka,php,webapps,0 +10816,platforms/php/webapps/10816.txt,"Aptgp.1.3.0c - Cross-site Scripting",2009-12-30,indoushka,php,webapps,0 10817,platforms/php/webapps/10817.txt,"Joomla Component com_airmonoblock - Blind SQL Injection",2009-12-30,Pyske,php,webapps,0 10819,platforms/asp/webapps/10819.txt,"gallery_show.asp - GID Blind SQL Injection",2009-12-30,R3d-D3V!L,asp,webapps,0 10820,platforms/php/dos/10820.sh,"Joomla Core 1.5.x com_component - DoS (0Day)",2009-12-31,emgent,php,dos,80 -10821,platforms/multiple/webapps/10821.txt,"WingFTP Server 3.2.4 - CSRF",2009-12-30,Ams,multiple,webapps,0 +10821,platforms/multiple/webapps/10821.txt,"WingFTP Server 3.2.4 - Cross-site Request Forgery",2009-12-30,Ams,multiple,webapps,0 10822,platforms/php/webapps/10822.txt,"Joomla Component com_rd_download - Local File Disclosure",2009-12-30,FL0RiX,php,webapps,0 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ýlan Servisi - Database Disclosure",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate - SQL Injection",2009-12-30,e.wiZz,php,webapps,0 @@ -10035,7 +10035,7 @@ id,file,description,date,author,platform,type,port 10833,platforms/php/webapps/10833.txt,"Classifieds Script - (type) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10834,platforms/php/webapps/10834.txt,"Link Trader - (lnkid) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10835,platforms/php/webapps/10835.txt,"Jax Calendar 1.34 - Remote Admin Access Exploit",2009-12-30,Sora,php,webapps,0 -10836,platforms/php/webapps/10836.txt,"elkagroup - (pid) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10836,platforms/php/webapps/10836.txt,"elkagroup - 'pid' SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10837,platforms/php/webapps/10837.txt,"Quick Poll - (code.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10838,platforms/php/webapps/10838.txt,"list Web - (addlink.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip - (store_info.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 @@ -10051,16 +10051,16 @@ id,file,description,date,author,platform,type,port 10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 - (lng) LFI",2009-12-31,cOndemned,php,webapps,0 10870,platforms/multiple/dos/10870.html,"Opera 10.10 - Status Bar Obfuscation",2009-12-31,"599eme Man",multiple,dos,0 10871,platforms/php/webapps/10871.txt,"Freewebscript'z Games - (Auth Bypass) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10872,platforms/php/webapps/10872.txt,"Pre ADS Portal - (cid) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10873,platforms/php/webapps/10873.txt,"Myiosoft EasyGallery - (catid) Blind SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10872,platforms/php/webapps/10872.txt,"Pre ADS Portal - 'cid' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10873,platforms/php/webapps/10873.txt,"Myiosoft EasyGallery - 'catid' Blind SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10874,platforms/php/webapps/10874.txt,"Pre News Manager - (nid) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10876,platforms/php/webapps/10876.txt,"PHP-MySQL-Quiz - SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10877,platforms/php/webapps/10877.txt,"php-addressbook 3.1.5 - (edit.php) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10878,platforms/php/webapps/10878.txt,"Invision Power Board (Trial) 2.0.4 - Backup",2009-12-31,indoushka,php,webapps,0 10879,platforms/windows/dos/10879.html,"Google Chrome 3.0195.38 - Status Bar Obfuscation",2009-12-31,"599eme Man",windows,dos,0 -10880,platforms/php/webapps/10880.php,"bbScript 1.1.2.1 - (id) Blind SQL Injection",2009-12-31,cOndemned,php,webapps,0 +10880,platforms/php/webapps/10880.php,"bbScript 1.1.2.1 - 'id' Blind SQL Injection",2009-12-31,cOndemned,php,webapps,0 10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 - (.aap) BoF DoS",2009-12-31,jacky,windows,dos,0 -10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - XSS / CSRF",2009-12-31,"D3V!L FUCKER",php,webapps,0 +10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - XSS / Cross-site Request Forgery",2009-12-31,"D3V!L FUCKER",php,webapps,0 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog - Database Disclosure",2010-01-01,LionTurk,asp,webapps,0 10884,platforms/asp/webapps/10884.txt,"ArticleLive 1.7.1.2 (blogs.php?Id) - SQL Injection",2010-01-01,BAYBORA,asp,webapps,0 10885,platforms/php/webapps/10885.txt,"Cype CMS - SQL Injection",2010-01-01,Sora,php,webapps,0 @@ -10077,14 +10077,14 @@ id,file,description,date,author,platform,type,port 10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial of Services PoC",2010-01-02,SarBoT511,windows,dos,0 10908,platforms/windows/dos/10908.pl,"GOM player 2.1.9 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 -10910,platforms/php/webapps/10910.txt,"HLstatsX Community Edition 1.6.5 - Cross-Site Scripting",2010-01-02,Sora,php,webapps,0 +10910,platforms/php/webapps/10910.txt,"HLstatsX Community Edition 1.6.5 - Cross-site Scripting",2010-01-02,Sora,php,webapps,0 10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - (0Day)",2010-01-02,Lincoln,windows,remote,0 10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script - Cookie Handling",2010-01-02,DigitALL,php,webapps,0 -10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 'New Year Edition' - (.m3u) Exploit (0Day)",2010-01-02,"fl0 fl0w",windows,dos,0 +10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 'New Year Edition' - '.m3u' Exploit (0Day)",2010-01-02,"fl0 fl0w",windows,dos,0 10921,platforms/php/webapps/10921.txt,"eazyPortal 1.0.0 - Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic ",php,webapps,0 -10923,platforms/php/webapps/10923.txt,"superlink script 1.0 - (id) SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 -10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross-Site Scripting",2010-01-02,indoushka,php,webapps,0 -10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals - LFI",2010-01-02,FL0RiX,php,webapps,0 +10923,platforms/php/webapps/10923.txt,"superlink script 1.0 - 'id' SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 +10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross-site Scripting",2010-01-02,indoushka,php,webapps,0 +10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals - Local File Inclusion",2010-01-02,FL0RiX,php,webapps,0 10929,platforms/php/webapps/10929.txt,"WordPress Events Plugin - SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 10930,platforms/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 - SQL Injection",2010-01-02,Sora,php,webapps,0 10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 @@ -10092,11 +10092,11 @@ id,file,description,date,author,platform,type,port 10938,platforms/php/webapps/10938.txt,"Service d'upload 1.0.0 - Shell Upload",2010-01-03,indoushka,php,webapps,0 10940,platforms/asp/webapps/10940.txt,"Football Pool 3.1 - Database Disclosure",2010-01-03,LionTurk,asp,webapps,0 10941,platforms/php/webapps/10941.php,"Joomla Component com_aprice - Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 -10942,platforms/php/webapps/10942.txt,"Joomla Component com_cartweberp - LFI",2010-01-03,FL0RiX,php,webapps,0 -10943,platforms/php/webapps/10943.txt,"Joomla Component com_biblestudy - LFI",2010-01-03,FL0RiX,php,webapps,0 +10942,platforms/php/webapps/10942.txt,"Joomla Component com_cartweberp - Local File Inclusion",2010-01-03,FL0RiX,php,webapps,0 +10943,platforms/php/webapps/10943.txt,"Joomla Component com_biblestudy - Local File Inclusion",2010-01-03,FL0RiX,php,webapps,0 10944,platforms/php/webapps/10944.txt,"Joomla Component com_bfsurvey_basic - SQL Injection",2010-01-03,FL0RiX,php,webapps,0 -10945,platforms/php/webapps/10945.php,"Joomla Component com_bfsurvey_pro - (catid) Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 -10946,platforms/php/webapps/10946.txt,"Joomla Component com_bfsurvey - LFI",2010-01-03,FL0RiX,php,webapps,0 +10945,platforms/php/webapps/10945.php,"Joomla Component com_bfsurvey_pro - 'catid' Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 +10946,platforms/php/webapps/10946.txt,"Joomla Component com_bfsurvey - Local File Inclusion",2010-01-03,FL0RiX,php,webapps,0 10947,platforms/hardware/dos/10947.txt,"Facebook for iPhone - persistent XSS DoS",2010-01-03,marco_,hardware,dos,0 10948,platforms/php/webapps/10948.txt,"Joomla Component com_abbrev - Local File Inclusion",2010-01-03,FL0RiX,php,webapps,0 10949,platforms/php/webapps/10949.txt,"Joomla Component com_countries - SQL Injection",2010-01-03,FL0RiX,php,webapps,0 @@ -10107,10 +10107,10 @@ id,file,description,date,author,platform,type,port 10960,platforms/multiple/dos/10960.pl,"Google Chrome 4.0.249.30 - DoS PoC",2010-01-03,anonymous,multiple,dos,0 10962,platforms/php/webapps/10962.txt,"Live TV Script - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10964,platforms/php/webapps/10964.txt,"Joomla Bridge of Hope Template - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 -10965,platforms/php/webapps/10965.txt,"Joomla Component com_doqment - (cid) SQL Injection",2010-01-03,Gamoscu,php,webapps,0 +10965,platforms/php/webapps/10965.txt,"Joomla Component com_doqment - 'cid' SQL Injection",2010-01-03,Gamoscu,php,webapps,0 10966,platforms/php/webapps/10966.txt,"Joomla Component com_otzivi - Blind SQL Injection",2010-01-03,Cyber_945,php,webapps,0 10967,platforms/php/webapps/10967.txt,"Rezervi 3.0.2 - (mail.inc.php) Remote File Inclusion",2010-01-03,r00t.h4x0r,php,webapps,0 -10968,platforms/php/webapps/10968.txt,"portal modulnet 1.0 - (id) SQL Injection",2010-01-03,Red-D3v1L,php,webapps,0 +10968,platforms/php/webapps/10968.txt,"portal modulnet 1.0 - 'id' SQL Injection",2010-01-03,Red-D3v1L,php,webapps,0 10971,platforms/php/webapps/10971.txt,"Joomla Bamboo Simpla Admin Template - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10972,platforms/asp/webapps/10972.txt,"Acidcat CMS 3.5 - Multiple Vulnerabilities",2010-01-03,LionTurk,asp,webapps,0 10973,platforms/windows/remote/10973.py,"BigAnt Server 2.52 - Remote Buffer Overflow Exploit (2)",2010-01-03,DouBle_Zer0,windows,remote,0 @@ -10130,16 +10130,16 @@ id,file,description,date,author,platform,type,port 11002,platforms/php/webapps/11002.txt,"ImagoScripts Deviant Art Clone - SQL Injection",2010-01-04,alnjm33,php,webapps,0 11003,platforms/php/webapps/11003.txt,"LightOpen CMS 0.1 - Remote File Inclusion (smarty.php)",2010-01-04,"Zer0 Thunder",php,webapps,0 11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure",2010-01-04,LionTurk,asp,webapps,0 -11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 - DB Download",2010-01-05,indoushka,asp,webapps,0 +11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 - Database Download",2010-01-05,indoushka,asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware - CIFS And AFP Remote Memory Consumption DoS",2010-01-05,"Francis Provencher",multiple,dos,0 11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz - (view_news) SQL Injection",2010-01-06,Err0R,php,webapps,0 11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities",2010-01-06,"Zer0 Thunder",php,webapps,0 11014,platforms/php/webapps/11014.txt,"Myuploader - Upload Shell Exploit",2010-01-06,S2K9,php,webapps,0 -11015,platforms/asp/webapps/11015.txt,"Lebi soft Ziyaretci Defteri 7.5 - DB Download",2010-01-06,indoushka,asp,webapps,0 -11016,platforms/asp/webapps/11016.txt,"Net Gitar Shop 1.0 - DB Download",2010-01-06,indoushka,asp,webapps,0 -11017,platforms/php/webapps/11017.txt,"PHPDug 2.0.0 - Cross-Site Scripting",2010-01-06,indoushka,php,webapps,0 -11018,platforms/asp/webapps/11018.txt,"VP-ASP Shopping Cart 7.0 - DB Download",2010-01-06,indoushka,asp,webapps,0 +11015,platforms/asp/webapps/11015.txt,"Lebi soft Ziyaretci Defteri 7.5 - Database Download",2010-01-06,indoushka,asp,webapps,0 +11016,platforms/asp/webapps/11016.txt,"Net Gitar Shop 1.0 - Database Download",2010-01-06,indoushka,asp,webapps,0 +11017,platforms/php/webapps/11017.txt,"PHPDug 2.0.0 - Cross-site Scripting",2010-01-06,indoushka,php,webapps,0 +11018,platforms/asp/webapps/11018.txt,"VP-ASP Shopping Cart 7.0 - Database Download",2010-01-06,indoushka,asp,webapps,0 11019,platforms/php/webapps/11019.txt,"MobPartner Counter - Remote File Upload",2010-01-06,"wlhaan hacker",php,webapps,0 11020,platforms/windows/dos/11020.pl,"GOM Audio - Local Crash PoC",2010-01-06,applicationlayer,windows,dos,0 11021,platforms/windows/dos/11021.txt,"Flashget 3.x - IEHelper Remote Exec PoC (0Day)",2010-01-06,superli,windows,dos,0 @@ -10147,11 +10147,11 @@ id,file,description,date,author,platform,type,port 11023,platforms/asp/webapps/11023.txt,"Erolife AjxGaleri VT - Database Disclosure",2010-01-06,LionTurk,asp,webapps,0 11024,platforms/php/webapps/11024.txt,"Joomla Component com_perchagallery - SQL Injection",2010-01-06,FL0RiX,php,webapps,0 11025,platforms/php/webapps/11025.txt,"AWCM - Database Disclosure",2010-01-06,alnjm33,php,webapps,0 -11026,platforms/php/webapps/11026.php,"com_jembed - (catid) Blind SQL Injection",2010-01-06,FL0RiX,php,webapps,0 +11026,platforms/php/webapps/11026.php,"com_jembed - 'catid' Blind SQL Injection",2010-01-06,FL0RiX,php,webapps,0 11027,platforms/windows/remote/11027.pl,"Apple QuickTime 7.2/7.3 - RTSP BoF (Perl)",2010-01-06,jacky,windows,remote,0 11028,platforms/php/webapps/11028.txt,"Docebo 3.6.0.2 (stable) - Local File Inclusion",2010-01-06,"Zer0 Thunder",php,webapps,0 11029,platforms/multiple/local/11029.txt,"DirectAdmin 1.33.6 - Symlink Permission Bypass",2010-01-06,alnjm33,multiple,local,0 -11030,platforms/hardware/webapps/11030.txt,"D-LINK DKVM-IP8 - XSS",2010-01-06,POPCORN,hardware,webapps,0 +11030,platforms/hardware/webapps/11030.txt,"D-LINK DKVM-IP8 - Cross-site Scripting",2010-01-06,POPCORN,hardware,webapps,0 11031,platforms/php/webapps/11031.txt,"Milonic News - (viewnews) SQL Injection",2010-01-06,Err0R,php,webapps,0 11033,platforms/php/webapps/11033.txt,"Joomla Component com_kk - Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 11034,platforms/windows/dos/11034.txt,"Microsoft HTML Help Compiler (hhc.exe) - BoF PoC",2010-01-06,s4squatch,windows,dos,0 @@ -10163,19 +10163,19 @@ id,file,description,date,author,platform,type,port 11046,platforms/windows/local/11046.py,"Quick Player 1.2 -Unicode BoF - bindshell",2010-01-06,sinn3r,windows,local,0 11047,platforms/php/webapps/11047.txt,"Zeeways Technology - (product_desc.php) SQL Injection",2010-01-07,Gamoscu,php,webapps,0 11048,platforms/php/webapps/11048.txt,"Ulisse's Scripts 2.6.1 - ladder.php SQL Injection",2010-01-07,Sora,php,webapps,0 -11051,platforms/php/webapps/11051.txt,"AutoIndex PHP Script - (index.php) Directory Traversal",2010-01-07,Red-D3v1L,php,webapps,0 +11051,platforms/php/webapps/11051.txt,"AutoIndex PHP Script - 'index.php' Directory Traversal",2010-01-07,Red-D3v1L,php,webapps,0 11052,platforms/windows/dos/11052.pl,"Kantaris 0.5.6 - Local Denial of Service PoC",2010-01-07,anonymous,windows,dos,0 11053,platforms/windows/dos/11053.py,"ttplayer 5.6Beta3 - DoS PoC",2010-01-07,"t-bag YDteam",windows,dos,0 11057,platforms/php/webapps/11057.txt,"Read Excel Script 1.1 - Shell Upload",2010-01-07,Yozgat.Us,php,webapps,0 11059,platforms/windows/remote/11059.html,"JcomBand toolbar on IE - ActiveX Buffer Overflow Exploit",2010-01-07,"germaya_x and D3V!L FUCKER",windows,remote,0 11060,platforms/php/webapps/11060.txt,"Drupal 6.15 - Multiple Permanent XSS (0Day)",2010-01-07,emgent,php,webapps,80 -11061,platforms/php/webapps/11061.txt,"Joomla Component Regional Booking - (id) Blind SQL Injection",2010-01-07,"Hussin X",php,webapps,0 +11061,platforms/php/webapps/11061.txt,"Joomla Component Regional Booking - 'id' Blind SQL Injection",2010-01-07,"Hussin X",php,webapps,0 11062,platforms/windows/dos/11062.txt,"SopCast SopCore Control ActiveX - Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 11063,platforms/php/webapps/11063.txt,"CU Village CMS Site 1.0 - (print_view) Blind SQL Injection",2010-01-08,Red-D3v1L,php,webapps,0 11064,platforms/windows/dos/11064.txt,"UUSee ReliPlayer ActiveX - Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 11065,platforms/windows/dos/11065.html,"SPlayer XvidDecoder 3.3 - ActiveX Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 11068,platforms/php/webapps/11068.txt,"Joomla Component com_ksadvertiser - SQL Injection",2010-01-08,FL0RiX,php,webapps,0 -11069,platforms/php/webapps/11069.txt,"DELTAScripts PHPLinks - (catid) SQL Injection",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 +11069,platforms/php/webapps/11069.txt,"DELTAScripts PHPLinks - 'catid' SQL Injection",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 11070,platforms/windows/dos/11070.txt,"Windows Live Messenger 2009 - ActiveX DoS",2010-01-08,"HACKATTACK IT SECURITY GmbH",windows,dos,0 11071,platforms/php/webapps/11071.txt,"DELTAScripts PHPClassifieds - (rate.php) Blind SQL Injection",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 11075,platforms/php/webapps/11075.txt,"ProfitCode Shopping Cart - Multiple LFI/RFI Vulnerabilities",2010-01-09,"Zer0 Thunder",php,webapps,0 @@ -10193,7 +10193,7 @@ id,file,description,date,author,platform,type,port 11089,platforms/php/webapps/11089.txt,"Joomla Component com_jvideodirect - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11090,platforms/php/webapps/11090.txt,"Joomla Component com_jashowcase - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal BOF-SEH (Metasploit)",2010-01-10,fb1h2s,windows,local,0 -11094,platforms/php/webapps/11094.txt,"Simply Classified 0.2 - XSS / CSRF",2010-01-10,mr_me,php,webapps,0 +11094,platforms/php/webapps/11094.txt,"Simply Classified 0.2 - XSS / Cross-site Request Forgery",2010-01-10,mr_me,php,webapps,0 11095,platforms/windows/dos/11095.txt,"YPOPS! 0.9.7.3 - Buffer Overflow (SEH)",2010-01-10,blake,windows,dos,0 11096,platforms/asp/webapps/11096.txt,"ABB 1.1 - Forum Remote Database Disclosure",2010-01-10,"ViRuSMaN ",asp,webapps,0 11097,platforms/asp/webapps/11097.txt,"Egreetings 1.0 b - Remote Database Disclosure",2010-01-10,"ViRuSMaN ",asp,webapps,0 @@ -10201,7 +10201,7 @@ id,file,description,date,author,platform,type,port 11101,platforms/hardware/webapps/11101.txt,"D-Link Routers - Authentication Bypass",2010-01-10,"SourceSec DevTeam",hardware,webapps,0 11103,platforms/windows/dos/11103.html,"VLC Player 0.8.6i - ActiveX DoS PoC",2010-01-10,"D3V!L FUCKER and germaya_x",windows,dos,0 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x - File Upload",2010-01-11,Cyber_945,php,webapps,0 -11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & SP4 - DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 +11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & SP4 - Denial of Service",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script - Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 @@ -10214,14 +10214,14 @@ id,file,description,date,author,platform,type,port 11124,platforms/php/webapps/11124.txt,"CiviCRM 3.1 < Beta 5 - Multiple XSS Vulnerabilities",2010-01-13,h00die,php,webapps,0 11125,platforms/hardware/dos/11125.pl,"SwiFTP 1.11 - Overflow DoS PoC",2010-01-13,"Julien Bedard",hardware,dos,2121 11126,platforms/php/webapps/11126.txt,"Populum 2.3 - SQL Injection",2010-01-13,SiLeNtp0is0n,php,webapps,80 -11127,platforms/php/webapps/11127.txt,"Hesk Help Desk 2.1 - CSRF",2010-01-13,The.Morpheus,php,webapps,80 +11127,platforms/php/webapps/11127.txt,"Hesk Help Desk 2.1 - Cross-site Request Forgery",2010-01-13,The.Morpheus,php,webapps,80 11130,platforms/windows/dos/11130.pl,"Ofilter Player - (skin.ini) Local Crash PoC",2010-01-13,"Rehan Ahmed",windows,dos,0 11131,platforms/windows/dos/11131.pl,"TurboFTP Server 1.00.712 - Remote DoS",2010-01-13,corelanc0d3r,windows,dos,0 11132,platforms/windows/dos/11132.pl,"Nemesis Player (NSP) - Local Denial of Service (DoS)",2010-01-13,"Rehan Ahmed",windows,dos,0 11133,platforms/windows/dos/11133.pl,"NPlayer - (.dat Skin) Local Heap Overflow PoC",2010-01-13,"Rehan Ahmed",windows,dos,0 -11134,platforms/asp/webapps/11134.txt,"Asp VevoCart Control System 3.0.4 - DB Download",2010-01-13,indoushka,asp,webapps,0 +11134,platforms/asp/webapps/11134.txt,"Asp VevoCart Control System 3.0.4 - Database Download",2010-01-13,indoushka,asp,webapps,0 11135,platforms/php/webapps/11135.txt,"PSI CMS 0.3.1 - SQL Injection",2010-01-13,"learn3r hacker",php,webapps,0 -11136,platforms/php/webapps/11136.txt,"Public Media Manager - SQLi",2010-01-13,"learn3r hacker",php,webapps,0 +11136,platforms/php/webapps/11136.txt,"Public Media Manager - SQL Injection",2010-01-13,"learn3r hacker",php,webapps,0 11138,platforms/windows/remote/11138.c,"Apple iTunes 8.1.x - (daap) Buffer Overflow Remote Exploit",2010-01-14,Simo36,windows,remote,0 11139,platforms/windows/local/11139.c,"Winamp 5.05-5.13 - (.ini) Local Stack Buffer Overflow PoC",2010-01-14,"fl0 fl0w",windows,local,0 11140,platforms/php/webapps/11140.txt,"Joomla Component com_articlemanager - SQL Injection",2010-01-14,FL0RiX,php,webapps,0 @@ -10248,27 +10248,27 @@ id,file,description,date,author,platform,type,port 11165,platforms/windows/dos/11165.pl,"MediaMonkey Player - Local Denial of Service (DoS)",2010-01-17,Red-D3v1L,windows,dos,0 11166,platforms/php/webapps/11166.txt,"Uploader by CeleronDude 5.3.0 - Upload",2010-01-17,Stink',php,webapps,0 11167,platforms/windows/remote/11167.py,"Microsoft Internet Explorer 6 - Aurora Exploit",2010-01-17,"Ahmed Obied",windows,remote,0 -11168,platforms/php/webapps/11168.txt,"Joomla Component com_pc - LFI",2010-01-17,Pyske,php,webapps,0 +11168,platforms/php/webapps/11168.txt,"Joomla Component com_pc - Local File Inclusion",2010-01-17,Pyske,php,webapps,0 11169,platforms/php/webapps/11169.txt,"Max's Image Uploader - Shell Upload",2010-01-17,indoushka,php,webapps,0 -11171,platforms/windows/local/11171.pl,"Audiotran 1.4.1 - Direct RET BoF",2010-01-17,jacky,windows,local,0 +11171,platforms/windows/local/11171.pl,"Audiotran 1.4.1 - Direct RET Buffer Overflow",2010-01-17,jacky,windows,local,0 11172,platforms/windows/remote/11172.html,"Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Exec PoC (0Day)",2010-01-17,superli,windows,remote,0 11173,platforms/windows/remote/11173.txt,"TrendMicro Web-Deployment ActiveX - Remote Exec PoC (0Day)",2010-01-17,superli,windows,remote,0 11174,platforms/windows/local/11174.c,"VLC 0.8.6 a/b/c/d - (.ASS) Buffer Overflow Exploit (Win32 universal)",2010-01-17,"fl0 fl0w",windows,local,0 11176,platforms/windows/dos/11176.txt,"Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Exec PoC (0Day)",2010-01-17,superli,windows,dos,0 11177,platforms/php/webapps/11177.txt,"Joomla Component com_prime - Directory Traversal",2010-01-17,FL0RiX,php,webapps,0 11178,platforms/php/webapps/11178.txt,"Joomla Component com_libros - SQL Injection",2010-01-17,FL0RiX,php,webapps,0 -11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2 - BoF",2010-01-18,"John Babio",windows,remote,0 +11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2 - Buffer Overflow",2010-01-18,"John Babio",windows,remote,0 11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 - (.mp3) Local Denial of Service (DoS)",2010-01-18,Red-D3v1L,windows,dos,0 11182,platforms/windows/dos/11182.txt,"Microsoft Internet Explorer 6/7/8 - DoS (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 11183,platforms/php/webapps/11183.txt,"Testlink TestManagement and Execution System 1.8.5 - Multiple Directory Traversal Vulnerabilities",2010-01-18,"Prashant Khandelwal",php,webapps,0 -11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting",2010-01-18,"Ivan Huertas",multiple,webapps,0 +11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x < 2.6.0 - Permanent Cross-site Scripting",2010-01-18,"Ivan Huertas",multiple,webapps,0 11185,platforms/php/webapps/11185.html,"al3jeb script - Remote Change Password Exploit",2010-01-18,alnjm33,php,webapps,0 11186,platforms/multiple/webapps/11186.txt,"FreePBX 2.5.1 - SQL injection",2010-01-18,"Ivan Huertas",multiple,webapps,0 11187,platforms/multiple/webapps/11187.txt,"FreePBX 2.5.x - Information Disclosure",2010-01-18,"Ivan Huertas",multiple,webapps,0 11188,platforms/php/webapps/11188.txt,"Fatwiki (fwiki) 1.0 - Remote File Inclusion",2010-01-18,kaMtiEz,php,webapps,0 11189,platforms/php/webapps/11189.txt,"Soft Direct 1.05 - Multiple Vulnerabilities",2010-01-18,indoushka,php,webapps,0 11190,platforms/windows/dos/11190.txt,"AOL 9.5 - ActiveX Heap Overflow",2010-01-19,"Hellcode Research",windows,dos,0 -11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - (.m3u) Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 +11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - '.m3u' Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 11192,platforms/windows/dos/11192.txt,"OpenOffice - (.slk) Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender - ActiveX Heap Overflow PoC",2010-01-19,SarBoT511,windows,dos,0 11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow PoC",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 @@ -10278,15 +10278,15 @@ id,file,description,date,author,platform,type,port 11202,platforms/windows/local/11202.pl,"RM Downloader - .m3u BoF (SEH)",2010-01-19,jacky,windows,local,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN 2.6.4 - File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Exploit (Heap Spray) (0Day)",2010-01-20,Dz_attacker,windows,remote,0 -11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - (.m3u) Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 -11208,platforms/windows/local/11208.pl,"jetAudio 8.0.0.2 Basic - (m3u) Stack Overflow Exploit",2010-01-21,"cr4wl3r ",windows,local,0 +11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - '.m3u' Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 +11208,platforms/windows/local/11208.pl,"jetAudio 8.0.0.2 Basic - '.m3u' Stack Overflow Exploit",2010-01-21,"cr4wl3r ",windows,local,0 11209,platforms/windows/dos/11209.pl,"jetAudio 8.0.0.2 Basic (.asx) - Local Crash Exploit",2010-01-21,"cr4wl3r ",windows,dos,0 11210,platforms/windows/remote/11210.rb,"EFS Easy Chat Server - Universal BOF-SEH (Metasploit)",2010-01-21,fb1h2s,windows,remote,0 11211,platforms/multiple/webapps/11211.txt,"cPanel - HTTP Response Splitting",2010-01-21,Trancer,multiple,webapps,0 11212,platforms/asp/webapps/11212.txt,"eWebeditor - Directory Traversal",2010-01-21,anonymous,asp,webapps,0 11213,platforms/php/webapps/11213.txt,"Joomla Component com_book - SQL Injection",2010-01-21,Evil-Cod3r,php,webapps,0 11214,platforms/windows/dos/11214.html,"Windows Live Messenger 2009 - ActiveX Heap Overflow PoC",2010-01-21,SarBoT511,windows,dos,0 -11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server 1.9.8/Win32 - CSRF",2010-01-21,"cp77fk4r ",windows,webapps,0 +11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server 1.9.8/Win32 - Cross-site Request Forgery",2010-01-21,"cp77fk4r ",windows,webapps,0 11216,platforms/php/webapps/11216.txt,"Blog System 1.x - (note) SQL Injection",2010-01-21,"BorN To K!LL",php,webapps,0 11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - (defer)Remote Buffer Overflow PoC",2010-01-21,SkuLL-HackeR,windows,dos,0 11218,platforms/multiple/webapps/11218.txt,"jQuery uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 @@ -10339,17 +10339,17 @@ id,file,description,date,author,platform,type,port 11279,platforms/php/webapps/11279.txt,"Joomla Component com_kunena - Blind SQL Injection",2010-01-28,B-HUNT3|2,php,webapps,0 11280,platforms/php/webapps/11280.txt,"Joomla Component jVideoDirect - Blind SQL Injection",2010-01-28,B-HUNT3|2,php,webapps,0 11281,platforms/windows/local/11281.c,"Rising AntiVirus 2008/2009/2010 - Local Privilege Escalation Exploit",2010-01-28,Dlrow,windows,local,0 -11282,platforms/php/webapps/11282.txt,"Joomla Component com_ccnewsletter - LFI",2010-01-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 -11284,platforms/php/webapps/11284.txt,"PHP Product Catalog - CSRF Change Administrator Password",2010-01-29,bi0,php,webapps,0 +11282,platforms/php/webapps/11282.txt,"Joomla Component com_ccnewsletter - Local File Inclusion",2010-01-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 +11284,platforms/php/webapps/11284.txt,"PHP Product Catalog - CSRF (Change Administrator Password)",2010-01-29,bi0,php,webapps,0 11286,platforms/php/webapps/11286.txt,"Joomla JReservation - Blind SQL Injection",2010-01-29,B-HUNT3|2,php,webapps,0 11287,platforms/php/webapps/11287.txt,"Joomla Component JE Quiz - Blind SQL Injection",2010-01-29,B-HUNT3|2,php,webapps,0 -11288,platforms/multiple/dos/11288.py,"Wireshark 1.2.5 - LWRES getaddrbyname Stack BOF",2010-01-29,babi,multiple,dos,0 +11288,platforms/multiple/dos/11288.py,"Wireshark 1.2.5 - LWRES getaddrbyname Stack Buffer Overflow",2010-01-29,babi,multiple,dos,0 11289,platforms/php/webapps/11289.txt,"Joomla Component com_dms 2.5.1 - SQL Injection",2010-01-30,kaMtiEz,php,webapps,0 -11290,platforms/php/webapps/11290.txt,"phpunity.newsmanager - LFI",2010-01-30,kaMtiEz,php,webapps,0 +11290,platforms/php/webapps/11290.txt,"phpunity.newsmanager - Local File Inclusion",2010-01-30,kaMtiEz,php,webapps,0 11291,platforms/hardware/dos/11291.txt,"Xerox Workcenter 4150 - Remote Buffer Overflow",2010-01-30,"Francis Provencher",hardware,dos,0 11292,platforms/php/webapps/11292.txt,"Joomla Component JE Event Calendar - SQL Injection",2010-01-30,B-HUNT3|2,php,webapps,0 11293,platforms/windows/remote/11293.py,"Vermillion FTP Deamon 1.31 - Remote BoF Exploit",2010-01-30,Dz_attacker,windows,remote,0 -11294,platforms/php/webapps/11294.txt,"Joomla Component com_simplefaq - (catid) Blind SQL Injection",2010-01-30,"AtT4CKxT3rR0r1ST ",php,webapps,0 +11294,platforms/php/webapps/11294.txt,"Joomla Component com_simplefaq - 'catid' Blind SQL Injection",2010-01-30,"AtT4CKxT3rR0r1ST ",php,webapps,0 11295,platforms/asp/webapps/11295.txt,"eWebeditor ASP Version - Multiple Vulnerabilities",2010-01-29,anonymous,asp,webapps,0 11296,platforms/php/webapps/11296.txt,"ThinkAdmin - (page.php) SQL Injection",2010-01-30,"AtT4CKxT3rR0r1ST ",php,webapps,0 11297,platforms/php/webapps/11297.txt,"IPB (nv2) Awards < 1.1.0 - SQL Injection PoC",2010-01-30,fred777,php,webapps,0 @@ -10364,7 +10364,7 @@ id,file,description,date,author,platform,type,port 11308,platforms/php/webapps/11308.txt,"Joomla (Yelp Component) - SQL Injection",2010-02-01,B-HUNT3|2,php,webapps,0 11309,platforms/php/webapps/11309.txt,"Snif 1.5.2 - Any Filetype Download Exploit",2010-02-01,Aodrulez,php,webapps,0 11310,platforms/asp/webapps/11310.txt,"RaakCMS - Multiple Vulnerabilities",2010-02-01,"Pouya Daneshmand",asp,webapps,0 -11311,platforms/php/webapps/11311.txt,"Home Of AlegroCart 1.1 - CSRF Change Administrator Password",2010-02-01,The.Morpheus,php,webapps,0 +11311,platforms/php/webapps/11311.txt,"Home Of AlegroCart 1.1 - CSRF (Change Administrator Password)",2010-02-01,The.Morpheus,php,webapps,0 11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (password field) Universal BoF Exploit",2010-02-02,mr_me,windows,local,0 11315,platforms/windows/local/11315.c,"Deepburner pro 1.9.0.228 - .dbr file Buffer Overflow Exploit (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 11316,platforms/php/webapps/11316.txt,"GCP 2.0 datasets provided as BioCASE Web services - Local File Inclusion",2010-02-02,R3VAN_BASTARD,php,webapps,0 @@ -10372,7 +10372,7 @@ id,file,description,date,author,platform,type,port 11318,platforms/php/webapps/11318.txt,"Dlili Script - SQL Injection",2010-02-02,Dr.DaShEr,php,webapps,0 11319,platforms/php/webapps/11319.txt,"MYRE Classified - (cat) SQL Injection",2010-02-02,kaMtiEz,php,webapps,0 11320,platforms/windows/dos/11320.pl,"Digital Amp MP3 3.1 - (.Mp3) Local Crash PoC",2010-02-02,SkuLL-HackeR,windows,dos,0 -11321,platforms/php/webapps/11321.txt,"MobPartner Chat - Multiple SQL Injection",2010-02-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 +11321,platforms/php/webapps/11321.txt,"MobPartner Chat - Multiple SQL Injections",2010-02-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 - (Add Admin) CSRF",2010-02-03,"Milos Zivanovic ",php,webapps,0 11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script - (Auth Bypass) SQL Injection",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0 11324,platforms/jsp/webapps/11324.txt,"Hipergate 4.0.12 - Multiple Vulnerabilities",2010-02-03,"Nahuel Grisolia",jsp,webapps,0 @@ -10384,7 +10384,7 @@ id,file,description,date,author,platform,type,port 11330,platforms/windows/webapps/11330.txt,"ManageEngine OpUtils 5 - 'Login.DO' SQL Injection",2010-02-04,"Asheesh Anaconda",windows,webapps,0 11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 - reversible encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 11332,platforms/windows/dos/11332.pl,"Opera 10.10 - Remote Code Execution Denial of Service",2010-02-05,"cr4wl3r ",windows,dos,0 -11333,platforms/windows/local/11333.pl,"FoxPlayer 1.7.0 - (.m3u) Local Buffer Overflow Exploit",2010-02-05,"cr4wl3r ",windows,local,0 +11333,platforms/windows/local/11333.pl,"FoxPlayer 1.7.0 - '.m3u' Local Buffer Overflow Exploit",2010-02-05,"cr4wl3r ",windows,local,0 11334,platforms/php/webapps/11334.txt,"Audistats 1.3 - SQL Injection",2010-02-05,kaMtiEz,php,webapps,0 11336,platforms/php/webapps/11336.txt,"Open Bulletin Board - Multiple Blind SQL Injection",2010-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 11337,platforms/php/webapps/11337.txt,"Joomla (com_photoblog) - Blind SQL Injection",2010-02-06,"ALTBTA ",php,webapps,0 @@ -10418,7 +10418,7 @@ id,file,description,date,author,platform,type,port 11366,platforms/php/webapps/11366.txt,"Newsletter Tailor - Database Backup Dump",2010-02-09,"ViRuSMaN ",php,webapps,0 11367,platforms/php/webapps/11367.txt,"Newsletter Tailor - (Auth Bypass) SQL Injection",2010-02-09,"ViRuSMaN ",php,webapps,0 11368,platforms/php/webapps/11368.txt,"Yes Solutions - Webapp SQL Injection",2010-02-09,"HackXBack ",php,webapps,0 -11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 - SQL Injection / Cross-Site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 +11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 - SQL Injection / Cross-site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow Exploit (0Day)",2010-02-09,"fl0 fl0w",windows,local,0 11374,platforms/windows/dos/11374.pl,"WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)",2010-02-09,JIKO,windows,dos,0 11375,platforms/php/webapps/11375.txt,"Zomorrod CMS - SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0 @@ -10427,17 +10427,17 @@ id,file,description,date,author,platform,type,port 11378,platforms/php/webapps/11378.txt,"Newsletter Tailor 0.2.0 - Remote File Inclusion",2010-02-09,snakespc,php,webapps,0 11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - opml File Buffer Overflow Exploit",2010-02-09,"fl0 fl0w",windows,local,0 11380,platforms/php/webapps/11380.txt,"osTicket 1.6 RC5 - Multiple Vulnerabilities",2010-02-09,"Nahuel Grisolia",php,webapps,0 -11382,platforms/php/webapps/11382.txt,"eSmile Script - (index.php) SQL Injection",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0 -11383,platforms/php/webapps/11383.txt,"HASHE! Solutions - Multiple SQL Injection",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0 +11382,platforms/php/webapps/11382.txt,"eSmile Script - 'index.php' SQL Injection",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0 +11383,platforms/php/webapps/11383.txt,"HASHE! Solutions - Multiple SQL Injections",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0 11384,platforms/windows/local/11384.py,"WM Downloader 3.0.0.9 - PLS PLA Exploit (Windows XP SP3)",2010-02-10,"Beenu Arora",windows,local,0 11385,platforms/php/webapps/11385.txt,"ULoki Community Forum 2.1 - (usercp.php) XSS",2010-02-10,"Sioma Labs",php,webapps,0 11391,platforms/windows/dos/11391.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)",2010-02-10,loneferret,windows,dos,0 11392,platforms/windows/dos/11392.c,"Radasm 2.2.1.6 - (.rap) Local Buffer Overflow PoC",2010-02-11,"fl0 fl0w",windows,dos,0 11393,platforms/jsp/webapps/11393.txt,"Omnidocs - SQL Injection",2010-02-11,thebluegenius,jsp,webapps,0 -11394,platforms/php/webapps/11394.txt,"vBulletin 3.5.2 - XSS",2010-02-11,ROOT_EGY,php,webapps,0 -11395,platforms/php/webapps/11395.txt,"vBulletin 3.0.0 - XSS",2010-02-11,ROOT_EGY,php,webapps,0 +11394,platforms/php/webapps/11394.txt,"vBulletin 3.5.2 - Cross-site Scripting",2010-02-11,ROOT_EGY,php,webapps,0 +11395,platforms/php/webapps/11395.txt,"vBulletin 3.0.0 - Cross-site Scripting",2010-02-11,ROOT_EGY,php,webapps,0 11396,platforms/php/webapps/11396.txt,"vBulletin 2.3.x - SQL Injection",2010-02-11,ROOT_EGY,php,webapps,0 -11397,platforms/php/dos/11397.txt,"PHP Captcha Security Images - DoS",2010-02-11,"cp77fk4r ",php,dos,0 +11397,platforms/php/dos/11397.txt,"PHP Captcha Security Images - Denial of Service",2010-02-11,"cp77fk4r ",php,dos,0 11398,platforms/php/webapps/11398.txt,"GameRoom Script - Admin Bypass / File Upload",2010-02-11,JIKO,php,webapps,0 11399,platforms/php/webapps/11399.txt,"myPHP Guestbook 2.0.4 - Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 11400,platforms/windows/local/11400.py,"Radasm 2.2.1.6 - (.rap) Universal Buffer Overflow Exploit",2010-02-11,Dz_attacker,windows,local,0 @@ -10475,7 +10475,7 @@ id,file,description,date,author,platform,type,port 11441,platforms/php/webapps/11441.txt,"WordPress 2.9 - Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0 11442,platforms/php/webapps/11442.txt,"PEAR 1.9.0 - Multiple Remote File Inclusion",2010-02-14,eidelweiss,php,webapps,0 11443,platforms/php/webapps/11443.txt,"Calendarix 0.8.20071118 - SQL Injection",2010-02-14,Thibow,php,webapps,0 -11444,platforms/php/webapps/11444.txt,"ShortCMS 1.2.0 - SQLi",2010-02-14,Thibow,php,webapps,0 +11444,platforms/php/webapps/11444.txt,"ShortCMS 1.2.0 - SQL Injection",2010-02-14,Thibow,php,webapps,0 11445,platforms/php/webapps/11445.txt,"JTL-Shop 2 - (druckansicht.php) SQL Injection",2010-02-14,Lo$T,php,webapps,0 11446,platforms/php/webapps/11446.txt,"Mambo com_akogallery - SQL Injection",2010-02-14,snakespc,php,webapps,0 11447,platforms/php/webapps/11447.txt,"Joomla (Jw_allVideos) - Remote File Download",2010-02-14,"Pouya Daneshmand",php,webapps,0 @@ -10496,7 +10496,7 @@ id,file,description,date,author,platform,type,port 11465,platforms/windows/local/11465.py,"Ollydbg 2.00 Beta1 - Local Buffer Overflow Exploit",2010-02-15,_SuBz3r0_,windows,local,0 11466,platforms/php/webapps/11466.txt,"microUpload - Shell Upload",2010-02-15,Phenom,php,webapps,0 11467,platforms/ios/dos/11467.py,"iOS My DBLite Edition - Remote Denial of Service (0Day)",2010-02-15,"Jason Bowes",ios,dos,0 -11468,platforms/windows/remote/11468.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF",2010-02-15,dookie,windows,remote,21 +11468,platforms/windows/remote/11468.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow",2010-02-15,dookie,windows,remote,21 11469,platforms/windows/dos/11469.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0 11470,platforms/windows/dos/11470.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (PoC)",2010-02-15,loneferret,windows,dos,0 11472,platforms/ios/dos/11472.py,"iOS FTP On The Go 2.1.2 - HTTP Remote DoS",2010-02-15,TecR0c,ios,dos,0 @@ -10504,7 +10504,7 @@ id,file,description,date,author,platform,type,port 11474,platforms/php/webapps/11474.txt,"Mambo Component com_acnews - [id] SQL Injection",2010-02-16,"Zero Bits and Xzit3",php,webapps,0 11475,platforms/windows/local/11475.txt,"OtsTurntables Free 1.00.047 - (.olf) Universal Buffer Overflow Exploit",2010-02-16,mr_me,windows,local,0 11476,platforms/php/webapps/11476.txt,"SongForever.com - Clone Shell Upload",2010-02-16,indoushka,php,webapps,0 -11477,platforms/php/webapps/11477.txt,"Limny 2.0 Change Email and Password - CSRF Exploit",2010-02-16,"Luis Santana",php,webapps,0 +11477,platforms/php/webapps/11477.txt,"Limny 2.0 0 Change Email and Password CSRF Exploit",2010-02-16,"Luis Santana",php,webapps,0 11478,platforms/php/webapps/11478.txt,"Limny 2.0 - Create Admin User CSRF Exploit",2010-02-16,"Luis Santana",php,webapps,0 11479,platforms/php/webapps/11479.txt,"Joomla Component com_acstartseite - SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11480,platforms/php/webapps/11480.txt,"Joomla Component com_acprojects - SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10521,27 +10521,27 @@ id,file,description,date,author,platform,type,port 11491,platforms/multiple/local/11491.rb,"iTunes 9.0.1 - (.pls) Handling Buffer Overflow",2010-02-17,"S2 Crew",multiple,local,0 11492,platforms/windows/dos/11492.html,"Rising Online Virus Scanner 22.0.0.5 - ActiveX Control DoS (Stack overflow)",2010-02-18,wirebonder,windows,dos,0 11494,platforms/php/webapps/11494.txt,"Joomla Component com_otzivi - Local File Inclusion",2010-02-18,"AtT4CKxT3rR0r1ST ",php,webapps,0 -11495,platforms/php/webapps/11495.txt,"CubeCart - (index.php) SQL Injection",2010-02-18,"AtT4CKxT3rR0r1ST ",php,webapps,0 +11495,platforms/php/webapps/11495.txt,"CubeCart - 'index.php' SQL Injection",2010-02-18,"AtT4CKxT3rR0r1ST ",php,webapps,0 11496,platforms/php/webapps/11496.txt,"Open Source Classifieds 1.1.0 - Alpha (OSClassi) Multiple Vulnerabilities",2010-02-18,"Sioma Labs",php,webapps,0 11497,platforms/linux/remote/11497.txt,"gitWeb 1.5.2 - Remote Command Execution",2010-02-18,"S2 Crew",linux,remote,0 11498,platforms/php/webapps/11498.txt,"Joomla Plugin Core Design Scriptegrator - Local File Inclusion",2010-02-18,"S2 Crew",php,webapps,0 11499,platforms/ios/dos/11499.pl,"iOS FileApp 1.7 - Remote Denial of Service",2010-02-18,Ale46,ios,dos,0 11500,platforms/windows/remote/11500.py,"Easy~Ftp Server 1.7.0.2 - (HTTP) Remote BoF Exploit",2010-02-18,"ThE g0bL!N",windows,remote,0 -11502,platforms/php/webapps/11502.txt,"phpAutoVideo - CSRF",2010-02-19,GoLdeN-z3r0,php,webapps,0 +11502,platforms/php/webapps/11502.txt,"phpAutoVideo - Cross-site Request Forgery",2010-02-19,GoLdeN-z3r0,php,webapps,0 11503,platforms/php/webapps/11503.txt,"Litespeed Web Server 4.0.12 - (Add Admin) CSRF / XSS",2010-02-19,d1dn0t,php,webapps,0 11504,platforms/php/webapps/11504.txt,"Amelia CMS - SQL Injection",2010-02-19,Ariko-Security,php,webapps,0 11507,platforms/php/webapps/11507.txt,"WSC CMS - (Bypass) SQL Injection",2010-02-19,Phenom,php,webapps,0 11508,platforms/php/webapps/11508.txt,"Trixbox 2.2.4 - PhonecDirectory.php SQL Injection",2010-02-19,NorSlacker,php,webapps,0 -11509,platforms/php/webapps/11509.txt,"Phpkit 1.6.1 - Multiple SQL Injection",2010-02-19,"Easy Laster",php,webapps,0 -11511,platforms/php/webapps/11511.txt,"Joomla Component com_communitypolls 1.5.2 - LFI",2010-02-19,kaMtiEz,php,webapps,0 +11509,platforms/php/webapps/11509.txt,"Phpkit 1.6.1 - Multiple SQL Injections",2010-02-19,"Easy Laster",php,webapps,0 +11511,platforms/php/webapps/11511.txt,"Joomla Component com_communitypolls 1.5.2 - Local File Inclusion",2010-02-19,kaMtiEz,php,webapps,0 11515,platforms/php/webapps/11515.txt,"FlatFile Login System - Remote Password Disclosure",2010-02-20,"ViRuSMaN ",php,webapps,0 11516,platforms/php/webapps/11516.html,"TimeClock 0.99 - CSRF Remote Add Admin Exploit",2010-02-20,"ViRuSMaN ",php,webapps,0 11517,platforms/php/webapps/11517.txt,"Netzbrett - Database Disclosure",2010-02-20,"ViRuSMaN ",php,webapps,0 11518,platforms/php/webapps/11518.txt,"Softbiz Jobs - (news_desc) SQL Injection",2010-02-22,BAYBORA,php,webapps,0 11519,platforms/php/webapps/11519.txt,"Ac4p.com Gallery 1.0 - Multiple Vulnerabilities",2010-02-22,indoushka,php,webapps,0 11520,platforms/ios/dos/11520.pl,"iOS iFTPStorage 1.2 - Remote Denial of Service",2010-02-22,Ale46,ios,dos,0 -11521,platforms/php/webapps/11521.txt,"Ero Auktion 2.0 - (news.php) SQL Injection",2010-02-22,"Easy Laster",php,webapps,0 -11522,platforms/php/webapps/11522.txt,"Ero Auktion 2010 - (news.php) SQL Injection",2010-02-22,"Easy Laster",php,webapps,0 +11521,platforms/php/webapps/11521.txt,"Ero Auktion 2.0 - 'news.php' SQL Injection",2010-02-22,"Easy Laster",php,webapps,0 +11522,platforms/php/webapps/11522.txt,"Ero Auktion 2010 - 'news.php' SQL Injection",2010-02-22,"Easy Laster",php,webapps,0 11523,platforms/php/webapps/11523.txt,"Galerie Dezign-Box France - Multiple Vulnerabilities",2010-02-22,indoushka,php,webapps,0 11524,platforms/php/webapps/11524.txt,"Arab Cart 1.0.2.0 - Multiple Vulnerabilities",2010-02-22,indoushka,php,webapps,0 11526,platforms/php/webapps/11526.txt,"vBSEO 3.1.0 - Local File Inclusion",2010-02-22,"ViRuSMaN ",php,webapps,0 @@ -10556,38 +10556,38 @@ id,file,description,date,author,platform,type,port 11535,platforms/windows/dos/11535.pl,"Media Player Classic 6.4.9.1 - (.avi) Buffer Overflow Exploit",2010-02-22,"cr4wl3r ",windows,dos,0 11536,platforms/windows/dos/11536.pl,"GOM Player 2.1.21.4846 - (.wav) Buffer Overflow Exploit",2010-02-22,"cr4wl3r ",windows,dos,0 11537,platforms/windows/dos/11537.pl,"Chasys Media Player 1.1 - (.mid) Local Buffer Overflow",2010-02-22,"cr4wl3r ",windows,dos,0 -11539,platforms/windows/remote/11539.py,"Easy FTP Server 1.7.0.2 - CWD Remote BoF",2010-02-22,athleet,windows,remote,0 +11539,platforms/windows/remote/11539.py,"Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow",2010-02-22,athleet,windows,remote,0 11540,platforms/windows/dos/11540.pl,"E.M. Total Video Player 1.31 - (.wav) Local Crash Exploit",2010-02-22,v3n0m,windows,dos,0 11541,platforms/windows/dos/11541.pl,"E.M. Total Video Player 1.31 - (.avi) Local Crash PoC",2010-02-22,diving,windows,dos,0 -11543,platforms/php/webapps/11543.txt,"Softbiz Jobs - CSRF",2010-02-23,"pratul agrawal",php,webapps,0 +11543,platforms/php/webapps/11543.txt,"Softbiz Jobs - Cross-site Request Forgery",2010-02-23,"pratul agrawal",php,webapps,0 11544,platforms/php/webapps/11544.php,"Joomla Component com_ice - Blind SQL Injection",2010-02-23,snakespc,php,webapps,0 11546,platforms/hardware/dos/11546.py,"iPhone - FTP Server (WiFi FTP) by SavySoda DoS/PoC",2010-02-23,b0telh0,hardware,dos,0 -11547,platforms/php/webapps/11547.txt,"Php Auktion Pro SQL - (news.php) SQL Injection",2010-02-23,"Easy Laster",php,webapps,0 -11548,platforms/php/webapps/11548.txt,"Top Auktion - (news.php) SQL Injection",2010-02-23,"Easy Laster",php,webapps,0 +11547,platforms/php/webapps/11547.txt,"Php Auktion Pro SQL - 'news.php' SQL Injection",2010-02-23,"Easy Laster",php,webapps,0 +11548,platforms/php/webapps/11548.txt,"Top Auktion - 'news.php' SQL Injection",2010-02-23,"Easy Laster",php,webapps,0 11549,platforms/php/webapps/11549.pl,"Joomla Component user_id com_sqlreport - Blind SQL Injection",2010-02-23,snakespc,php,webapps,0 11550,platforms/php/webapps/11550.txt,"worksimple_1.3.2 - Multiple Vulnerabilities",2010-02-23,JIKO,php,webapps,0 -11551,platforms/php/webapps/11551.txt,"Softbiz Jobs - Multiple SQL Injection",2010-02-23,"Easy Laster",php,webapps,0 +11551,platforms/php/webapps/11551.txt,"Softbiz Jobs - Multiple SQL Injections",2010-02-23,"Easy Laster",php,webapps,0 11552,platforms/hardware/dos/11552.pl,"iPhone FtpDisc 1.0 - Denial of Service",2010-02-23,Ale46,hardware,dos,0 -11553,platforms/php/webapps/11553.txt,"Tinypug 0.9.5 - CSRF Password Change",2010-02-23,"AmnPardaz ",php,webapps,0 +11553,platforms/php/webapps/11553.txt,"Tinypug 0.9.5 - CSRF (Password Change)",2010-02-23,"AmnPardaz ",php,webapps,0 11554,platforms/php/webapps/11554.txt,"QuickDev 4 Php - Database Disclosure",2010-02-23,"ViRuSMaN ",php,webapps,0 11555,platforms/asp/webapps/11555.txt,"bispage - Bypass Exploit",2010-02-23,SaMir-BonD,asp,webapps,0 11556,platforms/hardware/dos/11556.pl,"iPhone FTP Server By Zhang Boyang - Remote Denial of Service",2010-02-23,Ale46,hardware,dos,0 11557,platforms/php/webapps/11557.txt,"Max's Photo Album - Shell Upload",2010-02-24,indoushka,php,webapps,0 -11558,platforms/php/webapps/11558.txt,"MySmartBB 1.0.0 - Cross-Site Scripting",2010-02-24,indoushka,php,webapps,0 -11559,platforms/php/webapps/11559.txt,"Article Friendly - CSRF",2010-02-24,"pratul agrawal",php,webapps,0 +11558,platforms/php/webapps/11558.txt,"MySmartBB 1.0.0 - Cross-site Scripting",2010-02-24,indoushka,php,webapps,0 +11559,platforms/php/webapps/11559.txt,"Article Friendly - Cross-site Request Forgery",2010-02-24,"pratul agrawal",php,webapps,0 11560,platforms/php/webapps/11560.txt,"WikyBlog 1.7.3rc2 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 11561,platforms/multiple/local/11561.html,"Mozilla Firefox 3.6 - URL Spoofing",2010-02-24,Unknown,multiple,local,0 -11563,platforms/php/webapps/11563.txt,"kalimat new system 1.0 - (index.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 +11563,platforms/php/webapps/11563.txt,"kalimat new system 1.0 - 'index.php' SQL Injection",2009-11-16,ProF.Code,php,webapps,0 11564,platforms/php/webapps/11564.txt,"ShortCMS 1.11F(B) (con) - SQL Injection",2010-02-24,Gamoscu,php,webapps,0 11565,platforms/php/webapps/11565.txt,"phpCOIN 1.2.1 - (mod.php) SQL Injection",2010-02-24,BAYBORA,php,webapps,0 11567,platforms/multiple/dos/11567.txt,"Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow DoS/PoC",2010-02-24,"Rad L. Sneak",multiple,dos,0 -11568,platforms/php/webapps/11568.txt,"Softbiz Auktios Script - Multiple SQL Injection",2010-02-24,"Easy Laster",php,webapps,0 +11568,platforms/php/webapps/11568.txt,"Softbiz Auktios Script - Multiple SQL Injections",2010-02-24,"Easy Laster",php,webapps,0 11569,platforms/php/webapps/11569.txt,"Web Server Creator Web Portal 0.1 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 11570,platforms/php/webapps/11570.txt,"PBBoard 2.0.5 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 11571,platforms/php/webapps/11571.txt,"Maian Uploader 4.0 - Shell Upload",2010-02-24,indoushka,php,webapps,0 11573,platforms/windows/local/11573.c,"MediaCoder 0.7.3.4605 - Local Buffer Overflow Exploit",2010-02-24,"fl0 fl0w",windows,local,0 11574,platforms/hardware/dos/11574.py,"iPhone - WebCore::CSSSelector() Remote Crash",2010-02-24,t12,hardware,dos,0 -11575,platforms/php/webapps/11575.txt,"Softbiz Classifieds PLUS - Multiple SQL Injection",2010-02-24,"Easy Laster",php,webapps,0 +11575,platforms/php/webapps/11575.txt,"Softbiz Classifieds PLUS - Multiple SQL Injections",2010-02-24,"Easy Laster",php,webapps,0 11576,platforms/php/webapps/11576.txt,"Softbiz Recipes Portal Script - (showcats.php) SQL Injection",2010-02-25,"Easy Laster",php,webapps,0 11577,platforms/php/webapps/11577.txt,"GameScript 3.0 - SQL Injection",2010-02-25,FormatXformat,php,webapps,0 11578,platforms/php/webapps/11578.php,"Joomla Component com_joomlaconnect_be - Blind Injection",2010-02-25,snakespc,php,webapps,0 @@ -10608,8 +10608,8 @@ id,file,description,date,author,platform,type,port 11595,platforms/php/webapps/11595.php,"Joomla Component com_paxgallery - Blind Injection",2010-02-27,snakespc,php,webapps,0 11596,platforms/php/webapps/11596.txt,"Slaed CMS 4.0 - Multiple Vulnerabilities",2010-02-27,indoushka,php,webapps,0 11597,platforms/hardware/dos/11597.py,"RCA DCM425 Cable Modem - micro_httpd DoS/PoC",2010-02-28,ad0nis,hardware,dos,0 -11599,platforms/php/webapps/11599.txt,"Uiga Personal Portal - index.php SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 -11600,platforms/php/webapps/11600.txt,"Uiga Fan Club - index.php SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 +11599,platforms/php/webapps/11599.txt,"Uiga Personal Portal - 'index.php' SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 +11600,platforms/php/webapps/11600.txt,"Uiga Fan Club - 'index.php' SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 11601,platforms/windows/dos/11601.pl,"Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service",2010-02-28,"John Cobb",windows,dos,0 11602,platforms/php/webapps/11602.txt,"HazelPress Lite 0.0.4 - (Auth Bypass) SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 11603,platforms/php/webapps/11603.txt,"Joomla Component com_yanc - SQL Injection",2010-02-28,snakespc,php,webapps,0 @@ -10617,7 +10617,7 @@ id,file,description,date,author,platform,type,port 11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri 2.1 - SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 11606,platforms/asp/webapps/11606.txt,"Majoda CMS - (Auth Bypass) SQL Injection",2010-02-28,Phenom,asp,webapps,0 11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FTPDisc 1.0 3 - ExploitsInOne Buffer Overflow DoS",2010-03-01,"Alberto Ortega",hardware,dos,0 -11609,platforms/php/webapps/11609.txt,"phptroubleticket 2.0 - (id) SQL Injection",2010-03-01,kaMtiEz,php,webapps,0 +11609,platforms/php/webapps/11609.txt,"phptroubleticket 2.0 - 'id' SQL Injection",2010-03-01,kaMtiEz,php,webapps,0 11610,platforms/php/webapps/11610.txt,"CMS by MyWorks - Multiple Vulnerabilities",2010-03-01,Palyo34,php,webapps,0 11611,platforms/asp/webapps/11611.txt,"Al Sat Scripti - Database Download",2010-03-02,indoushka,asp,webapps,0 11612,platforms/php/webapps/11612.txt,"osCSS 1.2.1 - Database Backups Disclosure",2010-03-02,indoushka,php,webapps,0 @@ -10627,7 +10627,7 @@ id,file,description,date,author,platform,type,port 11616,platforms/php/webapps/11616.txt,"My Little Forum - contact.php SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 11617,platforms/windows/dos/11617.txt,"Opera / Mozilla Firefox 3.6 - Long String Crash Exploit (0Day)",2010-03-02,"Asheesh kumar Mani Tripathi",windows,dos,0 11618,platforms/windows/remote/11618.pl,"ProSSHD 1.2 20090726 - Buffer Overflow Exploit",2010-03-02,"S2 Crew",windows,remote,0 -11619,platforms/php/webapps/11619.txt,"Uiga Church Portal - index.php SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 +11619,platforms/php/webapps/11619.txt,"Uiga Church Portal - 'index.php' SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi 1.0 - Shell Upload",2010-03-03,indoushka,php,webapps,0 11621,platforms/php/webapps/11621.txt,"Gnat-TGP 1.2.20 - Remote File Inclusion",2010-03-03,"cr4wl3r ",php,webapps,0 11622,platforms/windows/dos/11622.php,"Opera 10.50 - integer Overflow",2010-03-03,"Marcin Ressel",windows,dos,0 @@ -10643,7 +10643,7 @@ id,file,description,date,author,platform,type,port 11634,platforms/hardware/webapps/11634.pl,"Sagem Routers - Remote Auth bypass Exploit",2010-03-04,AlpHaNiX,hardware,webapps,0 11635,platforms/php/webapps/11635.pl,"ONECMS 2.5 - SQL Injection",2010-03-05,"Ctacok and .:[melkiy]:",php,webapps,0 11636,platforms/php/webapps/11636.php,"Kolang (proc_open PHP safe mode bypass 4.3.10 - 5.3.0)",2010-03-05,"Hamid Ebadi",php,webapps,0 -11637,platforms/php/webapps/11637.txt,"auktionshaus 3.0.0.1 - news.php (id) SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 +11637,platforms/php/webapps/11637.txt,"auktionshaus 3.0.0.1 - news.php 'id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 11638,platforms/php/webapps/11638.txt,"E-topbiz Link ADS 1 PHP script - (linkid) Blind SQL Injection",2010-03-05,JosS,php,webapps,0 11639,platforms/windows/dos/11639.txt,"Google Chrome 4.0.249 - XML Denial of Service PoC",2010-03-06,Blade,windows,dos,0 11641,platforms/php/webapps/11641.txt,"phpCOIN 1.2.1 - (mod.php) LFI",2010-03-06,_mlk_,php,webapps,0 @@ -10651,37 +10651,37 @@ id,file,description,date,author,platform,type,port 11644,platforms/multiple/dos/11644.py,"Flare 0.6 - Local Heap Overflow DoS",2010-03-06,l3D,multiple,dos,0 11646,platforms/php/webapps/11646.pl,"BigForum 4.5 - SQL Injection",2010-03-07,Ctacok,php,webapps,0 11647,platforms/windows/local/11647.pl,"Yahoo Player 1.0 - (.m3u/.pls/.ypl) Buffer Overflow Exploit (SEH)",2010-03-07,Mr.tro0oqy,windows,local,0 -11648,platforms/php/webapps/11648.txt,"bild flirt system 2.0 - index.php (id) SQL Injection",2010-03-07,"Easy Laster",php,webapps,0 +11648,platforms/php/webapps/11648.txt,"bild flirt system 2.0 - 'index.php' 'id' SQL Injection",2010-03-07,"Easy Laster",php,webapps,0 11650,platforms/windows/remote/11650.c,"Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit",2010-03-07,"Brett Gervasoni",windows,remote,0 11651,platforms/multiple/local/11651.sh,"(Tod Miller's) Sudo/SudoEdit 1.6.9p21 / 1.7.2p4 - Local Root Exploit",2010-03-07,kingcope,multiple,local,0 11652,platforms/windows/dos/11652.py,"TopDownloads MP3 Player 1.0 - .m3u crash",2010-03-07,l3D,windows,dos,0 -11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' - (id) news.php SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 +11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' - 'id' news.php SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 11655,platforms/php/webapps/11655.txt,"TRIBISUR 2.0 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 -11656,platforms/windows/local/11656.py,"QuickZip 4.x - (.zip) Local Universal Buffer Overflow PoC Exploit (0Day)",2010-03-08,"corelanc0d3r and mr_me",windows,local,0 +11656,platforms/windows/local/11656.py,"QuickZip 4.x - '.zip' Local Universal Buffer Overflow PoC Exploit (0Day)",2010-03-08,"corelanc0d3r and mr_me",windows,local,0 11657,platforms/php/webapps/11657.txt,"Chaton 1.5.2 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 11660,platforms/php/webapps/11660.txt,"PHP File Sharing System 1.5.1 - Multiple Vulnerabilities",2010-03-09,blake,php,webapps,0 11661,platforms/windows/remote/11661.txt,"SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray Exploit",2010-03-09,"Alexey Sintsov",windows,remote,0 11662,platforms/multiple/remote/11662.txt,"Apache Spamassassin Milter Plugin 0.3.1 - Remote Root Command Execution",2010-03-09,kingcope,multiple,remote,0 11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail 3.2.0-2.0 - Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 -11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - SQL Injection (id)",2010-03-09,kaMtiEz,php,webapps,0 +11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - 'id' SQL Injection",2010-03-09,kaMtiEz,php,webapps,0 11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (Metasploit)",2010-03-09,blake,windows,remote,0 11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g - (argument) Local Crash",2010-03-09,l3D,windows,dos,0 11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g - (.class) Stack Overflow DoS",2010-03-09,l3D,windows,dos,0 11671,platforms/php/webapps/11671.txt,"mhproducts kleinanzeigenmarkt - search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 11672,platforms/php/webapps/11672.txt,"Wild CMS - SQL Injection",2010-03-09,Ariko-Security,php,webapps,0 -11674,platforms/php/webapps/11674.txt,"nus newssystem 1.02 - (id) SQL Injection",2010-03-09,n3w7u,php,webapps,0 -11676,platforms/php/webapps/11676.txt,"Campsite 3.3.5 - CSRF",2010-03-10,"pratul agrawal",php,webapps,0 +11674,platforms/php/webapps/11674.txt,"nus newssystem 1.02 - 'id' SQL Injection",2010-03-09,n3w7u,php,webapps,0 +11676,platforms/php/webapps/11676.txt,"Campsite 3.3.5 - Cross-site Request Forgery",2010-03-10,"pratul agrawal",php,webapps,0 11677,platforms/hardware/webapps/11677.txt,"Friendly-Tech FriendlyTR69 CPE Remote Management 2.8.9 - SQL Injection",2010-03-10,"Yaniv Miron",hardware,webapps,0 11678,platforms/php/webapps/11678.txt,"PhpCityPortal - Multiple Vulnerabilities",2010-03-10,R3d-D3V!L,php,webapps,0 11679,platforms/php/webapps/11679.txt,"Softbiz Jobs and Recruitment Script - (search_result.php) SQL Injection",2010-03-10,"Easy Laster",php,webapps,0 -11680,platforms/php/webapps/11680.txt,"Anantasoft Gazelle CMS - CSRF",2010-03-10,"pratul agrawal",php,webapps,0 +11680,platforms/php/webapps/11680.txt,"Anantasoft Gazelle CMS - Cross-site Request Forgery",2010-03-10,"pratul agrawal",php,webapps,0 11681,platforms/php/webapps/11681.txt,"ispCP Omega 1.0.4 - Remote File Inclusion",2010-03-10,"cr4wl3r ",php,webapps,0 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 - Stack Buffer Overflow",2010-06-28,"fl0 fl0w",windows,local,0 -11682,platforms/windows/local/11682.py,"Mini-stream Ripper 3.0.1.1 - (.m3u) HREF Buffer Overflow",2010-03-10,l3D,windows,local,0 +11682,platforms/windows/local/11682.py,"Mini-stream Ripper 3.0.1.1 - '.m3u' HREF Buffer Overflow",2010-03-10,l3D,windows,local,0 11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer - iepeers.dll Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 11684,platforms/php/webapps/11684.txt,"Joomla com_about - SQL Injection",2010-03-11,snakespc,php,webapps,0 -11685,platforms/php/webapps/11685.txt,"ATutor 1.6.4 - Multiple Cross-Site Scripting",2010-03-11,ITSecTeam,php,webapps,0 +11685,platforms/php/webapps/11685.txt,"ATutor 1.6.4 - Multiple Cross-site Scripting",2010-03-11,ITSecTeam,php,webapps,0 11686,platforms/php/webapps/11686.txt,"ANE CMD CRSF - Add Admin",2010-03-11,"pratul agrawal",php,webapps,0 11687,platforms/php/webapps/11687.txt,"ANE CMS 1 - Persistent XSS",2010-03-11,"pratul agrawal",php,webapps,0 11688,platforms/php/webapps/11688.txt,"Joomla Component com_blog - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 @@ -10696,7 +10696,7 @@ id,file,description,date,author,platform,type,port 11699,platforms/php/webapps/11699.txt,"Joomla Component com_family - SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 11701,platforms/php/webapps/11701.txt,"Easynet Forum Host - (topic.php) SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 11702,platforms/php/webapps/11702.pl,"Invision Power Board Currency Mod 1.3 - (edit) SQL injection",2010-03-12,"Yakir Wizman",php,webapps,0 -11704,platforms/php/webapps/11704.txt,"dreamlive auktionshaus script - news.php (id) SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 +11704,platforms/php/webapps/11704.txt,"dreamlive auktionshaus script - news.php 'id' SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 11705,platforms/multiple/dos/11705.c,"FreeBSD and OpenBSD 'ftpd' - NULL Pointer Dereference Denial of Service",2010-03-12,kingcope,multiple,dos,0 11706,platforms/windows/dos/11706.py,"Media Player classic StatsReader - (.stats) Stack Buffer Overflow PoC",2010-03-12,ITSecTeam,windows,dos,0 11707,platforms/php/webapps/11707.txt,"Joomla Component com_juliaportfolio - Local File Inclusion",2010-03-12,"DevilZ TM",php,webapps,80 @@ -10704,9 +10704,9 @@ id,file,description,date,author,platform,type,port 11709,platforms/php/webapps/11709.txt,"Joomla Component com_comp - SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0 11710,platforms/php/webapps/11710.php,"Joomla Component com_races - Blind SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0 11711,platforms/php/webapps/11711.txt,"Azeno CMS - SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0 -11713,platforms/windows/local/11713.pl,"Yahoo Player 1.0 - (.m3u) Buffer Overflow Exploit",2010-03-13,Bombard,windows,local,0 -11714,platforms/windows/dos/11714.py,"Mackeitone Media Player - (.m3u) Stack Buffer Overflow",2010-03-13,ITSecTeam,windows,dos,0 -11715,platforms/php/webapps/11715.txt,"systemsoftware Community Black - index.php SQL Injection",2010-03-13,"Easy Laster",php,webapps,0 +11713,platforms/windows/local/11713.pl,"Yahoo Player 1.0 - '.m3u' Buffer Overflow Exploit",2010-03-13,Bombard,windows,local,0 +11714,platforms/windows/dos/11714.py,"Mackeitone Media Player - '.m3u' Stack Buffer Overflow",2010-03-13,ITSecTeam,windows,dos,0 +11715,platforms/php/webapps/11715.txt,"systemsoftware Community Black - 'index.php' SQL Injection",2010-03-13,"Easy Laster",php,webapps,0 11717,platforms/multiple/dos/11717.php,"Multiple PHP Functions - Local Denial of Service Vulnerabilities",2010-03-13,"Yakir Wizman",multiple,dos,0 11718,platforms/php/webapps/11718.txt,"Xbtit 2.0.0 - SQL Injection",2010-03-13,Ctacok,php,webapps,0 11719,platforms/php/webapps/11719.txt,"Mambo Component com_mambads - SQL Injection",2010-03-13,Dreadful,php,webapps,0 @@ -10726,7 +10726,7 @@ id,file,description,date,author,platform,type,port 11730,platforms/php/webapps/11730.txt,"Joomla com_nfnaddressbook - SQL Injection",2010-03-14,snakespc,php,webapps,0 11731,platforms/php/webapps/11731.html,"RogioBiz PHP Fle Manager 1.2 - Bypass Admin Exploit",2010-03-14,ITSecTeam,php,webapps,0 11732,platforms/php/webapps/11732.txt,"PHP-Nuke - Local File Inclusion",2010-03-14,ITSecTeam,php,webapps,0 -11733,platforms/php/webapps/11733.txt,"phppool media Domain Verkaufs und Auktions Portal - index.php SQL Injection",2010-03-14,"Easy Laster",php,webapps,0 +11733,platforms/php/webapps/11733.txt,"phppool media Domain Verkaufs und Auktions Portal - 'index.php' SQL Injection",2010-03-14,"Easy Laster",php,webapps,0 11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Pre-Authentication DoS (PoC)",2010-03-14,loneferret,windows,dos,0 11735,platforms/php/webapps/11735.php,"DZCP (deV!L_z Clanportal) 1.5.2 - Remote File Inclusion",2010-03-14,"cr4wl3r ",php,webapps,0 18428,platforms/php/webapps/18428.txt,"HostBill App 2.3 - Remote Code Injection",2012-01-30,Dr.DaShEr,php,webapps,0 @@ -10738,7 +10738,7 @@ id,file,description,date,author,platform,type,port 11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection",2010-03-15,ITSecTeam,php,webapps,0 11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0 11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 -11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script - Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0 +11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script - Cross-site Scripting",2010-03-15,indoushka,php,webapps,0 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload",2010-03-15,indoushka,php,webapps,0 11746,platforms/php/webapps/11746.txt,"Torrent Hoster - Remont Upload Exploit",2010-03-15,EL-KAHINA,php,webapps,0 11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 - Upload",2010-03-15,EL-KAHINA,php,webapps,0 @@ -10771,8 +10771,8 @@ id,file,description,date,author,platform,type,port 11777,platforms/php/webapps/11777.txt,"egroupware 1.6.002 and egroupware premium line 9.1 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 11778,platforms/php/webapps/11778.txt,"OSSIM 2.2 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 11779,platforms/windows/local/11779.pl,"Windisc 1.3 - Stack BoF Exploit",2010-03-16,Rick2600,windows,local,0 -11780,platforms/php/webapps/11780.html,"Clain_TIger_CMS - CSRF",2010-03-17,"pratul agrawal",php,webapps,0 -11781,platforms/php/webapps/11781.html,"chilly_CMS - CSRF",2010-03-17,"pratul agrawal",php,webapps,0 +11780,platforms/php/webapps/11780.html,"Clain_TIger_CMS - Cross-site Request Forgery",2010-03-17,"pratul agrawal",php,webapps,0 +11781,platforms/php/webapps/11781.html,"chilly_CMS - Cross-site Request Forgery",2010-03-17,"pratul agrawal",php,webapps,0 11782,platforms/php/webapps/11782.txt,"Joomla Component com_include - SQL Injection",2010-03-17,"DevilZ TM",php,webapps,0 11783,platforms/php/webapps/11783.txt,"Preisschlacht Multi Liveshop System - SQL Injection (seite&aid) index.php",2010-03-17,"Easy Laster",php,webapps,0 11784,platforms/php/webapps/11784.txt,"PostNuke FormExpress Module - Blind SQL Injection",2010-03-17,"Ali Abbasi",php,webapps,0 @@ -10782,12 +10782,12 @@ id,file,description,date,author,platform,type,port 11788,platforms/php/webapps/11788.txt,"PHP-Nuke - ratedownload SQL Injection",2010-03-17,ITSecTeam,php,webapps,0 11789,platforms/multiple/local/11789.c,"VariCAD 2010-2.05 EN - Local Buffer Overflow",2010-03-17,n00b,multiple,local,0 11790,platforms/php/webapps/11790.txt,"Joomla Component com_vxdate - Multiple Vulnerabilities",2010-03-17,MustLive,php,webapps,0 -11791,platforms/windows/local/11791.pl,"myMP3-Player 3.0 - (.m3u) Local Buffer Overflow Exploit (SEH)",2010-03-18,n3w7u,windows,local,0 +11791,platforms/windows/local/11791.pl,"myMP3-Player 3.0 - '.m3u' Local Buffer Overflow Exploit (SEH)",2010-03-18,n3w7u,windows,local,0 11792,platforms/multiple/dos/11792.pl,"mplayer 4.4.1 - NULL pointer dereference Exploit PoC",2010-03-18,"Pietro Oliva",multiple,dos,0 11793,platforms/jsp/webapps/11793.txt,"ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection",2010-03-18,"Nahuel Grisolia",jsp,webapps,0 -11794,platforms/windows/local/11794.c,"MediaCoder - (.lst) Local Buffer Overflow Exploit",2010-03-18,"fl0 fl0w",windows,local,0 -11795,platforms/php/webapps/11795.txt,"DewNewPHPLinks 2.1.0.1 - LFI",2010-03-18,ITSecTeam,php,webapps,0 -11797,platforms/windows/local/11797.py,"ZippHo 3.0.6 - (.zip) Stack Buffer Overflow PoC Exploit (0Day)",2010-03-18,mr_me,windows,local,0 +11794,platforms/windows/local/11794.c,"MediaCoder - '.lst' Local Buffer Overflow Exploit",2010-03-18,"fl0 fl0w",windows,local,0 +11795,platforms/php/webapps/11795.txt,"DewNewPHPLinks 2.1.0.1 - Local File Inclusion",2010-03-18,ITSecTeam,php,webapps,0 +11797,platforms/windows/local/11797.py,"ZippHo 3.0.6 - '.zip' Stack Buffer Overflow PoC Exploit (0Day)",2010-03-18,mr_me,windows,local,0 11799,platforms/php/webapps/11799.txt,"SiteDone Custom Edition 2.0 - SQL Injection / XSS",2010-03-18,d3v1l,php,webapps,0 11801,platforms/php/webapps/11801.txt,"phpAuthent 0.2.1 - SQL Injection",2010-03-18,Gamoscu,php,webapps,0 11802,platforms/php/webapps/11802.txt,"philboard 1.02 - SQL Injection",2010-03-18,ViRuS_HiMa,php,webapps,0 @@ -10819,20 +10819,20 @@ id,file,description,date,author,platform,type,port 11833,platforms/php/webapps/11833.txt,"4x CMS r26 - (Auth Bypass) SQL Injection",2010-03-21,"cr4wl3r ",php,webapps,0 11834,platforms/windows/local/11834.py,"Kenward Zipper 1.4 - Stack Buffer Overflow PoC Exploit (0Day)",2010-03-22,mr_me,windows,local,0 11835,platforms/php/webapps/11835.txt,"Mini CMS RibaFS 1.0 - (Auth Bypass) SQL Injection",2010-03-22,"cr4wl3r ",php,webapps,0 -11836,platforms/php/webapps/11836.txt,"CMS Openpage - (index.php) SQL Injection",2010-03-22,Phenom,php,webapps,0 +11836,platforms/php/webapps/11836.txt,"CMS Openpage - 'index.php' SQL Injection",2010-03-22,Phenom,php,webapps,0 14128,platforms/php/webapps/14128.txt,"Joomla Component com_wmtpic 1.0 - SQL Injection",2010-06-30,RoAd_KiLlEr,php,webapps,0 11837,platforms/php/webapps/11837.txt,"Uiga Fan Club - SQL Injection",2010-03-22,"Sioma Labs",php,webapps,0 11838,platforms/windows/dos/11838.php,"SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) DoS (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 11839,platforms/windows/dos/11839.py,"Donar Player 2.2.0 - Local Crash PoC",2010-03-22,b0telh0,windows,dos,0 -11840,platforms/php/webapps/11840.txt,"PowieSys 0.7.7 alpha - index.php (shownews) SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 +11840,platforms/php/webapps/11840.txt,"PowieSys 0.7.7 alpha - 'index.php' (shownews) SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 11841,platforms/php/webapps/11841.txt,"New Advisore Stack 1.1 - Directory Traversal",2010-03-22,R3VAN_BASTARD,php,webapps,0 11842,platforms/windows/dos/11842.py,"FreeSSHD 1.2.4 - Remote Buffer Overflow DoS",2010-03-22,Pi3rrot,windows,dos,0 11844,platforms/php/webapps/11844.txt,"Joomla Component com_flash - SQL Injection",2010-03-22,"DevilZ TM",php,webapps,0 11845,platforms/php/webapps/11845.txt,"Joomla Component com_jwmmxtd - Remote File Inclusion",2010-03-23,eidelweiss,php,webapps,0 -11846,platforms/php/webapps/11846.txt,"Uiga Business Portal - index.php SQL Injection",2010-03-23,"Easy Laster",php,webapps,0 +11846,platforms/php/webapps/11846.txt,"Uiga Business Portal - 'index.php' SQL Injection",2010-03-23,"Easy Laster",php,webapps,0 11847,platforms/windows/webapps/11847.txt,"Joomla Component com_gds - SQL Injection",2010-03-23,"DevilZ TM",windows,webapps,0 11848,platforms/php/webapps/11848.txt,"Insky CMS 006-0111 - Multiple Remote File Inclusion",2010-03-23,mat,php,webapps,0 -11850,platforms/php/webapps/11850.txt,"Zephyrus CMS - (index.php) SQL Injection",2010-03-23,Phenom,php,webapps,0 +11850,platforms/php/webapps/11850.txt,"Zephyrus CMS - 'index.php' SQL Injection",2010-03-23,Phenom,php,webapps,0 11851,platforms/php/webapps/11851.txt,"Joomla Component Property - Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 11852,platforms/php/webapps/11852.txt,"Xataface - Admin Auth Bypass",2010-03-23,Xinapse,php,webapps,0 11853,platforms/php/webapps/11853.txt,"Joomla Component SMEStorage - Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 @@ -10841,7 +10841,7 @@ id,file,description,date,author,platform,type,port 11857,platforms/windows/remote/11857.c,"MX Simulator Server - Remote Buffer Overflow PoC",2010-03-23,"Salvatore Fresta",windows,remote,0 11861,platforms/windows/dos/11861.pl,"Smart PC Recorder 4.8 - (.mp3) Local Crash PoC",2010-03-24,chap0,windows,dos,0 11862,platforms/php/webapps/11862.txt,"Easy-Clanpage 2.0 - Blind SQL Injection",2010-03-24,"Easy Laster",php,webapps,0 -11863,platforms/php/webapps/11863.txt,"CMS By SoftnSolv - (index.php) SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 +11863,platforms/php/webapps/11863.txt,"CMS By SoftnSolv - 'index.php' SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 11864,platforms/php/webapps/11864.txt,"E-php CMS - SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 11865,platforms/php/webapps/11865.txt,"Joomla component com_universal - Remote File Inclusion Exploit",2010-03-24,eidelweiss,php,webapps,0 11866,platforms/php/webapps/11866.txt,"New CMS - Local File Inclusion",2010-03-24,Xash,php,webapps,0 @@ -10852,9 +10852,9 @@ id,file,description,date,author,platform,type,port 11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS - SQL Injection",2010-03-25,Inj3ct0r,php,webapps,0 11874,platforms/php/webapps/11874.txt,"INVOhost - SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0 11875,platforms/php/webapps/11875.py,"Easy-Clanpage 2.01 - SQL Injection",2010-03-25,"Easy Laster",php,webapps,0 -11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - (index.php) LFI",2010-03-25,eidelweiss,php,webapps,0 +11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - 'index.php' LFI",2010-03-25,eidelweiss,php,webapps,0 11877,platforms/windows/remote/11877.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack BOF (2)",2010-03-25,sud0,windows,remote,21 -11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 - DoS",2010-03-25,_SuBz3r0_,windows,dos,69 +11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 - Denial of Service",2010-03-25,_SuBz3r0_,windows,dos,69 11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 11880,platforms/hardware/dos/11880.txt,"Lexmark Multiple Laser printers - Remote Stack Overflow",2010-03-25,"Francis Provencher",hardware,dos,0 11881,platforms/php/webapps/11881.php,"SiteX CMS 0.7.4 beta - (/photo.php) SQL Injection",2010-03-25,Sc0rpi0n,php,webapps,0 @@ -10867,15 +10867,15 @@ id,file,description,date,author,platform,type,port 11889,platforms/php/webapps/11889.txt,"leaftec CMS - Multiple vulnerabilities",2010-03-26,Valentin,php,webapps,0 11890,platforms/ios/dos/11890.txt,"iOS Safari - Bad 'VML' Remote DoS",2010-03-26,"Nishant Das Patnaik",ios,dos,0 11891,platforms/ios/dos/11891.txt,"iOS Safari - Remote DoS",2010-03-26,"Nishant Das Patnaik",ios,dos,0 -11892,platforms/php/webapps/11892.txt,"post Card - (catid) SQL Injection",2010-03-26,"Hussin X",php,webapps,0 -11893,platforms/linux/dos/11893.pl,"tPop3d 1.5.3 - DoS",2010-03-26,OrderZero,linux,dos,0 +11892,platforms/php/webapps/11892.txt,"post Card - 'catid' SQL Injection",2010-03-26,"Hussin X",php,webapps,0 +11893,platforms/linux/dos/11893.pl,"tPop3d 1.5.3 - Denial of Service",2010-03-26,OrderZero,linux,dos,0 11894,platforms/php/webapps/11894.txt,"cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities",2010-03-26,eidelweiss,php,webapps,0 11895,platforms/php/webapps/11895.txt,"CyberCMS - SQL Injection",2010-03-26,hc0de,php,webapps,0 -11896,platforms/php/webapps/11896.txt,"BPTutors Tutoring site script - CSRF Create Administrator Account",2010-03-26,bi0,php,webapps,0 +11896,platforms/php/webapps/11896.txt,"BPTutors Tutoring site script - CSRF (Create Administrator Account)",2010-03-26,bi0,php,webapps,0 11897,platforms/php/webapps/11897.php,"Kasseler CMS 1.4.x lite - (Module Jokes) SQL Injection",2010-03-26,Sc0rpi0n,php,webapps,0 11898,platforms/php/webapps/11898.py,"Date & Sex Vor und Rückwärts Auktions System 2 - Blind SQL Injection",2010-03-27,"Easy Laster",php,webapps,0 11899,platforms/php/webapps/11899.html,"AdaptCMS_Lite_1.5 2009-07-07 - Exploit",2010-03-27,ITSecTeam,php,webapps,0 -11900,platforms/windows/local/11900.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.pls) Universal Stack BoF",2010-03-27,mat,windows,local,0 +11900,platforms/windows/local/11900.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.pls) Universal Stack Buffer Overflow",2010-03-27,mat,windows,local,0 11902,platforms/php/webapps/11902.txt,"MyOWNspace 8.2 - Multi Local File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11903,platforms/php/webapps/11903.txt,"Open Web Analytics 1.2.3 - multi file include",2010-03-27,ITSecTeam,php,webapps,0 11904,platforms/php/webapps/11904.txt,"68kb - Multi Remote File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 @@ -10938,9 +10938,9 @@ id,file,description,date,author,platform,type,port 11977,platforms/windows/dos/11977.pl,"CDTrustee - .BAK Local Crash PoC",2010-03-31,anonymous,windows,dos,0 11978,platforms/php/webapps/11978.txt,"Joomla Component DW Graph - Local File Inclusion",2010-03-31,"Chip d3 bi0s",php,webapps,0 11979,platforms/php/webapps/11979.pl,"Centreon IT & Network Monitoring 2.1.5 - SQL Injection",2010-03-31,"Jonathan Salwan",php,webapps,0 -11980,platforms/php/webapps/11980.txt,"Easy-Clanpage 2.2 - Multiple SQL Injection / Exploit",2010-03-31,"Easy Laster",php,webapps,0 +11980,platforms/php/webapps/11980.txt,"Easy-Clanpage 2.2 - Multiple SQL Injections / Exploit",2010-03-31,"Easy Laster",php,webapps,0 11981,platforms/windows/local/11981.py,"WM Downloader 3.0.0.9 - (.asx) Local Buffer Overflow",2010-03-31,b0telh0,windows,local,0 -11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - (.zip) SEH PoC (0Day)",2010-03-31,TecR0c,windows,dos,0 +11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - '.zip' SEH PoC (0Day)",2010-03-31,TecR0c,windows,dos,0 11985,platforms/windows/dos/11985.sh,"BitComet 1.19 - Remote Denial of Service",2010-03-31,"Pierre Nogues",windows,dos,0 11986,platforms/linux/remote/11986.py,"OpenDcHub 0.8.1 - Remote Code Execution Exploit",2010-03-31,"Pierre Nogues",linux,remote,0 11987,platforms/windows/dos/11987.txt,"Adobe Reader - Escape From PDF",2010-03-31,"Didier Stevens",windows,dos,0 @@ -10956,15 +10956,15 @@ id,file,description,date,author,platform,type,port 11998,platforms/php/webapps/11998.txt,"Joomla Component User Status - Local File Inclusion",2010-04-01,"Chip d3 bi0s",php,webapps,0 11999,platforms/php/webapps/11999.txt,"Joomla Component webERPcustomer - Local File Inclusion",2010-04-01,"Chip d3 bi0s",php,webapps,0 12000,platforms/windows/dos/12000.pl,"Kwik Pay Payroll 4.10.3 - (.mdb) Crash PoC",2010-04-01,anonymous,windows,dos,0 -12001,platforms/windows/dos/12001.pl,"Kwik Pay Payroll 4.10.3 - (.zip) DoS",2010-04-01,anonymous,windows,dos,0 +12001,platforms/windows/dos/12001.pl,"Kwik Pay Payroll 4.10.3 - '.zip' DoS",2010-04-01,anonymous,windows,dos,0 12002,platforms/php/webapps/12002.txt,"Musicbox 3.3 - Upload Shell",2010-04-01,indoushka,php,webapps,0 12003,platforms/php/webapps/12003.txt,"onepound Shop / CMS - XSS / SQL Injection",2010-04-01,Valentin,php,webapps,0 12004,platforms/php/webapps/12004.txt,"PHP Jokesite 2.0 - exec Command Exploit",2010-04-01,indoushka,php,webapps,0 12005,platforms/php/webapps/12005.txt,"Profi Einzelgebots Auktions System - Blind SQL Injection",2010-04-01,"Easy Laster",php,webapps,0 12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde - Remote Upload",2010-04-01,indoushka,php,webapps,0 -12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 - Multiple SQL Injection",2010-04-01,NoGe,php,webapps,0 +12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 - Multiple SQL Injections",2010-04-01,NoGe,php,webapps,0 12008,platforms/windows/local/12008.pl,"TugZip 3.5 - .Zip File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 -12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 - CSRF",2010-04-02,"pratul agrawal",php,webapps,0 +12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 - Cross-site Request Forgery",2010-04-02,"pratul agrawal",php,webapps,0 12010,platforms/windows/dos/12010.pl,"uTorrent WebUI 0.370 - Authorization header Denial of Service",2010-04-02,"zombiefx darkernet",windows,dos,0 12011,platforms/windows/dos/12011.txt,"Google Chrome 4.1 - OOB Array Indexing Bug",2010-04-02,"Tobias Klein",windows,dos,0 12012,platforms/windows/local/12012.txt,"Free MP3 CD Ripper 2.6 - (0Day) (2)",2010-04-02,"Richard leahy",windows,local,0 @@ -10975,17 +10975,17 @@ id,file,description,date,author,platform,type,port 12019,platforms/php/webapps/12019.txt,"Velhost Uploader Script 1.2 - Local File Inclusion",2010-04-02,"cr4wl3r ",php,webapps,0 12021,platforms/php/webapps/12021.txt,"68kb Knowledge Base 1.0.0rc3 - Admin CSRF",2010-04-02,"Jelmer de Hen",php,webapps,0 12022,platforms/php/webapps/12022.txt,"68kb Knowledge Base 1.0.0rc3 - Edit Main Settings CSRF",2010-04-02,"Jelmer de Hen",php,webapps,0 -12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - (.zip) Stack Buffer Overflow PoC Exploit (0Day )",2010-04-03,mr_me,windows,local,0 +12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow PoC Exploit (0Day )",2010-04-03,mr_me,windows,local,0 12025,platforms/windows/dos/12025.php,"Dualis 20.4 - (.bin) Local Daniel Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - (.nds) Local Crash Exploit",2010-04-03,l3D,windows,dos,0 12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection",2010-04-03,Inj3ct0r,php,webapps,0 -12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 +12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-site Scripting / Multiple Cross-site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) bof PoC",2010-04-03,d3b4g,windows,dos,0 12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites - Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 -12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Path Traversal / Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 -12034,platforms/php/webapps/12034.txt,"flatpress 0.909.1 - Stored XSS",2010-04-03,ITSecTeam,php,webapps,0 +12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Path Traversal / Cross-site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 +12034,platforms/php/webapps/12034.txt,"flatpress 0.909.1 - Persistent Cross-site Scripting",2010-04-03,ITSecTeam,php,webapps,0 12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - SEH",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 12036,platforms/hardware/webapps/12036.txt,"Edimax AR-7084GA Router - CSRF / Persistent XSS Exploit",2010-04-03,l3D,hardware,webapps,0 12037,platforms/php/webapps/12037.txt,"Joomla component jp_jobs - SQL Injection",2010-04-03,Valentin,php,webapps,0 @@ -10993,7 +10993,7 @@ id,file,description,date,author,platform,type,port 12039,platforms/multiple/webapps/12039.txt,"QuickEStore 6.1 - Backup Dump",2010-04-04,indoushka,multiple,webapps,0 12041,platforms/php/webapps/12041.txt,"Solutive CMS - SQL Injection",2010-04-04,"Th3 RDX",php,webapps,0 12042,platforms/php/webapps/12042.txt,"x10 mirco blogging 121 - SQL Injection",2010-04-04,ITSecTeam,php,webapps,0 -12043,platforms/php/webapps/12043.html,"Prediction League 0.3.8 - CSRF Create Admin User Exploit",2010-04-04,indoushka,php,webapps,0 +12043,platforms/php/webapps/12043.html,"Prediction League 0.3.8 - CSRF (Create Admin User) Exploit",2010-04-04,indoushka,php,webapps,0 12044,platforms/windows/remote/12044.c,"Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication BoF Exploit",2010-04-04,x90c,windows,remote,0 12045,platforms/php/webapps/12045.html,"MunkyScripts Simple Gallery - SQL Injection",2010-04-04,ITSecTeam,php,webapps,0 12047,platforms/php/webapps/12047.html,"nodesforum 1.033 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 @@ -11002,33 +11002,33 @@ id,file,description,date,author,platform,type,port 12050,platforms/php/webapps/12050.txt,"MassMirror Uploader - Multiple Remote File Inclusion Exploit",2010-04-04,"cr4wl3r ",php,webapps,0 12051,platforms/windows/local/12051.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow Exploit (0Day)",2010-04-04,"Yakir Wizman",windows,local,0 12052,platforms/php/webapps/12052.txt,"SAGU-PRO 1.0 - Multiple Remote File Inclusion",2010-04-04,mat,php,webapps,0 -12053,platforms/windows/local/12053.py,"ZipCentral - (.zip) SEH Exploit",2010-04-04,TecR0c,windows,local,0 +12053,platforms/windows/local/12053.py,"ZipCentral - '.zip' SEH Exploit",2010-04-04,TecR0c,windows,local,0 12054,platforms/php/webapps/12054.txt,"Joomla Component redSHOP - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 12055,platforms/php/webapps/12055.txt,"Joomla Component redTWITTER - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 12056,platforms/php/webapps/12056.txt,"Joomla Component WISro Yahoo Quotes - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 12057,platforms/php/webapps/12057.txt,"Joomla Component com_press - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 -12058,platforms/php/webapps/12058.txt,"Joomla Component Picasa 2.0 - LFI",2010-04-04,Vrs-hCk,php,webapps,0 -12059,platforms/windows/local/12059.pl,"eZip Wizard 3.0 - (.zip) SEH",2010-04-04,"Lincoln and corelanc0d3r",windows,local,0 +12058,platforms/php/webapps/12058.txt,"Joomla Component Picasa 2.0 - Local File Inclusion",2010-04-04,Vrs-hCk,php,webapps,0 +12059,platforms/windows/local/12059.pl,"eZip Wizard 3.0 - '.zip' SEH",2010-04-04,"Lincoln and corelanc0d3r",windows,local,0 12060,platforms/php/webapps/12060.txt,"Joomla Component com_serie - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 12061,platforms/php/webapps/12061.txt,"Facil-CMS - (LFI/RFI)",2010-04-04,eidelweiss,php,webapps,0 12062,platforms/php/webapps/12062.txt,"Joomla Component com_ranking - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 12065,platforms/php/webapps/12065.txt,"Joomla Component JInventory - Local File Inclusion",2010-04-05,"Chip d3 bi0s",php,webapps,0 -12066,platforms/php/webapps/12066.txt,"Joomla Component com_svmap 1.1.1 - LFI",2010-04-05,Vrs-hCk,php,webapps,0 -12067,platforms/php/webapps/12067.txt,"Joomla Component com_shoutbox - LFI",2010-04-05,Vrs-hCk,php,webapps,0 -12068,platforms/php/webapps/12068.txt,"Joomla Component com_loginbox - LFI",2010-04-05,Vrs-hCk,php,webapps,0 -12069,platforms/php/webapps/12069.txt,"Joomla Component com_bca-rss-syndicator - LFI",2010-04-05,Vrs-hCk,php,webapps,0 -12070,platforms/php/webapps/12070.txt,"Joomla Magic Updater (com_joomlaupdater) - LFI",2010-04-05,Vrs-hCk,php,webapps,0 +12066,platforms/php/webapps/12066.txt,"Joomla Component com_svmap 1.1.1 - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 +12067,platforms/php/webapps/12067.txt,"Joomla Component com_shoutbox - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 +12068,platforms/php/webapps/12068.txt,"Joomla Component com_loginbox - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 +12069,platforms/php/webapps/12069.txt,"Joomla Component com_bca-rss-syndicator - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 +12070,platforms/php/webapps/12070.txt,"Joomla Magic Updater (com_joomlaupdater) - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 12071,platforms/php/webapps/12071.txt,"jevoncms - (LFI/RFI) Multiple Vulnerabilities",2010-04-05,eidelweiss,php,webapps,0 12072,platforms/windows/dos/12072.pl,"MyVideoConverter 2.15 - Local DoS",2010-04-05,anonymous,windows,dos,0 12073,platforms/windows/dos/12073.pl,"MP3 Wav Editor 3.80 - (.mp3) Local DoS",2010-04-05,anonymous,windows,dos,0 12074,platforms/windows/dos/12074.pl,"Portable AVS DVD Authoring 1.3.3.51 - Local Crash PoC",2010-04-05,R3d-D3V!L,windows,dos,0 -12075,platforms/php/webapps/12075.txt,"LionWiki 3.x - (index.php) Shell Upload",2010-04-05,ayastar,php,webapps,0 -12076,platforms/php/webapps/12076.pl,"ilchClan 1.0.5 - (cid) SQL Injection",2010-04-05,"Easy Laster",php,webapps,0 +12075,platforms/php/webapps/12075.txt,"LionWiki 3.x - 'index.php' Shell Upload",2010-04-05,ayastar,php,webapps,0 +12076,platforms/php/webapps/12076.pl,"ilchClan 1.0.5 - 'cid' SQL Injection",2010-04-05,"Easy Laster",php,webapps,0 12077,platforms/php/webapps/12077.txt,"Joomla Component News Portal com_news - Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12078,platforms/php/webapps/12078.txt,"Joomla Freestyle FAQ Lite Component 1.3 com_fss (faqid) - SQL Injection",2010-04-06,"Chip d3 bi0s",php,webapps,0 12079,platforms/windows/dos/12079.pl,"Microsoft Office (2010 beta) - Communicator SIP Denial of Service",2010-04-06,indoushka,windows,dos,0 12080,platforms/windows/dos/12080.txt,"Foxit Reader 3.2.1.0401 - Denial of Service",2010-04-06,juza,windows,dos,0 -12081,platforms/windows/dos/12081.php,"Jzip 1.3 - (.zip) Unicode Buffer Overflow PoC (0Day)",2010-04-06,mr_me,windows,dos,0 +12081,platforms/windows/dos/12081.php,"Jzip 1.3 - '.zip' Unicode Buffer Overflow PoC (0Day)",2010-04-06,mr_me,windows,dos,0 12082,platforms/php/webapps/12082.txt,"Joomla Component Saber Cart com_sebercart - Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12083,platforms/php/webapps/12083.txt,"Joomla Component J!WHMCS Integrator com_jwhmcs - Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12084,platforms/php/webapps/12084.txt,"Joomla Component Juke Box com_jukebox - Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 @@ -11039,18 +11039,18 @@ id,file,description,date,author,platform,type,port 12089,platforms/php/webapps/12089.txt,"Joomla Component Appointment com_appointment - Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12090,platforms/freebsd/local/12090.txt,"McAfee Email Gateway (formerly IronMail) - Local Privilege Escalation",2010-04-06,"Nahuel Grisolia",freebsd,local,0 12091,platforms/freebsd/local/12091.txt,"McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure",2010-04-06,"Nahuel Grisolia",freebsd,local,0 -12092,platforms/hardware/webapps/12092.txt,"McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting",2010-04-06,"Nahuel Grisolia",hardware,webapps,0 +12092,platforms/hardware/webapps/12092.txt,"McAfee Email Gateway (formerly IronMail) - Cross-site Scripting",2010-04-06,"Nahuel Grisolia",hardware,webapps,0 12093,platforms/hardware/dos/12093.txt,"McAfee Email Gateway (formerly IronMail) - Denial of Service",2010-04-06,"Nahuel Grisolia",hardware,dos,0 12094,platforms/php/webapps/12094.txt,"ShopSystem - SQL Injection",2010-04-06,Valentin,php,webapps,0 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 - DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX - prodid SQL Injection",2010-04-06,AntiSecurity,php,webapps,0 -12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery 1.5.1 - XSS",2010-04-06,"Alejandro Rodriguez",php,webapps,0 +12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery 1.5.1 - Cross-site Scripting",2010-04-06,"Alejandro Rodriguez",php,webapps,0 12100,platforms/asp/webapps/12100.txt,"Espinas CMS - SQL Injection",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 -12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - LFI",2010-04-07,"Angela Zhang",php,webapps,0 +12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) 2.11.1 - Exploit",2010-04-07,Rh0,multiple,local,0 -12104,platforms/windows/dos/12104.py,"Anyzip 1.1 - (.zip) PoC (SEH) (0Day)",2010-04-07,ITSecTeam,windows,dos,0 +12104,platforms/windows/dos/12104.py,"Anyzip 1.1 - '.zip' PoC (SEH) (0Day)",2010-04-07,ITSecTeam,windows,dos,0 12105,platforms/php/webapps/12105.txt,"Free Image & File Hosting - Upload",2010-04-07,indoushka,php,webapps,0 12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost - Multiple Vulnerabilities",2010-04-07,indoushka,php,webapps,0 12107,platforms/php/webapps/12107.txt,"Plume CMS 1.2.4 - Multiple Local File Inclusion",2010-04-07,eidelweiss,php,webapps,0 @@ -11066,29 +11066,29 @@ id,file,description,date,author,platform,type,port 12118,platforms/php/webapps/12118.txt,"Joomla Component PowerMail Pro com_powermail - Local File Inclusion",2010-04-09,AntiSecurity,php,webapps,0 12119,platforms/windows/remote/12119.pl,"Windows FTP Server 1.4 - Auth Bypass",2010-04-09,chap0,windows,remote,0 12120,platforms/php/webapps/12120.txt,"Joomla Component Foobla Suggestions com_foobla - Local File Inclusion",2010-04-09,"Chip d3 bi0s",php,webapps,0 -12121,platforms/php/webapps/12121.txt,"Joomla Component JA Voice com_javoice - LFI",2010-04-09,kaMtiEz,php,webapps,0 +12121,platforms/php/webapps/12121.txt,"Joomla Component JA Voice com_javoice - Local File Inclusion",2010-04-09,kaMtiEz,php,webapps,0 12122,platforms/multiple/remote/12122.txt,"JAVA Web Start - Arbitrary command-line injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 12123,platforms/php/webapps/12123.txt,"Joomla Component com_pcchess - Local File Inclusion",2010-04-09,team_elite,php,webapps,0 12124,platforms/php/webapps/12124.txt,"Joomla Component huruhelpdesk - SQL Injection",2010-04-09,bumble_be,php,webapps,0 12128,platforms/php/webapps/12128.txt,"GarageSales - Remote Upload",2010-04-09,saidinh0,php,webapps,0 12130,platforms/linux/local/12130.py,"ReiserFS xattr (Linux Kernel 2.6.34-rc3) (Redhat / Ubuntu 9.10) - Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 -12132,platforms/php/webapps/12132.pl,"joomla component com_agenda 1.0.1 - (id) SQL Injection",2010-04-09,v3n0m,php,webapps,0 +12132,platforms/php/webapps/12132.pl,"joomla component com_agenda 1.0.1 - 'id' SQL Injection",2010-04-09,v3n0m,php,webapps,0 12133,platforms/multiple/webapps/12133.txt,"Asset Manager 1.0 - Shell Upload",2010-04-09,"Shichemt Alen and NeT_Own3r",multiple,webapps,0 -12134,platforms/php/webapps/12134.txt,"MMHAQ CMS - SQLi",2010-04-10,s1ayer,php,webapps,0 +12134,platforms/php/webapps/12134.txt,"MMHAQ CMS - SQL Injection",2010-04-10,s1ayer,php,webapps,0 12135,platforms/php/webapps/12135.txt,"mygamingladder MGL Combo System 7.5 - SQL Injection",2010-04-10,"Easy Laster",php,webapps,0 12136,platforms/php/webapps/12136.txt,"Joomla Component com_properties[aid] - SQL Injection",2010-04-10,c4uR,php,webapps,0 12137,platforms/php/webapps/12137.txt,"joomla component allvideos - Blind SQL Injection",2010-04-10,bumble_be,php,webapps,0 12138,platforms/php/webapps/12138.txt,"Joomla Com_Ca - SQL Injection",2010-04-10,DigitALL,php,webapps,0 12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine - SQL Injection",2010-04-10,indoushka,php,webapps,0 12140,platforms/php/webapps/12140.php,"xBtiTracker - SQL Injection",2010-04-11,InATeam,php,webapps,0 -12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS - LFI",2010-04-11,"Amoo Arash",php,webapps,0 +12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS - Local File Inclusion",2010-04-11,"Amoo Arash",php,webapps,0 12142,platforms/php/webapps/12142.txt,"Joomla Component TweetLA! - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12143,platforms/php/webapps/12143.txt,"Joomla Component Ticketbook - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12144,platforms/php/webapps/12144.txt,"Joomla Component JA Job Board - Multiple LFI",2010-04-11,AntiSecurity,php,webapps,0 12145,platforms/php/webapps/12145.txt,"Joomla Component Jfeedback! - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12146,platforms/php/webapps/12146.txt,"Joomla Component JProject Manager - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 -12147,platforms/php/webapps/12147.txt,"Joomla Component Preventive And Reservation - LFI",2010-04-11,AntiSecurity,php,webapps,0 +12147,platforms/php/webapps/12147.txt,"Joomla Component Preventive And Reservation - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12148,platforms/php/webapps/12148.txt,"Joomla Component RokModule - Blind SQLi [moduleid]",2010-04-11,AntiSecurity,php,webapps,0 12149,platforms/php/webapps/12149.txt,"Joomla Component spsNewsletter - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12150,platforms/php/webapps/12150.txt,"Joomla Component AlphaUserPoints - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 @@ -11096,8 +11096,8 @@ id,file,description,date,author,platform,type,port 12152,platforms/windows/remote/12152.pl,"Trellian FTP Client - PASV BoF Exploit",2010-04-11,zombiefx,windows,remote,0 12153,platforms/php/webapps/12153.txt,"joomla component education - SQL Injection",2010-04-11,bumble_be,php,webapps,0 12154,platforms/php/dos/12154.txt,"vBulletin 'Cyb - Advanced Forum Statistics' DoS",2010-04-10,"Andhra Hackers",php,dos,0 -12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - RCE",2010-04-11,"Amoo Arash",php,webapps,0 -12156,platforms/windows/remote/12156.txt,"IE/Opera source code viewer - Null Character Handling",2010-04-11,"Daniel Correa",windows,remote,0 +12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - Remote Code Execution",2010-04-11,"Amoo Arash",php,webapps,0 +12156,platforms/windows/remote/12156.txt,"Microsoft Internet Explorer/Opera - source code viewer Null Character Handling",2010-04-11,"Daniel Correa",windows,remote,0 12157,platforms/php/webapps/12157.txt,"OnePC mySite Management Software - SQL Injection",2010-04-11,Valentin,php,webapps,0 12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders 3.5 - (match) SQL injection",2010-04-11,"Easy Laster",php,webapps,0 12159,platforms/php/webapps/12159.txt,"Joomla Component Multi-Venue Restaurant Menu Manager - SQL Injection",2010-04-11,Valentin,php,webapps,0 @@ -11127,23 +11127,23 @@ id,file,description,date,author,platform,type,port 12183,platforms/php/webapps/12183.txt,"Joomla Component com_jdrugstopics - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12184,platforms/php/webapps/12184.txt,"Joomla Component com_sermonspeaker - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12185,platforms/php/webapps/12185.txt,"Joomla Component com_flexicontent - Local File",2010-04-12,eidelweiss,php,webapps,0 -12186,platforms/php/dos/12186.pl,"vBulletin - DoS",2010-04-12,"Jim Salim",php,dos,0 +12186,platforms/php/dos/12186.pl,"vBulletin - Denial of Service",2010-04-12,"Jim Salim",php,dos,0 12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 beta - (RFI/LFI) Multiple File Include",2010-04-12,"cr4wl3r ",php,webapps,0 12188,platforms/multiple/dos/12188.txt,"VMware Remote Console e.x.p build-158248 - Format String",2010-04-12,"Alexey Sintsov",multiple,dos,0 12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 12190,platforms/php/webapps/12190.txt,"Joomla Component Jvehicles - (aid) SQL Injection",2010-04-13,"Don Tukulesto",php,webapps,0 -12191,platforms/php/webapps/12191.txt,"joomla component com_jp_jobs 1.2.0 - (id) SQL Injection",2010-04-13,v3n0m,php,webapps,0 +12191,platforms/php/webapps/12191.txt,"joomla component com_jp_jobs 1.2.0 - 'id' SQL Injection",2010-04-13,v3n0m,php,webapps,0 12192,platforms/php/webapps/12192.txt,"blog system 1.5 - Multiple Vulnerabilities",2010-04-13,"cp77fk4r ",php,webapps,0 12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 - (RFI/LFI) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - (RFI/LFI) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 -12195,platforms/php/webapps/12195.rb,"joelz bulletin board 0.9.9rc3 - Multiple SQL Injection",2010-04-13,"Easy Laster",php,webapps,0 +12195,platforms/php/webapps/12195.rb,"joelz bulletin board 0.9.9rc3 - Multiple SQL Injections",2010-04-13,"Easy Laster",php,webapps,0 12197,platforms/asp/webapps/12197.txt,"Mp3 MuZik - DataBase Download",2010-04-13,indoushka,asp,webapps,0 12198,platforms/php/webapps/12198.txt,"Games Script - (Galore) Backup Dump",2010-04-13,indoushka,php,webapps,0 12199,platforms/asp/webapps/12199.txt,"My School Script - Data Base Download",2010-04-13,indoushka,asp,webapps,0 12200,platforms/php/webapps/12200.txt,"Joomla Component QPersonel - SQL Injection",2010-04-13,Valentin,php,webapps,0 12201,platforms/windows/dos/12201.html,"MagnetoSoft DNS 4.0.0.9 - ActiveX DNSLookupHostWithServer PoC",2010-04-13,s4squatch,windows,dos,0 -12202,platforms/windows/remote/12202.html,"MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry BOF",2010-04-13,s4squatch,windows,remote,0 -12203,platforms/windows/remote/12203.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply BOF",2010-04-13,s4squatch,windows,remote,0 +12202,platforms/windows/remote/12202.html,"MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry Buffer Overflow",2010-04-13,s4squatch,windows,remote,0 +12203,platforms/windows/remote/12203.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply Buffer Overflow",2010-04-13,s4squatch,windows,remote,0 12204,platforms/windows/dos/12204.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash PoC",2010-04-13,s4squatch,windows,dos,0 12205,platforms/windows/dos/12205.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetSessionDel PoC",2010-04-13,s4squatch,windows,dos,0 12206,platforms/windows/dos/12206.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 @@ -11181,26 +11181,26 @@ id,file,description,date,author,platform,type,port 12244,platforms/windows/remote/12244.txt,"iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow Exploit",2007-12-18,rgod,windows,remote,0 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow",2012-07-27,Metasploit,windows,local,0 12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script - buyers_subcategories SQL Injection",2010-04-15,"AnGrY BoY",php,webapps,0 -12246,platforms/php/webapps/12246.txt,"joomla component com_iproperty 1.5.3 - (id) SQL Injection",2010-04-15,v3n0m,php,webapps,0 +12246,platforms/php/webapps/12246.txt,"joomla component com_iproperty 1.5.3 - 'id' SQL Injection",2010-04-15,v3n0m,php,webapps,0 12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12249,platforms/php/webapps/12249.txt,"60cycleCMS 2.5.2 - (DOCUMENT_ROOT) Multiple Local File Inclusion",2010-04-15,eidelweiss,php,webapps,0 12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0 -12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - DoS",2010-04-15,"Alexey Sintsov",hardware,dos,0 +12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - Denial of Service",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager test.html) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0 12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (Metasploit)",2010-04-16,blake,windows,local,0 12256,platforms/php/webapps/12256.txt,"ilchClan 1.0.5B - SQL Injection",2010-04-16,"Easy Laster",php,webapps,0 -12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - (id) SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 +12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - 'id' SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 12258,platforms/windows/dos/12258.py,"Windows - SMB Client-Side Bug Proof of Concept (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 -12259,platforms/php/dos/12259.php,"PHP 5.3.x - DoS",2010-04-16,ITSecTeam,php,dos,0 +12259,platforms/php/dos/12259.php,"PHP 5.3.x - Denial of Service",2010-04-16,ITSecTeam,php,dos,0 12260,platforms/php/webapps/12260.txt,"SIESTTA 2.0 - (LFI/XSS) Multiple Vulnerabilities",2010-04-16,JosS,php,webapps,0 -12261,platforms/windows/local/12261.rb,"Archive Searcher - (.zip) Stack Overflow",2010-04-16,Lincoln,windows,local,0 +12261,platforms/windows/local/12261.rb,"Archive Searcher - '.zip' Stack Overflow",2010-04-16,Lincoln,windows,local,0 12262,platforms/php/webapps/12262.php,"ZykeCMS 1.1 - (Auth Bypass) SQL Injection",2010-04-16,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 12263,platforms/multiple/remote/12263.txt,"Apache OFBiz - SQL Remote Execution PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 12264,platforms/multiple/remote/12264.txt,"Apache OFBiz - FULLADMIN Creator PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 12265,platforms/hardware/remote/12265.txt,"Iomega Home Media Network Hard Drive 2.038 < 2.061 - Unauthenticated File-system Access",2010-04-16,fizix610,hardware,remote,0 -12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - CSRF Change Username + Password Exploit",2010-04-16,EL-KAHINA,php,webapps,0 +12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - CSRF (Change Username + Password Exploit)",2010-04-16,EL-KAHINA,php,webapps,0 12267,platforms/php/webapps/12267.txt,"WebAdmin - Shell Upload",2010-04-16,DigitALL,php,webapps,0 12268,platforms/php/webapps/12268.txt,"Uploader 0.7 - Shell Upload",2010-04-16,DigitALL,php,webapps,0 12269,platforms/php/webapps/12269.txt,"Joomla Component com_joltcard - SQL Injection",2010-04-16,Valentin,php,webapps,0 @@ -11213,7 +11213,7 @@ id,file,description,date,author,platform,type,port 12278,platforms/php/webapps/12278.txt,"Alegro 1.2.1 - SQL Injection",2010-04-18,indoushka,php,webapps,0 12279,platforms/php/webapps/12279.txt,"eclime 1.1 - Bypass / Create and Download Backup",2010-04-18,indoushka,php,webapps,0 12280,platforms/php/webapps/12280.txt,"dl_stats - Multiple Vulnerabilities",2010-04-18,"Valentin Hoebel",php,webapps,0 -12282,platforms/php/webapps/12282.txt,"Joomla Component Archery Scores (com_archeryscores) 1.0.6 - LFI",2010-04-18,"wishnusakti + inc0mp13te",php,webapps,0 +12282,platforms/php/webapps/12282.txt,"Joomla Component Archery Scores (com_archeryscores) 1.0.6 - Local File Inclusion",2010-04-18,"wishnusakti + inc0mp13te",php,webapps,0 12283,platforms/php/webapps/12283.txt,"Joomla Component ZiMB Comment com_zimbcomment - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12284,platforms/php/webapps/12284.txt,"Joomla Component ZiMB Manager com_zimbcore - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12285,platforms/php/webapps/12285.txt,"Joomla Component Gadget Factory com_gadgetfactory - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 @@ -11235,22 +11235,22 @@ id,file,description,date,author,platform,type,port 12302,platforms/windows/dos/12302.html,"HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow PoC",2010-04-20,mr_me,windows,dos,0 12303,platforms/php/webapps/12303.pl,"MusicBox 3.3 - SQL Injection",2010-04-20,Ctacok,php,webapps,0 12304,platforms/multiple/remote/12304.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal (1)",2010-04-20,chr1x,multiple,remote,0 -12305,platforms/php/webapps/12305.txt,"Joomla com_jnewspaper - (cid) SQL Injection",2010-04-20,"Don Tukulesto",php,webapps,0 +12305,platforms/php/webapps/12305.txt,"Joomla com_jnewspaper - 'cid' SQL Injection",2010-04-20,"Don Tukulesto",php,webapps,0 12306,platforms/php/webapps/12306.txt,"Joomla Component JTM Reseller 1.9 Beta - SQL Injection",2010-04-20,kaMtiEz,php,webapps,0 12308,platforms/windows/remote/12308.txt,"MultiThreaded HTTP Server 1.1 - Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 12309,platforms/windows/remote/12309.txt,"Mongoose Web Server 2.8 - Multiple Directory Traversal Exploits",2010-04-20,Dr_IDE,windows,remote,0 12310,platforms/windows/remote/12310.txt,"Acritum Femitter 1.03 - Directory Traversal Exploit",2010-04-20,Dr_IDE,windows,remote,0 12312,platforms/windows/remote/12312.rb,"EasyFTP Server 1.7.0.2 - CWD Buffer Overflow (Metasploit)",2010-04-20,"Paul Makowski",windows,remote,0 12313,platforms/php/webapps/12313.txt,"Openregistrecil 1.02 - (RFI/LFI) Multiple File Include",2010-04-20,"cr4wl3r ",php,webapps,0 -12314,platforms/windows/dos/12314.py,"Speed Commander 13.10 - (.zip) Memory Corruption",2010-04-20,TecR0c,windows,dos,0 +12314,platforms/windows/dos/12314.py,"Speed Commander 13.10 - '.zip' Memory Corruption",2010-04-20,TecR0c,windows,dos,0 12315,platforms/php/webapps/12315.txt,"v2marketplacescript Upload_images Script (-7777) - Upload Shell",2010-04-21,cyberlog,php,webapps,0 -12316,platforms/php/webapps/12316.txt,"Joomla Component wmi (com_wmi) - LFI",2010-04-21,"wishnusakti + inc0mp13te",php,webapps,0 +12316,platforms/php/webapps/12316.txt,"Joomla Component wmi (com_wmi) - Local File Inclusion",2010-04-21,"wishnusakti + inc0mp13te",php,webapps,0 12317,platforms/php/webapps/12317.txt,"Joomla Component OrgChart com_orgchart - Local File Inclusion",2010-04-21,AntiSecurity,php,webapps,0 12318,platforms/php/webapps/12318.txt,"Joomla Component Mms Blog com_mmsblog - Local File Inclusion",2010-04-21,AntiSecurity,php,webapps,0 -12319,platforms/php/webapps/12319.txt,"e107 CMS 0.7.19 - CSRF",2010-04-21,"High-Tech Bridge SA",php,webapps,0 +12319,platforms/php/webapps/12319.txt,"e107 CMS 0.7.19 - Cross-site Request Forgery",2010-04-21,"High-Tech Bridge SA",php,webapps,0 12320,platforms/windows/remote/12320.txt,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Remote Buffer Overflow",2010-04-21,shinnai,windows,remote,0 12322,platforms/php/webapps/12322.txt,"LightNEasy 3.1.x - Multiple Vulnerabilities",2010-04-21,ITSecTeam,php,webapps,0 -12323,platforms/php/webapps/12323.txt,"wb news (webmobo) 2.3.3 - Stored XSS",2010-04-21,ITSecTeam,php,webapps,0 +12323,platforms/php/webapps/12323.txt,"wb news (webmobo) 2.3.3 - Persistent Cross-site Scripting",2010-04-21,ITSecTeam,php,webapps,0 12324,platforms/multiple/dos/12324.py,"Multiple Browsers - Audio Tag DoS",2010-04-21,"Chase Higgins",multiple,dos,0 12325,platforms/php/webapps/12325.txt,"Joomla Component com_portfolio - Local File Disclosure",2010-04-21,Mr.tro0oqy,php,webapps,0 12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 @@ -11269,12 +11269,12 @@ id,file,description,date,author,platform,type,port 12342,platforms/windows/local/12342.pl,"EDraw Flowchart ActiveX Control 2.3 - (.edd parsing) Remote Buffer Overflow PoC",2010-04-22,LiquidWorm,windows,local,0 12343,platforms/multiple/remote/12343.txt,"Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.26 - Information Disclosure",2010-04-22,"Deniz Cevik",multiple,remote,0 12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial-of-Service",2010-04-19,"Matthew Bergin",hardware,dos,0 -12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - XSS",2010-04-22,Valentin,php,webapps,0 -12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - (id) Multiple SQL Injection",2010-04-22,v3n0m,php,webapps,0 +12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - Cross-site Scripting",2010-04-22,Valentin,php,webapps,0 +12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - 'id' Multiple SQL Injection",2010-04-22,v3n0m,php,webapps,0 12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection",2010-04-22,v3n0m,php,webapps,0 12350,platforms/php/webapps/12350.txt,"In-portal 5.0.3 - Remote Arbitrary File Upload Exploit",2010-04-23,eidelweiss,php,webapps,0 -12351,platforms/php/webapps/12351.txt,"memorial Web site script - (id) SQL Injection",2010-04-23,v3n0m,php,webapps,0 -12353,platforms/php/webapps/12353.txt,"EPay Enterprise 4.13 - (cid) SQL Injection",2010-04-23,v3n0m,php,webapps,0 +12351,platforms/php/webapps/12351.txt,"memorial Web site script - 'id' SQL Injection",2010-04-23,v3n0m,php,webapps,0 +12353,platforms/php/webapps/12353.txt,"EPay Enterprise 4.13 - 'cid' SQL Injection",2010-04-23,v3n0m,php,webapps,0 12354,platforms/php/webapps/12354.pl,"NKINFOWEB - SQL Injection",2010-04-23,d4rk-h4ck3r,php,webapps,0 12355,platforms/php/webapps/12355.pl,"Excitemedia CMS - SQL Injection",2010-04-23,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Denial of Service (BSOD)",2010-04-23,p4r4N0ID,windows,dos,0 @@ -11286,17 +11286,17 @@ id,file,description,date,author,platform,type,port 12365,platforms/php/webapps/12365.txt,"Openplanning 1.00 - (RFI/LFI) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 12366,platforms/php/webapps/12366.txt,"Openfoncier 2.00 - (RFI/LFI) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 12367,platforms/windows/remote/12367.html,"HP Digital Imaging - (hpodio08.dll) Insecure Method Exploit",2010-04-24,"ThE g0bL!N",windows,remote,0 -12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 - (.zip) SEH Exploit (0Day)",2010-04-24,"TecR0c and Sud0",windows,local,0 +12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 - '.zip' SEH Exploit (0Day)",2010-04-24,"TecR0c and Sud0",windows,local,0 12369,platforms/php/webapps/12369.txt,"Madirish Webmail 2.01 - (basedir) RFI/LFI",2010-04-24,eidelweiss,php,webapps,0 12370,platforms/php/webapps/12370.txt,"NCT Jobs Portal Script - XSS and Authentication Bypass",2010-04-24,Sid3^effects,php,webapps,0 12371,platforms/php/webapps/12371.txt,"WHMCS control (WHMCompleteSolution) - SQL Injection",2010-04-24,"Islam DefenDers",php,webapps,0 12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 - (que_id) SQL Injection",2010-04-24,v3n0m,php,webapps,0 -12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - XSS",2010-04-24,Valentin,php,webapps,0 -12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP 1.2.8 - XSS",2010-04-24,Valentin,php,webapps,0 +12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - Cross-site Scripting",2010-04-24,Valentin,php,webapps,0 +12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP 1.2.8 - Cross-site Scripting",2010-04-24,Valentin,php,webapps,0 12375,platforms/osx/dos/12375.c,"MacOS X 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 12376,platforms/php/webapps/12376.php,"SmodCMS 4.07 (fckeditor) - Remote Arbitrary File Upload Exploit",2010-04-24,eidelweiss,php,webapps,0 12378,platforms/php/webapps/12378.txt,"CMS Firebrand Tec - Local File Inclusion",2010-04-25,R3VAN_BASTARD,php,webapps,0 -12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - (.zip) Stack Buffer Overflow PoC Exploit (0Day)",2010-04-25,mr_me,windows,local,0 +12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - '.zip' Stack Buffer Overflow PoC Exploit (0Day)",2010-04-25,mr_me,windows,local,0 12380,platforms/windows/remote/12380.pl,"Rumba ftp Client 4.2 - PASV BoF (SEH)",2010-04-25,zombiefx,windows,remote,0 12381,platforms/php/webapps/12381.php,"phpegasus 0.1.2 - (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-25,eidelweiss,php,webapps,0 12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service (0Day)",2010-04-25,SeeMe,multiple,dos,0 @@ -11309,7 +11309,7 @@ id,file,description,date,author,platform,type,port 12395,platforms/php/webapps/12395.txt,"2DayBiz Advanced Poll Script - XSS / Authentication Bypass",2010-04-26,Sid3^effects,php,webapps,0 12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Inclusion",2010-04-26,"cr4wl3r ",php,webapps,0 12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta - (RFI/LFI) Multiple File Include",2010-04-26,"cr4wl3r ",php,webapps,0 -12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal - index.php (view) SQL Injection",2010-04-26,41.w4r10r,php,webapps,0 +12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal - 'index.php' (view) SQL Injection",2010-04-26,41.w4r10r,php,webapps,0 12400,platforms/php/webapps/12400.txt,"Joomla Component com_joomradio - SQL Injection",2010-04-26,Mr.tro0oqy,php,webapps,0 12401,platforms/multiple/dos/12401.html,"WebKit 532.5 - Stack Exhaustion",2010-04-26,"Mathias Karlsson",multiple,dos,0 12402,platforms/php/webapps/12402.txt,"Kasseler CMS 2.0.5 - Bypass / Download Backup",2010-04-26,indoushka,php,webapps,0 @@ -11329,7 +11329,7 @@ id,file,description,date,author,platform,type,port 12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 - Changer Login et Mot de Passe CSRF",2010-04-27,indoushka,php,webapps,0 12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Remote Arbitrary File Upload Exploit",2010-04-27,eidelweiss,php,webapps,0 12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6 - (module=helpcenter&file=) Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 -12422,platforms/windows/dos/12422.pl,"Acoustica 3.32 CD/DVD Label Maker - (.m3u) PoC",2010-04-27,chap0,windows,dos,0 +12422,platforms/windows/dos/12422.pl,"Acoustica 3.32 CD/DVD Label Maker - '.m3u' PoC",2010-04-27,chap0,windows,dos,0 12423,platforms/php/webapps/12423.txt,"CLScript.com Classifieds Software - SQL Injection",2010-04-27,41.w4r10,php,webapps,0 12424,platforms/asp/webapps/12424.txt,"Acart 2.0 Shopping Cart - Software Backup Dump",2010-04-27,indoushka,asp,webapps,0 12425,platforms/windows/dos/12425.html,"Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion DoS",2010-04-27,Dr_IDE,windows,dos,0 @@ -11337,7 +11337,7 @@ id,file,description,date,author,platform,type,port 12427,platforms/php/webapps/12427.txt,"Joomla Component NoticeBoard com_noticeboard - Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0 12428,platforms/php/webapps/12428.txt,"Joomla Component SmartSite com_smartsite - Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0 12429,platforms/php/webapps/12429.pl,"Joomla ABC Extension com_abc - SQL Injection",2010-04-27,AntiSecurity,php,webapps,0 -12430,platforms/php/webapps/12430.txt,"Joomla Component graphics (com_graphics) 1.0.6 - LFI",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0 +12430,platforms/php/webapps/12430.txt,"Joomla Component graphics (com_graphics) 1.0.6 - Local File Inclusion",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0 12431,platforms/windows/dos/12431.html,"Webmoney Advisor - ActiveX Remote Denial of Service",2010-04-28,Go0o$E,windows,dos,0 12432,platforms/php/webapps/12432.txt,"Joomla JE Property Finder Component - Upload",2010-04-28,Sid3^effects,php,webapps,0 12433,platforms/cgi/webapps/12433.py,"NIBE heat pump - RCE Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 @@ -11357,8 +11357,8 @@ id,file,description,date,author,platform,type,port 12447,platforms/php/webapps/12447.txt,"XT-Commerce 1.0 Beta 1 - Pass / Creat and Download Backup",2010-04-29,indoushka,php,webapps,0 12448,platforms/php/webapps/12448.txt,"Socialware 2.2 - Upload / XSS",2010-04-29,Sid3^effects,php,webapps,0 12449,platforms/php/webapps/12449.txt,"DZCP (deV!L_z Clanportal) 1.5.3 - Multiple Vulnerabilities",2010-04-29,indoushka,php,webapps,0 -12450,platforms/windows/webapps/12450.txt,"Microsoft SharePoint Server 2007 - XSS",2010-04-29,"High-Tech Bridge SA",windows,webapps,0 -12451,platforms/php/webapps/12451.txt,"iScripts VisualCaster - SQli",2010-04-29,Sid3^effects,php,webapps,0 +12450,platforms/windows/webapps/12450.txt,"Microsoft SharePoint Server 2007 - Cross-site Scripting",2010-04-29,"High-Tech Bridge SA",windows,webapps,0 +12451,platforms/php/webapps/12451.txt,"iScripts VisualCaster - SQL Injection",2010-04-29,Sid3^effects,php,webapps,0 12452,platforms/php/webapps/12452.txt,"TaskFreak 0.6.2 - SQL Injection",2010-04-29,"Justin C. Klein Keane",php,webapps,0 12453,platforms/php/webapps/12453.txt,"Zyke CMS 1.1 - Bypass",2010-04-29,indoushka,php,webapps,0 12454,platforms/php/webapps/12454.txt,"Zyke CMS 1.0 - Remote File Upload",2010-04-29,indoushka,php,webapps,0 @@ -11366,9 +11366,9 @@ id,file,description,date,author,platform,type,port 12456,platforms/php/webapps/12456.txt,"chCounter - indirect SQL Injection / XSS",2010-04-29,Valentin,php,webapps,0 12457,platforms/windows/dos/12457.txt,"Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service",2010-04-29,ITSecTeam,windows,dos,0 12458,platforms/php/webapps/12458.txt,"Scratcher - (SQL/XSS) Multiple Remote",2010-04-29,"cr4wl3r ",php,webapps,0 -12459,platforms/php/webapps/12459.txt,"ec21 clone 3.0 - (id) SQL Injection",2010-04-30,v3n0m,php,webapps,0 -12460,platforms/php/webapps/12460.txt,"b2b gold script - (id) SQL Injection",2010-04-30,v3n0m,php,webapps,0 -12461,platforms/php/webapps/12461.txt,"JobPost - SQLi",2010-04-30,Sid3^effects,php,webapps,0 +12459,platforms/php/webapps/12459.txt,"ec21 clone 3.0 - 'id' SQL Injection",2010-04-30,v3n0m,php,webapps,0 +12460,platforms/php/webapps/12460.txt,"b2b gold script - 'id' SQL Injection",2010-04-30,v3n0m,php,webapps,0 +12461,platforms/php/webapps/12461.txt,"JobPost - SQL Injection",2010-04-30,Sid3^effects,php,webapps,0 12462,platforms/php/webapps/12462.txt,"AutoDealer 1.0 / 2.0 - MSSQLi",2010-04-30,Sid3^effects,php,webapps,0 12463,platforms/php/webapps/12463.txt,"New-CMS - Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",php,webapps,0 12464,platforms/asp/webapps/12464.txt,"ASPCode CMS 1.5.8 - Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",asp,webapps,0 @@ -11376,11 +11376,11 @@ id,file,description,date,author,platform,type,port 12466,platforms/php/webapps/12466.txt,"Puntal 2.1.0 - Remote File Inclusion",2010-04-30,eidelweiss,php,webapps,0 12467,platforms/php/webapps/12467.txt,"Webthaiapp - detail.php (cat) Blind SQL Injection",2010-04-30,Xelenonz,php,webapps,0 12468,platforms/php/webapps/12468.txt,"Alibaba Clone Platinum - (offers_buy.php) SQL Injection",2010-04-30,v3n0m,php,webapps,0 -12469,platforms/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 - (.zip) SEH",2010-04-30,Lincoln,windows,local,0 -12471,platforms/asp/webapps/12471.txt,"Comersus 8 Shopping Cart - SQL Injection / CSRF",2010-05-01,Sid3^effects,asp,webapps,0 +12469,platforms/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 - '.zip' SEH",2010-04-30,Lincoln,windows,local,0 +12471,platforms/asp/webapps/12471.txt,"Comersus 8 Shopping Cart - SQL Injection / Cross-site Request Forgery",2010-05-01,Sid3^effects,asp,webapps,0 12472,platforms/php/webapps/12472.txt,"CF Image Host 1.1 - Remote File Inclusion",2010-05-01,The.Morpheus,php,webapps,0 12473,platforms/php/webapps/12473.txt,"Joomla Component Table JX - XSS Vulnerabilities",2010-05-01,Valentin,php,webapps,0 -12474,platforms/php/webapps/12474.txt,"Joomla Component Card View JX - XSS",2010-05-01,Valentin,php,webapps,0 +12474,platforms/php/webapps/12474.txt,"Joomla Component Card View JX - Cross-site Scripting",2010-05-01,Valentin,php,webapps,0 12475,platforms/php/webapps/12475.txt,"Opencatalogue 1.024 - Local File Inclusion",2010-05-01,"cr4wl3r ",php,webapps,0 12476,platforms/php/webapps/12476.txt,"Opencimetiere 2.01 - Multiple Remote File Inclusion",2010-05-01,"cr4wl3r ",php,webapps,0 12477,platforms/windows/dos/12477.txt,"Google Chrome 4.1.249.1064 - Remote Memory Corrupt",2010-05-01,eidelweiss,windows,dos,0 @@ -11394,20 +11394,20 @@ id,file,description,date,author,platform,type,port 12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - (RFI/LFI) Multiple File Include",2010-05-02,"cr4wl3r ",php,webapps,0 12487,platforms/windows/dos/12487.html,"Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion",2010-05-03,"Mathias Karlsson",windows,dos,0 12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 - Remote File Inclusion",2010-05-03,"cr4wl3r ",php,webapps,0 -12489,platforms/php/webapps/12489.txt,"Joomla_1.6.0-Alpha2 - XSS",2010-05-03,mega-itec.com,php,webapps,0 +12489,platforms/php/webapps/12489.txt,"Joomla_1.6.0-Alpha2 - Cross-site Scripting",2010-05-03,mega-itec.com,php,webapps,0 12491,platforms/multiple/dos/12491.html,"All browsers - Crash Exploit (0Day)",2010-05-03,"Inj3ct0r Team",multiple,dos,0 14025,platforms/php/webapps/14025.txt,"2DayBiz Job Site Script - SQL injection",2010-06-24,Sangteamtham,php,webapps,0 12492,platforms/windows/dos/12492.html,"Firefox 3.6.3 - Fork Bomb DoS",2010-05-03,Dr_IDE,windows,dos,0 12493,platforms/multiple/dos/12493.html,"All Browsers - Long Unicode DoS PoC",2010-05-03,Dr_IDE,multiple,dos,0 12494,platforms/windows/dos/12494.pl,"Winamp 5.572 - Local Crash PoC (0Day)",2010-05-03,R3d-D3V!L,windows,dos,0 12495,platforms/windows/remote/12495.pl,"ProSSHD 1.2 - Remote Post-Auth Exploit (ASLR + DEP bypass)",2010-05-03,"Alexey Sintsov",windows,remote,0 -12496,platforms/php/webapps/12496.html,"KubeBlog - CSRF",2010-05-03,The.Morpheus,php,webapps,0 -12497,platforms/windows/local/12497.c,"PhotoFiltre Studio X - (.tif) Local Buffer Overflow PoC (0Day)",2010-05-04,"fl0 fl0w",windows,local,0 +12496,platforms/php/webapps/12496.html,"KubeBlog - Cross-site Request Forgery",2010-05-03,The.Morpheus,php,webapps,0 +12497,platforms/windows/local/12497.c,"PhotoFiltre Studio X - '.tif' Local Buffer Overflow PoC (0Day)",2010-05-04,"fl0 fl0w",windows,local,0 12498,platforms/windows/remote/12498.txt,"VicFTPS 5.0 - Directory Traversal",2010-05-04,chr1x,windows,remote,0 -12499,platforms/php/webapps/12499.txt,"dbhcms 1.1.4 - Stored XSS",2010-05-04,ITSecTeam,php,webapps,0 +12499,platforms/php/webapps/12499.txt,"dbhcms 1.1.4 - Persistent Cross-site Scripting",2010-05-04,ITSecTeam,php,webapps,0 12500,platforms/php/webapps/12500.txt,"Clicksor - SQL Injection",2010-05-04,JM511,php,webapps,0 -12501,platforms/windows/local/12501.php,"Beyond Compare 3.0.13 b9599 - (.zip) Stack Buffer Overflow PoC Exploit (0Day)",2010-05-04,mr_me,windows,local,0 -12504,platforms/php/webapps/12504.txt,"thEngine 0.1 - LFI",2010-05-04,team_elite,php,webapps,0 +12501,platforms/windows/local/12501.php,"Beyond Compare 3.0.13 b9599 - '.zip' Stack Buffer Overflow PoC Exploit (0Day)",2010-05-04,mr_me,windows,local,0 +12504,platforms/php/webapps/12504.txt,"thEngine 0.1 - Local File Inclusion",2010-05-04,team_elite,php,webapps,0 12506,platforms/php/webapps/12506.php,"Knowledgeroot (fckeditor) - Remote Arbitrary File Upload Exploit",2010-05-04,eidelweiss,php,webapps,0 12507,platforms/php/webapps/12507.txt,"SmartCMS 2 - SQL Injection",2010-05-04,Ariko-Security,php,webapps,0 12508,platforms/osx/dos/12508.html,"Multiple browsers - history.go() DoS",2010-05-04,Dr_IDE,osx,dos,0 @@ -11418,11 +11418,11 @@ id,file,description,date,author,platform,type,port 12514,platforms/php/webapps/12514.txt,"PHP-Nuke 5.0 - Viewslink SQL Injection",2010-05-05,CMD,php,webapps,0 12515,platforms/php/webapps/12515.txt,"Slooze PHP Web Photo Album 0.2.7 - Command Execution",2010-05-05,"Sn!pEr.S!Te Hacker",php,webapps,0 12516,platforms/windows/local/12516.py,"BaoFeng Storm - .M3U File Processing Buffer Overflow Exploit",2010-05-06,"Lufeng Li and Qingshan Li",windows,local,0 -12517,platforms/php/webapps/12517.txt,"GetSimple 2.01 - LFI",2010-05-06,Batch,php,webapps,0 +12517,platforms/php/webapps/12517.txt,"GetSimple 2.01 - Local File Inclusion",2010-05-06,Batch,php,webapps,0 12518,platforms/windows/dos/12518.pl,"Microsoft Paint - Integer Overflow (DoS) (MS10-005)",2010-05-06,unsign,windows,dos,0 12519,platforms/php/webapps/12519.txt,"AV Arcade - Search Field XSS/HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0 12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server 1.3.1 - (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 -12521,platforms/php/webapps/12521.txt,"Factux - LFI",2010-05-06,"ALTBTA ",php,webapps,0 +12521,platforms/php/webapps/12521.txt,"Factux - Local File Inclusion",2010-05-06,"ALTBTA ",php,webapps,0 12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS - SQL Injection",2010-05-06,MasterGipy,php,webapps,0 12523,platforms/php/webapps/12523.txt,"REZERVI 3.0.2 - Remote Command Execution Exploit",2010-05-06,"JosS and eidelweiss",php,webapps,0 12524,platforms/windows/dos/12524.py,"Windows - SMB2 Negotiate Protocol (0x72) Response DoS",2010-05-07,"Jelmer de Hen",windows,dos,0 @@ -11447,11 +11447,11 @@ id,file,description,date,author,platform,type,port 12546,platforms/windows/dos/12546.pl,"Hyplay 1.2.326.1 - (.asx) Local DoS Crash PoC",2010-05-10,"Steve James",windows,dos,0 12547,platforms/php/webapps/12547.txt,"e-webtech - (new.asp?id=) SQL Injection",2010-05-10,protocol,php,webapps,0 12550,platforms/php/webapps/12550.pl,"Netvidade engine 1.0 - Multiple Vulnerabilities",2010-05-10,pwndomina,php,webapps,0 -12551,platforms/php/webapps/12551.txt,"Spaceacre - Multiple SQL Injection",2010-05-10,gendenk,php,webapps,0 +12551,platforms/php/webapps/12551.txt,"Spaceacre - Multiple SQL Injections",2010-05-10,gendenk,php,webapps,0 12552,platforms/php/webapps/12552.txt,"tekno.Portal 0.1b - (makale.php id) SQL Injection",2010-05-10,CoBRa_21,php,webapps,0 -12553,platforms/php/webapps/12553.txt,"Dark Hart Portal - (login.php) Remote File Inclusion",2010-05-10,CoBRa_21,php,webapps,0 -12554,platforms/php/dos/12554.txt,"MiniManager For Mangos/Trinity Server - DoS",2010-05-10,XroGuE,php,dos,0 -12555,platforms/multiple/dos/12555.txt,"Pargoon CMS - DoS",2010-05-10,"Pouya Daneshmand",multiple,dos,0 +12553,platforms/php/webapps/12553.txt,"Dark Hart Portal - 'login.php' Remote File Inclusion",2010-05-10,CoBRa_21,php,webapps,0 +12554,platforms/php/dos/12554.txt,"MiniManager For Mangos/Trinity Server - Denial of Service",2010-05-10,XroGuE,php,dos,0 +12555,platforms/multiple/dos/12555.txt,"Pargoon CMS - Denial of Service",2010-05-10,"Pouya Daneshmand",multiple,dos,0 12556,platforms/php/webapps/12556.txt,"Tadbir CMS - (fckeditor) Remote Arbitrary File Upload Exploit",2010-05-10,"Pouya Daneshmand",php,webapps,0 12557,platforms/php/webapps/12557.txt,"family connections 2.2.3 - Multiple Vulnerabilities",2010-05-10,"Salvatore Fresta",php,webapps,0 12558,platforms/php/webapps/12558.txt,"29o3 CMS - (LibDir) Multiple RFI",2010-05-10,eidelweiss,php,webapps,0 @@ -11474,7 +11474,7 @@ id,file,description,date,author,platform,type,port 12576,platforms/php/webapps/12576.txt,"Woodall Creative - SQL Injection",2010-05-11,XroGuE,php,webapps,0 12577,platforms/php/webapps/12577.txt,"Marinet CMS - SQL/XSS/HTML Injection",2010-05-11,CoBRa_21,php,webapps,0 12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 - (DIR) Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 -12579,platforms/php/webapps/12579.txt,"Joomla Custom PHP Pages Component com_php - LFI",2010-05-12,"Chip d3 bi0s",php,webapps,0 +12579,platforms/php/webapps/12579.txt,"Joomla Custom PHP Pages Component com_php - Local File Inclusion",2010-05-12,"Chip d3 bi0s",php,webapps,0 12580,platforms/windows/remote/12580.txt,"miniwebsvr 0.0.10 - Directory Traversal/Listing Exploits",2010-05-12,Dr_IDE,windows,remote,0 12581,platforms/windows/remote/12581.txt,"Zervit Web Server 0.4 - Source Disclosure/Download",2010-05-12,Dr_IDE,windows,remote,0 12582,platforms/windows/remote/12582.txt,"Zervit Web Server 0.4 - Directory Traversals",2010-05-12,Dr_IDE,windows,remote,0 @@ -11484,12 +11484,12 @@ id,file,description,date,author,platform,type,port 12586,platforms/php/webapps/12586.php,"IPB 3.0.1 - SQL Injection",2010-05-13,Cryptovirus,php,webapps,0 12587,platforms/linux/remote/12587.c,"WFTPD Server 3.30 - (0Day) Multiple Vulnerabilities",2010-05-13,"fl0 fl0w",linux,remote,21 12588,platforms/linux/dos/12588.txt,"Samba - Multiple DoS Vulnerabilities",2010-05-13,"laurent gaffie",linux,dos,0 -12590,platforms/php/webapps/12590.txt,"Joomla Component com_konsultasi - (sid) SQL Injection",2010-05-13,c4uR,php,webapps,0 +12590,platforms/php/webapps/12590.txt,"Joomla Component com_konsultasi - 'sid' SQL Injection",2010-05-13,c4uR,php,webapps,0 12591,platforms/php/webapps/12591.txt,"BlaB! Lite 0.5 - Remote File Inclusion",2010-05-13,"Sn!pEr.S!Te Hacker",php,webapps,0 12592,platforms/php/webapps/12592.txt,"Joomla Component advertising (com_aardvertiser) 2.0 - Local File Inclusion",2010-05-13,eidelweiss,php,webapps,0 -12593,platforms/php/webapps/12593.txt,"damianov.net Shoutbox - XSS",2010-05-13,"Valentin Hoebel",php,webapps,0 +12593,platforms/php/webapps/12593.txt,"damianov.net Shoutbox - Cross-site Scripting",2010-05-13,"Valentin Hoebel",php,webapps,0 12594,platforms/php/webapps/12594.txt,"Joomla Component Seber Cart - (getPic.php) Local File Disclosure",2010-05-13,AntiSecurity,php,webapps,0 -12595,platforms/php/webapps/12595.txt,"Joomla Component FDione Form Wizard - LFI",2010-05-13,"Chip d3 bi0s",php,webapps,0 +12595,platforms/php/webapps/12595.txt,"Joomla Component FDione Form Wizard - Local File Inclusion",2010-05-13,"Chip d3 bi0s",php,webapps,0 12596,platforms/php/webapps/12596.txt,"Link Bid Script - (links.php id) SQL Injection",2010-05-14,R3d-D3V!L,php,webapps,0 12597,platforms/php/webapps/12597.txt,"Press Release Script - (page.php id) SQL Injection",2010-05-14,R3d-D3V!L,php,webapps,0 12598,platforms/php/webapps/12598.txt,"JE Ajax Event Calendar - Local File Inclusion",2010-05-14,Valentin,php,webapps,0 @@ -11504,17 +11504,17 @@ id,file,description,date,author,platform,type,port 12607,platforms/php/webapps/12607.txt,"Joomla Component com_jequoteform - Local File Inclusion",2010-05-14,"ALTBTA ",php,webapps,0 12608,platforms/php/webapps/12608.txt,"Heaven Soft CMS 4.7 - (photogallery_open.php) SQL Injection",2010-05-14,CoBRa_21,php,webapps,0 12609,platforms/php/webapps/12609.txt,"Alibaba Clone Platinum - (buyer/index.php) SQL Injection",2010-05-14,GuN,php,webapps,0 -12610,platforms/multiple/webapps/12610.txt,"VMware View Portal 3.1 - XSS",2010-05-14,"Alexey Sintsov",multiple,webapps,0 -12611,platforms/php/webapps/12611.txt,"Joomla Component MS Comment 0.8.0b - LFI",2010-05-15,Xr0b0t,php,webapps,0 +12610,platforms/multiple/webapps/12610.txt,"VMware View Portal 3.1 - Cross-site Scripting",2010-05-14,"Alexey Sintsov",multiple,webapps,0 +12611,platforms/php/webapps/12611.txt,"Joomla Component MS Comment 0.8.0b - Local File Inclusion",2010-05-15,Xr0b0t,php,webapps,0 12612,platforms/php/webapps/12612.txt,"Alibaba Clone Platinum - (about_us.php) SQL Injection",2010-05-15,CoBRa_21,php,webapps,0 12613,platforms/php/webapps/12613.txt,"CompactCMS 1.4.0 (tiny_mce) - Remote File Upload",2010-05-15,ITSecTeam,php,webapps,0 12614,platforms/windows/remote/12614.txt,"Safari 4.0.5 - parent.close() Memory Corruption Exploit (ASLR + DEP bypass)",2010-05-15,"Alexey Sintsov",windows,remote,0 12615,platforms/php/webapps/12615.txt,"Joomla Component com_camp - SQL Injection",2010-05-15,"Kernel Security Group",php,webapps,0 12617,platforms/php/webapps/12617.txt,"File Thingie 2.5.5 - File Security Bypass",2010-05-16,"Jeremiah Talamantes",php,webapps,0 -12618,platforms/php/webapps/12618.txt,"Joomla Component simpledownload 0.9.5 - LFI",2010-05-16,Xr0b0t,php,webapps,0 +12618,platforms/php/webapps/12618.txt,"Joomla Component simpledownload 0.9.5 - Local File Inclusion",2010-05-16,Xr0b0t,php,webapps,0 12619,platforms/php/webapps/12619.txt,"Cybertek CMS - Local File Inclusion",2010-05-16,XroGuE,php,webapps,0 12620,platforms/php/webapps/12620.txt,"The iceberg - 'Content Management System' SQL Injection",2010-05-16,cyberlog,php,webapps,0 -12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - (.zip) Stack Buffer Overflow PoC Exploit (0Day)",2010-05-16,sud0,windows,local,0 +12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - '.zip' Stack Buffer Overflow PoC Exploit (0Day)",2010-05-16,sud0,windows,local,0 12623,platforms/php/webapps/12623.txt,"Joomla Component simpledownload 0.9.5 - Local File Disclosure",2010-05-16,"ALTBTA ",php,webapps,0 12624,platforms/php/webapps/12624.txt,"LinPHA 1.3.2 - (rotate.php) Remote Command Execution",2010-05-16,"Sn!pEr.S!Te Hacker",php,webapps,0 12628,platforms/php/webapps/12628.txt,"EgO 0.7b - (fckeditor) Remote File Upload",2010-05-16,ITSecTeam,php,webapps,0 @@ -11528,9 +11528,9 @@ id,file,description,date,author,platform,type,port 12636,platforms/php/webapps/12636.txt,"MidiCart PHP/ASP - Shell Upload",2010-05-17,DigitALL,php,webapps,0 12637,platforms/php/webapps/12637.txt,"MyNews 1.0 CMS - SQL Injection / Local File Inclusion / XSS",2010-05-17,mr_me,php,webapps,0 12639,platforms/php/webapps/12639.txt,"Joomla Component com_event - SQL Injection",2010-05-17,anonymous,php,webapps,0 -12640,platforms/windows/webapps/12640.txt,"Abyss Web Server X1 - CSRF",2010-05-17,"John Leitch",windows,webapps,0 +12640,platforms/windows/webapps/12640.txt,"Abyss Web Server X1 - Cross-site Request Forgery",2010-05-17,"John Leitch",windows,webapps,0 12641,platforms/php/webapps/12641.txt,"JE CMS 1.1 - SQL Injection",2010-05-17,AntiSecurity,php,webapps,0 -12642,platforms/php/webapps/12642.txt,"phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting / Full Path",2010-05-18,"cp77fk4r ",php,webapps,0 +12642,platforms/php/webapps/12642.txt,"phpMyAdmin 2.6.3-pl1 - Cross-site Scripting / Full Path",2010-05-18,"cp77fk4r ",php,webapps,0 12643,platforms/php/webapps/12643.pl,"ChillyCMS - Blind SQL Injection",2010-05-18,IHTeam,php,webapps,0 12644,platforms/php/webapps/12644.txt,"WebJaxe - SQL Injection",2010-05-18,IHTeam,php,webapps,0 12645,platforms/php/webapps/12645.txt,"TS Special Edition 7.0 - Multiple Vulnerabilities",2010-05-18,IHTeam,php,webapps,0 @@ -11542,23 +11542,23 @@ id,file,description,date,author,platform,type,port 12652,platforms/netbsd_x86/dos/12652.sh,"NetBSD 5.0 - Hack GENOCIDE Environment Overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 12653,platforms/netbsd_x86/dos/12653.sh,"NetBSD 5.0 - Hack PATH Environment Overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 12654,platforms/php/webapps/12654.txt,"DB[CMS] 2.0.1 - SQL Injection",2010-05-18,Pokeng,php,webapps,0 -12655,platforms/windows/dos/12655.txt,"QtWeb Browser 3.3 - DoS",2010-05-18,PoisonCode,windows,dos,0 +12655,platforms/windows/dos/12655.txt,"QtWeb Browser 3.3 - Denial of Service",2010-05-18,PoisonCode,windows,dos,0 12656,platforms/php/webapps/12656.txt,"Battle Scrypt - Shell Upload",2010-05-19,DigitALL,php,webapps,0 12657,platforms/windows/remote/12657.txt,"Google Chrome 4.1.249.1059 - Cross Origin Bypass in Google URL (GURL)",2010-05-19,"Jordi Chancel",windows,remote,0 12658,platforms/freebsd/webapps/12658.txt,"McAfee Email Gateway - Web Administration Broken Access Control",2010-05-19,"Nahuel Grisolia",freebsd,webapps,0 12659,platforms/php/webapps/12659.txt,"DB[CMS] - (section.php) SQL Injection",2010-05-19,CoBRa_21,php,webapps,0 -12660,platforms/hardware/webapps/12660.txt,"Palo Alto Network Vulnerability - Cross-Site Scripting",2010-05-19,"Jeromie Jackson",hardware,webapps,0 -12661,platforms/php/webapps/12661.txt,"DBCart - (article.php) SQL Injection",2010-05-19,v3n0m,php,webapps,0 +12660,platforms/hardware/webapps/12660.txt,"Palo Alto Network Vulnerability - Cross-site Scripting",2010-05-19,"Jeromie Jackson",hardware,webapps,0 +12661,platforms/php/webapps/12661.txt,"DBCart - 'article.php' SQL Injection",2010-05-19,v3n0m,php,webapps,0 12662,platforms/windows/local/12662.rb,"SyncBack Freeware 3.2.20.0 - Exploit",2010-05-19,Lincoln,windows,local,0 12663,platforms/windows/remote/12663.html,"CommuniCrypt Mail 1.16 - (ANSMTP.dll/AOSMTP.dll) ActiveX",2010-05-19,Lincoln,windows,remote,0 12664,platforms/asp/webapps/12664.txt,"Renista CMS - Exploit",2010-05-20,"Amir Afghanian",asp,webapps,0 -12665,platforms/php/webapps/12665.pl,"IMEDIA - (index.php) SQL Injection",2010-05-20,kannibal615,php,webapps,0 -12666,platforms/php/webapps/12666.txt,"DB[CMS] - (article.php) SQL Injection",2010-05-20,blackraptor,php,webapps,0 +12665,platforms/php/webapps/12665.pl,"IMEDIA - 'index.php' SQL Injection",2010-05-20,kannibal615,php,webapps,0 +12666,platforms/php/webapps/12666.txt,"DB[CMS] - 'article.php' SQL Injection",2010-05-20,blackraptor,php,webapps,0 12667,platforms/php/webapps/12667.py,"Entry Level Content Management System (EL CMS) - SQL Injection",2010-05-20,"vir0e5 ",php,webapps,0 12671,platforms/php/webapps/12671.txt,"Powder Blue Design - SQL Injection",2010-05-20,cyberlog,php,webapps,0 12672,platforms/asp/webapps/12672.txt,"Spaw Editor 1.0 & 2.0 - Remote File Upload",2010-05-20,Ma3sTr0-Dz,asp,webapps,0 12673,platforms/windows/remote/12673.txt,"ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit",2010-05-20,Ma3sTr0-Dz,windows,remote,0 -12674,platforms/php/webapps/12674.txt,"webYourPhotos 6.05 - (index.php) Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 +12674,platforms/php/webapps/12674.txt,"webYourPhotos 6.05 - 'index.php' Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 30093,platforms/linux/local/30093.txt,"Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow",2007-05-28,raylai,linux,local,0 14341,platforms/php/webapps/14341.html,"Campsite CMS 3.4.0 - Multiple CSRF Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 12676,platforms/php/webapps/12676.txt,"Open-AudIT - Multiple vulnerabilities",2010-05-21,"Sébastien Duquette",php,webapps,0 @@ -11577,7 +11577,7 @@ id,file,description,date,author,platform,type,port 12686,platforms/php/webapps/12686.txt,"Online University - (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - (gallery.php) Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 -12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 administration console - (Authenticated) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0 +12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 administration console - (Authenticated) Cross-site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0 12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - (fckeditor) Arbitrary File Upload Exploit",2010-05-21,Ma3sTr0-Dz,php,webapps,0 12691,platforms/php/webapps/12691.txt,"Online Job Board - (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 14322,platforms/php/webapps/14322.txt,"Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 @@ -11596,7 +11596,7 @@ id,file,description,date,author,platform,type,port 12704,platforms/windows/dos/12704.txt,"Media Player Classic 1.3.1774.0 - (.rm) Buffer Overflow PoC",2010-05-23,"sniper ip",windows,dos,0 12706,platforms/php/webapps/12706.txt,"MMA Creative Design - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12707,platforms/php/webapps/12707.txt,"runt-communications Design - SQL Injection",2010-05-23,XroGuE,php,webapps,0 -12709,platforms/php/webapps/12709.txt,"webperformance Ecommerce - SQL",2010-05-23,cyberlog,php,webapps,0 +12709,platforms/php/webapps/12709.txt,"webperformance Ecommerce - SQL Injection",2010-05-23,cyberlog,php,webapps,0 12710,platforms/windows/local/12710.c,"Kingsoft WebShield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Local Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 12711,platforms/php/webapps/12711.txt,"BBMedia Design's - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12712,platforms/php/webapps/12712.txt,"goffgrafix - Design's SQL Injection",2010-05-23,XroGuE,php,webapps,0 @@ -11604,16 +11604,16 @@ id,file,description,date,author,platform,type,port 12714,platforms/php/webapps/12714.txt,"infoware - SQL Injection",2010-05-24,cyberlog,php,webapps,0 12715,platforms/multiple/webapps/12715.pl,"e107 - Code Exec",2010-05-24,McFly,multiple,webapps,0 12716,platforms/php/webapps/12716.txt,"runt-communications Design - (property_more.php) SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 -12717,platforms/php/webapps/12717.txt,"Telia Web Design - (index.php) SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 +12717,platforms/php/webapps/12717.txt,"Telia Web Design - 'index.php' SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 12718,platforms/php/webapps/12718.txt,"BBMedia Design's - (news_more.php) SQL Injection",2010-05-24,gendenk,php,webapps,0 -12719,platforms/php/webapps/12719.txt,"PHP Graphy 0.9.7 - (index.php) Remote Command Execution",2010-05-24,"Sn!pEr.S!Te Hacker",php,webapps,0 +12719,platforms/php/webapps/12719.txt,"PHP Graphy 0.9.7 - 'index.php' Remote Command Execution",2010-05-24,"Sn!pEr.S!Te Hacker",php,webapps,0 12720,platforms/php/webapps/12720.txt,"Schaf-CMS 1.0 - SQL Injection",2010-05-24,Manas58,php,webapps,0 12721,platforms/php/webapps/12721.txt,"Apache Axis2 1.4.1 - Local File Inclusion",2010-05-24,HC,php,webapps,0 12722,platforms/php/webapps/12722.txt,"interuse Website Builder & design - (index2.php) SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 12723,platforms/php/webapps/12723.py,"Joomla com_qpersonel - SQL Injection Remote Exploit",2010-05-24,"Valentin Hoebel",php,webapps,0 12724,platforms/php/webapps/12724.php,"WebAsys - Blind SQL Injection",2010-05-24,zsh.shell,php,webapps,0 12725,platforms/php/webapps/12725.txt,"ALSCO CMS - SQL Injection",2010-05-24,PrinceofHacking,php,webapps,0 -12726,platforms/php/webapps/12726.txt,"REvolution 10.02 - CSRF (Cross-Site Request Forgery)",2010-05-24,"High-Tech Bridge SA",php,webapps,0 +12726,platforms/php/webapps/12726.txt,"REvolution 10.02 - Cross-site Request Forgery (Cross-site Request Forgery)",2010-05-24,"High-Tech Bridge SA",php,webapps,0 12727,platforms/php/webapps/12727.txt,"LiSK CMS 4.4 - SQL Injection",2010-05-24,"High-Tech Bridge SA",php,webapps,0 12728,platforms/windows/webapps/12728.txt,"Microsoft Outlook Web Access (OWA) 8.2.254.0 - Information Disclosure",2010-05-24,"Praveen Darshanam",windows,webapps,0 12729,platforms/php/webapps/12729.txt,"Blox CMS - SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 @@ -11622,7 +11622,7 @@ id,file,description,date,author,platform,type,port 12732,platforms/php/webapps/12732.php,"JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities",2010-05-24,eidelweiss,php,webapps,0 12734,platforms/asp/webapps/12734.txt,"Blaze Apps - Multiple Vulnerabilities",2010-05-24,"AmnPardaz ",asp,webapps,0 12735,platforms/php/webapps/12735.txt,"NITRO Web Gallery - SQL Injection",2010-05-25,cyberlog,php,webapps,0 -12736,platforms/php/webapps/12736.txt,"Website Design and Hosting By Netricks Inc - (news.php) SQL Injection",2010-05-25,"Dr.SiLnT HilL",php,webapps,0 +12736,platforms/php/webapps/12736.txt,"Website Design and Hosting By Netricks Inc - 'news.php' SQL Injection",2010-05-25,"Dr.SiLnT HilL",php,webapps,0 12737,platforms/php/webapps/12737.txt,"Simpel Side - (index2.php) SQL Injection",2010-05-25,MN9,php,webapps,0 12740,platforms/windows/dos/12740.py,"Webby Webserver - PoC SEH control (0Day)",2010-05-25,m-1-k-3,windows,dos,0 12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Auth Denial of Service",2010-05-25,Dr_IDE,windows,dos,0 @@ -11635,9 +11635,9 @@ id,file,description,date,author,platform,type,port 12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 - .ABR File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 - .GRD File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 - .ASL File Handling Remote BoF PoC",2010-05-26,LiquidWorm,windows,dos,0 -12754,platforms/php/webapps/12754.html,"Easy Address book Webserver 1.2 - CSRF",2010-05-26,Markot,php,webapps,0 +12754,platforms/php/webapps/12754.html,"Easy Address book Webserver 1.2 - Cross-site Request Forgery",2010-05-26,Markot,php,webapps,0 12755,platforms/php/webapps/12755.txt,"Multi Vendor Mall - (itemdetail.php & shop.php) SQL Injection",2010-05-26,CoBRa_21,php,webapps,0 -12756,platforms/php/webapps/12756.txt,"Spaceacre - (index.php) SQL/HTML/XSS Injection",2010-05-26,CoBRa_21,php,webapps,0 +12756,platforms/php/webapps/12756.txt,"Spaceacre - 'index.php' SQL/HTML/XSS Injection",2010-05-26,CoBRa_21,php,webapps,0 12761,platforms/php/webapps/12761.txt,"GlobalWebTek Design - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12762,platforms/freebsd/dos/12762.txt,"FreeBSD 8.0 ftpd - off-by one PoC (FreeBSD-SA-10:05)",2010-05-27,"Maksymilian Arciemowicz",freebsd,dos,0 12763,platforms/php/webapps/12763.txt,"File Share scriptFile share - Sql Injection",2010-05-27,MouDy-Dz,php,webapps,0 @@ -11645,7 +11645,7 @@ id,file,description,date,author,platform,type,port 12767,platforms/php/webapps/12767.txt,"parlic Design - (SQL/XSS/HTML) Multiple Vulnerabilities",2010-05-27,XroGuE,php,webapps,0 14321,platforms/windows/remote/14321.html,"Image22 ActiveX 1.1.1 - Buffer Overflow Exploit",2010-07-10,blake,windows,remote,0 12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script - SQL Injection",2010-05-27,Mr.P3rfekT,php,webapps,0 -12769,platforms/php/webapps/12769.txt,"Joomla Component MediQnA 1.1 - LFI",2010-05-27,kaMtiEz,php,webapps,0 +12769,platforms/php/webapps/12769.txt,"Joomla Component MediQnA 1.1 - Local File Inclusion",2010-05-27,kaMtiEz,php,webapps,0 12770,platforms/php/webapps/12770.txt,"toronja CMS - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12771,platforms/php/webapps/12771.txt,"Toronja CMS - HTML/XSS Injection",2010-05-27,CoBRa_21,php,webapps,0 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce - SQL Injection",2010-05-27,cyberlog,php,webapps,0 @@ -11653,11 +11653,11 @@ id,file,description,date,author,platform,type,port 12774,platforms/windows/dos/12774.py,"HomeFTP Server r1.10.3 - (build 144) Denial of Service",2010-05-28,Dr_IDE,windows,dos,0 12775,platforms/multiple/dos/12775.py,"VLC Media Player 1.0.6 - (.avi) Media File Crash PoC",2010-05-28,Dr_IDE,multiple,dos,0 12776,platforms/php/webapps/12776.txt,"Realtor WebSite System E-Commerce - idfestival SQL Injection",2010-05-28,CoBRa_21,php,webapps,0 -12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent - (news.php) SQL Injection",2010-05-28,v3n0m,php,webapps,0 +12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent - 'news.php' SQL Injection",2010-05-28,v3n0m,php,webapps,0 12779,platforms/php/webapps/12779.txt,"Joomla Component My Car - Multiple Vulnerabilities",2010-05-28,Valentin,php,webapps,0 12780,platforms/php/webapps/12780.txt,"Joomla Component BF Quiz - SQL Injection",2010-05-28,Valentin,php,webapps,0 12781,platforms/php/webapps/12781.txt,"Joomla Component com_jepoll - (pollid) SQL Injection",2010-05-28,v3n0m,php,webapps,0 -12782,platforms/php/webapps/12782.txt,"Joomla Component com_jejob 1.0 - (catid) SQL Injection",2010-05-28,v3n0m,php,webapps,0 +12782,platforms/php/webapps/12782.txt,"Joomla Component com_jejob 1.0 - 'catid' SQL Injection",2010-05-28,v3n0m,php,webapps,0 12785,platforms/php/webapps/12785.pl,"YourArcadeScript 2.0b1 - Blind SQL Injection",2010-05-28,DNX,php,webapps,0 12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) - SQL Injection",2010-05-29,Shamus,windows,webapps,0 12787,platforms/php/webapps/12787.txt,"Nucleus Plugin Gallery - RFI / SQLi",2010-05-29,AntiSecurity,php,webapps,0 @@ -11680,13 +11680,13 @@ id,file,description,date,author,platform,type,port 12809,platforms/php/webapps/12809.txt,"Symphony CMS - Local File Inclusion",2010-05-30,AntiSecurity,php,webapps,0 12811,platforms/php/webapps/12811.txt,"Oscommerce Online Merchant 2.2 - Remote File Upload",2010-05-30,MasterGipy,php,webapps,0 12812,platforms/php/webapps/12812.txt,"Joomla com_quran - SQL Injection",2010-05-30,r3m1ck,php,webapps,0 -12813,platforms/php/webapps/12813.txt,"WsCMS - Multiple SQL Injection",2010-05-31,cyberlog,php,webapps,0 -12814,platforms/php/webapps/12814.txt,"Joomla Component com_g2bridge - LFI",2010-05-31,akatsuchi,php,webapps,0 +12813,platforms/php/webapps/12813.txt,"WsCMS - Multiple SQL Injections",2010-05-31,cyberlog,php,webapps,0 +12814,platforms/php/webapps/12814.txt,"Joomla Component com_g2bridge - Local File Inclusion",2010-05-31,akatsuchi,php,webapps,0 12815,platforms/windows/remote/12815.txt,"GoAheaad Webserver - Source Code Disclosure",2010-05-30,Sil3nt_Dre4m,windows,remote,0 12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 - (.zar) DoS",2010-05-31,TecR0c,windows,dos,0 12817,platforms/php/webapps/12817.txt,"QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 12818,platforms/php/webapps/12818.txt,"e107 0.7.21 full - (RFI/XSS) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 -12819,platforms/php/webapps/12819.txt,"Persian E107 - XSS",2010-05-31,indoushka,php,webapps,0 +12819,platforms/php/webapps/12819.txt,"Persian E107 - Cross-site Scripting",2010-05-31,indoushka,php,webapps,0 12820,platforms/php/webapps/12820.txt,"Visitor Logger - (banned.php) Remote File Inclusion",2010-05-31,bd0rk,php,webapps,0 12821,platforms/windows/local/12821.py,"Mediacoder 0.7.3.4672 - SEH Exploit",2010-05-31,Stoke,windows,local,0 12822,platforms/php/webapps/12822.txt,"Joomla Component com_jsjobs - SQL Injection",2010-05-31,d0lc3,php,webapps,0 @@ -11737,7 +11737,7 @@ id,file,description,date,author,platform,type,port 40090,platforms/multiple/dos/40090.txt,"Adobe Flash - ATF Image Packing Overflow",2016-07-11,"Google Security Research",multiple,dos,0 40091,platforms/php/remote/40091.rb,"Tiki Wiki 15.1 - Unauthenticated File Upload (Metasploit)",2016-07-11,"Mehmet Ince",php,remote,80 40095,platforms/multiple/dos/40095.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (1)",2016-07-13,COSIG,multiple,dos,0 -30170,platforms/php/webapps/30170.txt,"Beehive Forum 0.7.1 - Links.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",php,webapps,0 +30170,platforms/php/webapps/30170.txt,"Beehive Forum 0.7.1 - Links.php Multiple Cross-site Scripting Vulnerabilities",2007-06-11,"Ory Segal",php,webapps,0 13260,platforms/bsdi_x86/shellcode/13260.c,"BSDi/x86 - execve /bin/sh toupper evasion shellcode (97 bytes)",2004-09-26,anonymous,bsdi_x86,shellcode,0 13261,platforms/freebsd/shellcode/13261.txt,"FreeBSD i386 & AMD64 - Execve /bin/sh shellcode (Anti-Debugging) (140 bytes)",2009-04-13,c0d3_z3r0,freebsd,shellcode,0 13262,platforms/freebsd_x86/shellcode/13262.txt,"FreeBSD/x86 - setreuid_ execve(pfctl -d) shellcode (56 bytes)",2008-09-12,suN8Hclf,freebsd_x86,shellcode,0 @@ -12110,12 +12110,12 @@ id,file,description,date,author,platform,type,port 13746,platforms/php/webapps/13746.txt,"Joomla Component com_searchlog - SQL Injection",2010-06-06,d0lc3,php,webapps,0 13747,platforms/php/webapps/13747.txt,"PHP Car Rental Complete System 1.2 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 13748,platforms/php/webapps/13748.txt,"Joomla Component com_annonces - Upload",2010-06-06,Sid3^effects,php,webapps,0 -13749,platforms/php/webapps/13749.txt,"idevspot Text ads 2.08 - SQLi",2010-06-06,Sid3^effects,php,webapps,0 -13750,platforms/php/webapps/13750.txt,"WebBiblio Subject Gateway System - LFI",2010-06-06,AntiSecurity,php,webapps,0 +13749,platforms/php/webapps/13749.txt,"idevspot Text ads 2.08 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 +13750,platforms/php/webapps/13750.txt,"WebBiblio Subject Gateway System - Local File Inclusion",2010-06-06,AntiSecurity,php,webapps,0 13751,platforms/php/webapps/13751.txt,"greeting card - Remote Upload",2010-06-06,Mr.Benladen,php,webapps,0 13752,platforms/php/webapps/13752.txt,"reVou Twitter Clone 2.0 Beta - SQL Injection / XSS",2010-06-06,Sid3^effects,php,webapps,0 13754,platforms/multiple/webapps/13754.txt,"JForum 2.1.8 bookmarks - CSRF / XSS",2010-06-07,"Adam Baldwin",multiple,webapps,0 -13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass)",2010-06-07,mr_me,windows,local,0 +13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow Exploit (DEP bypass)",2010-06-07,mr_me,windows,local,0 13760,platforms/windows/local/13760.py,"Audio Converter 8.1 - Stack Buffer Overflow PoC Exploit (0Day)",2010-06-07,sud0,windows,local,0 13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 - SEH Buffer Overflow",2010-06-07,chap0,windows,local,0 13762,platforms/php/webapps/13762.txt,"CommonSense CMS - SQL Injection",2010-06-07,Pokeng,php,webapps,0 @@ -12123,14 +12123,14 @@ id,file,description,date,author,platform,type,port 13766,platforms/php/webapps/13766.txt,"Home of MCLogin System - Authentication Bypass",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow PoC Exploit",2010-06-08,mr_me,windows,local,0 13768,platforms/php/local/13768.py,"Castripper 2.50.70 - (.pls) Stack Buffer Overflow DEP bypass Exploit",2010-06-08,mr_me,php,local,0 -13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQLI",2010-06-08,Sid3^effects,php,webapps,0 +13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQL Injection",2010-06-08,Sid3^effects,php,webapps,0 13770,platforms/php/webapps/13770.txt,"Hotel / Resort Site Script with OnLine Reservation System - SQL Injection",2010-06-08,"L0rd CrusAd3r",php,webapps,0 -13771,platforms/php/webapps/13771.txt,"EMO Realty Manager - SQLi",2010-06-08,"L0rd CrusAd3r",php,webapps,0 +13771,platforms/php/webapps/13771.txt,"EMO Realty Manager - SQL Injection",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13772,platforms/php/webapps/13772.txt,"Rayzz Photoz - Upload",2010-06-08,Sid3^effects,php,webapps,0 13773,platforms/php/webapps/13773.txt,"Holiday Travel Portal - Upload",2010-06-08,Sid3^effects,php,webapps,0 13774,platforms/hardware/dos/13774.pl,"Motorola SB5101 Hax0rware Rajko HTTPD - Remote Exploit PoC",2010-06-08,"Dillon Beresford",hardware,dos,80 13775,platforms/hardware/dos/13775.pl,"Motorola SB5101 - Hax0rware Event Reset Remote Overflow",2010-06-08,"Dillon Beresford",hardware,dos,80 -13776,platforms/php/webapps/13776.txt,"Phreebooks 2.0 - Multiple Permanent Cross-Site Scripting",2010-06-08,"Gustavo Sorondo",php,webapps,0 +13776,platforms/php/webapps/13776.txt,"Phreebooks 2.0 - Multiple Permanent Cross-site Scripting",2010-06-08,"Gustavo Sorondo",php,webapps,0 13777,platforms/php/webapps/13777.txt,"Phreebooks 2.0 - Local File Inclusion",2010-06-08,"Gustavo Sorondo",php,webapps,0 13778,platforms/php/webapps/13778.txt,"Phreebooks 2.0 - Directory Traversal",2010-06-08,"Gustavo Sorondo",php,webapps,0 13779,platforms/php/webapps/13779.txt,"Pre Web Host - SQL Injection",2010-06-08,Mr.Benladen,php,webapps,0 @@ -12141,27 +12141,27 @@ id,file,description,date,author,platform,type,port 13785,platforms/php/webapps/13785.txt,"eLms Pro - SQLi / XSS",2010-06-09,Sid3^effects,php,webapps,0 13786,platforms/php/webapps/13786.txt,"PGAUTOPro - SQLi / XSS",2010-06-09,Sid3^effects,php,webapps,0 13787,platforms/multiple/remote/13787.txt,"Adobe Flash and Reader - PoC (0Day)",2010-06-09,Unknown,multiple,remote,0 -13788,platforms/asp/webapps/13788.txt,"Web Wiz Forums 9.68 - SQLi",2010-06-09,Sid3^effects,asp,webapps,0 -13789,platforms/asp/webapps/13789.txt,"Virtual Real Estate Manager 3.5 - SQLi",2010-06-09,Sid3^effects,asp,webapps,0 +13788,platforms/asp/webapps/13788.txt,"Web Wiz Forums 9.68 - SQL Injection",2010-06-09,Sid3^effects,asp,webapps,0 +13789,platforms/asp/webapps/13789.txt,"Virtual Real Estate Manager 3.5 - SQL Injection",2010-06-09,Sid3^effects,asp,webapps,0 14294,platforms/php/webapps/14294.txt,"sphider 1.3.5 - Remote File Inclusion",2010-07-09,Li0n-PaL,php,webapps,0 13790,platforms/asp/webapps/13790.txt,"iClone - SQL Injection",2010-06-09,Sid3^effects,asp,webapps,0 14333,platforms/php/webapps/14333.html,"Orbis CMS 1.0.2 - Multiple CSRF Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14334,platforms/lin_x86/shellcode/14334.c,"Linux/x86 - netcat connect back port 8080 shellcode (76 bytes)",2010-07-11,blake,lin_x86,shellcode,0 13792,platforms/php/webapps/13792.txt,"Joomla Component cinema - SQL Injection",2010-06-09,Sudden_death,php,webapps,0 -13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager - SQLi",2010-06-09,"L0rd CrusAd3r",asp,webapps,0 +13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager - SQL Injection",2010-06-09,"L0rd CrusAd3r",asp,webapps,0 13794,platforms/multiple/webapps/13794.txt,"Joomla 1.5 Jreservation Component - SQLi / XSS",2010-06-09,Sid3^effects,multiple,webapps,0 27972,platforms/php/webapps/27972.txt,"ESTsoft InternetDisk - Arbitrary File Upload and Script Execution",2006-06-05,Kil13r,php,webapps,0 27973,platforms/php/webapps/27973.txt,"Bookmark4U 2.0 - inc/dbase.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27974,platforms/php/webapps/27974.txt,"Bookmark4U 2.0 - inc/config.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 -13796,platforms/php/webapps/13796.txt,"joomla com_jstore - SQLi",2010-06-09,Sid3^effects,php,webapps,0 -13797,platforms/php/webapps/13797.txt,"joomla com_jtickets - SQLi",2010-06-09,Sid3^effects,php,webapps,0 -13798,platforms/php/webapps/13798.txt,"joomla com_jcommunity - SQLi",2010-06-09,Sid3^effects,php,webapps,0 -13799,platforms/php/webapps/13799.txt,"joomla com_jmarket - SQLi",2010-06-09,Sid3^effects,php,webapps,0 -13800,platforms/php/webapps/13800.txt,"joomla com_jsubscription - SQLi",2010-06-09,Sid3^effects,php,webapps,0 +13796,platforms/php/webapps/13796.txt,"joomla com_jstore - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 +13797,platforms/php/webapps/13797.txt,"joomla com_jtickets - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 +13798,platforms/php/webapps/13798.txt,"joomla com_jcommunity - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 +13799,platforms/php/webapps/13799.txt,"joomla com_jmarket - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 +13800,platforms/php/webapps/13800.txt,"joomla com_jsubscription - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 13801,platforms/php/webapps/13801.txt,"Science Fair In A Box - SQLi / XSS",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13802,platforms/php/webapps/13802.txt,"PHP Real Estate Script - SQLi",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13803,platforms/php/webapps/13803.txt,"PHPAccess - SQLi",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13804,platforms/php/webapps/13804.txt,"joomla com_jnewsletter - SQLi",2010-06-09,Sid3^effects,php,webapps,0 +13802,platforms/php/webapps/13802.txt,"PHP Real Estate Script - SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0 +13803,platforms/php/webapps/13803.txt,"PHPAccess - SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0 +13804,platforms/php/webapps/13804.txt,"joomla com_jnewsletter - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 13805,platforms/php/webapps/13805.txt,"PHP Property Rental Script - SQLi / XSS",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13806,platforms/windows/local/13806.txt,"ActivePerl 5.8.8.817 - Buffer Overflow",2010-06-09,PoisonCode,windows,local,0 13807,platforms/php/webapps/13807.py,"BtiTracker 1.3.x < 1.4.x - Exploit",2010-06-09,TinKode,php,webapps,0 @@ -12208,17 +12208,17 @@ id,file,description,date,author,platform,type,port 13853,platforms/linux/remote/13853.pl,"Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan",2010-06-13,anonymous,linux,remote,0 13854,platforms/php/webapps/13854.txt,"UTStats - XSS / SQL Injection / Full path disclosure",2010-06-13,"LuM Member",php,webapps,0 13855,platforms/php/webapps/13855.txt,"Eyeland Studio Inc. - SQL Injection",2010-06-13,Mr.P3rfekT,php,webapps,0 -13856,platforms/php/webapps/13856.txt,"Yamamah Photo Gallery 1.00 - (download.php) Local File Disclosure",2010-06-13,mat,php,webapps,0 +13856,platforms/php/webapps/13856.txt,"Yamamah Photo Gallery 1.00 - 'download.php' Local File Disclosure",2010-06-13,mat,php,webapps,0 13857,platforms/php/webapps/13857.txt,"Yamamah Photo Gallery 1.00 - SQL Injection (calbums)",2010-06-13,CoBRa_21,php,webapps,0 13858,platforms/php/webapps/13858.txt,"Eyeland Studio Inc. - (game.php) SQL Injection",2010-06-13,CoBRa_21,php,webapps,0 13859,platforms/asp/webapps/13859.txt,"Digital Interchange Document Library - SQL Injection",2010-06-13,"L0rd CrusAd3r",asp,webapps,0 13860,platforms/asp/webapps/13860.txt,"Digital Interchange Calendar - SQL Injection",2010-06-13,"L0rd CrusAd3r",asp,webapps,0 13861,platforms/asp/webapps/13861.txt,"Real-time ASP Calendar - SQL Injection",2010-06-13,"L0rd CrusAd3r",asp,webapps,0 -13862,platforms/php/webapps/13862.txt,"Pre Classified Listing - SQL",2010-06-13,"L0rd CrusAd3r",php,webapps,0 -13863,platforms/php/webapps/13863.txt,"Lyrics Script - SQL Injection / Cross-Site Scripting",2010-06-14,Valentin,php,webapps,0 +13862,platforms/php/webapps/13862.txt,"Pre Classified Listing - SQL Injection",2010-06-13,"L0rd CrusAd3r",php,webapps,0 +13863,platforms/php/webapps/13863.txt,"Lyrics Script - SQL Injection / Cross-site Scripting",2010-06-14,Valentin,php,webapps,0 13864,platforms/php/webapps/13864.txt,"Membership Site Script - SQL Injection",2010-06-14,Valentin,php,webapps,0 13865,platforms/php/webapps/13865.txt,"Daily Inspirational Quotes Script - SQL Injection",2010-06-14,Valentin,php,webapps,0 -13866,platforms/php/webapps/13866.txt,"Joke Website Script - SQL Injection / Cross-Site Scripting",2010-06-14,Valentin,php,webapps,0 +13866,platforms/php/webapps/13866.txt,"Joke Website Script - SQL Injection / Cross-site Scripting",2010-06-14,Valentin,php,webapps,0 13867,platforms/php/webapps/13867.txt,"E-Book Store - SQL Injection",2010-06-14,Valentin,php,webapps,0 13870,platforms/ios/dos/13870.py,"iOS QuickOffice 3.1.0 - HTTP Method Remote DoS",2010-06-14,"Nishant Das Patnaik",ios,dos,0 13871,platforms/ios/dos/13871.py,"iOS Impact PDF Reader 2.0 - POST Method Remote DoS",2010-06-14,"Nishant Das Patnaik",ios,dos,0 @@ -12244,7 +12244,7 @@ id,file,description,date,author,platform,type,port 13897,platforms/php/webapps/13897.txt,"Real Estate - SQL Injection",2010-06-16,"L0rd CrusAd3r",php,webapps,0 13898,platforms/php/webapps/13898.pl,"DMSEasy 0.9.7 - (fckeditor) Arbitrary File Upload",2010-06-17,sh00t0ut,php,webapps,0 13899,platforms/php/webapps/13899.txt,"Pithcms 0.9.5 - Local File Inclusion",2010-06-17,sh00t0ut,php,webapps,0 -13900,platforms/php/webapps/13900.txt,"Easy Travel Portal - SQL",2010-06-17,"L0rd CrusAd3r",php,webapps,0 +13900,platforms/php/webapps/13900.txt,"Easy Travel Portal - SQL Injection",2010-06-17,"L0rd CrusAd3r",php,webapps,0 13901,platforms/php/webapps/13901.txt,"PenPals - Authentication Bypass",2010-06-17,"L0rd CrusAd3r",php,webapps,0 13902,platforms/asp/webapps/13902.txt,"Ananda Image Gallery - SQL Injection",2010-06-17,"L0rd CrusAd3r",asp,webapps,0 13903,platforms/windows/remote/13903.py,"File Sharing Wizard 1.5.0 - (SEH) Exploit",2010-06-17,b0nd,windows,remote,0 @@ -12263,7 +12263,7 @@ id,file,description,date,author,platform,type,port 13919,platforms/windows/dos/13919.c,"Corel VideoStudio Pro X3 - (.mp4) Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13920,platforms/windows/dos/13920.c,"H264WebCam - Boundary Condition Error",2010-06-18,"fl0 fl0w",windows,dos,0 13921,platforms/windows/dos/13921.c,"PowerZip 7.21 - (Build 4010) Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 -13922,platforms/php/webapps/13922.txt,"Joomla Component com_joomdocs - XSS",2010-06-18,Sid3^effects,php,webapps,0 +13922,platforms/php/webapps/13922.txt,"Joomla Component com_joomdocs - Cross-site Scripting",2010-06-18,Sid3^effects,php,webapps,0 13923,platforms/php/webapps/13923.txt,"Joomla Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13925,platforms/php/webapps/13925.txt,"joomla component ozio gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13926,platforms/php/webapps/13926.txt,"joomla component listbingo 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 @@ -12272,7 +12272,7 @@ id,file,description,date,author,platform,type,port 13930,platforms/php/webapps/13930.txt,"Shopping Cart Script with Affiliate Program - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13931,platforms/php/webapps/13931.txt,"Kubelance SQL Injection - (profile.php?id)",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13932,platforms/windows/remote/13932.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Full System Access",2010-06-18,"Serge Gorbunov",windows,remote,0 -13933,platforms/php/webapps/13933.txt,"UK One Media CMS - (id) Error Based SQL Injection",2010-06-19,LiquidWorm,php,webapps,0 +13933,platforms/php/webapps/13933.txt,"UK One Media CMS - 'id' Error Based SQL Injection",2010-06-19,LiquidWorm,php,webapps,0 13934,platforms/windows/dos/13934.py,"MoreAmp - (.maf) Buffer Overflow PoC",2010-06-19,Sid3^effects,windows,dos,0 13935,platforms/php/webapps/13935.txt,"Joomla Component RSComments 1.0.0 - Persistent XSS",2010-06-19,jdc,php,webapps,0 13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders 3.5 - SQL Injection (ladder[id])",2010-06-19,ahwak2000,php,webapps,0 @@ -12290,7 +12290,7 @@ id,file,description,date,author,platform,type,port 13948,platforms/php/webapps/13948.txt,"OroHYIP - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13949,platforms/php/webapps/13949.txt,"Shareasale Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13951,platforms/php/webapps/13951.txt,"Joomla Component com_eportfolio - Upload",2010-06-20,Sid3^effects,php,webapps,0 -13952,platforms/php/webapps/13952.txt,"Saffa Tunes CMS - (news.php) SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 +13952,platforms/php/webapps/13952.txt,"Saffa Tunes CMS - 'news.php' SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 13954,platforms/php/webapps/13954.txt,"G.CMS Generator - SQL Injection",2010-06-21,Sid3^effects,php,webapps,0 13955,platforms/php/webapps/13955.txt,"Joomla Template BizWeb com_community - Persistent XSS",2010-06-21,Sid3^effects,php,webapps,0 13956,platforms/php/webapps/13956.txt,"Joomla Hot Property com_jomestate - Remote File Inclusion",2010-06-21,Sid3^effects,php,webapps,0 @@ -12300,7 +12300,7 @@ id,file,description,date,author,platform,type,port 14363,platforms/php/webapps/14363.txt,"Ad Network Script - Persistent XSS",2010-07-14,Sid3^effects,php,webapps,0 14359,platforms/php/webapps/14359.html,"Zenphoto CMS 1.3 - Multiple CSRF Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 - Remote Command Execution",2010-07-14,"Meder Kydyraliev",multiple,remote,0 -13960,platforms/php/webapps/13960.html,"PHPWCMS 1.4.5 r398 - Cross-Site Request Forgery",2010-06-21,"Jeremiah Talamantes",php,webapps,0 +13960,platforms/php/webapps/13960.html,"PHPWCMS 1.4.5 r398 - Cross-site Request Forgery",2010-06-21,"Jeremiah Talamantes",php,webapps,0 13961,platforms/php/webapps/13961.txt,"Alpin CMS 1.0 - SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 13962,platforms/php/webapps/13962.txt,"Joomla Component JomSocial 1.6.288 - Multiple XSS",2010-06-21,jdc,php,webapps,0 13964,platforms/php/webapps/13964.txt,"Linker IMG 1.0 - Remote File Inclusion",2010-06-21,"Sn!pEr.S!Te Hacker",php,webapps,0 @@ -12315,9 +12315,9 @@ id,file,description,date,author,platform,type,port 13976,platforms/php/webapps/13976.txt,"Top Sites Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13977,platforms/php/webapps/13977.txt,"Social Community Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13978,platforms/php/webapps/13978.txt,"Job Search Engine Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13979,platforms/php/webapps/13979.txt,"Joomla Component com_ybggal 1.0 - (catid) SQL Injection",2010-06-22,v3n0m,php,webapps,0 +13979,platforms/php/webapps/13979.txt,"Joomla Component com_ybggal 1.0 - 'catid' SQL Injection",2010-06-22,v3n0m,php,webapps,0 13980,platforms/php/webapps/13980.txt,"Cornerstone CMS - SQL Injection",2010-06-22,"Th3 RDX",php,webapps,0 -13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery - LFI",2010-06-22,kaMtiEz,php,webapps,0 +13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery - Local File Inclusion",2010-06-22,kaMtiEz,php,webapps,0 13982,platforms/php/webapps/13982.txt,"Alpin CMS - (e4700.asp?id) SQL Injection",2010-06-22,CoBRa_21,php,webapps,0 13983,platforms/php/webapps/13983.txt,"Greeting card 1.1 - SQL Injection",2010-06-22,Net.Edit0r,php,webapps,0 13986,platforms/php/webapps/13986.txt,"Softbiz Resource Repository Script - Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 @@ -12349,7 +12349,7 @@ id,file,description,date,author,platform,type,port 14014,platforms/win_x86/shellcode/14014.pl,"Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess shellcode (176+ bytes)",2010-06-24,d0lc3,win_x86,shellcode,0 14015,platforms/php/webapps/14015.txt,"2DayBiz photo sharing Script - SQL Injection",2010-06-24,JaMbA,php,webapps,0 14016,platforms/php/webapps/14016.txt,"AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion",2010-06-24,v3n0m,php,webapps,0 -14017,platforms/php/webapps/14017.txt,"Joomla Component com_realtyna - LFI",2010-06-24,MISTERFRIBO,php,webapps,0 +14017,platforms/php/webapps/14017.txt,"Joomla Component com_realtyna - Local File Inclusion",2010-06-24,MISTERFRIBO,php,webapps,0 14018,platforms/php/webapps/14018.txt,"2DayBiz Video Community Portal - 'user-profile.php' SQL Injection",2010-06-24,Sangteamtham,php,webapps,0 14019,platforms/php/webapps/14019.txt,"2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection",2010-06-24,Sangteamtham,php,webapps,0 14020,platforms/php/webapps/14020.txt,"2DayBiz The Web Template Software - SQL Injection / XSS",2010-06-24,Sangteamtham,php,webapps,0 @@ -12366,7 +12366,7 @@ id,file,description,date,author,platform,type,port 14044,platforms/windows/local/14044.pl,"WM Downloader 2.9.2 - Stack Buffer Overflow",2010-06-25,Madjix,windows,local,0 14116,platforms/arm/shellcode/14116.txt,"Linux/ARM - setuid(0) & kill(-1_ SIGKILL) shellcode (28 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 14046,platforms/windows/local/14046.py,"FieldNotes 32 5.0 - Buffer Overflow (SEH)",2010-06-25,TecR0c,windows,local,0 -14047,platforms/php/webapps/14047.txt,"2DayBiz Matrimonial Script - SQL Injection / Cross-Site Scripting",2010-06-25,Sangteamtham,php,webapps,0 +14047,platforms/php/webapps/14047.txt,"2DayBiz Matrimonial Script - SQL Injection / Cross-site Scripting",2010-06-25,Sangteamtham,php,webapps,0 14048,platforms/php/webapps/14048.txt,"2DayBiz - Multiple SQL Injections",2010-06-25,Sangteamtham,php,webapps,0 14049,platforms/php/webapps/14049.html,"Allomani Songs & Clips Script 2.7.0 - (CSRF) Add Admin Account",2010-06-25,G0D-F4Th3rG0D-F4Th3r,php,webapps,0 14050,platforms/php/webapps/14050.txt,"ARSC Really Simple Chat 3.3 - Remote File Inclusion / XSS",2010-06-25,"Zer0 Thunder",php,webapps,0 @@ -12379,17 +12379,17 @@ id,file,description,date,author,platform,type,port 14057,platforms/php/webapps/14057.txt,"WordPress Cimy Counter Plugin - Exploit",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Remote Upload File Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla JE Awd Song Component - Persistent XSS",2010-06-26,Sid3^effects,php,webapps,0 -14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component - LFI",2010-06-26,Sid3^effects,php,webapps,0 +14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14085,platforms/php/webapps/14085.txt,"iNet Online Community - Blind SQLi",2010-06-28,JaMbA,php,webapps,0 14266,platforms/windows/dos/14266.pl,"IrcDelphi Daemon Server - Denial of Service",2010-07-08,Crash,windows,dos,6667 14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 - (buyupg.php) SQL Injection",2010-06-28,Dark.Man,php,webapps,0 -14062,platforms/php/webapps/14062.txt,"Joomla JE Event Calendar - LFI",2010-06-26,Sid3^effects,php,webapps,0 -14063,platforms/php/webapps/14063.txt,"Joomla JE Job Component com_jejob - LFI",2010-06-26,Sid3^effects,php,webapps,0 -14064,platforms/php/webapps/14064.txt,"Joomla Component JE Section Finder - LFI",2010-06-26,Sid3^effects,php,webapps,0 +14062,platforms/php/webapps/14062.txt,"Joomla JE Event Calendar - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 +14063,platforms/php/webapps/14063.txt,"Joomla JE Job Component com_jejob - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 +14064,platforms/php/webapps/14064.txt,"Joomla Component JE Section Finder - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14068,platforms/windows/local/14068.py,"Winamp 5.572 - Local BoF Exploit (Windows 7 ASLR + DEP Bypass)",2010-06-26,Node,windows,local,0 14073,platforms/php/webapps/14073.txt,"2DayBiz Matrimonial Script - smartresult.php SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 14070,platforms/php/webapps/14070.txt,"Speedy 1.0 - Remote Shell Upload",2010-06-26,"ViRuS Qalaa",php,webapps,0 -14071,platforms/windows/dos/14071.pl,"FoxPlayer 2 - (.m3u) Local BoF PoC",2010-06-26,Madjix,windows,dos,0 +14071,platforms/windows/dos/14071.pl,"FoxPlayer 2 - '.m3u' Local BoF PoC",2010-06-26,Madjix,windows,dos,0 14072,platforms/windows/dos/14072.c,"UltraISO 9.3.6.2750 - (.mds) (.mdf) Buffer Overflow PoC",2010-06-27,"fl0 fl0w",windows,dos,0 14074,platforms/php/webapps/14074.rb,"2DayBiz ybiz Polls Script - SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 14075,platforms/php/webapps/14075.rb,"2DayBiz ybiz Freelance Script - SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 @@ -12404,11 +12404,11 @@ id,file,description,date,author,platform,type,port 14089,platforms/php/webapps/14089.txt,"PageDirector CMS - Multiple Vulnerabilities",2010-06-28,Tr0y-x,php,webapps,0 14097,platforms/arm/shellcode/14097.c,"Linux/ARM - execve(_/bin/sh___/bin/sh__0) shellcode (30 bytes)",2010-06-28,"Jonathan Salwan",arm,shellcode,0 14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 - Remote Code Execution (OSX)",2010-06-28,dookie,osx,remote,0 -14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQLi",2010-06-28,Sid3^effects,php,webapps,0 -14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQLi",2010-06-28,Sid3^effects,php,webapps,0 -14096,platforms/php/webapps/14096.html,"CMSQlite & CMySQLite 1.3 - CSRF",2010-06-28,"ADEO Security",php,webapps,0 +14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 +14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 +14096,platforms/php/webapps/14096.html,"CMSQlite & CMySQLite 1.3 - Cross-site Request Forgery",2010-06-28,"ADEO Security",php,webapps,0 14295,platforms/windows/dos/14295.html,"Microsoft - MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0Day)",2010-07-09,"Ruben Santamarta ",windows,dos,0 -14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local SEH BoF",2010-06-28,chap0,windows,local,0 +14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local SEH Buffer Overflow",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote DoS",2010-06-28,Markot,windows,dos,80 14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 - (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 14107,platforms/php/webapps/14107.txt,"YPNinc JokeScript - (ypncat_id) SQL Injection",2010-06-29,v3n0m,php,webapps,0 @@ -12417,22 +12417,22 @@ id,file,description,date,author,platform,type,port 14102,platforms/windows/dos/14102.py,"Winamp 5.571 - (.avi) Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 14103,platforms/multiple/webapps/14103.txt,"Applicure DotDefender 4.01-3 - Persistent XSS",2010-06-28,EnableSecurity,multiple,webapps,80 14109,platforms/php/webapps/14109.txt,"YPNinc PHP Realty Script - (docID) SQL Injection",2010-06-29,v3n0m,php,webapps,0 -14110,platforms/php/webapps/14110.txt,"Allomani - E-Store 1.0 - CSRF (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 -14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia 2.5 - CSRF (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 +14110,platforms/php/webapps/14110.txt,"Allomani - E-Store 1.0 - Cross-site Request Forgery (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 +14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia 2.5 - Cross-site Request Forgery (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 14112,platforms/php/webapps/14112.txt,"PageDirector CMS - (result.php) SQL Injection",2010-06-29,v3n0m,php,webapps,0 14115,platforms/windows/webapps/14115.txt,"Gekko CMS - SQL Injection",2010-06-29,[]0iZy5,windows,webapps,80 14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 30100,platforms/windows/remote/30100.html,"British Telecommunications Consumer Webhelper 2.0.0.7 - Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 -14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS - (news.php) SQL Injection",2010-06-29,GlaDiaT0R,multiple,webapps,80 +14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS - 'news.php' SQL Injection",2010-06-29,GlaDiaT0R,multiple,webapps,80 14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 -14274,platforms/php/webapps/14274.txt,"Joomla Music Manager Component - LFI",2010-07-08,Sid3^effects,php,webapps,0 +14274,platforms/php/webapps/14274.txt,"Joomla Music Manager Component - Local File Inclusion",2010-07-08,Sid3^effects,php,webapps,0 14142,platforms/arm/shellcode/14142.c,"Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) shellcode (84 bytes)",2010-06-30,"Florian Gaultier",arm,shellcode,0 14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / DoS",2010-06-29,LiquidWorm,multiple,dos,0 14122,platforms/arm/shellcode/14122.txt,"Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)",2010-06-29,"Florian Gaultier",arm,shellcode,0 14123,platforms/php/webapps/14123.txt,"WebDM CMS - SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 14124,platforms/php/webapps/14124.pl,"PHP-Nuke 8.0 - SQL Injection",2010-06-30,Dante90,php,webapps,0 14125,platforms/php/webapps/14125.pl,"ShopCartDx 4.30 - (products.php) Blind SQL Injection",2010-06-30,Dante90,php,webapps,0 -14126,platforms/php/webapps/14126.txt,"joomla component gamesbox com_gamesbox 1.0.2 - (id) SQL Injection",2010-06-30,v3n0m,php,webapps,0 +14126,platforms/php/webapps/14126.txt,"joomla component gamesbox com_gamesbox 1.0.2 - 'id' SQL Injection",2010-06-30,v3n0m,php,webapps,0 14127,platforms/php/webapps/14127.txt,"Joomla Joomanager - SQL Injection",2010-06-30,Sid3^effects,php,webapps,0 14141,platforms/php/webapps/14141.pl,"Oxygen2PHP 1.1.3 - (member.php) SQL Injection",2010-06-30,Dante90,php,webapps,0 14132,platforms/php/webapps/14132.html,"webERP 3.11.4 - Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 @@ -12440,7 +12440,7 @@ id,file,description,date,author,platform,type,port 14144,platforms/php/webapps/14144.txt,"Specialist Bed and Breakfast Website - SQL Injection",2010-06-30,JaMbA,php,webapps,0 14145,platforms/php/webapps/14145.txt,"Golf Club Site - SQL Injection",2010-06-30,JaMbA,php,webapps,0 14146,platforms/hardware/webapps/14146.txt,"Ubiquity Nanostation5 (Air OS) - Remote Command Execution (0Day)",2010-06-30,emgent,hardware,webapps,80 -14147,platforms/php/webapps/14147.txt,"NinkoBB - CSRF",2010-07-01,"ADEO Security",php,webapps,0 +14147,platforms/php/webapps/14147.txt,"NinkoBB - Cross-site Request Forgery",2010-07-01,"ADEO Security",php,webapps,0 14149,platforms/asp/webapps/14149.txt,"Setiran CMS - Blind SQL Injection",2010-07-01,"Th3 RDX",asp,webapps,0 14150,platforms/windows/local/14150.pl,"RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR + DEP Bypass)",2010-07-01,Node,windows,local,0 14151,platforms/php/webapps/14151.pl,"Oxygen2PHP 1.1.3 - (post.php) Blind SQL Injection",2010-07-01,Dante90,php,webapps,0 @@ -12450,17 +12450,17 @@ id,file,description,date,author,platform,type,port 14155,platforms/asp/webapps/14155.txt,"SIDA University System - SQL Injection",2010-07-01,K053,asp,webapps,0 14209,platforms/php/webapps/14209.txt,"Joomla Front-End Article Manager System - Upload",2010-07-04,Sid3^effects,php,webapps,0 14156,platforms/windows/dos/14156.txt,"Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-after-free",2010-07-01,MSRC,windows,dos,0 -14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller - Cross-Site Scripting",2010-07-02,Sangteamtham,php,webapps,0 +14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller - Cross-site Scripting",2010-07-02,Sangteamtham,php,webapps,0 14163,platforms/php/webapps/14163.txt,"iScripts ReserveLogic 1.0 - SQL Injection",2010-07-01,"Salvatore Fresta",php,webapps,0 14164,platforms/php/webapps/14164.txt,"iScripts CyberMatch 1.0 - Blind SQL Injection",2010-07-02,"Salvatore Fresta",php,webapps,0 14160,platforms/php/webapps/14160.txt,"InterScan Web Security 5.0 - Permanent XSS",2010-07-01,"Ivan Huertas",php,webapps,0 14177,platforms/linux/webapps/14177.txt,"Xplico 0.5.7 - (add.ctp) Remote XSS",2010-07-02,"Marcos Garcia and Maximiliano Soler",linux,webapps,0 -14162,platforms/php/webapps/14162.txt,"iScripts EasySnaps 2.0 - Multiple SQL Injection",2010-07-01,"Salvatore Fresta",php,webapps,0 +14162,platforms/php/webapps/14162.txt,"iScripts EasySnaps 2.0 - Multiple SQL Injections",2010-07-01,"Salvatore Fresta",php,webapps,0 14176,platforms/php/webapps/14176.c,"iScripts SocialWare 2.2.x - Arbitrary File Upload",2010-07-02,"Salvatore Fresta",php,webapps,0 14166,platforms/php/webapps/14166.txt,"Bit Weaver 2.7 - Local File Inclusion",2010-07-02,"John Leitch",php,webapps,0 -14171,platforms/php/webapps/14171.txt,"Iphone Pointter Social Network - LFI",2010-07-02,Sid3^effects,php,webapps,0 +14171,platforms/php/webapps/14171.txt,"Iphone Pointter Social Network - Local File Inclusion",2010-07-02,Sid3^effects,php,webapps,0 14172,platforms/php/webapps/14172.txt,"Joomla Seyret Video Component (com_seyret) - Blind SQL Injection",2010-07-02,RoAd_KiLlEr,php,webapps,0 -14170,platforms/php/webapps/14170.txt,"Pointter Social Network - LFI",2010-07-02,Sid3^effects,php,webapps,0 +14170,platforms/php/webapps/14170.txt,"Pointter Social Network - Local File Inclusion",2010-07-02,Sid3^effects,php,webapps,0 14168,platforms/asp/webapps/14168.txt,"VGM Forbin - (article.asp) SQL Injection",2010-07-02,"Th3 RDX",asp,webapps,0 14169,platforms/asp/webapps/14169.txt,"MooreAdvice - (productlist.asp) SQL Injection",2010-07-02,"Th3 RDX",asp,webapps,0 14175,platforms/windows/dos/14175.pl,"Mp3 Digitalbox 2.7.2.0 - (.mp3) Local Stack Overflow PoC",2010-07-02,v3n0m,windows,dos,0 @@ -12475,19 +12475,19 @@ id,file,description,date,author,platform,type,port 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting AddOn - Remote File Inclusion",2010-07-03,lumut--,php,webapps,0 14187,platforms/php/webapps/14187.txt,"Joomla eventcal Component 1.6.4 com_eventcal - Blind SQL Injection",2010-07-03,RoAd_KiLlEr,php,webapps,0 -14188,platforms/php/webapps/14188.html,"Cpanel 11.25 - CSRF Add FTP Account Exploit",2010-07-03,G0D-F4Th3r,php,webapps,0 +14188,platforms/php/webapps/14188.html,"Cpanel 11.25 - CSRF (Add FTP Account) Exploit",2010-07-03,G0D-F4Th3r,php,webapps,0 14190,platforms/arm/shellcode/14190.c,"Linux/ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL); - XOR 88 encoded shellcode (78 bytes)",2010-07-03,"Jonathan Salwan",arm,shellcode,0 14193,platforms/php/webapps/14193.c,"iscripts socialware 2.2.x - Multiple Vulnerabilities",2010-07-03,"Salvatore Fresta",php,webapps,0 14194,platforms/windows/remote/14194.cpp,"Sun Java Web Server 7.0 u7 - Remote Exploit",2010-07-03,dmc,windows,remote,0 14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX SEH Overwrite",2010-07-03,blake,windows,remote,0 14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion",2010-07-04,saudi0hacker,php,webapps,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads - Persistent XSS",2010-07-03,Sid3^effects,php,webapps,0 -14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injection",2010-07-03,"Salvatore Fresta",php,webapps,0 +14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injections",2010-07-03,"Salvatore Fresta",php,webapps,0 14198,platforms/php/webapps/14198.txt,"Simple:Press WordPress Plugin 4.3.0 - SQL Injection",2010-07-04,"ADEO Security",php,webapps,0 14199,platforms/php/webapps/14199.txt,"phpaaCMS 0.3.1 - (show.php?id=) SQL Injection",2010-07-04,Shafiq-Ur-Rehman,php,webapps,0 14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow Exploit",2010-07-04,blake,windows,remote,0 14201,platforms/php/webapps/14201.txt,"phpaaCMS - (list.php?id) SQL Injection",2010-07-04,CoBRa_21,php,webapps,0 -14202,platforms/php/webapps/14202.txt,"iLister Listing Software - LFI",2010-07-04,Sid3^effects,php,webapps,0 +14202,platforms/php/webapps/14202.txt,"iLister Listing Software - Local File Inclusion",2010-07-04,Sid3^effects,php,webapps,0 14203,platforms/php/webapps/14203.txt,"TCW PHP Album - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14204,platforms/php/webapps/14204.txt,"Esoftpro Online Guestbook Pro - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14205,platforms/php/webapps/14205.txt,"Esoftpro Online Photo Pro 2 - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 @@ -12497,7 +12497,7 @@ id,file,description,date,author,platform,type,port 14222,platforms/windows/remote/14222.py,"UFO: Alien Invasion 2.2.1 - BoF Exploit (Windows 7 ASLR + DEP Bypass)",2010-07-05,Node,windows,remote,0 14211,platforms/php/webapps/14211.txt,"Joomla NijnaMonials Component (com_ninjamonials) - Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0 14213,platforms/php/webapps/14213.txt,"Joomla Component SEF (com_sef) - Local File Inclusion",2010-07-05,_mlk_,php,webapps,0 -14214,platforms/php/webapps/14214.txt,"bbPress 1.0.2 - CSRF Change Admin Password",2010-07-05,saudi0hacker,php,webapps,0 +14214,platforms/php/webapps/14214.txt,"bbPress 1.0.2 - CSRF (Change Admin Password)",2010-07-05,saudi0hacker,php,webapps,0 14215,platforms/windows/local/14215.txt,"SasCam 2.7 - ActiveX Head Buffer Overflow",2010-07-05,blake,windows,local,0 14216,platforms/lin_x86/shellcode/14216.c,"Linux/x86 - bind shell port 64533 shellcode (97 bytes)",2010-07-05,Magnefikko,lin_x86,shellcode,0 14217,platforms/php/webapps/14217.txt,"WikiWebHelp 0.28 - SQL Injection",2010-07-05,"ADEO Security",php,webapps,0 @@ -12529,10 +12529,10 @@ id,file,description,date,author,platform,type,port 14244,platforms/php/webapps/14244.txt,"Lyrics 3.0 - Engine SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 14245,platforms/php/webapps/14245.txt,"Pre Multi-Vendor Shopping Malls - SQL Injection / Auth Bypass",2010-07-06,**RoAd_KiLlEr**,php,webapps,0 14248,platforms/windows/remote/14248.py,"minerCPP 0.4b - Remote BOF / Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 -14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial - SQLi",2010-07-06,Sid3^effects,php,webapps,0 +14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial - SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 14251,platforms/php/webapps/14251.txt,"PsNews 1.3 - SQL Injection",2010-07-06,S.W.T,php,webapps,0 14254,platforms/osx/remote/14254.py,"EvoCam Web Server OS X - ROP Remote Exploit (Snow Leopard)",2010-07-06,d1dn0t,osx,remote,0 -14285,platforms/windows/webapps/14285.txt,"Outlook Web Access 2007 - CSRF",2010-07-08,"Rosario Valotta",windows,webapps,0 +14285,platforms/windows/webapps/14285.txt,"Outlook Web Access 2007 - Cross-site Request Forgery",2010-07-08,"Rosario Valotta",windows,webapps,0 14255,platforms/php/webapps/14255.txt,"sandbox 2.0.3 - Multiple Vulnerabilities",2010-07-06,"Salvatore Fresta",php,webapps,0 14256,platforms/windows/local/14256.txt,"HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 14258,platforms/windows/local/14258.py,"GSM SIM Utility 5.15 - Local Exploit Direct Ret ver",2010-07-07,chap0,windows,local,0 @@ -12562,17 +12562,17 @@ id,file,description,date,author,platform,type,port 14284,platforms/asp/webapps/14284.txt,"i-Gallery - Multiple Vulnerabilities",2010-07-08,SONIC,asp,webapps,0 14287,platforms/windows/remote/14287.cpp,"Sun Java Web Server 7.0 u7 - Exploit with DEP bypass",2010-07-09,dmc,windows,remote,0 14288,platforms/win_x86/shellcode/14288.asm,"Win32 - Write-to-file Shellcode (278 bytes)",2010-07-09,"Brett Gervasoni",win_x86,shellcode,0 -14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 - Cross-Site Request Forgery [CSRF]",2010-07-09,saudi0hacker,php,webapps,0 +14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 - Cross-site Request Forgery [CSRF]",2010-07-09,saudi0hacker,php,webapps,0 14290,platforms/windows/dos/14290.py,"MP3 Cutter 1.5 - Denial of Service",2010-07-09,"Prashant Uniyal",windows,dos,0 14293,platforms/php/webapps/14293.txt,"Minify4Joomla - Upload and Persistent XSS",2010-07-09,Sid3^effects,php,webapps,0 -14291,platforms/php/webapps/14291.txt,"IXXO Cart for Joomla - SQLi",2010-07-09,Sid3^effects,php,webapps,0 +14291,platforms/php/webapps/14291.txt,"IXXO Cart for Joomla - SQL Injection",2010-07-09,Sid3^effects,php,webapps,0 14434,platforms/php/webapps/14434.txt,"Joomla Component com_jomtube - (user_id) Blind SQL Injection / SQL Injection",2010-07-22,SixP4ck3r,php,webapps,0 14312,platforms/php/webapps/14312.txt,"Joomla redSHOP Component 1.0 (com_redshop pid) - SQL Injection",2010-07-10,v3n0m,php,webapps,0 14296,platforms/php/webapps/14296.txt,"Joomla QuickFAQ Component (com_quickfaq) - Blind SQL Injection",2010-07-09,RoAd_KiLlEr,php,webapps,0 14316,platforms/php/webapps/14316.pl,"PHP-Nuke 8.0 - (Web_Links Module) Remote Blind SQL Injection",2010-07-10,yawn,php,webapps,0 -14299,platforms/php/webapps/14299.txt,"CMS Contentia - (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 +14299,platforms/php/webapps/14299.txt,"CMS Contentia - 'news.php' SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14305,platforms/lin_x86-64/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) shellcode (49 bytes)",2010-07-09,10n1z3d,lin_x86-64,shellcode,0 -14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 +14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - 'news.php' SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 14308,platforms/php/webapps/14308.txt,"WordPress Firestats Plugin - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow DoS",2010-10-23,d0lc3,windows,dos,0 @@ -12613,7 +12613,7 @@ id,file,description,date,author,platform,type,port 14365,platforms/php/webapps/14365.txt,"Campsite CMS - Remote Persistent XSS",2010-07-15,D4rk357,php,webapps,0 14366,platforms/php/webapps/14366.txt,"Whizzy CMS 10.01 - Local File Inclusion",2010-07-15,"Anarchy Angel",php,webapps,0 14368,platforms/php/webapps/14368.txt,"RedShop 1.0.23.1 Joomla Component - Blind SQL Injection",2010-07-15,"Salvatore Fresta",php,webapps,0 -14369,platforms/jsp/webapps/14369.txt,"ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - XSS",2010-07-15,Markot,jsp,webapps,0 +14369,platforms/jsp/webapps/14369.txt,"ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - Cross-site Scripting",2010-07-15,Markot,jsp,webapps,0 14370,platforms/php/webapps/14370.txt,"BS Scripts Directory - (info.php) SQL Injection",2010-07-15,D4rk357,php,webapps,0 14371,platforms/php/webapps/14371.txt,"BS Scripts Directory - (articlesdetails.php) SQL Injection",2010-07-16,k4k4shi,php,webapps,0 14372,platforms/windows/dos/14372.txt,"Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow",2010-07-16,shinnai,windows,dos,0 @@ -12626,7 +12626,7 @@ id,file,description,date,author,platform,type,port 14379,platforms/multiple/dos/14379.txt,"Novell Groupwise Internet Agent - Stack Overflow",2010-07-16,"Francis Provencher",multiple,dos,0 14380,platforms/windows/dos/14380.py,"Power/Personal FTP Server - RETR Denial of Service",2010-07-16,antrhacks,windows,dos,0 14381,platforms/php/webapps/14381.txt,"Group Office - Remote Command Execution",2010-07-16,"ADEO Security",php,webapps,0 -14382,platforms/windows/webapps/14382.txt,"ActiTime 2.0-MA - CSRF",2010-07-16,Markot,windows,webapps,0 +14382,platforms/windows/webapps/14382.txt,"ActiTime 2.0-MA - Cross-site Request Forgery",2010-07-16,Markot,windows,webapps,0 14383,platforms/php/webapps/14383.txt,"Group Office - (comment_id) SQL Injection",2010-07-16,"Canberk BOLAT",php,webapps,0 14420,platforms/asp/webapps/14420.txt,"Mayasan Portal 2.0 - (makaledetay.asp) SQL Injection",2010-07-20,v0calist,asp,webapps,0 14421,platforms/asp/webapps/14421.txt,"Mayasan Portal 2.0 - (haberdetay.asp) SQL Injection",2010-07-20,CoBRa_21,asp,webapps,0 @@ -12665,12 +12665,12 @@ id,file,description,date,author,platform,type,port 14424,platforms/windows/dos/14424.txt,"Lithtech Engine - Memory Corruption",2010-07-20,"Luigi Auriemma",windows,dos,0 14425,platforms/php/webapps/14425.txt,"PHP Chat for 123 Flash Chat - Remote File Inclusion",2010-07-20,"HaCkEr arar",php,webapps,0 14426,platforms/php/webapps/14426.pl,"Imagine-cms 2.50 - SQL Injection",2010-07-21,Metropolis,php,webapps,0 -14427,platforms/windows/webapps/14427.txt,"Outlook Web Access 2003 - CSRF",2010-07-21,anonymous,windows,webapps,0 +14427,platforms/windows/webapps/14427.txt,"Outlook Web Access 2003 - Cross-site Request Forgery",2010-07-21,anonymous,windows,webapps,0 14428,platforms/windows/local/14428.py,"QQPlayer - .asx File Processing Buffer Overflow Exploit",2010-07-21,"Li Qingshan",windows,local,0 14431,platforms/windows/local/14431.py,"QQPlayer - .cue File Buffer Overflow Exploit",2010-07-21,"Lufeng Li",windows,local,0 14432,platforms/php/webapps/14432.txt,"OpenX - (phpAdsNew) Remote File inclusion",2010-07-21,"ViRuS Qalaa",php,webapps,0 14430,platforms/php/webapps/14430.txt,"RapidLeech Scripts - Remote File Upload",2010-07-21,H-SK33PY,php,webapps,0 -14433,platforms/windows/local/14433.pl,"ZipCentral - (.zip) Buffer Overflow (SEH)",2010-07-21,"Jiten Pathy",windows,local,0 +14433,platforms/windows/local/14433.pl,"ZipCentral - '.zip' Buffer Overflow (SEH)",2010-07-21,"Jiten Pathy",windows,local,0 14435,platforms/php/webapps/14435.txt,"AJ HYIP PRIME - (welcome.php id) Blind SQL Injection",2010-07-22,JosS,php,webapps,0 14436,platforms/php/webapps/14436.txt,"AJ HYIP MERIDIAN - (news.php id) Blind SQL Injection",2010-07-22,JosS,php,webapps,0 14437,platforms/php/webapps/14437.txt,"Free PHP photo gallery script - Remote Command Execution",2010-07-22,"ViRuS Qalaa",php,webapps,0 @@ -12694,12 +12694,12 @@ id,file,description,date,author,platform,type,port 14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 - faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0 14456,platforms/aix/remote/14456.c,"IBM AIX 5l FTPd - Remote DES Hash Exploit",2010-07-24,kingcope,aix,remote,0 14457,platforms/php/webapps/14457.txt,"DM Filemanager 3.9.11 - Arbitrary File Upload",2010-07-24,eidelweiss,php,webapps,0 -14458,platforms/php/webapps/14458.txt,"sNews - (index.php) SQL Injection",2010-07-24,MajoR,php,webapps,0 +14458,platforms/php/webapps/14458.txt,"sNews - 'index.php' SQL Injection",2010-07-24,MajoR,php,webapps,0 14459,platforms/php/webapps/14459.txt,"Open Realty 2.x / 3.x - Persistent XSS",2010-07-24,K053,php,webapps,0 14461,platforms/asp/webapps/14461.txt,"AKY Blog - SQL Injection",2010-07-24,v0calist,asp,webapps,0 14462,platforms/php/webapps/14462.txt,"Joomla Ozio Gallery Component (com_oziogallery) - SQL Injection",2010-07-24,"ViRuS Qalaa",php,webapps,0 14463,platforms/php/webapps/14463.txt,"Joomla ITArmory Component (com_itarmory) - SQL Injection",2010-07-24,Craw,php,webapps,0 -14464,platforms/windows/local/14464.pl,"Mediacoder 0.7.3.4682 - (.m3u) Universal Buffer Overflow Exploit",2010-07-24,s-dz,windows,local,0 +14464,platforms/windows/local/14464.pl,"Mediacoder 0.7.3.4682 - '.m3u' Universal Buffer Overflow Exploit",2010-07-24,s-dz,windows,local,0 14465,platforms/php/webapps/14465.txt,"sNews 1.7 - (index.php?category) SQL Injection",2010-07-24,CoBRa_21,php,webapps,0 14466,platforms/php/webapps/14466.txt,"Joomla Component (com_joomdle) 0.24 - SQL Injection",2010-07-24,kaMtiEz,php,webapps,0 14467,platforms/php/webapps/14467.txt,"Joomla Component (com_youtube) - SQL Injection",2010-07-24,Forza-Dz,php,webapps,0 @@ -12744,7 +12744,7 @@ id,file,description,date,author,platform,type,port 14523,platforms/php/webapps/14523.txt,"SnoGrafx - (cat.php?cat) SQL Injection",2010-08-02,CoBRa_21,php,webapps,0 14528,platforms/php/webapps/14528.txt,"APT-WEBSHOP-SYSTEM - modules.php SQL Injection",2010-08-02,secret,php,webapps,0 14530,platforms/php/webapps/14530.txt,"Joomla CamelcityDB 2.2 - SQL Injection",2010-08-02,Amine_92,php,webapps,0 -14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting",2010-08-02,"Juan Manuel Garcia",php,webapps,0 +14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-site Scripting",2010-08-02,"Juan Manuel Garcia",php,webapps,0 14532,platforms/windows/local/14532.py,"Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr - Stack Buffer Overflow",2010-08-02,"Praveen Darshanam",windows,local,0 14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0 14534,platforms/php/webapps/14534.txt,"68KB 1.0.0rc4 - Remote File Inclusion",2010-08-03,eidelweiss,php,webapps,0 @@ -12752,7 +12752,7 @@ id,file,description,date,author,platform,type,port 14539,platforms/windows/remote/14539.html,"FathFTP 1.8 - (RasIsConnected Method) ActiveX Buffer Overflow (SEH)",2010-08-03,Madjix,windows,remote,0 14536,platforms/hardware/remote/14536.txt,"EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 14537,platforms/multiple/dos/14537.txt,"Oracle MySQL - 'ALTER DATABASE' Remote Denial of Service",2010-08-03,"Shane Bester",multiple,dos,0 -14558,platforms/php/webapps/14558.txt,"sX-Shop - Multiple SQL Injection",2010-08-05,CoBRa_21,php,webapps,0 +14558,platforms/php/webapps/14558.txt,"sX-Shop - Multiple SQL Injections",2010-08-05,CoBRa_21,php,webapps,0 14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery 0.12 Plugin - Blind SQL Injection",2010-08-03,kaMtiEz,php,webapps,0 14550,platforms/windows/local/14550.py,"Exploit Easy RM to MP3 2.7.3.700 - (.m3u & .pls & .smi & .wpl & .wax & .wvx & .ram)",2010-08-04,"Oh Yaw Theng",windows,local,0 14545,platforms/windows/dos/14545.txt,"Progitek Visionner Photos 2.0 - File Format DoS",2010-08-03,antrhacks,windows,dos,0 @@ -12767,10 +12767,10 @@ id,file,description,date,author,platform,type,port 14559,platforms/php/webapps/14559.txt,"APBoard 2.1.0 - (board.php?id=) SQL Injection",2010-08-05,secret,php,webapps,0 14560,platforms/php/webapps/14560.txt,"ccTiddly 1.7.6 - Multiple Remote File Inclusion",2010-08-05,eidelweiss,php,webapps,0 14569,platforms/php/webapps/14569.txt,"joomla component cgtestimonial 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0 -14562,platforms/php/webapps/14562.html,"Open Blog 1.2.1 - CSRF",2010-08-05,"High-Tech Bridge SA",php,webapps,0 -14563,platforms/php/webapps/14563.html,"BXR 0.6.8 - CSRF",2010-08-05,"High-Tech Bridge SA",php,webapps,0 -14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - XSS",2010-08-05,"High-Tech Bridge SA",php,webapps,0 -14565,platforms/php/webapps/14565.html,"DiamondList 0.1.6 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 +14562,platforms/php/webapps/14562.html,"Open Blog 1.2.1 - Cross-site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 +14563,platforms/php/webapps/14563.html,"BXR 0.6.8 - Cross-site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 +14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - Cross-site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 +14565,platforms/php/webapps/14565.html,"DiamondList 0.1.6 - Cross-site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14576,platforms/windows/local/14576.c,"Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass)",2010-08-07,"fl0 fl0w",windows,local,0 14573,platforms/linux/dos/14573.txt,"LibTIFF - 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service",2010-08-07,"Tomas Hoger",linux,dos,0 14570,platforms/php/webapps/14570.txt,"Joomla Component com_neorecruit 1.4 - SQL Injection",2010-08-07,v3n0m,php,webapps,0 @@ -12789,8 +12789,8 @@ id,file,description,date,author,platform,type,port 14592,platforms/php/webapps/14592.txt,"Joomla Yellowpages - SQL Injection",2010-08-09,"al bayraqim",php,webapps,0 14593,platforms/windows/dos/14593.htm,"AoAAudioExtractor 2.0.0.0 - ActiveX PoC (SEH)",2010-08-09,s-dz,windows,dos,0 14594,platforms/linux/dos/14594.py,"Linux Kernel 2.6.33.3 - SCTP INIT Remote DoS",2010-08-09,"Jon Oberheide",linux,dos,0 -14595,platforms/php/webapps/14595.html,"wizmall 6.4 - CSRF",2010-08-09,pyw1414,php,webapps,0 -14596,platforms/php/webapps/14596.txt,"Joomla Component Amblog 1.0 - Multiple SQL Injection",2010-08-10,"Salvatore Fresta",php,webapps,0 +14595,platforms/php/webapps/14595.html,"wizmall 6.4 - Cross-site Request Forgery",2010-08-09,pyw1414,php,webapps,0 +14596,platforms/php/webapps/14596.txt,"Joomla Component Amblog 1.0 - Multiple SQL Injections",2010-08-10,"Salvatore Fresta",php,webapps,0 14597,platforms/windows/dos/14597.py,"Mthree Development MP3 to WAV Decoder - Denial of Service",2010-08-10,"Oh Yaw Theng",windows,dos,0 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR+DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0 14600,platforms/windows/remote/14600.html,"SopCast 3.2.9 - Remote Exploit (0Day)",2010-08-10,sud0,windows,remote,0 @@ -12817,11 +12817,11 @@ id,file,description,date,author,platform,type,port 14624,platforms/windows/dos/14624.py,"JaMP Player 4.2.2.0 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 14625,platforms/windows/dos/14625.py,"CombiWave Lite 4.0.1.4 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 14628,platforms/win_x86/webapps/14628.txt,"PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion",2010-08-12,LoSt.HaCkEr,win_x86,webapps,80 -14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - CSRF Change Admin Password",2010-08-12,"KOLTN S",multiple,webapps,80 +14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - CSRF (Change Admin Password)",2010-08-12,"KOLTN S",multiple,webapps,80 14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit",2010-08-12,Dr_IDE,windows,local,0 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow Exploit",2010-08-13,corelanc0d3r,windows,local,0 14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service",2010-08-13,LiquidWorm,windows,dos,0 -14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - (.m3u) Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 +14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 14658,platforms/windows/remote/14658.txt,"123 flashchat 7.8 - Multiple Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 14636,platforms/php/webapps/14636.txt,"Plogger - Remote File Disclosure",2010-08-13,Mr.tro0oqy,php,webapps,0 14637,platforms/php/webapps/14637.txt,"Get Tube - SQL Injection",2010-08-13,Mr.P3rfekT,php,webapps,0 @@ -12842,15 +12842,15 @@ id,file,description,date,author,platform,type,port 14656,platforms/php/webapps/14656.txt,"Joomla Component Jgrid 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0 14659,platforms/php/webapps/14659.txt,"Joomla Component OnGallery - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0 14666,platforms/windows/dos/14666.txt,"Microsoft Windows - nt!NtCreateThread Race Condition with Invalid Code Segment (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0 -14663,platforms/windows/local/14663.py,"MUSE 4.9.0.006 - (.m3u) Local Buffer Overflow Exploit",2010-08-16,"Glafkos Charalambous ",windows,local,0 +14663,platforms/windows/local/14663.py,"MUSE 4.9.0.006 - '.m3u' Local Buffer Overflow Exploit",2010-08-16,"Glafkos Charalambous ",windows,local,0 14664,platforms/windows/local/14664.py,"MUSE 4.9.0.006 - (.pls) Local Universal Buffer Overflow (SEH)",2010-08-16,"Glafkos Charalambous ",windows,local,0 14667,platforms/windows/dos/14667.txt,"Microsoft Windows - KTM Invalid Free with Reused Transaction GUID (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0 14668,platforms/windows/dos/14668.txt,"Microsoft Windows Win32k!xxxRealDrawMenuItem() - Missing HBITMAP Bounds Checks",2010-08-17,"Tavis Ormandy",windows,dos,0 14669,platforms/windows/dos/14669.txt,"Microsoft Windows - Win32k!GreStretchBltInternal() Does Not Handle src == dest",2010-08-17,"Tavis Ormandy",windows,dos,0 14670,platforms/windows/dos/14670.txt,"Microsoft Windows - nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0 -14671,platforms/windows/dos/14671.py,"Brazip 9.0 - (.zip) Buffer Overflow (SEH)",2010-08-17,ITSecTeam,windows,dos,0 +14671,platforms/windows/dos/14671.py,"Brazip 9.0 - '.zip' Buffer Overflow (SEH)",2010-08-17,ITSecTeam,windows,dos,0 14672,platforms/php/webapps/14672.txt,"Free Simple Software 1.0 - Remote File Inclusion",2010-08-17,Dr.$audi,php,webapps,0 -14673,platforms/windows/local/14673.py,"Triologic Media Player 8 - (.m3u) Local Universal Unicode Buffer Overflow (SEH)",2010-08-17,"Glafkos Charalambous ",windows,local,0 +14673,platforms/windows/local/14673.py,"Triologic Media Player 8 - '.m3u' Local Universal Unicode Buffer Overflow (SEH)",2010-08-17,"Glafkos Charalambous ",windows,local,0 14674,platforms/windows/remote/14674.txt,"Microsoft Windows - SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)",2010-08-17,"Piotr Bania",windows,remote,0 14687,platforms/windows/dos/14687.txt,"SonicWALL E-Class SSL-VPN - ActiveX Control Format String Overflow",2010-08-19,"Nikolas Sotiriu",windows,dos,0 14678,platforms/php/dos/14678.txt,"PHP 5.3.3 - ibase_gen_id() off-by-one Overflow",2010-08-18,"Canberk BOLAT",php,dos,0 @@ -12869,10 +12869,10 @@ id,file,description,date,author,platform,type,port 14694,platforms/php/webapps/14694.txt,"Joomla Component com_extcalendar - Blind SQL Injection",2010-08-20,Lagripe-Dz,php,webapps,0 14695,platforms/windows/dos/14695.pl,"Karaoke Video Creator 2.2.8 - Denial of Service",2010-08-20,PASSEWORD,windows,dos,0 14697,platforms/windows/shellcode/14697.c,"Windows XP SP3 English - MessageBoxA Shellcode (87 bytes)",2010-08-20,"Glafkos Charalambous ",windows,shellcode,0 -14698,platforms/windows/dos/14698.py,"AV Music Morpher Gold 5.0.38 - (.m3u) Denial of Service",2010-08-20,b0telh0,windows,dos,0 +14698,platforms/windows/dos/14698.py,"AV Music Morpher Gold 5.0.38 - '.m3u' Denial of Service",2010-08-20,b0telh0,windows,dos,0 14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - (.mp3) Denial of Service",2010-08-20,"Praveen Darshanam",windows,dos,0 14702,platforms/php/webapps/14702.txt,"Joomla Component com_zina - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0 -14703,platforms/php/webapps/14703.txt,"Joomla Component Biblioteca 1.0 Beta - Multiple SQL Injection",2010-08-21,"Salvatore Fresta",php,webapps,0 +14703,platforms/php/webapps/14703.txt,"Joomla Component Biblioteca 1.0 Beta - Multiple SQL Injections",2010-08-21,"Salvatore Fresta",php,webapps,0 14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script - SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0 14705,platforms/windows/dos/14705.c,"Microsoft Windows - (IcmpSendEcho2Ex interrupting) Denial of Service",2010-08-21,l3D,windows,dos,0 14706,platforms/windows/local/14706.py,"Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0 @@ -12891,7 +12891,7 @@ id,file,description,date,author,platform,type,port 14727,platforms/hardware/local/14727.py,"Foxit Reader 4.0 - .pdf Jailbreak Exploit",2010-08-24,"Jose Miguel Esparza",hardware,local,0 14726,platforms/windows/local/14726.c,"uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit",2010-08-24,TheLeader,windows,local,0 14728,platforms/windows/local/14728.c,"Windows Live Email - (dwmapi.dll) DLL Hijacking Exploit",2010-08-24,"Nicolas Krassas",windows,local,0 -14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 - (article.php) SQL Injection",2010-08-28,[]0iZy5,php,webapps,0 +14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 - 'article.php' SQL Injection",2010-08-28,[]0iZy5,php,webapps,0 14730,platforms/windows/local/14730.c,"Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit",2010-08-24,"Glafkos Charalambous ",windows,local,0 14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit",2010-08-24,TheLeader,windows,local,0 14732,platforms/windows/local/14732.c,"Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 @@ -12951,21 +12951,21 @@ id,file,description,date,author,platform,type,port 14806,platforms/php/webapps/14806.txt,"Prometeo 1.0.65 - SQL Injection",2010-08-26,"Lord Tittis3000",php,webapps,0 14799,platforms/php/webapps/14799.txt,"osCommerce Online Merchant - Remote File Inclusion",2010-08-26,LoSt.HaCkEr,php,webapps,0 14801,platforms/php/webapps/14801.txt,"atomic photo album 1.0.2 - Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0 -14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0 +14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 - Multiple Cross-site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0 14811,platforms/php/webapps/14811.txt,"Joomla Component (com_remository) - Remote Upload File",2010-08-26,J3yk0ob,php,webapps,0 14808,platforms/php/webapps/14808.pl,"mini CMS / News Script Light 1.0 - Remote File Inclusion Exploit",2010-08-26,bd0rk,php,webapps,0 14809,platforms/php/webapps/14809.txt,"kontakt formular 1.1 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14810,platforms/php/webapps/14810.txt,"gaestebuch 1.2 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14814,platforms/linux/local/14814.c,"Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32) - Privilege Escalation Exploit",2010-08-27,"Jon Oberheide",linux,local,0 14815,platforms/php/webapps/14815.txt,"pecio CMS 2.0.5 - Multiple Remote File Inclusion",2010-08-27,eidelweiss,php,webapps,0 -14819,platforms/php/webapps/14819.html,"Pc4Uploader 9.0 - Cross-Site Request Forgery",2010-08-27,RENO,php,webapps,0 -14820,platforms/php/webapps/14820.txt,"iGaming CMS - Multiple SQL Injection",2010-08-27,Sweet,php,webapps,0 +14819,platforms/php/webapps/14819.html,"Pc4Uploader 9.0 - Cross-site Request Forgery",2010-08-27,RENO,php,webapps,0 +14820,platforms/php/webapps/14820.txt,"iGaming CMS - Multiple SQL Injections",2010-08-27,Sweet,php,webapps,0 14821,platforms/asp/webapps/14821.txt,"Shop Creator 4.0 - SQL Injection",2010-08-27,Pouya_Server,asp,webapps,0 14822,platforms/php/webapps/14822.txt,"DiY-CMS 1.0 - Multiple Remote File Inclusion",2010-08-28,LoSt.HaCkEr,php,webapps,0 14823,platforms/php/webapps/14823.txt,"textpattern CMS 4.2.0 - Remote File Inclusion",2010-08-28,Sn!pEr.S!Te,php,webapps,0 14824,platforms/windows/dos/14824.txt,"Leadtools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow",2010-08-28,LiquidWorm,windows,dos,0 14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP 1.0 - SQL Injection",2010-08-28,Valentin,php,webapps,0 -14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - (profile.php) SQL Injection",2010-08-28,"Ptrace Security",php,webapps,0 +14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - 'profile.php' SQL Injection",2010-08-28,"Ptrace Security",php,webapps,0 14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure",2010-08-28,Dr.$audi,php,webapps,0 14830,platforms/linux/local/14830.py,"nginx 0.6.38 - Heap Corruption Exploit",2010-08-29,"Aaron Conole",linux,local,0 14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 - SMP Buffer Overflow (SEH)",2010-08-29,"James Fitts",windows,local,0 @@ -13006,7 +13006,7 @@ id,file,description,date,author,platform,type,port 14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL)",2010-11-17,Dr_IDE,windows,remote,0 14887,platforms/php/webapps/14887.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (1)",2010-09-04,Abysssec,php,webapps,0 14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 - (addcomment.php) Persistent XSS Exploit",2010-09-04,"Ptrace Security",php,webapps,0 -14891,platforms/php/webapps/14891.txt,"PHP Classifieds ADS - (sid) Blind SQL Injection",2010-09-04,"BorN To K!LL",php,webapps,0 +14891,platforms/php/webapps/14891.txt,"PHP Classifieds ADS - 'sid' Blind SQL Injection",2010-09-04,"BorN To K!LL",php,webapps,0 14892,platforms/windows/dos/14892.py,"VLC Media Player < 1.1.4 - (.xspf) smb:// URI Handling Remote Stack Overflow PoC",2010-09-04,s-dz,windows,dos,0 14893,platforms/php/webapps/14893.txt,"php classifieds 7.3 - Remote File Inclusion",2010-09-04,alsa7r,php,webapps,0 14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - (sources/search.php) SQL Injection",2010-09-05,"Ptrace Security",php,webapps,0 @@ -13053,7 +13053,7 @@ id,file,description,date,author,platform,type,port 14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended M3U directives SEH",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 14960,platforms/php/webapps/14960.txt,"ES Simple Download 1.0. - Local File Inclusion",2010-09-09,Kazza,php,webapps,0 14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - SEH Overflow Exploit",2010-09-09,"Abhishek Lyall",win_x86,local,0 -14962,platforms/multiple/webapps/14962.txt,"CS Cart 1.3.3 - (install.php) Cross-Site Scripting",2010-09-09,crmpays,multiple,webapps,80 +14962,platforms/multiple/webapps/14962.txt,"CS Cart 1.3.3 - (install.php) Cross-site Scripting",2010-09-09,crmpays,multiple,webapps,80 14964,platforms/php/webapps/14964.txt,"Joomla Component (com_jphone) - Local File Inclusion",2010-09-10,"Chip d3 bi0s",php,webapps,0 14965,platforms/php/webapps/14965.txt,"fcms 2.2.3 - Remote File Inclusion",2010-09-10,LoSt.HaCkEr,php,webapps,0 14967,platforms/windows/dos/14967.txt,"Webkit (Apple Safari < 4.1.2/5.0.2 & Google Chrome < 5.0.375.125) - Memory Corruption",2010-09-10,"Jose A. Vazquez",windows,dos,0 @@ -13090,14 +13090,14 @@ id,file,description,date,author,platform,type,port 15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - SEH Exploit",2010-09-15,"sanjeev gupta",windows,local,0 15014,platforms/php/webapps/15014.txt,"pixelpost 1.7.3 - Multiple Vulnerabilities",2010-09-15,Sweet,php,webapps,0 15016,platforms/windows/remote/15016.rb,"Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)",2010-09-15,Node,windows,remote,0 -36828,platforms/java/webapps/36828.txt,"JaWiki - 'versionNo' Parameter Cross-Site Scripting",2012-02-17,sonyy,java,webapps,0 +36828,platforms/java/webapps/36828.txt,"JaWiki - 'versionNo' Parameter Cross-site Scripting",2012-02-17,sonyy,java,webapps,0 15017,platforms/windows/dos/15017.py,"Chalk Creek Media Player 1.0.7 - (.mp3 / .wma) Denial of Service",2010-09-16,"Carlos Mario Penagos Hollmann",windows,dos,0 15018,platforms/asp/webapps/15018.txt,"mojoportal - Multiple Vulnerabilities",2010-09-16,Abysssec,asp,webapps,0 15019,platforms/windows/dos/15019.txt,"Microsoft Excel - HFPicture Record Parsing Remote Code Execution",2010-09-16,Abysssec,windows,dos,0 15022,platforms/windows/local/15022.py,"Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)",2010-09-16,"Brennon Thomas",windows,local,0 15023,platforms/linux/local/15023.c,"Linux Kernel < 2.6.36-rc4-git2 (x86_64) - ia32syscall Emulation Privilege Escalation",2010-09-16,"ben hawkes",linux,local,0 15024,platforms/linux/local/15024.c,"Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - compat Local Root Exploit",2010-09-16,Ac1dB1tCh3z,linux,local,0 -15193,platforms/windows/dos/15193.pl,"Hanso Player 1.3.0 - (.m3u) Denial of Service",2010-10-03,"xsploited security",windows,dos,0 +15193,platforms/windows/dos/15193.pl,"Hanso Player 1.3.0 - '.m3u' Denial of Service",2010-10-03,"xsploited security",windows,dos,0 15026,platforms/windows/local/15026.py,"BACnet OPC Client - Buffer Overflow Exploit",2010-09-16,"Jeremy Brown",windows,local,0 15027,platforms/windows/dos/15027.py,"Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution",2010-09-17,Abysssec,windows,dos,0 15029,platforms/php/webapps/15029.txt,"phpmyfamily - Multiple Vulnerabilities",2010-09-17,Abysssec,php,webapps,0 @@ -13106,12 +13106,12 @@ id,file,description,date,author,platform,type,port 15033,platforms/windows/local/15033.py,"A-PDF All to MP3 Converter 1.1.0 - Universal Local SEH Exploit",2010-09-17,modpr0be,windows,local,0 15034,platforms/windows/dos/15034.txt,"Microsoft Mspaint - .bmp Crash Proof Of Concept",2010-09-18,andrew,windows,dos,0 15035,platforms/windows/dos/15035.py,"Apple QuickTime FLI LinePacket - Remote Code Execution",2010-09-18,Abysssec,windows,dos,0 -15037,platforms/php/webapps/15037.html,"CMSimple - CSRF",2010-09-18,Abysssec,php,webapps,0 -15039,platforms/php/webapps/15039.txt,"xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php'",2010-09-18,secret,php,webapps,0 +15037,platforms/php/webapps/15037.html,"CMSimple - Cross-site Request Forgery",2010-09-18,Abysssec,php,webapps,0 +15039,platforms/php/webapps/15039.txt,"xt:Commerce Gambio 2008 - 2010 - ERROR Based SQL Injection 'reviews.php'",2010-09-18,secret,php,webapps,0 15040,platforms/php/webapps/15040.txt,"Joomla Component - (com_restaurantguide) Multiple Vulnerabilities",2010-09-18,Valentin,php,webapps,0 15041,platforms/php/webapps/15041.py,"Maian Gallery 2 - Local File Download",2010-09-18,mr_me,php,webapps,0 15044,platforms/asp/webapps/15044.txt,"jmd-cms - Multiple Vulnerabilities",2010-09-19,Abysssec,asp,webapps,0 -15046,platforms/php/webapps/15046.txt,"Fashione E-Commerce Webshop - Multiple SQL Injection",2010-09-19,secret,php,webapps,0 +15046,platforms/php/webapps/15046.txt,"Fashione E-Commerce Webshop - Multiple SQL Injections",2010-09-19,secret,php,webapps,0 15047,platforms/windows/local/15047.rb,"Audiotran 1.4.2.4 - SEH Overflow Exploit (DEP Bypass)",2010-09-19,"Muhamad Fadzil Ramli",windows,local,0 15048,platforms/windows/remote/15048.txt,"SmarterMail 7.1.3876 - Directory Traversal",2010-09-19,sqlhacker,windows,remote,0 15049,platforms/php/webapps/15049.txt,"BoutikOne 1.0 - SQL Injection",2010-09-19,BrOx-Dz,php,webapps,0 @@ -13120,7 +13120,7 @@ id,file,description,date,author,platform,type,port 15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH)",2010-09-24,"James Fitts",windows,local,0 15054,platforms/linux/dos/15054.rb,"RarCrack 0.2 - Buffer Overflow Proof Of Concept",2010-09-19,The_UnKn@wn,linux,dos,0 15056,platforms/windows/remote/15056.py,"Java 6.19 CMM readMabCurveData - Stack Overflow",2010-09-20,Abysssec,windows,remote,0 -15058,platforms/asp/webapps/15058.html,"VWD-CMS - CSRF",2010-09-20,Abysssec,asp,webapps,0 +15058,platforms/asp/webapps/15058.html,"VWD-CMS - Cross-site Request Forgery",2010-09-20,Abysssec,asp,webapps,0 15060,platforms/php/webapps/15060.txt,"LightNEasy CMS 3.2.1 - Blind SQL Injection",2010-09-20,Solidmedia,php,webapps,0 15061,platforms/windows/dos/15061.txt,"Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities",2010-09-20,"Asheesh kumar Mani Tripathi",windows,dos,0 15062,platforms/linux/dos/15062.txt,"RarCrack 0.2 - 'filename' init() .bss PoC",2010-09-20,Stoke,linux,dos,0 @@ -13137,7 +13137,7 @@ id,file,description,date,author,platform,type,port 15075,platforms/php/webapps/15075.txt,"wpQuiz 2.7 - Authentication Bypass",2010-09-21,KnocKout,php,webapps,0 15076,platforms/windows/dos/15076.py,"Adobe Shockwave Director tSAC - Chunk Memory Corruption",2010-09-22,Abysssec,windows,dos,0 15078,platforms/asp/webapps/15078.txt,"gausCMS - Multiple Vulnerabilities",2010-09-22,Abysssec,asp,webapps,0 -15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross-Site Request Forgery",2010-09-22,Sweet,php,webapps,0 +15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross-site Request Forgery",2010-09-22,Sweet,php,webapps,0 15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit)",2010-09-22,Madjix,windows,local,0 15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin 1.4 & 2.0 - Login Bypass",2010-09-22,K-159,php,webapps,0 15084,platforms/php/webapps/15084.txt,"Joomla TimeTrack Component 1.2.4 - Component Multiple SQL Injection",2010-09-22,"Salvatore Fresta",php,webapps,0 @@ -13153,7 +13153,7 @@ id,file,description,date,author,platform,type,port 15096,platforms/windows/dos/15096.py,"Microsoft MPEG Layer-3 Audio Decoder - Division By Zero",2010-09-24,Abysssec,windows,dos,0 15098,platforms/php/webapps/15098.txt,"FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution",2010-09-24,"Trustwave's SpiderLabs",php,webapps,0 15114,platforms/php/webapps/15114.php,"Zenphoto - Config Update / Command Execution",2010-09-26,Abysssec,php,webapps,0 -15102,platforms/win_x86/webapps/15102.txt,"Traidnt UP - Cross-Site Request Forgery Add Admin Account",2010-09-24,"John Johnz",win_x86,webapps,80 +15102,platforms/win_x86/webapps/15102.txt,"Traidnt UP - Cross-site Request Forgery Add Admin Account",2010-09-24,"John Johnz",win_x86,webapps,80 15103,platforms/windows/dos/15103.py,"VMware Workstation 7.1.1 - VMkbd.sys Denial of Service",2010-09-25,"Lufeng Li",windows,dos,0 15104,platforms/windows/dos/15104.py,"Mozilla Firefox CSS - font-face Remote Code Execution",2010-09-25,Abysssec,windows,dos,0 15106,platforms/asp/webapps/15106.txt,"VisualSite CMS 1.3 - Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0 @@ -13168,7 +13168,7 @@ id,file,description,date,author,platform,type,port 15124,platforms/asp/webapps/15124.txt,"ndCMS - SQL Injection",2010-09-27,Abysssec,asp,webapps,0 15126,platforms/php/webapps/15126.txt,"Entrans - SQL Injection",2010-09-27,keracker,php,webapps,0 15130,platforms/cgi/webapps/15130.sh,"Barracuda Networks Spam & Virus Firewall 4.1.1.021 - Remote Configuration Retrieval",2010-09-27,ShadowHatesYou,cgi,webapps,0 -15131,platforms/windows/dos/15131.txt,"Fox Audio Player 0.8.0 - (.m3u) Denial of Service",2010-09-27,4n0nym0us,windows,dos,0 +15131,platforms/windows/dos/15131.txt,"Fox Audio Player 0.8.0 - '.m3u' Denial of Service",2010-09-27,4n0nym0us,windows,dos,0 15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - seh Exploit",2010-09-27,"sanjeev gupta",windows,local,0 15134,platforms/windows/local/15134.rb,"Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit)",2010-09-27,"Abhishek Lyall",windows,local,0 15128,platforms/win_x86/webapps/15128.txt,"Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities",2010-09-27,**RoAd_KiLlEr**,win_x86,webapps,80 @@ -13180,14 +13180,14 @@ id,file,description,date,author,platform,type,port 15141,platforms/php/webapps/15141.txt,"JE CMS 1.0.0 - Bypass Authentication by SQL Injection",2010-09-28,Abysssec,php,webapps,0 15144,platforms/windows/webapps/15144.txt,"Aleza Portal 1.6 - Insecure (SQLi) Cookie Handling",2010-09-28,KnocKout,windows,webapps,0 15145,platforms/php/webapps/15145.txt,"Achievo 1.4.3 - Multiple Authorization Flaws",2010-09-28,"Pablo Milano",php,webapps,0 -15146,platforms/php/webapps/15146.txt,"Achievo 1.4.3 - CSRF",2010-09-28,"Pablo Milano",php,webapps,0 +15146,platforms/php/webapps/15146.txt,"Achievo 1.4.3 - Cross-site Request Forgery",2010-09-28,"Pablo Milano",php,webapps,0 15147,platforms/php/webapps/15147.txt,"Micro CMS 1.0 b1 - Persistent XSS",2010-09-28,"SecPod Research",php,webapps,0 15148,platforms/windows/dos/15148.txt,"Microsoft Excel - SxView Record Parsing Heap Memory Corruption",2010-09-29,Abysssec,windows,dos,0 15150,platforms/linux/local/15150.c,"Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept",2010-09-29,"Jon Oberheide",linux,local,0 15151,platforms/php/webapps/15151.txt,"Webspell 4.2.1 - asearch.php SQL Injection",2010-09-29,"silent vapor",php,webapps,0 15152,platforms/php/webapps/15152.py,"Webspell wCMS-Clanscript4.01.02net - static Blind SQL Injection",2010-09-29,"Easy Laster",php,webapps,0 15153,platforms/php/webapps/15153.txt,"Webspell 4.x - safe_query Bypass",2010-09-29,"silent vapor",php,webapps,0 -15154,platforms/php/webapps/15154.txt,"MyPhpAuction 2010 - (id) SQL Injection",2010-09-29,"BorN To K!LL",php,webapps,0 +15154,platforms/php/webapps/15154.txt,"MyPhpAuction 2010 - 'id' SQL Injection",2010-09-29,"BorN To K!LL",php,webapps,0 15155,platforms/linux/local/15155.c,"XFS - Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode SEH Exploit",2010-09-29,"Abhishek Lyall",windows,local,0 15158,platforms/windows/dos/15158.py,"Microsoft Unicode Scripts Processor - Remote Code Execution",2010-09-30,Abysssec,windows,dos,0 @@ -13208,7 +13208,7 @@ id,file,description,date,author,platform,type,port 15183,platforms/asp/webapps/15183.py,"Bka Haber 1.0 (Tr) - File Disclosure Exploit",2010-10-02,ZoRLu,asp,webapps,0 15177,platforms/php/webapps/15177.pl,"iGaming CMS 1.5 - Blind SQL Injection",2010-10-01,plucky,php,webapps,0 15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - SafeSEH+SEHOP Exploit",2010-10-02,x90c,windows,local,0 -15185,platforms/asp/webapps/15185.txt,"SmarterMail 7.x (7.2.3925) - Stored Cross-Site Scripting",2010-10-02,sqlhacker,asp,webapps,0 +15185,platforms/asp/webapps/15185.txt,"SmarterMail 7.x (7.2.3925) - Persistent Cross-site Scripting",2010-10-02,sqlhacker,asp,webapps,0 15186,platforms/ios/remote/15186.txt,"iOS FileApp < 2.0 - Directory Traversal",2010-10-02,m0ebiusc0de,ios,remote,0 15188,platforms/ios/dos/15188.py,"iOS FileApp < 2.0 - FTP Remote Denial of Service",2010-10-02,m0ebiusc0de,ios,dos,0 15189,platforms/asp/webapps/15189.txt,"SmarterMail 7.x - (7.2.3925) LDAP Injection",2010-10-02,sqlhacker,asp,webapps,0 @@ -13236,7 +13236,7 @@ id,file,description,date,author,platform,type,port 15219,platforms/asp/webapps/15219.py,"xWeblog 2.2 - (arsiv.asp tarih) SQL Injection",2010-10-08,ZoRLu,asp,webapps,0 15220,platforms/php/webapps/15220.txt,"Flex Timesheet - Authentication Bypass",2010-10-08,KnocKout,php,webapps,0 15222,platforms/php/webapps/15222.txt,"Joomla Community Builder Enhenced (CBE) Component - LFI/RCE",2010-10-09,"Delf Tonder",php,webapps,0 -15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame - Multiple SQL Injection",2010-10-09,KnocKout,php,webapps,0 +15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame - Multiple SQL Injections",2010-10-09,KnocKout,php,webapps,0 15224,platforms/php/webapps/15224.txt,"js calendar 1.5.1 joomla component - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0 15225,platforms/php/webapps/15225.txt,"videodb 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 15268,platforms/php/webapps/15268.txt,"WikiWebHelp 0.3.3 - Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 @@ -13244,18 +13244,18 @@ id,file,description,date,author,platform,type,port 15269,platforms/php/webapps/15269.txt,"Tastydir 1.2 - (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG - User-Fotoalbum SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 15592,platforms/php/webapps/15592.txt,"sahitya graphics CMS - Multiple Vulnerabilities",2010-11-21,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Edit E-mail Cross-Site Request Forgery Exploit",2010-11-21,"Mon7rF .",php,webapps,0 +15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Edit E-mail Cross-site Request Forgery Exploit",2010-11-21,"Mon7rF .",php,webapps,0 15594,platforms/php/webapps/15594.txt,"AuraCMS - (pfd.php) SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15595,platforms/php/webapps/15595.txt,"jSchool Advanced - Blind SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 - file download",2010-11-22,Beach,jsp,webapps,0 15597,platforms/asp/webapps/15597.txt,"Acidcat CMS 3.3 - (fckeditor) Shell Upload",2010-11-22,Net.Edit0r,asp,webapps,0 15598,platforms/windows/dos/15598.pl,"Xion Audio Player 1.0.126 - (.m3u8) Buffer Overflow",2010-11-23,anT!-Tr0J4n,windows,dos,0 -15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - (m3u) Buffer Overflow",2010-11-23,0v3r,windows,local,0 +15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - '.m3u' Buffer Overflow",2010-11-23,0v3r,windows,local,0 15600,platforms/windows/remote/15600.html,"Netcraft Toolbar 1.8.1 - Remote Code Execution Exploit",2010-11-23,Rew,windows,remote,0 15601,platforms/windows/remote/15601.html,"ImageShack Toolbar 4.8.3.75 - Remote Code Execution Exploit",2010-11-23,Rew,windows,remote,0 15602,platforms/php/webapps/15602.txt,"PHPMotion 1.62 - (FCKeditor) File Upload",2010-11-23,trycyber,php,webapps,0 15605,platforms/php/webapps/15605.txt,"GetSimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure",2010-11-24,"Michael Brooks",php,webapps,0 -15229,platforms/windows/dos/15229.pl,"FoxPlayer 2.3.0 - (.m3u) Buffer Overflow",2010-10-10,"Anastasios Monachos",windows,dos,0 +15229,platforms/windows/dos/15229.pl,"FoxPlayer 2.3.0 - '.m3u' Buffer Overflow",2010-10-10,"Anastasios Monachos",windows,dos,0 15230,platforms/asp/webapps/15230.txt,"Site2Nite Auto e-Manager - SQL Injection",2010-10-10,KnocKout,asp,webapps,0 15231,platforms/windows/remote/15231.py,"Sync Breeze Server 2.2.30 - Remote Buffer Overflow Exploit",2010-10-11,"xsploited security",windows,remote,0 15232,platforms/php/webapps/15232.txt,"OrangeHRM 2.6.0.1 - Local File Inclusion",2010-10-11,ZonTa,php,webapps,0 @@ -13266,7 +13266,7 @@ id,file,description,date,author,platform,type,port 15607,platforms/php/webapps/15607.txt,"WSN Links - SQL Injection",2010-11-24,"Mark Stanislav",php,webapps,0 15237,platforms/php/webapps/15237.rb,"AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit)",2010-10-12,v3n0m,php,webapps,0 15238,platforms/windows/remote/15238.py,"Disk Pulse Server 2.2.34 - Remote Buffer Overflow Exploit",2010-10-12,"xsploited security",windows,remote,0 -15239,platforms/php/webapps/15239.html,"WikiWebHelp 0.3.3 - Cross-Site Request Forgery",2010-10-12,Yoyahack,php,webapps,0 +15239,platforms/php/webapps/15239.html,"WikiWebHelp 0.3.3 - Cross-site Request Forgery",2010-10-12,Yoyahack,php,webapps,0 15240,platforms/php/webapps/15240.txt,"Collabtive 0.65 - Multiple Vulnerabilities",2010-10-12,"Anatolia Security",php,webapps,0 15241,platforms/windows/remote/15241.txt,"Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit",2010-10-13,Skylined,windows,remote,0 15242,platforms/windows/dos/15242.html,"Firefox 3.5.10 / 3.6.6 - WMP Memory Corruption Using Popups",2010-10-13,Skylined,windows,dos,0 @@ -13297,11 +13297,11 @@ id,file,description,date,author,platform,type,port 15273,platforms/multiple/dos/15273.txt,"Opera 10.63 - SVG Animation Element Denial of Service",2010-10-17,fla,multiple,dos,0 15274,platforms/linux/local/15274.txt,"GNU C library dynamic linker - $ORIGIN expansion",2010-10-18,"Tavis Ormandy",linux,local,0 15279,platforms/windows/local/15279.rb,"FatPlayer 0.6b - (.wav) Buffer Overflow (SEH)",2010-10-18,"James Fitts",windows,local,0 -15280,platforms/php/webapps/15280.html,"Travel Portal Script Admin Password Change - CSRF",2010-10-19,KnocKout,php,webapps,0 -15276,platforms/php/webapps/15276.txt,"411cc - Multiple SQL Injection",2010-10-18,KnocKout,php,webapps,0 +15280,platforms/php/webapps/15280.html,"Travel Portal Script Admin Password Change - Cross-site Request Forgery",2010-10-19,KnocKout,php,webapps,0 +15276,platforms/php/webapps/15276.txt,"411cc - Multiple SQL Injections",2010-10-18,KnocKout,php,webapps,0 15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 - (fckeditor) Arbitrary File Upload",2010-10-18,"Kubanezi AHG",php,webapps,0 15278,platforms/php/webapps/15278.txt,"CubeCart 2.0.1 - SQL Injection",2010-10-18,X_AviaTique_X,php,webapps,0 -15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change - CSRF",2010-10-19,KnocKout,php,webapps,0 +15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change - Cross-site Request Forgery",2010-10-19,KnocKout,php,webapps,0 15283,platforms/windows/dos/15283.txt,"Hanso Converter 1.4.0 - (.ogg) Denial of Service",2010-10-19,anT!-Tr0J4n,windows,dos,0 15287,platforms/windows/local/15287.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow Exploit",2010-10-19,Mighty-D,windows,local,0 15288,platforms/windows/remote/15288.txt,"Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass",2010-10-20,"Roberto Suggi Liverani",windows,remote,0 @@ -13316,7 +13316,7 @@ id,file,description,date,author,platform,type,port 15297,platforms/windows/dos/15297.txt,"Windows Mobile 6.1 / 6.5 - Double Free Denial of Service",2010-10-21,"musashi karak0rsan",windows,dos,0 15298,platforms/multiple/remote/15298.txt,"Sawmill Enterprise < 8.1.7.3 - Multiple Vulnerabilities",2010-10-21,"SEC Consult",multiple,remote,0 15304,platforms/linux/local/15304.txt,"GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Local Root)",2010-10-22,"Tavis Ormandy",linux,local,0 -15305,platforms/windows/dos/15305.pl,"RarmaRadio 2.53.1 - (.m3u) Denial of Service",2010-10-23,anT!-Tr0J4n,windows,dos,0 +15305,platforms/windows/dos/15305.pl,"RarmaRadio 2.53.1 - '.m3u' Denial of Service",2010-10-23,anT!-Tr0J4n,windows,dos,0 15306,platforms/win_x86/dos/15306.pl,"AnyDVD 6.7.1.0 - Denial of Service",2010-10-23,Havok,win_x86,dos,0 15308,platforms/php/webapps/15308.txt,"Pulse Pro 1.4.3 - Persistent XSS",2010-10-24,"Th3 RDX",php,webapps,0 15309,platforms/php/webapps/15309.txt,"DBHcms 1.1.4 - SQL Injection",2010-10-24,ZonTa,php,webapps,0 @@ -13329,7 +13329,7 @@ id,file,description,date,author,platform,type,port 15317,platforms/arm/shellcode/15317.asm,"ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 15318,platforms/linux/remote/15318.txt,"NitroSecurity ESM 8.4.0a - Remote Code Execution",2010-10-26,"Filip Palian",linux,remote,0 15319,platforms/windows/dos/15319.pl,"Apache 2.2 - (Windows) Local Denial of Service",2010-10-26,fb1h2s,windows,dos,0 -15320,platforms/php/webapps/15320.py,"Bigace_2.7.3 - CSRF Change Admin Password PoC",2010-10-26,Sweet,php,webapps,0 +15320,platforms/php/webapps/15320.py,"Bigace_2.7.3 - CSRF (Change Admin Password) PoC",2010-10-26,Sweet,php,webapps,0 15321,platforms/php/webapps/15321.txt,"DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15322,platforms/php/webapps/15322.txt,"phpLiterAdmin 1.0 RC1 - Authentication Bypass",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15323,platforms/php/webapps/15323.txt,"DZCP (deV!L_z Clanportal) 1.5.4 - Local File Inclusion",2010-10-27,"High-Tech Bridge SA",php,webapps,0 @@ -13338,8 +13338,8 @@ id,file,description,date,author,platform,type,port 15326,platforms/php/webapps/15326.txt,"BloofoxCMS 0.3.5 - Information Disclosure",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15327,platforms/php/webapps/15327.txt,"Energine CMS - SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15328,platforms/php/webapps/15328.txt,"BloofoxCMS Registration Plugin - SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15329,platforms/php/webapps/15329.txt,"Zomplog 3.9 - CSRF",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15330,platforms/php/webapps/15330.txt,"NinkoBB 1.3RC5 - XSS",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15329,platforms/php/webapps/15329.txt,"Zomplog 3.9 - Cross-site Request Forgery",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15330,platforms/php/webapps/15330.txt,"NinkoBB 1.3RC5 - Cross-site Scripting",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15331,platforms/php/webapps/15331.txt,"Zomplog 3.9 - Multiple XSS / CSRF Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15332,platforms/php/webapps/15332.txt,"BlogBird Platform - Multiple XSS Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15333,platforms/windows/remote/15333.txt,"MinaliC Webserver 1.0 - Directory Traversal",2010-10-27,"John Leitch",windows,remote,0 @@ -13384,9 +13384,9 @@ id,file,description,date,author,platform,type,port 15382,platforms/asp/webapps/15382.txt,"douran portal 3.9.7.55 - Multiple Vulnerabilities",2010-11-01,ITSecTeam,asp,webapps,0 15383,platforms/windows/dos/15383.c,"Rising - RSNTGDI.sys Local Denial of Service",2010-11-02,ze0r,windows,dos,0 15384,platforms/windows/dos/15384.c,"AVG Internet Security 9.0.851 - Local Denial of Service",2010-11-02,"Nikita Tarakanov",windows,dos,0 -15385,platforms/php/webapps/15385.txt,"Kandidat CMS 1.4.2 - Stored Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 -15386,platforms/php/webapps/15386.txt,"MemHT Portal 4.0.1 - Stored Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 -15387,platforms/php/webapps/15387.txt,"Webmedia Explorer 6.13.1 - Stored Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 +15385,platforms/php/webapps/15385.txt,"Kandidat CMS 1.4.2 - Persistent Cross-site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 +15386,platforms/php/webapps/15386.txt,"MemHT Portal 4.0.1 - Persistent Cross-site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 +15387,platforms/php/webapps/15387.txt,"Webmedia Explorer 6.13.1 - Persistent Cross-site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 15389,platforms/php/webapps/15389.php,"MetInfo 3.0 - (fckeditor) Arbitrary File Upload",2010-11-02,[sh3n],php,webapps,0 15391,platforms/php/webapps/15391.txt,"Azaronline Design - SQL Injection",2010-11-02,XroGuE,php,webapps,0 15394,platforms/windows/dos/15394.txt,"Maxthon 3.0.18.1000 - CSS Denial of Service",2010-11-02,4n0nym0us,windows,dos,0 @@ -13459,19 +13459,19 @@ id,file,description,date,author,platform,type,port 15467,platforms/multiple/dos/15467.txt,"Oracle MySQL < 5.1.49 - 'WITH ROLLUP' Denial of Service",2010-11-09,"Shane Bester",multiple,dos,0 15468,platforms/php/webapps/15468.txt,"Joomla Component (btg_oglas) - HTML / XSS Injection",2010-11-09,CoBRa_21,php,webapps,0 15469,platforms/php/webapps/15469.txt,"Joomla Component (com_markt) - SQL Injection",2010-11-09,CoBRa_21,php,webapps,0 -15470,platforms/php/webapps/15470.txt,"Joomla Component (com_img) - LFI",2010-11-09,CoBRa_21,php,webapps,0 +15470,platforms/php/webapps/15470.txt,"Joomla Component (com_img) - Local File Inclusion",2010-11-09,CoBRa_21,php,webapps,0 15484,platforms/php/webapps/15484.txt,"FCKEditor Core 2.x 2.4.3 - (FileManager upload.php) Arbitrary File Upload",2010-11-10,grabz,php,webapps,0 -15472,platforms/php/webapps/15472.txt,"osCommerce 2.2 - CSRF",2010-11-09,daandeveloper33,php,webapps,0 -15473,platforms/multiple/webapps/15473.html,"IBM OmniFind - CSRF",2010-11-09,"Fatih Kilic",multiple,webapps,0 +15472,platforms/php/webapps/15472.txt,"osCommerce 2.2 - Cross-site Request Forgery",2010-11-09,daandeveloper33,php,webapps,0 +15473,platforms/multiple/webapps/15473.html,"IBM OmniFind - Cross-site Request Forgery",2010-11-09,"Fatih Kilic",multiple,webapps,0 15474,platforms/multiple/dos/15474.txt,"IBM OmniFind - Buffer Overflow",2010-11-09,"Fatih Kilic",multiple,dos,0 15475,platforms/multiple/local/15475.txt,"IBM OmniFind - Privilege Escalation",2010-11-09,"Fatih Kilic",multiple,local,0 15476,platforms/multiple/dos/15476.php,"IBM OmniFind Crawler - Denial of Service",2010-11-09,"Fatih Kilic",multiple,dos,0 -15490,platforms/php/webapps/15490.txt,"XT:Commerce < 3.04 SP2.1 - XSS",2010-11-11,"Philipp Niedziela",php,webapps,0 +15490,platforms/php/webapps/15490.txt,"XT:Commerce < 3.04 SP2.1 - Cross-site Scripting",2010-11-11,"Philipp Niedziela",php,webapps,0 15480,platforms/windows/local/15480.pl,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit",2010-11-10,"C4SS!0 G0M3S",windows,local,0 15481,platforms/linux/local/15481.c,"Linux Kernel 2.4.0 - Stack Infoleaks",2010-11-10,"Dan Rosenberg",linux,local,0 15482,platforms/windows/dos/15482.html,"Qtweb Browser 3.5 - Buffer Overflow",2010-11-10,PoisonCode,windows,dos,0 15483,platforms/windows/local/15483.rb,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit (SEH)",2010-11-10,"C4SS!0 G0M3S",windows,local,0 -15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injection",2010-11-10,"Salvatore Fresta",php,webapps,0 +15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injections",2010-11-10,"Salvatore Fresta",php,webapps,0 15488,platforms/php/webapps/15488.txt,"Landesk - OS command injection",2010-11-11,"Aureliano Calvo",php,webapps,0 15489,platforms/windows/local/15489.py,"Mp3-Nator 2.0 - Buffer Overflow Exploit (SEH)",2010-11-11,"C4SS!0 G0M3S",windows,local,0 15491,platforms/osx/dos/15491.txt,"Apple Directory Services - Memory Corruption",2010-11-11,"Rodrigo Rubira",osx,dos,0 @@ -13479,7 +13479,7 @@ id,file,description,date,author,platform,type,port 15493,platforms/windows/dos/15493.py,"Visual MP3 Splitter & Joiner 6.1 - (.wav) Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0 15497,platforms/asp/webapps/15497.txt,"ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection",2010-11-12,Daikin,asp,webapps,0 15500,platforms/php/webapps/15500.txt,"Woltlab Burning Board 2.3.4 - File Disclosure",2010-11-12,sfx,php,webapps,0 -15501,platforms/php/webapps/15501.txt,"Joomla Component com_jsupport - XSS",2010-11-12,Valentin,php,webapps,0 +15501,platforms/php/webapps/15501.txt,"Joomla Component com_jsupport - Cross-site Scripting",2010-11-12,Valentin,php,webapps,0 15502,platforms/php/webapps/15502.txt,"Joomla Component com_jsupport - SQL Injection",2010-11-12,Valentin,php,webapps,0 15504,platforms/hardware/dos/15504.txt,"Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow",2010-11-13,"Trustwave's SpiderLabs",hardware,dos,0 15505,platforms/hardware/remote/15505.txt,"Camtron CMNC-200 IP Camera - Directory Traversal",2010-11-13,"Trustwave's SpiderLabs",hardware,remote,0 @@ -13493,7 +13493,7 @@ id,file,description,date,author,platform,type,port 15514,platforms/windows/dos/15514.txt,"Foxit Reader 4.1.1 - Stack Overflow",2010-11-13,dookie,windows,dos,0 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection",2010-11-13,"Lord Tittis3000",php,webapps,0 15516,platforms/php/webapps/15516.txt,"EasyJobPortal - Shell Upload",2010-11-13,MeGo,php,webapps,0 -15517,platforms/php/webapps/15517.txt,"Webmatic - (index.php) SQL Injection",2010-11-13,v3n0m,php,webapps,0 +15517,platforms/php/webapps/15517.txt,"Webmatic - 'index.php' SQL Injection",2010-11-13,v3n0m,php,webapps,0 15518,platforms/php/webapps/15518.txt,"Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities",2010-11-13,jdc,php,webapps,0 15519,platforms/php/webapps/15519.txt,"OneOrZero AIms 2.6.0 Members Edition - Multiple Vulnerabilities",2010-11-13,Valentin,php,webapps,0 15524,platforms/php/webapps/15524.txt,"Pre Ads Portal - SQL Bypass",2010-11-13,Cru3l.b0y,php,webapps,0 @@ -13522,7 +13522,7 @@ id,file,description,date,author,platform,type,port 15561,platforms/php/webapps/15561.txt,"CompactCMS 1.4.1 - SQL Injection",2010-11-16,"High-Tech Bridge SA",php,webapps,0 15563,platforms/asp/webapps/15563.txt,"Sitefinity CMS - (ASP.NET) Shell Upload",2010-11-17,Net.Edit0r,asp,webapps,0 15564,platforms/php/webapps/15564.txt,"Front Accounting 2.3RC2 - Multiple Persistent XSS Vulnerabilities",2010-11-17,"Juan Manuel Garcia",php,webapps,0 -15565,platforms/php/webapps/15565.txt,"Front Accounting 2.3RC2 - Multiple SQL Injection",2010-11-17,"Juan Manuel Garcia",php,webapps,0 +15565,platforms/php/webapps/15565.txt,"Front Accounting 2.3RC2 - Multiple SQL Injections",2010-11-17,"Juan Manuel Garcia",php,webapps,0 15566,platforms/windows/local/15566.rb,"DIZzy 1.12 - Local Stack Overflow",2010-11-18,g30rg3_x,windows,local,0 15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion",2010-11-18,FL0RiX,php,webapps,0 15568,platforms/php/webapps/15568.py,"chCounter 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0 @@ -13530,7 +13530,7 @@ id,file,description,date,author,platform,type,port 15570,platforms/php/webapps/15570.php,"Mosets Tree 2.1.6 - (Joomla) Template Overwrite CSRF",2010-11-18,jdc,php,webapps,0 15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15572,platforms/php/webapps/15572.txt,"viart shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0 -15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - CSRF",2010-11-19,Or4nG.M4N,php,webapps,0 +15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - Cross-site Request Forgery",2010-11-19,Or4nG.M4N,php,webapps,0 15574,platforms/php/webapps/15574.txt,"Arabian Youtube Script - Blind SQL Injection",2010-11-19,R3d-D3V!L,php,webapps,0 15575,platforms/windows/local/15575.py,"Minishare 1.5.5 - BoF (users.txt) (EggHunter)",2010-11-19,0v3r,windows,local,0 15577,platforms/php/webapps/15577.html,"Plogger Gallery 1.0 - CSRF Change Admin Password",2010-11-19,Or4nG.M4N,php,webapps,0 @@ -13557,18 +13557,18 @@ id,file,description,date,author,platform,type,port 15620,platforms/linux/local/15620.sh,"systemtap - Local Privilege Escalation",2010-11-26,"Tavis Ormandy",linux,local,0 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 - SQL Injection",2010-11-27,Sudden_death,php,webapps,0 15622,platforms/linux/dos/15622.c,"Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service",2010-11-27,"Key Night",linux,dos,0 -15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 - user agent Persistent Cross-Site Scripting",2010-11-27,ZonTa,php,webapps,0 +15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 - user agent Persistent Cross-site Scripting",2010-11-27,ZonTa,php,webapps,0 15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow (0Day)",2010-11-28,"Nikita Tarakanov",windows,local,0 15625,platforms/cgi/webapps/15625.txt,"Skeletonz CMS - Permanent XSS",2010-11-28,Jbyte,cgi,webapps,0 15626,platforms/windows/local/15626.py,"OTSTurntables 1.00.048 - (m3u/ofl) Local BoF Exploit (SEH)",2010-11-28,0v3r,windows,local,0 15627,platforms/asp/webapps/15627.html,"Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection",2010-11-28,underground-stockholm.com,asp,webapps,0 -15628,platforms/windows/dos/15628.py,"Hanso Player 1.4.0 - (.m3u) Denial of Service",2010-11-28,anT!-Tr0J4n,windows,dos,0 +15628,platforms/windows/dos/15628.py,"Hanso Player 1.4.0 - '.m3u' Denial of Service",2010-11-28,anT!-Tr0J4n,windows,dos,0 15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website - search.asp / showAlllistings.asp SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 15630,platforms/windows/local/15630.py,"Mediacoder 0.7.5.4792 - Buffer Overflow Exploit (SEH)",2010-11-29,0v3r,windows,local,0 15631,platforms/hardware/remote/15631.txt,"HP LaserJet - Directory Traversal in PJL Interface",2010-11-29,"n.runs AG",hardware,remote,0 15632,platforms/windows/dos/15632.py,"FoxPlayer 2.4.0 - Denial of Service",2010-11-29,"Oh Yaw Theng",windows,dos,0 15633,platforms/php/webapps/15633.html,"Diferior 8.03 - Multiple XSS Vulnerabilities",2010-11-29,"High-Tech Bridge SA",php,webapps,0 -15635,platforms/windows/dos/15635.py,"Provj 5.1.5.5 - (m3u) Buffer Overflow PoC",2010-11-30,0v3r,windows,dos,0 +15635,platforms/windows/dos/15635.py,"Provj 5.1.5.5 - '.m3u' Buffer Overflow PoC",2010-11-30,0v3r,windows,dos,0 15636,platforms/php/webapps/15636.txt,"Orbis CMS 1.0.2 - Arbitrary File Upload",2010-11-30,"Mark Stanislav",php,webapps,0 15637,platforms/php/webapps/15637.txt,"Link Protect 1.2 - Persistent XSS",2010-11-30,"Shichemt Alen",php,webapps,0 15638,platforms/php/webapps/15638.txt,"Duhok Forum 1.1 - Remote File Upload",2010-11-30,BrOx-Dz,php,webapps,0 @@ -13592,11 +13592,11 @@ id,file,description,date,author,platform,type,port 15656,platforms/php/webapps/15656.txt,"LittlePhpGallery 1.0.2 - Local File Inclusion",2010-12-01,"kire bozorge khavarmian",php,webapps,0 15657,platforms/windows/dos/15657.txt,"FreeTrim MP3 2.2.3 - Denial of Service",2010-12-02,h1ch4m,windows,dos,0 15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)",2010-12-02,bz1p,windows,remote,0 -15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 - XSS",2010-12-02,"High-Tech Bridge SA",php,webapps,0 +15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 - Cross-site Scripting",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 - (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 15662,platforms/linux/remote/15662.txt,"ProFTPD 1.3.3c - Compromised Source Remote Root Trojan",2010-12-02,anonymous,linux,remote,21 -15663,platforms/windows/local/15663.py,"MediaCoder 0.7.5.4797 - (.m3u) Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 +15663,platforms/windows/local/15663.py,"MediaCoder 0.7.5.4797 - '.m3u' Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0 15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - (travelbycountry.asp) SQL Injection",2010-12-03,"Ulrik Persson",asp,webapps,0 15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Router Models - Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0 @@ -13632,21 +13632,21 @@ id,file,description,date,author,platform,type,port 15698,platforms/windows/dos/15698.html,"Flash Player - (Flash6.ocx) AllowScriptAccess DoS PoC",2010-12-06,Dr_IDE,windows,dos,0 15699,platforms/php/webapps/15699.txt,"phpMyAdmin - Client Side Code Injection and Redirect Link Falsification (0Day)",2010-12-06,"emgent white_sheep and scox",php,webapps,80 15704,platforms/linux/local/15704.c,"Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation (1)",2010-12-07,"Dan Rosenberg",linux,local,0 -33671,platforms/php/webapps/33671.txt,"MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-24,indoushka,php,webapps,0 +33671,platforms/php/webapps/33671.txt,"MySmartBB 1.7 - Multiple Cross-site Scripting Vulnerabilities",2010-02-24,indoushka,php,webapps,0 15701,platforms/php/webapps/15701.txt,"MODx Revolution CMS 2.0.4-pl2 - Remote XSS POST Injection",2010-12-06,LiquidWorm,php,webapps,0 15703,platforms/asp/webapps/15703.txt,"SOOP Portal Raven 1.0b - Shell Upload",2010-12-07,"Sun Army",asp,webapps,0 15705,platforms/linux/dos/15705.txt,"GNU inetutils 1.8-1 - FTP Client Heap Overflow",2010-12-07,Rew,linux,dos,0 15706,platforms/windows/local/15706.txt,"Winamp 5.6 - Arbitrary Code Execution in MIDI Parser",2010-12-08,"Kryptos Logic",windows,local,0 15707,platforms/multiple/dos/15707.txt,"Wonderware InBatch 9.0sp1 - Buffer Overflow",2010-12-08,"Luigi Auriemma",multiple,dos,0 15708,platforms/windows/dos/15708.html,"Microsoft Internet Explorer 8 - CSS Parser Denial of Service",2010-12-08,WooYun,windows,dos,0 -15744,platforms/cgi/webapps/15744.txt,"Gitweb 1.7.3.3 - Cross-Site Scripting",2010-12-15,emgent,cgi,webapps,80 +15744,platforms/cgi/webapps/15744.txt,"Gitweb 1.7.3.3 - Cross-site Scripting",2010-12-15,emgent,cgi,webapps,80 15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) - Local Root",2010-12-15,"Kryptos Logic",linux,local,0 -15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 < 1.3.1 - CSRF",2010-12-09,"Anatolia Security",multiple,webapps,0 +15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 < 1.3.1 - Cross-site Request Forgery",2010-12-09,"Anatolia Security",multiple,webapps,0 15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - LFI Exploit",2010-12-09,Br0ly,php,webapps,0 15712,platforms/arm/shellcode/15712.rb,"ARM - Create a New User with UID 0 shellcode (Metasploit) (Generator) (66+ bytes)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 15717,platforms/multiple/remote/15717.txt,"VMware Tools - Update OS Command Injection",2010-12-09,"Nahuel Grisolia",multiple,remote,0 15714,platforms/php/webapps/15714.txt,"Joomla JE Auto Component 1.0 - SQL Injection",2010-12-09,"Salvatore Fresta",php,webapps,0 -15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - CSRF",2010-12-09,"High-Tech Bridge SA",php,webapps,0 +15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - Cross-site Request Forgery",2010-12-09,"High-Tech Bridge SA",php,webapps,0 15720,platforms/php/webapps/15720.txt,"Sulata iSoft - (stream.php) Local File Disclosure Exploit",2010-12-10,Sudden_death,php,webapps,0 15718,platforms/php/webapps/15718.txt,"AJ Matrix DNA - SQL Injection",2010-12-09,Br0ly,php,webapps,0 15719,platforms/php/webapps/15719.txt,"JE Messenger 1.0 - Arbitrary File Upload",2010-12-09,"Salvatore Fresta",php,webapps,0 @@ -13655,12 +13655,12 @@ id,file,description,date,author,platform,type,port 15723,platforms/freebsd/remote/15723.c,"FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit",2010-12-10,kingcope,freebsd,remote,0 15803,platforms/windows/dos/15803.py,"Windows 7 IIS 7.5 - FTPSVC UNAUTH'D Remote DoS PoC",2010-12-21,"Matthew Bergin",windows,dos,0 15725,platforms/linux/remote/15725.pl,"Exim 4.63 - Remote Root Exploit",2010-12-11,kingcope,linux,remote,0 -15727,platforms/windows/local/15727.py,"FreeAmp 2.0.7 - (.m3u) Buffer Overflow",2010-12-11,zota,windows,local,0 -15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot 2.0.0.0 - CSRF",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 +15727,platforms/windows/local/15727.py,"FreeAmp 2.0.7 - '.m3u' Buffer Overflow",2010-12-11,zota,windows,local,0 +15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot 2.0.0.0 - Cross-site Request Forgery",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 15729,platforms/windows/local/15729.py,"PowerShell XP 3.0.1 - Buffer Overflow (0Day)",2010-12-12,m_101,windows,local,0 15730,platforms/windows/local/15730.rb,"SnackAmp 3.1.3 - SMP Buffer Overflow (SEH)",2010-12-12,"James Fitts",windows,local,0 15733,platforms/windows/remote/15733.html,"Crystal Reports Viewer 12.0.0.549 - ActiveX Exploit (PrintControl.dll) (0Day)",2010-12-14,Dr_IDE,windows,remote,0 -15735,platforms/php/webapps/15735.txt,"MantisBT 1.2.3 (db_type) - Cross-Site Scripting / Path Disclosure",2010-12-15,LiquidWorm,php,webapps,0 +15735,platforms/php/webapps/15735.txt,"MantisBT 1.2.3 (db_type) - Cross-site Scripting / Path Disclosure",2010-12-15,LiquidWorm,php,webapps,0 15736,platforms/php/webapps/15736.txt,"MantisBT 1.2.3 (db_type) - Local File Inclusion",2010-12-15,LiquidWorm,php,webapps,0 15737,platforms/cgi/webapps/15737.txt,"Google Urchin 5.7.03 - LFI (0Day)",2010-12-15,"Kristian Erik Hermansen",cgi,webapps,0 15738,platforms/windows/dos/15738.pl,"Digital Audio Editor 7.6.0.237 - Local Crash PoC",2010-12-15,h1ch4m,windows,dos,0 @@ -13675,8 +13675,8 @@ id,file,description,date,author,platform,type,port 15749,platforms/php/webapps/15749.txt,"Joomla JRadio Component (com_jradio) - Local File Inclusion",2010-12-16,Sid3^effects,php,webapps,0 15750,platforms/windows/dos/15750.py,"SolarFTP 2.0 - Multiple Commands Denial of Service",2010-12-16,modpr0be,windows,dos,0 15751,platforms/windows/local/15751.pl,"Altarsoft Audio Converter 1.1 - Buffer Overflow Exploit (SEH)",2010-12-16,"C4SS!0 G0M3S",windows,local,0 -15752,platforms/php/webapps/15752.txt,"Softbiz PHP Joke Site Software - Multiple SQL Injection",2010-12-17,v3n0m,php,webapps,0 -15753,platforms/hardware/webapps/15753.html,"D-Link DIR-300 - CSRF (Change Admin Account Settings)",2010-12-17,outlaw.dll,hardware,webapps,0 +15752,platforms/php/webapps/15752.txt,"Softbiz PHP Joke Site Software - Multiple SQL Injections",2010-12-17,v3n0m,php,webapps,0 +15753,platforms/hardware/webapps/15753.html,"D-Link DIR-300 - Cross-site Request Forgery (Change Admin Account Settings)",2010-12-17,outlaw.dll,hardware,webapps,0 15754,platforms/php/webapps/15754.txt,"Immo Makler Script - SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 15755,platforms/php/webapps/15755.txt,"Easy Online Shop - SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 15756,platforms/php/webapps/15756.txt,"MHP Downloadshop - SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 @@ -13697,11 +13697,11 @@ id,file,description,date,author,platform,type,port 15774,platforms/linux/local/15774.c,"Linux Kernel < 2.6.37-rc2 - ACPI custom_method Privilege Escalation",2010-12-18,"Jon Oberheide",linux,local,0 15775,platforms/php/webapps/15775.txt,"Mafia Game Script - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15776,platforms/asp/webapps/15776.pl,"Virtual Store Open 3.0 - Acess SQL Injection",2010-12-18,Br0ly,asp,webapps,0 -15777,platforms/asp/webapps/15777.txt,"Oto Galery 1.0 - Multiple SQL Injection",2010-12-19,"DeadLy DeMon",asp,webapps,0 -15779,platforms/php/webapps/15779.txt,"Joomla JE Auto Component (com_jeauto) - LFI",2010-12-19,Sid3^effects,php,webapps,0 +15777,platforms/asp/webapps/15777.txt,"Oto Galery 1.0 - Multiple SQL Injections",2010-12-19,"DeadLy DeMon",asp,webapps,0 +15779,platforms/php/webapps/15779.txt,"Joomla JE Auto Component (com_jeauto) - Local File Inclusion",2010-12-19,Sid3^effects,php,webapps,0 15781,platforms/php/webapps/15781.txt,"Inout Webmail Script - Persistent XSS",2010-12-20,Sid3^effects,php,webapps,0 15782,platforms/windows/local/15782.pl,"Word Splash Pro 9.5 - Buffer Overflow",2010-12-20,h1ch4m,windows,local,0 -15783,platforms/php/webapps/15783.txt,"MaticMarket 2.02 for PHP-Nuke - LFI",2010-12-20,xer0x,php,webapps,0 +15783,platforms/php/webapps/15783.txt,"MaticMarket 2.02 for PHP-Nuke - Local File Inclusion",2010-12-20,xer0x,php,webapps,0 15784,platforms/asp/webapps/15784.txt,"Elcom CommunityManager.NET - Auth Bypass",2010-12-20,"Sense of Security",asp,webapps,0 15785,platforms/windows/local/15785.py,"MP3 CD Converter Professional - BoF (SEH)",2010-12-20,"C4SS!0 G0M3S",windows,local,0 15786,platforms/windows/dos/15786.py,"Accmeware MP3 Joiner Pro 5.0.9 - DoS PoC",2010-12-20,0v3r,windows,dos,0 @@ -13725,7 +13725,7 @@ id,file,description,date,author,platform,type,port 15804,platforms/php/webapps/15804.txt,"jobappr 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15807,platforms/cgi/webapps/15807.txt,"Mitel AWC - Unauthenticated Command Execution",2010-12-22,Procheckup,cgi,webapps,0 -15808,platforms/php/webapps/15808.txt,"WORDPRESS Plugin Accept Signups 0.1 - XSS",2010-12-22,clshack,php,webapps,0 +15808,platforms/php/webapps/15808.txt,"WORDPRESS Plugin Accept Signups 0.1 - Cross-site Scripting",2010-12-22,clshack,php,webapps,0 15809,platforms/windows/remote/15809.html,"WMITools ActiveX - Remote Command Execution Exploit (0Day)",2010-12-22,WooYun,windows,remote,0 15810,platforms/hardware/webapps/15810.txt,"D-Link WBR-1310 - Authentication Bypass",2010-12-23,"Craig Heffner",hardware,webapps,0 15811,platforms/php/webapps/15811.txt,"Built2Go PHP Shopping - SQL Injection",2010-12-23,Br0ly,php,webapps,0 @@ -13738,18 +13738,18 @@ id,file,description,date,author,platform,type,port 15819,platforms/php/webapps/15819.txt,"Joomla Component com_xmovie 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0 15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 - (post.php) SQL Injection",2010-12-24,cOndemned,php,webapps,0 15821,platforms/windows/dos/15821.py,"HttpBlitz Web Server - Denial of Service",2010-12-24,otoy,windows,dos,0 -15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 - CSRF (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0 +15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 - Cross-site Request Forgery (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0 15824,platforms/php/webapps/15824.txt,"Pligg 1.1.2 - Blind SQL Injection / XSS",2010-12-25,"Michael Brooks",php,webapps,0 15825,platforms/php/webapps/15825.txt,"openauto 1.6.3 - Multiple Vulnerabilities",2010-12-25,"Michael Brooks",php,webapps,0 -15826,platforms/php/webapps/15826.txt,"Traidnt Up 3.0 - CSRF",2010-12-25,"P0C T34M",php,webapps,0 +15826,platforms/php/webapps/15826.txt,"Traidnt Up 3.0 - Cross-site Request Forgery",2010-12-25,"P0C T34M",php,webapps,0 15827,platforms/php/webapps/15827.txt,"Joomla Component (com_idoblog) - SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0 -15828,platforms/php/webapps/15828.txt,"Vacation Rental Script 4.0 - CSRF",2010-12-25,OnurTURKESHAN,php,webapps,0 +15828,platforms/php/webapps/15828.txt,"Vacation Rental Script 4.0 - Cross-site Request Forgery",2010-12-25,OnurTURKESHAN,php,webapps,0 15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQLi / Persistent XSS on Frontpage",2010-12-28,"Michael Brooks",php,webapps,0 15830,platforms/php/webapps/15830.txt,"Social Engine 4.x - (Music Plugin) Arbitrary File Upload",2010-12-25,MyDoom,php,webapps,0 15831,platforms/php/webapps/15831.txt,"LoveCMS 1.6.2 Final - Multiple Local File Inclusion",2010-12-25,cOndemned,php,webapps,0 15832,platforms/php/webapps/15832.txt,"Interact 2.4.1 - SQL Injection",2010-12-26,"IR Security",php,webapps,0 15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - Buffer Overflow RET + SEH Exploit (HEAD)",2010-12-26,TheLeader,windows,remote,0 -15835,platforms/php/webapps/15835.html,"pecio CMS 2.0.5 - CSRF Add Admin",2010-12-27,"P0C T34M",php,webapps,0 +15835,platforms/php/webapps/15835.html,"pecio CMS 2.0.5 - CSRF (Add Admin)",2010-12-27,"P0C T34M",php,webapps,0 15836,platforms/php/webapps/15836.txt,"OpenEMR 3.2.0 - SQL Injection / XSS",2010-12-27,blake,php,webapps,0 15837,platforms/php/webapps/15837.txt,"Web@all 1.1 - Remote Admin Settings Change",2010-12-27,"Giuseppe D'Inverno",php,webapps,0 15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor - (.cov) Memory Corruption",2010-12-28,rgod,windows,dos,0 @@ -13768,7 +13768,7 @@ id,file,description,date,author,platform,type,port 15856,platforms/php/webapps/15856.php,"TYPO3 - Unauthenticated Arbitrary File Retrieval",2010-12-29,ikki,php,webapps,0 15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - (.pls) SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 15857,platforms/php/webapps/15857.txt,"Discovery TorrentTrader 2.6 - Multiple Vulnerabilities",2010-12-29,EsS4ndre,php,webapps,0 -15858,platforms/php/webapps/15858.txt,"WordPress 3.0.3 - Stored XSS (IE6/7 NS8.1)",2010-12-29,Saif,php,webapps,0 +15858,platforms/php/webapps/15858.txt,"WordPress 3.0.3 - Persistent Cross-site Scripting (IE6/7 NS8.1)",2010-12-29,Saif,php,webapps,0 15860,platforms/windows/dos/15860.py,"TYPSoft FTP Server 1.10 - RETR CMD Denial of Service",2010-12-29,emgent,windows,dos,0 15861,platforms/windows/remote/15861.txt,"httpdasm 0.92 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15862,platforms/windows/remote/15862.txt,"quickphp Web server 1.9.1 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 @@ -13788,7 +13788,7 @@ id,file,description,date,author,platform,type,port 15889,platforms/php/webapps/15889.txt,"Sahana Agasti 0.6.4 - SQL Injection",2011-01-01,dun,php,webapps,0 15890,platforms/php/webapps/15890.txt,"Tech Shop Technote 7 - SQL Injection",2011-01-01,MaJ3stY,php,webapps,0 15891,platforms/php/webapps/15891.txt,"GALLARIFIC PHP Photo Gallery Script - (gallery.php) SQL Injection",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 -15892,platforms/php/webapps/15892.html,"YourTube 1.0 - CSRF (Add User)",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 +15892,platforms/php/webapps/15892.html,"YourTube 1.0 - Cross-site Request Forgery (Add User)",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 15893,platforms/php/webapps/15893.py,"amoeba CMS 1.01 - Multiple Vulnerabilities",2011-01-02,mr_me,php,webapps,0 15894,platforms/windows/dos/15894.c,"Windows - Class Handling (MS10-073)",2011-01-02,"Tarjei Mandt",windows,dos,0 18245,platforms/multiple/remote/18245.py,"Splunk - Remote Root Exploit",2011-12-15,"Gary O'Leary-Steele",multiple,remote,0 @@ -13796,7 +13796,7 @@ id,file,description,date,author,platform,type,port 15897,platforms/windows/dos/15897.py,"Music Animation Machine MIDI Player - Local Crash PoC",2011-01-03,c0d3R'Z,windows,dos,0 15898,platforms/multiple/dos/15898.py,"Wireshark - ENTTEC DMX Data RLE Buffer Overflow",2011-01-03,"non-customers crew",multiple,dos,0 15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 - Change Admin Passwd CSRF Exploit",2011-01-04,pentesters.ir,php,webapps,0 -15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player - SEH BOF",2011-01-04,Acidgen,windows,local,0 +15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player - SEH Buffer Overflow",2011-01-04,Acidgen,windows,local,0 15905,platforms/windows/dos/15905.py,"Xynph 1.0 - USER Denial of Service",2011-01-04,freak_out,windows,dos,0 15991,platforms/windows/remote/15991.html,"Real Networks RealPlayer SP - 'RecordClip' Method Remote Code Execution",2011-01-14,"Sean de Regge",windows,remote,0 15907,platforms/php/webapps/15907.txt,"Nucleus 3.61 - Multiple Remote File Inclusion",2011-01-05,n0n0x,php,webapps,0 @@ -13834,28 +13834,28 @@ id,file,description,date,author,platform,type,port 15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - LFI / Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0 15968,platforms/php/webapps/15968.txt,"vam shop 1.6 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15969,platforms/php/webapps/15969.txt,"diafan.cms 4.3 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 -15970,platforms/php/webapps/15970.txt,"Cambio 0.5a - CSRF",2011-01-11,"High-Tech Bridge SA",php,webapps,0 +15970,platforms/php/webapps/15970.txt,"Cambio 0.5a - Cross-site Request Forgery",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15966,platforms/php/webapps/15966.txt,"ExtCalendar 2 - (calendar.php) SQL Injection",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0 15967,platforms/php/webapps/15967.txt,"energine 2.3.8 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 -15971,platforms/php/webapps/15971.txt,"whCMS 0.115 - CSRF",2011-01-11,"High-Tech Bridge SA",php,webapps,0 +15971,platforms/php/webapps/15971.txt,"whCMS 0.115 - Cross-site Request Forgery",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15972,platforms/windows/local/15972.c,"DriveCrypt 5.3 - Local Kernel ring0 SYSTEM Exploit",2011-01-11,mu-b,windows,local,0 15973,platforms/multiple/dos/15973.txt,"Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service",2011-01-11,"Fred Fierling",multiple,dos,0 15974,platforms/linux/dos/15974.txt,"Mono/Moonlight Generic Type Argument - Local Privilege Escalation",2011-01-11,"Chris Howie",linux,dos,0 16264,platforms/windows/local/16264.pl,"Magic Music Editor - Buffer Overflow Exploit",2011-03-02,"C4SS!0 G0M3S",windows,local,0 15975,platforms/windows/local/15975.py,"Nokia Multimedia Player 1.0 - SEH Unicode Exploit",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 -15981,platforms/php/webapps/15981.txt,"LifeType 1.2.10 - HTTP Referer stored XSS",2011-01-12,"Saif El-Sherei",php,webapps,0 +15981,platforms/php/webapps/15981.txt,"LifeType 1.2.10 - HTTP Referer Persistent XSS",2011-01-12,"Saif El-Sherei",php,webapps,0 15984,platforms/windows/remote/15984.html,"Microsoft Data Access Components - Exploit (MS11-002)",2011-01-12,"Peter Vreugdenhil",windows,remote,0 15979,platforms/php/webapps/15979.txt,"Joomla! - Spam Mail Relay",2011-01-12,"Jeff Channell",php,webapps,0 15985,platforms/windows/local/15985.c,"Win32k - Keyboard Layout (MS10-073)",2011-01-13,"Ruben Santamarta ",windows,local,0 -15986,platforms/windows/dos/15986.py,"Blackmoon FTP 3.1 Build 1735/1736 - DoS",2011-01-13,"Craig Freyman",windows,dos,0 +15986,platforms/windows/dos/15986.py,"Blackmoon FTP 3.1 Build 1735/1736 - Denial of Service",2011-01-13,"Craig Freyman",windows,dos,0 15987,platforms/cgi/webapps/15987.py,"SiteScape Enterprise Forum 7 - TCL Injection",2011-01-13,"Spencer McIntyre",cgi,webapps,0 16020,platforms/php/webapps/16020.txt,"PHP Lowbids - viewfaqs.php Blind SQL Injection",2011-01-20,"BorN To K!LL",php,webapps,0 15988,platforms/windows/dos/15988.py,"Objectivity/DB - Lack of Authentication Remote Exploit",2011-01-14,"Jeremy Brown",windows,dos,0 15989,platforms/php/webapps/15989.txt,"People Joomla Component 1.0.0 - SQL Injection",2011-01-14,"Salvatore Fresta",php,webapps,0 15992,platforms/windows/dos/15992.txt,"Sielco Sistemi Winlog 2.07.00 - Stack Overflow",2011-01-14,"Luigi Auriemma",windows,dos,0 -15993,platforms/php/webapps/15993.html,"viart shop 4.0.5 - CSRF",2011-01-15,Or4nG.M4N,php,webapps,0 +15993,platforms/php/webapps/15993.html,"viart shop 4.0.5 - Cross-site Request Forgery",2011-01-15,Or4nG.M4N,php,webapps,0 15994,platforms/windows/local/15994.rb,"eXtremeMP3 Player - Buffer Overflow (SEH)",2011-01-15,"C4SS!0 G0M3S",windows,local,0 -15995,platforms/php/webapps/15995.txt,"glfusion CMS 1.2.1 - Stored XSS via img tag",2011-01-15,Saif,php,webapps,0 +15995,platforms/php/webapps/15995.txt,"glfusion CMS 1.2.1 - Persistent Cross-site Scripting via img tag",2011-01-15,Saif,php,webapps,0 15996,platforms/php/webapps/15996.txt,"compactcms 1.4.1 - Multiple Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution Exploit",2011-01-16,mr_me,jsp,webapps,0 15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service",2011-01-16,MJ0011,windows,dos,0 @@ -13874,7 +13874,7 @@ id,file,description,date,author,platform,type,port 17209,platforms/php/webapps/17209.txt,"SoftMP3 - SQL Injection",2011-04-24,mArTi,php,webapps,0 17210,platforms/windows/local/17210.rb,"eZip Wizard 3.0 - Stack Buffer Overflow",2011-04-25,Metasploit,windows,local,0 16016,platforms/php/webapps/16016.txt,"Simploo CMS 1.7.1 - PHP Code Execution",2011-01-19,"David Vieira-Kurz",php,webapps,0 -16039,platforms/php/webapps/16039.txt,"Joomla B2 Portfolio Component 1.0.0 - Multiple SQL Injection",2011-01-24,"Salvatore Fresta",php,webapps,0 +16039,platforms/php/webapps/16039.txt,"Joomla B2 Portfolio Component 1.0.0 - Multiple SQL Injections",2011-01-24,"Salvatore Fresta",php,webapps,0 16018,platforms/php/webapps/16018.txt,"PHP auctions - (viewfaqs.php) Blind SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0 16019,platforms/php/webapps/16019.txt,"Phpcms 2008 - SQL Injection",2011-01-20,R3d-D3V!L,php,webapps,0 16021,platforms/windows/dos/16021.c,"Look n stop - Local DoS (0Day)",2011-01-21,Heurs,windows,dos,0 @@ -13888,7 +13888,7 @@ id,file,description,date,author,platform,type,port 16034,platforms/php/webapps/16034.txt,"PHP Coupon Script 6.0 - (bus) Blind SQL Injection",2011-01-23,"BorN To K!LL",php,webapps,0 16035,platforms/windows/dos/16035.py,"Inetserv 3.23 - SMTP Denial of Service",2011-01-23,G13,windows,dos,0 16036,platforms/windows/remote/16036.rb,"Golden FTP Server 4.70 - PASS Command Buffer Overflow Exploit",2011-01-23,"cd1zz and iglesiasgg",windows,remote,0 -16037,platforms/php/webapps/16037.html,"PHP Link Directory 4.1.0 - CSRF (Add Admin)",2011-01-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 +16037,platforms/php/webapps/16037.html,"PHP Link Directory 4.1.0 - Cross-site Request Forgery (Add Admin)",2011-01-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16038,platforms/windows/dos/16038.py,"Inetserv 3.23 POP3 - Denial of Service",2011-01-24,dmnt,windows,dos,0 16040,platforms/windows/dos/16040.py,"Automated Solutions Modbus/TCP OPC Server - Remote Heap Corruption PoC",2011-01-25,"Jeremy Brown",windows,dos,0 16041,platforms/multiple/remote/16041.txt,"Sun Microsystems SunScreen Firewall - Root Exploit",2011-01-25,kingcope,multiple,remote,0 @@ -13906,27 +13906,27 @@ id,file,description,date,author,platform,type,port 16055,platforms/windows/remote/16055.txt,"Oracle Document Capture - empop3.dll Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16056,platforms/windows/remote/16056.txt,"Oracle - Document Capture Insecure READ Method",2011-01-26,"Alexey Sintsov",windows,remote,0 16058,platforms/php/webapps/16058.txt,"MultiPowUpload 2.1 - Remote File Upload",2011-01-26,DIES3L,php,webapps,0 -16059,platforms/php/webapps/16059.txt,"Xnova Legacies 2009.2 - CSRF",2011-01-26,"Xploit A Day",php,webapps,0 +16059,platforms/php/webapps/16059.txt,"Xnova Legacies 2009.2 - Cross-site Request Forgery",2011-01-26,"Xploit A Day",php,webapps,0 16061,platforms/php/webapps/16061.txt,"PHP Link Directory Software - (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 -16062,platforms/php/webapps/16062.txt,"PHP Classified ads software - (cid) Blind SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 +16062,platforms/php/webapps/16062.txt,"PHP Classified ads software - 'cid' Blind SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 16064,platforms/bsd/dos/16064.c,"FreeBSD 8.0 - Local Denial of Service (forced reboot)",2011-01-28,kingcope,bsd,dos,0 16069,platforms/php/webapps/16069.txt,"PHP Script Directory Software - (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 -16070,platforms/windows/local/16070.py,"Virtuosa Phoenix Edition 5.2 - ASX SEH BOF",2011-01-28,Acidgen,windows,local,0 +16070,platforms/windows/local/16070.py,"Virtuosa Phoenix Edition 5.2 - ASX SEH Buffer Overflow",2011-01-28,Acidgen,windows,local,0 16071,platforms/windows/local/16071.txt,"Microsoft Internet Explorer - MHTML Protocol Handler XSS",2011-01-29,80vul,windows,local,0 16068,platforms/hardware/dos/16068.pl,"Polycom SoundPoint IP Devices - Denial of Service",2011-01-28,"pawel gawinek",hardware,dos,0 -16072,platforms/windows/local/16072.py,"WM Downloader 3.1.2.2 2010.04.15 - (.m3u) Buffer Overflow (DEP Bypass)",2011-01-29,sickness,windows,local,0 +16072,platforms/windows/local/16072.py,"WM Downloader 3.1.2.2 2010.04.15 - '.m3u' Buffer Overflow (DEP Bypass)",2011-01-29,sickness,windows,local,0 16073,platforms/windows/local/16073.pl,"A-PDF All to MP3 Converter 2.0.0 - (.wav) Buffer Overflow (seh)",2011-01-29,m0nna,windows,local,0 16074,platforms/php/webapps/16074.txt,"MultiCMS - Local File Inclusion",2011-01-29,R3VAN_BASTARD,php,webapps,0 16075,platforms/windows/remote/16075.pl,"Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download",2011-01-29,"Zer0 Thunder",windows,remote,0 -16076,platforms/php/webapps/16076.txt,"vBSEO 3.5.2 & 3.2.2 - Persistent XSS via LinkBacks",2011-01-30,MaXe,php,webapps,0 +16076,platforms/php/webapps/16076.txt,"vBSEO 3.5.2 / 3.2.2 - Persistent XSS via LinkBacks",2011-01-30,MaXe,php,webapps,0 16077,platforms/php/webapps/16077.txt,"vBSEO Sitemap 2.5 & 3.0 - Multiple Vulnerabilities",2011-01-30,MaXe,php,webapps,0 16078,platforms/windows/remote/16078.py,"SDP Downloader 2.3.0 - (http_response) Remote Buffer Overflow Exploit",2011-01-30,sup3r,windows,remote,0 16079,platforms/multiple/dos/16079.html,"Google Chrome 8.0.552.237 - replace DoS",2011-01-30,"Carlos Mario Penagos Hollmann",multiple,dos,0 -16080,platforms/php/webapps/16080.txt,"RW-Download 4.0.6 - (index.php) SQL Injection",2011-01-30,Dr.NeT,php,webapps,0 +16080,platforms/php/webapps/16080.txt,"RW-Download 4.0.6 - 'index.php' SQL Injection",2011-01-30,Dr.NeT,php,webapps,0 16083,platforms/windows/local/16083.rb,"NetZip - Classic Buffer Overflow Exploit (SEH)",2011-01-30,"C4SS!0 G0M3S",windows,local,0 16084,platforms/windows/dos/16084.html,"Maxthon Browser 3.0.20.1000 - ref / replace DoS",2011-01-30,"Carlos Mario Penagos Hollmann",windows,dos,0 -16272,platforms/php/webapps/16272.txt,"Limelight Software - (article.php) SQL Injection",2011-03-04,eXeSoul,php,webapps,0 -16085,platforms/windows/local/16085.py,"AOL 9.5 - (rtx) Local Buffer Overflow Exploit",2011-01-31,sup3r,windows,local,0 +16272,platforms/php/webapps/16272.txt,"Limelight Software - 'article.php' SQL Injection",2011-03-04,eXeSoul,php,webapps,0 +16085,platforms/windows/local/16085.py,"AOL 9.5 - '.rtx' Local Buffer Overflow Exploit",2011-01-31,sup3r,windows,local,0 16086,platforms/linux/local/16086.txt,"OpenVAS Manager - Command Injection",2011-01-31,"Tim Brown",linux,local,0 16088,platforms/php/webapps/16088.php,"NetLink - Arbitrary File Upload",2011-02-01,lumut--,php,webapps,0 16090,platforms/php/webapps/16090.txt,"TinyWebGallery 1.8.3 - Multiple Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 @@ -13935,7 +13935,7 @@ id,file,description,date,author,platform,type,port 16094,platforms/php/webapps/16094.txt,"Raja Natarajan Guestbook 1.0 - Local File Inclusion",2011-02-02,h0rd,php,webapps,0 16095,platforms/linux/dos/16095.pl,"Terminal Server Client - .rdp Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 16096,platforms/php/webapps/16096.txt,"redaxscript 0.3.2 - Multiple Vulnerabilities",2011-02-02,"High-Tech Bridge SA",php,webapps,0 -16097,platforms/php/webapps/16097.txt,"Zikula CMS 1.2.4 - CSRF",2011-02-02,"Aung Khant",php,webapps,0 +16097,platforms/php/webapps/16097.txt,"Zikula CMS 1.2.4 - Cross-site Request Forgery",2011-02-02,"Aung Khant",php,webapps,0 16098,platforms/android/local/16098.c,"Android 1.x/2.x HTC Wildfire - Local Root Exploit",2011-02-02,"The Android Exploid Crew",android,local,0 16099,platforms/android/local/16099.c,"Android 1.x/2.x - Local Root Exploit",2011-02-02,"The Android Exploid Crew",android,local,0 16100,platforms/hardware/remote/16100.txt,"Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account",2011-02-02,"Cisco Security",hardware,remote,0 @@ -13944,7 +13944,7 @@ id,file,description,date,author,platform,type,port 16103,platforms/multiple/remote/16103.txt,"Majordomo2 - Directory Traversal (SMTP/HTTP)",2011-02-03,"Michael Brooks",multiple,remote,0 16105,platforms/windows/remote/16105.txt,"quickshare file share 1.2.1 - Directory Traversal (1)",2011-02-03,modpr0be,windows,remote,0 16106,platforms/php/webapps/16106.txt,"OemPro 3.6.4 - Multiple Vulnerabilities",2011-02-03,"Ignacio Garrido",php,webapps,0 -16107,platforms/windows/local/16107.py,"AOL Desktop 9.6 - (.rtx) Buffer Overflow",2011-02-03,sickness,windows,local,0 +16107,platforms/windows/local/16107.py,"AOL Desktop 9.6 - '.rtx' Buffer Overflow",2011-02-03,sickness,windows,local,0 16108,platforms/multiple/dos/16108.txt,"VLC Media Player - Subtitle StripTags() Function Memory Corruption",2011-02-03,"Harry Sintonen",multiple,dos,0 16109,platforms/php/webapps/16109.txt,"podcast generator 1.3 - Multiple Vulnerabilities",2011-02-04,"High-Tech Bridge SA",php,webapps,0 16113,platforms/php/webapps/16113.txt,"oscommerce - authentication bypass",2011-02-04,"Nicolas Krassas",php,webapps,0 @@ -13954,18 +13954,18 @@ id,file,description,date,author,platform,type,port 16119,platforms/freebsd/local/16119.c,"FreeBSD 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit",2011-02-06,kingcope,freebsd,local,0 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow DoS Skinfile",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 -16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b - (index.php) SQL Injection",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 +16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b - 'index.php' SQL Injection",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System - Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 -16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection",2011-02-07,"Saif El-Sherei",php,webapps,0 +16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Persistent Cross-site Scripting via useragent http header injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPD mod_sftp - Integer Overflow DoS PoC",2011-02-07,kingcope,linux,dos,0 -16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 - (index.php) SQL Injection",2011-02-07,ahmadso,php,webapps,0 +16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 - 'index.php' SQL Injection",2011-02-07,ahmadso,php,webapps,0 16131,platforms/php/webapps/16131.txt,"SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16133,platforms/windows/local/16133.htm,"AoA Mp4 converter 4.1.0 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16134,platforms/php/webapps/16134.txt,"Model Agentur Script - SQL Injection",2011-02-08,NoNameMT,php,webapps,0 -16135,platforms/php/webapps/16135.html,"dotProject 2.1.5 - CSRF",2011-02-08,"AutoSec Tools",php,webapps,0 -16136,platforms/php/webapps/16136.html,"AIOCP 1.4.001 - CSRF",2011-02-08,"AutoSec Tools",php,webapps,0 +16135,platforms/php/webapps/16135.html,"dotProject 2.1.5 - Cross-site Request Forgery",2011-02-08,"AutoSec Tools",php,webapps,0 +16136,platforms/php/webapps/16136.html,"AIOCP 1.4.001 - Cross-site Request Forgery",2011-02-08,"AutoSec Tools",php,webapps,0 16137,platforms/multiple/remote/16137.c,"Multiple Vendor Calendar Manager - Remote Code Execution",2011-02-09,"Rodrigo Rubira Branco",multiple,remote,0 16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0 16139,platforms/php/webapps/16139.txt,"Auto Database System 1.0 Infusion Addon - SQL Injection",2011-02-09,Saif,php,webapps,0 @@ -13979,16 +13979,16 @@ id,file,description,date,author,platform,type,port 16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - (Login parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 16165,platforms/php/webapps/16165.txt,"AWCM 2.2 Final - Persistent Cross-Site Script",2011-02-14,_84kur10_,php,webapps,0 16166,platforms/windows/dos/16166.py,"Microsoft Windows 2003 - AD Pre-Auth BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 -16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 - XSS",2011-02-09,Sw1tCh,php,webapps,0 +16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 - Cross-site Scripting",2011-02-09,Sw1tCh,php,webapps,0 16149,platforms/hardware/remote/16149.txt,"Linksys WAP610N - Unauthenticated Root Access Security",2011-02-10,"Matteo Ignaccolo",hardware,remote,0 16150,platforms/windows/dos/16150.py,"XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service",2011-02-10,"Houssam Sahli",windows,dos,0 16152,platforms/multiple/webapps/16152.py,"LocatePC 1.05 (Ligatt Version + Others) - Trivial SQL Injection",2011-02-10,anonymous,multiple,webapps,0 -16153,platforms/windows/local/16153.py,"MoviePlay 4.82 - (.lst) Buffer Overflow",2011-02-11,sickness,windows,local,0 +16153,platforms/windows/local/16153.py,"MoviePlay 4.82 - '.lst' Buffer Overflow",2011-02-11,sickness,windows,local,0 16154,platforms/php/webapps/16154.txt,"Horde - Horde_Image::factory driver Argument Local File Inclusion",2011-02-11,skysbsb,php,webapps,0 16155,platforms/php/webapps/16155.txt,"Geomi CMS 1.2 & 3.0 - SQL Injection",2011-02-11,"ThunDEr HeaD",php,webapps,0 16156,platforms/php/webapps/16156.txt,"Kunena < 1.5.13 / < 1.6.3 - SQL Injection",2011-02-11,"Red Matter",php,webapps,0 16157,platforms/jsp/webapps/16157.py,"Openedit 5.1294 - Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 -16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 +16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 16159,platforms/php/webapps/16159.txt,"Escort Agency CMS - Blind SQL Injection",2011-02-12,NoNameMT,php,webapps,0 16160,platforms/php/webapps/16160.txt,"Pixelpost 1.7.3 - Multiple POST Variables SQL Injection",2011-02-12,LiquidWorm,php,webapps,0 16162,platforms/windows/local/16162.pl,"CuteZip 2.1 - Buffer Overflow Exploit",2011-02-12,"C4SS!0 G0M3S",windows,local,0 @@ -14013,10 +14013,10 @@ id,file,description,date,author,platform,type,port 16254,platforms/windows/dos/16254.txt,"Nitro PDF Reader 1.4.0 - Heap Memory Corruption PoC",2011-02-28,LiquidWorm,windows,dos,0 16225,platforms/cfm/webapps/16225.txt,"Alcassoft's SOPHIA CMS - SQL Injection",2011-02-24,p0pc0rn,cfm,webapps,0 16226,platforms/hardware/remote/16226.txt,"iSO Air Files 2.6 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 -16196,platforms/php/webapps/16196.txt,"eventum issue tracking system 2.3.1 - Stored XSS",2011-02-19,"Saif El-Sherei",php,webapps,0 +16196,platforms/php/webapps/16196.txt,"eventum issue tracking system 2.3.1 - Persistent Cross-site Scripting",2011-02-19,"Saif El-Sherei",php,webapps,0 16197,platforms/php/webapps/16197.txt,"Escort Directory CMS - SQL Injection",2011-02-19,NoNameMT,php,webapps,0 16198,platforms/php/webapps/16198.txt,"Independent Escort CMS - Blind SQL Injection",2011-02-19,NoNameMT,php,webapps,0 -16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a - HTTP Referer stored XSS",2011-02-20,"Saif El-Sherei",php,webapps,0 +16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a - HTTP Referer Persistent XSS",2011-02-20,"Saif El-Sherei",php,webapps,0 16200,platforms/php/webapps/16200.py,"JAKCMS 2.01 - Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 16201,platforms/php/webapps/16201.py,"JAKCMS 2.01 RC1 - Blind SQL Injection",2011-02-20,mr_me,php,webapps,0 16202,platforms/php/webapps/16202.txt,"Woltlab Burning Board 2.3.6 Addon - (hilfsmittel.php) SQL Injection",2011-02-21,Crazyball,php,webapps,0 @@ -14032,7 +14032,7 @@ id,file,description,date,author,platform,type,port 16223,platforms/php/webapps/16223.txt,"VidiScript - SQL Injection",2011-02-23,ThEtA.Nu,php,webapps,0 16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b - Arbitrary Upload",2011-02-23,"AutoSec Tools",php,webapps,0 16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 -16213,platforms/php/webapps/16213.txt,"Hyena Cart - (index.php) SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 +16213,platforms/php/webapps/16213.txt,"Hyena Cart - 'index.php' SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats - (player.php) SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16217,platforms/php/webapps/16217.txt,"bitweaver 2.8.1 - Persistent XSS",2011-02-23,lemlajt,php,webapps,0 16227,platforms/hardware/remote/16227.txt,"iSO Filer Lite 2.1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 @@ -14040,8 +14040,8 @@ id,file,description,date,author,platform,type,port 16229,platforms/ios/remote/16229.txt,"iOS myDBLite 1.1.10 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16230,platforms/windows/dos/16230.py,"Victory FTP Server 5.0 - Denial of Service",2011-02-24,"C4SS!0 G0M3S",windows,dos,0 16231,platforms/ios/remote/16231.txt,"iOS Share 1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 -16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 WordPress Plugin - Stored XSS",2011-02-24,"Saif El-Sherei",php,webapps,0 -16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 WordPress Plugin - Stored XSS",2011-02-24,"Saif El-Sherei",php,webapps,0 +16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 WordPress Plugin - Persistent Cross-site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 +16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 WordPress Plugin - Persistent Cross-site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 16234,platforms/netware/dos/16234.rb,"Novell Netware - RPC XNFS xdrDecodeString",2011-02-24,"Francis Provencher",netware,dos,0 16235,platforms/php/webapps/16235.txt,"WordPress Plugin Forum Server 1.6.5 - SQL Injection",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 @@ -14049,7 +14049,7 @@ id,file,description,date,author,platform,type,port 16238,platforms/hardware/remote/16238.txt,"iphone ishred 1.93 - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 16239,platforms/hardware/remote/16239.txt,"iPhone Guitar - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 16240,platforms/hardware/remote/16240.txt,"iphone pdf reader pro 2.3 - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 -16241,platforms/asp/webapps/16241.txt,"RaksoCT - Multiple SQL Injection",2011-02-25,p0pc0rn,asp,webapps,0 +16241,platforms/asp/webapps/16241.txt,"RaksoCT - Multiple SQL Injections",2011-02-25,p0pc0rn,asp,webapps,0 16242,platforms/windows/remote/16242.html,"Edraw Office Viewer Component 7.4 - ActiveX Stack Buffer Overflow",2011-02-25,"Alexander Gavrun",windows,remote,0 16243,platforms/hardware/remote/16243.py,"iphone folders 2.5 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0 16244,platforms/hardware/remote/16244.py,"iphone ifile 2.0 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0 @@ -14059,10 +14059,10 @@ id,file,description,date,author,platform,type,port 16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 - NULL Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 -16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 WordPress Plugin - LFI",2011-02-26,"AutoSec Tools",php,webapps,0 -16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N - CSRF",2011-02-26,"Khashayar Fereidani",hardware,webapps,0 +16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 +16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N - Cross-site Request Forgery",2011-02-26,"Khashayar Fereidani",hardware,webapps,0 16255,platforms/windows/dos/16255.pl,"Magic Music Editor - (.cda) Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 -16256,platforms/php/webapps/16256.txt,"DO-CMS - Multiple SQL Injection",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 +16256,platforms/php/webapps/16256.txt,"DO-CMS - Multiple SQL Injections",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 16257,platforms/php/webapps/16257.txt,"SnapProof - (page.php) SQL Injection",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 16259,platforms/windows/remote/16259.txt,"home ftp server 1.12 - Directory Traversal",2011-02-28,clshack,windows,remote,0 16260,platforms/windows/dos/16260.py,"Quick 'n Easy FTP Server 3.2 - Denial of Service",2011-02-28,clshack,windows,dos,0 @@ -14103,7 +14103,7 @@ id,file,description,date,author,platform,type,port 16301,platforms/multiple/remote/16301.rb,"Firefox - location.QueryInterface() Code Execution",2010-09-20,Metasploit,multiple,remote,0 16302,platforms/multiple/remote/16302.rb,"Signed Applet Social Engineering - Code Execuction",2011-01-08,Metasploit,multiple,remote,0 16303,platforms/multiple/remote/16303.rb,"Opera 9 - Configuration Overwrite",2010-07-27,Metasploit,multiple,remote,0 -16304,platforms/multiple/remote/16304.rb,"Opera historysearch - XSS",2010-11-11,Metasploit,multiple,remote,0 +16304,platforms/multiple/remote/16304.rb,"Opera historysearch - Cross-site Scripting",2010-11-11,Metasploit,multiple,remote,0 16305,platforms/multiple/remote/16305.rb,"Java - RMIConnectionImpl Deserialization Privilege Escalation Exploit",2010-09-27,Metasploit,multiple,remote,0 16306,platforms/windows/remote/16306.rb,"Mozilla Suite/Firefox InstallVersion->compareTo() - Code Execution",2010-09-20,Metasploit,windows,remote,0 16307,platforms/multiple/local/16307.rb,"PeaZip 2.6.1 - Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 @@ -14130,10 +14130,10 @@ id,file,description,date,author,platform,type,port 16328,platforms/solaris/remote/16328.rb,"Sun Solaris - Telnet Remote Authentication Bypass",2010-06-22,Metasploit,solaris,remote,0 16329,platforms/solaris/remote/16329.rb,"Samba - lsa_io_trans_names Heap Overflow (Solaris)",2010-04-05,Metasploit,solaris,remote,0 16330,platforms/solaris_sparc/remote/16330.rb,"Samba - trans2open Overflow (Solaris SPARC)",2010-06-21,Metasploit,solaris_sparc,remote,0 -16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service - Overflow",2010-06-22,Metasploit,windows,remote,0 +16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service - Overflow Exploit",2010-06-22,Metasploit,windows,remote,0 16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows - Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 16333,platforms/windows/remote/16333.rb,"Windows Media Services - ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 -16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow",2010-09-20,Metasploit,windows,remote,0 +16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow Exploit",2010-09-20,Metasploit,windows,remote,0 16335,platforms/windows/remote/16335.rb,"WinComLPD 3.0.2 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16336,platforms/windows/remote/16336.rb,"NIPrint LPD - Request Overflow",2010-12-25,Metasploit,windows,remote,0 16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 @@ -14163,14 +14163,14 @@ id,file,description,date,author,platform,type,port 16361,platforms/windows/remote/16361.rb,"Microsoft Windows - Print Spooler Service Impersonation (MS10-061)",2011-02-17,Metasploit,windows,remote,0 16362,platforms/windows/remote/16362.rb,"Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)",2011-01-21,Metasploit,windows,remote,0 16363,platforms/windows/remote/16363.rb,"Microsoft Windows - SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,Metasploit,windows,remote,0 -16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service - Overflow",2010-05-09,Metasploit,windows,remote,0 -16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service - Overflow",2010-08-30,Metasploit,windows,dos,0 +16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service - Overflow Exploit",2010-05-09,Metasploit,windows,remote,0 +16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service - Overflow Exploit",2010-08-30,Metasploit,windows,dos,0 16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow (SMB)",2010-09-28,Metasploit,windows,remote,0 16367,platforms/windows/remote/16367.rb,"Microsoft Server Service - NetpwPathCanonicalize Overflow",2011-02-17,Metasploit,windows,remote,0 16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow",2010-07-03,Metasploit,windows,remote,0 16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,Metasploit,windows,remote,0 16370,platforms/windows/remote/16370.rb,"Timbuktu 8.6.6 - PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service - Overflow",2010-07-03,Metasploit,windows,remote,0 +16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service - Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 16372,platforms/windows/remote/16372.rb,"Microsoft - Workstation Service NetpManageIPCConnect Overflow",2010-10-05,Metasploit,windows,remote,0 16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,Metasploit,windows,remote,0 16374,platforms/windows/remote/16374.rb,"Microsoft Windows - Authenticated User Code Execution",2010-12-02,Metasploit,windows,remote,0 @@ -14202,9 +14202,9 @@ id,file,description,date,author,platform,type,port 16400,platforms/windows/remote/16400.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 16401,platforms/windows/remote/16401.rb,"CA BrightStor ARCserve - Message Engine Heap Overflow",2010-04-30,Metasploit,windows,remote,0 16402,platforms/windows/remote/16402.rb,"CA BrightStor - HSM Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16403,platforms/windows/remote/16403.rb,"CA BrightStor Agent for Microsoft SQL - Overflow",2010-04-30,Metasploit,windows,remote,0 +16403,platforms/windows/remote/16403.rb,"CA BrightStor Agent for Microsoft SQL - Overflow Exploit",2010-04-30,Metasploit,windows,remote,0 16404,platforms/windows/remote/16404.rb,"Computer Associates ARCserve - REPORTREMOTEEXECUTECML Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16405,platforms/windows/remote/16405.rb,"CA BrightStor Universal Agent - Overflow",2010-06-22,Metasploit,windows,remote,0 +16405,platforms/windows/remote/16405.rb,"CA BrightStor Universal Agent - Overflow Exploit",2010-06-22,Metasploit,windows,remote,0 16406,platforms/windows/remote/16406.rb,"CA BrightStor Discovery Service - Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16407,platforms/windows/remote/16407.rb,"CA BrightStor ARCserve - Tape Engine Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16408,platforms/windows/remote/16408.rb,"CA BrightStor Discovery Service - TCP Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14416,7 +14416,7 @@ id,file,description,date,author,platform,type,port 16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,Metasploit,windows,local,0 16615,platforms/windows/local/16615.rb,"Microsoft DirectShow - (msvidctl.dll) MPEG-2 Memory Corruption",2010-04-30,Metasploit,windows,local,0 16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN - NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16617,platforms/windows/local/16617.rb,"VUPlayer - (.m3u) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 +16617,platforms/windows/local/16617.rb,"VUPlayer - '.m3u' Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 - PLF Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16619,platforms/windows/local/16619.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16620,platforms/windows/local/16620.rb,"Media Jukebox 8.0.400 - Buffer Overflow Exploit (SEH)",2011-01-08,Metasploit,windows,local,0 @@ -14548,7 +14548,7 @@ id,file,description,date,author,platform,type,port 16746,platforms/windows/remote/16746.rb,"SentinelLM - UDP Buffer Overflow",2010-05-09,Metasploit,windows,remote,5093 16747,platforms/windows/remote/16747.rb,"Microsoft Message Queueing Service - Path Overflow",2010-05-09,Metasploit,windows,remote,2103 16748,platforms/windows/remote/16748.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow (TCP)",2010-07-25,Metasploit,windows,remote,0 -16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface - Overflow",2011-01-11,Metasploit,windows,remote,0 +16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface - Overflow Exploit",2011-01-11,Metasploit,windows,remote,0 16750,platforms/windows/remote/16750.rb,"Microsoft Message Queueing Service - DNS Name Path Overflow",2010-07-25,Metasploit,windows,remote,0 16751,platforms/win_x86/remote/16751.rb,"SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow",2010-04-30,Metasploit,win_x86,remote,0 16752,platforms/windows/remote/16752.rb,"Apache module mod_rewrite - LDAP protocol Buffer Overflow",2010-02-15,Metasploit,windows,remote,80 @@ -14569,7 +14569,7 @@ id,file,description,date,author,platform,type,port 16767,platforms/windows/remote/16767.rb,"IA WebMail 3.x - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 16768,platforms/windows/remote/16768.rb,"Trend Micro OfficeScan - Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16769,platforms/windows/remote/16769.rb,"eDirectory 8.7.3 - iMonitor Remote Stack Buffer Overflow",2010-07-13,Metasploit,windows,remote,8008 -16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow",2010-10-04,Metasploit,windows,remote,0 +16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow Exploit",2010-10-04,Metasploit,windows,remote,0 16771,platforms/windows/remote/16771.rb,"EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow",2010-08-17,Metasploit,windows,remote,8080 16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server - Authentication Request Handling Buffer Overflow",2010-08-06,Metasploit,windows,remote,80 16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server - Host Header Overflow",2010-05-09,Metasploit,windows,remote,8028 @@ -14582,7 +14582,7 @@ id,file,description,date,author,platform,type,port 16780,platforms/cgi/webapps/16780.rb,"HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow",2010-11-11,Metasploit,cgi,webapps,0 16781,platforms/windows/remote/16781.rb,"MailEnable - Authorization Header Buffer Overflow",2010-07-07,Metasploit,windows,remote,0 16782,platforms/windows/remote/16782.rb,"Apache - (Win32) Chunked Encoding",2010-07-07,Metasploit,windows,remote,0 -16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot - Overflow",2010-09-20,Metasploit,win_x86,remote,0 +16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot - Overflow Exploit",2010-09-20,Metasploit,win_x86,remote,0 16784,platforms/multiple/remote/16784.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)",2010-11-22,Metasploit,multiple,remote,80 16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration - Buffer Overflow",2010-11-24,Metasploit,windows,remote,80 16786,platforms/windows/remote/16786.rb,"PeerCast 0.1216 - URL Handling Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,7144 @@ -14727,7 +14727,7 @@ id,file,description,date,author,platform,type,port 16928,platforms/linux/remote/16928.rb,"System V Derived /bin/login - Extraneous Arguments Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16929,platforms/aix/dos/16929.rb,"AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow",2010-11-11,Metasploit,aix,dos,0 16930,platforms/aix/remote/16930.rb,"ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)",2010-11-11,Metasploit,aix,remote,0 -16931,platforms/php/webapps/16931.html,"N-13 News 4.0 - CSRF (Add Admin)",2011-03-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 +16931,platforms/php/webapps/16931.html,"N-13 News 4.0 - Cross-site Request Forgery (Add Admin)",2011-03-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 16946,platforms/php/webapps/16946.txt,"RuubikCMS 1.0.3 - Multiple Vulnerabilities",2011-03-08,"Khashayar Fereidani",php,webapps,0 16933,platforms/php/webapps/16933.txt,"Quick Polls - Local File Inclusion and Deletion",2011-03-06,"Mark Stanislav",php,webapps,0 16934,platforms/php/webapps/16934.pl,"EggAvatar for vBulletin 3.8.x - SQL Injection",2011-03-06,DSecurity,php,webapps,0 @@ -14748,7 +14748,7 @@ id,file,description,date,author,platform,type,port 16950,platforms/php/webapps/16950.txt,"recordpress 0.3.1 - Multiple Vulnerabilities",2011-03-09,"Khashayar Fereidani",php,webapps,0 16951,platforms/bsd/local/16951.c,"FreeBSD 6.4 - Netgraph Local Privledge Escalation Exploit",2011-03-10,zx2c4,bsd,local,0 16952,platforms/linux/dos/16952.c,"Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS (2)",2011-03-10,zx2c4,linux,dos,0 -16953,platforms/asp/webapps/16953.txt,"Luch Web Designer - Multiple SQL Injection",2011-03-10,p0pc0rn,asp,webapps,0 +16953,platforms/asp/webapps/16953.txt,"Luch Web Designer - Multiple SQL Injections",2011-03-10,p0pc0rn,asp,webapps,0 16954,platforms/php/webapps/16954.txt,"Keynect Ecommerce - SQL Injection",2011-03-10,"Arturo Zamora",php,webapps,0 16955,platforms/asp/webapps/16955.txt,"SmarterMail 7.3 / 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow",2011-03-07,Metasploit,windows,remote,0 @@ -14769,7 +14769,7 @@ id,file,description,date,author,platform,type,port 16973,platforms/linux/dos/16973.c,"Linux 2.6.37-rc1 - serial_core TIOCGICOUNT Leak Exploit",2011-03-14,prdelka,linux,dos,0 16974,platforms/android/remote/16974.html,"Android 2.0 / 2.1 /2.1.1 - WebKit Use-After-Free Exploit",2011-03-14,"MJ Keith",android,remote,0 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 - Multiple XSS Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 -16976,platforms/windows/local/16976.pl,"ABBS Audio Media Player 3.0 - (.lst) Buffer Overflow Exploit (SEH)",2011-03-14,h1ch4m,windows,local,0 +16976,platforms/windows/local/16976.pl,"ABBS Audio Media Player 3.0 - '.lst' Buffer Overflow Exploit (SEH)",2011-03-14,h1ch4m,windows,local,0 16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - (.fcd) Buffer Overflow Exploit",2011-03-14,h1ch4m,windows,local,0 16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - Javascript File Write",2011-03-14,Metasploit,windows,local,0 16979,platforms/windows/dos/16979.html,"Opera 11.01 - NULL PTR Derefernce",2011-03-15,echo,windows,dos,0 @@ -14783,7 +14783,7 @@ id,file,description,date,author,platform,type,port 16989,platforms/php/webapps/16989.txt,"b2evolution 4.0.3 - Persistent XSS",2011-03-16,"AutoSec Tools",php,webapps,0 16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution Exploit",2011-03-16,Metasploit,multiple,remote,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 -16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injection",2011-03-17,"Aung Khant",php,webapps,0 +16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injections",2011-03-17,"Aung Khant",php,webapps,0 16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0 16995,platforms/php/webapps/16995.txt,"Joomla com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 16996,platforms/windows/dos/16996.rb,"Fake Webcam 6.1 - Local Crash PoC",2011-03-17,"Anastasios Monachos",windows,dos,0 @@ -14805,7 +14805,7 @@ id,file,description,date,author,platform,type,port 17014,platforms/php/webapps/17014.txt,"CMS Lokomedia 1.5 - Arbitrary File Upload",2011-03-21,eidelweiss,php,webapps,0 17015,platforms/asp/webapps/17015.txt,"Element-IT PowUpload 1.3 - File Arbitrary Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 17016,platforms/asp/webapps/17016.txt,"EAFlashUpload 2.5 - File Arbitrary Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 -17018,platforms/php/webapps/17018.txt,"Shimbi CMS - Multiple SQL Injection",2011-03-21,p0pc0rn,php,webapps,0 +17018,platforms/php/webapps/17018.txt,"Shimbi CMS - Multiple SQL Injections",2011-03-21,p0pc0rn,php,webapps,0 17019,platforms/windows/dos/17019.txt,"RealPlayer 14.0.1.633 - Heap Overflow",2011-03-21,"Luigi Auriemma",windows,dos,0 17020,platforms/netware/dos/17020.py,"Novell Netware - NWFTPD.NLM DELE Remote Code Execution",2011-03-21,"Francis Provencher",netware,dos,0 17021,platforms/windows/dos/17021.py,"SpoonFTP 1.2 - RETR Denial of Service",2011-03-21,"C4SS!0 G0M3S",windows,dos,0 @@ -14831,11 +14831,11 @@ id,file,description,date,author,platform,type,port 17042,platforms/windows/remote/17042.rb,"HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe ovutil Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 -17045,platforms/windows/dos/17045.py,"Avaya IP Office Manager 8.1 TFTP - DoS",2011-03-24,"Craig Freyman",windows,dos,69 +17045,platforms/windows/dos/17045.py,"Avaya IP Office Manager 8.1 TFTP - Denial of Service",2011-03-24,"Craig Freyman",windows,dos,69 17046,platforms/php/webapps/17046.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (2)",2011-03-24,"High-Tech Bridge SA",php,webapps,0 17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow",2011-03-25,Metasploit,windows,remote,0 17048,platforms/windows/remote/17048.rb,"VLC - AMV Dangling Pointer",2011-03-26,Metasploit,windows,remote,0 -17050,platforms/php/webapps/17050.txt,"Family Connections CMS 2.3.2 - (POST) Stored XSS And XML Injection",2011-03-26,LiquidWorm,php,webapps,0 +17050,platforms/php/webapps/17050.txt,"Family Connections CMS 2.3.2 - (POST) Persistent Cross-site Scripting And XML Injection",2011-03-26,LiquidWorm,php,webapps,0 17051,platforms/php/webapps/17051.txt,"SimplisCMS 1.0.3.0 - Multiple Vulnerabilities",2011-03-27,NassRawI,php,webapps,0 17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17054,platforms/php/webapps/17054.txt,"webedition CMS 6.1.0.2 - Multiple Vulnerabilities",2011-03-27,"AutoSec Tools",php,webapps,0 @@ -14867,20 +14867,20 @@ id,file,description,date,author,platform,type,port 17086,platforms/windows/local/17086.pl,"Word List Builder - Buffer Overflow Exploit (SEH)",2011-04-01,h1ch4m,windows,local,0 17087,platforms/windows/dos/17087.pl,"Real player 14.0.2.633 - Buffer overflow/DOS Exploit (0Day)",2011-04-01,^Xecuti0N3r,windows,dos,0 17089,platforms/windows/dos/17089.pl,"GOM Media Player 2.1.6.3499 - Buffer overflow/DOS Exploit (0Day)",2011-04-01,^Xecuti0N3r,windows,dos,0 -17091,platforms/php/webapps/17091.html,"Allomani E-Store 1.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 -17092,platforms/php/webapps/17092.html,"Allomani News 1.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 -17093,platforms/php/webapps/17093.html,"Allomani Movies Library 2.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 -17094,platforms/php/webapps/17094.html,"Allomani Web Links 1.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 -17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 -17096,platforms/php/webapps/17096.html,"Allomani Super Multimedia Library 2.5.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 +17091,platforms/php/webapps/17091.html,"Allomani E-Store 1.0 - Cross-site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 +17092,platforms/php/webapps/17092.html,"Allomani News 1.0 - Cross-site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 +17093,platforms/php/webapps/17093.html,"Allomani Movies Library 2.0 - Cross-site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 +17094,platforms/php/webapps/17094.html,"Allomani Web Links 1.0 - Cross-site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 +17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 - Cross-site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 +17096,platforms/php/webapps/17096.html,"Allomani Super Multimedia Library 2.5.0 - Cross-site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - SQL Injection",2011-04-05,LiquidWorm,php,webapps,0 17097,platforms/bsd/dos/17097.c,"IPComp - encapsulation Pre-Auth kernel memory corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0 -17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - XSS",2011-04-01,"High-Tech Bridge SA",php,webapps,0 -17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - CSRF",2011-04-01,"High-Tech Bridge SA",php,webapps,0 -17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - news.php (id) SQL Injection news.php (id)",2011-04-02,"Easy Laster",php,webapps,0 +17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - Cross-site Scripting",2011-04-01,"High-Tech Bridge SA",php,webapps,0 +17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - Cross-site Request Forgery",2011-04-01,"High-Tech Bridge SA",php,webapps,0 +17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - news.php 'id' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 17101,platforms/php/webapps/17101.txt,"ilchClan 1.0.5 - (regist.php) SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 -17102,platforms/php/webapps/17102.txt,"Anzeigenmarkt 2011 - (index.php) SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 -17103,platforms/php/webapps/17103.txt,"Advanced Image Hosting 2.2 - (index.php) SQL Injection",2011-04-03,keracker,php,webapps,0 +17102,platforms/php/webapps/17102.txt,"Anzeigenmarkt 2011 - 'index.php' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 +17103,platforms/php/webapps/17103.txt,"Advanced Image Hosting 2.2 - 'index.php' SQL Injection",2011-04-03,keracker,php,webapps,0 17104,platforms/windows/remote/17104.txt,"RealNetworks RealGames StubbyUtil.ShellCtl.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 17105,platforms/windows/remote/17105.txt,"RealNetworks RealGames StubbyUtil.ProcessMgr.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 17106,platforms/php/webapps/17106.txt,"Rash CMS - SQL Injection",2011-04-03,keracker,php,webapps,0 @@ -14888,16 +14888,16 @@ id,file,description,date,author,platform,type,port 17108,platforms/php/webapps/17108.txt,"OpenCart 1.4.9 - Multiple Local File Inclusion",2011-04-03,KedAns-Dz,php,webapps,0 17432,platforms/sh4/shellcode/17432.c,"Linux/SuperH (sh4) - setuid(0) / chmod(_/etc/shadow__ 0666) / exit(0) Shellcode (43 bytes)",2011-06-22,"Jonathan Salwan",sh4,shellcode,0 17431,platforms/php/webapps/17431.txt,"Same Team E-shop manager - SQL Injection",2011-06-22,"Number 7",php,webapps,0 -17110,platforms/php/webapps/17110.txt,"DoceboLms 4.0.4 - Multiple Stored XSS Vulnerabilities",2011-04-04,LiquidWorm,php,webapps,0 -17111,platforms/multiple/webapps/17111.txt,"Yaws-Wiki 1.88-1 (Erlang) - Stored / Reflective XSS",2011-04-04,"Michael Brooks",multiple,webapps,0 -17112,platforms/hardware/webapps/17112.txt,"Encore ENPS-2012 - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 -17113,platforms/hardware/webapps/17113.txt,"TP-Link TL-PS110U / TL-PS110P - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 -17114,platforms/hardware/webapps/17114.txt,"Planex Mini-300PU & Mini100s - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 -17115,platforms/hardware/webapps/17115.txt,"ZO Tech Multiple Print Servers - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 -17116,platforms/hardware/webapps/17116.txt,"Longshine Multiple Print Servers - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 -17117,platforms/hardware/webapps/17117.txt,"Planet FPS-1101 - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 +17110,platforms/php/webapps/17110.txt,"DoceboLms 4.0.4 - Multiple Persistent Cross-site Scripting Vulnerabilities",2011-04-04,LiquidWorm,php,webapps,0 +17111,platforms/multiple/webapps/17111.txt,"Yaws-Wiki 1.88-1 (Erlang) - Persistent / Reflective XSS",2011-04-04,"Michael Brooks",multiple,webapps,0 +17112,platforms/hardware/webapps/17112.txt,"Encore ENPS-2012 - Cross-site Scripting",2011-04-04,b0telh0,hardware,webapps,0 +17113,platforms/hardware/webapps/17113.txt,"TP-Link TL-PS110U / TL-PS110P - Cross-site Scripting",2011-04-04,b0telh0,hardware,webapps,0 +17114,platforms/hardware/webapps/17114.txt,"Planex Mini-300PU & Mini100s - Cross-site Scripting",2011-04-04,b0telh0,hardware,webapps,0 +17115,platforms/hardware/webapps/17115.txt,"ZO Tech Multiple Print Servers - Cross-site Scripting",2011-04-04,b0telh0,hardware,webapps,0 +17116,platforms/hardware/webapps/17116.txt,"Longshine Multiple Print Servers - Cross-site Scripting",2011-04-04,b0telh0,hardware,webapps,0 +17117,platforms/hardware/webapps/17117.txt,"Planet FPS-1101 - Cross-site Scripting",2011-04-04,b0telh0,hardware,webapps,0 17118,platforms/php/webapps/17118.txt,"OpenEMR 4.0.0 - Multiple Vulnerabilities",2011-04-05,"AutoSec Tools",php,webapps,0 -17119,platforms/php/webapps/17119.txt,"WordPress Plugin Custom Pages 0.5.0.1 - LFI",2011-04-05,"AutoSec Tools",php,webapps,0 +17119,platforms/php/webapps/17119.txt,"WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion",2011-04-05,"AutoSec Tools",php,webapps,0 17120,platforms/multiple/dos/17120.c,"GNU glibc < 2.12.2 - 'fnmatch()' Function Stack Corruption",2011-02-25,"Simon Berry-Byrne",multiple,dos,0 17181,platforms/linux/remote/17181.pl,"FiSH-irssi 0.99 - Evil ircd Buffer Overflow",2011-04-17,"Caleb James DeLisle",linux,remote,0 17124,platforms/windows/local/17124.pl,"MPlayer (r33064 Lite) - Buffer Overflow + ROP Exploit",2011-04-06,Nate_M,windows,local,0 @@ -14905,14 +14905,14 @@ id,file,description,date,author,platform,type,port 17126,platforms/php/webapps/17126.html,"Graugon Forum 1.3 - SQL Injection",2011-04-06,"AutoSec Tools",php,webapps,0 17127,platforms/php/webapps/17127.txt,"eyeos 2.3 - Multiple Vulnerabilities",2011-04-06,"AutoSec Tools",php,webapps,0 17128,platforms/php/webapps/17128.txt,"greenpants 0.1.7 - Multiple Vulnerabilities",2011-04-06,"Ptrace Security",php,webapps,0 -17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b - LFI",2011-04-07,Osirys,php,webapps,0 +17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b - Local File Inclusion",2011-04-07,Osirys,php,webapps,0 17196,platforms/windows/local/17196.html,"Gesytec ElonFmt ActiveX 1.1.14 - (ElonFmt.ocx) pid Item Buffer Overflow (SEH)",2011-04-21,LiquidWorm,windows,local,0 17132,platforms/php/webapps/17132.py,"Joomla! com_virtuemart 1.1.7 - Blind SQL Injection",2011-04-08,"TecR0c and mr_me",php,webapps,0 17133,platforms/windows/dos/17133.c,"Microsoft Windows XP - afd.sys Local Kernel Denial of Service",2011-04-08,"Lufeng Li",windows,dos,0 17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17135,platforms/php/webapps/17135.txt,"viscacha 0.8.1 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17136,platforms/php/webapps/17136.txt,"Joomla JCE Component (com_jce) - Blind SQL Injection",2011-04-09,eidelweiss,php,webapps,0 -17137,platforms/php/webapps/17137.txt,"Nooms CMS 1.1.1 - CSRF",2011-04-09,loneferret,php,webapps,0 +17137,platforms/php/webapps/17137.txt,"Nooms CMS 1.1.1 - Cross-site Request Forgery",2011-04-09,loneferret,php,webapps,0 17178,platforms/php/webapps/17178.txt,"Blue Hat - Sensitive Database Disclosure / SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0 17179,platforms/php/webapps/17179.txt,"Bedder CMS - Blind SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0 17180,platforms/php/webapps/17180.txt,"Shape Web Solutions CMS - SQL Injection",2011-04-16,"Ashiyane Digital Security Team",php,webapps,0 @@ -14920,7 +14920,7 @@ id,file,description,date,author,platform,type,port 17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vbulletin plugin - SQL Injection",2011-04-10,Net.Edit0r,php,webapps,0 17142,platforms/windows/dos/17142.py,"IrfanView 4.28 - ICO With Transparent Colour DoS & RDoS",2011-04-10,BraniX,windows,dos,0 17143,platforms/windows/dos/17143.py,"IrfanView 4.28 - ICO Without Transparent Colour DoS & RDoS",2011-04-10,BraniX,windows,dos,0 -17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - (.zip) Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 +17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - '.zip' Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 17146,platforms/php/webapps/17146.txt,"K-Links - Link Directory Script SQL Injection",2011-04-11,R3d-D3V!L,php,webapps,0 17147,platforms/linux/local/17147.txt,"tmux 1.3/1.4 - '-S' Option Incorrect SetGID Privilege Escalation",2011-04-11,ph0x90bic,linux,local,0 17148,platforms/multiple/remote/17148.rb,"Zend Server Java Bridge - Arbitrary Java Code Execution",2011-04-05,Metasploit,multiple,remote,10001 @@ -14933,7 +14933,7 @@ id,file,description,date,author,platform,type,port 17156,platforms/windows/remote/17156.txt,"OpenText FirstClass Client 11.005 - Code Execution",2011-04-12,"Kyle Ossinger",windows,remote,0 17157,platforms/windows/local/17157.py,"Wordtrainer 3.0 - (.ord) Buffer Overflow",2011-04-12,"C4SS!0 G0M3S",windows,local,0 17158,platforms/windows/local/17158.txt,"Microsoft HTML Help 6.1 - Stack Overflow",2011-04-12,"Luigi Auriemma",windows,local,0 -17159,platforms/windows/dos/17159.txt,"Microsoft Host Integration Server 8.5.4224.0 - DoS",2011-04-12,"Luigi Auriemma",windows,dos,0 +17159,platforms/windows/dos/17159.txt,"Microsoft Host Integration Server 8.5.4224.0 - Denial of Service",2011-04-12,"Luigi Auriemma",windows,dos,0 17160,platforms/windows/dos/17160.txt,"Microsoft Reader 2.1.1.3143 - Integer Overflow (1)",2011-04-12,"Luigi Auriemma",windows,dos,0 17161,platforms/windows/dos/17161.txt,"Microsoft Reader 2.1.1.3143 - Heap Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 17162,platforms/windows/dos/17162.txt,"Microsoft Reader 2.1.1.3143 - Integer Overflow (2)",2011-04-12,"Luigi Auriemma",windows,dos,0 @@ -14945,7 +14945,7 @@ id,file,description,date,author,platform,type,port 17170,platforms/php/webapps/17170.txt,"EZ-Shop 1.02 - Lateral SQL Injection",2011-04-14,Osirys,php,webapps,0 17171,platforms/windows/local/17171.pl,"SimplyPlay 66 - (.pls) Buffer Overflow",2011-04-14,"C4SS!0 G0M3S",windows,local,0 17172,platforms/php/webapps/17172.txt,"cPassMan 1.82 - Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0 -17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script - Cross-Site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 +17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script - Cross-site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion/Edit",2011-04-15,bitform,multiple,webapps,0 17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 - SWF Memory Corruption",2011-04-16,Metasploit,windows,remote,0 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS - Shell Upload",2011-04-16,Alexander,asp,webapps,0 @@ -14955,7 +14955,7 @@ id,file,description,date,author,platform,type,port 17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP+ASLR bypass)",2011-04-19,Abysssec,windows,remote,0 17185,platforms/windows/local/17185.py,"Wireshark 1.4.1-1.4.4 - SEH Overflow Exploit",2011-04-18,sickness,windows,local,0 17186,platforms/windows/local/17186.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1)",2011-04-19,Metasploit,windows,local,0 -17197,platforms/php/webapps/17197.txt,"First Escort Marketing CMS - Multiple SQL Injection Vunerabilities",2011-04-22,NoNameMT,php,webapps,0 +17197,platforms/php/webapps/17197.txt,"First Escort Marketing CMS - Multiple SQL Injections Vunerabilities",2011-04-22,NoNameMT,php,webapps,0 17198,platforms/php/webapps/17198.txt,"360 Web Manager 3.0 - Multiple Vulnerabilities",2011-04-22,"Ignacio Garrido",php,webapps,0 17190,platforms/php/webapps/17190.txt,"dalbum 1.43 - Multiple Vulnerabilities",2011-04-19,"High-Tech Bridge SA",php,webapps,0 17191,platforms/php/webapps/17191.txt,"Ultimate eShop - Error Based SQL Injection",2011-04-20,Romka,php,webapps,0 @@ -14970,23 +14970,23 @@ id,file,description,date,author,platform,type,port 17203,platforms/php/webapps/17203.txt,"Web2Project 2.3 - SQL Injection",2011-04-22,"AutoSec Tools",php,webapps,0 17204,platforms/php/webapps/17204.txt,"DynMedia Pro Web CMS 4.0 - Local File Disclosure",2011-04-22,Mbah_Semar,php,webapps,0 17205,platforms/php/webapps/17205.txt,"4Images 1.7.9 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 -17206,platforms/php/webapps/17206.txt,"Realmarketing CMS - Multiple SQL Injection",2011-04-22,^Xecuti0N3r,php,webapps,0 +17206,platforms/php/webapps/17206.txt,"Realmarketing CMS - Multiple SQL Injections",2011-04-22,^Xecuti0N3r,php,webapps,0 17207,platforms/php/webapps/17207.txt,"WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 17211,platforms/php/webapps/17211.txt,"mySeatXT 0.1781 - SQL Injection",2011-04-25,"AutoSec Tools",php,webapps,0 17212,platforms/php/webapps/17212.txt,"OrangeHRM 2.6.3 - (PluginController.php) Local File Inclusion",2011-04-25,"AutoSec Tools",php,webapps,0 17213,platforms/php/webapps/17213.txt,"phpmychat plus 1.93 - Multiple Vulnerabilities",2011-04-25,"AutoSec Tools",php,webapps,0 17214,platforms/php/webapps/17214.php,"WordPress SermonBrowser Plugin 0.43 - SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 17215,platforms/hardware/webapps/17215.txt,"Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities",2011-04-26,"Yakir Wizman",hardware,webapps,0 -17216,platforms/php/webapps/17216.txt,"Quick.CMS 3.0 - CSRF",2011-04-26,^Xecuti0N3r,php,webapps,0 +17216,platforms/php/webapps/17216.txt,"Quick.CMS 3.0 - Cross-site Request Forgery",2011-04-26,^Xecuti0N3r,php,webapps,0 17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 - SEH Unicode Buffer Overflow Exploit",2011-04-27,"Brandon Murphy",windows,local,0 17218,platforms/php/webapps/17218.txt,"Symphony CMS 2.1.2 - Blind SQL Injection",2011-04-27,Wireghoul,php,webapps,0 17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server - Directory Traversal Remote Code Execution",2011-04-27,Metasploit,windows,remote,18821 -17220,platforms/php/webapps/17220.txt,"eyeos 1.9.0.2 - Stored XSS using image files",2011-04-28,"Alberto Ortega",php,webapps,0 +17220,platforms/php/webapps/17220.txt,"eyeos 1.9.0.2 - Persistent Cross-site Scripting using image files",2011-04-28,"Alberto Ortega",php,webapps,0 17221,platforms/php/webapps/17221.txt,"kusaba x 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 17222,platforms/linux/dos/17222.c,"libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow PoC",2011-04-28,epiphant,linux,dos,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 17224,platforms/osx/shellcode/17224.s,"OS-X/Intel (x86_64) - reverse_tcp shell shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 -17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - (.m3u) SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 +17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 17226,platforms/php/webapps/17226.txt,"phpGraphy 0.9.13b - Multiple Vulnerabilities",2011-04-29,"High-Tech Bridge SA",php,webapps,0 17227,platforms/windows/dos/17227.py,"Microsoft Office Excel - Axis Properties Record Parsing Buffer Overflow PoC",2011-04-29,webDEViL,windows,dos,0 17228,platforms/asp/webapps/17228.txt,"SOOP Portal Raven 1.0b - SQL Injection",2011-04-29,Evil-Thinker,asp,webapps,0 @@ -15001,17 +15001,17 @@ id,file,description,date,author,platform,type,port 17235,platforms/php/webapps/17235.html,"Exponent CMS 2.0 Beta 1.1 - CSRF Add Administrator Account PoC",2011-05-02,outlaw.dll,php,webapps,0 17236,platforms/php/webapps/17236.txt,"Travel411 - SQL Injection",2011-05-02,Caddy-Dz,php,webapps,0 17237,platforms/php/webapps/17237.txt,"Horizon Web Builder - (fshow.php) SQL Injection",2011-05-03,"Iolo Morganwg",php,webapps,0 -17238,platforms/php/webapps/17238.html,"Front Accounting 2.3.4 - CSRF",2011-05-03,"AutoSec Tools",php,webapps,0 +17238,platforms/php/webapps/17238.html,"Front Accounting 2.3.4 - Cross-site Request Forgery",2011-05-03,"AutoSec Tools",php,webapps,0 17239,platforms/php/webapps/17239.txt,"Time and Expense Management System - Multiple Vulnerabilities",2011-05-03,"AutoSec Tools",php,webapps,0 17240,platforms/windows/remote/17240.html,"ICONICS WebHMI - ActiveX Stack Overflow",2011-05-03,"sgb and bls",windows,remote,0 17244,platforms/hardware/remote/17244.txt,"ZyWALL USG - Appliance - Multiple Vulnerabilities",2011-05-04,"RedTeam Pentesting",hardware,remote,0 17242,platforms/asp/webapps/17242.txt,"Sothink DHTML Menu - SQL Injection",2011-05-04,Caddy-Dz,asp,webapps,0 17248,platforms/php/webapps/17248.txt,"PHPDug 2.0.0 - Multiple Vulnerabilities",2011-05-06,"High-Tech Bridge SA",php,webapps,0 17250,platforms/php/webapps/17250.txt,"phpThumb - 'phpThumbDebug' Information Disclosure",2011-05-06,mook,php,webapps,0 -17251,platforms/php/webapps/17251.html,"VCalendar 1.1.5 - CSRF",2011-05-06,"High-Tech Bridge SA",php,webapps,0 +17251,platforms/php/webapps/17251.html,"VCalendar 1.1.5 - Cross-site Request Forgery",2011-05-06,"High-Tech Bridge SA",php,webapps,0 17252,platforms/windows/remote/17252.rb,"VideoLAN VLC - ModPlug ReadS3M Stack Buffer Overflow",2011-04-08,Metasploit,windows,remote,0 17259,platforms/cgi/webapps/17259.txt,"f-fileman 7.0 - Directory Traversal",2011-05-07,"Raffaele Forte",cgi,webapps,0 -17264,platforms/php/webapps/17264.txt,"Joomla Component com_versioning - SQLi",2011-05-09,the_cyber_nuxbie,php,webapps,0 +17264,platforms/php/webapps/17264.txt,"Joomla Component com_versioning - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0 17265,platforms/php/webapps/17265.txt,"Joomla Component com_hello - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0 17266,platforms/windows/dos/17266.txt,"serva32 1.2.00 rc1 - Multiple Vulnerabilities",2011-05-10,"AutoSec Tools",windows,dos,0 17267,platforms/php/webapps/17267.txt,"Traidnt UP 2.0 - (view.php) SQL Injection",2011-05-10,ScOrPiOn,php,webapps,0 @@ -15019,7 +15019,7 @@ id,file,description,date,author,platform,type,port 17269,platforms/windows/remote/17269.rb,"ICONICS WebHMI - ActiveX Buffer Overflow",2011-05-10,Metasploit,windows,remote,0 17270,platforms/windows/local/17270.pl,"Chasys Media Player 2.0 - Buffer Overflow Exploit (SEH)",2011-05-11,h1ch4m,windows,local,0 17277,platforms/windows/local/17277.pl,"A-PDF Wav to MP3 Converter 1.2.0 - DEP Bypass",2011-05-13,h1ch4m,windows,local,0 -17278,platforms/windows/dos/17278.pl,"Adobe Audition 3.0 - (build 7283) Session File Handling Buffer Overflow PoC",2011-05-13,LiquidWorm,windows,dos,0 +17278,platforms/windows/dos/17278.pl,"Adobe Audition 3.0 build 7283 - Session File Handling Buffer Overflow PoC",2011-05-13,LiquidWorm,windows,dos,0 17273,platforms/windows/dos/17273.c,"Symantec Backup Exec System Recovery 8.5 - Kernel Pointers Dereferences (0Day)",2011-05-12,"Stefan LE BERRE",windows,dos,0 17274,platforms/windows/dos/17274.txt,"SlimPDF Reader - PoC",2011-05-12,"Nicolas Krassas",windows,dos,0 17275,platforms/windows/local/17275.pl,"A-PDF All to MP3 Converter 2.0.0 - DEP Bypass",2011-05-12,h1ch4m,windows,local,0 @@ -15035,13 +15035,13 @@ id,file,description,date,author,platform,type,port 17292,platforms/php/webapps/17292.txt,"Media In Spot CMS - Local File Inclusion",2011-05-16,"wlhaan haker",php,webapps,0 17293,platforms/php/webapps/17293.txt,"Media In Spot CMS - SQL Injection",2011-05-16,"Iolo Morganwg",php,webapps,0 17294,platforms/windows/local/17294.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow",2011-05-16,sinfulsecurity,windows,local,0 -17295,platforms/php/webapps/17295.txt,"Vanilla Forum 2.0.17.9 - LFI",2011-05-16,"AutoSec Tools",php,webapps,0 +17295,platforms/php/webapps/17295.txt,"Vanilla Forum 2.0.17.9 - Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 -17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - LFI",2011-05-16,"AutoSec Tools",php,webapps,0 -17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - DoS",2011-05-16,nSense,netware,dos,0 +17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0 +17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - Denial of Service",2011-05-16,nSense,netware,dos,0 17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,Metasploit,windows,remote,0 -17302,platforms/windows/local/17302.py,"Sonique 1.96 - (.m3u) Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 +17302,platforms/windows/local/17302.py,"Sonique 1.96 - '.m3u' Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0 17303,platforms/php/webapps/17303.txt,"Joomla 1.0 Component jDownloads - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0 17304,platforms/windows/remote/17304.txt,"Cisco Unified Operations Manager - Multiple Vulnerabilities",2011-05-18,"Sense of Security",windows,remote,0 @@ -15053,9 +15053,9 @@ id,file,description,date,author,platform,type,port 17311,platforms/php/webapps/17311.txt,"E-Manage MySchool 7.02 - SQL Injection",2011-05-21,az7rb,php,webapps,0 17312,platforms/php/webapps/17312.txt,"tugux CMS 1.2 - Multiple Vulnerabilities",2011-05-22,LiquidWorm,php,webapps,0 17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow",2011-05-22,Metasploit,windows,local,0 -17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x 4.1.2 - (search.php) SQL Injection",2011-05-23,D4rkB1t,php,webapps,0 +17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x 4.1.2 - 'search.php' SQL Injection",2011-05-23,D4rkB1t,php,webapps,0 17316,platforms/php/webapps/17316.txt,"PHPortfolio - SQL Injection",2011-05-23,lionaneesh,php,webapps,0 -17320,platforms/php/webapps/17320.txt,"i-doIT 0.9.9-4 - LFI",2011-05-25,"AutoSec Tools",php,webapps,0 +17320,platforms/php/webapps/17320.txt,"i-doIT 0.9.9-4 - Local File Inclusion",2011-05-25,"AutoSec Tools",php,webapps,0 17321,platforms/php/webapps/17321.txt,"ExtCalendar 2.0b2 - (cal_search.php) SQL Injection",2011-05-25,"High-Tech Bridge SA",php,webapps,0 17322,platforms/php/webapps/17322.txt,"egroupware 1.8.001.20110421 - Multiple Vulnerabilities",2011-05-25,"AutoSec Tools",php,webapps,0 20195,platforms/lin_x86/shellcode/20195.c,"Linux/x86 - ASLR deactivation shellcode (83 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 @@ -15065,7 +15065,7 @@ id,file,description,date,author,platform,type,port 17327,platforms/php/webapps/17327.txt,"HB Ecommerce - SQL Injection",2011-05-27,takeshix,php,webapps,0 17328,platforms/windows/remote/17328.html,"Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute",2011-05-27,boahat,windows,remote,0 17329,platforms/windows/local/17329.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter) (Metasploit)",2011-05-27,"Alexey Sintsov",windows,local,0 -17330,platforms/php/webapps/17330.html,"cPanel < 11.25 - CSRF Add User php Script",2011-05-27,ninjashell,php,webapps,0 +17330,platforms/php/webapps/17330.html,"cPanel < 11.25 - CSRF (Add User php Script)",2011-05-27,ninjashell,php,webapps,0 17335,platforms/php/webapps/17335.txt,"Duhok Forum 1.1 - SQL Injection",2011-05-28,M.Jock3R,php,webapps,0 17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro 3.0 - Blind SQL Injection",2011-05-28,v3n0m,php,webapps,0 17345,platforms/windows/remote/17345.py,"HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)",2011-05-29,fdiskyou,windows,remote,0 @@ -15073,15 +15073,15 @@ id,file,description,date,author,platform,type,port 17339,platforms/windows/remote/17339.py,"HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)",2011-05-28,fdiskyou,windows,remote,0 17341,platforms/php/webapps/17341.txt,"Joomla Component com_joomnik - SQL Injection",2011-05-29,SOLVER,php,webapps,0 17343,platforms/php/webapps/17343.txt,"Puzzle Apps CMS 3.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 -17344,platforms/php/webapps/17344.txt,"Invisionix Roaming System Remote metasys 0.2 - LFI",2011-05-29,"Treasure Priyamal",php,webapps,0 +17344,platforms/php/webapps/17344.txt,"Invisionix Roaming System Remote metasys 0.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 17346,platforms/php/webapps/17346.php,"w-Agora Forum 4.2.1 - Arbitrary File Upload Exploit",2011-05-30,"Treasure Priyamal",php,webapps,0 17347,platforms/php/webapps/17347.php,"Easy Media Script - SQL Injection",2011-05-30,Lagripe-Dz,php,webapps,0 17349,platforms/hardware/webapps/17349.txt,"Belkin G Wireless Router F5D7234-4 v5 - Exploit",2011-05-30,Aodrulez,hardware,webapps,0 -17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 - Multiple SQL Injection",2011-05-30,v3n0m,php,webapps,0 +17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 - Multiple SQL Injections",2011-05-30,v3n0m,php,webapps,0 17351,platforms/hardware/dos/17351.py,"iPhone4 FTP Server 1.0 - Empty CWD-RETR Remote Crash",2011-05-31,offsetIntruder,hardware,dos,0 17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,Metasploit,windows,remote,0 17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW - series auth bypass printer flooder",2011-05-31,chrisB,hardware,dos,0 -17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication BoF",2011-06-01,b33f,windows,remote,0 +17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow",2011-06-01,b33f,windows,remote,0 17355,platforms/windows/remote/17355.rb,"Golden FTP 4.70 - PASS Stack Buffer Overflow",2011-06-02,Metasploit,windows,remote,21 17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 1450 - Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0 18716,platforms/windows/dos/18716.txt,"BulletProof FTP Client 2010 - Buffer Overflow",2012-04-08,Vulnerability-Lab,windows,dos,0 @@ -15089,7 +15089,7 @@ id,file,description,date,author,platform,type,port 17360,platforms/windows/webapps/17360.txt,"WebSVN 2.3.2 - Unproper Metacharacters Escaping exec() Remote Command Injection",2011-06-04,rgod,windows,webapps,0 17361,platforms/windows/remote/17361.py,"Xitami Web Server 2.5b4 - Remote Buffer Overflow (Egghunter)",2011-06-04,"Glafkos Charalambous ",windows,remote,0 17362,platforms/windows/local/17362.cpp,"OpenDrive 1.3.141 - Local Password Disclosure",2011-06-04,"Glafkos Charalambous ",windows,local,0 -17363,platforms/windows/dos/17363.pl,"1ClickUnzip 3.00 - (.zip) Heap Overflow",2011-06-06,"C4SS!0 G0M3S",windows,dos,0 +17363,platforms/windows/dos/17363.pl,"1ClickUnzip 3.00 - '.zip' Heap Overflow",2011-06-06,"C4SS!0 G0M3S",windows,dos,0 17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 17365,platforms/windows/remote/17365.py,"IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit",2011-06-07,"Jeremy Brown",windows,remote,0 17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client - ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 @@ -15102,7 +15102,7 @@ id,file,description,date,author,platform,type,port 17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone Web Interface - Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Remote Arbitrary File Deletion Exploit",2011-06-10,LiquidWorm,php,webapps,0 -17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l param) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 +17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l parameter) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 17380,platforms/php/webapps/17380.txt,"Angora Guestbook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 17381,platforms/windows/remote/17381.txt,"simple web-server 1.2 - Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server - Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 @@ -15125,7 +15125,7 @@ id,file,description,date,author,platform,type,port 17401,platforms/windows/dos/17401.txt,"Microsoft HyperV - Persistent DoS",2011-06-14,"Core Security",windows,dos,0 17402,platforms/php/webapps/17402.txt,"AMHSHOP 3.7.0 - SQL Injection",2011-06-15,"Yassin Aboukir",php,webapps,0 17403,platforms/php/webapps/17403.txt,"Free Simple CMS 1.0 - Multiple Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 -17404,platforms/multiple/webapps/17404.txt,"IBM WebSphere Application Server 7.0.0.13 - CSRF",2011-06-15,"Core Security",multiple,webapps,0 +17404,platforms/multiple/webapps/17404.txt,"IBM WebSphere Application Server 7.0.0.13 - Cross-site Request Forgery",2011-06-15,"Core Security",multiple,webapps,0 17405,platforms/windows/dos/17405.txt,"Adobe Reader/Acrobat 10.0.1 - Denial of Service",2011-06-16,"Soroush Dalili",windows,dos,0 17406,platforms/php/webapps/17406.txt,"Catalog Builder - Ecommerce Software - Blind SQL Injection",2011-06-16,takeshix,php,webapps,0 17408,platforms/php/webapps/17408.txt,"WeBid 1.0.2 - persistent XSS via SQL Injection",2011-06-17,Saif,php,webapps,0 @@ -15134,7 +15134,7 @@ id,file,description,date,author,platform,type,port 17411,platforms/php/webapps/17411.txt,"A Cool Debate 1.0.3 Component Joomla - Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0 17412,platforms/php/webapps/17412.txt,"Joomla Component (com_team) - SQL Injection",2011-06-19,CoBRa_21,php,webapps,0 17413,platforms/php/webapps/17413.txt,"Burning Board 3.1.5 - Full Path Disclosure",2011-06-19,linc0ln.dll,php,webapps,0 -17414,platforms/php/webapps/17414.txt,"Joomla Component Calc Builder - (id) Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 +17414,platforms/php/webapps/17414.txt,"Joomla Component Calc Builder - 'id' Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK - insecure method DownloadImageFileURL() Exploit (Metasploit)",2011-06-20,mr_me,windows,remote,0 17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution Exploit",2011-06-20,mr_me,windows,remote,0 17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 - On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,Metasploit,windows,remote,0 @@ -15165,14 +15165,14 @@ id,file,description,date,author,platform,type,port 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,Metasploit,windows,remote,0 17451,platforms/windows/local/17451.rb,"Microsoft Office Visio - VISIODWG.DLL DXF File Handling",2011-06-26,Metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"JoomlaXi - Persistent XSS",2011-06-26,"Karthik R",php,webapps,0 -17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - XSS",2011-06-26,TheUzuki.',php,webapps,0 +17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - Cross-site Scripting",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0 17458,platforms/windows/dos/17458.txt,"HP Data Protector 6.20 - Multiple Vulnerabilities",2011-06-29,"Core Security",windows,dos,0 17459,platforms/windows/local/17459.txt,"Valve Steam Client Application 1559/1559 - Local Privilege Escalation",2011-06-29,LiquidWorm,windows,local,0 17460,platforms/windows/remote/17460.pl,"Kaillera - Multiple Clients Buffer Overflow Vulnerabilities",2011-06-30,Sil3nt_Dre4m,windows,remote,0 17461,platforms/windows/dos/17461.txt,"HP Data Protector 6.20 - EXEC_CMD Buffer Overflow",2011-06-30,"Core Security",windows,dos,0 17462,platforms/freebsd/remote/17462.txt,"FreeBSD OpenSSH 3.5p1 - Remote Root Exploit",2011-06-30,kingcope,freebsd,remote,0 -17463,platforms/linux/dos/17463.pl,"Rhythmbox - (.m3u) Local Crash PoC",2011-06-30,Caddy-Dz,linux,dos,0 +17463,platforms/linux/dos/17463.pl,"Rhythmbox - '.m3u' Local Crash PoC",2011-06-30,Caddy-Dz,linux,dos,0 17464,platforms/php/webapps/17464.txt,"Joomla mdigg Component - SQL Injection",2011-07-01,"Caddy Dz",php,webapps,0 17465,platforms/php/webapps/17465.txt,"WordPress 3.1.3 - SQL Injection",2011-07-01,"SEC Consult",php,webapps,0 17466,platforms/php/webapps/17466.txt,"Ollance Member Login Script - Multiple Vulnerabilities",2011-07-01,"$#4d0\/\/[r007k17]",php,webapps,0 @@ -15184,7 +15184,7 @@ id,file,description,date,author,platform,type,port 17474,platforms/windows/local/17474.txt,"Microsoft Office 2010 - RTF Header Stack Overflow Exploit",2011-07-03,Snake,windows,local,0 17475,platforms/asp/webapps/17475.txt,"DmxReady News Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server 7.0 - Stack Exhaustion DoS (MS09-053) (Metasploit)",2011-07-03,"Myo Soe",windows,dos,0 -17477,platforms/php/webapps/17477.txt,"phpDealerLocator - Multiple SQL Injection",2011-07-03,"Robert Cooper",php,webapps,0 +17477,platforms/php/webapps/17477.txt,"phpDealerLocator - Multiple SQL Injections",2011-07-03,"Robert Cooper",php,webapps,0 17478,platforms/asp/webapps/17478.txt,"DMXReady Registration Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 17479,platforms/asp/webapps/17479.txt,"DmxReady Contact Us Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 17480,platforms/asp/webapps/17480.txt,"DmxReady Faqs Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 @@ -15201,7 +15201,7 @@ id,file,description,date,author,platform,type,port 17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow (Metasploit)",2011-07-05,"James Fitts",windows,local,0 17491,platforms/unix/remote/17491.rb,"VSFTPD 2.3.4 - Backdoor Command Execution",2011-07-05,Metasploit,unix,remote,0 17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection",2011-07-05,Bellatrix,asp,webapps,0 -17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - (.zip) Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 +17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - '.zip' Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17495,platforms/php/webapps/17495.txt,"BbZL.PhP - File Inclusion Exploit",2011-07-06,"Number 7",php,webapps,0 17496,platforms/php/webapps/17496.txt,"Joomla 1.6.3 - CSRF Exploit",2011-07-06,"Luis Santana",php,webapps,0 17497,platforms/windows/dos/17497.txt,"ESTsoft ALPlayer 2.0 - ASX Playlist File Handling Buffer Overflow",2011-07-06,LiquidWorm,windows,dos,0 @@ -15222,16 +15222,16 @@ id,file,description,date,author,platform,type,port 17514,platforms/php/webapps/17514.php,"phpMyAdmin 3.x - Swekey Remote Code Injection Exploit",2011-07-09,Mango,php,webapps,0 17515,platforms/php/webapps/17515.txt,"Portix-CMS 1.5.0. rc5 - Local File Inclusion",2011-07-09,Or4nG.M4N,php,webapps,0 17517,platforms/windows/remote/17517.txt,"Symantec Backup Exec 12.5 - MiTM Attack",2011-07-09,Nibin,windows,remote,0 -17518,platforms/php/webapps/17518.txt,"Tugux CMS 1.2 - (pid) Arbitrary File Deletion",2011-07-10,LiquidWorm,php,webapps,0 +17518,platforms/php/webapps/17518.txt,"Tugux CMS 1.2 - 'pid' Arbitrary File Deletion",2011-07-10,LiquidWorm,php,webapps,0 17519,platforms/windows/remote/17519.py,"Freefloat FTP Server - (LIST command) Buffer Overflow Exploit",2011-07-10,"Zer0 Thunder",windows,remote,0 17520,platforms/windows/remote/17520.rb,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer",2011-07-10,Metasploit,windows,remote,0 17522,platforms/php/webapps/17522.txt,"Fire Soft Board 2.0.1 - Persistent XSS (Admin Panel)",2011-07-12,"_jill for A-S",php,webapps,0 17523,platforms/php/webapps/17523.txt,"Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 -17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 +17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 17525,platforms/php/webapps/17525.txt,"Xmap 1.2.11 Joomla Component - Blind SQL Injection",2011-07-12,jdc,php,webapps,0 17527,platforms/windows/remote/17527.py,"Solar FTP 2.1.1 - PASV Buffer Overflow PoC",2011-07-12,"Craig Freyman",windows,remote,0 17528,platforms/php/webapps/17528.txt,"LiteRadius 3.2 - Multiple Blind SQL Injection",2011-07-13,"Robert Cooper",php,webapps,0 -17529,platforms/php/webapps/17529.txt,"TCExam 11.2.011 - Multiple SQL Injection",2011-07-13,LiquidWorm,php,webapps,0 +17529,platforms/php/webapps/17529.txt,"TCExam 11.2.011 - Multiple SQL Injections",2011-07-13,LiquidWorm,php,webapps,0 17530,platforms/php/webapps/17530.txt,"SOBI2 2.9.3.2 Joomla! Component - Blind SQL Injections",2011-07-14,jdc,php,webapps,0 17531,platforms/php/webapps/17531.txt,"PG eLms Pro vDEC_2007_01 - (contact_us.php) Multiple POST XSS Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection",2011-07-14,LiquidWorm,php,webapps,0 @@ -15245,12 +15245,12 @@ id,file,description,date,author,platform,type,port 17544,platforms/windows/dos/17544.txt,"GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win_x86/shellcode/17545.txt,"Win32/PerfectXp-pc1/SP3 TR - Add Admin _kpss_ Shellcode (112 bytes)",2011-07-18,KaHPeSeSe,win_x86,shellcode,0 17546,platforms/windows/remote/17546.py,"FreeFloat FTP Server 1.0 - REST & PASV Buffer Overflow Exploit",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 -17553,platforms/php/webapps/17553.txt,"Appointment Booking Pro Joomla Component - LFI",2011-07-20,"Don Tukulesto",php,webapps,0 -17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - CSRF",2011-07-21,Crazy_Hacker,php,webapps,0 +17553,platforms/php/webapps/17553.txt,"Appointment Booking Pro Joomla Component - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0 +17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - Cross-site Request Forgery",2011-07-21,Crazy_Hacker,php,webapps,0 17548,platforms/windows/remote/17548.rb,"FreeFloat FTP Server - REST Buffer Overflow (Metasploit)",2011-07-19,KaHPeSeSe,windows,remote,0 -17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - DoS",2011-07-19,Unknown,multiple,dos,0 +17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - Denial of Service",2011-07-19,Unknown,multiple,dos,0 17550,platforms/windows/remote/17550.py,"FreeFloat FTP Server 1.0 - ACCL Buffer Overflow Exploit",2011-07-19,mortis,windows,remote,0 -17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Stored XSS",2011-07-20,"Sense of Security",jsp,webapps,0 +17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Persistent Cross-site Scripting",2011-07-20,"Sense of Security",jsp,webapps,0 17555,platforms/php/webapps/17555.txt,"Vbulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection (0Day)",2011-07-21,fb1h2s,php,webapps,0 17556,platforms/php/webapps/17556.txt,"Joomla Component JE K2 Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0 17557,platforms/windows/remote/17557.html,"Dell IT Assistant - detectIESettingsForITA.ocx ActiveX Control",2011-07-21,rgod,windows,remote,0 @@ -15265,11 +15265,11 @@ id,file,description,date,author,platform,type,port 17567,platforms/osx/dos/17567.txt,"Safari 5.0.6/5.1 - SVG DOM Processing PoC",2011-07-25,"Nikita Tarakanov",osx,dos,0 17569,platforms/windows/dos/17569.py,"Ciscokits 1.0 - TFTP Server File Name DoS",2011-07-25,"Craig Freyman",windows,dos,0 17570,platforms/php/webapps/17570.txt,"Musicbox 3.7 - Multiple Vulnerabilities",2011-07-25,R@1D3N,php,webapps,0 -17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 - Cross-Site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0 +17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 - Cross-site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0 17572,platforms/multiple/webapps/17572.txt,"ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges",2011-07-26,"Narendra Shinde",multiple,webapps,0 17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 - Remote Code Execution",2011-07-26,beford,php,webapps,0 17575,platforms/windows/remote/17575.txt,"Safari 5.0.5 - SVG Remote Code Execution Exploit (DEP Bypass)",2011-07-26,Abysssec,windows,remote,0 -17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool - Cross-Site Request Forgery PoC",2011-07-27,"Narendra Shinde",cgi,webapps,0 +17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool - Cross-site Request Forgery PoC",2011-07-27,"Narendra Shinde",cgi,webapps,0 17578,platforms/windows/remote/17578.txt,"MinaliC Webserver 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart 1.1.7 - Blind time-based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial of Service",2011-07-28,X-h4ck,windows,dos,0 @@ -15282,18 +15282,18 @@ id,file,description,date,author,platform,type,port 17588,platforms/windows/remote/17588.rb,"Actfax FTP Server 4.27 - USER Command Stack Buffer Overflow (0Day) (Metasploit)",2011-07-31,mr_me,windows,remote,0 17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - (register_form()) Multiple POST XSS Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla Component (com_obSuggest) - Local File Inclusion",2011-07-31,v3n0m,php,webapps,0 -17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - CSRF",2011-08-01,Xadpritox,php,webapps,0 +17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - Cross-site Request Forgery",2011-08-01,Xadpritox,php,webapps,0 17593,platforms/php/webapps/17593.txt,"Zoneminder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0 17595,platforms/php/webapps/17595.txt,"MyBB MyTabs (plugin) - SQL Injection (0Day)",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC - Credential Information Disclosure",2011-08-01,Metasploit,jsp,webapps,0 17597,platforms/php/webapps/17597.txt,"SiteGenius - Blind SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - (.pls) Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 -17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server - DoS",2011-08-03,"Craig Freyman",windows,dos,0 +17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server - Denial of Service",2011-08-03,"Craig Freyman",windows,dos,0 17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 17603,platforms/php/webapps/17603.txt,"Joomla Component (com_jdirectory) - SQL Injection",2011-08-03,"Caddy Dz",php,webapps,0 17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 -17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal - Multiple SQL Injection",2011-08-04,Netrondoank,multiple,webapps,0 +17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal - Multiple SQL Injections",2011-08-04,Netrondoank,multiple,webapps,0 17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 / < 1647 trunk - Denial of Service",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow Exploit",2011-08-05,ZadYree,linux,local,0 @@ -15329,12 +15329,12 @@ id,file,description,date,author,platform,type,port 17648,platforms/linux/remote/17648.sh,"HP Data Protector - Remote Root Shell (Linux)",2011-08-10,SZ,linux,remote,0 17649,platforms/windows/remote/17649.py,"BisonFTP Server 3.5 - Remote Buffer Overflow Exploit",2011-08-10,localh0t,windows,remote,0 17650,platforms/windows/remote/17650.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (1)",2011-08-10,Metasploit,windows,remote,0 -17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 - DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 +17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 - DOM Cross-site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit",2011-08-11,"C4SS!0 G0M3S",windows,local,0 17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,Metasploit,windows,remote,0 17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 - DEP Bypass Exploit",2011-08-13,"C4SS!0 G0M3S",windows,local,0 17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 - Denial of Servive Exploit",2011-08-12,G13,windows,dos,0 -17666,platforms/php/webapps/17666.txt,"Prediction Football 2.51 - XRF / CSRF",2011-08-14,"Smith Falcon",php,webapps,0 +17666,platforms/php/webapps/17666.txt,"Prediction Football 2.51 - XRF / Cross-site Request Forgery",2011-08-14,"Smith Falcon",php,webapps,0 17659,platforms/windows/remote/17659.rb,"Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)",2011-08-13,Metasploit,windows,remote,0 17660,platforms/php/webapps/17660.txt,"videoDB 3.1.0 - SQL Injection",2011-08-13,seceurityoverun,php,webapps,0 17661,platforms/php/webapps/17661.txt,"Kahf Poems 1.0 - Multiple Vulnerabilities",2011-08-13,"Yassin Aboukir",php,webapps,0 @@ -15364,14 +15364,14 @@ id,file,description,date,author,platform,type,port 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,Metasploit,multiple,remote,0 17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit)",2011-08-19,Qnix,windows,remote,0 17695,platforms/php/webapps/17695.txt,"phpMyRealty 1.0.7 - SQL Injection",2011-08-19,H4T$A,php,webapps,0 -17694,platforms/php/webapps/17694.txt,"network tracker .95 - Stored XSS",2011-08-19,G13,php,webapps,0 +17694,platforms/php/webapps/17694.txt,"network tracker .95 - Persistent Cross-site Scripting",2011-08-19,G13,php,webapps,0 17696,platforms/multiple/dos/17696.pl,"Apache httpd - Remote Denial of Service (Memory Exhaustion)",2011-08-19,kingcope,multiple,dos,0 17697,platforms/windows/remote/17697.rb,"HP Easy Printer Care - XMLSimpleAccessor Class ActiveX Control Remote Code Execution",2011-08-20,Metasploit,windows,remote,0 17698,platforms/php/webapps/17698.rb,"Oracle Secure Backup - Authentication Bypass/Command Injection",2011-08-19,Metasploit,php,webapps,0 17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System - (xfr.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System - (hndlrsvc.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17702,platforms/php/webapps/17702.rb,"WordPress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 -17703,platforms/php/webapps/17703.txt,"Axis Commerce (E-Commerce System) - Stored XSS",2011-08-20,"Eyup CELIK",php,webapps,0 +17703,platforms/php/webapps/17703.txt,"Axis Commerce (E-Commerce System) - Persistent Cross-site Scripting",2011-08-20,"Eyup CELIK",php,webapps,0 17704,platforms/php/webapps/17704.txt,"WordPress UnGallery plugin 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 17705,platforms/php/webapps/17705.txt,"EasySiteEdit - Remote File Inclusion",2011-08-21,"koskesh jakesh",php,webapps,0 17706,platforms/php/webapps/17706.pl,"onefilecms 1.1.1 - Multiple Vulnerabilities",2011-08-21,mr.pr0n,php,webapps,0 @@ -15379,13 +15379,13 @@ id,file,description,date,author,platform,type,port 17708,platforms/php/webapps/17708.txt,"Web Solutions Wcs2u - SQL Injection",2011-08-22,tempe_mendoan,php,webapps,0 17709,platforms/php/webapps/17709.txt,"Bonza Digital Cart Script - SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17710,platforms/php/webapps/17710.txt,"DV Cart Shopping Cart software - SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 -17711,platforms/asp/webapps/17711.txt,"Redlab CMS - Multiple SQL Injection",2011-08-22,tempe_mendoan,asp,webapps,0 +17711,platforms/asp/webapps/17711.txt,"Redlab CMS - Multiple SQL Injections",2011-08-22,tempe_mendoan,asp,webapps,0 17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 - .GIF Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 -17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 - Multiple Stored XSS Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 -17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - CSRF (add admin)",2011-08-24,G13,php,webapps,0 +17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-site Scripting Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 +17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - Cross-site Request Forgery (add admin)",2011-08-24,G13,php,webapps,0 17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX SEH Overwrite (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 -17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - (.m3u) Local Buffer Overflow PoC",2011-08-26,"D3r K0n!G",windows,dos,0 +17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - '.m3u' Local Buffer Overflow PoC",2011-08-26,"D3r K0n!G",windows,dos,0 17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,Metasploit,windows,remote,0 17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 - httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 @@ -15400,7 +15400,7 @@ id,file,description,date,author,platform,type,port 17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass Exploit",2011-08-27,"C4SS!0 G0M3S",windows,local,0 17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 -17735,platforms/windows/local/17735.pl,"yahoo! player 1.5 - (.m3u) Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 +17735,platforms/windows/local/17735.pl,"yahoo! player 1.5 - '.m3u' Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 17736,platforms/php/webapps/17736.txt,"joomla simple file lister module 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0 17737,platforms/php/webapps/17737.txt,"WordPress Facebook Promotions plugin 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 17738,platforms/php/webapps/17738.txt,"WordPress Evarisk plugin 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 @@ -15409,7 +15409,7 @@ id,file,description,date,author,platform,type,port 17741,platforms/php/webapps/17741.txt,"Omnistar Mailer - Multiple Vulnerabilities",2011-08-28,Sid3^effects,php,webapps,0 17742,platforms/windows/dos/17742.py,"Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service",2011-08-28,LiquidWorm,windows,dos,0 17743,platforms/php/webapps/17743.rb,"LifeSize Room - Command Injection (Metasploit)",2011-08-28,"Spencer McIntyre",php,webapps,0 -17744,platforms/windows/local/17744.pl,"Mini-stream Ripper 2.9.7.273 - (.m3u) Universal BoF",2011-08-29,"D3r K0n!G",windows,local,0 +17744,platforms/windows/local/17744.pl,"Mini-stream Ripper 2.9.7.273 - '.m3u' Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 17745,platforms/windows/local/17745.pl,"DVD X Player 5.5 Professional - (.plf) Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 17748,platforms/php/webapps/17748.txt,"WordPress SH Slideshow plugin 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 17749,platforms/php/webapps/17749.txt,"WordPress iCopyright(R) Article Tools plugin 1.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 @@ -15457,7 +15457,7 @@ id,file,description,date,author,platform,type,port 17796,platforms/windows/dos/17796.txt,"Windows Server 2008 R1 - Local Denial of Service",2011-09-07,Randomdude,windows,dos,0 17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 -17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - CSRF add admin",2011-09-08,"red virus",php,webapps,0 +17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - CSRF (add admin)",2011-09-08,"red virus",php,webapps,0 17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 @@ -15472,7 +15472,7 @@ id,file,description,date,author,platform,type,port 17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service PoC",2011-09-09,modpr0be,windows,dos,0 17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 -17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - (.zip) Buffer Overflow Exploit (0Day)",2011-09-12,mr_me,windows,local,0 +17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Buffer Overflow Exploit (0Day)",2011-09-12,mr_me,windows,local,0 17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 - Post-Auth Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow Exploit",2011-09-12,blake,windows,remote,0 17820,platforms/windows/local/17820.c,"Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 @@ -15506,7 +15506,7 @@ id,file,description,date,author,platform,type,port 17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 (d) - Remote Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 -17858,platforms/php/webapps/17858.txt,"WordPress Filedownload Plugin 0.1 - (download.php) Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 +17858,platforms/php/webapps/17858.txt,"WordPress Filedownload Plugin 0.1 - 'download.php' Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 - (edit.php) HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 17857,platforms/php/webapps/17857.txt,"WordPress Count per Day plugin 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 - .m3u Exploit DEP Bypass",2011-09-17,blake,windows,local,0 @@ -15526,7 +15526,7 @@ id,file,description,date,author,platform,type,port 17871,platforms/hardware/webapps/17871.txt,"Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities",2011-09-19,"Sense of Security",hardware,webapps,0 17872,platforms/php/webapps/17872.txt,"Multiple WordPress Plugin - timthumb.php Vulnerabilities",2011-09-19,"Ben Schmidt",php,webapps,0 17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 -17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway - Auth Bypass / CSRF",2011-09-20,"Sense of Security",hardware,webapps,0 +17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway - Auth Bypass / Cross-site Request Forgery",2011-09-20,"Sense of Security",hardware,webapps,0 17876,platforms/windows/remote/17876.py,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (1)",2011-09-20,modpr0be,windows,remote,0 17877,platforms/windows/local/17877.py,"AVCon - DEP Bypass",2011-09-20,blake,windows,local,0 17878,platforms/windows/dos/17878.txt,"EViews 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 @@ -15642,8 +15642,8 @@ id,file,description,date,author,platform,type,port 18008,platforms/windows/dos/18008.html,"Opera 11.52 - Stack Overflow",2011-10-20,pigtail23,windows,dos,0 18009,platforms/asp/webapps/18009.txt,"Pre Studio Business Cards Designer - SQL Injection",2011-10-20,dr_zig,asp,webapps,0 18011,platforms/windows/dos/18011.txt,"UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow",2011-10-20,DiGMi,windows,dos,0 -18012,platforms/multiple/webapps/18012.txt,"Metasploit 4.1.0 Web UI - Stored XSS",2011-10-20,"Stefan Schurtz",multiple,webapps,0 -18013,platforms/windows/webapps/18013.py,"Cyclope Internet Filtering Proxy 4.0 - Stored XSS",2011-10-20,loneferret,windows,webapps,0 +18012,platforms/multiple/webapps/18012.txt,"Metasploit 4.1.0 Web UI - Persistent Cross-site Scripting",2011-10-20,"Stefan Schurtz",multiple,webapps,0 +18013,platforms/windows/webapps/18013.py,"Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-site Scripting",2011-10-20,loneferret,windows,webapps,0 18014,platforms/windows/dos/18014.html,"Opera 11.51 - Use-After-Free Crash PoC",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 18015,platforms/cgi/remote/18015.rb,"HP Power Manager - 'formExportDataLogs' Buffer Overflow",2011-10-20,Metasploit,cgi,remote,0 18016,platforms/windows/remote/18016.txt,"Oracle AutoVue 20.0.1 AutoVueX - ActiveX Control SaveViewStateToFile",2011-10-21,rgod,windows,remote,0 @@ -15652,8 +15652,8 @@ id,file,description,date,author,platform,type,port 18019,platforms/windows/dos/18019.txt,"Google Chrome - Killing Thread PoC",2011-10-22,pigtail23,windows,dos,0 18020,platforms/php/webapps/18020.txt,"Jara 1.6 - SQL Injection",2011-10-23,muuratsalo,php,webapps,0 18021,platforms/php/webapps/18021.php,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection Exploit",2011-10-23,EgiX,php,webapps,0 -18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - CSRF (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 -18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - DoS",2011-10-23,Alguien,php,dos,0 +18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - Cross-site Request Forgery (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 +18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - Denial of Service",2011-10-23,Alguien,php,dos,0 18024,platforms/windows/dos/18024.txt,"Win32k - Null Pointer De-reference PoC (MS11-077)",2011-10-23,KiDebug,windows,dos,0 18025,platforms/multiple/dos/18025.txt,"Google Chrome - Denial of Service (DoS)",2011-10-23,"Prashant Uniyal",multiple,dos,0 18042,platforms/php/webapps/18042.txt,"Techfolio 1.0 Joomla Component - SQL Injection",2011-10-28,"Chris Russell",php,webapps,0 @@ -15667,7 +15667,7 @@ id,file,description,date,author,platform,type,port 18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple - Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 18031,platforms/php/webapps/18031.rb,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection",2011-10-25,Metasploit,php,webapps,0 18032,platforms/windows/webapps/18032.rb,"SAP Management Console - OSExecute Payload Execution",2011-10-24,Metasploit,windows,webapps,0 -18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop - XSS",2011-10-26,M.Jock3R,php,webapps,0 +18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop - Cross-site Scripting",2011-10-26,M.Jock3R,php,webapps,0 18036,platforms/php/webapps/18036.txt,"eFront 3.6.10 - (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP - reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,Metasploit,windows,local,0 @@ -15679,7 +15679,7 @@ id,file,description,date,author,platform,type,port 18050,platforms/php/webapps/18050.txt,"Joomla HM-Community - (com_hmcommunity) Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0 18051,platforms/windows/remote/18051.txt,"BroadWin WebAccess SCADA/HMI Client - Remote Code Execution",2011-10-31,Snake,windows,remote,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 -18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 +18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Persistent Cross-site Scripting",2011-10-31,"Paul Loftness",php,webapps,0 18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 - MiniSMTP Server Remote Exploit (Metasploit)",2011-10-31,"Dillon Beresford",windows,remote,0 @@ -15714,7 +15714,7 @@ id,file,description,date,author,platform,type,port 18091,platforms/php/webapps/18091.txt,"OrderSys 1.6.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0 18093,platforms/windows/remote/18093.txt,"Oracle - XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Exploit",2011-11-07,"David Maman",windows,remote,0 -18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 - (do.php) CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 +18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 - 'do.php' CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 18096,platforms/windows/local/18096.py,"Aviosoft Digital TV Player Professional 1.x - Stack Buffer Overflow",2011-11-09,modpr0be,windows,local,0 18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' parameter Local file inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 18100,platforms/php/webapps/18100.txt,"labwiki 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 @@ -15723,7 +15723,7 @@ id,file,description,date,author,platform,type,port 18108,platforms/php/webapps/18108.rb,"Support Incident Tracker 3.65 - Remote Command Execution",2011-11-13,Metasploit,php,webapps,0 18105,platforms/linux/local/18105.sh,"glibc LD_AUDIT arbitrary DSO - Load Privilege Escalation",2011-11-10,zx2c4,linux,local,0 18106,platforms/windows/dos/18106.pl,"Soda PDF Professional 1.2.155 - .PDF/.WWF File Handling DoS",2011-11-11,LiquidWorm,windows,dos,0 -18107,platforms/windows/dos/18107.py,"Kool Media Converter 2.6.0 - DoS",2011-11-11,swami,windows,dos,0 +18107,platforms/windows/dos/18107.py,"Kool Media Converter 2.6.0 - Denial of Service",2011-11-11,swami,windows,dos,0 18109,platforms/windows/local/18109.rb,"Aviosoft Digital TV Player Professional 1.0 - Stack Buffer Overflow",2011-11-13,Metasploit,windows,local,0 18110,platforms/php/webapps/18110.txt,"Mambo CMS 4.x - (Zorder) SQL Injection",2011-11-13,"KraL BeNiM",php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client - Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 @@ -15808,14 +15808,14 @@ id,file,description,date,author,platform,type,port 18214,platforms/php/webapps/18214.py,"SMF 2.0.1 - SQL Injection / Privilege Escalation",2011-12-07,The:Paradox,php,webapps,0 18220,platforms/windows/dos/18220.py,"CyberLink Multiple Products - File Project Handling Stack Buffer Overflow PoC",2011-12-09,modpr0be,windows,dos,0 18221,platforms/linux/dos/18221.c,"Apache HTTP Server - Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 -18222,platforms/php/webapps/18222.txt,"SePortal 2.5 - SQL Injection",2011-12-09,Don,php,webapps,0 +18222,platforms/php/webapps/18222.txt,"SePortal 2.5 - SQL Injection (1)",2011-12-09,Don,php,webapps,0 18223,platforms/windows/dos/18223.pl,"Free Opener - Local Denial of Service",2011-12-09,"Iolo Morganwg",windows,dos,0 18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 18225,platforms/linux/dos/18225.c,"CSF Firewall - Buffer Overflow",2011-12-09,"FoX HaCkEr",linux,dos,0 18226,platforms/linux_mips/shellcode/18226.c,"Linux/MIPS - connect back shellcode (port 0x7a69) (168 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() shellcode (32 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Privilege Boundary Crossing Local Root Exploit",2011-12-10,otr,linux,local,0 -18230,platforms/php/webapps/18230.txt,"FCMS 2.7.2 CMS - Multiple Stored XSS",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 +18230,platforms/php/webapps/18230.txt,"FCMS 2.7.2 CMS - Multiple Persistent Cross-site Scripting",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 18231,platforms/php/webapps/18231.txt,"WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 18232,platforms/php/webapps/18232.txt,"FCMS 2.7.2 CMS - Multiple CSRF Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 - Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 @@ -15856,7 +15856,7 @@ id,file,description,date,author,platform,type,port 18287,platforms/php/webapps/18287.php,"Joomla Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 18285,platforms/windows/dos/18285.py,"VLC 1.1.11 - (libav) libavcodec_plugin.dll DoS",2011-12-28,"Mitchell Adair",windows,dos,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod - SQL Injection",2011-12-29,snup,php,webapps,0 -18290,platforms/php/webapps/18290.txt,"Winn Guestbook 2.4.8c - Stored XSS",2011-12-29,G13,php,webapps,0 +18290,platforms/php/webapps/18290.txt,"Winn Guestbook 2.4.8c - Persistent Cross-site Scripting",2011-12-29,G13,php,webapps,0 18291,platforms/hardware/remote/18291.txt,"Reaver - WiFi Protected Setup (WPS) Exploit",2011-12-30,cheffner,hardware,remote,0 18292,platforms/php/webapps/18292.txt,"Dede CMS - SQL Injection",2011-12-30,"CWH and Nafsh",php,webapps,0 18293,platforms/php/webapps/18293.txt,"Akiva WebBoard 8.x - SQL Injection",2011-12-30,"Alexander Fuchs",php,webapps,0 @@ -15877,8 +15877,8 @@ id,file,description,date,author,platform,type,port 18318,platforms/windows/dos/18318.py,"Netcut 2.0 - Denial of Service",2012-01-04,MaYaSeVeN,windows,dos,0 18977,platforms/php/dos/18977.php,"PHP 5.3.10 - spl_autoload_register() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 18978,platforms/php/dos/18978.php,"PHP 5.3.10 - spl_autoload_call() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 -18979,platforms/php/webapps/18979.txt,"vanilla forums poll plugin 0.9 - Stored XSS",2012-06-03,"Henry Hoggard",php,webapps,0 -18980,platforms/php/webapps/18980.txt,"Vanilla Forums 2.0.18.4 - Tagging Stored XSS",2012-06-03,"Henry Hoggard",php,webapps,0 +18979,platforms/php/webapps/18979.txt,"vanilla forums poll plugin 0.9 - Persistent Cross-site Scripting",2012-06-03,"Henry Hoggard",php,webapps,0 +18980,platforms/php/webapps/18980.txt,"Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-site Scripting",2012-06-03,"Henry Hoggard",php,webapps,0 18320,platforms/php/webapps/18320.txt,"Posse Softball Director CMS - (team.php) Blind SQL Injection",2012-01-04,"Easy Laster",php,webapps,0 19381,platforms/php/webapps/19381.php,"SugarCRM CE 6.3.1 - 'unserialize()' PHP Code Execution",2012-06-23,EgiX,php,webapps,0 18322,platforms/php/webapps/18322.txt,"TinyWebGallery 1.8.3 - Remote Command Execution",2012-01-06,Expl0!Ts,php,webapps,0 @@ -15892,7 +15892,7 @@ id,file,description,date,author,platform,type,port 18336,platforms/hardware/dos/18336.pl,"AirTies-4450 - Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 18337,platforms/windows/dos/18337.pl,"M-Player 0.4 - Local Denial of Service",2012-01-08,JaMbA,windows,dos,0 18338,platforms/php/webapps/18338.txt,"phpMyDirectory.com 1.3.3 - SQL Injection",2012-01-08,Serseri,php,webapps,0 -18339,platforms/windows/dos/18339.py,"GPSMapEdit 1.1.73.2 - (.lst) Local Denial of Service",2012-01-09,"Julien Ahrens",windows,dos,0 +18339,platforms/windows/dos/18339.py,"GPSMapEdit 1.1.73.2 - '.lst' Local Denial of Service",2012-01-09,"Julien Ahrens",windows,dos,0 18340,platforms/php/webapps/18340.txt,"Paddelberg Topsite Script - Authentication Bypass",2012-01-09,"Christian Inci",php,webapps,0 18341,platforms/php/webapps/18341.txt,"clip bucket 2.6 - Multiple Vulnerabilities",2012-01-09,YaDoY666,php,webapps,0 18342,platforms/php/webapps/18342.txt,"SAPID 1.2.3 Stable - Remote File Inclusion",2012-01-09,"Opa Yong",php,webapps,0 @@ -15908,7 +15908,7 @@ id,file,description,date,author,platform,type,port 18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin - Blind SQL Injection",2012-01-12,longrifle0x,php,webapps,0 18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)",2012-01-12,TheXero,windows,remote,0 18355,platforms/php/webapps/18355.txt,"WordPress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 -18356,platforms/php/webapps/18356.txt,"Tine 2.0 - Maischa - Multiple Cross-Site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 +18356,platforms/php/webapps/18356.txt,"Tine 2.0 - Maischa - Multiple Cross-site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 18357,platforms/php/webapps/18357.txt,"Pragyan CMS 2.6.1 - Arbitrary File Upload",2012-01-13,Dr.KroOoZ,php,webapps,0 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management - Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 18374,platforms/php/webapps/18374.txt,"PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities",2012-01-16,Or4nG.M4N,php,webapps,0 @@ -15929,14 +15929,14 @@ id,file,description,date,author,platform,type,port 18975,platforms/php/webapps/18975.rb,"Log1 CMS - writeInfo() PHP Code Injection",2012-06-03,Metasploit,php,webapps,0 18976,platforms/php/dos/18976.php,"PHP 5.3.10 - spl_autoload() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 18381,platforms/windows/remote/18381.rb,"HP Easy Printer Care - XMLCacheMgr Class ActiveX Control Remote Code Execution",2012-01-18,Metasploit,windows,remote,0 -18382,platforms/windows/remote/18382.py,"Sysax Multi Server 5.50 - Create Folder BOF",2012-01-18,"Craig Freyman",windows,remote,0 +18382,platforms/windows/remote/18382.py,"Sysax Multi Server 5.50 - Create Folder Buffer Overflow",2012-01-18,"Craig Freyman",windows,remote,0 18383,platforms/php/webapps/18383.txt,"pGB 2.12 - kommentar.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18384,platforms/php/webapps/18384.txt,"PhpBridges Blog System - members.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18385,platforms/php/webapps/18385.txt,"DZCP (deV!L_z Clanportal) Gamebase Addon - SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18386,platforms/php/webapps/18386.txt,"DZCP (deV!L_z Clanportal) 1.5.5 Moviebase Addon - Blind SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow",2012-01-20,Metasploit,windows,remote,0 18389,platforms/php/webapps/18389.txt,"Drupal CKEditor 3.0 < 3.6.2 - Persistent EventHandler XSS",2012-01-19,MaXe,php,webapps,0 -18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Stored XSS",2012-01-19,"Gianluca Brindisi",php,webapps,0 +18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Persistent Cross-site Scripting",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 18393,platforms/linux/remote/18393.rb,"Gitorious - Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 @@ -15960,7 +15960,7 @@ id,file,description,date,author,platform,type,port 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 18417,platforms/php/webapps/18417.txt,"WordPress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 -18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - CSRF",2012-01-26,Cyber-Crystal,php,webapps,0 +18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - Cross-site Request Forgery",2012-01-26,Cyber-Crystal,php,webapps,0 18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8/ 2.9 - XSS/SQL Injections",2012-01-26,Cyber-Crystal,php,webapps,0 @@ -15969,7 +15969,7 @@ id,file,description,date,author,platform,type,port 18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 18429,platforms/php/webapps/18429.pl,"4Images 1.7.6-9 - CSRF Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 -18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 - SQLi",2012-01-30,"Craig Freyman",multiple,webapps,0 +18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 - SQL Injection",2012-01-30,"Craig Freyman",multiple,webapps,0 18431,platforms/multiple/webapps/18431.txt,"Ajax Upload - Arbitrary File Upload",2012-01-30,"Daniel Godoy",multiple,webapps,0 18432,platforms/php/webapps/18432.txt,"phux Download Manager - Blind SQL Injection",2012-01-30,"Red Security TEAM",php,webapps,0 18435,platforms/php/webapps/18435.txt,"phpShowtime - Directory Traversal",2012-01-31,"Red Security TEAM",php,webapps,0 @@ -15979,16 +15979,16 @@ id,file,description,date,author,platform,type,port 18438,platforms/php/webapps/18438.txt,"Ez Album - Blind SQL Injection",2012-01-31,"Red Security TEAM",php,webapps,0 18439,platforms/php/webapps/18439.txt,"PragmaMX 1.2.10 - Persistent XSS",2012-01-31,HauntIT,php,webapps,0 18440,platforms/windows/dos/18440.txt,"EdrawSoft Office Viewer Component ActiveX 5.6 - (officeviewermme.ocx) BoF PoC",2012-01-31,LiquidWorm,windows,dos,0 -18441,platforms/php/webapps/18441.txt,"Vastal I-Tech Agent Zone - (search.php) Blind SQL Injection",2012-01-31,"Cagri Tepebasili",php,webapps,0 +18441,platforms/php/webapps/18441.txt,"Vastal I-Tech Agent Zone - 'search.php' Blind SQL Injection",2012-01-31,"Cagri Tepebasili",php,webapps,0 18442,platforms/multiple/remote/18442.html,"Apache - httpOnly Cookie Disclosure",2012-01-31,pilate,multiple,remote,0 18443,platforms/php/webapps/18443.txt,"swDesk - Multiple Vulnerabilities",2012-02-01,"Red Security TEAM",php,webapps,0 18444,platforms/php/webapps/18444.txt,"sit! support incident tracker 3.64 - Multiple Vulnerabilities",2012-02-01,"High-Tech Bridge SA",php,webapps,0 18446,platforms/android/remote/18446.html,"Webkit Normalize Bug - Android 2.2",2012-02-01,"MJ Keith",android,remote,0 -18447,platforms/asp/webapps/18447.txt,"MailEnable Webmail - Cross-Site Scripting",2012-01-13,"Sajjad Pourali",asp,webapps,0 +18447,platforms/asp/webapps/18447.txt,"MailEnable Webmail - Cross-site Scripting",2012-01-13,"Sajjad Pourali",asp,webapps,0 18448,platforms/windows/remote/18448.rb,"Sunway Forcecontrol - SNMP NetDBServer.exe Opcode 0x57",2012-02-02,Metasploit,windows,remote,0 18449,platforms/windows/remote/18449.rb,"Icona SpA C6 Messenger - DownloaderActiveX Control Arbitrary File Download and Execute",2012-02-02,Metasploit,windows,remote,0 18451,platforms/windows/webapps/18451.txt,"Sphinix Mobile Web Server 3.1.2.47 - Multiple Persistent XSS Vulnerabilities",2012-02-02,"SecPod Research",windows,webapps,0 -18452,platforms/multiple/webapps/18452.txt,"Apache Struts - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-02-02,"SecPod Research",multiple,webapps,0 +18452,platforms/multiple/webapps/18452.txt,"Apache Struts - Multiple Persistent Cross-site Scripting Vulnerabilities",2012-02-02,"SecPod Research",multiple,webapps,0 18453,platforms/windows/dos/18453.txt,"OfficeSIP Server 3.1 - Denial of Service",2012-02-02,"SecPod Research",windows,dos,0 18454,platforms/windows/dos/18454.txt,"NetSarang Xlpd Printer Daemon 4 - Denial of Service",2012-02-02,"SecPod Research",windows,dos,0 18455,platforms/php/webapps/18455.txt,"OSCommerce 3.0.2 - Persistent Cross-Site",2012-02-02,Vulnerability-Lab,php,webapps,0 @@ -15998,11 +15998,11 @@ id,file,description,date,author,platform,type,port 18460,platforms/php/dos/18460.php,"PHP 5.4.0RC6 (64-bit) - Denial of Service",2012-02-04,"Stefan Esser",php,dos,0 18461,platforms/windows/dos/18461.html,"Edraw Diagram Component 5 - ActiveX Buffer Overflow DoS",2012-02-04,"Senator of Pirates",windows,dos,0 18463,platforms/windows/dos/18463.html,"PDF Viewer Component - ActiveX DoS",2012-02-05,"Senator of Pirates",windows,dos,0 -18464,platforms/php/webapps/18464.html,"GAzie 5.20 - Cross-Site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 +18464,platforms/php/webapps/18464.html,"GAzie 5.20 - Cross-site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 18465,platforms/php/webapps/18465.txt,"BASE 1.4.5 - (base_qry_main.php t_view) SQL Injection",2012-02-06,"a.kadir altan",php,webapps,0 18466,platforms/php/webapps/18466.txt,"Tube Ace(Adult PHP Tube Script) - SQL Injection",2012-02-06,"Daniel Godoy",php,webapps,0 18467,platforms/php/webapps/18467.txt,"XRayCMS 1.1.1 - SQL Injection",2012-02-06,chap0,php,webapps,0 -18468,platforms/php/webapps/18468.html,"Flyspray 0.9.9.6 - CSRF",2012-02-07,"Vaibhav Gupta",php,webapps,0 +18468,platforms/php/webapps/18468.html,"Flyspray 0.9.9.6 - Cross-site Request Forgery",2012-02-07,"Vaibhav Gupta",php,webapps,0 18469,platforms/windows/dos/18469.pl,"Typsoft FTP Server 1.10 - Multiple Commands DoS",2012-02-07,"Balazs Makany",windows,dos,0 18470,platforms/php/webapps/18470.txt,"Ananta Gazelle CMS - Update Statement SQL Injection",2012-02-08,hackme,php,webapps,0 18471,platforms/windows/local/18471.c,"TORCS 1.3.2 - xml Buffer Overflow /SAFESEH evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0 @@ -16016,7 +16016,7 @@ id,file,description,date,author,platform,type,port 18483,platforms/php/webapps/18483.txt,"Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities",2012-02-12,"Avram Marius",php,webapps,0 18499,platforms/hardware/webapps/18499.txt,"D-Link DSL-2640B - (ADSL Router) CSRF",2012-02-20,"Ivano Binetti",hardware,webapps,0 18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object - GM_Song Structure Handling",2012-02-16,Metasploit,windows,remote,0 -18487,platforms/php/webapps/18487.html,"SocialCMS 1.0.2 - CSRF",2012-02-16,"Ivano Binetti",php,webapps,0 +18487,platforms/php/webapps/18487.html,"SocialCMS 1.0.2 - Cross-site Request Forgery",2012-02-16,"Ivano Binetti",php,webapps,0 18488,platforms/windows/dos/18488.txt,"Novell GroupWise Messenger 2.1.0 - Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger 2.1.0 - Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client 2.1.0 - Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 @@ -16024,15 +16024,15 @@ id,file,description,date,author,platform,type,port 18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 - Backdoor Arbitrary PHP Code Execution",2012-02-17,Metasploit,linux,remote,0 18493,platforms/windows/dos/18493.py,"PCAnywhere 12.5.0 build 463 - Denial of Service",2012-02-17,"Johnathan Norman",windows,dos,0 18494,platforms/php/webapps/18494.txt,"Pandora Fms 4.0.1 - Local File Inclusion",2012-02-17,Vulnerability-Lab,php,webapps,0 -18495,platforms/php/webapps/18495.html,"almnzm 2.4 - CSRF (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 +18495,platforms/php/webapps/18495.html,"almnzm 2.4 - Cross-site Request Forgery (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 18497,platforms/php/webapps/18497.txt,"4PSA CMS - SQL Injection",2012-02-19,"BHG Security Center",php,webapps,0 -18498,platforms/php/webapps/18498.html,"SyndeoCMS 3.0 - CSRF",2012-02-19,"Ivano Binetti",php,webapps,0 +18498,platforms/php/webapps/18498.html,"SyndeoCMS 3.0 - Cross-site Request Forgery",2012-02-19,"Ivano Binetti",php,webapps,0 18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass (Serial Number BOF)",2012-02-20,b33f,windows,local,0 18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 -18502,platforms/php/webapps/18502.html,"PlumeCMS 1.2.4 - CSRF",2012-02-20,"Ivano Binetti",php,webapps,0 -18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS - CSRF Change Admin Password",2012-02-21,"Ivano Binetti",hardware,webapps,0 -18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 - CSRF (ADSL Router)",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 -18561,platforms/php/webapps/18561.txt,"lizard cart - (search.php) SQLi",2012-03-05,"Number 7",php,webapps,0 +18502,platforms/php/webapps/18502.html,"PlumeCMS 1.2.4 - Cross-site Request Forgery",2012-02-20,"Ivano Binetti",php,webapps,0 +18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS - CSRF (Change Admin Password)",2012-02-21,"Ivano Binetti",hardware,webapps,0 +18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 - Cross-site Request Forgery (ADSL Router)",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 +18561,platforms/php/webapps/18561.txt,"lizard cart - 'search.php' SQLi",2012-03-05,"Number 7",php,webapps,0 18563,platforms/php/webapps/18563.txt,"ForkCMS 3.2.5 - Multiple Vulnerabilities",2012-02-21,"Ivano Binetti",php,webapps,0 18506,platforms/php/webapps/18506.txt,"BRIM < 2.0.0 - SQL Injection",2012-02-22,ifnull,php,webapps,0 18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin - Command Line Argument Injection (2012)",2012-02-24,Metasploit,windows,remote,0 @@ -16045,26 +16045,26 @@ id,file,description,date,author,platform,type,port 18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow",2012-02-23,Metasploit,windows,local,0 -18516,platforms/php/webapps/18516.txt,"phpDenora 1.4.6 - Multiple SQL Injection",2012-02-23,NLSecurity,php,webapps,0 +18516,platforms/php/webapps/18516.txt,"phpDenora 1.4.6 - Multiple SQL Injections",2012-02-23,NLSecurity,php,webapps,0 18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone - Privilege Escalation",2012-02-23,"Sense of Security",hardware,webapps,0 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 - SQL Injection",2012-02-24,G13,php,webapps,0 18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (English/Italian) Remote File Upload Remote Code Execution (Metasploit)",2012-02-23,"Danny Moules",php,webapps,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 - EXEC_CMD Remote Code Execution",2012-02-25,Metasploit,windows,remote,0 18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 -18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file param) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 +18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file parameter) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 18524,platforms/windows/dos/18524.py,"Tiny HTTP Server 1.1.9 - Remote Crash PoC",2012-02-25,localh0t,windows,dos,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery - SQL Injection",2012-02-25,CorryL,php,webapps,0 -18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) 2.11 - CSRF (Delete Admin / Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 +18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) 2.11 - Cross-site Request Forgery (Delete Admin / Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - (.pls) Stack Buffer Overflow",2012-03-02,Metasploit,windows,local,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Post-Auth SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH Username BoF Pre-Auth RCE (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 -18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - CSRF (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 +18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - Cross-site Request Forgery (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,Metasploit,windows,remote,0 18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access WorkStation 5.9 - Profile",2012-02-29,Metasploit,windows,remote,0 -18540,platforms/hardware/webapps/18540.txt,"Yealink VOIP Phone - Persistent Cross-Site Scripting",2012-02-29,"Narendra Shinde",hardware,webapps,0 +18540,platforms/hardware/webapps/18540.txt,"Yealink VOIP Phone - Persistent Cross-site Scripting",2012-02-29,"Narendra Shinde",hardware,webapps,0 18541,platforms/windows/dos/18541.py,"Netmechanica NetDecision HTTP Server - Denial of Service",2012-02-29,"SecPod Research",windows,dos,0 18542,platforms/windows/remote/18542.txt,"Netmechanica NetDecision Traffic Grapher Server - Information Disclosure",2012-02-29,"SecPod Research",windows,remote,0 18543,platforms/windows/remote/18543.py,"Netmechanica NetDecision Dashboard Server - Information Disclosure",2012-02-29,"SecPod Research",windows,remote,0 @@ -16091,7 +16091,7 @@ id,file,description,date,author,platform,type,port 18601,platforms/multiple/dos/18601.txt,"EMC NetWorker 7.6 sp3 - Denial of Service",2012-03-14,"Luigi Auriemma",multiple,dos,0 18571,platforms/php/webapps/18571.txt,"promise webpam 2.2.0.13 - Multiple Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 18572,platforms/windows/remote/18572.rb,"Adobe Flash Player - .mp4 'cprt' Overflow",2012-03-08,Metasploit,windows,remote,0 -18575,platforms/php/webapps/18575.txt,"RazorCMS 1.2.1 Stable - CSRF (Delete Web Pages)",2012-03-08,"Ivano Binetti",php,webapps,0 +18575,platforms/php/webapps/18575.txt,"RazorCMS 1.2.1 Stable - Cross-site Request Forgery (Delete Web Pages)",2012-03-08,"Ivano Binetti",php,webapps,0 18578,platforms/php/webapps/18578.txt,"PHP Address Book 6.2.12 - Multiple security vulnerabilities",2012-03-10,"Stefan Schurtz",php,webapps,0 18574,platforms/php/webapps/18574.txt,"RazorCMS 1.2.1 STABLE - File Upload",2012-03-08,"i2sec_Hyo jun Oh",php,webapps,0 18579,platforms/linux/dos/18579.txt,"PyPAM - Python bindings for PAM - Double Free Corruption",2012-03-10,"Markus Vervier",linux,dos,0 @@ -16101,15 +16101,15 @@ id,file,description,date,author,platform,type,port 18585,platforms/lin_x86-64/shellcode/18585.s,"Linux/x86-64 - Add user _t0r_ with password _Winner_ shellcode (189 bytes)",2012-03-12,0_o,lin_x86-64,shellcode,0 18586,platforms/windows/dos/18586.txt,"XnView FlashPix Image Processing - Heap Overflow",2012-03-12,"Francis Provencher",windows,dos,0 18587,platforms/windows/dos/18587.py,"Network Instrument Observer - SNMP SetRequest Denial of Service",2012-03-12,"Francis Provencher",windows,dos,0 -18616,platforms/php/webapps/18616.txt,"Pre Printing Press - product_desc.php (pid) SQL Injection",2012-03-18,"Easy Laster",php,webapps,0 +18616,platforms/php/webapps/18616.txt,"Pre Printing Press - product_desc.php 'pid' SQL Injection",2012-03-18,"Easy Laster",php,webapps,0 18618,platforms/php/webapps/18618.pl,"Joomla 2.5.0-2.5.1 - Time Based SQL Injection",2012-03-19,"A. Ramos",php,webapps,0 18619,platforms/multiple/remote/18619.txt,"Apache Tomcat - Remote Exploit (PUT Request) and Account Scanner",2012-03-19,kingcope,multiple,remote,0 -18589,platforms/php/webapps/18589.txt,"Acal calendar 2.2.6 - CSRF",2012-03-12,"Number 7",php,webapps,0 +18589,platforms/php/webapps/18589.txt,"Acal calendar 2.2.6 - Cross-site Request Forgery",2012-03-12,"Number 7",php,webapps,0 18595,platforms/php/webapps/18595.txt,"Max Guestbook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 18590,platforms/php/webapps/18590.txt,"PBLang - Local File Inclusion",2012-03-13,"Number 7",php,webapps,0 18591,platforms/php/webapps/18591.txt,"Cycade Gallery - SQL Injection",2012-03-13,-DownFall,php,webapps,0 -18592,platforms/php/webapps/18592.txt,"4images - Image Gallery Management System - CSRF",2012-03-13,"Dmar al3noOoz",php,webapps,0 -18597,platforms/hardware/webapps/18597.txt,"Sitecom WLM-2501 - CSRF",2012-03-14,"Ivano Binetti",hardware,webapps,0 +18592,platforms/php/webapps/18592.txt,"4images - Image Gallery Management System - Cross-site Request Forgery",2012-03-13,"Dmar al3noOoz",php,webapps,0 +18597,platforms/hardware/webapps/18597.txt,"Sitecom WLM-2501 - Cross-site Request Forgery",2012-03-14,"Ivano Binetti",hardware,webapps,0 18598,platforms/php/webapps/18598.txt,"Encaps PHP Gallery - SQL Injection",2012-03-14,"Daniel Godoy",php,webapps,0 18599,platforms/php/webapps/18599.txt,"asaanCart - XSS / LFI",2012-03-14,"Number 7",php,webapps,0 18602,platforms/windows/dos/18602.txt,"Epson EventManager 2.50 - Denial of Service",2012-03-14,"Luigi Auriemma",windows,dos,0 @@ -16121,7 +16121,7 @@ id,file,description,date,author,platform,type,port 18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent XSS for logged in users",2012-03-16,storm,php,webapps,0 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 - Multiple CSRF Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure Exploit",2012-03-16,KaHPeSeSe,windows,remote,0 -18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (Metasploit)",2012-03-16,KaHPeSeSe,windows,local,0 +18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - '.m3u' Buffer Overflow (Metasploit)",2012-03-16,KaHPeSeSe,windows,local,0 18704,platforms/windows/remote/18704.txt,"Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite PoC",2012-04-05,rgod,windows,remote,0 18705,platforms/hardware/dos/18705.txt,"Sony Bravia - Remote Denial of Service",2012-04-05,"Gabriel Menezes Nunes",hardware,dos,0 18613,platforms/php/webapps/18613.txt,"ASP Classifieds - SQL Injection",2012-03-17,r45c4l,php,webapps,0 @@ -16142,7 +16142,7 @@ id,file,description,date,author,platform,type,port 18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk - ActiveX BackImage",2012-03-21,Metasploit,windows,remote,0 18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 -18638,platforms/hardware/webapps/18638.txt,"D-Link DIR-605 - CSRF",2012-03-21,iqzer0,hardware,webapps,0 +18638,platforms/hardware/webapps/18638.txt,"D-Link DIR-605 - Cross-site Request Forgery",2012-03-21,iqzer0,hardware,webapps,0 18639,platforms/php/webapps/18639.txt,"phpList 2.10.17 - SQL Injection / XSS",2012-03-21,LiquidWorm,php,webapps,0 18640,platforms/windows/remote/18640.txt,"Google Talk - gtalk:// Deprecated Uri Handler Parameter Injection",2012-03-22,rgod,windows,remote,0 18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 @@ -16158,14 +16158,14 @@ id,file,description,date,author,platform,type,port 18652,platforms/php/webapps/18652.txt,"Wolfcms 0.75 - (CSRF/XSS) Multiple Vulnerabilities",2012-03-23,"Ivano Binetti",php,webapps,0 18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 18655,platforms/php/webapps/18655.php,"phpFox 3.0.1 - (ajax.php) Remote Command Execution Exploit",2012-03-23,EgiX,php,webapps,0 -18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - (.m3u) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 +18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - '.m3u' Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - (.ppl) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18695,platforms/windows/remote/18695.py,"Sysax 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow'",2012-03-24,Metasploit,windows,remote,0 18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution",2012-03-24,Metasploit,php,webapps,0 18660,platforms/php/webapps/18660.txt,"RIPS 0.53 - Multiple Local File Inclusion",2012-03-24,localh0t,php,webapps,0 18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 - file handling memory corruption",2012-03-24,"Senator of Pirates",windows,dos,0 -18676,platforms/php/webapps/18676.txt,"boastMachine 3.1 - CSRF Add Admin",2012-03-28,Dr.NaNo,php,webapps,0 +18676,platforms/php/webapps/18676.txt,"boastMachine 3.1 - CSRF (Add Admin)",2012-03-28,Dr.NaNo,php,webapps,0 18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - SQL Injection",2012-03-28,ZeTH,php,webapps,0 18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client - (vncviewer.exe) Buffer Overflow",2012-03-26,Metasploit,windows,remote,0 18665,platforms/multiple/dos/18665.py,"PHP 5.4.0 Built-in Web Server - DoS PoC",2012-03-25,ls,multiple,dos,0 @@ -16180,9 +16180,9 @@ id,file,description,date,author,platform,type,port 18679,platforms/multiple/remote/18679.rb,"Java - AtomicReferenceArray Type Violation",2012-03-30,Metasploit,multiple,remote,0 18680,platforms/php/webapps/18680.txt,"coppermine 1.5.18 - Multiple Vulnerabilities",2012-03-30,waraxe,php,webapps,0 18681,platforms/windows/local/18681.txt,"Bitsmith PS Knowbase 3.2.3 - Buffer Overflow",2012-03-30,Vulnerability-Lab,windows,local,0 -18682,platforms/php/webapps/18682.txt,"ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injection",2012-03-30,"SecPod Research",php,webapps,0 +18682,platforms/php/webapps/18682.txt,"ArticleSetup - Multiple Persistence Cross-site Scripting / SQL Injection",2012-03-30,"SecPod Research",php,webapps,0 18683,platforms/windows/remote/18683.py,"MailMax 4.6 - POP3 'USER' Remote Buffer Overflow Exploit (No Login Needed)",2012-03-30,localh0t,windows,remote,0 -18685,platforms/php/webapps/18685.txt,"dalbum 144 build 174 - CSRF",2012-03-30,"Ahmed Elhady Mohamed",php,webapps,0 +18685,platforms/php/webapps/18685.txt,"dalbum 144 build 174 - Cross-site Request Forgery",2012-03-30,"Ahmed Elhady Mohamed",php,webapps,0 18686,platforms/php/webapps/18686.txt,"SyndeoCMS 3.0.01 - Persistent XSS",2012-03-30,"Ivano Binetti",php,webapps,0 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 @@ -16191,7 +16191,7 @@ id,file,description,date,author,platform,type,port 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR",2012-04-03,b33f,windows,local,0 -18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - CSRF (Add Admin / Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 +18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - Cross-site Request Forgery (Add Admin / Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 18708,platforms/php/webapps/18708.txt,"GENU CMS - SQL Injection",2012-04-05,"hordcode security",php,webapps,0 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera - UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0 18710,platforms/windows/local/18710.rb,"Csound - .hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 @@ -16212,7 +16212,7 @@ id,file,description,date,author,platform,type,port 18729,platforms/php/webapps/18729.txt,"joomla component (com_bearleague) - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 18732,platforms/php/webapps/18732.txt,"Software DEP Classified Script 2.5 - SQL Injection",2012-04-12,"hordcode security",php,webapps,0 18733,platforms/linux/local/18733.py,"WICD - Local Privilege Esclation Exploit",2012-04-12,anonymous,linux,local,0 -18734,platforms/hardware/dos/18734.txt,"EMC IRM License Server 4.6.1.1995 - DoS",2012-04-12,"Luigi Auriemma",hardware,dos,0 +18734,platforms/hardware/dos/18734.txt,"EMC IRM License Server 4.6.1.1995 - Denial of Service",2012-04-12,"Luigi Auriemma",hardware,dos,0 18735,platforms/windows/remote/18735.rb,"Quest InTrust Annotation Objects - Uninitialized Pointer",2012-04-13,Metasploit,windows,remote,0 18736,platforms/php/webapps/18736.txt,"Invision Power Board 3.3.0 - Local File Inclusion",2012-04-13,waraxe,php,webapps,0 18737,platforms/php/webapps/18737.txt,"Ushahidi 2.2 - Multiple Vulnerabilities",2012-04-13,shpendk,php,webapps,0 @@ -16220,7 +16220,7 @@ id,file,description,date,author,platform,type,port 18739,platforms/windows/dos/18739.txt,"IrfanView FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0 18749,platforms/osx/local/18749.py,"Office 2008 sp0 - RTF Pfragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0 18741,platforms/php/webapps/18741.txt,"joomla component (com_ponygallery) - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 -18742,platforms/php/webapps/18742.php,"NetworX CMS - CSRF Add Admin",2012-04-15,N3t.Crack3r,php,webapps,0 +18742,platforms/php/webapps/18742.php,"NetworX CMS - CSRF (Add Admin)",2012-04-15,N3t.Crack3r,php,webapps,0 18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script - SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 18747,platforms/windows/local/18747.rb,"CyberLink Power2Go - name attribute (p2g) Stack Buffer Overflow Exploit",2012-04-18,Metasploit,windows,local,0 @@ -16268,14 +16268,14 @@ id,file,description,date,author,platform,type,port 18795,platforms/windows/dos/18795.py,"Nokia PC Suite Video Manager 7.1.180.64 - (.mp4) Denial of Service",2012-04-27,"Senator of Pirates",windows,dos,0 18800,platforms/php/webapps/18800.txt,"Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities",2012-04-29,"Stefan Schurtz",php,webapps,0 18801,platforms/php/webapps/18801.txt,"Car Portal CMS 3.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 -18802,platforms/asp/webapps/18802.txt,"C4B XPhone UC Web 4.1.890S R1 - XSS",2012-04-30,Vulnerability-Lab,asp,webapps,0 +18802,platforms/asp/webapps/18802.txt,"C4B XPhone UC Web 4.1.890S R1 - Cross-site Scripting",2012-04-30,Vulnerability-Lab,asp,webapps,0 18803,platforms/php/webapps/18803.txt,"Opial CMS 2.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18804,platforms/php/webapps/18804.txt,"DIY CMS 1.0 Poll - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 - SEH Overwrite",2012-05-01,blake,windows,local,0 -18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injection",2012-05-01,Vulnerability-Lab,php,webapps,0 +18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injections",2012-05-01,Vulnerability-Lab,php,webapps,0 18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject",2012-05-01,Metasploit,windows,remote,0 18813,platforms/php/webapps/18813.txt,"opencart 1.5.2.1 - Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 18815,platforms/php/webapps/18815.txt,"STRATO Newsletter Manager - Directory Traversal",2012-05-01,"Zero X",php,webapps,0 @@ -16286,12 +16286,12 @@ id,file,description,date,author,platform,type,port 18820,platforms/php/webapps/18820.php,"OpenConf 4.11 - (author/edit.php) Remote Blind SQL Injection",2012-05-02,EgiX,php,webapps,0 18823,platforms/windows/local/18823.txt,"Symantec pcAnywhere - Insecure File Permissions Local Privilege Escalation",2012-05-02,"Edward Torkington",windows,local,0 18824,platforms/cgi/webapps/18824.txt,"Websense Triton - Multiple Vulnerabilities",2012-05-02,"Ben Williams",cgi,webapps,0 -18822,platforms/php/webapps/18822.txt,"php-decoda - Cross-Site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 +18822,platforms/php/webapps/18822.txt,"php-decoda - Cross-site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 18825,platforms/windows/remote/18825.rb,"VLC - Mms Stream Handling Buffer Overflow",2012-05-03,Metasploit,windows,remote,0 18826,platforms/windows/local/18826.py,"AnvSoft Any Video Converter 4.3.6 - Stack Overflow Exploit",2012-05-03,cikumel,windows,local,0 -18827,platforms/php/webapps/18827.txt,"Baby Gekko CMS 1.1.5c - Multiple Stored XSS Vulnerabilities",2012-05-03,LiquidWorm,php,webapps,0 +18827,platforms/php/webapps/18827.txt,"Baby Gekko CMS 1.1.5c - Multiple Persistent Cross-site Scripting Vulnerabilities",2012-05-03,LiquidWorm,php,webapps,0 18828,platforms/php/webapps/18828.txt,"PluXml 5.1.5 - Local File Inclusion",2012-05-03,"High-Tech Bridge SA",php,webapps,0 -18832,platforms/php/webapps/18832.txt,"Symantec Web Gateway - Cross-Site Scripting",2012-05-04,B00y@,php,webapps,0 +18832,platforms/php/webapps/18832.txt,"Symantec Web Gateway - Cross-site Scripting",2012-05-04,B00y@,php,webapps,0 18834,platforms/php/remote/18834.rb,"PHP - CGI Argument Injection",2012-05-04,Metasploit,php,remote,0 18871,platforms/php/webapps/18871.txt,"Travelon Express CMS 6.2.2 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18861,platforms/windows/local/18861.php,"PHP 5.4.3 - Code Execution (Win32)",2012-05-11,0in,windows,local,0 @@ -16307,7 +16307,7 @@ id,file,description,date,author,platform,type,port 18844,platforms/php/webapps/18844.txt,"myCare2x CMS - Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 18845,platforms/php/webapps/18845.txt,"PHP Agenda 2.2.8 - SQL Injection",2012-05-07,loneferret,php,webapps,0 18847,platforms/windows/remote/18847.rb,"Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access",2012-05-09,Metasploit,windows,remote,0 -18850,platforms/php/webapps/18850.txt,"X7 Chat 2.0.5.1 - CSRF Add Admin Exploit",2012-05-09,DennSpec,php,webapps,0 +18850,platforms/php/webapps/18850.txt,"X7 Chat 2.0.5.1 - CSRF (Add Admin) Exploit",2012-05-09,DennSpec,php,webapps,0 18851,platforms/windows/dos/18851.py,"Guitar Pro 6.1.1 r10791 - (.gpx) Crash PoC",2012-05-09,condis,windows,dos,0 18852,platforms/windows/dos/18852.txt,"DecisionTools SharpGrid - ActiveX Control RCE",2012-05-09,"Francis Provencher",windows,dos,0 18853,platforms/windows/dos/18853.txt,"SAP Netweaver Dispatcher - Multiple Vulnerabilities",2012-05-09,"Core Security",windows,dos,0 @@ -16364,7 +16364,7 @@ id,file,description,date,author,platform,type,port 18926,platforms/windows/dos/18926.php,"bsnes 0.87 - Local Denial of Service",2012-05-25,"Yakir Wizman",windows,dos,0 18927,platforms/php/webapps/18927.txt,"socialengine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 18929,platforms/windows/remote/18929.rb,"RabidHamster R4 - Log Entry sprintf() Buffer Overflow",2012-05-25,Metasploit,windows,remote,0 -18950,platforms/php/webapps/18950.txt,"NewsAdd 1.0 - Multiple SQL Injection",2012-05-30,WhiteCollarGroup,php,webapps,0 +18950,platforms/php/webapps/18950.txt,"NewsAdd 1.0 - Multiple SQL Injections",2012-05-30,WhiteCollarGroup,php,webapps,0 18931,platforms/ios/dos/18931.rb,"iOS 5.1.1 - Safari Browser - JS match() & search() Crash PoC",2012-05-25,"Alberto Ortega",ios,dos,0 18933,platforms/windows/remote/18933.rb,"quickshare file share 1.2.1 - Directory Traversal (2)",2012-05-27,Metasploit,windows,remote,0 18934,platforms/php/webapps/18934.rb,"WeBid - converter.php Remote PHP Code Injection",2012-05-27,Metasploit,php,webapps,0 @@ -16372,18 +16372,18 @@ id,file,description,date,author,platform,type,port 18942,platforms/linux/remote/18942.rb,"Symantec Web Gateway 5.0.2.8 - Command Execution",2012-05-28,Metasploit,linux,remote,0 18937,platforms/php/webapps/18937.txt,"PBBoard 2.1.4 - Local File Inclusion",2012-05-28,n4ss1m,php,webapps,0 18981,platforms/windows/local/18981.txt,"Sysax 5.60 - Create SSL Certificate Buffer Overflow",2012-06-04,"Craig Freyman",windows,local,0 -18944,platforms/php/webapps/18944.txt,"PHP Volunteer Management System 1.0.2 - Multiple SQL Injection",2012-05-28,loneferret,php,webapps,0 +18944,platforms/php/webapps/18944.txt,"PHP Volunteer Management System 1.0.2 - Multiple SQL Injections",2012-05-28,loneferret,php,webapps,0 18945,platforms/windows/dos/18945.txt,"WinRadius Server 2009 - Denial of Service",2012-05-29,demonalex,windows,dos,0 18946,platforms/windows/dos/18946.txt,"Tftpd32 DNS Server 4.00 - Denial of Service",2012-05-29,demonalex,windows,dos,0 18940,platforms/windows/dos/18940.php,"LibreOffice 3.5.3 - (.rtf) FileOpen Crash",2012-05-28,shinnai,windows,dos,0 18941,platforms/php/webapps/18941.txt,"PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities",2012-05-28,Ashoo,php,webapps,0 18947,platforms/windows/local/18947.rb,"ispVM System - .XCF File Handling Overflow",2012-05-29,Metasploit,windows,local,0 -18948,platforms/php/webapps/18948.txt,"PBBoard 2.1.4 - Multiple SQL Injection",2012-05-29,loneferret,php,webapps,0 +18948,platforms/php/webapps/18948.txt,"PBBoard 2.1.4 - Multiple SQL Injections",2012-05-29,loneferret,php,webapps,0 19025,platforms/windows/remote/19025.rb,"Sielco Sistemi Winlog 2.07.14 - Buffer Overflow",2012-06-08,Metasploit,windows,remote,0 18952,platforms/windows/dos/18952.txt,"Microsoft Wordpad 5.1 - (.doc) Null Pointer Dereference",2012-05-30,condis,windows,dos,0 18953,platforms/php/webapps/18953.txt,"Ganesha Digital Library 4.0 - Multiple Vulnerabilities",2012-05-30,X-Cisadane,php,webapps,0 18954,platforms/windows/local/18954.rb,"MPlayer - .SAMI Subtitle File Buffer Overflow",2012-05-30,Metasploit,windows,local,0 -18955,platforms/php/webapps/18955.txt,"Simple Web Content Management System 1.1-1.3 - Multiple SQL Injection",2012-05-30,loneferret,php,webapps,0 +18955,platforms/php/webapps/18955.txt,"Simple Web Content Management System 1.1-1.3 - Multiple SQL Injections",2012-05-30,loneferret,php,webapps,0 18956,platforms/windows/dos/18956.c,"GIMP 2.6 script-fu < 2.8.0 - Buffer Overflow",2012-05-31,"Joseph Sheridan",windows,dos,0 18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System 1.0.2 - Arbitrary File Upload",2012-05-31,Metasploit,php,webapps,0 18958,platforms/windows/dos/18958.html,"Sony VAIO Wireless Manager 4.0.0.0 - Buffer Overflows",2012-05-31,"High-Tech Bridge SA",windows,dos,0 @@ -16399,7 +16399,7 @@ id,file,description,date,author,platform,type,port 18969,platforms/windows/remote/18969.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 18973,platforms/windows/remote/18973.rb,"GIMP - script-fu Server Buffer Overflow",2012-06-02,Metasploit,windows,remote,0 -18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Stored XSS",2012-06-02,"Henry Hoggard",php,webapps,0 +18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Persistent Cross-site Scripting",2012-06-02,"Henry Hoggard",php,webapps,0 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 18987,platforms/php/webapps/18987.php,"WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18988,platforms/php/webapps/18988.php,"WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 @@ -16419,7 +16419,7 @@ id,file,description,date,author,platform,type,port 19005,platforms/php/webapps/19005.txt,"SN News 1.2 - (/admin/loger.php) Admin Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - (.PAC) Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows - OLE Object File Handling Remote Code Execution",2012-06-06,Metasploit,windows,remote,0 -19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Stored XSS",2012-06-06,"Henry Hoggard",php,webapps,0 +19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Persistent Cross-site Scripting",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory - Remote Code Execution",2012-06-10,Metasploit,windows,remote,0 19007,platforms/php/webapps/19007.php,"PHPNet 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 Plugin - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 @@ -16500,7 +16500,7 @@ id,file,description,date,author,platform,type,port 19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress - uploadify.php Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 -19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - DoS",1997-11-13,"G P R",linux,remote,0 +19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,remote,0 19104,platforms/linux/remote/19104.c,"IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit",1997-11-24,anonymous,linux,remote,0 19105,platforms/linux/remote/19105.c,"Muhammad A. Muquit wwwcount 2.3 - Count.cgi Buffer Overflow",1997-10-16,"Razvan Dragomirescu",linux,remote,0 19106,platforms/linux/local/19106.c,"BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit",1996-07-03,"Jeff Uphoff",linux,local,0 @@ -16570,7 +16570,7 @@ id,file,description,date,author,platform,type,port 19181,platforms/windows/dos/19181.txt,"XnView - .RAS Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 19182,platforms/windows/dos/19182.txt,"XnView - .ECW Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 19183,platforms/windows/dos/19183.txt,"XnView - .FlashPix Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 -19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 - (.m3u) Crash PoC",2012-06-16,Styxosaurus,windows,dos,0 +19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 - '.m3u' Crash PoC",2012-06-16,Styxosaurus,windows,dos,0 19185,platforms/hardware/webapps/19185.txt,"Huawei HG866 - Authentication Bypass",2012-06-16,hkm,hardware,webapps,0 19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services - MSXML Uninitialized Memory Corruption",2012-06-16,Metasploit,windows,remote,0 19187,platforms/php/webapps/19187.txt,"WordPress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 @@ -16650,7 +16650,7 @@ id,file,description,date,author,platform,type,port 19262,platforms/irix/local/19262.txt,"SGI IRIX 6.2 cdplayer - Exploit",1996-11-21,"Yuri Volobuev",irix,local,0 19263,platforms/hardware/webapps/19263.txt,"QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities",2012-06-18,"Sense of Security",hardware,webapps,0 19264,platforms/php/webapps/19264.txt,"MyTickets 1.x < 2.0.8 - Blind SQL Injection",2012-06-18,al-swisre,php,webapps,0 -19265,platforms/windows/dos/19265.py,"Total Video Player 1.31 - (.m3u) Crash PoC",2012-06-18,0dem,windows,dos,0 +19265,platforms/windows/dos/19265.py,"Total Video Player 1.31 - '.m3u' Crash PoC",2012-06-18,0dem,windows,dos,0 19266,platforms/windows/remote/19266.py,"Ezhometech Ezserver 6.4 - Stack Overflow Exploit",2012-06-18,modpr0be,windows,remote,0 19267,platforms/irix/local/19267.c,"SGI IRIX 6.3 - xrm Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 Cadmin - Exploit",1996-08-06,"Grant Kaufmann",irix,local,0 @@ -16679,7 +16679,7 @@ id,file,description,date,author,platform,type,port 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilities",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 -19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 Plugin - XSS",2012-06-20,"Henry Hoggard",php,webapps,0 +19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 Plugin - Cross-site Scripting",2012-06-20,"Henry Hoggard",php,webapps,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 @@ -16815,11 +16815,11 @@ id,file,description,date,author,platform,type,port 19449,platforms/windows/remote/19449.c,"Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow",1999-08-03,UNYUN,windows,remote,0 19450,platforms/windows/remote/19450.c,"CREAR ALMail32 1.10 - Buffer Overflow",1999-08-08,UNYUN,windows,remote,0 19451,platforms/multiple/remote/19451.txt,"Microsoft Windows 98 a/98 b/98SE / Solaris 2.6 - IRDP",1999-08-11,L0pth,multiple,remote,0 -19452,platforms/php/webapps/19452.txt,"phpmoneybooks 1.03 - Stored XSS",2012-06-29,chap0,php,webapps,0 +19452,platforms/php/webapps/19452.txt,"phpmoneybooks 1.03 - Persistent Cross-site Scripting",2012-06-29,chap0,php,webapps,0 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 - Local DoS",2012-06-29,0in,windows,dos,0 19455,platforms/windows/webapps/19455.txt,"specview 2.5 build 853 - Directory Traversal",2012-06-29,"Luigi Auriemma",windows,webapps,0 19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client 8.9 - (RFSync 1.0.0.1) Crash PoC",2012-06-29,"Luigi Auriemma",windows,dos,0 -19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5 / IIS 4.0 / Site Server Commerce Edition 3.0 alpha/3.0 - DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 +19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5 / IIS 4.0 / Site Server Commerce Edition 3.0 alpha/3.0 - Denial of Service",1999-08-11,"Nobuo Miwa",multiple,dos,0 19458,platforms/linux/remote/19458.c,"Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing",1999-07-31,Nergal,linux,remote,0 19459,platforms/multiple/remote/19459.txt,"Hybrid Ircd 5.0.3 p7 - Buffer Overflow",1999-08-13,"jduck and stranjer",multiple,remote,0 19460,platforms/multiple/local/19460.sh,"Oracle 8 8.1.5 - Intelligent Agent (1)",1999-08-16,"Brock Tellier",multiple,local,0 @@ -16863,7 +16863,7 @@ id,file,description,date,author,platform,type,port 19498,platforms/multiple/local/19498.sh,"Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd",1999-09-13,"Job de Haas of ITSX",multiple,local,0 19499,platforms/linux/local/19499.c,"SCO Open Server 5.0.5 - X Library Buffer Overflow (1)",1999-09-09,"Brock Tellier",linux,local,0 19500,platforms/linux/local/19500.c,"SCO Open Server 5.0.5 - X Library Buffer Overflow (2)",1999-06-21,"The Dark Raver of CPNE",linux,local,0 -19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 / SunOS 4.1.4 - BoF",1999-09-13,"Job de Haas of ITSX",linux,local,0 +19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 / SunOS 4.1.4 - Buffer Overflow",1999-09-13,"Job de Haas of ITSX",linux,local,0 19502,platforms/windows/local/19502.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5 - RASMAN Privilege Escalation",1999-09-17,"Alberto Rodríguez Aragonés",windows,local,0 19503,platforms/linux/remote/19503.txt,"ProFTPD 1.2 pre6 - snprintf",1999-09-17,"Tymm Twillman",linux,remote,0 19504,platforms/freebsd/local/19504.c,"Martin Schulze Cfingerd 1.4.2 - GECOS Buffer Overflow",1999-09-21,"babcia padlina ltd",freebsd,local,0 @@ -16875,7 +16875,7 @@ id,file,description,date,author,platform,type,port 19510,platforms/linux/local/19510.pl,"SSH Communications Security SSH 1.2.27 - Authentication Socket File Creation",1999-09-17,"Tymm Twillman",linux,local,0 19511,platforms/linux/local/19511.c,"Knox Software Arkeia 4.0 - Backup Local Overflow",1999-09-26,"Brock Tellier",linux,local,0 19512,platforms/linux/local/19512.sh,"Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow",1999-09-26,"Brock Tellier",linux,local,0 -19513,platforms/hardware/dos/19513.txt,"Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.5/1.0/2.0 - DoS",1999-09-27,"Bjorn Stickler",hardware,dos,0 +19513,platforms/hardware/dos/19513.txt,"Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.5/1.0/2.0 - Denial of Service",1999-09-27,"Bjorn Stickler",hardware,dos,0 19514,platforms/windows/remote/19514.txt,"Adobe Acrobat ActiveX Control 1.3.188 - ActiveX Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19515,platforms/windows/remote/19515.txt,"Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4 - Setupctl ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19516,platforms/windows/local/19516.txt,"Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 @@ -16967,7 +16967,7 @@ id,file,description,date,author,platform,type,port 19600,platforms/php/webapps/19600.txt,"CLscript CMS 3.0 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19603,platforms/windows/remote/19603.txt,"Microsoft Internet Explorer 4.x/5.0 / Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution",1999-11-08,Mukund,windows,remote,0 20122,platforms/windows/remote/20122.rb,"Microsoft Office SharePoint Server 2007 - Remote Code Execution",2012-07-31,Metasploit,windows,remote,8082 -30094,platforms/php/webapps/30094.txt,"DGNews 2.1 - Footer.php Cross-Site Scripting",2007-05-28,"Jesper Jurcenoks",php,webapps,0 +30094,platforms/php/webapps/30094.txt,"DGNews 2.1 - Footer.php Cross-site Scripting",2007-05-28,"Jesper Jurcenoks",php,webapps,0 20120,platforms/windows/remote/20120.pl,"httpdx 1.5.4 - Remote Heap Overflow",2012-07-29,st3n,windows,remote,0 19605,platforms/linux/dos/19605.c,"Linux Kernel 3.2.24 - fs/eventpoll.c Local Denial of Service",2012-07-05,"Yurij M. Plotnikov",linux,dos,0 19903,platforms/multiple/remote/19903.txt,"Gossamer Threads DBMan 2.0.4 - DBMan Information Leakage",2000-05-05,"Black Watch Labs",multiple,remote,0 @@ -16983,7 +16983,7 @@ id,file,description,date,author,platform,type,port 19616,platforms/windows/dos/19616.c,"Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow)",1999-11-08,Interrupt,windows,dos,0 19617,platforms/windows/remote/19617.txt,"NetcPlus SmartServer3 3.5.1 - POP Buffer Overflow",1999-11-11,"Ussr Labs",windows,remote,0 19618,platforms/windows/remote/19618.txt,"Microsoft Internet Explorer 5.0 Media Player - ActiveX Error Message",1999-11-14,"Georgi Guninski",windows,remote,0 -19619,platforms/windows/dos/19619.txt,"QPC Software QVT Term 4.3/QVT/Net 4.3 Suite FTP Server - DoS",1999-11-10,"Ussr Labs",windows,dos,0 +19619,platforms/windows/dos/19619.txt,"QPC Software QVT Term 4.3/QVT/Net 4.3 Suite FTP Server - Denial of Service",1999-11-10,"Ussr Labs",windows,dos,0 19620,platforms/unix/remote/19620.txt,"Matt Wright - FormHandler.cgi 2.0 Reply Attachment",1999-11-16,m4rcyS,unix,remote,0 19621,platforms/windows/remote/19621.c,"Admiral Systems EmailClub 1.0.0.5 - Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19622,platforms/windows/remote/19622.c,"Antelope Software W4-Server 2.6 a/Win32 - Cgitest.exe Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 @@ -17029,7 +17029,7 @@ id,file,description,date,author,platform,type,port 19663,platforms/solaris/remote/19663.c,"Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop - (print_domain_name) Buffer Overflow",1999-12-07,K2,solaris,remote,0 19664,platforms/windows/dos/19664.txt,"Cat Soft Serv-U 2.5 a - Server SITE PASS DoS",1999-12-02,"Ussr Labs",windows,dos,0 19665,platforms/windows/local/19665.txt,"Microsoft Internet Explorer 5.0 - vnd.ms.radio URL",1999-12-06,"Jeremy Kothe",windows,local,0 -19666,platforms/windows/dos/19666.txt,"GoodTech Telnet Server NT 2.2.1 - DoS",1999-12-06,"Ussr Labs",windows,dos,0 +19666,platforms/windows/dos/19666.txt,"GoodTech Telnet Server NT 2.2.1 - Denial of Service",1999-12-06,"Ussr Labs",windows,dos,0 19667,platforms/multiple/remote/19667.c,"WolfPack Development XSHIPWARS 1.0/1.2.4 - Buffer Overflow",1999-12-09,"Amanda Woodward",multiple,remote,0 19668,platforms/solaris/remote/19668.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (1)",1999-06-24,"Cheez Whiz",solaris,remote,0 19669,platforms/solaris/remote/19669.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (2)",1999-06-24,"Cheez Whiz",solaris,remote,0 @@ -17102,13 +17102,13 @@ id,file,description,date,author,platform,type,port 19741,platforms/cgi/remote/19741.pl,"Wired Community Software WWWThreads 5.0 - SQL Command Input",2000-02-03,"rain forest puppy",cgi,remote,0 19742,platforms/multiple/remote/19742.txt,"Microsoft iis 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal",2000-02-02,Mnemonix,multiple,remote,0 19743,platforms/windows/remote/19743.txt,"Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut",2000-02-04,"Ussr Labs",windows,remote,0 -19744,platforms/novell/dos/19744.txt,"Novell Groupwise Enhancement Pack 5.5 Enhancement Pack - DoS",2000-02-07,"Adam Gray",novell,dos,0 +19744,platforms/novell/dos/19744.txt,"Novell Groupwise Enhancement Pack 5.5 Enhancement Pack - Denial of Service",2000-02-07,"Adam Gray",novell,dos,0 19745,platforms/cgi/remote/19745.txt,"Daniel Beckham The Finger Server 0.82 BETA - Pipe",2000-02-04,"Iain Wade",cgi,remote,0 -19746,platforms/novell/dos/19746.txt,"Novell BorderManager 3.0/3.5 Audit Trail Proxy - DoS",2000-02-04,"Chicken Man",novell,dos,0 +19746,platforms/novell/dos/19746.txt,"Novell BorderManager 3.0/3.5 Audit Trail Proxy - Denial of Service",2000-02-04,"Chicken Man",novell,dos,0 19747,platforms/cgi/remote/19747.txt,"Zeus Web Server 3.x - Null Terminated Strings",2000-02-08,"Vanja Hrustic",cgi,remote,0 19748,platforms/windows/dos/19748.txt,"True North Software Internet Anywhere Mail Server 3.1.3 - RETR DoS",2000-02-10,"Nobuo Miwa",windows,dos,0 19749,platforms/multiple/remote/19749.txt,"ISC BIND 4.9.7/8.x - Traffic Amplification and NS Route Discovery",2000-02-14,Sebastian,multiple,remote,0 -19750,platforms/multiple/dos/19750.sh,"Netopia Timbuktu Pro Remote Control 2.0/5.2.1 - DoS",2000-02-11,eth0,multiple,dos,0 +19750,platforms/multiple/dos/19750.sh,"Netopia Timbuktu Pro Remote Control 2.0/5.2.1 - Denial of Service",2000-02-11,eth0,multiple,dos,0 19751,platforms/multiple/remote/19751.txt,"Ascom COLTSOHO / Brocade Fabric OS / MatchBox / Win98/NT4 / Solaris / Xyplex - SNMP World Writeable Community",2000-02-15,"Michal Zalewski",multiple,remote,0 19752,platforms/sco/local/19752.txt,"SCO Unixware 7.1/7.1.1 - ARCserver /tmp symlink",2000-02-15,"Shawn Bracken",sco,local,0 19753,platforms/windows/remote/19753.txt,"Microsoft frontpage personal webserver 1.0/personal Web server 4.0 - Directory Traversal",1996-01-17,kiborg,windows,remote,0 @@ -17132,12 +17132,12 @@ id,file,description,date,author,platform,type,port 19774,platforms/hardware/webapps/19774.txt,"TP Link Gateway 3.12.4 - Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,hardware,webapps,0 19775,platforms/php/webapps/19775.txt,"Reserve Logic 1.2 Booking CMS - Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,php,webapps,0 19776,platforms/windows/local/19776.pl,"ZipItFast PRO 3.0 - Heap Overflow Exploit",2012-07-12,b33f,windows,local,0 -19777,platforms/windows/dos/19777.txt,"IE 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass",2012-07-12,"Adi Cohen",windows,dos,0 +19777,platforms/windows/dos/19777.txt,"Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass",2012-07-12,"Adi Cohen",windows,dos,0 19778,platforms/linux/local/19778.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (1)",2000-02-26,"Babcia Padlina",linux,local,0 19779,platforms/linux/local/19779.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (2)",2000-02-26,"Babcia Padlina",linux,local,0 -19780,platforms/multiple/dos/19780.txt,"Trend Micro OfficeScan Corporate Edition 3.0/3.5/3.11/3.13 - DoS",2000-02-26,"Jeff Stevens",multiple,dos,0 +19780,platforms/multiple/dos/19780.txt,"Trend Micro OfficeScan Corporate Edition 3.0/3.5/3.11/3.13 - Denial of Service",2000-02-26,"Jeff Stevens",multiple,dos,0 19781,platforms/multiple/remote/19781.sh,"Alex Heiphetz Group EZShopper 3.0 - Remote Command Execution",2000-02-27,suid,multiple,remote,0 -19782,platforms/windows/dos/19782.pl,"HP OpenView OmniBack II 2.55/3.0/3.1 - DoS",2000-02-28,"Jon Hittner",windows,dos,0 +19782,platforms/windows/dos/19782.pl,"HP OpenView OmniBack II 2.55/3.0/3.1 - Denial of Service",2000-02-28,"Jon Hittner",windows,dos,0 19783,platforms/windows/dos/19783.txt,"Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Request",1999-08-25,"ISS X-Force",windows,dos,0 19784,platforms/multiple/remote/19784.txt,"Axis Communications StorPoint CD - Bypass Authentication",2000-03-01,"Infosec Swedish based tigerteam",multiple,remote,0 19785,platforms/unix/remote/19785.txt,"The ht://Dig Group ht://Dig 3.1.1/3.1.2/3.1.3/3.1.4/3.2 .0b1 - Arbitrary File Inclusion",2000-02-29,"Geoff Hutchison",unix,remote,0 @@ -17154,7 +17154,7 @@ id,file,description,date,author,platform,type,port 19796,platforms/multiple/local/19796.c,"Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)",2000-03-03,"Babcia Padlina",multiple,local,0 19797,platforms/unix/remote/19797.txt,"Sun StarOffice 5.1 - Arbitrary File Read",2000-03-09,"Vanja Hrustic",unix,remote,0 19798,platforms/windows/local/19798.txt,"Microsoft Windows NT 4.0 - User Shell Folders",2000-03-09,anonymous,windows,local,0 -19799,platforms/windows/dos/19799.txt,"Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - DoS",2000-03-04,anonymous,windows,dos,0 +19799,platforms/windows/dos/19799.txt,"Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service",2000-03-04,anonymous,windows,dos,0 19800,platforms/multiple/remote/19800.c,"Check Point Software Firewall-1 3.0/1 4.0 / Cisco PIX Firewall 4.x/5.x - 'ALG' Client",2000-03-10,"Dug Song",multiple,remote,0 19801,platforms/linux/remote/19801.c,"Michael Sandrof IrcII 4.4-7 - Buffer Overflow",2000-03-10,bladi,linux,remote,0 19802,platforms/linux/local/19802.c,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (1)",2000-03-11,Krahmer,linux,local,0 @@ -17175,7 +17175,7 @@ id,file,description,date,author,platform,type,port 19817,platforms/ultrix/dos/19817.txt,"Data General DG/UX 5.4 - inetd Service Exhaustion Denial of Service",2000-03-16,"The Unicorn",ultrix,dos,0 19818,platforms/linux/dos/19818.c,"Linux Kernel 2.2.12/2.2.14/2.3.99 (RedHat 6.x) - Socket Denial of Service",2000-03-23,"Jay Fenlason",linux,dos,0 19819,platforms/windows/remote/19819.txt,"GeoCel WindMail 3.0 - Remote File Read",2000-03-27,"Quan Peng",windows,remote,0 -19820,platforms/windows/dos/19820.txt,"AnalogX SimpleServer:WWW 1.0.3 - DoS",2000-03-25,"Presto Chango",windows,dos,0 +19820,platforms/windows/dos/19820.txt,"AnalogX SimpleServer:WWW 1.0.3 - Denial of Service",2000-03-25,"Presto Chango",windows,dos,0 19821,platforms/multiple/local/19821.c,"Citrix MetaFrame 1.0/1.8 - Weak Encryption",2000-03-29,"Dug Song",multiple,local,0 19822,platforms/irix/remote/19822.c,"SGI IRIX 5.x/6.x - Objectserver",2000-03-29,"Last Stage of Delirium",irix,remote,0 19823,platforms/unix/local/19823.txt,"Standard & Poors ComStock 4.2.4 - Machine Vulnerabilities",2000-03-24,kadokev,unix,local,0 @@ -17190,7 +17190,7 @@ id,file,description,date,author,platform,type,port 19832,platforms/hardware/remote/19832.rb,"Siemens Simatic S7-300 - PLC Remote Memory Viewer (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,8080 19833,platforms/hardware/remote/19833.rb,"Siemens Simatic S7-1200 - CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,0 19834,platforms/windows/dos/19834.txt,"Real Networks RealPlayer 6/7 - Location Buffer Overflow",2000-04-03,"Adam Muntner",windows,dos,0 -19835,platforms/windows/dos/19835.txt,"SalesLogix Corporation eViewer 1.0 - DoS",2000-03-31,"Todd Beebe",windows,dos,0 +19835,platforms/windows/dos/19835.txt,"SalesLogix Corporation eViewer 1.0 - Denial of Service",2000-03-31,"Todd Beebe",windows,dos,0 19836,platforms/windows/local/19836.c,"Symantec pcAnywhere 9.0 - Weak Encryption",2000-04-06,"Pascal Longpre",windows,local,0 19837,platforms/linux/local/19837.c,"Bray Systems Linux Trustees 1.5 - Long Pathname",2000-04-10,"Andrey E. Lerman",linux,local,0 19838,platforms/linux/local/19838.c,"CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (1)",2000-04-10,kingpin,linux,local,0 @@ -17211,7 +17211,7 @@ id,file,description,date,author,platform,type,port 19853,platforms/windows/dos/19853.txt,"FrontPage 97/98 - Server Image Mapper Buffer Overflow",2000-04-19,Narrow,windows,dos,0 19854,platforms/netware/dos/19854.sh,"Novell Netware 5.1 - Remote Administration Buffer Overflow",2000-04-19,"Michal Zalewski",netware,dos,0 19855,platforms/windows/local/19855.txt,"Panda Security 3.0 - Multiple Vulnerabilities",2000-04-17,Zan,windows,local,0 -19856,platforms/windows/dos/19856.txt,"GameHouse dldisplay ActiveX control 0 / Real Server 7.0 Port 7070 - DoS",2000-04-20,"Ussr Labs",windows,dos,7070 +19856,platforms/windows/dos/19856.txt,"GameHouse dldisplay ActiveX control 0 / Real Server 7.0 Port 7070 - Denial of Service",2000-04-20,"Ussr Labs",windows,dos,7070 19857,platforms/windows/remote/19857.rb,"ALLMediaServer 0.8 - Buffer Overflow",2012-07-16,Metasploit,windows,remote,888 19905,platforms/unix/remote/19905.pl,"John Donoghue Knapster 0.9/1.3.8 - File Access",2000-05-13,no_maam,unix,remote,0 19904,platforms/unix/local/19904.txt,"Intel Corporation NetStructure 7110 - Undocumented Password",2000-05-08,"Stake Inc",unix,local,0 @@ -17253,7 +17253,7 @@ id,file,description,date,author,platform,type,port 19896,platforms/bsd/dos/19896.c,"FreeBSD 3.4/4.0/5.0 / NetBSD 1.4 - Unaligned IP Option Denial of Service",2000-05-04,y3t1,bsd,dos,0 19897,platforms/windows/remote/19897.txt,"FrontPage 2000 / IIS 4.0/5.0 - Server Extensions Path Disclosure",2000-05-06,"Frankie Zie",windows,remote,0 19898,platforms/php/webapps/19898.txt,"Forum Oxalis 0.1.2 - SQL Injection",2012-07-17,"Jean Pascal Pereira",php,webapps,0 -19899,platforms/cgi/dos/19899.txt,"UltraBoard 1.6 - DoS",2000-05-05,"Juan M. Bello Rivas",cgi,dos,0 +19899,platforms/cgi/dos/19899.txt,"UltraBoard 1.6 - Denial of Service",2000-05-05,"Juan M. Bello Rivas",cgi,dos,0 19900,platforms/linux/local/19900.c,"RedHat Linux 6.0/6.1/6.2 - pam_console",2000-05-03,"Michal Zalewski",linux,local,0 19901,platforms/hardware/remote/19901.txt,"Netopia R-series routers 4.6.2 - Exploit",2000-05-16,"Stephen Friedl",hardware,remote,0 20010,platforms/php/webapps/20010.txt,"X-Cart Gold 4.5 - (products_map.php symb parameter) XSS",2012-07-21,muts,php,webapps,0 @@ -17270,15 +17270,15 @@ id,file,description,date,author,platform,type,port 19916,platforms/multiple/remote/19916.c,"Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (1)",2000-05-16,"Hugo Breton",multiple,remote,0 19917,platforms/multiple/remote/19917.c,"Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (2)",2000-05-16,L0pht,multiple,remote,0 19918,platforms/multiple/remote/19918.c,"Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (3)",2000-05-16,L0pht,multiple,remote,0 -19919,platforms/hardware/dos/19919.c,"Cisco 7xx Series Router - DoS",1999-03-11,Tiz.Telesup,hardware,dos,0 +19919,platforms/hardware/dos/19919.c,"Cisco 7xx Series Router - Denial of Service",1999-03-11,Tiz.Telesup,hardware,dos,0 19920,platforms/multiple/dos/19920.c,"Computalynx CProxy Server 3.3 SP2 - Buffer Overflow DoS",2000-05-16,"HaCk-13 TeaM",multiple,dos,0 19921,platforms/cgi/remote/19921.txt,"Matt Kruse Calendar Script 2.2 - Arbitrary Command Execution",2000-05-16,suid,cgi,remote,0 19922,platforms/windows/remote/19922.pl,"Internet Security Systems ICECap Manager 2.0.23 - Default Username and Password",2000-05-17,"rain forest puppy",windows,remote,0 -19923,platforms/hardware/dos/19923.txt,"Cayman 3220-H DSL Router 1.0/GatorSurf 5.3 - DoS",2000-05-17,cassius,hardware,dos,0 +19923,platforms/hardware/dos/19923.txt,"Cayman 3220-H DSL Router 1.0/GatorSurf 5.3 - Denial of Service",2000-05-17,cassius,hardware,dos,0 19924,platforms/bsd/remote/19924.c,"Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility krb_rd_req() Buffer Overflow (1)",2000-05-16,duke,bsd,remote,0 19925,platforms/linux/local/19925.c,"Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility krb_rd_req() Buffer Overflow (2)",2000-05-26,"Jim Paris",linux,local,0 19926,platforms/linux/remote/19926.c,"Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility krb_rd_req() Buffer Overflow (3)",2000-04-08,"Jim Paris",linux,remote,0 -19927,platforms/php/webapps/19927.html,"Nwahy Articles 2.2 - CSRF Add Admin",2012-07-18,DaOne,php,webapps,0 +19927,platforms/php/webapps/19927.html,"Nwahy Articles 2.2 - CSRF (Add Admin)",2012-07-18,DaOne,php,webapps,0 19928,platforms/windows/remote/19928.txt,"Microsoft Active Movie Control 1.0 - Filetype",2000-05-13,http-equiv,windows,remote,0 19965,platforms/multiple/dos/19965.txt,"HP JetAdmin 6.0 - Printing DoS",2000-05-24,"Ussr Labs",multiple,dos,0 19966,platforms/linux/remote/19966.c,"Marty Bochane MDBms 0.9 - xbx Buffer Overflow",2000-05-24,"HaCk-13 TeaM",linux,remote,0 @@ -17318,7 +17318,7 @@ id,file,description,date,author,platform,type,port 19971,platforms/unix/local/19971.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - (ELM) Buffer Overflow (1)",2000-05-07,Scrippie,unix,local,0 19972,platforms/unix/local/19972.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - (ELM) Buffer Overflow (2)",2000-05-27,Buffer0verfl0w,unix,local,0 19973,platforms/windows/remote/19973.txt,"Fastraq Mailtraq 1.1.4 - Multiple Path Vulnerabilities",2000-03-22,Slash,windows,remote,0 -19974,platforms/windows/dos/19974.c,"Microsoft Windows Media Services 4.0/4.1 - DoS",2000-05-31,"Kit Knox",windows,dos,0 +19974,platforms/windows/dos/19974.c,"Microsoft Windows Media Services 4.0/4.1 - Denial of Service",2000-05-31,"Kit Knox",windows,dos,0 19975,platforms/windows/remote/19975.pl,"Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 - Root Directory Access",2000-05-31,"H D Moore",windows,remote,0 19976,platforms/windows/remote/19976.txt,"Concatus IMate Web Mail Server 2.5 - Buffer Overflow",2000-06-01,"Delphis Consulting",windows,remote,0 19977,platforms/multiple/dos/19977.txt,"Real Networks Real Server 7.0/7.0.1/8.0 Beta - View-Source DoS",2000-06-01,"Ussr Labs",multiple,dos,0 @@ -17353,12 +17353,12 @@ id,file,description,date,author,platform,type,port 20006,platforms/windows/dos/20006.nasl,"Windows NT 4.0 - Remote Registry Request DoS (2)",2000-06-08,"Renaud Deraison",windows,dos,0 20007,platforms/cgi/remote/20007.c,"3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution",2000-04-24,fygrave,cgi,remote,0 20008,platforms/cgi/remote/20008.txt,"3R Soft MailStudio 2000 2.0 - Arbitrary File Access",2000-06-09,s0ftpr0ject,cgi,remote,0 -20009,platforms/linux/remote/20009.py,"atmail email server appliance 6.4 - Stored XSS / CSRF / RCE",2012-07-21,muts,linux,remote,0 +20009,platforms/linux/remote/20009.py,"atmail email server appliance 6.4 - Persistent Cross-site Scripting / CSRF / Remote Code Execution",2012-07-21,muts,linux,remote,0 20011,platforms/windows/webapps/20011.js,"solarwinds orion network performance monitor 10.2.2 - Multiple Vulnerabilities",2012-07-21,muts,windows,webapps,0 20012,platforms/windows/local/20012.txt,"Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption",2000-06-07,Phate.net,windows,local,0 20013,platforms/linux/local/20013.c,"Sam Lantinga splitvt 1.6.3 - Buffer Overflow",2000-06-01,Syzop,linux,local,0 20014,platforms/solaris/local/20014.c,"Solaris 2.5/2.6/7.0/8 ufsrestore - Buffer Overflow",2000-06-14,"Job de Haas of ITSX",solaris,local,0 -20015,platforms/windows/dos/20015.txt,"AnalogX SimpleServer:WWW 1.0.5 - DoS",2000-07-15,"Ussr Labs",windows,dos,0 +20015,platforms/windows/dos/20015.txt,"AnalogX SimpleServer:WWW 1.0.5 - Denial of Service",2000-07-15,"Ussr Labs",windows,dos,0 20016,platforms/windows/dos/20016.py,"Shadow Op Software Dragon Server 1.0/2.0 - Multiple DoS",2000-06-16,Prizm,windows,dos,0 20017,platforms/windows/dos/20017.py,"Max Feoktistov Small HTTP server 1.212 - Buffer Overflow",2000-06-16,"Ussr Labs",windows,dos,0 20018,platforms/solaris/local/20018.txt,"Veritas Software Volume Manager 3.0.2/3.0.3/3.0.4 - File Permission",2000-06-16,"Dixie Flatline",solaris,local,0 @@ -17377,11 +17377,11 @@ id,file,description,date,author,platform,type,port 20031,platforms/linux/remote/20031.c,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)",2000-09-26,vsz_,linux,remote,0 20032,platforms/lin_x86/remote/20032.txt,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0 20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - (statusFilter.php q parameter) SQL Injection",2012-07-22,muts,php,webapps,0 -20035,platforms/asp/webapps/20035.js,"ipswitch whatsup gold 15.02 - Stored XSS / Blind SQLi / RCE",2012-07-22,muts,asp,webapps,0 +20035,platforms/asp/webapps/20035.js,"ipswitch whatsup gold 15.02 - Persistent Cross-site Scripting / Blind SQLi / Remote Code Execution",2012-07-22,muts,asp,webapps,0 20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow Exploit",2012-07-23,mr.pr0n,windows,local,0 20037,platforms/linux/webapps/20037.txt,"Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure",2012-07-23,Ciph3r,linux,webapps,0 20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 - (blocked.php id parameter) Blind SQL Injection",2012-07-23,muts,linux,webapps,0 -20039,platforms/windows/dos/20039.java,"LeafDigital LeafChat 1.7 - DoS",2000-06-25,"MDMA Crew",windows,dos,0 +20039,platforms/windows/dos/20039.java,"LeafDigital LeafChat 1.7 - Denial of Service",2000-06-25,"MDMA Crew",windows,dos,0 20040,platforms/windows/remote/20040.c,"SapporoWorks WinProxy 2.0/2.0.1 - Buffer Overflow",2000-06-27,UNYUN,windows,remote,0 20041,platforms/cgi/remote/20041.txt,"Flowerfire Sawmill 5.0.21 - File Access",2000-06-26,"Larry W. Cashdollar",cgi,remote,0 20042,platforms/unix/local/20042.c,"Flowerfire Sawmill 5.0.21 - Weak Password Encryption",2000-06-26,"Larry W. Cashdollar",unix,local,0 @@ -17404,7 +17404,7 @@ id,file,description,date,author,platform,type,port 20060,platforms/linux/remote/20060.c,"BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String",2000-07-05,RaiSe,linux,remote,0 20061,platforms/linux/remote/20061.c,"Canna Canna 3.5 b2 - Remote Buffer Overflow",2000-07-02,UNYUN,linux,remote,0 20062,platforms/php/webapps/20062.py,"AlienVault OSSIM 3.1 - Reflected XSS / Blind SQL Injection",2012-07-23,muts,php,webapps,0 -20063,platforms/windows/webapps/20063.txt,"Spiceworks 5.3.75941 - Stored XSS / Post-Auth SQL Injection",2012-07-23,dookie,windows,webapps,0 +20063,platforms/windows/webapps/20063.txt,"Spiceworks 5.3.75941 - Persistent Cross-site Scripting / Post-Auth SQL Injection",2012-07-23,dookie,windows,webapps,0 20064,platforms/linux/remote/20064.py,"Symantec Web Gateway 5.0.3.18 - LFI Remote ROOT RCE Exploit",2012-07-24,muts,linux,remote,0 20065,platforms/windows/remote/20065.txt,"DrPhibez and Nitro187 Guild FTPD 0.9.7 - File Existence Disclosure",2000-07-08,"Andrew Lewis",windows,remote,0 20066,platforms/windows/remote/20066.java,"Michael Lamont Savant WebServer 2.1/3.0 - Buffer Overflow",2000-07-03,Wizdumb,windows,remote,0 @@ -17421,7 +17421,7 @@ id,file,description,date,author,platform,type,port 20077,platforms/linux/remote/20077.c,"Conectiva 4.x/5.x / Debian 2.x / RedHat 6.x / S.u.S.E 6.x/7.0 / Trustix 1.x - rpc.statd Remote Format String (3)",2000-08-03,ron1n,linux,remote,0 20078,platforms/windows/remote/20078.pl,"Microsoft Outlook 97/98/2000 / Outlook Express 4.0/5.0 - GMT Field Buffer Overflow (1)",2000-07-18,"Ussr Labs",windows,remote,0 20079,platforms/windows/remote/20079.txt,"Microsoft Outlook 97/98/2000 / Outlook Express 4.0/5.0 - GMT Field Buffer Overflow (2)",2000-07-18,"Ussr Labs",windows,remote,0 -20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 - DoS",2000-07-18,wildcoyote,windows,dos,0 +20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 - Denial of Service",2000-07-18,wildcoyote,windows,dos,0 20081,platforms/windows/local/20081.c,"NetZero ZeroPort 3.0 - Weak Encryption Method",2000-07-18,"Brian Carrier",windows,local,0 20082,platforms/unix/remote/20082.txt,"University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read",2000-07-14,mandark,unix,remote,0 20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 @@ -17439,7 +17439,7 @@ id,file,description,date,author,platform,type,port 20096,platforms/windows/remote/20096.txt,"Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure",2000-07-13,"Dougal Campbell",windows,remote,0 20097,platforms/multiple/remote/20097.txt,"IBM Websphere Application Server 2.0./3.0/3.0.2.1 - Showcode",2000-07-24,"Shreeraj Shah",multiple,remote,0 20098,platforms/multiple/dos/20098.txt,"Netscape Communicator 4.x - JPEG-Comment Heap Overwrite",2000-07-25,"Solar Designer",multiple,dos,0 -20099,platforms/windows/dos/20099.c,"AnalogX Proxy 4.0 4 - DoS",2000-07-25,wildcoyote,windows,dos,0 +20099,platforms/windows/dos/20099.c,"AnalogX Proxy 4.0 4 - Denial of Service",2000-07-25,wildcoyote,windows,dos,0 20100,platforms/windows/dos/20100.pl,"WFTPD 2.4.1RC11 - STAT/LIST Command DoS",2000-07-21,"Blue Panda",windows,dos,0 20101,platforms/windows/dos/20101.pl,"WFTPD 2.4.1RC11 REST Command - Malformed File Write DoS",2000-07-21,"Blue Panda",windows,dos,0 20102,platforms/windows/dos/20102.pl,"WFTPD 2.4.1RC11 - Unauthenticated MLST Command Remote DoS",2000-07-21,"Blue Panda",windows,dos,0 @@ -17456,7 +17456,7 @@ id,file,description,date,author,platform,type,port 20301,platforms/windows/remote/20301.php,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (4)",2000-10-17,BoloTron,windows,remote,0 20145,platforms/linux/remote/20145.c,"Aptis Software TotalBill 3.0 - Remote Command Execution",2000-08-08,"Brian Masney",linux,remote,0 20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - (deptUploads_data.php groupid parameter) Blind SQLi",2012-07-30,Kc57,php,webapps,0 -20124,platforms/windows/webapps/20124.txt,"Dr. Web Control Center 6.00.3.201111300 - XSS",2012-07-31,"Oliver Karow",windows,webapps,0 +20124,platforms/windows/webapps/20124.txt,"Dr. Web Control Center 6.00.3.201111300 - Cross-site Scripting",2012-07-31,"Oliver Karow",windows,webapps,0 20125,platforms/windows/remote/20125.txt,"Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution",2000-08-01,"Foundstone Inc.",windows,remote,0 20126,platforms/irix/local/20126.c,"IRIX 6.5.x - gr_osview Buffer Overflow",1997-01-01,"Last Stage of Delirium",irix,local,0 20127,platforms/irix/local/20127.c,"SGI IRIX 6.2 libgl.so - Buffer Overflow",1997-09-01,"Last Stage of Delirium",irix,local,0 @@ -17508,7 +17508,7 @@ id,file,description,date,author,platform,type,port 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 - rexec Buffer Overflow",2000-08-24,"Ussr Labs",windows,dos,0 20176,platforms/cgi/remote/20176.pl,"CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 20177,platforms/cgi/remote/20177.html,"CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 -20178,platforms/multiple/dos/20178.pl,"vqSoft vqServer 1.4.49 - DoS",2000-08-19,sinfony,multiple,dos,0 +20178,platforms/multiple/dos/20178.pl,"vqSoft vqServer 1.4.49 - Denial of Service",2000-08-19,sinfony,multiple,dos,0 20179,platforms/unix/local/20179.txt,"Gert Doering mgetty 1.1.19/1.1.20/1.1.21/1.22.8 - Symbolic Link Traversal",2000-08-25,"Stan Bubrouski",unix,local,0 20180,platforms/windows/remote/20180.c,"RobTex Viking Server 1.0.6 Build 355 - Buffer Overflow",2000-08-28,wildcoyote,windows,remote,0 20181,platforms/multiple/remote/20181.txt,"Kerberos 4 4.0/5 5.0 - KDC Spoofing",2000-08-28,"Dug Song",multiple,remote,0 @@ -17548,21 +17548,21 @@ id,file,description,date,author,platform,type,port 20216,platforms/multiple/remote/20216.sh,"Check Point Software Firewall-1 3.0/1 4.0/1 4.1 - Session Agent Dictionary Attack (2)",2000-10-01,"Gregory Duchemin",multiple,remote,0 20217,platforms/linux/dos/20217.c,"RedHat Linux 6.1 i386 - Tmpwatch Recursive Write DoS",2000-09-09,"zenith parsec",linux,dos,0 20218,platforms/cgi/remote/20218.txt,"YaBB 9.1.2000 - Arbitrary File Read",2000-09-10,pestilence,cgi,remote,0 -20219,platforms/windows/dos/20219.txt,"WebTV for Windows 98/ME - DoS",2000-09-12,Smashstack,windows,dos,0 +20219,platforms/windows/dos/20219.txt,"WebTV for Windows 98/ME - Denial of Service",2000-09-12,Smashstack,windows,dos,0 20220,platforms/linux/remote/20220.txt,"Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure",2000-09-11,anonymous,linux,remote,0 20221,platforms/windows/dos/20221.pl,"Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow",2000-09-11,"Guido Bakker",windows,dos,0 20222,platforms/windows/remote/20222.cpp,"Microsoft Windows 2000 - telnet.exe NTLM Authentication",2000-08-14,@stake,windows,remote,0 20223,platforms/windows/remote/20223.txt,"Sambar Server 4.3/4.4 beta 3 - Search CGI",2000-09-15,dethy,windows,remote,0 20224,platforms/windows/remote/20224.txt,"CamShot WebCam 2.6 Trial - Remote Buffer Overflow",2000-09-15,SecuriTeam,windows,remote,0 -20225,platforms/windows/dos/20225.pl,"Alt-N MDaemon 3.1.1 - DoS",1999-12-01,"Ussr Labs",windows,dos,0 +20225,platforms/windows/dos/20225.pl,"Alt-N MDaemon 3.1.1 - Denial of Service",1999-12-01,"Ussr Labs",windows,dos,0 20226,platforms/freebsd/dos/20226.c,"FreeBSD Kernel - SCTP Remote NULL Ptr Dereference DoS",2012-08-03,"Shaun Colley",freebsd,dos,0 20542,platforms/windows/local/20542.rb,"globalSCAPE CuteZIP - Stack Buffer Overflow",2012-08-15,Metasploit,windows,local,0 20228,platforms/windows/dos/20228.pl,"TYPSoft 0.7 x - FTP Server Remote DoS",1999-06-08,dethy,windows,dos,0 -20229,platforms/multiple/dos/20229.txt,"IBM Websphere Application Server 3.0.2 Server Plugin - DoS",2000-09-15,"Rude Yak",multiple,dos,0 +20229,platforms/multiple/dos/20229.txt,"IBM Websphere Application Server 3.0.2 Server Plugin - Denial of Service",2000-09-15,"Rude Yak",multiple,dos,0 20230,platforms/sco/local/20230.c,"Tridia DoubleVision 3.0 7.00 - Local Root Compromise",2000-06-24,"Stephen J. Friedl",sco,local,0 20231,platforms/hardware/remote/20231.txt,"Cisco PIX Firewall 4.x/5.x - SMTP Content Filtering Evasion",2000-09-19,"Lincoln Yeoh",hardware,remote,0 20232,platforms/windows/local/20232.cpp,"Microsoft Windows 2000/NT 4 - DLL Search Path Weakness",2000-09-18,"Georgi Guninski",windows,local,0 -20233,platforms/windows/dos/20233.txt,"NetcPlus BrowseGate 2.80 - DoS",2000-09-21,"Delphis Consulting",windows,dos,0 +20233,platforms/windows/dos/20233.txt,"NetcPlus BrowseGate 2.80 - Denial of Service",2000-09-21,"Delphis Consulting",windows,dos,0 20234,platforms/multiple/remote/20234.txt,"extent technologies rbs isp 2.5 - Directory Traversal",2000-09-21,anon,multiple,remote,8002 20235,platforms/windows/remote/20235.pl,"Cisco Secure ACS for Windows NT 2.42 - Buffer Overflow",2000-09-21,blackangels,windows,remote,0 20236,platforms/linux/remote/20236.txt,"S.u.S.E. Linux 6.3/6.4 - Installed Package Disclosure",2000-09-21,t0maszek,linux,remote,0 @@ -17611,7 +17611,7 @@ id,file,description,date,author,platform,type,port 20279,platforms/cgi/remote/20279.txt,"extropia webstore 1.0/2.0 - Directory Traversal",2000-10-09,f0bic,cgi,remote,0 20280,platforms/cgi/remote/20280.txt,"bytes interactive Web shopper 1.0/2.0 - Directory Traversal",2000-10-08,f0bic,cgi,remote,0 20281,platforms/cgi/remote/20281.txt,"hassan consulting shopping cart 1.18 - Directory Traversal",2000-10-07,f0bic,cgi,remote,0 -20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 - DoS",2000-10-09,zillion,windows,dos,0 +20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 - Denial of Service",2000-10-09,zillion,windows,dos,0 20283,platforms/windows/remote/20283.txt,"Microsoft Windows 9x / Me - Share Level Password Bypass (1)",2000-10-10,stickler,windows,remote,0 20284,platforms/windows/remote/20284.txt,"Microsoft Windows 9x / Me - Share Level Password Bypass (2)",2000-10-10,"Gabriel Maggiotti",windows,remote,0 20285,platforms/linux/local/20285.c,"RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution",2000-10-06,X-Force,linux,local,0 @@ -17645,7 +17645,7 @@ id,file,description,date,author,platform,type,port 20317,platforms/windows/local/20317.c,"Microsoft Windows NT 4.0 - MSIEXEC Registry Permissions",2000-10-23,Mnemonix,windows,local,0 20318,platforms/windows/remote/20318.txt,"Oracle Business Transaction Management Server 12.1.0.2.7 - FlashTunnelService WriteToFile Message RCE",2012-08-07,rgod,windows,remote,0 20319,platforms/windows/remote/20319.txt,"Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService - Remote File Deletion",2012-08-07,rgod,windows,remote,0 -20320,platforms/windows/webapps/20320.txt,"Zoho BugTracker - Multiple Stored XSS Vulnerabilities",2012-08-07,LiquidWorm,windows,webapps,0 +20320,platforms/windows/webapps/20320.txt,"Zoho BugTracker - Multiple Persistent Cross-site Scripting Vulnerabilities",2012-08-07,LiquidWorm,windows,webapps,0 20321,platforms/windows/remote/20321.rb,"Ubisoft uplay 2.0.3 - ActiveX Control Arbitrary Code Execution",2012-08-08,Metasploit,windows,remote,0 20322,platforms/multiple/remote/20322.html,"Sun HotJava Browser 3 - Arbitrary DOM Access",2000-10-25,"Georgi Guninski",multiple,remote,0 20323,platforms/hardware/dos/20323.txt,"Cisco IOS 12 - Software '?/' HTTP Request DoS",2000-10-25,"Alberto Solino",hardware,dos,0 @@ -17658,10 +17658,10 @@ id,file,description,date,author,platform,type,port 20330,platforms/hardware/remote/20330.pl,"Cisco Catalyst 3500 XL - Remote Arbitrary Command Execution",2000-10-26,blackangels,hardware,remote,0 20331,platforms/hardware/dos/20331.c,"Ascend R 4.5 Ci12 - Denial of Service (1)",1998-03-16,Rootshell,hardware,dos,0 20332,platforms/hardware/dos/20332.pl,"Ascend R 4.5 Ci12 - Denial of Service (2)",1998-03-17,Rootshell,hardware,dos,0 -20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow",1997-07-21,"D. J. Bernstein",unix,local,0 +20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow Exploit",1997-07-21,"D. J. Bernstein",unix,local,0 20334,platforms/windows/remote/20334.java,"CatSoft FTP Serv-U 2.5.x - Brute-Force",2000-10-29,Craig,windows,remote,0 -20335,platforms/windows/remote/20335.txt,"Microsoft Indexing Services for Windows 2000/NT 4.0 - (.htw) Cross-Site Scripting",2000-10-28,"Georgi Guninski",windows,remote,0 -20336,platforms/multiple/dos/20336.txt,"Unify eWave ServletExec 3.0 c - DoS",2000-10-30,"Foundstone Labs",multiple,dos,0 +20335,platforms/windows/remote/20335.txt,"Microsoft Indexing Services for Windows 2000/NT 4.0 - (.htw) Cross-site Scripting",2000-10-28,"Georgi Guninski",windows,remote,0 +20336,platforms/multiple/dos/20336.txt,"Unify eWave ServletExec 3.0 c - Denial of Service",2000-10-30,"Foundstone Labs",multiple,dos,0 20337,platforms/unix/remote/20337.c,"tcpdump 3.4/3.5 - AFS ACL Packet Buffer Overflow",2001-01-02,Zhodiac,unix,remote,0 20338,platforms/linux/local/20338.c,"SAMBA 2.0.7 - SWAT Symlink (1)",2000-11-01,Optyx,linux,local,0 20339,platforms/linux/local/20339.sh,"SAMBA 2.0.7 - SWAT Symlink (2)",2000-11-01,Optyx,linux,local,0 @@ -17673,26 +17673,26 @@ id,file,description,date,author,platform,type,port 20345,platforms/php/webapps/20345.txt,"iauto mobile application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 20346,platforms/php/webapps/20346.txt,"Inout Mobile Webmail APP - Persistent XSS",2012-08-08,Vulnerability-Lab,php,webapps,0 20347,platforms/php/webapps/20347.txt,"Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injection",2012-08-08,"Lorenzo Cantoni",php,webapps,0 -20348,platforms/windows/webapps/20348.py,"axigen mail server 8.0.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20349,platforms/windows/webapps/20349.py,"emailarchitect enterprise email server 10.0 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20350,platforms/windows/webapps/20350.py,"escon supportportal pro 3.0 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20351,platforms/windows/webapps/20351.py,"mailenable enterprise 6.5 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (vmware appliance) 6.3 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 +20348,platforms/windows/webapps/20348.py,"axigen mail server 8.0.1 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20349,platforms/windows/webapps/20349.py,"emailarchitect enterprise email server 10.0 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20350,platforms/windows/webapps/20350.py,"escon supportportal pro 3.0 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20351,platforms/windows/webapps/20351.py,"mailenable enterprise 6.5 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (vmware appliance) 6.3 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 20354,platforms/php/remote/20354.rb,"PHP IRC Bot pbot - eval() Remote Code Execution",2012-08-08,Metasploit,php,remote,0 20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 - Default MySQL Credential",2012-08-08,Metasploit,windows,remote,0 -20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20358,platforms/php/webapps/20358.py,"WordPress mini mail dashboard widget 1.42 Plugin - Stored XSS",2012-08-08,loneferret,php,webapps,0 -20359,platforms/windows/webapps/20359.py,"OTRS Open Technology Real Services 3.1.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20360,platforms/php/webapps/20360.py,"WordPress Plugin postie 1.4.3 - Stored XSS",2012-08-08,loneferret,php,webapps,0 -20361,platforms/php/webapps/20361.py,"WordPress Plugin simplemail 1.0.6 - Stored XSS",2012-08-08,loneferret,php,webapps,0 -20362,platforms/windows/webapps/20362.py,"smartermail free 9.2 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20363,platforms/windows/webapps/20363.py,"surgemail 6.0a4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20364,platforms/php/webapps/20364.py,"T-dah Webmail Client 3.2.0-2.3 - Stored XSS",2012-08-08,loneferret,php,webapps,0 -20365,platforms/php/webapps/20365.py,"WordPress Plugin ThreeWP Email Reflector 1.13 - Stored XSS",2012-08-08,loneferret,php,webapps,0 -20366,platforms/windows/webapps/20366.py,"winwebmail server 3.8.1.6 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20367,platforms/windows/webapps/20367.py,"xeams email server 4.4 build 5720 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 +20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20358,platforms/php/webapps/20358.py,"WordPress mini mail dashboard widget 1.42 Plugin - Persistent Cross-site Scripting",2012-08-08,loneferret,php,webapps,0 +20359,platforms/windows/webapps/20359.py,"OTRS Open Technology Real Services 3.1.4 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20360,platforms/php/webapps/20360.py,"WordPress Plugin postie 1.4.3 - Persistent Cross-site Scripting",2012-08-08,loneferret,php,webapps,0 +20361,platforms/php/webapps/20361.py,"WordPress Plugin simplemail 1.0.6 - Persistent Cross-site Scripting",2012-08-08,loneferret,php,webapps,0 +20362,platforms/windows/webapps/20362.py,"smartermail free 9.2 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20363,platforms/windows/webapps/20363.py,"surgemail 6.0a4 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20364,platforms/php/webapps/20364.py,"T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-site Scripting",2012-08-08,loneferret,php,webapps,0 +20365,platforms/php/webapps/20365.py,"WordPress Plugin ThreeWP Email Reflector 1.13 - Persistent Cross-site Scripting",2012-08-08,loneferret,php,webapps,0 +20366,platforms/windows/webapps/20366.py,"winwebmail server 3.8.1.6 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 +20367,platforms/windows/webapps/20367.py,"xeams email server 4.4 build 5720 - Persistent Cross-site Scripting",2012-08-08,loneferret,windows,webapps,0 20368,platforms/windows/webapps/20368.py,"IBM Proventia Network Mail Security System 2.5 - POST File Read",2012-08-08,muts,windows,webapps,0 20369,platforms/hardware/remote/20369.sh,"Cisco PIX Firewall 5.2 - PASV Mode FTP Internal Address Disclosure",2000-10-03,"Fabio Pietrosanti",hardware,remote,0 20370,platforms/cgi/remote/20370.txt,"Kootenay Web Inc whois 1.0 - Remote Command Execution",2000-10-29,"Mark Stratman",cgi,remote,0 @@ -17724,7 +17724,7 @@ id,file,description,date,author,platform,type,port 20397,platforms/cgi/remote/20397.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - Path Disclosure",2000-11-10,sozni,cgi,remote,0 20398,platforms/php/webapps/20398.txt,"MobileCartly 1.0 - Arbitrary File Deletion",2012-08-10,GoLd_M,php,webapps,0 20399,platforms/windows/remote/20399.html,"Microsoft Indexing Services for Windows 2000 - File Verification",2000-11-10,"Georgi Guninski",windows,remote,0 -20400,platforms/cgi/dos/20400.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - DoS",2000-11-10,sozni,cgi,dos,0 +20400,platforms/cgi/dos/20400.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - Denial of Service",2000-11-10,sozni,cgi,dos,0 21041,platforms/multiple/dos/21041.txt,"Microsoft Internet Explorer 3/4/5 / Netscape Communicator 4 - IMG Tag DoS",2001-06-19,"John Percival",multiple,dos,0 20401,platforms/windows/local/20401.txt,"Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent",2000-11-10,"Hugo Caye",windows,local,0 20402,platforms/linux/local/20402.sh,"Linux modutils 2.3.9 - modprobe Arbitrary Command Execution",2000-11-12,"Michal Zalewski",linux,local,0 @@ -17799,7 +17799,7 @@ id,file,description,date,author,platform,type,port 20473,platforms/hardware/dos/20473.pl,"Cisco Catalyst 4000 4.x/5.x / Catalyst 5000 4.5/5.x / Catalyst 6000 5.x - Memory Leak DoS",2000-12-06,blackangels,hardware,dos,0 20474,platforms/php/webapps/20474.txt,"WordPress RSVPMaker 2.5.4 Plugin - Persistent XSS",2012-08-13,"Chris Kellum",php,webapps,0 20476,platforms/php/webapps/20476.txt,"Hotel Booking Portal 0.1 - Multiple Vulnerabilities",2012-08-13,"Yakir Wizman",php,webapps,0 -20477,platforms/windows/webapps/20477.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway - CSRF",2012-08-13,"Nir Valtman",windows,webapps,0 +20477,platforms/windows/webapps/20477.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway - Cross-site Request Forgery",2012-08-13,"Nir Valtman",windows,webapps,0 20478,platforms/windows/webapps/20478.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway - Insufficient Access Control",2012-08-13,"Nir Valtman",windows,webapps,0 20479,platforms/linux/dos/20479.pl,"Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)",2012-08-13,kingcope,linux,dos,0 20481,platforms/windows/remote/20481.txt,"Microsoft IIS 2.0/3.0 - Appended Dot Script Source Disclosure",1997-02-20,"Mark Joseph Edwards",windows,remote,0 @@ -17807,7 +17807,7 @@ id,file,description,date,author,platform,type,port 20483,platforms/cgi/remote/20483.txt,"WEBgais 1.0 - websendmail Remote Command Execution",1997-07-04,"Razvan Dragomirescu",cgi,remote,0 20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow",1997-01-06,"Solar Designer",windows,dos,0 20485,platforms/osx/local/20485.sh,"OS X Viscosity OpenVPN Client - Local Root Exploit",2012-08-13,zx2c4,osx,local,0 -20486,platforms/unix/remote/20486.html,"Matt Wright FormMail 1.x - Cross-Site Request Forgery",1997-01-01,anonymous,unix,remote,0 +20486,platforms/unix/remote/20486.html,"Matt Wright FormMail 1.x - Cross-site Request Forgery",1997-01-01,anonymous,unix,remote,0 20487,platforms/hardware/dos/20487.pl,"Watchguard SOHO 2.2 - Denial of Service",2000-12-08,"Filip Maertens",hardware,dos,0 20488,platforms/windows/remote/20488.txt,"MetaProducts Offline Explorer 1.x - File System Disclosure",2000-12-07,Dodger,windows,remote,0 20489,platforms/windows/remote/20489.txt,"keware technologies homeseer 1.4 - Directory Traversal",2000-12-07,"SNS Research",windows,remote,0 @@ -17852,7 +17852,7 @@ id,file,description,date,author,platform,type,port 20531,platforms/multiple/dos/20531.txt,"IBM HTTP Server 1.3 - AfpaCache/WebSphereNet.Data DoS",2001-01-08,"Peter Grundl",multiple,dos,0 20532,platforms/sco/dos/20532.txt,"ScreenOS 1.73/2.x - Firewall Denial of Service",2001-01-08,Nsfocus,sco,dos,0 20533,platforms/cgi/remote/20533.txt,"eXtropia bbs_forum.cgi 1.0 - Remote Arbitrary Command Execution",2001-01-07,scott,cgi,remote,0 -20534,platforms/multiple/dos/20534.txt,"WebMaster ConferenceRoom 1.8 Developer Edition - DoS",2001-01-10,"Murat - 2",multiple,dos,0 +20534,platforms/multiple/dos/20534.txt,"WebMaster ConferenceRoom 1.8 Developer Edition - Denial of Service",2001-01-10,"Murat - 2",multiple,dos,0 20535,platforms/linux/dos/20535.txt,"(Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution)",2001-01-09,"Marc Lehmann",linux,dos,0 20536,platforms/linux/dos/20536.java,"ProFTPD 1.2 - SIZE Remote Denial of Service",2000-12-20,JeT-Li,linux,dos,0 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 - Backdoor Password",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0 @@ -17866,8 +17866,8 @@ id,file,description,date,author,platform,type,port 20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0 20546,platforms/php/webapps/20546.txt,"sphpforum 0.4 - Multiple Vulnerabilities",2012-08-15,loneferret,php,webapps,0 20547,platforms/windows/remote/20547.txt,"Microsoft Internet Explorer - Time Element Memory Corruption Exploit (MS11-050)",2012-08-16,Ciph3r,windows,remote,0 -20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Stored XSS",2012-08-16,"Shai rod",php,webapps,0 -20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - CSRF",2012-08-16,DaOne,php,webapps,0 +20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Persistent Cross-site Scripting",2012-08-16,"Shai rod",php,webapps,0 +20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - Cross-site Request Forgery",2012-08-16,DaOne,php,webapps,0 20551,platforms/linux/remote/20551.pl,"E-Mail Security Virtual Appliance (ESVA) - Remote Execution",2012-08-16,iJoo,linux,remote,0 20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4.0 / Outlook 2000/5.5 - MSHTML.DLL Crash",2001-01-15,"Thor Larholm",windows,dos,0 20553,platforms/windows/remote/20553.html,"Microsoft Windows Media Player 7.0 - (.wmz) Arbitrary Java Applet",2001-01-15,"Georgi Guninski",windows,remote,0 @@ -17875,7 +17875,7 @@ id,file,description,date,author,platform,type,port 20555,platforms/linux/local/20555.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)",2001-01-13,IhaQueR,linux,local,0 20556,platforms/linux/local/20556.c,"Debian Linux 2.2 - splitvt Format String",2001-01-16,"Michel Kaempf",linux,local,0 20557,platforms/windows/remote/20557.pl,"Omnicron OmniHTTPD 2.0.7 - File Corruption and Command Execution",2001-08-01,"Joe Testa",windows,remote,0 -20558,platforms/multiple/dos/20558.txt,"Apache 1.2 Web Server - DoS",1997-12-30,"Michal Zalewski",multiple,dos,0 +20558,platforms/multiple/dos/20558.txt,"Apache 1.2 Web Server - Denial of Service",1997-12-30,"Michal Zalewski",multiple,dos,0 20559,platforms/windows/remote/20559.c,"tinyproxy tinyproxy 1.3.2/1.3.3 - Heap Overflow",2001-01-17,CyRaX,windows,remote,0 20560,platforms/unix/local/20560.c,"SSH 1.2.x - Secure-RPC Weak Encrypted Authentication",2001-01-16,"Richard Silverman",unix,local,0 20561,platforms/linux/dos/20561.pl,"Dan Bernstein QMail 1.0 3 - RCPT Denial of Service (1)",1997-06-12,"Frank DENIS",linux,dos,0 @@ -17889,14 +17889,14 @@ id,file,description,date,author,platform,type,port 20569,platforms/linux/remote/20569.c,"mICQ 0.4.6 - Remote Buffer Overflow",2001-01-17,"tHE rECIdjVO",linux,remote,0 20570,platforms/cgi/remote/20570.txt,"Sambar Server 4.1 beta - Admin Access",1998-06-10,"Michiel de Weerd",cgi,remote,0 20571,platforms/windows/remote/20571.txt,"Microsoft Outlook 2000 0/98 0/Express 5.5 - Concealed Attachment",2001-01-17,http-equiv,windows,remote,0 -20573,platforms/php/webapps/20573.html,"Jaow CMS 2.3 - CSRF",2012-08-17,DaOne,php,webapps,0 +20573,platforms/php/webapps/20573.html,"Jaow CMS 2.3 - Cross-site Request Forgery",2012-08-17,DaOne,php,webapps,0 20574,platforms/php/webapps/20574.txt,"Social Engine 4.2.5 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,php,webapps,0 20575,platforms/windows/webapps/20575.txt,"ManageEngine OpStor 7.4 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,windows,webapps,0 20613,platforms/windows/dos/20613.txt,"Microsoft Windows 98/2000 - UDP Socket DoS",2001-02-06,"Georgi Guninski",windows,dos,0 20576,platforms/php/webapps/20576.txt,"Inferno vBShout 2.5.2 - SQL Injection",2012-08-17,Luit,php,webapps,0 20644,platforms/hardware/dos/20644.c,"Marconi ASX-1000 - Administration Denial of Service",2001-02-19,"J.K. Garvey",hardware,dos,0 -20578,platforms/php/webapps/20578.pl,"hastymail2 webmail 1.1 rc2 - Stored XSS",2012-08-17,"Shai rod",php,webapps,0 -20579,platforms/php/webapps/20579.py,"T-dah Webmail - Multiple Stored XSS",2012-08-17,"Shai rod",php,webapps,0 +20578,platforms/php/webapps/20578.pl,"hastymail2 webmail 1.1 rc2 - Persistent Cross-site Scripting",2012-08-17,"Shai rod",php,webapps,0 +20579,platforms/php/webapps/20579.py,"T-dah Webmail - Multiple Persistent Cross-site Scripting",2012-08-17,"Shai rod",php,webapps,0 20580,platforms/php/webapps/20580.txt,"webid 1.0.4 - Multiple Vulnerabilities",2012-08-17,dun,php,webapps,0 20612,platforms/windows/remote/20612.txt,"informs picserver 1.0 - Directory Traversal",2001-02-05,joetesta,windows,remote,0 20581,platforms/linux/local/20581.c,"Mysql 3.22.x/3.23.x - Local Buffer Overflow",2001-01-18,"Luis Miguel Silva",linux,local,0 @@ -17928,7 +17928,7 @@ id,file,description,date,author,platform,type,port 20607,platforms/windows/remote/20607.txt,"goahead webserver 2.0/2.1 - Directory Traversal",2001-02-02,"Sergey Nenashev",windows,remote,0 20608,platforms/windows/remote/20608.txt,"guido frassetto sedum http server 2.0 - Directory Traversal",2001-02-04,"Joe Testa",windows,remote,0 20609,platforms/cgi/remote/20609.txt,"Heat-On HSWeb Web Server 2.0 - Path Disclosure",2001-02-04,"Joe Testa",cgi,remote,0 -20610,platforms/multiple/dos/20610.txt,"Allaire JRun 3.0 Servlet - DoS",2000-10-31,"Allaire Security",multiple,dos,0 +20610,platforms/multiple/dos/20610.txt,"Allaire JRun 3.0 Servlet - Denial of Service",2000-10-31,"Allaire Security",multiple,dos,0 20611,platforms/cgi/remote/20611.txt,"anaconda foundation 1.4-1.9 - Directory Traversal",2000-10-13,pestilence,cgi,remote,0 20614,platforms/windows/remote/20614.txt,"aolserver 3.2 Win32 - Directory Traversal",2001-02-06,joetesta,windows,remote,0 20615,platforms/unix/remote/20615.txt,"SSH 1.2.30 - Daemon Logging Failure",2001-02-05,"Jose Nazario",unix,remote,0 @@ -17943,7 +17943,7 @@ id,file,description,date,author,platform,type,port 20624,platforms/windows/remote/20624.rb,"Adobe Flash Player 11.3 - Font Parsing Code Execution",2012-08-20,Metasploit,windows,remote,0 20625,platforms/multiple/remote/20625.txt,"SilverPlatter WebSPIRS 3.3.1 - File Disclosure",2001-02-12,cuctema,multiple,remote,0 20626,platforms/linux/local/20626.c,"Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept",2001-02-09,"Chris Evans",linux,local,0 -20627,platforms/php/webapps/20627.py,"IlohaMail Webmail - Stored XSS",2012-08-18,"Shai rod",php,webapps,0 +20627,platforms/php/webapps/20627.py,"IlohaMail Webmail - Persistent Cross-site Scripting",2012-08-18,"Shai rod",php,webapps,0 20628,platforms/windows/remote/20628.txt,"his software auktion 1.62 - Directory Traversal",2001-02-12,cuctema,windows,remote,0 20629,platforms/cgi/remote/20629.txt,"Way-Board 2.0 - File Disclosure",2001-02-12,cuctema,cgi,remote,0 20630,platforms/cgi/remote/20630.txt,"Martin Hamilton ROADS 2.3 - File Disclosure",2001-02-12,cuctema,cgi,remote,0 @@ -17957,9 +17957,9 @@ id,file,description,date,author,platform,type,port 20638,platforms/multiple/remote/20638.txt,"Bajie Webserver 0.78/0.90 - Remote Command Execution",2001-02-15,joetesta,multiple,remote,0 20639,platforms/multiple/remote/20639.txt,"Bajie 0.78 - Arbitrary Shell Command Execution",2001-02-15,joetesta,multiple,remote,0 20640,platforms/windows/remote/20640.txt,"Working Resources BadBlue 1.2.7 - Path Disclosure",2001-02-20,"SNS Research",windows,remote,0 -20641,platforms/windows/dos/20641.txt,"Working Resources BadBlue 1.2.7 - DoS",2001-02-20,"SNS Research",windows,dos,0 +20641,platforms/windows/dos/20641.txt,"Working Resources BadBlue 1.2.7 - Denial of Service",2001-02-20,"SNS Research",windows,dos,0 20642,platforms/cgi/remote/20642.pl,"Adcycle 0.77/0.78 - AdLibrary.pm Session Access",2001-02-19,"Neil K",cgi,remote,0 -20643,platforms/windows/webapps/20643.txt,"ManageEngine OpUtils 6.0 - Stored XSS",2012-08-18,loneferret,windows,webapps,7080 +20643,platforms/windows/webapps/20643.txt,"ManageEngine OpUtils 6.0 - Persistent Cross-site Scripting",2012-08-18,loneferret,windows,webapps,7080 20645,platforms/linux/local/20645.c,"Elm 2.5.3 - Alternative-Folder Buffer Overflow",2001-02-13,_kiss_,linux,local,0 20646,platforms/unix/remote/20646.c,"LICQ 0.85/1.0.1/1.0.2 - Remote Buffer Overflow",2000-12-26,"Stan Bubrouski",unix,remote,0 20647,platforms/windows/remote/20647.c,"Atrium Software Mercur Mail Server 3.3 - EXPN Buffer Overflow",2001-02-23,"Martin Rakhmanoff",windows,remote,0 @@ -17970,7 +17970,7 @@ id,file,description,date,author,platform,type,port 20652,platforms/hardware/remote/20652.txt,"Cisco IOS 11.x/12.0 - ILMI SNMP Community String",2001-02-27,pask,hardware,remote,0 20653,platforms/windows/remote/20653.txt,"SunFTP 1.0 Build 9 - Unauthorized File Access",2001-03-02,se00020,windows,remote,0 20654,platforms/hardware/dos/20654.pl,"APC WEB/SNMP Management Card (9606) Firmware 3.0 - Telnet Administration DoS",2001-02-26,altomo,hardware,dos,0 -20655,platforms/windows/dos/20655.txt,"Orange Software Orange Web Server 2.1 - DoS",2001-02-27,slipy,windows,dos,0 +20655,platforms/windows/dos/20655.txt,"Orange Software Orange Web Server 2.1 - Denial of Service",2001-02-27,slipy,windows,dos,0 20656,platforms/windows/dos/20656.txt,"Robin Twombly A1 HTTP Server 1.0 - Denial of Service",2001-02-27,slipy,windows,dos,0 20657,platforms/windows/remote/20657.txt,"robin twombly a1 http server 1.0 - Directory Traversal",2001-02-27,slipy,windows,remote,0 20658,platforms/unix/local/20658.txt,"Joe Text Editor 2.8 - (.joerc) Arbitrary Command Execution",2001-02-28,"Wkit Security",unix,local,0 @@ -17980,25 +17980,25 @@ id,file,description,date,author,platform,type,port 20662,platforms/windows/dos/20662.txt,"WhitSoft SlimServe - HTTPD 1.1 Get Denial of Service",2001-02-28,joetesta,windows,dos,0 20663,platforms/windows/remote/20663.txt,"whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal",2001-02-28,joetesta,windows,remote,0 20664,platforms/windows/dos/20664.pl,"Microsoft IIS 5.0 - WebDAV Denial of Service",2001-03-08,"Georgi Guninski",windows,dos,0 -20665,platforms/php/webapps/20665.txt,"T-dah Webmail - CSRF / Stored XSS",2012-08-20,"Yakir Wizman",php,webapps,0 -20666,platforms/php/webapps/20666.html,"ClipBucket 2.5 - CSRF",2012-08-20,DaOne,php,webapps,0 +20665,platforms/php/webapps/20665.txt,"T-dah Webmail - CSRF / Persistent Cross-site Scripting",2012-08-20,"Yakir Wizman",php,webapps,0 +20666,platforms/php/webapps/20666.html,"ClipBucket 2.5 - Cross-site Request Forgery",2012-08-20,DaOne,php,webapps,0 20667,platforms/hardware/webapps/20667.txt,"Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure",2012-08-20,"Alberto Ortega",hardware,webapps,0 -20668,platforms/java/webapps/20668.py,"hupa webmail 0.0.2 - Stored XSS",2012-08-20,"Shai rod",java,webapps,0 -20669,platforms/php/webapps/20669.py,"GWebmail 0.7.3 - XSS / LFI / RCE",2012-08-20,"Shai rod",php,webapps,0 +20668,platforms/java/webapps/20668.py,"hupa webmail 0.0.2 - Persistent Cross-site Scripting",2012-08-20,"Shai rod",java,webapps,0 +20669,platforms/php/webapps/20669.py,"GWebmail 0.7.3 - XSS / LFI / Remote Code Execution",2012-08-20,"Shai rod",php,webapps,0 20709,platforms/php/webapps/20709.html,"OpenDocMan 1.2.6.1 - Password Change CSRF",2012-08-22,"Shai rod",php,webapps,0 -20710,platforms/php/webapps/20710.html,"VamCart 0.9 - CSRF",2012-08-22,DaOne,php,webapps,0 +20710,platforms/php/webapps/20710.html,"VamCart 0.9 - Cross-site Request Forgery",2012-08-22,DaOne,php,webapps,0 20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance - learn-msg.cgi Command Injection",2012-08-22,Metasploit,cgi,webapps,0 -20671,platforms/php/webapps/20671.html,"PG Portal Pro - CSRF",2012-08-20,Noxious,php,webapps,0 -20672,platforms/php/webapps/20672.py,"Hivemail Webmail - Multiple Stored XSS Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 +20671,platforms/php/webapps/20671.html,"PG Portal Pro - Cross-site Request Forgery",2012-08-20,Noxious,php,webapps,0 +20672,platforms/php/webapps/20672.py,"Hivemail Webmail - Multiple Persistent Cross-site Scripting Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - (index.php id parameter) SQL Injection",2012-08-20,DaOne,php,webapps,0 20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary PHP File Upload",2012-08-22,Metasploit,php,webapps,0 -20675,platforms/php/webapps/20675.py,"uebimiau webmail 2.7.2 - Stored XSS",2012-08-20,"Shai rod",php,webapps,0 +20675,platforms/php/webapps/20675.py,"uebimiau webmail 2.7.2 - Persistent Cross-site Scripting",2012-08-20,"Shai rod",php,webapps,0 20677,platforms/windows/webapps/20677.txt,"IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities",2012-08-20,hinge,windows,webapps,0 20678,platforms/unix/local/20678.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (1)",2001-03-08,anonymous,unix,local,0 20679,platforms/unix/local/20679.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (2)",2001-03-08,"the itch",unix,local,0 20680,platforms/windows/remote/20680.html,"Microsoft Internet Explorer 5.0.1/5.5/6.0 - Telnet Client File Overwrite",2001-03-09,"Oliver Friedrichs",windows,remote,0 -20681,platforms/windows/dos/20681.c,"Baltimore Technologies WEBsweeper 4.0 - DoS",2001-01-22,honoriak,windows,dos,0 -20682,platforms/windows/dos/20682.txt,"Michael Lamont Savant Web Server 3.0 - DoS",2001-03-09,Phiber,windows,dos,0 +20681,platforms/windows/dos/20681.c,"Baltimore Technologies WEBsweeper 4.0 - Denial of Service",2001-01-22,honoriak,windows,dos,0 +20682,platforms/windows/dos/20682.txt,"Michael Lamont Savant Web Server 3.0 - Denial of Service",2001-03-09,Phiber,windows,dos,0 20683,platforms/cgi/remote/20683.txt,"Ikonboard 2.1.7 b - Remote File Disclosure",2001-03-11,"Martin J. Muench",cgi,remote,0 20684,platforms/solaris/local/20684.c,"Solaris 2.5/2.6/7.0/8 tip - Buffer Overflow",2001-03-27,"Pablo Sor",solaris,local,0 20685,platforms/multiple/remote/20685.txt,"IBM Net.Commerce 3.1/3.2 WebSphere - Weak Password",2001-03-07,"Rudi Carell",multiple,remote,0 @@ -18058,9 +18058,9 @@ id,file,description,date,author,platform,type,port 20751,platforms/solaris/local/20751.txt,"Solaris 7.0/8 - IPCS Timezone Buffer Overflow",2001-04-12,"Riley Hassell",solaris,local,0 20752,platforms/cgi/remote/20752.txt,"NCM Content Management System - content.pl Input Validation",2001-04-13,"RA-Soft Security",cgi,remote,0 20753,platforms/cgi/dos/20753.txt,"IBM Websphere/Net.Commerce 3 - CGI-BIN Macro Denial of Service",2001-04-13,"ET LoWNOISE",cgi,dos,0 -20761,platforms/php/webapps/20761.txt,"Ad Manager Pro 4 - LFI",2012-08-23,CorryL,php,webapps,0 +20761,platforms/php/webapps/20761.txt,"Ad Manager Pro 4 - Local File Inclusion",2012-08-23,CorryL,php,webapps,0 20762,platforms/php/webapps/20762.php,"webpa 1.1.0.1 - Multiple Vulnerabilities",2012-08-24,dun,php,webapps,0 -20763,platforms/windows/dos/20763.c,"Microsoft ISA Server 2000 Web Proxy - DoS",2001-04-16,"SecureXpert Labs",windows,dos,0 +20763,platforms/windows/dos/20763.c,"Microsoft ISA Server 2000 Web Proxy - Denial of Service",2001-04-16,"SecureXpert Labs",windows,dos,0 20944,platforms/windows/remote/20944.rb,"SAP NetWeaver HostControl - Command Injection",2012-08-31,Metasploit,windows,remote,0 20758,platforms/windows/remote/20758.c,"Vice City Multiplayer Server 0.3z R2 - Remote Code Execution",2012-08-23,Sasuke78200,windows,remote,0 20759,platforms/php/webapps/20759.txt,"letodms 3.3.6 - Multiple Vulnerabilities",2012-08-23,"Shai rod",php,webapps,0 @@ -18087,10 +18087,10 @@ id,file,description,date,author,platform,type,port 20783,platforms/windows/dos/20783.txt,"Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS",2001-04-18,3APA3A,windows,dos,0 20784,platforms/windows/dos/20784.cpp,"WireShark 1.8.2 / 1.6.0 - Buffer Overflow PoC (0Day)",2012-08-24,X-h4ck,windows,dos,0 20785,platforms/php/webapps/20785.txt,"Ad Manager Pro - Multiple Vulnerabilities",2012-08-24,"Yakir Wizman",php,webapps,0 -20787,platforms/php/webapps/20787.txt,"Text Exchange Pro - (index.php page) Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 -20788,platforms/php/webapps/20788.txt,"AB Banner Exchange - (index.php page) Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 -20789,platforms/php/webapps/20789.txt,"Easy Banner Pro - (index.php page) Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 -20790,platforms/php/webapps/20790.py,"businesswiki 2.5rc3 - Stored XSS / arbitrary file upload",2012-08-24,"Shai rod",php,webapps,0 +20787,platforms/php/webapps/20787.txt,"Text Exchange Pro - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 +20788,platforms/php/webapps/20788.txt,"AB Banner Exchange - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 +20789,platforms/php/webapps/20789.txt,"Easy Banner Pro - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 +20790,platforms/php/webapps/20790.py,"businesswiki 2.5rc3 - Persistent Cross-site Scripting / arbitrary file upload",2012-08-24,"Shai rod",php,webapps,0 20791,platforms/unix/remote/20791.php,"Netscape Navigator 4.0.8 - 'about:' Domain Information Disclosure",2001-04-09,"Florian Wesch",unix,remote,0 20792,platforms/multiple/dos/20792.txt,"Mercury/NLM 1.4 - Buffer Overflow",2001-04-21,"Przemyslaw Frasunek",multiple,dos,0 20793,platforms/windows/remote/20793.txt,"RobTex Viking Server 1.0.7 - Relative Path Webroot Escaping",2001-04-23,joetesta,windows,remote,0 @@ -18155,12 +18155,12 @@ id,file,description,date,author,platform,type,port 20852,platforms/multiple/dos/20852.pl,"iPlanet 4.1 Web Publisher - Remote Buffer Overflow (1)",2001-05-15,"Santi Claus",multiple,dos,0 20853,platforms/multiple/dos/20853.php,"iPlanet 4.1 Web Publisher - Remote Buffer Overflow (2)",2001-05-15,"Gabriel Maggiotti",multiple,dos,0 20854,platforms/windows/dos/20854.txt,"IIS 5.0 - WebDav Lock Method Memory Leak DoS",2001-05-17,"Defcom Labs",windows,dos,0 -20855,platforms/php/webapps/20855.txt,"Wiki Web Help 0.3.9 - Multiple Stored XSS Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 -20856,platforms/php/webapps/20856.txt,"XWiki 4.2-milestone-2 - Multiple Stored XSS Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 +20855,platforms/php/webapps/20855.txt,"Wiki Web Help 0.3.9 - Multiple Persistent Cross-site Scripting Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 +20856,platforms/php/webapps/20856.txt,"XWiki 4.2-milestone-2 - Multiple Persistent Cross-site Scripting Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 - (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 20861,platforms/win_x86-64/local/20861.txt,"Microsoft Windows Kernel - Intel x64 SYSRET PoC",2012-08-27,"Shahriyar Jalayeri",win_x86-64,local,0 -20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - XSS",2012-08-27,Crim3R,php,webapps,0 +20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - Cross-site Scripting",2012-08-27,Crim3R,php,webapps,0 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 - Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 20865,platforms/java/remote/20865.rb,"Java 7 Applet - Remote Code Execution",2012-08-27,Metasploit,java,remote,0 @@ -18171,8 +18171,8 @@ id,file,description,date,author,platform,type,port 20870,platforms/windows/dos/20870.pl,"Express Burn Plus 4.58 - EBP Project File Handling Buffer Overflow PoC",2012-08-28,LiquidWorm,windows,dos,0 20871,platforms/php/webapps/20871.txt,"CommPort 1.01 - Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 20872,platforms/php/webapps/20872.txt,"mieric addressBook 1.0 - SQL Injection",2012-08-28,"Jean Pascal Pereira",php,webapps,0 -20873,platforms/php/webapps/20873.html,"RV Article Publisher - CSRF",2012-08-28,DaOne,php,webapps,0 -20874,platforms/php/webapps/20874.html,"RV Shopping Cart - CSRF",2012-08-28,DaOne,php,webapps,0 +20873,platforms/php/webapps/20873.html,"RV Article Publisher - Cross-site Request Forgery",2012-08-28,DaOne,php,webapps,0 +20874,platforms/php/webapps/20874.html,"RV Shopping Cart - Cross-site Request Forgery",2012-08-28,DaOne,php,webapps,0 20876,platforms/windows/remote/20876.pl,"Simple Web Server 2.2-rc2 - ASLR Bypass Exploit",2012-08-28,pole,windows,remote,0 20877,platforms/hardware/webapps/20877.txt,"Conceptronic Grab'n'Go and Sitecom Storage Center - Password Disclosure",2012-08-28,"Mattijs van Ommeren",hardware,webapps,0 20878,platforms/cgi/remote/20878.txt,"mimanet source viewer 2.0 - Directory Traversal",2001-05-23,joetesta,cgi,remote,0 @@ -18180,7 +18180,7 @@ id,file,description,date,author,platform,type,port 20880,platforms/windows/local/20880.c,"Microsoft Windows 2000 - Debug Registers",2001-05-24,"Georgi Guninski",windows,local,0 20881,platforms/multiple/remote/20881.txt,"Beck IPC GmbH IPC@CHIP - TelnetD Login Account Brute Force",2001-05-24,"Courtesy Sentry Research Labs",multiple,remote,0 20882,platforms/multiple/remote/20882.txt,"faust informatics freestyle chat 4.1 sr2 - Directory Traversal",2001-05-25,nemesystm,multiple,remote,0 -20883,platforms/windows/dos/20883.txt,"Faust Informatics Freestyle Chat 4.1 SR2 MS-DOS Device Name - DoS",2001-05-25,nemesystm,windows,dos,0 +20883,platforms/windows/dos/20883.txt,"Faust Informatics Freestyle Chat 4.1 SR2 MS-DOS Device Name - Denial of Service",2001-05-25,nemesystm,windows,dos,0 20884,platforms/windows/remote/20884.txt,"ACLogic CesarFTP 0.98b - Directory Traversal",2001-05-27,byterage,windows,remote,0 20885,platforms/solaris/local/20885.c,"Solaris 8 mailtool - Buffer Overflow",2001-06-01,51,solaris,local,0 20886,platforms/windows/remote/20886.txt,"Omnicron OmniHTTPD 2.0.4-8 - File Source Disclosure",2001-05-26,astral,windows,remote,0 @@ -18237,7 +18237,7 @@ id,file,description,date,author,platform,type,port 20939,platforms/cgi/remote/20939.txt,"DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)",2001-06-18,"Peter Helms",cgi,remote,0 20940,platforms/cgi/remote/20940.txt,"Tarantella Enterprise 3 3.x - TTAWebTop.CGI Arbitrary File Viewing",2001-06-18,kf,cgi,remote,0 20941,platforms/freebsd/remote/20941.pl,"W3M 0.1/0.2 - Malformed MIME Header Buffer Overflow",2001-06-19,White_E,freebsd,remote,0 -20942,platforms/php/webapps/20942.html,"Booking System Pro - CSRF",2012-08-30,DaOne,php,webapps,0 +20942,platforms/php/webapps/20942.html,"Booking System Pro - Cross-site Request Forgery",2012-08-30,DaOne,php,webapps,0 20945,platforms/solaris/local/20945.txt,"Sun SunVTS 4.x - PTExec Buffer Overflow",2001-06-21,"Pablo Sor",solaris,local,0 20946,platforms/windows/dos/20946.txt,"Cerberus FTP Server 1.x - Buffer Overflow DoS",2001-06-21,"Cartel Informatique Security Research Labs",windows,dos,0 20947,platforms/windows/remote/20947.txt,"1C: Arcadia Internet Store 1.0 - Arbitrary File Disclosure",2001-06-21,ViperSV,windows,remote,0 @@ -18252,7 +18252,7 @@ id,file,description,date,author,platform,type,port 20957,platforms/windows/dos/20957.pl,"WarFTP Daemon 1.82 RC 11 - Remote Format String",2012-08-31,coolkaveh,windows,dos,0 21017,platforms/linux/remote/21017.txt,"Squid Web Proxy 2.3 - Reverse Proxy",2001-07-18,"Paul Nasrat",linux,remote,0 21018,platforms/unix/remote/21018.c,"Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - Telnetd Buffer Overflow",2001-07-18,Dvorak,unix,remote,0 -20959,platforms/windows/webapps/20959.py,"OTRS Open Technology Real Services 3.1.8 / 3.1.9 - XSS",2012-08-31,"Mike Eduard",windows,webapps,0 +20959,platforms/windows/webapps/20959.py,"OTRS Open Technology Real Services 3.1.8 / 3.1.9 - Cross-site Scripting",2012-08-31,"Mike Eduard",windows,webapps,0 20960,platforms/unix/local/20960.c,"Juergen Schoenwaelder scotty 2.1.x - ntping Buffer Overflow",2001-06-13,"Larry W. Cashdollar",unix,local,0 20961,platforms/unix/local/20961.sh,"KDE KTVision 0.1 - File Overwrite",2001-06-21,IhaQueR,unix,local,0 20962,platforms/unix/local/20962.pl,"cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Buffer Overflow (1)",2001-06-21,teleh0r,unix,local,0 @@ -18313,9 +18313,9 @@ id,file,description,date,author,platform,type,port 21020,platforms/multiple/local/21020.c,"NetWin DMail 2.x / SurgeFTP 1.0/2.0 - Weak Password Encryption",2001-07-20,byterage,multiple,local,0 21021,platforms/unix/remote/21021.pl,"SSH2 3.0 - Short Password Login",2001-07-21,hypoclear,unix,remote,0 21022,platforms/php/webapps/21022.txt,"PHPLib Team PHPLIB 7.2 - Remote Script Execution",2001-07-21,"giancarlo pinerolo",php,webapps,0 -21023,platforms/cgi/remote/21023.c,"CGIWrap 2.x/3.x - Cross-Site Scripting",2001-07-22,"TAKAGI Hiromitsu",cgi,remote,0 +21023,platforms/cgi/remote/21023.c,"CGIWrap 2.x/3.x - Cross-site Scripting",2001-07-22,"TAKAGI Hiromitsu",cgi,remote,0 21024,platforms/solaris/local/21024.c,"Solaris 2.6/7.0 - DTMail Mail Environment Variable Buffer Overflow",2001-07-24,"NSFOCUS Security Team",solaris,local,0 -21025,platforms/multiple/remote/21025.txt,"Proxomitron Naoko-4 - Cross-Site Scripting",2001-07-24,"TAKAGI Hiromitsu",multiple,remote,0 +21025,platforms/multiple/remote/21025.txt,"Proxomitron Naoko-4 - Cross-site Scripting",2001-07-24,"TAKAGI Hiromitsu",multiple,remote,0 21026,platforms/multiple/remote/21026.txt,"Sambar Server 4.4/5.0 - pagecount File Overwrite",2001-07-22,kyprizel,multiple,remote,0 21027,platforms/multiple/remote/21027.txt,"Sambar Server 4.x/5.0 - Insecure Default Password Protection",2001-07-25,3APA3A,multiple,remote,0 21028,platforms/hardware/dos/21028.pl,"Cisco IOS 12 - UDP Denial of Service",2001-07-25,blackangels,hardware,dos,0 @@ -18336,7 +18336,7 @@ id,file,description,date,author,platform,type,port 21045,platforms/unix/local/21045.c,"Oracle OTRCREP Oracle 8/9 - Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",unix,local,0 21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query Manipulation",2001-08-03,kill-9,php,webapps,0 21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 - NT4ALL DoS",2001-08-03,hypoclear,windows,dos,0 -21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 - DoS",1999-04-09,Epic,cgi,dos,0 +21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 - Denial of Service",1999-04-09,Epic,cgi,dos,0 21049,platforms/linux/remote/21049.c,"NCSA httpd 1.x - Buffer Overflow (1)",1997-04-23,savage,linux,remote,0 21050,platforms/linux/remote/21050.c,"NCSA httpd 1.x - Buffer Overflow (2)",1995-02-17,Xtremist,linux,remote,0 21833,platforms/php/webapps/21833.rb,"PhpTax - pfilez Parameter Exec Remote Code Injection",2012-10-10,Metasploit,php,webapps,0 @@ -18419,7 +18419,7 @@ id,file,description,date,author,platform,type,port 21132,platforms/php/webapps/21132.txt,"Cannonbolt Portfolio Manager 1.0 - Multiple Vulnerabilities",2012-09-07,LiquidWorm,php,webapps,0 21133,platforms/php/webapps/21133.txt,"Clipster Video - Persistent XSS",2012-09-07,DaOne,php,webapps,0 21134,platforms/hardware/webapps/21134.txt,"Sitecom Home Storage Center - Auth Bypass",2012-09-07,"Mattijs van Ommeren",hardware,webapps,0 -21135,platforms/php/webapps/21135.txt,"TestLink 1.9.3 - CSRF",2012-09-07,"High-Tech Bridge SA",php,webapps,0 +21135,platforms/php/webapps/21135.txt,"TestLink 1.9.3 - Cross-site Request Forgery",2012-09-07,"High-Tech Bridge SA",php,webapps,0 21136,platforms/linux/remote/21136.rb,"Symantec Messaging Gateway 9.5/9.5.1 - SSH Default Password Security Bypass",2012-08-30,Metasploit,linux,remote,0 21137,platforms/multiple/remote/21137.rb,"HP SiteScope - Remote Code Execution (1)",2012-09-08,Metasploit,multiple,remote,0 21138,platforms/php/remote/21138.rb,"Sflog! CMS 1.0 - Arbitrary File Upload",2012-09-08,Metasploit,php,remote,0 @@ -18465,16 +18465,16 @@ id,file,description,date,author,platform,type,port 21181,platforms/multiple/dos/21181.txt,"Microsoft Internet Explorer 6.0 / Mozilla 0.9.6 / Opera 5.1 - Image Count Denial of Service",2001-12-11,"Pavel Titov",multiple,dos,0 21182,platforms/novell/remote/21182.txt,"Novell Groupwise 5.5/6.0 Servlet Gateway - Default Authentication",2001-12-15,"Adam Gray",novell,remote,0 21183,platforms/cgi/remote/21183.txt,"webmin 0.91 - Directory Traversal",2001-12-17,"A. Ramos",cgi,remote,0 -21184,platforms/cgi/webapps/21184.txt,"Agora.CGI 3.x/4.0 - Debug Mode Cross-Site Scripting",2001-12-17,"Tamer Sahin",cgi,webapps,0 +21184,platforms/cgi/webapps/21184.txt,"Agora.CGI 3.x/4.0 - Debug Mode Cross-site Scripting",2001-12-17,"Tamer Sahin",cgi,webapps,0 21185,platforms/unix/remote/21185.sh,"QPopper 4.0.x - PopAuth Trace File Shell Command Execution",2001-12-18,IhaQueR,unix,remote,0 21186,platforms/hardware/remote/21186.txt,"ZyXEL Prestige 681 SDSL Router - IP Fragment Reassembly",2001-12-18,"Przemyslaw Frasunek",hardware,remote,0 -21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 - Shopping Cart Cross-Site Scripting",2001-12-18,"Tamer Sahin",cgi,webapps,0 +21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 - Shopping Cart Cross-site Scripting",2001-12-18,"Tamer Sahin",cgi,webapps,0 21188,platforms/windows/remote/21188.c,"Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (1)",2001-12-20,"Gabriel Maggiotti",windows,remote,0 21189,platforms/windows/remote/21189.c,"Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (2)",2001-12-20,JOCANOR,windows,remote,0 21190,platforms/linux/remote/21190.rb,"WAN Emulator 2.3 - Command Execution",2012-09-10,Metasploit,linux,remote,0 21191,platforms/linux/remote/21191.rb,"Openfiler 2.x - NetworkCard Command Execution",2012-09-10,Metasploit,linux,remote,0 21192,platforms/linux/remote/21192.c,"STunnel 3.x - Client Negotiation Protocol Format String",2001-12-22,deltha,linux,remote,0 -21193,platforms/multiple/remote/21193.txt,"DeleGate 7.7.1 - Cross-Site Scripting",2001-12-28,"SNS Research",multiple,remote,0 +21193,platforms/multiple/remote/21193.txt,"DeleGate 7.7.1 - Cross-site Scripting",2001-12-28,"SNS Research",multiple,remote,0 21194,platforms/cgi/remote/21194.txt,"Abe Timmerman - zml.cgi File Disclosure",2001-12-31,blackshell,cgi,remote,0 21195,platforms/windows/remote/21195.txt,"Microsoft Internet Explorer 5/6 - GetObject File Disclosure",2002-01-01,"Georgi Guninski",windows,remote,0 21196,platforms/windows/remote/21196.txt,"AOL Instant Messenger 4.x - Remote Buffer Overflow",2002-01-02,"Matt Conover",windows,remote,0 @@ -18488,7 +18488,7 @@ id,file,description,date,author,platform,type,port 21203,platforms/windows/remote/21203.txt,"Lucent 8.x - VitalNet Password Authentication Bypass",2002-01-16,"Mark Cooper",windows,remote,0 21204,platforms/windows/remote/21204.txt,"Apache 1.3.20 - Win32 PHP.EXE Remote File Disclosure",2002-01-04,"Paul Brereton",windows,remote,0 21205,platforms/linux/remote/21205.c,"Boozt 0.9.8 - Buffer Overflow",2002-01-07,"Rafael San Miguel Carrasco",linux,remote,0 -21206,platforms/php/webapps/21206.txt,"PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting",2002-01-06,frog,php,webapps,0 +21206,platforms/php/webapps/21206.txt,"PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-site Scripting",2002-01-06,frog,php,webapps,0 21207,platforms/windows/remote/21207.c,"RealPlayer 7.0/8.0 - Media File Buffer Overflow",2002-01-05,UNYUN,windows,remote,0 21208,platforms/cgi/webapps/21208.txt,"YaBB 9.1.2000 - Cross-Agent Scripting",2002-01-09,Obscure,cgi,webapps,0 21209,platforms/cgi/webapps/21209.txt,"Ultimate Bulletin Board 5.4/6.0/6.2 - Cross-Agent Scripting",2002-01-09,Obscure,cgi,webapps,0 @@ -18539,14 +18539,14 @@ id,file,description,date,author,platform,type,port 21257,platforms/cgi/webapps/21257.txt,"AHG Search Engine 1.0 - Search.CGI Arbitrary Command Execution",2002-01-29,"Aleksey Sintsov",cgi,webapps,0 21258,platforms/linux/local/21258.bat,"Microsoft Windows 2000/NT 4 - NTFS File Hiding",2002-01-29,"Hans Somers",linux,local,0 21259,platforms/linux/local/21259.java,"Sun Java Virtual Machine 1.2.2/1.3.1 - Segmentation Violation",2002-01-30,"Taeho Oh",linux,local,0 -21260,platforms/windows/remote/21260.txt,"Microsoft Site Server 3.0 - Cross-Site Scripting",2002-01-29,"rain forest puppy",windows,remote,0 +21260,platforms/windows/remote/21260.txt,"Microsoft Site Server 3.0 - Cross-site Scripting",2002-01-29,"rain forest puppy",windows,remote,0 21261,platforms/unix/dos/21261.txt,"Tru64 - Malformed TCP Packet Denial of Service",2002-01-31,"Luca Papotti",unix,dos,0 21262,platforms/linux/dos/21262.txt,"kicq 2.0.0b1 - Invalid ICQ Packet Denial of Service",2002-02-02,"Rafael San Miguel Carrasco",linux,dos,0 -21263,platforms/cgi/remote/21263.txt,"Faq-O-Matic 2.6/2.7 - Cross-Site Scripting",2002-02-04,superpetz,cgi,remote,0 +21263,platforms/cgi/remote/21263.txt,"Faq-O-Matic 2.6/2.7 - Cross-site Scripting",2002-02-04,superpetz,cgi,remote,0 21264,platforms/php/remote/21264.php,"PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention (1)",2002-02-03,"Dave Wilson",php,remote,0 21265,platforms/php/remote/21265.php,"PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention (2)",2002-02-03,anonymous,php,remote,0 21266,platforms/php/remote/21266.php,"PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention (3)",2002-02-03,anonymous,php,remote,0 -21267,platforms/php/webapps/21267.txt,"Subrion CMS 2.2.1 - CSRF Add Admin Exploit",2012-09-12,LiquidWorm,php,webapps,0 +21267,platforms/php/webapps/21267.txt,"Subrion CMS 2.2.1 - CSRF (Add Admin) Exploit",2012-09-12,LiquidWorm,php,webapps,0 21268,platforms/hardware/remote/21268.py,"Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell Exploit",2012-09-12,"Mattijs van Ommeren",hardware,remote,0 21269,platforms/php/webapps/21269.txt,"Webify eDownloads Cart - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 21270,platforms/php/webapps/21270.txt,"Webify Business Directory - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 @@ -18556,7 +18556,7 @@ id,file,description,date,author,platform,type,port 21274,platforms/windows/remote/21274.c,"MIRC 2.x/3.x/4.x/5.x - Nick Buffer Overflow",2002-02-03,"James Martin",windows,remote,0 21275,platforms/osx/dos/21275.c,"ICQ For MacOS X 2.6 Client - Denial of Service",2002-02-05,Stephen,osx,dos,0 21276,platforms/multiple/remote/21276.txt,"Thunderstone TEXIS 3.0 - Path Disclosure",2002-02-06,phinegeek,multiple,remote,0 -21277,platforms/php/webapps/21277.txt,"Portix-PHP 0.4 - Index.php Directory Traversal",2002-02-04,frog,php,webapps,0 +21277,platforms/php/webapps/21277.txt,"Portix-PHP 0.4 - 'index.php' Directory Traversal",2002-02-04,frog,php,webapps,0 21278,platforms/php/webapps/21278.txt,"Portix-PHP 0.4 - View.php Directory Traversal",2002-02-04,frog,php,webapps,0 21279,platforms/php/webapps/21279.txt,"Portix-PHP 0.4 - Cookie Manipulation",2002-02-04,frog,php,webapps,0 21280,platforms/linux/local/21280.c,"Hanterm 3.3 - Local Buffer Overflow (1)",2002-02-07,Xpl017Elz,linux,local,0 @@ -18578,11 +18578,11 @@ id,file,description,date,author,platform,type,port 21296,platforms/hardware/dos/21296.c,"Cisco IOS 11/12 - Malformed SNMP Message Denial of Service",2002-02-12,kundera,hardware,dos,0 21297,platforms/unix/remote/21297.c,"Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow",2002-02-21,gunzip,unix,remote,0 21298,platforms/windows/remote/21298.c,"Essentia Web Server 2.1 - Long URL Buffer Overflow",2003-07-04,B-r00t,windows,remote,0 -21299,platforms/php/webapps/21299.txt,"Powie PForum 1.1x - Username Cross-Site Scripting",2002-02-22,"Jens Liebchen",php,webapps,0 +21299,platforms/php/webapps/21299.txt,"Powie PForum 1.1x - Username Cross-site Scripting",2002-02-22,"Jens Liebchen",php,webapps,0 21300,platforms/php/webapps/21300.txt,"XMB Forum 1.6 pre-beta - Image Tag Script Injection",2002-02-22,skizzik,php,webapps,0 21301,platforms/php/webapps/21301.txt,"OpenBB 1.0.x - Image Tag Cross-Agent Scripting",2002-02-25,skizzik,php,webapps,0 21302,platforms/linux/local/21302.c,"Century Software Term For Linux 6.27.869 - Command Line Buffer Overflow",2002-02-25,"Haiku Hacker",linux,local,0 -21303,platforms/windows/remote/21303.txt,"Working Resources BadBlue 1.5/1.6 - Triple-Dot-Slash Directory Traversal",2002-02-26,"Strumpf Noir Society",windows,remote,0 +21303,platforms/windows/remote/21303.txt,"Working Resources BadBlue 1.5/1.6 - Directory Traversal",2002-02-26,"Strumpf Noir Society",windows,remote,0 21304,platforms/php/webapps/21304.txt,"Ikonboard 2.17/3.0/3.1 - Image Tag Cross-Agent Scripting",2002-02-26,godminus,php,webapps,0 21305,platforms/windows/dos/21305.c,"Galacticomm Worldgroup 3.20 - Remote FTP Denial of Service",2002-02-27,"Limpid Byte",windows,dos,0 21306,platforms/windows/dos/21306.c,"Galacticomm Worldgroup 3.20 - Remote Web Server Denial of Service",2002-02-27,"Limpid Byte",windows,dos,0 @@ -18596,7 +18596,7 @@ id,file,description,date,author,platform,type,port 21314,platforms/unix/remote/21314.txt,"OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-By-One",2002-03-07,Morgan,unix,remote,0 21317,platforms/php/webapps/21317.txt,"NeoBill CMS 0.8 Alpha - Multiple Vulnerabilities",2012-09-14,Vulnerability-Lab,php,webapps,0 21318,platforms/windows/local/21318.pl,"Internet Download Manager - Stack Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 -21319,platforms/aix/webapps/21319.txt,"Trend Micro InterScan Messaging Security Suite - Stored XSS / CSRF",2012-09-14,modpr0be,aix,webapps,0 +21319,platforms/aix/webapps/21319.txt,"Trend Micro InterScan Messaging Security Suite - Persistent Cross-site Scripting / Cross-site Request Forgery",2012-09-14,modpr0be,aix,webapps,0 21320,platforms/windows/local/21320.pl,"Internet Download Manager - SEH Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 22073,platforms/php/webapps/22073.txt,"APBoard 2.0 2 - Unauthorized Thread Reading",2002-12-06,"DNA ESC",php,webapps,0 21323,platforms/linux/local/21323.c,"libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation",2012-07-17,"Sebastian Krahmer",linux,local,0 @@ -18628,7 +18628,7 @@ id,file,description,date,author,platform,type,port 21352,platforms/cgi/webapps/21352.txt,"DCShop Beta 1.0 - Form Manipulation",2002-03-25,"pokleyzz sakamaniaka",cgi,webapps,0 21353,platforms/linux/local/21353.c,"Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC",2002-03-26,cliph,linux,local,0 21354,platforms/cgi/remote/21354.txt,"CSSearch 2.3 - Remote Command Execution",2002-03-26,"Steve Gustin",cgi,remote,0 -21355,platforms/jsp/remote/21355.txt,"Citrix NFuse 1.51/1.6 - Cross-Site Scripting",2002-03-27,"Eric Detoisien",jsp,remote,0 +21355,platforms/jsp/remote/21355.txt,"Citrix NFuse 1.51/1.6 - Cross-site Scripting",2002-03-27,"Eric Detoisien",jsp,remote,0 21356,platforms/linux/local/21356.sh,"LogWatch 2.1.1/2.5 - Insecure Temporary Directory Creation",2002-03-27,spybreak,linux,local,0 21357,platforms/php/webapps/21357.txt,"PostNuke 0.703 - caselist Arbitrary Module Include",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 21358,platforms/php/webapps/21358.sh,"SquirrelMail 1.2.x - Theme Remote Command Execution",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 @@ -18646,7 +18646,7 @@ id,file,description,date,author,platform,type,port 21370,platforms/windows/remote/21370.c,"Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (3)",2002-04-10,NeMeS||y,windows,remote,0 21371,platforms/windows/remote/21371.c,"Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (4)",2002-04-24,yuange,windows,remote,0 21419,platforms/windows/dos/21419.txt,"Microsoft Outlook Express 5.5 - DoS Device Denial of Service",2002-04-24,ERRor,windows,dos,0 -21372,platforms/windows/remote/21372.txt,"Microsoft IIS 4/5 - HTTP Error Page Cross-Site Scripting",2002-04-10,"Thor Larholm",windows,remote,0 +21372,platforms/windows/remote/21372.txt,"Microsoft IIS 4/5 - HTTP Error Page Cross-site Scripting",2002-04-10,"Thor Larholm",windows,remote,0 21373,platforms/openbsd/local/21373.c,"OpenBSD 2.9/3.0 - Default Crontab Root Compromise",2002-04-11,"Przemyslaw Frasunek",openbsd,local,0 21374,platforms/cgi/webapps/21374.txt,"IBM Informix Web Datablade 4.1x - Page Request SQL Injection",2002-04-11,"Simon Lodal",cgi,webapps,0 21375,platforms/linux/local/21375.txt,"ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilities",2002-04-11,"Paul Starzetz",linux,local,0 @@ -18679,7 +18679,7 @@ id,file,description,date,author,platform,type,port 21402,platforms/linux/remote/21402.txt,"OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token Buffer Overflow",2002-04-19,"Marcell Fodor",linux,remote,0 21403,platforms/php/webapps/21403.txt,"PostBoard 2.0 - Topic Title Script Execution",2002-04-19,gcsb,php,webapps,0 21404,platforms/windows/dos/21404.htm,"Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service",2002-04-20,"Matthew Murphy",windows,dos,0 -21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting",2002-04-20,BrainRawt,cgi,webapps,0 +21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-site Scripting",2002-04-20,BrainRawt,cgi,webapps,0 21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's Guestbook 1.1 - Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 21407,platforms/bsd/local/21407.c,"OS X 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0 21408,platforms/unix/local/21408.pl,"SLRNPull 0.9.6 - Spool Directory Command Line Parameter Buffer Overflow",2002-04-22,zillion,unix,local,0 @@ -18695,12 +18695,12 @@ id,file,description,date,author,platform,type,port 21418,platforms/php/webapps/21418.txt,"Manhali 1.8 - Local File Inclusion",2012-09-20,L0n3ly-H34rT,php,webapps,0 21420,platforms/linux/local/21420.c,"Sudo 1.6.x - Password Prompt Heap Overflow",2001-11-01,MaXX,linux,local,0 21421,platforms/php/webapps/21421.txt,"PHProjekt 2.x/3.x - Login Bypass",2002-04-25,"Ulf Harnhammar",php,webapps,0 -21422,platforms/linux/remote/21422.txt,"ACME Labs thttpd 2.20 - Cross-Site Scripting",2002-04-25,frog,linux,remote,0 +21422,platforms/linux/remote/21422.txt,"ACME Labs thttpd 2.20 - Cross-site Scripting",2002-04-25,frog,linux,remote,0 21423,platforms/php/webapps/21423.txt,"Ultimate PHP Board 1.0/1.1 - Image Tag Script Injection",2002-04-25,frog,php,webapps,0 21424,platforms/php/webapps/21424.txt,"Admanager 1.1 - Content Manipulation",2002-04-17,frog,php,webapps,0 21425,platforms/php/webapps/21425.txt,"DNSTools 2.0 - Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21426,platforms/php/webapps/21426.txt,"Blahz-DNS 0.2 - Direct Script Call Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 -21427,platforms/php/webapps/21427.txt,"MiniBB 1.2 - Cross-Site Scripting",2002-04-17,frog,php,webapps,0 +21427,platforms/php/webapps/21427.txt,"MiniBB 1.2 - Cross-site Scripting",2002-04-17,frog,php,webapps,0 21428,platforms/php/dos/21428.txt,"Messagerie 1.0 - Arbitrary User Removal DoS",2002-04-27,frog,php,dos,0 21429,platforms/windows/dos/21429.c,"3CDaemon 2.0 - Buffer Overflow (1)",2002-04-15,"MaD SKiLL",windows,dos,0 22216,platforms/php/webapps/22216.txt,"bitweaver 2.8.1 - Multiple Vulnerabilities",2012-10-24,"Trustwave's SpiderLabs",php,webapps,0 @@ -18708,7 +18708,7 @@ id,file,description,date,author,platform,type,port 21432,platforms/windows/dos/21432.txt,"BEA Systems WebLogic Server and Express 7.0 - Null Character DoS",2002-04-30,"Peter Gründl",windows,dos,0 21433,platforms/cgi/webapps/21433.txt,"MyGuestbook 1.0 - Script Injection",2002-04-30,BrainRawt,cgi,webapps,0 21434,platforms/asp/webapps/21434.txt,"Outfront Spooky 2.x - Login SQL Query Manipulation Password",2002-05-02,anonymous,asp,webapps,0 -21435,platforms/cgi/webapps/21435.txt,"askSam 4.0 Web Publisher - Cross-Site Scripting",2002-05-05,frog,cgi,webapps,0 +21435,platforms/cgi/webapps/21435.txt,"askSam 4.0 Web Publisher - Cross-site Scripting",2002-05-05,frog,cgi,webapps,0 21436,platforms/php/webapps/21436.txt,"B2 0.6 - b2edit.showposts.php b2inc Parameter Remote File Inclusion",2002-05-06,Frank,php,webapps,0 21437,platforms/solaris/remote/21437.c,"Solaris 2/7/8/9 cachefsd - Heap Overflow",2002-01-01,"Last Stage of Delirium",solaris,remote,0 21438,platforms/windows/remote/21438.txt,"WorldClient 5.0.x - Arbitrary File Deletion",2002-05-07,Obscure,windows,remote,0 @@ -18717,10 +18717,10 @@ id,file,description,date,author,platform,type,port 21441,platforms/hardware/remote/21441.txt,"Cisco ATA-186 - HTTP Device Configuration Disclosure",2002-05-09,"Patrick Michael Kane",hardware,remote,0 21442,platforms/linux/remote/21442.c,"Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)",2002-05-10,korty,linux,remote,0 21443,platforms/linux/remote/21443.c,"Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)",2002-05-10,"0x3a0x29 crew",linux,remote,0 -21444,platforms/multiple/remote/21444.txt,"Critical Path InJoin Directory Server 4.0 - Cross-Site Scripting",2002-05-10,"Nomad Mobile Research Centre",multiple,remote,0 +21444,platforms/multiple/remote/21444.txt,"Critical Path InJoin Directory Server 4.0 - Cross-site Scripting",2002-05-10,"Nomad Mobile Research Centre",multiple,remote,0 21445,platforms/multiple/remote/21445.txt,"Critical Path InJoin Directory Server 4.0 - File Disclosure",2002-05-10,"Nomad Mobile Research Centre",multiple,remote,0 -21446,platforms/windows/remote/21446.txt,"Ecometry SGDynamo 5.32/6.1/7.0 - Cross-Site Scripting",2002-04-17,frog,windows,remote,0 -21447,platforms/php/webapps/21447.txt,"XMB Forum 1.6 - Magic Lantern Cross-Site Scripting",2002-05-11,frog,php,webapps,0 +21446,platforms/windows/remote/21446.txt,"Ecometry SGDynamo 5.32/6.1/7.0 - Cross-site Scripting",2002-04-17,frog,windows,remote,0 +21447,platforms/php/webapps/21447.txt,"XMB Forum 1.6 - Magic Lantern Cross-site Scripting",2002-05-11,frog,php,webapps,0 21448,platforms/php/webapps/21448.txt,"XMB Forum 1.6 - Magic Lantern Log File",2002-05-11,frog,php,webapps,0 21449,platforms/php/webapps/21449.txt,"NOCC 0.9.x - Webmail Script Injection",2002-05-14,ppp-design,php,webapps,0 21450,platforms/multiple/remote/21450.txt,"id Software Quake II Server 3.20/3.21 - Remote Information Disclosure",2002-05-15,Redix,multiple,remote,0 @@ -18734,7 +18734,7 @@ id,file,description,date,author,platform,type,port 21458,platforms/linux/local/21458.txt,"grsecurity Kernel Patch 1.9.4 - Linux Kernel Memory Protection Weakness",2002-05-17,"Guillaume PELAT",linux,local,0 21459,platforms/php/webapps/21459.txt,"Phorum 3.3.2 a - Remote Command Execution",2002-05-17,"markus arndt",php,webapps,0 21460,platforms/cgi/webapps/21460.pl,"CGIScript.net 1.0 - Information Disclosure",2002-05-17,"Steve Gustin",cgi,webapps,0 -21461,platforms/php/webapps/21461.txt,"Phorum 3.3.2 - Cross-Site Scripting",2002-05-18,"markus arndt",php,webapps,0 +21461,platforms/php/webapps/21461.txt,"Phorum 3.3.2 - Cross-site Scripting",2002-05-18,"markus arndt",php,webapps,0 21462,platforms/freebsd/local/21462.sh,"FreeBSD 4.x - Process Concealment Bypass",2002-05-18,anonymous,freebsd,local,0 21463,platforms/php/webapps/21463.txt,"mcNews 1.x - File Disclosure",2002-05-17,frog,php,webapps,0 21464,platforms/asp/webapps/21464.txt,"Hosting Controller 1.x - Browse.ASP File Disclosure",2002-05-19,"Bao Dai Nhan",asp,webapps,0 @@ -18746,14 +18746,14 @@ id,file,description,date,author,platform,type,port 21470,platforms/windows/remote/21470.txt,"NewAtlanta ServletExec/ISAPI 4.1 - File Disclosure",2002-05-22,"Matt Moore",windows,remote,0 21471,platforms/windows/dos/21471.c,"NewAtlanta ServletExec/ISAPI 4.1 JSPServlet - Denial of Service",2002-05-22,"Matt Moore",windows,dos,0 21472,platforms/hardware/dos/21472.pl,"Cisco CBOS 2.x - Broadband Operating System TCP/IP Stack Denial of Service",2002-05-23,blackangels,hardware,dos,0 -21473,platforms/cgi/webapps/21473.txt,"ViewCVS 0.9.2 - Cross-Site Scripting",2002-05-24,office,cgi,webapps,0 +21473,platforms/cgi/webapps/21473.txt,"ViewCVS 0.9.2 - Cross-site Scripting",2002-05-24,office,cgi,webapps,0 21474,platforms/php/webapps/21474.txt,"OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection",2002-05-24,frog,php,webapps,0 21475,platforms/windows/remote/21475.txt,"LocalWEB2000 2.1.0 Standard - File Disclosure",2002-05-24,"Tamer Sahin",windows,remote,0 21476,platforms/linux/dos/21476.c,"Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (1)",2002-05-24,zillion,linux,dos,0 21477,platforms/linux/dos/21477.c,"Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (2)",2002-05-24,zillion,linux,dos,0 21478,platforms/php/webapps/21478.txt,"OpenBB 1.0 - Unauthorized Moderator Access",2002-05-24,frog,php,webapps,0 -21479,platforms/php/webapps/21479.txt,"OpenBB 1.0.0 RC3 - Cross-Site Scripting",2002-05-24,frog,php,webapps,0 -21480,platforms/cgi/webapps/21480.txt,"GNU Mailman 2.0.x - Admin Login Cross-Site Scripting",2002-05-20,office,cgi,webapps,0 +21479,platforms/php/webapps/21479.txt,"OpenBB 1.0.0 RC3 - Cross-site Scripting",2002-05-24,frog,php,webapps,0 +21480,platforms/cgi/webapps/21480.txt,"GNU Mailman 2.0.x - Admin Login Cross-site Scripting",2002-05-20,office,cgi,webapps,0 21481,platforms/windows/dos/21481.txt,"Microsoft MSN Messenger 1-4 - Malformed Invite Request Denial of Service",2002-05-24,"Beck Mr.R",windows,dos,0 21482,platforms/linux/dos/21482.txt,"MIT PGP Public Key Server 0.9.2/0.9.4 - Search String Remote Buffer Overflow",2002-05-24,Max,linux,dos,0 21483,platforms/windows/remote/21483.html,"Opera 6.0.1/6.0.2 - Arbitrary File Disclosure",2002-05-27,"GreyMagic Software",windows,remote,0 @@ -18783,13 +18783,13 @@ id,file,description,date,author,platform,type,port 21506,platforms/linux/local/21506.c,"QNX RTOS 6.1 - PKG-Installer Buffer Overflow",2002-06-03,badc0ded,linux,local,0 21507,platforms/linux/local/21507.sh,"QNX 6.x - 'ptrace()' Arbitrary Process Modification",2002-06-03,badc0ded,linux,local,0 21508,platforms/windows/dos/21508.py,"SafeNet Sentinel Keys Server - Crash PoC",2012-09-24,retset,windows,dos,0 -21509,platforms/php/webapps/21509.txt,"Teekai Tracking Online 1.0 - Cross-Site Scripting",2002-06-03,frog,php,webapps,0 +21509,platforms/php/webapps/21509.txt,"Teekai Tracking Online 1.0 - Cross-site Scripting",2002-06-03,frog,php,webapps,0 21510,platforms/windows/remote/21510.pl,"Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Buffer Overflow",2002-07-27,mat@monkey.org,windows,remote,0 21511,platforms/multiple/remote/21511.c,"Nullsoft SHOUTCast 1.8.9 - Remote Buffer Overflow",2002-06-04,eSDee,multiple,remote,0 21512,platforms/freebsd/dos/21512.txt,"Slurp 1.10 - SysLog Remote Format String",2002-06-04,zillion,freebsd,dos,0 21513,platforms/hardware/remote/21513.c,"Telindus 1100 Series Router - Administration Password Leak",2002-06-05,rubik,hardware,remote,0 21514,platforms/php/webapps/21514.txt,"Splatt Forum 3.0 - Image Tag HTML Injection",2002-06-06,MegaHz,php,webapps,0 -21515,platforms/windows/remote/21515.txt,"Microsoft Internet Explorer 5/6 - FTP Web View Cross-Site Scripting",2002-06-06,"Eiji James Yoshida",windows,remote,0 +21515,platforms/windows/remote/21515.txt,"Microsoft Internet Explorer 5/6 - FTP Web View Cross-site Scripting",2002-06-06,"Eiji James Yoshida",windows,remote,0 21516,platforms/unix/local/21516.pl,"Ehud Gavron TrACESroute 6.1.1 - Terminator Function Format String",2002-06-06,stringz,unix,local,0 21517,platforms/php/webapps/21517.txt,"Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities",2002-06-06,"Ulf Harnhammar",php,webapps,0 21518,platforms/linux/dos/21518.txt,"X Window 4.0/4.1/4.2 - System Oversized Font DoS",2002-06-10,"Tom Vogt",linux,dos,0 @@ -18797,8 +18797,8 @@ id,file,description,date,author,platform,type,port 21520,platforms/linux/remote/21520.py,"QNX 6.5.0 / QCONN 1.4.207944 - Remote Command Execution",2012-09-25,Mor!p3r,linux,remote,0 21523,platforms/hardware/dos/21523.txt,"Cisco DPC2100 - Denial of Service",2012-09-26,"Daniel Smith",hardware,dos,0 21524,platforms/php/webapps/21524.txt,"ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusion",2012-09-26,L0n3ly-H34rT,php,webapps,0 -21525,platforms/php/webapps/21525.txt,"Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 -21526,platforms/php/webapps/21526.txt,"MyHelpDesk 20020509 - Cross-Site Scripting",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 +21525,platforms/php/webapps/21525.txt,"Geeklog 1.3.5 - Multiple Cross-site Scripting Vulnerabilities",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 +21526,platforms/php/webapps/21526.txt,"MyHelpDesk 20020509 - Cross-site Scripting",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21527,platforms/php/webapps/21527.txt,"MyHelpDesk 20020509 - SQL Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21528,platforms/php/webapps/21528.txt,"Geeklog 1.3.5 - Calendar Event Form Script Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21529,platforms/php/webapps/21529.txt,"W-Agora 4.1.x - Remote File Inclusion",2002-06-10,frog,php,webapps,0 @@ -18817,17 +18817,17 @@ id,file,description,date,author,platform,type,port 21542,platforms/windows/remote/21542.c,"AnalogX SimpleServer:WWW 1.16 - Web Server Buffer Overflow",2002-06-13,"Auriemma Luigi",windows,remote,0 21543,platforms/java/webapps/21543.txt,"Ruslan Communications Builder - SQL Injection",2002-06-13,"Alexander Korchagin",java,webapps,0 21544,platforms/multiple/dos/21544.html,"Netscape 4.77 - Composer Font Face Field Buffer Overflow",2002-06-13,S[h]iff,multiple,dos,0 -21545,platforms/jsp/webapps/21545.txt,"JAMF Casper Suite MDM - CSRF",2012-09-27,"Jacob Holcomb",jsp,webapps,0 +21545,platforms/jsp/webapps/21545.txt,"JAMF Casper Suite MDM - Cross-site Request Forgery",2012-09-27,"Jacob Holcomb",jsp,webapps,0 21546,platforms/windows/webapps/21546.py,"Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Auth Blind SQL Injection",2012-09-27,otoy,windows,webapps,0 21547,platforms/windows/local/21547.txt,"Smartfren Connex EC 1261-2 UI OUC - Local Privilege Escalation",2012-09-27,X-Cisadane,windows,local,0 -21548,platforms/cfm/remote/21548.txt,"ColdFusion MX - Missing Template Cross-Site Scripting",2002-06-13,Macromedia,cfm,remote,0 +21548,platforms/cfm/remote/21548.txt,"ColdFusion MX - Missing Template Cross-site Scripting",2002-06-13,Macromedia,cfm,remote,0 21549,platforms/windows/local/21549.txt,"Microsoft SQL Server 2000 - Password Encrypt Procedure Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0 21550,platforms/windows/local/21550.txt,"Lumigent Log Explorer XP - _LogAttach_StartProf Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0 21551,platforms/windows/local/21551.txt,"Lumigent Log Explorer 3.0.1 - XP_LogAttach_SetPort Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0 -21552,platforms/php/webapps/21552.txt,"PHP Classifieds 6.0.5 - Cross-Site Scripting",2002-06-14,windows-1256,php,webapps,0 -21553,platforms/cgi/webapps/21553.txt,"Mewsoft NetAuction 3.0 - Cross-Site Scripting",2002-06-14,windows-1256,cgi,webapps,0 -21554,platforms/windows/remote/21554.txt,"Imatix Xitami 2.5 - GSL Template Cross-Site Scripting",2002-06-14,"Matthew Murphy",windows,remote,0 -21555,platforms/windows/remote/21555.txt,"Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting",2002-06-14,"Dave Palumbo",windows,remote,0 +21552,platforms/php/webapps/21552.txt,"PHP Classifieds 6.0.5 - Cross-site Scripting",2002-06-14,windows-1256,php,webapps,0 +21553,platforms/cgi/webapps/21553.txt,"Mewsoft NetAuction 3.0 - Cross-site Scripting",2002-06-14,windows-1256,cgi,webapps,0 +21554,platforms/windows/remote/21554.txt,"Imatix Xitami 2.5 - GSL Template Cross-site Scripting",2002-06-14,"Matthew Murphy",windows,remote,0 +21555,platforms/windows/remote/21555.txt,"Cisco Secure ACS for Windows NT 3.0 - Cross-site Scripting",2002-06-14,"Dave Palumbo",windows,remote,0 21556,platforms/windows/dos/21556.txt,"Microsoft Internet Explorer 5/6 - CSSText Bold Font Denial of Service",2002-06-15,"Oleg A. Cheremisin",windows,dos,0 21557,platforms/php/webapps/21557.txt,"Zeroboard 4.1 - PHP Include File Arbitrary Command Execution",2002-06-15,onlooker,php,webapps,0 21558,platforms/cgi/webapps/21558.txt,"My Postcards 6.0 - MagicCard.CGI Arbitrary File Disclosure",2002-06-15,cult,cgi,webapps,0 @@ -18845,10 +18845,10 @@ id,file,description,date,author,platform,type,port 21570,platforms/php/webapps/21570.txt,"BasiliX Webmail 1.1 - Message Content Script Injection",2002-06-19,"Ulf Harnhammar",php,webapps,0 21571,platforms/irix/remote/21571.c,"SGI IRIX 6.x - rpc.xfsmd Remote Command Execution",2002-06-20,"Last Stage of Delirium",irix,remote,0 21572,platforms/multiple/dos/21572.txt,"Half-Life Server 1.1/3.1 - New Player Flood Denial of Service",2002-06-20,"Auriemma Luigi",multiple,dos,0 -21573,platforms/cgi/webapps/21573.txt,"YaBB 1 - Invalid Topic Error Page Cross-Site Scripting",2002-06-21,methodic,cgi,webapps,0 +21573,platforms/cgi/webapps/21573.txt,"YaBB 1 - Invalid Topic Error Page Cross-site Scripting",2002-06-21,methodic,cgi,webapps,0 21574,platforms/unix/remote/21574.txt,"Pirch IRC 98 Client - Malformed Link Buffer Overrun",2002-06-21,"David Rude II",unix,remote,0 21575,platforms/multiple/dos/21575.txt,"Mod_SSL 2.8.x - Off-By-One HTAccess Buffer Overflow",2002-06-22,"Frank DENIS",multiple,dos,0 -21576,platforms/windows/remote/21576.txt,"Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting",2002-06-23,"Matthew Murphy",windows,remote,0 +21576,platforms/windows/remote/21576.txt,"Working Resources BadBlue 1.7 - EXT.DLL Cross-site Scripting",2002-06-23,"Matthew Murphy",windows,remote,0 21577,platforms/hp-ux/local/21577.c,"HP CIFS/9000 Server A.01.05/A.01.06 - Buffer Overflow",2002-11-06,watercloud,hp-ux,local,0 21578,platforms/unix/remote/21578.txt,"OpenSSH 3.x - Challenge-Response Buffer Overflow (1)",2002-06-24,"Christophe Devine",unix,remote,0 21579,platforms/unix/remote/21579.txt,"OpenSSH 3.x - Challenge-Response Buffer Overflow (2)",2002-06-24,"Gobbles Security",unix,remote,0 @@ -18859,8 +18859,8 @@ id,file,description,date,author,platform,type,port 21584,platforms/linux/local/21584.pl,"Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow (2)",2002-06-29,"andrea lisci",linux,local,0 21585,platforms/linux/local/21585.c,"Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow (3)",2002-06-29,N4rK07IX,linux,local,0 21586,platforms/linux/remote/21586.txt,"E-Guest 1.1 - Server Side Include Arbitrary Command Execution",2002-06-30,DownBload,linux,remote,0 -21587,platforms/cgi/webapps/21587.txt,"BBC Education Betsie 1.5 - Parserl.PL Cross-Site Scripting",2002-07-01,"Mark Rowe",cgi,webapps,0 -21588,platforms/cgi/webapps/21588.txt,"Blackboard 5.0 - Cross-Site Scripting",2002-07-01,"Berend-Jan Wever",cgi,webapps,0 +21587,platforms/cgi/webapps/21587.txt,"BBC Education Betsie 1.5 - Parserl.PL Cross-site Scripting",2002-07-01,"Mark Rowe",cgi,webapps,0 +21588,platforms/cgi/webapps/21588.txt,"Blackboard 5.0 - Cross-site Scripting",2002-07-01,"Berend-Jan Wever",cgi,webapps,0 21589,platforms/windows/remote/21589.pl,"AnalogX Proxy 4.0 - Socks4A Buffer Overflow",2002-07-01,Kanatoko,windows,remote,0 21590,platforms/php/webapps/21590.txt,"PHPAuction 1/2 - Unauthorized Administrative Access",2002-07-02,ethx,php,webapps,0 21591,platforms/windows/remote/21591.sh,"ArGoSoft 1.8 Mail Server - Directory Traversal",2002-07-06,"team n.finity",windows,remote,0 @@ -18871,19 +18871,19 @@ id,file,description,date,author,platform,type,port 21596,platforms/osx/remote/21596.txt,"MacOS X 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 21597,platforms/windows/remote/21597.txt,"Key Focus KF Web Server 1.0.2 - Directory Contents Disclosure",2002-07-08,Securiteinfo.com,windows,remote,0 21598,platforms/linux/dos/21598.c,"Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion",2002-07-08,"Paul Starzetz",linux,dos,0 -21599,platforms/windows/remote/21599.txt,"Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting",2002-07-08,"Matthew Murphy",windows,remote,0 +21599,platforms/windows/remote/21599.txt,"Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-site Scripting",2002-07-08,"Matthew Murphy",windows,remote,0 21600,platforms/windows/dos/21600.txt,"Working Resources BadBlue 1.7.3 - Get Request Denial of Service",2002-07-08,"Matthew Murphy",windows,dos,0 21601,platforms/windows/remote/21601.c,"Microsoft Foundation Class Library 7.0 - ISAPI Buffer Overflow",2002-07-08,"Matthew Murphy",windows,remote,0 21602,platforms/linux/remote/21602.txt,"icecast server 1.3.12 - Directory Traversal information disclosure",2002-07-09,glaive,linux,remote,0 21603,platforms/multiple/remote/21603.txt,"iPlanet Web Server 4.1 - Search Component File Disclosure",2002-07-09,"Qualys Corporation",multiple,remote,0 -21604,platforms/linux/remote/21604.txt,"Apache Tomcat 4.0.3 - Servlet Mapping Cross-Site Scripting",2002-07-10,"Matt Moore",linux,remote,0 -21605,platforms/windows/remote/21605.txt,"Apache Tomcat 4.0.3 - DoS Device Name / Cross-Site Scripting",2002-07-10,"Matt Moore",windows,remote,0 +21604,platforms/linux/remote/21604.txt,"Apache Tomcat 4.0.3 - Servlet Mapping Cross-site Scripting",2002-07-10,"Matt Moore",linux,remote,0 +21605,platforms/windows/remote/21605.txt,"Apache Tomcat 4.0.3 - DoS Device Name / Cross-site Scripting",2002-07-10,"Matt Moore",windows,remote,0 21606,platforms/windows/remote/21606.txt,"Microsoft Internet Explorer 5/6 - OBJECT Tag Same Origin Policy Violation",2002-07-10,"Thor Larholm",windows,remote,0 21607,platforms/windows/remote/21607.txt,"GoAhead WebServer 2.1.x - URL Encoded Slash Directory Traversal",2002-07-10,"Matt Moore",windows,remote,0 -21608,platforms/windows/remote/21608.txt,"GoAhead WebServer 2.1.x - Error Page Cross-Site Scripting",2002-07-10,"Matt Moore",windows,remote,0 -21609,platforms/cgi/webapps/21609.txt,"Fluid Dynamics Search Engine 2.0 - Cross-Site Scripting",2002-07-10,VALDEUX,cgi,webapps,0 +21608,platforms/windows/remote/21608.txt,"GoAhead WebServer 2.1.x - Error Page Cross-site Scripting",2002-07-10,"Matt Moore",windows,remote,0 +21609,platforms/cgi/webapps/21609.txt,"Fluid Dynamics Search Engine 2.0 - Cross-site Scripting",2002-07-10,VALDEUX,cgi,webapps,0 21610,platforms/php/webapps/21610.txt,"Sun i-Runbook 2.5.2 - Directory And File Content Disclosure",2002-07-11,JWC,php,webapps,0 -21611,platforms/windows/remote/21611.txt,"Summit Computer Networks Lil' HTTP Server 2.1/2.2 - pbcgi.cgi Cross-Site Scripting",2002-07-11,"Matthew Murphy",windows,remote,0 +21611,platforms/windows/remote/21611.txt,"Summit Computer Networks Lil' HTTP Server 2.1/2.2 - pbcgi.cgi Cross-site Scripting",2002-07-11,"Matthew Murphy",windows,remote,0 21612,platforms/windows/dos/21612.txt,"Ultrafunk Popcorn 1.20 - Multiple Denial of Service Vulnerabilities",2002-07-11,"Auriemma Luigi",windows,dos,0 21613,platforms/windows/remote/21613.txt,"Microsoft IIS 4/5 - SMTP Service Encapsulated SMTP Address",2002-07-12,JWC,windows,remote,0 21614,platforms/freebsd/remote/21614.c,"ATPhttpd 0.4 b - Buffer Overflow",2002-07-12,badc0ded,freebsd,remote,0 @@ -18893,15 +18893,15 @@ id,file,description,date,author,platform,type,port 21618,platforms/windows/remote/21618.txt,"Mirabilis ICQ 2002 - Sound Scheme Remote Configuration Modification",2002-07-15,xLaNT,windows,remote,0 21619,platforms/windows/remote/21619.txt,"AOL Instant Messenger 4.x - Unauthorized Actions",2002-07-16,orb,windows,remote,0 21620,platforms/cgi/dos/21620.txt,"Oddsock Song Requester 2.1 - WinAmp Plugin Denial of Service",2002-07-16,"Lucas Lundgren",cgi,dos,0 -21621,platforms/jsp/webapps/21621.txt,"Macromedia Sitespring 1.2 - Default Error Page Cross-Site Scripting",2002-07-17,"Peter Gründl",jsp,webapps,0 -21622,platforms/php/webapps/21622.txt,"PHP-Wiki 1.2/1.3 - Cross-Site Scripting",2002-07-17,Pistone,php,webapps,0 +21621,platforms/jsp/webapps/21621.txt,"Macromedia Sitespring 1.2 - Default Error Page Cross-site Scripting",2002-07-17,"Peter Gründl",jsp,webapps,0 +21622,platforms/php/webapps/21622.txt,"PHP-Wiki 1.2/1.3 - Cross-site Scripting",2002-07-17,Pistone,php,webapps,0 21623,platforms/linux/local/21623.txt,"Python 1.5.2 Pickle - Unsafe eval() Code Execution",2002-07-17,"Jeff Epler",linux,local,0 21624,platforms/linux/local/21624.py,"Python 1.5/1.6/2.0/2.1.x - Pickle Class Constructor Arbitrary Code Execution",2002-07-17,"Jeff Epler",linux,local,0 21625,platforms/windows/remote/21625.pl,"Trend Micro InterScan VirusWall for Windows NT 3.52 - Space Gap Scan Bypass",2002-07-18,SecuriTeam,windows,remote,0 21626,platforms/windows/remote/21626.c,"3.3/4.0/4.2 MERCUR Mailserver - Control-Service Buffer Overflow",2002-07-16,anonymous,windows,remote,0 22072,platforms/linux/remote/22072.c,"Cobalt RaQ4 - Administrative Interface Command Execution",2002-12-05,grazer,linux,remote,0 21627,platforms/multiple/remote/21627.txt,"Oracle Reports Server 6.0.8/9.0.2 - Information Disclosure",2002-07-18,skp,multiple,remote,0 -21628,platforms/php/webapps/21628.txt,"Geeklog 1.3.5 - HTML Attribute Cross-Site Scripting",2002-07-19,"Ulf Harnhammar",php,webapps,0 +21628,platforms/php/webapps/21628.txt,"Geeklog 1.3.5 - HTML Attribute Cross-site Scripting",2002-07-19,"Ulf Harnhammar",php,webapps,0 21629,platforms/windows/local/21629.txt,"Adobe eBook Reader 2.2 - File Restoration Privilege Escalation",2002-07-19,"Vladimir Katalov",windows,local,0 21630,platforms/windows/remote/21630.html,"Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access",2002-07-20,"Matthew Murphy",windows,remote,0 21631,platforms/windows/remote/21631.txt,"Microsoft Outlook Express 5/6 - Spoofable File Extensions",2002-07-20,"Matthew Murphy",windows,remote,0 @@ -18914,14 +18914,14 @@ id,file,description,date,author,platform,type,port 21638,platforms/multiple/remote/21638.txt,"Mozilla 0.9.x/1.0 - JavaScript URL Host Spoofing Arbitrary Cookie Access",2002-07-24,"Andreas Sandblad",multiple,remote,0 21639,platforms/windows/remote/21639.c,"VMware GSX Server 2.0 - Authentication Server Buffer Overflow",2002-07-24,"Zag & Glcs",windows,remote,0 21640,platforms/php/webapps/21640.txt,"Cobalt Qube 3.0 - Authentication Bypass",2002-07-24,pokley,php,webapps,0 -21641,platforms/cgi/remote/21641.txt,"GNU Mailman 2.0.x - Subscribe Cross-Site Scripting",2002-07-24,office,cgi,remote,0 -21642,platforms/cgi/remote/21642.txt,"GNU Mailman 2.0.x - Admin Login Variant Cross-Site Scripting",2002-07-24,office,cgi,remote,0 +21641,platforms/cgi/remote/21641.txt,"GNU Mailman 2.0.x - Subscribe Cross-site Scripting",2002-07-24,office,cgi,remote,0 +21642,platforms/cgi/remote/21642.txt,"GNU Mailman 2.0.x - Admin Login Variant Cross-site Scripting",2002-07-24,office,cgi,remote,0 21643,platforms/windows/remote/21643.c,"CodeBlue 5.1 - SMTP Response Buffer Overflow",2002-07-24,doe,windows,remote,0 21644,platforms/unix/dos/21644.txt,"Pine 4.x - Empty MIME Boundary Denial of Service",2002-07-24,"Martin J. Muench",unix,dos,0 21645,platforms/windows/dos/21645.txt,"Foxit Reader 5.4.3.0920 - Crash PoC",2012-10-01,coolkaveh,windows,dos,0 21646,platforms/php/webapps/21646.py,"Archin WordPress Theme 3.2 - Unauthenticated Configuration Access",2012-10-01,bwall,php,webapps,0 21648,platforms/windows/remote/21648.txt,"Pegasus Mail 4.0 1 - Message Header Buffer Overflow",2002-07-24,"Auriemma Luigi",windows,remote,0 -21649,platforms/multiple/remote/21649.txt,"CacheFlow CacheOS 3.1.x/4.0.x/4.1 - Unresolved Domain Cross-Site Scripting",2002-07-24,T.Suzuki,multiple,remote,0 +21649,platforms/multiple/remote/21649.txt,"CacheFlow CacheOS 3.1.x/4.0.x/4.1 - Unresolved Domain Cross-site Scripting",2002-07-24,T.Suzuki,multiple,remote,0 21651,platforms/windows/remote/21651.txt,"Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection",2002-07-25,"Cesar Cerrudo",windows,remote,0 21652,platforms/windows/remote/21652.cpp,"Microsoft SQL Server 2000 - Resolution Service Heap Overflow",2002-07-25,"David Litchfield",windows,remote,0 21653,platforms/windows/dos/21653.c,"KaZaA Media Desktop 1.7.1 - Large Message Denial of Service",2002-07-25,"Josh and omega",windows,dos,0 @@ -18951,8 +18951,8 @@ id,file,description,date,author,platform,type,port 21678,platforms/solaris/remote/21678.c,"Inso DynaWeb httpd 3.1/4.0.2/4.1 - Format String",2002-08-02,ghandi,solaris,remote,0 21679,platforms/cgi/webapps/21679.txt,"Dispair 0.1/0.2 - Remote Command Execution",2002-07-30,anonymous,cgi,webapps,0 21680,platforms/windows/remote/21680.pl,"Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow",2002-08-05,Kanatoko,windows,remote,0 -21681,platforms/windows/remote/21681.html,"Opera 6.0.x - FTP View Cross-Site Scripting",2002-08-06,"Eiji James Yoshida",windows,remote,0 -21682,platforms/unix/remote/21682.txt,"Mozilla 1.0/1.1 - FTP View Cross-Site Scripting",2002-08-06,"Eiji James Yoshida",unix,remote,0 +21681,platforms/windows/remote/21681.html,"Opera 6.0.x - FTP View Cross-site Scripting",2002-08-06,"Eiji James Yoshida",windows,remote,0 +21682,platforms/unix/remote/21682.txt,"Mozilla 1.0/1.1 - FTP View Cross-site Scripting",2002-08-06,"Eiji James Yoshida",unix,remote,0 21683,platforms/linux/local/21683.c,"qmailadmin 1.0.x - Local Buffer Overflow",2002-08-06,"Thomas Cannon",linux,local,0 21684,platforms/windows/local/21684.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (1)",2002-08-06,sectroyer,windows,local,0 21685,platforms/windows/local/21685.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (2)",2002-08-06,"Oliver Lavery",windows,local,0 @@ -18968,13 +18968,13 @@ id,file,description,date,author,platform,type,port 21695,platforms/windows/remote/21695.pl,"Qualcomm Eudora 5/6 - File Attachment Spoofing (1)",2002-08-08,"Paul Szabo",windows,remote,0 21696,platforms/windows/remote/21696.pl,"Qualcomm Eudora 5/6 - File Attachment Spoofing (2)",2002-08-08,"Paul Szabo",windows,remote,0 21697,platforms/windows/remote/21697.txt,"Apache 2.0 - Encoded Backslash Directory Traversal",2002-08-09,"Auriemma Luigi",windows,remote,0 -21698,platforms/windows/remote/21698.txt,"BlueFace Falcon Web Server 2.0 - Error Message Cross-Site Scripting",2002-08-09,"Matt Murphy",windows,remote,0 +21698,platforms/windows/remote/21698.txt,"BlueFace Falcon Web Server 2.0 - Error Message Cross-site Scripting",2002-08-09,"Matt Murphy",windows,remote,0 21699,platforms/hardware/remote/21699.txt,"Orinoco OEM Residential Gateway - SNMP Community String Remote Configuration",2002-08-09,"Foundstone Inc.",hardware,remote,0 21700,platforms/linux/local/21700.c,"ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)",2002-08-10,"Gobbles Security",linux,local,0 21701,platforms/linux/local/21701.pl,"ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (2)",2002-08-10,"TESO Security",linux,local,0 21702,platforms/asp/webapps/21702.txt,"Midicart ASP - Remote Customer Information Retrieval",2002-08-10,"Dimitri Sekhniashvili",asp,webapps,0 21703,platforms/windows/dos/21703.txt,"Citrix Metaframe for Windows NT 4.0 TSE 1.8 - Java ICA Environment DoS",2002-08-11,"Tanin Ehrami",windows,dos,0 -21704,platforms/unix/remote/21704.txt,"W3C CERN httpd 3.0 Proxy - Cross-Site Scripting",2002-08-12,"TAKAGI Hiromitsu",unix,remote,0 +21704,platforms/unix/remote/21704.txt,"W3C CERN httpd 3.0 Proxy - Cross-site Scripting",2002-08-12,"TAKAGI Hiromitsu",unix,remote,0 21705,platforms/windows/remote/21705.txt,"Microsoft Internet Explorer 6.0 - File Attachment Script Execution",2002-08-13,http-equiv,windows,remote,0 21706,platforms/linux/remote/21706.txt,"Red Hat Interchange 4.8.x - Arbitrary File Read",2002-08-13,anonymous,linux,remote,0 21707,platforms/windows/remote/21707.txt,"GoAhead WebServer 2.1 - Remote Arbitrary Command Execution",2002-08-14,anonymous,windows,remote,0 @@ -18997,13 +18997,13 @@ id,file,description,date,author,platform,type,port 21725,platforms/linux/remote/21725.c,"MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (1)",2002-08-19,g0thm0g,linux,remote,0 21726,platforms/linux/remote/21726.c,"MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (2)",2002-10-05,st0ic,linux,remote,0 21727,platforms/php/webapps/21727.txt,"Mantis 0.15.x/0.16/0.17.x - JPGraph Remote File Inclusion Command Execution",2002-08-19,"Joao Gouveia",php,webapps,0 -21728,platforms/cgi/webapps/21728.txt,"Kerio MailServer 5.0/5.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities",2002-08-19,"Abraham Lincoln",cgi,webapps,0 -21729,platforms/cgi/webapps/21729.txt,"Mozilla Bonsai - Multiple Cross-Site Scripting Vulnerabilities",2002-08-20,"Stan Bubrouski",cgi,webapps,0 +21728,platforms/cgi/webapps/21728.txt,"Kerio MailServer 5.0/5.1 Web Mail - Multiple Cross-site Scripting Vulnerabilities",2002-08-19,"Abraham Lincoln",cgi,webapps,0 +21729,platforms/cgi/webapps/21729.txt,"Mozilla Bonsai - Multiple Cross-site Scripting Vulnerabilities",2002-08-20,"Stan Bubrouski",cgi,webapps,0 21730,platforms/cgi/webapps/21730.txt,"Mozilla Bonsai 1.3 - Path Disclosure",2002-08-20,"Stan Bubrouski",cgi,webapps,0 21731,platforms/novell/remote/21731.pl,"Novell NetWare 5.1/6.0 - HTTP Post Arbitrary Perl Code Execution",2002-08-20,"Dan Elder",novell,remote,0 21732,platforms/linux/local/21732.txt,"SCPOnly 2.3/2.4 - SSH Environment Shell Escaping",2002-08-20,"Derek D. Martin",linux,local,0 21733,platforms/linux/local/21733.sh,"Sun Cobalt RaQ 4.0 - Predictable Temporary Filename Symbolic Link Attack",2002-06-28,"Charles Stevenson",linux,local,0 -21734,platforms/unix/remote/21734.txt,"Apache Tomcat 4.1 - JSP Request Cross-Site Scripting",2002-08-21,Skinnay,unix,remote,0 +21734,platforms/unix/remote/21734.txt,"Apache Tomcat 4.1 - JSP Request Cross-site Scripting",2002-08-21,Skinnay,unix,remote,0 21735,platforms/windows/remote/21735.txt,"Abyss Web Server 1.0 - Encoded Backslash Directory Traversal",2002-08-22,"Auriemma Luigi",windows,remote,0 21736,platforms/hardware/dos/21736.txt,"LG LR3100p 1.30 Series Router - IP Packet Flags Denial of Service",2002-08-22,"Lukasz Bromirski",hardware,dos,0 21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server - ActiveX Control Array Indexing",2012-10-04,"Francis Provencher",windows,dos,0 @@ -19035,10 +19035,10 @@ id,file,description,date,author,platform,type,port 21763,platforms/linux/local/21763.txt,"Linuxconf 1.1.x / 1.2.x - Local Environment Variable Buffer Overflow (3)",2002-08-28,syscalls,linux,local,0 21764,platforms/windows/remote/21764.txt,"Microsoft Word 95/97/98/2000/2002 Excel - 2002 INCLUDETEXT Document Sharing File Disclosure",2002-08-26,"Alex Gantman",windows,remote,0 21765,platforms/linux/remote/21765.pl,"Webmin 0.x - RPC Function Privilege Escalation",2002-08-28,"Noam Rathaus",linux,remote,0 -21766,platforms/asp/webapps/21766.txt,"FactoSystem Weblog 0.9/1.0/1.1 - Multiple SQL Injection",2002-08-31,"Matthew Murphy",asp,webapps,0 -21767,platforms/multiple/remote/21767.txt,"NullLogic Null HTTPd 0.5 - Error Page Cross-Site Scripting",2002-09-02,"Matthew Murphy",multiple,remote,0 +21766,platforms/asp/webapps/21766.txt,"FactoSystem Weblog 0.9/1.0/1.1 - Multiple SQL Injections",2002-08-31,"Matthew Murphy",asp,webapps,0 +21767,platforms/multiple/remote/21767.txt,"NullLogic Null HTTPd 0.5 - Error Page Cross-site Scripting",2002-09-02,"Matthew Murphy",multiple,remote,0 21768,platforms/cgi/webapps/21768.txt,"Super Site Searcher - Remote Command Execution",2002-09-03,luca.ercoli,cgi,webapps,0 -21769,platforms/cgi/webapps/21769.txt,"Aestiva HTML/OS 2.4 - Cross-Site Scripting",2002-09-03,eax@3xT.org,cgi,webapps,0 +21769,platforms/cgi/webapps/21769.txt,"Aestiva HTML/OS 2.4 - Cross-site Scripting",2002-09-03,eax@3xT.org,cgi,webapps,0 21770,platforms/hardware/dos/21770.c,"Cisco VPN 3000 Series Concentrator Client - Authentication Denial of Service",2002-09-03,Phenoelit,hardware,dos,0 21771,platforms/unix/local/21771.c,"AFD 1.2.x - Working Directory Local Buffer Overflow",2002-09-04,eSDee,unix,local,0 21772,platforms/unix/local/21772.pl,"HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)",2002-07-03,stripey,unix,local,0 @@ -19075,9 +19075,9 @@ id,file,description,date,author,platform,type,port 21806,platforms/unix/local/21806.c,"Cisco VPN 5000 Client - Buffer Overrun (2)",2002-09-18,zillion,unix,local,0 21807,platforms/unix/local/21807.pl,"HP Tru64/OSF1 DXTerm - Buffer Overflow",2002-07-03,stripey,unix,local,0 21808,platforms/windows/remote/21808.txt,"Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series - JDBC Class Code Execution",2002-09-19,anonymous,windows,remote,0 -21809,platforms/php/webapps/21809.txt,"Web Help Desk by SolarWinds - Stored XSS",2012-10-08,loneferret,php,webapps,0 +21809,platforms/php/webapps/21809.txt,"Web Help Desk by SolarWinds - Persistent Cross-site Scripting",2012-10-08,loneferret,php,webapps,0 21810,platforms/windows/remote/21810.c,"Trillian 0.73/0.74 - IRC PRIVMSG Buffer Overflow",2002-09-19,"Lance Fitz-Herbert",windows,remote,0 -21811,platforms/php/webapps/21811.txt,"SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-19,"DarC KonQuest",php,webapps,0 +21811,platforms/php/webapps/21811.txt,"SquirrelMail 1.2.6/1.2.7 - Multiple Cross-site Scripting Vulnerabilities",2002-09-19,"DarC KonQuest",php,webapps,0 21812,platforms/windows/remote/21812.txt,"Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure",2002-09-20,"Richard Edwards",windows,remote,0 21813,platforms/windows/dos/21813.c,"Trillian 0.73/0.74 - IRC JOIN Buffer Overflow",2002-09-20,"Lance Fitz-Herbert",windows,dos,0 21814,platforms/linux/local/21814.c,"Alsaplayer 0.99.71 - Local Buffer Overflow",2002-09-20,zillion,linux,local,0 @@ -19089,8 +19089,8 @@ id,file,description,date,author,platform,type,port 21882,platforms/unix/remote/21882.txt,"Apache Tomcat 3.2 - Directory Disclosure",2002-10-01,"HP Security",unix,remote,0 21883,platforms/windows/remote/21883.html,"Microsoft Internet Explorer 5 - Document Reference Zone Bypass",2002-10-01,"Liu Die Yu",windows,remote,0 21884,platforms/unix/local/21884.txt,"Sendmail 8.12.x - SMRSH Double Pipe Access Validation",2002-10-01,zen-parse,unix,local,0 -21885,platforms/multiple/remote/21885.txt,"Apache 1.3/2.0.x - Server Side Include Cross-Site Scripting",2002-10-02,mattmurphy,multiple,remote,0 -21886,platforms/php/webapps/21886.txt,"Py-Membres 3.1 - Index.php Unauthorized Access",2002-10-02,frog,php,webapps,0 +21885,platforms/multiple/remote/21885.txt,"Apache 1.3/2.0.x - Server Side Include Cross-site Scripting",2002-10-02,mattmurphy,multiple,remote,0 +21886,platforms/php/webapps/21886.txt,"Py-Membres 3.1 - 'index.php' Unauthorized Access",2002-10-02,frog,php,webapps,0 21821,platforms/windows/dos/21821.c,"Trillian 0.74 - IRC PART Message Denial of Service",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21881,platforms/bsd/local/21881.txt,"Rogue 5.3 - Local Buffer Overflow",2002-09-30,stanojr@iserver.sk,bsd,local,0 21822,platforms/multiple/webapps/21822.txt,"Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities",2012-10-09,Vulnerability-Lab,multiple,webapps,0 @@ -19098,7 +19098,7 @@ id,file,description,date,author,platform,type,port 21824,platforms/windows/dos/21824.pl,"Arctic Torrent 1.2.3 - Memory Corruption (DoS)",2012-10-09,"Jean Pascal Pereira",windows,dos,0 21825,platforms/php/webapps/21825.txt,"phpWebsite 0.8.2 - PHP File Include",2002-09-23,"Tim Vandermeersch",php,webapps,0 21826,platforms/windows/dos/21826.pl,"FL Studio 10 Producer Edition - SEH Based Buffer Overflow PoC",2012-10-09,Dark-Puzzle,windows,dos,0 -21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager Web Interface - Cross-Site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 +21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager Web Interface - Cross-site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 21828,platforms/hardware/dos/21828.txt,"HP Procurve 4000M Switch - Device Reset Denial of Service",2002-09-24,"Brook Powers",hardware,dos,0 21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 - HTML Injection",2002-09-24,das@hush.com,php,webapps,0 21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 @@ -19123,10 +19123,10 @@ id,file,description,date,author,platform,type,port 21852,platforms/unix/remote/21852.rb,"QNX QCONN - Remote Command Execution",2012-10-10,Metasploit,unix,remote,0 21853,platforms/unix/remote/21853.txt,"Apache Tomcat 3/4 - DefaultServlet File Disclosure",2002-09-24,"Rossen Raykov",unix,remote,0 21854,platforms/linux/dos/21854.c,"Apache 2.0.39/40 - Oversized STDERR Buffer Denial of Service",2002-09-24,"K.C. Wong",linux,dos,0 -21855,platforms/php/webapps/21855.txt,"PHP-Nuke 6.0/6.5 - Search Form Cross-Site Scripting",2002-09-24,"Mark Grimes",php,webapps,0 +21855,platforms/php/webapps/21855.txt,"PHP-Nuke 6.0/6.5 - Search Form Cross-site Scripting",2002-09-24,"Mark Grimes",php,webapps,0 21856,platforms/multiple/local/21856.txt,"OpenVms 5.3/6.2/7.x - UCX POP Server Arbitrary File Modification",2002-09-25,"Mike Riley",multiple,local,0 21857,platforms/linux/remote/21857.pl,"Monkey HTTP Server 0.1.4 - File Disclosure",2002-09-25,DownBload,linux,remote,0 -21858,platforms/linux/remote/21858.txt,"ACWeb 1.14/1.8 - Cross-Site Scripting",2002-09-25,DownBload,linux,remote,0 +21858,platforms/linux/remote/21858.txt,"ACWeb 1.14/1.8 - Cross-site Scripting",2002-09-25,DownBload,linux,remote,0 21859,platforms/php/webapps/21859.txt,"PHP-Nuke 6.0 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21860,platforms/php/webapps/21860.txt,"NPDS 4.8 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21861,platforms/php/webapps/21861.txt,"DaCode 1.2 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 @@ -19134,21 +19134,21 @@ id,file,description,date,author,platform,type,port 21863,platforms/php/webapps/21863.txt,"Drupal 4.0 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21864,platforms/php/webapps/21864.txt,"PHPWebSite 0.8.3 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21865,platforms/linux/local/21865.c,"Interbase 5/6 - GDS_Lock_MGR UMask File Permission Changing",2002-09-25,grazer,linux,local,0 -21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Stored XSS",2012-10-10,loneferret,multiple,webapps,0 +21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Persistent Cross-site Scripting",2012-10-10,loneferret,multiple,webapps,0 21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 21868,platforms/ios/remote/21868.rb,"Apple iOS MobileSafari - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 21869,platforms/ios/remote/21869.rb,"Apple iOS MobileMail - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 21870,platforms/linux/remote/21870.txt,"Zope 2.x - Incorrect XML-RPC Request Information Disclosure",2002-09-26,"Rossen Raykov",linux,remote,0 21871,platforms/linux/local/21871.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (1)",2002-09-26,zen-parse,linux,local,0 21872,platforms/linux/local/21872.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 -21873,platforms/php/webapps/21873.txt,"PostNuke 0.72 - Modules.php Cross-Site Scripting",2002-09-26,"Mark Grimes",php,webapps,0 +21873,platforms/php/webapps/21873.txt,"PostNuke 0.72 - Modules.php Cross-site Scripting",2002-09-26,"Mark Grimes",php,webapps,0 21874,platforms/php/webapps/21874.txt,"VBulletin 2.0.3 - Calendar.php Command Execution",2002-09-27,gosper,php,webapps,0 -21875,platforms/jsp/webapps/21875.txt,"Jetty 4.1 Servlet Engine - Cross-Site Scripting",2002-09-28,Skinnay,jsp,webapps,0 +21875,platforms/jsp/webapps/21875.txt,"Jetty 4.1 Servlet Engine - Cross-site Scripting",2002-09-28,Skinnay,jsp,webapps,0 21876,platforms/multiple/remote/21876.txt,"SafeTP 1.46 - Passive Mode Internal IP Address Revealing",2002-09-28,"Jonathan G. Lampe",multiple,remote,0 21877,platforms/cgi/webapps/21877.txt,"EmuMail 5.0 - Web Root Path Disclosure",2002-09-29,FVS,cgi,webapps,0 21878,platforms/cgi/webapps/21878.txt,"EmuMail 5.0 Email Form - Script Injection",2002-09-29,FVS,cgi,webapps,0 21879,platforms/java/webapps/21879.txt,"Sun ONE Starter Kit 2.0 / ASTAware SearchDisc 3.1 - Search Engine Directory Traversal",2002-09-30,"ET LoWNOISE",java,webapps,0 -21880,platforms/multiple/remote/21880.txt,"Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-30,DownBload,multiple,remote,0 +21880,platforms/multiple/remote/21880.txt,"Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross-site Scripting Vulnerabilities",2002-09-30,DownBload,multiple,remote,0 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module - Com_sink Exploit",2012-10-11,fb1h2s,windows,local,0 21888,platforms/windows/remote/21888.rb,"KeyHelp - ActiveX LaunchTriPane Remote Code Execution",2012-10-11,Metasploit,windows,remote,0 21889,platforms/windows/dos/21889.pl,"VLC Player 2.0.3 - (.png) ReadAV Crash PoC",2012-10-11,"Jean Pascal Pereira",windows,dos,0 @@ -19160,18 +19160,18 @@ id,file,description,date,author,platform,type,port 21896,platforms/php/webapps/21896.txt,"Midicart - PHP Arbitrary File Upload",2002-10-02,frog,php,webapps,0 21897,platforms/windows/remote/21897.txt,"SurfControl SuperScout WebFilter for windows 2000 - File Disclosure",2002-10-02,"Matt Moore",windows,remote,0 21898,platforms/windows/remote/21898.txt,"SurfControl SuperScout WebFilter for windows 2000 - SQL Injection",2002-10-02,"Matt Moore",windows,remote,0 -21899,platforms/php/webapps/21899.txt,"PHPWebSite 0.8.3 - Article.php Cross-Site Scripting",2002-10-02,Sp.IC,php,webapps,0 +21899,platforms/php/webapps/21899.txt,"PHPWebSite 0.8.3 - Article.php Cross-site Scripting",2002-10-02,Sp.IC,php,webapps,0 21900,platforms/php/webapps/21900.txt,"MySimpleNews 1.0 - PHP Injection",2002-10-02,frog,php,webapps,0 21901,platforms/php/webapps/21901.txt,"MySimpleNews 1.0 - Remotely Readable Administrator Password",2002-10-02,frog,php,webapps,0 21902,platforms/windows/remote/21902.c,"Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow",2002-10-07,ipxodi,windows,remote,0 -21903,platforms/php/webapps/21903.txt,"Michael Schatz Books 0.54/0.6 PostNuke Module - Cross-Site Scripting",2002-10-03,Pistone,php,webapps,0 +21903,platforms/php/webapps/21903.txt,"Michael Schatz Books 0.54/0.6 PostNuke Module - Cross-site Scripting",2002-10-03,Pistone,php,webapps,0 21904,platforms/aix/local/21904.pl,"IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow",2003-04-16,watercloud,aix,local,0 21905,platforms/php/webapps/21905.txt,"phpMyNewsLetter 0.6.10 - Remote File Inclusion",2002-10-03,frog,php,webapps,0 -21906,platforms/php/webapps/21906.txt,"phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2002-10-04,Sp.IC,php,webapps,0 +21906,platforms/php/webapps/21906.txt,"phpLinkat 0.1 - Multiple Cross-site Scripting Vulnerabilities",2002-10-04,Sp.IC,php,webapps,0 21907,platforms/windows/dos/21907.c,"Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (1)",2002-10-05,Morgan,windows,dos,0 21908,platforms/windows/dos/21908.pl,"Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (2)",2002-10-05,subj,windows,dos,0 21909,platforms/windows/dos/21909.txt,"Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (3)",2002-10-05,p0pt4rtz,windows,dos,0 -21910,platforms/windows/remote/21910.txt,"Microsoft IIS 5.0 - IDC Extension Cross-Site Scripting",2002-10-05,Roberto,windows,remote,0 +21910,platforms/windows/remote/21910.txt,"Microsoft IIS 5.0 - IDC Extension Cross-site Scripting",2002-10-05,Roberto,windows,remote,0 21911,platforms/multiple/dos/21911.txt,"Oracle 9i Application Server 9.0.2 Web Cache Administration Tool - Denial of Service",2002-10-06,@stake,multiple,dos,0 21912,platforms/php/webapps/21912.txt,"Killer Protection 1.0 - Information Disclosure",2002-10-07,frog,php,webapps,0 21913,platforms/windows/remote/21913.txt,"Citrix Published Applications - Information Disclosure",2002-10-07,wire,windows,remote,0 @@ -19180,19 +19180,19 @@ id,file,description,date,author,platform,type,port 33403,platforms/windows/dos/33403.py,"Intellicom 1.3 - 'NetBiterConfig.exe' 'Hostname' Data Remote Stack Buffer Overflow",2009-12-14,"Ruben Santamarta ",windows,dos,0 21918,platforms/php/webapps/21918.html,"VBZoom 1.0 - SQL Injection",2002-10-08,hish,php,webapps,0 21919,platforms/unix/remote/21919.sh,"Sendmail 8.12.6 - Trojan Horse",2002-10-08,netmask,unix,remote,0 -21920,platforms/asp/webapps/21920.txt,"Microsoft Content Management Server 2001 - Cross-Site Scripting",2002-10-09,overclocking_a_la_abuela,asp,webapps,0 +21920,platforms/asp/webapps/21920.txt,"Microsoft Content Management Server 2001 - Cross-site Scripting",2002-10-09,overclocking_a_la_abuela,asp,webapps,0 21921,platforms/php/webapps/21921.txt,"VBZoom 1.0 - Arbitrary File Upload",2002-10-09,hish,php,webapps,0 21922,platforms/windows/local/21922.c,"Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (1)",2002-10-09,Serus,windows,local,0 21923,platforms/windows/local/21923.c,"Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (2)",2002-10-09,Serus,windows,local,0 -21924,platforms/asp/webapps/21924.txt,"SurfControl SuperScout Email Filter 3.5 - MsgError.ASP Cross-Site Scripting",2002-10-08,ken@FTU,asp,webapps,0 +21924,platforms/asp/webapps/21924.txt,"SurfControl SuperScout Email Filter 3.5 - MsgError.ASP Cross-site Scripting",2002-10-08,ken@FTU,asp,webapps,0 21925,platforms/asp/webapps/21925.txt,"SurfControl SuperScout Email Filter 3.5 - User Credential Disclosure",2002-10-08,ken@FTU,asp,webapps,0 -21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite - AthCGI.EXE Cross-Site Scripting",2002-10-09,Max,cgi,webapps,0 +21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite - AthCGI.EXE Cross-site Scripting",2002-10-09,Max,cgi,webapps,0 21927,platforms/multiple/remote/21927.rb,"Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit (Metasploit)",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 -21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 - Browse.php Cross-Site Scripting",2002-10-10,"Arab VieruZ",php,webapps,0 +21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 - Browse.php Cross-site Scripting",2002-10-10,"Arab VieruZ",php,webapps,0 21929,platforms/php/webapps/21929.rb,"Project Pier - Arbitrary File Upload",2012-10-16,Metasploit,php,webapps,0 21931,platforms/php/webapps/21931.txt,"PHPBBMod 1.3.3 - PHPInfo Information Disclosure",2002-10-10,"Roland Verlander",php,webapps,0 21932,platforms/windows/remote/21932.pl,"Microsoft Outlook Express 5.5/6.0 - S/MIME Buffer Overflow",2002-10-10,"Noam Rathaus",windows,remote,0 -21933,platforms/php/webapps/21933.txt,"PHPRank 1.8 - Add.php Cross-Site Scripting",2002-10-10,"Jedi/Sector One",php,webapps,0 +21933,platforms/php/webapps/21933.txt,"PHPRank 1.8 - Add.php Cross-site Scripting",2002-10-10,"Jedi/Sector One",php,webapps,0 21934,platforms/linux/remote/21934.txt,"KDE 3.0.x - KPF Icon Option File Disclosure",2002-10-11,"Ajay R Ramjatan",linux,remote,0 21935,platforms/windows/dos/21935.txt,"My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service",2002-10-12,"Marc Ruef",windows,dos,0 21936,platforms/linux/remote/21936.c,"ATP httpd 0.4 - Single Byte Buffer Overflow",2002-10-05,thread,linux,remote,0 @@ -19205,30 +19205,30 @@ id,file,description,date,author,platform,type,port 21943,platforms/windows/dos/21943.c,"Zone Labs ZoneAlarm 3.0/3.1 - Syn Flood Denial of Service",2002-10-16,"Abraham Lincoln",windows,dos,0 21944,platforms/hardware/remote/21944.pl,"Cisco CatOS 5.x/6.1/7.3/7.4 - CiscoView HTTP Server Buffer Overflow",2002-10-16,blackangels,hardware,remote,0 21945,platforms/linux/remote/21945.pl,"PlanetDNS PlanetWeb 1.14 - Malformed Request Remote Buffer Overflow",2002-10-17,"securma massine",linux,remote,0 -21946,platforms/java/webapps/21946.txt,"VBulletin 2.0/2.2.x - Cross-Site Scripting",2002-10-18,Sp.IC,java,webapps,0 -21947,platforms/unix/remote/21947.txt,"IBM Websphere Edge Server 3.6/4.0 - Cross-Site Scripting",2002-10-23,Rapid7,unix,remote,0 +21946,platforms/java/webapps/21946.txt,"VBulletin 2.0/2.2.x - Cross-site Scripting",2002-10-18,Sp.IC,java,webapps,0 +21947,platforms/unix/remote/21947.txt,"IBM Websphere Edge Server 3.6/4.0 - Cross-site Scripting",2002-10-23,Rapid7,unix,remote,0 21948,platforms/unix/remote/21948.txt,"IBM Websphere Edge Server 3.69/4.0 - HTTP Header Injection",2002-10-23,Rapid7,unix,remote,0 21949,platforms/unix/dos/21949.txt,"IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service",2002-10-18,Rapid7,unix,dos,0 -21950,platforms/php/webapps/21950.txt,"YaBB 1.40/1.41 - Login Cross-Site Scripting",2002-10-18,"Nir Adar",php,webapps,0 +21950,platforms/php/webapps/21950.txt,"YaBB 1.40/1.41 - Login Cross-site Scripting",2002-10-18,"Nir Adar",php,webapps,0 21951,platforms/windows/dos/21951.c,"Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (1)",2002-10-22,lion,windows,dos,0 21952,platforms/windows/dos/21952.c,"Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (2)",2002-10-22,Trancer,windows,dos,0 21953,platforms/windows/dos/21953.txt,"Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (3)",2002-10-18,Rapid7,windows,dos,0 21954,platforms/windows/dos/21954.txt,"Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (4)",2002-10-18,anonymous,windows,dos,0 21955,platforms/windows/remote/21955.java,"AN HTTPD 1.38/1.39/1.40/1.41 - Malformed SOCKS4 Request Buffer Overflow",2002-10-21,Kanatoko,windows,remote,0 21956,platforms/php/webapps/21956.txt,"KMMail 1.0 - E-Mail HTML Injection",2002-10-21,"Ulf Harnhammar",php,webapps,0 -21957,platforms/php/webapps/21957.txt,"PHP Arena PAFileDB 1.1.3/2.1.1/3.0 - Email To Friend Cross-Site Scripting",2002-10-21,ersatz,php,webapps,0 +21957,platforms/php/webapps/21957.txt,"PHP Arena PAFileDB 1.1.3/2.1.1/3.0 - Email To Friend Cross-site Scripting",2002-10-21,ersatz,php,webapps,0 21958,platforms/windows/remote/21958.txt,"AOL Instant Messenger 4.8.2790 - Local File Execution",2002-10-22,"Blud Clot",windows,remote,0 21959,platforms/windows/remote/21959.txt,"Microsoft Internet Explorer 5/6 - Cached Objects Zone Bypass",2002-10-22,"GreyMagic Software",windows,remote,0 21960,platforms/php/webapps/21960.txt,"gBook 1.4 - Administrative Access",2002-10-22,frog,php,webapps,0 -21961,platforms/php/webapps/21961.txt,"MyMarket 1.71 - Form_Header.php Cross-Site Scripting",2002-10-23,qber66,php,webapps,0 -21962,platforms/cgi/webapps/21962.txt,"Mojo Mail 2.7 - Email Form Cross-Site Scripting",2002-10-24,"Daniel Boland",cgi,webapps,0 +21961,platforms/php/webapps/21961.txt,"MyMarket 1.71 - Form_Header.php Cross-site Scripting",2002-10-23,qber66,php,webapps,0 +21962,platforms/cgi/webapps/21962.txt,"Mojo Mail 2.7 - Email Form Cross-site Scripting",2002-10-24,"Daniel Boland",cgi,webapps,0 21963,platforms/windows/dos/21963.pl,"SolarWinds TFTP Server Standard Edition 5.0.55 - Large UDP Packet",2002-10-24,D4rkGr3y,windows,dos,0 21964,platforms/windows/remote/21964.txt,"Solarwinds TFTP Server Standard Edition 5.0.55 - Directory Traversal",2002-10-25,"Matthew Murphy",windows,remote,0 21965,platforms/windows/dos/21965.txt,"Alt-N MDaemon 6.0.x - POP Server Buffer Overflow",2002-10-28,D4rkGr3y,windows,dos,0 21966,platforms/cgi/webapps/21966.txt,"MailReader.com 2.3.x - NPH-MR.CGI File Disclosure",2002-10-28,pokleyzz,cgi,webapps,0 21967,platforms/php/webapps/21967.txt,"Benjamin Lefevre Dobermann Forum 0.x - entete.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 21968,platforms/php/webapps/21968.txt,"Benjamin Lefevre Dobermann Forum 0.x - enteteacceuil.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 -21969,platforms/php/webapps/21969.txt,"Benjamin Lefevre Dobermann Forum 0.x - index.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 +21969,platforms/php/webapps/21969.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'index.php' subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 21970,platforms/php/webapps/21970.txt,"Benjamin Lefevre Dobermann Forum 0.x - newtopic.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 21971,platforms/hardware/dos/21971.txt,"Cisco AS5350 - Universal Gateway Portscan Denial of Service",2002-10-28,"Thomas Munn",hardware,dos,0 21972,platforms/windows/dos/21972.pl,"SmartMail Server 2.0 - Closed Connection Denial of Service",2002-10-31,"securma massine",windows,dos,0 @@ -19255,10 +19255,10 @@ id,file,description,date,author,platform,type,port 21994,platforms/windows/local/21994.rb,"Windows - Escalate Service Permissions Local Privilege Escalation",2012-10-16,Metasploit,windows,local,0 21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 - User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 21996,platforms/multiple/remote/21996.txt,"Lotus Domino 5.0.8-9 - Non-existent NSF Database Banner Information Disclosure",2002-11-07,"Frank Perreault",multiple,remote,0 -21997,platforms/windows/remote/21997.txt,"Perception LiteServe 2.0.1 - DNS Wildcard Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 +21997,platforms/windows/remote/21997.txt,"Perception LiteServe 2.0.1 - DNS Wildcard Cross-site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 21998,platforms/linux/remote/21998.c,"CGIEmail 1.6 - Remote Buffer Overflow",2001-09-11,isox,linux,remote,0 -21999,platforms/windows/remote/21999.txt,"Perception LiteServe 2.0.1 - Directory Query String Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 -22000,platforms/cgi/remote/22000.txt,"Zeus Web Server 4.0/4.1 - Admin Interface Cross-Site Scripting",2002-11-08,euronymous,cgi,remote,0 +21999,platforms/windows/remote/21999.txt,"Perception LiteServe 2.0.1 - Directory Query String Cross-site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 +22000,platforms/cgi/remote/22000.txt,"Zeus Web Server 4.0/4.1 - Admin Interface Cross-site Scripting",2002-11-08,euronymous,cgi,remote,0 22001,platforms/windows/remote/22001.txt,"Simple Web Server 0.5.1 - File Disclosure",2002-11-08,"Tamer Sahin",windows,remote,0 22002,platforms/linux/local/22002.txt,"QNX RTOS 6.2 - Application Packager Non-Explicit Path Execution",2002-11-08,Texonet,linux,local,0 22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 - (albums.php album parameter) SQL Injection",2012-10-16,Zixem,php,webapps,0 @@ -19287,29 +19287,29 @@ id,file,description,date,author,platform,type,port 22027,platforms/windows/remote/22027.txt,"Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier",2002-11-21,"Last Stage of Delirium",windows,remote,0 22028,platforms/windows/remote/22028.txt,"Symantec Java! JustInTime Compiler 210.65 - Command Execution",2002-11-21,"Last Stage of Delirium",windows,remote,0 22029,platforms/multiple/remote/22029.txt,"Sun/Netscape Java Virtual Machine1.x - Bytecode Verifier",2002-11-21,"Last Stage of Delirium",multiple,remote,0 -22030,platforms/php/webapps/22030.php,"VBulletin 2.0/2.2.x - Memberlist.php Cross-Site Scripting",2002-11-22,Sp.IC,php,webapps,0 +22030,platforms/php/webapps/22030.php,"VBulletin 2.0/2.2.x - Memberlist.php Cross-site Scripting",2002-11-22,Sp.IC,php,webapps,0 22031,platforms/unix/dos/22031.txt,"Rational ClearCase 4.1 - Portscan Denial of Service",2002-11-22,"Stefan Bagdohn",unix,dos,0 22032,platforms/windows/remote/22032.txt,"acFTP 1.4 - Invalid Password Weak Authentication",2002-11-25,"Matthew Murphy",windows,remote,0 22033,platforms/linux/dos/22033.txt,"WSMP3 0.0.1/0.0.2 - Multiple Buffer Overflow Vulnerabilities",2002-11-25,"dong-h0un U",linux,dos,0 22034,platforms/linux/remote/22034.pl,"WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (1)",2002-11-25,"Damian Myerscough",linux,remote,0 22035,platforms/linux/remote/22035.c,"WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (2)",2002-11-25,Xpl017Elz,linux,remote,0 22036,platforms/unix/remote/22036.pl,"XFree86 X11R6 3.3.x - Font Server Remote Buffer Overrun",2002-11-25,"TESO Security",unix,remote,0 -22037,platforms/php/webapps/22037.txt,"PHP-Nuke 5.x/6.0/6.5 BETA 1 - Multiple Cross-Site Scripting Vulnerabilities",2002-11-25,"Matthew Murphy",php,webapps,0 +22037,platforms/php/webapps/22037.txt,"PHP-Nuke 5.x/6.0/6.5 BETA 1 - Multiple Cross-site Scripting Vulnerabilities",2002-11-25,"Matthew Murphy",php,webapps,0 22038,platforms/php/webapps/22038.txt,"Sisfokol 4.0 - Arbitrary File Upload",2012-10-17,"cr4wl3r ",php,webapps,0 22039,platforms/php/webapps/22039.txt,"symphony CMS 2.3 - Multiple Vulnerabilities",2012-10-17,Wireghoul,php,webapps,0 22040,platforms/jsp/webapps/22040.txt,"ManageEngine Support Center Plus 7908 - Multiple Vulnerabilities",2012-10-17,xistence,jsp,webapps,0 22041,platforms/multiple/webapps/22041.txt,"Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities",2012-10-17,"SEC Consult",multiple,webapps,0 -22042,platforms/php/webapps/22042.php,"VBulletin 2.0.x/2.2.x - members2.php Cross-Site Scripting",2002-11-25,Sp.IC,php,webapps,0 +22042,platforms/php/webapps/22042.php,"VBulletin 2.0.x/2.2.x - members2.php Cross-site Scripting",2002-11-25,Sp.IC,php,webapps,0 22043,platforms/php/webapps/22043.txt,"phpBB 2.0.3 - Script Injection",2002-11-25,"Pete Foster",php,webapps,0 22044,platforms/php/webapps/22044.txt,"Web Server Creator Web Portal 0.1 - Remote File Inclusion",2002-11-25,frog,php,webapps,0 -22045,platforms/cgi/webapps/22045.txt,"Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting",2002-11-25,"Matthew Murphy",cgi,webapps,0 +22045,platforms/cgi/webapps/22045.txt,"Working Resources BadBlue 1.7.1 - Search Page Cross-site Scripting",2002-11-25,"Matthew Murphy",cgi,webapps,0 22046,platforms/linux/remote/22046.c,"Null HTTPD 0.5 - Remote Heap Corruption",2002-11-26,eSDee,linux,remote,0 22047,platforms/php/webapps/22047.txt,"FreeNews 2.1 - Include Undefined Variable Command Execution",2002-11-26,frog,php,webapps,0 22048,platforms/php/webapps/22048.txt,"News Evolution 1.0/2.0 - Include Undefined Variable Command Execution",2002-11-26,frog,php,webapps,0 22049,platforms/unix/remote/22049.c,"Lib CGI 0.1 - Include Buffer Overflow",2002-11-27,Xpl017Elz,unix,remote,0 22050,platforms/cgi/webapps/22050.txt,"BizDesign ImageFolio 2.x/3.0.1 - imageFolio.cgi direct Parameter XSS",2002-11-27,SecurityTracker.com,cgi,webapps,0 22051,platforms/cgi/webapps/22051.txt,"BizDesign ImageFolio 2.x/3.0.1 - nph-build.cgi XSS",2002-11-27,SecurityTracker.com,cgi,webapps,0 -22052,platforms/cgi/webapps/22052.txt,"YaBB 1 Gold - SP 1 YaBB.pl Cross-Site Scripting",2002-11-28,"Fabricio Angeletti",cgi,webapps,0 +22052,platforms/cgi/webapps/22052.txt,"YaBB 1 Gold - SP 1 YaBB.pl Cross-site Scripting",2002-11-28,"Fabricio Angeletti",cgi,webapps,0 22053,platforms/multiple/dos/22053.txt,"Moby NetSuite 1.0/1.2 - POST Handler Buffer Overflow",2002-11-29,"Matthew Murphy",multiple,dos,0 22054,platforms/cgi/remote/22054.c,"Boozt Standard 0.9.8 - index.cgi Buffer Overrun",2002-11-29,BrainStorm,cgi,remote,0 22055,platforms/linux/local/22055.txt,"SuidPerl 5.6 - Information Disclosure",2002-11-29,zen-parse,linux,local,0 @@ -19322,23 +19322,23 @@ id,file,description,date,author,platform,type,port 22062,platforms/hardware/dos/22062.py,"Linksys Devices 1.42/1.43 - GET Request Buffer Overflow",2002-12-03,"Core Security",hardware,dos,0 22063,platforms/linux/remote/22063.c,"zeroo http server 1.5 - Directory Traversal (1)",2002-11-22,mikecc,linux,remote,0 22064,platforms/linux/remote/22064.pl,"zeroo http server 1.5 - Directory Traversal (2)",2002-11-22,mattmurphy,linux,remote,0 -22065,platforms/php/webapps/22065.html,"phpBB 2.0.3 - search.php Cross-Site Scripting",2002-12-03,f_a_a,php,webapps,0 +22065,platforms/php/webapps/22065.html,"phpBB 2.0.3 - search.php Cross-site Scripting",2002-12-03,f_a_a,php,webapps,0 22066,platforms/linux/local/22066.c,"Exim Internet Mailer 3.35/3.36/4.10 - Format String",2002-12-04,"Thomas Wana",linux,local,0 22067,platforms/unix/local/22067.txt,"SAP DB 7.3.00 - Symbolic Link",2002-12-04,"SAP Security",unix,local,0 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0 22069,platforms/multiple/local/22069.py,"Oracle Database - Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0 -22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Stored XSS",2012-10-18,"Mike Eduard",windows,webapps,0 +22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Persistent Cross-site Scripting",2012-10-18,"Mike Eduard",windows,webapps,0 22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 22074,platforms/osx/dos/22074.txt,"Apple Mac OS X 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final beta - ViewTopic.php Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 -22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final beta - ViewTopic.php Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 +22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final beta - ViewTopic.php Cross-site Scripting",2002-11-08,euronymous,php,webapps,0 22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 - HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 22078,platforms/windows/remote/22078.txt,"mollensoft software enceladus server suite 2.6.1/3.9 - Directory Traversal",2002-11-09,luca.ercoli@inwind.it,windows,remote,0 22079,platforms/linux/dos/22079.sh,"ProFTPD 1.2.x - STAT Command Denial of Service",2002-12-09,"Rob klein Gunnewiek",linux,dos,0 22080,platforms/php/webapps/22080.txt,"Xoops 1.3.5 - Private Message System Font Attributes HTML Injection",2002-11-09,"fred magistrat",php,webapps,0 22081,platforms/windows/dos/22081.pl,"Mollensoft Software Enceladus Server Suite 3.9 - FTP Command Buffer Overflow",2002-12-09,"Tamer Sahin",windows,dos,0 22082,platforms/windows/remote/22082.pl,"Trend Micro PC-cillin 2000/2002/2003 - Mail Scanner Buffer Overflow",2002-12-10,"Joel Soderberg",windows,remote,0 -22083,platforms/php/webapps/22083.txt,"Deerfield VisNetic WebSite 3.5.13.1 - Cross-Site Scripting",2002-12-12,"Ory Segal",php,webapps,0 +22083,platforms/php/webapps/22083.txt,"Deerfield VisNetic WebSite 3.5.13.1 - Cross-site Scripting",2002-12-12,"Ory Segal",php,webapps,0 22084,platforms/unix/remote/22084.c,"MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Length Account Compromise",2002-12-16,Andi,unix,remote,0 22085,platforms/unix/remote/22085.txt,"MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Memory Corruption",2002-12-12,"Stefan Esser",unix,remote,0 22086,platforms/php/webapps/22086.txt,"Mambo Site Server 4.0.11 - PHPInfo.php Information Disclosure",2002-12-12,euronymous,php,webapps,0 @@ -19356,13 +19356,13 @@ id,file,description,date,author,platform,type,port 22100,platforms/windows/dos/22100.txt,"Microsoft Internet Explorer 9 - XSS Filter Bypass",2012-10-19,"Jean Pascal Pereira",windows,dos,0 22101,platforms/linux/remote/22101.c,"zkfingerd 0.9.1 - say() Format String",2002-12-16,"Marceta Milos",linux,remote,0 22102,platforms/php/webapps/22102.txt,"PHP-Nuke 6.0 - Multiple Path Disclosure Vulnerabilities",2002-12-16,frog,php,webapps,0 -22103,platforms/php/webapps/22103.txt,"PHP-Nuke 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2002-12-16,frog,php,webapps,0 +22103,platforms/php/webapps/22103.txt,"PHP-Nuke 6.0 - Multiple Cross-site Scripting Vulnerabilities",2002-12-16,frog,php,webapps,0 22104,platforms/php/webapps/22104.txt,"Captaris Infinite WebMail 3.61.5 - HTML Injection",2002-12-16,"Pedram Amini",php,webapps,0 22105,platforms/linux/dos/22105.c,"Linux Kernel 2.2 - mmap() Local Denial of Service",2002-12-17,"Michal Zalewski",linux,dos,0 22106,platforms/linux/remote/22106.txt,"CUPS 1.1.x - Negative Length HTTP Header",2002-12-19,iDefense,linux,remote,0 22107,platforms/php/webapps/22107.txt,"SPGPartenaires 3.0.1 - ident.php SQL Injection",2002-12-20,frog,php,webapps,0 22108,platforms/php/webapps/22108.txt,"SPGPartenaires 3.0.1 - delete.php SQL Injection",2002-12-20,frog,php,webapps,0 -22109,platforms/php/webapps/22109.txt,"W-Agora 4.1.6 - EditForm.php Cross-Site Scripting",2002-12-22,xatr0z,php,webapps,0 +22109,platforms/php/webapps/22109.txt,"W-Agora 4.1.6 - EditForm.php Cross-site Scripting",2002-12-22,xatr0z,php,webapps,0 22110,platforms/php/dos/22110.txt,"PHP-Nuke 6.0 - Modules.php Denial of Service",2002-12-23,"Ing. Bernardo Lopez",php,dos,0 22111,platforms/cgi/webapps/22111.pl,"CHETCPASSWD 1.12 - Shadow File Disclosure",2002-12-22,"Victor Pereira",cgi,webapps,0 22112,platforms/windows/remote/22112.txt,"PlatinumFTPServer 1.0.6 - Information Disclosure",2002-12-30,"Dennis Rand",windows,remote,0 @@ -19383,14 +19383,14 @@ id,file,description,date,author,platform,type,port 22127,platforms/php/webapps/22127.txt,"DCP-Portal 5.0.1 - lib.php Root Parameter Remote File Inclusion",2003-01-06,frog,php,webapps,0 22128,platforms/linux/local/22128.c,"H-Sphere Webshell 2.4 - Local Root Exploit",2003-01-06,"Carl Livitt",linux,local,0 22129,platforms/linux/remote/22129.c,"H-Sphere Webshell 2.4 - Remote Root Exploit",2003-01-06,"Carl Livitt",linux,remote,0 -22130,platforms/multiple/remote/22130.txt,"AN HTTPD 1.41 e - Cross-Site Scripting",2003-01-06,D4rkGr3y,multiple,remote,0 +22130,platforms/multiple/remote/22130.txt,"AN HTTPD 1.41 e - Cross-site Scripting",2003-01-06,D4rkGr3y,multiple,remote,0 22131,platforms/unix/remote/22131.pl,"Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure",2007-03-23,"Jon Hart",unix,remote,0 22132,platforms/windows/dos/22132.txt,"Microsoft Windows XP/2000 - Fontview Denial of Service",2003-01-06,andrew,windows,dos,0 -22133,platforms/php/webapps/22133.txt,"myPHPNuke 1.8.8 - Default_Theme Cross-Site Scripting",2003-01-06,Mindwarper,php,webapps,0 +22133,platforms/php/webapps/22133.txt,"myPHPNuke 1.8.8 - Default_Theme Cross-site Scripting",2003-01-06,Mindwarper,php,webapps,0 22134,platforms/php/webapps/22134.txt,"S8Forum 3.0 - Remote Command Execution",2003-01-06,nmsh_sa,php,webapps,0 22135,platforms/linux/remote/22135.c,"TANne 0.6.17 - Session Manager SysLog Format String",2003-01-07,"dong-h0un yoU",linux,remote,0 -22136,platforms/windows/remote/22136.txt,"PlatinumFTPServer 1.0.6 - Dot-Dot-Slash Directory Traversal",2003-01-07,"Dennis Rand",windows,remote,0 -22137,platforms/cgi/webapps/22137.txt,"FormMail-Clone - Cross-Site Scripting",2003-01-09,"Rynho Zeros Web",cgi,webapps,0 +22136,platforms/windows/remote/22136.txt,"PlatinumFTPServer 1.0.6 - Directory Traversal",2003-01-07,"Dennis Rand",windows,remote,0 +22137,platforms/cgi/webapps/22137.txt,"FormMail-Clone - Cross-site Scripting",2003-01-09,"Rynho Zeros Web",cgi,webapps,0 22138,platforms/multiple/remote/22138.c,"Half-Life StatsMe 2.6.x Plugin - CMD_ARGV Buffer Overflow",2003-01-10,greuff@void.at,multiple,remote,0 22139,platforms/multiple/remote/22139.c,"Half-Life ClanMod 1.80/1.81 Plugin - Remote Format String",2003-01-10,greuff@void.at,multiple,remote,0 22140,platforms/multiple/remote/22140.c,"Half-Life StatsMe 2.6.x Plugin - MakeStats Format String",2003-01-10,greuff@void.at,multiple,remote,0 @@ -19402,10 +19402,10 @@ id,file,description,date,author,platform,type,port 22146,platforms/php/webapps/22146.txt,"YABB 1.4.1 SE - Reminder.php SQL Injection",2003-01-12,"VOID.AT Security",php,webapps,0 22147,platforms/linux/remote/22147.c,"mpg123 pre0.59s - Invalid MP3 Header Memory Corruption",2003-01-13,"Gobbles Security",linux,remote,0 22148,platforms/php/webapps/22148.txt,"phpPass 2 - AccessControl.php SQL Injection",2003-01-13,frog,php,webapps,0 -22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - index.php bn Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 +22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - 'index.php' bn Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - modules.php file Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22155,platforms/windows/dos/22155.pl,"Adobe Reader 10.1.4 - Crash PoC",2012-10-22,coolkaveh,windows,dos,0 -22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en - Stored XSS",2012-10-22,sqlhacker,php,webapps,0 +22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en - Persistent Cross-site Scripting",2012-10-22,sqlhacker,php,webapps,0 22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin - (index.php task parameter) SQL Injection",2012-10-22,D4NB4R,php,webapps,0 22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component - (index.php search parameter) SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 22154,platforms/windows/dos/22154.pl,"RealPlayer 15.0.6.14.3gp - Crash PoC",2012-10-22,coolkaveh,windows,dos,0 @@ -19416,7 +19416,7 @@ id,file,description,date,author,platform,type,port 22160,platforms/php/webapps/22160.txt,"atutor 1.2 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 - PORT Overflow",2012-10-23,Metasploit,windows,remote,21 22162,platforms/windows/dos/22162.txt,"Symantec Norton Internet Security 2003 - ICMP Packet Flood DoS",2003-01-13,"Pavel P",windows,dos,0 -22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 - Profiles.php Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 +22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 - Profiles.php Multiple Cross-site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 22164,platforms/php/webapps/22164.txt,"Geeklog 1.3.7 - users.php uid Parameter XSS",2003-01-14,snooq,php,webapps,0 22165,platforms/php/webapps/22165.txt,"Geeklog 1.3.7 - comment.php cid Parameter XSS",2003-01-14,snooq,php,webapps,0 22166,platforms/php/webapps/22166.txt,"Geeklog 1.3.7 - Homepage User Field HTML Injection",2003-01-14,snooq,php,webapps,0 @@ -19429,7 +19429,7 @@ id,file,description,date,author,platform,type,port 22173,platforms/windows/remote/22173.txt,"Trend Micro Virus Control System 1.8 - Information Disclosure",2003-01-15,"Rod Boron",windows,remote,0 22174,platforms/windows/remote/22174.txt,"Trend Micro ScanMail For Exchange 3.8 - Authentication Bypass",2003-01-15,"Rod Boron",windows,remote,0 22175,platforms/php/webapps/22175.txt,"PHP TopSites 2.0/2.2 - HTML Injection",2003-01-15,"Cyberarmy Application",php,webapps,0 -22176,platforms/php/webapps/22176.txt,"PHP TopSites 2.0/2.2 - help.php Cross-Site Scripting",2003-01-15,"Cyberarmy Application",php,webapps,0 +22176,platforms/php/webapps/22176.txt,"PHP TopSites 2.0/2.2 - help.php Cross-site Scripting",2003-01-15,"Cyberarmy Application",php,webapps,0 22177,platforms/php/webapps/22177.txt,"PHP TopSites 2.0/2.2 - edit.php SQL Injection",2003-01-15,"Cyberarmy Application",php,webapps,0 22178,platforms/multiple/remote/22178.xml,"Sun ONE Unified Development Server 5.0 - Recursive Document Type Definition",2003-01-15,"Sun Microsystems",multiple,remote,0 22179,platforms/multiple/remote/22179.pl,"CSO Lanifex Outreach Project Tool 0.946 b - Request Origin Spoofing",2003-01-16,"Martin Eiszner",multiple,remote,0 @@ -19438,7 +19438,7 @@ id,file,description,date,author,platform,type,port 22182,platforms/php/webapps/22182.pl,"phpBB 2.0.3 - privmsg.php SQL Injection",2003-01-17,"Ulf Harnhammar",php,webapps,0 22183,platforms/linux/dos/22183.c,"GameSpy 3D 2.62 - Packet Amplification Denial of Service",2003-01-17,"Mike Kristovich",linux,dos,0 22184,platforms/windows/remote/22184.pl,"GlobalScape CuteFTP 5.0 - LIST Response Buffer Overflow",2003-03-26,snooq,windows,remote,0 -22185,platforms/windows/remote/22185.txt,"Sambar Server 5.x - results.stm Cross-Site Scripting",2003-01-20,galiarept,windows,remote,0 +22185,platforms/windows/remote/22185.txt,"Sambar Server 5.x - results.stm Cross-site Scripting",2003-01-20,galiarept,windows,remote,0 22186,platforms/php/webapps/22186.txt,"MyRoom 3.5 GOLD - save_item.php Arbitrary File Upload",2003-01-20,frog,php,webapps,0 22187,platforms/linux/remote/22187.txt,"CVS 1.11.x - Directory Request Double Free Heap Corruption",2003-01-20,"Stefan Esser",linux,remote,0 22279,platforms/php/webapps/22279.txt,"GONiCUS System Administrator 1.0 - Remote File Inclusion",2003-02-24,"Karol Wiesek",php,webapps,0 @@ -19451,8 +19451,8 @@ id,file,description,date,author,platform,type,port 22195,platforms/php/webapps/22195.txt,"PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution",2003-01-22,MGhz,php,webapps,0 22196,platforms/windows/dos/22196.txt,"Rediff Bol 2.0.2 - URL Handling Denial of Service",2003-01-23,"S G Masood",windows,dos,0 22197,platforms/linux/dos/22197.txt,"slocate 2.5/2.6 - Local Buffer Overrun",2003-01-24,"USG team",linux,dos,0 -22198,platforms/cgi/webapps/22198.txt,"GNU Mailman 2.1 - 'email' Cross-Site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 -22199,platforms/cgi/webapps/22199.txt,"GNU Mailman 2.1 - Error Page Cross-Site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 +22198,platforms/cgi/webapps/22198.txt,"GNU Mailman 2.1 - 'email' Cross-site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 +22199,platforms/cgi/webapps/22199.txt,"GNU Mailman 2.1 - Error Page Cross-site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 22200,platforms/multiple/remote/22200.txt,"SyGate 5.0 - Insecure UDP Source Port Firewall Bypass Weak Default Configuration",2003-01-24,"David Fernández",multiple,remote,0 22201,platforms/multiple/remote/22201.txt,"List Site Pro 2.0 - User Database Delimiter Injection",2003-01-24,Statix,multiple,remote,0 22202,platforms/php/webapps/22202.txt,"FTLS GuestBook 1.1 - Script Injection",2003-01-25,BrainRawt,php,webapps,0 @@ -19519,15 +19519,15 @@ id,file,description,date,author,platform,type,port 22265,platforms/linux/local/22265.pl,"cPanel 5.0 - Openwebmail Local Privilege Escalation",2003-02-19,deadbeat,linux,local,0 22266,platforms/php/webapps/22266.php,"PHP-Nuke 5.6/6.0 - Search Engine SQL Injection",2003-02-19,"David Zentner",php,webapps,0 22267,platforms/php/webapps/22267.php,"PHPBB2 - Page_Header.php SQL Injection",2003-02-19,"David Zentner",php,webapps,0 -22268,platforms/php/webapps/22268.txt,"myPHPNuke 1.8.8 - Links.php Cross-Site Scripting",2003-02-20,"Tacettin Karadeniz",php,webapps,0 +22268,platforms/php/webapps/22268.txt,"myPHPNuke 1.8.8 - Links.php Cross-site Scripting",2003-02-20,"Tacettin Karadeniz",php,webapps,0 22269,platforms/windows/remote/22269.txt,"Sage 1.0 beta 3 - Content Management System Path Disclosure",2003-02-20,euronymous,windows,remote,0 -22270,platforms/windows/remote/22270.txt,"Sage 1.0 beta 3 - Content Management System Cross-Site Scripting",2003-02-20,euronymous,windows,remote,0 +22270,platforms/windows/remote/22270.txt,"Sage 1.0 beta 3 - Content Management System Cross-site Scripting",2003-02-20,euronymous,windows,remote,0 22271,platforms/hardware/remote/22271.c,"Cisco IOS 11/12 - OSPF Neighbor Buffer Overflow",2003-02-20,FX,hardware,remote,0 22272,platforms/multiple/local/22272.pl,"Perl2Exe 1.0 9/5.0 2/6.0 - Code Obfuscation Weakness",2002-02-22,"Simon Cozens",multiple,local,0 22273,platforms/linux/dos/22273.c,"Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (1)",2003-02-23,"Richard Kettlewel",linux,dos,0 22274,platforms/linux/remote/22274.c,"Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (2)",2003-02-23,CrZ,linux,remote,0 22275,platforms/linux/remote/22275.pl,"Webmin 0.9x / Usermin 0.9x/1.0 - Session ID Spoofing Unauthenticated Access",2003-02-20,"Carl Livitt",linux,remote,0 -22276,platforms/php/webapps/22276.txt,"Nuked-Klan 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2003-02-23,"gregory Le Bras",php,webapps,0 +22276,platforms/php/webapps/22276.txt,"Nuked-Klan 1.3 - Multiple Cross-site Scripting Vulnerabilities",2003-02-23,"gregory Le Bras",php,webapps,0 22277,platforms/php/webapps/22277.txt,"Nuked-Klan 1.3 - Remote Information Disclosure",2003-02-23,"gregory Le Bras",php,webapps,0 22278,platforms/linux/remote/22278.pl,"moxftp 2.2 - Banner Parsing Buffer Overflow",2003-02-24,"Knud Erik Hojgaard",linux,remote,0 22280,platforms/windows/remote/22280.txt,"Microsoft Outlook2000/Express 6.0 - Arbitrary Program Execution",2003-02-24,http-equiv,windows,remote,0 @@ -19550,7 +19550,7 @@ id,file,description,date,author,platform,type,port 22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 - Showpic.php File Enumeration",2003-02-28,"Martin Eiszner",php,webapps,0 22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 - Translations.php Remote File Inclusion",2003-02-28,"Martin Eiszner",php,webapps,0 22300,platforms/php/webapps/22300.txt,"WordPress Easy Webinar Plugin - Blind SQL Injection",2012-10-28,"Robert Cooper",php,webapps,0 -22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF",2012-10-28,b33f,windows,remote,0 +22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath Buffer Overflow",2012-10-28,b33f,windows,remote,0 22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 - IMAP Remote Crash PoC",2012-10-28,"John Smith",windows,dos,0 22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program - (WinHlp32.exe) Crash PoC",2012-10-28,coolkaveh,windows,dos,0 22304,platforms/multiple/remote/22304.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - SQL Injection",2012-10-28,Metasploit,multiple,remote,0 @@ -19603,7 +19603,7 @@ id,file,description,date,author,platform,type,port 22354,platforms/windows/local/22354.c,"Microsoft Windows 2000 - Help Facility .CNT File :Link Buffer Overflow",2003-03-09,s0h,windows,local,0 22355,platforms/cgi/remote/22355.txt,"Thunderstone TEXIS 3.0 - 'texis.exe' Information Disclosure",2003-03-14,sir.mordred@hushmail.com,cgi,remote,0 22356,platforms/unix/remote/22356.c,"Samba SMB 2.2.x - CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow",2003-03-15,flatline,unix,remote,0 -22357,platforms/asp/webapps/22357.txt,"RSA ClearTrust 4.6/4.7 - Login Page Cross-Site Scripting",2003-03-15,sir.mordred@hushmail.com,asp,webapps,0 +22357,platforms/asp/webapps/22357.txt,"RSA ClearTrust 4.6/4.7 - Login Page Cross-site Scripting",2003-03-15,sir.mordred@hushmail.com,asp,webapps,0 22358,platforms/multiple/dos/22358.cfm,"Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (1)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 22359,platforms/multiple/dos/22359.xsl,"Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (2)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 22360,platforms/multiple/dos/22360.java,"Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (3)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 @@ -19628,18 +19628,18 @@ id,file,description,date,author,platform,type,port 22379,platforms/linux/remote/22379.c,"PXE Server 2.0 - Remote Buffer Overrun",2003-03-13,CrZ,linux,remote,0 22380,platforms/cgi/webapps/22380.pl,"Smart Search 4.25 - Remote Command Execution",2003-01-05,knight420,cgi,webapps,0 22381,platforms/multiple/remote/22381.txt,"SIPS 0.2.2 - User Information Disclosure",2003-03-18,dwcgr0up,multiple,remote,0 -22382,platforms/php/webapps/22382.txt,"Mambo Site Server 4.0.10 - index.php Cross-Site Scripting",2003-03-18,"Ertan Kurt",php,webapps,0 -22383,platforms/php/webapps/22383.txt,"Basit 1.0 Submit Module - Cross-Site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 -22384,platforms/php/webapps/22384.txt,"Siteframe 2.2.4 - search.php Cross-Site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 -22385,platforms/php/webapps/22385.txt,"Basit 1.0 - Search Module Cross-Site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 +22382,platforms/php/webapps/22382.txt,"Mambo Site Server 4.0.10 - 'index.php' Cross-site Scripting",2003-03-18,"Ertan Kurt",php,webapps,0 +22383,platforms/php/webapps/22383.txt,"Basit 1.0 Submit Module - Cross-site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 +22384,platforms/php/webapps/22384.txt,"Siteframe 2.2.4 - search.php Cross-site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 +22385,platforms/php/webapps/22385.txt,"Basit 1.0 - Search Module Cross-site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 22386,platforms/php/webapps/22386.txt,"Siteframe 2.2.4 - Download.php Information Disclosure",2003-03-19,"Ertan Kurt",php,webapps,0 -22387,platforms/php/webapps/22387.txt,"DCP-Portal 5.3.1 - Calendar.php Cross-Site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 +22387,platforms/php/webapps/22387.txt,"DCP-Portal 5.3.1 - Calendar.php Cross-site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 22388,platforms/multiple/remote/22388.txt,"WFChat 1.0 - Information Disclosure",2003-03-19,subj,multiple,remote,0 22389,platforms/php/webapps/22389.txt,"XOOPS 2.0 XoopsOption - Information Disclosure",2003-03-20,"gregory Le Bras",php,webapps,0 22390,platforms/windows/dos/22390.c,"Microsoft ActiveSync 3.5 - Null Pointer Dereference Denial of Service",2003-03-20,"Andy Davis",windows,dos,0 -22391,platforms/php/webapps/22391.txt,"OSCommerce 2.1/2.2 - Error_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 -22392,platforms/php/webapps/22392.txt,"OSCommerce 2.1/2.2 - Info_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 -22393,platforms/php/webapps/22393.txt,"OSCommerce 2.1/2.2 - Checkout_Payment.php Error Output Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22391,platforms/php/webapps/22391.txt,"OSCommerce 2.1/2.2 - Error_Message Cross-site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22392,platforms/php/webapps/22392.txt,"OSCommerce 2.1/2.2 - Info_Message Cross-site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22393,platforms/php/webapps/22393.txt,"OSCommerce 2.1/2.2 - Checkout_Payment.php Error Output Cross-site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22394,platforms/hardware/remote/22394.txt,"Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence",2003-03-21,"Dr. Peter Bieringer",hardware,remote,0 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption",2003-03-21,"Auriemma Luigi",windows,dos,0 22396,platforms/php/webapps/22396.txt,"WordPress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 @@ -19658,7 +19658,7 @@ id,file,description,date,author,platform,type,port 22411,platforms/php/webapps/22411.txt,"PHP-Nuke 5.6/6.x - Banners.php Banner Manager Password Disclosure",2003-03-22,frog,php,webapps,0 22412,platforms/php/webapps/22412.txt,"Advanced Poll 2.0 - Remote Information Disclosure",2003-03-22,subj,php,webapps,0 22413,platforms/php/webapps/22413.txt,"PHP-Nuke 5.6/6.x News Module - Article.php SQL Injection",2003-03-22,frog,php,webapps,0 -22414,platforms/php/webapps/22414.php,"PHP-Nuke 5.6/6.x News Module - Index.php SQL Injection",2003-03-23,frog,php,webapps,0 +22414,platforms/php/webapps/22414.php,"PHP-Nuke 5.6/6.x News Module - 'index.php' SQL Injection",2003-03-23,frog,php,webapps,0 22415,platforms/hardware/dos/22415.c,"3Com SuperStack II RAS 1500 - IP Header Denial of Service",2003-03-24,"Piotr Chytla",hardware,dos,0 22416,platforms/hardware/remote/22416.txt,"3Com SuperStack II RAS 1500 - Unauthorized Access",2003-03-24,"Piotr Chytla",hardware,remote,0 22417,platforms/windows/dos/22417.py,"Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow (1)",2003-04-28,"Core Security",windows,dos,0 @@ -19675,12 +19675,12 @@ id,file,description,date,author,platform,type,port 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 - Member.php SQL Injection",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 - Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 -22431,platforms/php/webapps/22431.txt,"achievo 1.4.5 - Multiple Vulnerabilities (1)",2012-11-02,"Canberk BOLAT",php,webapps,0 +22431,platforms/php/webapps/22431.txt,"Achievo 1.4.5 - Multiple Vulnerabilities (1)",2012-11-02,"Canberk BOLAT",php,webapps,0 22432,platforms/windows/remote/22432.rb,"HP Intelligent Management Center UAM - Buffer Overflow",2012-11-04,Metasploit,windows,remote,0 22433,platforms/linux/dos/22433.pl,"Monkey HTTP Daemon 0.4/0.5/0.6 - Excessive POST Data Buffer Overflow",2003-03-24,"Matthew Murphy",linux,dos,0 22434,platforms/windows/remote/22434.txt,"Sambar Server 5.x - Information Disclosure",2003-03-27,"gregory Le Bras",windows,remote,0 22435,platforms/php/dos/22435.php,"PHP 4.3.x/5.0 - openlog() Buffer Overflow",2003-03-27,sir.mordred@hushmail.com,php,dos,0 -22436,platforms/asp/webapps/22436.txt,"MyGuestBK - Add.asp Cross-Site Scripting",2002-03-27,Over_G,asp,webapps,0 +22436,platforms/asp/webapps/22436.txt,"MyGuestBK - Add.asp Cross-site Scripting",2002-03-27,Over_G,asp,webapps,0 22437,platforms/asp/webapps/22437.txt,"MyGuestBK - Unauthorized Admin Panel Access",2002-03-27,Over_G,asp,webapps,0 22438,platforms/php/webapps/22438.txt,"PostNuke 0.72x Stats Module - Path Disclosure",2003-03-28,rkc,php,webapps,0 22439,platforms/php/webapps/22439.txt,"PostNuke 0.72x Members_List Module - Path Disclosure",2003-03-28,rkc,php,webapps,0 @@ -19701,13 +19701,13 @@ id,file,description,date,author,platform,type,port 22454,platforms/linux/remote/22454.c,"AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun",2003-02-16,"Carl Livitt",linux,remote,0 22455,platforms/hardware/remote/22455.txt,"Netgear FM114P ProSafe Wireless Router - Rule Bypass",2003-04-03,stickler,hardware,remote,0 22456,platforms/linux/local/22456.txt,"AutomatedShops WebC 2.0/5.0 - Symbolic Link Following Configuration File Weakness",2003-04-03,"Carl Livitt",linux,local,0 -22457,platforms/php/webapps/22457.txt,"PHPSysInfo 2.0/2.1 - Index.php File Disclosure",2003-04-03,"Albert Puigsech Galicia",php,webapps,0 +22457,platforms/php/webapps/22457.txt,"PHPSysInfo 2.0/2.1 - 'index.php' File Disclosure",2003-04-03,"Albert Puigsech Galicia",php,webapps,0 22458,platforms/linux/local/22458.c,"Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness",2003-04-04,"Andrew Griffiths",linux,local,0 -22459,platforms/php/webapps/22459.txt,"PHPSysInfo 2.0/2.1 - Index.php LNG File Disclosure",2003-04-04,"Albert Puigsech Galicia",php,webapps,0 +22459,platforms/php/webapps/22459.txt,"PHPSysInfo 2.0/2.1 - 'index.php' LNG File Disclosure",2003-04-04,"Albert Puigsech Galicia",php,webapps,0 22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 - Incomplete HTTP Request Denial of Service",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 - functions.php SQL Injection",2003-04-05,"Gossi The Dog",php,webapps,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x - External Table File Verification",2003-04-05,"Kotala Zdenek",multiple,remote,0 -22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 +22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-site Scripting",2012-11-04,D4NB4R,php,webapps,0 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 - Stack Overflow Crash PoC",2012-11-04,coolkaveh,windows,dos,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 - Local Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based Exploit (ASLR + DEP bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 @@ -19722,7 +19722,7 @@ id,file,description,date,author,platform,type,port 22475,platforms/unix/remote/22475.txt,"Amavis 0.1.6 - Header Parsing Mail Relaying Weakness",2003-04-08,"Phil Cyc",unix,remote,0 22476,platforms/windows/remote/22476.txt,"QuickFront 1.0 - File Disclosure",2003-04-09,"Jan Kachlik",windows,remote,0 22477,platforms/php/webapps/22477.txt,"PHPay 2.2 - Multiple Path Disclosure Vulnerabilities",2003-04-09,"Ahmet Sabri ALPER",php,webapps,0 -22478,platforms/php/webapps/22478.txt,"PHPay 2.2 - Cross-Site Scripting",2003-04-09,"Ahmet Sabri ALPER",php,webapps,0 +22478,platforms/php/webapps/22478.txt,"PHPay 2.2 - Cross-site Scripting",2003-04-09,"Ahmet Sabri ALPER",php,webapps,0 22479,platforms/linux/remote/22479.c,"PoPToP PPTP 1.0/1.1.x - Negative read() Argument Remote Buffer Overflow",2003-04-09,"John Leach",linux,remote,0 22480,platforms/hardware/remote/22480.txt,"Linksys BEFVP4 - SNMP Community String Information Disclosure",2003-04-09,"Branson Matheson",hardware,remote,0 22481,platforms/cgi/webapps/22481.txt,"Super Guestbook 1.0 - Sensitive Information Disclosure Weakness",2002-04-10,Over_G,cgi,webapps,0 @@ -19735,12 +19735,12 @@ id,file,description,date,author,platform,type,port 22488,platforms/windows/remote/22488.txt,"EZ Publish 2.2.7/3.0 - site.ini Information Disclosure",2003-04-15,"gregory Le Bras",windows,remote,0 22489,platforms/windows/shellcode/22489.cpp,"Windows XP Pro SP3 - Full ROP calc shellcode (428 bytes)",2012-11-05,b33f,windows,shellcode,0 22490,platforms/multiple/webapps/22490.txt,"ZPanel 10.0.1 - CSRF / XSS / SQLi / Password Reset",2012-11-05,pcsjj,multiple,webapps,0 -22491,platforms/php/webapps/22491.txt,"EZ Publish 2.2.7/3.0 - Multiple Cross-Site Scripting Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 +22491,platforms/php/webapps/22491.txt,"EZ Publish 2.2.7/3.0 - Multiple Cross-site Scripting Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 22501,platforms/php/webapps/22501.txt,"Xonic.ru News 1.0 - script.php Remote Command Execution",2003-03-31,"DWC Gr0up",php,webapps,0 22492,platforms/php/webapps/22492.txt,"EZ Publish 2.2.7/3.0 - Multiple Path Disclosure Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 22493,platforms/hardware/webapps/22493.txt,"CheckPoint/Sofaware Firewall - Multiple Vulnerabilities",2012-11-05,Procheckup,hardware,webapps,0 22494,platforms/php/dos/22494.txt,"OSCommerce 2.2 - Product_Info.php Denial of Service",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,dos,0 -22496,platforms/multiple/remote/22496.txt,"Python 2.2/2.3 - Documentation Server Error Page Cross-Site Scripting",2003-04-15,euronymous,multiple,remote,0 +22496,platforms/multiple/remote/22496.txt,"Python 2.2/2.3 - Documentation Server Error Page Cross-site Scripting",2003-04-15,euronymous,multiple,remote,0 22497,platforms/multiple/remote/22497.txt,"12Planet Chat Server 2.5 - Error Message Installation Path Disclosure",2003-04-11,"Dennis Rand",multiple,remote,0 22498,platforms/php/webapps/22498.txt,"OSCommerce 2.2 - Authentication Bypass",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22499,platforms/cgi/webapps/22499.pl,"IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (1)",2003-04-15,"Nick Cleaton",cgi,webapps,0 @@ -19759,7 +19759,7 @@ id,file,description,date,author,platform,type,port 22514,platforms/multiple/dos/22514.txt,"Mod_NTLM 0.x - Authorization Format String",2003-04-21,"Matthew Murphy",multiple,dos,0 22515,platforms/windows/remote/22515.txt,"AN HTTPD 1.x - Count.pl Directory Traversal",2003-04-22,"Matthew Murphy",windows,remote,0 22516,platforms/windows/dos/22516.pl,"Xeneo Web Server 2.2.9 - Denial of Service",2003-04-21,badpack3t,windows,dos,0 -22517,platforms/php/webapps/22517.txt,"OpenBB 1.0/1.1 - Index.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 +22517,platforms/php/webapps/22517.txt,"OpenBB 1.0/1.1 - 'index.php' SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22518,platforms/windows/dos/22518.html,"Microsoft Shlwapi.dll 6.0.2800.1106 - Malformed HTML Form Tag DoS",2003-04-22,"Ramon Pinuaga Cascales",windows,dos,0 22519,platforms/php/webapps/22519.txt,"OpenBB 1.0/1.1 - Board.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22520,platforms/php/webapps/22520.txt,"OpenBB 1.0/1.1 - Member.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 @@ -19799,7 +19799,7 @@ id,file,description,date,author,platform,type,port 22554,platforms/asp/webapps/22554.txt,"Microsoft BizTalk Server 2000/2002 DTA - rawdocdata.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 22555,platforms/asp/webapps/22555.txt,"Microsoft BizTalk Server 2000/2002 DTA - RawCustomSearchField.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 22556,platforms/windows/remote/22556.c,"MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow",2003-04-29,badpack3t,windows,remote,0 -22557,platforms/php/webapps/22557.txt,"PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting",2003-05-01,"Morning Wood",php,webapps,0 +22557,platforms/php/webapps/22557.txt,"PHP-Nuke Splatt Forum 4.0 Module - Cross-site Scripting",2003-05-01,"Morning Wood",php,webapps,0 22558,platforms/php/webapps/22558.txt,"PHP-Nuke Splatt Forum 4.0 Module - HTML Injection",2003-05-01,"Morning Wood",php,webapps,0 22559,platforms/cgi/webapps/22559.pl,"Stockman Shopping Cart 7.8 - Arbitrary Command Execution",2003-05-01,"Aleksey Sintsov",cgi,webapps,0 22560,platforms/linux/dos/22560.txt,"KDE Konqueror 3.0.3 - Malformed HTML Page Denial of Service",2003-05-02,Joachim_Strombergson,linux,dos,0 @@ -19828,26 +19828,26 @@ id,file,description,date,author,platform,type,port 22585,platforms/windows/dos/22585.pl,"EType EServ 2.98/2.99/3.0 - Resource Exhaustion Denial of Service (1)",2003-05-11,"Matthew Murphy",windows,dos,0 22586,platforms/windows/dos/22586.c,"EType EServ 2.98/2.99/3.0 - Resource Exhaustion Denial of Service (2)",2003-05-11,rash,windows,dos,0 22587,platforms/windows/dos/22587.c,"Pi3Web 2.0.1 - Malformed GET Request Denial of Service",2003-04-26,"Angelo Rosiello",windows,dos,0 -22588,platforms/cgi/webapps/22588.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.CGI Cross-Site Scripting",2003-05-12,"Julio Cesar",cgi,webapps,0 +22588,platforms/cgi/webapps/22588.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.CGI Cross-site Scripting",2003-05-12,"Julio Cesar",cgi,webapps,0 22589,platforms/php/webapps/22589.txt,"PHP-Nuke 5.x/6.x Web_Links Module - SQL Injection",2003-05-12,"Albert Puigsech Galicia",php,webapps,0 22590,platforms/php/webapps/22590.txt,"netOffice Dwins 1.4p3 - SQL Injection",2012-11-09,dun,php,webapps,0 22591,platforms/windows/dos/22591.txt,"Microsoft Office Excel 2007 - WriteAV Crash PoC",2012-11-09,coolkaveh,windows,dos,0 22592,platforms/cgi/webapps/22592.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.CGI File Disclosure",2003-05-12,"Julio Cesar",cgi,webapps,0 22593,platforms/windows/remote/22593.html,"Yahoo! Voice Chat ActiveX Control 1.0.0.43 - Buffer Overflow",2003-05-12,cesaro,windows,remote,0 22594,platforms/linux/local/22594.c,"CDRTools CDRecord 1.11/2.0 - Devname Format String",2003-05-13,CMN,linux,local,0 -22595,platforms/php/webapps/22595.txt,"PHP-Nuke 6.5 - Modules.php Username URI Parameter Cross-Site Scripting",2003-05-13,"Ferruh Mavituna",php,webapps,0 +22595,platforms/php/webapps/22595.txt,"PHP-Nuke 6.5 - Modules.php Username URI Parameter Cross-site Scripting",2003-05-13,"Ferruh Mavituna",php,webapps,0 22596,platforms/hardware/dos/22596.txt,"Verilink NetEngine 6100-4 Broadband Router - TFTP Packet Remote Denial of Service",2003-05-08,"Lorenzo Cerulli and Fabio Annunziato",hardware,dos,0 22597,platforms/php/webapps/22597.txt,"PHP-Nuke 6.5 - Multiple Downloads Module SQL Injection",2003-05-13,"Albert Puigsech Galicia",php,webapps,0 22598,platforms/php/webapps/22598.txt,"PHP-Nuke 6.0/6.5 Web_Links Module - Path Disclosure",2003-05-13,"Rynho Zeros Web",php,webapps,0 22599,platforms/php/webapps/22599.html,"vBulletin 3.0 - Private Message HTML Injection",2003-05-14,"Ferruh Mavituna",php,webapps,0 22600,platforms/php/webapps/22600.txt,"Owl Intranet Engine 0.7 - Authentication Bypass",2003-05-14,cdowns,php,webapps,0 -22601,platforms/linux/remote/22601.txt,"Inktomi Traffic Server 4.0/5.x - Cross-Site Scripting",2003-05-14,"Hugo Vazquez",linux,remote,0 +22601,platforms/linux/remote/22601.txt,"Inktomi Traffic Server 4.0/5.x - Cross-site Scripting",2003-05-14,"Hugo Vazquez",linux,remote,0 22602,platforms/palm_os/dos/22602.c,"PalmOS 3/4 - ICMP Flood Remote Denial of Service",2003-05-14,"Shaun Colley",palm_os,dos,0 22603,platforms/php/webapps/22603.txt,"PHP-Proxima - autohtml.php Information Disclosure",2003-05-14,"Mind Warper",php,webapps,0 22604,platforms/windows/remote/22604.txt,"ArGoSoft 1.8.x - Authentication Bypass",2003-05-15,"Ziv Kamir",windows,remote,0 22605,platforms/php/webapps/22605.txt,"OneOrZero Helpdesk 1.4 - TUpdate.php SQL Injection",2003-05-15,frog,php,webapps,0 22606,platforms/php/webapps/22606.py,"OneOrZero Helpdesk 1.4 - Install.php Administrative Access",2003-05-15,frog,php,webapps,0 -22607,platforms/php/webapps/22607.txt,"EZ Publish 2.2 - Index.php IMG Tag Cross-Site Scripting",2003-05-16,"Ferruh Mavituna",php,webapps,0 +22607,platforms/php/webapps/22607.txt,"EZ Publish 2.2 - 'index.php' IMG Tag Cross-site Scripting",2003-05-16,"Ferruh Mavituna",php,webapps,0 22608,platforms/windows/dos/22608.txt,"Snowblind Web Server 1.0/1.1 - Malformed HTTP Request Denial of Service",2003-05-16,euronymous,windows,dos,0 22609,platforms/windows/remote/22609.txt,"Snowblind 1.0/1.1 - Web Server File Disclosure",2003-05-16,euronymous,windows,remote,0 22610,platforms/windows/dos/22610.txt,"Snowblind Web Server 1.0/1.1 - HTTP GET Request Buffer Overflow",2003-05-16,euronymous,windows,dos,0 @@ -19858,7 +19858,7 @@ id,file,description,date,author,platform,type,port 22615,platforms/freebsd/local/22615.c,"Maelstrom Server 3.0.x - Argument Buffer Overflow (3)",2003-05-20,CMN,freebsd,local,0 22616,platforms/linux/local/22616.pl,"Maelstrom Player 3.0.x - Argument Buffer Overflow (1)",2003-05-21,"Luca Ercoli",linux,local,0 22617,platforms/linux/local/22617.c,"Maelstrom Player 3.0.x - Argument Buffer Overflow (2)",2003-05-20,knight420,linux,local,0 -22618,platforms/php/webapps/22618.txt,"ttCMS 2.2/2.3 / ttForum 1.1 - Index.php Instant-Messages Preferences SQL Injection",2003-05-20,ScriptSlave@gmx.net,php,webapps,0 +22618,platforms/php/webapps/22618.txt,"ttCMS 2.2/2.3 / ttForum 1.1 - 'index.php' Instant-Messages Preferences SQL Injection",2003-05-20,ScriptSlave@gmx.net,php,webapps,0 22619,platforms/linux/dos/22619.txt,"CUPS 1.1.x - Cupsd Request Method Denial of Service",2003-05-20,"Phil D'Amore",linux,dos,0 22620,platforms/windows/remote/22620.txt,"Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access",2003-05-20,mattmurphy,windows,remote,0 22621,platforms/windows/dos/22621.txt,"Microsoft Netmeeting 2.1/3.0.1 4.4.3385 - CALLTO URL Buffer Overflow",2003-05-20,"David F. Madrid",windows,dos,0 @@ -19872,7 +19872,7 @@ id,file,description,date,author,platform,type,port 22629,platforms/osx/dos/22629.txt,"Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module - Integer Overflow",2003-05-22,"Sir Mordred",osx,dos,0 22630,platforms/osx/remote/22630.txt,"Apple QuickTime/Darwin Streaming MP3Broadcaster - ID3 Tag Handling",2003-05-22,"Sir Mordred",osx,remote,0 22631,platforms/windows/remote/22631.txt,"IISProtect 2.1/2.2 - Authentication Bypass",2003-05-22,iDefense,windows,remote,0 -22632,platforms/php/webapps/22632.txt,"XMB Forum 1.8 - Member.php Cross-Site Scripting",2003-06-22,"Marc Ruef",php,webapps,0 +22632,platforms/php/webapps/22632.txt,"XMB Forum 1.8 - Member.php Cross-site Scripting",2003-06-22,"Marc Ruef",php,webapps,0 22633,platforms/linux/local/22633.c,"Polymorph 0.4 - Filename Buffer Overflow",2003-05-22,demz,linux,local,0 22634,platforms/multiple/dos/22634.txt,"Nessus 2.0.x - LibNASL Arbitrary Code Execution",2003-05-22,"Sir Mordred",multiple,dos,0 22635,platforms/windows/remote/22635.c,"Magic Winmail Server 2.3 USER POP3 - Command Format String",2003-05-23,D4rkGr3y,windows,remote,0 @@ -19888,7 +19888,7 @@ id,file,description,date,author,platform,type,port 22645,platforms/linux/local/22645.c,"Ifenslave 0.0.7 - Argument Local Buffer Overflow (3)",2003-05-26,"Julien L",linux,local,0 22646,platforms/unix/remote/22646.txt,"Vignette 4.x/5.0 - Memory Disclosure",2003-05-26,S21Sec,unix,remote,0 22647,platforms/hardware/dos/22647.txt,"D-Link DI-704P - Syslog.HTM Denial of Service",2003-05-26,"Chris R",hardware,dos,0 -22648,platforms/unix/remote/22648.txt,"Vignette 4/5 - Cross-Site Scripting",2003-05-26,"Ramon Pinuaga Cascales",unix,remote,0 +22648,platforms/unix/remote/22648.txt,"Vignette 4/5 - Cross-site Scripting",2003-05-26,"Ramon Pinuaga Cascales",unix,remote,0 22649,platforms/multiple/remote/22649.txt,"P-News 1.16 - Administrative Account Creation",2003-05-24,"Peter Winter-Smith",multiple,remote,0 22650,platforms/multiple/dos/22650.py,"BRS WebWeaver 1.0 4 - POST and HEAD Denial of Service",2003-05-26,euronymous,multiple,dos,0 22651,platforms/php/webapps/22651.txt,"PostNuke 0.72x Phoenix Glossary Module - SQL Injection",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 @@ -19902,14 +19902,14 @@ id,file,description,date,author,platform,type,port 22659,platforms/linux/remote/22659.c,"Batalla Naval 1.0 4 - Remote Buffer Overflow (2)",2003-05-26,jsk,linux,remote,0 22660,platforms/php/dos/22660.txt,"PostNuke Phoenix 0.72x - Rating System Denial of Service",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,dos,0 22661,platforms/freebsd/local/22661.c,"Upclient 5.0 b7 - Command Line Argument Buffer Overflow",2003-05-27,"Gino Thomas",freebsd,local,0 -22662,platforms/multiple/remote/22662.txt,"iPlanet Messaging Server 5.0/5.1 - HTML Attachment Cross-Site Scripting",2003-05-27,KernelPanikLabs,multiple,remote,0 +22662,platforms/multiple/remote/22662.txt,"iPlanet Messaging Server 5.0/5.1 - HTML Attachment Cross-site Scripting",2003-05-27,KernelPanikLabs,multiple,remote,0 22663,platforms/php/webapps/22663.txt,"Newsscript 1.0 - Administrative Privilege Elevation",2003-05-27,"Peter Winter-Smith",php,webapps,0 22664,platforms/windows/remote/22664.txt,"Sun ONE Application Server 7.0 - Source Disclosure",2003-05-27,"SPI Labs",windows,remote,0 -22665,platforms/windows/remote/22665.txt,"Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting",2003-05-27,"SPI Labs",windows,remote,0 +22665,platforms/windows/remote/22665.txt,"Sun ONE Application Server 7.0 - Error Message Cross-site Scripting",2003-05-27,"SPI Labs",windows,remote,0 22666,platforms/windows/dos/22666.txt,"Softrex Tornado WWW-Server 1.2 - Buffer Overflow",2003-05-28,D4rkGr3y,windows,dos,0 22667,platforms/windows/dos/22667.txt,"BaSoMail 1.24 - POP3 Server Denial of Service",2003-05-28,"Ziv Kamir",windows,dos,0 22668,platforms/windows/dos/22668.txt,"BaSoMail 1.24 - SMTP Server Command Buffer Overflow",2003-05-28,"Ziv Kamir",windows,dos,0 -22669,platforms/cgi/webapps/22669.txt,"Bandmin 1.4 - Cross-Site Scripting",2003-05-28,"silent needel",cgi,webapps,0 +22669,platforms/cgi/webapps/22669.txt,"Bandmin 1.4 - Cross-site Scripting",2003-05-28,"silent needel",cgi,webapps,0 22670,platforms/windows/dos/22670.c,"Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service",2003-05-28,Neo1,windows,dos,0 22671,platforms/php/webapps/22671.txt,"Webfroot Shoutbox 2.32 - URI Parameter File Disclosure",2003-05-29,pokleyzz,php,webapps,0 22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Inclusion",2003-05-29,pokleyzz,php,webapps,0 @@ -19931,11 +19931,11 @@ id,file,description,date,author,platform,type,port 22689,platforms/cgi/webapps/22689.txt,"M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 22690,platforms/windows/dos/22690.c,"Activity Monitor 2002 2.6 - Remote Denial of Service",2003-05-29,"Luca Ercoli",windows,dos,0 22691,platforms/windows/remote/22691.txt,"pablo software solutions baby ftp server 1.2 - Directory Traversal",2003-05-29,dr_insane,windows,remote,0 -22692,platforms/cgi/webapps/22692.txt,"Zeus Web Server 4.x - Admin Interface VS_Diag.CGI Cross-Site Scripting",2003-05-29,"Hugo Vazquez",cgi,webapps,0 +22692,platforms/cgi/webapps/22692.txt,"Zeus Web Server 4.x - Admin Interface VS_Diag.CGI Cross-site Scripting",2003-05-29,"Hugo Vazquez",cgi,webapps,0 22693,platforms/php/webapps/22693.txt,"cPanel 5/6 / Formail-Clone - E-Mail Restriction Bypass",2003-05-30,"Chad C. Keep",php,webapps,0 22694,platforms/windows/dos/22694.c,"Desktop Orbiter 2.0 1 - Resource Exhaustion Denial of Service",2003-05-30,"Luca Ercoli",windows,dos,0 22695,platforms/linux/local/22695.pl,"RedHat 9.0 / Slackware 8.1 - /bin/mail Carbon Copy Field Buffer Overrun",2003-05-30,mark@vulndev.org,linux,local,0 -22696,platforms/php/remote/22696.txt,"PHP 4.x - Transparent Session ID Cross-Site Scripting",2003-05-30,"Sverre H. Huseby",php,remote,0 +22696,platforms/php/remote/22696.txt,"PHP 4.x - Transparent Session ID Cross-site Scripting",2003-05-30,"Sverre H. Huseby",php,remote,0 22697,platforms/asp/webapps/22697.asp,"iisCart2000 - Arbitrary File Upload",2003-05-31,Bosen,asp,webapps,0 22698,platforms/asp/webapps/22698.pl,"WebCortex WebStores2000 - SQL Injection",2003-05-31,Bosen,asp,webapps,0 22699,platforms/unix/remote/22699.c,"Mod_Gzip 1.3.x - Debug Mode Vulnerabilities",2003-05-06,xCrZx,unix,remote,0 @@ -19955,7 +19955,7 @@ id,file,description,date,author,platform,type,port 22712,platforms/php/webapps/22712.txt,"MYREphp Vacation Rental Software - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer - Arbitrary File Upload",2012-11-15,Metasploit,windows,remote,0 22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - Users.php Database Username Disclosure Weakness",2003-06-02,"Rynho Zeros Web",php,webapps,0 -22716,platforms/php/webapps/22716.txt,"WebChat 2.0 - Users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 +22716,platforms/php/webapps/22716.txt,"WebChat 2.0 - Users.php Cross-site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module - Remote File Inclusion",2003-06-02,"Rynho Zeros Web",php,webapps,0 22718,platforms/windows/dos/22718.c,"Pi3Web 2.0.2 - SortName Buffer Overflow",2003-06-02,posidron,windows,dos,0 22719,platforms/linux/local/22719.pl,"kon2 - Local Buffer Overflow (1)",2003-06-03,wsxz,linux,local,0 @@ -19963,13 +19963,13 @@ id,file,description,date,author,platform,type,port 22721,platforms/windows/remote/22721.txt,"Pablo Software Solutions FTP Service 1.2 - Anonymous Users Privileges",2003-06-03,JeiAr,windows,remote,0 22722,platforms/windows/remote/22722.txt,"Pablo Software Solutions FTP Service 1.2 - Plaintext Password Weakness",2003-06-03,JeiAr,windows,remote,0 22723,platforms/windows/remote/22723.txt,"MegaBrowser 0.3 - HTTP Directory Traversal File Disclosure",2003-06-04,JeiAr,windows,remote,0 -22724,platforms/asp/webapps/22724.txt,"Xpressions Interactive - Multiple SQL Injection",2003-06-04,"Paul Craig",asp,webapps,0 -22725,platforms/php/webapps/22725.txt,"PHP 4 - PHPInfo Cross-Site Scripting",2002-10-12,"Matthew Murphy",php,webapps,0 +22724,platforms/asp/webapps/22724.txt,"Xpressions Interactive - Multiple SQL Injections",2003-06-04,"Paul Craig",asp,webapps,0 +22725,platforms/php/webapps/22725.txt,"PHP 4 - PHPInfo Cross-site Scripting",2002-10-12,"Matthew Murphy",php,webapps,0 22726,platforms/windows/remote/22726.txt,"Microsoft Internet Explorer 5 - OBJECT Tag Buffer Overflow",2003-06-04,FelineMenace,windows,remote,0 22727,platforms/multiple/local/22727.pl,"Computer Associates - Unicenter Asset Manager Stored Secret Data Decryption Weakness",2003-03-19,kufumo.com,multiple,local,0 22728,platforms/windows/remote/22728.txt,"Microsoft Internet Explorer 5 - Classic Mode FTP Client Cross Domain Scripting",2003-06-04,"Matthew Murphy",windows,remote,0 22729,platforms/linux/local/22729.c,"Man 1.5.1 - Catalog File Format String",2003-06-04,V9,linux,local,0 -22730,platforms/asp/webapps/22730.txt,"Mailtraq 2.2 - Browse.ASP Cross-Site Scripting",2003-06-04,"Ziv Kamir",asp,webapps,0 +22730,platforms/asp/webapps/22730.txt,"Mailtraq 2.2 - Browse.ASP Cross-site Scripting",2003-06-04,"Ziv Kamir",asp,webapps,0 22731,platforms/asp/webapps/22731.txt,"Mailtraq 2.2 - Webmail Utility Path Disclosure",2003-06-04,"Ziv Kamir",asp,webapps,0 22732,platforms/multiple/local/22732.java,"Sun JRE/SDK 1.x - Untrusted Applet Java Security Model Violation",2003-06-05,"Marc Schoenefeld",multiple,local,0 22733,platforms/hp-ux/remote/22733.c,"HP-UX FTPD 1.1.214.4 - REST Command Memory Disclosure",2003-06-05,di0aD,hp-ux,remote,0 @@ -19978,7 +19978,7 @@ id,file,description,date,author,platform,type,port 22736,platforms/php/webapps/22736.txt,"Friends in War Make or Break 1.3 - SQL Injection (Auth Bypass)",2012-11-15,d3b4g,php,webapps,0 22737,platforms/windows/remote/22737.txt,"Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() RCE",2012-11-15,rgod,windows,remote,0 22738,platforms/windows/remote/22738.txt,"Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation RCE",2012-11-15,rgod,windows,remote,0 -22739,platforms/hardware/dos/22739.py,"Broadcom BCM4325 and BCM4329 Devices - DoS",2012-11-15,CoreLabs,hardware,dos,0 +22739,platforms/hardware/dos/22739.py,"Broadcom BCM4325 and BCM4329 Devices - Denial of Service",2012-11-15,CoreLabs,hardware,dos,0 22741,platforms/php/webapps/22741.txt,"BabyGekko 1.2.2e - Multiple Vulnerabilities",2012-11-15,"High-Tech Bridge SA",php,webapps,0 22742,platforms/php/webapps/22742.txt,"ReciPHP 1.1 - SQL Injection",2012-11-15,"cr4wl3r ",php,webapps,0 22743,platforms/cgi/webapps/22743.txt,"ImageFolio 2.2x/3.0/3.1 - Admin.CGI Directory Traversal",2003-06-05,"Paul Craig",cgi,webapps,0 @@ -19988,9 +19988,9 @@ id,file,description,date,author,platform,type,port 22747,platforms/asp/webapps/22747.txt,"MaxWebPortal 1.30 - Remote Database Disclosure",2003-06-06,JeiAr,asp,webapps,0 22748,platforms/linux/local/22748.c,"Xaos 3.0 - Language Option Local Buffer Overflow",2003-06-06,bazarr@ziplip.com,linux,local,0 22749,platforms/novell/dos/22749.txt,"Novell Netware 6.0 / eDirectory 8.7 - HTTPSTK.NLM Remote Abend",2003-06-06,"Cheese Head",novell,dos,0 -22750,platforms/php/webapps/22750.txt,"Zentrack 2.2/2.3/2.4 - Index.php Remote File Inclusion",2003-06-06,farking,php,webapps,0 +22750,platforms/php/webapps/22750.txt,"Zentrack 2.2/2.3/2.4 - 'index.php' Remote File Inclusion",2003-06-06,farking,php,webapps,0 22751,platforms/multiple/remote/22751.txt,"Mozilla 1.x / opera 6/7 - Timed Document.Write Method Cross Domain Policy",2003-06-07,meme-boi,multiple,remote,0 -22752,platforms/java/webapps/22752.txt,"H-Sphere 2.x - HTML Template Inclusion Cross-Site Scripting",2003-06-09,"Lorenzo Hernandez Garcia-Hierro",java,webapps,0 +22752,platforms/java/webapps/22752.txt,"H-Sphere 2.x - HTML Template Inclusion Cross-site Scripting",2003-06-09,"Lorenzo Hernandez Garcia-Hierro",java,webapps,0 22753,platforms/cgi/remote/22753.pl,"MNOGoSearch 3.1.20 - Search.CGI UL Buffer Overflow (1)",2003-06-10,pokleyzz,cgi,remote,0 22754,platforms/cgi/remote/22754.pl,"MNOGoSearch 3.1.20 - Search.CGI UL Buffer Overflow (2)",2003-06-10,inv,cgi,remote,0 22755,platforms/multiple/remote/22755.txt,"Aiglon Web Server 2.0 - Installation Path Information Disclosure Weakness",2003-06-10,"Ziv Kamir",multiple,remote,0 @@ -19999,27 +19999,27 @@ id,file,description,date,author,platform,type,port 22758,platforms/windows/remote/22758.txt,"silentthought simple Web server 1.0 - Directory Traversal",2003-06-12,"Ziv Kamir",windows,remote,0 22759,platforms/windows/dos/22759.txt,"WebBBS Pro 1.18 - GET Request Denial of Service",2003-06-12,"Ziv Kamir",windows,dos,0 22760,platforms/php/webapps/22760.txt,"Sphera HostingDirector 1.0/2.0/3.0 - VDS Control Panel Account Configuration Modification",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22761,platforms/php/webapps/22761.txt,"PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"David F. Madrid",php,webapps,0 -22762,platforms/php/webapps/22762.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel - Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +22761,platforms/php/webapps/22761.txt,"PostNuke 0.723 - Multiple Cross-site Scripting Vulnerabilities",2003-06-13,"David F. Madrid",php,webapps,0 +22762,platforms/php/webapps/22762.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel - Multiple Cross-site Scripting Vulnerabilities",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22829,platforms/php/webapps/22829.txt,"webid 1.0.5 - Directory Traversal",2012-11-19,loneferret,php,webapps,80 -22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 - User.php UNAME Cross-Site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 +22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 - User.php UNAME Cross-site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 22768,platforms/linux/local/22768.pl,"ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow",2003-06-06,"Julien LANTHEA",linux,local,0 22769,platforms/windows/remote/22769.txt,"Methodus 3 Web Server - File Disclosure",2003-06-13,"Peter Winter-Smith",windows,remote,0 -22770,platforms/cgi/webapps/22770.txt,"Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting",2003-06-12,badpack3t,cgi,webapps,0 +22770,platforms/cgi/webapps/22770.txt,"Infinity CGI Exploit Scanner 3.11 - Cross-site Scripting",2003-06-12,badpack3t,cgi,webapps,0 22771,platforms/linux/remote/22771.txt,"Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution",2003-06-13,"Martyn Gilmore",linux,remote,0 -22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - (view_faq.php question param) SQL Injection",2012-11-16,unsuprise,php,webapps,0 +22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - (view_faq.php question parameter) SQL Injection",2012-11-16,unsuprise,php,webapps,0 22772,platforms/cgi/webapps/22772.txt,"Infinity CGI Exploit Scanner 3.11 - Remote Command Execution",2003-06-12,badpack3t,cgi,webapps,0 22773,platforms/linux/local/22773.c,"Progress Database 9.1 - Environment Variable Local Privilege Escalation",2003-06-14,kf,linux,local,0 22774,platforms/windows/dos/22774.txt,"myServer 0.4.1 - Signal Handling Denial of Service",2003-06-14,LynX,windows,dos,0 22775,platforms/linux/local/22775.txt,"FreeWnn 1.1.1 - JServer Logging Option Data Corruption",2003-06-14,"Stefano Di Paola",linux,local,0 22776,platforms/php/webapps/22776.txt,"PMachine 2.2.1 - Lib.Inc.php Remote File Inclusion Command Execution",2003-06-15,frog,php,webapps,0 22777,platforms/cgi/webapps/22777.txt,"LedNews 0.7 Post Script - Code Injection",2003-06-16,"gilbert vilvoorde",cgi,webapps,0 -22778,platforms/asp/webapps/22778.txt,"Snitz Forums 2000 3.4.03 - Search.ASP Cross-Site Scripting",2003-06-16,JeiAr,asp,webapps,0 +22778,platforms/asp/webapps/22778.txt,"Snitz Forums 2000 3.4.03 - Search.ASP Cross-site Scripting",2003-06-16,JeiAr,asp,webapps,0 22779,platforms/windows/local/22779.pl,"Mailtraq 2.1.0.1302 - User Password Encoding Weakness",2003-06-16,"Noam Rathaus",windows,local,0 22780,platforms/windows/dos/22780.txt,"Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption",2003-06-16,"Noam Rathaus",windows,dos,0 22781,platforms/linux/local/22781.txt,"Linux PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privilege Escalation",2003-06-16,"Karol Wiesek",linux,local,0 22782,platforms/windows/remote/22782.py,"Microsoft Windows 2000 - Active Directory Remote Stack Overflow",2003-07-02,"Core Security",windows,remote,0 -22783,platforms/windows/remote/22783.txt,"Microsoft Internet Explorer 5/6 - MSXML XML File Parsing Cross-Site Scripting",2003-06-17,"GreyMagic Software",windows,remote,0 +22783,platforms/windows/remote/22783.txt,"Microsoft Internet Explorer 5/6 - MSXML XML File Parsing Cross-site Scripting",2003-06-17,"GreyMagic Software",windows,remote,0 22784,platforms/windows/remote/22784.txt,"Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection",2003-06-17,"GreyMagic Software",windows,remote,0 22785,platforms/windows/remote/22785.txt,"MyServer 0.4.1/0.4.2 - HTTP Server Directory Traversal",2003-06-17,"Ziv Kamir",windows,remote,0 22786,platforms/linux/remote/22786.c,"Dune 0.6.7 - HTTP Get Remote Buffer Overrun",2003-06-17,V9,linux,remote,0 @@ -20035,18 +20035,18 @@ id,file,description,date,author,platform,type,port 22796,platforms/linux/dos/22796.php,"MidHosting FTP Daemon 1.0.1 - Shared Memory Local Denial of Service",2003-06-18,"Frank DENIS",linux,dos,0 22797,platforms/hardware/dos/22797.txt,"Avaya Cajun P130/P133/P330/P333 Network Switch - Connection Stalling Denial of Service",2003-06-18,"Jacek Lipkowski",hardware,dos,0 22798,platforms/php/webapps/22798.txt,"phpMyAdmin 2.x - Information Disclosure",2003-06-18,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 -22799,platforms/cgi/webapps/22799.txt,"Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 -22800,platforms/linux/dos/22800.txt,"Kerio Mailserver 5.6.3 subscribe Module - Overflow",2003-06-18,"David F.Madrid",linux,dos,0 +22799,platforms/cgi/webapps/22799.txt,"Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 +22800,platforms/linux/dos/22800.txt,"Kerio Mailserver 5.6.3 subscribe Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 22801,platforms/linux/dos/22801.txt,"Kerio Mailserver 5.6.3 - add_acl Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 -22802,platforms/linux/dos/22802.txt,"Kerio Mailserver 5.6.3 list Module - Overflow",2003-06-18,"David F.Madrid",linux,dos,0 -22803,platforms/linux/dos/22803.txt,"Kerio Mailserver 5.6.3 do_map Module - Overflow",2003-06-18,"David F.Madrid",linux,dos,0 -22804,platforms/cgi/webapps/22804.txt,"Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 -22805,platforms/jsp/webapps/22805.txt,"Tmax Soft JEUS 3.1.4 p1 - URL.JSP Cross-Site Scripting",2003-06-17,"Jeremy Bae",jsp,webapps,0 +22802,platforms/linux/dos/22802.txt,"Kerio Mailserver 5.6.3 list Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 +22803,platforms/linux/dos/22803.txt,"Kerio Mailserver 5.6.3 do_map Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 +22804,platforms/cgi/webapps/22804.txt,"Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 +22805,platforms/jsp/webapps/22805.txt,"Tmax Soft JEUS 3.1.4 p1 - URL.JSP Cross-site Scripting",2003-06-17,"Jeremy Bae",jsp,webapps,0 22806,platforms/linux/local/22806.sh,"SDFingerD 1.1 - Failure To Drop Privileges Local Privilege Escalation",2003-06-19,V9,linux,local,0 22807,platforms/windows/remote/22807.txt,"SurfControl Web Filter 4.2.0.1 - File Disclosure",2003-06-19,"thomas adams",windows,remote,0 22808,platforms/php/webapps/22808.txt,"pMachine 1.0/2.x - /lib/ Multiple Script Direct Request Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22809,platforms/php/webapps/22809.txt,"pMachine 1.0/2.x - Multiple Script sfx Parameter Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22810,platforms/php/webapps/22810.txt,"pMachine 1.0/2.x - Search Module Cross-Site Scripting",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +22810,platforms/php/webapps/22810.txt,"pMachine 1.0/2.x - Search Module Cross-site Scripting",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22811,platforms/bsd/local/22811.c,"Abuse-SDL 0.7 - Command-Line Argument Buffer Overflow",2003-06-19,Matrix_DK,bsd,local,0 22812,platforms/php/webapps/22812.txt,"WebJeff Filemanager 1.6 - File Disclosure",2003-06-20,"Adam Stephens",php,webapps,0 22813,platforms/linux/local/22813.c,"Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure",2003-06-20,IhaQueR,linux,local,0 @@ -20054,7 +20054,7 @@ id,file,description,date,author,platform,type,port 22815,platforms/linux/local/22815.c,"GNU GNATS 3.113 - Environment Variable Buffer Overflow",2003-06-21,Xpl017Elz,linux,local,0 22816,platforms/windows/dos/22816.txt,"Symantec Security Check RuFSI - ActiveX Control Buffer Overflow",2003-06-23,"Cesar Cerrudo",windows,dos,0 22817,platforms/windows/dos/22817.pl,"MyServer 0.4.1 - Remote Denial of Service",2003-06-23,eip,windows,dos,0 -22818,platforms/php/webapps/22818.txt,"Tutos 1.1 - File_Select.php Cross-Site Scripting",2003-06-20,"François SORIN",php,webapps,0 +22818,platforms/php/webapps/22818.txt,"Tutos 1.1 - File_Select.php Cross-site Scripting",2003-06-20,"François SORIN",php,webapps,0 22819,platforms/php/webapps/22819.txt,"Tutos 1.1 - File_New Arbitrary File Upload",2003-06-20,"François SORIN",php,webapps,0 22820,platforms/php/webapps/22820.txt,"XMB Forum 1.8 - member.php member Parameter XSS",2003-06-23,"Knight Commander",php,webapps,0 22821,platforms/php/webapps/22821.txt,"XMB Forum 1.8 - buddy.php action Parameter XSS",2003-06-23,"Knight Commander",php,webapps,0 @@ -20064,7 +20064,7 @@ id,file,description,date,author,platform,type,port 22825,platforms/windows/dos/22825.c,"Armida Databased Web Server 1.0 - Remote GET Request Denial of Service",2003-06-23,posidron,windows,dos,0 22826,platforms/php/webapps/22826.txt,"VisNetic WebMail 5.8.6 .6 - Information Disclosure",2003-06-23,posidron,php,webapps,0 22827,platforms/windows/remote/22827.txt,"Compaq Web-Based Management Agent - Remote File Verification",2003-06-23,"Ian Vitek",windows,remote,0 -22828,platforms/php/webapps/22828.txt,"WeBid 1.0.5 - Cross-Site Scripting",2012-11-19,"Woody Hughes",php,webapps,0 +22828,platforms/php/webapps/22828.txt,"WeBid 1.0.5 - Cross-site Scripting",2012-11-19,"Woody Hughes",php,webapps,0 22830,platforms/linux/remote/22830.c,"LBreakOut2 2.x - Login Remote Format String",2003-06-24,V9,linux,remote,0 22831,platforms/freebsd/dos/22831.pl,"Gkrellmd 2.1 - Remote Buffer Overflow (1)",2003-06-24,dodo,freebsd,dos,0 22832,platforms/freebsd/remote/22832.pl,"Gkrellmd 2.1 - Remote Buffer Overflow (2)",2003-06-24,dodo,freebsd,remote,0 @@ -20073,7 +20073,7 @@ id,file,description,date,author,platform,type,port 22835,platforms/windows/local/22835.c,"Tripbit Secure Code Analizer 1.0 - Local fgets() Buffer Overrun",2003-06-24,posidron,windows,local,0 22836,platforms/linux/local/22836.pl,"Elm 2.3/2.4 - Local TERM Environment Variable Buffer Overrun",1997-05-13,kokanin,linux,local,0 22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services - NSIISlog.DLL Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 -22838,platforms/windows/remote/22838.txt,"BRS WebWeaver 1.0 - Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 +22838,platforms/windows/remote/22838.txt,"BRS WebWeaver 1.0 - Error Page Cross-site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 22839,platforms/linux/dos/22839.c,"methane IRCd 0.1.1 - Remote Format String",2003-06-27,Dinos,linux,dos,0 22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - suid execve() System Call Race Condition Executable File Read Proof of Concept",2003-06-26,IhaQueR,linux,local,0 22841,platforms/php/webapps/22841.txt,"iXmail 0.2/0.3 - iXmail_NetAttach.php File Deletion",2003-06-26,leseulfrog,php,webapps,0 @@ -20084,7 +20084,7 @@ id,file,description,date,author,platform,type,port 22846,platforms/linux/dos/22846.pl,"Adobe Unix Acrobat Reader 4.0/5.0 - WWWLaunchNetscape Buffer Overflow",2003-07-01,"Paul Szabo",linux,dos,0 22847,platforms/linux/local/22847.txt,"InterSystems Cache 4.1.15/5.0.x - Insecure Default Permissions",2003-07-01,"Larry W. Cashdollar",linux,local,0 22848,platforms/linux/remote/22848.c,"ezbounce 1.0/1.5 - Format String",2003-07-01,V9,linux,remote,0 -22849,platforms/jsp/webapps/22849.txt,"Verity K2 Toolkit 2.20 - Cross-Site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 +22849,platforms/jsp/webapps/22849.txt,"Verity K2 Toolkit 2.20 - Cross-site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 - Crash PoC",2012-11-20,coolkaveh,windows,dos,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 @@ -20092,7 +20092,7 @@ id,file,description,date,author,platform,type,port 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 - Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration - Passthru",2012-11-21,Metasploit,linux,remote,0 -22857,platforms/jsp/webapps/22857.txt,"Verity K2 Toolkit 2.20 Query Builder Search Script - Cross-Site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 +22857,platforms/jsp/webapps/22857.txt,"Verity K2 Toolkit 2.20 Query Builder Search Script - Cross-site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 22858,platforms/openbsd/remote/22858.txt,"OpenBSD 3.x - PF RDR Network Information Leakage",2003-07-02,Ed3f,openbsd,remote,0 22859,platforms/multiple/dos/22859.txt,"Axis Print Server 6.15/6.20 - Web Interface Denial of Service",2003-07-03,"Ian Vitek",multiple,dos,0 22860,platforms/linux/local/22860.c,"GNU Chess 5.0 - Local Buffer Overflow",2003-07-03,ace,linux,local,0 @@ -20101,7 +20101,7 @@ id,file,description,date,author,platform,type,port 22863,platforms/linux/local/22863.c,"ISDNRep 4.56 - Command Line Argument Local Buffer Overflow (2)",2003-07-04,snooq,linux,local,0 22864,platforms/asp/webapps/22864.txt,"ProductCart 1.5/1.6/2.0 - Custva.ASP SQL Injection",2003-07-04,Bosen,asp,webapps,0 22865,platforms/asp/webapps/22865.txt,"ProductCart 1.5/1.6/2.0 - Login.ASP SQL Injection",2003-07-04,Bosen,asp,webapps,0 -22866,platforms/asp/webapps/22866.txt,"ProductCart 1.5/1.6/2.0 - MSG.ASP Cross-Site Scripting",2003-07-05,atomix,asp,webapps,0 +22866,platforms/asp/webapps/22866.txt,"ProductCart 1.5/1.6/2.0 - MSG.ASP Cross-site Scripting",2003-07-05,atomix,asp,webapps,0 22867,platforms/multiple/remote/22867.pl,"Macromedia ColdFusion MX 6.0 - Remote Development Service File Disclosure",2003-07-05,rs2112,multiple,remote,0 22868,platforms/asp/webapps/22868.txt,"ProductCart 1.5/1.6/2.0 - File Disclosure",2003-07-05,"Tri Huynh",asp,webapps,0 22869,platforms/windows/remote/22869.html,"Microsoft Outlook 5.5/2000 - Web Access HTML Attachment Script Execution",2003-07-05,"Hugo Vazquez",windows,remote,0 @@ -20119,7 +20119,7 @@ id,file,description,date,author,platform,type,port 23035,platforms/asp/webapps/23035.txt,"Poster 2.0 - Unauthorized Privileged User Access",2003-08-15,DarkKnight,asp,webapps,0 23036,platforms/php/webapps/23036.txt,"MatrikzGB Guestbook 2.0 - Administrative Privilege Escalation",2003-08-16,"Stephan Sattler",php,webapps,0 23037,platforms/windows/local/23037.txt,"DWebPro 3.4.1 - Http.ini Plaintext Password Storage",2003-08-18,rUgg1n3,windows,local,0 -22881,platforms/php/webapps/22881.txt,"PHP Server Monitor - Stored XSS",2012-11-21,loneferret,php,webapps,0 +22881,platforms/php/webapps/22881.txt,"PHP Server Monitor - Persistent Cross-site Scripting",2012-11-21,loneferret,php,webapps,0 22882,platforms/windows/local/22882.c,"Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (1)",2003-07-08,Maceo,windows,local,0 22883,platforms/windows/local/22883.c,"Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (2)",2003-07-08,Maceo,windows,local,0 22884,platforms/linux/local/22884.c,"Tower Toppler 0.96 - HOME Environment Variable Local Buffer Overflow",2003-07-08,FBHowns,linux,local,0 @@ -20134,7 +20134,7 @@ id,file,description,date,author,platform,type,port 22893,platforms/linux/remote/22893.c,"University of Minnesota Gopherd 2.0.x/2.3/3.0.x - FTP Gateway Buffer Overflow",2003-07-11,V9,linux,remote,0 22894,platforms/linux/remote/22894.c,"University of Minnesota Gopherd 2.0.x/2.3/3.0.x - GSisText Buffer Overflow",2003-07-11,V9,linux,remote,0 22895,platforms/asp/webapps/22895.txt,"ASP-DEV Discussion Forum 2.0 - Admin Directory Weak Default Permissions",2003-07-13,G00db0y,asp,webapps,0 -22896,platforms/php/webapps/22896.txt,"HTMLToNuke - Cross-Site Scripting",2003-07-13,JOCANOR,php,webapps,0 +22896,platforms/php/webapps/22896.txt,"HTMLToNuke - Cross-site Scripting",2003-07-13,JOCANOR,php,webapps,0 22897,platforms/linux/dos/22897.c,"Twilight WebServer 1.3.3.0 - GET Request Buffer Overflow",2003-07-07,posidron,linux,dos,0 22898,platforms/hardware/remote/22898.txt,"Asus AAM6330BI/AAM6000EV ADSL Router - Information Disclosure",2003-07-14,cw,hardware,remote,0 22899,platforms/windows/dos/22899.txt,"StarSiege Tribes Server - Denial of Service (1)",2003-06-10,st0ic,windows,dos,0 @@ -20144,7 +20144,7 @@ id,file,description,date,author,platform,type,port 22903,platforms/windows/remote/22903.rb,"NetIQ Privileged User Manager 2.3.1 - ldapagnt_eval() Remote Perl Code Execution",2012-11-22,Metasploit,windows,remote,0 22904,platforms/linux/dos/22904.py,"TrouSerS - Denial of Service",2012-11-23,"Andy Lutomirski",linux,dos,0 22905,platforms/windows/remote/22905.rb,"Apple QuickTime 7.7.2 - TeXML Style Element font-table Field Stack Buffer Overflow",2012-11-24,Metasploit,windows,remote,0 -22906,platforms/php/webapps/22906.txt,"jBilling 3.0.2 - Cross-Site Scripting",2012-11-25,"Woody Hughes",php,webapps,0 +22906,platforms/php/webapps/22906.txt,"jBilling 3.0.2 - Cross-site Scripting",2012-11-25,"Woody Hughes",php,webapps,0 22907,platforms/php/webapps/22907.txt,"ES CmS 0.1 - SQL Injection",2012-11-25,"hossein beizaee",php,webapps,0 22908,platforms/linux/remote/22908.c,"Exceed 5.0/6.0/6.1/7.1/8.0 - Font Name Handler Buffer Overflow",2003-07-15,c0ntex,linux,remote,0 22909,platforms/windows/remote/22909.txt,"NetSuite 1.0/1.2 - HTTP Server Directory Traversal",2003-07-15,dr_insane,windows,remote,0 @@ -20153,7 +20153,7 @@ id,file,description,date,author,platform,type,port 22912,platforms/unix/local/22912.c,"IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation",2003-07-16,kf,unix,local,0 22942,platforms/php/webapps/22942.txt,"WebCalendar 0.9.x - Local File Inclusion Information Disclosure",2003-07-21,noconflic,php,webapps,0 22943,platforms/linux/local/22943.c,"Top 1.x/2.0 - Home Environment Variable Local Buffer Overflow",2003-07-22,UHAGr,linux,local,0 -22944,platforms/windows/remote/22944.txt,"Savant Web Server 3.1 - CGITest.HTML Cross-Site Scripting",2003-07-21,dr_insane,windows,remote,0 +22944,platforms/windows/remote/22944.txt,"Savant Web Server 3.1 - CGITest.HTML Cross-site Scripting",2003-07-21,dr_insane,windows,remote,0 22945,platforms/windows/dos/22945.txt,"Savant Webserver 3.1 - Denial of Service",2003-07-21,dr_insane,windows,dos,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 - Plain Text Password",2003-07-22,hanez,windows,local,0 22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 - Administrative Interface Long Request Router DoS",2003-07-21,"David F.Madrid",hardware,dos,0 @@ -20169,17 +20169,17 @@ id,file,description,date,author,platform,type,port 22958,platforms/php/webapps/22958.txt,"e107 Website System 0.554 - HTML Injection",2003-07-25,"Pete Foster",php,webapps,0 22959,platforms/windows/remote/22959.txt,"Microsoft Outlook Express 5/6 - Script Execution Weakness",2003-07-25,http-equiv,windows,remote,0 22962,platforms/hardware/dos/22962.pl,"Cisco Aironet AP1x00 - Malformed HTTP GET Denial of Service",2003-07-28,blackangels,hardware,dos,0 -22963,platforms/cgi/webapps/22963.txt,"Softshoe - Parse-file Cross-Site Scripting",2003-07-28,"Bahaa Naamneh",cgi,webapps,0 +22963,platforms/cgi/webapps/22963.txt,"Softshoe - Parse-file Cross-site Scripting",2003-07-28,"Bahaa Naamneh",cgi,webapps,0 22964,platforms/unix/remote/22964.c,"Mini SQL 1.0/1.3 - Remote Format String",2003-07-28,lucipher,unix,remote,0 22965,platforms/linux/local/22965.c,"XBlast 2.6.1 - HOME Environment Variable Buffer Overflow",2003-07-28,c0wboy,linux,local,0 22966,platforms/windows/remote/22966.c,"Valve Software Half-Life 1.1 Client - Connection Routine Buffer Overflow (1)",2003-07-29,D4rkGr3y,windows,remote,0 -22940,platforms/php/webapps/22940.txt,"Drupal 4.1/4.2 - Cross-Site Scripting",2003-07-21,"Ferruh Mavituna",php,webapps,0 +22940,platforms/php/webapps/22940.txt,"Drupal 4.1/4.2 - Cross-site Scripting",2003-07-21,"Ferruh Mavituna",php,webapps,0 22941,platforms/php/webapps/22941.txt,"atomicboard 0.6.2 - Directory Traversal",2003-07-21,gr00vy,php,webapps,0 22967,platforms/windows/remote/22967.txt,"Valve Software Half-Life 1.1 Client - Connection Routine Buffer Overflow (2)",2003-07-29,anonymous,windows,remote,0 22968,platforms/linux/remote/22968.c,"Valve Software Half-Life Server 1.1.1.0 & 3.1.1.1c1 &4.1.1.1a - Multiplayer Request Buffer Overflow",2003-07-29,hkvig,linux,remote,0 22917,platforms/windows/remote/22917.txt,"Microsoft Windows - DCOM RPC Interface Buffer Overrun",2003-08-11,aT4r@3wdesign.es,windows,remote,0 22918,platforms/unix/dos/22918.txt,"IBM U2 UniVerse 10.0.0.9 - uvrestore Buffer Overflow",2003-07-16,kf,unix,dos,0 -22919,platforms/windows/remote/22919.txt,"Microsoft ISA Server 2000 - Cross-Site Scripting",2003-07-16,"Brett Moore",windows,remote,0 +22919,platforms/windows/remote/22919.txt,"Microsoft ISA Server 2000 - Cross-site Scripting",2003-07-16,"Brett Moore",windows,remote,0 22920,platforms/unix/dos/22920.txt,"IBM U2 UniVerse 10.0.0.9 - UVADMSH Buffer Overflow",2003-07-16,kf,unix,dos,0 22921,platforms/asp/webapps/22921.txt,".netCART Settings.XML - Information Disclosure",2003-07-16,G00db0y,asp,webapps,0 22922,platforms/php/webapps/22922.txt,"Ultimate Bulletin Board 6.0/6.2 - UBBER Cookie HTML Injection",2003-07-16,anti_acid,php,webapps,0 @@ -20192,13 +20192,13 @@ id,file,description,date,author,platform,type,port 22929,platforms/php/webapps/22929.txt,"BuyClassifiedScript - PHP Code Injection",2012-11-26,d3b4g,php,webapps,0 22931,platforms/windows/local/22931.py,"BlazeVideo HDTV Player 6.6 Professional - (Direct Retn) Exploit",2012-11-26,Nezim,windows,local,0 22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - (Direct Retn)",2012-11-26,Nezim,windows,local,0 -22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 +22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 23007,platforms/windows/local/23007.rb,"Windows - AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 - Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0 23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 - Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23010,platforms/php/webapps/23010.txt,"Better Basket Pro 3.0 - Store Builder Remote Path Disclosure",2003-08-11,G00db0y,php,webapps,0 -23011,platforms/php/webapps/23011.txt,"PHPOutSourcing Zorum 3.x - Cross-Site Scripting",2003-08-11,G00db0y,php,webapps,0 +23011,platforms/php/webapps/23011.txt,"PHPOutSourcing Zorum 3.x - Cross-site Scripting",2003-08-11,G00db0y,php,webapps,0 23012,platforms/php/webapps/23012.txt,"News Wizard 2.0 - Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23013,platforms/php/webapps/23013.txt,"PHP Website 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - SQL Injection",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23014,platforms/php/webapps/23014.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 calendar Module - day Parameter XSS",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 @@ -20234,16 +20234,16 @@ id,file,description,date,author,platform,type,port 22989,platforms/unix/local/22989.pl,"IBM DB2 - Shared Library Injection",2003-08-05,daniels@legend.co.uk,unix,local,0 22990,platforms/php/webapps/22990.txt,"vBulletin 3.0 - Register.php HTML Injection",2003-08-06,"Ferruh Mavituna",php,webapps,0 22991,platforms/hardware/dos/22991.txt,"D-Link DI-704P - Long URL Denial of Service",2003-08-06,chris@cr-secure.net,hardware,dos,0 -22992,platforms/asp/webapps/22992.txt,"IdealBB 1.4.9 - Error.ASP Cross-Site Scripting",2003-08-07,G00db0y,asp,webapps,0 +22992,platforms/asp/webapps/22992.txt,"IdealBB 1.4.9 - Error.ASP Cross-site Scripting",2003-08-07,G00db0y,asp,webapps,0 22993,platforms/linux/local/22993.txt,"IPNetSentryX / IPNetMonitorX - Unauthorized Network Reconnaissance",2003-07-07,@stake,linux,local,0 22994,platforms/multiple/remote/22994.txt,"Sun One 5.1 / IPlanet 5.0/5.1 - Administration Server Directory Traversal",2003-08-08,"Jim Hardisty",multiple,remote,0 22995,platforms/php/webapps/22995.txt,"C-Cart 1.0 - Path Disclosure",2003-08-08,G00db0y,php,webapps,0 22996,platforms/linux/local/22996.c,"XPCD 2.0.8 - Home Environment Variable Local Buffer Overflow",2003-07-18,r-code,linux,local,0 -22997,platforms/php/webapps/22997.txt,"PostNuke 0.6/0.7 Downloads Module - TTitle Cross-Site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22998,platforms/php/webapps/22998.txt,"PostNuke 0.6/0.7 web_links Module - TTitle Cross-Site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +22997,platforms/php/webapps/22997.txt,"PostNuke 0.6/0.7 Downloads Module - TTitle Cross-site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +22998,platforms/php/webapps/22998.txt,"PostNuke 0.6/0.7 web_links Module - TTitle Cross-site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22999,platforms/windows/dos/22999.pl,"Meteor FTP Server 1.2/1.5 - USER Memory Corruption",2003-08-08,zerash,windows,dos,0 23000,platforms/php/webapps/23000.txt,"geeeekShop 1.4 - Information Disclosure",2003-08-09,G00db0y,php,webapps,0 -23001,platforms/php/webapps/23001.txt,"Invision Power Board 1.0/1.1/1.2 - Admin.php Cross-Site Scripting",2003-08-09,"Boy Bear",php,webapps,0 +23001,platforms/php/webapps/23001.txt,"Invision Power Board 1.0/1.1/1.2 - Admin.php Cross-site Scripting",2003-08-09,"Boy Bear",php,webapps,0 23002,platforms/windows/remote/23002.txt,"MDaemon SMTP Server 5.0.5 - Null Password Authentication",2003-08-09,"Buckaroo Banzai",windows,remote,0 23004,platforms/multiple/webapps/23004.txt,"Oracle OpenSSO 8.0 - Multiple XSS POST Injection Vulnerabilities",2012-11-29,LiquidWorm,multiple,webapps,0 23005,platforms/asp/webapps/23005.txt,"FCKEditor Core ASP 2.6.8 - File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0 @@ -20251,15 +20251,15 @@ id,file,description,date,author,platform,type,port 23018,platforms/php/webapps/23018.txt,"PHPOutsourcing Zorum 3.4 - Path Disclosure",2003-08-11,"Zone-h Security Team",php,webapps,0 23019,platforms/windows/remote/23019.c,"Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking",2003-08-11,root@networkpenetration.com,windows,remote,0 23020,platforms/php/webapps/23020.txt,"HostAdmin - Path Disclosure",2003-08-12,G00db0y,php,webapps,0 -23021,platforms/cgi/webapps/23021.txt,"Eudora WorldMail 2.0 - Search Cross-Site Scripting",2003-08-12,"Donnie Werner",cgi,webapps,0 +23021,platforms/cgi/webapps/23021.txt,"Eudora WorldMail 2.0 - Search Cross-site Scripting",2003-08-12,"Donnie Werner",cgi,webapps,0 23022,platforms/php/local/23022.c,"PHP 4.x - DLOpen Memory Disclosure (1)",2003-08-13,"Andrew Griffiths",php,local,0 23023,platforms/php/local/23023.c,"PHP 4.x - DLOpen Memory Disclosure (2)",2003-08-13,andrewg,php,local,0 23024,platforms/multiple/remote/23024.txt,"SurgeLDAP 1.0 d - Path Disclosure",2003-08-13,"Ziv Kamir",multiple,remote,0 -23025,platforms/cgi/webapps/23025.txt,"SurgeLDAP 1.0 d - User.CGI Cross-Site Scripting",2003-08-13,"Ziv Kamir",cgi,webapps,0 +23025,platforms/cgi/webapps/23025.txt,"SurgeLDAP 1.0 d - User.CGI Cross-site Scripting",2003-08-13,"Ziv Kamir",cgi,webapps,0 23026,platforms/php/webapps/23026.txt,"Xoops 1.0/1.3.x - BBCode HTML Injection",2003-08-13,frog,php,webapps,0 23027,platforms/php/webapps/23027.txt,"HolaCMS 1.2.x - HTMLtags.php Local File Inclusion",2003-08-13,"Virginity Security",php,webapps,0 -23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - (packages.php id param) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 -23029,platforms/php/webapps/23029.txt,"SmartCMS - (index.php menuitem param) SQL Injection / Cross-Site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 +23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - (packages.php id parameter) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 +23029,platforms/php/webapps/23029.txt,"SmartCMS - (index.php menuitem parameter) SQL Injection / Cross-site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 23032,platforms/asp/webapps/23032.txt,"Clickcess ChitChat.NET - name XSS",2003-08-13,G00db0y,asp,webapps,0 23033,platforms/asp/webapps/23033.txt,"Clickcess ChitChat.NET - topic title XSS",2003-08-13,G00db0y,asp,webapps,0 23031,platforms/php/webapps/23031.txt,"silverstripe CMS 3.0.2 - Multiple Vulnerabilities",2012-11-30,"Sense of Security",php,webapps,0 @@ -20290,14 +20290,14 @@ id,file,description,date,author,platform,type,port 23062,platforms/bsd/local/23062.c,"BSD-Games 2.x - Monop Player Name Local Buffer Overrun (1)",2003-08-25,^sq,bsd,local,0 23063,platforms/bsd/local/23063.c,"BSD-Games 2.x - Monop Player Name Local Buffer Overrun (2)",2003-08-25,N4rK07IX,bsd,local,0 23064,platforms/php/webapps/23064.txt,"Attila PHP 3.0 - SQL Injection Unauthorized Privileged Access",2003-08-26,frog,php,webapps,0 -23065,platforms/php/webapps/23065.txt,"AldWeb MiniPortail 1.9/2.x - LNG Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 +23065,platforms/php/webapps/23065.txt,"AldWeb MiniPortail 1.9/2.x - LNG Parameter Cross-site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 23066,platforms/windows/remote/23066.pl,"Tellurian TftpdNT 1.8/2.0 - Long Filename Buffer Overrun",2003-08-27,storm,windows,remote,0 -23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 - Mod Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 +23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 - Mod Parameter Cross-site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 23068,platforms/windows/remote/23068.txt,"file sharing for net 1.5 - Directory Traversal file disclosure",2003-08-30,sickle,windows,remote,0 23069,platforms/multiple/remote/23069.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0 23070,platforms/multiple/remote/23070.txt,"sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal file disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0 -23071,platforms/multiple/remote/23071.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting",2003-08-30,"Martin Eiszner",multiple,remote,0 -23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-Site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 +23071,platforms/multiple/remote/23071.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-site Scripting",2003-08-30,"Martin Eiszner",multiple,remote,0 +23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 23073,platforms/windows/remote/23073.txt,"MySQL 5.1/5.5 - 'MySQLJackpot' Windows Remote Root",2012-12-02,kingcope,windows,remote,0 23074,platforms/windows/remote/23074.txt,"IBM System Director - Remote System Level Exploit",2012-12-02,kingcope,windows,remote,0 23075,platforms/linux/dos/23075.pl,"MySQL (Linux) - Stack Based Buffer Overrun PoC (0Day)",2012-12-02,kingcope,linux,dos,0 @@ -20317,7 +20317,7 @@ id,file,description,date,author,platform,type,port 23089,platforms/windows/dos/23089.c,"ZoneAlarm 3.7.202/PRO 4.0/PRO 4.5 - Random UDP Flood Denial of Service (2)",2003-09-02,WARL0RD,windows,dos,0 23090,platforms/windows/dos/23090.asm,"ZoneAlarm 3.7.202/PRO 4.0/PRO 4.5 - Random UDP Flood Denial of Service (3)",2003-09-02,"Igor Franchuk",windows,dos,0 23091,platforms/windows/remote/23091.txt,"FloosieTek FTGatePro 1.22 - Mail Server Path Disclosure",2003-09-02,"Ziv Kamir",windows,remote,0 -23092,platforms/windows/remote/23092.txt,"FloosieTek FTGatePro 1.22 - Mail Server Cross-Site Scripting",2003-09-02,"Ziv Kamir",windows,remote,0 +23092,platforms/windows/remote/23092.txt,"FloosieTek FTGatePro 1.22 - Mail Server Cross-site Scripting",2003-09-02,"Ziv Kamir",windows,remote,0 23093,platforms/windows/remote/23093.txt,"Microsoft Windows XP - TCP Packet Information Leakage",2003-09-02,"Michal Zalewski",windows,remote,0 23094,platforms/windows/remote/23094.txt,"Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 - Document Handling Buffer Overrun",2003-09-03,"eEye Digital Security Team",windows,remote,0 23095,platforms/windows/remote/23095.c,"Microsoft Access 97/2000/2002 Snapshot Viewer - ActiveX Control Parameter Buffer Overflow",2003-09-03,"Oliver Lavery",windows,remote,0 @@ -20328,11 +20328,11 @@ id,file,description,date,author,platform,type,port 23100,platforms/windows/remote/23100.c,"Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun Vulnerabilities",2003-09-04,xfocus,windows,remote,0 23101,platforms/windows/dos/23101.c,"Microsoft Windows 98 - Fragmented UDP Flood Denial of Service",2003-09-04,WARL0RD,windows,dos,0 23102,platforms/windows/dos/23102.pl,"FoxWeb 2.5 - PATH_INFO Remote Buffer Overrun",2003-06-27,pokleyzz,windows,dos,0 -23103,platforms/php/webapps/23103.txt,"Digital Scribe 1.x - Error Function Cross-Site Scripting",2003-09-05,Secunia,php,webapps,0 +23103,platforms/php/webapps/23103.txt,"Digital Scribe 1.x - Error Function Cross-site Scripting",2003-09-05,Secunia,php,webapps,0 23105,platforms/php/webapps/23105.txt,"myBB KingChat Plugin - SQL Injection",2012-12-03,Red_Hat,php,webapps,0 23106,platforms/php/webapps/23106.txt,"SchoolCMS - Persistent XSS",2012-12-03,VipVince,php,webapps,0 23107,platforms/windows/dos/23107.txt,"Opera Web Browser 12.11 - Crash PoC",2012-12-03,coolkaveh,windows,dos,0 -23109,platforms/multiple/webapps/23109.txt,"Symantec Messaging Gateway 9.5.3-3 - CSRF",2012-12-03,"Ben Williams",multiple,webapps,0 +23109,platforms/multiple/webapps/23109.txt,"Symantec Messaging Gateway 9.5.3-3 - Cross-site Request Forgery",2012-12-03,"Ben Williams",multiple,webapps,0 23110,platforms/linux/webapps/23110.txt,"Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download",2012-12-03,"Ben Williams",linux,webapps,0 23111,platforms/multiple/webapps/23111.txt,"FirePass SSL VPN - Unauthenticated Local File Inclusion",2012-12-03,"SEC Consult",multiple,webapps,0 23112,platforms/linux/dos/23112.txt,"IBM DB2 db2dart - Buffer Overflow",2003-09-18,"Martinez Kuhn",linux,dos,0 @@ -20343,16 +20343,16 @@ id,file,description,date,author,platform,type,port 23117,platforms/windows/dos/23117.txt,"FTP Desktop 3.5 - Banner Parsing Buffer Overflow",2003-09-08,"Bahaa Naamneh",windows,dos,0 23118,platforms/windows/dos/23118.txt,"FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow",2003-09-08,"Bahaa Naamneh",windows,dos,0 23119,platforms/linux/local/23119.c,"Apache::Gallery 0.4/0.5/0.6 - Insecure Local File Storage Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 -23120,platforms/asp/webapps/23120.txt,"ICQ 2003 - Webfront guestbook Cross-Site Scripting",2003-09-08,"Donnie Werner",asp,webapps,0 +23120,platforms/asp/webapps/23120.txt,"ICQ 2003 - Webfront guestbook Cross-site Scripting",2003-09-08,"Donnie Werner",asp,webapps,0 23121,platforms/windows/remote/23121.txt,"Kukol E.V. HTTP & FTP Server Suite 6.2 - File Disclosure",2003-09-08,euronymous,windows,remote,0 23122,platforms/windows/remote/23122.txt,"Microsoft Internet Explorer 5 - XML Page Object Type Validation",2003-09-08,http-equiv,windows,remote,0 23123,platforms/windows/remote/23123.pl,"Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun",2003-09-08,D4rkGr3y,windows,remote,0 23124,platforms/windows/dos/23124.txt,"NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin IN_MIDI.DLL Track Data Size Buffer Overflow",2003-09-08,"Luigi Auriemma",windows,dos,0 23125,platforms/php/webapps/23125.txt,"PHPBB 2.0.6 - URL BBCode HTML Injection",2003-09-08,keupon_ps2,php,webapps,0 23126,platforms/linux/local/23126.c,"RealOne Player for Linux 2.2 Alpha - Insecure Configuration File Permission Local Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 -23127,platforms/cgi/webapps/23127.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 +23127,platforms/cgi/webapps/23127.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-site Scripting",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 23128,platforms/cgi/webapps/23128.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Path Disclosure",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 -23129,platforms/php/webapps/23129.txt,"Invision Power Board 1.x - Index.php Showtopic Cross-Site Scripting",2003-09-09,"Boy Bear",php,webapps,0 +23129,platforms/php/webapps/23129.txt,"Invision Power Board 1.x - 'index.php' Showtopic Cross-site Scripting",2003-09-09,"Boy Bear",php,webapps,0 23130,platforms/windows/dos/23130.txt,"Gordano Messaging Suite 9.0 - WWW.exe Denial of Service",2003-09-10,"Phuong Nguyen",windows,dos,0 23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6.0 - Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu and Jelmer",windows,remote,0 23132,platforms/windows/webapps/23132.py,"Advantech Studio 7.0 - SCADA/HMI Directory Traversal (0Day)",2012-12-04,Nin3,windows,webapps,0 @@ -20371,11 +20371,11 @@ id,file,description,date,author,platform,type,port 23146,platforms/windows/dos/23146.c,"Alt-N MDaemon Server 2.71 SP1 - SMTP HELO Argument Buffer Overflow",1999-03-10,Rootshell,windows,dos,0 23147,platforms/windows/remote/23147.txt,"Nokia Electronic Documentation 5.0 - Directory Disclosure",2003-09-15,@stake,windows,remote,0 23148,platforms/windows/remote/23148.txt,"Nokia Electronic Documentation 5.0 - Connection Redirection",2003-09-15,@stake,windows,remote,0 -23149,platforms/windows/remote/23149.txt,"Nokia Electronic Documentation 5.0 - Cross-Site Scripting",2003-09-15,"Ollie Whitehouse",windows,remote,0 +23149,platforms/windows/remote/23149.txt,"Nokia Electronic Documentation 5.0 - Cross-site Scripting",2003-09-15,"Ollie Whitehouse",windows,remote,0 23150,platforms/windows/dos/23150.c,"ChatZilla 0.8.23 - Remote Denial of Service Attack",2003-09-15,D4rkGr3y,windows,dos,0 23151,platforms/linux/remote/23151.c,"Liquid War 5.4.5/5.5.6 - HOME Environment Variable Buffer Overflow",2003-09-16,"Angelo Rosiello",linux,remote,0 23152,platforms/windows/remote/23152.txt,"Yahoo! Webcam ActiveX Control 2.0.0.107 - Buffer Overrun",2003-09-16,cesaro,windows,remote,0 -23153,platforms/cgi/webapps/23153.txt,"NetWin DBabble 2.5 i - Cross-Site Scripting",2003-09-16,dr_insane,cgi,webapps,0 +23153,platforms/cgi/webapps/23153.txt,"NetWin DBabble 2.5 i - Cross-site Scripting",2003-09-16,dr_insane,cgi,webapps,0 23154,platforms/linux/local/23154.c,"Sendmail 8.12.9 - Prescan() Variant Remote Buffer Overrun",2003-09-17,"Gyan Chawdhary",linux,local,0 23155,platforms/windows/remote/23155.rb,"Ektron 8.02 - XSLT Transform Remote Code Execution",2012-12-05,Metasploit,windows,remote,0 23156,platforms/unix/remote/23156.rb,"Tectia SSH - USERAUTH Change Request Password Reset",2012-12-05,Metasploit,unix,remote,0 @@ -20396,9 +20396,9 @@ id,file,description,date,author,platform,type,port 23171,platforms/linux/remote/23171.c,"MPG123 0.59 - Remote File Play Heap Corruption",2003-09-23,V9,linux,remote,0 23172,platforms/linux/dos/23172.txt,"Gauntlet Firewall for Unix 6.0 - SQL-GW Connection Denial of Service",2003-09-24,"Oliver Heinz and Thomas Neuderth",linux,dos,0 23173,platforms/multiple/remote/23173.txt,"TCLhttpd 3.4.2 - Directory Listing Disclosure",2003-09-24,"Phuong Nguyen",multiple,remote,0 -23174,platforms/multiple/remote/23174.txt,"TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities",2003-09-24,"Phuong Nguyen",multiple,remote,0 +23174,platforms/multiple/remote/23174.txt,"TCLHttpd 3.4.2 - Multiple Cross-site Scripting Vulnerabilities",2003-09-24,"Phuong Nguyen",multiple,remote,0 23175,platforms/php/webapps/23175.txt,"yMonda Thread-IT 1.6 - Multiple Fields HTML Injection",2003-09-24,"Bahaa Naamneh",php,webapps,0 -23176,platforms/multiple/remote/23176.txt,"NullLogic Null HTTPd 0.5.1 - Error Page Long HTTP Request Cross-Site Scripting",2003-09-24,"Luigi Auriemma",multiple,remote,0 +23176,platforms/multiple/remote/23176.txt,"NullLogic Null HTTPd 0.5.1 - Error Page Long HTTP Request Cross-site Scripting",2003-09-24,"Luigi Auriemma",multiple,remote,0 23177,platforms/windows/dos/23177.txt,"NVIDIA Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow PoC",2012-12-06,LiquidWorm,windows,dos,0 23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 - SOAP Server Arbitrary Script Execution",2012-12-06,Metasploit,multiple,remote,0 23179,platforms/windows/remote/23179.rb,"Oracle MySQL for Microsoft Windows - MOF Execution",2012-12-06,Metasploit,windows,remote,0 @@ -20416,8 +20416,8 @@ id,file,description,date,author,platform,type,port 23191,platforms/windows/dos/23191.txt,"Savant Web Server 3.1 - Page Redirect Denial of Service",2003-09-26,"Phuong Nguyen",windows,dos,0 23192,platforms/php/webapps/23192.txt,"GuppY 2.4 - HTML Injection",2003-09-29,"David Suzanne",php,webapps,0 23193,platforms/php/webapps/23193.txt,"Geeklog 1.3.x - SQL injection",2003-09-29,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23194,platforms/php/webapps/23194.txt,"Geeklog 1.3.x - XSS",2003-09-29,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23195,platforms/asp/webapps/23195.txt,"Alan Ward A-Cart 2.0 - MSG Cross-Site Scripting",2003-09-29,G00db0y,asp,webapps,0 +23194,platforms/php/webapps/23194.txt,"Geeklog 1.3.x - Cross-site Scripting",2003-09-29,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +23195,platforms/asp/webapps/23195.txt,"Alan Ward A-Cart 2.0 - MSG Cross-site Scripting",2003-09-29,G00db0y,asp,webapps,0 23196,platforms/linux/remote/23196.c,"WebFS 1.x - Long Pathname Buffer Overrun",2003-09-29,jsk,linux,remote,0 23197,platforms/linux/local/23197.c,"Mah-Jong 1.4 - MJ-Player Server Flag Local Buffer Overflow",2003-09-29,jsk,linux,local,0 23198,platforms/windows/remote/23198.txt,"Half-Life 1.1 - Invalid Command Error Response Format String",2003-09-29,"Luigi Auriemma",windows,remote,0 @@ -20429,19 +20429,19 @@ id,file,description,date,author,platform,type,port 23204,platforms/linux/local/23204.c,"Silly Poker 0.25.5 - Local HOME Environment Variable Buffer Overrun",2003-09-30,demz,linux,local,0 23205,platforms/php/webapps/23205.txt,"DCP-Portal 5.5 - advertiser.php password Parameter SQL Injection",2003-10-01,"Lifo Fifo",php,webapps,0 23206,platforms/php/webapps/23206.txt,"DCP-Portal 5.5 - lostpassword.php email Parameter SQL Injection",2003-10-01,"Lifo Fifo",php,webapps,0 -23207,platforms/php/webapps/23207.txt,"Atrise Everyfind 5.0.2 - search Cross-Site Scripting",2003-10-01,Ezhilan,php,webapps,0 +23207,platforms/php/webapps/23207.txt,"Atrise Everyfind 5.0.2 - search Cross-site Scripting",2003-10-01,Ezhilan,php,webapps,0 23208,platforms/php/webapps/23208.txt,"mpnews pro 2.1.0.18 - Directory Traversal information disclosure",2003-10-01,"Gama Sec",php,webapps,0 23209,platforms/windows/remote/23209.txt,"mutant penguin mpweb pro 1.1.2 - Directory Traversal",2003-10-01,"GamaSec Security",windows,remote,0 23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 - PostThreadMessage() Arbitrary Process Killing",2003-10-02,"Brett Moore",windows,local,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion",2003-10-03,"random nut",windows,remote,0 23212,platforms/hardware/remote/23212.txt,"Cisco LEAP - Password Disclosure Weakness",2003-10-03,"Cisco Security",hardware,remote,0 23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - Blog.Header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 -23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.CGI Cross-Site Scripting",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 +23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.CGI Cross-site Scripting",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service",2003-10-03,"Nick Johnson",windows,dos,0 23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 - Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0 -23217,platforms/cgi/webapps/23217.txt,"Divine Content Server 5.0 - Error Page Cross-Site Scripting",2003-10-03,valgasu,cgi,webapps,0 +23217,platforms/cgi/webapps/23217.txt,"Divine Content Server 5.0 - Error Page Cross-site Scripting",2003-10-03,valgasu,cgi,webapps,0 23218,platforms/php/webapps/23218.txt,"EternalMart Mailing List Manager 1.32 - Remote File Inclusion",2003-10-04,frog,php,webapps,0 -23219,platforms/php/webapps/23219.txt,"GuppY 2.4 - Cross-Site Scripting",2003-10-05,frog,php,webapps,0 +23219,platforms/php/webapps/23219.txt,"GuppY 2.4 - Cross-site Scripting",2003-10-05,frog,php,webapps,0 23220,platforms/php/webapps/23220.txt,"GuppY 2.4 - Remote File Access",2003-10-05,frog,php,webapps,0 23221,platforms/multiple/remote/23221.txt,"JBoss 3.0.8/3.2.1 - HSQLDB Remote Command Injection",2003-10-06,"Marc Schoenefeld",multiple,remote,0 23222,platforms/windows/remote/23222.txt,"File Sharing Software Easy File Sharing Web Server 1.2 - Information Disclosure",2003-10-06,nimber@designer.ru,windows,remote,0 @@ -20459,13 +20459,13 @@ id,file,description,date,author,platform,type,port 23235,platforms/windows/dos/23235.txt,"OpenOffice 1.0.1 - Remote Access Denial of Service",2003-10-08,"Marc Schoenefeld",windows,dos,0 23236,platforms/hp-ux/dos/23236.txt,"HP-UX 11 CDE DTPrintInfo - Display Environment Variable Buffer Overflow",2003-10-08,"Davide Del Vecchio",hp-ux,dos,0 23237,platforms/php/webapps/23237.pl,"PHP-Nuke 6.6 - admin.php SQL Injection",2003-10-08,1dt.w0lf,php,webapps,0 -23238,platforms/php/webapps/23238.txt,"Gallery 1.4 - index.php Remote File Inclusion",2003-10-11,peter,php,webapps,0 +23238,platforms/php/webapps/23238.txt,"Gallery 1.4 - 'index.php' Remote File Inclusion",2003-10-11,peter,php,webapps,0 23239,platforms/linux/dos/23239.c,"IRCnet IRCD 2.10 - Local Buffer Overflow",2003-10-13,millhouse,linux,dos,0 23240,platforms/windows/dos/23240.pl,"mIRC 6.1 - DCC SEND Buffer Overflow (1)",2003-10-13,"Takara Takaishi",windows,dos,0 23241,platforms/windows/dos/23241.pl,"mIRC 6.1 - DCC SEND Buffer Overflow (2)",2003-10-13,DarkAngel,windows,dos,0 23242,platforms/windows/dos/23242.pl,"WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service",2003-10-14,storm@securiteam.com,windows,dos,0 23243,platforms/windows/remote/23243.py,"Free Float FTP Server - USER Command Buffer Overflow",2012-12-09,D35m0nd142,windows,remote,0 -23244,platforms/php/webapps/23244.txt,"WrenSoft Zoom Search Engine 2.0 Build: 1018 - Cross-Site Scripting",2003-10-14,Ezhilan,php,webapps,0 +23244,platforms/php/webapps/23244.txt,"WrenSoft Zoom Search Engine 2.0 Build: 1018 - Cross-site Scripting",2003-10-14,Ezhilan,php,webapps,0 23245,platforms/linux/dos/23245.pl,"Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service",2003-10-15,"Oliver Karow",linux,dos,0 23246,platforms/windows/dos/23246.txt,"SumatraPDF 2.1.1/MuPDF 1.0 - Integer Overflow",2012-12-09,beford,windows,dos,0 23247,platforms/windows/remote/23247.c,"Microsoft Windows XP/2000 - Messenger Service Buffer Overrun",2003-10-25,Adik,windows,remote,0 @@ -20474,30 +20474,30 @@ id,file,description,date,author,platform,type,port 23250,platforms/hardware/webapps/23250.txt,"Cisco DPC2420 - Multiples Vulnerabilities",2012-12-09,"Facundo M. de la Cruz",hardware,webapps,0 23404,platforms/multiple/remote/23404.c,"Applied Watch Command Center 1.0 - Authentication Bypass (1)",2003-11-28,"Bugtraq Security",multiple,remote,0 23251,platforms/linux/local/23251.txt,"Centrify Deployment Manager 2.1.0.283 - Local Root",2012-12-09,"Larry W. Cashdollar",linux,local,0 -23252,platforms/php/webapps/23252.txt,"ClipBucket 2.6 Revision 738 - Multiple SQL Injection",2012-12-09,"High-Tech Bridge SA",php,webapps,0 -23253,platforms/php/webapps/23253.txt,"achievo 1.4.5 - Multiple Vulnerabilities (2)",2012-12-09,"High-Tech Bridge SA",php,webapps,0 +23252,platforms/php/webapps/23252.txt,"ClipBucket 2.6 Revision 738 - Multiple SQL Injections",2012-12-09,"High-Tech Bridge SA",php,webapps,0 +23253,platforms/php/webapps/23253.txt,"Achievo 1.4.5 - Multiple Vulnerabilities (2)",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23254,platforms/windows/dos/23254.txt,"TVMOBiLi 2.1.0.3557 - Denial of Service",2012-12-09,"High-Tech Bridge SA",windows,dos,0 23255,platforms/windows/local/23255.cpp,"Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun",2003-10-15,"Brett Moore",windows,local,0 -23256,platforms/cfm/webapps/23256.txt,"Macromedia ColdFusion MX 6.0 - SQL Error Message Cross-Site Scripting",2003-10-15,"Lorenzo Hernandez Garcia-Hierro",cfm,webapps,0 -23257,platforms/multiple/remote/23257.txt,"Bajie HTTP Server 0.95 - Example Scripts And Servlets Cross-Site Scripting",2003-10-16,"Oliver Karow",multiple,remote,0 +23256,platforms/cfm/webapps/23256.txt,"Macromedia ColdFusion MX 6.0 - SQL Error Message Cross-site Scripting",2003-10-15,"Lorenzo Hernandez Garcia-Hierro",cfm,webapps,0 +23257,platforms/multiple/remote/23257.txt,"Bajie HTTP Server 0.95 - Example Scripts And Servlets Cross-site Scripting",2003-10-16,"Oliver Karow",multiple,remote,0 23258,platforms/linux/local/23258.c,"Oracle Database Server 9.0.x - Oracle Binary Local Buffer Overflow",2003-10-17,c0ntex,linux,local,0 23259,platforms/php/webapps/23259.txt,"GoldLink 3.0 - Cookie SQL Injection",2003-10-18,Weke,php,webapps,0 23260,platforms/php/webapps/23260.sh,"Geeklog 1.3.8 - Forgot Password SQL Injection",2003-10-19,"Jouko Pynnonen",php,webapps,0 23261,platforms/php/webapps/23261.txt,"Bytehoard 0.7 - File Disclosure",2003-10-20,Ezhilan,php,webapps,0 -23262,platforms/jsp/webapps/23262.txt,"Caucho Resin 2.0/2.1 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2003-10-20,"Donnie Werner",jsp,webapps,0 +23262,platforms/jsp/webapps/23262.txt,"Caucho Resin 2.0/2.1 - Multiple HTML Injection / Cross-site Scripting Vulnerabilities",2003-10-20,"Donnie Werner",jsp,webapps,0 23263,platforms/multiple/dos/23263.txt,"Opera 7.11/7.20 HREF - Malformed Server Name Heap Corruption",2003-10-20,@stake,multiple,dos,0 -23264,platforms/php/webapps/23264.txt,"DeskPro 1.1 - Multiple SQL Injection",2003-10-20,"Aviram Jenik",php,webapps,0 +23264,platforms/php/webapps/23264.txt,"DeskPro 1.1 - Multiple SQL Injections",2003-10-20,"Aviram Jenik",php,webapps,0 23265,platforms/windows/remote/23265.txt,"Sun Java Plugin 1.4.2 _01 - Cross-Site Applet Sandbox Security Model Violation",2003-10-20,"Marc Schoenefeld",windows,remote,0 23266,platforms/cgi/webapps/23266.txt,"Dansie Shopping Cart - Server Error Message Installation Path Disclosure",2003-10-20,Dr`Ponidi,cgi,webapps,0 23267,platforms/windows/dos/23267.txt,"Atrium Software Mercur Mailserver 3.3/4.0/4.2 - IMAP AUTH Remote Buffer Overflow",2003-10-20,"Kostya KORTCHINSKY",windows,dos,0 -23268,platforms/java/webapps/23268.txt,"Vivisimo Clustering Engine - Search Script Cross-Site Scripting",2003-10-21,ComSec,java,webapps,0 +23268,platforms/java/webapps/23268.txt,"Vivisimo Clustering Engine - Search Script Cross-site Scripting",2003-10-21,ComSec,java,webapps,0 23269,platforms/php/webapps/23269.txt,"FuzzyMonkey 2.11 - MyClassifieds Email Variable SQL Injection",2003-10-21,Ezhilan,php,webapps,0 23270,platforms/windows/remote/23270.java,"Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access Weakness",2003-10-21,"Marc Schoenefeld",windows,remote,0 -23271,platforms/multiple/remote/23271.txt,"PSCS VPOP3 2.0 Email Server WebAdmin - Cross-Site Scripting",2003-10-22,SecuriTeam,multiple,remote,0 +23271,platforms/multiple/remote/23271.txt,"PSCS VPOP3 2.0 Email Server WebAdmin - Cross-site Scripting",2003-10-22,SecuriTeam,multiple,remote,0 23272,platforms/solaris/remote/23272.txt,"Sun Management Center 3.0/3.5 - Error Message Information Disclosure",2003-10-22,"Jon Hart",solaris,remote,0 23273,platforms/windows/dos/23273.html,"Microsoft Internet Explorer 6.0 - Scrollbar-Base-Color Partial Denial of Service",2003-10-22,"Andreas Boeckler",windows,dos,0 23274,platforms/linux/dos/23274.pl,"Coreutils 4.5.x - LS Width Argument Integer Overflow",2003-10-22,druid,linux,dos,0 -23275,platforms/cgi/webapps/23275.txt,"DansGuardian 2.2.x - Denied URL Cross-Site Scripting",2003-10-22,"Richard Maudsley",cgi,webapps,0 +23275,platforms/cgi/webapps/23275.txt,"DansGuardian 2.2.x - Denied URL Cross-site Scripting",2003-10-22,"Richard Maudsley",cgi,webapps,0 23276,platforms/multiple/dos/23276.java,"Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention",2003-10-22,"Last Stage of Delirium",multiple,dos,0 23387,platforms/windows/remote/23387.txt,"netserve Web server 1.0.7 - Directory Traversal",2003-11-17,nimber@designer.ru,windows,remote,0 23388,platforms/windows/dos/23388.txt,"Valve Software Half-Life Dedicated Server 3.1/4.1 - Information Disclosure/DOS",2003-11-19,3APA3A,windows,dos,0 @@ -20511,13 +20511,13 @@ id,file,description,date,author,platform,type,port 23286,platforms/php/webapps/23286.txt,"Joomla JooProperty 1.13.0 - Multiple Vulnerabilities",2012-12-11,D4NB4R,php,webapps,0 23287,platforms/php/webapps/23287.txt,"MyBB Profile Blogs Plugin 1.2 - Multiple Vulnerabilities",2012-12-11,Zixem,php,webapps,0 23288,platforms/windows/dos/23288.txt,"IrfanView 4.33 - IMXCF.DLL Plugin Code Execution",2012-12-11,beford,windows,dos,0 -23289,platforms/php/webapps/23289.txt,"PHP-Nuke 8.2.4 - CSRF",2012-12-11,sajith,php,webapps,0 +23289,platforms/php/webapps/23289.txt,"PHP-Nuke 8.2.4 - Cross-site Request Forgery",2012-12-11,sajith,php,webapps,0 23290,platforms/windows/remote/23290.rb,"HP Data Protector - DtbClsLogin Buffer Overflow",2012-12-11,Metasploit,windows,remote,0 23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums - Multiple Fileds HTML Injection",2003-10-30,ProXy,php,webapps,0 23291,platforms/multiple/remote/23291.txt,"Opera Web Browser 7 - IFRAME Zone Restriction Bypass",2003-10-24,Mindwarper,multiple,remote,0 23292,platforms/multiple/dos/23292.java,"Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service",2003-10-26,"Marc Schoenefeld",multiple,dos,0 23293,platforms/windows/dos/23293.txt,"Yahoo! Messenger 5.6 - File Transfer Buffer Overrun",2003-10-27,"Hat-Squad Security Team",windows,dos,0 -23294,platforms/php/webapps/23294.txt,"Chi Kien Uong Guestbook 1.51 - Cross-Site Scripting",2003-10-27,"Joshua P. Miller",php,webapps,0 +23294,platforms/php/webapps/23294.txt,"Chi Kien Uong Guestbook 1.51 - Cross-site Scripting",2003-10-27,"Joshua P. Miller",php,webapps,0 23295,platforms/linux/remote/23295.txt,"SH-HTTPD 0.3/0.4 - Character Filtering Remote Information Disclosure",2003-10-27,"dong-h0un U",linux,remote,0 23296,platforms/linux/remote/23296.txt,"Red Hat Apache 2.0.40 - Directory Index Default Configuration Error",2003-10-27,TfM,linux,remote,0 23297,platforms/linux/local/23297.c,"Musicqueue 1.2 - SIGSEGV Signal Handler Insecure File Creation",2003-10-27,"dong-h0un U",linux,local,0 @@ -20527,21 +20527,21 @@ id,file,description,date,author,platform,type,port 23301,platforms/linux/local/23301.c,"IWConfig - Local ARGV Command Line Buffer Overflow (3)",2003-10-27,NrAziz,linux,local,0 23302,platforms/php/webapps/23302.txt,"Les Visiteurs 2.0 - Remote File Inclusion",2003-10-27,"Matthieu Peschaud",php,webapps,0 23303,platforms/linux/local/23303.c,"Musicqueue 0.9/1.0/1.1 - Multiple Buffer Overrun Vulnerabilities",2003-10-27,"dong-h0un U",linux,local,0 -23304,platforms/cgi/remote/23304.txt,"Symantec Norton Internet Security 2003 6.0.4.34 - Error Message Cross-Site Scripting",2003-10-27,KrazySnake,cgi,remote,0 +23304,platforms/cgi/remote/23304.txt,"Symantec Norton Internet Security 2003 6.0.4.34 - Error Message Cross-site Scripting",2003-10-27,KrazySnake,cgi,remote,0 23305,platforms/linux/dos/23305.c,"thttpd 2.2x - defang Remote Buffer Overflow (1)",2003-10-27,"Joel Soderberg",linux,dos,0 23306,platforms/linux/remote/23306.c,"thttpd 2.2x - defang Remote Buffer Overflow (2)",2003-10-27,d3ck4,linux,remote,0 -23307,platforms/multiple/remote/23307.txt,"Fastream NetFile 6.0.3.588 - Error Message Cross-Site Scripting",2003-10-28,"Oliver Karow",multiple,remote,0 +23307,platforms/multiple/remote/23307.txt,"Fastream NetFile 6.0.3.588 - Error Message Cross-site Scripting",2003-10-28,"Oliver Karow",multiple,remote,0 23308,platforms/linux/local/23308.c,"kpopup 0.9.x - Privileged Command Execution",2003-10-28,b0f,linux,local,0 23309,platforms/multiple/remote/23309.txt,"Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure",2003-10-28,"Richard Maudsley",multiple,remote,0 23310,platforms/windows/dos/23310.pl,"TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow",2003-10-29,"Oliver Karow",windows,dos,0 23311,platforms/php/dos/23311.txt,"E107 - Chatbox.php Denial of Service",2003-10-29,Blademaster,php,dos,0 23312,platforms/cgi/remote/23312.txt,"BEA Tuxedo 6/7/8 and WebLogic Enterprise 4/5 - Input Validation",2003-10-30,"Corsaire Limited",cgi,remote,0 -23315,platforms/jsp/webapps/23315.txt,"BEA WebLogic 6/7/8 - InteractiveQuery.jsp Cross-Site Scripting",2003-10-31,"Corsaire Limited",jsp,webapps,0 -23316,platforms/windows/remote/23316.txt,"Citrix Metaframe XP - Cross-Site Scripting",2003-10-31,"Andy Davis",windows,remote,0 +23315,platforms/jsp/webapps/23315.txt,"BEA WebLogic 6/7/8 - InteractiveQuery.jsp Cross-site Scripting",2003-10-31,"Corsaire Limited",jsp,webapps,0 +23316,platforms/windows/remote/23316.txt,"Citrix Metaframe XP - Cross-site Scripting",2003-10-31,"Andy Davis",windows,remote,0 23317,platforms/hardware/remote/23317.txt,"Seyeon FlexWATCH Network Video Server 2.2 - Unauthorized Administrative Access",2003-10-31,slaizer,hardware,remote,0 23318,platforms/windows/remote/23318.txt,"Ashley Brown iWeb Server - Encoded Backslash Directory Traversal",2003-10-31,cr-secure.net,windows,remote,0 23319,platforms/php/webapps/23319.txt,"Tritanium Scripts Tritanium Bulletin Board 1.2.3 - Unauthorized Access",2003-10-31,"Virginity Security",php,webapps,0 -23320,platforms/multiple/remote/23320.txt,"Mldonkey 2.5 -4 - Web Interface Error Message Cross-Site Scripting",2003-10-31,"Chris Sharp",multiple,remote,0 +23320,platforms/multiple/remote/23320.txt,"Mldonkey 2.5 -4 - Web Interface Error Message Cross-site Scripting",2003-10-31,"Chris Sharp",multiple,remote,0 23321,platforms/windows/remote/23321.txt,"Microsoft Internet Explorer 6 < 10 - Mouse Tracking",2012-12-12,"Nick Johnson",windows,remote,0 23322,platforms/php/webapps/23322.txt,"TipsOfTheDay MyBB Plugin - Multiple Vulnerabilities",2012-12-12,VipVince,php,webapps,0 23323,platforms/windows/remote/23323.py,"Novell File Reporter Agent - XML Parsing Remote Code Execution (0Day)",2012-12-12,Abysssec,windows,remote,0 @@ -20551,13 +20551,13 @@ id,file,description,date,author,platform,type,port 23327,platforms/windows/local/23327.txt,"DATEV Nutzungskontrolle 2.1/2.2 - Unauthorized Access",2003-11-01,t4rku5,windows,local,0 23328,platforms/windows/remote/23328.py,"Nullsoft SHOUTcast 1.9.2 - icy-name/icy-url Memory Corruption (1)",2003-11-03,airsupply,windows,remote,0 23329,platforms/windows/remote/23329.c,"Nullsoft SHOUTcast 1.9.2 - icy-name/icy-url Memory Corruption (2)",2003-11-03,exworm,windows,remote,0 -23330,platforms/php/webapps/23330.txt,"Synthetic Reality SymPoll 1.5 - Cross-Site Scripting",2003-11-03,"Michael Frame",php,webapps,0 +23330,platforms/php/webapps/23330.txt,"Synthetic Reality SymPoll 1.5 - Cross-site Scripting",2003-11-03,"Michael Frame",php,webapps,0 23331,platforms/asp/webapps/23331.txt,"Web Wiz Forum 6.34/7.0/7.5 - Unauthorized Private Forum Access",2003-11-03,"Alexander Antipov",asp,webapps,0 -23332,platforms/cgi/webapps/23332.txt,"MPM Guestbook 1.2 - Cross-Site Scripting",2003-11-03,"David Ferreira",cgi,webapps,0 -23333,platforms/php/webapps/23333.txt,"PHPKit 1.6 - Include.php Cross-Site Scripting",2003-11-02,ben.moeckel@badwebmasters.net,php,webapps,0 +23332,platforms/cgi/webapps/23332.txt,"MPM Guestbook 1.2 - Cross-site Scripting",2003-11-03,"David Ferreira",cgi,webapps,0 +23333,platforms/php/webapps/23333.txt,"PHPKit 1.6 - Include.php Cross-site Scripting",2003-11-02,ben.moeckel@badwebmasters.net,php,webapps,0 23334,platforms/windows/remote/23334.pl,"IA WebMail Server 3.0/3.1 - Long GET Request Buffer Overrun",2003-11-03,"Peter Winter-Smith",windows,remote,0 23335,platforms/asp/webapps/23335.txt,"VieNuke VieBoard 2.6 - SQL Injection",2003-11-03,ekerazha@yahoo.it,asp,webapps,0 -23336,platforms/php/webapps/23336.txt,"OpenAutoClassifieds 1.0 - Listing Parameter Cross-Site Scripting",2003-11-04,"David Sopas Ferreira",php,webapps,0 +23336,platforms/php/webapps/23336.txt,"OpenAutoClassifieds 1.0 - Listing Parameter Cross-site Scripting",2003-11-04,"David Sopas Ferreira",php,webapps,0 23337,platforms/windows/dos/23337.c,"Avaya Argent Office - Malformed DNS Packet Denial of Service",2001-08-07,"Jacek Lipkowski",windows,dos,0 23338,platforms/php/webapps/23338.txt,"John Beatty Easy PHP Photo Album 1.0 - dir Parameter HTML Injection",2003-11-04,nimber@designer.ru,php,webapps,0 23339,platforms/openbsd/dos/23339.c,"OpenBSD 2.x/3.x - Local Malformed Binary Execution Denial of Service",2003-11-04,"Georgi Guninski",openbsd,dos,0 @@ -20579,9 +20579,9 @@ id,file,description,date,author,platform,type,port 23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistant XSS",2012-12-13,limb0,php,webapps,0 23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin WordPress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis Guestbook 1.0 - $path Remote File Inclusion",2003-11-17,"RusH security team",php,webapps,0 -23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service - Cross-Site Scripting",2003-11-17,"Ziv Kamir",multiple,remote,0 -23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 -23386,platforms/php/webapps/23386.txt,"Justin Hagstrom Auto Directory Index 1.2.3 - Cross-Site Scripting",2003-11-17,"David Sopas Ferreira",php,webapps,0 +23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service - Cross-site Scripting",2003-11-17,"Ziv Kamir",multiple,remote,0 +23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-site Scripting",2012-12-14,s3m00t,php,webapps,0 +23386,platforms/php/webapps/23386.txt,"Justin Hagstrom Auto Directory Index 1.2.3 - Cross-site Scripting",2003-11-17,"David Sopas Ferreira",php,webapps,0 23359,platforms/php/webapps/23359.txt,"MyBB DyMy User Agent Plugin - (newreply.php) SQL Injection",2012-12-13,JoinSe7en,php,webapps,0 23361,platforms/hardware/dos/23361.txt,"Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities",2012-12-13,"Jacob Holcomb",hardware,dos,0 23362,platforms/php/webapps/23362.py,"Centreon Enterprise Server 2.3.3-2.3.9-4 - Blind SQL Injection",2012-12-13,modpr0be,php,webapps,0 @@ -20602,8 +20602,8 @@ id,file,description,date,author,platform,type,port 23377,platforms/hardware/remote/23377.txt,"FortiGate Firewall 2.x - Policy Admin Interface XSS",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 23378,platforms/hardware/remote/23378.txt,"FortiGate Firewall 2.x - listdel Admin Interface XSS",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 23379,platforms/hardware/remote/23379.txt,"FortiGate Firewall 2.x - selector Admin Interface XSS",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 -23380,platforms/multiple/remote/23380.txt,"WebWasher Classic 2.2/3.3 - Error Message Cross-Site Scripting",2003-11-13,"Oliver Karow",multiple,remote,0 -23381,platforms/php/webapps/23381.txt,"phpWebFileManager 2.0 - index.php Directory Traversal",2003-11-17,"RusH security team",php,webapps,0 +23380,platforms/multiple/remote/23380.txt,"WebWasher Classic 2.2/3.3 - Error Message Cross-site Scripting",2003-11-13,"Oliver Karow",multiple,remote,0 +23381,platforms/php/webapps/23381.txt,"phpWebFileManager 2.0 - 'index.php' Directory Traversal",2003-11-17,"RusH security team",php,webapps,0 23390,platforms/multiple/dos/23390.txt,"EffectOffice Server 2.6 - Remote Service Buffer Overflow",2003-11-20,D_BuG,multiple,dos,0 23391,platforms/linux/dos/23391.txt,"FreeRADIUS 0.x/1.1.x - Tag Field Heap Corruption",2003-11-20,"Evgeny Legerov",linux,dos,0 23392,platforms/openbsd/dos/23392.c,"OpenBSD 3.3/3.4 - semctl/semop Local Unexpected Array Indexing",2003-11-21,anonymous,openbsd,dos,0 @@ -20616,31 +20616,31 @@ id,file,description,date,author,platform,type,port 23399,platforms/windows/remote/23399.pl,"Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass Weakness (2)",2003-11-25,"Paul Szabo",windows,remote,0 23400,platforms/windows/remote/23400.txt,"Microsoft Outlook Express 6.0 - MHTML Forced File Execution (1)",2003-11-25,"Liu Die",windows,remote,0 23401,platforms/windows/remote/23401.txt,"Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)",2003-11-25,"Liu Die Yu",windows,remote,0 -23402,platforms/jsp/webapps/23402.txt,"Macromedia JRun 4.0 build 61650 - Administrative Interface Multiple Cross-Site Scripting Vulnerabilities",2003-11-26,dr_insane,jsp,webapps,0 +23402,platforms/jsp/webapps/23402.txt,"Macromedia JRun 4.0 build 61650 - Administrative Interface Multiple Cross-site Scripting Vulnerabilities",2003-11-26,dr_insane,jsp,webapps,0 23403,platforms/php/webapps/23403.pl,"My_EGallery Module 3.1.1 - Remote File Inclusion Command Injection",2003-11-26,"Bojan Zdrnja",php,webapps,0 23405,platforms/multiple/remote/23405.c,"Applied Watch Command Center 1.0 - Authentication Bypass (2)",2003-11-28,"Bugtraq Security",multiple,remote,0 23406,platforms/php/webapps/23406.txt,"CuteNews 1.3 - Debug Query Information Disclosure Weakness",2003-12-01,scrap,php,webapps,0 23407,platforms/asp/webapps/23407.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopsearch.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 23408,platforms/asp/webapps/23408.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopdisplayproducts.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 23409,platforms/cgi/webapps/23409.c,"Jason Maloney's Guestbook 3.0 - Remote Command Execution",2003-12-01,shaun2k2,cgi,webapps,0 -23410,platforms/cgi/webapps/23410.txt,"IBM Directory Server 4.1 - Web Administration Interface Cross-Site Scripting",2003-12-02,"Oliver Karow",cgi,webapps,0 -23411,platforms/windows/remote/23411.txt,"Websense Enterprise 4/5 - Blocked Sites Cross-Site Scripting",2003-12-03,"Mr. P.Taylor",windows,remote,0 +23410,platforms/cgi/webapps/23410.txt,"IBM Directory Server 4.1 - Web Administration Interface Cross-site Scripting",2003-12-02,"Oliver Karow",cgi,webapps,0 +23411,platforms/windows/remote/23411.txt,"Websense Enterprise 4/5 - Blocked Sites Cross-site Scripting",2003-12-03,"Mr. P.Taylor",windows,remote,0 23412,platforms/windows/dos/23412.pl,"EZPhotoShare 1.0/1.1 - Memory Corruption",2003-12-03,Winter-Smith,windows,dos,0 23413,platforms/linux/remote/23413.c,"PLD Software Ebola 0.1.4 - Buffer Overflow",2003-12-05,c0wboy,linux,remote,0 23414,platforms/linux/local/23414.txt,"FVWM 2.4/2.5 - fvwm-menu-directory Command Execution",2003-12-05,auto22238,linux,local,0 -23415,platforms/asp/webapps/23415.txt,"Virtual Programming VP-ASP 4/5 - shopdisplayproducts.asp Cross-Site Scripting",2003-12-05,"Xnuxer Research",asp,webapps,0 +23415,platforms/asp/webapps/23415.txt,"Virtual Programming VP-ASP 4/5 - shopdisplayproducts.asp Cross-site Scripting",2003-12-05,"Xnuxer Research",asp,webapps,0 23416,platforms/php/webapps/23416.txt,"Xoops 1.3.x/2.0.x - Multiple Vulnerabilities",2003-12-06,frog,php,webapps,0 23417,platforms/windows/remote/23417.c,"EZMeeting 3.x - EZNet.EXE Long HTTP Request Remote Buffer Overflow",2003-12-08,kralor,windows,remote,0 23418,platforms/cgi/webapps/23418.pl,"Webgate WebEye - Information Disclosure",2003-12-08,datapath,cgi,webapps,0 23419,platforms/windows/remote/23419.txt,"Abyss Web Server 1.0/1.1 - Authentication Bypass",2003-12-08,"Luigi Auriemma",windows,remote,0 -23420,platforms/php/webapps/23420.txt,"Bitfolge Snif 1.2.6 - Index.php Path Cross-Site Scripting",2003-12-09,"Justin Hagstrom",php,webapps,0 +23420,platforms/php/webapps/23420.txt,"Bitfolge Snif 1.2.6 - 'index.php' Path Cross-site Scripting",2003-12-09,"Justin Hagstrom",php,webapps,0 23421,platforms/cgi/webapps/23421.txt,"calacode @mail webmail system 3.52 - Multiple Vulnerabilities",2003-12-09,"Nick Gudov",cgi,webapps,0 23422,platforms/windows/remote/23422.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (1)",2003-12-09,"Guy Crumpley",windows,remote,0 23423,platforms/windows/remote/23423.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (2)",2003-12-09,"Zap The Dingbat",windows,remote,0 -23425,platforms/php/webapps/23425.txt,"MyBB User Profile Skype ID Plugin 1.0 - Stored XSS",2012-12-16,limb0,php,webapps,0 +23425,platforms/php/webapps/23425.txt,"MyBB User Profile Skype ID Plugin 1.0 - Persistent Cross-site Scripting",2012-12-16,limb0,php,webapps,0 23449,platforms/unix/remote/23449.txt,"Xerox MicroServer - Web Server Remote Directory Traversal",2003-12-19,"J.A. Gutierrez",unix,remote,0 23450,platforms/windows/remote/23450.txt,"PY Software Active Webcam 4.3 - Webserver Directory Traversal",2003-12-19,"Luigi Auriemma",windows,remote,0 -23451,platforms/windows/remote/23451.txt,"PY Software Active Webcam 4.3 - Webserver Cross-Site Scripting",2003-12-19,"Luigi Auriemma",windows,remote,0 +23451,platforms/windows/remote/23451.txt,"PY Software Active Webcam 4.3 - Webserver Cross-site Scripting",2003-12-19,"Luigi Auriemma",windows,remote,0 23452,platforms/linux/dos/23452.txt,"Tcpdump 3.x - L2TP Parser Remote Denial of Service",2003-12-20,"Przemyslaw Frasunek",linux,dos,0 23427,platforms/linux/dos/23427.txt,"Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption",2012-12-16,coolkaveh,linux,dos,0 23428,platforms/php/webapps/23428.html,"Mambo 4.5 Server - user.php Script Unauthorized Access",2003-12-10,frog,php,webapps,0 @@ -20660,7 +20660,7 @@ id,file,description,date,author,platform,type,port 23442,platforms/osx/dos/23442.txt,"MacOSX 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow",2003-12-15,Max,osx,dos,0 23443,platforms/php/webapps/23443.txt,"Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities",2003-12-16,JeiAr,php,webapps,0 23444,platforms/multiple/dos/23444.pl,"SX Design sipd 0.1.2/0.1.4 - Remote Format String",2003-12-16,storm,multiple,dos,0 -23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 - osCsid Parameter Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 +23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 - osCsid Parameter Cross-site Scripting",2003-12-17,JeiAr,php,webapps,0 23446,platforms/windows/remote/23446.txt,"GoAhead Webserver 2.1.x - ASP Script File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me - Setup.PL Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 23448,platforms/php/webapps/23448.php,"phpwcms 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 @@ -20670,11 +20670,11 @@ id,file,description,date,author,platform,type,port 23456,platforms/php/webapps/23456.txt,"BES-CMS 0.4/0.5 - start.php File Include",2003-12-20,frog,php,webapps,0 23457,platforms/php/webapps/23457.txt,"BES-CMS 0.4/0.5 - folder.php File Include",2003-12-20,frog,php,webapps,0 23458,platforms/php/webapps/23458.txt,"BES-CMS 0.4/0.5 - hacking.php File Include",2003-12-20,frog,php,webapps,0 -23459,platforms/php/webapps/23459.txt,"Xoops 2.0.5.1 - MyLinks Myheader.php Cross-Site Scripting",2003-12-21,"Chintan Trivedi",php,webapps,0 +23459,platforms/php/webapps/23459.txt,"Xoops 2.0.5.1 - MyLinks Myheader.php Cross-site Scripting",2003-12-21,"Chintan Trivedi",php,webapps,0 23460,platforms/php/dos/23460.pl,"ProjectForum 8.4.2.1 - Find Request Denial of Service",2003-12-22,"Peter Winter-Smith",php,dos,0 23461,platforms/windows/remote/23461.txt,"dcam webcam server personal Web server 8.2.5 - Directory Traversal",2003-12-22,"Luigi Auriemma",windows,remote,0 23462,platforms/php/webapps/23462.txt,"osCommerce 2.2 - products_id URI Parameter SQL Injection",2003-12-22,JeiAr,php,webapps,0 -23463,platforms/php/webapps/23463.txt,"osCommerce 2.2 - manufacturers_id Parameter Cross-Site Scripting",2003-12-22,JeiAr,php,webapps,0 +23463,platforms/php/webapps/23463.txt,"osCommerce 2.2 - manufacturers_id Parameter Cross-site Scripting",2003-12-22,JeiAr,php,webapps,0 23464,platforms/windows/remote/23464.pl,"Opera 7.x - Relative Path Directory Traversal File Corruption",2003-11-15,nesumin,windows,remote,0 23465,platforms/windows/remote/23465.txt,"Opera Browser 6.0 6 - URI Display Obfuscation Weakness",2003-12-23,nesumin,windows,remote,0 23466,platforms/cgi/webapps/23466.txt,"iSoft-Solutions QuikStore Shopping Cart 2.12 - store Parameter Path Disclosure",2003-12-23,"Dr Ponidi Haryanto",cgi,webapps,0 @@ -20684,9 +20684,9 @@ id,file,description,date,author,platform,type,port 23629,platforms/cgi/webapps/23629.txt,"Leif M. Wright Web Blog 1.1 - Remote Command Execution",2004-01-31,ActualMInd,cgi,webapps,0 23472,platforms/windows/remote/23472.rb,"Crystal Reports CrystalPrintControl - ActiveX ServerResourceVersion Property Overflow",2012-12-18,Metasploit,windows,remote,0 23631,platforms/php/webapps/23631.txt,"PHP-Nuke 6.x - Multiple Module SQL Injection",2004-02-02,"Security Corporation",php,webapps,0 -23473,platforms/php/webapps/23473.txt,"My Little Forum 1.3 - Email.php Cross-Site Scripting",2003-12-23,"David S. Ferreira",php,webapps,0 -23474,platforms/php/webapps/23474.txt,"Webfroot Shoutbox 2.32 - Viewshoutbox.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 -23475,platforms/php/webapps/23475.txt,"phpBB 2.0.6 - Privmsg.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 +23473,platforms/php/webapps/23473.txt,"My Little Forum 1.3 - Email.php Cross-site Scripting",2003-12-23,"David S. Ferreira",php,webapps,0 +23474,platforms/php/webapps/23474.txt,"Webfroot Shoutbox 2.32 - Viewshoutbox.php Cross-site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 +23475,platforms/php/webapps/23475.txt,"phpBB 2.0.6 - Privmsg.php Cross-site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 23476,platforms/php/webapps/23476.txt,"KnowledgeBuilder 2.0/2.1/3.0 - Remote File Inclusion",2003-12-24,"Zero X",php,webapps,0 23477,platforms/php/webapps/23477.txt,"Psychoblogger PB-beta1 - desc Parameter XSS",2003-12-24,"Andrew Smith",php,webapps,0 23478,platforms/php/webapps/23478.txt,"Psychoblogger PB-beta1 - errormessage XSS",2003-12-24,"Andrew Smith",php,webapps,0 @@ -20694,10 +20694,10 @@ id,file,description,date,author,platform,type,port 23480,platforms/windows/dos/23480.txt,"Surfboard httpd 1.1.9 - Remote Buffer Overflow",2003-12-26,"decka trash",windows,dos,0 23481,platforms/linux/local/23481.c,"Apache 2.0.4x mod_php Module - File Descriptor Leakage (1)",2003-12-26,"Steve Grubb",linux,local,0 23482,platforms/linux/local/23482.c,"Apache 2.0.4x mod_php Module - File Descriptor Leakage (2)",2003-12-26,"frauk\x41ser",linux,local,0 -23483,platforms/php/webapps/23483.txt,"OpenBB 1.0 - Board.php Cross-Site Scripting",2003-12-27,gr00vy,php,webapps,0 +23483,platforms/php/webapps/23483.txt,"OpenBB 1.0 - Board.php Cross-site Scripting",2003-12-27,gr00vy,php,webapps,0 23484,platforms/php/webapps/23484.txt,"PHP-Nuke 6.x/7.0 Survey Module - SQL Injection",2003-12-27,idtwolf@pisem.net,php,webapps,0 -23485,platforms/cgi/webapps/23485.txt,"L-Soft 1.8 - Listserv Multiple Cross-Site Scripting Vulnerabilities",2003-12-26,http-equiv,cgi,webapps,0 -23486,platforms/php/webapps/23486.txt,"Private Message System 2.x - index.php Page Parameter Cross-Site Scripting",2003-12-27,"David S. Ferreira",php,webapps,0 +23485,platforms/cgi/webapps/23485.txt,"L-Soft 1.8 - Listserv Multiple Cross-site Scripting Vulnerabilities",2003-12-26,http-equiv,cgi,webapps,0 +23486,platforms/php/webapps/23486.txt,"Private Message System 2.x - 'index.php' Page Parameter Cross-site Scripting",2003-12-27,"David S. Ferreira",php,webapps,0 23487,platforms/php/webapps/23487.txt,"php-ping - Count Parameter Command Execution",2003-12-29,ppp-design,php,webapps,0 23488,platforms/cgi/webapps/23488.txt,"BulletScript MailList - bsml.pl Information Disclosure",2003-12-29,M0rf,cgi,webapps,0 23489,platforms/windows/remote/23489.txt,"Sygate Personal Firewall 5.0 - DLL Authentication Bypass",2003-12-29,Aphex,windows,remote,0 @@ -20710,7 +20710,7 @@ id,file,description,date,author,platform,type,port 23496,platforms/windows/dos/23496.txt,"DIMIN Viewer 5.4.0 - GIF Decode Crash PoC",2012-12-19,"Lizhi Wang",windows,dos,0 23693,platforms/windows/dos/23693.txt,"Sami FTP Server 1.1.3 - Library Crafted GET Request Remote DoS",2004-02-13,"intuit e.b.",windows,dos,0 23695,platforms/windows/remote/23695.txt,"Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass",2004-02-13,anonymous,windows,remote,0 -23498,platforms/hardware/webapps/23498.txt,"SonicWall SonicOS 5.8.1.8 WAF - XSS",2012-12-19,Vulnerability-Lab,hardware,webapps,0 +23498,platforms/hardware/webapps/23498.txt,"SonicWall SonicOS 5.8.1.8 WAF - Cross-site Scripting",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23499,platforms/hardware/webapps/23499.txt,"Enterpriser16 Load Balancer 7.1 - Multiple XSS Vulnerabilities",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23500,platforms/windows/remote/23500.rb,"InduSoft Web Studio - ISSymbol.ocx InternationalSeparator() Heap Overflow",2012-12-20,Metasploit,windows,remote,0 23628,platforms/php/webapps/23628.txt,"JBrowser 1.0/2.x - Unauthorized Admin Access",2004-01-30,"Himeur Nourredine",php,webapps,0 @@ -20732,18 +20732,18 @@ id,file,description,date,author,platform,type,port 23516,platforms/asp/webapps/23516.txt,"ASP-Nuke 1.0/1.2/1.3 - Remote User Database Access",2004-01-04,"Vietnamese Security Group",asp,webapps,0 23517,platforms/php/webapps/23517.txt,"HotNews 0.x - hotnews-engine.inc.php3 config[header] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23518,platforms/php/webapps/23518.txt,"HotNews 0.x - config[incdir] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 -23519,platforms/php/webapps/23519.txt,"FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting",2004-01-04,"David S. Ferreira",php,webapps,0 +23519,platforms/php/webapps/23519.txt,"FreznoShop 1.2.3/1.3 - Search Script Cross-site Scripting",2004-01-04,"David S. Ferreira",php,webapps,0 23520,platforms/php/webapps/23520.txt,"PhpGedView 2.61 - Multiple PHP Remote File Inclusion",2004-01-06,Windak,php,webapps,0 -23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 - Search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 +23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 - Search.php Cross-site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 - Invalid Command Argument Local DoS",2004-02-13,"intuit e.b.",windows,dos,0 23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP - Authenticated Admin Command Injection (Metasploit)",2012-12-20,"Spencer McIntyre",multiple,remote,0 23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) 7.5.1 - NULL Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 23524,platforms/multiple/dos/23524.c,"IDA Pro 6.3 - Crash PoC",2012-12-20,nitr0us,multiple,dos,0 -23525,platforms/php/webapps/23525.txt,"PhpGedView 2.61 - Search Script Cross-Site Scripting",2004-01-06,Windak,php,webapps,0 +23525,platforms/php/webapps/23525.txt,"PhpGedView 2.61 - Search Script Cross-site Scripting",2004-01-06,Windak,php,webapps,0 23526,platforms/php/webapps/23526.txt,"PhpGedView 2.61 - PHPInfo Information Disclosure Weakness",2004-01-06,Windak,php,webapps,0 -23527,platforms/hardware/remote/23527.txt,"ZyXEL ZyWALL 10 Management Interface - Cross-Site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 -23528,platforms/hardware/remote/23528.txt,"Edimax AR-6004 ADSL Router - Management Interface Cross-Site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 -23529,platforms/windows/remote/23529.txt,"SnapStream PVS Lite 2.0 - Cross-Site Scripting",2004-01-06,"Rafel Ivgi",windows,remote,0 +23527,platforms/hardware/remote/23527.txt,"ZyXEL ZyWALL 10 Management Interface - Cross-site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 +23528,platforms/hardware/remote/23528.txt,"Edimax AR-6004 ADSL Router - Management Interface Cross-site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 +23529,platforms/windows/remote/23529.txt,"SnapStream PVS Lite 2.0 - Cross-site Scripting",2004-01-06,"Rafel Ivgi",windows,remote,0 23530,platforms/windows/dos/23530.c,"Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service",2004-01-07,NoRpiuS,windows,dos,0 23531,platforms/windows/remote/23531.c,"HD Soft Windows FTP Server 1.5/1.6 - Username Format String",2004-01-12,mandragore,windows,remote,0 23532,platforms/windows/remote/23532.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb Directory Traversal",2004-01-09,badpack3t,windows,remote,0 @@ -20778,8 +20778,8 @@ id,file,description,date,author,platform,type,port 23561,platforms/asp/webapps/23561.txt,"DUware Software - Multiple Vulnerabilities",2004-01-20,"Security Corporation",asp,webapps,0 23562,platforms/windows/remote/23562.html,"2Wire HomePortal Series - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",windows,remote,0 23565,platforms/windows/dos/23565.txt,"Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 -23563,platforms/multiple/remote/23563.txt,"Darkwet Network WebcamXP 1.6.945 - Cross-Site Scripting",2004-01-21,"Rafel Ivgi The-Insider",multiple,remote,0 -23564,platforms/multiple/remote/23564.txt,"Mephistoles HTTPD 0.6 - Cross-Site Scripting",2004-01-21,"Donato Ferrante",multiple,remote,0 +23563,platforms/multiple/remote/23563.txt,"Darkwet Network WebcamXP 1.6.945 - Cross-site Scripting",2004-01-21,"Rafel Ivgi The-Insider",multiple,remote,0 +23564,platforms/multiple/remote/23564.txt,"Mephistoles HTTPD 0.6 - Cross-site Scripting",2004-01-21,"Donato Ferrante",multiple,remote,0 23567,platforms/windows/dos/23567.txt,"Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23568,platforms/windows/dos/23568.txt,"Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23569,platforms/windows/dos/23569.txt,"Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 @@ -20787,13 +20787,13 @@ id,file,description,date,author,platform,type,port 23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware 9.70.0.100 - Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 23573,platforms/php/webapps/23573.txt,"banana dance b.2.6 - Multiple Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 - NULL Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 -23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 - Multiple SQL Injection",2012-12-21,"High-Tech Bridge SA",php,webapps,0 +23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 - Multiple SQL Injections",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23878,platforms/windows/remote/23878.txt,"HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload Weakness",2004-03-24,wirepair,windows,remote,0 23877,platforms/windows/remote/23877.txt,"NexGen FTP Server 1.0/2.x - Remote Directory Traversal",2004-03-24,"Ziv Kamir",windows,remote,0 23579,platforms/unix/remote/23579.rb,"TWiki MAKETEXT - Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 23580,platforms/unix/remote/23580.rb,"Foswiki MAKETEXT - Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 23581,platforms/linux/local/23581.pl,"Apache 2.0.4x mod_perl Module - File Descriptor Leakage",2004-01-21,"Steve Grubb",linux,local,0 -23582,platforms/cgi/remote/23582.txt,"Acme thttpd 1.9/2.0.x - CGI Test Script Cross-Site Scripting",2004-01-22,"Rafel Ivgi The-Insider",cgi,remote,0 +23582,platforms/cgi/remote/23582.txt,"Acme thttpd 1.9/2.0.x - CGI Test Script Cross-site Scripting",2004-01-22,"Rafel Ivgi The-Insider",cgi,remote,0 23583,platforms/multiple/remote/23583.txt,"Netbus 2.0 Pro - Directory Listings Disclosure / File Upload",2004-01-22,"Rafel Ivgi The-Insider",multiple,remote,0 23584,platforms/windows/dos/23584.c,"McAfee ePolicy Orchestrator 1.x/2.x/3.0 - Agent HTTP POST Buffer Mismanagement",2004-01-22,cyber_flash,windows,dos,0 23585,platforms/linux/remote/23585.txt,"Finjan SurfinGate 6.0/7.0 - FHTTP Restart Command Execution",2004-01-23,"David Byrne",linux,remote,0 @@ -20804,27 +20804,27 @@ id,file,description,date,author,platform,type,port 23590,platforms/multiple/dos/23590.txt,"Reptile Web Server Reptile Web Server 20020105 - Denial of Service",2004-01-23,"Donato Ferrante",multiple,dos,0 23591,platforms/windows/remote/23591.c,"RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1)",2004-01-24,mandragore,windows,remote,0 23592,platforms/windows/remote/23592.c,"RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2)",2004-01-25,mslug@safechina.net,windows,remote,0 -23593,platforms/multiple/remote/23593.txt,"Oracle HTTP Server 8.1.7/9.0.1/9.2 - isqlplus Cross-Site Scripting",2004-01-24,"Rafel Ivgi The-Insider",multiple,remote,0 +23593,platforms/multiple/remote/23593.txt,"Oracle HTTP Server 8.1.7/9.0.1/9.2 - isqlplus Cross-site Scripting",2004-01-24,"Rafel Ivgi The-Insider",multiple,remote,0 23594,platforms/windows/remote/23594.txt,"tinyserver 1.1 - Directory Traversal",2004-01-24,"Donato Ferrante",windows,remote,0 23595,platforms/windows/dos/23595.txt,"TinyServer 1.1 - Denial of Service",2004-01-24,"Donato Ferrante",windows,dos,0 -23596,platforms/windows/remote/23596.txt,"TinyServer 1.1 - Cross-Site scripting",2004-01-24,"Donato Ferrante",windows,remote,0 +23596,platforms/windows/remote/23596.txt,"TinyServer 1.1 - Cross-site Scripting",2004-01-24,"Donato Ferrante",windows,remote,0 23597,platforms/windows/remote/23597.txt,"borland Web server for corel paradox 1.0 b3 - Directory Traversal",2004-01-24,"Rafel Ivgi The-Insider",windows,remote,0 -23598,platforms/multiple/remote/23598.txt,"IBM Net.Data 7.0/7.2 - db2www Error Message Cross-Site Scripting",2004-01-26,"Carsten Eiram",multiple,remote,0 +23598,platforms/multiple/remote/23598.txt,"IBM Net.Data 7.0/7.2 - db2www Error Message Cross-site Scripting",2004-01-26,"Carsten Eiram",multiple,remote,0 23599,platforms/php/webapps/23599.txt,"Gallery 1.3.x/1.4 - Remote Global Variable Injection",2004-01-26,"Bharat Mediratta",php,webapps,0 -23600,platforms/multiple/remote/23600.txt,"Herberlin BremsServer 1.2.4 - Cross-Site Scripting",2004-01-26,"Donato Ferrante",multiple,remote,0 +23600,platforms/multiple/remote/23600.txt,"Herberlin BremsServer 1.2.4 - Cross-site Scripting",2004-01-26,"Donato Ferrante",multiple,remote,0 23694,platforms/windows/remote/23694.rb,"RealPlayer - .RealMedia File Handling Buffer Overflow",2012-12-27,Metasploit,windows,remote,0 23601,platforms/multiple/remote/23601.rb,"Netwin SurgeFTP - Remote Command Execution",2012-12-23,Metasploit,multiple,remote,0 23602,platforms/windows/dos/23602.txt,"mIRC 6.1 - DCC Get Dialog Denial of Service",2004-01-26,"MASTER VIPER",windows,dos,0 23603,platforms/windows/remote/23603.py,"herberlin bremsserver 1.2.4/3.0 - Directory Traversal",2004-01-26,"Donato Ferrante",windows,remote,0 23604,platforms/linux/remote/23604.txt,"Antologic Antolinux 1.0 - Administrative Interface NDCR Parameter Remote Command Execution",2004-01-26,"Himeur Nourredine",linux,remote,0 -23605,platforms/solaris/remote/23605.txt,"Cherokee 0.1.x/0.2.x/0.4.x - Error Page Cross-Site Scripting",2004-01-26,"César Fernández",solaris,remote,0 -23606,platforms/php/webapps/23606.txt,"Xoops 2.0.x - Viewtopic.php Cross-Site Scripting",2004-01-26,"Ben Drysdale",php,webapps,0 -23607,platforms/php/webapps/23607.txt,"Kietu 2/3 - Index.php Remote File Inclusion",2004-01-26,"Himeur Nourredine",php,webapps,0 +23605,platforms/solaris/remote/23605.txt,"Cherokee 0.1.x/0.2.x/0.4.x - Error Page Cross-site Scripting",2004-01-26,"César Fernández",solaris,remote,0 +23606,platforms/php/webapps/23606.txt,"Xoops 2.0.x - Viewtopic.php Cross-site Scripting",2004-01-26,"Ben Drysdale",php,webapps,0 +23607,platforms/php/webapps/23607.txt,"Kietu 2/3 - 'index.php' Remote File Inclusion",2004-01-26,"Himeur Nourredine",php,webapps,0 23608,platforms/windows/remote/23608.pl,"InternetNow ProxyNow 2.6/2.75 - Multiple Stack and Heap Overflow Vulnerabilities",2004-01-26,"Peter Winter-Smith",windows,remote,0 23609,platforms/unix/local/23609.sh,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (1)",2003-08-08,pask,unix,local,0 23610,platforms/unix/local/23610.c,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (2)",2003-08-08,pask,unix,local,0 23611,platforms/multiple/local/23611.pl,"OracleAS TopLink Mapping Workbench - Weak Encryption Algorithm",2004-01-28,"Pete Finnigan",multiple,local,0 -23612,platforms/windows/remote/23612.txt,"BRS WebWeaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting",2004-01-28,"Oliver Karow",windows,remote,0 +23612,platforms/windows/remote/23612.txt,"BRS WebWeaver 1.0.7 - ISAPISkeleton.dll Cross-site Scripting",2004-01-28,"Oliver Karow",windows,remote,0 23613,platforms/cgi/webapps/23613.txt,"Leif M. Wright Web Blog 1.1 - File Disclosure",2004-01-20,"Zone-h Security Team",cgi,webapps,0 23614,platforms/windows/dos/23614.txt,"Loom Software SurfNow 1.x/2.x - Remote HTTP GET Request Denial of Service",2004-01-28,"Donato Ferrante",windows,dos,0 23615,platforms/cgi/webapps/23615.txt,"PJ CGI Neo Review - Directory Traversal",2004-01-29,"Zone-h Security Team",cgi,webapps,0 @@ -20835,12 +20835,12 @@ id,file,description,date,author,platform,type,port 23620,platforms/php/webapps/23620.txt,"Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion",2004-01-30,"Himeur Nourredine",php,webapps,0 23621,platforms/php/webapps/23621.txt,"Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion",2004-01-30,"Himeur Nourredine",php,webapps,0 23622,platforms/lin_x86/shellcode/23622.c,"Linux/x86 - Remote Port Forwarding Shellcode (87 bytes)",2012-12-24,"Hamza Megahed",lin_x86,shellcode,0 -23623,platforms/php/webapps/23623.txt,"City Directory Review and Rating Script - (search.php) SQL Injection",2012-12-24,3spi0n,php,webapps,0 +23623,platforms/php/webapps/23623.txt,"City Directory Review and Rating Script - 'search.php' SQL Injection",2012-12-24,3spi0n,php,webapps,0 23624,platforms/php/webapps/23624.txt,"MyBB HM My Country Flags - SQL Injection",2012-12-24,JoinSe7en,php,webapps,0 23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - (index.php id parameter) SQL Injection",2012-12-24,Red_Hat,php,webapps,0 23686,platforms/windows/dos/23686.txt,"Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service",2004-02-11,"Luigi Auriemma",windows,dos,0 23687,platforms/php/webapps/23687.txt,"Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass",2004-02-12,"Ziv Kamir",php,webapps,0 -23688,platforms/php/webapps/23688.txt,"VBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 +23688,platforms/php/webapps/23688.txt,"VBulletin 1.0/1.1/2.0.x/2.2.x - Cross-site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 23689,platforms/windows/dos/23689.c,"Crob FTP Server 3.5.2 - Remote Denial of Service",2004-02-12,gsicht,windows,dos,0 23690,platforms/linux/dos/23690.txt,"XFree86 4.x - CopyISOLatin1Lowered Font_Name Buffer Overflow",2004-02-12,"Greg MacManus",linux,dos,0 23632,platforms/windows/remote/23632.txt,"Crob FTP Server 3.5.1 - Remote Information Disclosure",2004-02-02,"Zero X",windows,remote,0 @@ -20858,32 +20858,32 @@ id,file,description,date,author,platform,type,port 23644,platforms/php/webapps/23644.php,"phpx 3.2.3 - Multiple Vulnerabilities",2004-02-03,"Manuel L?pez",php,webapps,0 23645,platforms/php/webapps/23645.txt,"All Enthusiast ReviewPost PHP Pro 2.5 - showproduct.php SQL Injection",2004-02-04,G00db0y,php,webapps,0 23646,platforms/php/webapps/23646.txt,"All Enthusiast ReviewPost PHP Pro 2.5 - showcat.php SQL Injection",2004-02-04,G00db0y,php,webapps,0 -23647,platforms/cgi/webapps/23647.txt,"RXGoogle.CGI 1.0/2.5 - Cross-Site Scripting",2004-02-04,"Shaun Colley",cgi,webapps,0 +23647,platforms/cgi/webapps/23647.txt,"RXGoogle.CGI 1.0/2.5 - Cross-site Scripting",2004-02-04,"Shaun Colley",cgi,webapps,0 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component - Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server - Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0 23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler - Command Injection",2012-12-25,Metasploit,windows,remote,0 23651,platforms/php/remote/23651.rb,"WordPress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 -23653,platforms/php/webapps/23653.txt,"Crossday Discuz! 2.0/3.0 - Cross-Site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0 +23653,platforms/php/webapps/23653.txt,"Crossday Discuz! 2.0/3.0 - Cross-site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0 23654,platforms/windows/dos/23654.txt,"XLight FTP Server 1.x - Long Directory Request Remote Denial of Service",2004-02-05,intuit,windows,dos,0 23655,platforms/bsd/local/23655.txt,"BSD Kernel - SHMAT System Call Privilege Escalation",2004-02-05,"Joost Pol",bsd,local,0 23656,platforms/multiple/dos/23656.txt,"Oracle 9.x - Database Parameter / Statement Buffer Overflow",2003-02-05,NGSSoftware,multiple,dos,0 -23657,platforms/php/webapps/23657.txt,"Mambo Open Source 4.6 - Itemid Parameter Cross-Site Scripting",2004-02-05,"David Sopas Ferreira",php,webapps,0 +23657,platforms/php/webapps/23657.txt,"Mambo Open Source 4.6 - Itemid Parameter Cross-site Scripting",2004-02-05,"David Sopas Ferreira",php,webapps,0 23658,platforms/linux/local/23658.c,"Linux VServer Project 1.2x - CHRoot Breakout",2004-02-06,"Markus Mueller",linux,local,0 23659,platforms/cgi/webapps/23659.txt,"OpenJournal 2.0 - Authentication Bypassing",2004-02-06,"Tri Huynh",cgi,webapps,0 23660,platforms/windows/dos/23660.c,"BolinTech Dream FTP Server 1.0 - User Name Format String (1)",2004-02-07,shaun2k2,windows,dos,0 23662,platforms/linux/dos/23662.c,"Nadeo Game Engine - Remote Denial of Service",2004-02-09,scrap,linux,dos,0 -23663,platforms/php/webapps/23663.txt,"PHP-Nuke 6.x/7.0 - 'News' Module Cross-Site Scripting",2004-02-09,"Janek Vind",php,webapps,0 +23663,platforms/php/webapps/23663.txt,"PHP-Nuke 6.x/7.0 - 'News' Module Cross-site Scripting",2004-02-09,"Janek Vind",php,webapps,0 23664,platforms/windows/dos/23664.py,"Sambar Server 6.0 - Results.STM Post Request Buffer Overflow",2004-02-09,nd@felinemenace.org,windows,dos,0 23665,platforms/windows/dos/23665.c,"Shaun2k2 Palmhttpd Server 3.0 - Remote Denial of Service",2004-02-09,shaun2k2,windows,dos,0 -23666,platforms/php/webapps/23666.txt,"JShop E-Commerce Suite - xSearch Cross-Site Scripting",2004-02-09,"David Sopas Ferreira",php,webapps,0 +23666,platforms/php/webapps/23666.txt,"JShop E-Commerce Suite - xSearch Cross-site Scripting",2004-02-09,"David Sopas Ferreira",php,webapps,0 23667,platforms/linux/dos/23667.txt,"ClamAV Daemon 0.65 - Malformed UUEncoded Message Denial of Service",2004-02-09,"Oliver Eikemeier",linux,dos,0 23668,platforms/windows/remote/23668.txt,"Microsoft Internet Explorer 5.0.1 - LoadPicture File Enumeration Weakness",2004-02-07,Jelmer,windows,remote,0 -23669,platforms/php/webapps/23669.txt,"PHP-Nuke 6.x/7.x - 'Reviews' Module Cross-Site Scripting",2004-02-09,"Janek Vind",php,webapps,0 +23669,platforms/php/webapps/23669.txt,"PHP-Nuke 6.x/7.x - 'Reviews' Module Cross-site Scripting",2004-02-09,"Janek Vind",php,webapps,0 23670,platforms/php/webapps/23670.pl,"PHP-Nuke 6.x/7.x - Public Message SQL Injection",2004-02-09,"Janek Vind",php,webapps,0 23671,platforms/linux/remote/23671.txt,"Caucho Technology Resin 2.1.12 - Directory Listings Disclosure",2004-02-09,"Wang Yun",linux,remote,0 23672,platforms/hardware/dos/23672.txt,"Red-M Red-Alert 3.1 - Remote Vulnerabilities",2004-02-09,"Bruno Morisson",hardware,dos,0 -23673,platforms/php/webapps/23673.txt,"Guru Auction 2.0 - Multiple SQL Injection",2012-12-26,v3n0m,php,webapps,0 +23673,platforms/php/webapps/23673.txt,"Guru Auction 2.0 - Multiple SQL Injections",2012-12-26,v3n0m,php,webapps,0 23674,platforms/linux/local/23674.txt,"Linux Kernel Samba 2.2.8 (Debian / Mandrake) - Share Local Privilege Escalation",2004-02-09,"Martin Fiala",linux,local,0 23675,platforms/windows/remote/23675.txt,"Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution",2004-02-09,"Bartosz Kwitkowski",windows,remote,0 23676,platforms/asp/webapps/23676.txt,"MaxWebPortal 1.3x - down.asp HTTP_REFERER XSS",2004-02-10,"Manuel Lopez",asp,webapps,0 @@ -20929,7 +20929,7 @@ id,file,description,date,author,platform,type,port 23726,platforms/php/webapps/23726.txt,"Fool's Workshop Owl's Workshop 1.0 - readings/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23727,platforms/php/webapps/23727.txt,"Fool's Workshop Owl's Workshop 1.0 - resultsignore.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23728,platforms/linux/remote/23728.txt,"Metamail 2.7 - Multiple Buffer Overflow/Format String Handling Vulnerabilities",2004-02-18,"Ulf Harnhammar",linux,remote,0 -23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 - Error.ASP Cross-Site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 +23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 - Error.ASP Cross-site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 23730,platforms/windows/remote/23730.txt,"AOL Instant Messenger 4.x/5.x - Buddy Icon Predictable File Location Weakness",2004-02-19,"Michael Evanchik",windows,remote,0 23731,platforms/windows/dos/23731.txt,"TYPSoft FTP Server 1.1 - Remote CPU Consumption Denial of Service",2004-02-20,"intuit bug_hunter",windows,dos,0 23732,platforms/windows/remote/23732.c,"PSOProxy 0.91 - Remote Buffer Overflow (1)",2004-02-20,PaLbOsA,windows,remote,0 @@ -20956,7 +20956,7 @@ id,file,description,date,author,platform,type,port 23753,platforms/php/webapps/23753.txt,"Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure",2004-02-24,"Rafel Ivgi",php,webapps,0 23754,platforms/windows/remote/23754.rb,"Microsoft Internet Explorer - CDwnBindInfo Object Use-After-Free",2012-12-31,Metasploit,windows,remote,0 23755,platforms/multiple/dos/23755.txt,"RedStorm Ghost Recon Game Engine - Remote Denial of Service",2004-02-24,"Luigi Auriemma",multiple,dos,0 -23756,platforms/multiple/remote/23756.txt,"Seyeon Technology FlexWATCH Server 2.2 - Cross-Site Scripting",2004-02-24,"Rafel Ivgi The-Insider",multiple,remote,0 +23756,platforms/multiple/remote/23756.txt,"Seyeon Technology FlexWATCH Server 2.2 - Cross-site Scripting",2004-02-24,"Rafel Ivgi The-Insider",multiple,remote,0 23757,platforms/linux/dos/23757.txt,"Gamespy Software Development Kit - Remote Denial of Service",2004-02-24,"Luigi Auriemma",linux,dos,0 23758,platforms/windows/remote/23758.txt,"gweb http server 0.5/0.6 - Directory Traversal",2004-02-24,"Donato Ferrante",windows,remote,0 23759,platforms/linux/local/23759.pl,"MTools 3.9.x - MFormat Privilege Escalation",2004-02-25,"Sebastian Krahmer",linux,local,0 @@ -20964,28 +20964,28 @@ id,file,description,date,author,platform,type,port 23761,platforms/windows/dos/23761.c,"RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)",2004-02-26,shaun2k2,windows,dos,0 23762,platforms/windows/dos/23762.c,"RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)",2004-02-26,shaun2k2,windows,dos,0 23763,platforms/windows/remote/23763.c,"RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)",2004-02-26,lion,windows,remote,0 -23764,platforms/hardware/remote/23764.txt,"Symantec Gateway Security 5400 Series 2.0 - Error Page Cross-Site Scripting",2004-02-26,Soby,hardware,remote,0 +23764,platforms/hardware/remote/23764.txt,"Symantec Gateway Security 5400 Series 2.0 - Error Page Cross-site Scripting",2004-02-26,Soby,hardware,remote,0 23766,platforms/windows/remote/23766.html,"Microsoft Internet Explorer 5/6 - Cross-Domain Event Leakage",2004-02-27,iDefense,windows,remote,0 -23767,platforms/php/webapps/23767.txt,"Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2004-03-01,"Rafel Ivgi The-Insider",php,webapps,0 +23767,platforms/php/webapps/23767.txt,"Invision Power Board 1.3 - Multiple Cross-site Scripting Vulnerabilities",2004-03-01,"Rafel Ivgi The-Insider",php,webapps,0 23768,platforms/windows/remote/23768.txt,"Microsoft Internet Explorer 6.0 - window.open Media Bar Cross-Zone Scripting",2003-09-11,Jelmer,windows,remote,0 23769,platforms/windows/dos/23769.pl,"argosoft ftp server 1.0/1.2/1.4 - Multiple Vulnerabilities",2004-02-27,"Beyond Security",windows,dos,0 23770,platforms/php/webapps/23770.txt,"IGeneric Free Shopping Cart 1.4 - SQL Injection",2004-03-01,"David Sopas Ferreira",php,webapps,0 23771,platforms/linux/remote/23771.pl,"GNU Anubis 3.6.x/3.9.x - Multiple Format String",2004-03-01,"Ulf Harnhammar",linux,remote,0 23772,platforms/linux/remote/23772.c,"GNU Anubis 3.6.x/3.9.x - auth.c auth_ident() Function Overflow",2004-03-01,CMN,linux,remote,0 -23773,platforms/php/webapps/23773.txt,"IGeneric Free Shopping Cart 1.4 - Cross-Site Scripting",2004-03-01,"David Sopas Ferreira",php,webapps,0 +23773,platforms/php/webapps/23773.txt,"IGeneric Free Shopping Cart 1.4 - Cross-site Scripting",2004-03-01,"David Sopas Ferreira",php,webapps,0 23774,platforms/php/webapps/23774.txt,"YaBB SE 1.5.x - Arbitrary File Deletion",2004-03-01,"Alnitak and BackSpace",php,webapps,0 23775,platforms/php/webapps/23775.txt,"YaBB SE 1.5.x - Multiple Parameter SQL Injection",2004-03-01,"Alnitak and BackSpace",php,webapps,0 -23776,platforms/windows/remote/23776.txt,"Software602 602Pro LAN Suite - Web Mail Cross-Site Scripting",2004-03-01,"Rafel Ivgi The-Insider",windows,remote,0 +23776,platforms/windows/remote/23776.txt,"Software602 602Pro LAN Suite - Web Mail Cross-site Scripting",2004-03-01,"Rafel Ivgi The-Insider",windows,remote,0 23777,platforms/linux/remote/23777.txt,"Squid Proxy 2.4/2.5 - NULL URL Character Unauthorized Access",2004-03-01,"Mitch Adair",linux,remote,0 23778,platforms/hardware/dos/23778.c,"Motorola T720 Phone - Denial of Service",2004-03-01,"Shaun Colley",hardware,dos,0 23779,platforms/linux/dos/23779.txt,"Grep < 2.11 - Integer Overflow Crash PoC",2012-12-31,"Joshua Rogers",linux,dos,0 23780,platforms/windows/dos/23780.py,"Aktiv Player 2.80 - Crash PoC",2012-12-31,IndonesiaGokilTeam,windows,dos,0 23781,platforms/php/webapps/23781.txt,"MyBB - (editpost.php posthash) SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 -23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar - (index.php date param) Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 +23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar - (index.php date parameter) Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - PLF Exploit DEP/ASLR Bypass (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 -24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - index.php SQL Injection",2004-04-23,waraxe,php,webapps,0 +24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - 'index.php' SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 - blocker_query.php Multiple Parameter XSS",2004-04-23,waraxe,php,webapps,0 -24046,platforms/php/webapps/24046.txt,"Fusionphp Fusion News 3.6.1 - Cross-Site Scripting",2004-04-23,DarkBicho,php,webapps,0 +24046,platforms/php/webapps/24046.txt,"Fusionphp Fusion News 3.6.1 - Cross-site Scripting",2004-04-23,DarkBicho,php,webapps,0 23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer - CButton Object Use-After-Free",2013-01-02,Metasploit,windows,remote,0 23786,platforms/hardware/dos/23786.c,"Nortel Wireless LAN Access Point 2200 Series - Denial of Service",2004-03-02,"Alex Hernandez",hardware,dos,0 23787,platforms/multiple/dos/23787.txt,"1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow",2004-03-02,JeFFOsZ,multiple,dos,0 @@ -20993,27 +20993,27 @@ id,file,description,date,author,platform,type,port 23789,platforms/hardware/dos/23789.c,"SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)",2004-03-02,shaun2k2,hardware,dos,0 23790,platforms/windows/remote/23790.htm,"Microsoft Internet Explorer 5 - window.open Search Pane Cross-Zone Scripting",2003-09-10,"Liu Die Yu",windows,remote,0 23791,platforms/asp/webapps/23791.txt,"SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities",2004-03-03,"Nick Gudov",asp,webapps,0 -23792,platforms/php/webapps/23792.txt,"VirtuaSystems VirtuaNews 1.0.x - Multiple Module Cross-Site Scripting Vulnerabilities",2004-03-05,"Rafel Ivgi The-Insider",php,webapps,0 +23792,platforms/php/webapps/23792.txt,"VirtuaSystems VirtuaNews 1.0.x - Multiple Module Cross-site Scripting Vulnerabilities",2004-03-05,"Rafel Ivgi The-Insider",php,webapps,0 23793,platforms/osx/dos/23793.txt,"Apple Safari 1.x - Large JavaScript Array Handling Denial of Service",2004-03-06,kang,osx,dos,0 23794,platforms/linux/remote/23794.txt,"PWebServer 0.3.x - Remote Directory Traversal",2004-03-08,"Donato Ferrante",linux,remote,0 -23795,platforms/php/webapps/23795.txt,"Invision Power Board 1.3 - Pop Parameter Cross-Site Scripting",2004-03-09,"Rafel Ivgi The-Insider",php,webapps,0 +23795,platforms/php/webapps/23795.txt,"Invision Power Board 1.3 - Pop Parameter Cross-site Scripting",2004-03-09,"Rafel Ivgi The-Insider",php,webapps,0 23796,platforms/windows/remote/23796.html,"Microsoft Outlook 2002 - Mailto Parameter Quoting Zone Bypass",2004-03-09,shaun2k2,windows,remote,0 23797,platforms/php/webapps/23797.txt,"Confixx 2 - DB Parameter SQL Injection",2004-03-09,wkr,php,webapps,0 23798,platforms/php/webapps/23798.txt,"Confixx 2 - Perl Debugger Remote Command Execution",2004-03-09,wkr,php,webapps,0 23799,platforms/multiple/dos/23799.txt,"Epic Games Unreal Tournament Server 436.0 - Engine Remote Format String",2004-03-10,"Luigi Auriemma",multiple,dos,0 23800,platforms/osx/remote/23800.txt,"Apple Safari 1.x - Cookie Path Traversal Information Disclosure",2004-03-10,"Corsaire Limited",osx,remote,0 -23801,platforms/linux/remote/23801.txt,"GNU MyProxy 20030629 - Cross-Site Scripting",2004-03-11,"Donato Ferrante",linux,remote,0 +23801,platforms/linux/remote/23801.txt,"GNU MyProxy 20030629 - Cross-site Scripting",2004-03-11,"Donato Ferrante",linux,remote,0 23802,platforms/linux/remote/23802.txt,"Pegasi Web Server 0.2.2 - Arbitrary File Access",2004-03-11,"Donato Ferrante",linux,remote,0 23803,platforms/linux/remote/23803.txt,"Pegasi Web Server 0.2.2 - Error Page XSS",2004-03-11,"Donato Ferrante",linux,remote,0 23804,platforms/cgi/remote/23804.txt,"cPanel 5/6/7/8/9 - Resetpass Remote Command Execution",2004-03-11,"Arab VieruZ",cgi,remote,0 23805,platforms/multiple/dos/23805.txt,"Targem Games Battle Mages 1.0 - Remote Denial of Service",2004-03-11,"Luigi Auriemma",multiple,dos,0 -23806,platforms/cgi/webapps/23806.txt,"cPanel 5/6/7/8/9 - dir Parameter Cross-Site Scripting",2004-03-12,Fable,cgi,webapps,0 +23806,platforms/cgi/webapps/23806.txt,"cPanel 5/6/7/8/9 - dir Parameter Cross-site Scripting",2004-03-12,Fable,cgi,webapps,0 23807,platforms/cgi/webapps/23807.txt,"cPanel 5/6/7/8/9 - Login Script Remote Command Execution",2004-03-12,"Arab VieruZ",cgi,webapps,0 23808,platforms/hardware/remote/23808.txt,"IP3 Networks IP3 NetAccess Appliance - SQL Injection",2004-03-12,"Syam Yanuar",hardware,remote,0 23809,platforms/cgi/webapps/23809.txt,"Emumail EMU Webmail 5.2.7 - nit.emu Information Disclosure",2004-03-12,dr_insane,cgi,webapps,0 23810,platforms/cgi/webapps/23810.txt,"Emumail EMU Webmail 5.2.7 - emumail.fcgi Multiple Parameter XSS",2004-03-12,dr_insane,cgi,webapps,0 23811,platforms/linux/remote/23811.c,"MathoPD 1.x - Remote Buffer Overflow",2003-11-02,aion,linux,remote,0 -23812,platforms/php/webapps/23812.txt,"YABB SE 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2004-03-15,"Cheng Peng Su",php,webapps,0 +23812,platforms/php/webapps/23812.txt,"YABB SE 1.5.1 - Multiple Cross-site Scripting Vulnerabilities",2004-03-15,"Cheng Peng Su",php,webapps,0 23813,platforms/asp/webapps/23813.txt,"VocalTec VGW4/8 Telephony Gateway - Remote Authentication Bypass",2004-03-15,"Rafel Ivgi The-Insider",asp,webapps,0 23814,platforms/php/webapps/23814.txt,"PHP-Nuke 7.1 Recommend_Us Module - fname Parameter XSS",2004-03-15,"Janek Vind",php,webapps,0 23815,platforms/php/webapps/23815.txt,"WarpSpeed 4nAlbum Module 0.92 - displaycategory.php basepath Parameter Remote File Inclusion",2004-03-15,"Janek Vind",php,webapps,0 @@ -21023,19 +21023,19 @@ id,file,description,date,author,platform,type,port 23819,platforms/php/webapps/23819.txt,"Phorum 3.x - login.php HTTP_REFERER XSS",2004-03-15,JeiAr,php,webapps,0 23820,platforms/php/webapps/23820.txt,"Phorum 3.x - profile.php target Parameter XSS",2004-03-15,JeiAr,php,webapps,0 23821,platforms/php/webapps/23821.php,"PHPBB 1.x/2.0.x - Search.php Search_Results Parameter SQL Injection",2004-01-04,pokleyzz,php,webapps,0 -23822,platforms/php/webapps/23822.txt,"VBulletin 3.0 - ForumDisplay.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 -23823,platforms/php/webapps/23823.txt,"VBulletin 3.0 - ShowThread.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 -23824,platforms/php/webapps/23824.txt,"Mambo Open Source 4.5 - index.php Multiple Parameter XSS",2004-03-16,JeiAr,php,webapps,0 -23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 - index.php mos_change_template Parameter XSS",2004-03-16,JeiAr,php,webapps,0 +23822,platforms/php/webapps/23822.txt,"VBulletin 3.0 - ForumDisplay.php Cross-site Scripting",2004-03-16,JeiAr,php,webapps,0 +23823,platforms/php/webapps/23823.txt,"VBulletin 3.0 - ShowThread.php Cross-site Scripting",2004-03-16,JeiAr,php,webapps,0 +23824,platforms/php/webapps/23824.txt,"Mambo Open Source 4.5 - 'index.php' Multiple Parameter XSS",2004-03-16,JeiAr,php,webapps,0 +23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 - 'index.php' mos_change_template Parameter XSS",2004-03-16,JeiAr,php,webapps,0 23828,platforms/php/webapps/23828.txt,"e107 1.0.1 - CSRF Resulting in Arbitrary Javascript Execution",2013-01-02,"Joshua Reynolds",php,webapps,0 23829,platforms/php/webapps/23829.txt,"e107 1.0.2 - CSRF Resulting in SQL Injection",2013-01-02,"Joshua Reynolds",php,webapps,0 23830,platforms/linux/dos/23830.py,"Astium VoIP PBX 2.1 build 25399 - Remote Crash PoC",2013-01-02,xistence,linux,dos,5655 23831,platforms/php/webapps/23831.py,"Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit",2013-01-02,xistence,php,webapps,0 23902,platforms/multiple/dos/23902.txt,"Roger Wilco Server 1.4.1 - UDP Datagram Handling Denial of Service",2004-03-31,"Luigi Auriemma",multiple,dos,0 -23834,platforms/php/webapps/23834.txt,"Mambo Open Source 4.5 - Index.php SQL Injection",2004-03-16,JeiAr,php,webapps,0 +23834,platforms/php/webapps/23834.txt,"Mambo Open Source 4.5 - 'index.php' SQL Injection",2004-03-16,JeiAr,php,webapps,0 23835,platforms/php/webapps/23835.txt,"PHP-Nuke 6.x/7.0/7.1 - Image Tag Admin Command Execution",2004-03-16,"Janek Vind",php,webapps,0 23836,platforms/windows/remote/23836.txt,"IBM Lotus Domino 6/7 - HTTP webadmin.nsf Directory Traversal",2004-03-17,dr_insane,windows,remote,0 -23837,platforms/windows/remote/23837.txt,"IBM Lotus Domino 6.5.1 - HTTP webadmin.nsf Quick Console Cross-Site Scripting",2004-03-17,dr_insane,windows,remote,0 +23837,platforms/windows/remote/23837.txt,"IBM Lotus Domino 6.5.1 - HTTP webadmin.nsf Quick Console Cross-site Scripting",2004-03-17,dr_insane,windows,remote,0 23838,platforms/aix/local/23838.pl,"GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow",2003-05-30,watercloud,aix,local,0 23839,platforms/windows/dos/23839.pl,"GlobalSCAPE Secure FTP Server 2.0 Build 03.11.2004.2 - SITE Command Remote Buffer Overflow",2004-03-17,storm,windows,dos,0 23840,platforms/aix/local/23840.pl,"AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (1)",2003-05-30,watercloud,aix,local,0 @@ -21063,13 +21063,13 @@ id,file,description,date,author,platform,type,port 23862,platforms/asp/webapps/23862.txt,"Expinion.net News Manager Lite 2.5 - news_sort.asp filter Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie ADMIN Parameter Manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 23864,platforms/linux/remote/23864.txt,"xweb 1.0 - Directory Traversal",2004-03-22,"Donato Ferrante",linux,remote,0 -23865,platforms/php/webapps/23865.txt,"VBulletin 2.x - Private.php Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 +23865,platforms/php/webapps/23865.txt,"VBulletin 2.x - Private.php Cross-site Scripting",2004-03-22,JeiAr,php,webapps,0 23866,platforms/php/webapps/23866.txt,"phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities",2004-03-22,JeiAr,php,webapps,0 -23867,platforms/php/webapps/23867.txt,"Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injection",2004-03-23,JeiAr,php,webapps,0 +23867,platforms/php/webapps/23867.txt,"Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections",2004-03-23,JeiAr,php,webapps,0 23868,platforms/php/webapps/23868.txt,"Invision Power Top Site List 1.0/1.1 - Comments function id Parameter SQL Injection",2004-03-22,JeiAr,php,webapps,0 -23869,platforms/php/webapps/23869.txt,"PHP-Nuke MS-Analysis Module - Multiple Cross-Site Scripting Vulnerabilities",2004-03-22,"Janek Vind",php,webapps,0 +23869,platforms/php/webapps/23869.txt,"PHP-Nuke MS-Analysis Module - Multiple Cross-site Scripting Vulnerabilities",2004-03-22,"Janek Vind",php,webapps,0 23870,platforms/php/webapps/23870.txt,"PHP-Nuke MS-Analysis Module - HTTP Referrer Field SQL Injection",2004-03-22,"Janek Vind",php,webapps,0 -23871,platforms/windows/remote/23871.txt,"Centrinity FirstClass HTTP Server 5/7 - TargetName Parameter Cross-Site Scripting",2004-03-22,"Richard Maudsley",windows,remote,0 +23871,platforms/windows/remote/23871.txt,"Centrinity FirstClass HTTP Server 5/7 - TargetName Parameter Cross-site Scripting",2004-03-22,"Richard Maudsley",windows,remote,0 23872,platforms/jsp/webapps/23872.txt,"reget deluxe 3.0 build 121 - Directory Traversal",2004-03-22,snifer,jsp,webapps,0 23873,platforms/multiple/remote/23873.c,"Mythic Entertainment Dark Age of Camelot 1.6x - Encryption Key Signing",2004-03-23,"Todd Chapman",multiple,remote,0 23874,platforms/solaris/local/23874.txt,"Sun Solaris 2.6/7.0/8/9 - vfs_getvfssw function Local Privilege Escalation",2004-03-23,"Sinan Eren",solaris,local,0 @@ -21095,7 +21095,7 @@ id,file,description,date,author,platform,type,port 23896,platforms/linux/dos/23896.txt,"MPlayer 0.9/1.0 - Remote HTTP Header Buffer Overflow",2004-03-30,blexim,linux,dos,0 23897,platforms/cgi/webapps/23897.txt,"LinBit Technologies LINBOX Officeserver - Remote Authentication Bypass",2004-03-30,"Martin Eiszner",cgi,webapps,0 23898,platforms/asp/webapps/23898.txt,"Cactusoft CactuShop 5.0/5.1 - SQL Injection",2004-03-31,"Nick Gudov",asp,webapps,0 -23899,platforms/asp/webapps/23899.txt,"CactuSoft CactuShop 5.0/5.1 - Cross-Site Scripting",2004-03-31,"Nick Gudov",asp,webapps,0 +23899,platforms/asp/webapps/23899.txt,"CactuSoft CactuShop 5.0/5.1 - Cross-site Scripting",2004-03-31,"Nick Gudov",asp,webapps,0 23900,platforms/hardware/dos/23900.txt,"CDP 0.33/0.4 - Console CD Player PrintTOC Function Buffer Overflow",2004-03-31,"Shaun Colley",hardware,dos,0 23901,platforms/php/webapps/23901.txt,"pfSense 2.0.1 - XSS / CSRF / Remote Command Execution",2013-01-05,"Yann CAM",php,webapps,0 23903,platforms/windows/remote/23903.html,"Microsoft Internet Explorer 6.0 - HTML Form Status Bar Misrepresentation",2004-03-31,http-equiv,windows,remote,0 @@ -21118,7 +21118,7 @@ id,file,description,date,author,platform,type,port 23920,platforms/windows/dos/23920.txt,"Mcafee FreeScan CoMcFreeScan Browser - Object Buffer Overflow",2004-04-07,"Rafel Ivgi The-Insider",windows,dos,0 23921,platforms/windows/local/23921.c,"Centrinity FirstClass Desktop Client 7.1 - Local Buffer Overflow",2004-04-07,I2S-LaB,windows,local,0 23923,platforms/windows/dos/23923.py,"FoxPlayer 2.9.0 - Denial of Service",2013-01-06,metacom,windows,dos,0 -23924,platforms/multiple/webapps/23924.txt,"Nexpose Security Console - CSRF",2013-01-06,"Robert Gilbert",multiple,webapps,0 +23924,platforms/multiple/webapps/23924.txt,"Nexpose Security Console - Cross-site Request Forgery",2013-01-06,"Robert Gilbert",multiple,webapps,0 23925,platforms/windows/dos/23925.txt,"Kerio Personal Firewall 4.0.x - Web Filtering Remote Denial of Service",2004-04-07,E.Kellinis,windows,dos,0 23926,platforms/windows/remote/23926.txt,"Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure",2004-04-07,"S G Masood",windows,remote,0 23927,platforms/windows/dos/23927.txt,"Opera Web Browser 7.0 - Remote IFRAME Denial of Service",2004-04-08,"Pascal Notz",windows,dos,0 @@ -21128,7 +21128,7 @@ id,file,description,date,author,platform,type,port 23931,platforms/php/webapps/23931.txt,"NukeCalendar 1.1.a - block-Calendar_center.php Path Disclosure",2004-04-08,"Janek Vind",php,webapps,0 23932,platforms/php/webapps/23932.txt,"NukeCalendar 1.1.a - eid Parameter XSS",2004-04-08,"Janek Vind",php,webapps,0 23933,platforms/php/webapps/23933.txt,"NukeCalendar 1.1.a - eid Parameter SQL Injection",2004-04-08,"Janek Vind",php,webapps,0 -23934,platforms/php/webapps/23934.txt,"AzDGDatingLite 2.1.1 - index.php language Parameter XSS",2004-04-07,"Janek Vind",php,webapps,0 +23934,platforms/php/webapps/23934.txt,"AzDGDatingLite 2.1.1 - 'index.php' language Parameter XSS",2004-04-07,"Janek Vind",php,webapps,0 23935,platforms/php/webapps/23935.txt,"AzDGDatingLite 2.1.1 - view.php id Parameter XSS",2004-04-07,"Janek Vind",php,webapps,0 23936,platforms/linux/remote/23936.pl,"lcdproc lcdd 0.x/4.x - Multiple Vulnerabilities",2004-04-08,wsxz,linux,remote,0 23937,platforms/cgi/webapps/23937.txt,"1st Class Mail Server 4.0 1 - viewmail.tagz XSS",2004-04-08,dr_insane,cgi,webapps,0 @@ -21161,7 +21161,7 @@ id,file,description,date,author,platform,type,port 23964,platforms/php/webapps/23964.txt,"TikiWiki Project 1.8 - tiki-list_file_gallery.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23965,platforms/php/webapps/23965.txt,"TikiWiki Project 1.8 - tiki-directory_ranking.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23966,platforms/php/webapps/23966.txt,"TikiWiki Project 1.8 - tiki-browse_categories.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 -23967,platforms/php/webapps/23967.txt,"E Sms Script - Multiple SQL Injection",2013-01-08,"cr4wl3r ",php,webapps,0 +23967,platforms/php/webapps/23967.txt,"E Sms Script - Multiple SQL Injections",2013-01-08,"cr4wl3r ",php,webapps,0 23968,platforms/asp/webapps/23968.txt,"Advantech WebAccess HMI/SCADA Software - Persistence XSS",2013-01-08,"SecPod Research",asp,webapps,0 23970,platforms/php/webapps/23970.rb,"WordPress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,Metasploit,php,webapps,0 23971,platforms/php/webapps/23971.txt,"TikiWiki Project 1.8 - tiki-index.php comments_offset & offset Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 @@ -21172,18 +21172,18 @@ id,file,description,date,author,platform,type,port 23976,platforms/php/webapps/23976.txt,"TikiWiki Project 1.8 - tiki-list_trackers.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23977,platforms/php/webapps/23977.txt,"TikiWiki Project 1.8 - tiki-list_blogs.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23978,platforms/php/webapps/23978.txt,"TikiWiki Project 1.8 - tiki-usermenu.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 -33401,platforms/php/webapps/33401.txt,"Million Pixel Script 3 - 'pa' Parameter Cross-Site Scripting",2009-12-14,bi0,php,webapps,0 -33402,platforms/linux/remote/33402.txt,"Ruby on Rails 2.3.5 - 'protect_from_forgery' Cross-Site Request Forgery",2009-12-14,p0deje,linux,remote,0 +33401,platforms/php/webapps/33401.txt,"Million Pixel Script 3 - 'pa' Parameter Cross-site Scripting",2009-12-14,bi0,php,webapps,0 +33402,platforms/linux/remote/33402.txt,"Ruby on Rails 2.3.5 - 'protect_from_forgery' Cross-site Request Forgery",2009-12-14,p0deje,linux,remote,0 23982,platforms/php/webapps/23982.txt,"TikiWiki Project 1.8 - tiki-list_faqs.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23983,platforms/php/webapps/23983.txt,"TikiWiki Project 1.8 - tiki-list_trackers.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23984,platforms/php/webapps/23984.txt,"TikiWiki Project 1.8 - tiki-list_blogs.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 -23986,platforms/cgi/webapps/23986.txt,"Blackboard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities",2004-04-12,"DarC KonQuest",cgi,webapps,0 +23986,platforms/cgi/webapps/23986.txt,"Blackboard Learning System 5.x/6.0 - Multiple Cross-site Scripting Vulnerabilities",2004-04-12,"DarC KonQuest",cgi,webapps,0 23987,platforms/cgi/remote/23987.txt,"SurgeLDAP 1.0 - User.CGI Directory Traversal",2004-04-12,dr_insane,cgi,remote,0 23988,platforms/php/webapps/23988.txt,"Nuked-Klan 1.x - Multiple Vulnerabilities",2004-04-12,frog,php,webapps,0 23989,platforms/windows/local/23989.c,"Microsoft Windows 2000/NT 4 - Local Descriptor Table Local Privilege Escalation",2004-04-18,mslug@safechina.net,windows,local,0 -23990,platforms/php/webapps/23990.txt,"PHP-Nuke 6.x/7.x - CookieDecode Cross-Site Scripting",2004-04-13,waraxe,php,webapps,0 +23990,platforms/php/webapps/23990.txt,"PHP-Nuke 6.x/7.x - CookieDecode Cross-site Scripting",2004-04-13,waraxe,php,webapps,0 23991,platforms/php/webapps/23991.txt,"Tutos 1.1.20031017 - note_overview.php id Parameter SQL Injection",2004-04-13,"François SORIN",php,webapps,0 -23998,platforms/php/webapps/23998.txt,"PHP-Nuke 6.x/7.x - Multiple SQL Injection",2004-04-13,waraxe,php,webapps,0 +23998,platforms/php/webapps/23998.txt,"PHP-Nuke 6.x/7.x - Multiple SQL Injections",2004-04-13,waraxe,php,webapps,0 23999,platforms/linux/dos/23999.txt,"Neon WebDAV Client Library 0.2x - Format String Vulnerabilities",2004-04-14,"Thomas Wana",linux,dos,0 24000,platforms/windows/dos/24000.pl,"Qualcomm Eudora 6.0.3 - MIME Message Nesting Denial of Service",2004-04-14,"Paul Szabo",windows,dos,0 23993,platforms/php/webapps/23993.txt,"Websitebaker Addon Concert Calendar 2.1.4 - Multiple Vulnerabilities",2013-01-09,"Stefan Schurtz",php,webapps,0 @@ -21191,7 +21191,7 @@ id,file,description,date,author,platform,type,port 23995,platforms/hardware/webapps/23995.txt,"Watson Management Console 4.11.2.G - Directory Traversal",2013-01-09,"Dhruv Shah",hardware,webapps,0 23996,platforms/windows/local/23996.py,"Inmatrix Ltd. Zoom Player 8.5 - (.jpeg) Exploit",2013-01-09,"Debasish Mandal",windows,local,0 23997,platforms/php/webapps/23997.txt,"WeBid 1.0.6 - SQL Injection",2013-01-09,"Life Wasted",php,webapps,0 -24001,platforms/cgi/webapps/24001.txt,"Rhino Software Zaep AntiSpam 2.0 - Cross-Site Scripting",2004-04-14,"Noam Rathaus",cgi,webapps,0 +24001,platforms/cgi/webapps/24001.txt,"Rhino Software Zaep AntiSpam 2.0 - Cross-site Scripting",2004-04-14,"Noam Rathaus",cgi,webapps,0 24002,platforms/windows/dos/24002.py,"Microsoft Outlook Express 6.0 - Remote Denial of Service",2004-04-14,"Ben Rampling",windows,dos,0 24003,platforms/php/webapps/24003.txt,"phpBugTracker 0.9 - query.php Multiple Parameter SQL Injection",2004-04-15,JeiAr,php,webapps,0 24004,platforms/php/webapps/24004.txt,"phpBugTracker 0.9 - bug.php Multiple Parameter SQL Injection",2004-04-15,JeiAr,php,webapps,0 @@ -21242,7 +21242,7 @@ id,file,description,date,author,platform,type,port 24052,platforms/php/webapps/24052.txt,"OpenBB 1.0.x - member.php redirect Parameter XSS",2004-04-26,JeiAr,php,webapps,0 24053,platforms/php/webapps/24053.txt,"OpenBB 1.0.x - myhome.php to Parameter XSS",2004-04-26,JeiAr,php,webapps,0 24054,platforms/php/webapps/24054.txt,"OpenBB 1.0.x - post.php TID Parameter XSS",2004-04-26,JeiAr,php,webapps,0 -24055,platforms/php/webapps/24055.txt,"OpenBB 1.0.x - index.php redirect Parameter XSS",2004-04-26,JeiAr,php,webapps,0 +24055,platforms/php/webapps/24055.txt,"OpenBB 1.0.x - 'index.php' redirect Parameter XSS",2004-04-26,JeiAr,php,webapps,0 24056,platforms/php/webapps/24056.txt,"OpenBB 1.0.x - board.php FID Parameter SQL Injection",2004-04-26,JeiAr,php,webapps,0 24057,platforms/php/webapps/24057.txt,"OpenBB 1.0.x - member.php Multiple Parameter SQL Injection",2004-04-26,JeiAr,php,webapps,0 24058,platforms/php/webapps/24058.txt,"OpenBB 1.0.x - search.php q Parameter SQL Injection",2004-04-26,JeiAr,php,webapps,0 @@ -21255,10 +21255,10 @@ id,file,description,date,author,platform,type,port 24065,platforms/hardware/remote/24065.java,"Siemens S55 - Cellular Telephone Sms Confirmation Message Bypass",2004-04-27,FtR,hardware,remote,0 24066,platforms/multiple/dos/24066.txt,"DiGi WWW Server 1 - Remote Denial of Service",2004-04-27,"Donato Ferrante",multiple,dos,0 24067,platforms/unix/remote/24067.c,"LHA 1.x - Buffer Overflow / Directory Traversal",2004-04-30,N4rK07IX,unix,remote,0 -24068,platforms/php/webapps/24068.txt,"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting",2004-04-30,"Alvin Alex",php,webapps,0 +24068,platforms/php/webapps/24068.txt,"SquirrelMail 1.4.x - Folder Name Cross-site Scripting",2004-04-30,"Alvin Alex",php,webapps,0 24069,platforms/windows/remote/24069.html,"Microsoft Internet Explorer 6.0 - Meta Data Foreign Domain Spoofing",2004-04-30,E.Kellinis,windows,remote,0 24070,platforms/multiple/dos/24070.txt,"Rosiello Security Sphiro HTTPD 0.1 B - Remote Heap Buffer Overflow",2004-04-30,"Slotto Corleone",multiple,dos,0 -24071,platforms/php/webapps/24071.txt,"Moodle 1.1/1.2 - Cross-Site Scripting",2004-04-30,"Bartek Nowotarski",php,webapps,0 +24071,platforms/php/webapps/24071.txt,"Moodle 1.1/1.2 - Cross-site Scripting",2004-04-30,"Bartek Nowotarski",php,webapps,0 24072,platforms/php/webapps/24072.txt,"Coppermine Photo Gallery 1.x - menu.inc.php CPG_URL Parameter XSS",2004-04-30,"Janek Vind",php,webapps,0 24073,platforms/php/webapps/24073.txt,"Coppermine Photo Gallery 1.x - modules.php startdir Parameter Traversal Arbitrary File Access",2004-04-30,"Janek Vind",php,webapps,0 24074,platforms/php/webapps/24074.txt,"Coppermine Photo Gallery 1.x - init.inc.php Remote File Inclusion",2004-04-30,"Janek Vind",php,webapps,0 @@ -21270,10 +21270,10 @@ id,file,description,date,author,platform,type,port 24080,platforms/windows/dos/24080.pl,"Titan FTP Server 3.0 - LIST Denial of Service",2004-05-04,storm,windows,dos,0 24081,platforms/cfm/webapps/24081.txt,"E-Zone Media FuzeTalk 2.0 - AddUser.CFM Administrator Command Execution",2004-05-05,"Stuart Jamieson",cfm,webapps,0 24082,platforms/php/webapps/24082.txt,"Simple Machines Forum 1.0 - Size Tag HTML Injection",2004-05-05,"Cheng Peng Su",php,webapps,0 -24083,platforms/php/webapps/24083.txt,"PHPX 3.x - Multiple Cross-Site Scripting Vulnerabilities",2004-05-05,JeiAr,php,webapps,0 +24083,platforms/php/webapps/24083.txt,"PHPX 3.x - Multiple Cross-site Scripting Vulnerabilities",2004-05-05,JeiAr,php,webapps,0 24084,platforms/multiple/remote/24084.py,"Nagios - history.cgi Remote Command Execution",2013-01-13,blasty,multiple,remote,0 -24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 - (go param) Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 -24087,platforms/php/webapps/24087.txt,"phlyLabs phlyMail Lite 4.03.04 - Path Disclosure / Stored XSS",2013-01-13,LiquidWorm,php,webapps,0 +24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 - (go parameter) Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 +24087,platforms/php/webapps/24087.txt,"phlyLabs phlyMail Lite 4.03.04 - Path Disclosure / Persistent Cross-site Scripting",2013-01-13,LiquidWorm,php,webapps,0 24088,platforms/php/webapps/24088.txt,"PHPX 3.x - admin/page.php CSRF Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 24089,platforms/php/webapps/24089.txt,"PHPX 3.x - admin/news.php CSRF Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 24090,platforms/php/webapps/24090.txt,"PHPX 3.x - admin/user.php CSRF Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 @@ -21290,7 +21290,7 @@ id,file,description,date,author,platform,type,port 24101,platforms/windows/remote/24101.txt,"Microsoft Outlook 2003 - Predictable File Location Weakness",2004-05-10,http-equiv,windows,remote,0 24102,platforms/windows/remote/24102.txt,"Microsoft Internet Explorer 4/5/6 - Embedded Image URI Obfuscation Weakness",2004-05-10,http-equiv,windows,remote,0 24103,platforms/windows/dos/24103.txt,"MailEnable Mail Server HTTPMail 1.x - Remote Heap Overflow",2004-05-09,"Behrang Fouladi",windows,dos,0 -24104,platforms/php/webapps/24104.txt,"Tutorials Manager 1.0 - Multiple SQL Injection",2004-05-10,"Hillel Himovich",php,webapps,0 +24104,platforms/php/webapps/24104.txt,"Tutorials Manager 1.0 - Multiple SQL Injections",2004-05-10,"Hillel Himovich",php,webapps,0 24105,platforms/linux/remote/24105.txt,"National Science Foundation Squid Proxy 2.3 - Internet Access Control Bypass",2004-05-10,"Nuno Costa",linux,remote,0 24106,platforms/linux/remote/24106.txt,"Open WebMail 1.x/2.x - Remote Command Execution Variant",2004-05-10,Nullbyte,linux,remote,0 24107,platforms/windows/dos/24107.pl,"EMule Web 0.42 Control Panel - Denial of Service",2004-05-10,"Rafel Ivgi The-Insider",windows,dos,0 @@ -21307,9 +21307,9 @@ id,file,description,date,author,platform,type,port 24119,platforms/windows/dos/24119.txt,"Microsoft Internet Explorer 5.0.1 - http-equiv Meta Tag Denial of Service",2004-05-14,"Mike Mauler",windows,dos,0 24120,platforms/linux/remote/24120.c,"LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities",2004-05-19,"Lukasz Wojtow",linux,remote,0 24121,platforms/osx/remote/24121.txt,"Apple Mac OS X 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 -24122,platforms/cgi/webapps/24122.txt,"TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2004-05-17,"Kaloyan Olegov Georgiev",cgi,webapps,0 +24122,platforms/cgi/webapps/24122.txt,"TurboTrafficTrader C 1.0 - Multiple Cross-site Scripting and HTML Injection Vulnerabilities",2004-05-17,"Kaloyan Olegov Georgiev",cgi,webapps,0 24123,platforms/linux/local/24123.sh,"WGet 1.x - Insecure File Creation Race Condition",2004-05-17,"Hugo Vazquez",linux,local,0 -24124,platforms/php/webapps/24124.txt,"VBulletin 1.0/2.x/3.0 - Index.php User Interface Spoofing Weakness",2004-05-17,p0rk,php,webapps,0 +24124,platforms/php/webapps/24124.txt,"VBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing Weakness",2004-05-17,p0rk,php,webapps,0 24125,platforms/windows/remote/24125.txt,"Microsoft Windows XP - Self-Executing Folder",2004-05-17,"Roozbeh Afrasiabi",windows,remote,0 24126,platforms/php/webapps/24126.txt,"osCommerce 2.x - File Manager Directory Traversal",2004-05-17,Rene,php,webapps,0 24127,platforms/php/webapps/24127.txt,"PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Include",2004-05-17,waraxe,php,webapps,0 @@ -21343,7 +21343,7 @@ id,file,description,date,author,platform,type,port 24187,platforms/windows/remote/24187.txt,"Microsoft Internet Explorer 6.0 - ADODB.Stream Object File Installation Weakness",2003-08-23,Jelmer,windows,remote,0 24188,platforms/cgi/webapps/24188.pl,"Blackboard Learning System 6.0 - Dropbox File Download",2004-06-10,"Maarten Verbeek",cgi,webapps,0 24189,platforms/multiple/remote/24189.html,"Microsoft Internet Explorer 5.0.1 / Opera 7.51 - URI Obfuscation Weakness",2004-06-10,http-equiv,multiple,remote,0 -24157,platforms/php/webapps/24157.txt,"Cydia Repo Manager - CSRF",2013-01-16,"Ramdan Yantu",php,webapps,0 +24157,platforms/php/webapps/24157.txt,"Cydia Repo Manager - Cross-site Request Forgery",2013-01-16,"Ramdan Yantu",php,webapps,0 24158,platforms/jsp/webapps/24158.txt,"Oracle Application Framework - Diagnostic Mode Bypass",2013-01-16,"Trustwave's SpiderLabs",jsp,webapps,0 24159,platforms/linux/remote/24159.rb,"Nagios3 - history.cgi Host Command Execution",2013-01-16,Metasploit,linux,remote,0 24160,platforms/linux/remote/24160.txt,"SquirrelMail 1.x - Email Header HTML Injection",2004-05-31,"Roman Medina",linux,remote,0 @@ -21371,7 +21371,7 @@ id,file,description,date,author,platform,type,port 24182,platforms/linux/local/24182.c,"CVS 1.11.x - Multiple Vulnerabilities",2004-06-09,"Gyan Chawdhary",linux,local,0 24183,platforms/php/webapps/24183.txt,"cPanel 5-9 - Passwd SQL Injection",2004-06-09,verb0s@virtualnova.net,php,webapps,0 24184,platforms/asp/webapps/24184.txt,"AspDotNetStorefront 3.3 - Access Validation",2004-06-09,"Thomas Ryan",asp,webapps,0 -24185,platforms/asp/webapps/24185.txt,"AspDotNetStorefront 3.3 - ReturnURL Parameter Cross-Site Scripting",2004-06-09,"Thomas Ryan",asp,webapps,0 +24185,platforms/asp/webapps/24185.txt,"AspDotNetStorefront 3.3 - ReturnURL Parameter Cross-site Scripting",2004-06-09,"Thomas Ryan",asp,webapps,0 24190,platforms/java/webapps/24190.txt,"PHP-Nuke 6.x/7.x - FAQ Module categories Parameter XSS",2004-06-11,"Janek Vind",java,webapps,0 24191,platforms/php/webapps/24191.txt,"PHP-Nuke 6.x/7.x - Encyclopedia Module Multiple Function XSS",2004-06-11,"Janek Vind",php,webapps,0 24192,platforms/php/webapps/24192.txt,"PHP-Nuke 6.x/7.x - Reviews Module order Parameter SQL Injection",2004-06-11,"Janek Vind",php,webapps,0 @@ -21379,9 +21379,9 @@ id,file,description,date,author,platform,type,port 24194,platforms/php/webapps/24194.txt,"PHP-Nuke 6.x/7.x - Reviews Module Multiple Parameter XSS",2004-06-11,"Janek Vind",php,webapps,0 24195,platforms/windows/dos/24195.pl,"WinAgents TFTP Server 3.0 - Remote Buffer Overrun",2004-06-11,"Ziv Kamir",windows,dos,0 24196,platforms/windows/remote/24196.txt,"Mozilla Browser 1.6/1.7 - URI Obfuscation Weakness",2004-06-14,http-equiv,windows,remote,0 -24197,platforms/cgi/webapps/24197.txt,"Linksys Web Camera Software 2.10 - Next_file Parameter Cross-Site Scripting",2004-06-14,scriptX,cgi,webapps,0 -24198,platforms/asp/webapps/24198.txt,"Virtual Programming VP-ASP Shoperror Script 4/5 - Cross-Site Scripting",2004-06-14,"Thomas Ryan",asp,webapps,0 -24199,platforms/php/webapps/24199.txt,"Invision Power Board 1.3 - SSI.php Cross-Site Scripting",2004-06-14,"IMAN Sharafoddin",php,webapps,0 +24197,platforms/cgi/webapps/24197.txt,"Linksys Web Camera Software 2.10 - Next_file Parameter Cross-site Scripting",2004-06-14,scriptX,cgi,webapps,0 +24198,platforms/asp/webapps/24198.txt,"Virtual Programming VP-ASP Shoperror Script 4/5 - Cross-site Scripting",2004-06-14,"Thomas Ryan",asp,webapps,0 +24199,platforms/php/webapps/24199.txt,"Invision Power Board 1.3 - SSI.php Cross-site Scripting",2004-06-14,"IMAN Sharafoddin",php,webapps,0 24200,platforms/windows/local/24200.txt,"Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass",2004-06-14,"Tan Chew Keong",windows,local,0 24201,platforms/php/webapps/24201.txt,"php-Charts - Arbitrary PHP Code Execution",2013-01-18,AkaStep,php,webapps,0 24202,platforms/hardware/webapps/24202.txt,"linksys wrt54gl firmware 4.30.15 build 2 - Multiple Vulnerabilities",2013-01-18,m-1-k-3,hardware,webapps,0 @@ -21396,8 +21396,8 @@ id,file,description,date,author,platform,type,port 24210,platforms/hp-ux/local/24210.pl,"HP-UX 7-11 - Local X Font Server Buffer Overflow",2003-03-10,watercloud,hp-ux,local,0 24211,platforms/windows/dos/24211.txt,"Microsoft Internet Explorer 6.0 - HREF Save As Denial of Service",2004-06-15,"Rafel Ivgi The-Insider",windows,dos,0 24212,platforms/php/webapps/24212.txt,"Pivot 1.0 - Remote module_db.php File Include",2004-06-15,loofus,php,webapps,0 -24213,platforms/windows/remote/24213.txt,"Microsoft Internet Explorer 5.0.1 - Wildcard DNS Cross-Site Scripting",2004-06-15,"bitlance winter",windows,remote,0 -24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - Registration_Rules.ASP Cross-Site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 +24213,platforms/windows/remote/24213.txt,"Microsoft Internet Explorer 5.0.1 - Wildcard DNS Cross-site Scripting",2004-06-15,"bitlance winter",windows,remote,0 +24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - Registration_Rules.ASP Cross-site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 24215,platforms/php/webapps/24215.txt,"phpHeaven phpMyChat 0.14.5 - usersL.php3 Multiple Parameter SQL Injection",2004-06-15,HEX,php,webapps,0 24216,platforms/php/webapps/24216.html,"phpHeaven phpMyChat 0.14.5 - edituser.php3 do_not_login Variable Authentication Bypass",2004-06-15,HEX,php,webapps,0 24217,platforms/php/webapps/24217.txt,"phpHeaven phpMyChat 0.14.5 - admin.php3 Arbitrary File Access",2004-06-15,HEX,php,webapps,0 @@ -21413,12 +21413,12 @@ id,file,description,date,author,platform,type,port 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection",2004-06-21,"Luca Legato",php,webapps,0 24228,platforms/php/webapps/24228.txt,"Joomla com_collector Component - Arbitrary File Upload",2013-01-19,"Red Dragon_al",php,webapps,0 24229,platforms/php/webapps/24229.txt,"WordPress Plugin Ripe HD FLV Player - SQL Injection",2013-01-19,Zikou-16,php,webapps,0 -24231,platforms/php/webapps/24231.txt,"ArbitroWeb PHP Proxy 0.5/0.6 - Cross-Site Scripting",2004-06-22,"Josh Gilmour",php,webapps,0 +24231,platforms/php/webapps/24231.txt,"ArbitroWeb PHP Proxy 0.5/0.6 - Cross-site Scripting",2004-06-22,"Josh Gilmour",php,webapps,0 24232,platforms/php/webapps/24232.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - Multiple Vulnerabilities",2004-06-23,"Janek Vind",php,webapps,0 24233,platforms/freebsd/dos/24233.c,"FreeBSD 4.10/5.x - execve() Unaligned Memory Access Denial of Service",2004-06-23,"Marceta Milos",freebsd,dos,0 24234,platforms/php/webapps/24234.html,"VBulletin 3.0.1 - newreply.php WYSIWYG_HTML Parameter XSS",2004-06-24,"Cheng Peng Su",php,webapps,0 24235,platforms/php/webapps/24235.txt,"ZaireWeb Solutions Newsletter ZWS - Administrative Interface Authentication Bypass",2004-06-24,GaMeS,php,webapps,0 -24236,platforms/cgi/webapps/24236.txt,"McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script - Cross-Site Scripting",2004-06-28,"Dr.Ponidi Haryanto",cgi,webapps,0 +24236,platforms/cgi/webapps/24236.txt,"McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script - Cross-site Scripting",2004-06-28,"Dr.Ponidi Haryanto",cgi,webapps,0 24237,platforms/cgi/webapps/24237.txt,"CGIScript.net CSFAQ 1.0 Script - Path Disclosure",2004-06-28,DarkBicho,cgi,webapps,0 24238,platforms/php/webapps/24238.txt,"CuteNews 0.88/1.3 - example1.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 24239,platforms/php/webapps/24239.txt,"CuteNews 0.88/1.3 - example2.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 @@ -21428,18 +21428,18 @@ id,file,description,date,author,platform,type,port 24243,platforms/unix/dos/24243.txt,"IBM Lotus Domino Server 6 - Web Access Remote Denial of Service",2004-06-30,"Andreas Klein",unix,dos,0 24244,platforms/cgi/webapps/24244.txt,"Netegrity IdentityMinder Web Edition 5.6 - Null Byte XSS",2004-07-01,vuln@hexview.com,cgi,webapps,0 24245,platforms/cgi/webapps/24245.txt,"Netegrity IdentityMinder Web Edition 5.6 - Management Interface XSS",2004-07-01,vuln@hexview.com,cgi,webapps,0 -24246,platforms/multiple/remote/24246.txt,"SCI Photo Chat 3.4.9 - Cross-Site Scripting",2004-07-20,"Donato Ferrante",multiple,remote,0 +24246,platforms/multiple/remote/24246.txt,"SCI Photo Chat 3.4.9 - Cross-site Scripting",2004-07-20,"Donato Ferrante",multiple,remote,0 24247,platforms/multiple/dos/24247.txt,"Easy Chat Server 1.x - Multiple Denial of Service Vulnerabilities",2004-07-02,"Donato Ferrante",multiple,dos,0 24248,platforms/unix/dos/24248.txt,"IBM WebSphere Caching Proxy Server 5.0 2 - Denial of Service",2004-07-02,"Leandro Meiners",unix,dos,0 24249,platforms/windows/remote/24249.html,"Microsoft Internet Explorer 6.0 - Shell.Application Object Script Execution Weakness",2004-07-03,http-equiv,windows,remote,0 24250,platforms/multiple/remote/24250.pl,"MySQL 4.1/5.0 - Authentication Bypass",2004-07-05,"Eli Kara",multiple,remote,0 24251,platforms/cgi/webapps/24251.txt,"Symantec Brightmail Anti-spam 6.0 - Unauthorized Message Disclosure",2004-07-05,"Thomas Springer",cgi,webapps,0 24252,platforms/cgi/webapps/24252.txt,"fastream netfile ftp/web server 6.5/6.7 - Directory Traversal",2004-07-05,"Andres Tarasco Acuna",cgi,webapps,0 -24253,platforms/multiple/remote/24253.txt,"12Planet Chat Server 2.9 - Cross-Site Scripting",2004-07-05,"Donato Ferrante",multiple,remote,0 +24253,platforms/multiple/remote/24253.txt,"12Planet Chat Server 2.9 - Cross-site Scripting",2004-07-05,"Donato Ferrante",multiple,remote,0 24254,platforms/cgi/webapps/24254.txt,"BasiliX Webmail 1.1 - Email Header HTML Injection",2004-07-05,"Roman Medina-Heigl Hernandez",cgi,webapps,0 -24255,platforms/php/webapps/24255.txt,"JAWS 0.2/0.3 - index.php gadget Parameter Traversal Arbitrary File Access",2004-07-06,"Fernando Quintero",php,webapps,0 +24255,platforms/php/webapps/24255.txt,"JAWS 0.2/0.3 - 'index.php' gadget Parameter Traversal Arbitrary File Access",2004-07-06,"Fernando Quintero",php,webapps,0 24256,platforms/php/webapps/24256.php,"JAWS 0.2/0.3 - Cookie Manipulation Authentication Bypass",2004-07-06,"Fernando Quintero",php,webapps,0 -24257,platforms/php/webapps/24257.txt,"JAWS 0.2/0.3 - index.php action Parameter XSS",2004-07-06,"Fernando Quintero",php,webapps,0 +24257,platforms/php/webapps/24257.txt,"JAWS 0.2/0.3 - 'index.php' action Parameter XSS",2004-07-06,"Fernando Quintero",php,webapps,0 24258,platforms/windows/local/24258.txt,"Aloaha Credential Provider Monitor 5.0.226 - Local Privilege Escalation",2013-01-20,LiquidWorm,windows,local,0 24259,platforms/linux/remote/24259.c,"Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities",2004-08-05,"Rémi Denis-Courmont",linux,remote,0 24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - comersus_gatewayPayPal.asp Price Manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 @@ -21453,7 +21453,7 @@ id,file,description,date,author,platform,type,port 24268,platforms/multiple/remote/24268.txt,"Code-Crafters Ability Mail Server 1.18 - errormsg Parameter XSS",2004-07-12,dr_insane,multiple,remote,0 24269,platforms/php/webapps/24269.txt,"NConf 1.3 - (detail.php detail_admin_items.php id parameter) SQL Injection",2013-01-21,haidao,php,webapps,0 24270,platforms/php/webapps/24270.txt,"NConf 1.3 - Arbitrary File Creation",2013-01-21,haidao,php,webapps,0 -24357,platforms/php/webapps/24357.txt,"PluggedOut Blog 1.51/1.60 - Blog_Exec.php Cross-Site Scripting",2004-08-07,"befcake beefy",php,webapps,0 +24357,platforms/php/webapps/24357.txt,"PluggedOut Blog 1.51/1.60 - Blog_Exec.php Cross-site Scripting",2004-08-07,"befcake beefy",php,webapps,0 24272,platforms/multiple/remote/24272.rb,"Jenkins - Script-Console Java Execution",2013-01-21,Metasploit,multiple,remote,0 24273,platforms/php/remote/24273.rb,"PHP-Charts 1.0 - PHP Code Execution",2013-01-21,Metasploit,php,remote,0 24274,platforms/php/webapps/24274.pl,"phpBB 2.0.x - Viewtopic.php PHP Script Injection",2004-07-12,"sasan hezarkhani",php,webapps,0 @@ -21461,24 +21461,24 @@ id,file,description,date,author,platform,type,port 24276,platforms/windows/remote/24276.txt,"Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities",2004-07-13,"Mind Warper",windows,remote,0 24277,platforms/windows/local/24277.c,"Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Local Privilege Escalation",2004-07-16,bkbll,windows,local,0 24278,platforms/linux/local/24278.sh,"IM-Switch - Insecure Temporary File Handling Symbolic Link",2004-07-13,"SEKINE Tatsuo",linux,local,0 -24279,platforms/php/webapps/24279.txt,"Moodle Help Script 1.x - Cross-Site Scripting",2004-07-13,morpheus[bd],php,webapps,0 +24279,platforms/php/webapps/24279.txt,"Moodle Help Script 1.x - Cross-site Scripting",2004-07-13,morpheus[bd],php,webapps,0 24280,platforms/php/remote/24280.txt,"PHP 4.x/5.0 - Strip_Tags() Function Bypass",2004-07-14,"Stefan Esser",php,remote,0 24281,platforms/windows/dos/24281.pl,"Microsoft Systems Management Server 1.2/2.0 - Remote Denial of Service",2004-07-14,HexView,windows,dos,0 24282,platforms/multiple/dos/24282.txt,"Gattaca Server 2003 - web.tmpl Language Variable CPU Consumption DoS",2004-07-15,dr_insane,multiple,dos,0 -24283,platforms/multiple/dos/24283.txt,"Gattaca Server 2003 POP3 - DoS",2004-07-15,dr_insane,multiple,dos,0 +24283,platforms/multiple/dos/24283.txt,"Gattaca Server 2003 POP3 - Denial of Service",2004-07-15,dr_insane,multiple,dos,0 24284,platforms/cgi/webapps/24284.txt,"Gattaca Server 2003 - Null Byte Path Disclosure",2004-07-15,dr_insane,cgi,webapps,0 24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 - Language Variable Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 -24286,platforms/cgi/webapps/24286.txt,"Gattaca Server 2003 - Cross-Site Scripting",2004-07-15,dr_insane,cgi,webapps,0 -24287,platforms/cgi/webapps/24287.txt,"BoardPower Forum - ICQ.CGI Cross-Site Scripting",2004-07-15,"Alexander Antipov",cgi,webapps,0 +24286,platforms/cgi/webapps/24286.txt,"Gattaca Server 2003 - Cross-site Scripting",2004-07-15,dr_insane,cgi,webapps,0 +24287,platforms/cgi/webapps/24287.txt,"BoardPower Forum - ICQ.CGI Cross-site Scripting",2004-07-15,"Alexander Antipov",cgi,webapps,0 24288,platforms/windows/dos/24288.txt,"Symantec Norton Antivirus 2001/2002/2003/2004 - Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script - File Include",2004-07-19,"Adam Simuntis",php,webapps,0 24290,platforms/php/webapps/24290.txt,"CuteNews 1.3 - Comment HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 -24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter Plugin - CSRF",2013-01-22,"Junaid Hussain",php,webapps,0 +24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter Plugin - Cross-site Request Forgery",2013-01-22,"Junaid Hussain",php,webapps,0 24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script - Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 -24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting",2004-08-16,"Javier Ubilla",php,webapps,0 +24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-site Scripting",2004-08-16,"Javier Ubilla",php,webapps,0 24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - Common.php Remote File Inclusion",2004-07-20,"Radek Hulan",php,webapps,0 24297,platforms/windows/remote/24297.pl,"Serena TeamTrack 6.1.1 - Remote Authentication Bypass",2004-07-21,"Noam Rathaus",windows,remote,0 24298,platforms/asp/webapps/24298.pl,"Internet Software Sciences Web+Center 4.0.1 - Cookie Object SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 @@ -21486,8 +21486,8 @@ id,file,description,date,author,platform,type,port 24300,platforms/asp/webapps/24300.pl,"Leigh Business Enterprises Web HelpDesk 4.0 - SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 24301,platforms/php/webapps/24301.html,"Mensajeitor Tag Board 1.x - Authentication Bypass",2004-07-21,"Jordi Corrales",php,webapps,0 24302,platforms/asp/webapps/24302.pl,"Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass",2004-07-21,"Noam Rathaus",asp,webapps,0 -24303,platforms/php/webapps/24303.txt,"Layton Technology HelpBox 3.0.1 - Multiple SQL Injection",2004-07-21,"Noam Rathaus",php,webapps,0 -24304,platforms/windows/remote/24304.txt,"Imatix Xitami 2.5 - Server Side Includes Cross-Site Scripting",2004-07-22,"Oliver Karow",windows,remote,0 +24303,platforms/php/webapps/24303.txt,"Layton Technology HelpBox 3.0.1 - Multiple SQL Injections",2004-07-21,"Noam Rathaus",php,webapps,0 +24304,platforms/windows/remote/24304.txt,"Imatix Xitami 2.5 - Server Side Includes Cross-site Scripting",2004-07-22,"Oliver Karow",windows,remote,0 24305,platforms/multiple/dos/24305.txt,"PSCS VPOP3 2.0 - Email Server Remote Denial of Service",2004-07-22,dr_insane,multiple,dos,0 24306,platforms/php/webapps/24306.txt,"EasyWeb 1.0 FileManager Module - Directory Traversal",2004-07-23,sullo@cirt.net,php,webapps,0 24307,platforms/php/webapps/24307.txt,"PostNuke 0.7x - Install Script Administrator Password Disclosure",2004-07-24,hellsink,php,webapps,0 @@ -21507,14 +21507,14 @@ id,file,description,date,author,platform,type,port 24321,platforms/multiple/remote/24321.rb,"Movable Type 4.2x / 4.3x - Web Upgrade Remote Code Execution",2013-01-07,Metasploit,multiple,remote,0 24322,platforms/multiple/remote/24322.rb,"SonicWALL Gms 6 - Arbitrary File Upload",2013-01-24,Metasploit,multiple,remote,0 24323,platforms/multiple/remote/24323.rb,"Novell eDirectory 8 - Buffer Overflow",2013-01-24,Metasploit,multiple,remote,0 -24324,platforms/php/webapps/24324.txt,"PostNuke 0.72/0.75 Reviews Module - Cross-Site Scripting",2004-07-26,DarkBicho,php,webapps,0 +24324,platforms/php/webapps/24324.txt,"PostNuke 0.72/0.75 Reviews Module - Cross-site Scripting",2004-07-26,DarkBicho,php,webapps,0 24325,platforms/multiple/remote/24325.html,"Opera Web Browser 7.53 - Location Replace URI Obfuscation Weakness",2004-07-27,"bitlance winter",multiple,remote,0 24326,platforms/cgi/remote/24326.txt,"RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay",2004-07-27,"Phil Robinson",cgi,remote,0 24327,platforms/cgi/remote/24327.txt,"RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access",2004-07-27,"Phil Robinson",cgi,remote,0 24328,platforms/windows/remote/24328.txt,"Microsoft Internet Explorer 5.0.1 - Style Tag Comment Memory Corruption",2004-07-08,"Phuong Nguyen",windows,remote,0 24329,platforms/php/webapps/24329.txt,"AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injection",2004-07-28,"Josh Gilmour",php,webapps,0 24330,platforms/php/webapps/24330.txt,"AntiBoard 0.6/0.7 - antiboard.php feedback Parameter XSS",2004-07-28,"Josh Gilmour",php,webapps,0 -24331,platforms/php/webapps/24331.txt,"Phorum 5.0.7 - Search Script Cross-Site Scripting",2004-07-28,vampz,php,webapps,0 +24331,platforms/php/webapps/24331.txt,"Phorum 5.0.7 - Search Script Cross-site Scripting",2004-07-28,vampz,php,webapps,0 24332,platforms/php/webapps/24332.txt,"Comersus Cart 5.0 - SQL Injection",2004-07-29,evol@ruiner.halo.nu,php,webapps,0 24333,platforms/php/webapps/24333.txt,"Verylost LostBook 1.1 - Message Entry HTML Injection",2004-07-29,"Joseph Moniz",php,webapps,0 24334,platforms/php/webapps/24334.txt,"JAWS 0.2/0.3/0.4 - ControlPanel.php SQL Injection",2004-07-29,"Fernando Quintero",php,webapps,0 @@ -21525,13 +21525,13 @@ id,file,description,date,author,platform,type,port 24339,platforms/linux/remote/24339.c,"Citadel/UX 5.9/6.x - Username Buffer Overflow (2)",2004-07-30,Nebunu,linux,remote,0 24340,platforms/php/webapps/24340.txt,"PowerPortal 1.1/1.3 - Private Message HTML Injection",2004-07-30,vampz,php,webapps,0 24341,platforms/php/webapps/24341.txt,"FusionPHP Fusion News 3.3/3.6 - Administrator Command Execution",2004-07-30,"Joseph Moniz",php,webapps,0 -24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-Site Scripting",2004-08-02,dr_insane,cgi,remote,0 +24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-site Scripting",2004-08-02,dr_insane,cgi,remote,0 24343,platforms/windows/dos/24343.txt,"MailEnable 1.1x - Content-Length Denial of Service",2004-07-30,CoolICE,windows,dos,0 24344,platforms/hardware/dos/24344.txt,"U.S. Robotics USR808054 Wireless Access Point - Web Administration Denial of Service",2004-08-02,"Albert Puigsech Galicia",hardware,dos,0 24345,platforms/windows/remote/24345.txt,"IBM Tivoli Directory Server 3.2.2/4.1 - LDACGI Directory Traversal",2004-08-02,anonymous,windows,remote,0 24346,platforms/linux/dos/24346.txt,"Mozilla 1.x - and Netscape 7.0/7.1 SOAPParameter Integer Overflow",2004-08-02,zen-parse,linux,dos,0 24347,platforms/cgi/webapps/24347.txt,"Pete Stein GoScript 2.0 - Remote Command Execution",2004-08-04,"Francisco Alisson",cgi,webapps,0 -24348,platforms/php/webapps/24348.txt,"eNdonesia 8.3 - Search Form Cross-Site Scripting",2004-08-04,"Ahmad Muammar",php,webapps,0 +24348,platforms/php/webapps/24348.txt,"eNdonesia 8.3 - Search Form Cross-site Scripting",2004-08-04,"Ahmad Muammar",php,webapps,0 24349,platforms/php/webapps/24349.txt,"PHP-Nuke 0-7 - Delete God Admin Access Control Bypass",2004-08-04,"Ahmad Muammar",php,webapps,0 24350,platforms/windows/remote/24350.txt,"acme thttpd 2.0.7 - Directory Traversal",2004-08-04,CoolICE,windows,remote,0 24351,platforms/multiple/dos/24351.c,"Free Web Chat Initial Release - UserManager.java Null Pointer DoS",2004-08-04,"Donato Ferrante",multiple,dos,0 @@ -21545,7 +21545,7 @@ id,file,description,date,author,platform,type,port 24361,platforms/linux/remote/24361.c,"GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (2)",2004-08-09,jsk,linux,remote,0 24362,platforms/windows/dos/24362.txt,"Internet Security Systems BlackICE PC Protection 3.6 - Firewall.INI Local Buffer Overrun",2004-08-11,"Paul Craig",windows,dos,0 24363,platforms/windows/remote/24363.txt,"clearswift mimesweeper for Web 4.0/5.0 - Directory Traversal",2004-07-11,"Kroma Pierre",windows,remote,0 -24364,platforms/php/webapps/24364.txt,"WordPress SolveMedia 1.1.0 Plugin - CSRF",2013-01-25,"Junaid Hussain",php,webapps,0 +24364,platforms/php/webapps/24364.txt,"WordPress SolveMedia 1.1.0 Plugin - Cross-site Request Forgery",2013-01-25,"Junaid Hussain",php,webapps,0 24365,platforms/php/webapps/24365.txt,"ImageCMS 4.0.0b - Multiple Vulnerabilities",2013-01-25,"High-Tech Bridge SA",php,webapps,0 24366,platforms/windows/local/24366.rb,"Windows - Manage Memory Payload Injection",2013-01-25,Metasploit,windows,local,0 24367,platforms/php/webapps/24367.txt,"IceWarp Web Mail 3.3.2/5.2.7 - Multiple Remote Input Validation Vulnerabilities",2004-08-11,ShineShadow,php,webapps,0 @@ -21572,26 +21572,26 @@ id,file,description,date,author,platform,type,port 24388,platforms/multiple/dos/24388.txt,"aGSM 2.35 Half-Life Server - Info Response Buffer Overflow",2004-08-20,Dimetrius,multiple,dos,0 24389,platforms/php/webapps/24389.txt,"Sympa 4.x - New List HTML Injection",2004-08-21,"Jose Antonio",php,webapps,0 24390,platforms/php/webapps/24390.txt,"Mantis 0.19 - Remote Server-Side Script Execution",2004-08-21,"Jose Antonio",php,webapps,0 -24391,platforms/php/webapps/24391.txt,"Mantis 0.x - Multiple Cross-Site Scripting Vulnerabilities",2004-08-21,"Jose Antonio",php,webapps,0 +24391,platforms/php/webapps/24391.txt,"Mantis 0.x - Multiple Cross-site Scripting Vulnerabilities",2004-08-21,"Jose Antonio",php,webapps,0 24392,platforms/php/webapps/24392.php,"Mantis 0.x - New Account Signup Mass Emailing",2004-08-21,"Jose Antonio",php,webapps,0 24393,platforms/php/webapps/24393.txt,"MyDms 1.4 - SQL Injection / Directory Traversal",2004-08-21,"Jose Antonio",php,webapps,0 24394,platforms/multiple/dos/24394.txt,"Opera Web Browser 7.23 - JavaScript Denial of Service",2004-08-21,sourvivor,multiple,dos,0 24395,platforms/windows/dos/24395.txt,"Microsoft Internet Explorer 6.0 / Firefox 0.8/0.9.x - JavaScript Denial of Service",2004-08-23,MeFakon,windows,dos,0 -24396,platforms/php/webapps/24396.txt,"JShop E-Commerce Suite 3.0 - Page.php Cross-Site Scripting",2004-08-23,"Dr Ponidi Haryanto",php,webapps,0 +24396,platforms/php/webapps/24396.txt,"JShop E-Commerce Suite 3.0 - Page.php Cross-site Scripting",2004-08-23,"Dr Ponidi Haryanto",php,webapps,0 24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 - News.mdb Database Disclosure",2004-08-23,"Security .Net Information",asp,webapps,0 24398,platforms/linux/local/24398.sh,"IMWheel 1.0 - Predictable Temporary File Creation",2004-08-23,I)ruid,linux,local,0 -24399,platforms/php/webapps/24399.txt,"PhotoADay - Pad_selected Parameter Cross-Site Scripting",2004-08-23,"King Of Love",php,webapps,0 +24399,platforms/php/webapps/24399.txt,"PhotoADay - Pad_selected Parameter Cross-site Scripting",2004-08-23,"King Of Love",php,webapps,0 24400,platforms/cgi/webapps/24400.txt,"Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution",2004-08-23,bashis,cgi,webapps,0 24403,platforms/php/webapps/24403.txt,"EGroupWare 1.0 Calendar Module - date Parameter XSS",2004-08-23,"Joxean Koret",php,webapps,0 24401,platforms/cgi/webapps/24401.txt,"Axis Network Camera 2.x And Video Server 1-3 - Directory Traversal",2004-08-23,bashis,cgi,webapps,0 24402,platforms/cgi/webapps/24402.php,"Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass",2004-08-23,bashis,cgi,webapps,0 24404,platforms/windows/remote/24404.txt,"Gadu-Gadu 6.0 - File Download Filename Obfuscation Weakness",2004-08-23,"Bartosz Kwitkowski",windows,remote,0 -24405,platforms/php/webapps/24405.txt,"SWsoft Plesk Reloaded 7.1 - Login_name Parameter Cross-Site Scripting",2004-08-24,sourvivor,php,webapps,0 +24405,platforms/php/webapps/24405.txt,"SWsoft Plesk Reloaded 7.1 - Login_name Parameter Cross-site Scripting",2004-08-24,sourvivor,php,webapps,0 24406,platforms/linux/local/24406.txt,"GNU a2ps 4.13 - File Name Command Execution",2004-08-24,"Rudolf Polzer",linux,local,0 24407,platforms/windows/remote/24407.txt,"Microsoft Internet Explorer 6.0 - Resource Detection Weakness",2004-08-24,"GreyMagic Software",windows,remote,0 24408,platforms/cgi/webapps/24408.txt,"Web-APP.Org WebAPP 0.8/0.9.x - Directory Traversal",2004-08-24,"Jerome Athias",cgi,webapps,0 24409,platforms/windows/remote/24409.txt,"Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay",2002-12-11,Texonet,windows,remote,0 -24410,platforms/php/webapps/24410.txt,"PHP Code Snippet Library 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2004-08-24,"Nikyt0x Argentina",php,webapps,0 +24410,platforms/php/webapps/24410.txt,"PHP Code Snippet Library 0.8 - Multiple Cross-site Scripting Vulnerabilities",2004-08-24,"Nikyt0x Argentina",php,webapps,0 24411,platforms/windows/dos/24411.c,"Sysinternals Regmon 6.11 - Local Denial of Service",2004-08-25,"Next Generation Security",windows,dos,0 24412,platforms/windows/dos/24412.c,"RealVNC Server 4.0 - Remote Denial of Service",2004-08-25,Uz4yh4N,windows,dos,0 24413,platforms/windows/remote/24413.txt,"NullSoft Winamp 2-5 - (.wsz) Remote Code Execution",2004-07-26,anonymous,windows,remote,0 @@ -21610,7 +21610,7 @@ id,file,description,date,author,platform,type,port 24426,platforms/windows/dos/24426.html,"Opera Web Browser 7.23 - Empty Embedded Object JavaScript Denial of Service",2004-09-01,Stevo,windows,dos,0 24432,platforms/windows/webapps/24432.txt,"Microsoft Internet Explorer 8 / 9 - Steal Any Cookie",2013-01-28,"Christian Haider",windows,webapps,0 24441,platforms/hardware/webapps/24441.txt,"Netgear SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,hardware,webapps,0 -24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - (gallery.php L param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - (gallery.php L parameter) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24433,platforms/php/webapps/24433.txt,"php weby directory software 1.2 - Multiple Vulnerabilities",2013-01-28,AkaStep,php,webapps,0 24460,platforms/windows/remote/24460.rb,"VMware OVF Tools - Format String (1)",2013-02-06,Metasploit,windows,remote,0 24434,platforms/multiple/remote/24434.rb,"Ruby on Rails - JSON Processor YAML Deserialization Code Execution",2013-01-29,Metasploit,multiple,remote,0 @@ -21618,7 +21618,7 @@ id,file,description,date,author,platform,type,port 24436,platforms/php/webapps/24436.txt,"Kohana Framework 2.3.3 - Directory Traversal",2013-01-29,Vulnerability-Lab,php,webapps,0 24437,platforms/windows/dos/24437.py,"Apple Quick Time Player (Windows) 7.7.3 - Out of Bound Read",2013-01-29,"Debasish Mandal",windows,dos,0 24438,platforms/php/webapps/24438.txt,"DataLife Engine 9.7 - (preview.php) PHP Code Injection",2013-01-28,EgiX,php,webapps,0 -24439,platforms/freebsd/webapps/24439.txt,"PFsense UTM Platform 2.0.1 - XSS",2013-01-29,"Dimitris Strevinas",freebsd,webapps,0 +24439,platforms/freebsd/webapps/24439.txt,"PFsense UTM Platform 2.0.1 - Cross-site Scripting",2013-01-29,"Dimitris Strevinas",freebsd,webapps,0 24442,platforms/hardware/webapps/24442.txt,"D-Link DCS Cameras - Multiple Vulnerabilities",2013-01-31,"Roberto Paleari",hardware,webapps,0 24443,platforms/hardware/webapps/24443.txt,"Buffalo TeraStation TS-Series - Multiple Vulnerabilities",2013-01-31,"Andrea Fabrizi",hardware,webapps,0 24444,platforms/php/remote/24444.rb,"DataLife Engine - preview.php PHP Code Injection",2013-02-01,Metasploit,php,remote,0 @@ -21643,7 +21643,7 @@ id,file,description,date,author,platform,type,port 24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit (Metasploit)",2013-02-07,"Craig Freyman",windows,remote,0 24468,platforms/windows/dos/24468.pl,"KMPlayer - Denial of Service",2013-02-10,Jigsaw,windows,dos,0 -24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - (catalog.php id param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - (catalog.php id parameter) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24511,platforms/windows/dos/24511.txt,"SAP Netweaver Message Server - Multiple Vulnerabilities",2013-02-17,"Core Security",windows,dos,0 24472,platforms/php/webapps/24472.txt,"Easy Live Shop System - SQL Injection",2013-02-10,"Ramdan Yantu",php,webapps,0 24503,platforms/hardware/webapps/24503.txt,"Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 @@ -21661,7 +21661,7 @@ id,file,description,date,author,platform,type,port 24486,platforms/multiple/dos/24486.txt,"Google Chrome - Silent HTTP Authentication",2013-02-11,T355,multiple,dos,0 24487,platforms/linux/dos/24487.py,"cURL - Buffer Overflow",2013-02-11,Volema,linux,dos,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Remote Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 -24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - (index.php id param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - (index.php id parameter) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client - gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 @@ -21677,11 +21677,11 @@ id,file,description,date,author,platform,type,port 24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - (.pxs) Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 24507,platforms/php/webapps/24507.txt,"chillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 -24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - (out.php id param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - (out.php id parameter) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24513,platforms/hardware/webapps/24513.txt,"Netgear DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,hardware,webapps,0 24514,platforms/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,php,webapps,0 24515,platforms/php/webapps/24515.txt,"Cometchat Application - Multiple Vulnerabilities",2013-02-18,z3r0sPlOiT,php,webapps,0 -24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - (showcategory.php cid param) SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 +24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - (showcategory.php cid parameter) SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 24517,platforms/hardware/webapps/24517.txt,"USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities",2013-02-18,Vulnerability-Lab,hardware,webapps,0 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0 24531,platforms/php/webapps/24531.txt,"Web Cookbook - Multiple Vulnerabilities",2013-02-21,"cr4wl3r ",php,webapps,0 @@ -21695,12 +21695,12 @@ id,file,description,date,author,platform,type,port 24534,platforms/windows/webapps/24534.txt,"Alt-N MDaemon 13.0.3 / 12.5.6 - Email Body HTML/JS Injection",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple XSS Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0 -24537,platforms/php/webapps/24537.txt,"phpMyRecipes 1.2.2 - (viewrecipe.php r_id param) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 +24537,platforms/php/webapps/24537.txt,"phpMyRecipes 1.2.2 - (viewrecipe.php r_id parameter) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 24539,platforms/multiple/remote/24539.rb,"Java Applet JMX - Remote Code Execution (2)",2013-02-25,Metasploit,multiple,remote,0 24540,platforms/php/webapps/24540.pl,"Brewthology 0.1 - SQL Injection",2013-02-26,"cr4wl3r ",php,webapps,0 24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection",2013-02-26,L0n3ly-H34rT,php,webapps,0 24543,platforms/ios/webapps/24543.txt,"iOS IPMap 2.5 - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,ios,webapps,0 -24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - (edit_photos.php title param) XSS",2013-02-26,LiquidWorm,php,webapps,0 +24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - (edit_photos.php title parameter) XSS",2013-02-26,LiquidWorm,php,webapps,0 24545,platforms/php/webapps/24545.txt,"MTP Guestbook 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 @@ -21710,24 +21710,24 @@ id,file,description,date,author,platform,type,port 24551,platforms/php/webapps/24551.txt,"Joomla! 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Local Root (1)",2013-02-27,sd,linux,local,0 -24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - (.m3u) Buffer Overflow",2013-03-01,metacom,windows,dos,0 +24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - '.m3u' Buffer Overflow",2013-03-01,metacom,windows,dos,0 24557,platforms/windows/remote/24557.py,"Sami FTP Server 2.0.1 - LIST Command Buffer Overflow",2013-03-01,superkojiman,windows,remote,0 -24560,platforms/php/webapps/24560.txt,"doorGets CMS - CSRF",2013-03-01,n0pe,php,webapps,0 +24560,platforms/php/webapps/24560.txt,"doorGets CMS - Cross-site Request Forgery",2013-03-01,n0pe,php,webapps,0 24561,platforms/php/webapps/24561.txt,"Piwigo 2.4.6 - Multiple Vulnerabilities",2013-03-01,"High-Tech Bridge SA",php,webapps,0 24562,platforms/php/webapps/24562.txt,"PHP-Fusion 7.02.05 - Multiple Vulnerabilities",2013-03-01,waraxe,php,webapps,0 24563,platforms/hardware/webapps/24563.txt,"D-Link DSL-2740B - (ADSL Router) Authentication Bypass",2013-03-04,"Ivano Binetti",hardware,webapps,0 24564,platforms/php/webapps/24564.txt,"Nconf 1.3 - Multiple SQL Injections",2013-03-04,"Saadi Siddiqui",php,webapps,0 24565,platforms/php/webapps/24565.txt,"SiteCubed MailWorks Professional - Authentication Bypass",2004-09-02,"Paul Craig",php,webapps,0 -24566,platforms/php/webapps/24566.txt,"CuteNews 0.88/1.3.x - 'index.php' Cross-Site Scripting",2004-09-02,Exoduks,php,webapps,0 +24566,platforms/php/webapps/24566.txt,"CuteNews 0.88/1.3.x - 'index.php' Cross-site Scripting",2004-09-02,Exoduks,php,webapps,0 24567,platforms/multiple/remote/24567.txt,"Oracle Database Server 8.1.7/9.0.x - ctxsys.driload Access Validation",2004-09-03,"Alexander Kornbrust",multiple,remote,0 24568,platforms/windows/remote/24568.html,"Grokster 1.3/2.6 / KaZaA Media Desktop 1.3.x/1.6.1/2.0.x - ActiveX Control Remote Buffer Overflow",2004-09-03,celebrityhacker,windows,remote,0 24569,platforms/linux/dos/24569.txt,"QNX PPPoEd 2.4/4.25/6.2 - Multiple Local Buffer Overrun Vulnerabilities",2004-09-03,"Julio Cesar Fort",linux,dos,0 24570,platforms/linux/local/24570.txt,"QNX PPPoEd 2.4/4.25/6.2 - Path Environment Variable Local Command Execution",2004-09-03,"Julio Cesar Fort",linux,local,0 24571,platforms/windows/remote/24571.html,"Nullsoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow",2004-09-03,celebrityhacker,windows,remote,0 24572,platforms/windows/remote/24572.pl,"Ipswitch WhatsUp Gold 7.0/8.0 - Notification Instance Name Remote Buffer Overflow",2004-09-03,anonymous,windows,remote,0 -24573,platforms/multiple/webapps/24573.txt,"Keene Digital Media Server 1.0.2 - Cross-Site Scripting",2004-09-04,dr_insane,multiple,webapps,0 +24573,platforms/multiple/webapps/24573.txt,"Keene Digital Media Server 1.0.2 - Cross-site Scripting",2004-09-04,dr_insane,multiple,webapps,0 24574,platforms/cgi/webapps/24574.txt,"Webmin 1.x - HTML Email Command Execution",2004-09-07,"Keigo Yamazaki",cgi,webapps,0 -24575,platforms/php/webapps/24575.txt,"PSNews 1.1 - No Parameter Cross-Site Scripting",2004-09-05,"Michal Blaszczak",php,webapps,0 +24575,platforms/php/webapps/24575.txt,"PSNews 1.1 - No Parameter Cross-site Scripting",2004-09-05,"Michal Blaszczak",php,webapps,0 24576,platforms/cgi/webapps/24576.txt,"UtilMind Solutions Site News 1.1 - Authentication Bypass",2004-09-07,anonymous,cgi,webapps,0 24720,platforms/windows/remote/24720.txt,"Microsoft Internet Explorer 6.0 - IFRAME Status Bar URI Obfuscation Weakness",2004-11-02,"Benjamin Tobias Franz",windows,remote,0 24631,platforms/asp/webapps/24631.txt,"PD9 Software MegaBBS 2.0/2.1 - thread-post.asp Multiple Header CRLF Injection",2004-09-27,pigrelax,asp,webapps,0 @@ -21745,7 +21745,7 @@ id,file,description,date,author,platform,type,port 24586,platforms/windows/dos/24586.txt,"Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service",2004-09-09,"Luigi Auriemma",windows,dos,0 24587,platforms/php/webapps/24587.txt,"PostNuke Modules Factory Subjects Module 2.0 - SQL Injection",2004-09-10,Criolabs,php,webapps,0 24588,platforms/asp/webapps/24588.txt,"GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities",2004-09-10,Criolabs,asp,webapps,0 -24589,platforms/asp/webapps/24589.txt,"GetSolutions GetInternet - Multiple SQL Injection",2004-09-10,Criolabs,asp,webapps,0 +24589,platforms/asp/webapps/24589.txt,"GetSolutions GetInternet - Multiple SQL Injections",2004-09-10,Criolabs,asp,webapps,0 24590,platforms/linux/dos/24590.txt,"Apache 2.0.x - mod_ssl Remote Denial of Service",2004-09-10,"M. ""Alex"" Hankins",linux,dos,0 24591,platforms/cgi/webapps/24591.txt,"PerlDesk Language Variable - Server-Side Script Execution",2004-09-13,"Nikyt0x Argentina",cgi,webapps,0 24592,platforms/multiple/dos/24592.txt,"Pingtel Xpressa 1.2.x/2.0/2.1 - Handset Remote Denial of Service",2004-09-13,@stake,multiple,dos,0 @@ -21758,7 +21758,7 @@ id,file,description,date,author,platform,type,port 24599,platforms/linux/dos/24599.txt,"CUPS 1.1.x - UDP Packet Remote Denial of Service",2004-09-15,"Alvaro Martinez Echevarria",linux,dos,0 24600,platforms/windows/remote/24600.txt,"myserver 0.7 - Directory Traversal",2004-09-15,scrap,windows,remote,0 24601,platforms/php/webapps/24601.txt,"BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities",2004-09-15,"Jeong Jin-Seok",php,webapps,0 -24721,platforms/cgi/webapps/24721.txt,"TIPS MailPost 5.1.1 - APPEND Variable Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 +24721,platforms/cgi/webapps/24721.txt,"TIPS MailPost 5.1.1 - APPEND Variable Cross-site Scripting",2004-11-03,Procheckup,cgi,webapps,0 24603,platforms/ios/webapps/24603.txt,"Remote File Manager 1.2 iOS - Multiple Vulnerabilities",2013-03-06,Vulnerability-Lab,ios,webapps,0 24604,platforms/asp/webapps/24604.txt,"Snitz Forums 2000 - Down.ASP HTTP Response Splitting",2004-09-16,"Maestro De-Seguridad",asp,webapps,0 24605,platforms/windows/dos/24605.txt,"Microsoft Windows XP - Explorer.EXE .TIFF Image Denial of Service",2004-09-16,"Jason Summers",windows,dos,0 @@ -21766,11 +21766,11 @@ id,file,description,date,author,platform,type,port 24607,platforms/windows/remote/24607.txt,"Google Toolbar 1.1.x - About.HTML HTML Injection",2004-09-17,ViperSV,windows,remote,0 24608,platforms/osx/local/24608.txt,"MacOSXLabs RsyncX 2.1 - Local Privilege Escalation",2004-09-17,"Matt Johnston",osx,local,0 24609,platforms/osx/local/24609.txt,"MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation",2004-09-17,"Matt Johnston",osx,local,0 -24610,platforms/multiple/dos/24610.txt,"DNS4Me 3.0 - Denial of Service / Cross-Site Scripting",2004-09-17,"James Bercegay",multiple,dos,0 +24610,platforms/multiple/dos/24610.txt,"DNS4Me 3.0 - Denial of Service / Cross-site Scripting",2004-09-17,"James Bercegay",multiple,dos,0 24611,platforms/cgi/webapps/24611.txt,"YaBB 1.x/9.1.2000 - Administrator Command Execution",2004-09-17,"GulfTech Security",cgi,webapps,0 -24612,platforms/cgi/webapps/24612.txt,"YaBB 1.x/9.1.2000 - YaBB.pl IMSend Cross-Site Scripting",2004-09-17,"GulfTech Security",cgi,webapps,0 +24612,platforms/cgi/webapps/24612.txt,"YaBB 1.x/9.1.2000 - YaBB.pl IMSend Cross-site Scripting",2004-09-17,"GulfTech Security",cgi,webapps,0 24613,platforms/php/webapps/24613.txt,"ReMOSitory - SQL Injection",2004-09-18,khoaimi,php,webapps,0 -24614,platforms/php/webapps/24614.txt,"Mambo Open Source 4.5.1 (1.0.9) - XSS",2004-09-20,"Joxean Koret",php,webapps,0 +24614,platforms/php/webapps/24614.txt,"Mambo Open Source 4.5.1 (1.0.9) - Cross-site Scripting",2004-09-20,"Joxean Koret",php,webapps,0 24615,platforms/php/webapps/24615.txt,"Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command Execution",2004-09-20,"Joxean Koret",php,webapps,0 24616,platforms/php/webapps/24616.txt,"TUTOS - file_overview.php link_id Parameter SQL Injection",2004-09-20,"Joxean Koret",php,webapps,0 24617,platforms/php/webapps/24617.txt,"TUTOS - app_new.php t Parameter XSS",2004-09-20,"Joxean Koret",php,webapps,0 @@ -21811,7 +21811,7 @@ id,file,description,date,author,platform,type,port 24657,platforms/php/webapps/24657.txt,"BlackBoard Internet Newsboard System 1.5.1 - Remote File Inclusion",2004-10-06,"Lin Xiaofeng",php,webapps,0 24658,platforms/php/webapps/24658.txt,"Brooky CubeCart 2.0.1 - SQL Injection",2004-10-06,"Pedro Sanches",php,webapps,0 24659,platforms/php/webapps/24659.txt,"DCP-Portal 3.7/4.x/5.x - calendar.php Multiple Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 -24660,platforms/php/webapps/24660.txt,"DCP-Portal 3.7/4.x/5.x - index.php Multiple Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 +24660,platforms/php/webapps/24660.txt,"DCP-Portal 3.7/4.x/5.x - 'index.php' Multiple Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 24661,platforms/php/webapps/24661.txt,"DCP-Portal 3.7/4.x/5.x - announcement.php cid Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 24662,platforms/php/webapps/24662.txt,"DCP-Portal 3.7/4.x/5.x - news.php cid Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 24663,platforms/php/webapps/24663.txt,"DCP-Portal 3.7/4.x/5.x - contents.php cid Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 @@ -21827,21 +21827,21 @@ id,file,description,date,author,platform,type,port 24673,platforms/asp/webapps/24673.txt,"DUforum 3.x - Login Form Password Parameter SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 24674,platforms/asp/webapps/24674.txt,"DUforum 3.x - messages.asp FOR_ID Parameter SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 24675,platforms/asp/webapps/24675.txt,"DUforum 3.x - messageDetail.asp MSG_ID Parameter SQL Injection",2004-10-11,"Soroosh Dalili",asp,webapps,0 -24676,platforms/php/webapps/24676.txt,"SCT Campus Pipeline 1.0/2.x/3.x - Render.UserLayoutRootNode.uP Cross-Site Scripting",2004-10-13,"Matthew Oyer",php,webapps,0 +24676,platforms/php/webapps/24676.txt,"SCT Campus Pipeline 1.0/2.x/3.x - Render.UserLayoutRootNode.uP Cross-site Scripting",2004-10-13,"Matthew Oyer",php,webapps,0 24677,platforms/linux/dos/24677.txt,"IBM DB2 DTS To String Conversion - Denial of Service",2004-09-01,"Chris Anley",linux,dos,0 24678,platforms/windows/local/24678.txt,"IBM DB2 - Universal Database Information Disclosure",2004-09-01,"Chris Anley",windows,local,0 24679,platforms/windows/dos/24679.txt,"IBM DB2 Semaphore Signaling - Denial of Service",2004-09-01,"Chris Anley",windows,dos,0 -24680,platforms/cfm/webapps/24680.txt,"FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2004-10-13,steven,cfm,webapps,0 +24680,platforms/cfm/webapps/24680.txt,"FuseTalk Forum 4.0 - Multiple Cross-site Scripting Vulnerabilities",2004-10-13,steven,cfm,webapps,0 24681,platforms/hardware/remote/24681.txt,"3Com 3CRADSL72 ADSL Wireless Router - Information Disclosure / Authentication Bypass",2004-10-13,Karb0nOxyde,hardware,remote,0 24682,platforms/windows/local/24682.c,"Microsoft Windows XP - Weak Default Configuration",2004-10-13,americanidiot,windows,local,0 -24683,platforms/php/webapps/24683.txt,"Pinnacle Systems ShowCenter 1.51 - SettingsBase.php Cross-Site Scripting",2004-10-14,"Secunia Research",php,webapps,0 +24683,platforms/php/webapps/24683.txt,"Pinnacle Systems ShowCenter 1.51 - SettingsBase.php Cross-site Scripting",2004-10-14,"Secunia Research",php,webapps,0 24684,platforms/windows/dos/24684.txt,"Yak! Chat Client 2.x - FTP Server Directory Traversal",2004-10-15,"Luigi Auriemma",windows,dos,0 24685,platforms/php/webapps/24685.txt,"CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities",2004-10-16,R00tCr4ck,php,webapps,0 24686,platforms/windows/remote/24686.txt,"Microsoft Outlook 2003 - Security Policy Bypass",2004-10-18,http-equiv,windows,remote,0 24687,platforms/windows/remote/24687.txt,"Microsoft Outlook Express 4.x/5.x/6.0 - Plaintext Email Security Policy Bypass",2004-10-18,http-equiv,windows,remote,0 24688,platforms/windows/remote/24688.pl,"best software saleslogix 2000.0 - Multiple Vulnerabilities",2004-10-18,"Carl Livitt",windows,remote,0 24689,platforms/php/webapps/24689.sh,"cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure",2004-10-18,"Karol Wiesek",php,webapps,0 -24690,platforms/unix/webapps/24690.txt,"IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection",2004-10-18,"Juan C Calderon",unix,webapps,0 +24690,platforms/unix/webapps/24690.txt,"IBM Lotus Domino 6.x - Cross-site Scripting / HTML Injection",2004-10-18,"Juan C Calderon",unix,webapps,0 24691,platforms/multiple/dos/24691.txt,"Vypress Tonecast 1.3 - Remote Denial of Service",2004-10-19,"Luigi Auriemma",multiple,dos,0 24692,platforms/php/webapps/24692.txt,"Jan Erdmann Jebuch 1.0 - HTML Injection",2004-10-19,PuWu,php,webapps,0 24693,platforms/windows/remote/24693.txt,"Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code",2004-10-20,http-equiv,windows,remote,0 @@ -21853,15 +21853,15 @@ id,file,description,date,author,platform,type,port 24698,platforms/php/webapps/24698.txt,"UBBCentral UBB.threads 3.4/3.5 - DoSearch.php SQL Injection",2004-10-21,"Florian Rock",php,webapps,0 24699,platforms/windows/dos/24699.txt,"Microsoft Windows XP - .WAV File Handler Denial of Service",2004-10-22,HexView,windows,dos,0 24700,platforms/cgi/webapps/24700.txt,"Netbilling NBMEMBER Script - Information Disclosure",2004-10-22,ls,cgi,webapps,0 -24701,platforms/multiple/remote/24701.txt,"OpenWFE 1.4.x - Cross-Site Scripting / Connection Proxy",2004-10-25,"Joxean Koret",multiple,remote,0 -24702,platforms/php/webapps/24702.txt,"MoniWiki 1.0/1.1 - Wiki.php Cross-Site Scripting",2004-10-25,"Jeremy Bae",php,webapps,0 +24701,platforms/multiple/remote/24701.txt,"OpenWFE 1.4.x - Cross-site Scripting / Connection Proxy",2004-10-25,"Joxean Koret",multiple,remote,0 +24702,platforms/php/webapps/24702.txt,"MoniWiki 1.0/1.1 - Wiki.php Cross-site Scripting",2004-10-25,"Jeremy Bae",php,webapps,0 24703,platforms/cgi/webapps/24703.txt,"LinuxStat 2.x - Remote Directory Traversal",2004-10-25,anonymous,cgi,webapps,0 24704,platforms/linux/remote/24704.c,"Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities",2004-10-26,Sean,linux,remote,0 24705,platforms/windows/dos/24705.txt,"Microsoft Internet Explorer 6.0 - Font Tag Denial of Service",2004-10-26,"Jehiah Czebotar",windows,dos,0 24922,platforms/multiple/webapps/24922.txt,"OTRS 3.x - FAQ Module Persistent XSS",2013-04-08,"Luigi Vezzoso",multiple,webapps,0 -24707,platforms/multiple/remote/24707.txt,"Google Desktop Search - Cross-Site Scripting",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 +24707,platforms/multiple/remote/24707.txt,"Google Desktop Search - Cross-site Scripting",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 24708,platforms/windows/dos/24708.txt,"Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities",2004-10-27,"Luigi Auriemma",windows,dos,0 -24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - CSRF",2013-03-26,"Junaid Hussain",php,webapps,0 +24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - Cross-site Request Forgery",2013-03-26,"Junaid Hussain",php,webapps,0 24890,platforms/windows/remote/24890.rb,"ActFax 5.01 - RAW Server Buffer Overflow",2013-03-26,Metasploit,windows,remote,0 24710,platforms/multiple/dos/24710.txt,"id software quake ii server 3.2 - Multiple Vulnerabilities",2004-10-27,"Richard Stanway",multiple,dos,0 24711,platforms/php/remote/24711.php,"PHP 4.x/5 - cURL Open_Basedir Restriction Bypass",2004-10-28,FraMe,php,remote,0 @@ -21874,7 +21874,7 @@ id,file,description,date,author,platform,type,port 24718,platforms/php/webapps/24718.txt,"Goolery 0.3 - viewpic.php conversation_id Parameter XSS",2004-11-02,Lostmon,php,webapps,0 24719,platforms/php/webapps/24719.txt,"Goolery 0.3 - viewalbum.php page Parameter XSS",2004-11-02,Lostmon,php,webapps,0 24921,platforms/php/webapps/24921.txt,"OpenCart - Change User Password CSRF",2013-04-08,"Saadi Siddiqui",php,webapps,0 -24722,platforms/cgi/webapps/24722.txt,"TIPS MailPost 5.1.1 - Error Message Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 +24722,platforms/cgi/webapps/24722.txt,"TIPS MailPost 5.1.1 - Error Message Cross-site Scripting",2004-11-03,Procheckup,cgi,webapps,0 24723,platforms/cgi/webapps/24723.txt,"TIPS MailPost 5.1.1 - Remote File Enumeration",2004-11-03,"Gemma Hughes",cgi,webapps,0 24724,platforms/multiple/remote/24724.c,"Monolith Lithtech Game Engine - Multiple Remote Format String Vulnerabilities",2004-11-05,"Luigi Auriemma",multiple,remote,0 24725,platforms/multiple/remote/24725.php,"Trend Micro ScanMail for Domino 2.51/2.6 - Remote File Disclosure",2004-11-05,DokFLeed,multiple,remote,0 @@ -21889,12 +21889,12 @@ id,file,description,date,author,platform,type,port 24734,platforms/php/webapps/24734.txt,"chacmool Private Message System 1.1.3 - send.php tid Parameter XSS",2004-11-12,"digital ex",php,webapps,0 24735,platforms/php/webapps/24735.txt,"chacmool Private Message System 1.1.3 - send.php Arbitrary Message Access",2004-11-12,"digital ex",php,webapps,0 24736,platforms/php/webapps/24736.txt,"PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting",2004-11-04,"Maestro De-Seguridad",php,webapps,0 -24737,platforms/php/webapps/24737.txt,"Mark Zuckerberg Thefacebook - Multiple Cross-Site Scripting Vulnerabilities",2004-11-13,"Alex Lanstein",php,webapps,0 +24737,platforms/php/webapps/24737.txt,"Mark Zuckerberg Thefacebook - Multiple Cross-site Scripting Vulnerabilities",2004-11-13,"Alex Lanstein",php,webapps,0 24738,platforms/windows/dos/24738.c,"AlShare Software NetNote Server 2.2 - Remote Denial of Service",2004-11-13,class101,windows,dos,0 24739,platforms/php/webapps/24739.txt,"PowerPortal 1.3 - SQL Injection",2004-11-14,ruggine,php,webapps,0 24740,platforms/hardware/webapps/24740.txt,"AirDrive HD 1.6 iPad iPhone - Multiple Vulnerabilities",2013-02-24,Vulnerability-Lab,hardware,webapps,0 24741,platforms/windows/dos/24741.txt,"TagScanner 5.1 - Stack Buffer Overflow",2013-03-13,Vulnerability-Lab,windows,dos,0 -24742,platforms/php/webapps/24742.txt,"Web Cookbook - Multiple SQL Injection",2013-03-13,"Saadat Ullah",php,webapps,0 +24742,platforms/php/webapps/24742.txt,"Web Cookbook - Multiple SQL Injections",2013-03-13,"Saadat Ullah",php,webapps,0 24743,platforms/windows/dos/24743.txt,"Cam2pc 4.6.2 - BMP Image Processing Integer Overflow",2013-03-13,coolkaveh,windows,dos,0 24744,platforms/multiple/webapps/24744.txt,"Apache Rave 0.11 < 0.20 - User Information Disclosure",2013-03-13,"Andreas Guth",multiple,webapps,0 24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer - ActiveX Remote Code Execution",2013-03-13,Metasploit,windows,remote,0 @@ -21904,7 +21904,7 @@ id,file,description,date,author,platform,type,port 24749,platforms/linux/local/24749.sh,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1)",2004-11-17,Gangstuck,linux,local,0 24750,platforms/linux/local/24750.c,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2)",2004-11-17,Gangstuck,linux,local,0 24751,platforms/php/webapps/24751.pl,"PHPBB 2.0.x - Admin_cash.php Remote PHP File Include",2004-11-17,"Jerome Athias",php,webapps,0 -24752,platforms/php/webapps/24752.txt,"Invision Power Board 2.0 - Index.php Post Action SQL Injection",2004-11-18,anonymous,php,webapps,0 +24752,platforms/php/webapps/24752.txt,"Invision Power Board 2.0 - 'index.php' Post Action SQL Injection",2004-11-18,anonymous,php,webapps,0 24753,platforms/windows/local/24753.txt,"Mailtraq 2.x - Administration Console Local Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 24754,platforms/windows/local/24754.txt,"Altiris Deployment Solution 5.6 - Client Service Local Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 24755,platforms/linux/dos/24755.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1)",2004-11-19,"Marc Schoenefeld",linux,dos,0 @@ -21923,17 +21923,17 @@ id,file,description,date,author,platform,type,port 24769,platforms/php/webapps/24769.txt,"SugarCRM 1.x/2.0 Module - Traversal Arbitrary File Access",2004-11-23,"James Bercegay",php,webapps,0 24770,platforms/windows/dos/24770.py,"Jabber Server 2.0 - Multiple Remote Buffer Overflow Vulnerabilities",2004-11-24,icbm,windows,dos,0 24771,platforms/php/webapps/24771.txt,"KorWeblog 1.6.2 - Remote Directory Listing",2004-11-24,"Jeremy Bae",php,webapps,0 -24772,platforms/php/webapps/24772.txt,"Zwiki 0.10/0.36.2 - Cross-Site Scripting",2004-11-24,"Jeremy Bae",php,webapps,0 -24773,platforms/jsp/webapps/24773.txt,"JSPWiki 2.1 - Cross-Site Scripting",2004-11-24,"Jeremy Bae",jsp,webapps,0 +24772,platforms/php/webapps/24772.txt,"Zwiki 0.10/0.36.2 - Cross-site Scripting",2004-11-24,"Jeremy Bae",php,webapps,0 +24773,platforms/jsp/webapps/24773.txt,"JSPWiki 2.1 - Cross-site Scripting",2004-11-24,"Jeremy Bae",jsp,webapps,0 24774,platforms/multiple/remote/24774.java,"Open DC Hub 0.7.14 - Remote Buffer Overflow",2004-11-24,"Donato Ferrante",multiple,remote,0 24775,platforms/windows/dos/24775.html,"Microsoft Internet Explorer 6.0 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 24776,platforms/windows/dos/24776.html,"Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 24777,platforms/linux/dos/24777.txt,"Linux Kernel 2.4.x / 2.6.x - Local Denial of Service And Memory Disclosure Vulnerabilities",2004-11-25,"Florian Heinz",linux,dos,0 24778,platforms/multiple/dos/24778.html,"Sun Java Applet 1.x - Invocation Version Specification Weakness",2004-11-25,"Peter Greenwood",multiple,dos,0 -24779,platforms/cgi/webapps/24779.txt,"InShop and InMail - Cross-Site Scripting",2004-11-25,"Carlos Ulver",cgi,webapps,0 +24779,platforms/cgi/webapps/24779.txt,"InShop and InMail - Cross-site Scripting",2004-11-25,"Carlos Ulver",cgi,webapps,0 24780,platforms/osx/dos/24780.html,"Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",osx,dos,0 24781,platforms/multiple/dos/24781.html,"Mozilla Camino Web Browser 0.7/0.8 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",multiple,dos,0 -24782,platforms/php/webapps/24782.txt,"PHPCMS 1.1/1.2 - Cross-Site Scripting",2004-11-26,"Cyrille Barthelemy",php,webapps,0 +24782,platforms/php/webapps/24782.txt,"PHPCMS 1.1/1.2 - Cross-site Scripting",2004-11-26,"Cyrille Barthelemy",php,webapps,0 24783,platforms/php/webapps/24783.txt,"pntresmailer 6.0 - Directory Traversal",2004-11-26,"John Cobb",php,webapps,0 24784,platforms/linux/remote/24784.txt,"File ELF 4.x - Header Unspecified Buffer Overflow",2004-11-29,anonymous,linux,remote,0 24812,platforms/windows/dos/24812.py,"aktiv-player 2.9.0 - Crash PoC",2013-03-15,metacom,windows,dos,0 @@ -21948,67 +21948,67 @@ id,file,description,date,author,platform,type,port 24794,platforms/linux/remote/24794.sh,"SCPOnly 2.x/3.x - Remote Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 24795,platforms/linux/remote/24795.txt,"RSSH 2.x - Remote Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 24796,platforms/php/webapps/24796.txt,"Blog Torrent 0.8 - Remote Directory Traversal",2004-12-02,"Steve Kemp",php,webapps,0 -24797,platforms/php/webapps/24797.txt,"Advanced Guestbook 2.2/2.3 - Cross-Site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 +24797,platforms/php/webapps/24797.txt,"Advanced Guestbook 2.2/2.3 - Cross-site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 24798,platforms/php/webapps/24798.txt,"PAFileDB 3.1 - Error Message Path Disclosure",2004-12-04,y3dips,php,webapps,0 24799,platforms/multiple/dos/24799.txt,"Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Servic",2004-12-06,"Niek van der Maas",multiple,dos,0 24800,platforms/windows/remote/24800.txt,"Microsoft Internet Explorer 5.0.1 - FTP URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",windows,remote,0 24801,platforms/linux/remote/24801.txt,"KDE FTP - KIOSlave URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",linux,remote,0 24802,platforms/windows/remote/24802.txt,"Microsoft Internet Explorer 6.0 - Sysimage Protocol Handler Local File Detection",2004-12-07,"Gregory R. Panakkal",windows,remote,0 -24803,platforms/php/webapps/24803.txt,"Blog Torrent 0.80 - BTDownload.php Cross-Site Scripting",2004-12-07,Lostmon,php,webapps,0 +24803,platforms/php/webapps/24803.txt,"Blog Torrent 0.80 - BTDownload.php Cross-site Scripting",2004-12-07,Lostmon,php,webapps,0 24804,platforms/linux/dos/24804.c,"Linux Kernel 2.6.x - AIO_Free_Ring Local Denial of Service",2004-12-07,"Darrick J. Wong",linux,dos,0 24805,platforms/multiple/dos/24805.txt,"MySQL MaxDB 7.5 - WAHTTP Server Remote Denial of Service",2004-12-07,"Evgeny Demidov",multiple,dos,0 24806,platforms/php/webapps/24806.txt,"darryl burgdorf weblibs 1.0 - Directory Traversal",2004-12-07,"John Bissell",php,webapps,0 24807,platforms/multiple/dos/24807.txt,"MD5 - Message Digest Algorithm Hash Collision Weakness",2004-12-07,"Dan Kaminsky",multiple,dos,0 24808,platforms/windows/remote/24808.txt,"Microsoft Internet Explorer 6.0 - Search Pane URI Obfuscation",2004-12-08,http-equiv,windows,remote,0 24809,platforms/multiple/dos/24809.txt,"Kerio Personal Firewall 2.1.x/4.x - Local Denial of Service",2004-12-08,cesaro,multiple,dos,0 -24810,platforms/php/webapps/24810.txt,"PhpGedView 2.x - Descendancy.php Cross-Site Scripting",2004-01-19,JeiAr,php,webapps,0 +24810,platforms/php/webapps/24810.txt,"PhpGedView 2.x - Descendancy.php Cross-site Scripting",2004-01-19,JeiAr,php,webapps,0 24811,platforms/windows/remote/24811.txt,"F-Secure Policy Manager 5.11 - FSMSH.DLL CGI Application Installation Path Disclosure",2004-12-09,oliver@greyhat.de,windows,remote,0 -24814,platforms/php/webapps/24814.txt,"PhpGedView 2.5/2.6 - Index.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24814,platforms/php/webapps/24814.txt,"PhpGedView 2.5/2.6 - 'index.php' Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 24815,platforms/linux/dos/24815.txt,"Gamespy Software Development Kit - CD-Key Validation Buffer Overflow",2004-12-10,"Luigi Auriemma",linux,dos,0 -24816,platforms/php/webapps/24816.txt,"PhpGedView 2.5/2.6 - Individual.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24816,platforms/php/webapps/24816.txt,"PhpGedView 2.5/2.6 - Individual.php Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 24817,platforms/php/webapps/24817.txt,"phpMyAdmin 2.x - External Transformations Remote Command Execution",2004-12-13,"Nicolas Gregoire",php,webapps,0 24818,platforms/multiple/dos/24818.txt,"Digital Illusions CE Codename Eagle - Remote Denial of Service",2004-12-13,"Luigi Auriemma",multiple,dos,0 -24819,platforms/php/webapps/24819.txt,"PhpGedView 2.5/2.6 - Source.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24820,platforms/php/webapps/24820.txt,"PhpGedView 2.5/2.6 - Imageview.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24821,platforms/php/webapps/24821.txt,"PhpGedView 2.5/2.6 - Gedrecord.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24822,platforms/php/webapps/24822.txt,"PhpGedView 2.5/2.6 - Gdbi_interface.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24819,platforms/php/webapps/24819.txt,"PhpGedView 2.5/2.6 - Source.php Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 +24820,platforms/php/webapps/24820.txt,"PhpGedView 2.5/2.6 - Imageview.php Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 +24821,platforms/php/webapps/24821.txt,"PhpGedView 2.5/2.6 - Gedrecord.php Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 +24822,platforms/php/webapps/24822.txt,"PhpGedView 2.5/2.6 - Gdbi_interface.php Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 24823,platforms/php/webapps/24823.txt,"sugarsales 1.x/2.0 - Multiple Vulnerabilities",2004-12-13,"Daniel Fabian",php,webapps,0 24824,platforms/php/webapps/24824.txt,"UBBCentral UBB.threads 6.2.3/6.5 - showflat.php Cat Parameter XSS",2004-12-13,"dw. and ms.",php,webapps,0 24825,platforms/php/webapps/24825.txt,"UBBCentral UBB.threads 6.2.3/6.5 - calendar.php Cat Parameter XSS",2004-12-13,"dw. and ms.",php,webapps,0 24826,platforms/php/webapps/24826.txt,"UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter XSS",2004-12-13,"dw. and ms.",php,webapps,0 24827,platforms/php/webapps/24827.txt,"UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter XSS",2004-12-13,"dw. and ms.",php,webapps,0 24828,platforms/linux/dos/24828.txt,"Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution",2004-12-13,"Giovanni Delvecchio",linux,dos,0 -24829,platforms/php/webapps/24829.txt,"PhpGedView 2.5/2.6 - Login.php URL Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24830,platforms/php/webapps/24830.txt,"PhpGedView 2.5/2.6 - Login.php Username Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24831,platforms/php/webapps/24831.txt,"PhpGedView 2.5/2.6 - Login.php Newlanguage Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24832,platforms/php/webapps/24832.txt,"PhpGedView 2.5/2.6 - Relationship.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24829,platforms/php/webapps/24829.txt,"PhpGedView 2.5/2.6 - Login.php URL Parameter Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 +24830,platforms/php/webapps/24830.txt,"PhpGedView 2.5/2.6 - Login.php Username Parameter Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 +24831,platforms/php/webapps/24831.txt,"PhpGedView 2.5/2.6 - Login.php Newlanguage Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 +24832,platforms/php/webapps/24832.txt,"PhpGedView 2.5/2.6 - Relationship.php Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 24852,platforms/linux/remote/24852.txt,"MPG123 0.59 - Find Next File Remote Client-Side Buffer Overflow",2004-12-15,"Bartlomiej Sieka",linux,remote,0 24853,platforms/linux/remote/24853.c,"MPlayer 0.9/1.0 - MMST Get_Header Remote Client-Side Buffer Overflow",2004-12-15,"Ariel Berkman",linux,remote,0 -24834,platforms/php/webapps/24834.txt,"PhpGedView 2.5/2.6 - Calendar.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24834,platforms/php/webapps/24834.txt,"PhpGedView 2.5/2.6 - Calendar.php Cross-site Scripting",2004-01-12,JeiAr,php,webapps,0 24835,platforms/php/webapps/24835.txt,"PhpGedView 2.5/2.6 - Placelist.php SQL Injection",2004-01-12,JeiAr,php,webapps,0 -24836,platforms/cgi/webapps/24836.txt,"UseModWiki 1.0 - Wiki.PL Cross-Site Scripting",2004-12-14,"Jeremy Bae",cgi,webapps,0 +24836,platforms/cgi/webapps/24836.txt,"UseModWiki 1.0 - Wiki.PL Cross-site Scripting",2004-12-14,"Jeremy Bae",cgi,webapps,0 24837,platforms/php/webapps/24837.txt,"PhpGedView 2.5/2.6 - Timeline.php SQL Injection",2004-01-12,JeiAr,php,webapps,0 24838,platforms/asp/webapps/24838.txt,"Active Server Corner ASP Calendar 1.0 - Administrative Access",2004-12-14,"ali reza AcTiOnSpIdEr",asp,webapps,0 24839,platforms/hardware/dos/24839.c,"Ricoh Aficio 450/455 PCL Printer - Remote ICMP Denial of Service",2004-12-14,"Hongzhen Zhou",hardware,dos,0 24840,platforms/asp/webapps/24840.txt,"ASP-Rider - SQL Injection",2004-12-14,"Shervin Khaleghjou",asp,webapps,0 24841,platforms/windows/dos/24841.txt,"Adobe Acrobat/Acrobat Reader 6.0 - ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 -24842,platforms/php/webapps/24842.txt,"IWebNegar - Multiple SQL Injection",2004-12-15,"Shervin Khaleghjou",php,webapps,0 +24842,platforms/php/webapps/24842.txt,"IWebNegar - Multiple SQL Injections",2004-12-15,"Shervin Khaleghjou",php,webapps,0 24843,platforms/osx/dos/24843.txt,"Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation",2004-12-15,Guillaume,osx,dos,0 -24844,platforms/php/webapps/24844.txt,"phpGroupWare 0.9.x - index.php Multiple Parameter XSS",2004-12-15,"James Bercegay",php,webapps,0 +24844,platforms/php/webapps/24844.txt,"phpGroupWare 0.9.x - 'index.php' Multiple Parameter XSS",2004-12-15,"James Bercegay",php,webapps,0 24845,platforms/php/webapps/24845.txt,"phpGroupWare 0.9.x - viewticket_details.php ticket_id Parameter XSS",2004-12-15,"James Bercegay",php,webapps,0 24846,platforms/php/webapps/24846.txt,"phpGroupWare 0.9.x - viewticket_details.php ticket_id Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 -24847,platforms/php/webapps/24847.txt,"phpGroupWare 0.9.x - index.php Multiple Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 +24847,platforms/php/webapps/24847.txt,"phpGroupWare 0.9.x - 'index.php' Multiple Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 24848,platforms/linux/remote/24848.txt,"ChBg 1.5 - Scenario File Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 24849,platforms/php/webapps/24849.txt,"DaloRadius - Multiple Vulnerabilities",2013-03-18,"Saadi Siddiqui",php,webapps,0 24850,platforms/php/webapps/24850.txt,"WordPress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities",2013-03-18,m3tamantra,php,webapps,0 -24851,platforms/php/webapps/24851.txt,"Joomla RSfiles Component (cid param) - SQL Injection",2013-03-18,ByEge,php,webapps,0 +24851,platforms/php/webapps/24851.txt,"Joomla RSfiles Component (cid parameter) - SQL Injection",2013-03-18,ByEge,php,webapps,0 24855,platforms/php/dos/24855.txt,"PHP 3/4/5 - Multiple Local And Remote Vulnerabilities (2)",2004-12-15,Slythers,php,dos,0 24856,platforms/linux/remote/24856.c,"NapShare 1.2 - Remote Buffer Overflow (1)",2004-12-06,"Bartlomiej Sieka",linux,remote,0 24857,platforms/linux/remote/24857.c,"NapShare 1.2 - Remote Buffer Overflow (2)",2004-12-10,"Bartlomiej Sieka",linux,remote,0 -24858,platforms/php/webapps/24858.html,"WordPress Occasions Plugin 1.0.4 - CSRF",2013-03-19,m3tamantra,php,webapps,0 +24858,platforms/php/webapps/24858.html,"WordPress Occasions Plugin 1.0.4 - Cross-site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 24859,platforms/php/webapps/24859.rb,"WordPress Count per Day Plugin 3.2.5 - (counter.php) XSS",2013-03-19,m3tamantra,php,webapps,0 -24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - CSRF",2013-03-19,"Jacob Holcomb",hardware,webapps,0 -24861,platforms/php/webapps/24861.txt,"Rebus:list - (list.php list_id param) SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 +24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - Cross-site Request Forgery",2013-03-19,"Jacob Holcomb",hardware,webapps,0 +24861,platforms/php/webapps/24861.txt,"Rebus:list - (list.php list_id parameter) SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 24862,platforms/php/webapps/24862.txt,"ViewGit 0.0.6 - Multiple XSS Vulnerabilities",2013-03-19,"Matthew R. Bucci",php,webapps,0 24863,platforms/windows/local/24863.html,"EastFTP 4.6.02 - ActiveX Control (0Day)",2013-03-20,Dr_IDE,windows,local,0 24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - Username/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 @@ -22017,7 +22017,7 @@ id,file,description,date,author,platform,type,port 24867,platforms/php/webapps/24867.html,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 24868,platforms/php/webapps/24868.rb,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection",2013-03-22,m3tamantra,php,webapps,0 24869,platforms/php/webapps/24869.txt,"AContent 1.3 - Local File Inclusion",2013-03-22,DaOne,php,webapps,0 -24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 - (index.php theme param) Local File Inclusion",2013-03-22,DaOne,php,webapps,0 +24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 - (index.php theme parameter) Local File Inclusion",2013-03-22,DaOne,php,webapps,0 24871,platforms/php/webapps/24871.txt,"Slash CMS - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24872,platforms/windows/local/24872.txt,"Photodex ProShow Gold/Producer 5.0.3310 & 6.0.3410 - ScsiAccess Local Privilege Escalation",2013-03-22,"Julien Ahrens",windows,local,0 24873,platforms/php/webapps/24873.txt,"Stradus CMS 1.0beta4 - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 @@ -22027,7 +22027,7 @@ id,file,description,date,author,platform,type,port 24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 - (filemanager.php) Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 24879,platforms/php/webapps/24879.txt,"Free Hosting Manager 2.0.2 - Multiple SQLi",2013-03-25,"Saadi Siddiqui",php,webapps,0 24880,platforms/windows/dos/24880.pl,"IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow",2013-03-25,G0li47h,windows,dos,0 -24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 - (gmembers.php gid param) Blind SQL Injection",2013-03-25,Esac,php,webapps,0 +24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 - (gmembers.php gid parameter) Blind SQL Injection",2013-03-25,Esac,php,webapps,0 24882,platforms/php/webapps/24882.pl,"vBulletin 5.0.0 Beta 11 < 5.0.0 Beta 28 - SQL Injection",2013-03-25,"Orestis Kourides",php,webapps,0 24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)",2013-03-25,bwall,php,webapps,0 24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation (0Day)",2013-03-25,Dr_IDE,windows,local,0 @@ -22037,11 +22037,11 @@ id,file,description,date,author,platform,type,port 24888,platforms/linux/remote/24888.rb,"Mutiny - Remote Command Execution",2013-03-25,Metasploit,linux,remote,0 24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center - Arbitrary File Upload",2013-03-26,Metasploit,windows,remote,0 24892,platforms/hardware/remote/24892.txt,"Rosewill RSVA11001 - Remote Command Injection",2013-03-26,"Eric Urban",hardware,remote,0 -24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - (awards.php id param) Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 +24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - (awards.php id parameter) Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilities",2013-03-27,Esac,php,webapps,0 24896,platforms/hardware/dos/24896.sh,"Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot",2013-03-29,"Todor Donev",hardware,dos,0 24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow SEH",2013-03-29,"Myo Soe",windows,remote,0 -24898,platforms/php/webapps/24898.txt,"SynConnect Pms - (index.php loginid param) SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 +24898,platforms/php/webapps/24898.txt,"SynConnect Pms - (index.php loginid parameter) SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF Username Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor - Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 @@ -22051,11 +22051,11 @@ id,file,description,date,author,platform,type,port 24903,platforms/php/remote/24903.rb,"STUNSHELL Web Shell - Remote Code Execution",2013-03-29,Metasploit,php,remote,0 24904,platforms/windows/remote/24904.rb,"Java CMM - Remote Code Execution",2013-03-29,Metasploit,windows,remote,0 24905,platforms/multiple/remote/24905.rb,"v0pCr3w Web Shell - Remote Code Execution",2013-03-29,Metasploit,multiple,remote,0 -24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - (importer.php what param) Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 +24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - (importer.php what parameter) Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 24907,platforms/windows/remote/24907.txt,"McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method",2013-03-29,"High-Tech Bridge SA",windows,remote,0 -24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 - DoS",2013-04-05,npn,windows,dos,0 +24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 - Denial of Service",2013-04-05,npn,windows,dos,0 24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home 7.3 - Buffer Overflow",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 -24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - (index.php p param) Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 +24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - (index.php p parameter) Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a - (editor.php) Persistent XSS",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 24914,platforms/php/webapps/24914.txt,"WordPress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 @@ -22066,20 +22066,20 @@ id,file,description,date,author,platform,type,port 24940,platforms/windows/dos/24940.rb,"Sysax Multi Server 6.10 - SSH Denial of Service",2013-04-09,"Matt Andreko",windows,dos,0 24926,platforms/hardware/webapps/24926.txt,"Multiple D-Link Devices - Multiple Vulnerabilities",2013-04-08,m-1-k-3,hardware,webapps,0 24927,platforms/php/webapps/24927.txt,"Vanilla Forums 2-0-18-4 - SQL Injection",2013-04-08,bl4ckw0rm,php,webapps,0 -24928,platforms/hardware/webapps/24928.txt,"TP-Link TD-8817 6.0.1 Build 111128 Rel.26763 - CSRF",2013-04-08,Un0wn_X,hardware,webapps,0 +24928,platforms/hardware/webapps/24928.txt,"TP-Link TD-8817 6.0.1 Build 111128 Rel.26763 - Cross-site Request Forgery",2013-04-08,Un0wn_X,hardware,webapps,0 24929,platforms/linux/local/24929.rb,"HP System Management Homepage - Local Privilege Escalation",2013-04-08,Metasploit,linux,local,0 24930,platforms/windows/dos/24930.txt,"Groovy Media Player 3.2.0 - (.mp3) Buffer Overflow",2013-04-08,"Akshaysinh Vaghela",windows,dos,0 24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B - setup.cgi Remote Command Execution",2013-04-08,Metasploit,hardware,remote,0 24932,platforms/linux/webapps/24932.txt,"Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities",2013-04-08,"SEC Consult",linux,webapps,0 24933,platforms/linux/local/24933.txt,"PonyOS 0.4.99-mlp - Multiple Vulnerabilities",2013-04-08,"John Cartwright",linux,local,0 -24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 - (grouppay.php hash param) SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 +24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 - (grouppay.php hash parameter) SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 24935,platforms/linux/remote/24935.rb,"MongoDB - nativeHelper.apply Remote Code Execution",2013-04-08,Metasploit,linux,remote,0 24936,platforms/hardware/remote/24936.rb,"Linksys E1500/E2500 - apply.cgi Remote Command Injection",2013-04-08,Metasploit,hardware,remote,0 24937,platforms/linux/remote/24937.rb,"HP System Management - Anonymous Access Code Execution",2013-04-08,Metasploit,linux,remote,0 24938,platforms/multiple/remote/24938.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2)",2013-04-08,Metasploit,multiple,remote,0 27433,platforms/windows/dos/27433.txt,"Microsoft Internet Explorer 5.0.1 - Script Action Handler Buffer Overflow",2006-03-16,"Michal Zalewski",windows,dos,0 24957,platforms/php/webapps/24957.txt,"Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple CSRF Vulnerabilities",2013-04-15,"Henry Hoggard",php,webapps,0 -24950,platforms/windows/remote/24950.pl,"KNet Web Server 1.04b - Stack Corruption BoF",2013-04-12,Wireghoul,windows,remote,0 +24950,platforms/windows/remote/24950.pl,"KNet Web Server 1.04b - Stack Corruption Buffer Overflow",2013-04-12,Wireghoul,windows,remote,0 24968,platforms/windows/dos/24968.rb,"Mikrotik Syslog Server for Windows 1.15 - Denial of Service (Metasploit)",2013-04-22,xis_one,windows,dos,514 24969,platforms/php/webapps/24969.txt,"CiviCRM for Joomla 4.2.2 - Remote Code Injection",2013-04-22,iskorpitx,php,webapps,0 24942,platforms/php/webapps/24942.txt,"ZAPms 1.41 - SQL Injection",2013-04-09,NoGe,php,webapps,0 @@ -22089,8 +22089,8 @@ id,file,description,date,author,platform,type,port 24945,platforms/hardware/remote/24945.rb,"Linksys WRT54GL - apply.cgi Command Execution",2013-04-10,Metasploit,hardware,remote,0 24946,platforms/multiple/remote/24946.rb,"Adobe ColdFusion APSB13-03 - Remote Exploit",2013-04-10,Metasploit,multiple,remote,0 24947,platforms/linux/remote/24947.txt,"MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution",2013-04-08,agixid,linux,remote,0 -27434,platforms/php/webapps/27434.txt,"Oxynews - Index.php SQL Injection",2006-03-16,R00T3RR0R,php,webapps,0 -27435,platforms/php/webapps/27435.txt,"phpMyAdmin 2.8.1 - Set_Theme Cross-Site Scripting",2006-03-16,"Ali Asad",php,webapps,0 +27434,platforms/php/webapps/27434.txt,"Oxynews - 'index.php' SQL Injection",2006-03-16,R00T3RR0R,php,webapps,0 +27435,platforms/php/webapps/27435.txt,"phpMyAdmin 2.8.1 - Set_Theme Cross-site Scripting",2006-03-16,"Ali Asad",php,webapps,0 27436,platforms/php/webapps/27436.txt,"Invision Power Services Invision Board 2.0.4 - Search Action Multiple Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 24951,platforms/linux/dos/24951.pl,"ircd-hybrid 8.0.5 - Denial of Service",2013-04-12,kingcope,linux,dos,0 24952,platforms/windows/dos/24952.py,"AT-TFTP Server 2.0 - Stack Based Buffer Overflow DoS",2013-04-12,xis_one,windows,dos,69 @@ -22111,7 +22111,7 @@ id,file,description,date,author,platform,type,port 25091,platforms/multiple/remote/25091.txt,"realnetworks realarcade 1.2.0.994 - Multiple Vulnerabilities",2005-02-08,"Luigi Auriemma",multiple,remote,0 25816,platforms/php/webapps/25816.txt,"Ovidentia FX - Remote File Inclusion",2005-06-10,Status-x,php,webapps,0 25817,platforms/cgi/webapps/25817.txt,"JamMail 1.8 - Jammail.pl Remote Arbitrary Command Execution",2005-06-12,blahplok,cgi,webapps,0 -25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 beta Image Gallery - Index.php Cross-Site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 +25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 beta Image Gallery - 'index.php' Cross-site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 24972,platforms/windows/dos/24972.c,"Flightgear 2.0/2.4 - Remote Format String Exploit",2013-04-22,Kurono,windows,dos,0 24973,platforms/php/webapps/24973.txt,"VoipNow 2.5 - Local File Inclusion",2013-04-22,i-Hmx,php,webapps,0 24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B - pppoe.cgi Remote Command Execution",2013-04-22,Metasploit,hardware,remote,0 @@ -22125,7 +22125,7 @@ id,file,description,date,author,platform,type,port 24983,platforms/multiple/remote/24983.txt,"Vilistextum 2.6.6 - HTML Attribute Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24984,platforms/multiple/remote/24984.txt,"2Fax 3.0 Tab Expansion - Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24985,platforms/php/remote/24985.txt,"PHP 4/5 - addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 -24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x - Multiple SQL Injection",2004-12-16,anonymous,cgi,webapps,0 +24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x - Multiple SQL Injections",2004-12-16,anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Remote Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/templates.php file Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 @@ -22136,8 +22136,8 @@ id,file,description,date,author,platform,type,port 24994,platforms/php/webapps/24994.txt,"MediaWiki 1.3.x - Remote Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24995,platforms/multiple/remote/24995.txt,"DXFScope 0.2 - Remote Client-Side Buffer Overflow",2004-12-16,"Ariel Berkman",multiple,remote,0 24996,platforms/windows/remote/24996.rb,"SAP ConfigServlet - Remote Unauthenticated Payload Execution (Metasploit)",2013-04-25,"Andras Kabai",windows,remote,0 -25184,platforms/php/webapps/25184.txt,"ProjectBB 0.4.5.1 - Multiple SQL Injection",2005-03-02,"benji lemien",php,webapps,0 -25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 - Nav.php3 Cross-Site Scripting",2005-03-03,benjilenoob,php,webapps,0 +25184,platforms/php/webapps/25184.txt,"ProjectBB 0.4.5.1 - Multiple SQL Injections",2005-03-02,"benji lemien",php,webapps,0 +25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 - Nav.php3 Cross-site Scripting",2005-03-03,benjilenoob,php,webapps,0 25186,platforms/php/webapps/25186.txt,"Typo3 CMW_Linklist 1.4.1 Extension - SQL Injection",2005-03-03,"Fabian Becker",php,webapps,0 25187,platforms/windows/remote/25187.txt,"Computalynx CProxy 3.3/3.4.x - Directory Traversal",2005-03-03,"Kristof Philipsen",windows,remote,0 25188,platforms/windows/remote/25188.txt,"Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure Weakness",2005-02-19,upken,windows,remote,0 @@ -22164,7 +22164,7 @@ id,file,description,date,author,platform,type,port 25011,platforms/multiple/remote/25011.txt,"HTML2HDML 1.0.3 - File Conversion Buffer Overflow",2004-12-15,"Matthew Dabrowski",multiple,remote,0 25012,platforms/windows/dos/25012.c,"Easy Software Products LPPassWd 1.1.22 - Resource Limit Denial of Service",2004-12-11,"Bartlomiej Sieka",windows,dos,0 25013,platforms/windows/remote/25013.txt,"Interactive Studio GamePort 3.0/3.1/4.0 - Arbitrary application execution",2004-12-17,"amoXi & Dr.vaXin",windows,remote,0 -25014,platforms/php/webapps/25014.txt,"WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2004-12-17,Lostmon,php,webapps,0 +25014,platforms/php/webapps/25014.txt,"WorkBoard 1.2 - Multiple Cross-site Scripting Vulnerabilities",2004-12-17,Lostmon,php,webapps,0 25015,platforms/linux/remote/25015.txt,"Michael Kohn Ringtone Tools 2.22 - .EMelody File Remote Buffer Overflow",2004-12-15,"Qiao Zhang",linux,remote,0 25016,platforms/windows/remote/25016.txt,"ASP2PHP 0.76.23 - Preparse Token Variable Buffer Overflow",2004-12-15,"Qiao Zhang",windows,remote,0 25017,platforms/linux/dos/25017.txt,"UML_Utilities User-Mode Linux - uml_utilities 20030903 UML_Net Slip Network Interface Denial of Service",2004-12-15,"Danny Lungstrom",linux,dos,0 @@ -22174,7 +22174,7 @@ id,file,description,date,author,platform,type,port 25021,platforms/windows/remote/25021.txt,"ABCPP 1.3 - Directive Handler Buffer Overflow",2004-12-15,"Yosef Klein",windows,remote,0 25022,platforms/windows/remote/25022.txt,"Jef Moine abcm2ps 3.7.20 - .ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25023,platforms/windows/remote/25023.txt,"PGN2WEB 0.3 - Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 -25183,platforms/php/webapps/25183.txt,"ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"benji lemien",php,webapps,0 +25183,platforms/php/webapps/25183.txt,"ProjectBB 0.4.5.1 - Multiple Cross-site Scripting Vulnerabilities",2005-03-02,"benji lemien",php,webapps,0 25024,platforms/hardware/webapps/25024.txt,"D-Link DIR-635 - Multiple Vulnerabilities",2013-04-26,m-1-k-3,hardware,webapps,0 25025,platforms/windows/remote/25025.txt,"ABC2PS/JCABC2PS 1.2 - Voice Field Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 25026,platforms/windows/remote/25026.txt,"Mesh Viewer 0.2.2 - Buffer Overflow",2004-12-15,"Mohammed Khan",windows,remote,0 @@ -22188,18 +22188,18 @@ id,file,description,date,author,platform,type,port 25034,platforms/windows/remote/25034.txt,"GREED 0.81 - .GRX File List Command Execution",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 25035,platforms/linux/remote/25035.txt,"PCAL 4.x - Calendar File getline Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 25036,platforms/linux/remote/25036.txt,"PCAL 4.x - Calendar File get_holiday Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 -25037,platforms/php/webapps/25037.txt,"Kayako eSupport 2.x - index.php Knowledgebase XSS",2004-12-18,"James Bercegay",php,webapps,0 +25037,platforms/php/webapps/25037.txt,"Kayako eSupport 2.x - 'index.php' Knowledgebase XSS",2004-12-18,"James Bercegay",php,webapps,0 25038,platforms/php/webapps/25038.txt,"Kayako eSupport 2.x - Ticket System Multiple SQL Injection",2004-12-18,"James Bercegay",php,webapps,0 25039,platforms/aix/local/25039.txt,"IBM AIX 5.x - Diag Local Privilege Escalation Vulnerabilities",2004-12-20,cees-bart,aix,local,0 25040,platforms/php/local/25040.php,"PHP 4.x/5.0 Shared Memory Module - Offset Memory Corruption",2004-12-20,"Stefano Di Paola",php,local,0 25041,platforms/cgi/webapps/25041.txt,"escripts software e_board 4.0 - Directory Traversal",2004-12-20,white_e@nogimmick.org,cgi,webapps,0 25042,platforms/cgi/webapps/25042.txt,"Tlen.pl 5.23.4.1 - Instant Messenger Remote Script Execution",2004-12-20,"Jaroslaw Sajko",cgi,webapps,0 25043,platforms/php/webapps/25043.txt,"PHPGroupWare 0.9.14 - Tables_Update.Inc.php Remote File Inclusion",2004-01-27,"Cedric Cochin",php,webapps,0 -25044,platforms/php/webapps/25044.txt,"PHPGroupWare 0.9.x - Index.php HTML Injection",2004-01-27,"Cedric Cochin",php,webapps,0 +25044,platforms/php/webapps/25044.txt,"PHPGroupWare 0.9.x - 'index.php' HTML Injection",2004-01-27,"Cedric Cochin",php,webapps,0 25045,platforms/php/webapps/25045.txt,"2BGal 2.5.1 - SQL Injection",2004-12-22,zib,php,webapps,0 25046,platforms/linux/dos/25046.c,"Snort 2.1/2.2 - DecodeTCPOptions Remote Denial of Service (1)",2004-12-22,"Marcin Zgorecki",linux,dos,0 25047,platforms/linux/dos/25047.c,"Snort 2.1/2.2 - DecodeTCPOptions Remote Denial of Service (2)",2004-12-22,Antimatt3r,linux,dos,0 -25048,platforms/php/webapps/25048.txt,"PsychoStats 2.x - Login Parameter Cross-Site Scripting",2004-12-22,"James Bercegay",php,webapps,0 +25048,platforms/php/webapps/25048.txt,"PsychoStats 2.x - Login Parameter Cross-site Scripting",2004-12-22,"James Bercegay",php,webapps,0 25049,platforms/windows/remote/25049.txt,"Microsoft Windows 2000/2003/XP - winhlp32 Phrase Integer Overflow",2004-12-23,"flashsky fangxing",windows,remote,0 25050,platforms/windows/remote/25050.txt,"Microsoft Windows 2000/2003/XP - winhlp32 Phrase Heap Overflow",2004-12-23,"flashsky fangxing",windows,remote,0 25051,platforms/cgi/webapps/25051.txt,"Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution",2004-12-23,"Poznan Supercomputing",cgi,webapps,0 @@ -22209,11 +22209,11 @@ id,file,description,date,author,platform,type,port 25055,platforms/osx/local/25055.c,"Darwin Kernel 7.1 - Mach File Parsing Local Integer Overflow",2005-01-19,nemo@felinemenace.org,osx,local,0 25056,platforms/multiple/dos/25056.html,"Netscape Navigator 7.2 - Infinite Array Sort Denial of Service",2005-01-21,"Berend-Jan Wever",multiple,dos,0 25057,platforms/windows/remote/25057.txt,"DivX Player 2.6 - .Skin File Directory Traversal",2005-01-21,"Luigi Auriemma",windows,remote,0 -25058,platforms/php/webapps/25058.txt,"Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-25,y3dips,php,webapps,0 +25058,platforms/php/webapps/25058.txt,"Exponent CMS 0.95 - Multiple Cross-site Scripting Vulnerabilities",2005-12-25,y3dips,php,webapps,0 25059,platforms/php/webapps/25059.txt,"MercuryBoard 1.1 - Multiple Input Validation Vulnerabilities",2005-01-25,"Alberto Trivero",php,webapps,0 25060,platforms/asp/webapps/25060.txt,"Comersus Cart 5.0/6.0 - Multiple Vulnerabilities",2005-01-25,"raf somers",asp,webapps,0 25061,platforms/windows/dos/25061.txt,"Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow",2005-01-25,"Yu Yang",windows,dos,0 -25062,platforms/php/webapps/25062.txt,"Comdev eCommerce 3.0 - index.php Multiple Cross-Site Scripting Vulnerabilities",2005-01-25,SmOk3,php,webapps,0 +25062,platforms/php/webapps/25062.txt,"Comdev eCommerce 3.0 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2005-01-25,SmOk3,php,webapps,0 25063,platforms/windows/dos/25063.pl,"War FTP Daemon 1.8 - Remote Denial of Service",2005-01-27,MC.Iglo,windows,dos,0 25064,platforms/php/webapps/25064.txt,"Magic Winmail Server 4.0 - (Build 1112) download.php Traversal Arbitrary File Access",2005-01-27,"Tan Chew Keong",php,webapps,0 25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 - (Build 1112) upload.php Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 @@ -22224,12 +22224,12 @@ id,file,description,date,author,platform,type,port 25070,platforms/linux/dos/25070.c,"ngIRCd 0.6/0.7/0.8 - Remote Buffer Overflow",2005-01-28,"Florian Westphal",linux,dos,0 25071,platforms/php/webapps/25071.txt,"Captaris Infinite Mobile Delivery Webmail 2.6 - Path Disclosure",2005-01-29,steven@lovebug.org,php,webapps,0 25072,platforms/multiple/remote/25072.txt,"CitrusDB 0.1/0.2/0.3 Credit Card Data - Remote Information Disclosure",2005-01-31,"Maximillian Dornseif",multiple,remote,0 -25073,platforms/php/webapps/25073.txt,"JShop E-Commerce Suite 1.2 - Product.php Cross-Site Scripting",2005-01-31,SmOk3,php,webapps,0 +25073,platforms/php/webapps/25073.txt,"JShop E-Commerce Suite 1.2 - Product.php Cross-site Scripting",2005-01-31,SmOk3,php,webapps,0 25074,platforms/php/webapps/25074.txt,"xoops incontent module 3.0 - Directory Traversal",2005-01-28,Lostmon,php,webapps,0 25075,platforms/multiple/dos/25075.pl,"Eternal Lines Web Server 1.0 - Remote Denial of Service",2005-02-01,"Ziv Kamir",multiple,dos,0 25076,platforms/linux/dos/25076.c,"postgresql 7.x - Multiple Vulnerabilities",2005-02-01,ChoiX,linux,dos,0 25077,platforms/linux/dos/25077.txt,"Newspost 2.0/2.1 - Remote Buffer Overflow",2005-02-01,"Niels Heinen",linux,dos,0 -25078,platforms/asp/webapps/25078.txt,"Eurofull E-Commerce - Mensresp.ASP Cross-Site Scripting",2005-02-02,Yani-ari,asp,webapps,0 +25078,platforms/asp/webapps/25078.txt,"Eurofull E-Commerce - Mensresp.ASP Cross-site Scripting",2005-02-02,Yani-ari,asp,webapps,0 25079,platforms/multiple/remote/25079.txt,"People Can Fly Painkiller Gamespy 1.3 - CD-Key Hash Remote Buffer Overflow",2005-02-02,"Luigi Auriemma",multiple,remote,0 25080,platforms/linux/local/25080.txt,"Newsgrab 0.5.0pre4 - Multiple Local And Remote Vulnerabilities",2005-02-02,"Niels Heinen",linux,local,0 25081,platforms/multiple/dos/25081.txt,"LANChat Pro Revival 1.666c - UDP Processing Remote Denial of Service",2005-04-29,"Donato Ferrante",multiple,dos,0 @@ -22237,7 +22237,7 @@ id,file,description,date,author,platform,type,port 25083,platforms/windows/dos/25083.txt,"RaidenHTTPD 1.1.27 - Remote File Disclosure",2005-02-05,"Donato Ferrante",windows,dos,0 25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 - Web Access Login Form Remote URI Redirection",2005-02-07,"Morning Wood",asp,webapps,0 25085,platforms/windows/dos/25085.txt,"Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow",2005-02-08,"Rafel Ivgi",windows,dos,0 -25086,platforms/windows/webapps/25086.pl,"Ipswitch IMail 11.01 - XSS",2013-04-29,DaOne,windows,webapps,0 +25086,platforms/windows/webapps/25086.pl,"Ipswitch IMail 11.01 - Cross-site Scripting",2013-04-29,DaOne,windows,webapps,0 25087,platforms/php/webapps/25087.txt,"Joomla! 3.0.3 - (remember.php) PHP Object Injection",2013-04-26,EgiX,php,webapps,0 25088,platforms/php/webapps/25088.txt,"Foe CMS 1.6.5 - Multiple Vulnerabilities",2013-04-29,flux77,php,webapps,0 25092,platforms/windows/remote/25092.txt,"Software602 602 Lan Suite 2004 2004.0.04.1221 - Arbitrary File Upload",2005-02-08,"Tan Chew Keong",windows,remote,0 @@ -22246,21 +22246,21 @@ id,file,description,date,author,platform,type,port 25095,platforms/windows/remote/25095.txt,"Microsoft Internet Explorer 5.0.1 - Mouse Event URI Status Bar Obfuscation Weakness",2005-02-14,Paul,windows,remote,0 25096,platforms/cgi/webapps/25096.txt,"AWStats 5.x/6.x - Debug Remote Information Disclosure",2005-02-14,GHC,cgi,webapps,0 25097,platforms/php/webapps/25097.txt,"Brooky CubeCart 2.0.1/2.0.4 - ndex.php language Parameter XSS",2005-02-14,"John Cobb",php,webapps,0 -25098,platforms/php/webapps/25098.txt,"Brooky CubeCart 2.0.1/2.0.4 - index.php language Parameter Traversal Arbitrary File Access",2005-02-14,"John Cobb",php,webapps,0 +25098,platforms/php/webapps/25098.txt,"Brooky CubeCart 2.0.1/2.0.4 - 'index.php' language Parameter Traversal Arbitrary File Access",2005-02-14,"John Cobb",php,webapps,0 25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 - importcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25100,platforms/php/webapps/25100.txt,"CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25101,platforms/php/webapps/25101.txt,"CitrusDB 0.3.6 - importcc.php CSV File SQL Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25102,platforms/php/webapps/25102.txt,"CitrusDB 0.3.6 - Remote Authentication Bypass",2004-02-15,"RedTeam Pentesting",php,webapps,0 -25103,platforms/php/webapps/25103.txt,"PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-15,waraxe,php,webapps,0 +25103,platforms/php/webapps/25103.txt,"PHP-Nuke 6.x/7.x - Multiple Cross-site Scripting Vulnerabilities",2005-02-15,waraxe,php,webapps,0 25104,platforms/php/webapps/25104.txt,"CitrusDB 0.3.6 - Arbitrary Local PHP File Include",2005-02-15,"RedTeam Pentesting",php,webapps,0 -25105,platforms/php/webapps/25105.txt,"OSCommerce 2.2 - Contact_us.php Cross-Site Scripting",2005-02-15,"John Cobb",php,webapps,0 +25105,platforms/php/webapps/25105.txt,"OSCommerce 2.2 - Contact_us.php Cross-site Scripting",2005-02-15,"John Cobb",php,webapps,0 25106,platforms/linux/local/25106.c,"Typespeed 0.4.1 - Local Format String",2005-02-16,"Ulf Harnhammar",linux,local,0 25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 25108,platforms/cgi/webapps/25108.txt,"AWStats 5.x/6.x - Logfile Parameter Remote Command Execution",2005-02-16,newbug@chroot.org,cgi,webapps,0 -25109,platforms/php/webapps/25109.txt,"DCP-Portal 6.1.1 - Multiple SQL Injection",2005-02-16,Exoduks,php,webapps,0 -25110,platforms/asp/webapps/25110.txt,"Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities",2005-02-16,"Andrey Rusyaev",asp,webapps,0 -25111,platforms/php/webapps/25111.txt,"PaNews 2.0 - Cross-Site Scripting",2005-02-16,pi3ch,php,webapps,0 -25112,platforms/php/webapps/25112.txt,"MercuryBoard Forum 1.0/1.1 - Cross-Site Scripting",2005-02-16,Lostmon,php,webapps,0 +25109,platforms/php/webapps/25109.txt,"DCP-Portal 6.1.1 - Multiple SQL Injections",2005-02-16,Exoduks,php,webapps,0 +25110,platforms/asp/webapps/25110.txt,"Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-site Scripting Vulnerabilities",2005-02-16,"Andrey Rusyaev",asp,webapps,0 +25111,platforms/php/webapps/25111.txt,"PaNews 2.0 - Cross-site Scripting",2005-02-16,pi3ch,php,webapps,0 +25112,platforms/php/webapps/25112.txt,"MercuryBoard Forum 1.0/1.1 - Cross-site Scripting",2005-02-16,Lostmon,php,webapps,0 25113,platforms/php/webapps/25113.txt,"WebCalendar 0.9.45 - SQL Injection",2005-02-17,"Michael Scovetta",php,webapps,0 25114,platforms/php/webapps/25114.txt,"paFaq beta4 - question.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25115,platforms/php/webapps/25115.txt,"paFaq beta4 - answer.php offset Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 @@ -22268,12 +22268,12 @@ id,file,description,date,author,platform,type,port 25117,platforms/php/webapps/25117.txt,"paFaq beta4 - comment.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 - bibindex.php search Parameter XSS",2005-02-17,"Patrick Hof",php,webapps,0 25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database Description Parameter XSS",2005-02-17,"Patrick Hof",php,webapps,0 -25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - index.php Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 +25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection",2005-02-17,"Patrick Hof",php,webapps,0 25122,platforms/linux/remote/25122.txt,"glFTPD 1.x/2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities",2005-02-18,"Paul Craig",linux,remote,0 25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 - ComGetLogFile.php3 fm Parameter Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 25124,platforms/hardware/dos/25124.txt,"Thomson TCW690 Cable Modem ST42.03.0a - Long GET Request DoS",2005-02-19,MurDoK,hardware,dos,0 -25125,platforms/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",php,webapps,0 +25125,platforms/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",php,webapps,0 25126,platforms/php/webapps/25126.txt,"eggBlog 4.1.2 - Arbitrary File Upload",2013-05-01,Pokk3rs,php,webapps,0 25127,platforms/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Inclusion",2005-02-19,kc,php,webapps,0 25128,platforms/windows/dos/25128.txt,"Easy Icon Maker 5.01 - Crash PoC",2013-05-01,Asesino04,windows,dos,0 @@ -22283,7 +22283,7 @@ id,file,description,date,author,platform,type,port 25132,platforms/multiple/remote/25132.txt,"Bontago Game Server 1.1 - Remote Nickname Buffer Overrun",2005-02-21,"Luigi Auriemma",multiple,remote,0 25133,platforms/multiple/remote/25133.txt,"xinkaa Web station 1.0.3 - Directory Traversal",2005-02-21,"Luigi Auriemma",multiple,remote,0 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass",2013-05-01,aeon,linux,local,0 -25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 +25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-site Scripting",2013-05-01,demonalex,windows,dos,0 25136,platforms/php/remote/25136.rb,"phpMyAdmin - Authenticated Remote Code Execution via preg_replace()",2013-05-01,Metasploit,php,remote,0 25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache Plugin - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 @@ -22296,10 +22296,10 @@ id,file,description,date,author,platform,type,port 25145,platforms/php/webapps/25145.txt,"PANews 2.0 - Remote PHP Script Code Execution",2005-02-21,tjomka,php,webapps,0 25146,platforms/windows/remote/25146.txt,"OpenConnect WebConnect 6.4/6.5 - jretest.html Traversal Arbitrary File Access",2005-02-21,"Dennis Rand",windows,remote,0 25147,platforms/cgi/webapps/25147.txt,"Biz Mail Form 2.x - Unauthorized Mail Relay",2005-02-22,"Jason Frisvold",cgi,webapps,0 -25148,platforms/asp/webapps/25148.txt,"Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities",2005-02-22,"Andrey Rusyaev",asp,webapps,0 -25149,platforms/php/webapps/25149.txt,"iGeneric iG Shop 1.x - Multiple SQL Injection",2005-02-22,"John Cobb",php,webapps,0 +25148,platforms/asp/webapps/25148.txt,"Mono 1.0.5 - Unicode Character Conversion Multiple Cross-site Scripting Vulnerabilities",2005-02-22,"Andrey Rusyaev",asp,webapps,0 +25149,platforms/php/webapps/25149.txt,"iGeneric iG Shop 1.x - Multiple SQL Injections",2005-02-22,"John Cobb",php,webapps,0 25150,platforms/linux/remote/25150.txt,"Winace UnAce 1.x - ACE Archive Remote Directory Traversal",2005-02-23,"Ulf Harnhammar",linux,remote,0 -25151,platforms/php/webapps/25151.txt,"PBLang Bulletin Board System 4.6 - Search.php Cross-Site Scripting",2005-02-23,"Hackerlounge Research Group",php,webapps,0 +25151,platforms/php/webapps/25151.txt,"PBLang Bulletin Board System 4.6 - Search.php Cross-site Scripting",2005-02-23,"Hackerlounge Research Group",php,webapps,0 25152,platforms/php/webapps/25152.txt,"phpMyAdmin 2.6 - select_server.lib.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25153,platforms/php/webapps/25153.txt,"phpMyAdmin 2.6 - display_tbl_links.lib.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25154,platforms/php/webapps/25154.txt,"phpMyAdmin 2.6 - theme_left.css.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 @@ -22310,7 +22310,7 @@ id,file,description,date,author,platform,type,port 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0 25160,platforms/php/webapps/25160.txt,"PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities",2005-02-24,"John Gumbel",php,webapps,0 25161,platforms/php/webapps/25161.txt,"PHPWebSite 0.x - Image File Processing Remote Arbitrary PHP File Upload",2005-02-24,tjomka,php,webapps,0 -25162,platforms/php/webapps/25162.txt,"CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-25,Lostmon,php,webapps,0 +25162,platforms/php/webapps/25162.txt,"CubeCart 2.0.x - Multiple Cross-site Scripting Vulnerabilities",2005-02-25,Lostmon,php,webapps,0 25163,platforms/windows/remote/25163.txt,"CIS WebServer 3.5.13 - Remote Directory Traversal",2005-02-25,CorryL,windows,remote,0 25164,platforms/linux/dos/25164.txt,"Gaim 1.1.3 - File Download Denial of Service",2005-02-25,"Randall Perry",linux,dos,0 25165,platforms/multiple/dos/25165.c,"Stormy Studios KNet 1.x - Remote Buffer Overflow",2005-02-26,Expanders,multiple,dos,0 @@ -22330,17 +22330,17 @@ id,file,description,date,author,platform,type,port 25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0 25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - Auth.php Remote File Inclusion",2005-03-01,mozako,php,webapps,0 25181,platforms/windows/remote/25181.py,"Cerulean Studios Trillian 3.0 - Remote .PNG Image File Parsing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,remote,0 -25182,platforms/php/webapps/25182.txt,"auraCMS 1.5 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"echo staff",php,webapps,0 +25182,platforms/php/webapps/25182.txt,"auraCMS 1.5 - Multiple Cross-site Scripting Vulnerabilities",2005-03-02,"echo staff",php,webapps,0 25195,platforms/windows/remote/25195.txt,"Oracle Database 8i/9i - Multiple Remote Directory Traversal Vulnerabilities",2005-03-07,"Cesar Cerrudo",windows,remote,0 25196,platforms/windows/remote/25196.txt,"Yahoo! Messenger 5.x/6.0 - Offline Mode Status Remote Buffer Overflow",2005-03-08,"Mehrtash Mallahzadeh",windows,remote,0 25197,platforms/php/webapps/25197.txt,"PHP-Fusion 5.0 - BBCode IMG Tag Script Injection",2005-03-08,FireSt0rm,php,webapps,0 25198,platforms/jsp/webapps/25198.txt,"OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities",2005-03-08,Altrus,jsp,webapps,0 -25199,platforms/php/webapps/25199.txt,"YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting",2005-03-08,trueend5,php,webapps,0 -25200,platforms/php/webapps/25200.txt,"PHP Arena PAFileDB 3.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-08,sp3x@securityreason.com,php,webapps,0 +25199,platforms/php/webapps/25199.txt,"YaBB 2.0 - Remote UsersRecentPosts Cross-site Scripting",2005-03-08,trueend5,php,webapps,0 +25200,platforms/php/webapps/25200.txt,"PHP Arena PAFileDB 3.1 - Multiple Cross-site Scripting Vulnerabilities",2005-03-08,sp3x@securityreason.com,php,webapps,0 25201,platforms/cgi/webapps/25201.txt,"NewsScript - Access Validation",2005-03-08,adrianc23@gmail.com,cgi,webapps,0 25202,platforms/linux/local/25202.c,"Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Local Root (1)",2005-03-09,sd,linux,local,0 25203,platforms/linux/local/25203.c,"Linux Kernel 2.6.9 /2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root (2)",2005-03-09,alert7,linux,local,0 -25204,platforms/windows/local/25204.py,"ABBS Audio Media Player 3.1 - (.lst) Buffer Overflow",2013-05-04,"Julien Ahrens",windows,local,0 +25204,platforms/windows/local/25204.py,"ABBS Audio Media Player 3.1 - '.lst' Buffer Overflow",2013-05-04,"Julien Ahrens",windows,local,0 25205,platforms/multiple/remote/25205.txt,"Techland XPand Rally 1.0/1.1 - Remote Format String",2005-03-10,"Luigi Auriemma",multiple,remote,0 25206,platforms/php/webapps/25206.txt,"phpoutsourcing zorum 3.5 - Multiple Vulnerabilities",2005-03-10,benjilenoob,php,webapps,0 25207,platforms/windows/remote/25207.txt,"py software active webcam webserver 4.3/5.5 - Multiple Vulnerabilities",2005-03-10,Sowhat,windows,remote,0 @@ -22361,7 +22361,7 @@ id,file,description,date,author,platform,type,port 25222,platforms/php/webapps/25222.html,"HolaCMS 1.2.x/1.4.x - Voting Module Directory Traversal Remote File Corruption",2005-03-13,"Virginity Security",php,webapps,0 25223,platforms/php/webapps/25223.txt,"Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities",2005-03-14,"Jon Oberheide",php,webapps,0 25224,platforms/php/webapps/25224.txt,"SimpGB 1.0 - Guestbook.php SQL Injection",2005-03-14,visus,php,webapps,0 -25225,platforms/php/webapps/25225.txt,"PHPAdsNew 2.0.4 - AdFrame.php Cross-Site Scripting",2005-03-14,"Maksymilian Arciemowicz",php,webapps,0 +25225,platforms/php/webapps/25225.txt,"PHPAdsNew 2.0.4 - AdFrame.php Cross-site Scripting",2005-03-14,"Maksymilian Arciemowicz",php,webapps,0 25226,platforms/php/webapps/25226.txt,"VoteBox 2.0 - Votebox.php Remote File Inclusion",2005-03-14,SmOk3,php,webapps,0 25227,platforms/php/webapps/25227.txt,"PHPOpenChat 2.3.4/3.0.1 - PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25228,platforms/php/webapps/25228.txt,"PHPOpenChat 2.3.4/3.0.1 - PoC.php Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 @@ -22369,7 +22369,7 @@ id,file,description,date,author,platform,type,port 25230,platforms/php/webapps/25230.txt,"PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities",2005-03-16,"benji lemien",php,webapps,0 25231,platforms/windows/dos/25231.txt,"Microsoft Windows 2000/2003/XP - Graphical Device Interface Library Denial of Service",2005-03-17,"Hongzhen Zhou",windows,dos,0 25232,platforms/php/webapps/25232.txt,"McNews 1.x - Install.php Arbitrary File Include",2005-03-17,"Jonathan Whiteley",php,webapps,0 -25233,platforms/asp/webapps/25233.txt,"ACS Blog 0.8/0.9/1.0/1.1 - Search.ASP Cross-Site Scripting",2005-03-17,"farhad koosha",asp,webapps,0 +25233,platforms/asp/webapps/25233.txt,"ACS Blog 0.8/0.9/1.0/1.1 - Search.ASP Cross-site Scripting",2005-03-17,"farhad koosha",asp,webapps,0 25234,platforms/linux/dos/25234.sh,"Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,dos,0 25235,platforms/php/webapps/25235.txt,"Subdreamer 1.0 - SQL Injection",2005-03-18,"GHC team",php,webapps,0 25236,platforms/php/webapps/25236.html,"PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities",2005-03-18,"PersianHacker Team",php,webapps,0 @@ -22381,7 +22381,7 @@ id,file,description,date,author,platform,type,port 25242,platforms/php/webapps/25242.txt,"Ciamos 0.9.2 - Highlight.php File Disclosure",2005-03-19,"Majid NT",php,webapps,0 25243,platforms/php/webapps/25243.txt,"TRG News 3.0 Script - Remote File Inclusion",2005-03-21,Frank_Reiner,php,webapps,0 25244,platforms/php/webapps/25244.txt,"CzarNews 1.13/1.14 - headlines.php Remote File Inclusion",2005-03-21,brOmstar,php,webapps,0 -25245,platforms/php/webapps/25245.txt,"Social Site Generator 2.2 - CSRF Add Admin Exploit",2013-05-06,Fallaga,php,webapps,0 +25245,platforms/php/webapps/25245.txt,"Social Site Generator 2.2 - CSRF (Add Admin) Exploit",2013-05-06,Fallaga,php,webapps,0 25247,platforms/php/webapps/25247.txt,"Craigslist Gold - SQL Injection",2013-05-06,Fallaga,php,webapps,0 25248,platforms/php/webapps/25248.txt,"Joomla DJ Classifieds Extension 2.0 - Blind SQL Injection",2013-05-06,Napsterakos,php,webapps,0 25249,platforms/php/webapps/25249.txt,"Webid 1.0.6 - Multiple Vulnerabilities",2013-05-06,"Ahmed Aboul-Ela",php,webapps,0 @@ -22392,35 +22392,35 @@ id,file,description,date,author,platform,type,port 25254,platforms/asp/webapps/25254.txt,"betaparticle blog 2.0/3.0 - myFiles.asp Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0 25256,platforms/osx/local/25256.c,"Apple Mac OS X 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 -25257,platforms/php/webapps/25257.txt,"Kayako ESupport 2.3 - Index.php Multiple Parameter Cross-Site Scripting",2005-03-22,"James Bercegay",php,webapps,0 +25257,platforms/php/webapps/25257.txt,"Kayako ESupport 2.3 - 'index.php' Multiple Parameter Cross-site Scripting",2005-03-22,"James Bercegay",php,webapps,0 25258,platforms/php/webapps/25258.txt,"Phorum 3.x/5.0.x - HTTP Response Splitting",2005-03-22,"Alexander Anisimov",php,webapps,0 25259,platforms/windows/dos/25259.py,"Microsoft Windows XP - Local Denial of Service",2005-03-22,liquid@cyberspace.org,windows,dos,0 -25260,platforms/php/webapps/25260.txt,"Vortex Portal 2.0 - index.php act Parameter Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 +25260,platforms/php/webapps/25260.txt,"Vortex Portal 2.0 - 'index.php' act Parameter Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 25261,platforms/php/webapps/25261.txt,"Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 -25262,platforms/php/webapps/25262.txt,"InterSpire ArticleLive 2005 - NewComment Cross-Site Scripting",2005-03-23,mircia,php,webapps,0 +25262,platforms/php/webapps/25262.txt,"InterSpire ArticleLive 2005 - NewComment Cross-site Scripting",2005-03-23,mircia,php,webapps,0 25263,platforms/php/webapps/25263.txt,"DigitalHive 2.0 - msg.php XSS",2005-03-23,"benji lemien",php,webapps,0 25264,platforms/php/webapps/25264.txt,"DigitalHive 2.0 - membres.php mt Parameter XSS",2005-03-23,"benji lemien",php,webapps,0 -25265,platforms/php/webapps/25265.txt,"phpSysInfo 2.0/2.3 - index.php sensor_program Parameter XSS",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0 +25265,platforms/php/webapps/25265.txt,"phpSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter XSS",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0 25266,platforms/php/webapps/25266.txt,"phpSysInfo 2.0/2.3 - system_footer.php Multiple Parameter XSS",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0 25267,platforms/php/webapps/25267.txt,"Invision Power Board 1.x/2.0 - HTML Injection",2005-03-23,"Woody Hughes",php,webapps,0 25268,platforms/windows/dos/25268.txt,"Microsoft Windows XP - TSShutdn.exe Remote Denial of Service",2005-03-23,"Juha-Matti Laurio",windows,dos,0 -25269,platforms/jsp/webapps/25269.txt,"Oracle Reports Server 10g - Multiple Cross-Site Scripting Vulnerabilities",2005-03-24,Paolo,jsp,webapps,0 -25270,platforms/php/webapps/25270.txt,"Topic Calendar 1.0.1 - Calendar_Scheduler.php Cross-Site Scripting",2004-03-24,"Alberto Trivero",php,webapps,0 +25269,platforms/jsp/webapps/25269.txt,"Oracle Reports Server 10g - Multiple Cross-site Scripting Vulnerabilities",2005-03-24,Paolo,jsp,webapps,0 +25270,platforms/php/webapps/25270.txt,"Topic Calendar 1.0.1 - Calendar_Scheduler.php Cross-site Scripting",2004-03-24,"Alberto Trivero",php,webapps,0 25271,platforms/php/webapps/25271.txt,"Double Choco Latte 0.9.3/0.9.4 - main.php Arbitrary PHP Code Execution",2005-03-24,"James Bercegay",php,webapps,0 -25272,platforms/php/webapps/25272.txt,"Dream4 Koobi CMS 4.2.3 - Index.php Cross-Site Scripting",2005-03-24,mircia,php,webapps,0 -25273,platforms/php/webapps/25273.txt,"Dream4 Koobi CMS 4.2.3 - Index.php SQL Injection",2005-03-24,mircia,php,webapps,0 +25272,platforms/php/webapps/25272.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' Cross-site Scripting",2005-03-24,mircia,php,webapps,0 +25273,platforms/php/webapps/25273.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' SQL Injection",2005-03-24,mircia,php,webapps,0 25274,platforms/windows/remote/25274.html,"Maxthon Web Browser 1.2 - Search Bar Information Disclosure",2005-03-25,"Aviv Raff",windows,remote,0 25275,platforms/linux/remote/25275.c,"Smail-3 - Multiple Remote and Local Vulnerabilities",2005-03-25,infamous42md,linux,remote,0 -25276,platforms/php/webapps/25276.txt,"PHPMyDirectory 10.1.3 - Review.php Multiple Parameter Cross-Site Scripting",2005-03-25,mircia,php,webapps,0 +25276,platforms/php/webapps/25276.txt,"PHPMyDirectory 10.1.3 - Review.php Multiple Parameter Cross-site Scripting",2005-03-25,mircia,php,webapps,0 25277,platforms/hardware/dos/25277.txt,"Netcomm NB1300 Modem/Router - Remote Denial of Service",2005-03-25,"Chris Rock",hardware,dos,0 25278,platforms/php/webapps/25278.sh,"ESMI PayPal Storefront 1.7 - pages.php idpages Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 25279,platforms/php/webapps/25279.txt,"ESMI PayPal Storefront 1.7 - products1.php id2 Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 -25280,platforms/php/webapps/25280.txt,"ESMI PayPal Storefront 1.7 - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 +25280,platforms/php/webapps/25280.txt,"ESMI PayPal Storefront 1.7 - Cross-site Scripting",2005-03-26,Dcrab,php,webapps,0 25281,platforms/windows/dos/25281.py,"Apple QuickTime 6.5.1 - PictureViewer Buffer Overflow",2005-03-26,liquid@cyberspace.org,windows,dos,0 25282,platforms/php/webapps/25282.txt,"Nuke Bookmarks 0.6 - Marks.php Path Disclosure",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 -25283,platforms/php/webapps/25283.txt,"Nuke Bookmarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 +25283,platforms/php/webapps/25283.txt,"Nuke Bookmarks 0.6 - Multiple Cross-site Scripting Vulnerabilities",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25284,platforms/php/webapps/25284.txt,"Nuke Bookmarks 0.6 - Marks.php SQL Injection",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 -25285,platforms/php/webapps/25285.txt,"MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 +25285,platforms/php/webapps/25285.txt,"MagicScripts E-Store Kit-2 PayPal Edition - Cross-site Scripting",2005-03-26,Dcrab,php,webapps,0 25286,platforms/php/webapps/25286.txt,"MagicScripts E-Store Kit-2 PayPal Edition - Remote File Inclusion",2005-03-26,Dcrab,php,webapps,0 25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (Proof of Concept) (1)",2005-03-28,"ilja van sprundel",linux,dos,0 25288,platforms/linux/local/25288.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2)",2005-04-08,qobaiashi,linux,local,0 @@ -22450,8 +22450,8 @@ id,file,description,date,author,platform,type,port 25313,platforms/asp/webapps/25313.txt,"ACS Blog 0.8/0.9/1.0/1.1 - Name Field HTML Injection",2005-03-28,"Dan Crowley",asp,webapps,0 25314,platforms/php/webapps/25314.txt,"The Includer 1.0/1.1 - Remote File Inclusion",2005-03-29,"hoang yen",php,webapps,0 25315,platforms/php/webapps/25315.html,"Chatness 2.5 - Message Form Field HTML Injection",2005-03-29,3nitro,php,webapps,0 -25316,platforms/php/webapps/25316.txt,"CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-29,mircia,php,webapps,0 -25317,platforms/php/webapps/25317.txt,"Uapplication Ublog 1.0.x - Cross-Site Scripting",2005-03-29,"PersianHacker Team",php,webapps,0 +25316,platforms/php/webapps/25316.txt,"CPG Dragonfly 9.0.2.0 - Multiple Cross-site Scripting Vulnerabilities",2005-03-29,mircia,php,webapps,0 +25317,platforms/php/webapps/25317.txt,"Uapplication Ublog 1.0.x - Cross-site Scripting",2005-03-29,"PersianHacker Team",php,webapps,0 25318,platforms/asp/webapps/25318.txt,"Iatek IntranetApp 2.3 - ad_click.asp banner_id Parameter SQL Injection",2005-03-29,"Diabolic Crab",asp,webapps,0 25319,platforms/windows/remote/25319.txt,"FastStone 4in1 Browser 1.2 - Web Server Remote Directory Traversal",2005-03-29,"Donato Ferrante",windows,remote,0 25320,platforms/php/webapps/25320.txt,"Lighthouse Development Squirrelcart 1.5.5 - SQL Injection",2005-03-29,"Diabolic Crab",php,webapps,0 @@ -22462,58 +22462,58 @@ id,file,description,date,author,platform,type,port 25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 - Object Push Service Bluetooth File Upload Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0 25326,platforms/windows/dos/25326.txt,"RUMBA 7.3/7.4 - Profile Handling Multiple Buffer Overflow Vulnerabilities",2005-04-01,"Bahaa Naamneh",windows,dos,0 25327,platforms/php/webapps/25327.txt,"AlstraSoft EPay Pro 2.0 - Remote File Inclusion",2005-04-01,Dcrab,php,webapps,0 -25328,platforms/php/webapps/25328.txt,"AlstraSoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0 +25328,platforms/php/webapps/25328.txt,"AlstraSoft EPay Pro 2.0 - Multiple Cross-site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0 25329,platforms/windows/dos/25329.cfg,"Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow",2005-04-02,"Luigi Auriemma",windows,dos,0 -25330,platforms/php/webapps/25330.txt,"phpMyAdmin 2.x - Convcharset Cross-Site Scripting",2005-04-03,"Oriol Torrent Santiago",php,webapps,0 +25330,platforms/php/webapps/25330.txt,"phpMyAdmin 2.x - Convcharset Cross-site Scripting",2005-04-03,"Oriol Torrent Santiago",php,webapps,0 25331,platforms/cgi/webapps/25331.txt,"SonicWALL SOHO 5.1.7 Web Interface - Multiple Remote Input Validation Vulnerabilities",2005-04-04,"Oliver Karow",cgi,webapps,0 25332,platforms/asp/webapps/25332.txt,"SiteEnable - SQL Injection",2005-04-02,Zinho,asp,webapps,0 25333,platforms/unix/local/25333.c,"SCO OpenServer 5.0.6/5.0.7 - NWPrint Command Line Argument Local Buffer Overflow",2005-04-04,"pasquale minervini",unix,local,0 25334,platforms/linux/dos/25334.txt,"Mozilla Suite/Firefox - JavaScript Lambda Replace Heap Memory Disclosure",2005-04-04,"Daniel McNeil",linux,dos,0 25335,platforms/unix/remote/25335.txt,"IBM iSeries AS400 LDAP Server - Remote Information Disclosure",2005-04-04,"Shalom Carmel",unix,remote,0 25336,platforms/windows/remote/25336.txt,"Logics Software LOG-FT - Arbitrary File Disclosure",2005-04-05,"Pedro Viuales and Rom Ramirez",windows,remote,0 -25337,platforms/php/webapps/25337.txt,"ProfitCode Software PayProCart 3.0 - Usrdetails.php Cross-Site Scripting",2005-04-05,"Diabolic Crab",php,webapps,0 +25337,platforms/php/webapps/25337.txt,"ProfitCode Software PayProCart 3.0 - Usrdetails.php Cross-site Scripting",2005-04-05,"Diabolic Crab",php,webapps,0 25338,platforms/php/webapps/25338.txt,"profitcode software payprocart 3.0 - Directory Traversal",2005-04-05,"Diabolic Crab",php,webapps,0 -25339,platforms/php/webapps/25339.txt,"PHP-Nuke 6.x/7.x - Your_Account Module Username Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 -25340,platforms/php/webapps/25340.txt,"PHP-Nuke 6.x/7.x - Your_Account Module Avatarcategory Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 -25341,platforms/php/webapps/25341.html,"PHP-Nuke 6.x/7.x - Downloads Module Lid Parameter Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 -25342,platforms/php/webapps/25342.txt,"PHP-Nuke 7.6 - Web_Links Module Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 -25343,platforms/php/webapps/25343.txt,"PHP-Nuke 7.6 - Banners.php Cross-Site Scripting",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 +25339,platforms/php/webapps/25339.txt,"PHP-Nuke 6.x/7.x - Your_Account Module Username Cross-site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 +25340,platforms/php/webapps/25340.txt,"PHP-Nuke 6.x/7.x - Your_Account Module Avatarcategory Cross-site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 +25341,platforms/php/webapps/25341.html,"PHP-Nuke 6.x/7.x - Downloads Module Lid Parameter Cross-site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 +25342,platforms/php/webapps/25342.txt,"PHP-Nuke 7.6 - Web_Links Module Multiple Cross-site Scripting Vulnerabilities",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 +25343,platforms/php/webapps/25343.txt,"PHP-Nuke 7.6 - Banners.php Cross-site Scripting",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 25344,platforms/php/webapps/25344.txt,"PHPBB 2.0.13 DLMan Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25345,platforms/php/webapps/25345.txt,"PHPBB 2.0.13 Linkz Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25346,platforms/asp/webapps/25346.txt,"Active Auction House - Default.ASP Multiple SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25347,platforms/asp/webapps/25347.txt,"Active Auction House - ItemInfo.ASP SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25348,platforms/asp/webapps/25348.txt,"Active Auction House - start.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 25349,platforms/asp/webapps/25349.txt,"Active Auction House - account.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 -25350,platforms/cgi/webapps/25350.txt,"WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting",2005-04-06,"Oliver Karow",cgi,webapps,0 -25351,platforms/asp/webapps/25351.txt,"Active Auction House - Sendpassword.ASP Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 -25352,platforms/asp/webapps/25352.txt,"Active Auction House - WatchThisItem.ASP Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 +25350,platforms/cgi/webapps/25350.txt,"WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-site Scripting",2005-04-06,"Oliver Karow",cgi,webapps,0 +25351,platforms/asp/webapps/25351.txt,"Active Auction House - Sendpassword.ASP Multiple Cross-site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 +25352,platforms/asp/webapps/25352.txt,"Active Auction House - WatchThisItem.ASP Cross-site Scripting",2005-04-06,Dcrab,asp,webapps,0 25353,platforms/unix/dos/25353.txt,"IBM Lotus Domino Server 6.5.1 Web Service - Remote Denial of Service",2005-04-06,anonymous,unix,dos,0 -25354,platforms/php/webapps/25354.txt,"Ocean12 Membership Manager Pro - Cross-Site Scripting",2005-04-06,Zinho,php,webapps,0 -25355,platforms/php/webapps/25355.txt,"CubeCart 2.0.x - index.php Multiple Variable Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 +25354,platforms/php/webapps/25354.txt,"Ocean12 Membership Manager Pro - Cross-site Scripting",2005-04-06,Zinho,php,webapps,0 +25355,platforms/php/webapps/25355.txt,"CubeCart 2.0.x - 'index.php' Multiple Variable Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25356,platforms/php/webapps/25356.txt,"CubeCart 2.0.x - tellafriend.php product Variable Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25357,platforms/php/webapps/25357.txt,"CubeCart 2.0.x - view_cart.php add Variable Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25358,platforms/php/webapps/25358.txt,"CubeCart 2.0.x - view_product.php product Variable Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 25359,platforms/hardware/remote/25359.txt,"Linksys WET11 - Password Update Remote Authentication Bypass",2005-04-07,"Kristian Hermansen",hardware,remote,0 -25360,platforms/php/webapps/25360.txt,"PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injection",2005-04-07,"Maksymilian Arciemowicz",php,webapps,0 +25360,platforms/php/webapps/25360.txt,"PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injections",2005-04-07,"Maksymilian Arciemowicz",php,webapps,0 25361,platforms/irix/local/25361.txt,"SGI IRIX 6.5.22 - GR_OSView Information Disclosure",2005-04-07,anonymous,irix,local,0 25362,platforms/irix/local/25362.txt,"SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite",2005-04-07,anonymous,irix,local,0 25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH",2013-05-11,ariarat,windows,dos,0 25364,platforms/windows/dos/25364.txt,"AN HTTPD - CMDIS.DLL Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0 25365,platforms/windows/remote/25365.txt,"AN HTTPD 1.42 - Arbitrary Log Content Injection",2005-04-08,"Tan Chew Keong",windows,remote,0 -25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 -25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 - Module Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 +25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-site Scripting",2005-04-08,Dcrab,php,webapps,0 +25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 - Module Parameter Cross-site Scripting",2005-04-08,Dcrab,php,webapps,0 25368,platforms/php/webapps/25368.txt,"PostNuke Phoenix 0.760 RC3 - SID Parameter SQL Injection",2005-04-08,Dcrab,php,webapps,0 -25369,platforms/php/webapps/25369.txt,"RadScripts RadBids Gold 2.0 - index.php read Parameter Traversal Arbitrary File Access",2005-04-09,Dcrab,php,webapps,0 -25370,platforms/php/webapps/25370.txt,"RadScripts RadBids Gold 2.0 - index.php mode Parameter SQL Injection",2005-04-09,Dcrab,php,webapps,0 +25369,platforms/php/webapps/25369.txt,"RadScripts RadBids Gold 2.0 - 'index.php' read Parameter Traversal Arbitrary File Access",2005-04-09,Dcrab,php,webapps,0 +25370,platforms/php/webapps/25370.txt,"RadScripts RadBids Gold 2.0 - 'index.php' mode Parameter SQL Injection",2005-04-09,Dcrab,php,webapps,0 25371,platforms/php/webapps/25371.txt,"RadScripts RadBids Gold 2.0 - faq.php farea Parameter XSS",2005-04-09,Dcrab,php,webapps,0 -25372,platforms/php/webapps/25372.txt,"RadScripts RadBids Gold 2.0 - index.php Multiple Parameter XSS",2005-04-09,Dcrab,php,webapps,0 +25372,platforms/php/webapps/25372.txt,"RadScripts RadBids Gold 2.0 - 'index.php' Multiple Parameter XSS",2005-04-09,Dcrab,php,webapps,0 25373,platforms/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter XSS",2005-04-09,kre0n,php,webapps,0 25374,platforms/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter SQL Injection",2005-04-09,kre0n,php,webapps,0 25375,platforms/linux/remote/25375.pl,"KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing",2005-04-11,"Noam Rathaus",linux,remote,0 25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 - News.php File Include",2005-04-10,"James Bercegay",php,webapps,0 -25377,platforms/php/webapps/25377.txt,"ModernGigabyte ModernBill 4.3 - C_CODE Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 -25378,platforms/php/webapps/25378.txt,"ModernGigabyte ModernBill 4.3 - Aid Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 -25379,platforms/php/webapps/25379.txt,"Zoom Media Gallery 2.1.2 - Index.php SQL Injection",2005-04-11,"Andreas Constantinides",php,webapps,0 +25377,platforms/php/webapps/25377.txt,"ModernGigabyte ModernBill 4.3 - C_CODE Parameter Cross-site Scripting",2005-04-11,"James Bercegay",php,webapps,0 +25378,platforms/php/webapps/25378.txt,"ModernGigabyte ModernBill 4.3 - Aid Parameter Cross-site Scripting",2005-04-11,"James Bercegay",php,webapps,0 +25379,platforms/php/webapps/25379.txt,"Zoom Media Gallery 2.1.2 - 'index.php' SQL Injection",2005-04-11,"Andreas Constantinides",php,webapps,0 25380,platforms/php/webapps/25380.txt,"Invision Power Board 1.x - ST Parameter SQL Injection",2005-04-11,Dcrab,php,webapps,0 25381,platforms/php/webapps/25381.txt,"WebCT Discussion Board 4.1 - HTML Injection",2005-04-11,lacertosum,php,webapps,0 25382,platforms/php/webapps/25382.txt,"JPortal 2.3.1 - Banner.php SQL Injection",2005-04-11,CiNU5,php,webapps,0 @@ -22523,27 +22523,27 @@ id,file,description,date,author,platform,type,port 25386,platforms/windows/remote/25386.txt,"Microsoft Internet Explorer 5.0.1 - DHTML Object Race Condition Memory Corruption",2005-04-12,"Berend-Jan Wever",windows,remote,0 25387,platforms/multiple/dos/25387.txt,"Multiple Vendor ICMP Implementation - Spoofed Source Quench Packet DoS",2005-04-12,"Fernando Gont",multiple,dos,0 25388,platforms/multiple/dos/25388.txt,"Multiple Vendor ICMP Implementation - Malformed Path MTU DoS",2005-04-12,"Fernando Gont",multiple,dos,0 -25389,platforms/multiple/dos/25389.txt,"Multiple Vendor ICMP Message Handling - DoS",2005-04-12,"Fernando Gont",multiple,dos,0 -25390,platforms/asp/webapps/25390.txt,"Comersus Cart 4.0/5.0 - Comersus_Search_Item.ASP Cross-Site Scripting",2005-04-12,Lostmon,asp,webapps,0 +25389,platforms/multiple/dos/25389.txt,"Multiple Vendor ICMP Message Handling - Denial of Service",2005-04-12,"Fernando Gont",multiple,dos,0 +25390,platforms/asp/webapps/25390.txt,"Comersus Cart 4.0/5.0 - Comersus_Search_Item.ASP Cross-site Scripting",2005-04-12,Lostmon,asp,webapps,0 25391,platforms/multiple/remote/25391.txt,"XAMPP - Phonebook.php Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 25392,platforms/linux/remote/25392.c,"Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow",2005-04-12,Xpl017Elz,linux,remote,0 25393,platforms/multiple/dos/25393.txt,"XAMPP - Insecure Default Password Disclosure",2005-04-12,"Morning Wood",multiple,dos,0 -25394,platforms/php/webapps/25394.txt,"Pinnacle Cart - Index.php Cross-Site Scripting",2005-04-12,SmOk3,php,webapps,0 +25394,platforms/php/webapps/25394.txt,"Pinnacle Cart - 'index.php' Cross-site Scripting",2005-04-12,SmOk3,php,webapps,0 25395,platforms/multiple/remote/25395.txt,"Sun JavaMail 1.3.2 - MimeBodyPart.getFileName Directory Traversal",2005-04-12,"Rafael San Miguel Carrasco",multiple,remote,0 25396,platforms/multiple/remote/25396.txt,"Oracle 8.x/9.x/10.x - Database Multiple SQL Injection",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 25397,platforms/multiple/remote/25397.txt,"Oracle Database 10.1 - MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 -25398,platforms/php/webapps/25398.txt,"PHPBB2 Plus 1.5 - GroupCP.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 -25399,platforms/php/webapps/25399.txt,"PHPBB2 Plus 1.5 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 -25400,platforms/php/webapps/25400.txt,"PHPBB2 Plus 1.5 - Portal.php Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 -25401,platforms/php/webapps/25401.txt,"PHPBB2 Plus 1.5 - ViewTopic.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 +25398,platforms/php/webapps/25398.txt,"PHPBB2 Plus 1.5 - GroupCP.php Cross-site Scripting",2005-04-13,Dcrab,php,webapps,0 +25399,platforms/php/webapps/25399.txt,"PHPBB2 Plus 1.5 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 +25400,platforms/php/webapps/25400.txt,"PHPBB2 Plus 1.5 - Portal.php Multiple Cross-site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 +25401,platforms/php/webapps/25401.txt,"PHPBB2 Plus 1.5 - ViewTopic.php Cross-site Scripting",2005-04-13,Dcrab,php,webapps,0 25402,platforms/hardware/dos/25402.txt,"LG U8120 Mobile Phone - .MIDI File Remote Denial of Service",2005-04-13,"Luca Ercoli",hardware,dos,0 -25403,platforms/php/webapps/25403.txt,"PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 -25404,platforms/php/webapps/25404.txt,"PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 +25403,platforms/php/webapps/25403.txt,"PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-site Scripting",2005-04-13,Dcrab,php,webapps,0 +25404,platforms/php/webapps/25404.txt,"PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-site Scripting",2005-04-13,Dcrab,php,webapps,0 25405,platforms/php/webapps/25405.txt,"GetSimpleCMS 3.2.1 - Arbitrary File Upload",2013-05-13,"Ahmed Elhady Mohamed",php,webapps,0 25406,platforms/linux/local/25406.sh,"Kloxo 6.1.6 - Local Privilege Escalation",2013-05-13,HTP,linux,local,0 25408,platforms/windows/dos/25408.pl,"Windows Media Player 11.0.0 - (.wav) Crash PoC",2013-05-13,Asesino04,windows,dos,0 25409,platforms/php/webapps/25409.txt,"Ajax Availability Calendar 3.x.x - Multiple Vulnerabilities",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 -25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster - (index.php id param) SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 +25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster - (index.php id parameter) SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 25411,platforms/linux/local/25411.py,"No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow",2013-05-13,"Alberto Ortega",linux,local,0 25412,platforms/ios/webapps/25412.txt,"Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25413,platforms/hardware/webapps/25413.txt,"Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 @@ -22552,56 +22552,56 @@ id,file,description,date,author,platform,type,port 25416,platforms/hardware/webapps/25416.txt,"SimpleTransfer 2.2.1 - Command Injection",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25417,platforms/ios/webapps/25417.txt,"File Lite 3.3 & 3.5 PRO iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25418,platforms/windows/dos/25418.py,"MiniWeb MiniWeb HTTP Server (build 300) - Crash PoC",2013-05-13,dmnt,windows,dos,0 -25419,platforms/windows/local/25419.pl,"Adrenalin Player 2.2.5.3 - (.m3u) Buffer Overflow Exploit (SEH)",2013-05-13,seaofglass,windows,local,0 +25419,platforms/windows/local/25419.pl,"Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow Exploit (SEH)",2013-05-13,seaofglass,windows,local,0 25420,platforms/multiple/remote/25420.txt,"IBM WebSphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure",2005-04-13,"SPI Labs",multiple,remote,0 -25421,platforms/windows/remote/25421.txt,"RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting",2005-04-15,"Oliver Karow",windows,remote,0 -25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 - Index.php Arbitrary Remote File Inclusion",2005-04-14,"Francisco Alisson",php,webapps,0 -25423,platforms/php/webapps/25423.txt,"SPHPBlog 0.4 - Search.php Cross-Site Scripting",2005-04-14,y3dips,php,webapps,0 +25421,platforms/windows/remote/25421.txt,"RSA Security RSA Authentication Agent For Web 5.2 - Cross-site Scripting",2005-04-15,"Oliver Karow",windows,remote,0 +25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 - 'index.php' Arbitrary Remote File Inclusion",2005-04-14,"Francisco Alisson",php,webapps,0 +25423,platforms/php/webapps/25423.txt,"SPHPBlog 0.4 - Search.php Cross-site Scripting",2005-04-14,y3dips,php,webapps,0 25424,platforms/asp/webapps/25424.txt,"OneWorldStore - OWAddItem.ASP SQL Injection",2005-04-14,Dcrab,asp,webapps,0 25425,platforms/asp/webapps/25425.txt,"OneWorldStore - OWListProduct.ASP Multiple SQL Injection",2005-04-14,Dcrab,asp,webapps,0 25426,platforms/asp/webapps/25426.txt,"OneWorldStore - OWProductDetail.ASP SQL Injection",2005-04-14,Dcrab,asp,webapps,0 -25427,platforms/asp/webapps/25427.txt,"OneWorldStore - OWContactUs.ASP Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 -25428,platforms/asp/webapps/25428.txt,"OneWorldStore - OWListProduct.ASP Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 +25427,platforms/asp/webapps/25427.txt,"OneWorldStore - OWContactUs.ASP Cross-site Scripting",2005-04-14,Dcrab,asp,webapps,0 +25428,platforms/asp/webapps/25428.txt,"OneWorldStore - OWListProduct.ASP Cross-site Scripting",2005-04-14,Dcrab,asp,webapps,0 25429,platforms/linux/dos/25429.c,"Libsafe 2.0 - Multi-threaded Process Race Condition Security Bypass Weakness",2005-04-15,Overflow.pl,linux,dos,0 25430,platforms/php/webapps/25430.txt,"PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting",2005-04-15,Dcrab,php,webapps,0 25431,platforms/php/webapps/25431.pl,"Ariadne CMS 2.4 - Remote File Inclusion",2006-10-19,"Fidel Costa",php,webapps,0 25432,platforms/php/webapps/25432.txt,"PHPBB Remote - Mod.php SQL Injection",2005-04-16,"tom cruise",php,webapps,0 -25433,platforms/php/webapps/25433.txt,"Datenbank Module For PHPBB - Remote Mod.php Cross-Site Scripting",2005-04-16,"tom cruise",php,webapps,0 -25434,platforms/php/webapps/25434.txt,"eGroupWare 1.0 - index.php Multiple Parameter XSS",2005-04-18,"GulfTech Security",php,webapps,0 +25433,platforms/php/webapps/25433.txt,"Datenbank Module For PHPBB - Remote Mod.php Cross-site Scripting",2005-04-16,"tom cruise",php,webapps,0 +25434,platforms/php/webapps/25434.txt,"eGroupWare 1.0 - 'index.php' Multiple Parameter XSS",2005-04-18,"GulfTech Security",php,webapps,0 25435,platforms/php/webapps/25435.txt,"eGroupWare 1.0 - sitemgr-site/index.php category_id Parameter XSS",2005-04-18,"GulfTech Security",php,webapps,0 25436,platforms/php/webapps/25436.txt,"eGroupWare 1.0 - tts/index.php filter Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 -25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 - index.php cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 -25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting",2005-04-18,"hoang yen",php,webapps,0 +25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 - 'index.php' cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 +25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-site Scripting",2005-04-18,"hoang yen",php,webapps,0 25439,platforms/multiple/dos/25439.c,"Multiple Vendor - TCP Session Acknowledgement Number Denial of Service",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager Plugin - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 -25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id param) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 +25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id parameter) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow (SEH)",2013-05-14,ariarat,windows,dos,0 25444,platforms/linux/local/25444.c,"Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Local Root Exploit (1)",2013-05-14,sd,linux,local,0 25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC - SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC - SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 -25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injection",2013-05-14,RunRunLevel,php,webapps,0 +25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injections",2013-05-14,RunRunLevel,php,webapps,0 25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 - ERS File Handling Buffer Overflow",2013-05-14,Metasploit,windows,local,0 -25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - CSRF",2013-05-14,"High-Tech Bridge SA",php,webapps,0 +25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - Cross-site Request Forgery",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 25451,platforms/php/webapps/25451.txt,"PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 25452,platforms/multiple/remote/25452.pl,"Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (1)",2007-02-23,bunker,multiple,remote,0 25453,platforms/multiple/remote/25453.pl,"Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 25454,platforms/windows/remote/25454.txt,"Microsoft Windows 98/2000 Explorer - Preview Pane Script Injection",2005-04-19,"GreyMagic Software",windows,remote,0 25455,platforms/asp/webapps/25455.txt,"OneWorldStore - DisplayResults.ASP SQL Injection",2005-04-19,Lostmon,asp,webapps,0 -25456,platforms/asp/webapps/25456.txt,"OneWorldStore - DisplayResults.ASP Cross-Site Scripting",2005-04-19,Lostmon,asp,webapps,0 +25456,platforms/asp/webapps/25456.txt,"OneWorldStore - DisplayResults.ASP Cross-site Scripting",2005-04-19,Lostmon,asp,webapps,0 25457,platforms/php/webapps/25457.c,"UBBCentral 6.0 - UBB.threads Printthread.php SQL Injection",2005-03-11,HLL,php,webapps,0 -25458,platforms/php/webapps/25458.txt,"CityPost PHP LNKX 52.0 - Message.php Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 -25459,platforms/php/webapps/25459.txt,"CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 -25464,platforms/php/webapps/25464.txt,"CityPost Simple PHP Upload - Simple-upload-53.php Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 +25458,platforms/php/webapps/25458.txt,"CityPost PHP LNKX 52.0 - Message.php Cross-site Scripting",2005-04-19,Thom,php,webapps,0 +25459,platforms/php/webapps/25459.txt,"CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-site Scripting",2005-04-19,Thom,php,webapps,0 +25464,platforms/php/webapps/25464.txt,"CityPost Simple PHP Upload - Simple-upload-53.php Cross-site Scripting",2005-04-19,Thom,php,webapps,0 25465,platforms/linux/dos/25465.txt,"Logwatch 2.6 Secure Script - Denial of Service",2005-04-20,anonymous,linux,dos,0 25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - Admin/Login.ASP SQL Injection",2005-04-20,c0d3r,asp,webapps,0 25467,platforms/php/webapps/25467.txt,"Netref 4.2 - Cat_for_gen.php Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 -25468,platforms/php/webapps/25468.txt,"PHP Labs - .proFile Dir URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 +25468,platforms/php/webapps/25468.txt,"PHP Labs - .proFile Dir URI Variable Cross-site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection",2005-04-20,Zinho,php,webapps,0 25470,platforms/multiple/dos/25470.txt,"Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service",2005-04-20,"Adam Baldwin",multiple,dos,0 25472,platforms/windows/dos/25472.py,"Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of Service",2013-05-15,Sapling,windows,dos,0 -25473,platforms/php/webapps/25473.txt,"PHP Labs - .proFile File URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 +25473,platforms/php/webapps/25473.txt,"PHP Labs - .proFile File URI Variable Cross-site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25474,platforms/php/webapps/25474.txt,"PHPBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25475,platforms/php/webapps/25475.txt,"PHPBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25476,platforms/asp/webapps/25476.txt,"DUportal Pro 3.4 - default.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 @@ -22616,22 +22616,22 @@ id,file,description,date,author,platform,type,port 25484,platforms/asp/webapps/25484.txt,"DUportal 3.1.2 - inc_rating.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25486,platforms/windows/remote/25486.txt,"RaidenFTPD 2.4 - Unauthorized File Access",2005-04-21,"Lachlan. H",windows,remote,0 25487,platforms/windows/remote/25487.txt,"yawcam 0.2.5 - Directory Traversal",2005-04-21,"Donato Ferrante",windows,remote,0 -25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 - Username Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25489,platforms/php/webapps/25489.txt,"ProfitCode Software PayProCart 3.0 - Ckprvd Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25490,platforms/php/webapps/25490.txt,"ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25491,platforms/php/webapps/25491.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ModID Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25492,platforms/php/webapps/25492.txt,"ProfitCode Software PayProCart 3.0 - AdminShop TaskID Cross-Site Scripting",2004-04-21,Lostmon,php,webapps,0 +25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 - Username Cross-site Scripting",2005-04-21,Lostmon,php,webapps,0 +25489,platforms/php/webapps/25489.txt,"ProfitCode Software PayProCart 3.0 - Ckprvd Cross-site Scripting",2005-04-21,Lostmon,php,webapps,0 +25490,platforms/php/webapps/25490.txt,"ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-site Scripting",2005-04-21,Lostmon,php,webapps,0 +25491,platforms/php/webapps/25491.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ModID Cross-site Scripting",2005-04-21,Lostmon,php,webapps,0 +25492,platforms/php/webapps/25492.txt,"ProfitCode Software PayProCart 3.0 - AdminShop TaskID Cross-site Scripting",2004-04-21,Lostmon,php,webapps,0 25493,platforms/php/webapps/25493.txt,"CKEditor < 4.1WYSIWYG module Drupal 6.x & 7.x - Persistent XSS",2013-05-17,r0ng,php,webapps,0 -25494,platforms/php/webapps/25494.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ProMod Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25495,platforms/php/webapps/25495.txt,"ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 +25494,platforms/php/webapps/25494.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ProMod Cross-site Scripting",2005-04-21,Lostmon,php,webapps,0 +25495,platforms/php/webapps/25495.txt,"ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-site Scripting",2005-04-21,Lostmon,php,webapps,0 25496,platforms/php/webapps/25496.txt,"php-Charts 1.0 - Code Execution",2013-05-17,"fizzle stick",php,webapps,0 25497,platforms/lin_x86/shellcode/25497.c,"Linux/x86 - Reverse TCP Bind 192.168.1.10:31337 Shellcode (92 bytes)",2013-05-17,"Russell Willis",lin_x86,shellcode,0 25498,platforms/asp/webapps/25498.txt,"ASPNuke 0.80 - Comments.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0 25499,platforms/linux/dos/25499.py,"nginx 1.3.9-1.4.0 - DoS PoC",2013-05-17,"Mert SARICA",linux,dos,0 25500,platforms/asp/webapps/25500.txt,"ASPNuke 0.80 - Detail.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0 -25501,platforms/asp/webapps/25501.txt,"ASPNuke 0.80 - Profile.ASP Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 -25502,platforms/asp/webapps/25502.txt,"ASPNuke 0.80 - Select.ASP Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 -25503,platforms/php/webapps/25503.txt,"WoltLab Burning Board 2.3.1 - Thread.php Cross-Site Scripting",2005-04-22,deluxe89,php,webapps,0 +25501,platforms/asp/webapps/25501.txt,"ASPNuke 0.80 - Profile.ASP Cross-site Scripting",2005-04-22,Dcrab,asp,webapps,0 +25502,platforms/asp/webapps/25502.txt,"ASPNuke 0.80 - Select.ASP Cross-site Scripting",2005-04-22,Dcrab,asp,webapps,0 +25503,platforms/php/webapps/25503.txt,"WoltLab Burning Board 2.3.1 - Thread.php Cross-site Scripting",2005-04-22,deluxe89,php,webapps,0 25504,platforms/asp/webapps/25504.txt,"Black Knight Forum 4.0 - Member.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25505,platforms/asp/webapps/25505.txt,"Black Knight Forum 4.0 - Forum.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25506,platforms/asp/webapps/25506.txt,"CartWIZ 1.10 - AddToCart.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 @@ -22640,28 +22640,28 @@ id,file,description,date,author,platform,type,port 25509,platforms/asp/webapps/25509.txt,"CartWIZ 1.10 - SearchResults.ASP PriceTo Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25510,platforms/asp/webapps/25510.txt,"CartWIZ 1.10 - SearchResults.ASP PriceFrom Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25511,platforms/asp/webapps/25511.txt,"CartWIZ 1.10 - SearchResults.ASP IDCategory Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25512,platforms/asp/webapps/25512.txt,"CartWIZ 1.10 - TellAFriend.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25513,platforms/asp/webapps/25513.txt,"CartWIZ 1.10 - AddToWishlist.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 - Access.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 - Error.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 - Login.ASP Redirect Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25512,platforms/asp/webapps/25512.txt,"CartWIZ 1.10 - TellAFriend.ASP Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25513,platforms/asp/webapps/25513.txt,"CartWIZ 1.10 - AddToWishlist.ASP Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 - Access.ASP Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 - Error.ASP Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 - Login.ASP Redirect Argument Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 25517,platforms/linux/remote/25517.rb,"Mutiny 5 - Arbitrary File Upload",2013-05-17,Metasploit,linux,remote,0 25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 25519,platforms/php/webapps/25519.txt,"ZPanel - templateparser.class.php Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 -25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 - Login.ASP Message Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 - SearchResults.ASP SKU Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 - SearchResults.ASP Name Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25523,platforms/php/webapps/25523.txt,"PHPBB 2.0.x - Profile.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 -25524,platforms/php/webapps/25524.txt,"PHPBB 2.0.x - Viewtopic.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 +25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 - Login.ASP Message Argument Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 - SearchResults.ASP SKU Argument Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 - SearchResults.ASP Name Argument Cross-site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25523,platforms/php/webapps/25523.txt,"PHPBB 2.0.x - Profile.php Cross-site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 +25524,platforms/php/webapps/25524.txt,"PHPBB 2.0.x - Viewtopic.php Cross-site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25525,platforms/linux/dos/25525.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (1)",2005-04-25,kf,linux,dos,0 25526,platforms/linux/remote/25526.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (2)",2005-04-25,kf,linux,remote,0 25527,platforms/linux/dos/25527.txt,"ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow",2005-04-25,"Damian Put",linux,dos,0 -25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 - PMS.php Cross-Site Scripting",2005-04-25,deluxe89,php,webapps,0 +25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 - PMS.php Cross-site Scripting",2005-04-25,deluxe89,php,webapps,0 25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - Default.ASP Multiple SQL Injection",2005-04-25,Dcrab,asp,webapps,0 25530,platforms/asp/webapps/25530.txt,"OneWorldStore - IDOrder Information Disclosure",2005-04-25,Lostmon,asp,webapps,0 25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 - Set_Lang File Include",2005-04-26,"Max Cerny",php,webapps,0 25532,platforms/php/webapps/25532.txt,"Yappa-NG 1.x/2.x - Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 -25533,platforms/php/webapps/25533.txt,"Yappa-NG 1.x/2.x - Unspecified Cross-Site Scripting",2005-04-24,"James Bercegay",php,webapps,0 +25533,platforms/php/webapps/25533.txt,"Yappa-NG 1.x/2.x - Unspecified Cross-site Scripting",2005-04-24,"James Bercegay",php,webapps,0 25534,platforms/php/webapps/25534.txt,"SQWebmail 3.x/4.0 - HTTP Response Splitting",2005-04-15,Zinho,php,webapps,0 25535,platforms/php/webapps/25535.txt,"Invision Power Board 2.0.1 - QPid Parameter SQL Injection",2005-04-26,SVT,php,webapps,0 25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 - IntProdID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 @@ -22674,7 +22674,7 @@ id,file,description,date,author,platform,type,port 25543,platforms/asp/webapps/25543.txt,"MetaCart2 - SearchAction.ASP Multiple SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25544,platforms/asp/webapps/25544.txt,"MetaBid Auctions - intAuctionID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25545,platforms/php/webapps/25545.txt,"BBlog 0.7.4 - PostID Parameter SQL Injection",2004-04-26,jericho+bblog@attrition.org,php,webapps,0 -25546,platforms/windows/remote/25546.txt,"BEA WebLogic Server 8.1 / WebLogic Express Administration Console - Cross-Site Scripting",2005-04-26,"Alexander Kornbrust",windows,remote,0 +25546,platforms/windows/remote/25546.txt,"BEA WebLogic Server 8.1 / WebLogic Express Administration Console - Cross-site Scripting",2005-04-26,"Alexander Kornbrust",windows,remote,0 25547,platforms/linux/remote/25547.pl,"Convert-UUlib 1.04/1.05 Perl Module - Buffer Overflow",2005-04-26,CorryL,linux,remote,0 25548,platforms/php/webapps/25548.txt,"PHPCart - Input Validation",2005-04-27,Lostmon,php,webapps,0 25549,platforms/php/webapps/25549.txt,"Claroline 1.5/1.6 - toolaccess_details.php tool Parameter XSS",2005-04-27,"Sieg Fried",php,webapps,0 @@ -22683,18 +22683,18 @@ id,file,description,date,author,platform,type,port 25552,platforms/php/webapps/25552.txt,"Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection",2005-04-27,"Sieg Fried",php,webapps,0 25553,platforms/php/webapps/25553.txt,"Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection",2005-04-27,"Sieg Fried",php,webapps,0 25554,platforms/windows/local/25554.c,"Altiris Client 6.0.88 - Service Local Privilege Escalation",2005-04-27,"Reed Arvin",windows,local,0 -25555,platforms/php/webapps/25555.txt,"Dream4 Koobi CMS 4.2.3 - Index.php P Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 -25556,platforms/php/webapps/25556.txt,"Dream4 Koobi CMS 4.2.3 - Index.php Q Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 +25555,platforms/php/webapps/25555.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' P Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 +25556,platforms/php/webapps/25556.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' Q Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 25557,platforms/windows/remote/25557.txt,"HP OpenView Radia Management Portal 1.0/2.0 - Remote Command Execution",2005-04-28,"David Morgan",windows,remote,0 25558,platforms/php/webapps/25558.txt,"Notes Module for PHPBB - SQL Injection",2005-04-28,"James Bercegay",php,webapps,0 25559,platforms/multiple/remote/25559.txt,"Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass",2005-04-28,"Alexander Kornbrust",multiple,remote,0 -25560,platforms/php/webapps/25560.txt,"Just William's Amazon Webstore - Closeup.php Image Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 +25560,platforms/php/webapps/25560.txt,"Just William's Amazon Webstore - Closeup.php Image Parameter Cross-site Scripting",2005-04-28,Lostmon,php,webapps,0 25561,platforms/multiple/remote/25561.txt,"Oracle Application Server 9i Webcache - Arbitrary File Corruption",2005-04-28,"Alexander Kornbrust",multiple,remote,0 -25562,platforms/multiple/remote/25562.txt,"Oracle Application Server 9i - Webcache Cache_dump_file Cross-Site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 -25563,platforms/multiple/remote/25563.txt,"Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-Site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 -25564,platforms/php/webapps/25564.txt,"Just William's Amazon Webstore - CurrentIsExpanded Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 -25565,platforms/php/webapps/25565.txt,"Just William's Amazon Webstore - SearchFor Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 -25566,platforms/php/webapps/25566.txt,"Just William's Amazon Webstore - CurrentNumber Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 +25562,platforms/multiple/remote/25562.txt,"Oracle Application Server 9i - Webcache Cache_dump_file Cross-site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 +25563,platforms/multiple/remote/25563.txt,"Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 +25564,platforms/php/webapps/25564.txt,"Just William's Amazon Webstore - CurrentIsExpanded Parameter Cross-site Scripting",2005-04-28,Lostmon,php,webapps,0 +25565,platforms/php/webapps/25565.txt,"Just William's Amazon Webstore - SearchFor Parameter Cross-site Scripting",2005-04-28,Lostmon,php,webapps,0 +25566,platforms/php/webapps/25566.txt,"Just William's Amazon Webstore - CurrentNumber Parameter Cross-site Scripting",2005-04-28,Lostmon,php,webapps,0 25567,platforms/php/webapps/25567.txt,"Just William's Amazon Webstore - HTTP Response Splitting",2005-04-28,Lostmon,php,webapps,0 25568,platforms/php/webapps/25568.txt,"phpCOIN 1.2 - login.php phpcoinsessid Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 25569,platforms/php/webapps/25569.txt,"phpCOIN 1.2 Pages Module - Multiple Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 @@ -22718,9 +22718,9 @@ id,file,description,date,author,platform,type,port 25589,platforms/asp/webapps/25589.txt,"MaxWebPortal 1.3 - custom_link.asp Multiple Parameter SQL Injection",2005-05-02,s-dalili,asp,webapps,0 25590,platforms/php/webapps/25590.txt,"OSTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities",2005-05-03,"James Bercegay",php,webapps,0 25591,platforms/php/webapps/25591.txt,"SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities",2005-05-03,"James Bercegay",php,webapps,0 -25592,platforms/cgi/webapps/25592.txt,"WebCrossing WebX 5.0 - Cross-Site Scripting",2005-05-03,dr_insane,cgi,webapps,0 -25593,platforms/php/webapps/25593.txt,"Invision Power Board 2.0.3/2.1 - Act Parameter Cross-Site Scripting",2005-05-03,"arron ward",php,webapps,0 -25594,platforms/cgi/webapps/25594.txt,"Gossamer Threads Links 2.x - User.CGI Cross-Site Scripting",2005-05-04,"Nathan House",cgi,webapps,0 +25592,platforms/cgi/webapps/25592.txt,"WebCrossing WebX 5.0 - Cross-site Scripting",2005-05-03,dr_insane,cgi,webapps,0 +25593,platforms/php/webapps/25593.txt,"Invision Power Board 2.0.3/2.1 - Act Parameter Cross-site Scripting",2005-05-03,"arron ward",php,webapps,0 +25594,platforms/cgi/webapps/25594.txt,"Gossamer Threads Links 2.x - User.CGI Cross-site Scripting",2005-05-04,"Nathan House",cgi,webapps,0 25595,platforms/asp/webapps/25595.txt,"ASP Inline Corporate Calendar 3.6.3 - Defer.ASP SQL Injection",2005-05-04,Zinho,asp,webapps,0 25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 - Details.ASP SQL Injection",2005-05-04,Zinho,asp,webapps,0 25597,platforms/windows/remote/25597.txt,"Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure",2005-05-04,"Robert Fly",windows,remote,0 @@ -22733,28 +22733,28 @@ id,file,description,date,author,platform,type,port 25604,platforms/php/webapps/25604.txt,"FishCart 3.1 - upstnt.php cartid Parameter SQL Injection",2005-05-04,Dcrab,php,webapps,0 25605,platforms/php/webapps/25605.txt,"WordPress ProPlayer Plugin 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0 25606,platforms/php/webapps/25606.py,"Kimai 0.9.2.1306-3 - SQL Injection",2013-05-21,drone,php,webapps,0 -25607,platforms/windows/local/25607.py,"Ophcrack 3.5.0 - Local Code Execution BOF",2013-05-21,xis_one,windows,local,0 +25607,platforms/windows/local/25607.py,"Ophcrack 3.5.0 - Local Code Execution Buffer Overflow",2013-05-21,xis_one,windows,local,0 25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection",2013-05-21,Metasploit,hardware,remote,80 25609,platforms/hardware/remote/25609.rb,"D-Link DIR615h - OS Command Injection",2013-05-21,Metasploit,hardware,remote,80 25611,platforms/windows/dos/25611.txt,"Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0 30092,platforms/php/webapps/30092.txt,"FlashChat F_CMS 4.7.9 - Parameter Multiple Remote File Inclusion",2007-05-28,"Hasadya Raed",php,webapps,0 25820,platforms/linux/remote/25820.txt,"Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention",2005-06-14,d.schroeter@gmx.de,linux,remote,0 -25821,platforms/php/webapps/25821.txt,"Annuaire 1Two 1.0/1.1 - Index.php Cross-Site Scripting",2005-06-14,An0nym0uS,php,webapps,0 +25821,platforms/php/webapps/25821.txt,"Annuaire 1Two 1.0/1.1 - 'index.php' Cross-site Scripting",2005-06-14,An0nym0uS,php,webapps,0 25822,platforms/windows/remote/25822.xml,"Adobe Acrobat 7.0 / Adobe Reader 7.0 - File Existence and Disclosure",2005-06-15,"Sverre H. Huseby",windows,remote,0 25823,platforms/php/webapps/25823.txt,"McGallery 1.0/1.1 - Lang Argument File Disclosure",2005-06-15,D_BuG,php,webapps,0 25824,platforms/php/webapps/25824.txt,"PAFileDB 1.1.3/2.1.1/3.0/3.1 - Multiple Input Validation Vulnerabilities",2005-06-15,"GulfTech Security",php,webapps,0 -25825,platforms/php/webapps/25825.txt,"Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities",2005-06-16,"Alberto Trivero",php,webapps,0 -25612,platforms/php/webapps/25612.txt,"myBloggie 2.1 - index.php year Parameter XSS",2005-05-05,"Alberto Trivero",php,webapps,0 +25825,platforms/php/webapps/25825.txt,"Ultimate PHP Board 1.8/1.9 - Multiple Cross-site Scripting Vulnerabilities",2005-06-16,"Alberto Trivero",php,webapps,0 +25612,platforms/php/webapps/25612.txt,"myBloggie 2.1 - 'index.php' year Parameter XSS",2005-05-05,"Alberto Trivero",php,webapps,0 25613,platforms/multiple/remote/25613.txt,"Oracle 9i/10g - Database Fine Grained Audit Logging Failure",2005-05-05,"Alexander Kornbrust",multiple,remote,0 25614,platforms/php/webapps/25614.txt,"MidiCart PHP - Search_List.php SearchString Parameter SQL Injection",2005-05-05,Exoduks,php,webapps,0 25615,platforms/php/webapps/25615.txt,"MidiCart PHP - Item_List.php MainGroup Parameter SQL Injection",2005-05-05,Exoduks,php,webapps,0 25616,platforms/php/webapps/25616.txt,"MidiCart PHP - Item_List.php SecondGroup Parameter SQL Injection",2005-05-05,Exoduks,php,webapps,0 25617,platforms/php/webapps/25617.txt,"MidiCart PHP - Item_Show.php Code_No Parameter SQL Injection",2005-05-05,Exoduks,php,webapps,0 -25618,platforms/php/webapps/25618.txt,"MidiCart PHP - Search_List.php SearchString Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 -25619,platforms/php/webapps/25619.txt,"MidiCart PHP - Item_List.php SecondGroup Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 -25620,platforms/php/webapps/25620.txt,"MidiCart PHP - Item_List.php Maingroup Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 +25618,platforms/php/webapps/25618.txt,"MidiCart PHP - Search_List.php SearchString Parameter Cross-site Scripting",2005-05-05,Exoduks,php,webapps,0 +25619,platforms/php/webapps/25619.txt,"MidiCart PHP - Item_List.php SecondGroup Parameter Cross-site Scripting",2005-05-05,Exoduks,php,webapps,0 +25620,platforms/php/webapps/25620.txt,"MidiCart PHP - Item_List.php Maingroup Parameter Cross-site Scripting",2005-05-05,Exoduks,php,webapps,0 25621,platforms/windows/remote/25621.txt,"software602 602 lan suite 2004 - Directory Traversal",2005-05-05,dr_insane,windows,remote,0 -25622,platforms/cgi/webapps/25622.txt,"MegaBook 2.0/2.1 - Admin.CGI EntryID Cross-Site Scripting",2005-05-05,"Spy Hat",cgi,webapps,0 +25622,platforms/cgi/webapps/25622.txt,"MegaBook 2.0/2.1 - Admin.CGI EntryID Cross-site Scripting",2005-05-05,"Spy Hat",cgi,webapps,0 25623,platforms/php/webapps/25623.txt,"CJ Ultra Plus 1.0.3/1.0.4 - OUT.php SQL Injection",2005-05-06,Kold,php,webapps,0 25624,platforms/unix/remote/25624.c,"Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (1)",2005-05-06,"Luca Ercoli",unix,remote,0 25625,platforms/unix/remote/25625.c,"Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (2)",2005-05-11,K-sPecial,unix,remote,0 @@ -22762,7 +22762,7 @@ id,file,description,date,author,platform,type,port 25627,platforms/php/remote/25627.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Upload",2005-05-06,tjomi4,php,remote,0 25628,platforms/jsp/webapps/25628.txt,"PHPBB 2.0.x - URL Tag BBCode.php",2005-05-09,Papados,jsp,webapps,0 25629,platforms/windows/dos/25629.pl,"Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow",2008-05-08,Samsta,windows,dos,0 -25630,platforms/php/webapps/25630.txt,"Advanced Guestbook 2.3.1/2.4 - Index.php Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 +25630,platforms/php/webapps/25630.txt,"Advanced Guestbook 2.3.1/2.4 - 'index.php' Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 25631,platforms/windows/dos/25631.txt,"Orenosv HTTP/FTP Server 0.8.1 - CGISSI.EXE Remote Buffer Overflow",2005-05-09,"Tan Chew Keong",windows,dos,0 25632,platforms/cgi/webapps/25632.txt,"Easy Message Board - Directory Traversal",2005-05-09,"SoulBlack Group",cgi,webapps,0 25633,platforms/windows/dos/25633.txt,"AOL Instant Messenger 4.x/5.x - Smiley Icon Location Remote Denial of Service",2005-05-09,fjlj@wvi.com,windows,dos,0 @@ -22771,35 +22771,35 @@ id,file,description,date,author,platform,type,port 25636,platforms/windows/local/25636.txt,"Positive Software H-Sphere Winbox 2.4 - Sensitive Logfile Content Disclosure",2005-05-09,"Morning Wood",windows,local,0 25637,platforms/php/webapps/25637.txt,"CodeThatShoppingCart 1.3.1 - catalog.php id Parameter XSS",2005-05-09,Lostmon,php,webapps,0 25638,platforms/php/webapps/25638.txt,"CodeThatShoppingCart 1.3.1 - catalog.php id Parameter SQL Injection",2005-05-09,Lostmon,php,webapps,0 -25639,platforms/php/webapps/25639.txt,"PWSPHP 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-05-09,"SecuBox fRoGGz",php,webapps,0 +25639,platforms/php/webapps/25639.txt,"PWSPHP 1.2 - Multiple Cross-site Scripting Vulnerabilities",2005-05-09,"SecuBox fRoGGz",php,webapps,0 25640,platforms/php/webapps/25640.txt,"PWSPHP 1.1/1.2 - Profil.php SQL Injection",2005-05-09,"SecuBox fRoGGz",php,webapps,0 25641,platforms/php/webapps/25641.txt,"WowBB 1.6 - View_User.php SQL Injection",2005-05-10,Megasky,php,webapps,0 -25642,platforms/php/webapps/25642.txt,"NukeET 3.0/3.1 - Base64 Codigo Variable Cross-Site Scripting",2005-05-10,"Suko and Lostmon",php,webapps,0 +25642,platforms/php/webapps/25642.txt,"NukeET 3.0/3.1 - Base64 Codigo Variable Cross-site Scripting",2005-05-10,"Suko and Lostmon",php,webapps,0 25643,platforms/windows/remote/25643.txt,"GeoVision Digital Surveillance System 6.0 4/6.1 - Unauthorized JPEG Image Access",2005-05-10,"Tirath Rai",windows,remote,0 25644,platforms/php/webapps/25644.txt,"e107 Website System 0.617 - Request.php Directory Traversal",2005-05-10,Heintz,php,webapps,0 25645,platforms/php/webapps/25645.txt,"e107 Website System 0.617 - Forum_viewforum.php SQL Injection",2005-05-10,Heintz,php,webapps,0 -25646,platforms/windows/remote/25646.txt,"MyServer 0.8 - Cross-Site Scripting",2005-05-10,dr_insane,windows,remote,0 +25646,platforms/windows/remote/25646.txt,"MyServer 0.8 - Cross-site Scripting",2005-05-10,dr_insane,windows,remote,0 25647,platforms/linux/dos/25647.sh,"Linux Kernel 2.2.x / 2.3.x / 2.4.x / 2.5.x / 2.6.x - ELF Core Dump Local Buffer Overflow",2005-05-11,"Paul Starzetz",linux,dos,0 25648,platforms/cgi/remote/25648.txt,"neteyes nexusway border gateway - Multiple Vulnerabilities",2005-05-11,pokley,cgi,remote,0 25649,platforms/cgi/webapps/25649.txt,"showoff! digital media software 1.5.4 - Multiple Vulnerabilities",2011-05-11,dr_insane,cgi,webapps,0 -25650,platforms/php/webapps/25650.txt,"Open Solution Quick.Cart 0.3 - Index.php Cross-Site Scripting",2005-05-11,Lostmon,php,webapps,0 +25650,platforms/php/webapps/25650.txt,"Open Solution Quick.Cart 0.3 - 'index.php' Cross-site Scripting",2005-05-11,Lostmon,php,webapps,0 25651,platforms/asp/webapps/25651.txt,"MaxWebPortal 1.3x - post.asp Multiple Parameter XSS",2005-05-11,Zinho,asp,webapps,0 25652,platforms/windows/remote/25652.txt,"APG Technology ClassMaster - Unauthorized Folder Access",2005-05-12,"Alex Garrett",windows,remote,0 25653,platforms/php/webapps/25653.txt,"DirectTopics 2 - Topic.php SQL Injection",2005-05-12,"Morinex Eneco",php,webapps,0 -25654,platforms/php/webapps/25654.txt,"Ultimate PHP Board 1.8/1.9 - ViewForum.php Cross-Site Scripting",2005-05-13,"Morinex Eneco",php,webapps,0 +25654,platforms/php/webapps/25654.txt,"Ultimate PHP Board 1.8/1.9 - ViewForum.php Cross-site Scripting",2005-05-13,"Morinex Eneco",php,webapps,0 25655,platforms/php/webapps/25655.txt,"Ultimate PHP Board 1.8/1.9 - ViewForum.php SQL Injection",2005-05-13,"Morinex Eneco",php,webapps,0 25656,platforms/php/webapps/25656.txt,"OpenBB 1.0.8 - Read.php SQL Injection",2005-05-13,Megasky,php,webapps,0 -25657,platforms/php/webapps/25657.txt,"OpenBB 1.0.8 - Member.php Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 +25657,platforms/php/webapps/25657.txt,"OpenBB 1.0.8 - Member.php Cross-site Scripting",2005-05-13,Megasky,php,webapps,0 25658,platforms/windows/dos/25658.txt,"Yahoo! Messenger 5.x/6.0 - URL Handler Remote Denial of Service",2005-05-13,"Torseq Tech",windows,dos,0 -25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 -25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 +25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-site Scripting",2005-05-13,Megasky,php,webapps,0 +25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-site Scripting",2005-05-13,Megasky,php,webapps,0 25661,platforms/asp/webapps/25661.txt,"Keyvan1 ImageGallery - Database Download",2005-05-01,"g0rellazz G0r",asp,webapps,0 25662,platforms/php/webapps/25662.txt,"Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 25663,platforms/php/webapps/25663.txt,"Shop-Script - CategoryID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25664,platforms/php/webapps/25664.txt,"Shop-Script - ProductID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module - Directory Traversal",2005-05-16,pokley,php,webapps,0 25666,platforms/cgi/webapps/25666.txt,"PServ 3.2 - Remote Source Code Disclosure",2005-05-16,"Claus R. F. Overbeck",cgi,webapps,0 -25667,platforms/asp/webapps/25667.txt,"MetaCart E-Shop - ProductsByCategory.ASP Cross-Site Scripting",2005-05-16,"Dedi Dwianto",asp,webapps,0 +25667,platforms/asp/webapps/25667.txt,"MetaCart E-Shop - ProductsByCategory.ASP Cross-site Scripting",2005-05-16,"Dedi Dwianto",asp,webapps,0 25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 - Sigmaweb.DLL SQL Injection",2005-05-16,"mehran gashtasebi",cgi,webapps,0 25669,platforms/linux/remote/25669.txt,"pserv 3.2 - Directory Traversal",2005-05-16,"Claus R. F. Overbeck",linux,remote,0 25670,platforms/multiple/remote/25670.html,"Mozilla Suite And Firefox - DOM Property Overrides Code Execution",2005-05-16,moz_bug_r_a4,multiple,remote,0 @@ -22814,14 +22814,14 @@ id,file,description,date,author,platform,type,port 25679,platforms/php/webapps/25679.txt,"JGS-Portal 3.0.1/3.0.2 - jgs_portal_sponsor.php id Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25680,platforms/windows/dos/25680.txt,"War Times - Remote Game Server Denial of Service",2005-05-17,"Luigi Auriemma",windows,dos,0 25681,platforms/php/webapps/25681.php,"FusionPHP Fusion News 3.3/3.6 - X-ForwordedFor PHP Script Code Injection",2005-05-24,"Network security team",php,webapps,0 -25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - Post.php Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0 +25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - Post.php Cross-site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router - Remote Authentication Bypass",2005-05-19,"Francesco Orro",hardware,remote,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 - API MimeMessage Infromation Disclosure",2005-05-19,"Ricky Latt",jsp,webapps,0 25686,platforms/php/webapps/25686.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Include",2005-05-19,"Ingvar Gilbert",php,webapps,0 25687,platforms/freebsd/remote/25687.c,"Picasm 1.10/1.12 - Error Generation Remote Buffer Overflow",2005-05-20,"Shaun Colley",freebsd,remote,0 25688,platforms/linux/local/25688.txt,"Gedit 2.x - Filename Format String",2005-05-30,jsk:exworm,linux,local,0 -25689,platforms/php/webapps/25689.txt,"EJ3 TOPo 2.2 - Multiple Index.php Cross-Site Scripting Vulnerabilities",2003-05-20,Lostmon,php,webapps,0 +25689,platforms/php/webapps/25689.txt,"EJ3 TOPo 2.2 - Multiple Index.php Cross-site Scripting Vulnerabilities",2003-05-20,Lostmon,php,webapps,0 25690,platforms/php/webapps/25690.pl,"PortailPHP 1.3 - ID Parameter SQL Injection",2005-05-23,"CENSORED Search Vulnerabilities",php,webapps,0 25691,platforms/multiple/remote/25691.txt,"Warrior Kings 1.3 And Warrior Kings: Battles 1.23 - Remote Format String",2005-05-23,"Luigi Auriemma",multiple,remote,0 25692,platforms/multiple/dos/25692.txt,"Warrior Kings: Battles 1.23 - Remote Denial of Service",2005-05-23,"Luigi Auriemma",multiple,dos,0 @@ -22833,8 +22833,8 @@ id,file,description,date,author,platform,type,port 25697,platforms/windows/remote/25697.txt,"Blue Coat Reporter 7.0/7.1 - Remote Privilege Escalation",2005-05-24,"Oliver Karow",windows,remote,0 25698,platforms/windows/remote/25698.txt,"Blue Coat Reporter 7.0/7.1 - License HTML Injection",2005-05-24,"Oliver Karow",windows,remote,0 25699,platforms/windows/dos/25699.txt,"Gearbox Software Halo Game Server 1.06/1.07 - Infinite Loop Denial of Service",2005-05-24,"Luigi Auriemma",windows,dos,0 -25700,platforms/asp/webapps/25700.txt,"Spread The Word - Multiple Cross-Site Scripting Vulnerabilities",2005-05-24,Lostmon,asp,webapps,0 -25701,platforms/asp/webapps/25701.txt,"Spread The Word - Multiple SQL Injection",2005-05-24,Lostmon,asp,webapps,0 +25700,platforms/asp/webapps/25700.txt,"Spread The Word - Multiple Cross-site Scripting Vulnerabilities",2005-05-24,Lostmon,asp,webapps,0 +25701,platforms/asp/webapps/25701.txt,"Spread The Word - Multiple SQL Injections",2005-05-24,Lostmon,asp,webapps,0 25702,platforms/java/webapps/25702.txt,"Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities",2005-05-24,"Ricky Latt",java,webapps,0 25703,platforms/solaris/local/25703.txt,"Active News Manager - LOGIN.ASP SQL Injection",2005-05-25,Romty,solaris,local,0 25704,platforms/php/webapps/25704.txt,"PHP Poll Creator 1.0.1 - Poll_Vote.php Remote File Inclusion",2005-05-25,"rash ilusion",php,webapps,0 @@ -22849,14 +22849,14 @@ id,file,description,date,author,platform,type,port 25713,platforms/windows/remote/25713.txt,"SIEMENS Solid Edge ST4/ST5 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx RCE",2013-05-26,rgod,windows,remote,0 25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 25715,platforms/hardware/webapps/25715.py,"HP LaserJet Pro P1606dn - Webadmin Password Reset",2013-05-26,m3tamantra,hardware,webapps,0 -25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module param) Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 +25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module parameter) Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 -25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - CSRF",2013-05-26,"Henry Hoggard",php,webapps,0 +25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - Cross-site Request Forgery",2013-05-26,"Henry Hoggard",php,webapps,0 25723,platforms/php/webapps/25723.txt,"WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25724,platforms/php/webapps/25724.txt,"WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25725,platforms/windows/local/25725.rb,"AdobeCollabSync - Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,Metasploit,windows,local,0 -25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - (menager.php playlist_id param) SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 +25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - (menager.php playlist_id parameter) SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 - add_review.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25728,platforms/php/webapps/25728.txt,"BookReview 1.0 - add_contents.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25729,platforms/php/webapps/25729.txt,"BookReview 1.0 - suggest_category.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 @@ -22868,9 +22868,9 @@ id,file,description,date,author,platform,type,port 25735,platforms/php/webapps/25735.txt,"BookReview 1.0 - suggest_review.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25736,platforms/hardware/dos/25736.txt,"Nokia 9500 - vCard Viewer Remote Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 25737,platforms/windows/dos/25737.txt,"Microsoft Windows 98SE - User32.DLL Icon Handling Denial of Service",2005-05-26,klistas,windows,dos,0 -25738,platforms/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 -25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 -25740,platforms/php/webapps/25740.txt,"JAWS Glossary 0.4/0.5 - Cross-Site Scripting",2005-05-27,Nah,php,webapps,0 +25738,platforms/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 +25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 +25740,platforms/php/webapps/25740.txt,"JAWS Glossary 0.4/0.5 - Cross-site Scripting",2005-05-27,Nah,php,webapps,0 25741,platforms/php/webapps/25741.bat,"Invision Power Board 1.x - Unauthorized Access",2005-05-28,V[i]RuS,php,webapps,0 25742,platforms/php/webapps/25742.txt,"NPDS 4.8 - /5.0 admin.php language Parameter XSS",2005-05-28,NoSP,php,webapps,0 25743,platforms/php/webapps/25743.txt,"NPDS 4.8 - /5.0 powerpack_f.php language Parameter XSS",2005-05-28,NoSP,php,webapps,0 @@ -22906,29 +22906,29 @@ id,file,description,date,author,platform,type,port 25774,platforms/php/webapps/25774.txt,"Qualiteam X-Cart 4.0.8 - giftcert.php Multiple Parameter SQL Injection",2005-05-30,"CENSORED Search Vulnerabilities",php,webapps,0 25819,platforms/php/webapps/25819.txt,"FusionBB 0.x - Multiple Input Validation Vulnerabilities",2005-06-13,"James Bercegay",php,webapps,0 33411,platforms/php/webapps/33411.txt,"iSupport 1.8 - ticket_function.php Multiple Parameter XSS",2009-12-16,"Stink and Essandre",php,webapps,0 -33412,platforms/php/webapps/33412.txt,"iSupport 1.8 - index.php which Parameter XSS",2009-12-16,"Stink and Essandre",php,webapps,0 -33413,platforms/php/webapps/33413.txt,"Pluxml-Blog 4.2 - 'core/admin/auth.php' Cross-Site Scripting",2009-12-17,Metropolis,php,webapps,0 -33414,platforms/php/remote/33414.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (1)",2009-12-17,hello@iwamot.com,php,remote,0 -33415,platforms/php/remote/33415.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (2)",2009-12-17,hello@iwamot.com,php,remote,0 +33412,platforms/php/webapps/33412.txt,"iSupport 1.8 - 'index.php' which Parameter XSS",2009-12-16,"Stink and Essandre",php,webapps,0 +33413,platforms/php/webapps/33413.txt,"Pluxml-Blog 4.2 - 'core/admin/auth.php' Cross-site Scripting",2009-12-17,Metropolis,php,webapps,0 +33414,platforms/php/remote/33414.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-site Scripting (1)",2009-12-17,hello@iwamot.com,php,remote,0 +33415,platforms/php/remote/33415.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-site Scripting (2)",2009-12-17,hello@iwamot.com,php,remote,0 33416,platforms/php/webapps/33416.txt,"QuiXplorer 2.x - 'lang' Parameter Local File Inclusion",2009-12-17,"Juan Galiana Lara",php,webapps,0 -33417,platforms/php/webapps/33417.txt,"cPanel 11.x - 'fileop' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-17,RENO,php,webapps,0 +33417,platforms/php/webapps/33417.txt,"cPanel 11.x - 'fileop' Parameter Multiple Cross-site Scripting Vulnerabilities",2009-12-17,RENO,php,webapps,0 33418,platforms/php/webapps/33418.txt,"Joomla! 'com_joomportfolio' Component - 'secid' Parameter SQL Injection",2009-12-17,"Fl0riX and Snakespc",php,webapps,0 33419,platforms/php/webapps/33419.txt,"F3Site 2009 - mod/poll.php GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,"cr4wl3r ",php,webapps,0 33420,platforms/php/webapps/33420.txt,"F3Site 2009 - mod/new.php GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,"cr4wl3r ",php,webapps,0 33421,platforms/php/webapps/33421.txt,"Ampache 3.4.3 - 'login.php' Multiple SQL Injection",2009-12-18,R3d-D3V!L,php,webapps,0 -33422,platforms/php/webapps/33422.txt,"JBC Explorer 7.20 - 'arbre.php' Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 +33422,platforms/php/webapps/33422.txt,"JBC Explorer 7.20 - 'arbre.php' Cross-site Scripting",2009-12-20,Metropolis,php,webapps,0 33423,platforms/hardware/remote/33423.txt,"Barracuda Web Application Firewall 660 - 'cgi-mod/index.cgi' Multiple HTML Injection Vulnerabilities",2009-12-19,Global-Evolution,hardware,remote,0 -33424,platforms/php/webapps/33424.txt,"Kasseler CMS 1.3.4 Lite - Multiple Cross-Site Scripting Vulnerabilities",2009-12-21,Gamoscu,php,webapps,0 +33424,platforms/php/webapps/33424.txt,"Kasseler CMS 1.3.4 Lite - Multiple Cross-site Scripting Vulnerabilities",2009-12-21,Gamoscu,php,webapps,0 33425,platforms/php/webapps/33425.py,"SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation",2014-05-19,"Gregory DRAPERI",php,webapps,80 25777,platforms/php/webapps/25777.txt,"PowerDownload 3.0.2/3.0.3 - IncDir Remote File Inclusion",2005-05-31,"SoulBlack Group",php,webapps,0 -25778,platforms/php/webapps/25778.txt,"Calendarix 0.8.20071118 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2005-05-31,DarkBicho,php,webapps,0 -25779,platforms/php/webapps/25779.txt,"MyBB - Multiple Cross-Site Scripting / SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 +25778,platforms/php/webapps/25778.txt,"Calendarix 0.8.20071118 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2005-05-31,DarkBicho,php,webapps,0 +25779,platforms/php/webapps/25779.txt,"MyBB - Multiple Cross-site Scripting / SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 25780,platforms/asp/webapps/25780.txt,"JiRo's Upload System 1.0 - Login.ASP SQL Injection",2005-06-01,Romty,asp,webapps,0 25781,platforms/asp/webapps/25781.txt,"NEXTWEB - (i)Site Login.ASP SQL Injection",2005-06-01,"Jim Pangalos",asp,webapps,0 25782,platforms/windows/dos/25782.txt,"HP OpenView Radia 2.0/3.1/4.0 - Notify Daemon Multiple Remote Buffer Overflow Vulnerabilities",2005-06-01,"John Cartwright",windows,dos,0 25783,platforms/asp/webapps/25783.txt,"Livingcolor Livingmailing 1.3 - LOGIN.ASP SQL Injection",2005-06-01,"Dj romty",asp,webapps,0 25784,platforms/windows/remote/25784.txt,"Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation",2005-06-01,"Benjamin Tobias Franz",windows,remote,0 -25785,platforms/asp/webapps/25785.txt,"Liberum Help Desk 0.97.3 - Multiple SQL Injection",2005-06-02,"Dedi Dwianto",asp,webapps,0 +25785,platforms/asp/webapps/25785.txt,"Liberum Help Desk 0.97.3 - Multiple SQL Injections",2005-06-02,"Dedi Dwianto",asp,webapps,0 25786,platforms/php/webapps/25786.txt,"MWChat 6.7 - Start_Lobby.php Remote File Inclusion",2005-06-03,Status-x,php,webapps,0 25787,platforms/php/webapps/25787.txt,"LiteWeb Server 2.5 - Authentication Bypass",2005-06-03,"Ziv Kamir",php,webapps,0 25788,platforms/php/webapps/25788.txt,"Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion",2005-06-03,"Leon Juranic",php,webapps,0 @@ -22936,17 +22936,17 @@ id,file,description,date,author,platform,type,port 25790,platforms/asp/webapps/25790.txt,"WWWeb Concepts Events System 1.0 - login.asp SQL Injection",2005-06-06,Romty,asp,webapps,0 25791,platforms/multiple/dos/25791.txt,"Rakkarsoft RakNet 2.33 - Remote Denial of Service",2005-06-06,"Luigi Auriemma",multiple,dos,0 25792,platforms/php/webapps/25792.txt,"YaPiG 0.9x - Remote File Inclusion / Local File Inclusion",2005-06-06,anonymous,php,webapps,0 -25793,platforms/php/webapps/25793.txt,"YaPiG 0.9x - View.php Cross-Site Scripting",2005-06-06,anonymous,php,webapps,0 +25793,platforms/php/webapps/25793.txt,"YaPiG 0.9x - View.php Cross-site Scripting",2005-06-06,anonymous,php,webapps,0 25794,platforms/php/webapps/25794.txt,"YaPiG 0.9x - Upload.php Directory Traversal",2005-06-06,anonymous,php,webapps,0 25795,platforms/asp/webapps/25795.txt,"Early Impact ProductCart 2.6/2.7 - viewPrd.asp idcategory Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 25796,platforms/asp/webapps/25796.txt,"Early Impact ProductCart 2.6/2.7 - editCategories.asp lid Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 25797,platforms/asp/webapps/25797.txt,"Early Impact ProductCart 2.6/2.7 - modCustomCardPaymentOpt.asp idc Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 25798,platforms/asp/webapps/25798.txt,"Early Impact ProductCart 2.6/2.7 - OptionFieldsEdit.asp idccr Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 -25799,platforms/php/webapps/25799.txt,"FlatNuke 2.5.x - index.php where Variable Path Disclosure",2005-06-07,SecWatch,php,webapps,0 +25799,platforms/php/webapps/25799.txt,"FlatNuke 2.5.x - 'index.php' where Variable Path Disclosure",2005-06-07,SecWatch,php,webapps,0 25800,platforms/php/webapps/25800.txt,"FlatNuke 2.5.x - help.php Multiple Parameter XSS",2005-06-07,SecWatch,php,webapps,0 25801,platforms/php/webapps/25801.php,"FlatNuke 2.5.x - referer.php Crafted Referer Arbitrary PHP Code Execution",2005-06-07,SecWatch,php,webapps,0 25802,platforms/linux/remote/25802.txt,"C.J. Steele Tattle - Remote Command Execution",2005-06-07,b0iler,linux,remote,0 -25803,platforms/php/webapps/25803.txt,"Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-06-08,"Dedi Dwianto",php,webapps,0 +25803,platforms/php/webapps/25803.txt,"Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-site Scripting Vulnerabilities",2005-06-08,"Dedi Dwianto",php,webapps,0 25804,platforms/asp/webapps/25804.txt,"Loki Download Manager 2.0 - Default.ASP SQL Injection",2005-06-08,hack_912,asp,webapps,0 25805,platforms/asp/webapps/25805.txt,"Loki Download Manager 2.0 - Catinfo.ASP SQL Injection",2005-06-08,hack_912,asp,webapps,0 25806,platforms/php/webapps/25806.txt,"Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection",2005-06-09,"James Bercegay",php,webapps,0 @@ -22978,23 +22978,23 @@ id,file,description,date,author,platform,type,port 25842,platforms/multiple/remote/25842.txt,"JBoss 3.x/4.0.2 - Malformed HTTP Request Remote Information Disclosure",2005-06-17,"Marc Schoenefeld",multiple,remote,0 25843,platforms/asp/webapps/25843.txt,"Ublog Reload 1.0.5 - index.asp Multiple Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 25844,platforms/asp/webapps/25844.txt,"Ublog Reload 1.0.5 - blog_comment.asp y Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 -25845,platforms/asp/webapps/25845.txt,"Uapplication Ublog Reload 1.0.5 - Trackback.ASP Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 -25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 +25845,platforms/asp/webapps/25845.txt,"Uapplication Ublog Reload 1.0.5 - Trackback.ASP Cross-site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 +25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - User Parameter Cross-site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - LOGIN.ASP SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 - Database Unauthorized Access",2005-06-20,james,php,webapps,0 25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation (newvalue) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts - Arbitrary Remote Command Execution Vulnerabilities",2005-08-21,sullo@cirt.net,cgi,webapps,0 -26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.CGI Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 +26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.CGI Cross-site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 26291,platforms/asp/webapps/26291.txt,"Mall23 - AddItem.ASP SQL Injection",2005-08-21,SmOk3,asp,webapps,0 26292,platforms/osx/dos/26292.html,"Microsoft Internet Explorer 5.2.3 for Mac OS - Denial of Service",2005-08-22,"Mella Marco",osx,dos,0 25851,platforms/windows/remote/25851.rb,"Lianja SQL 1.0.0RC5.1 - db_netserver Stack Buffer Overflow",2013-05-31,Metasploit,windows,remote,8001 25852,platforms/multiple/dos/25852.py,"ModSecurity - Remote Null Pointer Dereference",2013-05-31,"Younes JAAIDI",multiple,dos,0 25853,platforms/asp/webapps/25853.txt,"I-Gallery - Folder Argument Directory Traversal",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 -25854,platforms/php/webapps/25854.txt,"PAFaq - Question Cross-Site Scripting",2005-06-20,"James Bercegay",php,webapps,0 -25855,platforms/asp/webapps/25855.txt,"I-Gallery - Folder Argument Cross-Site Scripting",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 +25854,platforms/php/webapps/25854.txt,"PAFaq - Question Cross-site Scripting",2005-06-20,"James Bercegay",php,webapps,0 +25855,platforms/asp/webapps/25855.txt,"I-Gallery - Folder Argument Cross-site Scripting",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 25856,platforms/php/webapps/25856.txt,"PAFaq - Administrator Username SQL Injection",2005-06-20,"James Bercegay",php,webapps,0 25857,platforms/php/webapps/25857.txt,"RaXnet Cacti 0.5/0.6/0.8 - Config_Settings.php Remote File Inclusion",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 -25858,platforms/asp/webapps/25858.txt,"DUware DUportal 3.4.3 Pro - Multiple SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 +25858,platforms/asp/webapps/25858.txt,"DUware DUportal 3.4.3 Pro - Multiple SQL Injections",2005-06-22,"Dedi Dwianto",asp,webapps,0 25859,platforms/php/webapps/25859.txt,"RaXnet Cacti 0.5/0.6/0.8 - Top_Graph_Header.php Remote File Inclusion",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 25860,platforms/php/webapps/25860.txt,"DUware DUamazon Pro 3.0/3.1 - type.asp iType Parameter SQL Injection",2005-06-22,"Dedi Dwianto",php,webapps,0 25861,platforms/php/webapps/25861.txt,"DUware DUamazon Pro 3.0/3.1 - productDelete.asp iCat Parameter SQL Injection",2005-06-22,"Dedi Dwianto",php,webapps,0 @@ -23011,7 +23011,7 @@ id,file,description,date,author,platform,type,port 25872,platforms/asp/webapps/25872.txt,"DUware DUclassmate 1.x - default.asp iState Parameter SQL Injection",2005-06-01,"Dedi Dwianto",asp,webapps,0 25873,platforms/asp/webapps/25873.txt,"DUware DUclassmate 1.x - edit.asp iPro Parameter SQL Injection",2005-06-01,"Dedi Dwianto",asp,webapps,0 25874,platforms/asp/webapps/25874.txt,"Ipswitch WhatsUp Professional 2005 SP1 - LOGIN.ASP SQL Injection",2005-06-22,anonymous,asp,webapps,0 -25875,platforms/php/webapps/25875.txt,"Whois.Cart 2.2.x - Profile.php Cross-Site Scripting",2005-06-23,"Elzar Stuffenbach",php,webapps,0 +25875,platforms/php/webapps/25875.txt,"Whois.Cart 2.2.x - Profile.php Cross-site Scripting",2005-06-23,"Elzar Stuffenbach",php,webapps,0 25876,platforms/php/webapps/25876.txt,"CarLine Forum Russian Board 4.2 - menu_footer.php Multiple Parameter XSS",2005-06-23,1dt.w0lf,php,webapps,0 25877,platforms/php/webapps/25877.txt,"CarLine Forum Russian Board 4.2 - IMG Tag XSS",2005-06-23,1dt.w0lf,php,webapps,0 25878,platforms/php/webapps/25878.txt,"CarLine Forum Russian Board 4.2 - menu_header.php Multiple Parameter XSS",2005-06-23,1dt.w0lf,php,webapps,0 @@ -23019,7 +23019,7 @@ id,file,description,date,author,platform,type,port 25880,platforms/php/webapps/25880.txt,"CarLine Forum Russian Board 4.2 - search.php text_poisk Parameter XSS",2005-06-23,1dt.w0lf,php,webapps,0 25881,platforms/php/webapps/25881.txt,"CarLine Forum Russian Board 4.2 - set.php name_ig_array[] Parameter XSS",2005-06-23,1dt.w0lf,php,webapps,0 25882,platforms/php/webapps/25882.txt,"CarLine Forum Russian Board 4.2 - reply.php Multiple Parameter XSS",2005-06-23,1dt.w0lf,php,webapps,0 -25883,platforms/windows/local/25883.txt,"BOINC Manager (Seti@home) 7.0.64 - Field SEH based BOF",2013-06-02,xis_one,windows,local,0 +25883,platforms/windows/local/25883.txt,"BOINC Manager (Seti@home) 7.0.64 - Field SEH based Buffer Overflow",2013-06-02,xis_one,windows,local,0 26288,platforms/linux/remote/26288.txt,"Mozilla Browser/Firefox - Arbitrary Command Execution",2005-09-20,"eter Zelezny",linux,remote,0 25884,platforms/php/webapps/25884.txt,"CarLine Forum Russian Board 4.2 - new.php Multiple Parameter XSS",2005-06-23,1dt.w0lf,php,webapps,0 25885,platforms/php/webapps/25885.txt,"CarLine Forum Russian Board 4.2 - edit_msg.php Multiple Parameter XSS",2005-06-23,1dt.w0lf,php,webapps,0 @@ -23047,10 +23047,10 @@ id,file,description,date,author,platform,type,port 25907,platforms/asp/webapps/25907.txt,"ASPNuke 0.80 - Language_Select.ASP HTTP Response Splitting",2005-06-27,"Alberto Trivero",asp,webapps,0 25908,platforms/asp/webapps/25908.txt,"ASPPlayground.NET 3.2 SR1 - Remote Arbitrary File Upload",2005-06-27,Psycho,asp,webapps,0 25909,platforms/php/webapps/25909.txt,"Mensajeitor 1.8.9 - IP Parameter HTML Injection",2005-06-27,Megabyte,php,webapps,0 -25910,platforms/asp/webapps/25910.txt,"Community Server Forums - 'SearchResults.aspx' Cross-Site Scripting",2005-06-28,abducter_minds@yahoo.com,asp,webapps,0 +25910,platforms/asp/webapps/25910.txt,"Community Server Forums - 'SearchResults.aspx' Cross-site Scripting",2005-06-28,abducter_minds@yahoo.com,asp,webapps,0 25911,platforms/windows/dos/25911.py,"BisonFTP 4R1 - Remote Denial of Service",2005-06-28,fRoGGz,windows,dos,0 25912,platforms/windows/local/25912.c,"Microsoft Windows NT/2000/XP/2003/Vista/2008/7/8 - Local Ring Exploit (EPATHOBJ)",2013-06-03,"Tavis Ormandy",windows,local,0 -25913,platforms/asp/webapps/25913.txt,"Hosting Controller 6.1 - Error.ASP Cross-Site Scripting",2005-06-28,"Ashiyane Digital Security Team",asp,webapps,0 +25913,platforms/asp/webapps/25913.txt,"Hosting Controller 6.1 - Error.ASP Cross-site Scripting",2005-06-28,"Ashiyane Digital Security Team",asp,webapps,0 25914,platforms/asp/webapps/25914.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - Login.ASP SQL Injection",2005-06-28,basher13,asp,webapps,0 25915,platforms/php/webapps/25915.py,"PHD Help Desk 2.12 - SQL Injection",2013-06-03,drone,php,webapps,0 25927,platforms/php/webapps/25927.pl,"RaXnet Cacti 0.5/0.6.x/0.8.x - Graph_Image.php Remote Command Execution Variant",2005-07-01,"Alberto Trivero",php,webapps,0 @@ -23072,43 +23072,43 @@ id,file,description,date,author,platform,type,port 25932,platforms/php/webapps/25932.txt,"EasyPHPCalendar 6.1.5/6.2.x - setupSQL.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25933,platforms/windows/remote/25933.txt,"slimserve httpd 1.0/1.1 - Directory Traversal",2001-03-04,se00020,windows,remote,0 25934,platforms/php/webapps/25934.txt,"Plague News System 0.7 - CID Parameter SQL Injection",2005-07-04,Easyex,php,webapps,0 -25935,platforms/php/webapps/25935.txt,"Plague News System 0.7 - CID Parameter Cross-Site Scripting",2005-07-04,Easyex,php,webapps,0 +25935,platforms/php/webapps/25935.txt,"Plague News System 0.7 - CID Parameter Cross-site Scripting",2005-07-04,Easyex,php,webapps,0 25936,platforms/windows/dos/25936.pl,"PlanetDNS PlanetFileServer - Remote Buffer Overflow",2005-06-28,fRoGGz,windows,dos,0 25937,platforms/php/webapps/25937.txt,"Plague News System 0.7 - Delete.php Access Restriction Bypass",2005-07-04,Easyex,php,webapps,0 25938,platforms/php/webapps/25938.txt,"phpPgAdmin 3.x - Login Form Directory Traversal",2005-07-05,rznvynqqe@hushmail.com,php,webapps,0 25939,platforms/cgi/webapps/25939.txt,"GlobalNoteScript 4.20 - Read.CGI Remote Command Execution",2005-07-05,AcidCrash,cgi,webapps,0 -25940,platforms/php/webapps/25940.txt,"AutoIndex PHP Script 1.5.2 - Index.php Cross-Site Scripting",2005-07-05,mozako,php,webapps,0 +25940,platforms/php/webapps/25940.txt,"AutoIndex PHP Script 1.5.2 - 'index.php' Cross-site Scripting",2005-07-05,mozako,php,webapps,0 25941,platforms/php/webapps/25941.txt,"MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion",2005-07-05,"SoulBlack Group",php,webapps,0 25942,platforms/php/webapps/25942.txt,"JAWS 0.x - Remote File Inclusion",2005-07-06,"Stefan Esser",php,webapps,0 25943,platforms/linux/dos/25943.txt,"OFTPD 0.3.x - User Command Buffer Overflow",2005-07-06,new.security@gmail.com,linux,dos,0 25944,platforms/multiple/remote/25944.txt,"IBM Lotus Domino Notes 6.0/6.5 - Mail Template Automatic Script Execution",2005-07-06,shalom@venera.com,multiple,remote,0 -25945,platforms/php/webapps/25945.txt,"phpWebsite 0.7.3/0.8.x/0.9.x - Index.php Directory Traversal",2005-07-06,"Diabolic Crab",php,webapps,0 +25945,platforms/php/webapps/25945.txt,"phpWebsite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal",2005-07-06,"Diabolic Crab",php,webapps,0 25946,platforms/jsp/webapps/25946.txt,"McAfee IntruShield Security Management System - Multiple Vulnerabilities",2005-07-06,c0ntex,jsp,webapps,0 25947,platforms/linux/local/25947.txt,"GNU GNATS 4.0/4.1 - Gen-Index Arbitrary Local File Disclosure/Overwrite",2005-07-06,pi3ki31ny,linux,local,0 25950,platforms/cgi/webapps/25950.pl,"eRoom 6.0 PlugIn - Insecure File Download Handling",2005-07-06,c0ntex,cgi,webapps,0 -25951,platforms/php/webapps/25951.txt,"Elemental Software CartWIZ 1.20 - Multiple SQL Injection",2005-07-07,"Diabolic Crab",php,webapps,0 +25951,platforms/php/webapps/25951.txt,"Elemental Software CartWIZ 1.20 - Multiple SQL Injections",2005-07-07,"Diabolic Crab",php,webapps,0 25952,platforms/cgi/webapps/25952.txt,"Pngren 2.0.1 - Kaiseki.CGI Remote Command Execution",2005-07-07,blahplok,cgi,webapps,0 -25953,platforms/asp/webapps/25953.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injection",2005-07-07,"Diabolic Crab",asp,webapps,0 +25953,platforms/asp/webapps/25953.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injections",2005-07-07,"Diabolic Crab",asp,webapps,0 25954,platforms/php/webapps/25954.txt,"phpauction 2.5 - Multiple Vulnerabilities",2005-07-07,Dcrab,php,webapps,0 25955,platforms/php/webapps/25955.txt,"PhotoGal 1.0/1.5 - News_File Remote File Inclusion",2005-07-07,"skdaemon porra",php,webapps,0 -25956,platforms/asp/webapps/25956.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0 +25956,platforms/asp/webapps/25956.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-site Scripting Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0 25957,platforms/php/webapps/25957.txt,"PunBB 1.x - Profile.php User Profile Edit Module SQL Injection",2005-07-08,"Stefan Esser",php,webapps,0 25958,platforms/php/webapps/25958.txt,"ID Team ID Board 1.1.3 - SQL.CLS.php SQL Injection",2005-07-10,Defa,php,webapps,0 25959,platforms/php/webapps/25959.txt,"Spid 1.3 - lang_path File Include",2005-07-11,"skdaemon porra",php,webapps,0 25960,platforms/php/webapps/25960.txt,"PPA 0.5.6 - ppa_root_path File Include",2005-07-10,"skdaemon porra",php,webapps,0 25961,platforms/windows/local/25961.c,"SoftiaCom WMailserver 1.0 - Local Information Disclosure",2005-07-09,fRoGGz,windows,local,0 25962,platforms/asp/dos/25962.xml,"Microsoft ASP.NET 1.0/1.1 - RPC/Encoded Remote Denial of Service",2005-07-12,"Bryan Sullivan",asp,dos,0 -25963,platforms/asp/webapps/25963.txt,"Dragonfly Commerce 1.0 - Multiple SQL Injection",2005-07-12,"Diabolic Crab",asp,webapps,0 +25963,platforms/asp/webapps/25963.txt,"Dragonfly Commerce 1.0 - Multiple SQL Injections",2005-07-12,"Diabolic Crab",asp,webapps,0 25964,platforms/php/webapps/25964.c,"PHPsFTPd 0.2/0.4 - Inc.Login.php Privilege Escalation",2005-07-11,"Stefan Lochbihler",php,webapps,0 -25965,platforms/asp/webapps/25965.txt,"DVBBS 7.1 - ShowErr.ASP Cross-Site Scripting",2005-07-12,rUnViRuS,asp,webapps,0 +25965,platforms/asp/webapps/25965.txt,"DVBBS 7.1 - ShowErr.ASP Cross-site Scripting",2005-07-12,rUnViRuS,asp,webapps,0 25966,platforms/hardware/remote/25966.txt,"Nokia Affix 2.0/2.1/3.x - BTSRV/BTOBEX Remote Command Execution",2005-07-12,"Kevin Finisterre",hardware,remote,0 25967,platforms/hardware/dos/25967.txt,"Cisco CallManager 1.0/2.0/3.x/4.0 - CTI Manager Remote Denial of Service",2005-07-12,"Jeff Fay",hardware,dos,0 25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 25969,platforms/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 25970,platforms/linux/remote/25970.py,"Exim sender_address Parameter - RCE Exploit",2013-06-05,eKKiM,linux,remote,0 -25971,platforms/php/webapps/25971.txt,"Cuppa CMS - (alertConfigField.php urlConfig param) Remote/Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 +25971,platforms/php/webapps/25971.txt,"Cuppa CMS - (alertConfigField.php urlConfig parameter) Remote/Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 -25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 - (tinybrowser.php folder param) Path Traversal",2013-06-05,expl0i13r,php,webapps,0 +25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 - (tinybrowser.php folder parameter) Path Traversal",2013-06-05,expl0i13r,php,webapps,0 25974,platforms/osx/dos/25974.txt,"Mac OS X Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution",2013-06-05,Metasploit,linux,remote,5555 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 @@ -23116,45 +23116,45 @@ id,file,description,date,author,platform,type,port 25978,platforms/hardware/webapps/25978.txt,"Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",hardware,webapps,80 25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content - CheckOutAndOpen.dll ActiveX Remote Code Execution",2013-06-05,Metasploit,windows,remote,0 25980,platforms/multiple/remote/25980.rb,"Apache Struts - includeParams Remote Code Execution",2013-06-05,Metasploit,multiple,remote,8080 -25981,platforms/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injection",2005-07-13,"Soroush Dalili",asp,webapps,0 -25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 - Forum.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 -25983,platforms/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 - User.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 -25984,platforms/cfm/webapps/25984.txt,"Simple Message Board 2.0 beta1 - Thread.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 -25985,platforms/cfm/webapps/25985.txt,"Simple Message Board 2.0 beta1 - Search.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25981,platforms/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injections",2005-07-13,"Soroush Dalili",asp,webapps,0 +25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 - Forum.CFM Cross-site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25983,platforms/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 - User.CFM Cross-site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25984,platforms/cfm/webapps/25984.txt,"Simple Message Board 2.0 beta1 - Thread.CFM Cross-site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25985,platforms/cfm/webapps/25985.txt,"Simple Message Board 2.0 beta1 - Search.CFM Cross-site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 25986,platforms/php/remote/25986.txt,"Plesk < 9.5.4 - Remote Exploit (0Day)",2013-06-05,kingcope,php,remote,0 25987,platforms/hardware/remote/25987.txt,"Xpient - Cash Drawer Operation",2013-06-05,"Core Security",hardware,remote,0 25988,platforms/multiple/remote/25988.txt,"Oracle9i Application Server 9.0.2 - MOD_ORADAV Access Control",2003-02-13,"David Litchfield",multiple,remote,0 25989,platforms/windows/remote/25989.txt,"Nullsoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow",2005-07-15,"Leon Juranic",windows,remote,0 -25990,platforms/php/webapps/25990.txt,"Clever Copy 2.0 - Calendar.php Cross-Site Scripting",2005-07-15,Lostmon,php,webapps,0 +25990,platforms/php/webapps/25990.txt,"Clever Copy 2.0 - Calendar.php Cross-site Scripting",2005-07-15,Lostmon,php,webapps,0 25991,platforms/windows/dos/25991.txt,"Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering Unspecified Buffer Overflow",2005-07-15,"Michal Zalewski",windows,dos,0 25992,platforms/windows/dos/25992.txt,"Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering CMP Fencepost Denial of Service",2005-07-15,"Michal Zalewski",windows,dos,0 25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 - Insecure Temporary File Creation",2005-07-18,"Giovanni Delvecchio",linux,local,0 25994,platforms/php/webapps/25994.txt,"OSCommerce 2.2 - Update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 - Nested BBCode URL Tag Script Injection",2005-07-18,"Nick Griffin",php,webapps,0 -25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Stored XSS",2013-06-07,expl0i13r,php,webapps,0 -25997,platforms/php/webapps/25997.txt,"tForum b0.9 - Member.php Cross-Site Scripting",2005-07-18,wannacut,php,webapps,0 +25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Persistent Cross-site Scripting",2013-06-07,expl0i13r,php,webapps,0 +25997,platforms/php/webapps/25997.txt,"tForum b0.9 - Member.php Cross-site Scripting",2005-07-18,wannacut,php,webapps,0 25998,platforms/hardware/webapps/25998.txt,"Asus RT56U 3.0.0.4.360 - Remote Command Injection",2013-06-07,drone,hardware,webapps,0 25999,platforms/windows/remote/25999.rb,"Microsoft Internet Explorer - textNode Use-After-Free (Metasploit)",2013-06-07,"Scott Bell",windows,remote,0 26001,platforms/java/webapps/26001.txt,"Novell GroupWise 6.5 WebAccess - HTML Injection",2005-07-15,"Francisco Amato",java,webapps,0 26002,platforms/multiple/remote/26002.txt,"Oracle Reports Server 6.0.8/9.0.x - XML File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 26003,platforms/multiple/remote/26003.txt,"Oracle Reports Server 6.0.8/9.0.x - Arbitrary File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 -26004,platforms/multiple/remote/26004.txt,"Oracle Reports Server 10g 9.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-19,"Alexander Kornbrust",multiple,remote,0 +26004,platforms/multiple/remote/26004.txt,"Oracle Reports Server 10g 9.0.2 - Multiple Cross-site Scripting Vulnerabilities",2005-07-19,"Alexander Kornbrust",multiple,remote,0 26005,platforms/windows/dos/26005.pl,"Alt-N MDaemon 8.0 - IMAP Server CREATE Remote Buffer Overflow",2005-07-19,kcope,windows,dos,0 26006,platforms/multiple/remote/26006.txt,"Oracle Reports Server 6.0.8/9.0.x - Unauthorized Report Execution",2005-07-19,"Alexander Kornbrust",multiple,remote,0 -26007,platforms/php/webapps/26007.txt,"PHP Ticket System Beta 1 - CSRF",2013-06-07,"Pablo Ribeiro",php,webapps,0 +26007,platforms/php/webapps/26007.txt,"PHP Ticket System Beta 1 - Cross-site Request Forgery",2013-06-07,"Pablo Ribeiro",php,webapps,0 26293,platforms/php/webapps/26293.txt,"JPortal 2.2.1/2.3.1 - Download.php SQL Injection",2005-08-21,krasza,php,webapps,0 26294,platforms/php/webapps/26294.txt,"PHPMyFAQ 1.5.1 - Password.php SQL Injection",2005-08-23,retrogod@aliceposta.it,php,webapps,0 -26295,platforms/php/webapps/26295.txt,"PHPMyFAQ 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-23,rgod,php,webapps,0 +26295,platforms/php/webapps/26295.txt,"PHPMyFAQ 1.5.1 - Multiple Cross-site Scripting Vulnerabilities",2005-09-23,rgod,php,webapps,0 26296,platforms/php/webapps/26296.txt,"PHPMyFAQ 1.5.1 - Local File Inclusion",2005-08-23,rgod,php,webapps,0 -26009,platforms/php/webapps/26009.txt,"AfterLogic WebMail Lite PHP 7.0.1 - CSRF",2013-06-07,"Pablo Ribeiro",php,webapps,0 +26009,platforms/php/webapps/26009.txt,"AfterLogic WebMail Lite PHP 7.0.1 - Cross-site Request Forgery",2013-06-07,"Pablo Ribeiro",php,webapps,0 26010,platforms/windows/dos/26010.py,"Quick TFTP Server 2.2 - Denial of Service",2013-06-07,npn,windows,dos,0 26012,platforms/windows/remote/26012.rb,"Novell Zenworks Mobile Device Managment - Local File Inclusion",2013-06-07,Metasploit,windows,remote,80 26013,platforms/multiple/remote/26013.txt,"Oracle Forms 10g/ 6i/9i/4.5.10/5.0/6.0.8 Services - Unauthorized Form Execution",2005-07-19,"Alexander Kornbrust",multiple,remote,0 -26014,platforms/php/webapps/26014.txt,"FForm Sender 1.0 - Processform.php3 Name Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 -26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 - Processform.php3 Failed Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 +26014,platforms/php/webapps/26014.txt,"FForm Sender 1.0 - Processform.php3 Name Cross-site Scripting",2005-07-19,rgod,php,webapps,0 +26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 - Processform.php3 Failed Cross-site Scripting",2005-07-19,rgod,php,webapps,0 26016,platforms/php/webapps/26016.txt,"PHPNews 1.2.x - Auth.php SQL Injection",2005-07-20,GHC,php,webapps,0 26017,platforms/cgi/webapps/26017.txt,"Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities",2005-07-20,"Mark Pilgrim",cgi,webapps,0 -26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 +26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-site Scripting",2005-07-21,rgod,php,webapps,0 26019,platforms/php/webapps/26019.txt,"Contrexx 1.0.4 - Multiple Input Validation Vulnerabilities",2005-07-22,"Christopher Kunz",php,webapps,0 26020,platforms/php/webapps/26020.txt,"Asn Guestbook 1.5 - header.php version Parameter XSS",2005-07-22,rgod,php,webapps,0 26021,platforms/php/webapps/26021.txt,"Asn Guestbook 1.5 - footer.php version Parameter XSS",2005-07-22,rgod,php,webapps,0 @@ -23169,10 +23169,10 @@ id,file,description,date,author,platform,type,port 26030,platforms/php/webapps/26030.txt,"Netquery 3.1 - portlist.php portnum Parameter XSS",2005-07-25,rgod,php,webapps,0 26031,platforms/php/webapps/26031.txt,"VBZoom Forum 1.11 - Show.php SQL Injection",2005-07-26,abducter_minds@yahoo.com,php,webapps,0 26032,platforms/windows/remote/26032.html,"SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection",2005-07-26,QQLan@yandex.ru,windows,remote,0 -26033,platforms/asp/webapps/26033.txt,"CartWIZ 1.10/1.20 - ViewCart.ASP Cross-Site Scripting",2005-07-26,Zinho,asp,webapps,0 -26034,platforms/php/webapps/26034.txt,"NETonE PHPBook 1.4.6 - Guestbook.php Cross-Site Scripting",2005-07-26,rgod,php,webapps,0 +26033,platforms/asp/webapps/26033.txt,"CartWIZ 1.10/1.20 - ViewCart.ASP Cross-site Scripting",2005-07-26,Zinho,asp,webapps,0 +26034,platforms/php/webapps/26034.txt,"NETonE PHPBook 1.4.6 - Guestbook.php Cross-site Scripting",2005-07-26,rgod,php,webapps,0 26035,platforms/windows/remote/26035.txt,"Advanced Guestbook 2.2/2.3 - User-Agent HTML Injection",2005-01-22,Carbonize,windows,remote,0 -26036,platforms/php/webapps/26036.txt,"PNG Counter 1.0 - Demo.php Cross-Site Scripting",2005-07-26,ArCaX-ATH,php,webapps,0 +26036,platforms/php/webapps/26036.txt,"PNG Counter 1.0 - Demo.php Cross-site Scripting",2005-07-26,ArCaX-ATH,php,webapps,0 26037,platforms/php/webapps/26037.txt,"Clever Copy 2.0 - results.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 26038,platforms/php/webapps/26038.txt,"Clever Copy 2.0 - categorysearch.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 26039,platforms/php/webapps/26039.txt,"BMForum 3.0 - topic.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 @@ -23182,41 +23182,41 @@ id,file,description,date,author,platform,type,port 26043,platforms/php/webapps/26043.txt,"Clever Copy 2.0 - Private Message Unauthorized Access",2005-07-27,Lostmon,php,webapps,0 26044,platforms/windows/remote/26044.txt,"MDaemon 8.0 - Content Filter Directory Traversal",2005-07-27,"Tan Chew Keong",windows,remote,0 26045,platforms/php/webapps/26045.txt,"PHPList 2.8.12 - Admin Page SQL Injection",2005-07-28,tgo,php,webapps,0 -26046,platforms/cgi/webapps/26046.txt,"@Mail 4.0/4.13 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-28,Lostmon,cgi,webapps,0 -26047,platforms/php/webapps/26047.txt,"Easypx41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 +26046,platforms/cgi/webapps/26046.txt,"@Mail 4.0/4.13 - Multiple Cross-site Scripting Vulnerabilities",2005-07-28,Lostmon,cgi,webapps,0 +26047,platforms/php/webapps/26047.txt,"Easypx41 - Multiple Cross-site Scripting Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26048,platforms/php/webapps/26048.txt,"Easypx41 - Multiple Variable Injection Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26049,platforms/php/webapps/26049.txt,"VBZoom 1.0/1.11 - profile.php UserName Parameter XSS",2005-07-29,almaster,php,webapps,0 26050,platforms/php/webapps/26050.txt,"VBZoom 1.0/1.11 - login.php UserID Parameter XSS",2005-07-29,almaster,php,webapps,0 -26051,platforms/php/webapps/26051.txt,"Kayako LiveResponse 2.0 - index.php username Parameter XSS",2005-07-30,"James Bercegay",php,webapps,0 -26052,platforms/php/webapps/26052.txt,"Kayako LiveResponse 2.0 - index.php Calendar Feature Multiple Parameter SQL Injection",2005-07-30,"James Bercegay",php,webapps,0 +26051,platforms/php/webapps/26051.txt,"Kayako LiveResponse 2.0 - 'index.php' username Parameter XSS",2005-07-30,"James Bercegay",php,webapps,0 +26052,platforms/php/webapps/26052.txt,"Kayako LiveResponse 2.0 - 'index.php' Calendar Feature Multiple Parameter SQL Injection",2005-07-30,"James Bercegay",php,webapps,0 26053,platforms/php/webapps/26053.txt,"PluggedOut CMS 0.4.8 - admin.php contenttypeid Parameter SQL Injection",2005-09-30,FalconDeOro,php,webapps,0 26054,platforms/php/webapps/26054.txt,"PluggedOut CMS 0.4.8 - admin.php XSS",2005-09-30,FalconDeOro,php,webapps,0 26055,platforms/php/webapps/26055.txt,"Ragnarok Online Control Panel 4.3.4 a - Authentication Bypass",2005-07-30,VaLiuS,php,webapps,0 26056,platforms/php/webapps/26056.txt,"MySQL AB Eventum 1.x - view.php id Parameter XSS",2005-08-01,"James Bercegay",php,webapps,0 26057,platforms/php/webapps/26057.txt,"MySQL AB Eventum 1.x - list.php release Parameter XSS",2005-08-01,"James Bercegay",php,webapps,0 26058,platforms/php/webapps/26058.txt,"MySQL AB Eventum 1.x - get_jsrs_data.php F Parameter XSS",2005-08-01,"James Bercegay",php,webapps,0 -26059,platforms/php/webapps/26059.txt,"PHPFreeNews 1.x - Multiple Cross-Site Scripting Vulnerabilities",2005-08-01,rgod,php,webapps,0 -26060,platforms/cfm/webapps/26060.txt,"AderSoftware CFBB 1.1 - Index.CFM Cross-Site Scripting",2005-08-01,rUnViRuS,cfm,webapps,0 +26059,platforms/php/webapps/26059.txt,"PHPFreeNews 1.x - Multiple Cross-site Scripting Vulnerabilities",2005-08-01,rgod,php,webapps,0 +26060,platforms/cfm/webapps/26060.txt,"AderSoftware CFBB 1.1 - Index.CFM Cross-site Scripting",2005-08-01,rUnViRuS,cfm,webapps,0 26061,platforms/php/webapps/26061.txt,"PHPFreeNews 1.x - Admin Login SQL Injection",2005-08-01,rgod,php,webapps,0 26062,platforms/php/webapps/26062.txt,"OpenBook 1.2.2 - Admin.php SQL Injection",2005-08-01,SVT,php,webapps,0 -26063,platforms/php/webapps/26063.txt,"Naxtor Shopping Cart 1.0 - Lost_password.php Cross-Site Scripting",2005-08-02,"John Cobb",php,webapps,0 +26063,platforms/php/webapps/26063.txt,"Naxtor Shopping Cart 1.0 - Lost_password.php Cross-site Scripting",2005-08-02,"John Cobb",php,webapps,0 26064,platforms/php/webapps/26064.txt,"Naxtor Shopping Cart 1.0 - Shop_Display_Products.php SQL Injection",2005-08-02,"John Cobb",php,webapps,0 -26065,platforms/cfm/webapps/26065.txt,"Fusebox 4.1 - Index.CFM Cross-Site Scripting",2005-08-03,N.N.P,cfm,webapps,0 +26065,platforms/cfm/webapps/26065.txt,"Fusebox 4.1 - Index.CFM Cross-site Scripting",2005-08-03,N.N.P,cfm,webapps,0 26066,platforms/cgi/webapps/26066.txt,"Karrigell 1.x/2.0/2.1 - .KS File Arbitrary Python Command Execution",2005-07-31,"Radovan Garabík",cgi,webapps,0 26067,platforms/php/webapps/26067.txt,"Web Content Management - validsession.php strRootpath Parameter XSS",2005-08-03,rgod,php,webapps,0 26068,platforms/php/webapps/26068.txt,"Web Content Management - List.php strTable Parameter XSS",2005-08-03,rgod,php,webapps,0 -26069,platforms/asp/webapps/26069.txt,"Naxtor E-directory 1.0 - Message.ASP Cross-Site Scripting",2005-08-03,basher13,asp,webapps,0 +26069,platforms/asp/webapps/26069.txt,"Naxtor E-directory 1.0 - Message.ASP Cross-site Scripting",2005-08-03,basher13,asp,webapps,0 26070,platforms/asp/webapps/26070.txt,"Naxtor E-directory 1.0 - Default.ASP SQL Injection",2005-08-03,basher13,asp,webapps,0 -26071,platforms/multiple/remote/26071.txt,"NetworkActiv Web Server 1.0/2.0/3.0/3.5 - Cross-Site Scripting",2005-08-04,"Secunia Research",multiple,remote,0 -26072,platforms/php/webapps/26072.txt,"PortailPHP 2.4 - Index.php SQL Injection",2005-08-04,abducter_minds@yahoo.com,php,webapps,0 +26071,platforms/multiple/remote/26071.txt,"NetworkActiv Web Server 1.0/2.0/3.0/3.5 - Cross-site Scripting",2005-08-04,"Secunia Research",multiple,remote,0 +26072,platforms/php/webapps/26072.txt,"PortailPHP 2.4 - 'index.php' SQL Injection",2005-08-04,abducter_minds@yahoo.com,php,webapps,0 26073,platforms/jsp/webapps/26073.txt,"Resin Application Server 4.0.36 - Source Code Disclosure",2013-06-10,LiquidWorm,jsp,webapps,0 -26332,platforms/multiple/remote/26332.txt,"Oracle 9 - XML DB Cross-Site Scripting",2005-10-07,"Alexander Kornbrust",multiple,remote,0 +26332,platforms/multiple/remote/26332.txt,"Oracle 9 - XML DB Cross-site Scripting",2005-10-07,"Alexander Kornbrust",multiple,remote,0 26327,platforms/php/webapps/26327.txt,"Utopia News Pro 1.1.3 - header.php sitetitle Parameter XSS",2005-10-07,rgod,php,webapps,0 26075,platforms/hardware/remote/26075.txt,"MobileIron Virtual Smartphone Platform - Privilege Escalation Exploit",2013-06-10,prdelka,hardware,remote,0 26076,platforms/hardware/dos/26076.py,"Cisco ASA < 8.4.4.6 & 8.2.5.32 - Ethernet Information Leak",2013-06-10,prdelka,hardware,dos,0 26077,platforms/php/webapps/26077.txt,"concrete5 CMS 5.6.1.2 - Multiple Vulnerabilities",2013-06-10,expl0i13r,php,webapps,0 26297,platforms/php/webapps/26297.txt,"PHPMyFAQ 1.5.1 - Logs Unauthorized Access",2005-08-23,rgod,php,webapps,0 -26298,platforms/php/webapps/26298.txt,"CMS Made Simple 0.10 - Index.php Cross-Site Scripting",2005-09-26,X1ngBox,php,webapps,0 +26298,platforms/php/webapps/26298.txt,"CMS Made Simple 0.10 - 'index.php' Cross-site Scripting",2005-09-26,X1ngBox,php,webapps,0 26299,platforms/windows/remote/26299.c,"multitheftauto 0.5 - Multiple Vulnerabilities",2005-09-26,"Luigi Auriemma",windows,remote,0 26079,platforms/php/webapps/26079.txt,"Comdev ECommerce 3.0 - Config.php Remote File Inclusion",2005-08-05,anonymous,php,webapps,0 26080,platforms/php/webapps/26080.txt,"Comdev eCommerce 3.0 - WCE.Download.php Directory Traversal",2005-08-05,anonymous,php,webapps,0 @@ -23243,19 +23243,19 @@ id,file,description,date,author,platform,type,port 26101,platforms/linux/remote/26101.txt,"EMC Navisphere Manager 6.x - Directory Traversal And Information Disclosure Vulnerabilities",2005-08-05,anonymous,linux,remote,0 26102,platforms/php/webapps/26102.txt,"PHP-Fusion 4.0/5.0/6.0 - Messages.php SQL Injection",2005-08-06,almaster,php,webapps,0 26103,platforms/php/webapps/26103.txt,"SysCP 1.2.x - Multiple Script Execution Vulnerabilities",2005-08-08,"Christopher Kunz",php,webapps,0 -26104,platforms/php/webapps/26104.html,"Invision Power Board 1.0.3 - Attached File Cross-Site Scripting",2005-08-08,V[i]RuS,php,webapps,0 -26105,platforms/php/webapps/26105.html,"E107 Website System 0.6 - Attached File Cross-Site Scripting",2005-08-08,edward11,php,webapps,0 +26104,platforms/php/webapps/26104.html,"Invision Power Board 1.0.3 - Attached File Cross-site Scripting",2005-08-08,V[i]RuS,php,webapps,0 +26105,platforms/php/webapps/26105.html,"E107 Website System 0.6 - Attached File Cross-site Scripting",2005-08-08,edward11,php,webapps,0 26106,platforms/php/webapps/26106.txt,"Gravity Board X 1.1 - Login SQL Injection",2005-08-08,rgod,php,webapps,0 26107,platforms/asp/webapps/26107.txt,"Dvbbs 7.1/8.2 - dispbbs.asp page Parameter XSS",2005-08-08,Lostmon,asp,webapps,0 26108,platforms/asp/webapps/26108.txt,"Dvbbs 7.1/8.2 - dispuser.asp name Parameter XSS",2005-08-08,Lostmon,asp,webapps,0 26109,platforms/asp/webapps/26109.txt,"Dvbbs 7.1/8.2 - boardhelp.asp Multiple Parameter XSS",2005-08-08,Lostmon,asp,webapps,0 -26110,platforms/php/webapps/26110.txt,"Gravity Board X 1.1 - DeleteThread.php Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 +26110,platforms/php/webapps/26110.txt,"Gravity Board X 1.1 - DeleteThread.php Cross-site Scripting",2005-08-08,rgod,php,webapps,0 26111,platforms/php/webapps/26111.txt,"Gravity Board X 1.1 - CSS Template Unauthorized Access",2005-08-08,rgod,php,webapps,0 26112,platforms/php/webapps/26112.txt,"PHP Lite Calendar Express 2.2 - login.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 26113,platforms/php/webapps/26113.txt,"PHP Lite Calendar Express 2.2 - auth.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 26114,platforms/php/webapps/26114.txt,"PHP Lite Calendar Express 2.2 - subscribe.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 -26115,platforms/php/webapps/26115.txt,"Calendar Express 2.2 - Search.php Cross-Site Scripting",2005-08-08,almaster,php,webapps,0 -26116,platforms/php/webapps/26116.txt,"Chipmunk CMS 1.3 - Fontcolor Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 +26115,platforms/php/webapps/26115.txt,"Calendar Express 2.2 - Search.php Cross-site Scripting",2005-08-08,almaster,php,webapps,0 +26116,platforms/php/webapps/26116.txt,"Chipmunk CMS 1.3 - Fontcolor Cross-site Scripting",2005-08-08,rgod,php,webapps,0 26117,platforms/php/webapps/26117.txt,"FunkBoard 0.66 - editpost.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26118,platforms/php/webapps/26118.txt,"FunkBoard 0.66 - prefs.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26119,platforms/php/webapps/26119.txt,"FunkBoard 0.66 - newtopic.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 @@ -23264,40 +23264,40 @@ id,file,description,date,author,platform,type,port 26122,platforms/php/webapps/26122.txt,"FunkBoard 0.66 - register.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26123,platforms/multiple/remote/26123.rb,"Java - Web Start Double Quote Injection Remote Code Execution (Metasploit)",2013-06-11,Rh0,multiple,remote,0 26124,platforms/php/webapps/26124.txt,"WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 -26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c - (editor.php mapname param) Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 +26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c - (editor.php mapname parameter) Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 26126,platforms/php/webapps/26126.txt,"NanoBB 0.7 - Multiple Vulnerabilities",2013-06-11,"CWH Underground",php,webapps,0 -26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injection",2005-08-09,admin@batznet.com,php,webapps,0 +26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injections",2005-08-09,admin@batznet.com,php,webapps,0 26128,platforms/osx/dos/26128.html,"Apple Safari 1.3 Web Browser - JavaScript Invalid Address Denial of Service",2005-08-09,"Patrick Webster",osx,dos,0 -26129,platforms/hardware/webapps/26129.txt,"Buffalo WZR-HP-G300NH2 - CSRF",2013-06-11,"Prayas Kulshrestha",hardware,webapps,0 +26129,platforms/hardware/webapps/26129.txt,"Buffalo WZR-HP-G300NH2 - Cross-site Request Forgery",2013-06-11,"Prayas Kulshrestha",hardware,webapps,0 26130,platforms/windows/dos/26130.py,"WinRadius 2.11 - Denial of Service",2013-06-11,npn,windows,dos,0 26131,platforms/linux/local/26131.c,"Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Local Root Exploit (2)",2013-06-11,"Andrea Bittau",linux,local,0 26132,platforms/php/webapps/26132.txt,"Fobuc Guestbook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 26133,platforms/windows/dos/26133.py,"Sami FTP Server 2.0.1 - RETR Denial of Service",2013-06-11,Chako,windows,dos,21 26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box - ConnectToSynactic Stack Buffer Overflow",2013-06-11,Metasploit,windows,remote,0 26135,platforms/multiple/remote/26135.rb,"Java Applet - Driver Manager Privileged toString() Remote Code Execution",2013-06-11,Metasploit,multiple,remote,0 -26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - (edit_event.php eventid param) SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 +26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - (edit_event.php eventid parameter) SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 26137,platforms/windows/dos/26137.py,"Syslog Server 1.2.3 - Crash PoC",2013-06-12,npn,windows,dos,0 26138,platforms/hardware/dos/26138.txt,"Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow",2013-06-12,"Core Security",hardware,dos,554 26139,platforms/windows/dos/26139.txt,"Gaim AIM/ICQ Protocols - Multiple Vulnerabilities",2005-08-10,"Brandon Perry",windows,dos,0 -26140,platforms/php/webapps/26140.txt,"ezUpload 2.2 - index.php path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 +26140,platforms/php/webapps/26140.txt,"ezUpload 2.2 - 'index.php' path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26141,platforms/php/webapps/26141.txt,"ezUpload 2.2 - initialize.php path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26142,platforms/php/webapps/26142.txt,"ezUpload 2.2 - customize.php path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 26143,platforms/php/webapps/26143.txt,"ezUpload 2.2 - form.php path Parameter Remote File Inclusion",2005-08-10,"Johnnie Walker",php,webapps,0 -26144,platforms/php/webapps/26144.txt,"PHPTB Topic Board 2.0 - index.php mid Parameter SQL Injection",2005-08-10,abducter_minds@yahoo.com,php,webapps,0 +26144,platforms/php/webapps/26144.txt,"PHPTB Topic Board 2.0 - 'index.php' mid Parameter SQL Injection",2005-08-10,abducter_minds@yahoo.com,php,webapps,0 26145,platforms/multiple/dos/26145.c,"Wyse Winterm 1125SE 4.2/4.4 - Remote Denial of Service",2005-08-10,"Piotr Chytla",multiple,dos,0 -26146,platforms/php/webapps/26146.txt,"VegaDNS 0.8.1/0.9.8/0.9.9 - Index.php Cross-Site Scripting",2005-08-10,dyn0,php,webapps,0 -26147,platforms/php/webapps/26147.txt,"MyBulletinBoard RC4 - index.php Username Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 +26146,platforms/php/webapps/26146.txt,"VegaDNS 0.8.1/0.9.8/0.9.9 - 'index.php' Cross-site Scripting",2005-08-10,dyn0,php,webapps,0 +26147,platforms/php/webapps/26147.txt,"MyBulletinBoard RC4 - 'index.php' Username Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26148,platforms/php/webapps/26148.txt,"MyBulletinBoard RC4 - member.php Multiple Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26149,platforms/php/webapps/26149.txt,"MyBulletinBoard RC4 - polls.php polloptions Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26150,platforms/php/webapps/26150.txt,"MyBulletinBoard RC4 - search.php action Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26151,platforms/windows/remote/26151.txt,"Isemarket JaguarControl - ActiveX Control Buffer Overflow",2005-08-13,"Tacettin Karadeniz",windows,remote,0 -26152,platforms/osx/remote/26152.txt,"Apple Mac OS X 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 -26153,platforms/php/webapps/26153.txt,"My Image Gallery 1.4.1 - index.php Multiple Parameter XSS",2005-08-16,anonymous,php,webapps,0 +26152,platforms/osx/remote/26152.txt,"Apple Mac OS X 10.4 Weblog Server - Cross-site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 +26153,platforms/php/webapps/26153.txt,"My Image Gallery 1.4.1 - 'index.php' Multiple Parameter XSS",2005-08-16,anonymous,php,webapps,0 26154,platforms/asp/webapps/26154.txt,"PersianBlog - Userslist.ASP SQL Injection",2005-08-16,trueend5,asp,webapps,0 -26155,platforms/php/webapps/26155.txt,"Soft4e ECW-Shop 6.0.2 - Index.php SQL Injection",2005-08-16,"John Cobb",php,webapps,0 +26155,platforms/php/webapps/26155.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' SQL Injection",2005-08-16,"John Cobb",php,webapps,0 26156,platforms/asp/webapps/26156.txt,"CPaint 1.3 - xmlhttp Request Input Validation",2005-08-16,"Thor Larholm",asp,webapps,0 -26157,platforms/php/webapps/26157.txt,"ECW Shop 6.0.2 - Index.php Cross-Site Scripting",2005-08-16,"John Cobb",php,webapps,0 -26158,platforms/php/webapps/26158.txt,"Soft4e ECW-Shop 6.0.2 - Index.php HTML Injection",2005-08-16,"John Cobb",php,webapps,0 +26157,platforms/php/webapps/26157.txt,"ECW Shop 6.0.2 - 'index.php' Cross-site Scripting",2005-08-16,"John Cobb",php,webapps,0 +26158,platforms/php/webapps/26158.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection",2005-08-16,"John Cobb",php,webapps,0 26159,platforms/php/webapps/26159.txt,"PHPFreeNews 1.40 - SearchResults.php Multiple SQL Injection",2005-08-17,h4cky,php,webapps,0 26160,platforms/php/webapps/26160.txt,"PHPFreeNews 1.40 - NewsCategoryForm.php NewsMode Parameter XSS",2005-08-17,h4cky,php,webapps,0 26161,platforms/php/webapps/26161.txt,"PHPFreeNews 1.40 - SearchResults.php Multiple Parameter XSS",2005-08-17,h4cky,php,webapps,0 @@ -23321,30 +23321,30 @@ id,file,description,date,author,platform,type,port 26179,platforms/php/webapps/26179.txt,"Land Down Under 800/801 - list.php Multiple Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 26180,platforms/php/webapps/26180.txt,"Land Down Under 800/801 - forums.php Multiple Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 26181,platforms/php/webapps/26181.txt,"Land Down Under 800 - journal.php w Parameter XSS",2005-08-20,bl2k,php,webapps,0 -26182,platforms/php/webapps/26182.txt,"Land Down Under 800 - index.php Multiple Parameter XSS",2005-08-20,bl2k,php,webapps,0 -26183,platforms/php/webapps/26183.txt,"NEPHP 3.0.4 - Browse.php Cross-Site Scripting",2005-08-22,bl2k,php,webapps,0 -26184,platforms/php/webapps/26184.txt,"PHPKit 1.6.1 - Multiple SQL Injection",2005-08-22,phuket,php,webapps,0 +26182,platforms/php/webapps/26182.txt,"Land Down Under 800 - 'index.php' Multiple Parameter XSS",2005-08-20,bl2k,php,webapps,0 +26183,platforms/php/webapps/26183.txt,"NEPHP 3.0.4 - Browse.php Cross-site Scripting",2005-08-22,bl2k,php,webapps,0 +26184,platforms/php/webapps/26184.txt,"PHPKit 1.6.1 - Multiple SQL Injections",2005-08-22,phuket,php,webapps,0 26185,platforms/osx/local/26185.txt,"Apple Mac OS X 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 -26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 NewBB_Plus and Messages Modules - Multiple SQL Injection",2005-08-22,"James Bercegay",php,webapps,0 +26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 NewBB_Plus and Messages Modules - Multiple SQL Injections",2005-08-22,"James Bercegay",php,webapps,0 26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b - Comments Module moderate Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b - user.php htmltext Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26189,platforms/php/webapps/26189.txt,"PostNuke 0.75/0.76 DL - viewdownload.php SQL Injection",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26190,platforms/php/webapps/26190.txt,"SaveWebPortal 3.4 - Unauthorized Access",2005-08-23,rgod,php,webapps,0 26191,platforms/php/webapps/26191.txt,"SaveWebPortal 3.4 - Multiple Remote File Inclusion",2005-08-23,rgod,php,webapps,0 -26192,platforms/php/webapps/26192.txt,"SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2005-08-23,rgod,php,webapps,0 +26192,platforms/php/webapps/26192.txt,"SaveWebPortal 3.4 - Multiple Cross-site Scripting Vulnerabilities",2005-08-23,rgod,php,webapps,0 26193,platforms/php/webapps/26193.txt,"SaveWebPortal 3.4 - Multiple Directory Traversal Vulnerabilities",2005-08-23,rgod,php,webapps,0 26194,platforms/windows/dos/26194.txt,"LeapFTP Client 2.7.3/2.7.4 - .LSQ File Remote Buffer Overflow",2005-08-24,Sowhat,windows,dos,0 26195,platforms/linux/local/26195.txt,"QNX RTOS 6.1/6.3 - InputTrap Local Arbitrary File Disclosure",2005-08-24,"Julio Cesar Fort",linux,local,0 -26196,platforms/windows/remote/26196.txt,"BEA WebLogic 7.0/8.1 - Administration Console Cross-Site Scripting",2005-08-24,GomoR,windows,remote,0 +26196,platforms/windows/remote/26196.txt,"BEA WebLogic 7.0/8.1 - Administration Console Cross-site Scripting",2005-08-24,GomoR,windows,remote,0 26197,platforms/php/webapps/26197.txt,"Foojan PHPWeblog - Html Injection",2005-08-24,ali202,php,webapps,0 26198,platforms/linux/remote/26198.txt,"Astaro Security Linux 6.0 01 - HTTP CONNECT Unauthorized Access Weakness",2005-08-25,"Oliver Karow",linux,remote,0 -26199,platforms/php/webapps/26199.txt,"phpMyAdmin 2.x - Error.php Cross-Site Scripting",2005-08-28,"Michal Cihar",php,webapps,0 +26199,platforms/php/webapps/26199.txt,"phpMyAdmin 2.x - Error.php Cross-site Scripting",2005-08-28,"Michal Cihar",php,webapps,0 26200,platforms/php/webapps/26200.txt,"SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection",2005-08-29,"Jakob Balle",php,webapps,0 26201,platforms/php/webapps/26201.txt,"PHPWebNotes 2.0 - Api.php Remote File Inclusion",2005-08-29,nf2@scheinwelt.at,php,webapps,0 -26202,platforms/php/webapps/26202.txt,"Looking Glass - Cross-Site Scripting",2005-08-27,rgod,php,webapps,0 +26202,platforms/php/webapps/26202.txt,"Looking Glass - Cross-site Scripting",2005-08-27,rgod,php,webapps,0 26203,platforms/php/webapps/26203.php,"Looking Glass 20040427 - Remote Command Execution",2005-08-27,rgod,php,webapps,0 26204,platforms/php/webapps/26204.pl,"MyBB - Member.php SQL Injection",2005-08-29,W7ED,php,webapps,0 -26205,platforms/php/webapps/26205.txt,"Land Down Under 700/701/800/801 - index.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 +26205,platforms/php/webapps/26205.txt,"Land Down Under 700/701/800/801 - 'index.php' c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26206,platforms/php/webapps/26206.txt,"Land Down Under 700/701/800/801 - events.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26207,platforms/php/webapps/26207.txt,"Land Down Under 700/701/800/801 - list.php Multiple Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26208,platforms/php/webapps/26208.txt,"AutoLinks 2.1 Pro - Al_initialize.php Remote File Inclusion",2005-08-29,4Degrees,php,webapps,0 @@ -23354,7 +23354,7 @@ id,file,description,date,author,platform,type,port 26212,platforms/php/webapps/26212.txt,"FlatNuke 2.5.6 - ID Parameter Directory Traversal",2005-08-31,rgod,php,webapps,0 26213,platforms/php/webapps/26213.txt,"LibrettoCMS 2.2.2 - Arbitrary File Upload",2013-06-14,"CWH Underground",php,webapps,0 26214,platforms/windows/dos/26214.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow",2013-06-14,ariarat,windows,dos,0 -26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 - USR Parameter Cross-Site Scripting",2005-08-31,rgod,php,webapps,0 +26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 - USR Parameter Cross-site Scripting",2005-08-31,rgod,php,webapps,0 26216,platforms/windows/dos/26216.txt,"Indiatimes Messenger 6.0 - Remote Buffer Overflow",2005-08-31,ViPeR,windows,dos,0 26217,platforms/php/webapps/26217.html,"CMS Made Simple 0.10 - Lang.php Remote File Inclusion",2005-08-31,groszynskif,php,webapps,0 26218,platforms/linux/local/26218.txt,"Frox 0.7.18 - Arbitrary Configuration File Access",2005-09-01,rotor,linux,local,0 @@ -23365,24 +23365,24 @@ id,file,description,date,author,platform,type,port 26223,platforms/php/webapps/26223.txt,"Land Down Under 601/602/700/701/800/801 - Events.php HTML Injection",2005-09-06,conor.e.buckley,php,webapps,0 26224,platforms/php/webapps/26224.txt,"Unclassified NewsBoard 1.5.3 - Description Field HTML Injection",2005-09-06,retrogod@aliceposta.it,php,webapps,0 26225,platforms/php/webapps/26225.txt,"MAXdev MD-Pro 1.0.73 - Arbitrary Remote File Upload",2005-09-06,rgod,php,webapps,0 -26226,platforms/php/webapps/26226.txt,"MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-06,rgod,php,webapps,0 -26227,platforms/php/webapps/26227.txt,"MyBulletinBoard 1.0 - Forumdisplay.php Cross-Site Scripting",2005-09-06,Dominic.Parikh,php,webapps,0 -26228,platforms/php/webapps/26228.txt,"MyBulletinBoard 1.0 - Multiple SQL Injection",2005-09-06,stranger-killer,php,webapps,0 -26229,platforms/php/webapps/26229.txt,"PHPCommunityCalendar 4.0 - Multiple SQL Injection",2005-09-07,rgod,php,webapps,0 +26226,platforms/php/webapps/26226.txt,"MAXdev MD-Pro 1.0.73 - Multiple Cross-site Scripting Vulnerabilities",2005-09-06,rgod,php,webapps,0 +26227,platforms/php/webapps/26227.txt,"MyBulletinBoard 1.0 - Forumdisplay.php Cross-site Scripting",2005-09-06,Dominic.Parikh,php,webapps,0 +26228,platforms/php/webapps/26228.txt,"MyBulletinBoard 1.0 - Multiple SQL Injections",2005-09-06,stranger-killer,php,webapps,0 +26229,platforms/php/webapps/26229.txt,"PHPCommunityCalendar 4.0 - Multiple SQL Injections",2005-09-07,rgod,php,webapps,0 26230,platforms/windows/remote/26230.txt,"Microsoft IIS 5.1 - WebDAV HTTP Request Source Code Disclosure",2005-09-04,"Inge Henriksen",windows,remote,0 26231,platforms/php/webapps/26231.txt,"PBLang 4.65 Bulletin Board System - SetCookie.php Directory Traversal",2005-09-07,rgod,php,webapps,0 -26232,platforms/php/webapps/26232.txt,"PHPCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-07,rgod,php,webapps,0 +26232,platforms/php/webapps/26232.txt,"PHPCommunityCalendar 4.0 - Multiple Cross-site Scripting Vulnerabilities",2005-09-07,rgod,php,webapps,0 26233,platforms/hardware/dos/26233.txt,"Cisco IOS 12.x - Firewall Authentication Proxy Buffer Overflow",2005-09-07,Markus,hardware,dos,0 26234,platforms/php/webapps/26234.txt,"Stylemotion WEB//NEWS 1.4 - startup.php Cookie SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26235,platforms/php/webapps/26235.txt,"Stylemotion WEB//NEWS 1.4 - news.php Multiple Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 - print.php id Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Inclusion",2005-09-08,"NewAngels Team",php,webapps,0 -26240,platforms/php/webapps/26240.txt,"Ultimate WordPress Auction Plugin 1.0 - CSRF",2013-06-17,expl0i13r,php,webapps,0 +26240,platforms/php/webapps/26240.txt,"Ultimate WordPress Auction Plugin 1.0 - Cross-site Request Forgery",2013-06-17,expl0i13r,php,webapps,0 26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - (.wax) SEH Buffer Overflow",2013-06-17,Onying,windows,local,0 26243,platforms/php/webapps/26243.txt,"Havalite CMS 1.1.7 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 26244,platforms/php/webapps/26244.txt,"SPBAS Business Automation Software 2012 - Multiple Vulnerabilities",2013-06-17,"Christy Philip Mathew",php,webapps,0 -26245,platforms/windows/local/26245.py,"Winamp 5.12 - (.m3u) Stack Based Buffer Overflow",2013-06-17,superkojiman,windows,local,0 +26245,platforms/windows/local/26245.py,"Winamp 5.12 - '.m3u' Stack Based Buffer Overflow",2013-06-17,superkojiman,windows,local,0 26246,platforms/php/webapps/26246.txt,"Simple File Manager 024 - Login Bypass",2013-06-17,Chako,php,webapps,0 26247,platforms/php/webapps/26247.txt,"MyBulletinBoard 1.0 - RateThread.php SQL Injection",2005-09-09,stranger-killer,php,webapps,0 26248,platforms/linux/dos/26248.sh,"Linux Kernel 2.6.x - SCSI ProcFS Denial of Service",2005-09-09,anonymous,linux,dos,0 @@ -23393,12 +23393,12 @@ id,file,description,date,author,platform,type,port 26253,platforms/php/webapps/26253.txt,"Land Down Under 800/801 - auth.php m Parameter SQL Injection",2005-09-13,"GroundZero Security Research",php,webapps,0 26254,platforms/php/webapps/26254.txt,"Land Down Under 800/801 - plug.php e Parameter SQL Injection",2005-09-13,"GroundZero Security Research",php,webapps,0 26255,platforms/php/webapps/26255.php,"Mail-it Now! Upload2Server 1.5 - Arbitrary File Upload",2005-09-13,rgod,php,webapps,0 -26256,platforms/cgi/webapps/26256.txt,"MIVA Merchant 5 - Merchant.MVC Cross-Site Scripting",2005-09-14,admin@hyperconx.com,cgi,webapps,0 +26256,platforms/cgi/webapps/26256.txt,"MIVA Merchant 5 - Merchant.MVC Cross-site Scripting",2005-09-14,admin@hyperconx.com,cgi,webapps,0 26257,platforms/php/webapps/26257.txt,"ATutor 1.5.1 - Password_Reminder.php SQL Injection",2005-09-14,rgod,php,webapps,0 26258,platforms/php/webapps/26258.txt,"ATutor 1.5.1 - Chat Logs Remote Information Disclosure",2005-09-14,rgod,php,webapps,0 -26259,platforms/php/webapps/26259.txt,"Noah's Classifieds 1.2/1.3 - Index.php SQL Injection",2005-09-14,trueend5,php,webapps,0 +26259,platforms/php/webapps/26259.txt,"Noah's Classifieds 1.2/1.3 - 'index.php' SQL Injection",2005-09-14,trueend5,php,webapps,0 26260,platforms/php/webapps/26260.txt,"TWiki TWikiUsers - Remote Arbitrary Command Execution",2005-09-14,B4dP4nd4,php,webapps,0 -26261,platforms/php/webapps/26261.txt,"Noah's Classifieds 1.3 - Index.php Cross-Site Scripting",2005-09-14,trueend5,php,webapps,0 +26261,platforms/php/webapps/26261.txt,"Noah's Classifieds 1.3 - 'index.php' Cross-site Scripting",2005-09-14,trueend5,php,webapps,0 26262,platforms/php/webapps/26262.txt,"Digital Scribe 1.4 - Login SQL Injection",2005-09-15,rgod,php,webapps,0 26263,platforms/php/webapps/26263.txt,"AEwebworks aeDating 3.2/4.0 - Search_Result.php SQL Injection",2005-09-15,alexsrb,php,webapps,0 26264,platforms/php/webapps/26264.txt,"DeluxeBB 1.0 - topic.php tid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 @@ -23410,28 +23410,28 @@ id,file,description,date,author,platform,type,port 26334,platforms/asp/webapps/26334.txt,"aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 26270,platforms/php/webapps/26270.txt,"Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities",2005-09-16,"Security Tester",php,webapps,0 26271,platforms/osx/dos/26271.txt,"Apple Safari 1.x/2.0.1 - Data URI Memory Corruption",2005-09-17,"Jonathan Rockway",osx,dos,0 -26272,platforms/php/webapps/26272.txt,"EPay Pro 2.0 - Index.php Directory Traversal",2005-09-19,h4cky0u,php,webapps,0 +26272,platforms/php/webapps/26272.txt,"EPay Pro 2.0 - 'index.php' Directory Traversal",2005-09-19,h4cky0u,php,webapps,0 26273,platforms/php/webapps/26273.txt,"VBulletin 1.0.1 lite/2.x/3.0 - joinrequests.php request Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 26274,platforms/php/webapps/26274.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php Multiple Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 26275,platforms/php/webapps/26275.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertitle.php usertitleid Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 26276,platforms/php/webapps/26276.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertools.php ids Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26277,platforms/php/webapps/26277.txt,"NooToplist 1.0 - Index.php Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 +26277,platforms/php/webapps/26277.txt,"NooToplist 1.0 - 'index.php' Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 26278,platforms/php/webapps/26278.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/css.php group Parameter XSS",2005-09-19,deluxe@security-project.org,php,webapps,0 26279,platforms/php/webapps/26279.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/index.php Multiple Parameter XSS",2005-09-19,deluxe@security-project.org,php,webapps,0 26280,platforms/php/webapps/26280.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php email Parameter XSS",2005-09-19,deluxe@security-project.org,php,webapps,0 26281,platforms/php/webapps/26281.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/language.php goto Parameter XSS",2005-09-19,deluxe@security-project.org,php,webapps,0 26282,platforms/php/webapps/26282.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/modlog.php orderby Parameter XSS",2005-09-19,deluxe@security-project.org,php,webapps,0 26283,platforms/php/webapps/26283.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/template.php Multiple Parameter XSS",2005-09-19,deluxe@security-project.org,php,webapps,0 -26284,platforms/php/webapps/26284.txt,"MX Shop 3.2 - Index.php Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 +26284,platforms/php/webapps/26284.txt,"MX Shop 3.2 - 'index.php' Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 26285,platforms/php/webapps/26285.txt,"Hesk 0.92/0.93 - Session ID Authentication Bypass",2005-09-20,"Rajesh Sethumadhavan",php,webapps,0 26286,platforms/php/webapps/26286.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Directory Traversal Vulnerabilities",2005-09-20,rgod,php,webapps,0 -26287,platforms/php/webapps/26287.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-20,rgod,php,webapps,0 -26300,platforms/php/webapps/26300.txt,"LucidCMS 2.0 - Index.php Cross-Site Scripting",2005-09-27,X1ngBox,php,webapps,0 +26287,platforms/php/webapps/26287.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Cross-site Scripting Vulnerabilities",2005-09-20,rgod,php,webapps,0 +26300,platforms/php/webapps/26300.txt,"LucidCMS 2.0 - 'index.php' Cross-site Scripting",2005-09-27,X1ngBox,php,webapps,0 26301,platforms/windows/dos/26301.txt,"Novell GroupWise 6.5.3 Client - Local Integer Overflow",2005-09-27,"Francisco Amato",windows,dos,0 26302,platforms/php/webapps/26302.txt,"TWiki TWikiUsers - INCLUDE Function Remote Arbitrary Command Execution",2005-09-28,JChristophFuchs,php,webapps,0 -26303,platforms/php/webapps/26303.txt,"CubeCart 3.0.3 - index.php Multiple Parameter XSS",2005-09-28,Lostmon,php,webapps,0 +26303,platforms/php/webapps/26303.txt,"CubeCart 3.0.3 - 'index.php' Multiple Parameter XSS",2005-09-28,Lostmon,php,webapps,0 26304,platforms/php/webapps/26304.txt,"CubeCart 3.0.3 - cart.php redir Parameter XSS",2005-09-28,Lostmon,php,webapps,0 -26305,platforms/php/webapps/26305.txt,"SquirrelMail 1.4.2 Address Add Plugin - Add.php Cross-Site Scripting",2005-09-29,anonymous,php,webapps,0 +26305,platforms/php/webapps/26305.txt,"SquirrelMail 1.4.2 Address Add Plugin - Add.php Cross-site Scripting",2005-09-29,anonymous,php,webapps,0 26306,platforms/windows/remote/26306.txt,"NateOn Messenger 3.0 - Arbitrary File Download / Buffer Overflow",2005-09-29,saintlinu,windows,remote,0 26307,platforms/php/webapps/26307.txt,"lucidCMS 2.0 - Login SQL Injection",2005-09-29,rgod,php,webapps,0 26308,platforms/php/webapps/26308.txt,"IceWarp Web Mail 5.5.1 - blank.html id Parameter XSS",2005-09-30,ss_contacts,php,webapps,0 @@ -23450,12 +23450,12 @@ id,file,description,date,author,platform,type,port 26328,platforms/php/webapps/26328.txt,"Utopia News Pro 1.1.3 - footer.php Multiple Parameter XSS",2005-10-07,rgod,php,webapps,0 26329,platforms/multiple/remote/26329.txt,"Oracle HTML DB 1.5/1.6 - f p Parameter XSS",2005-10-07,Red-Database-Security,multiple,remote,0 26321,platforms/linux/local/26321.c,"Gnome-PTY-Helper UTMP - Hostname Spoofing",2005-10-03,"Paul Szabo",linux,local,0 -26322,platforms/windows/dos/26322.pl,"MusicBee 2.0.4663 - (.m3u) Denial of Service",2013-06-19,Chako,windows,dos,0 +26322,platforms/windows/dos/26322.pl,"MusicBee 2.0.4663 - '.m3u' Denial of Service",2013-06-19,Chako,windows,dos,0 26323,platforms/windows/local/26323.cpp,"Microsoft Windows XP - Wireless Zero Configuration Service Information Disclosure",2005-10-04,"Laszlo Toth",windows,local,0 -26324,platforms/php/webapps/26324.txt,"TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-05,"Donnie Werner",php,webapps,0 +26324,platforms/php/webapps/26324.txt,"TellMe 1.2 - Multiple Cross-site Scripting Vulnerabilities",2005-10-05,"Donnie Werner",php,webapps,0 26325,platforms/multiple/dos/26325.txt,"Mozilla Firefox 1.0.6/1.0.7 - IFRAME Handling Denial of Service",2005-10-05,"Tom Ferris",multiple,dos,0 26326,platforms/php/webapps/26326.html,"MyBloggie 2.1.3 - Search.php SQL Injection",2005-10-06,trueend5,php,webapps,0 -26335,platforms/asp/webapps/26335.txt,"Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 +26335,platforms/asp/webapps/26335.txt,"Aenovo - Multiple Unspecified Cross-site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 26336,platforms/multiple/dos/26336.txt,"Oracle Forms - Servlet TLS Listener Remote Denial of Service",2005-10-07,"Alexander Kornbrust",multiple,dos,0 26337,platforms/php/webapps/26337.php,"Cyphor 0.19 - lostpwd.php nick Field SQL Injection",2005-10-08,rgod,php,webapps,0 26338,platforms/php/webapps/26338.txt,"Cyphor 0.19 - newmsg.php fid Parameter SQL Injection",2005-10-08,retrogod@aliceposta.it,php,webapps,0 @@ -23469,12 +23469,12 @@ id,file,description,date,author,platform,type,port 26346,platforms/php/webapps/26346.txt,"Accelerated Mortgage Manager - Password Field SQL Injection",2005-10-13,imready4chillin,php,webapps,0 26347,platforms/php/webapps/26347.txt,"Gallery 2.0 - Main.php Directory Traversal",2005-10-14,"Michael Dipper",php,webapps,0 26348,platforms/php/webapps/26348.txt,"Complete PHP Counter - SQL Injection",2005-10-14,BiPi_HaCk,php,webapps,0 -26349,platforms/php/webapps/26349.txt,"Complete PHP - Counter Cross-Site Scripting",2005-10-14,BiPi_HaCk,php,webapps,0 +26349,platforms/php/webapps/26349.txt,"Complete PHP - Counter Cross-site Scripting",2005-10-14,BiPi_HaCk,php,webapps,0 26350,platforms/php/webapps/26350.txt,"PunBB 1.2.x - Search.php SQL Injection",2005-10-15,Devil_box,php,webapps,0 -26351,platforms/asp/webapps/26351.txt,"Comersus BackOffice Plus - Multiple Cross-Site Scripting Vulnerabilities",2005-10-17,Lostmon,asp,webapps,0 +26351,platforms/asp/webapps/26351.txt,"Comersus BackOffice Plus - Multiple Cross-site Scripting Vulnerabilities",2005-10-17,Lostmon,asp,webapps,0 26352,platforms/php/local/26352.php,"PHP 5.0.5 - Safedir Restriction Bypass Vulnerabilities",2005-10-17,anonymous,php,local,0 26353,platforms/linux/local/26353.txt,"Linux Kernel 2.6 - Console Keymap Local Command Injection PoC",2005-10-17,"Rudolf Polzer",linux,local,0 -26354,platforms/jsp/webapps/26354.txt,"NetFlow Analyzer 4 - Cross-Site Scripting",2005-10-18,why@nsfocus.com,jsp,webapps,0 +26354,platforms/jsp/webapps/26354.txt,"NetFlow Analyzer 4 - Cross-site Scripting",2005-10-18,why@nsfocus.com,jsp,webapps,0 26355,platforms/php/webapps/26355.txt,"MySource 2.14 - upgrade_in_progress_backend.php target_url Parameter XSS",2005-10-18,"Secunia Research",php,webapps,0 26356,platforms/php/webapps/26356.txt,"MySource 2.14 - insert_table.php bgcolor Parameter XSS",2005-10-18,"Secunia Research",php,webapps,0 26357,platforms/php/webapps/26357.txt,"MySource 2.14 - edit_table_cell_props.php bgcolor Parameter XSS",2005-10-18,"Secunia Research",php,webapps,0 @@ -23504,39 +23504,39 @@ id,file,description,date,author,platform,type,port 26381,platforms/php/webapps/26381.txt,"Chipmunk Directory - recommend.php entryID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 26382,platforms/linux/dos/26382.c,"Linux Kernel 2.6.x - IPv6 Local Denial of Service",2005-10-20,"Rémi Denis-Courmont",linux,dos,0 26383,platforms/php/webapps/26383.txt,"Zomplog 3.3/3.4 - Detail.php HTML Injection",2005-10-22,sikikmail,php,webapps,0 -26384,platforms/php/webapps/26384.txt,"FlatNuke 2.5.x - Index.php Multiple Remote File Inclusion",2005-10-22,abducter_minds@yahoo.com,php,webapps,0 -26385,platforms/php/webapps/26385.txt,"FlatNuke 2.5.x - Index.php Cross-Site Scripting",2005-10-26,alex@aleksanet.com,php,webapps,0 +26384,platforms/php/webapps/26384.txt,"FlatNuke 2.5.x - 'index.php' Multiple Remote File Inclusion",2005-10-22,abducter_minds@yahoo.com,php,webapps,0 +26385,platforms/php/webapps/26385.txt,"FlatNuke 2.5.x - 'index.php' Cross-site Scripting",2005-10-26,alex@aleksanet.com,php,webapps,0 26388,platforms/php/webapps/26388.txt,"Nuked-Klan 1.7 Download Module - dl_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26389,platforms/php/webapps/26389.pl,"Nuked-Klan 1.7 Links Module - link_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26390,platforms/php/webapps/26390.txt,"saphp Lesson - add.php forumid Parameter SQL Injection",2005-10-26,almaster,php,webapps,0 -26391,platforms/php/webapps/26391.html,"SiteTurn Domain Manager Pro - Admin Panel Cross-Site Scripting",2005-10-24,"farhad koosha",php,webapps,0 +26391,platforms/php/webapps/26391.html,"SiteTurn Domain Manager Pro - Admin Panel Cross-site Scripting",2005-10-24,"farhad koosha",php,webapps,0 26392,platforms/php/webapps/26392.txt,"phpMyAdmin 2.x - queryframe.php XSS",2005-05-20,"Tobias Klein",php,webapps,0 26393,platforms/php/webapps/26393.txt,"phpMyAdmin 2.x - server_databases.php XSS",2005-05-20,"Tobias Klein",php,webapps,0 26394,platforms/php/webapps/26394.txt,"MWChat 6.8 - Chat.php SQL Injection",2005-05-21,rgod,php,webapps,0 26395,platforms/php/webapps/26395.txt,"Basic Analysis And Security Engine 1.2 - Base_qry_main.php SQL Injection",2005-10-25,"Remco Verhoef",php,webapps,0 26396,platforms/php/webapps/26396.pl,"MyBulletinBoard 1.0 - Usercp.php SQL Injection",2005-10-26,Animal,php,webapps,0 26397,platforms/php/webapps/26397.txt,"IPBProArcade 2.5.2 - GameID Parameter SQL Injection",2005-10-26,almaster,php,webapps,0 -26398,platforms/cgi/webapps/26398.txt,"RSA ACE Agent 5.x - Image Cross-Site Scripting",2005-10-26,"Bernhard Mueller",cgi,webapps,0 +26398,platforms/cgi/webapps/26398.txt,"RSA ACE Agent 5.x - Image Cross-site Scripting",2005-10-26,"Bernhard Mueller",cgi,webapps,0 26399,platforms/php/webapps/26399.txt,"Belchior Foundry VCard 2.9 - Remote File Inclusion",2005-10-26,X,php,webapps,0 -26400,platforms/php/webapps/26400.txt,"Flyspray 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-26,Lostmon,php,webapps,0 +26400,platforms/php/webapps/26400.txt,"Flyspray 0.9 - Multiple Cross-site Scripting Vulnerabilities",2005-10-26,Lostmon,php,webapps,0 26401,platforms/hardware/webapps/26401.txt,"TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass",2013-06-24,Chako,hardware,webapps,0 26402,platforms/windows/local/26402.py,"Mediacoder (.lst) - SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 26403,platforms/windows/local/26403.py,"Mediacoder (.m3u) - SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 -26404,platforms/windows/local/26404.py,"MediaCoder PMP Edition 0.8.17 - (.m3u) Buffer Overflow Exploit",2013-06-24,metacom,windows,local,0 -26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - (play.php gid param) SQL Injection",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 +26404,platforms/windows/local/26404.py,"MediaCoder PMP Edition 0.8.17 - '.m3u' Buffer Overflow Exploit",2013-06-24,metacom,windows,local,0 +26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - (play.php gid parameter) SQL Injection",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 26406,platforms/php/webapps/26406.txt,"Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities",2013-06-24,"Glafkos Charalambous ",php,webapps,0 27541,platforms/php/webapps/27541.txt,"DbbS 2.0 - Topics.php SQL Injection",2006-03-31,DaBDouB-MoSiKaR,php,webapps,0 27542,platforms/php/webapps/27542.txt,"SoftBiz Image Gallery - mage_desc.php Multiple Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27543,platforms/php/webapps/27543.txt,"SoftBiz Image Gallery - template.php provided Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 26408,platforms/php/webapps/26408.txt,"phpEventCalendar 0.2.3 - Multiple Vulnerabilities",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 26409,platforms/windows/local/26409.py,"aSc Timetables 2013 - Stack Buffer Overflow",2013-06-24,Dark-Puzzle,windows,local,0 -26410,platforms/php/webapps/26410.py,"Collabtive 1.0 - (manageuser.php task param) SQL Injection",2013-06-24,drone,php,webapps,0 -26411,platforms/windows/local/26411.py,"AudioCoder 0.8.22 - (.m3u) Direct Retn Buffer Overflow",2013-06-24,Onying,windows,local,0 +26410,platforms/php/webapps/26410.py,"Collabtive 1.0 - (manageuser.php task parameter) SQL Injection",2013-06-24,drone,php,webapps,0 +26411,platforms/windows/local/26411.py,"AudioCoder 0.8.22 - '.m3u' Direct Retn Buffer Overflow",2013-06-24,Onying,windows,local,0 26412,platforms/hardware/remote/26412.pl,"Seowonintech Devices - Remote Root Exploit",2013-06-24,"Todor Donev",hardware,remote,0 26413,platforms/windows/dos/26413.py,"PEiD 0.95 - Memory Corruption PoC",2013-06-24,"Debasish Mandal",windows,dos,0 26414,platforms/php/webapps/26414.txt,"PodHawk 1.85 - Arbitrary File Upload",2013-06-24,"CWH Underground",php,webapps,0 26415,platforms/hardware/webapps/26415.txt,"Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities",2013-06-24,m-1-k-3,hardware,webapps,0 -26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - (global.php id param) SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 +26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - (global.php id parameter) SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 26827,platforms/php/webapps/26827.txt,"QuickPayPro 3.1 - popups.edit.php popupid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26418,platforms/windows/local/26418.rb,"Novell Client 4.91 SP4 - nwfs.sys Local Privilege Escalation",2013-06-24,Metasploit,windows,local,0 26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 - htpasswd Module Username Command Execution",2013-06-24,Metasploit,linux,remote,0 @@ -23546,7 +23546,7 @@ id,file,description,date,author,platform,type,port 26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 - Bug_sponsorship_list_view_inc.php File Include",2005-10-26,"Andreas Sandblad",php,webapps,0 26424,platforms/windows/remote/26424.txt,"Snoopy 0.9x/1.0/1.2 - Arbitrary Command Execution",2005-10-26,"D. Fabian",windows,remote,0 26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection",2005-10-26,admin@batznet.com,php,webapps,0 -26426,platforms/asp/webapps/26426.html,"Techno Dreams Multiple Scripts - Multiple SQL Injection",2005-10-26,"farhad koosha",asp,webapps,0 +26426,platforms/asp/webapps/26426.html,"Techno Dreams Multiple Scripts - Multiple SQL Injections",2005-10-26,"farhad koosha",asp,webapps,0 26427,platforms/php/webapps/26427.txt,"GCards 1.43 - News.php SQL Injection",2005-10-26,svsecurity,php,webapps,0 26428,platforms/php/webapps/26428.html,"Search Enhanced Module 1.1/2.0 for PHP-Nuke - HTML Injection",2005-10-26,bhfh01,php,webapps,0 26429,platforms/asp/webapps/26429.txt,"Novell ZENworks Patch Management 6.0.52 - computers/default.asp Direction Parameter SQL Injection",2005-10-27,"Dennis Rand",asp,webapps,0 @@ -23554,32 +23554,32 @@ id,file,description,date,author,platform,type,port 26431,platforms/php/webapps/26431.txt,"ATutor 1.x - forum.inc.php Arbitrary Command Execution",2005-10-27,"Andreas Sandblad",php,webapps,0 26432,platforms/php/webapps/26432.txt,"ATutor 1.x - body_header.inc.php section Parameter Local File Inclusion",2005-10-27,"Andreas Sandblad",php,webapps,0 26433,platforms/php/webapps/26433.txt,"ATutor 1.x - print.php section Parameter Remote File Inclusion",2005-10-27,"Andreas Sandblad",php,webapps,0 -26434,platforms/php/webapps/26434.txt,"PBLang 4.65 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-27,abducter,php,webapps,0 -26435,platforms/asp/webapps/26435.txt,"ASP Fast Forum - Error.ASP Cross-Site Scripting",2005-10-27,syst3m_f4ult,asp,webapps,0 +26434,platforms/php/webapps/26434.txt,"PBLang 4.65 - Multiple Cross-site Scripting Vulnerabilities",2005-10-27,abducter,php,webapps,0 +26435,platforms/asp/webapps/26435.txt,"ASP Fast Forum - Error.ASP Cross-site Scripting",2005-10-27,syst3m_f4ult,asp,webapps,0 26436,platforms/php/webapps/26436.txt,"MG2 0.5.1 - Authentication Bypass",2005-10-29,"Preben Nylokken",php,webapps,0 26437,platforms/php/webapps/26437.txt,"PHP Advanced Transfer Manager 1.30 - Remote Unauthorized Access",2005-10-29,Zeelock,php,webapps,0 -26438,platforms/php/webapps/26438.txt,"Invision Gallery 2.0.3 - Index.php SQL Injection",2005-10-31,almaster,php,webapps,0 -26439,platforms/asp/webapps/26439.txt,"Snitz Forum 2000 - Post.ASP Cross-Site Scripting",2005-10-31,h4xorcrew,asp,webapps,0 -26440,platforms/php/webapps/26440.txt,"PHPCafe Tutorial Manager - Index.php SQL Injection",2005-10-31,almaster,php,webapps,0 +26438,platforms/php/webapps/26438.txt,"Invision Gallery 2.0.3 - 'index.php' SQL Injection",2005-10-31,almaster,php,webapps,0 +26439,platforms/asp/webapps/26439.txt,"Snitz Forum 2000 - Post.ASP Cross-site Scripting",2005-10-31,h4xorcrew,asp,webapps,0 +26440,platforms/php/webapps/26440.txt,"PHPCafe Tutorial Manager - 'index.php' SQL Injection",2005-10-31,almaster,php,webapps,0 26441,platforms/php/webapps/26441.txt,"OaBoard 1.0 - Forum.php Multiple SQL Injection",2005-10-31,abducter_minds@yahoo.com,php,webapps,0 -26442,platforms/php/webapps/26442.txt,"PHP 4.x - PHPInfo Cross-Site Scripting",2005-10-31,"Stefan Esser",php,webapps,0 +26442,platforms/php/webapps/26442.txt,"PHP 4.x - PHPInfo Cross-site Scripting",2005-10-31,"Stefan Esser",php,webapps,0 26443,platforms/php/remote/26443.php,"PHP 4.x/5.0.x - File Upload GLOBAL Variable Overwrite",2005-10-31,rgod,php,remote,0 26444,platforms/asp/webapps/26444.txt,"Comersus BackOffice 4.x/5.0/6.0 - comersus_backoffice_supportError.asp error Parameter XSS",2005-10-31,_6mO_HaCk,asp,webapps,0 26445,platforms/asp/webapps/26445.pl,"Comersus BackOffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure",2005-10-31,_6mO_HaCk,asp,webapps,0 26446,platforms/php/webapps/26446.txt,"Belchior Foundry vCard Pro 3.1 - Addrbook.php SQL Injection",2005-11-01,almaster,php,webapps,0 26447,platforms/php/webapps/26447.html,"Elite Forum 1.0 - HTML Injection",2005-11-01,gladiator,php,webapps,0 -26448,platforms/windows/local/26448.py,"AudioCoder 0.8.22 - (.lst) Direct Retn Buffer Overflow",2013-06-26,Onying,windows,local,0 +26448,platforms/windows/local/26448.py,"AudioCoder 0.8.22 - '.lst' Direct Retn Buffer Overflow",2013-06-26,Onying,windows,local,0 26449,platforms/php/webapps/26449.txt,"e107 Advanced Medal System Plugin - SQL Injection",2013-06-26,"Life Wasted",php,webapps,0 26450,platforms/windows/dos/26450.pl,"Baby FTP Server 1.24 - Denial of Service",2013-06-26,Chako,windows,dos,21 26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Local Privilege Escalation Exploit",2013-06-26,Metasploit,linux,local,0 26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - nicm.sys Local Privilege Escalation",2013-06-26,Metasploit,win_x86,local,0 -26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 - (index.php type param) Remote Code Execution",2013-06-26,infodox,php,webapps,0 +26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 - (index.php type parameter) Remote Code Execution",2013-06-26,infodox,php,webapps,0 26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation",2013-06-26,Metasploit,freebsd,local,0 -26455,platforms/php/webapps/26455.txt,"VUBB - Index.php Cross-Site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 +26455,platforms/php/webapps/26455.txt,"VUBB - 'index.php' Cross-site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 26456,platforms/php/webapps/26456.txt,"XMB Forum 1.9.3 - Post.php SQL Injection",2005-11-01,almaster,php,webapps,0 26457,platforms/windows/dos/26457.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (1)",2005-11-01,ad@class101.org,windows,dos,0 -26458,platforms/php/webapps/26458.txt,"News2Net 3.0 - Index.php SQL Injection",2005-11-02,Mousehack,php,webapps,0 -26459,platforms/php/webapps/26459.txt,"phpWebThings 0.4.4 - Forum.php Cross-Site Scripting",2005-11-02,Linux_Drox,php,webapps,0 +26458,platforms/php/webapps/26458.txt,"News2Net 3.0 - 'index.php' SQL Injection",2005-11-02,Mousehack,php,webapps,0 +26459,platforms/php/webapps/26459.txt,"phpWebThings 0.4.4 - Forum.php Cross-site Scripting",2005-11-02,Linux_Drox,php,webapps,0 26460,platforms/windows/remote/26460.c,"Asus VideoSecurity Online 3.5 - Web Server Authentication Buffer Overflow",2005-11-02,"Luigi Auriemma",windows,remote,0 26461,platforms/cgi/webapps/26461.txt,"Simple PHP Blog 0.4 - preview_cgi.php Multiple Parameter XSS",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 26462,platforms/cgi/webapps/26462.txt,"Simple PHP Blog 0.4 - preview_static_cgi.php Multiple Parameter XSS",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 @@ -23596,7 +23596,7 @@ id,file,description,date,author,platform,type,port 26474,platforms/php/webapps/26474.txt,"PHPFM - Arbitrary File Upload",2005-11-07,rUnViRuS,php,webapps,0 26475,platforms/cgi/webapps/26475.txt,"Asterisk 0.x/1.0/1.2 Voicemail - Unauthorized Access",2005-11-07,"Adam Pointon",cgi,webapps,0 26476,platforms/php/webapps/26476.txt,"OSTE 1.0 - Remote File Inclusion",2005-11-07,khc@bsdmail.org,php,webapps,0 -26477,platforms/php/webapps/26477.txt,"XMB 1.9.3 - U2U.php Cross-Site Scripting",2005-11-07,"HACKERS PAL",php,webapps,0 +26477,platforms/php/webapps/26477.txt,"XMB 1.9.3 - U2U.php Cross-site Scripting",2005-11-07,"HACKERS PAL",php,webapps,0 26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 - admin.php Multiple Parameter XSS",2005-11-07,benjilenoob,php,webapps,0 26479,platforms/windows/local/26479.txt,"Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass Weakness",2005-11-07,Tr0y-x,windows,local,0 26480,platforms/php/webapps/26480.txt,"toendaCMS 0.6.1 - Admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 @@ -23609,8 +23609,8 @@ id,file,description,date,author,platform,type,port 26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 - frameset.htm sap-syscmd Parameter XSS",2005-11-09,"Leandro Meiners",php,webapps,0 26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 - URI Redirection",2005-11-09,"Leandro Meiners",php,webapps,0 26489,platforms/linux/dos/26489.c,"Linux Kernel 2.6.x - Sysctl Unregistration Local Denial of Service",2005-11-09,"Rémi Denis-Courmont",linux,dos,0 -26490,platforms/php/webapps/26490.txt,"TikiWiki 1.9 - Tiki-view_forum_thread.php Cross-Site Scripting",2005-11-09,"Moritz Naumann",php,webapps,0 -26491,platforms/windows/remote/26491.txt,"Antville 1.1 - Cross-Site Scripting",2005-11-09,"Moritz Naumann",windows,remote,0 +26490,platforms/php/webapps/26490.txt,"TikiWiki 1.9 - Tiki-view_forum_thread.php Cross-site Scripting",2005-11-09,"Moritz Naumann",php,webapps,0 +26491,platforms/windows/remote/26491.txt,"Antville 1.1 - Cross-site Scripting",2005-11-09,"Moritz Naumann",windows,remote,0 26492,platforms/linux/local/26492.txt,"Emacs 2.1 - Local Variable Arbitrary Command Execution",2002-12-31,"Georgi Guninski",linux,local,0 26493,platforms/windows/remote/26493.py,"Bifrost 1.2.1 - Remote Buffer OverFlow",2013-06-30,"Mohamed Clay",windows,remote,0 26494,platforms/windows/remote/26494.py,"Bifrost 1.2d - Remote Buffer Overflow",2013-06-30,"Mohamed Clay",windows,remote,0 @@ -23629,13 +23629,13 @@ id,file,description,date,author,platform,type,port 26507,platforms/cgi/webapps/26507.txt,"Walla TeleSite 3.0 - ts.exe sug Parameter XSS",2005-11-15,"Rafi Nahum",cgi,webapps,0 26508,platforms/cgi/webapps/26508.txt,"Walla TeleSite 3.0 - ts.exe sug Parameter SQL Injection",2005-11-15,"Rafi Nahum",cgi,webapps,0 26509,platforms/cgi/webapps/26509.txt,"Walla TeleSite 3.0 - ts.cgi File Existence Enumeration",2005-11-15,"Rafi Nahum",cgi,webapps,0 -26510,platforms/php/webapps/26510.txt,"Pearl Forums 2.0 - Index.php Multiple SQL Injection",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 -26511,platforms/php/webapps/26511.txt,"Pearl Forums 2.0 - Index.php Local File Inclusion",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 +26510,platforms/php/webapps/26510.txt,"Pearl Forums 2.0 - 'index.php' Multiple SQL Injection",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 +26511,platforms/php/webapps/26511.txt,"Pearl Forums 2.0 - 'index.php' Local File Inclusion",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 26512,platforms/php/webapps/26512.txt,"phpwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26513,platforms/php/webapps/26513.txt,"phpwcms 1.2.5 -DEV - random_image.php imgdir Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 -26514,platforms/php/webapps/26514.txt,"PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities",2005-11-15,"Stefan Lochbihler",php,webapps,0 +26514,platforms/php/webapps/26514.txt,"PHPWCMS 1.2.5 -DEV - Multiple Cross-site Scripting Vulnerabilities",2005-11-15,"Stefan Lochbihler",php,webapps,0 26515,platforms/php/webapps/26515.txt,"AlstraSoft Template Seller Pro 3.25 - Remote File Inclusion",2005-11-15,"Robin Verton",php,webapps,0 -26516,platforms/php/webapps/26516.txt,"Ekinboard 1.0.3 - Profile.php Cross-Site Scripting",2005-11-15,trueend5,php,webapps,0 +26516,platforms/php/webapps/26516.txt,"Ekinboard 1.0.3 - Profile.php Cross-site Scripting",2005-11-15,trueend5,php,webapps,0 26517,platforms/windows/dos/26517.txt,"Microsoft Office PowerPoint 2007 - Crash PoC",2013-07-01,Asesino04,windows,dos,0 26829,platforms/php/webapps/26829.txt,"QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26830,platforms/php/webapps/26830.txt,"QuickPayPro 3.1 - design.php delete Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 @@ -23643,25 +23643,25 @@ id,file,description,date,author,platform,type,port 26520,platforms/windows/local/26520.py,"Static HTTP Server 1.0 - SEH Overflow",2013-07-01,"Jacob Holcomb",windows,local,0 26521,platforms/php/webapps/26521.txt,"C.P.Sub 4.5 - Authentication Bypass",2013-07-01,Chako,php,webapps,0 26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 -27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 - index.php st Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 +27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 - 'index.php' st Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - (.wvx) SEH Buffer Overflow",2013-07-01,MrXors,windows,local,0 26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - (.png) Crash PoC",2013-07-01,"Kevin Fujimoto",windows,dos,0 26527,platforms/hardware/webapps/26527.txt,"Barracuda SSL VPN 680Vx 2.3.3.193 - Multiple Script Injection Vulnerabilities",2013-07-01,LiquidWorm,hardware,webapps,0 -26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - CSRF",2013-07-01,"Sven Wurth",hardware,webapps,0 +26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - Cross-site Request Forgery",2013-07-01,"Sven Wurth",hardware,webapps,0 26529,platforms/multiple/remote/26529.rb,"Java Applet - ProviderSkeleton Insecure Invoke Method",2013-07-01,Metasploit,multiple,remote,0 26530,platforms/php/webapps/26530.txt,"GLPI 0.83.9 - 'unserialize()' Function Remote Code Execution",2013-07-01,"Xavier Mehrenberger",php,webapps,0 26531,platforms/multiple/remote/26531.html,"Opera Web Browser 8.0/8.5 - HTML Form Status Bar Misrepresentation",2005-11-16,Sverx,multiple,remote,0 26532,platforms/jsp/webapps/26532.txt,"Revize CMS - Query_results.JSP SQL Injection",2005-11-17,Lostmon,jsp,webapps,0 26533,platforms/jsp/webapps/26533.txt,"Revize CMS - Revize.XML Information Disclosure",2005-11-17,Lostmon,jsp,webapps,0 -26534,platforms/jsp/webapps/26534.txt,"Revize CMS HTTPTranslatorServlet - Cross-Site Scripting",2005-11-17,Lostmon,jsp,webapps,0 -26535,platforms/php/webapps/26535.txt,"LiteSpeed 2.1.5 - ConfMgr.php Cross-Site Scripting",2005-11-17,"Gama Sec",php,webapps,0 +26534,platforms/jsp/webapps/26534.txt,"Revize CMS HTTPTranslatorServlet - Cross-site Scripting",2005-11-17,Lostmon,jsp,webapps,0 +26535,platforms/php/webapps/26535.txt,"LiteSpeed 2.1.5 - ConfMgr.php Cross-site Scripting",2005-11-17,"Gama Sec",php,webapps,0 26536,platforms/linux/remote/26536.txt,"qualcomm worldmail server 3.0 - Directory Traversal",2005-11-17,FistFuXXer,linux,remote,0 26537,platforms/asp/webapps/26537.html,"VP-ASP Shopping Cart - Shopadmin.ASP HTML Injection",2005-11-17,ConcorDHacK,asp,webapps,0 26538,platforms/php/webapps/26538.txt,"PHP-Fusion 4.0/5.0/6.0 - Options.php and Viewforum.php SQL Injection",2005-11-19,"Robin Verton",php,webapps,0 -26539,platforms/php/webapps/26539.txt,"Advanced Poll 2.0.2/2.0.3 - Popup.php Cross-Site Scripting",2005-11-21,[GB],php,webapps,0 +26539,platforms/php/webapps/26539.txt,"Advanced Poll 2.0.2/2.0.3 - Popup.php Cross-site Scripting",2005-11-21,[GB],php,webapps,0 26540,platforms/linux/remote/26540.txt,"Inkscape 0.41/0.42 - .SVG Image Buffer Overflow",2005-11-21,"Joxean Koret",linux,remote,0 26541,platforms/php/webapps/26541.txt,"SimplePoll - Results.php SQL Injection",2005-11-21,stranger-killer,php,webapps,0 -26542,platforms/multiple/remote/26542.txt,"Apache Struts 1.2.7 - Error Response Cross-Site Scripting",2005-11-21,"Irene Abezgauz",multiple,remote,0 +26542,platforms/multiple/remote/26542.txt,"Apache Struts 1.2.7 - Error Response Cross-site Scripting",2005-11-21,"Irene Abezgauz",multiple,remote,0 26543,platforms/php/webapps/26543.txt,"APBoard - Thread.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 26544,platforms/php/webapps/26544.txt,"PHP Download Manager 1.1.x - Files.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 26545,platforms/php/webapps/26545.txt,"Tru-Zone Nuke ET 3.x - Search Module SQL Injection",2005-11-21,Lostmon,php,webapps,0 @@ -23678,8 +23678,8 @@ id,file,description,date,author,platform,type,port 26828,platforms/php/webapps/26828.txt,"QuickPayPro 3.1 - customer.tickets.view.php Multiple Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26557,platforms/windows/dos/26557.txt,"WinAmp 5.63 - Invalid Pointer Dereference",2013-07-02,"Julien Ahrens",windows,dos,0 26558,platforms/windows/dos/26558.txt,"WinAmp 5.63 - Stack-based Buffer Overflow",2013-07-02,"Julien Ahrens",windows,dos,0 -26559,platforms/php/webapps/26559.txt,"Virtual Hosting Control System 2.2/2.4 - Error Message Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 -26560,platforms/php/webapps/26560.txt,"PmWiki 2.0.x - Search Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 +26559,platforms/php/webapps/26559.txt,"Virtual Hosting Control System 2.2/2.4 - Error Message Cross-site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 +26560,platforms/php/webapps/26560.txt,"PmWiki 2.0.x - Search Cross-site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 26561,platforms/php/webapps/26561.txt,"1-2-3 Music Store 1.0 - Process.php SQL Injection",2005-11-23,r0t,php,webapps,0 26562,platforms/php/webapps/26562.txt,"AFFCommerce Shopping Cart 1.1.4 - SubCategory.php cl Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 26563,platforms/php/webapps/26563.txt,"AFFCommerce Shopping Cart 1.1.4 - ItemInfo.php item_id Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 @@ -23687,15 +23687,15 @@ id,file,description,date,author,platform,type,port 26565,platforms/php/webapps/26565.txt,"Tunez 1.21 - songinfo.php song_id Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 26566,platforms/php/webapps/26566.txt,"Tunez 1.21 - search.php searchFor Parameter XSS",2005-11-23,r0t3d3Vil,php,webapps,0 26567,platforms/php/webapps/26567.txt,"WSN Forum 1.21 - Memberlist.php SQL Injection",2005-11-23,r0t,php,webapps,0 -26568,platforms/php/webapps/26568.txt,"OmnistarLive 5.2 - Multiple SQL Injection",2005-11-23,r0t,php,webapps,0 +26568,platforms/php/webapps/26568.txt,"OmnistarLive 5.2 - Multiple SQL Injections",2005-11-23,r0t,php,webapps,0 26569,platforms/php/webapps/26569.txt,"PHP Labs Survey Wizard - SQL Injection",2005-11-23,r0t,php,webapps,0 26570,platforms/php/webapps/26570.txt,"CommodityRentals 2.0 - SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 -26571,platforms/php/webapps/26571.txt,"Ezyhelpdesk 1.0 - Multiple SQL Injection",2005-11-23,r0t,php,webapps,0 -26572,platforms/php/webapps/26572.txt,"blogBuddies 0.3 - index.php u Parameter XSS",2005-11-23,gb.network,php,webapps,0 +26571,platforms/php/webapps/26571.txt,"Ezyhelpdesk 1.0 - Multiple SQL Injections",2005-11-23,r0t,php,webapps,0 +26572,platforms/php/webapps/26572.txt,"blogBuddies 0.3 - 'index.php' u Parameter XSS",2005-11-23,gb.network,php,webapps,0 26573,platforms/php/webapps/26573.txt,"blogBuddies 0.3 - magpie_debug.php url Parameter XSS",2005-11-23,gb.network,php,webapps,0 26574,platforms/php/webapps/26574.txt,"blogBuddies 0.3 - magpie_slashbox.php rss_url Parameter XSS",2005-11-23,gb.network,php,webapps,0 26575,platforms/windows/dos/26575.txt,"MailEnable 1.1/1.7 - IMAP Rename Request Remote Denial of Service",2005-11-23,"Josh Zlatin-Amishav",windows,dos,0 -26576,platforms/php/webapps/26576.txt,"FreeForum 1.0/1.1 - Multiple SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 +26576,platforms/php/webapps/26576.txt,"FreeForum 1.0/1.1 - Multiple SQL Injections",2005-11-23,r0t3d3Vil,php,webapps,0 28085,platforms/windows/local/28085.html,"KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)",2013-09-04,blake,windows,local,0 26578,platforms/windows/dos/26578.py,"Realtek Sound Manager AvRack (.wav) - Crash PoC",2013-07-03,Asesino04,windows,dos,0 26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player - .LST Buffer Overflow",2013-07-03,Metasploit,windows,local,0 @@ -23706,7 +23706,7 @@ id,file,description,date,author,platform,type,port 26584,platforms/php/webapps/26584.txt,"vtiger CRM 4.2 Leads Module - record Parameter XSS",2005-11-24,"Christopher Kunz",php,webapps,0 26585,platforms/php/webapps/26585.txt,"vtiger CRM 4.2 - RSS Aggregation Module Feed XSS",2005-11-24,"Christopher Kunz",php,webapps,0 26586,platforms/php/webapps/26586.txt,"vtiger CRM 4.2 - SQL Injection",2005-11-24,"Christopher Kunz",php,webapps,0 -26587,platforms/php/webapps/26587.txt,"Comdev Vote Caster 3.1 - Index.php SQL Injection",2005-11-24,r0t,php,webapps,0 +26587,platforms/php/webapps/26587.txt,"Comdev Vote Caster 3.1 - 'index.php' SQL Injection",2005-11-24,r0t,php,webapps,0 26588,platforms/php/webapps/26588.txt,"Orca Forum 4.3 - Forum.php SQL Injection",2005-11-24,r0t3d3Vil,php,webapps,0 26589,platforms/php/webapps/26589.txt,"OvBB 0.x - thread.php threadid Parameter SQL Injection",2005-11-24,r0t3d3Vil,php,webapps,0 26590,platforms/php/webapps/26590.txt,"OvBB 0.x - profile.php userid Parameter SQL Injection",2005-11-24,r0t3d3Vil,php,webapps,0 @@ -23714,7 +23714,7 @@ id,file,description,date,author,platform,type,port 26592,platforms/php/webapps/26592.txt,"efiction 1.0/1.1/2.0 - titles.php let Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0 26593,platforms/php/webapps/26593.txt,"efiction 1.0/1.1/2.0 - viewstory.php sid Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0 26594,platforms/php/webapps/26594.txt,"efiction 1.0/1.1/2.0 - viewuser.php uid Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0 -26595,platforms/php/webapps/26595.txt,"IsolSoft Support Center 2.2 - Multiple SQL Injection",2005-11-25,r0t3d3Vil,php,webapps,0 +26595,platforms/php/webapps/26595.txt,"IsolSoft Support Center 2.2 - Multiple SQL Injections",2005-11-25,r0t3d3Vil,php,webapps,0 26596,platforms/php/webapps/26596.txt,"AgileBill 1.4.92 - Product_Cat SQL Injection",2005-11-25,r0t,php,webapps,0 26597,platforms/php/webapps/26597.txt,"PBLang Bulletin Board System 4.65 - Multiple HTML Injection Vulnerabilities",2005-11-26,r0xes,php,webapps,0 26598,platforms/php/webapps/26598.txt,"Athena PHP Website Administration 0.1 - Remote File Inclusion",2005-11-26,[GB],php,webapps,0 @@ -23724,13 +23724,13 @@ id,file,description,date,author,platform,type,port 26602,platforms/php/webapps/26602.txt,"Enterprise Heart Enterprise Connector 1.0.2 - send.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26603,platforms/php/webapps/26603.txt,"Enterprise Heart Enterprise Connector 1.0.2 - messages.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26604,platforms/php/webapps/26604.txt,"Zainu 2.0 - SQL Injection",2005-11-28,r0t,php,webapps,0 -26605,platforms/php/webapps/26605.txt,"Babe Logger 2.0 - index.php gal Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26605,platforms/php/webapps/26605.txt,"Babe Logger 2.0 - 'index.php' gal Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26606,platforms/php/webapps/26606.txt,"Babe Logger 2.0 - comments.php id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26607,platforms/php/webapps/26607.txt,"Top Music Module 3.0 - SQL Injection",2005-11-28,r0t,php,webapps,0 -26608,platforms/php/webapps/26608.txt,"PHPWordPress 3.0 - Multiple SQL Injection",2005-11-28,r0t,php,webapps,0 +26608,platforms/php/webapps/26608.txt,"PHPWordPress 3.0 - Multiple SQL Injections",2005-11-28,r0t,php,webapps,0 26609,platforms/php/webapps/26609.txt,"Bedeng PSP 1.1 - baca.php ckode Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26610,platforms/php/webapps/26610.txt,"Bedeng PSP 1.1 - download.php a.ngroup Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26611,platforms/php/webapps/26611.txt,"Bedeng PSP 1.1 - index.php a.nsub Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26611,platforms/php/webapps/26611.txt,"Bedeng PSP 1.1 - 'index.php' a.nsub Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26612,platforms/php/webapps/26612.txt,"Nelogic Nephp Publisher 4.5.2 - SQL Injection",2005-11-28,r0t,php,webapps,0 26613,platforms/php/webapps/26613.txt,"Softbiz Resource Repository Script - details_res.php sbres_id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26614,platforms/php/webapps/26614.txt,"Softbiz Resource Repository Script - showcats.php sbcat_id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 @@ -23751,9 +23751,9 @@ id,file,description,date,author,platform,type,port 26630,platforms/php/webapps/26630.txt,"ADC2000 NG Pro 1.2 - SQL Injection",2005-11-28,r0t,php,webapps,0 26631,platforms/php/webapps/26631.txt,"Simple Document Management System 2.0 - list.php folder_id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26632,platforms/php/webapps/26632.txt,"Simple Document Management System 2.0 - messages.php mid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26633,platforms/php/webapps/26633.txt,"PDJK-support Suite 1.1 - Multiple SQL Injection",2005-11-28,r0t,php,webapps,0 -26634,platforms/php/webapps/26634.txt,"Randshop - Multiple SQL Injection",2005-11-28,liz0,php,webapps,0 -26635,platforms/php/webapps/26635.txt,"FreeWebStat 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-11-28,"Francesco Ongaro",php,webapps,0 +26633,platforms/php/webapps/26633.txt,"PDJK-support Suite 1.1 - Multiple SQL Injections",2005-11-28,r0t,php,webapps,0 +26634,platforms/php/webapps/26634.txt,"Randshop - Multiple SQL Injections",2005-11-28,liz0,php,webapps,0 +26635,platforms/php/webapps/26635.txt,"FreeWebStat 1.0 - Multiple Cross-site Scripting Vulnerabilities",2005-11-28,"Francesco Ongaro",php,webapps,0 26636,platforms/php/webapps/26636.txt,"PHP Web Statistik 1.4 - Content Injection",2005-11-28,"Francesco Ongaro",php,webapps,0 26637,platforms/php/webapps/26637.txt,"Helpdesk Issue Manager 0.x - issue.php id Parameter SQL Injection",2005-11-28,r0t3d3Vil,php,webapps,0 26638,platforms/php/webapps/26638.txt,"Helpdesk Issue Manager 0.x - find.php Multiple Parameter SQL Injection",2005-11-28,r0t3d3Vil,php,webapps,0 @@ -23762,55 +23762,55 @@ id,file,description,date,author,platform,type,port 26641,platforms/php/webapps/26641.txt,"GuppY 4.5 - dbbatch.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26642,platforms/php/webapps/26642.txt,"GuppY 4.5 - nwlmail.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26643,platforms/php/webapps/26643.txt,"PHP Doc System 1.5.1 - Local File Inclusion",2005-11-28,r0t,php,webapps,0 -26644,platforms/php/webapps/26644.txt,"SearchSolutions 1.2/1.3 - Multiple Products Cross-Site Scripting Vulnerabilities",2005-11-28,r0t,php,webapps,0 +26644,platforms/php/webapps/26644.txt,"SearchSolutions 1.2/1.3 - Multiple Products Cross-site Scripting Vulnerabilities",2005-11-28,r0t,php,webapps,0 26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 - Default.ASP SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 -26646,platforms/php/webapps/26646.txt,"PHP Upload Center - Index.php Directory Traversal",2005-11-29,liz0,php,webapps,0 +26646,platforms/php/webapps/26646.txt,"PHP Upload Center - 'index.php' Directory Traversal",2005-11-29,liz0,php,webapps,0 26647,platforms/php/webapps/26647.txt,"Fantastic Scripts Fantastic News 2.1.1 - News.php SQL Injection",2005-11-29,r0t3d3Vil,php,webapps,0 26648,platforms/linux/dos/26648.c,"Linux Kernel 2.6.x - Time_Out_Leases PrintK Local Denial of Service",2005-11-29,"Avi Kivity",linux,dos,0 -26649,platforms/php/webapps/26649.txt,"DMANews 0.9 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 -26650,platforms/php/webapps/26650.txt,"Entergal MX 2.0 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 -26651,platforms/php/webapps/26651.txt,"BosDates 4.0 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 -26652,platforms/php/webapps/26652.txt,"Post Affiliate Pro 2.0.4 - Index.php SQL Injection",2005-11-29,r0t,php,webapps,0 +26649,platforms/php/webapps/26649.txt,"DMANews 0.9 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 +26650,platforms/php/webapps/26650.txt,"Entergal MX 2.0 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 +26651,platforms/php/webapps/26651.txt,"BosDates 4.0 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 +26652,platforms/php/webapps/26652.txt,"Post Affiliate Pro 2.0.4 - 'index.php' SQL Injection",2005-11-29,r0t,php,webapps,0 26653,platforms/php/webapps/26653.txt,"GhostScripter Amazon Shop 5.0 - Search.php SQL Injection",2005-11-29,r0t,php,webapps,0 -26654,platforms/php/webapps/26654.txt,"KBase Express 1.0 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 +26654,platforms/php/webapps/26654.txt,"KBase Express 1.0 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 26655,platforms/php/webapps/26655.txt,"ltwCalendar 4.1.3 - Calendar.php SQL Injection",2005-11-29,r0t,php,webapps,0 26656,platforms/php/webapps/26656.txt,"Orca Knowledgebase 2.1 - Knowledgebase.php SQL Injection",2005-11-29,r0t,php,webapps,0 26657,platforms/php/webapps/26657.txt,"Orca Blog 1.3 - Blog.php SQL Injection",2005-11-29,r0t,php,webapps,0 26658,platforms/php/webapps/26658.txt,"Orca Ringmaker 2.3 - Ringmaker.php SQL Injection",2005-11-29,r0t,php,webapps,0 26659,platforms/php/webapps/26659.txt,"FAQ System 1.1 - viewFAQ.php Multiple Parameter SQL Injection",2005-11-29,r0t,php,webapps,0 -26660,platforms/php/webapps/26660.txt,"FAQ System 1.1 - index.php CATEGORY_ID Parameter SQL Injection",2005-11-29,r0t,php,webapps,0 +26660,platforms/php/webapps/26660.txt,"FAQ System 1.1 - 'index.php' CATEGORY_ID Parameter SQL Injection",2005-11-29,r0t,php,webapps,0 26661,platforms/php/webapps/26661.txt,"Survey System 1.1 - Survey.php SQL Injection",2005-11-29,r0t,php,webapps,0 26662,platforms/php/webapps/26662.php,"N-13 News 1.2 - SQL Injection",2005-11-29,KingOfSka,php,webapps,0 -26663,platforms/php/webapps/26663.txt,"DRZES Hms 3.2 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 +26663,platforms/php/webapps/26663.txt,"DRZES Hms 3.2 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 26664,platforms/hardware/webapps/26664.txt,"Multiple D-Link Devices - OS-Command Injection via UPnP Interface",2013-07-07,m-1-k-3,hardware,webapps,0 26665,platforms/windows/dos/26665.pl,"pcAnywhere 8.0/9.0/11.x - Authentication Denial of Service",2006-01-17,"David Maciejak",windows,dos,0 26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0 -26667,platforms/php/webapps/26667.txt,"SocketKB 1.1 - Index.php SQL Injection",2005-11-30,r0t,php,webapps,0 +26667,platforms/php/webapps/26667.txt,"SocketKB 1.1 - 'index.php' SQL Injection",2005-11-30,r0t,php,webapps,0 26668,platforms/php/webapps/26668.txt,"PHPAlbum 0.2.3/4.1 - Local File Inclusion",2005-11-30,r0t3d3Vil,php,webapps,0 26669,platforms/php/webapps/26669.txt,"SoftBiz B2B trading Marketplace Script 1.1 - selloffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26670,platforms/php/webapps/26670.txt,"SoftBiz B2B trading Marketplace Script 1.1 - buyoffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26671,platforms/php/webapps/26671.txt,"SoftBiz B2B trading Marketplace Script 1.1 - products.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26672,platforms/php/webapps/26672.txt,"SoftBiz B2B trading Marketplace Script 1.1 - profiles.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26673,platforms/php/webapps/26673.txt,"SoftBiz FAQ 1.1 - index.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26673,platforms/php/webapps/26673.txt,"SoftBiz FAQ 1.1 - 'index.php' cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26674,platforms/php/webapps/26674.txt,"SoftBiz FAQ 1.1 - faq_qanda.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26675,platforms/php/webapps/26675.txt,"SoftBiz FAQ 1.1 - refer_friend.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26676,platforms/php/webapps/26676.txt,"SoftBiz FAQ 1.1 - print_article.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26677,platforms/php/webapps/26677.txt,"SoftBiz FAQ 1.1 - add_comment.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26678,platforms/php/webapps/26678.txt,"FAQRing 3.0 - Answer.php SQL Injection",2005-11-30,r0t,php,webapps,0 -26679,platforms/php/webapps/26679.txt,"WSN Knowledge Base 1.2 - index.php Multiple Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26679,platforms/php/webapps/26679.txt,"WSN Knowledge Base 1.2 - 'index.php' Multiple Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26680,platforms/php/webapps/26680.txt,"WSN Knowledge Base 1.2 - comments.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26681,platforms/php/webapps/26681.txt,"WSN Knowledge Base 1.2 - memberlist.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26682,platforms/php/webapps/26682.txt,"OpenNetAdmin 13.03.01 - Remote Code Execution",2013-07-07,Mandat0ry,php,webapps,0 26683,platforms/php/webapps/26683.txt,"O-Kiraku Nikki 1.3 - Nikki.php SQL Injection",2005-11-30,r0t,php,webapps,0 -26684,platforms/php/webapps/26684.txt,"88Scripts Event Calendar 2.0 - Index.php SQL Injection",2005-11-30,r0t,php,webapps,0 +26684,platforms/php/webapps/26684.txt,"88Scripts Event Calendar 2.0 - 'index.php' SQL Injection",2005-11-30,r0t,php,webapps,0 26685,platforms/php/webapps/26685.txt,"Instant Photo Gallery 1.0 - portfolio.php cat_id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26686,platforms/php/webapps/26686.txt,"Instant Photo Gallery 1.0 - content.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26687,platforms/php/webapps/26687.txt,"WebCalendar 1.0.1 - Multiple SQL Injection",2005-12-01,lwang,php,webapps,0 +26687,platforms/php/webapps/26687.txt,"WebCalendar 1.0.1 - Multiple SQL Injections",2005-12-01,lwang,php,webapps,0 26688,platforms/php/webapps/26688.php,"Lore 1.5.4/1.5.6 - 'article.php' SQL Injection",2005-12-01,r0t,php,webapps,0 26689,platforms/php/webapps/26689.txt,"DotClear 1.2.1/1.2.2 - Session.php SQL Injection",2005-12-01,Siegfried,php,webapps,0 26690,platforms/windows/dos/26690.c,"Microsoft Windows 2000/2003/XP - CreateRemoteThread Local Denial of Service",2005-12-01,"Nima Salehi",windows,dos,0 26691,platforms/php/webapps/26691.txt,"WebCalendar 1.0.1 - Layers_Toggle.php HTTP Response Splitting",2005-12-01,lwang,php,webapps,0 -26692,platforms/php/webapps/26692.txt,"Extreme Corporate 6.0 - Extremesearch.php Cross-Site Scripting",2005-12-01,r0t,php,webapps,0 +26692,platforms/php/webapps/26692.txt,"Extreme Corporate 6.0 - Extremesearch.php Cross-site Scripting",2005-12-01,r0t,php,webapps,0 26693,platforms/php/webapps/26693.txt,"Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection",2005-12-01,"David Maciejak",php,webapps,0 26694,platforms/php/webapps/26694.txt,"phpMyChat 0.14.6 - start_page.css.php medium Parameter XSS",2005-12-01,"Louis Wang",php,webapps,0 26695,platforms/php/webapps/26695.txt,"phpMyChat 0.14.6 - style.css.php medium Parameter XSS",2005-12-01,"Louis Wang",php,webapps,0 @@ -23818,62 +23818,62 @@ id,file,description,date,author,platform,type,port 26697,platforms/php/webapps/26697.php,"PHPX 3.5.x - Admin Login.php SQL Injection",2005-11-30,rgod,php,webapps,0 26698,platforms/php/webapps/26698.txt,"NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 - gallery.php CatID Parameter SQL Injection",2005-12-02,r0t,php,webapps,0 26699,platforms/php/webapps/26699.txt,"NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 - ViewItem.php ItemNum Parameter SQL Injection",2005-12-02,r0t,php,webapps,0 -26700,platforms/jsp/webapps/26700.txt,"Java Search Engine 0.9.34 - Search.JSP Cross-Site Scripting",2005-12-02,r0t,jsp,webapps,0 +26700,platforms/jsp/webapps/26700.txt,"Java Search Engine 0.9.34 - Search.JSP Cross-site Scripting",2005-12-02,r0t,jsp,webapps,0 26701,platforms/asp/webapps/26701.txt,"ASPS Shopping Cart Lite 2.1/Professional 2.9 d - adv_search.asp srch_product_name Parameter XSS",2005-12-03,r0t3d3Vil,asp,webapps,0 26702,platforms/asp/webapps/26702.txt,"ASPS Shopping Cart Lite 2.1/Professional 2.9 d - bsearch.asp b_search Parameter XSS",2005-12-03,r0t3d3Vil,asp,webapps,0 26703,platforms/windows/local/26703.py,"Adobe Reader X 10.1.4.38 - BMP/RLE Heap Corruption",2013-07-08,feliam,windows,local,0 -26704,platforms/asp/webapps/26704.txt,"Solupress News 1.0 - Search.ASP Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 -26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 - Archive.ASP Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 +26704,platforms/asp/webapps/26704.txt,"Solupress News 1.0 - Search.ASP Cross-site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 +26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 - Archive.ASP Cross-site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26706,platforms/php/webapps/26706.txt,"PHP-Fusion 6.0.109 - Messages.php SQL Injection",2005-12-03,"Nolan West",php,webapps,0 -26707,platforms/php/webapps/26707.txt,"Alisveristr E-commerce Login - Multiple SQL Injection",2005-12-03,B3g0k,php,webapps,0 +26707,platforms/php/webapps/26707.txt,"Alisveristr E-commerce Login - Multiple SQL Injections",2005-12-03,B3g0k,php,webapps,0 26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 - ERS File Handling Buffer Overflow",2013-07-09,Metasploit,windows,local,0 26709,platforms/lin_x86/local/26709.txt,"Solaris Recommended Patch Cluster 6/19 - Local Root on x86",2013-07-09,"Larry W. Cashdollar",lin_x86,local,0 26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10 / 2.6.7 / 2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0 26713,platforms/php/webapps/26713.txt,"phpYellowTM 5.33 - search_result.php haystack Parameter SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 26714,platforms/php/webapps/26714.txt,"phpYellowTM 5.33 - print_me.php ckey Parameter SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 26715,platforms/php/webapps/26715.txt,"Widget Property 1.1.19 - Property.php SQL Injection",2005-11-05,r0t3d3Vil,php,webapps,0 -26716,platforms/cgi/webapps/26716.txt,"Easy Search System 1.1 - Search.cgi Cross-Site Scripting",2005-12-05,r0t,cgi,webapps,0 +26716,platforms/cgi/webapps/26716.txt,"Easy Search System 1.1 - Search.cgi Cross-site Scripting",2005-12-05,r0t,cgi,webapps,0 26717,platforms/php/webapps/26717.txt,"Web4Future eCommerce Enterprise Edition 2.1 - view.php Multiple Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 -26718,platforms/php/webapps/26718.txt,"Web4Future eCommerce Enterprise Edition 2.1 - index.php Multiple Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 +26718,platforms/php/webapps/26718.txt,"Web4Future eCommerce Enterprise Edition 2.1 - 'index.php' Multiple Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 26719,platforms/php/webapps/26719.txt,"Web4Future eCommerce Enterprise Edition 2.1 - viewbrands.php bid Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 26720,platforms/php/webapps/26720.txt,"SAMEDIA LandShop 0.6.3 - ls.php Multiple Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 -26721,platforms/cgi/webapps/26721.txt,"1-Script 1-Search 1.8 - 1search.CGI Cross-Site Scripting",2005-12-05,r0t,cgi,webapps,0 -26722,platforms/php/webapps/26722.txt,"Hobosworld HobSR - Multiple SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 +26721,platforms/cgi/webapps/26721.txt,"1-Script 1-Search 1.8 - 1search.CGI Cross-site Scripting",2005-12-05,r0t,cgi,webapps,0 +26722,platforms/php/webapps/26722.txt,"Hobosworld HobSR - Multiple SQL Injections",2005-12-05,r0t3d3Vil,php,webapps,0 26723,platforms/php/webapps/26723.txt,"Relative Real Estate Systems 1.2 - SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 -26724,platforms/php/webapps/26724.txt,"Web4Future eDating Professional 5.0 - index.php Multiple Parameter SQL Injection",2005-12-05,r0t,php,webapps,0 +26724,platforms/php/webapps/26724.txt,"Web4Future eDating Professional 5.0 - 'index.php' Multiple Parameter SQL Injection",2005-12-05,r0t,php,webapps,0 26725,platforms/php/webapps/26725.txt,"Web4Future eDating Professional 5.0 - gift.php cid Parameter SQL Injection",2005-12-05,r0t,php,webapps,0 26726,platforms/php/webapps/26726.txt,"Web4Future eDating Professional 5.0 - articles.php cat Parameter SQL Injection",2005-12-05,r0t,php,webapps,0 26727,platforms/php/webapps/26727.txt,"Web4Future eDating Professional 5.0 - fq.php cid Parameter SQL Injection",2005-12-05,r0t,php,webapps,0 26728,platforms/php/webapps/26728.txt,"Web4Future Portal Solutions - Comentarii.php SQL Injection",2005-12-05,r0t,php,webapps,0 26729,platforms/php/webapps/26729.txt,"Web4Future Affiliate Manager PRO 4.1 - Functions.php SQL Injection",2005-12-05,r0t,php,webapps,0 26730,platforms/php/webapps/26730.txt,"Web4Future Portal Solutions - Arhiva.php Directory Traversal",2005-12-05,r0t,php,webapps,0 -26731,platforms/php/webapps/26731.txt,"Blog System 1.2 - index.php cat Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 +26731,platforms/php/webapps/26731.txt,"Blog System 1.2 - 'index.php' cat Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 26732,platforms/php/webapps/26732.txt,"Edgewall Software Trac 0.7.1/0.8/0.9 - Search Module SQL Injection",2005-12-05,anonymous,php,webapps,0 -26733,platforms/windows/dos/26733.py,"Jolix Media Player 1.1.0 - (.m3u) Denial of Service",2013-07-10,IndonesiaGokilTeam,windows,dos,0 -26734,platforms/php/webapps/26734.txt,"vBulletin Advanced User Tagging Mod - Stored XSS",2013-07-10,[]0iZy5,php,webapps,0 -26735,platforms/php/webapps/26735.txt,"vBulletin vBShout Mod - Stored XSS",2013-07-10,[]0iZy5,php,webapps,0 +26733,platforms/windows/dos/26733.py,"Jolix Media Player 1.1.0 - '.m3u' Denial of Service",2013-07-10,IndonesiaGokilTeam,windows,dos,0 +26734,platforms/php/webapps/26734.txt,"vBulletin Advanced User Tagging Mod - Persistent Cross-site Scripting",2013-07-10,[]0iZy5,php,webapps,0 +26735,platforms/php/webapps/26735.txt,"vBulletin vBShout Mod - Persistent Cross-site Scripting",2013-07-10,[]0iZy5,php,webapps,0 26736,platforms/hardware/webapps/26736.txt,"Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities",2013-07-10,"Kyle Lovett",hardware,webapps,0 26737,platforms/linux/remote/26737.pl,"nginx 1.3.9/1.4.0 x86 - Brute Force Remote Exploit",2013-07-11,kingcope,linux,remote,0 26739,platforms/windows/remote/26739.py,"Ultra Mini HTTPD 1.21 - Stack Buffer Overflow",2013-07-11,superkojiman,windows,remote,80 -27634,platforms/php/webapps/27634.txt,"PatroNet CMS - Index.php Cross-Site Scripting",2006-04-12,Soothackers,php,webapps,0 +27634,platforms/php/webapps/27634.txt,"PatroNet CMS - 'index.php' Cross-site Scripting",2006-04-12,Soothackers,php,webapps,0 26741,platforms/linux/remote/26741.pl,"Horde IMP 2.2.x/3.2.x/4.0.x - Email Attachments HTML Injection",2005-12-06,"SEC Consult",linux,remote,0 -26742,platforms/asp/webapps/26742.txt,"DuWare DuPortalPro 3.4.3 - Password.ASP Cross-Site Scripting",2005-12-06,Dj_Eyes,asp,webapps,0 -26743,platforms/asp/webapps/26743.txt,"IISWorks ASPKnowledgeBase 2.0 - KB.ASP Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 -26744,platforms/asp/webapps/26744.txt,"NetauctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-06,r0t,asp,webapps,0 -26745,platforms/asp/webapps/26745.txt,"RWAuction Pro 4.0 - Search.ASP Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 +26742,platforms/asp/webapps/26742.txt,"DuWare DuPortalPro 3.4.3 - Password.ASP Cross-site Scripting",2005-12-06,Dj_Eyes,asp,webapps,0 +26743,platforms/asp/webapps/26743.txt,"IISWorks ASPKnowledgeBase 2.0 - KB.ASP Cross-site Scripting",2005-12-06,r0t,asp,webapps,0 +26744,platforms/asp/webapps/26744.txt,"NetauctionHelp 3.0 - Multiple Cross-site Scripting Vulnerabilities",2005-12-06,r0t,asp,webapps,0 +26745,platforms/asp/webapps/26745.txt,"RWAuction Pro 4.0 - Search.ASP Cross-site Scripting",2005-12-06,r0t,asp,webapps,0 26746,platforms/asp/webapps/26746.txt,"A-FAQ 1.0 - faqDspItem.asp faqid Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 26747,platforms/asp/webapps/26747.txt,"A-FAQ 1.0 - faqDsp.asp catcode Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 26748,platforms/php/webapps/26748.txt,"DoceboLms 2.0.x - Connector.php Directory Traversal",2005-12-06,rgod,php,webapps,0 26749,platforms/linux/dos/26749.c,"Linux Kernel 2.6.x - File Lock Lease Local Denial of Service",2005-12-29,"J. Bruce Fields",linux,dos,0 -26750,platforms/php/webapps/26750.txt,"PluggedOut Blog 1.9.x - Index.php Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 -26751,platforms/php/webapps/26751.txt,"Cars Portal 1.1 - Index.php Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 +26750,platforms/php/webapps/26750.txt,"PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 +26751,platforms/php/webapps/26751.txt,"Cars Portal 1.1 - 'index.php' Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 26752,platforms/windows/local/26752.s,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (1)",2005-12-06,Endrazine,windows,local,0 26753,platforms/unix/local/26753.c,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (2)",2005-12-06,Endrazine,unix,local,0 26754,platforms/hardware/dos/26754.txt,"Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass",2005-12-07,"Viktor Steinmann",hardware,dos,0 26755,platforms/php/webapps/26755.txt,"Thwboard Beta 2.8 - calendar.php year Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 26756,platforms/php/webapps/26756.txt,"Thwboard Beta 2.8 - v_profile.php user Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 26757,platforms/php/webapps/26757.txt,"Thwboard Beta 2.8 - misc.php userid Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 -26758,platforms/php/webapps/26758.txt,"DRZES Hms 3.2 - Login.php Cross-Site Scripting",2005-12-07,Vipsta,php,webapps,0 +26758,platforms/php/webapps/26758.txt,"DRZES Hms 3.2 - Login.php Cross-site Scripting",2005-12-07,Vipsta,php,webapps,0 26759,platforms/asp/webapps/26759.txt,"ASPMForum - forum.asp baslik Parameter SQL Injection",2005-12-07,dj_eyes2005,asp,webapps,0 26760,platforms/asp/webapps/26760.txt,"ASPMForum - kullanicilistesi.asp harf Parameter SQL Injection",2005-12-07,dj_eyes2005,asp,webapps,0 26761,platforms/cgi/webapps/26761.txt,"Dell TrueMobile 2300 - Remote Credential Reset",2005-12-07,TNull,cgi,webapps,0 @@ -23882,12 +23882,12 @@ id,file,description,date,author,platform,type,port 26764,platforms/cfm/webapps/26764.txt,"Magic Forum Personal - view_forum.cfm ForumID Parameter SQL Injection",2005-12-08,r0t,cfm,webapps,0 26765,platforms/cfm/webapps/26765.txt,"Magic Forum Personal - view_thread.cfm Multiple Parameter SQL Injection",2005-12-08,r0t,cfm,webapps,0 26766,platforms/cfm/webapps/26766.txt,"CF_Nuke 4.6 - Index.CFM Local File Inclusion",2005-12-08,r0t,cfm,webapps,0 -26767,platforms/cfm/webapps/26767.txt,"CF_Nuke 4.6 - Index.CFM Cross-Site Scripting",2005-12-08,r0t,cfm,webapps,0 -26768,platforms/cgi/remote/26768.txt,"ACME Perl-Cal 2.99 - Cal_make.PL Cross-Site Scripting",2005-12-08,$um$id,cgi,remote,0 +26767,platforms/cfm/webapps/26767.txt,"CF_Nuke 4.6 - Index.CFM Cross-site Scripting",2005-12-08,r0t,cfm,webapps,0 +26768,platforms/cgi/remote/26768.txt,"ACME Perl-Cal 2.99 - Cal_make.PL Cross-site Scripting",2005-12-08,$um$id,cgi,remote,0 26769,platforms/windows/dos/26769.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption",2005-12-08,fearwall,windows,dos,0 -26770,platforms/php/webapps/26770.txt,"MilliScripts 1.4 - Register.php Cross-Site Scripting",2005-12-08,"Security Nation",php,webapps,0 +26770,platforms/php/webapps/26770.txt,"MilliScripts 1.4 - Register.php Cross-site Scripting",2005-12-08,"Security Nation",php,webapps,0 26771,platforms/cgi/webapps/26771.txt,"Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation",2005-12-08,"Daniel Fabian",cgi,webapps,0 -26772,platforms/cfm/webapps/26772.txt,"Magic Book Professional 2.0 - Book.CFM Cross-Site Scripting",2005-12-12,r0t,cfm,webapps,0 +26772,platforms/cfm/webapps/26772.txt,"Magic Book Professional 2.0 - Book.CFM Cross-site Scripting",2005-12-12,r0t,cfm,webapps,0 26773,platforms/windows/remote/26773.txt,"LogiSphere 0.9.9 j - viewsource.jsp source Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26774,platforms/windows/remote/26774.txt,"LogiSphere 0.9.9 j - Search URL NS-query-pat Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26775,platforms/windows/remote/26775.txt,"LogiSphere 0.9.9 j - URI Multiple Method Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 @@ -23901,19 +23901,19 @@ id,file,description,date,author,platform,type,port 26783,platforms/php/webapps/26783.txt,"Scout Portal Toolkit 1.3.1 - SPT-UserLogin.php Multiple Parameter SQL Injection",2005-12-12,Preddy,php,webapps,0 26784,platforms/php/webapps/26784.txt,"BTGrup Admin WebController - SQL Injection",2005-12-12,khc@bsdmail.org,php,webapps,0 26785,platforms/php/webapps/26785.txt,"Arab Portal 2.0 - Link.php SQL Injection",2005-12-12,stranger-killer,php,webapps,0 -26786,platforms/cgi/webapps/26786.txt,"EveryAuction 1.53 - Auction.PL Cross-Site Scripting",2005-12-13,$um$id,cgi,webapps,0 +26786,platforms/cgi/webapps/26786.txt,"EveryAuction 1.53 - Auction.PL Cross-site Scripting",2005-12-13,$um$id,cgi,webapps,0 26787,platforms/php/webapps/26787.txt,"phpCOIN 1.2.2 - CCFG[_PKG_PATH_DBSE] Remote File Inclusion",2005-12-13,retrogod@aliceposta.it,php,webapps,0 26788,platforms/php/webapps/26788.txt,"phpCOIN 1.2.2 - includes/db.php $_CCFG[_PKG_PATH_DBSE] Parameter Traversal Arbitrary File Access",2005-12-13,retrogod@aliceposta.it,php,webapps,0 26789,platforms/php/webapps/26789.txt,"EncapsGallery 1.0 - Gallery.php SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26790,platforms/php/webapps/26790.txt,"PhpWebGallery 1.3.4/1.5.1 - comments.php Multiple Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26791,platforms/php/webapps/26791.txt,"PhpWebGallery 1.3.4/1.5.1 - category.php search Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26792,platforms/php/webapps/26792.txt,"PhpWebGallery 1.3.4/1.5.1 - picture.php image_id Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 -26793,platforms/php/webapps/26793.txt,"Plogger Beta 2 - index.php id Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 -26794,platforms/php/webapps/26794.txt,"Plogger Beta 2 - index.php Multiple Parameter XSS",2005-12-13,r0t,php,webapps,0 +26793,platforms/php/webapps/26793.txt,"Plogger Beta 2 - 'index.php' id Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 +26794,platforms/php/webapps/26794.txt,"Plogger Beta 2 - 'index.php' Multiple Parameter XSS",2005-12-13,r0t,php,webapps,0 26795,platforms/php/webapps/26795.txt,"VCD-db 0.9x - search.php by Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26796,platforms/php/webapps/26796.txt,"VCD-db 0.9x Search Module - batch Parameter XSS",2005-12-13,r0t3d3Vil,php,webapps,0 -26797,platforms/php/webapps/26797.txt,"PHP JackKnife 2.21 - Cross-Site Scripting",2005-12-13,r0t3d3Vil,php,webapps,0 -26798,platforms/php/webapps/26798.txt,"Mantis 0.x/1.0 - View_filters_page.php Cross-Site Scripting",2005-12-13,r0t,php,webapps,0 +26797,platforms/php/webapps/26797.txt,"PHP JackKnife 2.21 - Cross-site Scripting",2005-12-13,r0t3d3Vil,php,webapps,0 +26798,platforms/php/webapps/26798.txt,"Mantis 0.x/1.0 - View_filters_page.php Cross-site Scripting",2005-12-13,r0t,php,webapps,0 26799,platforms/php/webapps/26799.txt,"Snipe Gallery 3.1.4 - view.php gallery_id Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 26800,platforms/php/webapps/26800.txt,"Snipe Gallery 3.1.4 - image.php image_id Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 26801,platforms/php/webapps/26801.txt,"Snipe Gallery 3.1.4 - search.php keyword Parameter XSS",2005-12-13,r0t,php,webapps,0 @@ -23923,49 +23923,49 @@ id,file,description,date,author,platform,type,port 26805,platforms/windows/local/26805.rb,"Corel PDF Fusion - Stack Buffer Overflow",2013-07-13,Metasploit,windows,local,0 26806,platforms/asp/webapps/26806.txt,"BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",asp,webapps,0 26807,platforms/windows/webapps/26807.txt,"McAfee ePO 4.6.6 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",windows,webapps,0 -26808,platforms/php/webapps/26808.txt,"McGallery 1.0/1.1/2.2 - index.php language Parameter Traversal Local File Inclusion",2005-12-13,r0t,php,webapps,0 +26808,platforms/php/webapps/26808.txt,"McGallery 1.0/1.1/2.2 - 'index.php' language Parameter Traversal Local File Inclusion",2005-12-13,r0t,php,webapps,0 26809,platforms/php/webapps/26809.txt,"McGallery 1.0/1.1/2.2 - show.php Multiple Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 -26810,platforms/php/webapps/26810.txt,"McGallery 1.0/1.1/2.2 - index.php album Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 +26810,platforms/php/webapps/26810.txt,"McGallery 1.0/1.1/2.2 - 'index.php' album Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 26811,platforms/linux/dos/26811.c,"Linux Kernel 2.6.x - INVALIDATE_INODE_PAGES2 Local Integer Overflow",2005-12-13,"Oleg Drokin",linux,dos,0 26812,platforms/php/webapps/26812.txt,"PHP Web Scripts Ad Manager Pro 2.0 - Advertiser_statistic.php SQL Injection",2005-12-14,r0t3d3Vil,php,webapps,0 -26813,platforms/php/webapps/26813.txt,"Jamit Job Board 2.4.1 - Index.php SQL Injection",2005-12-14,r0t3d3Vil,php,webapps,0 +26813,platforms/php/webapps/26813.txt,"Jamit Job Board 2.4.1 - 'index.php' SQL Injection",2005-12-14,r0t3d3Vil,php,webapps,0 26814,platforms/php/webapps/26814.txt,"DreamLevels Dream Poll 3.0 - View_Results.php SQL Injection",2005-12-14,r0t3d3Vil,php,webapps,0 -26815,platforms/php/webapps/26815.txt,"CourseForum Technologies ProjectForum 4.7 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-14,r0t3d3Vil,php,webapps,0 +26815,platforms/php/webapps/26815.txt,"CourseForum Technologies ProjectForum 4.7 - Multiple Cross-site Scripting Vulnerabilities",2005-12-14,r0t3d3Vil,php,webapps,0 26816,platforms/windows/dos/26816.pl,"AppServ Open Project 2.5.3 - Remote Denial of Service",2005-12-14,Rozor,windows,dos,0 26817,platforms/php/webapps/26817.txt,"PHP-Nuke 7.x - Content Filtering Byapss",2005-12-14,"Maksymilian Arciemowicz",php,webapps,0 26818,platforms/php/webapps/26818.txt,"News Module for Envolution - modules.php Multiple Parameter XSS",2005-12-14,X1ngBox,php,webapps,0 26819,platforms/php/webapps/26819.txt,"News Module for Envolution - modules.php Multiple Parameter SQL Injection",2005-12-14,X1ngBox,php,webapps,0 -26820,platforms/asp/webapps/26820.txt,"ASP-DEV XM Forum - Forum.ASP Cross-Site Scripting",2005-12-14,Dj_Eyes,asp,webapps,0 +26820,platforms/asp/webapps/26820.txt,"ASP-DEV XM Forum - Forum.ASP Cross-site Scripting",2005-12-14,Dj_Eyes,asp,webapps,0 26821,platforms/asp/webapps/26821.txt,"ASPBB 0.4 - topic.asp TID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 26822,platforms/asp/webapps/26822.txt,"ASPBB 0.4 - forum.asp FORUM_ID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 26823,platforms/asp/webapps/26823.txt,"ASPBB 0.4 - profile.asp PROFILE_ID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 -26824,platforms/php/webapps/26824.txt,"WikkaWiki 1.1.6 - TextSearch.php Cross-Site Scripting",2005-12-14,r0t,php,webapps,0 +26824,platforms/php/webapps/26824.txt,"WikkaWiki 1.1.6 - TextSearch.php Cross-site Scripting",2005-12-14,r0t,php,webapps,0 26825,platforms/hardware/dos/26825.txt,"Multiple Linksys Routers - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 -26826,platforms/php/webapps/26826.txt,"Netref 3.0 - Index.php SQL Injection",2005-12-14,syst3m_f4ult,php,webapps,0 +26826,platforms/php/webapps/26826.txt,"Netref 3.0 - 'index.php' SQL Injection",2005-12-14,syst3m_f4ult,php,webapps,0 26831,platforms/php/webapps/26831.txt,"QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26832,platforms/php/webapps/26832.txt,"QuickPayPro 3.1 - sales.view.php customerid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26833,platforms/hardware/dos/26833.txt,"Multiple Unspecified Cisco Catalyst Switches - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26834,platforms/hardware/dos/26834.txt,"Westell Versalink 327W - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26835,platforms/hardware/dos/26835.txt,"Scientific Atlanta DPX2100 Cable Modem - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 -26836,platforms/php/webapps/26836.txt,"Limbo CMS 1.0.4.2 - index.php _SERVER[REMOTE_ADDR] Parameter XSS",2005-12-14,rgod,php,webapps,0 +26836,platforms/php/webapps/26836.txt,"Limbo CMS 1.0.4.2 - 'index.php' _SERVER[REMOTE_ADDR] Parameter XSS",2005-12-14,rgod,php,webapps,0 26837,platforms/php/webapps/26837.txt,"Limbo CMS 1.0.4.2 - index2.php option Parameter Traversal Arbitrary File Access",2005-12-14,rgod,php,webapps,0 -26838,platforms/php/webapps/26838.txt,"MarmaraWeb E-commerce - index.php page Parameter XSS",2005-12-15,B3g0k,php,webapps,0 -26839,platforms/php/webapps/26839.txt,"TML 0.5 - index.php form Parameter XSS",2005-12-15,X1ngBox,php,webapps,0 -26840,platforms/php/webapps/26840.txt,"TML 0.5 - index.php id Parameter SQL Injection",2005-12-15,X1ngBox,php,webapps,0 +26838,platforms/php/webapps/26838.txt,"MarmaraWeb E-commerce - 'index.php' page Parameter XSS",2005-12-15,B3g0k,php,webapps,0 +26839,platforms/php/webapps/26839.txt,"TML 0.5 - 'index.php' form Parameter XSS",2005-12-15,X1ngBox,php,webapps,0 +26840,platforms/php/webapps/26840.txt,"TML 0.5 - 'index.php' id Parameter SQL Injection",2005-12-15,X1ngBox,php,webapps,0 26841,platforms/php/webapps/26841.txt,"MarmaraWeb E-Commerce - Remote File Inclusion",2005-12-15,B3g0k,php,webapps,0 26842,platforms/cgi/webapps/26842.txt,"Sitenet BBS 2.0 - netboardr.cgi Multiple Parameter XSS",2005-12-15,r0t3d3Vil,cgi,webapps,0 26843,platforms/cgi/webapps/26843.txt,"Sitenet BBS 2.0 - search.cgi cid Parameter XSS",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26844,platforms/php/webapps/26844.txt,"DCForum 1-6 DCBoard Script - Page Parameter Cross-Site Scripting",2005-12-15,r0t3d3Vil,php,webapps,0 -26845,platforms/cgi/webapps/26845.txt,"Atlant Pro 8.0.9 - Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26846,platforms/cgi/webapps/26846.txt,"AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26847,platforms/cgi/webapps/26847.txt,"eDatCat 3.0 - EDCstore.PL Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26848,platforms/cgi/webapps/26848.txt,"Soft4e ECW-Cart 2.0.3 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26849,platforms/cgi/webapps/26849.txt,"ECTOOLS Onlineshop 1.0 - Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26850,platforms/cgi/webapps/26850.txt,"PPCal Shopping Cart 3.3 - Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26851,platforms/cgi/webapps/26851.txt,"Kryptronic ClickCartPro 5.1/5.2 - CP-APP.CGI Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26852,platforms/cgi/webapps/26852.txt,"Dick Copits PDEstore 1.8 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26853,platforms/php/webapps/26853.txt,"ezDatabase 2.1.2 - index.php p Parameter Local File Inclusion",2005-12-16,r0t3d3Vil,php,webapps,0 -26854,platforms/php/webapps/26854.txt,"ezDatabase 2.1.2 - index.php db_id Parameter SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 +26844,platforms/php/webapps/26844.txt,"DCForum 1-6 DCBoard Script - Page Parameter Cross-site Scripting",2005-12-15,r0t3d3Vil,php,webapps,0 +26845,platforms/cgi/webapps/26845.txt,"Atlant Pro 8.0.9 - Cross-site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26846,platforms/cgi/webapps/26846.txt,"AltantForum 4.0.2 - Multiple Cross-site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26847,platforms/cgi/webapps/26847.txt,"eDatCat 3.0 - EDCstore.PL Cross-site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26848,platforms/cgi/webapps/26848.txt,"Soft4e ECW-Cart 2.0.3 - Multiple Cross-site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26849,platforms/cgi/webapps/26849.txt,"ECTOOLS Onlineshop 1.0 - Cross-site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26850,platforms/cgi/webapps/26850.txt,"PPCal Shopping Cart 3.3 - Cross-site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26851,platforms/cgi/webapps/26851.txt,"Kryptronic ClickCartPro 5.1/5.2 - CP-APP.CGI Cross-site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26852,platforms/cgi/webapps/26852.txt,"Dick Copits PDEstore 1.8 - Multiple Cross-site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 +26853,platforms/php/webapps/26853.txt,"ezDatabase 2.1.2 - 'index.php' p Parameter Local File Inclusion",2005-12-16,r0t3d3Vil,php,webapps,0 +26854,platforms/php/webapps/26854.txt,"ezDatabase 2.1.2 - 'index.php' db_id Parameter SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26855,platforms/php/webapps/26855.txt,"IHTML Merchant Mall - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26856,platforms/php/webapps/26856.txt,"IHTML Merchant 2.0 - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26857,platforms/php/webapps/26857.txt,"PHP Arena PAFileDB Extreme Edition - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 @@ -23975,28 +23975,28 @@ id,file,description,date,author,platform,type,port 26861,platforms/cgi/webapps/26861.txt,"ScareCrow 2.13 - forum.cgi forum Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 26862,platforms/cgi/webapps/26862.txt,"ScareCrow 2.13 - profile.cgi user Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 26863,platforms/cgi/webapps/26863.txt,"ScareCrow 2.13 - post.cgi forum Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 -26864,platforms/cgi/webapps/26864.txt,"WebGlimpse 2.x - Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 +26864,platforms/cgi/webapps/26864.txt,"WebGlimpse 2.x - Cross-site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 26865,platforms/cgi/webapps/26865.txt,"WebCal 3.0 4 - webcal.cgi Multiple Parameter XSS",2005-12-16,"Stan Bubrouski",cgi,webapps,0 26866,platforms/php/webapps/26866.txt,"Round Cube Webmail 0.1 -20051021 - Path Disclosure Weakness",2005-12-17,king_purba,php,webapps,0 -26867,platforms/php/webapps/26867.txt,"PHP Fusebox 3.0 - Index.php Cross-Site Scripting",2005-12-19,"bogel and lukman",php,webapps,0 +26867,platforms/php/webapps/26867.txt,"PHP Fusebox 3.0 - 'index.php' Cross-site Scripting",2005-12-19,"bogel and lukman",php,webapps,0 26868,platforms/php/webapps/26868.txt,"JPortal 2.2.1/2.3 Forum - Forum.php SQL Injection",2005-12-19,Zbigniew,php,webapps,0 26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities",2005-12-19,ad@heapoverflow.com,windows,dos,0 -26870,platforms/php/webapps/26870.txt,"Advanced Guestbook 2.x - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0 -26871,platforms/php/webapps/26871.txt,"PlaySms - Index.php Cross-Site Scripting",2005-12-19,mohajali2k4,php,webapps,0 -26872,platforms/php/webapps/26872.txt,"PHP-Fusion 6.0 - Members.php Cross-Site Scripting",2005-12-19,krasza,php,webapps,0 +26870,platforms/php/webapps/26870.txt,"Advanced Guestbook 2.x - Multiple Cross-site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0 +26871,platforms/php/webapps/26871.txt,"PlaySms - 'index.php' Cross-site Scripting",2005-12-19,mohajali2k4,php,webapps,0 +26872,platforms/php/webapps/26872.txt,"PHP-Fusion 6.0 - Members.php Cross-site Scripting",2005-12-19,krasza,php,webapps,0 26873,platforms/asp/webapps/26873.txt,"Acidcat CMS 2.1.13 - default.asp ID Parameter SQL Injection",2005-12-19,admin@hamid.ir,asp,webapps,0 26874,platforms/asp/webapps/26874.txt,"Acidcat CMS 2.1.13 - acidcat.mdb Remote Information Disclosure",2005-12-19,admin@hamid.ir,asp,webapps,0 26875,platforms/asp/webapps/26875.txt,"allinta CMS 2.3.2 - faq.asp s Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 26876,platforms/asp/webapps/26876.txt,"allinta CMS 2.3.2 - search.asp searchQuery Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 -26877,platforms/php/webapps/26877.txt,"Box UK Amaxus CMS 3.0 - Cross-Site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 -26878,platforms/php/webapps/26878.txt,"Caravel CMS 3.0 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,r0t3d3Vil,php,webapps,0 -26879,platforms/php/webapps/26879.txt,"Cofax 2.0 - Search.HTM Cross-Site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 +26877,platforms/php/webapps/26877.txt,"Box UK Amaxus CMS 3.0 - Cross-site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 +26878,platforms/php/webapps/26878.txt,"Caravel CMS 3.0 Beta 1 - Multiple Cross-site Scripting Vulnerabilities",2005-12-19,r0t3d3Vil,php,webapps,0 +26879,platforms/php/webapps/26879.txt,"Cofax 2.0 - Search.HTM Cross-site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 26880,platforms/php/webapps/26880.txt,"FLIP 0.9.0.1029 - text.php name Parameter XSS",2005-12-19,r0t3d3Vil,php,webapps,0 26881,platforms/php/webapps/26881.txt,"FLIP 0.9.0.1029 - forum.php frame Parameter XSS",2005-12-19,r0t3d3Vil,php,webapps,0 -26882,platforms/cfm/webapps/26882.txt,"Hot Banana Web Content Management Suite 5.3 - Cross-Site Scripting",2005-12-19,r0t3d3Vil,cfm,webapps,0 -26883,platforms/php/webapps/26883.txt,"Libertas Enterprise CMS 3.0 - Index.php Cross-Site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 -26884,platforms/php/webapps/26884.txt,"Liferay Portal Enterprise 3.6.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,r0t3d3Vil,php,webapps,0 -26885,platforms/php/webapps/26885.txt,"Lighthouse CMS 1.1 - Search Cross-Site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 +26882,platforms/cfm/webapps/26882.txt,"Hot Banana Web Content Management Suite 5.3 - Cross-site Scripting",2005-12-19,r0t3d3Vil,cfm,webapps,0 +26883,platforms/php/webapps/26883.txt,"Libertas Enterprise CMS 3.0 - 'index.php' Cross-site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 +26884,platforms/php/webapps/26884.txt,"Liferay Portal Enterprise 3.6.1 - Multiple Cross-site Scripting Vulnerabilities",2005-12-19,r0t3d3Vil,php,webapps,0 +26885,platforms/php/webapps/26885.txt,"Lighthouse CMS 1.1 - Search Cross-site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 26886,platforms/linux/dos/26886.pl,"Squid 3.3.5 - DoS PoC",2013-07-16,kingcope,linux,dos,0 26887,platforms/linux/dos/26887.rb,"rpcbind - (CALLIT Procedure) UDP Crash PoC",2013-07-16,"Sean Verity",linux,dos,0 26888,platforms/ios/webapps/26888.txt,"FTP Sprite 1.2.1 iOS - Persistent XSS",2013-07-16,Vulnerability-Lab,ios,webapps,0 @@ -24006,12 +24006,12 @@ id,file,description,date,author,platform,type,port 26892,platforms/windows/dos/26892.py,"Kate's Video Toolkit 7.0 - (.wav) Crash PoC",2013-07-16,ariarat,windows,dos,0 26893,platforms/php/webapps/26893.txt,"Dell Kace 1000 SMA 5.4.70402 - Persistent XSS",2013-07-16,Vulnerability-Lab,php,webapps,0 26894,platforms/php/webapps/26894.txt,"Saurus CMS 4.7.1 - Multiple Vulnerabilities",2013-07-16,waraxe,php,webapps,0 -26895,platforms/php/webapps/26895.txt,"Magnolia Search Module 2.1 - Cross-Site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 -26896,platforms/php/webapps/26896.txt,"ContentServ 3.0/3.1/4.0 - Index.php SQL Injection",2005-12-19,r0t,php,webapps,0 -26897,platforms/php/webapps/26897.txt,"Direct News 4.9 - Index.php SQL Injection",2005-12-19,r0t,php,webapps,0 +26895,platforms/php/webapps/26895.txt,"Magnolia Search Module 2.1 - Cross-site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 +26896,platforms/php/webapps/26896.txt,"ContentServ 3.0/3.1/4.0 - 'index.php' SQL Injection",2005-12-19,r0t,php,webapps,0 +26897,platforms/php/webapps/26897.txt,"Direct News 4.9 - 'index.php' SQL Injection",2005-12-19,r0t,php,webapps,0 26898,platforms/php/webapps/26898.txt,"ODFaq 2.1 - FAQ.php SQL Injection",2005-12-19,r0t,php,webapps,0 -26899,platforms/php/webapps/26899.txt,"Marwel 2.7 - Index.php SQL Injection",2005-12-19,r0t,php,webapps,0 -26900,platforms/php/webapps/26900.txt,"Miraserver 1.0 RC4 - index.php page Parameter SQL Injection",2005-12-19,r0t,php,webapps,0 +26899,platforms/php/webapps/26899.txt,"Marwel 2.7 - 'index.php' SQL Injection",2005-12-19,r0t,php,webapps,0 +26900,platforms/php/webapps/26900.txt,"Miraserver 1.0 RC4 - 'index.php' page Parameter SQL Injection",2005-12-19,r0t,php,webapps,0 26901,platforms/php/webapps/26901.txt,"Miraserver 1.0 RC4 - newsitem.php id Parameter SQL Injection",2005-12-19,r0t,php,webapps,0 26902,platforms/php/webapps/26902.txt,"Miraserver 1.0 RC4 - article.php cat Parameter SQL Injection",2005-12-19,r0t,php,webapps,0 26903,platforms/asp/webapps/26903.txt,"Baseline CMS 1.95 - Multiple Input Validation Vulnerabilities",2005-12-19,r0t,asp,webapps,0 @@ -24030,15 +24030,15 @@ id,file,description,date,author,platform,type,port 26916,platforms/php/webapps/26916.txt,"Enterprise Connector 1.0.2 - Main.php SQL Injection",2005-12-20,"Attila Gerendi",php,webapps,0 26917,platforms/cgi/webapps/26917.txt,"LiveJournal - Cleanhtml.PL HTML Injection",2005-12-20,"Andrew Farmer",cgi,webapps,0 26918,platforms/php/webapps/26918.txt,"Plogger Beta 2 - Remote File Inclusion",2005-12-20,"Security .Net Information",php,webapps,0 -26919,platforms/php/webapps/26919.txt,"AbleDesign D-Man 3.0 - Title Parameter Cross-Site Scripting",2005-12-20,$um$id,php,webapps,0 +26919,platforms/php/webapps/26919.txt,"AbleDesign D-Man 3.0 - Title Parameter Cross-site Scripting",2005-12-20,$um$id,php,webapps,0 26920,platforms/cfm/webapps/26920.txt,"Quick Square Development Honeycomb Archive 3.0 - CategoryResults.cfm Multiple Parameter SQL Injection",2005-12-20,r0t3d3Vil,cfm,webapps,0 26921,platforms/php/webapps/26921.txt,"Tolva 0.1 - Usermods.php Remote File Inclusion",2005-12-21,xbefordx,php,webapps,0 26922,platforms/multiple/dos/26922.pl,"Interaction SIP Proxy 3.0 - Remote Heap Corruption Denial of Service",2005-12-21,"Behrang Fouladi",multiple,dos,0 26923,platforms/php/webapps/26923.txt,"Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities",2005-12-21,"Alireza Hassani",php,webapps,0 -26924,platforms/jsp/webapps/26924.txt,"OpenEdit 4.0 - Results.HTML Cross-Site Scripting",2005-12-21,r0t3d3Vil,jsp,webapps,0 -26925,platforms/php/webapps/26925.txt,"Papaya CMS 4.0.4 - Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 -26926,platforms/asp/webapps/26926.txt,"PortalApp 3.3/4.0 - Login.ASP Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 -26927,platforms/asp/webapps/26927.txt,"SiteEnable 3.3 - Login.ASP Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 +26924,platforms/jsp/webapps/26924.txt,"OpenEdit 4.0 - Results.HTML Cross-site Scripting",2005-12-21,r0t3d3Vil,jsp,webapps,0 +26925,platforms/php/webapps/26925.txt,"Papaya CMS 4.0.4 - Cross-site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 +26926,platforms/asp/webapps/26926.txt,"PortalApp 3.3/4.0 - Login.ASP Cross-site Scripting",2005-12-21,r0t,asp,webapps,0 +26927,platforms/asp/webapps/26927.txt,"SiteEnable 3.3 - Login.ASP Cross-site Scripting",2005-12-21,r0t,asp,webapps,0 26928,platforms/asp/webapps/26928.txt,"IntranetApp 3.3 - login.asp ret_page Parameter XSS",2005-12-21,r0t,asp,webapps,0 26929,platforms/asp/webapps/26929.txt,"IntranetApp 3.3 - content.asp Multiple Parameter XSS",2005-12-21,r0t,asp,webapps,0 26930,platforms/asp/webapps/26930.txt,"ProjectApp 3.3 - forums.asp keywords Parameter XSS",2005-12-21,r0t,asp,webapps,0 @@ -24048,7 +24048,7 @@ id,file,description,date,author,platform,type,port 26934,platforms/asp/webapps/26934.txt,"ProjectApp 3.3 - pmprojects.asp projectid Parameter XSS",2005-12-21,r0t,asp,webapps,0 26935,platforms/asp/webapps/26935.txt,"ProjectApp 3.3 - login.asp ret_page Parameter XSS",2005-12-21,r0t,asp,webapps,0 26936,platforms/asp/webapps/26936.txt,"ProjectApp 3.3 - default.asp skin_number Parameter XSS",2005-12-21,r0t,asp,webapps,0 -26937,platforms/cgi/webapps/26937.txt,"ComputerOil Redakto CMS 3.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,cgi,webapps,0 +26937,platforms/cgi/webapps/26937.txt,"ComputerOil Redakto CMS 3.2 - Multiple Cross-site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,cgi,webapps,0 26938,platforms/php/webapps/26938.txt,"Scoop 1.1 RC1 - Search Module Multiple Parameter XSS",2005-12-21,r0t3d3Vil,php,webapps,0 26939,platforms/php/webapps/26939.txt,"Scoop 1.1 RC1 - Missing Story Error XSS",2005-12-21,r0t3d3Vil,php,webapps,0 26940,platforms/asp/webapps/26940.txt,"Commercial Interactive Media SCOOP! 2.3 - articleSearch.asp XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 @@ -24066,11 +24066,11 @@ id,file,description,date,author,platform,type,port 26952,platforms/ios/webapps/26952.txt,"WiFly 1.0 Pro iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 26953,platforms/ios/webapps/26953.txt,"Flux Player 3.1.0 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 26954,platforms/ios/webapps/26954.txt,"ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 -26955,platforms/php/webapps/26955.txt,"Xibo 1.2.2 / 1.4.1 - index.php p param Directory Traversal",2013-07-18,Mahendra,php,webapps,0 +26955,platforms/php/webapps/26955.txt,"Xibo 1.2.2 / 1.4.1 - 'index.php' p parameter Directory Traversal",2013-07-18,Mahendra,php,webapps,0 26956,platforms/windows/webapps/26956.txt,"Dell PacketTrap MSP RMM 6.6.x - Multiple XSS Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 26957,platforms/windows/webapps/26957.txt,"Dell PacketTrap PSA 7.1 - Multiple XSS Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 -26958,platforms/php/webapps/26958.txt,"Anchor CMS 0.9.1 - Stored XSS",2013-07-18,DURAKIBOX,php,webapps,0 -26959,platforms/php/webapps/26959.txt,"Papoo 2.1.2 - index.php menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 +26958,platforms/php/webapps/26958.txt,"Anchor CMS 0.9.1 - Persistent Cross-site Scripting",2013-07-18,DURAKIBOX,php,webapps,0 +26959,platforms/php/webapps/26959.txt,"Papoo 2.1.2 - 'index.php' menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26960,platforms/php/webapps/26960.txt,"Papoo 2.1.2 - guestbook.php menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26961,platforms/php/webapps/26961.txt,"Papoo 2.1.2 - print.php Multiple Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26962,platforms/php/webapps/26962.txt,"PHPSlash 0.8.1 - Article.php SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 @@ -24079,8 +24079,8 @@ id,file,description,date,author,platform,type,port 26965,platforms/php/webapps/26965.txt,"MusicBox 2.3 - Type Parameter SQL Injection",2005-12-22,"Medo HaCKer",php,webapps,0 26966,platforms/multiple/remote/26966.txt,"httprint 202.0 - HTTP Response Server Field Arbitrary Script Injection",2005-12-22,"Mariano Nunez Di Croce",multiple,remote,0 26967,platforms/multiple/dos/26967.txt,"httprint 202.0 - HTTP Response Server Field Overflow DoS",2005-12-22,"Mariano Nunez Di Croce",multiple,dos,0 -26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 -26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 +26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 +26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 26970,platforms/windows/local/26970.c,"McAfee VirusScan 8.0 - Path Specification Local Privilege Escalation",2005-12-22,"Reed Arvin",windows,local,0 26971,platforms/osx/dos/26971.txt,"Apple Mac OS X - KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 26972,platforms/jsp/webapps/26972.txt,"oracle application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 @@ -24097,16 +24097,16 @@ id,file,description,date,author,platform,type,port 26983,platforms/php/webapps/26983.txt,"IceWarp Universal WebMail - /mail/index.html lang_settings Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 26984,platforms/php/webapps/26984.txt,"IceWarp Universal WebMail /mail/include.html - Crafted HTTP_USER_AGENT Arbitrary File Access",2005-12-27,"Tan Chew Keong",php,webapps,0 26985,platforms/windows/dos/26985.txt,"Microsoft Internet Explorer 5.0.1 - HTML Parsing Denial of Service",2005-12-27,"Christian Deneke",windows,dos,0 -26986,platforms/cfm/webapps/26986.txt,"PaperThin CommonSpot Content Server 4.5 - Cross-Site Scripting",2005-12-23,r0t3d3Vil,cfm,webapps,0 -26987,platforms/java/webapps/26987.txt,"FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-27,r0t3d3Vil,java,webapps,0 +26986,platforms/cfm/webapps/26986.txt,"PaperThin CommonSpot Content Server 4.5 - Cross-site Scripting",2005-12-23,r0t3d3Vil,cfm,webapps,0 +26987,platforms/java/webapps/26987.txt,"FatWire UpdateEngine 6.2 - Multiple Cross-site Scripting Vulnerabilities",2005-12-27,r0t3d3Vil,java,webapps,0 26988,platforms/php/webapps/26988.txt,"Koobi 5.0 - BBCode URL Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 -26989,platforms/php/webapps/26989.txt,"GMailSite 1.0.x - Cross-Site Scripting",2005-12-29,Lostmon,php,webapps,0 +26989,platforms/php/webapps/26989.txt,"GMailSite 1.0.x - Cross-site Scripting",2005-12-29,Lostmon,php,webapps,0 26990,platforms/php/webapps/26990.txt,"MyBB 1.0 - Globa.php Cookie Data SQL Injection",2005-12-29,imei,php,webapps,0 26991,platforms/asp/webapps/26991.html,"Web Wiz Multiple Products - SQL Injection",2005-12-30,DevilBox,asp,webapps,0 -26992,platforms/php/webapps/26992.txt,"Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 -26993,platforms/php/webapps/26993.txt,"OOApp Guestbook 2.1 Home Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 -26994,platforms/php/webapps/26994.txt,"Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-30,r0t3d3Vil,php,webapps,0 -26995,platforms/php/webapps/26995.txt,"PHPDocumentor 1.2/1.3 - Forum Lib Variable Cross-Site Scripting",2005-12-30,"zeus olimpusklan",php,webapps,0 +26992,platforms/php/webapps/26992.txt,"Ades Design AdesGuestbook 2.0 Read Script - Cross-site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 +26993,platforms/php/webapps/26993.txt,"OOApp Guestbook 2.1 Home Script - Cross-site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 +26994,platforms/php/webapps/26994.txt,"Kayako SupportSuite 3.0 0.26 - Multiple Cross-site Scripting Vulnerabilities",2005-12-30,r0t3d3Vil,php,webapps,0 +26995,platforms/php/webapps/26995.txt,"PHPDocumentor 1.2/1.3 - Forum Lib Variable Cross-site Scripting",2005-12-30,"zeus olimpusklan",php,webapps,0 26996,platforms/aix/local/26996.txt,"IBM AIX 5.3 - GetShell and GetCommand File Enumeration",2005-12-30,xfocus,aix,local,0 26997,platforms/aix/local/26997.txt,"IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure",2006-01-01,xfocus,aix,local,0 26998,platforms/php/webapps/26998.txt,"OABoard 1.0 Forum - Remote File Inclusion",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24116,7 +24116,7 @@ id,file,description,date,author,platform,type,port 27002,platforms/php/webapps/27002.txt,"Jevontech PHPenpals - PersonalID SQL Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27003,platforms/php/webapps/27003.txt,"InTouch 0.5.1 Alpha - User Variable SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27004,platforms/php/webapps/27004.txt,"PHPJournaler 1.0 - Readold Variable SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 -27633,platforms/php/webapps/27633.txt,"MyBB 1.10 - Member.php Cross-Site Scripting",2006-04-12,o.y.6,php,webapps,0 +27633,platforms/php/webapps/27633.txt,"MyBB 1.10 - Member.php Cross-site Scripting",2006-04-12,o.y.6,php,webapps,0 27005,platforms/hardware/webapps/27005.txt,"Barracuda LB / SVF / WAF / WEF - Multiple Vulnerabilities",2013-07-22,Vulnerability-Lab,hardware,webapps,0 27006,platforms/hardware/webapps/27006.txt,"Barracuda CudaTel 2.6.02.040 - SQL Injection",2013-07-22,Vulnerability-Lab,hardware,webapps,0 27007,platforms/windows/remote/27007.rb,"PCMan FTP Server 2.0.7 - Remote Exploit (Metasploit)",2013-07-22,MSJ,windows,remote,21 @@ -24135,16 +24135,16 @@ id,file,description,date,author,platform,type,port 27018,platforms/php/webapps/27018.txt,"ScozNet ScozBook 1.1 - AdminName Variable SQL Injection",2006-01-02,"Aliaksandr Hartsuyeu",php,webapps,0 27019,platforms/php/webapps/27019.txt,"VBulletin 3.5.2 - Event Title HTML Injection",2006-02-01,trueend5,php,webapps,0 27020,platforms/php/webapps/27020.txt,"Drupal 4.x - URL-Encoded Input HTML Injection",2006-01-01,liz0,php,webapps,0 -27021,platforms/cgi/webapps/27021.txt,"DiscusWare Discus 3.10 - Error Message Cross-Site Scripting",2006-01-02,$um$id,cgi,webapps,0 -27022,platforms/php/webapps/27022.txt,"INCOGEN Bugport 1.x - Multiple SQL Injection",2006-01-03,r0t,php,webapps,0 -27023,platforms/php/webapps/27023.txt,"INCOGEN Bugport 1.x - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-01-03,r0t,php,webapps,0 +27021,platforms/cgi/webapps/27021.txt,"DiscusWare Discus 3.10 - Error Message Cross-site Scripting",2006-01-02,$um$id,cgi,webapps,0 +27022,platforms/php/webapps/27022.txt,"INCOGEN Bugport 1.x - Multiple SQL Injections",2006-01-03,r0t,php,webapps,0 +27023,platforms/php/webapps/27023.txt,"INCOGEN Bugport 1.x - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2006-01-03,r0t,php,webapps,0 27024,platforms/windows/remote/27024.txt,"EFileGo 3.0 - Multiple Input Validation Vulnerabilities",2006-01-03,dr_insane,windows,remote,0 -27025,platforms/php/webapps/27025.txt,"Primo Place Primo Cart 1.0 - Multiple SQL Injection",2006-01-03,r0t,php,webapps,0 +27025,platforms/php/webapps/27025.txt,"Primo Place Primo Cart 1.0 - Multiple SQL Injections",2006-01-03,r0t,php,webapps,0 27026,platforms/multiple/dos/27026.txt,"Intel Graphics Accelerator Driver - Remote Denial of Service",2006-01-03,"Sumit Siddharth",multiple,dos,0 27027,platforms/php/webapps/27027.txt,"Jax Calendar 1.34 - Jax_calendar.php SQL Injection",2005-12-26,r0t3d3Vil,php,webapps,0 -27028,platforms/php/webapps/27028.txt,"LogicBill 1.0 - Multiple SQL Injection",2005-12-25,r0t3d3Vil,php,webapps,0 +27028,platforms/php/webapps/27028.txt,"LogicBill 1.0 - Multiple SQL Injections",2005-12-25,r0t3d3Vil,php,webapps,0 27029,platforms/php/webapps/27029.txt,"EZ Invoice Inc. EZI 2.0 - Invoices.php SQL Injection",2005-12-25,r0t3d3Vil,php,webapps,0 -27030,platforms/php/webapps/27030.txt,"CS-Cart - Multiple SQL Injection",2005-12-25,r0t3d3Vil,php,webapps,0 +27030,platforms/php/webapps/27030.txt,"CS-Cart - Multiple SQL Injections",2005-12-25,r0t3d3Vil,php,webapps,0 27031,platforms/linux/dos/27031.c,"Linux Kernel 2.6.x - SET_MEMPOLICY Local Denial of Service",2006-01-04,"Doug Chapman",linux,dos,0 27032,platforms/linux/remote/27032.txt,"Hylafax 4.1/4.2 - Multiple Scripts Remote Command Execution",2006-01-05,"Patrice Fournier",linux,remote,0 27033,platforms/php/webapps/27033.txt,"Foro Domus 2.10 - Multiple Input Validation Vulnerabilities",2006-01-06,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24154,12 +24154,12 @@ id,file,description,date,author,platform,type,port 27037,platforms/php/webapps/27037.txt,"TheWebForum 1.2.1 - Multiple Input Validation Vulnerabilities",2006-01-06,"Aliaksandr Hartsuyeu",php,webapps,0 27038,platforms/php/webapps/27038.txt,"TinyPHPForum 3.6 - Multiple Directory Traversal Vulnerabilities",2006-01-06,"Aliaksandr Hartsuyeu",php,webapps,0 27039,platforms/php/webapps/27039.txt,"Dell Kace 1000 SMA 5.4.742 - SQL Injection",2013-07-23,Vulnerability-Lab,php,webapps,0 -27356,platforms/php/webapps/27356.txt,"CutePHP CuteNews 1.4.1 - Index.php Cross-Site Scripting",2006-03-04,"Roozbeh Afrasiabi",php,webapps,0 +27356,platforms/php/webapps/27356.txt,"CutePHP CuteNews 1.4.1 - 'index.php' Cross-site Scripting",2006-03-04,"Roozbeh Afrasiabi",php,webapps,0 27357,platforms/php/webapps/27357.txt,"Simplog 1.0.2 - Information Disclosure",2006-03-04,Retard,php,webapps,0 -27358,platforms/php/webapps/27358.txt,"DVGuestbook 1.0/1.2.2 - index.php page Parameter XSS",2006-03-06,Liz0ziM,php,webapps,0 +27358,platforms/php/webapps/27358.txt,"DVGuestbook 1.0/1.2.2 - 'index.php' page Parameter XSS",2006-03-06,Liz0ziM,php,webapps,0 27359,platforms/php/webapps/27359.txt,"DVGuestbook 1.0/1.2.2 - dv_gbook.php f Parameter XSS",2006-03-06,Liz0ziM,php,webapps,0 -27360,platforms/php/webapps/27360.txt,"RunCMS 1.x - Bigshow.php Cross-Site Scripting",2006-03-06,"Roozbeh Afrasiabi",php,webapps,0 -27041,platforms/windows/local/27041.pl,"Super Player 3500 - (.m3u) Local Stack Based Buffer Overflow",2013-07-23,jun,windows,local,0 +27360,platforms/php/webapps/27360.txt,"RunCMS 1.x - Bigshow.php Cross-site Scripting",2006-03-06,"Roozbeh Afrasiabi",php,webapps,0 +27041,platforms/windows/local/27041.pl,"Super Player 3500 - '.m3u' Local Stack Based Buffer Overflow",2013-07-23,jun,windows,local,0 27042,platforms/ios/webapps/27042.txt,"Photo Server 2.0 iOS - Multiple Vulnerabilities",2013-07-23,Vulnerability-Lab,ios,webapps,0 27043,platforms/hardware/dos/27043.py,"Samsung PS50C7700 TV - Denial of Service",2013-07-23,"Malik Mesellem",hardware,dos,5600 27044,platforms/hardware/remote/27044.rb,"D-Link Devices - UPnP SOAP Command Execution",2013-07-23,Metasploit,hardware,remote,0 @@ -24181,45 +24181,45 @@ id,file,description,date,author,platform,type,port 27060,platforms/php/webapps/27060.txt,"PHP-Nuke News Submission Story - Text Field XSS",2006-01-09,night_warrior771,php,webapps,0 27061,platforms/cgi/webapps/27061.txt,"Hummingbird Collaboration - Crafted URL File Property Obscuration Download",2006-01-10,"Luca Carettoni",cgi,webapps,0 27062,platforms/cgi/webapps/27062.txt,"Hummingbird Collaboration - Application Cookie Internal Network Information Disclosure",2006-01-10,"Luca Carettoni",cgi,webapps,0 -27063,platforms/asp/webapps/27063.txt,"WebWiz Forums - Search_form.ASP Cross-Site Scripting",2006-01-10,nukedx,asp,webapps,0 -27064,platforms/php/webapps/27064.txt,"Orjinweb - Index.php Remote File Inclusion",2006-01-10,serxwebun,php,webapps,0 +27063,platforms/asp/webapps/27063.txt,"WebWiz Forums - Search_form.ASP Cross-site Scripting",2006-01-10,nukedx,asp,webapps,0 +27064,platforms/php/webapps/27064.txt,"Orjinweb - 'index.php' Remote File Inclusion",2006-01-10,serxwebun,php,webapps,0 27065,platforms/linux/local/27065.txt,"Cray UNICOS /usr/bin/script - Command Line Argument Local Overflow",2006-01-10,"Micheal Turner",linux,local,0 27066,platforms/linux/local/27066.txt,"Cray UNICOS /etc/nu - -c Option Filename Processing Local Overflow",2006-01-10,"Micheal Turner",linux,local,0 27067,platforms/php/webapps/27067.txt,"MyPHPim - calendar.php3 cal_id Parameter SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 27068,platforms/php/webapps/27068.txt,"MyPHPim - Login Page pass Field SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 27069,platforms/windows/dos/27069.txt,"Apple QuickTime 6.4/6.5/7.0.x - PictureViewer JPEG/PICT File Buffer Overflow",2006-01-11,"Dennis Rand",windows,dos,0 -27070,platforms/php/webapps/27070.txt,"Interspire TrackPoint NX - Index.php Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",php,webapps,0 -27071,platforms/asp/webapps/27071.txt,"Fog Creek Software FogBugz 4.0 29 - Default.ASP Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",asp,webapps,0 +27070,platforms/php/webapps/27070.txt,"Interspire TrackPoint NX - 'index.php' Cross-site Scripting",2006-01-12,"M.Neset KABAKLI",php,webapps,0 +27071,platforms/asp/webapps/27071.txt,"Fog Creek Software FogBugz 4.0 29 - Default.ASP Cross-site Scripting",2006-01-12,"M.Neset KABAKLI",asp,webapps,0 27072,platforms/windows/remote/27072.pl,"Microsoft Visual Studio - UserControl Remote Code Execution (1)",2006-01-12,anonymous,windows,remote,0 27073,platforms/windows/remote/27073.txt,"Microsoft Visual Studio - UserControl Remote Code Execution (2)",2006-01-12,priestmaster,windows,remote,0 27075,platforms/php/webapps/27075.txt,"TankLogger 2.4 General Functions Script - SQL Injection",2006-01-12,"Aliaksandr Hartsuyeu",php,webapps,0 27076,platforms/hardware/webapps/27076.txt,"FOSCAM IP-Cameras - Improper Access Restrictions",2013-07-24,"Core Security",hardware,webapps,80 27077,platforms/php/webapps/27077.txt,"DCP Portal 5.3/6.0/6.1 - Multiple Input Validation Vulnerabilities",2006-01-13,night_warrior771,php,webapps,0 -27078,platforms/php/webapps/27078.txt,"AlstraSoft Template Seller Pro 3.25 - Fullview.php Cross-Site Scripting",2006-01-13,night_warrior771,php,webapps,0 -27079,platforms/asp/webapps/27079.txt,"Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.ASP Cross-Site Scripting",2006-01-13,"M.Neset KABAKLI",asp,webapps,0 +27078,platforms/php/webapps/27078.txt,"AlstraSoft Template Seller Pro 3.25 - Fullview.php Cross-site Scripting",2006-01-13,night_warrior771,php,webapps,0 +27079,platforms/asp/webapps/27079.txt,"Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.ASP Cross-site Scripting",2006-01-13,"M.Neset KABAKLI",asp,webapps,0 27080,platforms/php/webapps/27080.txt,"EZDatabaseRemote 2.0 - PHP Script Code Execution",2006-01-14,r0t3d3Vil,php,webapps,0 -27081,platforms/cgi/webapps/27081.txt,"Ultimate Auction 3.67 - Item.PL Cross-Site Scripting",2006-01-14,querkopf,cgi,webapps,0 +27081,platforms/cgi/webapps/27081.txt,"Ultimate Auction 3.67 - Item.PL Cross-site Scripting",2006-01-14,querkopf,cgi,webapps,0 27082,platforms/windows/dos/27082.txt,"Microsoft Internet Explorer 5.0.1 - Malformed IMG and XML Parsing Denial of Service",2006-01-16,"Inge Henriksen",windows,dos,0 27083,platforms/asp/webapps/27083.txt,"8Pixel.net SimpleBlog 2.1 - Multiple Input Validation Vulnerabilities",2006-01-16,Zinho,asp,webapps,0 -27084,platforms/php/webapps/27084.txt,"Bit 5 Blog 8.1 - Index.php SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 +27084,platforms/php/webapps/27084.txt,"Bit 5 Blog 8.1 - 'index.php' SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 27085,platforms/php/webapps/27085.txt,"Bit 5 Blog 8.1 - AddComment.php HTML Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 27086,platforms/php/webapps/27086.txt,"White Album 2.5 - Pictures.php SQL Injection",2006-01-16,liz0,php,webapps,0 27087,platforms/php/webapps/27087.txt,"GeoBlog 1.0 - ViewCat.php SQL Injection",2005-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 -27088,platforms/cgi/webapps/27088.txt,"Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities",2006-01-16,Preddy,cgi,webapps,0 +27088,platforms/cgi/webapps/27088.txt,"Faq-O-Matic 2.711 - Multiple Cross-site Scripting Vulnerabilities",2006-01-16,Preddy,cgi,webapps,0 27089,platforms/windows/dos/27089.c,"CounterPath eyeBeam 1.1 build 3010n - SIP Header Data Remote Buffer Overflow (1)",2006-01-11,ZwelL,windows,dos,0 27090,platforms/windows/dos/27090.c,"CounterPath eyeBeam 1.1 build 3010n - SIP Header Data Remote Buffer Overflow (2)",2006-01-15,ZwelL,windows,dos,0 -27091,platforms/cgi/webapps/27091.txt,"Ultimate Auction 3.67 - ItemList.PL Cross-Site Scripting",2006-01-16,querkopf,cgi,webapps,0 -27092,platforms/php/webapps/27092.txt,"GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities",2006-01-16,Preddy,php,webapps,0 -27093,platforms/php/webapps/27093.txt,"EZDatabase 2.1.1 - Index.php Cross-Site Scripting",2006-01-16,"Josh Zlatin-Amishav",php,webapps,0 +27091,platforms/cgi/webapps/27091.txt,"Ultimate Auction 3.67 - ItemList.PL Cross-site Scripting",2006-01-16,querkopf,cgi,webapps,0 +27092,platforms/php/webapps/27092.txt,"GTP iCommerce - Multiple Cross-site Scripting Vulnerabilities",2006-01-16,Preddy,php,webapps,0 +27093,platforms/php/webapps/27093.txt,"EZDatabase 2.1.1 - 'index.php' Cross-site Scripting",2006-01-16,"Josh Zlatin-Amishav",php,webapps,0 27094,platforms/multiple/dos/27094.txt,"AmbiCom Blue Neighbors 2.50 build 2500 - Bluetooth Stack Object Push Buffer Overflow",2006-01-16,"Kevin Finisterre",multiple,dos,0 27095,platforms/multiple/remote/27095.txt,"Apache Tomcat / Geronimo 1.0 - Sample Script cal2.jsp time Parameter XSS",2006-01-16,"Oliver Karow",multiple,remote,0 27096,platforms/multiple/remote/27096.txt,"Apache Geronimo 1.0 - Error Page XSS",2006-01-16,"Oliver Karow",multiple,remote,0 27097,platforms/php/webapps/27097.txt,"phpXplorer 0.9.33 - Workspaces.php Directory Traversal",2006-01-16,"Oriol Torrent Santiago",php,webapps,0 -27098,platforms/php/webapps/27098.txt,"RedKernel Referrer Tracker 1.1.0-3 - Rkrt_stats.php Cross-Site Scripting",2006-01-16,Preddy,php,webapps,0 -27099,platforms/php/webapps/27099.txt,"BlogPHP 1.0 - Index.php SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 -27100,platforms/php/webapps/27100.txt,"microBlog 2.0 - Index.php Multiple SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27098,platforms/php/webapps/27098.txt,"RedKernel Referrer Tracker 1.1.0-3 - Rkrt_stats.php Cross-site Scripting",2006-01-16,Preddy,php,webapps,0 +27099,platforms/php/webapps/27099.txt,"BlogPHP 1.0 - 'index.php' SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 +27100,platforms/php/webapps/27100.txt,"microBlog 2.0 - 'index.php' Multiple SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27101,platforms/windows/dos/27101.txt,"Computer Associates Unicenter 6.0 - Remote Control DM Primer Remote Denial of Service",2006-01-17,Karma,windows,dos,0 -27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - index.php search Parameter XSS",2006-01-17,night_warrior771,php,webapps,0 +27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - 'index.php' search Parameter XSS",2006-01-17,night_warrior771,php,webapps,0 27103,platforms/php/webapps/27103.txt,"PowerPortal 1.1/1.3 - search.php search Parameter XSS",2006-01-17,night_warrior771,php,webapps,0 27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - url BBcode XSS",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - login.php username Field SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24232,16 +24232,16 @@ id,file,description,date,author,platform,type,port 27112,platforms/php/webapps/27112.txt,"SaralBlog 1.0 - Multiple Input Validation Vulnerabilities",2006-01-18,"Aliaksandr Hartsuyeu",php,webapps,0 27113,platforms/windows/dos/27113.c,"BitComet 0.60 - .Torrent File Handling Remote Buffer Overflow",2006-01-19,"Dejun Meng",windows,dos,0 27114,platforms/php/webapps/27114.txt,"WebspotBlogging 3.0 - Login.php SQL Injection",2006-01-19,"Aliaksandr Hartsuyeu",php,webapps,0 -27115,platforms/cgi/webapps/27115.txt,"Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting",2006-01-20,"OS2A BTO",cgi,webapps,0 -27116,platforms/php/webapps/27116.txt,"NewsPHP - Index.php Multiple SQL Injection",2006-01-23,SAUDI,php,webapps,0 -27117,platforms/php/webapps/27117.txt,"BlogPHP 1.2 - Multiple SQL Injection",2006-01-20,imei,php,webapps,0 -27118,platforms/php/webapps/27118.pl,"RCBlog 1.0.3 - Index.php Directory Traversal",2006-01-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27119,platforms/php/webapps/27119.txt,"e-moBLOG 1.3 - Multiple SQL Injection",2006-01-23,"Aliaksandr Hartsuyeu",php,webapps,0 +27115,platforms/cgi/webapps/27115.txt,"Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-site Scripting",2006-01-20,"OS2A BTO",cgi,webapps,0 +27116,platforms/php/webapps/27116.txt,"NewsPHP - 'index.php' Multiple SQL Injection",2006-01-23,SAUDI,php,webapps,0 +27117,platforms/php/webapps/27117.txt,"BlogPHP 1.2 - Multiple SQL Injections",2006-01-20,imei,php,webapps,0 +27118,platforms/php/webapps/27118.pl,"RCBlog 1.0.3 - 'index.php' Directory Traversal",2006-01-20,"Aliaksandr Hartsuyeu",php,webapps,0 +27119,platforms/php/webapps/27119.txt,"e-moBLOG 1.3 - Multiple SQL Injections",2006-01-23,"Aliaksandr Hartsuyeu",php,webapps,0 27120,platforms/php/webapps/27120.txt,"AZ Bulletin Board 1.0.x/1.1 - Post.php HTML Injection",2006-01-23,"Roozbeh Afrasiabi",php,webapps,0 27121,platforms/php/webapps/27121.txt,"123 Flash Chat 5.0 - Remote Code Injection Weakness",2006-01-24,"Jesus Olmos Gonzalez",php,webapps,0 27122,platforms/php/webapps/27122.txt,"MyBB 1.0.1/1.0.2 - Notepad UserCP.php HTML Injection",2006-01-24,"Roozbeh Afrasiabi",php,webapps,0 27123,platforms/php/webapps/27123.txt,"Pixelpost 1.4.3 - User Comment HTML Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 -27124,platforms/php/webapps/27124.txt,"SleeperChat 0.3f - Index.php Cross-Site Scripting",2006-01-24,hackologie,php,webapps,0 +27124,platforms/php/webapps/27124.txt,"SleeperChat 0.3f - 'index.php' Cross-site Scripting",2006-01-24,hackologie,php,webapps,0 27125,platforms/php/webapps/27125.txt,"miniBloggie 1.0 - Login.php SQL Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27126,platforms/php/webapps/27126.txt,"CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities",2006-01-25,"Aliaksandr Hartsuyeu",php,webapps,0 27127,platforms/php/webapps/27127.txt,"PMachine ExpressionEngine 1.4.1 - HTTP Referrer HTML Injection",2006-01-25,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24250,11 +24250,11 @@ id,file,description,date,author,platform,type,port 27130,platforms/php/webapps/27130.txt,"Basic Forum by JM LLC - Multiple Vulnerabilities",2013-07-27,Sp3ctrecore,php,webapps,0 27131,platforms/hardware/dos/27131.py,"Galil-RIO Modbus - Denial of Service",2013-07-27,Sapling,hardware,dos,0 27132,platforms/hardware/shellcode/27132.txt,"MIPS - (Little Endian) system() Shellcode (80 bytes)",2013-07-27,"Jacob Holcomb",hardware,shellcode,0 -27133,platforms/mips/remote/27133.py,"ASUS RT-AC66U acsd Param - Remote Root Shell Exploit",2013-07-27,"Jacob Holcomb",mips,remote,0 +27133,platforms/linux_mips/remote/27133.py,"ASUS RT-AC66U - acsd Param Remote Root Shell Exploit",2013-07-27,"Jacob Holcomb",linux_mips,remote,0 27134,platforms/hardware/webapps/27134.pl,"Broadkam PJ871 - Authentication Bypass",2013-07-27,d3c0der,hardware,webapps,0 27135,platforms/multiple/remote/27135.rb,"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution",2013-07-27,Metasploit,multiple,remote,8080 27136,platforms/php/webapps/27136.txt,"Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities",2013-07-27,"SEC Consult",php,webapps,0 -27137,platforms/php/webapps/27137.txt,"MyBB 1.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-26,imei,php,webapps,0 +27137,platforms/php/webapps/27137.txt,"MyBB 1.0.2 - Multiple Cross-site Scripting Vulnerabilities",2005-12-26,imei,php,webapps,0 27138,platforms/php/webapps/27138.txt,"AndoNET Blog 2004.9.2 - Comentarios.php SQL Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 27139,platforms/php/webapps/27139.txt,"My Little Homepage Products - BBCode Link Tag Script Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 27140,platforms/multiple/dos/27140.txt,"Exiv2 - Corrupted EXIF Data Denial of Service",2006-01-26,"Maciek Wierciski",multiple,dos,0 @@ -24263,37 +24263,37 @@ id,file,description,date,author,platform,type,port 27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 - Forum.ASP Multiple SQL Injection",2005-12-15,"Tran Viet Phuong",asp,webapps,0 27144,platforms/linux/dos/27144.py,"Communigate Pro 5.0.6 - Server LDAP Denial of Service",2006-01-28,"Evgeny Legerov",linux,dos,0 27145,platforms/linux/dos/27145.txt,"GNOME Evolution 2.2.3/2.3.x - Inline XML File Attachment Buffer Overflow",2006-01-28,"Mike Davis",linux,dos,0 -27146,platforms/php/webapps/27146.txt,"sPaiz-Nuke - Modules.php Cross-Site Scripting",2006-01-30,night_warrior771,php,webapps,0 +27146,platforms/php/webapps/27146.txt,"sPaiz-Nuke - Modules.php Cross-site Scripting",2006-01-30,night_warrior771,php,webapps,0 27147,platforms/php/webapps/27147.txt,"PmWiki 2.1 - Multiple Input Validation Vulnerabilities",2006-01-30,aScii,php,webapps,0 -27148,platforms/php/webapps/27148.txt,"Nuked-klaN 1.7 - Index.php Cross-Site Scripting",2006-01-30,night_warrior771,php,webapps,0 -27149,platforms/php/webapps/27149.txt,"Ashwebstudio Ashnews 0.83 - Cross-Site Scripting",2006-01-30,0o_zeus_o0,php,webapps,0 +27148,platforms/php/webapps/27148.txt,"Nuked-klaN 1.7 - 'index.php' Cross-site Scripting",2006-01-30,night_warrior771,php,webapps,0 +27149,platforms/php/webapps/27149.txt,"Ashwebstudio Ashnews 0.83 - Cross-site Scripting",2006-01-30,0o_zeus_o0,php,webapps,0 27150,platforms/linux/remote/27150.txt,"Mozilla Firefox 1.0/1.5 XBL - MOZ-BINDING Property Cross-Domain Scripting",2006-01-30,"Chris Thomas",linux,remote,0 27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 - Userlogin.ASP SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 -27152,platforms/php/webapps/27152.txt,"BrowserCRM - Results.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 -27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 +27152,platforms/php/webapps/27152.txt,"BrowserCRM - Results.php Cross-site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 +27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 - Clients.php Cross-site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 27154,platforms/php/webapps/27154.txt,"FarsiNews 2.1 - Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 -27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - Index.php Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 +27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 - Username Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 -27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injection",2006-02-01,Siegfried,php,webapps,0 -27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 - Index.php3 Cross-Site Scripting",2006-02-01,Siegfried,php,webapps,0 +27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injections",2006-02-01,Siegfried,php,webapps,0 +27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 - Index.php3 Cross-site Scripting",2006-02-01,Siegfried,php,webapps,0 27159,platforms/multiple/dos/27159.txt,"Fcron 3.0 - Convert-FCronTab Local Buffer Overflow",2006-02-01,"Adam Zabrocki",multiple,dos,0 -27160,platforms/asp/webapps/27160.txt,"SoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,preben@watchcom.no,asp,webapps,0 -27161,platforms/asp/webapps/27161.txt,"CyberShop Ultimate E-commerce - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,B3g0k,asp,webapps,0 -27162,platforms/php/webapps/27162.txt,"cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-02-03,"Simo Ben Youssef",php,webapps,0 +27160,platforms/asp/webapps/27160.txt,"SoftMaker Shop - Multiple Cross-site Scripting Vulnerabilities",2006-02-02,preben@watchcom.no,asp,webapps,0 +27161,platforms/asp/webapps/27161.txt,"CyberShop Ultimate E-commerce - Multiple Cross-site Scripting Vulnerabilities",2006-02-02,B3g0k,asp,webapps,0 +27162,platforms/php/webapps/27162.txt,"cPanel 10.8.1 - Multiple Cross-site Scripting Vulnerabilities",2006-02-03,"Simo Ben Youssef",php,webapps,0 27163,platforms/cgi/webapps/27163.txt,"IBM Tivoli Access Manager Plugin - Directory Traversal",2006-02-04,"Timothy D. Morgan",cgi,webapps,0 27164,platforms/php/webapps/27164.txt,"UBB.Threads 6.3 - Showflat.php SQL Injection",2006-01-29,k-otik,php,webapps,0 -27165,platforms/php/webapps/27165.txt,"Beehive Forum 0.6.2 - Index.php SQL Injection",2005-12-22,trueend5,php,webapps,0 +27165,platforms/php/webapps/27165.txt,"Beehive Forum 0.6.2 - 'index.php' SQL Injection",2005-12-22,trueend5,php,webapps,0 27166,platforms/php/webapps/27166.txt,"EyeOS 0.8.x - Session Remote Command Execution",2006-02-07,"James Bercegay",php,webapps,0 27167,platforms/php/webapps/27167.txt,"MyBB 1.0.3 - Moderation.php SQL Injection",2006-02-07,imei,php,webapps,0 27168,platforms/qnx/local/27168.txt,"QNX 6.2/6.3 - Multiple Local Privilege Escalation / Denial of Service Vulnerabilities",2006-02-07,anonymous,qnx,local,0 27169,platforms/asp/webapps/27169.txt,"Webeveyn Whomp! Real Estate Manager 2005 - Login SQL Injection",2006-02-08,night_warrior771,asp,webapps,0 -27170,platforms/php/webapps/27170.txt,"vwdev - Index.php SQL Injection",2006-02-08,"Omid Aghababaei",php,webapps,0 +27170,platforms/php/webapps/27170.txt,"vwdev - 'index.php' SQL Injection",2006-02-08,"Omid Aghababaei",php,webapps,0 27171,platforms/multiple/dos/27171.txt,"Sun ONE Directory Server 5.2 - Remote Denial of Service",2006-02-08,"Evgeny Legerov",multiple,dos,0 27172,platforms/php/webapps/27172.txt,"SPIP 1.8.2 - Spip_RSS.php Remote Command Execution",2006-02-08,rgod,php,webapps,0 -27173,platforms/php/webapps/27173.txt,"CPAINT 1.3/2.0 - TYPE.php Cross-Site Scripting",2006-02-08,"James Bercegay",php,webapps,0 +27173,platforms/php/webapps/27173.txt,"CPAINT 1.3/2.0 - TYPE.php Cross-site Scripting",2006-02-08,"James Bercegay",php,webapps,0 27174,platforms/asp/webapps/27174.txt,"GA's Forum Light - Archive.ASP SQL Injection",2006-02-07,Dj_Eyes,asp,webapps,0 -27175,platforms/php/webapps/27175.php,"PwsPHP 1.2.3 - Index.php SQL Injection",2006-02-09,papipsycho,php,webapps,0 -27176,platforms/php/webapps/27176.txt,"Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities",2006-02-09,"Dj Eyes",php,webapps,0 +27175,platforms/php/webapps/27175.php,"PwsPHP 1.2.3 - 'index.php' SQL Injection",2006-02-09,papipsycho,php,webapps,0 +27176,platforms/php/webapps/27176.txt,"Papoo 2.1.x - Multiple Cross-site Scripting Vulnerabilities",2006-02-09,"Dj Eyes",php,webapps,0 27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU - CSRF/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 - Showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 27180,platforms/arm/shellcode/27180.asm,"Windows RT ARM - Bind Shell (Port 4444) shellcode",2013-07-28,"Matthew Graeber",arm,shellcode,0 @@ -24302,37 +24302,37 @@ id,file,description,date,author,platform,type,port 27183,platforms/php/webapps/27183.txt,"FarsiNews 2.1/2.5 - show_archives.php template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 - folders.update.php folderid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 -27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - index.php $_SERVER['PHP_SELF'] XSS",2006-02-11,"GulfTech Security",php,webapps,0 -27187,platforms/jsp/webapps/27187.py,"OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection / Stored XSS",2013-07-29,drone,jsp,webapps,0 +27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] XSS",2006-02-11,"GulfTech Security",php,webapps,0 +27187,platforms/jsp/webapps/27187.py,"OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection / Persistent Cross-site Scripting",2013-07-29,drone,jsp,webapps,0 27188,platforms/ios/webapps/27188.txt,"Private Photos 1.0 iOS - Persistent XSS",2013-07-29,Vulnerability-Lab,ios,webapps,0 27189,platforms/ios/webapps/27189.txt,"WebDisk 3.0.2 PhotoViewer iOS - Command Execution",2013-07-29,Vulnerability-Lab,ios,webapps,0 27190,platforms/php/webapps/27190.txt,"FluxBB 1.5.3 - Multiple Vulnerabilities",2013-07-29,LiquidWorm,php,webapps,0 27191,platforms/windows/local/27191.py,"Novell Client 2 SP3 - Privilege Escalation Exploit",2013-07-29,sickness,windows,local,0 -27192,platforms/php/webapps/27192.txt,"LinPHA 0.9.x/1.0 - index.php lang Parameter Local File Inclusion",2006-02-11,rgod,php,webapps,0 +27192,platforms/php/webapps/27192.txt,"LinPHA 0.9.x/1.0 - 'index.php' lang Parameter Local File Inclusion",2006-02-11,rgod,php,webapps,0 27193,platforms/php/webapps/27193.txt,"LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion",2006-02-11,rgod,php,webapps,0 27194,platforms/php/webapps/27194.txt,"LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion",2006-02-11,rgod,php,webapps,0 27195,platforms/php/webapps/27195.txt,"LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion",2006-02-11,rgod,php,webapps,0 27196,platforms/multiple/dos/27196.txt,"IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption",2006-02-11,"Evgeny Legerov",multiple,dos,0 27197,platforms/php/webapps/27197.txt,"ImageVue 0.16.1 - dir.php Folder Permission Disclosure",2006-02-11,zjieb,php,webapps,0 27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 - readfolder.php path Variable Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 -27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - index.php bgcol Parameter XSS",2006-02-11,zjieb,php,webapps,0 +27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - 'index.php' bgcol Parameter XSS",2006-02-11,zjieb,php,webapps,0 27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted File Upload",2006-02-11,zjieb,php,webapps,0 -27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - Search.php Q Parameter Cross-Site Scripting",2006-02-12,Kiki,php,webapps,0 +27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - Search.php Q Parameter Cross-site Scripting",2006-02-12,Kiki,php,webapps,0 27202,platforms/php/webapps/27202.txt,"Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection",2006-02-13,"GulfTech Security",php,webapps,0 27203,platforms/hardware/remote/27203.pl,"Fortinet FortiGate 2.x/3.0 - URL Filtering Bypass",2006-02-13,"Mathieu Dessus",hardware,remote,0 27204,platforms/php/webapps/27204.html,"Virtual Hosting Control System 2.2/2.4 - change_password.php Current Password Weakness",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 27205,platforms/php/webapps/27205.html,"Virtual Hosting Control System 2.2/2.4 - login.php check_login() Function Authentication Bypass",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 27206,platforms/php/webapps/27206.txt,"XMB Forum 1.8/1.9 - u2u.php username Parameter XSS",2006-02-13,"James Bercegay",php,webapps,0 27207,platforms/php/webapps/27207.txt,"Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities",2006-02-13,"Aliaksandr Hartsuyeu",php,webapps,0 -27208,platforms/php/webapps/27208.txt,"PHP-Nuke 6.x/7.x - Header.php Pagetitle Parameter Cross-Site Scripting",2006-02-13,"Janek Vind",php,webapps,0 -27209,platforms/php/webapps/27209.txt,"Gastebuch 1.3.2 - Cross-Site Scripting",2006-02-13,"Micha Borrmann",php,webapps,0 +27208,platforms/php/webapps/27208.txt,"PHP-Nuke 6.x/7.x - Header.php Pagetitle Parameter Cross-site Scripting",2006-02-13,"Janek Vind",php,webapps,0 +27209,platforms/php/webapps/27209.txt,"Gastebuch 1.3.2 - Cross-site Scripting",2006-02-13,"Micha Borrmann",php,webapps,0 27210,platforms/multiple/dos/27210.txt,"eStara SoftPhone 3.0.1 - SIP SDP Message Handling Format String DoS",2006-02-14,ZwelL,multiple,dos,0 27211,platforms/multiple/dos/27211.txt,"eStara SoftPhone 3.0.1 SIP Packet Multiple - Malformed Field DoS",2006-02-14,ZwelL,multiple,dos,0 27212,platforms/multiple/dos/27212.txt,"Isode M-Vault Server 11.3 - LDAP Memory Corruption",2006-02-14,"Evgeny Legerov",multiple,dos,0 -27213,platforms/php/webapps/27213.txt,"QwikiWiki 1.5 - Search.php Cross-Site Scripting",2006-02-14,Citynova,php,webapps,0 +27213,platforms/php/webapps/27213.txt,"QwikiWiki 1.5 - Search.php Cross-site Scripting",2006-02-14,Citynova,php,webapps,0 27214,platforms/php/webapps/27214.txt,"DeltaScripts PHP Classifieds 6.20 - Member_Login.php SQL Injection",2006-02-14,"Audun Larsen",php,webapps,0 27215,platforms/php/webapps/27215.txt,"sNews - Comment Body XSS",2006-02-14,joffer,php,webapps,0 -27216,platforms/php/webapps/27216.txt,"sNews - index.php Multiple Parameter SQL Injection",2006-02-14,joffer,php,webapps,0 +27216,platforms/php/webapps/27216.txt,"sNews - 'index.php' Multiple Parameter SQL Injection",2006-02-14,joffer,php,webapps,0 27217,platforms/php/webapps/27217.txt,"Dotproject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 27218,platforms/php/webapps/27218.txt,"Dotproject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 27219,platforms/php/webapps/27219.txt,"Dotproject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 @@ -24354,31 +24354,31 @@ id,file,description,date,author,platform,type,port 27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 - adapter-index.dsp url Variable Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 27236,platforms/php/webapps/27236.txt,"MyBB 1.0.3 - Private.php Multiple SQL Injection",2006-02-15,imei,php,webapps,0 27237,platforms/php/webapps/27237.txt,"HTML::BBCode 1.03/1.04 - HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 -27238,platforms/php/webapps/27238.php,"DreamCost HostAdmin 3.0 - Index.php Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 -27239,platforms/php/webapps/27239.txt,"BirthSys 3.1 - Multiple SQL Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 +27238,platforms/php/webapps/27238.php,"DreamCost HostAdmin 3.0 - 'index.php' Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 +27239,platforms/php/webapps/27239.txt,"BirthSys 3.1 - Multiple SQL Injections",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27240,platforms/php/webapps/27240.txt,"MyBB 1.0.2/1.0.3 - Managegroup.php SQL Injection",2006-02-16,imei,php,webapps,0 27241,platforms/hardware/dos/27241.c,"D-Link DWL-G700AP 2.00/2.01 - HTTPD Denial of Service",2006-02-16,l0om,hardware,dos,0 -27242,platforms/php/webapps/27242.txt,"MyBB 1.0.3 - Managegroup.php Cross-Site Scripting",2006-02-16,imei,php,webapps,0 +27242,platforms/php/webapps/27242.txt,"MyBB 1.0.3 - Managegroup.php Cross-site Scripting",2006-02-16,imei,php,webapps,0 27243,platforms/php/webapps/27243.txt,"Siteframe Beaumont 5.0.1/5.0.2 - Page.php HTML Injection",2006-02-16,federico.alice@tiscali.it,php,webapps,0 27244,platforms/linux/remote/27244.txt,"Wimpy MP3 Player 5 - Text File Overwrite Weakness",2006-02-16,ReZEN,linux,remote,0 -27245,platforms/php/webapps/27245.txt,"V-webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-02-17,$um$id,php,webapps,0 +27245,platforms/php/webapps/27245.txt,"V-webmail 1.6.2 - Multiple Cross-site Scripting Vulnerabilities",2006-02-17,$um$id,php,webapps,0 27246,platforms/linux/dos/27246.txt,"Mozilla Thunderbird 1.5 - Address Book Import Remote Denial of Service",2006-02-17,DrFrancky,linux,dos,0 27247,platforms/php/webapps/27247.txt,"E107 Website System 0.7.2 Chatbox Plugin - HTML Injection",2006-02-18,"marc & shb",php,webapps,0 27248,platforms/php/webapps/27248.txt,"Webpagecity WPC easy - SQL Injection",2006-02-18,murfie,php,webapps,0 27249,platforms/php/webapps/27249.html,"PHP-Nuke 7.x - CAPTCHA Bypass Weakness",2006-02-18,waraxe,php,webapps,0 27250,platforms/php/webapps/27250.txt,"TTS Software Time Tracking Software 3.0 - Edituser.php Access Validation",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27251,platforms/php/webapps/27251.txt,"Magic Calendar Lite 1.02 - Index.php SQL Injection",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27252,platforms/php/webapps/27252.txt,"CuteNews 1.4.1 - Show_News.php Cross-Site Scripting",2006-02-20,imei,php,webapps,0 +27251,platforms/php/webapps/27251.txt,"Magic Calendar Lite 1.02 - 'index.php' SQL Injection",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 +27252,platforms/php/webapps/27252.txt,"CuteNews 1.4.1 - Show_News.php Cross-site Scripting",2006-02-20,imei,php,webapps,0 27253,platforms/linux/dos/27253.txt,"Mozilla Firefox 1.0.x/1.5 - HTML Parsing Denial of Service",2006-02-21,"Yuan Qi",linux,dos,0 27254,platforms/php/webapps/27254.txt,"PostNuke 0.6x/0.7x NS-Languages Module - language Parameter XSS",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 27255,platforms/php/webapps/27255.txt,"PostNuke 0.6x/0.7x NS-Languages Module - language Parameter SQL Injection",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 -27256,platforms/php/webapps/27256.txt,"RunCMS 1.x - Ratefile.php Cross-Site Scripting",2006-02-22,"Roozbeh Afrasiabi",php,webapps,0 +27256,platforms/php/webapps/27256.txt,"RunCMS 1.x - Ratefile.php Cross-site Scripting",2006-02-22,"Roozbeh Afrasiabi",php,webapps,0 27257,platforms/linux/dos/27257.html,"Multiple Mozilla Products - IFRAME JavaScript Execution Vulnerabilities",2006-02-22,"Georgi Guninski",linux,dos,0 27258,platforms/asp/dos/27258.txt,"Ipswitch WhatsUp Professional 2006 - Remote Denial of Service",2006-02-22,"Josh Zlatin-Amishav",asp,dos,0 -27259,platforms/php/webapps/27259.txt,"Noah's Classifieds 1.0/1.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-02-22,trueend5,php,webapps,0 +27259,platforms/php/webapps/27259.txt,"Noah's Classifieds 1.0/1.3 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2006-02-22,trueend5,php,webapps,0 27260,platforms/php/webapps/27260.txt,"Noah's Classifieds 1.0/1.3 - Search Page SQL Injection",2006-02-22,trueend5,php,webapps,0 27261,platforms/php/webapps/27261.txt,"Noah's Classifieds 1.0/1.3 - Local File Inclusion",2006-02-22,trueend5,php,webapps,0 -27262,platforms/php/webapps/27262.txt,"Noah's Classifieds 1.0/1.3 - Index.php Remote File Inclusion",2006-02-22,trueend5,php,webapps,0 +27262,platforms/php/webapps/27262.txt,"Noah's Classifieds 1.0/1.3 - 'index.php' Remote File Inclusion",2006-02-22,trueend5,php,webapps,0 27263,platforms/php/webapps/27263.txt,"Dragonfly CMS 9.0.6 1 - Your_Account Module Multiple Parameter XSS",2006-02-22,Lostmon,php,webapps,0 27264,platforms/php/webapps/27264.txt,"Dragonfly CMS 9.0.6 1 - News Module Multiple Parameter XSS",2006-02-22,Lostmon,php,webapps,0 27265,platforms/php/webapps/27265.txt,"Dragonfly CMS 9.0.6.1 - Stories_Archive Module Multiple Parameter XSS",2006-02-22,Lostmon,php,webapps,0 @@ -24386,19 +24386,19 @@ id,file,description,date,author,platform,type,port 27267,platforms/php/webapps/27267.txt,"Dragonfly CMS 9.0.6.1 - Surveys Module Multiple Parameter XSS",2006-02-22,Lostmon,php,webapps,0 27268,platforms/php/webapps/27268.txt,"Dragonfly CMS 9.0.6.1 - Downloads Module c Parameter XSS",2006-02-22,Lostmon,php,webapps,0 27269,platforms/php/webapps/27269.txt,"Dragonfly CMS 9.0.6.1 - Coppermine Module album Parameter XSS",2006-02-22,Lostmon,php,webapps,0 -27494,platforms/php/webapps/27494.txt,"PHPmyfamily 1.4.1 - Track.php Cross-Site Scripting",2006-03-28,matrix_killer,php,webapps,0 +27494,platforms/php/webapps/27494.txt,"PHPmyfamily 1.4.1 - Track.php Cross-site Scripting",2006-03-28,matrix_killer,php,webapps,0 27495,platforms/php/webapps/27495.txt,"phpCOIN 1.2 - mod_print.php fs Parameter XSS",2006-03-28,r0t,php,webapps,0 27496,platforms/php/webapps/27496.txt,"phpCOIN 1.2 - mod.php fs Parameter XSS",2006-03-28,r0t,php,webapps,0 27271,platforms/windows/remote/27271.rb,"HP Data Protector - CMD Install Service (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash PoC",2013-08-02,d3b4g,windows,dos,0 -27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - (index.php rang param) SQL Injection",2013-08-02,Raw-x,php,webapps,0 +27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - (index.php rang parameter) SQL Injection",2013-08-02,Raw-x,php,webapps,0 27275,platforms/php/webapps/27275.txt,"FunGamez - Remote File Upload",2013-08-02,"cr4wl3r ",php,webapps,0 27276,platforms/php/webapps/27276.html,"Bigace CMS 2.7.8 - Add Admin Account CSRF",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27277,platforms/windows/remote/27277.py,"PCMAN FTP 2.07 - PASS Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 27528,platforms/hardware/remote/27528.rb,"D-Link Devices - Unauthenticated Remote Command Execution (2)",2013-08-12,Metasploit,hardware,remote,0 27279,platforms/php/webapps/27279.txt,"vtiger CRM 5.4.0 (SOAP Services) - Multiple Vulnerabilities",2013-08-02,EgiX,php,webapps,0 -27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b - (pages.php page_name param) SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 +27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b - (pages.php page_name parameter) SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 27282,platforms/windows/local/27282.txt,"Agnitum Outpost Security Suite 8.1 - Privilege Escalation",2013-08-02,"Ahmad Moghimi",windows,local,0 27283,platforms/hardware/webapps/27283.txt,"D-Link DIR-645 1.03B08 - Multiple Vulnerabilities",2013-08-02,"Roberto Paleari",hardware,webapps,0 27284,platforms/hardware/webapps/27284.txt,"INSTEON Hub 2242-222 - Lack of Web and API Authentication",2013-08-02,"Trustwave's SpiderLabs",hardware,webapps,0 @@ -24407,7 +24407,7 @@ id,file,description,date,author,platform,type,port 27287,platforms/php/webapps/27287.txt,"Cotonti 0.9.13 - SQL Injection",2013-08-02,"High-Tech Bridge SA",php,webapps,0 27288,platforms/hardware/webapps/27288.txt,"Western Digital My Net Wireless Routers - Password Disclosure",2013-08-02,"Kyle Lovett",hardware,webapps,0 27289,platforms/hardware/webapps/27289.txt,"TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities",2013-08-02,"Core Security",hardware,webapps,0 -27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Stored XSS",2013-08-02,"Richard Warren",php,webapps,0 +27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Persistent Cross-site Scripting",2013-08-02,"Richard Warren",php,webapps,0 27291,platforms/windows/webapps/27291.txt,"Oracle Hyperion 11 - Directory Traversal",2013-08-02,"Richard Warren",windows,webapps,19000 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer - Remote DoS",2013-08-02,Z3r0n3,windows,dos,0 27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure - test_li_connection.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 @@ -24420,14 +24420,14 @@ id,file,description,date,author,platform,type,port 27300,platforms/php/webapps/27300.txt,"NOCC 1.0 - filter_prefs.php html_filter_select Parameter XSS",2006-02-23,rgod,php,webapps,0 27301,platforms/php/webapps/27301.txt,"NOCC 1.0 - no_mail.php html_no_mail Parameter XSS",2006-02-23,rgod,php,webapps,0 27302,platforms/php/webapps/27302.txt,"NOCC 1.0 - html_bottom_table.php Multiple Parameter XSS",2006-02-23,rgod,php,webapps,0 -27303,platforms/php/webapps/27303.txt,"Oi! Email Marketing System 3.0 - Index.php SQL Injection",2006-02-23,h4cky0u,php,webapps,0 +27303,platforms/php/webapps/27303.txt,"Oi! Email Marketing System 3.0 - 'index.php' SQL Injection",2006-02-23,h4cky0u,php,webapps,0 27304,platforms/php/webapps/27304.html,"CubeCart 3.0.x - Arbitrary File Upload",2006-02-23,"NSA Group",php,webapps,0 27305,platforms/php/webapps/27305.txt,"PHPX 3.5.9 - XCode Tag HTML Injection",2006-02-23,"Thomas Pollet",php,webapps,0 27306,platforms/php/webapps/27306.txt,"JGS-Gallery 4.0 - jgs_galerie_slideshow.php Multiple Parameter XSS",2006-02-23,nuker,php,webapps,0 27307,platforms/php/webapps/27307.txt,"JGS-Gallery 4.0 - Board jgs_galerie_scroll.php userid Parameter XSS",2006-02-23,nuker,php,webapps,0 27308,platforms/php/webapps/27308.txt,"myPHPNuke 1.8.8 - reviews.php letter Parameter XSS",2006-02-22,"Mustafa Can Bjorn",php,webapps,0 27309,platforms/php/webapps/27309.txt,"myPHPNuke 1.8.8 - download.php dcategory Parameter XSS",2006-02-22,"Mustafa Can Bjorn",php,webapps,0 -27310,platforms/asp/webapps/27310.txt,"Battleaxe Software BttlxeForum 2.0 - Failure.ASP Cross-Site Scripting",2006-02-25,rUnViRuS,asp,webapps,0 +27310,platforms/asp/webapps/27310.txt,"Battleaxe Software BttlxeForum 2.0 - Failure.ASP Cross-site Scripting",2006-02-25,rUnViRuS,asp,webapps,0 27311,platforms/php/webapps/27311.txt,"SPiD 1.3.1 - Scan_Lang_Insert.php Local File Inclusion",2006-02-25,"NSA Group",php,webapps,0 27312,platforms/php/webapps/27312.txt,"FreeHostShop Website Generator 3.3 - Arbitrary File Upload",2006-02-25,"NSA Group",php,webapps,0 27313,platforms/php/webapps/27313.txt,"DCI-Taskeen 1.03 - basket.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 @@ -24447,44 +24447,44 @@ id,file,description,date,author,platform,type,port 27327,platforms/php/webapps/27327.txt,"D3Jeeb Pro 3 - fastlinks.php catid Parameter SQL Injection",2006-02-25,SAUDI,php,webapps,0 27328,platforms/php/webapps/27328.txt,"D3Jeeb Pro 3 - catogary.php catid Parameter SQL Injection",2006-02-25,SAUDI,php,webapps,0 27329,platforms/windows/dos/27329.txt,"Alt-N MDaemon 8.1.1 IMAP Server - Remote Format String",2006-02-27,Nemesis,windows,dos,0 -27330,platforms/php/webapps/27330.txt,"n8cms 1.1/1.2 - index.php Multiple Parameter SQL Injection",2006-02-27,Liz0ziM,php,webapps,0 -27331,platforms/php/webapps/27331.txt,"n8cms 1.1/1.2 - index.php Multiple Parameter XSS",2006-02-27,Liz0ziM,php,webapps,0 +27330,platforms/php/webapps/27330.txt,"n8cms 1.1/1.2 - 'index.php' Multiple Parameter SQL Injection",2006-02-27,Liz0ziM,php,webapps,0 +27331,platforms/php/webapps/27331.txt,"n8cms 1.1/1.2 - 'index.php' Multiple Parameter XSS",2006-02-27,Liz0ziM,php,webapps,0 27332,platforms/php/webapps/27332.txt,"n8cms 1.1/1.2 - mailto.php userid Parameter XSS",2006-02-27,Liz0ziM,php,webapps,0 -27333,platforms/php/webapps/27333.txt,"QwikiWiki 1.4 - Index.php Cross-Site Scripting",2006-02-28,Dr^Death,php,webapps,0 +27333,platforms/php/webapps/27333.txt,"QwikiWiki 1.4 - 'index.php' Cross-site Scripting",2006-02-28,Dr^Death,php,webapps,0 27334,platforms/php/local/27334.txt,"PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation",2006-02-28,ced.clerget@free.fr,php,local,0 27335,platforms/php/local/27335.txt,"PHP 4.x/5.0/5.1 - mb_send_mail() Function Parameter Restriction Bypass",2006-02-28,ced.clerget@free.fr,php,local,0 -27336,platforms/php/webapps/27336.txt,"EJ3 TOPo 2.2.178 - Inc_header.php Cross-Site Scripting",2006-02-28,"Yunus Emre Yilmaz",php,webapps,0 +27336,platforms/php/webapps/27336.txt,"EJ3 TOPo 2.2.178 - Inc_header.php Cross-site Scripting",2006-02-28,"Yunus Emre Yilmaz",php,webapps,0 27337,platforms/php/webapps/27337.txt,"Mozilla Thunderbird 1.5 - Multiple Remote Information Disclosure Vulnerabilities",2006-02-28,Crashfr,php,webapps,0 -27338,platforms/php/webapps/27338.txt,"PEHEPE Membership Management System 3.0 - Sol_menu.php Cross-Site Scripting",2006-02-26,"Yunus Emre Yilmaz",php,webapps,0 +27338,platforms/php/webapps/27338.txt,"PEHEPE Membership Management System 3.0 - Sol_menu.php Cross-site Scripting",2006-02-26,"Yunus Emre Yilmaz",php,webapps,0 27339,platforms/php/webapps/27339.txt,"PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection",2006-02-28,"Yunus Emre Yilmaz",php,webapps,0 27340,platforms/php/webapps/27340.txt,"SMBlog 1.2 - Arbitrary PHP Command Execution",2006-03-01,botan,php,webapps,0 27341,platforms/php/webapps/27341.txt,"DCI-Designs Dawaween 1.03 - Poems.php SQL Injection",2006-03-02,sherba,php,webapps,0 27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 - forgotten_password.php SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 27343,platforms/php/webapps/27343.txt,"VBulletin 3.0/3.5 - Profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 -27344,platforms/php/webapps/27344.txt,"NZ Ecommerce System - index.php Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 +27344,platforms/php/webapps/27344.txt,"NZ Ecommerce System - 'index.php' Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Inclusion",2006-03-02,botan,php,webapps,0 27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 - Show.php MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 27347,platforms/php/webapps/27347.txt,"VBZooM Forum 1.11 - comment.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 27348,platforms/php/webapps/27348.txt,"VBZooM Forum 1.11 - contact.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 27349,platforms/php/webapps/27349.txt,"phpArcadeScript 2.0 - tellafriend.php gamename Parameter XSS",2006-03-04,Retard,php,webapps,0 27350,platforms/php/webapps/27350.txt,"phpArcadeScript 2.0 - loginbox.php login_status Parameter XSS",2006-03-04,Retard,php,webapps,0 -27351,platforms/php/webapps/27351.txt,"phpArcadeScript 2.0 - index.php submissionstatus Parameter XSS",2006-03-04,Retard,php,webapps,0 +27351,platforms/php/webapps/27351.txt,"phpArcadeScript 2.0 - 'index.php' submissionstatus Parameter XSS",2006-03-04,Retard,php,webapps,0 27352,platforms/php/webapps/27352.txt,"phpArcadeScript 2.0 - browse.php Multiple Parameter XSS",2006-03-04,Retard,php,webapps,0 27353,platforms/php/webapps/27353.txt,"phpArcadeScript 2.0 - displaygame.php gamefile Parameter XSS",2006-03-04,Retard,php,webapps,0 27354,platforms/php/webapps/27354.txt,"Easy Forum 2.5 - New User Image File HTML Injection",2006-03-04,"Aliaksandr Hartsuyeu",php,webapps,0 -27355,platforms/php/webapps/27355.txt,"Woltlab Burning Board 2.3.4 - Misc.php Cross-Site Scripting",2006-03-04,r57shell,php,webapps,0 +27355,platforms/php/webapps/27355.txt,"Woltlab Burning Board 2.3.4 - Misc.php Cross-site Scripting",2006-03-04,r57shell,php,webapps,0 27362,platforms/php/webapps/27362.txt,"Bitweaver 1.1/1.2 - Title Field HTML Injection",2006-03-06,Kiki,php,webapps,0 27363,platforms/php/webapps/27363.txt,"PHORUM 3.x/5.x - Common.php Remote File Inclusion",2006-03-06,ERNE,php,webapps,0 -27364,platforms/php/webapps/27364.txt,"Game-Panel 2.6 - Login.php Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 +27364,platforms/php/webapps/27364.txt,"Game-Panel 2.6 - Login.php Cross-site Scripting",2006-03-06,Retard,php,webapps,0 27365,platforms/multiple/dos/27365.txt,"Monopd 0.9.3 - Remote Denial of Service",2006-03-06,"Luigi Auriemma",multiple,dos,0 27557,platforms/php/webapps/27557.pl,"PHPSelect Submit-A-Link - HTML Injection",2006-04-01,s3rv3r_hack3r,php,webapps,0 -27367,platforms/php/webapps/27367.txt,"Link Bank - Iframe.php Cross-Site Scripting",2006-03-07,Retard,php,webapps,0 +27367,platforms/php/webapps/27367.txt,"Link Bank - Iframe.php Cross-site Scripting",2006-03-07,Retard,php,webapps,0 27368,platforms/php/webapps/27368.txt,"LoudBlog 0.41 - podcast.php id Parameter SQL Injection",2006-03-07,tzitaroth,php,webapps,0 -27369,platforms/php/webapps/27369.txt,"LoudBlog 0.41 - index.php template Parameter Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 +27369,platforms/php/webapps/27369.txt,"LoudBlog 0.41 - 'index.php' template Parameter Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 27370,platforms/php/webapps/27370.txt,"LoudBlog 0.41 - backend_settings.php language Parameter Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 27371,platforms/php/webapps/27371.txt,"HitHost 1.0 - deleteuser.php user Parameter XSS",2006-03-06,Retard,php,webapps,0 27372,platforms/php/webapps/27372.txt,"HitHost 1.0 - viewuser.php hits Parameter XSS",2006-03-06,Retard,php,webapps,0 -27373,platforms/php/webapps/27373.txt,"TextfileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 +27373,platforms/php/webapps/27373.txt,"TextfileBB 1.0 - Multiple Cross-site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 27374,platforms/php/webapps/27374.txt,"sBlog 0.7.2 - search.php keyword Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - comments_do.php Multiple Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 27376,platforms/ios/webapps/27376.txt,"FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,ios,webapps,0 @@ -24501,30 +24501,30 @@ id,file,description,date,author,platform,type,port 27387,platforms/php/webapps/27387.txt,"myBloggie 2.1.2/2.1.3 - add.php trackback_url Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27388,platforms/php/webapps/27388.txt,"myBloggie 2.1.2/2.1.3 - delcat.php cat_id Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27389,platforms/php/webapps/27389.txt,"myBloggie 2.1.2/2.1.3 - del.php post_id Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27390,platforms/php/webapps/27390.txt,"DCP-Portal 3.7/4.x/5.x/6.x - index.php Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 +27390,platforms/php/webapps/27390.txt,"DCP-Portal 3.7/4.x/5.x/6.x - 'index.php' Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 27391,platforms/php/webapps/27391.txt,"DCP-Portal 3.7/4.x/5.x/6.x - calendar.php Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 27392,platforms/php/webapps/27392.txt,"DCP-Portal 3.7/4.x/5.x/6.x - forums.php Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 27393,platforms/php/webapps/27393.txt,"DCP-Portal 3.7/4.x/5.x/6.x - inbox.php Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 27394,platforms/php/webapps/27394.txt,"DCP-Portal 3.7/4.x/5.x/6.x - lostpassword.php Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 27395,platforms/php/webapps/27395.txt,"DCP-Portal 3.7/4.x/5.x/6.x - mycontents.php Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 -27396,platforms/php/webapps/27396.txt,"txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-09,"Nenad Jovanovic",php,webapps,0 +27396,platforms/php/webapps/27396.txt,"txtForum 1.0.3/1.0.4 - Multiple Cross-site Scripting Vulnerabilities",2006-03-09,"Nenad Jovanovic",php,webapps,0 27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 27398,platforms/php/webapps/27398.txt,"Pluck CMS 4.7 - HTML Code Injection",2013-08-07,"Yashar shahinzadeh",php,webapps,0 -27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 Plugin - CSRF",2013-08-07,"Dylan Irzi",php,webapps,0 +27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 Plugin - Cross-site Request Forgery",2013-08-07,"Dylan Irzi",php,webapps,0 27400,platforms/windows/remote/27400.py,"HP Data Protector - Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Auth Bypass & Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 27403,platforms/php/webapps/27403.txt,"WordPress Usernoise Plugin 3.7.8 - Persistent XSS",2013-08-07,RogueCoder,php,webapps,0 27405,platforms/php/webapps/27405.txt,"Joomla Sectionex Component 2.5.96 - SQL Injection",2013-08-07,"Matias Fontanini",php,webapps,0 -27406,platforms/windows/webapps/27406.txt,"McAfee Superscan 4.0 - XSS",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 +27406,platforms/windows/webapps/27406.txt,"McAfee Superscan 4.0 - Cross-site Scripting",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 27407,platforms/windows/dos/27407.pl,"UnrealIRCd 3.x - Remote Denial of Service",2006-03-09,"Brandon Milner",windows,dos,0 27408,platforms/php/webapps/27408.txt,"txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27409,platforms/php/webapps/27409.txt,"QwikiWiki 1.4/1.5 - index.php Multiple Parameter XSS",2006-03-10,Kiki,php,webapps,0 +27409,platforms/php/webapps/27409.txt,"QwikiWiki 1.4/1.5 - 'index.php' Multiple Parameter XSS",2006-03-10,Kiki,php,webapps,0 27410,platforms/php/webapps/27410.txt,"QwikiWiki 1.4/1.5 - login.php Multiple Parameter XSS",2006-03-10,Kiki,php,webapps,0 27411,platforms/php/webapps/27411.txt,"QwikiWiki 1.4/1.5 - pageindex.php help Parameter XSS",2006-03-10,Kiki,php,webapps,0 27412,platforms/php/webapps/27412.txt,"QwikiWiki 1.4/1.5 - recentchanges.php help Parameter XSS",2006-03-10,Kiki,php,webapps,0 -27413,platforms/php/webapps/27413.txt,"Core News 2.0.1 - Index.php Remote Code Execution",2006-03-10,botan,php,webapps,0 -27414,platforms/php/webapps/27414.txt,"vCard 2.8/2.9 - Create.php Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,Linux_Drox,php,webapps,0 +27413,platforms/php/webapps/27413.txt,"Core News 2.0.1 - 'index.php' Remote Code Execution",2006-03-10,botan,php,webapps,0 +27414,platforms/php/webapps/27414.txt,"vCard 2.8/2.9 - Create.php Multiple Cross-site Scripting Vulnerabilities",2006-03-11,Linux_Drox,php,webapps,0 27415,platforms/php/webapps/27415.txt,"WMNews - wmview.php ArtCat Parameter XSS",2006-03-10,R00T3RR0R,php,webapps,0 27416,platforms/php/webapps/27416.txt,"WMNews - footer.php ctrrowcol Parameter XSS",2006-03-10,R00T3RR0R,php,webapps,0 27417,platforms/php/webapps/27417.txt,"WMNews - wmcomments.php ArtID Parameter XSS",2006-03-10,R00T3RR0R,php,webapps,0 @@ -24533,42 +24533,42 @@ id,file,description,date,author,platform,type,port 27420,platforms/multiple/dos/27420.c,"ENet - Multiple Denial of Service Vulnerabilities",2006-03-13,"Luigi Auriemma",multiple,dos,0 27421,platforms/multiple/dos/27421.txt,"GGZ Gaming Zone 0.0.12 - Multiple Denial of Service Vulnerabilities",2006-03-14,"Luigi Auriemma",multiple,dos,0 27422,platforms/php/webapps/27422.txt,"CyBoards PHP Lite 1.21/1.25 - Post.php SQL Injection",2006-03-14,"Aliaksandr Hartsuyeu",php,webapps,0 -27423,platforms/php/webapps/27423.txt,"DSCounter 1.2 - Index.php SQL Injection",2006-03-14,"Aliaksandr Hartsuyeu",php,webapps,0 -27424,platforms/php/webapps/27424.txt,"DSDownload 1.0 - Multiple SQL Injection",2006-03-15,"Aliaksandr Hartsuyeu",php,webapps,0 +27423,platforms/php/webapps/27423.txt,"DSCounter 1.2 - 'index.php' SQL Injection",2006-03-14,"Aliaksandr Hartsuyeu",php,webapps,0 +27424,platforms/php/webapps/27424.txt,"DSDownload 1.0 - Multiple SQL Injections",2006-03-15,"Aliaksandr Hartsuyeu",php,webapps,0 27425,platforms/linux/dos/27425.txt,"Zoo 2.10 - Parse.c Local Buffer Overflow",2006-03-16,"Josh Bressers",linux,dos,0 -27427,platforms/php/webapps/27427.txt,"Contrexx CMS 1.0.x - Index.php Cross-Site Scripting",2006-03-16,Soot,php,webapps,0 +27427,platforms/php/webapps/27427.txt,"Contrexx CMS 1.0.x - 'index.php' Cross-site Scripting",2006-03-16,Soot,php,webapps,0 27428,platforms/hardware/remote/27428.rb,"D-Link Devices - Unauthenticated Remote Command Execution (1)",2013-08-08,Metasploit,hardware,remote,0 27429,platforms/windows/remote/27429.rb,"Firefox - onreadystatechange Event DocumentViewerImpl Use-After-Free",2013-08-08,Metasploit,windows,remote,0 27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 - (build3) Multiple SQL Injection",2013-08-08,"Matias Fontanini",php,webapps,0 27431,platforms/php/webapps/27431.txt,"BigTree CMS 4.0 RC2 - Multiple Vulnerabilities",2013-08-08,"High-Tech Bridge SA",php,webapps,0 27991,platforms/php/webapps/27991.txt,"PostNuke 0.76 RC2 - Multiple Input Validation Vulnerabilities",2006-06-07,SpC-x,php,webapps,0 27990,platforms/php/webapps/27990.txt,"Calendar Express 2.2 - Month.php SQL Injection",2006-06-07,"CrAzY CrAcKeR",php,webapps,0 -27443,platforms/php/webapps/27443.txt,"ExtCalendar 1.0 - Cross-Site Scripting",2006-03-18,Soothackers,php,webapps,0 -27444,platforms/php/webapps/27444.txt,"Woltlab Burning Board 2.3.4 - Class_DB_MySQL.php Cross-Site Scripting",2006-03-18,r57shell,php,webapps,0 -27445,platforms/php/webapps/27445.txt,"MusicBox 2.3 - index.php Multiple Parameter SQL Injection",2006-03-18,Linux_Drox,php,webapps,0 -27446,platforms/php/webapps/27446.txt,"MusicBox 2.3 - index.php Multiple Parameter XSS",2006-03-18,Linux_Drox,php,webapps,0 +27443,platforms/php/webapps/27443.txt,"ExtCalendar 1.0 - Cross-site Scripting",2006-03-18,Soothackers,php,webapps,0 +27444,platforms/php/webapps/27444.txt,"Woltlab Burning Board 2.3.4 - Class_DB_MySQL.php Cross-site Scripting",2006-03-18,r57shell,php,webapps,0 +27445,platforms/php/webapps/27445.txt,"MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection",2006-03-18,Linux_Drox,php,webapps,0 +27446,platforms/php/webapps/27446.txt,"MusicBox 2.3 - 'index.php' Multiple Parameter XSS",2006-03-18,Linux_Drox,php,webapps,0 27447,platforms/php/webapps/27447.txt,"MusicBox 2.3 - cart.php Multiple Parameter XSS",2006-03-18,Linux_Drox,php,webapps,0 27448,platforms/php/webapps/27448.txt,"phpWebsite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 27449,platforms/php/webapps/27449.txt,"phpWebsite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 27450,platforms/php/webapps/27450.txt,"WinHKI 1.4/1.5/1.6 - Remote Directory Traversal",2006-02-24,raphael.huck@free.fr,php,webapps,0 -27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - Haydn.EXE Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 -27452,platforms/hardware/remote/27452.txt,"F5 Firepass 4100 SSL VPN - Cross-Site Scripting",2006-03-21,"ILION Research",hardware,remote,0 -27453,platforms/php/webapps/27453.txt,"PHP Live! 3.0 - Status_Image.php Cross-Site Scripting",2006-03-22,kspecial,php,webapps,0 +27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - Haydn.EXE Cross-site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 +27452,platforms/hardware/remote/27452.txt,"F5 Firepass 4100 SSL VPN - Cross-site Scripting",2006-03-21,"ILION Research",hardware,remote,0 +27453,platforms/php/webapps/27453.txt,"PHP Live! 3.0 - Status_Image.php Cross-site Scripting",2006-03-22,kspecial,php,webapps,0 27454,platforms/php/webapps/27454.txt,"Motorola - Bluetooth Interface Dialog Spoofing",2006-03-22,kspecial,php,webapps,0 27455,platforms/cfm/webapps/27455.txt,"1WebCalendar 4.0 - viewEvent.cfm EventID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27456,platforms/cfm/webapps/27456.txt,"1WebCalendar 4.0 - /news/newsView.cfm NewsID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27457,platforms/cfm/webapps/27457.txt,"1WebCalendar 4.0 - mainCal.cfm SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 -27458,platforms/php/webapps/27458.txt,"EasyMoblog 0.5 - Img.php Cross-Site Scripting",2006-03-23,FarhadKey,php,webapps,0 -27459,platforms/php/webapps/27459.txt,"CoMoblog 1.0 - Img.php Cross-Site Scripting",2006-03-23,FarhadKey,php,webapps,0 +27458,platforms/php/webapps/27458.txt,"EasyMoblog 0.5 - Img.php Cross-site Scripting",2006-03-23,FarhadKey,php,webapps,0 +27459,platforms/php/webapps/27459.txt,"CoMoblog 1.0 - Img.php Cross-site Scripting",2006-03-23,FarhadKey,php,webapps,0 27460,platforms/multiple/dos/27460.pl,"RealNetworks Multiple Products - Multiple Buffer Overflow Vulnerabilities",2006-03-23,"Federico L. Bossi Bonin",multiple,dos,0 27461,platforms/linux/local/27461.c,"Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities",2006-03-23,"Pavel Kankovsky",linux,local,0 27462,platforms/php/webapps/27462.txt,"AdMan 1.0.20051221 - ViewStatement.php SQL Injection",2003-03-23,r0t,php,webapps,0 -27463,platforms/jsp/webapps/27463.txt,"IBM Tivoli Business Systems Manager 3.1 - APWC_Win_Main.JSP Cross-Site Scripting",2006-03-23,anonymous,jsp,webapps,0 +27463,platforms/jsp/webapps/27463.txt,"IBM Tivoli Business Systems Manager 3.1 - APWC_Win_Main.JSP Cross-site Scripting",2006-03-23,anonymous,jsp,webapps,0 27464,platforms/cgi/webapps/27464.txt,"Cholod MySQL Based Message Board - Mb.CGI SQL Injection",2006-03-24,kspecial,cgi,webapps,0 -27465,platforms/php/webapps/27465.txt,"VihorDesign - Index.php Cross-Site Scripting",2006-03-24,botan,php,webapps,0 -27466,platforms/php/webapps/27466.txt,"VihorDesign - Index.php Remote File Inclusion",2006-03-24,botan,php,webapps,0 -27467,platforms/php/webapps/27467.txt,"ConfTool 1.1 - Index.php Cross-Site Scripting",2006-03-27,botan,php,webapps,0 -27468,platforms/php/webapps/27468.txt,"Nuked-Klan 1.x - Index.php SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 +27465,platforms/php/webapps/27465.txt,"VihorDesign - 'index.php' Cross-site Scripting",2006-03-24,botan,php,webapps,0 +27466,platforms/php/webapps/27466.txt,"VihorDesign - 'index.php' Remote File Inclusion",2006-03-24,botan,php,webapps,0 +27467,platforms/php/webapps/27467.txt,"ConfTool 1.1 - 'index.php' Cross-site Scripting",2006-03-27,botan,php,webapps,0 +27468,platforms/php/webapps/27468.txt,"Nuked-Klan 1.x - 'index.php' SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 27469,platforms/asp/webapps/27469.txt,"EZHomePagePro 1.5 - email.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 27470,platforms/asp/webapps/27470.txt,"EZHomePagePro 1.5 - users_search.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 27471,platforms/asp/webapps/27471.txt,"EZHomePagePro 1.5 - users_calendar.asp page Parameter XSS",2006-03-27,r0t,asp,webapps,0 @@ -24579,21 +24579,21 @@ id,file,description,date,author,platform,type,port 27476,platforms/windows/dos/27476.txt,"Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Vulnerabilities",2006-03-27,"Dinis Cruz",windows,dos,0 27477,platforms/php/webapps/27477.txt,"Maian Weblog 2.0 - print.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27478,platforms/php/webapps/27478.txt,"Maian Weblog 2.0 - mail.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 -27479,platforms/asp/webapps/27479.txt,"Toast Forums 1.6 - Toast.ASP Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,asp,webapps,0 +27479,platforms/asp/webapps/27479.txt,"Toast Forums 1.6 - Toast.ASP Multiple Cross-site Scripting Vulnerabilities",2006-03-27,r0t,asp,webapps,0 27480,platforms/asp/webapps/27480.txt,"Online Quiz System - prequiz.asp exam Parameter XSS",2006-03-27,r0t,asp,webapps,0 27481,platforms/asp/webapps/27481.txt,"Online Quiz System - student.asp msg Parameter XSS",2006-03-27,r0t,asp,webapps,0 -27482,platforms/asp/webapps/27482.txt,"Caloris Planitia Technologies School Management System 1.0 - Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 +27482,platforms/asp/webapps/27482.txt,"Caloris Planitia Technologies School Management System 1.0 - Cross-site Scripting",2006-03-27,r0t,asp,webapps,0 27483,platforms/php/webapps/27483.txt,"Pixel Motion - admin/index.php Multiple Field SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 -27484,platforms/php/webapps/27484.txt,"Pixel Motion - index.php date Parameter SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 -27485,platforms/php/webapps/27485.txt,"DSLogin 1.0 - Index.php Multiple SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 +27484,platforms/php/webapps/27484.txt,"Pixel Motion - 'index.php' date Parameter SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 +27485,platforms/php/webapps/27485.txt,"DSLogin 1.0 - 'index.php' Multiple SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27486,platforms/asp/webapps/27486.txt,"Web Host Automation Ltd. Helm 3.2.10 beta - domains.asp txtDomainName Parameter XSS",2006-03-27,r0t,asp,webapps,0 27487,platforms/asp/webapps/27487.txt,"Web Host Automation Ltd. Helm 3.2.10 beta - default.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 -27488,platforms/cgi/webapps/27488.txt,"BlankOL 1.0 - Bol.CGI Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,cgi,webapps,0 -27489,platforms/cfm/webapps/27489.txt,"FusionZONE CouponZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,cfm,webapps,0 -27490,platforms/cfm/webapps/27490.txt,"ClassifiedZONE 1.2 - Accountlogon.CFM Cross-Site Scripting",2006-03-28,r0t,cfm,webapps,0 -27491,platforms/cfm/webapps/27491.txt,"FusionZONE CouponZONE 4.2 - Multiple SQL Injection",2006-03-27,r0t,cfm,webapps,0 -27492,platforms/php/webapps/27492.txt,"ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,php,webapps,0 -27493,platforms/cfm/webapps/27493.txt,"RealestateZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,cfm,webapps,0 +27488,platforms/cgi/webapps/27488.txt,"BlankOL 1.0 - Bol.CGI Multiple Cross-site Scripting Vulnerabilities",2006-03-27,r0t,cgi,webapps,0 +27489,platforms/cfm/webapps/27489.txt,"FusionZONE CouponZONE 4.2 - Multiple Cross-site Scripting Vulnerabilities",2006-03-28,r0t,cfm,webapps,0 +27490,platforms/cfm/webapps/27490.txt,"ClassifiedZONE 1.2 - Accountlogon.CFM Cross-site Scripting",2006-03-28,r0t,cfm,webapps,0 +27491,platforms/cfm/webapps/27491.txt,"FusionZONE CouponZONE 4.2 - Multiple SQL Injections",2006-03-27,r0t,cfm,webapps,0 +27492,platforms/php/webapps/27492.txt,"ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-site Scripting Vulnerabilities",2006-03-27,r0t,php,webapps,0 +27493,platforms/cfm/webapps/27493.txt,"RealestateZONE 4.2 - Multiple Cross-site Scripting Vulnerabilities",2006-03-28,r0t,cfm,webapps,0 27497,platforms/php/webapps/27497.txt,"CONTROLzx Hms 3.3.4 - shared_order.php sharedPlanID Parameter XSS",2006-03-28,r0t,php,webapps,0 27498,platforms/php/webapps/27498.txt,"CONTROLzx Hms 3.3.4 - dedicated_order.php dedicatedPlanID Parameter XSS",2006-03-28,r0t,php,webapps,0 27499,platforms/php/webapps/27499.txt,"CONTROLzx Hms 3.3.4 - server_management.php plan_id Parameter XSS",2006-03-28,r0t,php,webapps,0 @@ -24604,21 +24604,21 @@ id,file,description,date,author,platform,type,port 27504,platforms/php/webapps/27504.txt,"Connect Daily 3.2.8/3.2.9 - ViewYear.html Multiple Parameter XSS",2006-03-28,r0t,php,webapps,0 27505,platforms/php/webapps/27505.txt,"Connect Daily 3.2.8/3.2.9 - ViewCal.html item_type_id Parameter XSS",2006-03-28,r0t,php,webapps,0 27506,platforms/php/webapps/27506.txt,"Connect Daily 3.2.8/3.2.9 - ViewWeek.html week Parameter XSS",2006-03-28,r0t,php,webapps,0 -27507,platforms/php/webapps/27507.txt,"AL-Caricatier 2.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,Linux_Drox,php,webapps,0 +27507,platforms/php/webapps/27507.txt,"AL-Caricatier 2.5 - Multiple Cross-site Scripting Vulnerabilities",2006-03-28,Linux_Drox,php,webapps,0 27508,platforms/php/remote/27508.txt,"PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure",2006-03-29,Samuel,php,remote,0 -27509,platforms/php/webapps/27509.txt,"OneOrZero 1.6.3 Helpdesk - Index.php SQL Injection",2006-03-28,Preddy,php,webapps,0 +27509,platforms/php/webapps/27509.txt,"OneOrZero 1.6.3 Helpdesk - 'index.php' SQL Injection",2006-03-28,Preddy,php,webapps,0 27510,platforms/php/webapps/27510.txt,"PhxContacts 0.93 - carnet.php Multiple Parameter SQL Injection",2006-03-29,"Morocco Security Team",php,webapps,0 27511,platforms/php/webapps/27511.txt,"PhxContacts 0.93 - contact_view.php id_contact Parameter SQL Injection",2006-03-29,"Morocco Security Team",php,webapps,0 -27512,platforms/php/webapps/27512.txt,"PhxContacts 0.93 - Login.php Cross-Site Scripting",2006-03-29,DaBDouB-MoSiKaR,php,webapps,0 -27513,platforms/php/webapps/27513.txt,"VNews 1.2 - Multiple SQL Injection",2006-03-30,"Aliaksandr Hartsuyeu",php,webapps,0 +27512,platforms/php/webapps/27512.txt,"PhxContacts 0.93 - Login.php Cross-site Scripting",2006-03-29,DaBDouB-MoSiKaR,php,webapps,0 +27513,platforms/php/webapps/27513.txt,"VNews 1.2 - Multiple SQL Injections",2006-03-30,"Aliaksandr Hartsuyeu",php,webapps,0 27514,platforms/php/webapps/27514.txt,"Tribq CMS 5.2.7 - Adding/Editing New Administrator Account CSRF",2013-08-12,"Yashar shahinzadeh",php,webapps,0 27515,platforms/php/webapps/27515.txt,"Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities",2013-08-12,"Yashar shahinzadeh",php,webapps,0 -27518,platforms/php/webapps/27518.txt,"MLMAuction Script - (gallery.php id param) SQL Injection",2013-08-12,3spi0n,php,webapps,0 +27518,platforms/php/webapps/27518.txt,"MLMAuction Script - (gallery.php id parameter) SQL Injection",2013-08-12,3spi0n,php,webapps,0 27519,platforms/php/webapps/27519.txt,"phpVID 1.2.3 - Multiple Vulnerabilities",2013-08-12,3spi0n,php,webapps,0 -27729,platforms/php/webapps/27729.txt,"Scry Gallery 1.1 - Index.php Cross-Site Scripting",2006-04-24,mayank,php,webapps,0 +27729,platforms/php/webapps/27729.txt,"Scry Gallery 1.1 - 'index.php' Cross-site Scripting",2006-04-24,mayank,php,webapps,0 27521,platforms/php/webapps/27521.txt,"Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities",2013-08-12,"Taha Hunter",php,webapps,80 27522,platforms/php/webapps/27522.txt,"Gnew 2013.1 - Multiple Vulnerabilities (1)",2013-08-12,LiquidWorm,php,webapps,80 -27533,platforms/php/webapps/27533.txt,"X-Changer 0.20 - Multiple SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 +27533,platforms/php/webapps/27533.txt,"X-Changer 0.20 - Multiple SQL Injections",2006-03-30,"Morocco Security Team",php,webapps,0 27523,platforms/windows/remote/27523.py,"Sami FTP Server 2.0.1 - MKD Buffer Overflow ASLR Bypass (SEH)",2013-08-12,Polunchis,windows,remote,21 27728,platforms/cgi/webapps/27728.txt,"Blender 2.36 - .BVF File Import Python Code Execution",2006-04-24,"Joxean Koret",cgi,webapps,0 27525,platforms/php/webapps/27525.txt,"Integrated CMS 1.0 - SQL Injection",2013-08-12,DSST,php,webapps,80 @@ -24628,10 +24628,10 @@ id,file,description,date,author,platform,type,port 27530,platforms/multiple/remote/27530.rb,"Squash - YAML Code Execution",2013-08-12,Metasploit,multiple,remote,0 27531,platforms/php/webapps/27531.txt,"WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla redSHOP Component 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 -27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery - Index.php Remote File Inclusion",2006-03-30,"Morocco Security Team",php,webapps,0 +27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery - 'index.php' Remote File Inclusion",2006-03-30,"Morocco Security Team",php,webapps,0 27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 - Post.php SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 -27536,platforms/asp/webapps/27536.txt,"SiteSearch Indexer 3.5 - Searchresults.ASP Cross-Site Scripting",2006-03-31,r0t,asp,webapps,0 -27537,platforms/php/webapps/27537.txt,"Warcraft III Replay Parser for PHP 1.8.c - Index.php Remote File Inclusion",2006-03-31,botan,php,webapps,0 +27536,platforms/asp/webapps/27536.txt,"SiteSearch Indexer 3.5 - Searchresults.ASP Cross-site Scripting",2006-03-31,r0t,asp,webapps,0 +27537,platforms/php/webapps/27537.txt,"Warcraft III Replay Parser for PHP 1.8.c - 'index.php' Remote File Inclusion",2006-03-31,botan,php,webapps,0 27538,platforms/php/webapps/27538.txt,"RedCMS 0.1 - profile.php u Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27539,platforms/php/webapps/27539.txt,"RedCMS 0.1 - login.php Multiple Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27540,platforms/php/webapps/27540.txt,"RedCMS 0.1 - register.php Multiple Field XSS",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24641,9 +24641,9 @@ id,file,description,date,author,platform,type,port 27546,platforms/php/webapps/27546.txt,"SoftBiz Image Gallery - images.php cid Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27547,platforms/multiple/dos/27547.txt,"Zdaemon 1.8.1 - Multiple Vulnerabilities",2006-03-31,"Luigi Auriemma",multiple,dos,0 27548,platforms/php/webapps/27548.txt,"Claroline 1.x - Rqmkhtml.php Information Disclosure",2006-03-31,rgod,php,webapps,0 -27549,platforms/php/webapps/27549.txt,"Claroline 1.x - RQMKHTML.php Cross-Site Scripting",2006-03-31,rgod,php,webapps,0 -27550,platforms/php/webapps/27550.txt,"blank'n'berg 0.2 - Directory Traversal",2006-03-31,"Amine ABOUD",php,webapps,0 -27551,platforms/php/webapps/27551.txt,"Blank'N'Berg 0.2 - Cross-Site Scripting",2006-03-31,"Amine ABOUD",php,webapps,0 +27549,platforms/php/webapps/27549.txt,"Claroline 1.x - RQMKHTML.php Cross-site Scripting",2006-03-31,rgod,php,webapps,0 +27550,platforms/php/webapps/27550.txt,"Blank'N'Berg 0.2 - Directory Traversal",2006-03-31,"Amine ABOUD",php,webapps,0 +27551,platforms/php/webapps/27551.txt,"Blank'N'Berg 0.2 - Cross-site Scripting",2006-03-31,"Amine ABOUD",php,webapps,0 27552,platforms/asp/webapps/27552.txt,"ISP Site Man - Admin_Login.ASP SQL Injection",2006-04-01,s3rv3r_hack3r,asp,webapps,0 27553,platforms/windows/dos/27553.py,"onehttpd 0.7 - Denial of Service",2013-08-13,superkojiman,windows,dos,8080 27554,platforms/windows/remote/27554.py,"MinaliC Webserver 2.0.0 - Buffer Overflow (Egghunter)",2013-08-13,PuN1sh3r,windows,remote,8080 @@ -24654,44 +24654,44 @@ id,file,description,date,author,platform,type,port 27560,platforms/php/webapps/27560.txt,"aWebNews 1.2 - visview.php _GET['cid'] Parameter SQL Injection",2006-04-03,"Aliaksandr Hartsuyeu",php,webapps,0 27561,platforms/cgi/webapps/27561.txt,"Web-APP.net WebAPP 0.9.x - index.cgi Multiple Parameter XSS",2006-04-03,r0t,cgi,webapps,0 27562,platforms/cgi/webapps/27562.txt,"Web-APP.net WebAPP 0.9.x - mods/calendar/index.cgi vsSD Parameter XSS",2006-04-03,r0t,cgi,webapps,0 -27563,platforms/php/webapps/27563.txt,"LucidCMS 2.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-04-03,"Rusydi Hasan",php,webapps,0 -27564,platforms/php/remote/27564.txt,"PHP 4.x/5.0/5.1 - PHPInfo Large Input Cross-Site Scripting",2006-04-03,"Maksymilian Arciemowicz",php,remote,0 +27563,platforms/php/webapps/27563.txt,"LucidCMS 2.0 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2006-04-03,"Rusydi Hasan",php,webapps,0 +27564,platforms/php/remote/27564.txt,"PHP 4.x/5.0/5.1 - PHPInfo Large Input Cross-site Scripting",2006-04-03,"Maksymilian Arciemowicz",php,remote,0 27565,platforms/windows/remote/27565.txt,"HP Color LaserJet 2500/4600 Toolbox - Directory Traversal",2006-04-03,"Richard Horsman",windows,remote,0 27566,platforms/multiple/dos/27566.txt,"Doomsday 1.8/1.9 - Multiple Remote Format String Vulnerabilities",2005-04-03,"Luigi Auriemma",multiple,dos,0 27567,platforms/php/webapps/27567.txt,"ArabPortal 2.0.1 - Multiple Input Validation Vulnerabilities",2006-04-04,o.y.6,php,webapps,0 27568,platforms/windows/remote/27568.py,"UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (1)",2006-04-04,"Luigi Auriemma",windows,remote,0 27569,platforms/windows/remote/27569.txt,"UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (2)",2006-04-04,"Luigi Auriemma",windows,remote,0 -27570,platforms/php/webapps/27570.txt,"Chucky A. Ivey N.T. 1.1 - Index.php Multiple HTML Injection Vulnerabilities",2006-04-05,"Aliaksandr Hartsuyeu",php,webapps,0 +27570,platforms/php/webapps/27570.txt,"Chucky A. Ivey N.T. 1.1 - 'index.php' Multiple HTML Injection Vulnerabilities",2006-04-05,"Aliaksandr Hartsuyeu",php,webapps,0 27571,platforms/php/webapps/27571.txt,"SKForum 1.x - area.View.action areaID Parameter XSS",2006-04-06,r0t,php,webapps,0 27572,platforms/php/webapps/27572.txt,"SKForum 1.x - planning.View.action time Parameter XSS",2006-04-06,r0t,php,webapps,0 27573,platforms/php/webapps/27573.txt,"SKForum 1.x - user.View.action userID Parameter XSS",2006-04-06,r0t,php,webapps,0 -27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine 1.2.4 - PrintFreshPage Cross-Site Scripting",2003-04-06,"Adam Ely",php,webapps,0 +27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine 1.2.4 - PrintFreshPage Cross-site Scripting",2003-04-06,"Adam Ely",php,webapps,0 27575,platforms/php/webapps/27575.txt,"MD News 1 - Admin.php SQL Injection",2006-04-06,"Aliaksandr Hartsuyeu",php,webapps,0 27576,platforms/php/webapps/27576.txt,"MAXDEV CMS 1.0.72/1.0.73 - PNuserapi.php SQL Injection",2006-04-06,king_purba,php,webapps,0 27577,platforms/windows/remote/27577.txt,"Microsoft Internet Explorer 5.0 - Address Bar Spoofing",2006-04-03,"Hai Nam Luke",windows,remote,0 -27578,platforms/php/webapps/27578.txt,"Jupiter CMS 1.1.5 - Index.php Cross-Site Scripting",2006-04-07,KaDaL-X,php,webapps,0 -27579,platforms/php/webapps/27579.txt,"Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-07,KaDaL-X,php,webapps,0 -27580,platforms/php/webapps/27580.txt,"vBulletin 3.5.1 - Vbugs.php Cross-Site Scripting",2006-04-07,r0t,php,webapps,0 +27578,platforms/php/webapps/27578.txt,"Jupiter CMS 1.1.5 - 'index.php' Cross-site Scripting",2006-04-07,KaDaL-X,php,webapps,0 +27579,platforms/php/webapps/27579.txt,"Bitweaver CMS 1.3 - Multiple Cross-site Scripting Vulnerabilities",2006-04-07,KaDaL-X,php,webapps,0 +27580,platforms/php/webapps/27580.txt,"vBulletin 3.5.1 - Vbugs.php Cross-site Scripting",2006-04-07,r0t,php,webapps,0 27581,platforms/linux/dos/27581.txt,"Tony Cook Imager 0.4x - JPEG and TGA Images Denial of Service",2006-04-07,"Kjetil Kjernsmo",linux,dos,0 -27582,platforms/php/webapps/27582.txt,"AWeb's Banner Generator 3.0 - Cross-Site Scripting",2006-04-07,benozor77,php,webapps,0 -27583,platforms/cgi/webapps/27583.txt,"TalentSoft Web+ Shop 5.0 - Deptname Parameter Cross-Site Scripting",2006-04-07,r0t,cgi,webapps,0 -27584,platforms/php/webapps/27584.txt,"JBook 1.3 - Index.php Cross-Site Scripting",2006-04-10,Psych0,php,webapps,0 -27585,platforms/php/webapps/27585.txt,"phpMyForum 4.0 - index.php page Parameter XSS",2006-04-10,Psych0,php,webapps,0 -27586,platforms/php/webapps/27586.txt,"phpMyForum 4.0 - index.php type Variable CRLF Injection",2006-04-10,Psych0,php,webapps,0 +27582,platforms/php/webapps/27582.txt,"AWeb's Banner Generator 3.0 - Cross-site Scripting",2006-04-07,benozor77,php,webapps,0 +27583,platforms/cgi/webapps/27583.txt,"TalentSoft Web+ Shop 5.0 - Deptname Parameter Cross-site Scripting",2006-04-07,r0t,cgi,webapps,0 +27584,platforms/php/webapps/27584.txt,"JBook 1.3 - 'index.php' Cross-site Scripting",2006-04-10,Psych0,php,webapps,0 +27585,platforms/php/webapps/27585.txt,"phpMyForum 4.0 - 'index.php' page Parameter XSS",2006-04-10,Psych0,php,webapps,0 +27586,platforms/php/webapps/27586.txt,"phpMyForum 4.0 - 'index.php' type Variable CRLF Injection",2006-04-10,Psych0,php,webapps,0 27587,platforms/php/webapps/27587.txt,"PhpWebGallery 1.4.1 - category.php Multiple Parameter XSS",2006-04-10,Psych0,php,webapps,0 27588,platforms/php/webapps/27588.txt,"PhpWebGallery 1.4.1 - picture.php Multiple Parameter XSS",2006-04-10,Psych0,php,webapps,0 27589,platforms/php/webapps/27589.txt,"SPIP 1.8.3 - Spip_login.php Remote File Inclusion",2006-04-10,cR45H3R,php,webapps,0 27590,platforms/php/webapps/27590.txt,"APT-webshop 3.0/4.0 - Modules.php Multiple SQL Injection",2005-04-10,r0t,php,webapps,0 -27591,platforms/php/webapps/27591.txt,"Shadowed Portal 5.7 - Load.php Cross-Site Scripting",2006-04-10,Liz0ziM,php,webapps,0 +27591,platforms/php/webapps/27591.txt,"Shadowed Portal 5.7 - Load.php Cross-site Scripting",2006-04-10,Liz0ziM,php,webapps,0 27592,platforms/php/webapps/27592.txt,"SIRE 2.0 - Arbitrary File Upload",2006-04-10,simo64,php,webapps,0 -27593,platforms/php/webapps/27593.txt,"VegaDNS 0.9.9 - index.php cid Parameter SQL Injection",2006-04-10,Ph03n1X,php,webapps,0 +27593,platforms/php/webapps/27593.txt,"VegaDNS 0.9.9 - 'index.php' cid Parameter SQL Injection",2006-04-10,Ph03n1X,php,webapps,0 27594,platforms/cgi/webapps/27594.txt,"Matt Wright Guestbook 2.3.1 - Guestbook.PL Multiple HTML Injection Vulnerabilities",2006-04-07,Liz0ziM,cgi,webapps,0 27595,platforms/php/remote/27595.txt,"PHP 4.x - tempnam() Function open_basedir Restriction Bypass",2006-04-10,"Maksymilian Arciemowicz",php,remote,0 27596,platforms/php/remote/27596.txt,"PHP 4.x - copy() Function Safe Mode Bypass",2006-04-10,"Maksymilian Arciemowicz",php,remote,0 27597,platforms/php/webapps/27597.txt,"KCFinder 2.51 - Local File Disclosure",2013-08-15,DaOne,php,webapps,0 27598,platforms/php/webapps/27598.txt,"Mac's CMS 1.1.4 - Multiple Vulnerabilities",2013-08-15,"Yashar shahinzadeh",php,webapps,0 27600,platforms/php/webapps/27600.txt,"Pligg CMS 2.0.0rc2 - CSRF File Creation",2013-08-15,DaOne,php,webapps,0 -27601,platforms/php/webapps/27601.txt,"Spitfire CMS 1.1.4 - CSRF",2013-08-15,"Yashar shahinzadeh",php,webapps,0 +27601,platforms/php/webapps/27601.txt,"Spitfire CMS 1.1.4 - Cross-site Request Forgery",2013-08-15,"Yashar shahinzadeh",php,webapps,0 27602,platforms/php/webapps/27602.txt,"DotNetNuke DNNArticle Module 10.0 - SQL Injection",2013-08-15,"Sajjad Pourali",php,webapps,0 27603,platforms/php/webapps/27603.txt,"w-CMS 2.0.1 - Remote Code Execution",2013-08-15,ICheer_No0M,php,webapps,0 27806,platforms/windows/remote/27806.txt,"BankTown ActiveX Control 1.4.2.51817/1.5.2.50209 - Remote Buffer Overflow",2006-05-03,"Gyu Tae",windows,remote,0 @@ -24703,26 +24703,26 @@ id,file,description,date,author,platform,type,port 27610,platforms/php/remote/27610.rb,"Joomla Media Manager - File Upload",2013-08-15,Metasploit,php,remote,80 27611,platforms/windows/remote/27611.txt,"Oracle Java - IntegerInterleavedRaster.verify() Signed Integer Overflow",2013-08-15,"Packet Storm",windows,remote,0 27612,platforms/php/webapps/27612.txt,"ShopWeezle 2.0 - login.php itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 -27613,platforms/php/webapps/27613.txt,"ShopWeezle 2.0 - index.php Multiple Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 +27613,platforms/php/webapps/27613.txt,"ShopWeezle 2.0 - 'index.php' Multiple Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27614,platforms/php/webapps/27614.txt,"ShopWeezle 2.0 - memo.php itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27615,platforms/php/webapps/27615.txt,"AzDGVote - Remote File Inclusion",2006-04-11,SnIpEr_SA,php,webapps,0 27616,platforms/php/webapps/27616.txt,"JetPhoto 1.0/2.0/2.1 - thumbnail.php page Parameter XSS",2006-04-11,0o_zeus_o0,php,webapps,0 27617,platforms/php/webapps/27617.txt,"JetPhoto 1.0/2.0/2.1 - gallery.php page Parameter XSS",2006-04-11,0o_zeus_o0,php,webapps,0 27618,platforms/php/webapps/27618.txt,"JetPhoto 1.0/2.0/2.1 - slideshow.php name Parameter XSS",2006-04-11,0o_zeus_o0,php,webapps,0 27619,platforms/php/webapps/27619.txt,"JetPhoto 1.0/2.0/2.1 - detail.php page Parameter XSS",2006-04-11,0o_zeus_o0,php,webapps,0 -27620,platforms/cgi/webapps/27620.txt,"Microsoft FrontPage - Server Extensions Cross-Site Scripting",2006-04-11,"Esteban Martinez Fayo",cgi,webapps,0 +27620,platforms/cgi/webapps/27620.txt,"Microsoft FrontPage - Server Extensions Cross-site Scripting",2006-04-11,"Esteban Martinez Fayo",cgi,webapps,0 27621,platforms/php/webapps/27621.txt,"Clever Copy 3.0 - Connect.INC Information Disclosure",2006-04-11,"M.Hasran Addahroni",php,webapps,0 27622,platforms/php/webapps/27622.txt,"Dokeos 1.x - Viewtopic.php SQL Injection",2006-04-11,"Alvaro Olavarria",php,webapps,0 -27623,platforms/php/webapps/27623.txt,"SWSoft Confixx 3.1.2 - Jahr Parameter Cross-Site Scripting",2006-04-11,Snake_23,php,webapps,0 +27623,platforms/php/webapps/27623.txt,"SWSoft Confixx 3.1.2 - Jahr Parameter Cross-site Scripting",2006-04-11,Snake_23,php,webapps,0 27624,platforms/php/webapps/27624.txt,"PHPKIT 1.6.1 R2 - Include.php SQL Injection",2006-04-11,"Hamid Ebadi",php,webapps,0 27625,platforms/php/webapps/27625.txt,"Indexu 5.0 - Multiple Remote File Inclusion",2006-04-11,SnIpEr_SA,php,webapps,0 -27626,platforms/php/webapps/27626.txt,"Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-11,d4igoro,php,webapps,0 +27626,platforms/php/webapps/27626.txt,"Tritanium Bulletin Board 1.2.3 - Multiple Cross-site Scripting Vulnerabilities",2006-04-11,d4igoro,php,webapps,0 27627,platforms/windows/remote/27627.txt,"Saxopress - URL Parameter Directory Traversal",2006-04-11,SecuriTeam,windows,remote,0 -27628,platforms/php/webapps/27628.txt,"SWSoft Confixx 3.0.6/3.0.8/3.1.2 - Index.php SQL Injection",2006-04-11,LoK-Crew,php,webapps,0 -27629,platforms/php/webapps/27629.txt,"Chipmunk Guestbook 1.3 - Index.php SQL Injection",2006-04-12,Dr.Jr7,php,webapps,0 +27628,platforms/php/webapps/27628.txt,"SWSoft Confixx 3.0.6/3.0.8/3.1.2 - 'index.php' SQL Injection",2006-04-11,LoK-Crew,php,webapps,0 +27629,platforms/php/webapps/27629.txt,"Chipmunk Guestbook 1.3 - 'index.php' SQL Injection",2006-04-12,Dr.Jr7,php,webapps,0 27630,platforms/linux/remote/27630.txt,"Plone 2.x - MembershipTool Access Control Bypass",2006-04-12,MJ0011,linux,remote,0 -27631,platforms/cgi/webapps/27631.txt,"Interaktiv.shop 4/5 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-12,r0t,cgi,webapps,0 -27632,platforms/php/webapps/27632.txt,"phpMyAdmin 2.7 - SQL.php Cross-Site Scripting",2005-10-31,p0w3r,php,webapps,0 +27631,platforms/cgi/webapps/27631.txt,"Interaktiv.shop 4/5 - Multiple Cross-site Scripting Vulnerabilities",2006-04-12,r0t,cgi,webapps,0 +27632,platforms/php/webapps/27632.txt,"phpMyAdmin 2.7 - SQL.php Cross-site Scripting",2005-10-31,p0w3r,php,webapps,0 27635,platforms/linux/dos/27635.txt,"Mozilla Firefox 1.0.x/1.5 - HTML Parsing Null Pointer Dereference Denial of Service",2006-04-13,"Thomas Waldegger",linux,dos,0 27636,platforms/multiple/remote/27636.txt,"Adobe Document Server 6.0 Extensions - ads-readerext actionID Parameter XSS",2006-04-13,"Tan Chew Keong",multiple,remote,0 27637,platforms/multiple/remote/27637.txt,"Adobe Document Server 6.0 Extensions - AlterCast op Parameter XSS",2006-04-13,"Tan Chew Keong",multiple,remote,0 @@ -24730,16 +24730,16 @@ id,file,description,date,author,platform,type,port 27639,platforms/multiple/dos/27639.txt,"W3C Amaya 9.4 - textarea rows Attribute Value Overflow",2006-04-13,"Thomas Waldegger",multiple,dos,0 27640,platforms/multiple/dos/27640.txt,"W3C Amaya 9.4 - legend color Attribute Value Overflow",2006-04-13,"Thomas Waldegger",multiple,dos,0 27641,platforms/linux/dos/27641.txt,"Opera Web Browser 8.52 - Stylesheet Attribute Buffer Overflow",2006-04-13,"SEC Consult",linux,dos,0 -27642,platforms/php/webapps/27642.txt,"AR-Blog 5.2 - Print.php Cross-Site Scripting",2006-04-14,ALMOKANN3,php,webapps,0 +27642,platforms/php/webapps/27642.txt,"AR-Blog 5.2 - Print.php Cross-site Scripting",2006-04-14,ALMOKANN3,php,webapps,0 27643,platforms/php/webapps/27643.php,"PHPAlbum 0.2.2/0.2.3/4.1 - Language.php File Include",2006-04-15,rgod,php,webapps,0 -27644,platforms/php/webapps/27644.txt,"PlanetSearch + - Planetsearchplus.php Cross-Site Scripting",2006-04-13,d4igoro,php,webapps,0 +27644,platforms/php/webapps/27644.txt,"PlanetSearch + - Planetsearchplus.php Cross-site Scripting",2006-04-13,d4igoro,php,webapps,0 27645,platforms/php/webapps/27645.txt,"PowerClan 1.14 - Member.php SQL Injection",2006-04-13,d4igoro,php,webapps,0 -27646,platforms/php/webapps/27646.txt,"LifeType 1.0.3 - Index.php Cross-Site Scripting",2006-04-13,"Rusydi Hasan",php,webapps,0 -27647,platforms/php/webapps/27647.txt,"Papoo 2.1.x - Print.php Cross-Site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 -27648,platforms/php/webapps/27648.txt,"MODxCMS 0.9.1 - Index.php Cross-Site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 -27649,platforms/php/webapps/27649.txt,"MODxCMS 0.9.1 - Index.php Directory Traversal",2006-04-14,"Rusydi Hasan",php,webapps,0 -27650,platforms/php/webapps/27650.txt,"FarsiNews 2.1/2.5 - Search.php Cross-Site Scripting",2006-04-14,"amin emami",php,webapps,0 -27651,platforms/php/webapps/27651.txt,"Tiny Web Gallery 1.4 - Index.php Cross-Site Scripting",2006-04-15,Qex,php,webapps,0 +27646,platforms/php/webapps/27646.txt,"LifeType 1.0.3 - 'index.php' Cross-site Scripting",2006-04-13,"Rusydi Hasan",php,webapps,0 +27647,platforms/php/webapps/27647.txt,"Papoo 2.1.x - Print.php Cross-site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 +27648,platforms/php/webapps/27648.txt,"MODxCMS 0.9.1 - 'index.php' Cross-site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 +27649,platforms/php/webapps/27649.txt,"MODxCMS 0.9.1 - 'index.php' Directory Traversal",2006-04-14,"Rusydi Hasan",php,webapps,0 +27650,platforms/php/webapps/27650.txt,"FarsiNews 2.1/2.5 - Search.php Cross-site Scripting",2006-04-14,"amin emami",php,webapps,0 +27651,platforms/php/webapps/27651.txt,"Tiny Web Gallery 1.4 - 'index.php' Cross-site Scripting",2006-04-15,Qex,php,webapps,0 27652,platforms/php/webapps/27652.txt,"Quack Chat 1.0 - Multiple Vulnerabilities",2013-08-17,"Dylan Irzi",php,webapps,80 27969,platforms/multiple/dos/27969.c,"Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow",2006-06-05,"Luigi Auriemma",multiple,dos,0 27970,platforms/php/webapps/27970.txt,"CyBoards PHP Lite 1.21/1.25 - Common.php Remote File Inclusion",2006-06-05,SpC-x,php,webapps,0 @@ -24747,97 +24747,97 @@ id,file,description,date,author,platform,type,port 27655,platforms/ios/webapps/27655.txt,"Copy to WebDAV 1.1 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,ios,webapps,0 27656,platforms/ios/webapps/27656.txt,"Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,ios,webapps,0 27658,platforms/php/webapps/27658.txt,"PHPGuestbook 0.0.2/1.0 - HTML Injection",2006-04-15,Qex,php,webapps,0 -27659,platforms/php/webapps/27659.txt,"phpFaber TopSites - Index.php Cross-Site Scripting",2006-04-17,botan,php,webapps,0 +27659,platforms/php/webapps/27659.txt,"phpFaber TopSites - 'index.php' Cross-site Scripting",2006-04-17,botan,php,webapps,0 27660,platforms/php/webapps/27660.txt,"Monster Top List 1.4 - Functions.php Remote File Inclusion",2006-04-17,r0t,php,webapps,0 -27661,platforms/php/webapps/27661.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (1)",2006-04-17,Hessam-x,php,webapps,0 -27662,platforms/php/webapps/27662.txt,"Blursoft Blur6ex 0.3.462 - Index.php Local File Inclusion",2006-04-17,"Hamid Ebadi",php,webapps,0 +27661,platforms/php/webapps/27661.txt,"TinyPHPForum 3.6 - Multiple Cross-site Scripting Vulnerabilities (1)",2006-04-17,Hessam-x,php,webapps,0 +27662,platforms/php/webapps/27662.txt,"Blursoft Blur6ex 0.3.462 - 'index.php' Local File Inclusion",2006-04-17,"Hamid Ebadi",php,webapps,0 27663,platforms/php/webapps/27663.txt,"DbbS 2.0 - Multiple Input Validation Vulnerabilities",2006-04-17,rgod,php,webapps,0 -27664,platforms/php/webapps/27664.txt,"Jax Guestbook 3.50 - Page Parameter Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 -27665,platforms/php/webapps/27665.txt,"Calendarix 0.7 - YearCal.php Cross-Site Scripting",2006-04-17,botan,php,webapps,0 -27666,platforms/php/webapps/27666.txt,"Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-17,"Aaron Kaplan",php,webapps,0 +27664,platforms/php/webapps/27664.txt,"Jax Guestbook 3.50 - Page Parameter Cross-site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 +27665,platforms/php/webapps/27665.txt,"Calendarix 0.7 - YearCal.php Cross-site Scripting",2006-04-17,botan,php,webapps,0 +27666,platforms/php/webapps/27666.txt,"Manila 9.0.1 - Multiple Cross-site Scripting Vulnerabilities",2006-04-17,"Aaron Kaplan",php,webapps,0 27667,platforms/php/webapps/27667.txt,"MyBB 1.1 - Global Variable Overwrite",2006-04-17,imei,php,webapps,0 27668,platforms/multiple/dos/27668.c,"Neon Responders 5.4 - Remote Clock Synchronization Denial of Service",2006-04-10,"Stefan Lochbihler",multiple,dos,0 -27669,platforms/php/webapps/27669.txt,"Coppermine 1.4.4 - Index.php Local File Inclusion",2006-04-17,imei,php,webapps,0 +27669,platforms/php/webapps/27669.txt,"Coppermine 1.4.4 - 'index.php' Local File Inclusion",2006-04-17,imei,php,webapps,0 27670,platforms/linux/dos/27670.txt,"Xine 0.9/1.0 - Playlist Handling Remote Format String",2006-04-18,c0ntexb,linux,dos,0 -27671,platforms/php/webapps/27671.txt,"LinPHA 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-18,d4igoro,php,webapps,0 -27672,platforms/cgi/webapps/27672.txt,"axoverzicht.CGI - Cross-Site Scripting",2006-04-18,Qex,cgi,webapps,0 -27673,platforms/php/webapps/27673.txt,"phpLinks 2.1.2/2.1.3 - Index.php Cross-Site Scripting",2006-04-18,r0t,php,webapps,0 +27671,platforms/php/webapps/27671.txt,"LinPHA 1.1 - Multiple Cross-site Scripting Vulnerabilities",2006-04-18,d4igoro,php,webapps,0 +27672,platforms/cgi/webapps/27672.txt,"axoverzicht.CGI - Cross-site Scripting",2006-04-18,Qex,cgi,webapps,0 +27673,platforms/php/webapps/27673.txt,"phpLinks 2.1.2/2.1.3 - 'index.php' Cross-site Scripting",2006-04-18,r0t,php,webapps,0 27674,platforms/php/webapps/27674.txt,"RechnungsZentrale 2 1.1.3 - Authent.php4 SQL Injection",2006-04-18,"GroundZero Security",php,webapps,0 -27675,platforms/php/webapps/27675.txt,"PHPLister 0.4.1 - Index.php Cross-Site Scripting",2006-04-18,botan,php,webapps,0 -27676,platforms/php/webapps/27676.txt,"CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting",2006-04-19,LoK-Crew,php,webapps,0 -27677,platforms/php/webapps/27677.txt,"Article Publisher 1.0.1 Pro - Multiple SQL Injection",2006-04-19,r0t,php,webapps,0 +27675,platforms/php/webapps/27675.txt,"PHPLister 0.4.1 - 'index.php' Cross-site Scripting",2006-04-18,botan,php,webapps,0 +27676,platforms/php/webapps/27676.txt,"CutePHP CuteNews 1.4.1 Editnews Module - Cross-site Scripting",2006-04-19,LoK-Crew,php,webapps,0 +27677,platforms/php/webapps/27677.txt,"Article Publisher 1.0.1 Pro - Multiple SQL Injections",2006-04-19,r0t,php,webapps,0 27678,platforms/php/webapps/27678.txt,"ModernBill 4.3 - User.php SQL Injection",2006-04-19,r0t,php,webapps,0 27679,platforms/cgi/webapps/27679.txt,"Visale 1.0 - pbpgst.cgi keyval Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27680,platforms/cgi/webapps/27680.txt,"Visale 1.0 - pblscg.cgi catsubno Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27681,platforms/cgi/webapps/27681.txt,"Visale 1.0 - pblsmb.cgi listno Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27682,platforms/cgi/webapps/27682.txt,"CommuniMail 1.2 - mailadmin.cgi list_id Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27683,platforms/cgi/webapps/27683.txt,"CommuniMail 1.2 - templates.cgi form_id Parameter XSS",2006-04-19,r0t,cgi,webapps,0 -27684,platforms/jsp/webapps/27684.txt,"Cisco Wireless Lan Solution Engine - ArchiveApplyDisplay.JSP Cross-Site Scripting",2006-04-19,"Adam Pointon",jsp,webapps,0 +27684,platforms/jsp/webapps/27684.txt,"Cisco Wireless Lan Solution Engine - ArchiveApplyDisplay.JSP Cross-site Scripting",2006-04-19,"Adam Pointon",jsp,webapps,0 27685,platforms/cgi/webapps/27685.txt,"IntelliLink Pro 5.06 - addlink_lwp.cgi url Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27686,platforms/cgi/webapps/27686.txt,"IntelliLink Pro 5.06 - edit.cgi Multiple Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27687,platforms/php/webapps/27687.txt,"ThWboard 2.8 - Showtopic.php SQL Injection",2006-04-19,Qex,php,webapps,0 -27688,platforms/php/webapps/27688.txt,"ContentBoxx - Login.php Cross-Site Scripting",2006-04-19,botan,php,webapps,0 -27689,platforms/cgi/webapps/27689.txt,"BannerFarm 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 +27688,platforms/php/webapps/27688.txt,"ContentBoxx - Login.php Cross-site Scripting",2006-04-19,botan,php,webapps,0 +27689,platforms/cgi/webapps/27689.txt,"BannerFarm 2.3 - Multiple Cross-site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27690,platforms/cgi/webapps/27690.txt,"xFlow 5.46.11 - index.cgi Multiple Parameter SQL Injection",2006-04-19,r0t,cgi,webapps,0 27691,platforms/cgi/webapps/27691.txt,"xFlow 5.46.11 - index.cgi Multiple Parameter XSS",2006-04-19,r0t,cgi,webapps,0 -27692,platforms/php/webapps/27692.txt,"Plexum PlexCart X5 - Multiple SQL Injection",2006-04-19,r0t,php,webapps,0 +27692,platforms/php/webapps/27692.txt,"Plexum PlexCart X5 - Multiple SQL Injections",2006-04-19,r0t,php,webapps,0 27693,platforms/php/webapps/27693.txt,"otalCalendar - about.php inc_dir Parameter Remote File Inclusion",2006-04-19,VietMafia,php,webapps,0 -27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWstats.PL Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 +27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWstats.PL Multiple Cross-site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27695,platforms/cgi/webapps/27695.txt,"Net Clubs Pro 4.0 - sendim.cgi Multiple Parameter XSS",2006-04-20,r0t,cgi,webapps,0 27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 - imessage.cgi username Parameter XSS",2006-04-20,r0t,cgi,webapps,0 27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi password Parameter XSS",2006-04-20,r0t,cgi,webapps,0 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Auth Heap Corruption",2013-09-03,kingcope,hardware,remote,0 -28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injection",2006-06-17,Liz0ziM,php,webapps,0 -28058,platforms/php/webapps/28058.txt,"Eduha Meeting - Index.php Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 +28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injections",2006-06-17,Liz0ziM,php,webapps,0 +28058,platforms/php/webapps/28058.txt,"Eduha Meeting - 'index.php' Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x - view_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 28054,platforms/php/webapps/28054.txt,"WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 -27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - (.m3u) Local Crash PoC",2013-08-19,Asesino04,windows,dos,0 +27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - '.m3u' Local Crash PoC",2013-08-19,Asesino04,windows,dos,0 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum - Common.php Remote File Inclusion",2006-04-20,r0t,php,webapps,0 -27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 - EasyGallery.php Cross-Site Scripting",2006-04-20,botan,php,webapps,0 -27709,platforms/php/webapps/27709.txt,"4homepages 4images 1.7 - Member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 -27710,platforms/php/webapps/27710.txt,"W2B Online Banking - SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 +27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 - EasyGallery.php Cross-site Scripting",2006-04-20,botan,php,webapps,0 +27709,platforms/php/webapps/27709.txt,"4homepages 4images 1.7 - Member.php Cross-site Scripting",2006-04-20,Qex,php,webapps,0 +27710,platforms/php/webapps/27710.txt,"W2B Online Banking - SID Parameter Cross-site Scripting",2006-04-20,r0t,php,webapps,0 27975,platforms/php/webapps/27975.txt,"Bookmark4U 2.0 - inc/common.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27976,platforms/php/webapps/27976.txt,"Bookmark4U 2.0 - inc/function.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27977,platforms/php/webapps/27977.txt,"Kmita FAQ 1.0 - search.php q Parameter XSS",2006-06-05,Luny,php,webapps,0 -27978,platforms/php/webapps/27978.txt,"Kmita FAQ 1.0 - index.php catid Parameter SQL Injection",2006-06-05,Luny,php,webapps,0 +27978,platforms/php/webapps/27978.txt,"Kmita FAQ 1.0 - 'index.php' catid Parameter SQL Injection",2006-06-05,Luny,php,webapps,0 27703,platforms/windows/remote/27703.py,"PCMAN FTP 2.07 - STOR Command Buffer Overflow Exploit",2013-08-19,Polunchis,windows,remote,0 27704,platforms/windows/remote/27704.rb,"Cogent DataHub - HTTP Server Buffer Overflow",2013-08-19,Metasploit,windows,remote,0 27705,platforms/multiple/remote/27705.rb,"Java - storeImageArray() Invalid Array Indexing",2013-08-19,Metasploit,multiple,remote,0 27706,platforms/hardware/remote/27706.txt,"IBM 1754 GCM 1.18.0.22011 - Remote Command Execution",2013-08-19,"Alejandro Alvarez Bravo",hardware,remote,0 28694,platforms/php/webapps/28694.txt,"VBulletin 2.3.x - Global.php SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 -27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - Index.php Cross-Site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 -27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 +27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - 'index.php' Cross-site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 +27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 - Multiple Cross-site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 - MWguest.php HTML Injection",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 27714,platforms/osx/dos/27714.txt,"Apple Mac OS X 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 -27715,platforms/osx/dos/27715.txt,"Apple Mac OS X 10.x - (.zip) Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27715,platforms/osx/dos/27715.txt,"Apple Mac OS X 10.x - '.zip' Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 - Audio.php Information Disclosure",2006-04-21,"Francois Harvey",multiple,remote,0 27717,platforms/php/webapps/27717.txt,"phpldapadmin 0.9.8 - compare_form.php dn Parameter XSS",2006-04-21,r0t,php,webapps,0 27718,platforms/php/webapps/27718.txt,"phpldapadmin 0.9.8 - copy_form.php dn Parameter XSS",2006-04-21,r0t,php,webapps,0 27719,platforms/php/webapps/27719.txt,"phpldapadmin 0.9.8 - rename_form.php dn Parameter XSS",2006-04-21,r0t,php,webapps,0 -33404,platforms/php/webapps/33404.txt,"phpFaber CMS 1.3.36 - 'module.php' Cross-Site Scripting",2009-12-14,bi0,php,webapps,0 +33404,platforms/php/webapps/33404.txt,"phpFaber CMS 1.3.36 - 'module.php' Cross-site Scripting",2009-12-14,bi0,php,webapps,0 27721,platforms/php/webapps/27721.txt,"phpldapadmin 0.9.8 - search.php scope Parameter XSS",2006-04-21,r0t,php,webapps,0 27722,platforms/php/webapps/27722.txt,"phpldapadmin 0.9.8 - template_engine.php Multiple Parameter XSS",2006-04-21,r0t,php,webapps,0 27723,platforms/linux/dos/27723.txt,"Yukihiro Matsumoto Ruby 1.x - XMLRPC Server Denial of Service",2006-04-21,"Tanaka Akira",linux,dos,0 27724,platforms/php/webapps/27724.txt,"Scry Gallery - Directory Traversal",2006-04-21,"Morocco Security Team",php,webapps,0 27725,platforms/php/webapps/27725.txt,"MKPortal 1.1 - Multiple Input Validation Vulnerabilities",2006-04-22,"Mustafa Can Bjorn IPEKCI",php,webapps,0 -27726,platforms/php/webapps/27726.txt,"Simplog 0.9.3 - ImageList.php Cross-Site Scripting",2006-04-22,nukedx,php,webapps,0 +27726,platforms/php/webapps/27726.txt,"Simplog 0.9.3 - ImageList.php Cross-site Scripting",2006-04-22,nukedx,php,webapps,0 27730,platforms/multiple/dos/27730.py,"Lotus Domino 7.0.x/8.0/8.5 - LDAP Message Remote Denial of Service",2006-04-24,"Evgeny Legerov",multiple,dos,0 -27731,platforms/php/webapps/27731.txt,"photokorn 1.53/1.54 - index.php Multiple Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 +27731,platforms/php/webapps/27731.txt,"photokorn 1.53/1.54 - 'index.php' Multiple Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 27732,platforms/php/webapps/27732.txt,"photokorn 1.53/1.54 - postcard.php id Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 27733,platforms/php/webapps/27733.txt,"photokorn 1.53/1.54 - print.php cat Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 27734,platforms/php/webapps/27734.txt,"NextAge Shopping Cart - Multiple HTML Injection Vulnerabilities",2006-04-25,R@1D3N,php,webapps,0 -27735,platforms/php/webapps/27735.txt,"PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-25,arko.dhar,php,webapps,0 -27736,platforms/php/webapps/27736.txt,"Invision Power Board 2.0/2.1 - Index.php CK Parameter SQL Injection",2006-05-25,IceShaman,php,webapps,0 +27735,platforms/php/webapps/27735.txt,"PHPWebFTP 2.3 - Multiple Cross-site Scripting Vulnerabilities",2006-04-25,arko.dhar,php,webapps,0 +27736,platforms/php/webapps/27736.txt,"Invision Power Board 2.0/2.1 - 'index.php' CK Parameter SQL Injection",2006-05-25,IceShaman,php,webapps,0 27737,platforms/php/webapps/27737.txt,"Instant Photo Gallery 1.0 - member.php member Parameter XSS",2006-04-25,Qex,php,webapps,0 27738,platforms/php/webapps/27738.txt,"Instant Photo Gallery 1.0 - portfolio.php cat_id Parameter XSS",2006-04-25,Qex,php,webapps,0 27739,platforms/php/webapps/27739.txt,"Instant Photo Gallery 1.0 - portfolio_photo_popup.php id Parameter XSS",2006-04-25,Qex,php,webapps,0 -27740,platforms/php/webapps/27740.txt,"CuteNews 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-26,outlaw.dll,php,webapps,0 -27741,platforms/php/webapps/27741.txt,"FarsiNews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-26,O.U.T.L.A.W.,php,webapps,0 -27742,platforms/php/webapps/27742.txt,"DevBB 1.0 - Member.php Cross-Site Scripting",2006-04-26,Qex,php,webapps,0 +27740,platforms/php/webapps/27740.txt,"CuteNews 1.4.1 - Multiple Cross-site Scripting Vulnerabilities",2006-04-26,outlaw.dll,php,webapps,0 +27741,platforms/php/webapps/27741.txt,"FarsiNews 2.5.3 - Multiple Cross-site Scripting Vulnerabilities",2006-04-26,O.U.T.L.A.W.,php,webapps,0 +27742,platforms/php/webapps/27742.txt,"DevBB 1.0 - Member.php Cross-site Scripting",2006-04-26,Qex,php,webapps,0 27743,platforms/php/webapps/27743.txt,"MySmartBB 1.1.2/1.1.3 - Multiple Input Validation Vulnerabilities",2006-04-04,BoNy-m,php,webapps,0 27744,platforms/windows/remote/27744.html,"Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation",2006-04-26,"Matthew Murphy",windows,remote,0 27745,platforms/windows/dos/27745.txt,"Outlook Express 5.5/6.0 / Windows Mail - MHTML URI Handler Information Disclosure",2006-04-27,codedreamer,windows,dos,0 @@ -24855,18 +24855,18 @@ id,file,description,date,author,platform,type,port 27758,platforms/windows/remote/27758.txt,"ezb systems ultraiso 8.0.1392 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27759,platforms/windows/remote/27759.txt,"magiciso 5.0 build 0166 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27760,platforms/windows/remote/27760.txt,"poweriso 2.9 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 -27761,platforms/cgi/webapps/27761.txt,"NeoMail - NeoMail.PL SessionID Parameter Cross-Site Scripting",2006-04-28,O.U.T.L.A.W,cgi,webapps,0 +27761,platforms/cgi/webapps/27761.txt,"NeoMail - NeoMail.PL SessionID Parameter Cross-site Scripting",2006-04-28,O.U.T.L.A.W,cgi,webapps,0 27762,platforms/linux/dos/27762.txt,"LibTiff 3.x - Multiple Denial of Service Vulnerabilities",2006-04-28,"Tavis Ormandy",linux,dos,0 27763,platforms/php/webapps/27763.php,"I-RATER Platinum - Config_settings.TPL.php Remote File Inclusion",2006-04-28,O.U.T.L.A.W,php,webapps,0 27764,platforms/linux/dos/27764.txt,"LibTiff 3.x - TIFFFetchData Integer Overflow",2006-04-28,"Tavis Ormandy",linux,dos,0 27765,platforms/linux/dos/27765.txt,"LibTiff 3.x - Double Free Memory Corruption",2008-04-28,"Tavis Ormandy",linux,dos,0 27766,platforms/linux/local/27766.txt,"Linux Kernel 2.6.x - SMBFS CHRoot Security Restriction Bypass",2006-04-28,"Marcel Holtmann",linux,local,0 -27767,platforms/php/webapps/27767.txt,"Artmedic Event - Index.php Remote File Inclusion",2006-04-28,botan,php,webapps,0 -27768,platforms/php/webapps/27768.php,"CoolMenus 4.0 - Index.php Remote File Inclusion",2006-04-28,botan,php,webapps,0 +27767,platforms/php/webapps/27767.txt,"Artmedic Event - 'index.php' Remote File Inclusion",2006-04-28,botan,php,webapps,0 +27768,platforms/php/webapps/27768.php,"CoolMenus 4.0 - 'index.php' Remote File Inclusion",2006-04-28,botan,php,webapps,0 27769,platforms/linux/local/27769.txt,"Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass",2006-04-28,"Marcel Holtmann",linux,local,0 27770,platforms/php/webapps/27770.txt,"Blog 0.2.3/0.2.4 Mod - Weblog_posting.php SQL Injection",2006-04-29,Qex,php,webapps,0 27771,platforms/php/webapps/27771.txt,"Ovidentia 7.9.4 - Multiple Vulnerabilities",2013-08-22,LiquidWorm,php,webapps,80 -27855,platforms/php/webapps/27855.txt,"Vizra - A_Login.php Cross-Site Scripting",2006-05-11,R00TT3R,php,webapps,0 +27855,platforms/php/webapps/27855.txt,"Vizra - A_Login.php Cross-site Scripting",2006-05-11,R00TT3R,php,webapps,0 27856,platforms/linux/dos/27856.txt,"GNU BinUtils 2.1x - Buffer Overflow",2006-05-11,"Jesus Olmos Gonzalez",linux,dos,0 27857,platforms/php/webapps/27857.txt,"phpBB Chart Mod 1.1 - charts.php id Parameter SQL Injection",2006-05-11,sn4k3.23,php,webapps,0 27773,platforms/php/webapps/27773.txt,"CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities",2013-08-22,"Dylan Irzi",php,webapps,0 @@ -24883,43 +24883,43 @@ id,file,description,date,author,platform,type,port 27784,platforms/php/webapps/27784.txt,"PlanetGallery - Gallery_admin.php Authentication Bypass",2006-04-29,tugr@,php,webapps,0 27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion",2006-05-01,beford,php,webapps,0 27786,platforms/php/webapps/27786.txt,"phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion",2006-05-01,[Oo],php,webapps,0 -27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injection",2006-05-01,r0t,php,webapps,0 +27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injections",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 - signup.php referral Parameter XSS",2006-05-01,r0t,php,webapps,0 27789,platforms/php/webapps/27789.txt,"OrbitHYIP 2.0 - members.php id Parameter XSS",2006-05-01,r0t,php,webapps,0 27790,platforms/osx/dos/27790.txt,"Apple Mac OS X 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,osx,dos,0 27791,platforms/linux/dos/27791.txt,"Xine 0.99.x - Filename Handling Remote Format String",2006-05-01,KaDaL-X,linux,dos,0 -27792,platforms/php/webapps/27792.txt,"SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-01,r0t,php,webapps,0 -27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - POS Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 -27794,platforms/php/webapps/27794.txt,"JSBoard 2.0.10/2.0.11 - Login.php Cross-Site Scripting",2006-05-02,"Alexander Klink",php,webapps,0 +27792,platforms/php/webapps/27792.txt,"SunShop Shopping Cart 3.5 - Multiple Cross-site Scripting Vulnerabilities",2006-05-01,r0t,php,webapps,0 +27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - POS Parameter Cross-site Scripting",2006-05-01,r0t,php,webapps,0 +27794,platforms/php/webapps/27794.txt,"JSBoard 2.0.10/2.0.11 - Login.php Cross-site Scripting",2006-05-02,"Alexander Klink",php,webapps,0 27795,platforms/php/webapps/27795.txt,"zenphoto 0.9/1.0 - i.php a Parameter XSS",2006-05-02,zone14,php,webapps,0 -27796,platforms/php/webapps/27796.txt,"zenphoto 0.9/1.0 - index.php Multiple Parameter XSS",2006-05-02,zone14,php,webapps,0 -27797,platforms/php/webapps/27797.txt,"XDT Pro 2.3 - Stats.php Cross-Site Scripting",2006-05-02,almaster,php,webapps,0 -27798,platforms/php/webapps/27798.txt,"GeoBlog MOD_1.0 - Viewcat.php Cross-Site Scripting",2006-05-02,SubjectZero,php,webapps,0 -27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7.1 - Server_day_stats.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 -27800,platforms/php/webapps/27800.txt,"Pinnacle Cart 3.3 - Index.php Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 +27796,platforms/php/webapps/27796.txt,"zenphoto 0.9/1.0 - 'index.php' Multiple Parameter XSS",2006-05-02,zone14,php,webapps,0 +27797,platforms/php/webapps/27797.txt,"XDT Pro 2.3 - Stats.php Cross-site Scripting",2006-05-02,almaster,php,webapps,0 +27798,platforms/php/webapps/27798.txt,"GeoBlog MOD_1.0 - Viewcat.php Cross-site Scripting",2006-05-02,SubjectZero,php,webapps,0 +27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7.1 - Server_day_stats.php Multiple Cross-site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 +27800,platforms/php/webapps/27800.txt,"Pinnacle Cart 3.3 - 'index.php' Cross-site Scripting",2006-05-02,r0t,php,webapps,0 27801,platforms/linux/remote/27801.txt,"Quagga Routing Software Suite 0.9x - RIPd RIPv1 Request Routing Table Disclosure",2006-05-03,"Konstantin V. Gavrilenko",linux,remote,0 27802,platforms/linux/remote/27802.txt,"Quagga Routing Software Suite 0.9x - RIPd RIPv1 RESPONSE Packet Route Injection",2006-05-03,"Konstantin V. Gavrilenko",linux,remote,0 -27803,platforms/php/webapps/27803.txt,"321soft PhP-Gallery 0.9 - index.php path Variable Arbitrary Directory Listing",2006-05-03,d4igoro,php,webapps,0 -27804,platforms/php/webapps/27804.txt,"321soft PhP-Gallery 0.9 - index.php path Parameter XSS",2006-05-03,d4igoro,php,webapps,0 -27805,platforms/windows/remote/27805.py,"dreamMail e-mail client 4.6.9.2 - Stored XSS",2013-08-23,loneferret,windows,remote,0 +27803,platforms/php/webapps/27803.txt,"321soft PhP-Gallery 0.9 - 'index.php' path Variable Arbitrary Directory Listing",2006-05-03,d4igoro,php,webapps,0 +27804,platforms/php/webapps/27804.txt,"321soft PhP-Gallery 0.9 - 'index.php' path Parameter XSS",2006-05-03,d4igoro,php,webapps,0 +27805,platforms/windows/remote/27805.py,"dreamMail e-mail client 4.6.9.2 - Persistent Cross-site Scripting",2013-08-23,loneferret,windows,remote,0 27807,platforms/php/webapps/27807.txt,"Fast Click SQL Lite 1.1.2/1.1.3 - Show.php Remote File Inclusion",2006-05-03,R@1D3N,php,webapps,0 -27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 - Index.php Multiple SQL Injection",2006-05-03,almaster,php,webapps,0 -27809,platforms/php/webapps/27809.txt,"MyNews 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,DreamLord,php,webapps,0 +27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 - 'index.php' Multiple SQL Injection",2006-05-03,almaster,php,webapps,0 +27809,platforms/php/webapps/27809.txt,"MyNews 1.6.2 - Multiple Cross-site Scripting Vulnerabilities",2006-05-03,DreamLord,php,webapps,0 27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 - dlisting.php cid Parameter XSS",2006-05-02,r0t,php,webapps,0 27811,platforms/php/webapps/27811.txt,"Albinator 2.0.8 - showpic.php preloadSlideShow Parameter XSS",2006-05-02,r0t,php,webapps,0 -27812,platforms/php/webapps/27812.txt,"PHP Linkliste 1.0 - Linkliste.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,d4igoro,php,webapps,0 +27812,platforms/php/webapps/27812.txt,"PHP Linkliste 1.0 - Linkliste.php Multiple Cross-site Scripting Vulnerabilities",2006-05-03,d4igoro,php,webapps,0 27813,platforms/asp/webapps/27813.txt,"CyberBuild - login.asp SessionID Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 27814,platforms/asp/webapps/27814.txt,"CyberBuild - browse0.htm ProductIndex Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 27815,platforms/asp/webapps/27815.txt,"CyberBuild - login.asp SessionID Parameter XSS",2006-05-03,r0t,asp,webapps,0 27816,platforms/asp/webapps/27816.txt,"CyberBuild - browse0.htm ProductIndex Parameter XSS",2006-05-03,r0t,asp,webapps,0 27817,platforms/asp/webapps/27817.txt,"CyberBuild - result.asp Multiple Parameter XSS",2006-05-03,r0t,asp,webapps,0 -27818,platforms/php/webapps/27818.txt,"Invision Power Board 2.0/2.1 - Index.php SQL Injection",2006-05-04,almaster,php,webapps,0 +27818,platforms/php/webapps/27818.txt,"Invision Power Board 2.0/2.1 - 'index.php' SQL Injection",2006-05-04,almaster,php,webapps,0 27819,platforms/php/webapps/27819.txt,"CuteNews 1.4.1 - search.php Multiple Parameter XSS",2006-05-05,NST,php,webapps,0 27820,platforms/windows/remote/27820.txt,"Cryptomathic - ActiveX Control Remote Buffer Overflow",2006-05-05,"Dennis Rand",windows,remote,0 27821,platforms/php/webapps/27821.html,"OpenFAQ 0.4 - Validate.php HTML Injection",2006-05-06,"Kamil Sienicki",php,webapps,0 27822,platforms/php/webapps/27822.txt,"MyBloggie 2.1.2/2.1.3 - BBCode IMG Tag HTML Injection",2006-05-06,zerogue,php,webapps,0 27823,platforms/php/webapps/27823.txt,"OpenEngine 1.7/1.8 - Template Unauthorized Access",2006-05-08,ck@caroli.info,php,webapps,0 -27824,platforms/php/webapps/27824.txt,"Singapore 0.9.7 - Index.php Cross-Site Scripting",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 +27824,platforms/php/webapps/27824.txt,"Singapore 0.9.7 - 'index.php' Cross-site Scripting",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 27825,platforms/asp/webapps/27825.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/main.asp date Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 27826,platforms/asp/webapps/27826.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/view.asp SearchFor Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 27827,platforms/asp/webapps/27827.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/edit.asp ID Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 @@ -24932,17 +24932,17 @@ id,file,description,date,author,platform,type,port 27834,platforms/php/webapps/27834.txt,"Creative Software UK Community Portal 1.1 - EventView.php event_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27835,platforms/php/webapps/27835.txt,"Creative Software UK Community Portal 1.1 - PollResults.php Multiple Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27836,platforms/php/webapps/27836.txt,"Creative Software UK Community Portal 1.1 - DiscReply.php mid Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 -27837,platforms/php/webapps/27837.txt,"EvoTopsite 2.0 - Index.php Multiple SQL Injection",2006-05-08,"Hamid Ebadi",php,webapps,0 -27838,platforms/php/webapps/27838.txt,"timobraun Dynamic Galerie 1.0 - index.php pfad Variable Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 +27837,platforms/php/webapps/27837.txt,"EvoTopsite 2.0 - 'index.php' Multiple SQL Injection",2006-05-08,"Hamid Ebadi",php,webapps,0 +27838,platforms/php/webapps/27838.txt,"timobraun Dynamic Galerie 1.0 - 'index.php' pfad Variable Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 27839,platforms/php/webapps/27839.txt,"timobraun Dynamic Galerie 1.0 - galerie.php pfad Variable Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 -27840,platforms/php/webapps/27840.txt,"timobraun Dynamic Galerie 1.0 - index.php pfad Parameter XSS",2006-05-08,d4igoro,php,webapps,0 +27840,platforms/php/webapps/27840.txt,"timobraun Dynamic Galerie 1.0 - 'index.php' pfad Parameter XSS",2006-05-08,d4igoro,php,webapps,0 27841,platforms/php/webapps/27841.txt,"timobraun Dynamic Galerie 1.0 - galerie.php id Parameter XSS",2006-05-08,d4igoro,php,webapps,0 27842,platforms/asp/webapps/27842.txt,"MultiCalendars 3.0 - All_calendars.ASP SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 27843,platforms/php/webapps/27843.txt,"MyBB 1.1.1 - Showthread.php SQL Injection",2006-05-09,Breeeeh,php,webapps,0 -27844,platforms/asp/webapps/27844.txt,"EPublisherPro 0.9.7 - Moreinfo.ASP Cross-Site Scripting",2006-05-09,Dj_Eyes,asp,webapps,0 +27844,platforms/asp/webapps/27844.txt,"EPublisherPro 0.9.7 - Moreinfo.ASP Cross-site Scripting",2006-05-09,Dj_Eyes,asp,webapps,0 27845,platforms/php/webapps/27845.php,"ISPConfig 2.2.2/2.2.3 - Session.INC.php Remote File Inclusion",2006-05-09,ReZEN,php,webapps,0 27846,platforms/asp/webapps/27846.txt,"EImagePro - - subList.asp CatID Parameter SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 -33405,platforms/multiple/remote/33405.txt,"APC Network Management Card - Cross-Site Request Forgery / Cross-Site Scripting",2009-12-15,"Jamal Pecou",multiple,remote,0 +33405,platforms/multiple/remote/33405.txt,"APC Network Management Card - Cross-site Request Forgery / Cross-site Scripting",2009-12-15,"Jamal Pecou",multiple,remote,0 27848,platforms/php/webapps/27848.txt,"EImagePro - view.asp Pic Parameter SQL Injection",2006-05-09,Dj_Eyes,php,webapps,0 27849,platforms/asp/webapps/27849.txt,"EDirectoryPro - Search_result.ASP SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 27850,platforms/windows/dos/27850.txt,"Microsoft Infotech Storage Library - Heap Corruption",2006-05-09,"Ruben Santamarta ",windows,dos,0 @@ -24951,15 +24951,15 @@ id,file,description,date,author,platform,type,port 27853,platforms/cfm/webapps/27853.txt,"Cartweaver 2.16.11 - Results.cfm category Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0 27854,platforms/cfm/webapps/27854.txt,"Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0 27858,platforms/php/webapps/27858.txt,"phpBB Chart Mod 1.1 - charts.php id Parameter XSS",2006-05-11,sn4k3.23,php,webapps,0 -27859,platforms/php/webapps/27859.txt,"OZJournals 1.2 - Vname Parameter Cross-Site Scripting",2006-05-12,Kiki,php,webapps,0 -27860,platforms/php/webapps/27860.txt,"PHP Live Helper 2.0 - Chat.php Cross-Site Scripting",2006-05-12,Mr-X,php,webapps,0 +27859,platforms/php/webapps/27859.txt,"OZJournals 1.2 - Vname Parameter Cross-site Scripting",2006-05-12,Kiki,php,webapps,0 +27860,platforms/php/webapps/27860.txt,"PHP Live Helper 2.0 - Chat.php Cross-site Scripting",2006-05-12,Mr-X,php,webapps,0 27861,platforms/asp/remote/27861.txt,"Ipswitch WhatsUp Professional 2006 - NmConsole/Navigation.asp sDeviceView Parameter XSS",2006-05-12,"David Maciejak",asp,remote,0 27862,platforms/asp/remote/27862.txt,"Ipswitch WhatsUp Professional 2006 - NmConsole/ToolResults.asp sHostname Parameter XSS",2006-05-12,"David Maciejak",asp,remote,0 27863,platforms/php/webapps/27863.txt,"PHPBB 2.0.20 - Unauthorized HTTP Proxy",2006-05-12,rgod,php,webapps,0 -27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - index.php rep Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 +27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - 'index.php' rep Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 27865,platforms/php/webapps/27865.txt,"Gphotos 1.4/1.5 - diapo.php rep Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 27866,platforms/php/webapps/27866.txt,"Gphotos 1.4/1.5 - affich.php image Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 -27867,platforms/php/webapps/27867.txt,"Gphotos 1.4/1.5 - index.php rep Variable Traversal Arbitrary Directory Listing",2006-05-13,"Morocco Security Team",php,webapps,0 +27867,platforms/php/webapps/27867.txt,"Gphotos 1.4/1.5 - 'index.php' rep Variable Traversal Arbitrary Directory Listing",2006-05-13,"Morocco Security Team",php,webapps,0 27868,platforms/php/webapps/27868.txt,"Pixaria PopPhoto 3.5.4 - CFG[popphoto_base_path] Parameter Remote File Inclusion",2006-05-15,VietMafia,php,webapps,0 27869,platforms/php/webapps/27869.txt,"PHP Script Tools PSY Auction - item.php id Parameter SQL Injection",2006-05-15,Luny,php,webapps,0 27870,platforms/php/webapps/27870.txt,"PHP Script Tools PSY Auction - email_request.php user_id Parameter XSS",2006-05-15,Luny,php,webapps,0 @@ -24973,16 +24973,16 @@ id,file,description,date,author,platform,type,port 27878,platforms/hardware/webapps/27878.txt,"Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities",2013-08-26,"Craig Young",hardware,webapps,0 27879,platforms/php/webapps/27879.txt,"Joomla! VirtueMart Component 2.0.22a - SQL Injection",2013-08-26,"Matias Fontanini",php,webapps,0 27880,platforms/php/webapps/27880.pl,"RadScripts RadLance 7.0 - Popup.php Local File Inclusion",2006-05-15,Mr.CrackerZ,php,webapps,0 -27881,platforms/php/webapps/27881.txt,"PHPODP 1.5 - ODP.php Cross-Site Scripting",2006-05-15,Kiki,php,webapps,0 +27881,platforms/php/webapps/27881.txt,"PHPODP 1.5 - ODP.php Cross-site Scripting",2006-05-15,Kiki,php,webapps,0 27882,platforms/java/dos/27882.java,"Sun Java Applet - Font.createFont Remote Denial of Service",2006-05-15,"Marc Schoenefeld",java,dos,0 27883,platforms/php/webapps/27883.txt,"MonoChat 1.0 - HTML Injection",2005-05-15,X-BOY,php,webapps,0 -27884,platforms/php/webapps/27884.txt,"Confixx 3.0/3.1 - Index.php Cross-Site Scripting",2006-05-15,LoK-Crew,php,webapps,0 -27885,platforms/php/webapps/27885.txt,"PHPRemoteView - PRV.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 -27886,platforms/php/webapps/27886.txt,"Sphider 1.3 - Search.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 +27884,platforms/php/webapps/27884.txt,"Confixx 3.0/3.1 - 'index.php' Cross-site Scripting",2006-05-15,LoK-Crew,php,webapps,0 +27885,platforms/php/webapps/27885.txt,"PHPRemoteView - PRV.php Multiple Cross-site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 +27886,platforms/php/webapps/27886.txt,"Sphider 1.3 - Search.php Multiple Cross-site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 27887,platforms/multiple/remote/27887.txt,"SAP Web Application Server 6.x/7.0 - Input Validation",2005-11-09,"Arnold Grossmann",multiple,remote,0 27888,platforms/java/webapps/27888.txt,"Caucho Resin 3.0.17/3.0.18 - Viewfile Information Disclosure",2006-05-16,"Joseph Pierini",java,webapps,0 -27889,platforms/php/webapps/27889.txt,"BoastMachine 3.1 - Admin.php Cross-Site Scripting",2006-05-17,"Yunus Emre Yilmaz",php,webapps,0 -27890,platforms/asp/webapps/27890.txt,"Open Wiki 0.78 - 'ow.asp' Cross-Site Scripting",2006-05-17,LiNuX_rOOt,asp,webapps,0 +27889,platforms/php/webapps/27889.txt,"BoastMachine 3.1 - Admin.php Cross-site Scripting",2006-05-17,"Yunus Emre Yilmaz",php,webapps,0 +27890,platforms/asp/webapps/27890.txt,"Open Wiki 0.78 - 'ow.asp' Cross-site Scripting",2006-05-17,LiNuX_rOOt,asp,webapps,0 27891,platforms/hardware/remote/27891.txt,"Ipswitch WhatsUp Professional 2006 - Authentication Bypass",2006-05-17,"Kenneth F. Belva",hardware,remote,0 27892,platforms/hardware/remote/27892.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - help Script XSS",2006-05-17,"Jaime Blasco",hardware,remote,0 27893,platforms/hardware/remote/27893.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - events.tar source_ip Parameter XSS",2006-05-17,"Jaime Blasco",hardware,remote,0 @@ -25000,25 +25000,25 @@ id,file,description,date,author,platform,type,port 27905,platforms/php/webapps/27905.txt,"DoceboLms 2.0.x - Lang Parameter Multiple Remote File Inclusion",2006-05-26,beford,php,webapps,0 27906,platforms/windows/dos/27906.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (2)",2006-05-26,"Thomas Waldegger",windows,dos,0 27907,platforms/php/webapps/27907.txt,"SaPHPLesson 2.0 - Show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 -27908,platforms/php/webapps/27908.txt,"Chipmunk 1.4 - Guestbook Index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 -27909,platforms/php/webapps/27909.txt,"Chipmunk Directory - Index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 -27910,platforms/php/webapps/27910.txt,"AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-27,black-code,php,webapps,0 -27911,platforms/php/webapps/27911.txt,"vCard 2.9 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,black-code,php,webapps,0 -27912,platforms/php/webapps/27912.txt,"CoolPHP - Index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 +27908,platforms/php/webapps/27908.txt,"Chipmunk 1.4 - Guestbook Index.php Cross-site Scripting",2006-05-27,black-code,php,webapps,0 +27909,platforms/php/webapps/27909.txt,"Chipmunk Directory - 'index.php' Cross-site Scripting",2006-05-27,black-code,php,webapps,0 +27910,platforms/php/webapps/27910.txt,"AR-Blog 5.2 - Multiple Cross-site Scripting Vulnerabilities",2006-05-27,black-code,php,webapps,0 +27911,platforms/php/webapps/27911.txt,"vCard 2.9 - Multiple Cross-site Scripting Vulnerabilities",2006-03-11,black-code,php,webapps,0 +27912,platforms/php/webapps/27912.txt,"CoolPHP - 'index.php' Cross-site Scripting",2006-05-27,black-code,php,webapps,0 27913,platforms/asp/webapps/27913.txt,"Mini-NUKE 2.3 - Your_Account.ASP Multiple SQL Injection",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 27914,platforms/windows/dos/27914.pl,"Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow",2006-05-29,kcope,windows,dos,0 27915,platforms/multiple/dos/27915.pl,"Apache James 2.2 - SMTP Denial of Service",2006-05-29,y3dips,multiple,dos,0 -27916,platforms/php/webapps/27916.txt,"Photoalbum B&W 1.3 - Index.php Cross-Site Scripting",2006-05-29,black-code,php,webapps,0 +27916,platforms/php/webapps/27916.txt,"Photoalbum B&W 1.3 - 'index.php' Cross-site Scripting",2006-05-29,black-code,php,webapps,0 27917,platforms/php/webapps/27917.txt,"TikiWiki 1.9 - tiki-lastchanges.php Multiple Parameter XSS",2006-05-29,Blwood,php,webapps,0 -27918,platforms/asp/webapps/27918.txt,"ASPBB 0.5.2 - Perform_search.ASP Cross-Site Scripting",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 +27918,platforms/asp/webapps/27918.txt,"ASPBB 0.5.2 - Perform_search.ASP Cross-site Scripting",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0 27919,platforms/php/webapps/27919.txt,"Geeklog 1.4 - Multiple Input Validation Vulnerabilities",2006-05-11,trueend5,php,webapps,0 27920,platforms/php/webapps/27920.txt,"EVA-Web 2.1.2 - article-album.php3 debut_image Parameter XSS",2006-05-30,r0t,php,webapps,0 27921,platforms/php/webapps/27921.txt,"EVA-Web 2.1.2 - rubrique.php3 date Parameter XSS",2006-05-30,r0t,php,webapps,0 -27922,platforms/php/webapps/27922.txt,"EVA-Web 2.1.2 - index.php Multiple Parameter XSS",2006-05-30,r0t,php,webapps,0 -27923,platforms/hardware/remote/27923.txt,"D-Link Airspot DSA-3100 Gateway - Login_error.SHTML Cross-Site Scripting",2006-05-30,"Jaime Blasco",hardware,remote,0 -27924,platforms/php/webapps/27924.txt,"ToendaCMS 0.7 - Index.php Cross-Site Scripting",2006-05-31,Jokubas,php,webapps,0 +27922,platforms/php/webapps/27922.txt,"EVA-Web 2.1.2 - 'index.php' Multiple Parameter XSS",2006-05-30,r0t,php,webapps,0 +27923,platforms/hardware/remote/27923.txt,"D-Link Airspot DSA-3100 Gateway - Login_error.SHTML Cross-site Scripting",2006-05-30,"Jaime Blasco",hardware,remote,0 +27924,platforms/php/webapps/27924.txt,"ToendaCMS 0.7 - 'index.php' Cross-site Scripting",2006-05-31,Jokubas,php,webapps,0 27925,platforms/linux/dos/27925.txt,"Linux Kernel 2.6.x - Proc dentry_unused Corruption Local Denial of Service",2006-05-31,"Tony Griffiths",linux,dos,0 -27926,platforms/php/webapps/27926.txt,"PHPMyDesktop/Arcade 1.0 - Index.php Local File Inclusion",2006-05-31,darkgod,php,webapps,0 +27926,platforms/php/webapps/27926.txt,"PHPMyDesktop/Arcade 1.0 - 'index.php' Local File Inclusion",2006-05-31,darkgod,php,webapps,0 27927,platforms/php/webapps/27927.txt,"PHP-Nuke 7.x - Multiple Remote File Inclusion",2005-05-31,ERNE,php,webapps,0 27928,platforms/php/webapps/27928.txt,"OSTicket 1.x - Open_form.php Remote File Inclusion",2006-05-31,Sweet,php,webapps,0 27929,platforms/php/webapps/27929.txt,"vBulletin 3.0.10 - Portal.php SQL Injection",2006-05-31,SpC-x,php,webapps,0 @@ -25031,7 +25031,7 @@ id,file,description,date,author,platform,type,port 27995,platforms/php/webapps/27995.txt,"Open Business Management 1.0.3 pl1 - group_index.php Multiple Parameter XSS",2006-06-07,r0t,php,webapps,0 27996,platforms/php/webapps/27996.txt,"Open Business Management 1.0.3 pl1 - user_index.php tf_lastname Parameter XSS",2006-06-07,r0t,php,webapps,0 27997,platforms/php/webapps/27997.txt,"Open Business Management 1.0.3 pl1 - list_index.php Multiple Parameter XSS",2006-06-07,r0t,php,webapps,0 -28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 - Index.php Remote File Inclusion",2006-08-16,O.U.T.L.A.W,php,webapps,0 +28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 - 'index.php' Remote File Inclusion",2006-08-16,O.U.T.L.A.W,php,webapps,0 27938,platforms/linux/local/27938.rb,"VMware - Setuid vmware-mount Unsafe popen(3)",2013-08-29,Metasploit,linux,local,0 27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution",2013-08-29,Metasploit,windows,remote,0 27940,platforms/windows/remote/27940.rb,"Firefox - XMLSerializer Use-After-Free",2013-08-29,Metasploit,windows,remote,0 @@ -25039,8 +25039,8 @@ id,file,description,date,author,platform,type,port 27942,platforms/hardware/dos/27942.txt,"AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities",2013-08-29,"Core Security",hardware,dos,0 27943,platforms/windows/remote/27943.txt,"Oracle Java - ByteComponentRaster.verify() Memory Corruption",2013-08-29,"Packet Storm",windows,remote,0 27944,platforms/osx/local/27944.rb,"Mac OS X - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 -27945,platforms/asp/webapps/27945.txt,"Enigma Haber 4.2 - Cross-Site Scripting",2006-06-02,The_BeKiR,asp,webapps,0 -27946,platforms/php/webapps/27946.txt,"Portix-PHP 2-0.3.2 Portal - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,SpC-x,php,webapps,0 +27945,platforms/asp/webapps/27945.txt,"Enigma Haber 4.2 - Cross-site Scripting",2006-06-02,The_BeKiR,asp,webapps,0 +27946,platforms/php/webapps/27946.txt,"Portix-PHP 2-0.3.2 Portal - Multiple Cross-site Scripting Vulnerabilities",2006-06-02,SpC-x,php,webapps,0 27947,platforms/php/webapps/27947.txt,"TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 27948,platforms/php/webapps/27948.txt,"Squirrelmail 1.4.x - Redirect.php Local File Inclusion",2006-06-02,brokejunker,php,webapps,0 27949,platforms/php/webapps/27949.txt,"Ovidentia 5.6.x/5.8 - approb.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 @@ -25052,12 +25052,12 @@ id,file,description,date,author,platform,type,port 27955,platforms/php/webapps/27955.txt,"Ovidentia 5.6.x/5.8 - posts.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27956,platforms/php/webapps/27956.txt,"Ovidentia 5.6.x/5.8 - options.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27957,platforms/php/webapps/27957.txt,"MyBloggie 2.1.x - Multiple Remote File Inclusion",2006-06-02,ERNE,php,webapps,0 -27958,platforms/php/webapps/27958.txt,"DeltaScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,Soot,php,webapps,0 +27958,platforms/php/webapps/27958.txt,"DeltaScripts PHP Pro Publish 2.0 - Multiple Cross-site Scripting Vulnerabilities",2006-06-02,Soot,php,webapps,0 27959,platforms/php/webapps/27959.txt,"PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 27960,platforms/asp/webapps/27960.txt,"LocazoList Classifieds 1.0 - Viewmsg.ASP SQL Injection",2006-06-02,ajann,asp,webapps,0 27961,platforms/php/webapps/27961.txt,"PHPBB 2.0.x - Template.php Remote File Inclusion",2006-06-02,Canberx,php,webapps,0 -27962,platforms/php/webapps/27962.txt,"IBWd Guestbook 1.0 - Index.php SQL Injection",2006-06-03,SpC-x,php,webapps,0 -27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - Index.php SQL Injection",2006-06-03,SpC-x,php,webapps,0 +27962,platforms/php/webapps/27962.txt,"IBWd Guestbook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 +27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27964,platforms/php/webapps/27964.txt,"CoolForum 0.x - Editpost.php SQL Injection",2006-06-05,DarkFig,php,webapps,0 27965,platforms/osx/local/27965.py,"OSX 10.8.4 - Local Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 27992,platforms/unix/remote/27992.txt,"FreeType - .TTF File Remote Buffer Overflow",2006-06-08,"Josh Bressers",unix,remote,0 @@ -25065,16 +25065,16 @@ id,file,description,date,author,platform,type,port 27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 - UserName SQL Injection",2006-06-05,FarhadKey,php,webapps,0 27980,platforms/php/webapps/27980.txt,"Alex DownloadEngine 1.4.1 - Comments.php SQL Injection",2006-06-05,ajann,php,webapps,0 27981,platforms/linux/dos/27981.c,"GD Graphics Library 2.0.33 - Remote Denial of Service",2006-06-06,"Xavier Roche",linux,dos,0 -27982,platforms/php/webapps/27982.txt,"GANTTy 1.0.3 - Index.php Cross-Site Scripting",2006-06-06,Luny,php,webapps,0 -27983,platforms/php/webapps/27983.txt,"MyBulletinBoard 1.1.2 - Private.php Cross-Site Scripting",2006-06-06,o.y.6,php,webapps,0 +27982,platforms/php/webapps/27982.txt,"GANTTy 1.0.3 - 'index.php' Cross-site Scripting",2006-06-06,Luny,php,webapps,0 +27983,platforms/php/webapps/27983.txt,"MyBulletinBoard 1.1.2 - Private.php Cross-site Scripting",2006-06-06,o.y.6,php,webapps,0 27984,platforms/windows/remote/27984.txt,"Microsoft DXImageTransform.Microsoft.Light - ActiveX Control Remote Code Execution",2006-06-13,"Will Dormann",windows,remote,0 -27985,platforms/php/webapps/27985.txt,"AZ Photo Album Script Pro - Cross-Site Scripting",2006-05-23,Luny,php,webapps,0 +27985,platforms/php/webapps/27985.txt,"AZ Photo Album Script Pro - Cross-site Scripting",2006-05-23,Luny,php,webapps,0 27986,platforms/windows/remote/27986.html,"Microsoft Internet Explorer 5.5/6.0/7.0 - JavaScript Key Filtering",2006-06-06,"Jesse Ruderman",windows,remote,0 27987,platforms/linux/remote/27987.html,"Firefox 1.x - JavaScript Key Filtering",2006-06-06,"Jesse Ruderman",linux,remote,0 27988,platforms/php/webapps/27988.py,"MiraksGalerie 2.62 - galimage.lib.php listconfigfile[0] Parameter Remote File Inclusion",2006-06-07,"Federico Fazzi",php,webapps,0 27989,platforms/php/webapps/27989.txt,"MiraksGalerie 2.62 - galsecurity.lib.php listconfigfile[0] Parameter Remote File Inclusion",2006-06-07,"Federico Fazzi",php,webapps,0 27998,platforms/php/webapps/27998.txt,"Open Business Management 1.0.3 pl1 - company_index.php Multiple Parameter XSS",2006-06-07,r0t,php,webapps,0 -27999,platforms/php/webapps/27999.txt,"Baby Katie Media VSReal and VScal 1.0 - index.php lid Parameter XSS",2006-06-09,Luny,php,webapps,0 +27999,platforms/php/webapps/27999.txt,"Baby Katie Media VSReal and VScal 1.0 - 'index.php' lid Parameter XSS",2006-06-09,Luny,php,webapps,0 28000,platforms/php/webapps/28000.txt,"Baby Katie Media VSReal and VScal 1.0 - myslideshow.php title Parameter XSS",2006-06-09,Luny,php,webapps,0 28001,platforms/windows/dos/28001.c,"Microsoft SMB Driver - Local Denial of Service",2006-06-13,"Ruben Santamarta ",windows,dos,0 28002,platforms/asp/webapps/28002.txt,"KAPhotoservice 7.5 - album.asp cat Parameter XSS",2006-06-09,r0t,asp,webapps,0 @@ -25086,29 +25086,29 @@ id,file,description,date,author,platform,type,port 28008,platforms/php/webapps/28008.txt,"Adaptive Website Framework 1.11 - Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 28009,platforms/php/webapps/28009.txt,"Five Star Review Script - index2.php sort Parameter XSS",2006-06-12,Luny,php,webapps,0 28010,platforms/php/webapps/28010.txt,"Five Star Review Script - report.php item_id Parameter XSS",2006-06-12,Luny,php,webapps,0 -28011,platforms/php/webapps/28011.txt,"iFoto 0.20 - Index.php Cross-Site Scripting",2006-06-12,Luny,php,webapps,0 +28011,platforms/php/webapps/28011.txt,"iFoto 0.20 - 'index.php' Cross-site Scripting",2006-06-12,Luny,php,webapps,0 28012,platforms/php/webapps/28012.txt,"Foing 0.x - Remote File Inclusion",2006-06-12,Darkfire,php,webapps,0 -28013,platforms/php/webapps/28013.txt,"SixCMS 6.0 - List.php Cross-Site Scripting",2006-06-12,Aesthetico,php,webapps,0 +28013,platforms/php/webapps/28013.txt,"SixCMS 6.0 - List.php Cross-site Scripting",2006-06-12,Aesthetico,php,webapps,0 28014,platforms/php/webapps/28014.txt,"SixCMS 6.0 - Detail.php Directory Traversal",2006-06-12,Aesthetico,php,webapps,0 28015,platforms/php/webapps/28015.txt,"iFusion iFlance 1.1 - Multiple Input Validation Vulnerabilities",2006-06-12,Luny,php,webapps,0 28016,platforms/php/webapps/28016.txt,"DoubleSpeak 0.1 - Multiple Remote File Inclusion",2006-06-13,R@1D3N,php,webapps,0 -28017,platforms/php/webapps/28017.txt,"CEScripts - Multiple Scripts Cross-Site Scripting Vulnerabilities",2006-06-13,Luny,php,webapps,0 -28018,platforms/php/webapps/28018.txt,"VBZoom 1.0/1.1 - Multiple SQL Injection",2006-06-13,"CrAzY CrAcKeR",php,webapps,0 +28017,platforms/php/webapps/28017.txt,"CEScripts - Multiple Scripts Cross-site Scripting Vulnerabilities",2006-06-13,Luny,php,webapps,0 +28018,platforms/php/webapps/28018.txt,"VBZoom 1.0/1.1 - Multiple SQL Injections",2006-06-13,"CrAzY CrAcKeR",php,webapps,0 28019,platforms/php/webapps/28019.txt,"Simpnews 2.x - Wap_short_news.php Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 -28020,platforms/php/webapps/28020.txt,"Andy Mack 35mm Slide Gallery 6.0 - index.php imgdir Parameter XSS",2006-06-13,black-cod3,php,webapps,0 +28020,platforms/php/webapps/28020.txt,"Andy Mack 35mm Slide Gallery 6.0 - 'index.php' imgdir Parameter XSS",2006-06-13,black-cod3,php,webapps,0 28021,platforms/php/webapps/28021.txt,"Andy Mack 35mm Slide Gallery 6.0 - popup.php Multiple Parameter XSS",2006-06-13,black-cod3,php,webapps,0 -28022,platforms/php/webapps/28022.txt,"Woltlab Burning Board 2.x - Multiple SQL Injection",2006-06-14,"CrAzY CrAcKeR",php,webapps,0 -28023,platforms/php/webapps/28023.txt,"Confixx 3.0/3.1 - FTP_index.php Cross-Site Scripting",2006-06-14,kr4ch,php,webapps,0 +28022,platforms/php/webapps/28022.txt,"Woltlab Burning Board 2.x - Multiple SQL Injections",2006-06-14,"CrAzY CrAcKeR",php,webapps,0 +28023,platforms/php/webapps/28023.txt,"Confixx 3.0/3.1 - FTP_index.php Cross-site Scripting",2006-06-14,kr4ch,php,webapps,0 28024,platforms/php/webapps/28024.txt,"PhpBB - BBRSS.php Remote File Inclusion",2006-06-14,SpC-x,php,webapps,0 28025,platforms/php/webapps/28025.txt,"RahnemaCo - Page.php Remote File Inclusion",2006-06-14,Breeeeh,php,webapps,0 28026,platforms/linux/dos/28026.txt,"MySQL Server 4/5 - Str_To_Date Remote Denial of Service",2006-06-14,Kanatoko,linux,dos,0 28027,platforms/php/webapps/28027.txt,"ISPConfig 2.2.3 - Multiple Remote File Inclusion",2006-06-14,"Federico Fazzi",php,webapps,0 -28028,platforms/php/webapps/28028.txt,"vBulletin 2.x/3.x - Multiple Cross-Site Scripting Vulnerabilities",2006-06-15,Luny,php,webapps,0 -28060,platforms/php/webapps/28060.txt,"Datecomm 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-19,Luny,php,webapps,0 -28059,platforms/php/webapps/28059.txt,"SAPHPLesson 1.1/2.0/3.0 - Multiple SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 -28030,platforms/unix/remote/28030.txt,"Cisco Secure ACS 2.3 - LoginProxy.CGI Cross-Site Scripting",2006-06-15,"Thomas Liam Romanis",unix,remote,0 -28031,platforms/php/webapps/28031.txt,"HotPlug CMS 1.0 - Login1.php Cross-Site Scripting",2006-06-15,"Federico Fazzi",php,webapps,0 -28032,platforms/php/webapps/28032.txt,"MPCS 0.2 - Comment.php Cross-Site Scripting",2006-03-06,Luny,php,webapps,0 +28028,platforms/php/webapps/28028.txt,"vBulletin 2.x/3.x - Multiple Cross-site Scripting Vulnerabilities",2006-06-15,Luny,php,webapps,0 +28060,platforms/php/webapps/28060.txt,"Datecomm 1.1 - Multiple Cross-site Scripting Vulnerabilities",2006-06-19,Luny,php,webapps,0 +28059,platforms/php/webapps/28059.txt,"SAPHPLesson 1.1/2.0/3.0 - Multiple SQL Injections",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 +28030,platforms/unix/remote/28030.txt,"Cisco Secure ACS 2.3 - LoginProxy.CGI Cross-site Scripting",2006-06-15,"Thomas Liam Romanis",unix,remote,0 +28031,platforms/php/webapps/28031.txt,"HotPlug CMS 1.0 - Login1.php Cross-site Scripting",2006-06-15,"Federico Fazzi",php,webapps,0 +28032,platforms/php/webapps/28032.txt,"MPCS 0.2 - Comment.php Cross-site Scripting",2006-03-06,Luny,php,webapps,0 28033,platforms/php/webapps/28033.txt,"VBZoom 1.11 - Forum.php SQL Injection",2006-06-15,CrAsh_oVeR_rIdE,php,webapps,0 28034,platforms/php/webapps/28034.txt,"Ji-takz - Remote File Inclusion",2006-06-16,SpC-x,php,webapps,0 28035,platforms/php/webapps/28035.txt,"mcGuestbook 1.3 - admin.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 @@ -25121,11 +25121,11 @@ id,file,description,date,author,platform,type,port 28042,platforms/php/webapps/28042.txt,"dotWidget for articles 2.0 - admin/articles.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 28043,platforms/php/webapps/28043.txt,"dotWidget for articles 2.0 - admin/index.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 28045,platforms/php/webapps/28045.txt,"dotWidget for articles 2.0 - admin/categories.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 -28063,platforms/php/webapps/28063.txt,"e107 0.7.5 - Search.php Cross-Site Scripting",2006-06-19,securityconnection,php,webapps,0 -28064,platforms/php/webapps/28064.txt,"Qto File Manager 1.0 - index.php Cross-Site Scripting",2006-03-06,alijsb,php,webapps,0 +28063,platforms/php/webapps/28063.txt,"e107 0.7.5 - Search.php Cross-site Scripting",2006-06-19,securityconnection,php,webapps,0 +28064,platforms/php/webapps/28064.txt,"Qto File Manager 1.0 - 'index.php' Cross-site Scripting",2006-03-06,alijsb,php,webapps,0 28065,platforms/multiple/dos/28065.vmx,"VMware Player 1.0.1 Build 19317 - Malformed VMX File Denial of Service",2006-06-19,n00b,multiple,dos,0 28066,platforms/php/webapps/28066.txt,"singapore 0.9.x/0.10 - Multiple Parameter Traversal Arbitrary File Access",2006-06-19,simo64,php,webapps,0 -28067,platforms/php/webapps/28067.txt,"singapore 0.9.x/0.10 - index.php template Parameter XSS",2006-06-19,simo64,php,webapps,0 +28067,platforms/php/webapps/28067.txt,"singapore 0.9.x/0.10 - 'index.php' template Parameter XSS",2006-06-19,simo64,php,webapps,0 28068,platforms/php/webapps/28068.txt,"V3 Chat Instant Messenger - mail/index.php id Parameter XSS",2006-06-20,Luny,php,webapps,0 28069,platforms/php/webapps/28069.txt,"V3 Chat Instant Messenger - mail/reply.php id Parameter XSS",2006-06-20,Luny,php,webapps,0 28070,platforms/php/webapps/28070.txt,"V3 Chat Instant Messenger - online.php site_id Parameter XSS",2006-06-20,Luny,php,webapps,0 @@ -25134,7 +25134,7 @@ id,file,description,date,author,platform,type,port 28073,platforms/php/webapps/28073.txt,"V3 Chat Instant Messenger - profileview.php membername Parameter XSS",2006-06-20,Luny,php,webapps,0 28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger - expire.php cust_name Parameter XSS",2006-06-20,Luny,php,webapps,0 28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 -28076,platforms/php/webapps/28076.txt,"Vbulletin 3.0.9/3.5.x - Member.php Cross-Site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 +28076,platforms/php/webapps/28076.txt,"Vbulletin 3.0.9/3.5.x - Member.php Cross-site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 28077,platforms/linux/dos/28077.txt,"GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow",2006-06-20,"Evgeny Legerov",linux,dos,0 28078,platforms/php/webapps/28078.txt,"e107 0.7.5 - Subject field HTML Injection",2006-06-21,"EllipSiS Security",php,webapps,0 28084,platforms/windows/local/28084.html,"KingView 6.53 - Insecure ActiveX Control (SuperGrid)",2013-09-04,blake,windows,local,0 @@ -25143,7 +25143,7 @@ id,file,description,date,author,platform,type,port 28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,Metasploit,windows,remote,0 28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,Metasploit,windows,remote,0 -28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 +28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 28087,platforms/windows/dos/28087.txt,"Microsoft Office 2003 - Embedded Shockwave Flash Object Security Bypass Weakness",2006-06-22,"Debasis Mohanty",windows,dos,0 28088,platforms/php/webapps/28088.txt,"PHP Event Calendar 4.2 - SQL Injection",2006-06-22,Silitix,php,webapps,0 28089,platforms/php/webapps/28089.txt,"Woltlab Burning Board 1.2/2.0/2.3 - newthread.php boardid Parameter SQL Injection",2006-06-22,"CrAzY CrAcKeR",php,webapps,0 @@ -25152,28 +25152,28 @@ id,file,description,date,author,platform,type,port 28092,platforms/php/webapps/28092.txt,"MyBulletinBoard 1.0.x/1.1.x - Usercp.php SQL Injection",2006-06-22,imei,php,webapps,0 28093,platforms/php/webapps/28093.txt,"SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28094,platforms/php/webapps/28094.txt,"SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 -28095,platforms/php/webapps/28095.txt,"SoftBiz Dating Script 1.0 - index.php cid Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 +28095,platforms/php/webapps/28095.txt,"SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28096,platforms/php/webapps/28096.txt,"SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28097,platforms/php/webapps/28097.txt,"Dating Agent 4.7.1 - Multiple Input Validation Vulnerabilities",2006-06-22,"EllipSiS Security",php,webapps,0 28098,platforms/php/webapps/28098.txt,"PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusion",2006-06-22,Shm,php,webapps,0 28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 - jscript.dll Non-Ascii Character DoS",2006-06-23,"Ivan Ivan",windows,dos,0 28100,platforms/cfm/dos/28100.txt,"BlueDragon Server 6.2.1 - (.cfm) Denial of Service",2006-06-23,"Tan Chew Keong",cfm,dos,0 28101,platforms/php/webapps/28101.txt,"Custom Dating Biz 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 -28102,platforms/php/webapps/28102.txt,"Winged Gallery 1.0 - Thumb.php Cross-Site Scripting",2006-06-24,Luny,php,webapps,0 +28102,platforms/php/webapps/28102.txt,"Winged Gallery 1.0 - Thumb.php Cross-site Scripting",2006-06-24,Luny,php,webapps,0 28103,platforms/windows/dos/28103.pl,"MailEnable 1.x - SMTP HELO Command Remote Denial of Service",2006-06-24,db0,windows,dos,0 -28104,platforms/php/webapps/28104.txt,"ADOdb 4.6/4.7 - Tmssql.php Cross-Site Scripting",2006-06-26,"Rodrigo Silva",php,webapps,0 +28104,platforms/php/webapps/28104.txt,"ADOdb 4.6/4.7 - Tmssql.php Cross-site Scripting",2006-06-26,"Rodrigo Silva",php,webapps,0 28105,platforms/php/webapps/28105.txt,"eNpaper1 - Root_Header.php Remote File Inclusion",2006-06-26,almaster,php,webapps,0 28106,platforms/php/webapps/28106.txt,"Bee-hive 1.2 - Multiple Remote File Inclusion",2006-06-16,Kw3[R]Ln,php,webapps,0 -28107,platforms/php/webapps/28107.txt,"Cpanel 10 - Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 -28108,platforms/php/webapps/28108.txt,"MyMail 1.0 - Login.php Cross-Site Scripting",2006-06-26,botan,php,webapps,0 -28109,platforms/php/webapps/28109.txt,"Usenet 0.5 - Index.php Cross-Site Scripting",2006-06-23,Luny,php,webapps,0 -28110,platforms/php/webapps/28110.txt,"MVNForum Activatemember 1.0 - Cross-Site Scripting",2006-06-26,r0t,php,webapps,0 +28107,platforms/php/webapps/28107.txt,"Cpanel 10 - Select.HTML Cross-site Scripting",2006-06-26,preth00nker,php,webapps,0 +28108,platforms/php/webapps/28108.txt,"MyMail 1.0 - Login.php Cross-site Scripting",2006-06-26,botan,php,webapps,0 +28109,platforms/php/webapps/28109.txt,"Usenet 0.5 - 'index.php' Cross-site Scripting",2006-06-23,Luny,php,webapps,0 +28110,platforms/php/webapps/28110.txt,"MVNForum Activatemember 1.0 - Cross-site Scripting",2006-06-26,r0t,php,webapps,0 28111,platforms/php/webapps/28111.txt,"OpenGuestbook 0.5 - header.php title Parameter XSS",2006-06-26,simo64,php,webapps,0 28112,platforms/php/webapps/28112.txt,"OpenGuestbook 0.5 - view.php offset Parameter SQL Injection",2006-06-26,simo64,php,webapps,0 -28113,platforms/php/webapps/28113.txt,"cPanel 10.8.1/10.8.2 - OnMouseover Cross-Site Scripting",2006-06-27,MexHackTeam.org,php,webapps,0 +28113,platforms/php/webapps/28113.txt,"cPanel 10.8.1/10.8.2 - OnMouseover Cross-site Scripting",2006-06-27,MexHackTeam.org,php,webapps,0 28114,platforms/php/webapps/28114.txt,"CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion",2006-06-27,CrAzY.CrAcKeR,php,webapps,0 -28115,platforms/php/webapps/28115.txt,"MF Piadas 1.0 - Admin.php Cross-Site Scripting",2006-06-27,botan,php,webapps,0 -28116,platforms/java/webapps/28116.txt,"H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-27,r0t,java,webapps,0 +28115,platforms/php/webapps/28115.txt,"MF Piadas 1.0 - Admin.php Cross-site Scripting",2006-06-27,botan,php,webapps,0 +28116,platforms/java/webapps/28116.txt,"H-Sphere 2.5.1 - Multiple Cross-site Scripting Vulnerabilities",2006-06-27,r0t,java,webapps,0 28117,platforms/php/webapps/28117.txt,"MF Piadas 1.0 - Admin.php Remote File Inclusion",2006-06-27,botan,php,webapps,0 28118,platforms/windows/remote/28118.html,"Microsoft Internet Explorer 5.0.1 - OuterHTML Redirection Handling Information Disclosure",2006-06-27,"Plebo Aesdi Nael",windows,remote,0 28119,platforms/php/webapps/28119.txt,"vCard PRO - gbrowse.php cat_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 @@ -25181,31 +25181,31 @@ id,file,description,date,author,platform,type,port 28121,platforms/php/webapps/28121.txt,"vCard PRO - create.php card_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28122,platforms/php/webapps/28122.txt,"vCard PRO - search.php event_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28123,platforms/php/webapps/28123.txt,"Pre Shopping Mall 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 -28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - Index.php Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0 +28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - 'index.php' Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info - Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0 -28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - (video.php value param) SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 +28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - (video.php value parameter) SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Auth Bypass SQL Injection",2013-09-06,shiZheni,php,webapps,0 28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL",2013-09-06,Metasploit,windows,local,0 -28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - Index.php Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 -28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO - index.php Multiple Parameter XSS",2006-06-29,securityconnection,php,webapps,0 -28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO - index.php Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 +28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - 'index.php' Cross-site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 +28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter XSS",2006-06-29,securityconnection,php,webapps,0 +28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28134,platforms/php/webapps/28134.txt,"newsPHP 2006 PRO - inc/rss_feed.php category Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28135,platforms/osx/dos/28135.pl,"Apple Mac OS X 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 28136,platforms/php/webapps/28136.pl,"Vincent-Leclercq News 5.2 - Diver.php SQL Injection",2006-06-23,DarkFig,php,webapps,0 28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 - insertmember.php city Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 - lostpassword.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28139,platforms/php/webapps/28139.txt,"SoftBiz Banner Exchange Script 1.0 - gen_confirm_mem.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 -28140,platforms/php/webapps/28140.txt,"SoftBiz Banner Exchange Script 1.0 - index.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 +28140,platforms/php/webapps/28140.txt,"SoftBiz Banner Exchange Script 1.0 - 'index.php' PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28141,platforms/php/webapps/28141.txt,"SiteBuilder-FX - Top.php Remote File Inclusion",2006-06-01,MazaGi,php,webapps,0 28142,platforms/php/webapps/28142.txt,"Diesel Joke Site - Category.php SQL Injection",2006-07-01,black-code,php,webapps,0 28143,platforms/php/webapps/28143.pl,"SturGeoN Upload - Arbitrary File Upload",2006-07-01,"Jihad BENABRA",php,webapps,0 28144,platforms/windows/dos/28144.txt,"Microsoft Internet Explorer 6.0 - OutlookExpress.AddressBook Denial of Service",2006-07-01,hdm,windows,dos,0 28145,platforms/windows/dos/28145.html,"Microsoft Internet Explorer 6.0 - ADODB.Recordset Filter Property Denial of Service",2006-07-03,hdm,windows,dos,0 -28146,platforms/php/webapps/28146.txt,"Vincent Leclercq News 5.2 - Cross-Site Scripting",2006-07-03,DarkFig,php,webapps,0 -28147,platforms/php/webapps/28147.txt,"Plume CMS 1.0.4 - index.php _PX_config[manager_path] Parameter Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 +28146,platforms/php/webapps/28146.txt,"Vincent Leclercq News 5.2 - Cross-site Scripting",2006-07-03,DarkFig,php,webapps,0 +28147,platforms/php/webapps/28147.txt,"Plume CMS 1.0.4 - 'index.php' _PX_config[manager_path] Parameter Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28148,platforms/php/webapps/28148.txt,"Plume CMS 1.0.4 - rss.php _PX_config[manager_path] Parameter Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28149,platforms/php/webapps/28149.txt,"Plume CMS 1.0.4 - search.php _PX_config[manager_path] Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 -28150,platforms/php/webapps/28150.txt,"free QBoard 1.1 - index.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 +28150,platforms/php/webapps/28150.txt,"free QBoard 1.1 - 'index.php' qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28151,platforms/php/webapps/28151.txt,"free QBoard 1.1 - about.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28152,platforms/php/webapps/28152.txt,"free QBoard 1.1 - contact.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28153,platforms/php/webapps/28153.txt,"free QBoard 1.1 - delete.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 @@ -25213,16 +25213,16 @@ id,file,description,date,author,platform,type,port 28155,platforms/php/webapps/28155.txt,"free QBoard 1.1 - features.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28156,platforms/php/webapps/28156.txt,"free QBoard 1.1 - history.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28157,platforms/php/webapps/28157.txt,"VirtuaStore 2.0 - Password Parameter SQL Injection",2006-07-03,supermalhacao,php,webapps,0 -28158,platforms/php/webapps/28158.txt,"QTO File Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-07-03,"EllipSiS Security",php,webapps,0 +28158,platforms/php/webapps/28158.txt,"QTO File Manager 1.0 - Multiple Cross-site Scripting Vulnerabilities",2006-07-03,"EllipSiS Security",php,webapps,0 28159,platforms/php/webapps/28159.txt,"Glossaire 1.7 - Remote File Inclusion",2006-07-03,"CrAzY CrAcKeR",php,webapps,0 28160,platforms/linux/dos/28160.txt,"Gentoo-Specific MPG123 - URI Remote Buffer Overflow",2006-07-03,"Horst Schirmeier",linux,dos,0 -28161,platforms/php/webapps/28161.txt,"PHPWebGallery 1.x - Comments.php Cross-Site Scripting",2006-07-04,iss4m,php,webapps,0 -28162,platforms/php/webapps/28162.txt,"Randshop 0.9.3/1.2 - Index.php Remote File Inclusion",2006-07-04,black-code,php,webapps,0 -28163,platforms/php/webapps/28163.txt,"PostNuke 0.6x/0.7x - Multiple Cross-Site Scripting Vulnerabilities",2006-07-04,rgod,php,webapps,0 +28161,platforms/php/webapps/28161.txt,"PHPWebGallery 1.x - Comments.php Cross-site Scripting",2006-07-04,iss4m,php,webapps,0 +28162,platforms/php/webapps/28162.txt,"Randshop 0.9.3/1.2 - 'index.php' Remote File Inclusion",2006-07-04,black-code,php,webapps,0 +28163,platforms/php/webapps/28163.txt,"PostNuke 0.6x/0.7x - Multiple Cross-site Scripting Vulnerabilities",2006-07-04,rgod,php,webapps,0 28164,platforms/windows/dos/28164.html,"Microsoft Internet Explorer 6.0 - Href Title Denial of Service",2006-07-04,jsz,windows,dos,0 28165,platforms/osx/dos/28165.html,"Apple Safari Web Browser 2.0.4 - DHTML SetAttributeNode() Null Dereference Denial of Service",2006-07-05,"Dennis Cox",osx,dos,0 -28166,platforms/php/webapps/28166.pl,"LifeType 1.0.5 - Index.php Date Parameter SQL Injection",2006-07-05,"Alejandro Ramos",php,webapps,0 -28167,platforms/php/webapps/28167.txt,"Invision Power Board 1.x/2.x - Multiple SQL Injection",2006-07-05,"CrAzY CrAcKeR",php,webapps,0 +28166,platforms/php/webapps/28166.pl,"LifeType 1.0.5 - 'index.php' Date Parameter SQL Injection",2006-07-05,"Alejandro Ramos",php,webapps,0 +28167,platforms/php/webapps/28167.txt,"Invision Power Board 1.x/2.x - Multiple SQL Injections",2006-07-05,"CrAzY CrAcKeR",php,webapps,0 28168,platforms/php/webapps/28168.txt,"Blog:CMS 4.1 - Thumb.php Remote File Inclusion",2006-07-05,"EllipSiS Security",php,webapps,0 28169,platforms/windows/dos/28169.html,"Microsoft Internet Explorer 5.0.1/6.0 - Structured Graphics Control Denial of Service",2006-07-06,hdm,windows,dos,0 28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 - PASS Command SEH Overflow (Metasploit)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 @@ -25237,9 +25237,9 @@ id,file,description,date,author,platform,type,port 28180,platforms/php/webapps/28180.txt,"ATutor 1.5.x - admin/fix_content.php submit Parameter XSS",2006-07-06,"Security News",php,webapps,0 28181,platforms/linux/remote/28181.c,"AdPlug 2.0 - Multiple Remote File Buffer Overflow Vulnerabilities",2006-07-06,"Luigi Auriemma",linux,remote,0 28182,platforms/multiple/dos/28182.java,"MICO Object Key 2.3.12 - Remote Denial of Service",2006-07-06,tuergeist,multiple,dos,0 -28183,platforms/windows/remote/28183.py,"eM Client e-mail client 5.0.18025.0 - Stored XSS",2013-09-10,loneferret,windows,remote,0 +28183,platforms/windows/remote/28183.py,"eM Client e-mail client 5.0.18025.0 - Persistent Cross-site Scripting",2013-09-10,loneferret,windows,remote,0 28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0 -28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - (search.php cat_id param) SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 +28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - (search.php cat_id parameter) SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 28186,platforms/windows/remote/28186.c,"Kaillera 0.86 - Message Buffer Overflow",2006-07-06,"Luigi Auriemma",windows,remote,0 28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055)",2013-09-10,Metasploit,windows,remote,0 28188,platforms/windows/remote/28188.rb,"HP SiteScope - Remote Code Execution (2)",2013-09-10,Metasploit,windows,remote,8080 @@ -25257,9 +25257,9 @@ id,file,description,date,author,platform,type,port 28200,platforms/php/webapps/28200.txt,"Farsinews 3.0 - Tiny_mce_gzip.php Directory Traversal",2006-07-10,armin390,php,webapps,0 28201,platforms/php/webapps/28201.txt,"Graffiti Forums 1.0 - Topics.php SQL Injection",2006-07-10,Paisterist,php,webapps,0 28202,platforms/windows/dos/28202.txt,"Microsoft Internet Explorer 6.0 - HtmlDlgSafeHelper Remote Denial of Service",2006-07-10,hdm,windows,dos,0 -28203,platforms/asp/webapps/28203.txt,"Hosting Controller 1.x - Error.ASP Cross-Site Scripting",2006-07-11,Dea7h,asp,webapps,0 +28203,platforms/asp/webapps/28203.txt,"Hosting Controller 1.x - Error.ASP Cross-site Scripting",2006-07-11,Dea7h,asp,webapps,0 28204,platforms/php/webapps/28204.txt,"SaPHPLesson 2.0 - Add.php SQL Injection",2006-07-11,C.B.B.L,php,webapps,0 -28205,platforms/php/webapps/28205.txt,"FlexWATCH Network Camera - Cross-Site Scripting",2006-06-11,"Jaime Blasco",php,webapps,0 +28205,platforms/php/webapps/28205.txt,"FlexWATCH Network Camera - Cross-site Scripting",2006-06-11,"Jaime Blasco",php,webapps,0 28206,platforms/php/webapps/28206.txt,"Fantastic GuestBook 2.0.1 - GuestBook.php HTML Injection",2006-07-11,omnipresent,php,webapps,0 28207,platforms/windows/dos/28207.txt,"Microsoft Internet Explorer 6.0 - TriEditDocument Denial of Service",2006-07-11,hdm,windows,dos,0 28208,platforms/asp/webapps/28208.txt,"FlexWatch 3.0 - AIndex.ASP Authorization Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0 @@ -25268,9 +25268,9 @@ id,file,description,date,author,platform,type,port 28211,platforms/php/webapps/28211.txt,"Lazarus Guestbook 1.6 - codes-english.php show Parameter XSS",2006-07-12,simo64,php,webapps,0 28212,platforms/php/webapps/28212.txt,"Lazarus Guestbook 1.6 - picture.php img Parameter XSS",2006-07-12,simo64,php,webapps,0 28213,platforms/windows/dos/28213.txt,"Microsoft Internet Explorer 6.0 - RevealTrans Denial of Service",2006-07-12,hdm,windows,dos,0 -28214,platforms/php/webapps/28214.txt,"PhotoCycle 1.0 - PhotoCycle.php Parameter Cross-Site Scripting",2006-07-13,Luny,php,webapps,0 +28214,platforms/php/webapps/28214.txt,"PhotoCycle 1.0 - PhotoCycle.php Parameter Cross-site Scripting",2006-07-13,Luny,php,webapps,0 28215,platforms/php/webapps/28215.txt,"PHP Event Calendar 1.4 - Calendar.php Remote File Inclusion",2006-07-13,Solpot,php,webapps,0 -28216,platforms/php/webapps/28216.txt,"FlatNuke 2.5.7 - Index.php Remote File Inclusion",2006-07-13,rgod,php,webapps,0 +28216,platforms/php/webapps/28216.txt,"FlatNuke 2.5.7 - 'index.php' Remote File Inclusion",2006-07-13,rgod,php,webapps,0 28217,platforms/php/webapps/28217.txt,"Forum 5 - PM.php Local File Inclusion",2006-07-13,rgod,php,webapps,0 28218,platforms/php/webapps/28218.txt,"Koobi Pro 5.6 - showtopic Module toid Parameter XSS",2006-07-13,"Evampire chiristof",php,webapps,0 28219,platforms/php/webapps/28219.txt,"Koobi Pro 5.6 - showtopic Module toid Parameter SQL Injection",2006-07-13,"Evampire chiristof",php,webapps,0 @@ -25298,15 +25298,15 @@ id,file,description,date,author,platform,type,port 28244,platforms/windows/dos/28244.txt,"Microsoft Internet Explorer 6.0 - DataSourceControl Denial of Service",2006-07-19,hdm,windows,dos,0 28245,platforms/hardware/remote/28245.pl,"Cisco Security Monitoring Analysis and Response System JBoss - Command Execution",2006-07-19,"Jon Hart",hardware,remote,0 28246,platforms/windows/dos/28246.txt,"Microsoft Internet Explorer 6.0 - OVCtl Denial of Service",2006-07-19,hdm,windows,dos,0 -28247,platforms/php/webapps/28247.txt,"IDevSpot PHPLinkExchange 1.0 - Index.php Remote File Inclusion",2006-07-20,r0t,php,webapps,0 -28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 - Index.php Remote File Inclusion",2006-07-20,r0t,php,webapps,0 -28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise - index.php d Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 -28250,platforms/php/webapps/28250.txt,"Geodesic Solutions Multiple Products - index.php b Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 +28247,platforms/php/webapps/28247.txt,"IDevSpot PHPLinkExchange 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 +28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 +28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise - 'index.php' d Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 +28250,platforms/php/webapps/28250.txt,"Geodesic Solutions Multiple Products - 'index.php' b Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 - News.php Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 28252,platforms/windows/dos/28252.txt,"Microsoft Internet Explorer 6.0 - String To Binary Function Denial of Service",2006-07-20,hdm,windows,dos,0 28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 - Common.Inc.php Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 28254,platforms/multiple/remote/28254.txt,"Apache Tomcat 5 - Information Disclosure",2006-07-21,"ScanAlert Security",multiple,remote,0 -28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 - Index.php Directory Traversal",2006-07-21,kicktd,php,webapps,0 +28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 - 'index.php' Directory Traversal",2006-07-21,kicktd,php,webapps,0 28256,platforms/windows/dos/28256.html,"Microsoft Internet Explorer 6.0 - Internet.HHCtrl Click Denial of Service",2006-07-22,"Alex F",windows,dos,0 28257,platforms/linux/dos/28257.txt,"GnuPG 1.4/1.9 - Parse_Comment Remote Buffer Overflow",2006-07-22,"Evgeny Legerov",linux,dos,0 28258,platforms/windows/dos/28258.txt,"Microsoft Internet Explorer 6.0 - Multiple Object ListWidth Property Denial of Service",2006-07-23,hdm,windows,dos,0 @@ -25329,27 +25329,27 @@ id,file,description,date,author,platform,type,port 28276,platforms/php/webapps/28276.txt,"PHP Pro Bid 5.2.4 - categories.php orderType Parameter SQL Injection",2006-07-25,"EllipSiS Security",php,webapps,0 28277,platforms/multiple/dos/28277.txt,"Opera Web Browser 9 - CSS Background URI Memory Corruption",2006-07-25,hdm,multiple,dos,0 28278,platforms/jsp/webapps/28278.txt,"OpenCMS 6.0/6.2 - Multiple Unauthorized Access Vulnerabilities",2006-07-26,"Meder Kydyraliev",jsp,webapps,0 -28279,platforms/hardware/webapps/28279.txt,"Router ONO Hitron CDE-30364 - CSRF",2013-09-14,"Matias Mingorance Svensson",hardware,webapps,0 -28280,platforms/php/webapps/28280.txt,"wwwThreads - Calendar.php Cross-Site Scripting",2006-07-26,l2odon,php,webapps,0 +28279,platforms/hardware/webapps/28279.txt,"Router ONO Hitron CDE-30364 - Cross-site Request Forgery",2013-09-14,"Matias Mingorance Svensson",hardware,webapps,0 +28280,platforms/php/webapps/28280.txt,"wwwThreads - Calendar.php Cross-site Scripting",2006-07-26,l2odon,php,webapps,0 28281,platforms/php/webapps/28281.txt,"phpbb-auction 1.x - auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 28282,platforms/php/webapps/28282.txt,"phpbb-auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 -28283,platforms/hardware/webapps/28283.txt,"ZyXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0 +28283,platforms/hardware/webapps/28283.txt,"ZyXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-site Scripting",2006-07-27,jose.palanco,hardware,webapps,0 28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution",2013-09-15,blake,windows,remote,0 28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 - NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 28287,platforms/linux/local/28287.c,"Linux-HA Heartbeat 1.2.3/2.0.x - Insecure Default Permissions on Shared Memory",2006-07-27,anonymous,linux,local,0 28288,platforms/linux/local/28288.c,"MidiRecord2 MidiRecord.CC - Local Buffer Overflow",2006-07-27,"Dedi Dwianto",linux,local,0 28289,platforms/php/webapps/28289.txt,"Bosdates 3.x/4.0 - Payment.php Remote File Inclusion",2006-07-27,admin@jaascois.com,php,webapps,0 -28290,platforms/php/webapps/28290.txt,"MyBulletinBoard 1.x - UserCP.php Cross-Site Scripting",2006-07-27,"Roozbeh Afrasiabi",php,webapps,0 +28290,platforms/php/webapps/28290.txt,"MyBulletinBoard 1.x - UserCP.php Cross-site Scripting",2006-07-27,"Roozbeh Afrasiabi",php,webapps,0 28291,platforms/php/webapps/28291.txt,"MyBulletinBoard 1.x - UserCP.php Directory Traversal",2006-07-27,"Roozbeh Afrasiabi",php,webapps,0 -28292,platforms/php/webapps/28292.txt,"GeoClassifieds Enterprise 2.0.5.x - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-27,"EllipSiS Security",php,webapps,0 +28292,platforms/php/webapps/28292.txt,"GeoClassifieds Enterprise 2.0.5.x - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2006-07-27,"EllipSiS Security",php,webapps,0 28293,platforms/multiple/dos/28293.txt,"Oracle 10g - Alter Session Integer Overflow",2006-07-27,"putosoft softputo",multiple,dos,0 -28294,platforms/php/webapps/28294.txt,"PHP-Nuke - INP Modules.php Cross-Site Scripting",2006-07-28,l2odon,php,webapps,0 +28294,platforms/php/webapps/28294.txt,"PHP-Nuke - INP Modules.php Cross-site Scripting",2006-07-28,l2odon,php,webapps,0 28295,platforms/php/webapps/28295.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-comments-post.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 28296,platforms/php/webapps/28296.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-feed.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 28297,platforms/php/webapps/28297.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-trackback.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 28298,platforms/windows/remote/28298.txt,"Yahoo! Messenger 7.0/7.5 - Remote Search String Arbitrary Browser Navigation",2006-07-28,"Ivan Ivan",windows,remote,0 28299,platforms/windows/dos/28299.pl,"Microsoft Windows XP/2000/2003 - Graphical Device Interface Plus Library Denial of Service",2006-07-29,"Mr. Niega",windows,dos,0 -28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 - Contact.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 +28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 - Contact.php Multiple Cross-site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 28301,platforms/windows/dos/28301.txt,"Microsoft Internet Explorer 6.0 - Deleted Frame Object Denial of Service",2006-07-29,hdm,windows,dos,0 28302,platforms/php/webapps/28302.txt,"Liga Manager Online 2.0 Joomla! Component - Remote File Inclusion",2006-07-30,vitux.manis,php,webapps,0 28303,platforms/php/webapps/28303.txt,"X-Scripts X-Protection 1.10 - Protect.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 @@ -25358,16 +25358,16 @@ id,file,description,date,author,platform,type,port 28306,platforms/php/webapps/28306.txt,"Banex PHP MySQL Banner Exchange 2.21 - signup.php site_name Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 - admin.php Multiple Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28308,platforms/php/webapps/28308.txt,"Banex PHP MySQL Banner Exchange 2.21 - members.php cfg_root Parameter Remote File Inclusion",2006-07-31,SirDarckCat,php,webapps,0 -28309,platforms/php/webapps/28309.txt,"Seir Anphin V666 Community Management System - Multiple SQL Injection",2006-07-31,CR,php,webapps,0 +28309,platforms/php/webapps/28309.txt,"Seir Anphin V666 Community Management System - Multiple SQL Injections",2006-07-31,CR,php,webapps,0 28310,platforms/php/webapps/28310.txt,"Moskool 1.5 Component - Admin.Moskool.php Remote File Inclusion",2006-07-31,saudi.unix,php,webapps,0 28311,platforms/php/webapps/28311.txt,"myEvent 1.2/1.3 - Myevent.php Remote File Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 28312,platforms/multiple/remote/28312.txt,"VMware ESX 2.x - Multiple Information Disclosure Vulnerabilities",2006-07-31,"Stephen de Vries",multiple,remote,0 28314,platforms/linux/remote/28314.c,"bomberclone 0.11 - Multiple Vulnerabilities",2006-07-31,"Luigi Auriemma",linux,remote,0 28315,platforms/php/webapps/28315.txt,"Help Center Live 2.1.2 - Module.php Directory Traversal",2006-07-31,Dr.GooGle,php,webapps,0 -28316,platforms/php/webapps/28316.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (2)",2006-07-31,SirDarckCat,php,webapps,0 +28316,platforms/php/webapps/28316.txt,"TinyPHPForum 3.6 - Multiple Cross-site Scripting Vulnerabilities (2)",2006-07-31,SirDarckCat,php,webapps,0 28317,platforms/php/webapps/28317.txt,"WoW Roster 1.5 - hsList.php subdir Parameter Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 28318,platforms/php/webapps/28318.txt,"Knusperleicht Quickie - Quick_Path Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -28319,platforms/php/webapps/28319.txt,"Knusperleicht FAQ 1.0 Script - Index.php Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +28319,platforms/php/webapps/28319.txt,"Knusperleicht FAQ 1.0 Script - 'index.php' Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28320,platforms/php/webapps/28320.txt,"Knusperleicht GuestBook 3.5 - GB_PATH Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28321,platforms/cgi/webapps/28321.pl,"Barracuda Spam Firewall 3.3.x - preview_email.cgi file Parameter Arbitrary File Access",2006-08-01,"Greg Sinclair",cgi,webapps,0 28322,platforms/php/webapps/28322.txt,"TinyPHPForum 3.6 - Error.php Information Disclosure",2006-08-01,SirDarckCat,php,webapps,0 @@ -25394,7 +25394,7 @@ id,file,description,date,author,platform,type,port 28343,platforms/windows/dos/28343.txt,"Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service",2006-08-06,"Thomas Pollet",windows,dos,0 28344,platforms/multiple/remote/28344.txt,"DConnect Daemon - Listen Thread UDP Remote Buffer Overflow",2006-08-06,"Luigi Auriemma",multiple,remote,0 28345,platforms/multiple/dos/28345.txt,"DConnect Daemon DC Chat - Denial of Service",2006-08-06,"Luigi Auriemma",multiple,dos,0 -28509,platforms/php/webapps/28509.txt,"XHP CMS 0.5.1 - Index.php Cross-Site Scripting",2006-09-11,"HACKERS PAL",php,webapps,0 +28509,platforms/php/webapps/28509.txt,"XHP CMS 0.5.1 - 'index.php' Cross-site Scripting",2006-09-11,"HACKERS PAL",php,webapps,0 28347,platforms/php/webapps/28347.txt,"XennoBB 2.1 - Profile.php Multiple SQL Injection",2006-08-07,"Chris Boulton",php,webapps,0 28348,platforms/linux/dos/28348.txt,"Clam Anti-Virus ClamAV 0.88.x - UPX Compressed PE File Heap Buffer Overflow",2006-08-07,"Damian Put",linux,dos,0 28349,platforms/php/webapps/28349.txt,"TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 @@ -25407,11 +25407,11 @@ id,file,description,date,author,platform,type,port 28356,platforms/php/webapps/28356.txt,"VWar 1.5 - stats.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28357,platforms/windows/remote/28357.asc,"Microsoft Windows Explorer 2000/2003/XP - Drag and Drop Remote Code Execution",2006-07-27,"Plebo Aesdi Nael",windows,remote,0 28358,platforms/linux/dos/28358.txt,"Linux Kernel 2.6.17.7 - NFS and EXT3 Combination Remote Denial of Service",2006-08-07,"James McKenzie",linux,dos,0 -28359,platforms/php/webapps/28359.txt,"PHPPrintAnalyzer 1.1 - Index.php Remote File Inclusion",2006-08-07,sh3ll,php,webapps,0 +28359,platforms/php/webapps/28359.txt,"PHPPrintAnalyzer 1.1 - 'index.php' Remote File Inclusion",2006-08-07,sh3ll,php,webapps,0 28360,platforms/windows/remote/28360.c,"EasyCafe 2.1/2.2 - Security Restriction Bypass",2006-08-07,"Mobin Yazarlou",windows,remote,0 28361,platforms/multiple/dos/28361.c,"Festalon 0.5 - .HES Files Remote Heap Buffer Overflow",2006-08-07,"Luigi Auriemma",multiple,dos,0 28362,platforms/php/webapps/28362.txt,"Simple One File Guestbook 1.0 - Security Bypass",2006-08-09,omnipresent,php,webapps,0 -28363,platforms/php/webapps/28363.txt,"CLUB Nuke 2.0 - Multiple SQL Injection",2006-08-09,ASIANEAGLE,php,webapps,0 +28363,platforms/php/webapps/28363.txt,"CLUB Nuke 2.0 - Multiple SQL Injections",2006-08-09,ASIANEAGLE,php,webapps,0 28364,platforms/php/webapps/28364.txt,"XennoBB 1.0.5/1.0.6/2.1/2.2 - Profile.php Directory Traversal",2006-08-09,"Chris Boulton",php,webapps,0 28365,platforms/multiple/remote/28365.txt,"Apache 2.2.2 - CGI Script Source Code Information Disclosure",2006-08-09,"Susam Pal",multiple,remote,0 28366,platforms/php/webapps/28366.txt,"MyBloggie 2.1.x - Mybloggie_Root_Path Parameter Multiple Remote File Inclusion",2006-06-02,sh3ll,php,webapps,0 @@ -25419,9 +25419,9 @@ id,file,description,date,author,platform,type,port 28368,platforms/multiple/remote/28368.txt,"ArcSoft Mms Composer 1.5.5/2.0 - Multiple Vulnerabilities",2006-08-09,"Collin R. Mulliner",multiple,remote,0 28369,platforms/windows/dos/28369.dpr,"IrfanView 3.98 - .ANI Image File Denial of Service",2006-08-09,sehato,windows,dos,0 28370,platforms/php/webapps/28370.txt,"Mafia Moblog 6 - Big.php Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 -28371,platforms/php/webapps/28371.txt,"YaBBSE 1.x - Index.php Cross-Site Scripting",2006-08-10,O.U.T.L.A.W,php,webapps,0 +28371,platforms/php/webapps/28371.txt,"YaBBSE 1.x - 'index.php' Cross-site Scripting",2006-08-10,O.U.T.L.A.W,php,webapps,0 28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 - Image Parameter Multiple Remote File Inclusion",2006-08-10,x0r0n,php,webapps,0 -28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 - Ascan_6.ASP ActiveX Control Cross-Site Scripting",2006-08-10,Lostmon,windows,remote,0 +28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 - Ascan_6.ASP ActiveX Control Cross-site Scripting",2006-08-10,Lostmon,windows,remote,0 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal",2006-08-10,"Tassi Raeburn",windows,remote,0 28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 - (default.mo) Language File Integer Overflow",2013-09-18,LiquidWorm,windows,dos,0 28376,platforms/windows/remote/28376.html,"McKesson - ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 @@ -25433,12 +25433,12 @@ id,file,description,date,author,platform,type,port 28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 - Edit.php Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow",2006-08-14,"Damian Put",linux,dos,0 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 -28385,platforms/asp/webapps/28385.txt,"BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 +28385,platforms/asp/webapps/28385.txt,"BlaBla 4U - Multiple Cross-site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 28386,platforms/linux/dos/28386.txt,"Linux-HA Heartbeat 2.0.6 - Remote Denial of Service",2006-08-13,"Yan Rong Ge",linux,dos,0 28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6.0 - IMSKDIC.DLL Denial of Service",2006-08-15,nop,windows,dos,0 28388,platforms/php/webapps/28388.txt,"PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion",2006-08-15,MosT3mR,php,webapps,0 28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6.0 - MSOE.DLL Denial of Service",2006-08-15,nop,windows,dos,0 -28390,platforms/php/webapps/28390.txt,"Lizge 20 - Index.php Multiple Remote File Inclusion",2006-08-15,Crackers_Child,php,webapps,0 +28390,platforms/php/webapps/28390.txt,"Lizge 20 - 'index.php' Multiple Remote File Inclusion",2006-08-15,Crackers_Child,php,webapps,0 28391,platforms/linux/dos/28391.html,"Mozilla Firefox 1.x - XML Handler Race Condition Memory Corruption",2006-08-15,"Michal Zalewski",linux,dos,0 28392,platforms/php/webapps/28392.txt,"Zen Cart Web Shopping Cart 1.x - autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion",2006-08-15,"James Bercegay",php,webapps,0 28393,platforms/asp/webapps/28393.txt,"AspxCommerce 2.0 - Arbitrary File Upload",2013-09-19,SANTHO,asp,webapps,0 @@ -25455,28 +25455,28 @@ id,file,description,date,author,platform,type,port 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 - Icon_Topic SQL Injection",2006-08-19,"Chris Boulton",php,webapps,0 28407,platforms/php/remote/28407.rb,"Western Digital Arkeia - Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 -28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 - (index.php onlyforuser param) SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 +28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 - (index.php onlyforuser parameter) SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component - mosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 -28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 -28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay - Index.php Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 +28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site - Forgot.php Multiple Cross-site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 +28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay - 'index.php' Cross-site Scripting",2006-08-21,night_warrior771,php,webapps,0 28413,platforms/php/webapps/28413.txt,"cPanel 10.x - dohtaccess.html dir Parameter XSS",2006-08-21,preth00nker,php,webapps,0 28414,platforms/php/webapps/28414.txt,"cPanel 10.x - editit.html file Parameter XSS",2006-08-21,preth00nker,php,webapps,0 28415,platforms/php/webapps/28415.txt,"cPanel 10.x - showfile.html file Parameter XSS",2006-08-21,preth00nker,php,webapps,0 28416,platforms/php/webapps/28416.txt,"Mambo EstateAgent 1.0.2 Component - mosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 28417,platforms/php/webapps/28417.txt,"ToendaCMS 0.x/1.0.x - TCMS_Administer Parameter Remote File Inclusion",2006-08-21,You_You,php,webapps,0 28418,platforms/php/webapps/28418.txt,"PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusion",2006-08-21,"the master",php,webapps,0 -28419,platforms/php/webapps/28419.txt,"DieselScripts Smart Traffic - Index.php Remote File Inclusion",2006-08-21,night_warrior771,php,webapps,0 +28419,platforms/php/webapps/28419.txt,"DieselScripts Smart Traffic - 'index.php' Remote File Inclusion",2006-08-21,night_warrior771,php,webapps,0 28420,platforms/windows/dos/28420.htm,"Microsoft Windows 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities",2006-08-21,nop,windows,dos,0 28421,platforms/windows/dos/28421.htm,"Microsoft Internet Explorer 6.0 - Multiple COM Object Color Property Denial of Service Vulnerabilities",2006-08-21,XSec,windows,dos,0 -28422,platforms/php/webapps/28422.txt,"DieselScripts Diesel Paid Mail - Getad.php Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 -28423,platforms/php/webapps/28423.txt,"RedBlog 0.5 - Index.php Remote File Inclusion",2006-08-22,Root3r_H3ll,php,webapps,0 +28422,platforms/php/webapps/28422.txt,"DieselScripts Diesel Paid Mail - Getad.php Cross-site Scripting",2006-08-21,night_warrior771,php,webapps,0 +28423,platforms/php/webapps/28423.txt,"RedBlog 0.5 - 'index.php' Remote File Inclusion",2006-08-22,Root3r_H3ll,php,webapps,0 28424,platforms/linux/remote/28424.txt,"Apache HTTP Server 1.3.35 / 2.0.58 / 2.2.2 - Arbitrary HTTP Request Headers Security Weakness",2006-08-24,"Thiago Zaninotti",linux,remote,0 28425,platforms/solaris/local/28425.txt,"Sun Solaris 8/9 UCB/PS - Command Local Information Disclosure",2006-03-27,anonymous,solaris,local,0 28426,platforms/php/webapps/28426.txt,"Headline Portal Engine 0.x/1.0 - HPEInc Parameter Multiple Remote File Inclusion",2006-08-21,"the master",php,webapps,0 28427,platforms/novell/local/28427.pl,"Novell Identity Manager - Arbitrary Command Execution",2006-08-18,anonymous,novell,local,0 -28428,platforms/php/webapps/28428.txt,"Yapig 0.9x - Thanks_comment.php Cross-Site Scripting",2006-10-13,Kuon,php,webapps,0 +28428,platforms/php/webapps/28428.txt,"Yapig 0.9x - Thanks_comment.php Cross-site Scripting",2006-10-13,Kuon,php,webapps,0 28429,platforms/php/webapps/28429.js,"MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities",2006-08-26,Redworm,php,webapps,0 -28430,platforms/php/webapps/28430.txt,"Jupiter CMS 1.1.5 - Index.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 +28430,platforms/php/webapps/28430.txt,"Jupiter CMS 1.1.5 - 'index.php' Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 28431,platforms/php/webapps/28431.txt,"Jetbox CMS 2.1 - Search_function.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 28432,platforms/php/webapps/28432.txt,"BigACE 1.8.2 - item_main.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 28433,platforms/php/webapps/28433.txt,"BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 @@ -25485,22 +25485,22 @@ id,file,description,date,author,platform,type,port 28436,platforms/php/webapps/28436.txt,"AlstraSoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion",2006-08-26,night_warrior771,php,webapps,0 28437,platforms/php/webapps/28437.txt,"Mambo/Joomla Com_comprofiler 1.0 Plugin - class.php Remote File Inclusion",2006-08-26,Matdhule,php,webapps,0 28438,platforms/windows/remote/28438.html,"Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow",2006-08-28,XSec,windows,remote,0 -28439,platforms/php/webapps/28439.txt,"HLstats 1.34 - Hlstats.php Cross-Site Scripting",2006-08-29,kefka,php,webapps,0 +28439,platforms/php/webapps/28439.txt,"HLstats 1.34 - Hlstats.php Cross-site Scripting",2006-08-29,kefka,php,webapps,0 28440,platforms/php/webapps/28440.txt,"ModuleBased CMS - Multiple Remote File Inclusion",2006-08-29,sCORPINo,php,webapps,0 28441,platforms/php/webapps/28441.txt,"IwebNegar 1.1 - Comments.php SQL Injection",2006-08-30,Hessam-x,php,webapps,0 28442,platforms/php/webapps/28442.txt,"LinksCaffe 2.0/3.0 - Authentication Bypass",2006-07-25,HoangYenXinhDep,php,webapps,0 28443,platforms/asp/webapps/28443.html,"Digiappz Freekot 1.01 - ASP SQL Injection",2006-08-30,FarhadKey,asp,webapps,0 28444,platforms/php/webapps/28444.txt,"AlstraSoft Template Seller - Config[Template_Path] Multiple Remote File Inclusion",2006-08-30,night_warrior771,php,webapps,0 -28445,platforms/php/webapps/28445.txt,"MyBulletinBoard 1.x - Functions_Post.php Cross-Site Scripting",2006-08-30,imei,php,webapps,0 -28446,platforms/php/webapps/28446.txt,"HLstats 1.34 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 +28445,platforms/php/webapps/28445.txt,"MyBulletinBoard 1.x - Functions_Post.php Cross-site Scripting",2006-08-30,imei,php,webapps,0 +28446,platforms/php/webapps/28446.txt,"HLstats 1.34 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 28447,platforms/php/webapps/28447.php,"OsCommerce 2.1/2.2 - Product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - admin/newsletters.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 - admin/orders_status.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 - admin/products_attributes.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow",2013-09-22,blake,windows,dos,0 28464,platforms/php/webapps/28464.txt,"VisualShapers EzContents 2.0.3 - Headeruserdata.php SQL Injection",2006-08-30,DarkFig,php,webapps,0 -28465,platforms/php/webapps/28465.txt,"VisualShapers EzContents 2.0.3 - Loginreq2.php Cross-Site Scripting",2006-08-30,DarkFig,php,webapps,0 -28466,platforms/php/webapps/28466.txt,"Learn.com - Learncenter.ASP Cross-Site Scripting",2006-08-30,Crack_MaN,php,webapps,0 +28465,platforms/php/webapps/28465.txt,"VisualShapers EzContents 2.0.3 - Loginreq2.php Cross-site Scripting",2006-08-30,DarkFig,php,webapps,0 +28466,platforms/php/webapps/28466.txt,"Learn.com - Learncenter.ASP Cross-site Scripting",2006-08-30,Crack_MaN,php,webapps,0 28467,platforms/php/webapps/28467.txt,"ExBB 1.9.1 - Home_Path Parameter Multiple Remote File Inclusion",2006-08-31,Matdhule,php,webapps,0 28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Inclusion",2006-09-01,MATASANOS,php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 @@ -25517,7 +25517,7 @@ id,file,description,date,author,platform,type,port 28461,platforms/php/webapps/28461.txt,"ezContents 2.0.3 - search.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28462,platforms/php/webapps/28462.txt,"ezContents 2.0.3 - toprated.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28469,platforms/windows/dos/28469.txt,"Internet Security Systems 3.6 BlackICE - Local Denial of Service",2006-09-01,"David Matousek",windows,dos,0 -28470,platforms/php/webapps/28470.txt,"VBZoom 1.11 - Profile.php Cross-Site Scripting",2006-09-01,Crack_MaN,php,webapps,0 +28470,platforms/php/webapps/28470.txt,"VBZoom 1.11 - Profile.php Cross-site Scripting",2006-09-01,Crack_MaN,php,webapps,0 28471,platforms/php/webapps/28471.txt,"ToendaCMS 0.x/1.0.x - Remote File Inclusion",2006-09-01,h4ck3riran,php,webapps,0 28472,platforms/php/webapps/28472.txt,"Papoo CMS 3.2 - IBrowser Remote File Inclusion",2006-09-01,Ironfist,php,webapps,0 28473,platforms/php/webapps/28473.txt,"Autentificator 2.01 - Aut_Verifica.Inc.php SQL Injection",2006-09-02,SirDarckCat,php,webapps,0 @@ -25529,20 +25529,20 @@ id,file,description,date,author,platform,type,port 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,Metasploit,hardware,remote,0 28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 -28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module - Cross-Site Scripting",2006-09-04,"Thomas Pollet",php,webapps,0 +28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module - Cross-site Scripting",2006-09-04,"Thomas Pollet",php,webapps,0 28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion",2006-09-04,Kacper,php,webapps,0 28489,platforms/windows/remote/28489.txt,"Easy Address Book Web Server 1.2 - Remote Format String",2006-09-04,"Revnic Vasile",windows,remote,0 -28490,platforms/php/webapps/28490.txt,"SoftBB 0.1 - Page Parameter Cross-Site Scripting",2006-09-05,ThE__LeO,php,webapps,0 +28490,platforms/php/webapps/28490.txt,"SoftBB 0.1 - Page Parameter Cross-site Scripting",2006-09-05,ThE__LeO,php,webapps,0 28491,platforms/multiple/dos/28491.txt,"DSocks 1.3 - Name Variable Buffer Overflow",2006-09-05,"Michael Adams",multiple,dos,0 28492,platforms/php/webapps/28492.txt,"Uni-vert PhpLeague 0.82 - Joueurs.php SQL Injection",2006-09-06,DrEiNsTeIn,php,webapps,0 28493,platforms/php/webapps/28493.txt,"PHP-Nuke Book Catalog Module 1.0 - 'upload.php' Arbitrary File Upload",2006-09-07,osm,php,webapps,0 -28494,platforms/php/webapps/28494.txt,"AckerTodo 4.0 - Index.php Cross-Site Scripting",2006-09-07,viz.security,php,webapps,0 +28494,platforms/php/webapps/28494.txt,"AckerTodo 4.0 - 'index.php' Cross-site Scripting",2006-09-07,viz.security,php,webapps,0 28495,platforms/php/webapps/28495.txt,"TWiki 4.0.x - Viewfile Directory Traversal",2006-09-07,"Peter Thoeny",php,webapps,0 28496,platforms/php/webapps/28496.php,"PHP-Fusion 6.0.x - News.php SQL Injection",2006-09-07,rgod,php,webapps,0 28497,platforms/php/webapps/28497.txt,"Vikingboard Viking board 0.1b - help.php act Parameter XSS",2006-09-08,Hessam-x,php,webapps,0 28498,platforms/php/webapps/28498.txt,"Vikingboard Viking board 0.1b - report.php p Parameter XSS",2006-09-08,Hessam-x,php,webapps,0 28499,platforms/php/webapps/28499.txt,"Vikingboard 0.1 - Topic.php SQL Injection",2006-09-08,Hessam-x,php,webapps,0 -28500,platforms/windows/remote/28500.txt,"Microsoft Indexing Service - Query Validation Cross-Site Scripting",2006-09-12,"Eiji James Yoshida",windows,remote,0 +28500,platforms/windows/remote/28500.txt,"Microsoft Indexing Service - Query Validation Cross-site Scripting",2006-09-12,"Eiji James Yoshida",windows,remote,0 28501,platforms/multiple/remote/28501.xml,"Sage 1.3.6 - Input Validation",2006-09-08,pdp,multiple,remote,0 28502,platforms/php/webapps/28502.txt,"TextAds - delete.php id Parameter XSS",2006-09-09,s3rv3r_hack3r,php,webapps,0 28503,platforms/php/webapps/28503.txt,"TextAds - error.php error Parameter XSS",2006-09-09,s3rv3r_hack3r,php,webapps,0 @@ -25551,19 +25551,19 @@ id,file,description,date,author,platform,type,port 29215,platforms/php/webapps/29215.txt,"FreeQBoard 1.0/1.1 - QB_Path Parameter Multiple Remote File Inclusion",2006-12-27,Shell,php,webapps,0 28507,platforms/aix/local/28507.sh,"IBM AIX 6.1 / 7.1 - Local Privilege Escalation",2013-09-24,"Kristian Erik Hermansen",aix,local,0 28508,platforms/hardware/remote/28508.rb,"Raidsonic NAS Devices - Unauthenticated Remote Command Execution",2013-09-24,Metasploit,hardware,remote,0 -28510,platforms/php/webapps/28510.txt,"PHProg 1.0 - index.php album Parameter XSS",2006-09-11,cdg393,php,webapps,0 -28511,platforms/php/webapps/28511.txt,"PHProg 1.0 - index.php lang Parameter Traversal Arbitrary File Access",2006-09-11,cdg393,php,webapps,0 +28510,platforms/php/webapps/28510.txt,"PHProg 1.0 - 'index.php' album Parameter XSS",2006-09-11,cdg393,php,webapps,0 +28511,platforms/php/webapps/28511.txt,"PHProg 1.0 - 'index.php' lang Parameter Traversal Arbitrary File Access",2006-09-11,cdg393,php,webapps,0 28512,platforms/windows/remote/28512.txt,"paul smith computer services vcap calendar server 1.9 - Directory Traversal",2009-09-12,"securma massine",windows,remote,0 28513,platforms/windows/dos/28513.txt,"Paul Smith Computer Services VCAP Calendar Server 1.9 - Remote Denial of Service",2006-09-12,"securma massine",windows,dos,0 28514,platforms/cgi/webapps/28514.txt,"SQL-Ledger 2.6.x/LedgerSMB 1.0 - Terminal Parameter Directory Traversal",2006-09-12,"Chris Murtagh",cgi,webapps,0 28515,platforms/php/webapps/28515.txt,"IDevSpot iSupport 1.8 - rightbar.php suser Parameter XSS",2006-09-12,s3rv3r_hack3r,php,webapps,0 28516,platforms/php/webapps/28516.txt,"IDevSpot iSupport 1.8 - open_tickets.php ticket_id Parameter XSS",2006-09-12,s3rv3r_hack3r,php,webapps,0 -28517,platforms/php/webapps/28517.txt,"IDevSpot iSupport 1.8 - index.php cons_page_title Parameter XSS",2006-09-12,s3rv3r_hack3r,php,webapps,0 -28518,platforms/php/webapps/28518.txt,"IDevSpot iSupport 1.8 - Index.php Remote File Inclusion",2006-09-12,s3rv3r_hack3r,php,webapps,0 +28517,platforms/php/webapps/28517.txt,"IDevSpot iSupport 1.8 - 'index.php' cons_page_title Parameter XSS",2006-09-12,s3rv3r_hack3r,php,webapps,0 +28518,platforms/php/webapps/28518.txt,"IDevSpot iSupport 1.8 - 'index.php' Remote File Inclusion",2006-09-12,s3rv3r_hack3r,php,webapps,0 28519,platforms/php/webapps/28519.txt,"WM-News 0.5 - Print.php Local File Inclusion",2006-09-12,"Daftrix Security",php,webapps,0 28520,platforms/php/webapps/28520.txt,"Ractive Popper 1.41 - Childwindow.Inc.php Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 28521,platforms/osx/dos/28521.txt,"Apple QuickTime 6/7 - .FLC Movie COLOR_64 Chunk Overflow",2006-09-12,Sowhat,osx,dos,0 -28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn Guestbook 1.x - index.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn Guestbook 1.x - 'index.php' dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28523,platforms/php/webapps/28523.txt,"Telekorn Signkorn Guestbook 1.x - includes/functions.gb.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28524,platforms/php/webapps/28524.txt,"Telekorn Signkorn Guestbook 1.x - includes/functions.admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28525,platforms/php/webapps/28525.txt,"Telekorn Signkorn Guestbook 1.x - includes/admin.inc.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 @@ -25584,8 +25584,8 @@ id,file,description,date,author,platform,type,port 28540,platforms/php/webapps/28540.txt,"Telekorn Signkorn Guestbook 1.x - admin/config.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28541,platforms/php/webapps/28541.txt,"Telekorn Signkorn Guestbook 1.x - admin/admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28542,platforms/multiple/dos/28542.pl,"Verso NetPerformer Frame Relay Access Device - Telnet Buffer Overflow",2006-09-13,"Arif Jatmoko",multiple,dos,0 -28543,platforms/php/webapps/28543.txt,"ForumJBC 4.0 - Haut.php Cross-Site Scripting",2006-09-13,ThE__LeO,php,webapps,0 -28544,platforms/php/webapps/28544.txt,"K2News Management 1.3 - Ratings.php Cross-Site Scripting",2006-09-13,meto5757,php,webapps,0 +28543,platforms/php/webapps/28543.txt,"ForumJBC 4.0 - Haut.php Cross-site Scripting",2006-09-13,ThE__LeO,php,webapps,0 +28544,platforms/php/webapps/28544.txt,"K2News Management 1.3 - Ratings.php Cross-site Scripting",2006-09-13,meto5757,php,webapps,0 28545,platforms/php/webapps/28545.txt,"e107 website system 0.7.5 - contact.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 28546,platforms/php/webapps/28546.txt,"e107 website system 0.7.5 - download.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 28547,platforms/php/webapps/28547.txt,"e107 website system 0.7.5 - admin.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 @@ -25594,35 +25594,35 @@ id,file,description,date,author,platform,type,port 28551,platforms/php/webapps/28551.txt,"e107 website system 0.7.5 - search.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 28552,platforms/php/webapps/28552.txt,"e107 website system 0.7.5 - signup.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 28554,platforms/php/webapps/28554.txt,"e107 website system 0.7.5 - submitnews.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 -28555,platforms/hardware/webapps/28555.txt,"Good for Enterprise 2.2.2.1611 - XSS",2013-09-25,Mario,hardware,webapps,0 +28555,platforms/hardware/webapps/28555.txt,"Good for Enterprise 2.2.2.1611 - Cross-site Scripting",2013-09-25,Mario,hardware,webapps,0 28556,platforms/php/webapps/28556.txt,"e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 28557,platforms/php/webapps/28557.txt,"X2CRM 3.4.1 - Multiple Vulnerabilities",2013-09-25,"High-Tech Bridge SA",php,webapps,80 28558,platforms/linux/webapps/28558.txt,"ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure",2013-09-25,"Yann CAM",linux,webapps,0 -28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b - Index.php Remote File Inclusion",2006-09-23,Root3r_H3ll,php,webapps,0 -28659,platforms/palm_os/webapps/28659.txt,"Jamroom 3.0.16 - Login.php Cross-Site Scripting",2006-09-24,meto5757,palm_os,webapps,0 +28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b - 'index.php' Remote File Inclusion",2006-09-23,Root3r_H3ll,php,webapps,0 +28659,platforms/palm_os/webapps/28659.txt,"Jamroom 3.0.16 - Login.php Cross-site Scripting",2006-09-24,meto5757,palm_os,webapps,0 28660,platforms/php/webapps/28660.php,"CPanel 5-10 - SUID Wrapper Remote Privilege Escalation",2006-09-24,"Nima Salehi",php,webapps,0 -28560,platforms/php/webapps/28560.txt,"Piwigo 2.5.2 - Cross-Site Scripting",2013-09-26,Arsan,php,webapps,0 +28560,platforms/php/webapps/28560.txt,"Piwigo 2.5.2 - Cross-site Scripting",2013-09-26,Arsan,php,webapps,0 28561,platforms/multiple/dos/28561.pl,"Blast XPlayer - Local Buffer Overflow PoC",2013-09-26,flux77,multiple,dos,0 -28562,platforms/hardware/webapps/28562.txt,"Hewlett-Packard 2620 Switch Series. Edit Admin Account - CSRF",2013-09-26,"Hubert Gradek",hardware,webapps,0 +28562,platforms/hardware/webapps/28562.txt,"Hewlett-Packard 2620 Switch Series. Edit Admin Account - Cross-site Request Forgery",2013-09-26,"Hubert Gradek",hardware,webapps,0 28563,platforms/multiple/webapps/28563.txt,"Posnic Stock Management System 1.02 - Multiple Vulnerabilities",2013-09-26,"Sarahma Security",multiple,webapps,0 28564,platforms/php/webapps/28564.txt,"ArticleSetup - Multiple Vulnerabilities",2013-09-26,DevilScreaM,php,webapps,0 38990,platforms/php/webapps/38990.txt,"ArticleSetup Article Script 1.00 - SQL Injection",2015-12-15,"Linux Zone Research Team",php,webapps,80 -28565,platforms/php/webapps/28565.txt,"PHP Event Calendar 1.4/1.5 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,"NR Nandini",php,webapps,0 -28566,platforms/asp/webapps/28566.txt,"Snitz Forums 2000 - Forum.ASP Cross-Site Scripting",2006-09-13,ajann,asp,webapps,0 -28567,platforms/php/webapps/28567.txt,"NX5Linkx 1.0 - Multiple SQL Injection",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 +28565,platforms/php/webapps/28565.txt,"PHP Event Calendar 1.4/1.5 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2006-09-13,"NR Nandini",php,webapps,0 +28566,platforms/asp/webapps/28566.txt,"Snitz Forums 2000 - Forum.ASP Cross-site Scripting",2006-09-13,ajann,asp,webapps,0 +28567,platforms/php/webapps/28567.txt,"NX5Linkx 1.0 - Multiple SQL Injections",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 28568,platforms/php/webapps/28568.txt,"NX5Linkx 1.0 - Links.php HTTP Response Splitting",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 28569,platforms/php/webapps/28569.txt,"ActiveCampaign KnowledgeBuilder 2.2 - Remote File Inclusion",2006-09-14,igi,php,webapps,0 28570,platforms/cgi/webapps/28570.txt,"Mailman 2.1.x - Multiple Input Validation Vulnerabilities",2006-09-14,"Moritz Naumann",cgi,webapps,0 28571,platforms/php/webapps/28571.txt,"DCP-Portal 6.0 - admin/inc/footer.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 28572,platforms/php/webapps/28572.txt,"DCP-Portal 6.0 - admin/inc/header.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - login.php username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 -28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 +28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusion",2006-09-14,"Saudi Hackrz",php,webapps,0 28576,platforms/osx/local/28576.txt,"Apple Mac OS X 10.x - KExtLoad Format String Weakness",2006-09-14,"Adriel T. Desautels",osx,local,0 28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 - Default.ASP SQL Injection",2006-09-14,ajann,asp,webapps,0 28578,platforms/osx/dos/28578.txt,"Apple Mac OS X 10.x - KExtLoad Buffer Overflow Weakness",2006-09-14,"Adriel T. Desautels",osx,dos,0 -28579,platforms/php/webapps/28579.txt,"MyBulletinBoard 1.x - Index.php Cross-Site Scripting",2006-09-15,"HACKERS PAL",php,webapps,0 -28580,platforms/php/webapps/28580.txt,"NextAge Cart - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,meto5757,php,webapps,0 +28579,platforms/php/webapps/28579.txt,"MyBulletinBoard 1.x - 'index.php' Cross-site Scripting",2006-09-15,"HACKERS PAL",php,webapps,0 +28580,platforms/php/webapps/28580.txt,"NextAge Cart - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2006-09-13,meto5757,php,webapps,0 28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 - galleryuploadfunction.php Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 28582,platforms/php/webapps/28582.txt,"Jupiter CMS 1.1.4/1.1.5 - modules/blocks.php Multiple Parameter XSS",2006-09-15,"HACKERS PAL",php,webapps,0 28583,platforms/php/webapps/28583.txt,"Jupiter CMS 1.1.4/1.1.5 - modules/register.php Multiple Parameter XSS",2006-09-15,"HACKERS PAL",php,webapps,0 @@ -25631,22 +25631,22 @@ id,file,description,date,author,platform,type,port 28586,platforms/php/webapps/28586.txt,"Jupiter CMS 1.1.4/1.1.5 - modules/register Multiple Parameter SQL Injection",2006-09-15,"HACKERS PAL",php,webapps,0 28587,platforms/asp/webapps/28587.txt,"EasyPage 7 - Default.ASPX SQL Injection",2006-09-15,s3rv3r_hack3r,asp,webapps,0 28588,platforms/windows/dos/28588.txt,"Symantec Multiple Products - SymEvent Driver Local Denial of Service",2006-09-15,"David Matousek",windows,dos,0 -28589,platforms/asp/webapps/28589.txt,"Web Wiz Forums 7.01 - Members.ASP Cross-Site Scripting",2006-09-15,Crack_MaN,asp,webapps,0 +28589,platforms/asp/webapps/28589.txt,"Web Wiz Forums 7.01 - Members.ASP Cross-site Scripting",2006-09-15,Crack_MaN,asp,webapps,0 28590,platforms/php/webapps/28590.txt,"Hitweb 3.0 - REP_CLASS Multiple Remote File Inclusion",2006-09-16,ERNE,php,webapps,0 28591,platforms/php/webapps/28591.php,"PHP-post Web Forum 0.x.1.0 - profile.php Multiple Parameter SQL Injection",2006-09-16,"HACKERS PAL",php,webapps,0 28592,platforms/php/webapps/28592.txt,"PHP-post Web Forum 0.x.1.0 - pm.php replyuser Parameter XSS",2006-09-16,"HACKERS PAL",php,webapps,0 28593,platforms/asp/webapps/28593.txt,"ZilekPortal 1.0 - Haberdetay.ASP SQL Injection",2006-09-16,chernobiLe,asp,webapps,0 -28594,platforms/php/webapps/28594.txt,"Artmedic Links 5.0 - Index.php Remote File Inclusion",2006-09-16,botan,php,webapps,0 +28594,platforms/php/webapps/28594.txt,"Artmedic Links 5.0 - 'index.php' Remote File Inclusion",2006-09-16,botan,php,webapps,0 28595,platforms/linux/remote/28595.txt,"BusyBox 1.01 - HTTPD Directory Traversal",2006-09-16,bug-finder,linux,remote,0 -28596,platforms/php/webapps/28596.txt,"MyBulletinBoard 1.2 - Generic_Error.php Multiple Cross-Site Scripting Vulnerabilities",2006-09-18,"HACKERS PAL",php,webapps,0 +28596,platforms/php/webapps/28596.txt,"MyBulletinBoard 1.2 - Generic_Error.php Multiple Cross-site Scripting Vulnerabilities",2006-09-18,"HACKERS PAL",php,webapps,0 28597,platforms/asp/webapps/28597.txt,"ECardPro 2.0 - Search.ASP SQL Injection",2006-09-18,ajann,asp,webapps,0 -28598,platforms/php/webapps/28598.txt,"IDevSpot BizDirectory 1.9 - Multiple Cross-Site Scripting Vulnerabilities",2006-09-18,s3rv3r_hack3r,php,webapps,0 -28599,platforms/php/webapps/28599.txt,"NixieAffiliate 1.9 - Lostpassword.php Cross-Site Scripting",2006-09-18,s3rv3r_hack3r,php,webapps,0 +28598,platforms/php/webapps/28598.txt,"IDevSpot BizDirectory 1.9 - Multiple Cross-site Scripting Vulnerabilities",2006-09-18,s3rv3r_hack3r,php,webapps,0 +28599,platforms/php/webapps/28599.txt,"NixieAffiliate 1.9 - Lostpassword.php Cross-site Scripting",2006-09-18,s3rv3r_hack3r,php,webapps,0 28600,platforms/asp/webapps/28600.txt,"EShoppingPro 1.0 - Search_Run.ASP SQL Injection",2006-09-18,ajann,asp,webapps,0 -28601,platforms/php/webapps/28601.txt,"PT News 1.7.8 - Search.php Cross-Site Scripting",2006-09-18,Snake,php,webapps,0 +28601,platforms/php/webapps/28601.txt,"PT News 1.7.8 - Search.php Cross-site Scripting",2006-09-18,Snake,php,webapps,0 28602,platforms/multiple/remote/28602.txt,"OSU HTTP Server 3.10/3.11 - Multiple Information Disclosure Vulnerabilities",2006-09-19,"Julio Cesar Fort",multiple,remote,0 -28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - Index.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 -28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - Search.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 +28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - 'index.php' Cross-site Scripting",2006-09-19,meto5757,php,webapps,0 +28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - Search.php Cross-site Scripting",2006-09-19,meto5757,php,webapps,0 28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet - Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - addrlist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 @@ -25698,7 +25698,7 @@ id,file,description,date,author,platform,type,port 28697,platforms/php/webapps/28697.txt,"CubeCart 3.0.x - view_doc.php view_doc Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 28698,platforms/php/webapps/28698.txt,"CubeCart 3.0.x - admin/print_order.php order_id Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 28699,platforms/php/webapps/28699.txt,"CubeCart 3.0.x - /admin/print_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 -28652,platforms/hardware/webapps/28652.txt,"Asus RT-N66U 3.0.0.4.374_720 - CSRF",2013-09-30,cgcai,hardware,webapps,80 +28652,platforms/hardware/webapps/28652.txt,"Asus RT-N66U 3.0.0.4.374_720 - Cross-site Request Forgery",2013-09-30,cgcai,hardware,webapps,80 28653,platforms/linux/webapps/28653.txt,"mod_accounting Module 0.5 - Blind SQL Injection",2013-09-30,Wireghoul,linux,webapps,0 28654,platforms/php/webapps/28654.txt,"XAMPP 1.8.1 - (lang.php WriteIntoLocalDisk method) Local Write Access",2013-09-30,"Manuel García Cárdenas",php,webapps,80 28655,platforms/multiple/local/28655.rb,"Nodejs - js-yaml load() Code Exec",2013-09-30,Metasploit,multiple,local,0 @@ -25707,20 +25707,20 @@ id,file,description,date,author,platform,type,port 28661,platforms/php/webapps/28661.txt,"ToendaCMS 1.0.4 - Media.php Directory Traversal",2006-09-24,MoHaJaLi,php,webapps,0 28662,platforms/php/webapps/28662.txt,"PhotoStore - details.php gid Parameter XSS",2006-09-25,meto5757,php,webapps,0 28663,platforms/php/webapps/28663.txt,"PhotoStore - view_photog.php photogid Parameter XSS",2006-09-25,meto5757,php,webapps,0 -28664,platforms/php/webapps/28664.txt,"Opial AV Download Management 1.0 - Index.php Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 -28665,platforms/php/webapps/28665.txt,"WWWThreads 5.4 - Cat Parameter Multiple Cross-Site Scripting Vulnerabilities",2006-09-25,Root3r_H3ll,php,webapps,0 +28664,platforms/php/webapps/28664.txt,"Opial AV Download Management 1.0 - 'index.php' Cross-site Scripting",2006-09-25,meto5757,php,webapps,0 +28665,platforms/php/webapps/28665.txt,"WWWThreads 5.4 - Cat Parameter Multiple Cross-site Scripting Vulnerabilities",2006-09-25,Root3r_H3ll,php,webapps,0 28666,platforms/multiple/dos/28666.txt,"Call of Duty Server 4.1.x - Callvote Map Command Remote Buffer Overflow",2006-09-25,"Luigi Auriemma",multiple,dos,0 28667,platforms/php/webapps/28667.txt,"BirdBlog 1.x - comment.php entryid Parameter XSS",2006-09-25,Root3r_H3ll,php,webapps,0 -28668,platforms/php/webapps/28668.txt,"BirdBlog 1.x - index.php page Parameter XSS",2006-09-25,Root3r_H3ll,php,webapps,0 +28668,platforms/php/webapps/28668.txt,"BirdBlog 1.x - 'index.php' page Parameter XSS",2006-09-25,Root3r_H3ll,php,webapps,0 28669,platforms/php/webapps/28669.txt,"BirdBlog 1.x - user.php uid Parameter XSS",2006-09-25,Root3r_H3ll,php,webapps,0 -28670,platforms/php/webapps/28670.txt,"DanPHPSupport 0.5 - index.php page Parameter XSS",2006-09-25,You_You,php,webapps,0 +28670,platforms/php/webapps/28670.txt,"DanPHPSupport 0.5 - 'index.php' page Parameter XSS",2006-09-25,You_You,php,webapps,0 28671,platforms/php/webapps/28671.txt,"DanPHPSupport 0.5 - admin.php do Parameter XSS",2006-09-25,You_You,php,webapps,0 28672,platforms/php/webapps/28672.pl,"BBSNew 2.0.1 - Index2.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28673,platforms/php/webapps/28673.txt,"Exporia 0.3 - Common.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28674,platforms/php/webapps/28674.pl,"Back-End CMS 0.4.5 - admin/index.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28675,platforms/php/webapps/28675.txt,"Back-End CMS 0.4.5 - Facts.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28676,platforms/php/webapps/28676.txt,"Back-End CMS 0.4.5 - search.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28725,platforms/multiple/remote/28725.txt,"SAP Internet Transaction Server 6.10/6.20 - Cross-Site Scripting",2006-09-28,"ILION Research",multiple,remote,0 +28725,platforms/multiple/remote/28725.txt,"SAP Internet Transaction Server 6.10/6.20 - Cross-site Scripting",2006-09-28,"ILION Research",multiple,remote,0 28726,platforms/multiple/dos/28726.pl,"OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service",2006-09-28,"Noam Rathaus",multiple,dos,0 28679,platforms/multiple/dos/28679.txt,"Evince PDF Reader 2.32.0.145 (Windows) / 3.4.0 (Linux) - Denial of Service",2013-10-02,Deva,multiple,dos,0 28680,platforms/linux/local/28680.txt,"PinApp Mail-SeCure 3.70 - Access Control Failure",2013-10-02,"Core Security",linux,local,0 @@ -25735,7 +25735,7 @@ id,file,description,date,author,platform,type,port 28689,platforms/php/webapps/28689.txt,"php_news 2.0 - admin/catagory.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28690,platforms/php/webapps/28690.txt,"php_news 2.0 - creat_news_all.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28691,platforms/php/webapps/28691.txt,"Quickblogger 1.4 - Remote File Inclusion",2006-09-25,You_You,php,webapps,0 -28692,platforms/php/webapps/28692.txt,"Phoenix Evolution CMS - index.php Multiple Parameter XSS",2006-09-26,Root3r_H3ll,php,webapps,0 +28692,platforms/php/webapps/28692.txt,"Phoenix Evolution CMS - 'index.php' Multiple Parameter XSS",2006-09-26,Root3r_H3ll,php,webapps,0 28693,platforms/php/webapps/28693.txt,"Phoenix Evolution CMS - modules/pageedit/index.php pageid Parameter XSS",2006-09-26,Root3r_H3ll,php,webapps,0 28701,platforms/php/webapps/28701.txt,"CubeCart 3.0.x - /admin/nav.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28702,platforms/php/webapps/28702.txt,"CubeCart 3.0.x - /admin/image.php image Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 @@ -25755,27 +25755,27 @@ id,file,description,date,author,platform,type,port 28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 28709,platforms/php/webapps/28709.txt,"FlashChat 6.0.2-6.0.8 - Arbitrary File Upload",2013-10-04,x-hayben21,php,webapps,80 28710,platforms/osx/remote/28710.txt,"Skype Technologies Skype 1.5 - NSRunAlertPanel Remote Format String",2006-09-26,"Tom Ferris",osx,remote,0 -28711,platforms/php/webapps/28711.txt,"PHP Invoice 2.2 - Home.php Cross-Site Scripting",2006-09-26,meto5757,php,webapps,0 +28711,platforms/php/webapps/28711.txt,"PHP Invoice 2.2 - Home.php Cross-site Scripting",2006-09-26,meto5757,php,webapps,0 28712,platforms/php/webapps/28712.txt,"CMS Formulasi 2.07 - Multiple Vulnerabilities",2013-10-04,"Sarahma Security",php,webapps,80 -28713,platforms/php/remote/28713.php,"Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object - RCE",2013-10-04,rgod,php,remote,0 +28713,platforms/php/remote/28713.php,"Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object - Remote Code Execution",2013-10-04,rgod,php,remote,0 28714,platforms/php/webapps/28714.txt,"PHPSelect Web Development - Index.php3 Remote File Inclusion",2006-09-27,rUnViRuS,php,webapps,0 -29274,platforms/php/webapps/29274.html,"Horde Groupware Web Mail Edition 5.1.2 - CSRF (1)",2013-10-29,"Marcela Benetrix",php,webapps,80 -28716,platforms/php/webapps/28716.txt,"MKPortal 1.0/1.1 - PMPopup.php Cross-Site Scripting",2006-09-27,HanowarS,php,webapps,0 +29274,platforms/php/webapps/29274.html,"Horde Groupware Web Mail Edition 5.1.2 - Cross-site Request Forgery (1)",2013-10-29,"Marcela Benetrix",php,webapps,80 +28716,platforms/php/webapps/28716.txt,"MKPortal 1.0/1.1 - PMPopup.php Cross-site Scripting",2006-09-27,HanowarS,php,webapps,0 29279,platforms/php/webapps/29279.txt,"Olat CMS 7.8.0.1 - Persistent XSS",2013-10-29,Vulnerability-Lab,php,webapps,0 28718,platforms/freebsd/local/28718.c,"FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation Exploit",2013-10-04,CurcolHekerLink,freebsd,local,0 28719,platforms/php/webapps/28719.txt,"VirtueMart Joomla ECommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities",2006-09-27,"Adrian Castro",php,webapps,0 28720,platforms/php/webapps/28720.txt,"Web//News 1.4 - Parser.php Remote File Inclusion",2006-09-27,ThE-WoLf-KsA,php,webapps,0 -28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 - index.php Unspecified XSS",2006-09-22,"Armorize Technologies",php,webapps,0 +28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 - 'index.php' Unspecified XSS",2006-09-22,"Armorize Technologies",php,webapps,0 28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 - process_login.php Unspecified XSS",2006-09-22,"Armorize Technologies",php,webapps,0 28723,platforms/php/webapps/28723.txt,"Aanval 7.1 build 70151 - Multiple Vulnerabilities",2013-10-04,xistence,php,webapps,80 28724,platforms/windows/remote/28724.rb,"SIEMENS Solid Edge ST4 SEListCtrlX - ActiveX Remote Code Execution",2013-10-04,Metasploit,windows,remote,0 28736,platforms/php/webapps/28736.txt,"DeluxeBB 1.09 - Sig.php Remote File Inclusion",2006-10-02,r0ut3r,php,webapps,0 28737,platforms/php/webapps/28737.txt,"PHP Web Scripts Easy Banner - Functions.php Remote File Inclusion",2006-10-02,"abu ahmed",php,webapps,0 -28738,platforms/php/webapps/28738.txt,"Digishop 4.0 - Cart.php Cross-Site Scripting",2006-10-02,meto5757,php,webapps,0 +28738,platforms/php/webapps/28738.txt,"Digishop 4.0 - Cart.php Cross-site Scripting",2006-10-02,meto5757,php,webapps,0 28739,platforms/hardware/dos/28739.pl,"Motorola SB4200 - Remote Denial of Service",2006-10-03,"Dave Gil",hardware,dos,0 28740,platforms/php/webapps/28740.txt,"HAMweather 3.9.8 - Template.php Script Code Injection",2006-10-03,"James Bercegay",php,webapps,0 28741,platforms/php/webapps/28741.txt,"Yener Haber Script 1.0/2.0 - SQL Injection",2006-10-04,Dj_ReMix,php,webapps,0 -28742,platforms/asp/webapps/28742.txt,"ASPPlayGround.NET Forum 2.4.5 - Calendar.ASP Cross-Site Scripting",2006-10-27,MizoZ,asp,webapps,0 +28742,platforms/asp/webapps/28742.txt,"ASPPlayGround.NET Forum 2.4.5 - Calendar.ASP Cross-site Scripting",2006-10-27,MizoZ,asp,webapps,0 28743,platforms/php/webapps/28743.txt,"osCommerce 2.2 - admin/banner_manager.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28744,platforms/php/webapps/28744.txt,"osCommerce 2.2 - admin/banner_statistics.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28745,platforms/php/webapps/28745.txt,"osCommerce 2.2 - admin/countries.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 @@ -25791,7 +25791,7 @@ id,file,description,date,author,platform,type,port 28758,platforms/php/webapps/28758.txt,"osCommerce 2.2 - admin/tax_rates.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28759,platforms/php/webapps/28759.txt,"osCommerce 2.2 - admin/zones.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28760,platforms/php/remote/28760.php,"PHP 3-5 - ZendEngine ECalloc Integer Overflow",2006-10-05,anonymous,php,remote,0 -28761,platforms/php/webapps/28761.txt,"WikyBlog 1.2.x - Index.php Remote File Inclusion",2006-10-05,MoHaNdKo,php,webapps,0 +28761,platforms/php/webapps/28761.txt,"WikyBlog 1.2.x - 'index.php' Remote File Inclusion",2006-10-05,MoHaNdKo,php,webapps,0 28762,platforms/asp/webapps/28762.txt,"Civica - Display.ASP SQL Injection",2006-10-05,CodeXpLoder'tq,asp,webapps,0 28763,platforms/windows/local/28763.c,"Symantec AntiVirus - IOCTL Kernel Privilege Escalation (1)",2006-08-26,"Ruben Santamarta ",windows,local,0 28764,platforms/windows/local/28764.c,"Symantec AntiVirus - IOCTL Kernel Privilege Escalation (2)",2006-08-26,"Ruben Santamarta ",windows,local,0 @@ -25799,41 +25799,41 @@ id,file,description,date,author,platform,type,port 28766,platforms/windows/remote/28766.py,"Computer Associates Products Message Engine RPC Server - Multiple Buffer Overflow Vulnerabilities (2)",2006-10-05,LSsec.com,windows,remote,0 28767,platforms/php/webapps/28767.txt,"AckerTodo 4.2 - Login.php Multiple SQL Injection",2006-10-06,"Francesco Laurita",php,webapps,0 28768,platforms/asp/webapps/28768.html,"Emek Portal 2.1 - Uyegiris.ASP SQL Injection",2006-10-06,"Dj ReMix",asp,webapps,0 -28769,platforms/php/webapps/28769.txt,"Interspire FastFind - Index.php Cross-Site Scripting",2006-09-27,MizoZ,php,webapps,0 +28769,platforms/php/webapps/28769.txt,"Interspire FastFind - 'index.php' Cross-site Scripting",2006-09-27,MizoZ,php,webapps,0 28770,platforms/php/webapps/28770.txt,"Moodle Blog 1.18.2.2/1.6.2 Module - SQL Injection",2006-10-08,disfigure,php,webapps,0 28771,platforms/php/webapps/28771.pl,"PHP Polling Creator 1.03 - Functions.inc.php Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 28772,platforms/php/webapps/28772.txt,"ISearch 2.16 - ISEARCH_PATH Parameter Remote File Inclusion",2006-10-09,MoHaNdKo,php,webapps,0 -28773,platforms/php/webapps/28773.txt,"Deep CMS 2.0 - Index.php Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 +28773,platforms/php/webapps/28773.txt,"Deep CMS 2.0 - 'index.php' Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 28774,platforms/php/webapps/28774.txt,"PHPWebSite 0.10.2 - PHPWS_SOURCE_DIR Parameter Multiple Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 28775,platforms/linux/dos/28775.pl,"ZABBIX 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities",2006-10-09,"Max Vozeler",linux,dos,0 -28776,platforms/php/webapps/28776.txt,"EXPBlog 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-10-09,Tamriel,php,webapps,0 +28776,platforms/php/webapps/28776.txt,"EXPBlog 0.3.5 - Multiple Cross-site Scripting Vulnerabilities",2006-10-09,Tamriel,php,webapps,0 28777,platforms/php/webapps/28777.txt,"Hastymail 1.x - IMAP SMTP Command Injection",2006-10-10,"Vicente Aguilera Diaz",php,webapps,0 28778,platforms/php/webapps/28778.txt,"ironwebmail 6.1.1 - Directory Traversal information disclosure",2006-10-16,"Derek Callaway",php,webapps,0 28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 - Getimg.php Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 28780,platforms/php/webapps/28780.txt,"Softerra PHP Developer Library 1.5.3 - Grid3.lib.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28781,platforms/php/webapps/28781.txt,"BlueShoes Framework 4.6 - GoogleSearch.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28782,platforms/php/webapps/28782.txt,"Tagit2b - DelTagUser.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 -28783,platforms/php/webapps/28783.txt,"MySQLDumper 1.21 - SQL.php Cross-Site Scripting",2006-10-10,Crackers_Child,php,webapps,0 +28783,platforms/php/webapps/28783.txt,"MySQLDumper 1.21 - SQL.php Cross-site Scripting",2006-10-10,Crackers_Child,php,webapps,0 28784,platforms/php/webapps/28784.txt,"Gcards 1.13 - Addnews.php Remote File Inclusion",2006-10-11,"DeatH VirUs",php,webapps,0 28785,platforms/windows/dos/28785.c,"Google Earth 4.0.2091 (beta) - KML/KMZ Files Buffer Overflow",2006-09-14,JAAScois,windows,dos,0 28786,platforms/php/webapps/28786.pl,"CommunityPortals 1.0 - Bug.php Remote File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 28787,platforms/php/webapps/28787.txt,"Dokeos 1.6.4 - Multiple Remote File Inclusions Vulnerabilities",2006-10-11,viper-haCker,php,webapps,0 28788,platforms/solaris/local/28788.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (1)",2006-10-13,"Marco Ivaldi",solaris,local,0 28789,platforms/solaris/local/28789.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (2)",2006-10-24,"Marco Ivaldi",solaris,local,0 -28790,platforms/php/webapps/28790.txt,"PHPList 2.x - Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 +28790,platforms/php/webapps/28790.txt,"PHPList 2.x - Public Pages MultipleCross-site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b - Config.php Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0 28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - admin_events.php CONFIG_EXT[LANGUAGES_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - mail.inc.php CONFIG_EXT[LIB_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 -28794,platforms/php/webapps/28794.txt,"4Images 1.7 - Details.php Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0 +28794,platforms/php/webapps/28794.txt,"4Images 1.7 - Details.php Cross-site Scripting",2006-10-12,"Christian Marthen",php,webapps,0 28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 - Upload.php Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0 28796,platforms/php/webapps/28796.pl,"Buzlas 2006-1 Full - Archive_Topic.php Remote File Inclusion",2006-09-29,"Nima Salehi",php,webapps,0 -28797,platforms/php/webapps/28797.txt,"Bloq 0.5.4 - index.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 +28797,platforms/php/webapps/28797.txt,"Bloq 0.5.4 - 'index.php' page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28798,platforms/php/webapps/28798.txt,"Bloq 0.5.4 - admin.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28799,platforms/php/webapps/28799.txt,"Bloq 0.5.4 - rss.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28800,platforms/php/webapps/28800.txt,"Bloq 0.5.4 - rss2.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28801,platforms/php/webapps/28801.txt,"Bloq 0.5.4 - rdf.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28802,platforms/php/webapps/28802.txt,"Bloq 0.5.4 - files/mainfile.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 -28803,platforms/php/webapps/28803.txt,"Xoops 2.2.3 - Search.php Cross-Site Scripting",2006-10-13,b0rizQ,php,webapps,0 +28803,platforms/php/webapps/28803.txt,"Xoops 2.2.3 - Search.php Cross-site Scripting",2006-10-13,b0rizQ,php,webapps,0 28804,platforms/php/webapps/28804.pl,"PHPBB Add Name Module - Not_Mem.php Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 30208,platforms/windows/dos/30208.txt,"IcoFX 2.5.0.0 - (.ico) Buffer Overflow",2013-12-11,"Core Security",windows,dos,0 29213,platforms/windows/local/29213.pl,"Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)",2013-10-26,"Mike Czumak",windows,local,0 @@ -25846,23 +25846,23 @@ id,file,description,date,author,platform,type,port 28812,platforms/freebsd/dos/28812.c,"FreeBSD 5.5/6.x - Scheduler Policy Local Denial of Service",2006-10-13,"Diane Bruce",freebsd,dos,0 28813,platforms/freebsd/dos/28813.c,"FreeBSD 6.0/6.1 Ftrucante - Local Denial of Service",2006-10-13,"Kirk Russell",freebsd,dos,0 28814,platforms/php/webapps/28814.txt,"RamaCMS - ADODB.Inc.php Remote File Inclusion",2006-10-13,"Le CoPrA",php,webapps,0 -28815,platforms/php/webapps/28815.txt,"H-Sphere 2.x - WebShell Login.php Cross-Site Scripting",2006-10-14,b0rizQ,php,webapps,0 +28815,platforms/php/webapps/28815.txt,"H-Sphere 2.x - WebShell Login.php Cross-site Scripting",2006-10-14,b0rizQ,php,webapps,0 28816,platforms/linux/dos/28816.txt,"KMail 1.x - HTML Element Handling Denial of Service",2006-10-16,nnp,linux,dos,0 28817,platforms/multiple/local/28817.txt,"Internet Security Systems 3.6 - ZWDeleteFile Function Arbitrary File Deletion",2006-10-16,"Matousec Transparent security",multiple,local,0 28818,platforms/php/webapps/28818.txt,"Mambo MostlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion",2006-10-16,The_BeKiR,php,webapps,0 28819,platforms/php/webapps/28819.txt,"Lodel CMS 0.7.3 - Calcul-Page.php Remote File Inclusion",2006-10-17,The_BeKiR,php,webapps,0 -28820,platforms/php/webapps/28820.txt,"Webgenius Goop Gallery 2.0 - Index.php Cross-Site Scripting",2006-10-17,Lostmon,php,webapps,0 +28820,platforms/php/webapps/28820.txt,"Webgenius Goop Gallery 2.0 - 'index.php' Cross-site Scripting",2006-10-17,Lostmon,php,webapps,0 28821,platforms/php/webapps/28821.txt,"Maintain 3.0.0-RC2 - Example6.php Remote File Inclusion",2006-10-16,ERNE,php,webapps,0 28822,platforms/windows/dos/28822.txt,"Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow",2006-10-16,mmd_000,windows,dos,0 28823,platforms/php/webapps/28823.pl,"PowerMovieList 0.13/0.14 - Edit User HTML Injection",2006-10-16,MP,php,webapps,0 -28824,platforms/php/webapps/28824.txt,"PHPList 2.10.2 - Index.php Cross-Site Scripting",2006-10-17,b0rizQ,php,webapps,0 -28825,platforms/php/webapps/28825.txt,"Dev Web Manager System 1.5 - Index.php Cross-Site Scripting",2006-10-17,CorryL,php,webapps,0 +28824,platforms/php/webapps/28824.txt,"PHPList 2.10.2 - 'index.php' Cross-site Scripting",2006-10-17,b0rizQ,php,webapps,0 +28825,platforms/php/webapps/28825.txt,"Dev Web Manager System 1.5 - 'index.php' Cross-site Scripting",2006-10-17,CorryL,php,webapps,0 28826,platforms/php/webapps/28826.txt,"Cerberus Helpdesk 3.2.1 - Rpc.php Unauthorized Access",2006-10-18,jonepet,php,webapps,0 28827,platforms/php/webapps/28827.txt,"PHP Live Helper 1.17 - Multiple Remote File Inclusion",2006-10-18,Matdhule,php,webapps,0 28828,platforms/php/webapps/28828.txt,"Zorum 3.5 - DBProperty.php Remote File Inclusion",2006-10-19,MoHaNdKo,php,webapps,0 28829,platforms/asp/webapps/28829.txt,"Kinesis Interactive Cinema System - Index.ASP SQL Injection",2006-10-18,fireboy,asp,webapps,0 -28830,platforms/php/webapps/28830.pl,"Free FAQ 1.0 - Index.php Remote File Inclusion",2006-10-19,"Alireza Ahari",php,webapps,0 -28831,platforms/php/webapps/28831.txt,"Simple Machines Forum 1.0/1.1 - Index.php Cross-Site Scripting",2006-10-19,b0rizQ,php,webapps,0 +28830,platforms/php/webapps/28830.pl,"Free FAQ 1.0 - 'index.php' Remote File Inclusion",2006-10-19,"Alireza Ahari",php,webapps,0 +28831,platforms/php/webapps/28831.txt,"Simple Machines Forum 1.0/1.1 - 'index.php' Cross-site Scripting",2006-10-19,b0rizQ,php,webapps,0 28832,platforms/php/webapps/28832.txt,"ATutor 1.5.3 - Multiple Remote File Inclusion",2006-10-19,SuBzErO,php,webapps,0 28833,platforms/php/webapps/28833.pl,"Casinosoft Casino Script 3.2 - Config.php SQL Injection",2006-10-20,G1UK,php,webapps,0 28834,platforms/windows/dos/28834.txt,"Microsoft Windows XP - CMD.EXE Buffer Overflow",2006-10-20,"Alberto Cortes",windows,dos,0 @@ -25872,8 +25872,8 @@ id,file,description,date,author,platform,type,port 28838,platforms/php/webapps/28838.txt,"ClanLite - Config-PHP.php Remote File Inclusion",2006-10-23,x_w0x,php,webapps,0 28839,platforms/php/webapps/28839.txt,"SchoolAlumni Portal 2.26 - smumdadotcom_ascyb_alumni/mod.php katalog Module query Parameter XSS",2006-10-23,MP,php,webapps,0 28840,platforms/php/webapps/28840.txt,"SchoolAlumni Portal 2.26 - mod.php mod Parameter Traversal Local File Inclusion",2006-10-23,MP,php,webapps,0 -28841,platforms/php/webapps/28841.txt,"RMSOFT Gallery System 2.0 - Images.php Cross-Site Scripting",2006-10-23,FREAK_PR,php,webapps,0 -28842,platforms/php/webapps/28842.txt,"Zwahlen's Online Shop 5.2.2 - Cat Parameter Cross-Site Scripting",2006-10-23,MC.Iglo,php,webapps,0 +28841,platforms/php/webapps/28841.txt,"RMSOFT Gallery System 2.0 - Images.php Cross-site Scripting",2006-10-23,FREAK_PR,php,webapps,0 +28842,platforms/php/webapps/28842.txt,"Zwahlen's Online Shop 5.2.2 - Cat Parameter Cross-site Scripting",2006-10-23,MC.Iglo,php,webapps,0 28843,platforms/php/webapps/28843.txt,"cPanel 10.9 - DoSetmytheme theme Parameter XSS",2006-10-23,Crackers_Child,php,webapps,0 28844,platforms/php/webapps/28844.txt,"cPanel 10.9 - editzonetemplate template Parameter XSS",2006-10-23,Crackers_Child,php,webapps,0 28845,platforms/php/webapps/28845.txt,"Shop-Script - Multiple HTTP Response Splitting Vulnerabilities",2006-10-23,"Debasis Mohanty",php,webapps,0 @@ -25886,17 +25886,17 @@ id,file,description,date,author,platform,type,port 28852,platforms/hardware/dos/28852.py,"ONO Hitron CDE-30364 Router - Denial of Service",2013-10-10,"Matias Mingorance Svensson",hardware,dos,80 28853,platforms/windows/remote/28853.html,"Indusoft Thin Client 7.1 - ActiveX Buffer Overflow",2013-10-10,blake,windows,remote,0 28854,platforms/multiple/webapps/28854.txt,"Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection",2013-10-10,"Giuseppe D'Amore",multiple,webapps,0 -28855,platforms/windows/dos/28855.txt,"ALLPlayer 5.6.2 - (.m3u) Local Buffer Overflow PoC",2013-10-10,metacom,windows,dos,0 +28855,platforms/windows/dos/28855.txt,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow PoC",2013-10-10,metacom,windows,dos,0 28857,platforms/asp/webapps/28857.txt,"Snitz Forums 2000 3.4.6 - Pop_Mail.ASP SQL Injection",2006-10-24,"Arham Muhammad",asp,webapps,0 28858,platforms/php/webapps/28858.txt,"Simpnews 2.x - admin/index.php Unspecified XSS",2006-10-24,security@vigilon.com,php,webapps,0 28859,platforms/php/webapps/28859.txt,"Simpnews 2.x - admin/pwlost.php Unspecified XSS",2006-10-24,security@vigilon.com,php,webapps,0 28860,platforms/windows/dos/28860.c,"FtpXQ Server 3.01 - MKD Command Remote Overflow DoS",2006-10-24,"Federico Fazzi",windows,dos,0 28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 - PathToComment Parameter Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 28862,platforms/php/webapps/28862.txt,"PHPMyConferences 8.0.2 - Init.php Remote File Inclusion",2006-10-25,The-0utl4w,php,webapps,0 -28863,platforms/php/webapps/28863.txt,"MAXdev MD-Pro 1.0.76 - User.php Cross-Site Scripting",2006-10-26,r00t,php,webapps,0 +28863,platforms/php/webapps/28863.txt,"MAXdev MD-Pro 1.0.76 - User.php Cross-site Scripting",2006-10-26,r00t,php,webapps,0 28864,platforms/php/webapps/28864.txt,"PhpLeague 0.81 - consult/miniseul.php cheminmini Parameter Remote File Inclusion",2006-10-26,ajaan,php,webapps,0 28865,platforms/php/webapps/28865.txt,"PHPTreeView 1.0 - TreeViewClass.php Remote File Inclusion",2006-10-27,"Prince Islam",php,webapps,0 -28866,platforms/php/webapps/28866.txt,"IG Shop 1.4 - Change_Pass.php Cross-Site Scripting",2006-10-30,SnipEr.X,php,webapps,0 +28866,platforms/php/webapps/28866.txt,"IG Shop 1.4 - Change_Pass.php Cross-site Scripting",2006-10-30,SnipEr.X,php,webapps,0 28867,platforms/php/webapps/28867.txt,"TorrentFlux 2.1 - Dir.php Directory Traversal",2006-10-27,Christopher,php,webapps,0 28868,platforms/php/webapps/28868.txt,"PLS-Bannieres 1.21 - Bannieres.php Remote File Inclusion",2006-10-27,Mahmood_ali,php,webapps,0 28869,platforms/asp/webapps/28869.txt,"Web Wiz Forum 6.34/7.x - Search.ASP SQL Injection",2006-10-28,almaster,asp,webapps,0 @@ -25911,15 +25911,15 @@ id,file,description,date,author,platform,type,port 28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 - login.php username Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 28879,platforms/asp/webapps/28879.txt,"Evandor Easy notesManager 0.0.1 - Search Page SQL Injection",2006-10-30,poplix,asp,webapps,0 28880,platforms/windows/dos/28880.txt,"Microsoft Internet Explorer 6.0/7.0 - RemoveChild Denial of Service",2006-10-30,"Wojciech H",windows,dos,0 -28881,platforms/php/webapps/28881.txt,"Foresite CMS - Index_2.php Cross-Site Scripting",2006-10-30,"David Vieira-Kurz",php,webapps,0 -28882,platforms/php/webapps/28882.txt,"phpFaber CMS 1.3.36 - Htmlarea.php Cross-Site Scripting",2005-10-30,Vigilon,php,webapps,0 +28881,platforms/php/webapps/28881.txt,"Foresite CMS - Index_2.php Cross-site Scripting",2006-10-30,"David Vieira-Kurz",php,webapps,0 +28882,platforms/php/webapps/28882.txt,"phpFaber CMS 1.3.36 - Htmlarea.php Cross-site Scripting",2005-10-30,Vigilon,php,webapps,0 28883,platforms/php/webapps/28883.txt,"Easy Web Portal 2.1.2 - Multiple Remote File Inclusion",2006-10-31,MEFISTO,php,webapps,0 28884,platforms/windows/remote/28884.html,"BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities",2006-10-31,maxgipeh,windows,remote,0 28885,platforms/php/webapps/28885.php,"PHP-Nuke 7.x - Journal Module Search.php SQL Injection",2006-10-31,Paisterist,php,webapps,0 28886,platforms/php/webapps/28886.txt,"The Search Engine Project 0.942 - Configfunction.php Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 -28887,platforms/java/remote/28887.txt,"Sun Java System 6.x - Messenger Express Cross-Site Scripting",2006-10-31,Handrix,java,remote,0 +28887,platforms/java/remote/28887.txt,"Sun Java System 6.x - Messenger Express Cross-site Scripting",2006-10-31,Handrix,java,remote,0 28888,platforms/hardware/remote/28888.txt,"ECI Telecom B-Focus ADSL2+ Combo332+ Wireless Router - Information Disclosure",2006-10-31,LegendaryZion,hardware,remote,0 -28889,platforms/php/webapps/28889.txt,"Netquery 4.0 - NQUser.php Cross-Site Scripting",2006-10-31,"Tal Argoni",php,webapps,0 +28889,platforms/php/webapps/28889.txt,"Netquery 4.0 - NQUser.php Cross-site Scripting",2006-10-31,"Tal Argoni",php,webapps,0 28890,platforms/php/webapps/28890.txt,"iPlanet Messaging Server - Messenger Express Expression() HTML Injection",2006-10-31,LegendaryZion,php,webapps,0 28891,platforms/php/webapps/28891.txt,"Mirapoint Web Mail - Expression() HTML Injection",2006-10-31,LegendaryZion,php,webapps,0 28892,platforms/php/webapps/28892.txt,"RSSonate - Project_Root Parameter Remote File Inclusion",2006-11-01,Arab4services,php,webapps,0 @@ -25928,22 +25928,22 @@ id,file,description,date,author,platform,type,port 28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x - SquashFS Double Free Denial of Service",2006-11-02,LMH,linux,dos,0 28896,platforms/php/webapps/28896.txt,"RunCMS 1.x - Avatar Arbitrary File Upload",2006-11-02,securfrog,php,webapps,0 28897,platforms/windows/dos/28897.txt,"Microsoft Internet Explorer 7.0 - MHTML Denial of Service",2006-11-02,"Positive Technologies",windows,dos,0 -28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 - Index.php SQL Injection",2006-11-02,Spiked,php,webapps,0 +28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 - 'index.php' SQL Injection",2006-11-02,Spiked,php,webapps,0 28899,platforms/php/webapps/28899.txt,"NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion",2006-11-07,navairum,php,webapps,0 -28900,platforms/php/webapps/28900.txt,"ac4p Mobile - index.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 +28900,platforms/php/webapps/28900.txt,"ac4p Mobile - 'index.php' Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28901,platforms/php/webapps/28901.txt,"ac4p Mobile - MobileNews.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28902,platforms/php/webapps/28902.txt,"ac4p Mobile - polls.php Multiple Parameter XSS (1)",2006-11-03,AL-garnei,php,webapps,0 28903,platforms/php/webapps/28903.txt,"ac4p Mobile - send.php cats Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28904,platforms/php/webapps/28904.txt,"ac4p Mobile - up.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28905,platforms/php/webapps/28905.txt,"ac4p Mobile - cp/index.php pagenav Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 -28906,platforms/php/webapps/28906.txt,"Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection",2006-11-03,"Benjamin Moss",php,webapps,0 -28907,platforms/php/webapps/28907.txt,"Simplog 0.9.3 - Archive.php PID Parameter Cross-Site Scripting",2006-11-03,"Benjamin Moss",php,webapps,0 +28906,platforms/php/webapps/28906.txt,"Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections",2006-11-03,"Benjamin Moss",php,webapps,0 +28907,platforms/php/webapps/28907.txt,"Simplog 0.9.3 - Archive.php PID Parameter Cross-site Scripting",2006-11-03,"Benjamin Moss",php,webapps,0 28908,platforms/php/webapps/28908.txt,"Advanced GuestBook 2.3.1 - Admin.php Remote File Inclusion",2006-11-03,BrokeN-ProXy,php,webapps,0 -28909,platforms/php/webapps/28909.txt,"IF-CMS - Index.php Cross-Site Scripting",2006-11-04,"Benjamin Moss",php,webapps,0 +28909,platforms/php/webapps/28909.txt,"IF-CMS - 'index.php' Cross-site Scripting",2006-11-04,"Benjamin Moss",php,webapps,0 28910,platforms/php/webapps/28910.pl,"PHPKit 1.6.1 - Popup.php SQL Injection",2006-11-04,x23,php,webapps,0 28911,platforms/solaris/dos/28911.txt,"Sun Solaris 10 - UFS Local Denial of Service",2006-11-04,LMH,solaris,dos,0 28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 - Install.php3 Remote File Inclusion",2006-11-06,Mahmood_ali,php,webapps,0 -28914,platforms/php/webapps/28914.txt,"Xoops 2.0.5 - NewList.php Cross-Site Scripting",2006-11-06,CvIr.System,php,webapps,0 +28914,platforms/php/webapps/28914.txt,"Xoops 2.0.5 - NewList.php Cross-site Scripting",2006-11-06,CvIr.System,php,webapps,0 28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 - RSS.php SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 28916,platforms/windows/remote/28916.rb,"America Online ICQ 5.1 - ActiveX Control Remote Code Execution",2006-11-06,"Peter Vreugdenhil",windows,remote,0 28912,platforms/linux/dos/28912.txt,"Linux Kernel 2.6.x ISO9660 - Denial of Service",2006-11-05,LMH,linux,dos,0 @@ -25968,21 +25968,21 @@ id,file,description,date,author,platform,type,port 28935,platforms/php/webapps/28935.txt,"AIOCP 1.3.x - cp_dpage.php Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 28936,platforms/php/webapps/28936.txt,"AIOCP 1.3.x - cp_show_ec_products.php Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 28937,platforms/php/webapps/28937.txt,"AIOCP 1.3.x - cp_show_page_help.php Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 -28938,platforms/php/webapps/28938.txt,"IPManager 2.3 - Index.php Cross-Site Scripting",2006-11-07,spaceballyopsolo,php,webapps,0 -28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 - Index.php Cross-Site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 +28938,platforms/php/webapps/28938.txt,"IPManager 2.3 - 'index.php' Cross-site Scripting",2006-11-07,spaceballyopsolo,php,webapps,0 +28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 - 'index.php' Cross-site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 - Languages.Lib.php Local File Inclusion",2006-11-08,ajann,php,webapps,0 -28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 - Logon.ASPX Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 -28942,platforms/php/webapps/28942.txt,"FreeWebshop 2.1/2.2 - index.php page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 -28943,platforms/php/webapps/28943.txt,"FreeWebshop 2.1/2.2 - index.php cat Parameter XSS",2006-11-08,"laurent gaffie",php,webapps,0 -28944,platforms/php/webapps/28944.txt,"Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injection",2006-11-08,"Benjamin Moss",php,webapps,0 +28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 - Logon.ASPX Cross-site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 +28942,platforms/php/webapps/28942.txt,"FreeWebshop 2.1/2.2 - 'index.php' page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 +28943,platforms/php/webapps/28943.txt,"FreeWebshop 2.1/2.2 - 'index.php' cat Parameter XSS",2006-11-08,"laurent gaffie",php,webapps,0 +28944,platforms/php/webapps/28944.txt,"Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Inclusion",2006-11-08,ajann,php,webapps,0 -28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injection",2006-11-08,"Benjamin Moss",php,webapps,0 +28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28947,platforms/php/webapps/28947.txt,"Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities",2006-11-08,"laurent gaffie",php,webapps,0 28948,platforms/osx/dos/28948.c,"Apple Mac OS X 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - newsletters/edition.php tk Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28950,platforms/php/webapps/28950.txt,"LandShop 0.6.3 - ls.php Multiple Parameter XSS",2006-11-09,"laurent gaffie",php,webapps,0 28951,platforms/php/webapps/28951.txt,"LandShop 0.6.3 - ls.php Multiple Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 -28952,platforms/php/webapps/28952.txt,"Omnistar Article Manager - Multiple SQL Injection",2006-11-09,"Benjamin Moss",php,webapps,0 +28952,platforms/php/webapps/28952.txt,"Omnistar Article Manager - Multiple SQL Injections",2006-11-09,"Benjamin Moss",php,webapps,0 28953,platforms/php/webapps/28953.txt,"Bitweaver 1.x - blogs/list_blogs.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28954,platforms/php/webapps/28954.txt,"Bitweaver 1.x - fisheye/list_galleries.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH",2013-10-14,metacom,windows,local,0 @@ -25995,12 +25995,12 @@ id,file,description,date,author,platform,type,port 28963,platforms/php/webapps/28963.txt,"Bitweaver 1.x - fisheye/index.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28964,platforms/php/webapps/28964.txt,"Bitweaver 1.x - wiki/orphan_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28965,platforms/php/webapps/28965.txt,"Bitweaver 1.x - wiki/list_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 -28966,platforms/php/webapps/28966.txt,"Drake CMS 0.2 - Index.php Cross-Site Scripting",2006-11-10,CorryL,php,webapps,0 +28966,platforms/php/webapps/28966.txt,"Drake CMS 0.2 - 'index.php' Cross-site Scripting",2006-11-10,CorryL,php,webapps,0 28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 - Pipe.php Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0Day)",2013-10-15,TheXero,php,webapps,80 -28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage param) SQL Injection",2013-10-15,drone,php,webapps,80 +28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage parameter) SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector - Cell Request Service Buffer Overflow",2013-10-15,Metasploit,windows,remote,0 28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,Metasploit,windows,remote,0 @@ -26010,14 +26010,14 @@ id,file,description,date,author,platform,type,port 28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - Functions.php Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 -28981,platforms/multiple/remote/28981.txt,"IBM WebSphere 6.0 - Faultactor Cross-Site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0 +28981,platforms/multiple/remote/28981.txt,"IBM WebSphere 6.0 - Faultactor Cross-site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0 28982,platforms/php/webapps/28982.txt,"cPanel 10 - seldir.html dir Parameter XSS",2006-11-13,"Aria-Security Team",php,webapps,0 28983,platforms/php/webapps/28983.txt,"cPanel 10 - newuser.html Multiple Parameter XSS",2006-11-13,"Aria-Security Team",php,webapps,0 28984,platforms/hp-ux/local/28984.pl,"HP Tru64 4.0/5.1 - POSIX Threads Library Local Privilege Escalation",2006-11-13,"Adriel T. Desautels",hp-ux,local,0 28985,platforms/asp/webapps/28985.txt,"20/20 Real Estate 3.2 - Listings.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 28986,platforms/asp/webapps/28986.asp,"ASP Portal 2.0/3.x/4.0 - Default1.ASP SQL Injection",2006-11-13,ajann,asp,webapps,0 28987,platforms/multiple/remote/28987.c,"Digipass Go3 - Insecure Encryption",2006-11-13,faypou,multiple,remote,0 -28988,platforms/php/webapps/28988.txt,"Roundcube Webmail 0.1 - index.php Cross-Site Scripting",2006-11-13,RSnake,php,webapps,0 +28988,platforms/php/webapps/28988.txt,"Roundcube Webmail 0.1 - 'index.php' Cross-site Scripting",2006-11-13,RSnake,php,webapps,0 28989,platforms/asp/webapps/28989.txt,"INFINICART - search.asp search Parameter XSS",2006-11-13,"laurent gaffie",asp,webapps,0 28990,platforms/asp/webapps/28990.txt,"INFINICART - sendpassword.asp email Parameter XSS",2006-11-13,"laurent gaffie",asp,webapps,0 28991,platforms/asp/webapps/28991.txt,"INFINICART - login.asp Multiple Parameter XSS",2006-11-13,"laurent gaffie",asp,webapps,0 @@ -26026,7 +26026,7 @@ id,file,description,date,author,platform,type,port 28994,platforms/asp/webapps/28994.txt,"INFINICART - browsesubcat.asp Multiple Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 28995,platforms/php/webapps/28995.txt,"WebTester 5.x - Multiple Vulnerabilities",2013-10-16,X-Cisadane,php,webapps,80 28996,platforms/windows/shellcode/28996.c,"Windows - Messagebox Shellcode (113 bytes)",2013-10-16,"Giuseppe D'Amore",windows,shellcode,0 -29151,platforms/asp/webapps/29151.txt,"Link Exchange Lite 1.0 - Multiple SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 +29151,platforms/asp/webapps/29151.txt,"Link Exchange Lite 1.0 - Multiple SQL Injections",2006-11-21,"laurent gaffie",asp,webapps,0 29152,platforms/asp/webapps/29152.txt,"JiRos Link Manager 1.0 - openlink.asp LinkID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29153,platforms/asp/webapps/29153.txt,"JiRos Link Manager 1.0 - viewlinks.asp CategoryID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29154,platforms/asp/webapps/29154.txt,"CreaDirectory 1.2 - search.asp category Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 @@ -26042,7 +26042,7 @@ id,file,description,date,author,platform,type,port 29006,platforms/php/webapps/29006.txt,"DirectAdmin 1.28/1.29 - CMD_FTP_SHOW DOMAIN Parameter XSS",2006-11-12,"Aria-Security Team",php,webapps,0 29007,platforms/osx/dos/29007.html,"Apple Safari 2.0.4 - JavaScript Regular Expression Match Remote Denial of Service",2006-11-14,jbh_cg,osx,dos,0 29008,platforms/asp/webapps/29008.txt,"FunkyASP Glossary 1.0 - Glossary.ASP SQL Injection",2006-11-14,saps.audit,asp,webapps,0 -29009,platforms/asp/webapps/29009.txt,"SitesOutlet Ecommerce Kit - Multiple SQL Injection",2006-11-15,"laurent gaffie",asp,webapps,0 +29009,platforms/asp/webapps/29009.txt,"SitesOutlet Ecommerce Kit - Multiple SQL Injections",2006-11-15,"laurent gaffie",asp,webapps,0 29010,platforms/asp/webapps/29010.txt,"SiteXpress E-Commerce System - Dept.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29011,platforms/asp/webapps/29011.txt,"ASPIntranet 2.1 - Default.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29012,platforms/asp/webapps/29012.txt,"DMXReady Site Engine Manager 1.0 - Index.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 @@ -26071,19 +26071,19 @@ id,file,description,date,author,platform,type,port 29036,platforms/windows/dos/29036.pl,"Teamtek Universal FTP Server - Multiple Commands Remote Denial of Service Vulnerabilities",2006-11-15,"Praveen Darhanam",windows,dos,0 29037,platforms/asp/webapps/29037.txt,"CandyPress Store 3.5.2 14 - openPolicy.asp policy Parameter SQL Injection",2006-11-15,"laurent gaffie",asp,webapps,0 29038,platforms/asp/webapps/29038.txt,"CandyPress Store 3.5.2 14 - prodList.asp brand Parameter SQL Injection",2006-11-15,"laurent gaffie",asp,webapps,0 -29040,platforms/asp/webapps/29040.txt,"High Performance Computers Solutions Shopping Cart - Multiple SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 -29041,platforms/asp/webapps/29041.txt,"Yetihost Helm 3.2.10 - Multiple Cross-Site Scripting Vulnerabilities",2006-11-15,"Aria-Security Team",asp,webapps,0 +29040,platforms/asp/webapps/29040.txt,"High Performance Computers Solutions Shopping Cart - Multiple SQL Injections",2006-11-14,"laurent gaffie",asp,webapps,0 +29041,platforms/asp/webapps/29041.txt,"Yetihost Helm 3.2.10 - Multiple Cross-site Scripting Vulnerabilities",2006-11-15,"Aria-Security Team",asp,webapps,0 29042,platforms/asp/webapps/29042.txt,"Dragon Internet Events Listing 2.0.01 - venue_detail.asp VenueID Parameter SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 29043,platforms/asp/webapps/29043.txt,"Dragon Internet Events Listing 2.0.01 - event_searchdetail.asp ID Parameter SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 29044,platforms/asp/webapps/29044.txt,"Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 -29045,platforms/windows/remote/29045.txt,"Selenium Web Server 1.0 - XSS",2006-11-15,"Greg Linares",windows,remote,0 +29045,platforms/windows/remote/29045.txt,"Selenium Web Server 1.0 - Cross-site Scripting",2006-11-15,"Greg Linares",windows,remote,0 29046,platforms/asp/webapps/29046.txt,"ASPIntranet 2.1 - Mutiple SQL Injection",2006-11-15,"Aria-Security Team",asp,webapps,0 29047,platforms/php/webapps/29047.txt,"Hot Links - Perl PHP Information Disclosure",2006-11-15,hack2prison,php,webapps,0 29048,platforms/asp/webapps/29048.txt,"i-Gallery 3.4 - igallery.asp Multiple Parameter XSS",2006-11-16,"Aria-Security Team",asp,webapps,0 -29049,platforms/php/webapps/29049.txt,"BlogTorrent Preview 0.92 - Announce.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 -29050,platforms/php/webapps/29050.txt,"Odysseus Blog 1.0 - Blog.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 -29051,platforms/php/webapps/29051.txt,"Sphpblog 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2006-11-16,the_Edit0r,php,webapps,0 -29052,platforms/php/webapps/29052.txt,"Bloo 1.00 - Googlespell_Proxy.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 +29049,platforms/php/webapps/29049.txt,"BlogTorrent Preview 0.92 - Announce.php Cross-site Scripting",2006-11-16,the_Edit0r,php,webapps,0 +29050,platforms/php/webapps/29050.txt,"Odysseus Blog 1.0 - Blog.php Cross-site Scripting",2006-11-16,the_Edit0r,php,webapps,0 +29051,platforms/php/webapps/29051.txt,"Sphpblog 0.8 - Multiple Cross-site Scripting Vulnerabilities",2006-11-16,the_Edit0r,php,webapps,0 +29052,platforms/php/webapps/29052.txt,"Bloo 1.00 - Googlespell_Proxy.php Cross-site Scripting",2006-11-16,the_Edit0r,php,webapps,0 29053,platforms/asp/webapps/29053.txt,"Image gallery with Access Database - dispimage.asp id Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 29054,platforms/asp/webapps/29054.txt,"Image gallery with Access Database - default.asp Multiple Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 29055,platforms/php/webapps/29055.txt,"Eggblog 3.1 - admin/articles.php edit Parameter XSS",2006-11-16,the_Edit0r,php,webapps,0 @@ -26099,20 +26099,20 @@ id,file,description,date,author,platform,type,port 29065,platforms/php/webapps/29065.txt,"WHMCS 5.2.8 - SQL Injection",2013-10-19,g00n,php,webapps,0 29150,platforms/php/webapps/29150.txt,"WordPress SAICO Theme 1.0-1.0.2 - Arbitrary File Upload",2013-10-24,"Byakuya Kouta",php,webapps,0 29148,platforms/windows/dos/29148.txt,"ASF Demux for VLC 2.0.x - DoS (POC)",2013-10-23,"Pedro Ribeiro",windows,dos,0 -29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 - Admin.PL Cross-Site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 -29222,platforms/php/webapps/29222.txt,"Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting",2006-12-04,"En Douli",php,webapps,0 +29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 - Admin.PL Cross-site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 +29222,platforms/php/webapps/29222.txt,"Cerberus Helpdesk 2.x - Spellwin.php Cross-site Scripting",2006-12-04,"En Douli",php,webapps,0 29068,platforms/php/webapps/29068.txt,"WordPress Area53 theme - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 29069,platforms/windows/local/29069.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Local Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 29070,platforms/windows/local/29070.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Local Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 -29071,platforms/php/webapps/29071.txt,"CPanel 10 - DNSlook.HTML Cross-Site Scripting",2006-11-17,"Aria-Security Team",php,webapps,0 +29071,platforms/php/webapps/29071.txt,"CPanel 10 - DNSlook.HTML Cross-site Scripting",2006-11-17,"Aria-Security Team",php,webapps,0 29072,platforms/php/webapps/29072.txt,"PHP Upload Tool 1.0 - Arbitrary File Upload / Directory Traversal",2006-11-17,"Craig Heffner",php,webapps,0 -29073,platforms/asp/webapps/29073.txt,"ASPCart 4.5 - Multiple SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 -29074,platforms/asp/webapps/29074.txt,"20/20 Real Estate 3.2 - Multiple SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 -29075,platforms/asp/webapps/29075.txt,"20/20 Auto Gallery 3.2 - Multiple SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 +29073,platforms/asp/webapps/29073.txt,"ASPCart 4.5 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 +29074,platforms/asp/webapps/29074.txt,"20/20 Real Estate 3.2 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 +29075,platforms/asp/webapps/29075.txt,"20/20 Auto Gallery 3.2 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 29076,platforms/windows/dos/29076.html,"Adobe Reader 7.0.x - Multiple Vulnerabilities",2006-11-17,"Michal Bucko",windows,dos,0 29077,platforms/asp/webapps/29077.txt,"20/20 Applications Data Shed 1.0 - f-email.asp itemID Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29078,platforms/asp/webapps/29078.txt,"20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 -29079,platforms/php/webapps/29079.txt,"VBulletin 3.6.x - Admin Control Panel Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 +29079,platforms/php/webapps/29079.txt,"VBulletin 3.6.x - Admin Control Panel Index.php Multiple Cross-site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component - Multiple Field SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site - login_form.asp msg Parameter XSS",2006-11-17,"laurent gaffie",asp,webapps,0 29085,platforms/asp/webapps/29085.txt,"A-CART 2.0 - category.asp catcode Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 @@ -26128,9 +26128,9 @@ id,file,description,date,author,platform,type,port 29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29093,platforms/asp/webapps/29093.txt,"Texas Rankem - player.asp selPlayer Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 29094,platforms/asp/webapps/29094.txt,"Texas Rankem - tournaments.asp tournament_id Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 -29095,platforms/php/webapps/29095.txt,"Blog:CMS 4.1.3 - List.php Cross-Site Scripting",2006-11-18,Katatafish,php,webapps,0 +29095,platforms/php/webapps/29095.txt,"Blog:CMS 4.1.3 - List.php Cross-site Scripting",2006-11-18,Katatafish,php,webapps,0 29096,platforms/windows/remote/29096.rb,"NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow",2006-11-18,"Laurent Butti",windows,remote,0 -29097,platforms/php/webapps/29097.txt,"Boonex 2.0 Dolphin - Index.php Remote File Inclusion",2006-11-20,S.W.A.T.,php,webapps,0 +29097,platforms/php/webapps/29097.txt,"Boonex 2.0 Dolphin - 'index.php' Remote File Inclusion",2006-11-20,S.W.A.T.,php,webapps,0 29098,platforms/php/webapps/29098.txt,"BirdBlog 1.4 - /admin/admincore.php msg Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 29099,platforms/php/webapps/29099.txt,"BirdBlog 1.4 - /admin/comments.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 29100,platforms/php/webapps/29100.txt,"BirdBlog 1.4 - /admin/entries.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 @@ -26158,7 +26158,7 @@ id,file,description,date,author,platform,type,port 29123,platforms/asp/webapps/29123.txt,"Enthrallweb eHomes - result.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29124,platforms/asp/webapps/29124.txt,"Enthrallweb eHomes - result.asp Multiple Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 29125,platforms/windows/local/29125.txt,"Avira Internet Security - avipbb.sys Filter Bypass and Privilege Escalation",2013-10-22,"Ahmad Moghimi",windows,local,0 -29126,platforms/asp/webapps/29126.txt,"Gnews Publisher - Multiple SQL Injection",2006-11-20,"Aria-Security Team",asp,webapps,0 +29126,platforms/asp/webapps/29126.txt,"Gnews Publisher - Multiple SQL Injections",2006-11-20,"Aria-Security Team",asp,webapps,0 29127,platforms/hardware/remote/29127.rb,"D-Link DIR-605L - Captcha Handling Buffer Overflow",2013-10-22,Metasploit,hardware,remote,80 29128,platforms/php/webapps/29128.txt,"Vikingboard 0.1.2 - admin.php act Parameter Traversal Arbitrary File Access",2006-11-20,"laurent gaffie",php,webapps,0 29129,platforms/windows/remote/29129.rb,"Interactive Graphical SCADA System - Remote Command Injection",2013-10-22,Metasploit,windows,remote,12397 @@ -26182,9 +26182,9 @@ id,file,description,date,author,platform,type,port 29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - NWSPOOL.DLL Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 34371,platforms/windows/local/34371.py,"BlazeDVD Pro 7.0 - (.plf) Buffer Overflow (SEH)",2014-08-20,metacom,windows,local,0 29161,platforms/osx/dos/29161.txt,"Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 -29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 -29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - Result Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 -29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities",2006-12-02,Detefix,php,webapps,0 +29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-site Scripting",2006-11-21,the_Edit0r,php,webapps,0 +29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - Result Parameter Cross-site Scripting",2006-12-02,Detefix,php,webapps,0 +29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - Link_Temp.php Multiple Cross-site Scripting Vulnerabilities",2006-12-02,Detefix,php,webapps,0 29219,platforms/asp/webapps/29219.txt,"DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 29220,platforms/asp/webapps/29220.html,"Metyus Okul Yonetim 1.0 - Sistemi Uye_giris_islem.ASP SQL Injection",2006-12-04,ShaFuck31,asp,webapps,0 29164,platforms/windows/dos/29164.cpp,"FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption",2013-10-24,"Arash Allebrahim",windows,dos,0 @@ -26199,13 +26199,13 @@ id,file,description,date,author,platform,type,port 29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 - HTMLMARQ.OCX Library Denial of Service",2006-11-22,"Michal Bucko",windows,dos,0 29173,platforms/php/webapps/29173.txt,"Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 29174,platforms/asp/webapps/29174.txt,"MidiCart ASP - Item_Show.ASP ID2006quant Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 -29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 - System SP_Index.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 +29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 - System SP_Index.php Cross-site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 29176,platforms/asp/webapps/29176.txt,"ASP ListPics 5.0 - Listpics.ASP SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 -29177,platforms/php/webapps/29177.txt,"MMGallery 1.55 - Thumbs.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 +29177,platforms/php/webapps/29177.txt,"MMGallery 1.55 - Thumbs.php Cross-site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 29178,platforms/asp/webapps/29178.txt,"Fixit iDms Pro Image Gallery - filelist.asp Multiple Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29179,platforms/asp/webapps/29179.txt,"Fixit iDms Pro Image Gallery - showfile.asp fid Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29180,platforms/asp/webapps/29180.txt,"SIAP CMS - Login.ASP SQL Injection",2006-11-25,nagazakig74,asp,webapps,0 -29181,platforms/php/webapps/29181.txt,"CPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities",2006-11-25,"Aria-Security Team",php,webapps,0 +29181,platforms/php/webapps/29181.txt,"CPanel 11 Beta - Multiple Cross-site Scripting Vulnerabilities",2006-11-25,"Aria-Security Team",php,webapps,0 29182,platforms/php/webapps/29182.txt,"cPanel WebHost Manager 3.1 - dochangeemail email Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29183,platforms/php/webapps/29183.txt,"cPanel WebHost Manager 3.1 - addon_configsupport.cgi supporturl Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29184,platforms/php/webapps/29184.txt,"cPanel WebHost Manager 3.1 - editpkg pkg Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 @@ -26213,7 +26213,7 @@ id,file,description,date,author,platform,type,port 29186,platforms/php/webapps/29186.txt,"cPanel WebHost Manager 3.1 - editzone domain Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29187,platforms/php/webapps/29187.txt,"cPanel WebHost Manager 3.1 - dofeaturemanager feature Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 - park ndomain Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 -29189,platforms/asp/webapps/29189.txt,"fipsShop - Multiple SQL Injection",2006-11-25,"Aria-Security Team",asp,webapps,0 +29189,platforms/asp/webapps/29189.txt,"fipsShop - Multiple SQL Injections",2006-11-25,"Aria-Security Team",asp,webapps,0 29190,platforms/osx/local/29190.txt,"Apple Mac OS X 10.4.x - Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 29191,platforms/asp/webapps/29191.txt,"ClickContact - Default.ASP Multiple SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29192,platforms/asp/webapps/29192.txt,"Clickblog - Displaycalendar.ASP SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 @@ -26227,9 +26227,9 @@ id,file,description,date,author,platform,type,port 29200,platforms/php/webapps/29200.txt,"b2evolution 1.8.2/1.9 - _referer_spam.page.php Multiple Parameter XSS",2006-11-16,"lotto fischer",php,webapps,0 29201,platforms/osx/local/29201.c,"Apple Mac OS X 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption",2006-11-29,LMH,osx,local,0 29202,platforms/php/webapps/29202.txt,"Seditio1.10 /Land Down 8.0 Under - Polls.php SQL Injection",2006-11-30,ajann,php,webapps,0 -29203,platforms/php/webapps/29203.php,"Woltlab Burning Board 2.3.x - Register.php Cross-Site Scripting",2006-11-30,blueshisha,php,webapps,0 +29203,platforms/php/webapps/29203.php,"Woltlab Burning Board 2.3.x - Register.php Cross-site Scripting",2006-11-30,blueshisha,php,webapps,0 29204,platforms/netbsd_x86/dos/29204.pl,"NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow",2006-12-01,kcope,netbsd_x86,dos,0 -29205,platforms/php/webapps/29205.txt,"Invision Gallery 2.0.7 - Index.php IMG Parameter SQL Injection",2006-12-01,infection,php,webapps,0 +29205,platforms/php/webapps/29205.txt,"Invision Gallery 2.0.7 - 'index.php' IMG Parameter SQL Injection",2006-12-01,infection,php,webapps,0 29262,platforms/hardware/webapps/29262.pl,"Pirelli Discus DRG A125g - Password Disclosure",2013-10-28,"Sebastián Magof",hardware,webapps,0 29207,platforms/php/webapps/29207.txt,"DZCP (deV!L_z Clanportal) 1.3.6 - Show Parameter SQL Injection",2006-12-01,"Tim Weber",php,webapps,0 29231,platforms/asp/webapps/29231.txt,"Dol Storye - Dettaglio.ASP Multiple SQL Injection",2006-12-06,WarGame,asp,webapps,0 @@ -26238,7 +26238,7 @@ id,file,description,date,author,platform,type,port 29234,platforms/windows/local/29234.py,"VideoCharge Studio 2.12.3.685 - Buffer Overflow (SEH)",2013-10-27,metacom,windows,local,0 29210,platforms/php/remote/29210.rb,"Open Flash Chart 2 - Arbitrary File Upload",2013-10-26,Metasploit,php,remote,80 29230,platforms/windows/remote/29230.html,"Citrix Presentation Server Client 9.200 - WFICA.OCX ActiveX Component Heap Buffer Overflow",2006-12-06,"Andrew Christensen",windows,remote,0 -29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 - Error.php Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 +29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 - Error.php Cross-site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 29224,platforms/asp/webapps/29224.txt,"UApplication UGuestbook 1.0 - Index.ASP SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0 29225,platforms/php/webapps/29225.txt,"ac4p Mobile - up.php Taaa Parameter XSS",2006-12-04,SwEET-DeViL,php,webapps,0 29226,platforms/php/webapps/29226.txt,"ac4p Mobile - polls.php Multiple Parameter XSS (2)",2006-12-04,SwEET-DeViL,php,webapps,0 @@ -26247,11 +26247,11 @@ id,file,description,date,author,platform,type,port 29229,platforms/windows/dos/29229.txt,"Microsoft Internet Explorer 6.0 - Frame Src Denial of Service",2006-12-05,"Juan Pablo Lopez",windows,dos,0 29328,platforms/php/webapps/29328.txt,"ImpressPages CMS 3.6 - Remote Arbitrary File Deletion",2013-11-01,LiquidWorm,php,webapps,0 29236,platforms/windows/dos/29236.html,"Microsoft Internet Explorer 7.0 - CSS Width Element Denial of Service",2006-12-06,xiam.core,windows,dos,0 -29237,platforms/php/webapps/29237.txt,"CPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting",2006-12-08,"Aria-Security Team",php,webapps,0 -29238,platforms/php/webapps/29238.txt,"cPanel Web Hosting Manager 3.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-12-08,"Aria-Security Team",php,webapps,0 +29237,platforms/php/webapps/29237.txt,"CPanel 11 BoxTrapper - Manage.HTML Cross-site Scripting",2006-12-08,"Aria-Security Team",php,webapps,0 +29238,platforms/php/webapps/29238.txt,"cPanel Web Hosting Manager 3.1 - Multiple Cross-site Scripting Vulnerabilities",2006-12-08,"Aria-Security Team",php,webapps,0 29239,platforms/php/local/29239.txt,"PHP 5.2 - Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass",2006-12-08,"Maksymilian Arciemowicz",php,local,0 29240,platforms/asp/webapps/29240.txt,"Cilem Haber Free Edition - hata.asp hata Parameter XSS",2006-12-08,ShaFuck31,asp,webapps,0 -29241,platforms/asp/webapps/29241.txt,"MaviPortal - Arama.ASP Cross-Site Scripting",2006-12-09,St@rExT,asp,webapps,0 +29241,platforms/asp/webapps/29241.txt,"MaviPortal - Arama.ASP Cross-site Scripting",2006-12-09,St@rExT,asp,webapps,0 29242,platforms/php/webapps/29242.txt,"Messageriescripthp 2.0 - lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29243,platforms/php/webapps/29243.txt,"Messageriescripthp 2.0 - existepseudo.php pseudo Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29244,platforms/php/webapps/29244.txt,"Messageriescripthp 2.0 - existeemail.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 @@ -26270,7 +26270,7 @@ id,file,description,date,author,platform,type,port 29258,platforms/php/webapps/29258.txt,"PHP RSS Reader 2010 - SQL Injection",2013-10-28,"mishal abdullah",php,webapps,0 29273,platforms/hardware/remote/29273.pl,"WatchGuard Firewall XTM 11.7.4u1 - Remote Buffer Overflow",2013-10-29,st3n,hardware,remote,8080 29263,platforms/windows/local/29263.pl,"BlazeDVD 6.2 - (.plf) Buffer Overflow (SEH)",2013-10-28,"Mike Czumak",windows,local,0 -29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4 / 1.5 - Multiple SQL Injection",2013-10-28,Vulnerability-Lab,php,webapps,0 +29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4 / 1.5 - Multiple SQL Injections",2013-10-28,Vulnerability-Lab,php,webapps,0 29265,platforms/php/webapps/29265.txt,"ILIAS eLearning CMS 4.3.4 & 4.4 - Persistent XSS",2013-10-29,Vulnerability-Lab,php,webapps,0 29266,platforms/hardware/webapps/29266.txt,"Stem Innovation - 'IZON' Hard-coded Credentials",2013-10-29,"Mark Stanislav",hardware,webapps,0 29267,platforms/php/webapps/29267.txt,"ProNews 1.5 - admin/change.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 @@ -26278,7 +26278,7 @@ id,file,description,date,author,platform,type,port 29269,platforms/php/webapps/29269.txt,"ProNews 1.5 - lire-avis.php aa Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c - Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 29271,platforms/asp/webapps/29271.txt,"AppIntellect SpotLight CRM - Login.ASP SQL Injection",2006-12-09,ajann,asp,webapps,0 -29272,platforms/php/webapps/29272.txt,"CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting",2006-12-11,Nicokiller,php,webapps,0 +29272,platforms/php/webapps/29272.txt,"CMS Made Simple 1.0.2 - SearchInput Cross-site Scripting",2006-12-11,Nicokiller,php,webapps,0 29280,platforms/php/webapps/29280.txt,"GTX CMS 2013 Optima - SQL Injection",2013-10-29,Vulnerability-Lab,php,webapps,0 29281,platforms/windows/remote/29281.txt,"Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities",2006-12-14,"Brett Moore",windows,remote,0 29282,platforms/php/webapps/29282.txt,"GenesisTrader 1.0 - form.php Arbitrary File Source Disclosure",2006-12-14,Mr_KaLiMaN,php,webapps,0 @@ -26287,7 +26287,7 @@ id,file,description,date,author,platform,type,port 29285,platforms/windows/dos/29285.txt,"Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk DoS",2006-12-15,shinnai,windows,dos,0 29286,platforms/windows/dos/29286.txt,"Microsoft Windows Explorer - explorer.exe WMV File Handling DoS",2006-12-15,shinnai,windows,dos,0 29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall - HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",windows,dos,0 -29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst - Multiple Cross-Site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 +29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst - Multiple Cross-site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 - Fusion_Forum_View.php Local File Inclusion",2006-12-16,Kacper,php,webapps,0 29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,php,remote,80 29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 - Haber.ASP SQL Injection",2006-12-16,ShaFuck31,asp,webapps,0 @@ -26295,8 +26295,8 @@ id,file,description,date,author,platform,type,port 29295,platforms/windows/dos/29295.html,"Microsoft Outlook - ActiveX Control Remote Internet Explorer Denial of Service",2006-12-18,shinnai,windows,dos,0 29296,platforms/linux/dos/29296.txt,"KDE LibkHTML 4.2 - NodeType Function Denial of Service",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 29297,platforms/hardware/dos/29297.py,"HP Printer FTP Print Server 2.4.5 - List Command Buffer Overflow",2006-12-19,"Joxean Koret",hardware,dos,0 -29298,platforms/php/webapps/29298.txt,"OSTicket 1.2/1.3 Support Cards - View.php Cross-Site Scripting",2006-12-19,"Hacker CooL",php,webapps,0 -29299,platforms/php/webapps/29299.txt,"Mini Web Shop 2.1.c - View.php Viewcategory.php Cross-Site Scripting",2006-12-19,Linux_Drox,php,webapps,0 +29298,platforms/php/webapps/29298.txt,"OSTicket 1.2/1.3 Support Cards - View.php Cross-site Scripting",2006-12-19,"Hacker CooL",php,webapps,0 +29299,platforms/php/webapps/29299.txt,"Mini Web Shop 2.1.c - View.php Viewcategory.php Cross-site Scripting",2006-12-19,Linux_Drox,php,webapps,0 29300,platforms/php/webapps/29300.txt,"Typo3 3.7/3.8/4.0 - Class.TX_RTEHTMLArea_PI1.php Multiple Remote Command Execution Vulnerabilities",2006-12-20,"D. Fabian",php,webapps,0 29301,platforms/jsp/webapps/29301.txt,"Oracle Portal 9.0.2 - Calendar.JSP Multiple HTTP Response Splitting Vulnerabilities",2006-12-20,"putosoft softputo",jsp,webapps,0 29302,platforms/linux/remote/29302.txt,"Mono XSP 1.x/2.0 - Source Code Information Disclosure",2006-12-20,jose.palanco,linux,remote,0 @@ -26304,13 +26304,13 @@ id,file,description,date,author,platform,type,port 29304,platforms/php/webapps/29304.txt,"Calacode @Mail Webmail 4.51 - Filtering Engine HTML Injection",2006-12-20,"Philippe C. Caturegli",php,webapps,0 29292,platforms/windows/webapps/29292.txt,"XAMPP for Windows 1.8.2 - Blind SQL Injection",2013-10-29,"Sebastián Magof",windows,webapps,0 29305,platforms/multiple/dos/29305.txt,"FTPRush 1.0.610 - Host Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",multiple,dos,0 -29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 - Unspecified Cross-Site Scripting",2006-12-22,Fukumori,php,webapps,0 +29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 - Unspecified Cross-site Scripting",2006-12-22,Fukumori,php,webapps,0 29307,platforms/windows/dos/29307.c,"Softmaker Office 2012 - TextMaker Memory Corruption",2013-10-30,"Arash Allebrahim",windows,dos,0 -29308,platforms/php/webapps/29308.txt,"Oracle Portal 9i/10g - Container_Tabs.JSP Cross-Site Scripting",2006-12-22,"putosoft softputo",php,webapps,0 -29309,platforms/windows/local/29309.pl,"AudioCoder 0.8.22 - (.m3u) SEH Buffer Overflow",2013-10-30,"Mike Czumak",windows,local,0 +29308,platforms/php/webapps/29308.txt,"Oracle Portal 9i/10g - Container_Tabs.JSP Cross-site Scripting",2006-12-22,"putosoft softputo",php,webapps,0 +29309,platforms/windows/local/29309.pl,"AudioCoder 0.8.22 - '.m3u' SEH Buffer Overflow",2013-10-30,"Mike Czumak",windows,local,0 29310,platforms/multiple/dos/29310.txt,"WikiReader 1.12 - URL Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",multiple,dos,0 29311,platforms/php/webapps/29311.txt,"Xt-News 0.1 - add_comment.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 -29312,platforms/hardware/webapps/29312.txt,"Unicorn Router WB-3300NR - CSRF (Factory Reset/DNS Change)",2013-10-30,absane,hardware,webapps,0 +29312,platforms/hardware/webapps/29312.txt,"Unicorn Router WB-3300NR - Cross-site Request Forgery (Factory Reset/DNS Change)",2013-10-30,absane,hardware,webapps,0 29313,platforms/php/webapps/29313.txt,"Xt-News 0.1 - show_news.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 29314,platforms/php/webapps/29314.txt,"Xt-News 0.1 - show_news.php id_news Parameter SQL Injection",2006-12-22,Mr_KaLiMaN,php,webapps,0 29316,platforms/php/remote/29316.py,"Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)",2013-10-31,noptrix,php,remote,0 @@ -26336,10 +26336,10 @@ id,file,description,date,author,platform,type,port 29334,platforms/cfm/webapps/29334.txt,"Future Internet - index.cfm Multiple Parameter SQL Injection",2006-12-23,Linux_Drox,cfm,webapps,0 29335,platforms/cfm/webapps/29335.txt,"Future Internet - index.cfm categoryId Parameter XSS",2006-12-23,Linux_Drox,cfm,webapps,0 29336,platforms/asp/webapps/29336.txt,"Chatwm 1.0 - SelGruFra.ASP SQL Injection",2006-12-24,ShaFuq31,asp,webapps,0 -29337,platforms/php/webapps/29337.txt,"TimberWolf 1.2.2 - ShowNews.php Cross-Site Scripting",2006-12-24,CorryL,php,webapps,0 +29337,platforms/php/webapps/29337.txt,"TimberWolf 1.2.2 - ShowNews.php Cross-site Scripting",2006-12-24,CorryL,php,webapps,0 29338,platforms/php/webapps/29338.txt,"VBulletin 3.5.x/3.6.x - SWF Script Injection",2006-12-25,"Ashraf Morad",php,webapps,0 29339,platforms/php/webapps/29339.txt,"PHP Live! 3.2.2 - setup/transcripts.php search_string Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 -29340,platforms/php/webapps/29340.txt,"PHP Live! 3.2.2 - index.php l Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 +29340,platforms/php/webapps/29340.txt,"PHP Live! 3.2.2 - 'index.php' l Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 29341,platforms/php/webapps/29341.txt,"PHP Live! 3.2.2 - phplive/message_box.php Multiple Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 29342,platforms/php/webapps/29342.txt,"Luckybot 3 - DIR Parameter Multiple Remote File Inclusion",2006-12-26,Red_Casper,php,webapps,0 29343,platforms/php/webapps/29343.txt,"phpCMS 1.1.7 - counter.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0 @@ -26353,8 +26353,8 @@ id,file,description,date,author,platform,type,port 29351,platforms/php/webapps/29351.txt,"phpCMS 1.1.7 - include/class.lib_indexer_universal_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0 29352,platforms/php/webapps/29352.txt,"phpCMS 1.1.7 - include/class.layout_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0 29375,platforms/php/webapps/29375.txt,"Simplog 0.9.3 - Archive.php SQL Injection",2007-01-02,"Javor Ninov",php,webapps,0 -29376,platforms/php/webapps/29376.txt,"VCard Pro - GBrowse.php Cross-Site Scripting",2007-01-02,exexp,php,webapps,0 -29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 +29376,platforms/php/webapps/29376.txt,"VCard Pro - GBrowse.php Cross-site Scripting",2007-01-02,exexp,php,webapps,0 +29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 29473,platforms/linux/dos/29473.txt,"Squid Proxy 2.5/2.6 - FTP URI Remote Denial of Service",2007-01-16,"David Duncan Ross Palmer",linux,dos,0 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 - File Mailer Login SQL Injection",2007-01-16,CorryL,php,webapps,0 29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - Template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 @@ -26372,8 +26372,8 @@ id,file,description,date,author,platform,type,port 29368,platforms/php/webapps/29368.txt,"PHP iCalendar 1.1/2.x - rss/index.php getdate Parameter XSS",2006-12-27,Lostmon,php,webapps,0 29369,platforms/php/webapps/29369.txt,"PHP iCalendar 1.1/2.x - print.php getdate Parameter XSS",2006-12-27,Lostmon,php,webapps,0 29370,platforms/php/webapps/29370.txt,"PHP iCalendar 1.1/2.x - preferences.php Multiple Parameter XSS",2006-12-27,Lostmon,php,webapps,0 -29371,platforms/multiple/remote/29371.txt,"Oracle 10g - Portal Key Parameter Cross-Site Scripting",2006-12-29,"Pham Duc Hai",multiple,remote,0 -29372,platforms/php/webapps/29372.txt,"Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities",2006-12-29,"viP HaCKEr",php,webapps,0 +29371,platforms/multiple/remote/29371.txt,"Oracle 10g - Portal Key Parameter Cross-site Scripting",2006-12-29,"Pham Duc Hai",multiple,remote,0 +29372,platforms/php/webapps/29372.txt,"Mobilelib Gold - Multiple Cross-site Scripting Vulnerabilities",2006-12-29,"viP HaCKEr",php,webapps,0 29373,platforms/asp/webapps/29373.txt,"Spooky 2.7 - login/register.asp SQL Injection",2006-12-30,Doz,asp,webapps,0 29374,platforms/windows/local/29374.txt,"Kerio Personal Firewall 4.3 - IPHLPAPI.DLL Local Privilege Escalation",2007-01-01,"Matousec Transparent security",windows,local,0 29377,platforms/php/webapps/29377.txt,"AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 @@ -26382,8 +26382,8 @@ id,file,description,date,author,platform,type,port 29380,platforms/php/webapps/29380.txt,"AShop Deluxe 4.5 - shipping.php Multiple Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 29381,platforms/php/webapps/29381.txt,"AShop Deluxe 4.5 - admin/editcatalogue.php cat Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 29382,platforms/php/webapps/29382.txt,"AShop Deluxe 4.5 - admin/salesadmin.php resultpage Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 -29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin - Open Parameters Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 -29384,platforms/php/webapps/29384.txt,"RI Blog 1.3 - Search.ASP Cross-Site Scripting",2007-01-05,ShaFuck31,php,webapps,0 +29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin - Open Parameters Cross-site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 +29384,platforms/php/webapps/29384.txt,"RI Blog 1.3 - Search.ASP Cross-site Scripting",2007-01-05,ShaFuck31,php,webapps,0 29385,platforms/asp/webapps/29385.txt,"Kolayindir Download - Down.ASP SQL Injection",2007-01-05,ShaFuck31,asp,webapps,0 29387,platforms/windows/dos/29387.pl,"Plogue Sforzando 1.665 - (SEH) Buffer Overflow PoC",2013-11-03,"Mike Czumak",windows,dos,0 29475,platforms/multiple/remote/29475.txt,"Oracle January 2007 Security Update - Multiple Vulnerabilities",2007-01-16,"Esteban Martinez Fayo",multiple,remote,0 @@ -26399,11 +26399,11 @@ id,file,description,date,author,platform,type,port 29397,platforms/php/webapps/29397.php,"Coppermine Photo Gallery 1.x - Albmgr.php SQL Injection",2007-01-05,DarkFig,php,webapps,0 29398,platforms/asp/webapps/29398.txt,"Shopstorenow E-commerce Shopping Cart - Orange.ASP SQL Injection",2007-01-06,IbnuSina,asp,webapps,0 29399,platforms/linux/dos/29399.txt,"Multiple PDF Readers - Multiple Remote Buffer Overflow",2007-01-06,LMH,linux,dos,0 -29400,platforms/novell/remote/29400.txt,"Novell Access Manager 3 - Identity Server IssueInstant Parameter Cross-Site Scripting",2007-01-08,anonymous,novell,remote,0 +29400,platforms/novell/remote/29400.txt,"Novell Access Manager 3 - Identity Server IssueInstant Parameter Cross-site Scripting",2007-01-08,anonymous,novell,remote,0 29401,platforms/asp/webapps/29401.txt,"CreateAuction - Cats.ASP SQL Injection",2007-01-08,IbnuSina,asp,webapps,0 29402,platforms/hardware/dos/29402.txt,"Packeteer PacketShaper 8.0 - Multiple Buffer Overflow Denial of Service Vulnerabilities",2007-01-08,kian.mohageri,hardware,dos,0 29403,platforms/windows/local/29403.txt,"HP Multiple Products PML Driver HPZ12 - Local Privilege Escalation",2007-01-08,Sowhat,windows,local,0 -29404,platforms/php/webapps/29404.txt,"MediaWiki 1.x - AJAX Index.php Cross-Site Scripting",2007-01-09,"Moshe Ben-Abu",php,webapps,0 +29404,platforms/php/webapps/29404.txt,"MediaWiki 1.x - AJAX Index.php Cross-site Scripting",2007-01-09,"Moshe Ben-Abu",php,webapps,0 29405,platforms/php/webapps/29405.txt,"PHPKit 1.6.1 - Comment.php SQL Injection",2007-01-09,yorn,php,webapps,0 29406,platforms/solaris/dos/29406.c,"Sun Solaris 9 - RPC Request Denial of Service",2007-01-09,"Federico L. Bossi Bonin",solaris,dos,0 29407,platforms/php/webapps/29407.txt,"Magic Photo Storage Website - admin/admin_password.php _config[site_path] Parameter Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 @@ -26434,11 +26434,11 @@ id,file,description,date,author,platform,type,port 29432,platforms/php/webapps/29432.txt,"Magic Photo Storage Website - user/user_email.php _config[site_path] Parameter Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29433,platforms/php/webapps/29433.txt,"Magic Photo Storage Website - user/user_extend.php _config[site_path] Parameter Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29434,platforms/php/webapps/29434.txt,"Magic Photo Storage Website - user/user_membership_password.php _config[site_path] Parameter Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 -29435,platforms/multiple/webapps/29435.txt,"Apache Tomcat 5.5.25 - CSRF",2013-11-04,"Ivano Binetti",multiple,webapps,0 +29435,platforms/multiple/webapps/29435.txt,"Apache Tomcat 5.5.25 - Cross-site Request Forgery",2013-11-04,"Ivano Binetti",multiple,webapps,0 29436,platforms/linux_mips/shellcode/29436.asm,"Linux/MIPS - (Little Endian) Reverse Shell (192.168.1.177:31337) Shellcode (200 bytes)",2013-11-04,"Jacob Holcomb",linux_mips,shellcode,0 29437,platforms/php/webapps/29437.txt,"Easy Banner Pro 2.8 - info.php Remote File Inclusion",2007-01-07,rUnViRuS,php,webapps,0 29438,platforms/php/webapps/29438.txt,"Edit-X - Edit_Address.php Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 -29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 +29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-site Scripting",2007-01-09,Khalsa,multiple,remote,0 29441,platforms/osx/dos/29441.txt,"Apple Mac OS X 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - Privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 29443,platforms/windows/dos/29443.py,"VideoLan VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 @@ -26468,13 +26468,13 @@ id,file,description,date,author,platform,type,port 29463,platforms/windows/dos/29463.c,"Ipswitch WS_FTP 2007 Professional - WSFTPURL.EXE Local Memory Corruption",2007-01-15,LMH,windows,dos,0 29464,platforms/php/webapps/29464.txt,"Liens_Dynamiques 2.1 - AdminLien.php Security Restriction Bypass",2007-01-15,sn0oPy,php,webapps,0 29465,platforms/windows/local/29465.txt,"Outpost Firewall PRO 4.0 - Local Privilege Escalation",2007-01-15,"Matousec Transparent security",windows,local,0 -29466,platforms/php/webapps/29466.txt,"Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2007-01-15,sn0oPy,php,webapps,0 +29466,platforms/php/webapps/29466.txt,"Liens_Dynamiques 2.1 - Multiple Unspecified Cross-site Scripting Vulnerabilities",2007-01-15,sn0oPy,php,webapps,0 29467,platforms/linux/local/29467.c,"Rixstep Undercover - Local Privilege Escalation",2007-01-15,"Rixstep Pwned",linux,local,0 29468,platforms/php/webapps/29468.txt,"Jax Petition Book 3.06 - jax_petitionbook.php languagepack Parameter Local File Inclusion",2007-01-15,"ilker Kandemir",php,webapps,0 29469,platforms/php/webapps/29469.txt,"Jax Petition 3.06 Book - smileys.php languagepack Parameter Local File Inclusion",2007-01-15,"ilker Kandemir",php,webapps,0 29470,platforms/linux/dos/29470.txt,"Oftpd 0.3.7 - Unsupported Address Family Remote Denial of Service",2007-01-15,anonymous,linux,dos,0 29471,platforms/linux/remote/29471.txt,"BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection",2007-11-16,"Collin Mulliner",linux,remote,0 -29472,platforms/php/webapps/29472.txt,"DT_Guestbook 1.0 - Index.php Cross-Site Scripting",2007-01-16,"Jesper Jurcenoks",php,webapps,0 +29472,platforms/php/webapps/29472.txt,"DT_Guestbook 1.0 - 'index.php' Cross-site Scripting",2007-01-16,"Jesper Jurcenoks",php,webapps,0 29482,platforms/php/webapps/29482.php,"WordPress Theme Kernel - Remote File Upload",2013-11-07,link_satisi,php,webapps,0 29483,platforms/php/webapps/29483.txt,"Indexu 5.0/5.3 - send_pwd.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29484,platforms/php/webapps/29484.txt,"Indexu 5.0/5.3 - search.php keyword Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 @@ -26484,27 +26484,27 @@ id,file,description,date,author,platform,type,port 29488,platforms/php/webapps/29488.txt,"Indexu 5.0/5.3 - mailing_list.php Multiple Variables XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - login.php error_msg Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29490,platforms/windows/remote/29490.txt,"avm fritz!dsl igd control service 2.2.29 - Directory Traversal information disclosure",2007-01-17,DPR,windows,remote,0 -29491,platforms/php/webapps/29491.txt,"myBloggie 2.1.5 - index.php PATH_INFO Parameter XSS",2007-01-17,CorryL,php,webapps,0 +29491,platforms/php/webapps/29491.txt,"myBloggie 2.1.5 - 'index.php' PATH_INFO Parameter XSS",2007-01-17,CorryL,php,webapps,0 29492,platforms/php/webapps/29492.txt,"myBloggie 2.1.5 - login.php PATH_INFO Parameter XSS",2007-01-17,CorryL,php,webapps,0 -29495,platforms/php/webapps/29495.txt,"Sabros.US 1.7 - Index.php Cross-Site Scripting",2007-01-18,CorryL,php,webapps,0 +29495,platforms/php/webapps/29495.txt,"Sabros.US 1.7 - 'index.php' Cross-site Scripting",2007-01-18,CorryL,php,webapps,0 29496,platforms/linux/remote/29496.txt,"ArsDigita Community System 3.4.x - Directory Traversal",2007-01-18,"Elliot Kendall",linux,remote,0 29497,platforms/php/webapps/29497.txt,"Easebay Resources Paypal Subscription - Manager Multiple Input Validation Vulnerabilities",2007-01-20,Doz,php,webapps,0 29498,platforms/php/webapps/29498.txt,"Easebay Resources Login Manager - Multiple Input Validation Vulnerabilities",2007-01-20,Doz,php,webapps,0 -29499,platforms/php/webapps/29499.txt,"SMF 1.1 - Index.php HTML Injection",2007-01-20,"Aria-Security Team",php,webapps,0 +29499,platforms/php/webapps/29499.txt,"SMF 1.1 - 'index.php' HTML Injection",2007-01-20,"Aria-Security Team",php,webapps,0 29500,platforms/asp/webapps/29500.txt,"RASPcalendar 1.01 - [ASP] Admin Login Vlunerabilities",2013-11-08,"Hackeri-AL UAH-Crew",asp,webapps,0 29502,platforms/multiple/dos/29502.html,"Transmit 3.5.5 - Remote Heap Overflow",2007-01-20,LMH,multiple,dos,0 29503,platforms/windows/dos/29503.py,"KarjaSoft Sami HTTP Server 1.0.4/1.0.5/2.0.1 - Request Remote Denial of Service",2007-01-22,shinnai,windows,dos,0 29504,platforms/php/webapps/29504.txt,"Unique Ads - Banner.php SQL Injection",2007-01-22,Linux_Drox,php,webapps,0 -29505,platforms/php/webapps/29505.txt,"212cafeBoard - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,Linux_Drox,php,webapps,0 -29506,platforms/php/webapps/29506.txt,"Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,CorryL,php,webapps,0 -29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 - Show.php Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0 +29505,platforms/php/webapps/29505.txt,"212cafeBoard - Multiple Cross-site Scripting Vulnerabilities",2007-01-22,Linux_Drox,php,webapps,0 +29506,platforms/php/webapps/29506.txt,"Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-site Scripting Vulnerabilities",2007-01-22,CorryL,php,webapps,0 +29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 - Show.php Cross-site Scripting",2007-01-22,Linux_Drox,php,webapps,0 29508,platforms/php/webapps/29508.sh,"Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities",2007-01-23,r0ut3r,php,webapps,0 29509,platforms/osx/dos/29509.txt,"Apple Mac OS X 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 -30029,platforms/php/webapps/30029.txt,"SonicBB 1.0 - Search.php Cross-Site Scripting",2007-05-14,"Jesper Jurcenoks",php,webapps,0 +30029,platforms/php/webapps/30029.txt,"SonicBB 1.0 - Search.php Cross-site Scripting",2007-05-14,"Jesper Jurcenoks",php,webapps,0 30031,platforms/ios/webapps/30031.txt,"Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities",2013-12-04,Vulnerability-Lab,ios,webapps,0 30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow/SEH Buffer Overflow/DEP Bypass with ROP",2013-12-04,metacom,windows,local,0 30085,platforms/linux/webapps/30085.txt,"Zimbra - Privilegie Escalation via LFI (0Day)",2013-12-06,rubina119,linux,webapps,0 -30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 - Multiple SQL Injection",2007-05-14,"Jesper Jurcenoks",php,webapps,0 +30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 - Multiple SQL Injections",2007-05-14,"Jesper Jurcenoks",php,webapps,0 30036,platforms/php/webapps/30036.html,"WordPress 2.1.3 - Akismet Plugin Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 30037,platforms/windows/remote/30037.txt,"Caucho Resin 3.1 - Encoded Space (%20) Request Path Disclosure",2007-05-15,"Derek Abdine",windows,remote,0 30038,platforms/windows/remote/30038.txt,"Caucho Resin 3.1 - \web-inf Traversal Arbitrary File Access",2007-05-15,"Derek Abdine",windows,remote,0 @@ -26516,39 +26516,39 @@ id,file,description,date,author,platform,type,port 30045,platforms/windows/remote/30045.html,"PrecisionID Barcode - PrecisionID_Barcode.DLL ActiveX 1.9 Control Arbitrary File Overwrite",2007-05-16,shinnai,windows,remote,0 30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 30047,platforms/php/webapps/30047.txt,"VBulletin 3.6.6 - Calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 -30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 - ShopContent.ASP Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 +30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 - ShopContent.ASP Cross-site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 30049,platforms/windows/remote/30049.html,"LEADTOOLS Multimedia 15 - 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow",2007-05-17,shinnai,windows,remote,0 30050,platforms/php/webapps/30050.html,"Redoable 1.2 Theme - header.php s Parameter XSS",2007-05-17,"John Martinelli",php,webapps,0 30051,platforms/php/webapps/30051.txt,"PsychoStats 2.3 - Server.php Path Disclosure",2007-05-17,kefka,php,webapps,0 -30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 -30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 +30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 +30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 30054,platforms/jsp/webapps/30054.txt,"Sonicwall Gms 7.x - Filter Bypass & Persistent (0Day)",2013-12-05,Vulnerability-Lab,jsp,webapps,0 30055,platforms/ios/webapps/30055.txt,"Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities",2013-12-05,Vulnerability-Lab,ios,webapps,0 -30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 - Low.php Cross-Site Scripting",2007-06-18,RMx,php,webapps,0 +30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 - Low.php Cross-site Scripting",2007-06-18,RMx,php,webapps,0 30156,platforms/cgi/webapps/30156.txt,"CGILua 3.0 - SQL Injection",2013-12-09,"aceeeeeeeer .",cgi,webapps,0 -30200,platforms/php/webapps/30200.txt,"PHP Hosting Biller 1.0 - Index.php Cross-Site Scripting",2007-08-18,Serapis.net,php,webapps,0 +30200,platforms/php/webapps/30200.txt,"PHP Hosting Biller 1.0 - 'index.php' Cross-site Scripting",2007-08-18,Serapis.net,php,webapps,0 30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 - Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 -30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 +30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp - Frameset-7.HTML Cross-site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Local Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30018,platforms/linux/remote/30018.py,"Python 2.5 - PyLocale_strxfrm Function Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 30019,platforms/windows/remote/30019.c,"CA Multiple Products Console Server and InoCore.dll - Remote Code Execution Vulnerabilities",2007-05-09,binagres,windows,remote,0 30020,platforms/linux/dos/30020.txt,"MySQL 5.0.x - IF Query Handling Remote Denial of Service",2013-12-04,"Neil Kettle",linux,dos,0 30021,platforms/solaris/local/30021.txt,"Sun Microsystems Solaris SRSEXEC 3.2.x - Arbitrary File Read Local Information Disclosure",2007-05-10,anonymous,solaris,local,0 -30022,platforms/php/webapps/30022.txt,"PHP Multi User Randomizer 2006.09.13 - Configure_Plugin.TPL.php Cross-Site Scripting",2007-05-10,the_Edit0r,php,webapps,0 +30022,platforms/php/webapps/30022.txt,"PHP Multi User Randomizer 2006.09.13 - Configure_Plugin.TPL.php Cross-site Scripting",2007-05-10,the_Edit0r,php,webapps,0 30023,platforms/windows/dos/30023.txt,"Progress OpenEdge 10 b - Multiple Denial of Service Vulnerabilities",2007-05-11,"Eelko Neven",windows,dos,0 30024,platforms/linux/dos/30024.txt,"LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow",2007-05-11,"Victor Stinner",linux,dos,0 -30025,platforms/multiple/remote/30025.txt,"TeamSpeak Server 2.0.23 - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-11,"Gilberto Ficara",multiple,remote,0 +30025,platforms/multiple/remote/30025.txt,"TeamSpeak Server 2.0.23 - Multiple Scripts Multiple Cross-site Scripting Vulnerabilities",2007-05-11,"Gilberto Ficara",multiple,remote,0 30026,platforms/windows/remote/30026.txt,"TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal",2007-05-11,"Digital Defense",windows,remote,0 30027,platforms/php/webapps/30027.txt,"CommuniGate Pro 5.1.8 - Web Mail HTML Injection",2007-05-12,"Alla Bezroutchko",php,webapps,0 -30028,platforms/php/webapps/30028.txt,"EQDKP 1.3.1 - Show Variable Cross-Site Scripting",2007-05-12,kefka,php,webapps,0 +30028,platforms/php/webapps/30028.txt,"EQDKP 1.3.1 - Show Variable Cross-site Scripting",2007-05-12,kefka,php,webapps,0 30014,platforms/windows/local/30014.py,"Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)",2013-12-03,ryujin,windows,local,0 29512,platforms/php/webapps/29512.txt,"Vanilla Forums 2.0 < 2.0.18.5 - (class.utilitycontroller.php) PHP Object Injection",2013-11-08,EgiX,php,webapps,80 29514,platforms/php/webapps/29514.txt,"appRain 3.0.2 - Blind SQL Injection",2013-11-08,"High-Tech Bridge SA",php,webapps,80 29515,platforms/php/webapps/29515.pl,"Flatpress 1.0 - Remote Code Execution",2013-11-08,Wireghoul,php,webapps,80 29516,platforms/hardware/webapps/29516.txt,"Vivotek IP Cameras - RTSP Authentication Bypass",2013-11-08,"Core Security",hardware,webapps,0 -29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 - (objectDetail.php objectId param) SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 +29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 - (objectDetail.php objectId parameter) SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 29518,platforms/hardware/webapps/29518.txt,"Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities",2013-11-08,"Oz Elisyan",hardware,webapps,80 -29519,platforms/php/webapps/29519.txt,"Horde Groupware Web Mail Edition 5.1.2 - CSRF (2)",2013-11-08,"Marcela Benetrix",php,webapps,80 +29519,platforms/php/webapps/29519.txt,"Horde Groupware Web Mail Edition 5.1.2 - Cross-site Request Forgery (2)",2013-11-08,"Marcela Benetrix",php,webapps,80 29520,platforms/linux/dos/29520.txt,"GTK2 GDKPixBufLoader - Remote Denial of Service",2007-01-24,"Lubomir Kundrak",linux,dos,0 29521,platforms/php/webapps/29521.txt,"Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion",2007-01-24,"Dr Max Virus",php,webapps,0 29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service and Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 @@ -26558,7 +26558,7 @@ id,file,description,date,author,platform,type,port 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 - .M3U Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_Mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 -29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 - Admin.php Cross-Site Scripting",2007-01-26,Doz,php,webapps,0 +29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 - Admin.php Cross-site Scripting",2007-01-26,Doz,php,webapps,0 29530,platforms/php/webapps/29530.txt,"FD Script 1.3.x - FName Parameter Information Disclosure",2007-01-26,ajann,php,webapps,0 29531,platforms/windows/dos/29531.txt,"Yahoo! Messenger 8.0 - Notification Message HTML Injection",2007-01-26,"Hai Nam Luke",windows,dos,0 29532,platforms/osx/dos/29532.txt,"Apple Installer Package 2.1.5 - Filename Format String",2007-01-27,LMH,osx,dos,0 @@ -26566,7 +26566,7 @@ id,file,description,date,author,platform,type,port 29534,platforms/php/webapps/29534.txt,"SpoonLabs Vivvo Article Management CMS 3.40 - Show_Webfeed.php SQL Injection",2007-01-27,St[at]rExT,php,webapps,0 29535,platforms/osx/dos/29535.txt,"Telestream Flip4Mac - 'WMV' File Remote Memory Corruption",2007-01-27,kf,osx,dos,0 29536,platforms/windows/dos/29536.html,"Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities",2007-01-29,"Alexander Sotirov",windows,dos,0 -29537,platforms/php/webapps/29537.txt,"MDPro 1.0.76 - Index.php SQL Injection",2007-01-27,adexior,php,webapps,0 +29537,platforms/php/webapps/29537.txt,"MDPro 1.0.76 - 'index.php' SQL Injection",2007-01-27,adexior,php,webapps,0 29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client - DAPCNFSD.DLL Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion",2007-01-30,Tr_ZiNDaN,php,webapps,0 29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 - ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 @@ -26575,10 +26575,10 @@ id,file,description,date,author,platform,type,port 29678,platforms/php/webapps/29678.txt,"Audins Audiens 3.3 - system/index.php Cookie PHPSESSID Parameter SQL Injection",2007-02-26,r00t,php,webapps,0 29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 - Main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 -29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - index.php Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0 -29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - Post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 +29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0 +29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - Post.php Cross-site Scripting",2007-02-26,Samenspender,php,webapps,0 29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service",2007-02-27,"Steve Grubb",linux,dos,0 -29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 +29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 29685,platforms/windows/remote/29685.txt,"Nullsoft Shoutcast 1.9.7 - Logfile HTML Injection",2007-02-27,SaMuschie,windows,remote,0 29686,platforms/windows/remote/29686.txt,"Adobe Acrobat/Adobe Reader 7.0.9 - Information Disclosure",2007-02-28,pdp,windows,remote,0 29687,platforms/windows/remote/29687.py,"HyperBook Guestbook 1.3 - GBConfiguration.DAT Hashed Password Information Disclosure",2007-02-28,PeTrO,windows,remote,0 @@ -26587,8 +26587,8 @@ id,file,description,date,author,platform,type,port 36816,platforms/php/webapps/36816.php,"Open-Letters - Remote PHP Code Injection",2015-04-22,"TUNISIAN CYBER",php,webapps,80 29546,platforms/windows/dos/29546.rb,"Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC)",2013-11-12,"Necmettin COSKUN",windows,dos,0 29548,platforms/windows/local/29548.rb,"VideoSpirit Lite 1.77 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 -29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - (.m3u) Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 -29811,platforms/jsp/webapps/29811.txt,"Atlassian JIRA 3.4.2 - IssueNavigator.JSPA Cross-Site Scripting",2007-04-02,syniack,jsp,webapps,0 +29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 +29811,platforms/jsp/webapps/29811.txt,"Atlassian JIRA 3.4.2 - IssueNavigator.JSPA Cross-site Scripting",2007-04-02,syniack,jsp,webapps,0 29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload - Arbitrary File Upload",2013-11-25,Metasploit,windows,remote,8020 29551,platforms/osx/dos/29551.txt,"Apple Mac OS X 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS - SQL Injection",2013-11-13,Metasploit,windows,remote,402 @@ -26596,26 +26596,26 @@ id,file,description,date,author,platform,type,port 29554,platforms/osx/dos/29554.txt,"Apple Mac OS X 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 29555,platforms/osx/dos/29555.txt,"Apple Mac OS X 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 29556,platforms/php/webapps/29556.txt,"OpenEMR 2.8.2 - Import_XML.php Remote File Inclusion",2007-01-31,trzindan,php,webapps,0 -29557,platforms/php/webapps/29557.txt,"OpenEMR 2.8.2 - Login_Frame.php Cross-Site Scripting",2007-01-31,"Michael Melewski",php,webapps,0 +29557,platforms/php/webapps/29557.txt,"OpenEMR 2.8.2 - Login_Frame.php Cross-site Scripting",2007-01-31,"Michael Melewski",php,webapps,0 29558,platforms/windows/dos/29558.c,"Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities",2007-02-01,"Matousec Transparent security",windows,dos,0 29559,platforms/php/webapps/29559.txt,"EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities",2007-02-02,"Tal Argoni",php,webapps,0 29560,platforms/php/webapps/29560.txt,"PHPProbid 5.24 - Lang.php Remote File Inclusion",2007-02-02,"Hasadya Raed",php,webapps,0 -29561,platforms/php/webapps/29561.txt,"Uebimiau 2.7.10 - Index.php Cross-Site Scripting",2007-02-02,Doz,php,webapps,0 +29561,platforms/php/webapps/29561.txt,"Uebimiau 2.7.10 - 'index.php' Cross-site Scripting",2007-02-02,Doz,php,webapps,0 29562,platforms/php/webapps/29562.txt,"PortailPHP 2 - mod_news/index.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 29563,platforms/php/webapps/29563.txt,"PortailPHP 2 - mod_news/goodies.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 29564,platforms/php/webapps/29564.txt,"PortailPHP 2 - mod_news/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29565,platforms/php/webapps/29565.txt,"PortailPHP 2 - mod_news/goodies.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29566,platforms/php/webapps/29566.txt,"PortailPHP 2 - mod_search/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 -29567,platforms/cfm/webapps/29567.txt,"Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting",2007-02-05,digi7al64,cfm,webapps,0 +29567,platforms/cfm/webapps/29567.txt,"Adobe ColdFusion 6/7 - User_Agent Error Page Cross-site Scripting",2007-02-05,digi7al64,cfm,webapps,0 29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Remote File Inclusion / Local File Inclusion",2007-02-05,anonymous,php,webapps,0 29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine - Affichearticles.php3 Remote File Inclusion",2007-02-06,Blaster,php,webapps,0 29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF",2013-11-13,"Hubert Gradek",hardware,webapps,0 29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 -29572,platforms/php/webapps/29572.txt,"CPanel 11 - PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 +29572,platforms/php/webapps/29572.txt,"CPanel 11 - PassWDMySQL Cross-site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 29573,platforms/multiple/remote/29573.xml,"Sage 1.3.6 - Extension Feed HTML Injection",2007-02-09,Fukumori,multiple,remote,0 29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 29575,platforms/windows/remote/29575.txt,"Plain Old Webserver 0.0.7/0.0.8 Firefox Extension - Directory Traversal",2006-09-25,"Stefano Di Paola",windows,remote,0 -29576,platforms/jsp/webapps/29576.txt,"Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting",2007-02-09,BL4CK,jsp,webapps,0 +29576,platforms/jsp/webapps/29576.txt,"Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-site Scripting",2007-02-09,BL4CK,jsp,webapps,0 29577,platforms/php/dos/29577.php,"PHP 5.2.1 - STR_IReplace Remote Denial of Service",2007-02-09,"Thomas Hruska",php,dos,0 29578,platforms/php/webapps/29578.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagviewer.php Multiple Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29579,platforms/php/webapps/29579.txt,"Tagit! Tagit2b 2.1.B Build 2 - tag_process.php Multiple Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 @@ -26635,20 +26635,20 @@ id,file,description,date,author,platform,type,port 29593,platforms/php/webapps/29593.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagmin/wordfilter.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 - (.wstyle) Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 - P Parameter Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 -29596,platforms/asp/webapps/29596.txt,"EWay 4 - Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 -29597,platforms/asp/webapps/29597.txt,"Community Server - SearchResults.ASPX Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0 -29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.php Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0 -29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 - Error.php Cross-Site Scripting",2007-02-13,Spiked,php,webapps,0 +29596,platforms/asp/webapps/29596.txt,"EWay 4 - Default.APSX Cross-site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 +29597,platforms/asp/webapps/29597.txt,"Community Server - SearchResults.ASPX Cross-site Scripting",2007-02-12,BL4CK,asp,webapps,0 +29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.php Cross-site Scripting",2007-02-12,PsychoGun,php,webapps,0 +29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 - Error.php Cross-site Scripting",2007-02-13,Spiked,php,webapps,0 29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter XSS",2007-02-13,ShaFuck31,asp,webapps,0 29601,platforms/asp/webapps/29601.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter SQL Injection",2007-02-13,ShaFuck31,asp,webapps,0 29602,platforms/php/webapps/29602.txt,"WebTester 5.0.20060927 - directions.php typeID Parameter SQL Injection",2007-02-14,"Moran Zavdi",php,webapps,0 29603,platforms/windows/local/29603.txt,"Comodo Firewall 2.3/2.4 - Flawed Component Control Cryptographic Hash",2007-02-15,"Matousec Transparent security",windows,local,0 29604,platforms/php/webapps/29604.txt,"ibProArcade 2.5.9+ - Arcade.php SQL Injection",2007-02-15,sp00k,php,webapps,0 -29605,platforms/php/webapps/29605.txt,"Deskpro 1.1 - Faq.php Cross-Site Scripting",2007-02-15,"BLacK ZeRo",php,webapps,0 -29606,platforms/php/webapps/29606.txt,"Calendar Express - Search.php Cross-Site Scripting",2007-02-15,BL4CK,php,webapps,0 +29605,platforms/php/webapps/29605.txt,"Deskpro 1.1 - Faq.php Cross-site Scripting",2007-02-15,"BLacK ZeRo",php,webapps,0 +29606,platforms/php/webapps/29606.txt,"Calendar Express - Search.php Cross-site Scripting",2007-02-15,BL4CK,php,webapps,0 29676,platforms/php/webapps/29676.txt,"Audins Audiens 3.3 - unistall.php Authentication Bypass",2007-02-26,r00t,php,webapps,0 29607,platforms/windows/dos/29607.html,"EasyMail Objects 6.x - Connect Method Remote Stack Buffer Overflow",2007-02-02,"Paul Craig",windows,dos,0 -29608,platforms/php/webapps/29608.txt,"CedStat 1.31 - index.php hier Parameter XSS",2007-02-16,sn0oPy,php,webapps,0 +29608,platforms/php/webapps/29608.txt,"CedStat 1.31 - 'index.php' hier Parameter XSS",2007-02-16,sn0oPy,php,webapps,0 29609,platforms/php/webapps/29609.txt,"Meganoide's News 1.1.1 - Include.php Remote File Inclusion",2007-02-16,KaRTaL,php,webapps,0 29610,platforms/php/webapps/29610.txt,"Ezboo Webstats 3.03 - Administrative Authentication Bypass",2007-02-16,sn0oPy,php,webapps,0 29611,platforms/asp/webapps/29611.txt,"Turuncu Portal 1.0 - H_Goster.ASP SQL Injection",2007-02-16,chernobiLe,asp,webapps,0 @@ -26661,10 +26661,10 @@ id,file,description,date,author,platform,type,port 29618,platforms/windows/dos/29618.c,"News File Grabber 4.1.0.1 - Subject Line Stack Buffer Overflow (2)",2007-02-19,Marsu,windows,dos,0 29619,platforms/windows/remote/29619.html,"Microsoft Internet Explorer 6.0 - Local File Access Weakness",2007-02-20,"Rajesh Sethumadhavan",windows,remote,0 29620,platforms/osx/dos/29620.txt,"Apple Mac OS X 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 -29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 +29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 29622,platforms/asp/webapps/29622.txt,"Design4Online - Userpages2 Page.ASP SQL Injection",2007-02-20,xoron,asp,webapps,0 -29623,platforms/cgi/webapps/29623.txt,"Google Desktop - Cross-Site Scripting Weakness",2007-02-21,"Yair Amit",cgi,webapps,0 -29624,platforms/php/webapps/29624.txt,"CedStat 1.31 - Index.php Cross-Site Scripting",2007-02-21,sn0oPy,php,webapps,0 +29623,platforms/cgi/webapps/29623.txt,"Google Desktop - Cross-site Scripting Weakness",2007-02-21,"Yair Amit",cgi,webapps,0 +29624,platforms/php/webapps/29624.txt,"CedStat 1.31 - 'index.php' Cross-site Scripting",2007-02-21,sn0oPy,php,webapps,0 29625,platforms/php/webapps/29625.txt,"phpTrafficA 1.4.1 - plotStat.php file Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 29626,platforms/php/webapps/29626.txt,"phpTrafficA 1.4.1 - banref.php lang Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 29627,platforms/php/webapps/29627.php,"Magic News Plus 1.0.2 - preview.php php_script_path Parameter Remote File Inclusion",2007-02-21,"HACKERS PAL",php,webapps,0 @@ -26673,15 +26673,15 @@ id,file,description,date,author,platform,type,port 29630,platforms/windows/local/29630.c,"Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure",2007-02-22,3APA3A,windows,local,0 29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 - modules/out.php id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 - admin/index.php Multiple Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 -29633,platforms/ios/webapps/29633.txt,"Google Gmail IOS Mobile Application - Persistent / Stored XSS",2013-11-16,"Ali Raza",ios,webapps,0 +29633,platforms/ios/webapps/29633.txt,"Google Gmail IOS Mobile Application - Persistent / Persistent Cross-site Scripting",2013-11-16,"Ali Raza",ios,webapps,0 29634,platforms/php/webapps/29634.txt,"Plantilla - list_main_pages.php nfolder Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29635,platforms/php/webapps/29635.txt,"Pheap 1.x/2.0 - Edit.php Directory Traversal",2007-02-22,"laurent gaffie",php,webapps,0 29636,platforms/php/webapps/29636.txt,"LoveCMS 1.4 - install/index.php step Parameter Remote File Inclusion",2007-02-22,"laurent gaffie",php,webapps,0 29637,platforms/php/webapps/29637.txt,"LoveCMS 1.4 - install/index.php step Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 -29638,platforms/php/webapps/29638.txt,"LoveCMS 1.4 - index.php load Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 -29639,platforms/php/webapps/29639.txt,"LoveCMS 1.4 - index.php id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 +29638,platforms/php/webapps/29638.txt,"LoveCMS 1.4 - 'index.php' load Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 +29639,platforms/php/webapps/29639.txt,"LoveCMS 1.4 - 'index.php' id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 29640,platforms/php/webapps/29640.txt,"Shop Kit Plus - StyleCSS.php Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 -29641,platforms/php/webapps/29641.txt,"XT:Commerce 3.04 - Index.php Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 +29641,platforms/php/webapps/29641.txt,"XT:Commerce 3.04 - 'index.php' Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 29642,platforms/php/webapps/29642.txt,"Simple one-file gallery - gallery.php f Parameter Traversal Arbitrary File Access",2007-02-23,"laurent gaffie",php,webapps,0 29643,platforms/php/webapps/29643.txt,"Simple one-file gallery - gallery.php f Parameter XSS",2007-02-23,"laurent gaffie",php,webapps,0 29644,platforms/php/webapps/29644.txt,"Pickle 0.3 - Download.php Local File Inclusion",2007-02-24,"laurent gaffie",php,webapps,0 @@ -26695,27 +26695,27 @@ id,file,description,date,author,platform,type,port 29652,platforms/php/webapps/29652.txt,"Active Calendar 1.2 - data/y_3.php css Parameter XSS",2007-02-24,"Simon Bonnard",php,webapps,0 29653,platforms/php/webapps/29653.txt,"Active Calendar 1.2 - data/mysqlevents.php css Parameter XSS",2007-02-24,"Simon Bonnard",php,webapps,0 29671,platforms/windows/dos/29671.txt,"Avira Secure Backup 1.0.0.1 Build 3616 - (.reg) Buffer Overflow",2013-11-18,"Julien Ahrens",windows,dos,0 -29790,platforms/php/webapps/29790.txt,"ImpressPages CMS 3.8 - Stored XSS",2013-11-23,sajith,php,webapps,0 +29790,platforms/php/webapps/29790.txt,"ImpressPages CMS 3.8 - Persistent Cross-site Scripting",2013-11-23,sajith,php,webapps,0 29791,platforms/windows/dos/29791.pl,"Boilsoft RM TO MP3 Converter 1.72 - Crash PoC (.wav)",2013-11-23,"Akin Tosunlar",windows,dos,0 -29658,platforms/php/webapps/29658.txt,"PhotoStand 1.2 - Index.php Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 +29658,platforms/php/webapps/29658.txt,"PhotoStand 1.2 - 'index.php' Cross-site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 29659,platforms/windows/dos/29659.pl,"Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service",2007-02-25,sehato,windows,dos,0 29660,platforms/windows/dos/29660.txt,"Microsoft Office 2003 - Denial of Service (DoS)",2007-02-25,sehato,windows,dos,0 -29661,platforms/php/webapps/29661.txt,"Docebo CMS 3.0.x - index.php searchkey Parameter XSS",2007-02-24,r00t,php,webapps,0 +29661,platforms/php/webapps/29661.txt,"Docebo CMS 3.0.x - 'index.php' searchkey Parameter XSS",2007-02-24,r00t,php,webapps,0 29662,platforms/php/webapps/29662.txt,"Docebo CMS 3.0.x - modules/htmlframechat/index.php Multiple Parameter XSS",2007-02-24,r00t,php,webapps,0 -29663,platforms/php/webapps/29663.txt,"SolarPay - Index.php Local File Inclusion",2007-02-26,"Hasadya Raed",php,webapps,0 +29663,platforms/php/webapps/29663.txt,"SolarPay - 'index.php' Local File Inclusion",2007-02-26,"Hasadya Raed",php,webapps,0 29664,platforms/windows/dos/29664.txt,"Microsoft Office Publisher 2007 - Remote Denial of Service (DoS)",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Inclusion",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI - close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 -29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - CSRF",2013-11-18,DevilScreaM,php,webapps,80 -29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 -29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 -29670,platforms/php/webapps/29670.txt,"WordPress Make A Statement (MaS) Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 +29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - Cross-site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - Cross-site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - Cross-site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29670,platforms/php/webapps/29670.txt,"WordPress Make A Statement (MaS) Theme - Cross-site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 - admin/membersearch.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 - URL Protocol Format String",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari - Feed URI Denial of Service",2007-05-13,"Moshe Ben-Abu",windows,dos,0 -30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 -30190,platforms/php/webapps/30190.txt,"Joomla! Letterman Subscriber Module 1.2.4 - Mod_Lettermansubscribe.php Cross-Site Scripting",2007-06-14,"Edi Strosar",php,webapps,0 -30191,platforms/jsp/webapps/30191.txt,"Apache MyFaces Tomahawk JSF Framework 1.1.5 - Autoscroll Parameter Cross-Site Scripting",2007-06-14,"Rajat Swarup",jsp,webapps,0 +30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-site Scripting",2007-06-14,anonymous,jsp,webapps,0 +30190,platforms/php/webapps/30190.txt,"Joomla! Letterman Subscriber Module 1.2.4 - Mod_Lettermansubscribe.php Cross-site Scripting",2007-06-14,"Edi Strosar",php,webapps,0 +30191,platforms/jsp/webapps/30191.txt,"Apache MyFaces Tomahawk JSF Framework 1.1.5 - Autoscroll Parameter Cross-site Scripting",2007-06-14,"Rajat Swarup",jsp,webapps,0 30192,platforms/windows/local/30192.txt,"Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities",2007-06-15,"Matousec Transparent security",windows,local,0 29672,platforms/php/webapps/29672.txt,"LiveZilla 5.0.1.4 - Remote Code Execution",2013-11-18,"Curesec Research Team",php,webapps,80 29673,platforms/hardware/webapps/29673.txt,"Dahua DVR 2.608.0000.0 / 2.608.GV00.0 - Authentication Bypass (Metasploit)",2013-11-18,"Jake Reynolds",hardware,webapps,37777 @@ -26728,7 +26728,7 @@ id,file,description,date,author,platform,type,port 29691,platforms/linux/remote/29691.py,"Gnome Evolution 2.x - GnuPG Arbitrary Content Injection",2007-03-05,"Gerardo Richarte",linux,remote,0 29692,platforms/php/dos/29692.txt,"PHP 3/4/5 - ZendEngine Variable Destruction Remote Denial of Service",2007-03-01,"Stefan Esser",php,dos,0 29693,platforms/php/dos/29693.txt,"PHP 4/5 - Executor Deep Recursion Remote Denial of Service",2007-03-01,"Maksymilian Arciemowicz",php,dos,0 -29694,platforms/php/webapps/29694.txt,"S9Y Serendipity 1.1.1 - Index.php SQL Injection",2007-03-01,Samenspender,php,webapps,0 +29694,platforms/php/webapps/29694.txt,"S9Y Serendipity 1.1.1 - 'index.php' SQL Injection",2007-03-01,Samenspender,php,webapps,0 29695,platforms/windows/local/29695.txt,"Comodo Firewall Pro 2.4.x - Local Protection Mechanism Bypass",2007-03-01,"Matousec Transparent security",windows,local,0 29696,platforms/php/webapps/29696.txt,"aWebNews 1.1 - listing.php path_to_news Parameter Remote File Inclusion",2007-03-01,mostafa_ragab,php,webapps,0 29697,platforms/php/webapps/29697.txt,"Built2go News Manager 1.0 Blog - news.php Multiple Parameter XSS",2007-03-01,the_Edit0r,php,webapps,0 @@ -26753,7 +26753,7 @@ id,file,description,date,author,platform,type,port 29715,platforms/php/webapps/29715.txt,"EPortfolio 1.0 - Client Side Input Validation",2007-03-05,"Stefan Friedli",php,webapps,0 29716,platforms/linux/dos/29716.txt,"Silc Server 1.0.2 - New Channel Remote Denial of Service",2007-03-06,"Frank Benkstein",linux,dos,0 29717,platforms/linux/dos/29717.txt,"radscan conquest 8.2 - Multiple Vulnerabilities",2007-03-07,"Luigi Auriemma",linux,dos,0 -29798,platforms/windows/local/29798.pl,"ALLPlayer 5.7 - (.m3u) SEH Buffer Overflow (Unicode)",2013-11-24,"Mike Czumak",windows,local,0 +29798,platforms/windows/local/29798.pl,"ALLPlayer 5.7 - '.m3u' SEH Buffer Overflow (Unicode)",2013-11-24,"Mike Czumak",windows,local,0 29720,platforms/linux/dos/29720.txt,"Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service",2007-03-08,"Nicolas DEROUET",linux,dos,0 29721,platforms/windows/dos/29721.pl,"Fish - Multiple Remote Buffer Overflow Vulnerabilities",2007-03-08,"ilja van sprundel",windows,dos,0 29722,platforms/php/webapps/29722.txt,"JCCorp URLShrink Free 1.3.1 - CreateURL.php Remote File Inclusion",2007-03-09,"Hasadya Raed",php,webapps,0 @@ -26772,23 +26772,23 @@ id,file,description,date,author,platform,type,port 29735,platforms/hardware/remote/29735.rb,"D-Link TFTP 1.0 - Transporting Mode Remote Buffer Overflow",2007-03-12,LSO,hardware,remote,0 29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 - ADODB-Connection.Inc.php Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 - Check_Vote.php Local File Inclusion",2007-03-13,"BorN To K!LL",php,webapps,0 -29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 WinMM.DLL - WAV Files Remote Denial of Service (DoS)",2007-03-13,"Michal Majchrowicz",windows,dos,0 +29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 - WinMM.DLL .WAV Files Remote Denial of Service (DoS)",2007-03-13,"Michal Majchrowicz",windows,dos,0 29739,platforms/linux/remote/29739.txt,"Apache HTTP Server Tomcat 5.x/6.0.x - Directory Traversal",2007-03-14,"D. Matscheko",linux,remote,0 29740,platforms/windows/dos/29740.txt,"MiniGZip - Controls File_Compress Buffer Overflow",2007-03-14,starcadi,windows,dos,0 -29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7.0 - NavCancel.HTM Cross-Site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 +29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7.0 - NavCancel.HTM Cross-site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 29743,platforms/windows/dos/29743.txt,"Symantec SYMTDI.SYS Device Driver - Local Denial of Service (DoS)",2007-03-15,"David Matousek",windows,dos,0 -29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 - Index.php Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 -29745,platforms/php/webapps/29745.txt,"Horde Framework 3.1.3 - Login.php Cross-Site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 +29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 - 'index.php' Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 +29745,platforms/php/webapps/29745.txt,"Horde Framework 3.1.3 - Login.php Cross-site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 29746,platforms/linux/local/29746.txt,"Horde Framework and IMP 2.x/3.x - Cleanup Cron Script Arbitrary File Deletion",2007-03-15,anonymous,linux,local,0 -29747,platforms/php/webapps/29747.txt,"DirectAdmin 1.292 - CMD_USER_STATS Cross-Site Scripting",2007-03-16,Mandr4ke,php,webapps,0 +29747,platforms/php/webapps/29747.txt,"DirectAdmin 1.292 - CMD_USER_STATS Cross-site Scripting",2007-03-16,Mandr4ke,php,webapps,0 29748,platforms/php/webapps/29748.txt,"Holtstraeter Rot 13 - Enkrypt.php Directory Traversal",2007-03-16,"BorN To K!LL",php,webapps,0 -29749,platforms/multiple/remote/29749.txt,"Oracle Portal 10g - P_OldURL Parameter Cross-Site Scripting",2007-03-16,d3nx,multiple,remote,0 -29750,platforms/php/webapps/29750.php,"PHPStats 0.1.9 - Multiple SQL Injection",2007-03-16,rgod,php,webapps,0 +29749,platforms/multiple/remote/29749.txt,"Oracle Portal 10g - P_OldURL Parameter Cross-site Scripting",2007-03-16,d3nx,multiple,remote,0 +29750,platforms/php/webapps/29750.php,"PHPStats 0.1.9 - Multiple SQL Injections",2007-03-16,rgod,php,webapps,0 29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 - PHP-Stats-Options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation Weakness",2007-03-19,"Stefan Esser",php,remote,0 29753,platforms/linux/remote/29753.c,"File(1) 4.13 - Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 -29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 +29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 - Administrator Password Change",2007-03-19,Kacper,php,webapps,0 29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 @@ -26810,9 +26810,9 @@ id,file,description,date,author,platform,type,port 29773,platforms/php/webapps/29773.txt,"Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29774,platforms/php/webapps/29774.txt,"Free File Hosting System 1.1 - register.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Inclusion",2007-03-26,Crackers_Child,php,webapps,0 -29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 - Index.php Cross-Site Scripting",2007-03-26,Crackers_Child,php,webapps,0 -29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 - (.m3u) SEH Buffer Overflow (Unicode)",2013-11-22,"Mike Czumak",windows,local,0 -29780,platforms/php/webapps/29780.txt,"Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting",2007-03-26,The[Boss],php,webapps,0 +29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 - 'index.php' Cross-site Scripting",2007-03-26,Crackers_Child,php,webapps,0 +29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 - '.m3u' SEH Buffer Overflow (Unicode)",2013-11-22,"Mike Czumak",windows,local,0 +29780,platforms/php/webapps/29780.txt,"Mephisto Blog 0.7.3 - Search Function Cross-site Scripting",2007-03-26,The[Boss],php,webapps,0 29781,platforms/linux/dos/29781.c,"Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS",2007-03-26,"Joey Mengele",linux,dos,0 29782,platforms/php/webapps/29782.txt,"Satel Lite - Satellite.php Local File Inclusion",2007-11-26,rUnViRuS,php,webapps,0 29783,platforms/php/webapps/29783.txt,"Fizzle 0.5 - RSS Feed HTML Injection",2007-03-26,"CrYpTiC MauleR",php,webapps,0 @@ -26822,13 +26822,13 @@ id,file,description,date,author,platform,type,port 29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server - RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 29788,platforms/php/remote/29788.php,"PHP 4.4.4 - Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow Exploit",2014-01-07,Mr.XHat,windows,local,0 -30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 Plugin - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 +30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 Plugin - Persistent Cross-site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 - dwpage.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30158,platforms/php/webapps/30158.txt,"Joomla JD-Wiki 1.0.2 - wantedpages.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30107,platforms/php/webapps/30107.txt,"Ovidentia 7.9.6 - Multiple Vulnerabilities",2013-12-08,sajith,php,webapps,0 -30109,platforms/php/webapps/30109.txt,"Particle Gallery 1.0 - Search.php Cross-Site Scripting",2007-05-30,Serapis.net,php,webapps,0 +30109,platforms/php/webapps/30109.txt,"Particle Gallery 1.0 - Search.php Cross-site Scripting",2007-05-30,Serapis.net,php,webapps,0 30110,platforms/linux/dos/30110.c,"Bochs 2.3 - Buffer Overflow / Denial of Service",2007-05-31,"Tavis Ormandy",linux,dos,0 -30111,platforms/php/webapps/30111.txt,"MyBloggie 2.1.x - Index.php Multiple SQL Injection",2007-05-31,ls@calima.serapis.net,php,webapps,0 +30111,platforms/php/webapps/30111.txt,"MyBloggie 2.1.x - 'index.php' Multiple SQL Injection",2007-05-31,ls@calima.serapis.net,php,webapps,0 30112,platforms/php/webapps/30112.txt,"PHP JackKnife 2.21 - (PHPJK) G_Display.php iCategoryUnq Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 30113,platforms/php/webapps/30113.txt,"PHP JackKnife 2.21 - (PHPJK) Search/DisplayResults.php iSearchID Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 30114,platforms/php/webapps/30114.txt,"PHP JackKnife 2.21 - (PHPJK) UserArea/Authenticate.php sUName Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 @@ -26845,22 +26845,22 @@ id,file,description,date,author,platform,type,port 30125,platforms/php/webapps/30125.txt,"Prototype of an PHP application 0.1 - menu/menuprincipal.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30126,platforms/php/webapps/30126.txt,"Prototype of an PHP application 0.1 - param/param.inc.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30127,platforms/php/webapps/30127.txt,"Prototype of an PHP application 0.1 - plugins/phpgacl/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30128,platforms/php/webapps/30128.txt,"Prototype of an PHP application 0.1 - index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30128,platforms/php/webapps/30128.txt,"Prototype of an PHP application 0.1 - 'index.php' path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30129,platforms/php/webapps/30129.txt,"Prototype of an PHP application 0.1 - common.inc.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30130,platforms/php/remote/30130.txt,"PHP 5.2.3 - EXT/Session HTTP Response Header Injection",2007-06-04,"Stefan Esser",php,remote,0 -30131,platforms/php/webapps/30131.txt,"Buttercup WFM - Title Parameter Cross-Site Scripting",2007-06-01,"John Martinelli",php,webapps,0 +30131,platforms/php/webapps/30131.txt,"Buttercup WFM - Title Parameter Cross-site Scripting",2007-06-01,"John Martinelli",php,webapps,0 30132,platforms/php/webapps/30132.txt,"Evenzia Content Management Systems (CMS) - Cross-Site script",2007-06-01,"Glafkos Charalambous ",php,webapps,0 30133,platforms/php/webapps/30133.txt,"PHPLive! 3.2.2 - chat.php sid Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30134,platforms/php/webapps/30134.txt,"PHPLive! 3.2.2 - help.php Multiple Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30135,platforms/php/webapps/30135.txt,"PHPLive! 3.2.2 - admin/header.php admin[name] Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30136,platforms/php/webapps/30136.txt,"PHPLive! 3.2.2 - super/info.php BASE_URL Variable Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30137,platforms/php/webapps/30137.txt,"PHPLive! 3.2.2 - setup/footer.php Multiple Parameter XSS",2007-06-01,ReZEN,php,webapps,0 -30138,platforms/php/webapps/30138.txt,"Linker 2.0.4 - Index.php Cross-Site Scripting",2007-06-02,vagrant,php,webapps,0 +30138,platforms/php/webapps/30138.txt,"Linker 2.0.4 - 'index.php' Cross-site Scripting",2007-06-02,vagrant,php,webapps,0 30139,platforms/multiple/dos/30139.c,"Agnitum Outpost Firewall 4.0 - Outpost_IPC_HDR Local Denial of Service",2007-06-04,"Matousec Transparent security",multiple,dos,0 -30140,platforms/php/webapps/30140.txt,"Okyanusmedya - Index.php Cross-Site Scripting",2007-06-04,vagrant,php,webapps,0 +30140,platforms/php/webapps/30140.txt,"Okyanusmedya - 'index.php' Cross-site Scripting",2007-06-04,vagrant,php,webapps,0 30141,platforms/asp/webapps/30141.txt,"Hunkaray Okul Portaly 1.1 - Haberoku.ASP SQL Injection",2007-06-04,ertuqrul,asp,webapps,0 30142,platforms/linux/remote/30142.txt,"GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow",2007-06-04,"KaiJern Lau",linux,remote,0 -30143,platforms/php/webapps/30143.txt,"WebStudio CMS - Index.php Cross-Site Scripting",2007-06-04,"Glafkos Charalambous ",php,webapps,0 +30143,platforms/php/webapps/30143.txt,"WebStudio CMS - 'index.php' Cross-site Scripting",2007-06-04,"Glafkos Charalambous ",php,webapps,0 30144,platforms/windows/remote/30144.html,"eSellerate SDK 3.6.5 - eSellerateControl365.DLL ActiveX Control Buffer Overflow",2007-06-04,shinnai,windows,remote,0 30145,platforms/ios/webapps/30145.txt,"Feetan Inc WireShare 1.9.1 iOS - Persistent",2013-12-08,Vulnerability-Lab,ios,webapps,0 30146,platforms/ios/webapps/30146.txt,"Print n Share 5.5 iOS - Multiple Web Vulnerabilities",2013-12-08,Vulnerability-Lab,ios,webapps,0 @@ -26870,11 +26870,11 @@ id,file,description,date,author,platform,type,port 30159,platforms/asp/webapps/30159.txt,"ASP Folder Gallery - Download_Script.ASP Arbitrary File Download",2007-06-06,freeprotect.net,asp,webapps,0 30160,platforms/windows/dos/30160.txt,"Microsoft Windows XP - GDI+ ICO File Remote Denial of Service",2007-06-06,"Dennis Rand",windows,dos,0 30161,platforms/php/webapps/30161.txt,"Atom PhotoBlog 1.0.1/1.0.9 - AtomPhotoBlog.php Multiple Input Validation Vulnerabilities",2007-06-07,Serapis.net,php,webapps,0 -30162,platforms/php/webapps/30162.txt,"WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2007-06-07,"Glafkos Charalambous ",php,webapps,0 +30162,platforms/php/webapps/30162.txt,"WMSCMS 2.0 - Multiple Cross-site Scripting Vulnerabilities",2007-06-07,"Glafkos Charalambous ",php,webapps,0 30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0 -30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting",2007-06-08,"Secunia Research",hardware,remote,0 +30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-site Scripting",2007-06-08,"Secunia Research",hardware,remote,0 30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI - Okul Portal Haber_Oku.ASP SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 -30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 +30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-site Scripting",2007-06-08,zamolx3,php,webapps,0 30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x - Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0 30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System - vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0 30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 - User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0 @@ -26882,9 +26882,9 @@ id,file,description,date,author,platform,type,port 30172,platforms/php/webapps/30172.txt,"JFFNms 0.8.3 - auth.php user Parameter XSS",2007-06-11,"Tim Brown",php,webapps,0 30173,platforms/php/webapps/30173.txt,"JFFNms 0.8.3 - admin/adm/test.php PHP Information Disclosure",2007-06-11,"Tim Brown",php,webapps,0 30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 - admin/setup.php Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 -30175,platforms/php/webapps/30175.txt,"BBpress 0.8.1 - BB-Login.php Cross-Site Scripting",2007-06-11,"Ory Segal",php,webapps,0 +30175,platforms/php/webapps/30175.txt,"BBpress 0.8.1 - BB-Login.php Cross-site Scripting",2007-06-11,"Ory Segal",php,webapps,0 30176,platforms/windows/remote/30176.html,"Apple Safari 3 for Windows - Protocol Handler Command Injection",2007-06-12,"Thor Larholm",windows,remote,0 -30177,platforms/php/webapps/30177.txt,"PlaySms 0.9.9.2 - CSRF",2013-12-10,"Saadi Siddiqui",php,webapps,0 +30177,platforms/php/webapps/30177.txt,"PlaySms 0.9.9.2 - Cross-site Request Forgery",2013-12-10,"Saadi Siddiqui",php,webapps,0 30205,platforms/asp/webapps/30205.txt,"Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl XSS",2007-06-20,Doz,asp,webapps,0 30206,platforms/cfm/webapps/30206.txt,"FuseTalk 4.0 - forum/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",cfm,webapps,0 30394,platforms/windows/remote/30394.rb,"Adobe Reader ToolButton - Use-After-Free",2013-12-17,Metasploit,windows,remote,0 @@ -26907,14 +26907,14 @@ id,file,description,date,author,platform,type,port 29809,platforms/linux/dos/29809.txt,"PulseAudio 0.9.5 - Assert() Remote Denial of Service",2007-04-02,"Luigi Auriemma",linux,dos,0 29810,platforms/windows/dos/29810.c,"Symantec Multiple Products - SPBBCDrv Driver Local Denial of Service",2007-04-01,"David Matousek",windows,dos,0 29813,platforms/windows/dos/29813.py,"Microsoft Windows Vista - ARP Table Entries Denial of Service",2004-04-02,"Kristian Hermansen",windows,dos,0 -29814,platforms/windows/remote/29814.txt,"NextPage LivePublish 2.02 - LPEXT.DLL Cross-Site Scripting",2007-04-03,"Igor Monteiro Vieira",windows,remote,0 +29814,platforms/windows/remote/29814.txt,"NextPage LivePublish 2.02 - LPEXT.DLL Cross-site Scripting",2007-04-03,"Igor Monteiro Vieira",windows,remote,0 29815,platforms/hardware/remote/29815.rb,"NETGEAR ReadyNAS - Perl Code Evaluation",2013-11-25,Metasploit,hardware,remote,443 29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 - .BMP Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 - Fotokategori.ASP SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29819,platforms/windows/dos/29819.c,"IrfanView 3.99 - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29820,platforms/multiple/remote/29820.html,"Firebug 1.03 - Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",multiple,remote,0 -29821,platforms/php/webapps/29821.txt,"Livor 2.5 - Index.php Cross-Site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 +29821,platforms/php/webapps/29821.txt,"Livor 2.5 - 'index.php' Cross-site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 29822,platforms/linux/local/29822.c,"Man Command - -H Flag Local Buffer Overflow",2007-04-06,"Daniel Roethlisberger",linux,local,0 29823,platforms/php/dos/29823.c,"PHP 5.2.1 GD Extension - .WBMP File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 29824,platforms/php/webapps/29824.txt,"QuizShock 1.6.1 - Auth.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 @@ -26922,7 +26922,7 @@ id,file,description,date,author,platform,type,port 29826,platforms/linux/dos/29826.txt,"Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service",2007-04-09,"Jean Delvare",linux,dos,0 29827,platforms/php/webapps/29827.pl,"eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion",2007-04-09,Liz0ziM,php,webapps,0 29828,platforms/php/webapps/29828.html,"DeskPro 2.0.1 - Login.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 -29829,platforms/php/webapps/29829.txt,"Einfacher Passworschutz - Index.php Cross-Site Scripting",2007-04-10,hackberry,php,webapps,0 +29829,platforms/php/webapps/29829.txt,"Einfacher Passworschutz - 'index.php' Cross-site Scripting",2007-04-10,hackberry,php,webapps,0 29830,platforms/php/webapps/29830.txt,"MyNews 4.2.2 - Week_Events.php Remote File Inclusion",2007-04-10,hackberry,php,webapps,0 29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 - newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 @@ -26938,16 +26938,16 @@ id,file,description,date,author,platform,type,port 29843,platforms/windows/remote/29843.txt,"webMethods Glue 6.5.1 Console - Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 29844,platforms/cgi/webapps/29844.txt,"Cosign 2.0.1/2.9.4a - CGI Register Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29845,platforms/php/webapps/29845.txt,"phpwebnews 0.1 - iklan.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 -29846,platforms/php/webapps/29846.txt,"phpwebnews 0.1 - index.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 +29846,platforms/php/webapps/29846.txt,"phpwebnews 0.1 - 'index.php' m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 29847,platforms/php/webapps/29847.txt,"phpwebnews 0.1 - bukutamu.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 -29848,platforms/php/webapps/29848.txt,"TuMusika Evolution 1.6 - Index.php Cross-Site Scripting",2007-04-12,the_Edit0r,php,webapps,0 +29848,platforms/php/webapps/29848.txt,"TuMusika Evolution 1.6 - 'index.php' Cross-site Scripting",2007-04-12,the_Edit0r,php,webapps,0 29849,platforms/php/webapps/29849.html,"ToendaCMS 1.5.3 - HTTP Get And Post Forms HTML Injection",2007-04-12,"Hanno Boeck",php,webapps,0 29850,platforms/windows/dos/29850.txt,"eIQnetworks Enterprise Security Analyzer 2.5 - Multiple Buffer Overflow Vulnerabilities",2007-04-12,"Leon Juranic",windows,dos,0 -29851,platforms/php/webapps/29851.txt,"MailBee WebMail Pro 3.4 - Check_login.ASP Cross-Site Scripting",2007-04-13,"David Vieira-Kurz",php,webapps,0 +29851,platforms/php/webapps/29851.txt,"MailBee WebMail Pro 3.4 - Check_login.ASP Cross-site Scripting",2007-04-13,"David Vieira-Kurz",php,webapps,0 29852,platforms/php/webapps/29852.txt,"Doop Content Management System 1.3.x - Multiple Input Validation Vulnerabilities",2007-04-13,KaBuS,php,webapps,0 29853,platforms/windows/remote/29853.rb,"LanDesk Management Suite 8.7 Alert Service - AOLSRVR.EXE Buffer Overflow",2007-04-13,"Aaron Portnoy",windows,remote,0 -29854,platforms/php/webapps/29854.txt,"BloofoxCMS 0.2.2 - Img_Popup.php Cross-Site Scripting",2007-04-14,the_Edit0r,php,webapps,0 -29855,platforms/php/webapps/29855.txt,"Flowers - Cas.php Cross-Site Scripting",2007-04-14,the_Edit0r,php,webapps,0 +29854,platforms/php/webapps/29854.txt,"BloofoxCMS 0.2.2 - Img_Popup.php Cross-site Scripting",2007-04-14,the_Edit0r,php,webapps,0 +29855,platforms/php/webapps/29855.txt,"Flowers - Cas.php Cross-site Scripting",2007-04-14,the_Edit0r,php,webapps,0 29857,platforms/windows/remote/29857.rb,"Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090)",2013-11-27,Metasploit,windows,remote,0 29858,platforms/windows/remote/29858.rb,"Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022)",2013-11-27,Metasploit,windows,remote,0 29859,platforms/java/remote/29859.rb,"Apache Roller - OGNL Injection",2013-11-27,Metasploit,java,remote,8080 @@ -26956,10 +26956,10 @@ id,file,description,date,author,platform,type,port 29862,platforms/php/webapps/29862.pl,"Web Service Deluxe News Manager 1.0.1 Deluxe - Footer.php Local File Inclusion",2007-04-16,BeyazKurt,php,webapps,0 29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 - Actionpoll.php Remote File Inclusion",2007-04-16,SekoMirza,php,webapps,0 29864,platforms/php/webapps/29864.php,"MyBlog 0.9.8 - Settings.php Authentication Bypass",2007-04-16,BlackHawk,php,webapps,0 -29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 - Showpic.php Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 +29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 - Showpic.php Multiple Cross-site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection",2007-04-17,Aleksandar,php,webapps,0 29867,platforms/windows/dos/29867.xml,"NetSprint Ask IE Toolbar 1.1 - Multiple Denial of Service Vulnerabilities",2007-04-17,"Michal Bucko",windows,dos,0 -29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 - Multiple SQL Injection",2007-04-18,"John Martinelli",php,webapps,0 +29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 - Multiple SQL Injections",2007-04-18,"John Martinelli",php,webapps,0 29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 - PHPBB_Root_Path Remote File Inclusion",2007-04-19,"HACKERS PAL",php,webapps,0 29870,platforms/php/webapps/29870.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_debug.php url Parameter XSS",2007-04-20,"Hamid Ebadi",php,webapps,0 29871,platforms/php/webapps/29871.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_slashbox.php rss_url Parameter XSS",2007-04-20,"Hamid Ebadi",php,webapps,0 @@ -26967,7 +26967,7 @@ id,file,description,date,author,platform,type,port 29873,platforms/multiple/remote/29873.php,"FreePBX 2.2 - SIP Packet Multiple HTML Injection Vulnerabilities",2007-04-20,XenoMuta,multiple,remote,0 29874,platforms/php/webapps/29874.txt,"PHP Turbulence 0.0.1 - Turbulence.php Remote File Inclusion",2007-04-20,Omni,php,webapps,0 29875,platforms/multiple/dos/29875.py,"AMSN 0.96 - Malformed Message Denial of Service",2007-04-21,"Levent Kayan",multiple,dos,0 -29876,platforms/php/webapps/29876.txt,"TJSChat 0.95 - You.php Cross-Site Scripting",2007-04-23,the_Edit0r,php,webapps,0 +29876,platforms/php/webapps/29876.txt,"TJSChat 0.95 - You.php Cross-site Scripting",2007-04-23,the_Edit0r,php,webapps,0 29877,platforms/php/webapps/29877.html,"Ripe Website Manager 0.8.4 - contact/index.php ripeformpost Parameter SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 29878,platforms/php/webapps/29878.txt,"Allfaclassifieds 6.04 - Level2.php Remote File Inclusion",2007-04-23,Dr.RoVeR,php,webapps,0 29879,platforms/php/webapps/29879.txt,"PHPMyBibli 1.32 - Init.Inc.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 @@ -26986,7 +26986,7 @@ id,file,description,date,author,platform,type,port 29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 - pm.php Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 - admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 - admin.php Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 -29895,platforms/php/webapps/29895.txt,"phpMyAdmin 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 +29895,platforms/php/webapps/29895.txt,"phpMyAdmin 2.9.1 - Multiple Cross-site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing - Malformed BMP File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 29897,platforms/windows/remote/29897.txt,"Progress 3.1 - Webspeed _CPYFile.P Unauthorized Access",2007-04-24,suresync,windows,remote,0 29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 - login.php3 Directory Traversal",2007-04-25,anonymous,php,webapps,0 @@ -27006,7 +27006,7 @@ id,file,description,date,author,platform,type,port 29912,platforms/php/webapps/29912.txt,"DynaTracker 1.5.1 - action.php base_path Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29913,platforms/php/webapps/29913.txt,"Active PHP Bookmarks 1.0 - APB.php Remote File Inclusion",2007-04-25,"ali & saeid",php,webapps,0 29914,platforms/php/webapps/29914.txt,"Doruk100Net - Info.php Remote File Inclusion",2007-04-26,Ali7,php,webapps,0 -29915,platforms/php/webapps/29915.txt,"MoinMoin 1.5.x - Index.php Cross-Site Scripting",2007-04-26,"En Douli",php,webapps,0 +29915,platforms/php/webapps/29915.txt,"MoinMoin 1.5.x - 'index.php' Cross-site Scripting",2007-04-26,"En Douli",php,webapps,0 29916,platforms/linux/dos/29916.c,"Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service",2007-04-26,"Alexey Kuznetsov",linux,dos,0 29917,platforms/php/webapps/29917.php,"FlashComs Chat 6.5 - Arbitrary File Upload",2013-11-30,"Miya Chung",php,webapps,0 29918,platforms/java/webapps/29918.txt,"Ametys CMS 3.5.2 - (lang parameter) XPath Injection",2013-11-30,LiquidWorm,java,webapps,0 @@ -27014,15 +27014,15 @@ id,file,description,date,author,platform,type,port 29920,platforms/linux/dos/29920.py,"Uptime Agent 5.0.1 - Stack Overflow",2013-11-30,"Denis Andzakovic",linux,dos,0 29921,platforms/php/webapps/29921.py,"Zend-Framework - Full Info Disclosure",2013-11-30,"Ariel Orellana",php,webapps,0 29922,platforms/windows/local/29922.py,"Kingsoft Office Writer 2012 8.1.0.3385 - (.wps) Buffer Overflow Exploit (SEH)",2013-11-30,"Julien Ahrens",windows,local,0 -29924,platforms/hardware/webapps/29924.txt,"TP-Link TD-8840t - CSRF",2013-11-30,"mohammed al-saggaf",hardware,webapps,0 +29924,platforms/hardware/webapps/29924.txt,"TP-Link TD-8840t - Cross-site Request Forgery",2013-11-30,"mohammed al-saggaf",hardware,webapps,0 29926,platforms/windows/dos/29926.pl,"Audacious Player 3.4.2/3.4.1 - (.mp3) Crash PoC",2013-11-30,"Akin Tosunlar",windows,dos,0 29927,platforms/hardware/webapps/29927.txt,"Scientific-Atlanta_ Inc. DPR2320R2 - Multiple CSRF",2013-11-30,sajith,hardware,webapps,0 29929,platforms/asp/webapps/29929.txt,"Burak Yilmaz Blog 1.0 - BRY.ASP SQL Injection",2007-04-26,RMx,asp,webapps,0 29930,platforms/multiple/remote/29930.txt,"Apache AXIS 1.0 - Non-Existent WSDL Path Information Disclosure",2007-04-27,jericho+bblog@attrition.org,multiple,remote,0 29931,platforms/multiple/remote/29931.txt,"ManageEngine Password Manager Pro Build 5401 - Database Remote Unauthorized Access",2007-04-27,anonymous,multiple,remote,0 -29932,platforms/linux/remote/29932.txt,"Red Hat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-30,"Kaushal Desai",linux,remote,0 +29932,platforms/linux/remote/29932.txt,"Red Hat Directory Server 7.1 - Multiple Cross-site Scripting Vulnerabilities",2007-04-30,"Kaushal Desai",linux,remote,0 29933,platforms/asp/webapps/29933.txt,"Gazi Download Portal - Down_Indir.ASP SQL Injection",2007-04-30,ertuqrul,asp,webapps,0 -29934,platforms/windows/dos/29934.py,"ZIP Password Recovery Professional 5.1 - (.zip) Crash PoC",2013-11-30,KAI,windows,dos,0 +29934,platforms/windows/dos/29934.py,"ZIP Password Recovery Professional 5.1 - '.zip' Crash PoC",2013-11-30,KAI,windows,dos,0 29935,platforms/php/webapps/29935.php,"MyBB 1.6.11 - Remote Code Execution",2013-11-30,BlackDream,php,webapps,0 29938,platforms/php/webapps/29938.txt,"E-Annu - Home.php SQL Injection",2007-04-30,ilkerkandemir,php,webapps,0 29939,platforms/linux/dos/29939.txt,"X.Org X Window System Xserver 1.3 - XRender Extension Divide by Zero Denial of Service",2007-05-01,"Derek Abdine",linux,dos,0 @@ -27031,28 +27031,28 @@ id,file,description,date,author,platform,type,port 29942,platforms/windows/dos/29942.c,"Atomix MP3 Malformed MP3 - File Buffer Overflow",2007-05-02,preth00nker,windows,dos,0 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion",2007-05-03,"ilker Kandemir",php,webapps,0 -29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T - Var:RelaodHref Cross-Site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 -29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - CSRF File Upload",2013-12-01,"Jje Incovers",php,webapps,0 +29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T - Var:RelaodHref Cross-site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 +29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - CSRF (File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 - Content.php SQL Injection",2007-06-18,"Jesper Jurcenoks",php,webapps,0 -30198,platforms/asp/webapps/30198.txt,"TDizin - Arama.ASP Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 +30198,platforms/asp/webapps/30198.txt,"TDizin - Arama.ASP Cross-site Scripting",2007-06-18,GeFORC3,asp,webapps,0 30199,platforms/cgi/webapps/30199.txt,"WebIf - OutConfig Parameter Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 30059,platforms/php/webapps/30059.py,"Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection",2013-12-06,"Filip Waeytens",php,webapps,0 29949,platforms/windows/dos/29949.c,"Multiple Vendors - Zoo Compression Algorithm Remote Denial of Service",2007-05-04,Jean-Sébastien,windows,dos,0 29950,platforms/osx/local/29950.js,"Apple 2.0.4 - Safari Unspecified Local",2007-05-04,poplix,osx,local,0 -29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 - Cross-Site Scripting",2007-05-04,Solarius,windows,remote,0 +29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 - Cross-site Scripting",2007-05-04,Solarius,windows,remote,0 29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 - MFA_Theme.php Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 -29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module - Index.php SQL Injection",2007-05-07,Bulan,php,webapps,0 +29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module - 'index.php' SQL Injection",2007-05-07,Bulan,php,webapps,0 29956,platforms/php/webapps/29956.txt,"ObieWebsite Mini Web Shop 2 - order_form.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 29957,platforms/php/webapps/29957.txt,"ObieWebsite Mini Web Shop 2 - sendmail.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 29958,platforms/asp/webapps/29958.txt,"FipsCMS 2.1 - PID Parameter SQL Injection",2007-05-07,"ilker Kandemir",asp,webapps,0 29959,platforms/hardware/webapps/29959.txt,"TVT TD-2308SS-B DVR - Directory Traversal",2013-12-01,"Cesar Neira",hardware,webapps,0 -29960,platforms/php/webapps/29960.txt,"TurnkeyWebTools SunShop Shopping Cart 4.0 - index.php Multiple Parameter SQL Injection",2007-05-07,"John Martinelli",php,webapps,0 -29961,platforms/php/webapps/29961.txt,"TurnkeyWebTools SunShop Shopping Cart 4.0 - index.php l Parameter XSS",2007-05-07,"John Martinelli",php,webapps,0 -29962,platforms/cgi/webapps/29962.txt,"OTRS 2.0.4 - Index.PL Cross-Site Scripting",2007-05-07,ciri,cgi,webapps,0 -29963,platforms/php/webapps/29963.txt,"Kayako eSupport 3.0.90 - Index.php Cross-Site Scripting",2007-05-07,Red_Casper,php,webapps,0 +29960,platforms/php/webapps/29960.txt,"TurnkeyWebTools SunShop Shopping Cart 4.0 - 'index.php' Multiple Parameter SQL Injection",2007-05-07,"John Martinelli",php,webapps,0 +29961,platforms/php/webapps/29961.txt,"TurnkeyWebTools SunShop Shopping Cart 4.0 - 'index.php' l Parameter XSS",2007-05-07,"John Martinelli",php,webapps,0 +29962,platforms/cgi/webapps/29962.txt,"OTRS 2.0.4 - Index.PL Cross-site Scripting",2007-05-07,ciri,cgi,webapps,0 +29963,platforms/php/webapps/29963.txt,"Kayako eSupport 3.0.90 - 'index.php' Cross-site Scripting",2007-05-07,Red_Casper,php,webapps,0 29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 - SpntSvc.EXE Remote Stack Based Buffer Overflow",2007-05-07,MC,windows,remote,0 -29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 - Picture.php Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 +29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 - Picture.php Cross-site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 29966,platforms/php/webapps/29966.txt,"Campsite 2.6.1 - Alias.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29967,platforms/php/webapps/29967.txt,"Campsite 2.6.1 - Article.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29968,platforms/php/webapps/29968.txt,"Campsite 2.6.1 - ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27066,7 +27066,7 @@ id,file,description,date,author,platform,type,port 29976,platforms/php/webapps/29976.txt,"Campsite 2.6.1 - ArticleTypeField.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29977,platforms/php/webapps/29977.txt,"Campsite 2.6.1 - Country.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29978,platforms/php/webapps/29978.txt,"Campsite 2.6.1 - DatabaseObject.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30373,platforms/windows/remote/30373.py,"Ability Mail Server 2013 (3.1.1) - Stored XSS (Web UI)",2013-12-17,"David Um",windows,remote,0 +30373,platforms/windows/remote/30373.py,"Ability Mail Server 2013 (3.1.1) - Persistent Cross-site Scripting (Web UI)",2013-12-17,"David Um",windows,remote,0 29979,platforms/php/webapps/29979.txt,"Campsite 2.6.1 - Event.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29980,platforms/php/webapps/29980.txt,"Campsite 2.6.1 - IPAccess.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29981,platforms/php/webapps/29981.txt,"Campsite 2.6.1 - Image.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27095,33 +27095,33 @@ id,file,description,date,author,platform,type,port 30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA wserver.exe - Remote Code Execution",2013-12-03,Metasploit,windows,remote,12221 30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection",2013-12-03,Metasploit,php,remote,80 30011,platforms/windows/remote/30011.rb,"Microsoft - Tagged Image File Format (TIFF) Integer Overflow",2013-12-03,Metasploit,windows,remote,0 -30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - (profile.php password0 param) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 -30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - (index.php language param) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - (profile.php password0 parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - (index.php language parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell Exploit",2013-12-06,0_o,hardware,webapps,0 30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 -30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - HLStats.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 -30065,platforms/php/webapps/30065.html,"GaliX 2.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-21,"John Martinelli",php,webapps,0 -30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injection",2007-05-21,"Jesper Jurcenoks",php,webapps,0 +30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - HLStats.php Multiple Cross-site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 +30065,platforms/php/webapps/30065.html,"GaliX 2.0 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2007-05-21,"John Martinelli",php,webapps,0 +30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injections",2007-05-21,"Jesper Jurcenoks",php,webapps,0 30067,platforms/windows/remote/30067.txt,"rdiffweb 0.3.5 - Directory Traversal",2007-05-22,"Jesus Roncero",windows,remote,0 -30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 - Login Variable Cross-Site Scripting",2007-05-22,"Jesper Jurcenoks",php,webapps,0 +30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 - Login Variable Cross-site Scripting",2007-05-22,"Jesper Jurcenoks",php,webapps,0 30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 - DartZipLite.DLL ActiveX Control Buffer Overflow",2007-05-22,shinnai,windows,remote,0 -30070,platforms/php/webapps/30070.html,"ClonusWiki 0.5 - Index.php HTML Injection",2007-05-22,"John Martinelli",php,webapps,0 +30070,platforms/php/webapps/30070.html,"ClonusWiki 0.5 - 'index.php' HTML Injection",2007-05-22,"John Martinelli",php,webapps,0 30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 - Parser_Path Remote File Inclusion",2007-05-22,the_Edit0r,php,webapps,0 -30072,platforms/php/webapps/30072.txt,"PsychoStats 3.0.6b - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-22,"John Martinelli",php,webapps,0 -30073,platforms/php/webapps/30073.txt,"GMTT Music Distro 1.2 - ShowOwn.php Cross-Site Scripting",2007-05-22,CorryL,php,webapps,0 +30072,platforms/php/webapps/30072.txt,"PsychoStats 3.0.6b - Multiple Scripts Multiple Cross-site Scripting Vulnerabilities",2007-05-22,"John Martinelli",php,webapps,0 +30073,platforms/php/webapps/30073.txt,"GMTT Music Distro 1.2 - ShowOwn.php Cross-site Scripting",2007-05-22,CorryL,php,webapps,0 30074,platforms/linux/remote/30074.txt,"PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite",2007-05-07,"Gregory Beaver",linux,remote,0 -30075,platforms/php/webapps/30075.txt,"phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting",2007-05-23,"Michal Majchrowicz",php,webapps,0 -30076,platforms/php/webapps/30076.txt,"WYYS 1.0 - Index.php Cross-Site Scripting",2007-05-23,vagrant,php,webapps,0 -30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 - Search Form Cross-Site Scripting",2007-05-23,"Marc Ruef",asp,webapps,0 +30075,platforms/php/webapps/30075.txt,"phpPgAdmin 4.1.1 - SQLEDIT.php Cross-site Scripting",2007-05-23,"Michal Majchrowicz",php,webapps,0 +30076,platforms/php/webapps/30076.txt,"WYYS 1.0 - 'index.php' Cross-site Scripting",2007-05-23,vagrant,php,webapps,0 +30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 - Search Form Cross-site Scripting",2007-05-23,"Marc Ruef",asp,webapps,0 30078,platforms/multiple/remote/30078.js,"Apple Safari 2.0.4 - Cross-Domain Browser Location Information Disclosure",2007-05-23,"Gareth Heyes",multiple,remote,0 -30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - Rating.php Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0 +30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - Rating.php Cross-site Scripting",2007-05-23,"Janek Vind",php,webapps,0 30080,platforms/linux/dos/30080.c,"Linux Kernel 2.6.x - VFat Compat IOCTLS Local Denial of Service",2007-05-24,"Bart Oldeman",linux,dos,0 -30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - News.ASP Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 -30082,platforms/php/webapps/30082.txt,"GNUTurk - Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 -30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Stored Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 +30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - News.ASP Cross-site Scripting",2007-05-24,vagrant,php,webapps,0 +30082,platforms/php/webapps/30082.txt,"GNUTurk - Mods.php Cross-site Scripting",2007-05-25,vagrant,php,webapps,0 +30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Persistent Cross-site Scripting",2013-12-06,LiquidWorm,php,webapps,0 30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 -30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - Index.php Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 -30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 +30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - 'index.php' Cross-site Scripting",2007-05-25,newbinaryfile,php,webapps,0 +30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 30088,platforms/php/webapps/30088.txt,"Pligg 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 30089,platforms/linux/remote/30089.txt,"Ruby on Rails 1.2.3 To_JSON - Script Injection",2007-05-25,BCC,linux,remote,0 30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component - Remote Denial of Service",2007-05-28,shinnai,linux,dos,0 @@ -27140,28 +27140,28 @@ id,file,description,date,author,platform,type,port 30210,platforms/multiple/remote/30210.rb,"Adobe ColdFusion 9 - Administrative Login Bypass (Metasploit)",2013-12-11,Metasploit,multiple,remote,80 30211,platforms/windows/remote/30211.txt,"EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet RCE",2013-12-11,rgod,windows,remote,0 30212,platforms/php/remote/30212.rb,"vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection",2013-12-11,Metasploit,php,remote,80 -30213,platforms/php/webapps/30213.txt,"eFront 3.6.14 (build 18012) - Stored XSS in Multiple Parameters",2013-12-11,sajith,php,webapps,0 +30213,platforms/php/webapps/30213.txt,"eFront 3.6.14 (build 18012) - Persistent Cross-site Scripting in Multiple Parameters",2013-12-11,sajith,php,webapps,0 30215,platforms/ios/webapps/30215.txt,"Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities",2013-12-11,Vulnerability-Lab,ios,webapps,0 30283,platforms/php/webapps/30283.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities",2007-07-09,"Stefan Esser",php,webapps,0 -30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - AuthError.CFM Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 +30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - AuthError.CFM Multiple Cross-site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 30217,platforms/php/webapps/30217.txt,"Wrapper.php for OsCommerce - Local File Inclusion",2007-06-20,"Joe Bloomquist",php,webapps,0 30218,platforms/multiple/remote/30218.txt,"BugHunter HTTP Server 1.6.2 - Parse Error Information Disclosure",2007-06-20,Prili,multiple,remote,0 30219,platforms/multiple/remote/30219.txt,"MyServer 0.8.9 - Filename Parse Error Information Disclosure",2007-06-21,"Shay Priel",multiple,remote,0 -30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 - Index.php Local File Inclusion",2007-06-21,r0t,php,webapps,0 -30221,platforms/php/webapps/30221.txt,"PHPAccounts 0.5 - Index.php Multiple SQL Injection",2007-06-21,r0t,php,webapps,0 -30222,platforms/multiple/remote/30222.txt,"MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting",2007-01-02,Prili,multiple,remote,0 +30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 - 'index.php' Local File Inclusion",2007-06-21,r0t,php,webapps,0 +30221,platforms/php/webapps/30221.txt,"PHPAccounts 0.5 - 'index.php' Multiple SQL Injection",2007-06-21,r0t,php,webapps,0 +30222,platforms/multiple/remote/30222.txt,"MyServer 0.9.8 - Post.MSCGI Cross-site Scripting",2007-01-02,Prili,multiple,remote,0 30223,platforms/php/webapps/30223.txt,"NetClassifieds 1.9.7 - Multiple Input Validation Vulnerabilities",2007-06-21,"laurent gaffie",php,webapps,0 30224,platforms/windows/dos/30224.py,"Ingress Database Server 2.6 - Multiple Remote Vulnerabilities",2007-06-21,anonymous,windows,dos,0 30225,platforms/php/webapps/30225.txt,"eNdonesia 8.4 - mod.php viewarticle Action artid Parameter SQL Injection",2007-06-22,"laurent gaffie",php,webapps,0 30226,platforms/php/webapps/30226.txt,"eNdonesia 8.4 - banners.php click Action bid Parameter SQL Injection",2007-06-22,"laurent gaffie",php,webapps,0 30227,platforms/php/webapps/30227.txt,"Joomla/Mambo Mod_Forum Component - PHPBB_Root.php Remote File Inclusion",2007-06-22,spymeta,php,webapps,0 -30228,platforms/osx/remote/30228.txt,"Apple WebCore - XMLHTTPRequest Cross-Site Scripting",2007-06-22,"Richard Moore",osx,remote,0 +30228,platforms/osx/remote/30228.txt,"Apple WebCore - XMLHTTPRequest Cross-site Scripting",2007-06-22,"Richard Moore",osx,remote,0 30229,platforms/multiple/remote/30229.txt,"SHTTPD 1.38 - Filename Parse Error Information Disclosure",2007-06-25,"Shay Priel",multiple,remote,0 30230,platforms/php/webapps/30230.txt,"MyNews 0.10 - AuthACC SQL Injection",2007-06-25,netVigilance,php,webapps,0 -30231,platforms/multiple/remote/30231.txt,"Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting",2007-06-25,"Shay Priel",multiple,remote,0 -30232,platforms/php/webapps/30232.txt,"Calendarix 0.7.20070307 - Multiple Cross-Site Scripting Vulnerabilities",2007-06-25,"Jesper Jurcenoks",php,webapps,0 +30231,platforms/multiple/remote/30231.txt,"Key Focus Web Server 3.1 - Index.WKF Cross-site Scripting",2007-06-25,"Shay Priel",multiple,remote,0 +30232,platforms/php/webapps/30232.txt,"Calendarix 0.7.20070307 - Multiple Cross-site Scripting Vulnerabilities",2007-06-25,"Jesper Jurcenoks",php,webapps,0 30233,platforms/windows/dos/30233.pl,"LiteWEB Web Server 2.7 - Invalid Page Remote Denial of Service",2007-06-25,Prili,windows,dos,0 -30234,platforms/php/webapps/30234.txt,"Calendarix 0.7.20070307 - Multiple SQL Injection",2007-06-25,"Jesper Jurcenoks",php,webapps,0 +30234,platforms/php/webapps/30234.txt,"Calendarix 0.7.20070307 - Multiple SQL Injections",2007-06-25,"Jesper Jurcenoks",php,webapps,0 30235,platforms/php/webapps/30235.txt,"KikChat - (LFI/RCE) Multiple Vulnerabilities",2013-12-12,"cr4wl3r ",php,webapps,0 30237,platforms/hardware/local/30237.sh,"Cisco Unified Communications Manager - TFTP Service",2013-12-12,"daniel svartman",hardware,local,0 30238,platforms/php/webapps/30238.txt,"Cythosia 2.x Botnet - SQL Injection",2013-12-12,GalaxyAndroid,php,webapps,0 @@ -27174,17 +27174,17 @@ id,file,description,date,author,platform,type,port 30250,platforms/asp/webapps/30250.txt,"DUClassmate 1.x - ICity Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 30251,platforms/linux/dos/30251.c,"GD Graphics Library 2.0.34 - (libgd) gdImageCreateXbm Function Unspecified DoS",2007-06-26,anonymous,linux,dos,0 30252,platforms/windows/dos/30252.py,"Conti FTP Server 1.0 - Large String Denial of Service",2007-06-27,35c666,windows,dos,0 -30253,platforms/php/webapps/30253.txt,"ETicket 1.5.5 - Open.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-27,"Jesper Jurcenoks",php,webapps,0 -30254,platforms/hardware/remote/30254.txt,"Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 - Setup.CGI Cross-Site Scripting Vulnerabilities",2007-06-27,"Petko Petkov",hardware,remote,0 +30253,platforms/php/webapps/30253.txt,"ETicket 1.5.5 - Open.php Multiple Cross-site Scripting Vulnerabilities",2007-06-27,"Jesper Jurcenoks",php,webapps,0 +30254,platforms/hardware/remote/30254.txt,"Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 - Setup.CGI Cross-site Scripting Vulnerabilities",2007-06-27,"Petko Petkov",hardware,remote,0 30255,platforms/windows/dos/30255.txt,"PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow",2007-06-28,"Jerome Athias",windows,dos,0 -30256,platforms/multiple/remote/30256.txt,"Oracle Rapid Install Web Server - Secondary Login Page Cross-Site Scripting",2007-06-28,"Kaushal Desai",multiple,remote,0 +30256,platforms/multiple/remote/30256.txt,"Oracle Rapid Install Web Server - Secondary Login Page Cross-site Scripting",2007-06-28,"Kaushal Desai",multiple,remote,0 30257,platforms/windows/remote/30257.html,"HP Instant Support - ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0 -30258,platforms/php/webapps/30258.txt,"LightBlog 5 - Add_Comment.php Cross-Site Scripting",2007-07-02,Serapis.net,php,webapps,0 -30259,platforms/php/webapps/30259.txt,"Claroline 1.8.3 - $_SERVER['PHP_SELF'] Parameter Multiple Cross-Site Scripting Vulnerabilities",2007-07-02,munozferna,php,webapps,0 +30258,platforms/php/webapps/30258.txt,"LightBlog 5 - Add_Comment.php Cross-site Scripting",2007-07-02,Serapis.net,php,webapps,0 +30259,platforms/php/webapps/30259.txt,"Claroline 1.8.3 - $_SERVER['PHP_SELF'] Parameter Multiple Cross-site Scripting Vulnerabilities",2007-07-02,munozferna,php,webapps,0 30260,platforms/cgi/webapps/30260.txt,"Yoggie Pico and Pico Pro Backticks - Remote Code Execution",2007-07-02,"Cody Brocious",cgi,webapps,0 -30261,platforms/php/webapps/30261.txt,"Moodle 1.7.1 - Index.php Cross-Site Scripting",2007-07-02,MustLive,php,webapps,0 +30261,platforms/php/webapps/30261.txt,"Moodle 1.7.1 - 'index.php' Cross-site Scripting",2007-07-02,MustLive,php,webapps,0 30262,platforms/php/webapps/30262.txt,"Liesbeth Base CMS - Information Disclosure",2007-07-02,durito,php,webapps,0 -30263,platforms/cgi/webapps/30263.txt,"Oliver - Multiple Cross-Site Scripting Vulnerabilities",2007-07-03,"A. R.",cgi,webapps,0 +30263,platforms/cgi/webapps/30263.txt,"Oliver - Multiple Cross-site Scripting Vulnerabilities",2007-07-03,"A. R.",cgi,webapps,0 30264,platforms/multiple/remote/30264.txt,"Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution",2007-07-03,"RedTeam Pentesting GmbH",multiple,remote,0 30265,platforms/multiple/remote/30265.txt,"SAP Message Server - Group Parameter Remote Buffer Overflow",2007-07-05,"Mark Litchfield",multiple,remote,0 30266,platforms/jsp/webapps/30266.txt,"NetFlow Analyzer 5 - /jspui/applicationList.jsp alpha Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 @@ -27199,7 +27199,7 @@ id,file,description,date,author,platform,type,port 30275,platforms/java/webapps/30275.txt,"OpManager 6/7 - admin/DeviceAssociation.do Multiple Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 - Login.php Multiple Local File Inclusion",2007-07-05,"Adriel T. Desautels",php,webapps,0 30278,platforms/windows/remote/30278.c,"SAP DB 7.x - Web Server WAHTTP.EXE Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 -30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 - PARAms Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 +30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 - PARAms Cross-site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 30280,platforms/linux/local/30280.txt,"GFax 0.7.6 - Temporary Files Local Arbitrary Command Execution",2007-07-05,"Steve Kemp",linux,local,0 30281,platforms/windows/remote/30281.txt,"Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities",2007-07-06,"Paul Craig",windows,remote,0 30282,platforms/asp/webapps/30282.txt,"Levent Veysi Portal 1.0 - Oku.ASP SQL Injection",2007-07-07,GeFORC3,asp,webapps,0 @@ -27211,8 +27211,8 @@ id,file,description,date,author,platform,type,port 30290,platforms/php/webapps/30290.txt,"IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities",2007-07-11,"Alex Hernandez",php,webapps,0 30291,platforms/linux/remote/30291.txt,"Multiple Vendors - RAR Handling Remote Null Pointer Dereference",2007-07-11,"Metaeye Security Group",linux,remote,0 30292,platforms/multiple/remote/30292.pl,"Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 -30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-Site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 -30294,platforms/php/webapps/30294.txt,"Inmostore 4.0 - Index.php SQL Injection",2007-07-12,Keniobats,php,webapps,0 +30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 +30294,platforms/php/webapps/30294.txt,"Inmostore 4.0 - 'index.php' SQL Injection",2007-07-12,Keniobats,php,webapps,0 30295,platforms/multiple/local/30295.sql,"Oracle Database - SQL Compiler Views Unauthorized Manipulation",2007-07-12,bunker,multiple,local,0 30296,platforms/asp/webapps/30296.txt,"ActiveWeb Contentserver 5.6.2929 - Picture_Real_Edit.ASP SQL Injection",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30297,platforms/asp/webapps/30297.txt,"contentserver 5.6.2929 - errors/rights.asp msg Parameter XSS",2007-07-13,"RedTeam Pentesting",asp,webapps,0 @@ -27229,12 +27229,12 @@ id,file,description,date,author,platform,type,port 30386,platforms/php/webapps/30386.txt,"Vikingboard Viking board 0.1.2 - topic.php s Parameter XSS",2007-07-25,Lostmon,php,webapps,0 30387,platforms/php/webapps/30387.txt,"Vikingboard Viking board 0.1.2 - forum.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 30388,platforms/php/webapps/30388.txt,"Vikingboard Viking board 0.1.2 - cp.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 -30389,platforms/php/webapps/30389.txt,"iFoto 1.0 - Index.php Directory Traversal",2007-07-25,Lostmon,php,webapps,0 +30389,platforms/php/webapps/30389.txt,"iFoto 1.0 - 'index.php' Directory Traversal",2007-07-25,Lostmon,php,webapps,0 30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 - UserName Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 30391,platforms/php/webapps/30391.txt,"PhpHostBot 1.05 - Authorize.php Remote File Inclusion",2007-07-26,S4M3K,php,webapps,0 30392,platforms/windows/local/30392.rb,"Microsoft Windows ndproxy.sys - Local Privilege Escalation",2013-12-17,Metasploit,windows,local,0 30308,platforms/windows/dos/30308.py,"PotPlayer 1.5.42509 Beta - DoS (Integer Division by Zero Exploit)",2013-12-15,sajith,windows,dos,0 -30801,platforms/php/webapps/30801.txt,"Bandersnatch 0.4 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-11-23,"Tim Brown",php,webapps,0 +30801,platforms/php/webapps/30801.txt,"Bandersnatch 0.4 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2007-11-23,"Tim Brown",php,webapps,0 30310,platforms/php/webapps/30310.txt,"Piwigo 2.5.3 CMS - Multiple Web Vulnerabilities",2013-12-15,sajith,php,webapps,0 30311,platforms/ios/webapps/30311.txt,"Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities",2013-12-15,Vulnerability-Lab,ios,webapps,0 30312,platforms/php/webapps/30312.txt,"Citadel WebCit 7.02/7.10 - showuser who Parameter XSS",2007-07-14,"Christopher Schwardt",php,webapps,0 @@ -27242,7 +27242,7 @@ id,file,description,date,author,platform,type,port 30314,platforms/windows/dos/30314.txt,"Yahoo! Messenger 8.1 - Address Book Remote Buffer Overflow",2007-07-16,"Rajesh Sethumadhavan",windows,dos,0 30315,platforms/windows/remote/30315.txt,"Trillian 3.1.6.0 - URI Handler Remote Code Execution",2007-07-16,"Nate Mcfeters",windows,remote,0 30316,platforms/asp/webapps/30316.txt,"husrevforum 1.0.1/2.0.1 - Philboard_forum.ASP SQL Injection",2007-07-17,GeFORC3,asp,webapps,0 -30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - index.php current_subsection Parameter SQL Injection",2007-07-17,joseph.giron13,php,webapps,0 +30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - 'index.php' current_subsection Parameter SQL Injection",2007-07-17,joseph.giron13,php,webapps,0 30318,platforms/php/webapps/30318.txt,"Insanely Simple Blog 0.4/0.5 - Blog Anonymous Blog Entry XSS",2007-07-17,joseph.giron13,php,webapps,0 30319,platforms/linux/remote/30319.c,"tcpdump - Print-bgp.C Remote Integer Underflow",2007-03-01,mu-b,linux,remote,0 30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 - deletecomment.php id Variable Remote Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 @@ -27254,16 +27254,16 @@ id,file,description,date,author,platform,type,port 30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti - Index.ASP SQL Injection",2007-07-23,GeFORC3,asp,webapps,0 30329,platforms/php/webapps/30329.sh,"Gitlab 6.0 - Persistent XSS",2013-12-16,hellok,php,webapps,0 -30330,platforms/asp/webapps/30330.txt,"Alisveris Sitesi Scripti - Index.ASP Cross-Site Scripting",2007-07-23,GeFORC3,asp,webapps,0 +30330,platforms/asp/webapps/30330.txt,"Alisveris Sitesi Scripti - Index.ASP Cross-site Scripting",2007-07-23,GeFORC3,asp,webapps,0 30331,platforms/asp/webapps/30331.html,"ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30332,platforms/asp/webapps/30332.txt,"Image Racer - SearchResults.ASP SQL Injection",2007-07-23,"Aria-Security Team",asp,webapps,0 30333,platforms/php/webapps/30333.txt,"PHMe 0.0.2 - Function_List.php Local File Inclusion",2007-07-23,You_You,php,webapps,0 -30382,platforms/asp/webapps/30382.txt,"W1L3D4 Philboard 0.3 - W1L3D4_Aramasonuc.ASP Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 -30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 +30382,platforms/asp/webapps/30382.txt,"W1L3D4 Philboard 0.3 - W1L3D4_Aramasonuc.ASP Cross-site Scripting",2007-07-25,GeFORC3,asp,webapps,0 +30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 - Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 -30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 - Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 +30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 - Resname Parameter Cross-site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 30381,platforms/windows/remote/30381.txt,"Multiple Browsers - URI Handlers Command Injection Vulnerabilities",2007-07-25,"Billy Rios",windows,remote,0 -30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow (DEP Bypass)",2013-12-16,"Morteza Hashemi",windows,local,0 +30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow (DEP Bypass)",2013-12-16,"Morteza Hashemi",windows,local,0 30802,platforms/windows/local/30802.c,"VMware Tools 3.1 - HGFS.Sys Local Privilege Escalation",2007-11-24,SoBeIt,windows,local,0 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 - Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer - 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 @@ -27272,12 +27272,12 @@ id,file,description,date,author,platform,type,port 30375,platforms/ios/webapps/30375.txt,"FileMaster SY-IT 3.1 iOS - Multiple Web Vulnerabilities",2013-12-17,Vulnerability-Lab,ios,webapps,0 30358,platforms/hardware/webapps/30358.txt,"UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit",2013-12-16,"Matt O'Connor",hardware,webapps,0 30792,platforms/php/webapps/30792.html,"Underground CMS 1.x - Search.Cache.Inc.php Backdoor",2007-11-21,D4m14n,php,webapps,0 -30356,platforms/php/webapps/30356.txt,"Wallpaper Script 3.5.0082 - Stored XSS",2013-12-16,"null pointer",php,webapps,0 -30415,platforms/hardware/webapps/30415.txt,"Cisco EPC3925 - Persistent Cross-Site Scripting",2013-12-21,"Jeroen - IT Nerdbox",hardware,webapps,0 +30356,platforms/php/webapps/30356.txt,"Wallpaper Script 3.5.0082 - Persistent Cross-site Scripting",2013-12-16,"null pointer",php,webapps,0 +30415,platforms/hardware/webapps/30415.txt,"Cisco EPC3925 - Persistent Cross-site Scripting",2013-12-21,"Jeroen - IT Nerdbox",hardware,webapps,0 30357,platforms/php/webapps/30357.txt,"iScripts MultiCart 2.4 - Persistent XSS / CSRF / XSS+CSRF Mass Accounts takeover",2013-12-16,"Saadi Siddiqui",php,webapps,0 30374,platforms/windows/local/30374.txt,"QuickHeal AntiVirus 7.0.0.1 - Stack Overflow",2013-12-17,"Arash Allebrahim",windows,local,0 30361,platforms/hardware/webapps/30361.txt,"Beetel TC1-450 Airtel Wireless Router - Multiple CSRF Vulnerabilities",2013-12-16,"Samandeep Singh",hardware,webapps,0 -30362,platforms/hardware/webapps/30362.txt,"Cisco EPC3925 - Cross-Site Request Forgery",2013-12-16,"Jeroen - IT Nerdbox",hardware,webapps,0 +30362,platforms/hardware/webapps/30362.txt,"Cisco EPC3925 - Cross-site Request Forgery",2013-12-16,"Jeroen - IT Nerdbox",hardware,webapps,0 30791,platforms/multiple/dos/30791.txt,"I Hear U 0.5.6 - Multiple Remote Denial Of Service Vulnerabilities",2007-11-19,"Luigi Auriemma",multiple,dos,0 30876,platforms/php/webapps/30876.txt,"Falcon Series One 1.4.3 stable - Multiple Input Validation Vulnerabilities",2007-11-10,MhZ91,php,webapps,0 30364,platforms/php/webapps/30364.txt,"Lowest Unique Bid Auction - SQL Injection",2013-12-16,3spi0n,php,webapps,0 @@ -27290,7 +27290,7 @@ id,file,description,date,author,platform,type,port 30399,platforms/aix/local/30399.c,"IBM AIX 5.2/5.3 - Capture Command Local Stack Based Buffer Overflow",2007-07-26,qaaz,aix,local,0 30400,platforms/aix/local/30400.c,"IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow",2007-07-26,qaaz,aix,local,0 30401,platforms/php/dos/30401.php,"T1lib - intT1_Env_GetCompletePath Buffer Overflow",2007-07-26,r0ut3r,php,dos,0 -30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x - Login.ASP Cross-Site Scripting",2007-07-26,d3hydr8,asp,webapps,0 +30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x - Login.ASP Cross-site Scripting",2007-07-26,d3hydr8,asp,webapps,0 30403,platforms/php/webapps/30403.txt,"WordPress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 30404,platforms/windows/remote/30404.html,"Yahoo! Widgets Engine 4.0.3 - YDPCTL.DLL ActiveX Control Buffer Overflow",2007-07-27,Unknown,windows,remote,0 30405,platforms/php/webapps/30405.txt,"Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities",2007-07-27,"Tim Brown",php,webapps,0 @@ -27301,9 +27301,9 @@ id,file,description,date,author,platform,type,port 31464,platforms/windows/dos/31464.pl,"SurgeMail 3.8 - IMAP LSUB Command Remote Stack Buffer Overflow",2008-03-21,"Leon Juranic",windows,dos,0 31465,platforms/windows/remote/31465.cs,"DotNetNuke 4.8.1 - Default 'ValidationKey' and 'DecriptionKey' Weak Encryption",2008-03-21,"Brian Holyfield",windows,remote,0 31466,platforms/cgi/webapps/31466.txt,"Webutil 2.3/2.7 - 'webutil.pl' Multiple Remote Command Execution Vulnerabilities",2008-03-21,"Zero X",cgi,webapps,0 -31467,platforms/php/webapps/31467.txt,"phpMyChat 0.14.5 - 'setup.php3' Cross-Site Scripting",2008-03-22,ZoRLu,php,webapps,0 +31467,platforms/php/webapps/31467.txt,"phpMyChat 0.14.5 - 'setup.php3' Cross-site Scripting",2008-03-22,ZoRLu,php,webapps,0 31468,platforms/php/webapps/31468.txt,"My Web Doc 2000 Administration Pages - Multiple Authentication Bypass Vulnerabilities",2008-03-22,ZoRLu,php,webapps,0 -30799,platforms/php/webapps/30799.txt,"MySpace Scripts Poll Creator - Index.php HTML Injection",2007-11-22,Doz,php,webapps,0 +30799,platforms/php/webapps/30799.txt,"MySpace Scripts Poll Creator - 'index.php' HTML Injection",2007-11-22,Doz,php,webapps,0 30414,platforms/windows/dos/30414.py,"GOM Player 2.2.56.5158 - (.avi) File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0 30873,platforms/php/webapps/30873.txt,"E-Xoops 1.0.5/1.0.8 - myalbum/ratephoto.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30874,platforms/php/webapps/30874.txt,"E-Xoops 1.0.5/1.0.8 - modules/banners/click.php bid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 @@ -27318,17 +27318,17 @@ id,file,description,date,author,platform,type,port 30429,platforms/php/webapps/30429.txt,"phpCoupon - Remote Payment Bypass",2007-07-28,freeprotect.net,php,webapps,0 30430,platforms/linux/dos/30430.txt,"Fail2ban 0.8 - Remote Denial of Service",2007-07-28,"Daniel B. Cid",linux,dos,0 30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 - BaiduBar.DLL ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 -30432,platforms/novell/remote/30432.txt,"Novell GroupWise 6.5 WebAccess - User.Id Parameter Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 +30432,platforms/novell/remote/30432.txt,"Novell GroupWise 6.5 WebAccess - User.Id Parameter Cross-site Scripting",2007-07-30,0x000000,novell,remote,0 30433,platforms/php/webapps/30433.txt,"IT!CMS 0.2 - lang-en.php wndtitle Parameter XSS",2007-07-30,"Aria-Security Team",php,webapps,0 30434,platforms/php/webapps/30434.txt,"IT!CMS 0.2 - menu-ed.php wndtitle Parameter XSS",2007-07-30,"Aria-Security Team",php,webapps,0 30435,platforms/php/webapps/30435.txt,"IT!CMS 0.2 - titletext-ed.php wndtitle Parameter XSS",2007-07-30,"Aria-Security Team",php,webapps,0 -30436,platforms/php/webapps/30436.txt,"Global Centre Aplomb Poll 1.1 - index.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 +30436,platforms/php/webapps/30436.txt,"Global Centre Aplomb Poll 1.1 - 'index.php' Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30437,platforms/php/webapps/30437.txt,"Global Centre Aplomb Poll 1.1 - vote.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30438,platforms/php/webapps/30438.txt,"Global Centre Aplomb Poll 1.1 - admin.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30439,platforms/linux/remote/30439.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Chrome-Loaded About:Blank Script Execution",2007-07-31,moz_bug_r_a4,linux,remote,0 -30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 - Webevent.CGI Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 +30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 - Webevent.CGI Cross-site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 -30442,platforms/php/webapps/30442.txt,"WebDirector - Index.php Cross-Site Scripting",2007-08-01,r0t,php,webapps,0 +30442,platforms/php/webapps/30442.txt,"WebDirector - 'index.php' Cross-site Scripting",2007-08-01,r0t,php,webapps,0 30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 30444,platforms/linux/dos/30444.txt,"KDE Konqueror 3.5.7 - Assert Denial of Service",2007-03-05,"Thomas Waldegger",linux,dos,0 30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module - mosConfig_absolute_path Remote File Inclusion",2007-08-02,Yollubunlar.Org,php,webapps,0 @@ -27339,26 +27339,26 @@ id,file,description,date,author,platform,type,port 30450,platforms/php/webapps/30450.txt,"LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30451,platforms/asp/webapps/30451.txt,"Next Gen Portfolio Manager - Default.ASP Multiple SQL Injection",2007-08-03,"Aria-Security Team",asp,webapps,0 30452,platforms/php/webapps/30452.txt,"J! Reactions 1.8.1 - comPath Remote File Inclusion",2007-08-04,Yollubunlar.Org,php,webapps,0 -30453,platforms/php/webapps/30453.txt,"snif 1.5.2 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-08-06,r0t,php,webapps,0 +30453,platforms/php/webapps/30453.txt,"snif 1.5.2 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2007-08-06,r0t,php,webapps,0 30454,platforms/linux/remote/30454.txt,"BlueCat Networks Adonis 5.0.2.8 - TFTP Remote Privilege Escalation",2007-08-06,defaultroute,linux,remote,0 30455,platforms/windows/dos/30455.txt,"Microsoft Internet Explorer 6.0 - Position:Relative Denial of Service",2007-08-07,Hamachiya2,windows,dos,0 30456,platforms/php/webapps/30456.txt,"VietPHP - _functions.php dirpath Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30457,platforms/php/webapps/30457.txt,"VietPHP - admin/index.php language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30809,platforms/windows/remote/30809.txt,"Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal",2007-11-26,"Corey Lebleu",windows,remote,0 30810,platforms/php/webapps/30810.txt,"Proverbs Web Calendar 1.1 - Password Parameter SQL Injection",2007-11-26,JosS,php,webapps,0 -30459,platforms/php/webapps/30459.txt,"VietPHP - index.php language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 +30459,platforms/php/webapps/30459.txt,"VietPHP - 'index.php' language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30462,platforms/windows/dos/30462.py,"Microsoft Windows Media Player 11 - AU Divide-By-Zero Denial of Service",2007-08-08,"A.Sawan and nophie",windows,dos,0 30463,platforms/php/webapps/30463.txt,"Coppermine Photo Gallery 1.3/1.4 - YABBSE.INC.php Remote File Inclusion",2007-08-08,Ma$tEr-0F-De$a$t0r,php,webapps,0 30900,platforms/hardware/webapps/30900.html,"Feixun Wireless Router FWR-604H - Remote Code Execution Exploit",2014-01-14,"Arash Abedian",hardware,webapps,80 30464,platforms/linux/local/30464.c,"Generic Software Wrappers Toolkit 1.6.3 (GSWTK) - Race Condition Local Privilege Escalation",2007-08-09,"Robert N. M. Watson",linux,local,0 -30465,platforms/php/webapps/30465.txt,"Mapos-Scripts.de Gastebuch 1.5 - Index.php Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 -30466,platforms/php/webapps/30466.txt,"File Uploader 1.1 - index.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 +30465,platforms/php/webapps/30465.txt,"Mapos-Scripts.de Gastebuch 1.5 - 'index.php' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 +30466,platforms/php/webapps/30466.txt,"File Uploader 1.1 - 'index.php' config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30467,platforms/php/webapps/30467.txt,"File Uploader 1.1 - datei.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30468,platforms/windows/local/30468.pl,"RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - (.rmp) Version Attribute Buffer Overflow",2013-12-24,"Gabor Seljan",windows,local,0 30798,platforms/asp/webapps/30798.txt,"NetAuctionHelp 4.1 - Search.ASP SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 30470,platforms/unix/remote/30470.rb,"Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution",2013-12-24,Metasploit,unix,remote,5000 30471,platforms/linux/remote/30471.rb,"OpenSIS 'modname' - PHP Code Execution",2013-12-24,Metasploit,linux,remote,80 -30472,platforms/linux/remote/30472.rb,"Zimbra Collaboration Server - LFI",2013-12-24,Metasploit,linux,remote,7071 +30472,platforms/linux/remote/30472.rb,"Zimbra Collaboration Server - Local File Inclusion",2013-12-24,Metasploit,linux,remote,7071 30473,platforms/unix/remote/30473.rb,"HP SiteScope issueSiebelCmd - Remote Code Execution",2013-12-24,Metasploit,unix,remote,8080 30474,platforms/windows/remote/30474.rb,"Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution",2013-12-24,Metasploit,windows,remote,0 30475,platforms/cgi/webapps/30475.txt,"Synology DSM 4.3-3810 - Directory Traversal",2013-12-24,"Andrea Fabrizi",cgi,webapps,80 @@ -27366,22 +27366,22 @@ id,file,description,date,author,platform,type,port 30477,platforms/windows/local/30477.txt,"Huawei Technologies du Mobile Broadband 16.0 - Local Privilege Escalation",2013-12-24,LiquidWorm,windows,local,0 30478,platforms/php/webapps/30478.txt,"php MBB CMS 004 - Multiple Vulnerabilities",2013-12-24,"cr4wl3r ",php,webapps,80 30479,platforms/php/webapps/30479.txt,"Shoutbox 1.0 - Shoutbox.php Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 -30480,platforms/php/webapps/30480.txt,"Bilder Galerie 1.0 - Index.php Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 -30481,platforms/php/webapps/30481.txt,"Web News 1.1 - index.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 +30480,platforms/php/webapps/30480.txt,"Bilder Galerie 1.0 - 'index.php' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 +30481,platforms/php/webapps/30481.txt,"Web News 1.1 - 'index.php' config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30482,platforms/php/webapps/30482.txt,"Web News 1.1 - feed.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30483,platforms/php/webapps/30483.txt,"Web News 1.1 - news.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30484,platforms/bsd/local/30484.c,"Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities",2007-08-09,"Robert N. M. Watson",bsd,local,0 30485,platforms/hardware/remote/30485.html,"ZyXEL ZyWALL 2 3.62 - Forms/General_1 sysSystemName Parameter XSS",2007-08-10,"Henri Lindberg",hardware,remote,0 30486,platforms/php/webapps/30486.txt,"Lib2 PHP Library 0.2 - My_Statistics.php Remote File Inclusion",2007-08-11,"ilker Kandemir",php,webapps,0 -30487,platforms/php/webapps/30487.txt,"Php-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting",2007-08-11,vasodipandora,php,webapps,0 -30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 - Index.php Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 +30487,platforms/php/webapps/30487.txt,"Php-Stats 0.1.9.2 - WhoIs.php Cross-site Scripting",2007-08-11,vasodipandora,php,webapps,0 +30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 - 'index.php' Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 30489,platforms/php/webapps/30489.txt,"Openads (phpAdsNew) <=c 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0 30490,platforms/windows/remote/30490.txt,"Microsoft Internet Explorer 5.0.1 - TBLinf32.DLL ActiveX Control Remote Code Execution",2007-05-08,"Brett Moore",windows,remote,0 30491,platforms/multiple/remote/30491.java,"OWASP Stinger - Filter Bypass Weakness",2007-08-13,"Meder Kydyraliev",multiple,remote,0 -30492,platforms/php/webapps/30492.txt,"SkilMatch Systems JobLister3 - Index.php SQL Injection",2007-07-13,joseph.giron13,php,webapps,0 +30492,platforms/php/webapps/30492.txt,"SkilMatch Systems JobLister3 - 'index.php' SQL Injection",2007-07-13,joseph.giron13,php,webapps,0 30493,platforms/windows/remote/30493.js,"Microsoft XML Core Services 6.0 - SubstringData Integer Overflow",2007-08-14,anonymous,windows,remote,0 30494,platforms/windows/dos/30494.html,"Microsoft Internet Explorer 5.0.1 - Vector Markup Language VGX.DLL Remote Buffer Overflow",2007-08-14,"Ben Nagy and Derek Soeder",windows,dos,0 -30495,platforms/multiple/remote/30495.html,"Apache Tomcat 6.0.13 - Host Manager Servlet Cross-Site Scripting",2007-08-14,"NTT OSS CENTER",multiple,remote,0 +30495,platforms/multiple/remote/30495.html,"Apache Tomcat 6.0.13 - Host Manager Servlet Cross-site Scripting",2007-08-14,"NTT OSS CENTER",multiple,remote,0 30496,platforms/multiple/remote/30496.txt,"Apache Tomcat 6.0.13 - Cookie Handling Quote Delimiter Session ID Disclosure",2007-08-14,"Tomasz Kuczynski",multiple,remote,0 30497,platforms/multiple/dos/30497.c,"Zoidcom 0.6.x - Malformed Packet Denial of Service",2007-08-14,"Luigi Auriemma",multiple,dos,0 30498,platforms/multiple/dos/30498.txt,"Live For Speed S1/S2 - Multiple Vulnerabilities",2007-08-14,"Luigi Auriemma",multiple,dos,0 @@ -27391,7 +27391,7 @@ id,file,description,date,author,platform,type,port 30502,platforms/java/remote/30502.txt,"Sun Java Runtime Environment 1.4.2 - Font Parsing Remote Privilege Escalation",2007-08-15,"John Heasman",java,remote,0 30503,platforms/linux/local/30503.txt,"BlueCat Networks Adonis 5.0.2.8 - CLI Remote Privilege Escalation",2007-08-16,forloop,linux,local,0 30504,platforms/php/webapps/30504.txt,"Olate Download 3.4.1 - Admin.php Remote Authentication Bypass",2007-07-16,imei,php,webapps,0 -30505,platforms/asp/webapps/30505.txt,"Text File Search Classic - TextFileSearch.ASP Cross-Site Scripting",2007-08-17,GeFORC3,asp,webapps,0 +30505,platforms/asp/webapps/30505.txt,"Text File Search Classic - TextFileSearch.ASP Cross-site Scripting",2007-08-17,GeFORC3,asp,webapps,0 30506,platforms/hardware/dos/30506.txt,"Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service",2007-08-17,anonymous,hardware,dos,0 30507,platforms/multiple/remote/30507.txt,"gMotor2 Game Engine - Multiple Vulnerabilities",2007-08-18,"Luigi Auriemma",multiple,remote,0 30508,platforms/multiple/remote/30508.txt,"Toribash 2.x - Multiple Vulnerabilities",2007-08-18,"Luigi Auriemma",multiple,remote,0 @@ -27400,39 +27400,39 @@ id,file,description,date,author,platform,type,port 30511,platforms/php/webapps/30511.txt,"Gurur Haber 2.0 - Uyeler2.php SQL Injection",2007-08-20,dumenci,php,webapps,0 30512,platforms/windows/dos/30512.txt,"Total Commander FileInfo 2.09 Plugin - Multiple PE File Denial of Service Vulnerabilities",2007-07-20,"Gynvael Coldwind",windows,dos,0 30513,platforms/multiple/dos/30513.txt,"Epic Games Unreal Engine Logging Function - Remote Denial of Service",2007-08-20,"Luigi Auriemma",multiple,dos,0 -30514,platforms/java/webapps/30514.txt,"ALeadSoft Search Engine Builder - Search.HTML Cross-Site Scripting",2007-08-21,MustLive,java,webapps,0 -30515,platforms/php/webapps/30515.txt,"coWiki - Index.php Cross-Site Scripting",2007-08-21,MustLive,php,webapps,0 -30516,platforms/php/webapps/30516.txt,"m-phorum 0.3 - Index.php Cross-Site Scripting",2007-08-21,CodeXpLoder'tq,php,webapps,0 +30514,platforms/java/webapps/30514.txt,"ALeadSoft Search Engine Builder - Search.HTML Cross-site Scripting",2007-08-21,MustLive,java,webapps,0 +30515,platforms/php/webapps/30515.txt,"coWiki - 'index.php' Cross-site Scripting",2007-08-21,MustLive,php,webapps,0 +30516,platforms/php/webapps/30516.txt,"m-phorum 0.3 - 'index.php' Cross-site Scripting",2007-08-21,CodeXpLoder'tq,php,webapps,0 30517,platforms/hardware/dos/30517.pl,"Grandstream GXV-3000 Phone - Remote Denial of Service",2007-08-22,MADYNES,hardware,dos,0 30518,platforms/php/webapps/30518.txt,"Ripe Website Manager 0.8.x - pages/delete_page.php id Parameter SQL Injection",2007-08-22,"Nagendra Kumar G",php,webapps,0 30519,platforms/multiple/dos/30519.txt,"Asura Engine Challenge B Query - Remote Stack Buffer Overflow",2007-08-22,"Luigi Auriemma",multiple,dos,0 -30520,platforms/php/webapps/30520.txt,"WordPress 1.0.7 - Pool Index.php Cross-Site Scripting",2007-08-13,MustLive,php,webapps,0 +30520,platforms/php/webapps/30520.txt,"WordPress 1.0.7 - Pool Index.php Cross-site Scripting",2007-08-13,MustLive,php,webapps,0 30521,platforms/multiple/remote/30521.txt,"Unreal Commander 0.92 - ZIP / RAR Archive Handling Traversal Arbitrary File Overwrite",2007-08-23,"Gynvael Coldwind",multiple,remote,0 30546,platforms/windows/local/30546.txt,"Multiple MicroWorld eScan Products - Local Privilege Escalation",2007-08-30,"Edi Strosar",windows,local,0 30523,platforms/multiple/remote/30523.txt,"Skulltag Huffman 0.97d-beta4.1 - Packet Decompression Remote Heap Based Buffer Overflow",2007-08-23,"Luigi Auriemma",multiple,remote,0 30524,platforms/multiple/dos/30524.txt,"Soldat 1.4.2 - Multiple Remote Denial of Service Vulnerabilities",2007-08-23,"Luigi Auriemma",multiple,dos,0 -30525,platforms/php/webapps/30525.txt,"Arcadem 2.01 - Index.php Remote File Inclusion",2007-08-24,sm0k3,php,webapps,0 +30525,platforms/php/webapps/30525.txt,"Arcadem 2.01 - 'index.php' Remote File Inclusion",2007-08-24,sm0k3,php,webapps,0 30526,platforms/multiple/dos/30526.txt,"Vavoom 1.24 - sv_main.cpp Say Command Remote Format String",2007-08-24,"Luigi Auriemma",multiple,dos,0 30527,platforms/multiple/dos/30527.txt,"Vavoom 1.24 - str.cpp VStr::Resize Function Crafted UDP Packet Remote DoS",2007-08-24,"Luigi Auriemma",multiple,dos,0 30528,platforms/multiple/dos/30528.txt,"Vavoom 1.24 - p_thinker.cpp VThinker::BroadcastPrintf Function Multiple Field Remote Overflow",2007-08-24,"Luigi Auriemma",multiple,dos,0 30529,platforms/multiple/dos/30529.txt,"Media Player Classic 6.4.9 - FLI File Remote Buffer Overflow",2007-08-24,wushi,multiple,dos,0 30530,platforms/hardware/dos/30530.pl,"Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service",2007-08-27,"Humberto J. Abdelnur",hardware,dos,0 -30531,platforms/php/webapps/30531.txt,"AutoIndex PHP Script 2.2.1 - Index.php Cross-Site Scripting",2007-08-27,d3hydr8,php,webapps,0 +30531,platforms/php/webapps/30531.txt,"AutoIndex PHP Script 2.2.1 - 'index.php' Cross-site Scripting",2007-08-27,d3hydr8,php,webapps,0 30532,platforms/windows/remote/30532.pl,"Motorola Timbuktu Pro 8.6.3.1367 - Directory Traversal",2007-08-27,titon,windows,remote,0 30533,platforms/php/webapps/30533.txt,"Dale Mooney Calendar Events - Viewevent.php SQL Injection",2007-08-27,s0cratex,php,webapps,0 -30534,platforms/php/webapps/30534.txt,"PhpGedView 4.1 - Login.php Cross-Site Scripting",2007-08-27,"Joshua Morin",php,webapps,0 +30534,platforms/php/webapps/30534.txt,"PhpGedView 4.1 - Login.php Cross-site Scripting",2007-08-27,"Joshua Morin",php,webapps,0 30535,platforms/linux/remote/30535.pl,"ISC BIND 8 - Remote Cache Poisoning (1)",2007-08-27,"Amit Klein",linux,remote,0 30536,platforms/linux/remote/30536.pl,"ISC BIND 8 - Remote Cache Poisoning (2)",2007-08-27,"Amit Klein",linux,remote,0 30537,platforms/windows/remote/30537.txt,"Microsoft MSN Messenger 8.0 - Video Conversation Buffer Overflow",2007-08-28,wushi,windows,remote,0 30538,platforms/hardware/dos/30538.pl,"Thomson SpeedTouch 2030 - SIP Empty Message Remote Denial of Service",2007-08-28,"Humberto J. Abdelnur",hardware,dos,0 -30539,platforms/php/webapps/30539.txt,"ACG News 1.0 - index.php Multiple SQL Injection",2007-08-28,SmOk3,php,webapps,0 +30539,platforms/php/webapps/30539.txt,"ACG News 1.0 - 'index.php' Multiple SQL Injection",2007-08-28,SmOk3,php,webapps,0 30540,platforms/multiple/dos/30540.txt,"Blizzard Entertainment StarCraft Brood War 1.15.1 - Minimap Preview Remote Denial of Service",2007-08-28,"Gynvael Coldwind",multiple,dos,0 30541,platforms/asp/webapps/30541.txt,"Cisco CallManager 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection",2007-08-29,anonymous,asp,webapps,0 30542,platforms/linux/dos/30542.txt,"EnterpriseDB Advanced Server 8.2 - Uninitialized Pointer",2007-08-29,"Joxean Koret",linux,dos,0 30543,platforms/linux/remote/30543.txt,"Doomsday Engine 1.8.6/1.9 - Multiple Remote Vulnerabilities",2007-08-29,"Luigi Auriemma",linux,remote,0 30544,platforms/windows/dos/30544.txt,"Yahoo! Messenger 8.1 - File Transfer Denial of Service",2007-08-29,SlicK,windows,dos,0 -30545,platforms/asp/webapps/30545.txt,"Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-Site Scripting",2007-08-30,"Richard Brain",asp,webapps,0 -30547,platforms/hardware/webapps/30547.txt,"D-Link DSL-2750U ME_1.09 - CSRF",2013-12-28,"FIGHTERx war",hardware,webapps,0 +30545,platforms/asp/webapps/30545.txt,"Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-site Scripting",2007-08-30,"Richard Brain",asp,webapps,0 +30547,platforms/hardware/webapps/30547.txt,"D-Link DSL-2750U ME_1.09 - Cross-site Request Forgery",2013-12-28,"FIGHTERx war",hardware,webapps,0 30969,platforms/php/webapps/30969.txt,"MODx 0.9.6.1 - 'AjaxSearch.php' Local File Inclusion",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 30970,platforms/multiple/local/30970.txt,"White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities",2008-01-02,"Luigi Auriemma",multiple,local,0 30971,platforms/linux/remote/30971.txt,"Georgia SoftWorks Secure Shell Server 7.1.3 - Multiple Remote Code Execution Vulnerabilities",2007-01-02,"Luigi Auriemma",linux,remote,0 @@ -27449,26 +27449,26 @@ id,file,description,date,author,platform,type,port 30558,platforms/php/webapps/30558.txt,"Claroline 1.x - admin/advancedUserSearch.php action Parameter XSS",2007-09-03,"Fernando Munoz",php,webapps,0 30559,platforms/php/webapps/30559.txt,"Claroline 1.x - admin/campusProblem.php view Parameter XSS",2007-09-03,"Fernando Munoz",php,webapps,0 30560,platforms/php/webapps/30560.txt,"212cafe Webboard 6.30 - Read.php SQL Injection",2007-09-04,"Lopez Bran Digrap",php,webapps,0 -31024,platforms/hardware/remote/31024.txt,"F5 BIG-IP 9.4.3 - 'SearchString' Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,nnposter,hardware,remote,0 +31024,platforms/hardware/remote/31024.txt,"F5 BIG-IP 9.4.3 - 'SearchString' Multiple Cross-site Scripting Vulnerabilities",2008-01-14,nnposter,hardware,remote,0 31025,platforms/cgi/webapps/31025.txt,"Garment Center - 'index.cgi' Local File Inclusion",2008-01-14,Smasher,cgi,webapps,0 30877,platforms/php/webapps/30877.txt,"Roundcube Webmail 0.1 - CSS Expression Input Validation",2007-11-10,"Tomas Kuliavas",php,webapps,0 30878,platforms/php/webapps/30878.txt,"Bitweaver 1.x/2.0 - users/register.php URL XSS",2007-11-10,Doz,php,webapps,0 30879,platforms/php/webapps/30879.txt,"Bitweaver 1.x/2.0 - search/index.php URL XSS",2007-11-10,Doz,php,webapps,0 30880,platforms/php/webapps/30880.txt,"Bitweaver 1.x/2.0 - search/index.php highlight Parameter SQL Injection",2007-11-10,Doz,php,webapps,0 30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 - autohtml.php Local File Inclusion",2007-11-10,d3v1l,php,webapps,0 -30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 - URL Parameter Cross-Site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 +30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 - URL Parameter Cross-site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 30883,platforms/windows/remote/30883.js,"BitDefender Antivirus 2008 - bdelev.dll ActiveX Control Double Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 -30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 - Cal2.JSP Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 +30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 - Cal2.JSP Cross-site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 - Login.ASP SQL Injection",2007-09-04,SmOk3,asp,webapps,0 30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 30566,platforms/multiple/dos/30566.txt,"Alien Arena 2007 6.10 - Multiple Remote Vulnerabilities",2007-09-05,"Luigi Auriemma",multiple,dos,0 30567,platforms/windows/remote/30567.html,"Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow",2007-09-11,"Yamata Li",windows,remote,0 -30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 - Index.php Local File Inclusion",2007-09-06,mafialbano,php,webapps,0 +30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 - 'index.php' Local File Inclusion",2007-09-06,mafialbano,php,webapps,0 30569,platforms/windows/remote/30569.py,"Unreal Commander 0.92 - Directory Traversal",2007-09-06,"Gynvael Coldwind",windows,remote,0 -30570,platforms/php/webapps/30570.txt,"Toms Gastebuch 1.00/1.01 - Header.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-08,hd1979,php,webapps,0 +30570,platforms/php/webapps/30570.txt,"Toms Gastebuch 1.00/1.01 - Header.php Multiple Cross-site Scripting Vulnerabilities",2007-09-08,hd1979,php,webapps,0 30571,platforms/asp/webapps/30571.txt,"Proxy Anket 3.0.1 - anket.asp SQL Injection",2007-09-10,Yollubunlar.Org,asp,webapps,0 -30572,platforms/php/webapps/30572.txt,"phpMyQuote 0.20 - Index.php SQL Injection / Cross-Site Scripting",2007-09-10,Yollubunlar.Org,php,webapps,0 +30572,platforms/php/webapps/30572.txt,"phpMyQuote 0.20 - 'index.php' SQL Injection / Cross-site Scripting",2007-09-10,Yollubunlar.Org,php,webapps,0 30573,platforms/php/webapps/30573.txt,"SisfoKampus - dwoprn.php Arbitrary File Download",2007-09-10,PUPET,php,webapps,0 30574,platforms/multiple/dos/30574.txt,"CellFactor Revolution 1.03 - Multiple Remote Code Execution Vulnerabilities",2007-09-10,"Luigi Auriemma",multiple,dos,0 30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 - forum_forum.php id Parameter XSS",2007-09-12,Doz,php,webapps,0 @@ -27476,39 +27476,39 @@ id,file,description,date,author,platform,type,port 30577,platforms/php/webapps/30577.txt,"SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 30578,platforms/linux/dos/30578.txt,"MPlayer 1.0 - AVIHeader.C Heap Based Buffer Overflow",2007-09-12,"Code Audit Labs",linux,dos,0 30579,platforms/linux/dos/30579.txt,"Media Player Classic 6.4.9 - Malformed AVI Header Multiple Remote Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 -32387,platforms/php/webapps/32387.txt,"Quick CMS Lite 2.1 - 'admin.php' Cross-Site Scripting",2008-09-16,"John Cobb",php,webapps,0 +32387,platforms/php/webapps/32387.txt,"Quick CMS Lite 2.1 - 'admin.php' Cross-site Scripting",2008-09-16,"John Cobb",php,webapps,0 32417,platforms/php/remote/32417.php,"PHP 5.2.6 - 'create_function()' Code Injection Weakness (2)",2008-09-25,80sec,php,remote,0 32416,platforms/php/remote/32416.php,"PHP 5.2.6 - 'create_function()' Code Injection Weakness (1)",2008-09-25,80sec,php,remote,0 -32415,platforms/php/webapps/32415.txt,"Drupal Ajax Checklist 5.x-1.0 Module - Multiple SQL Injection",2008-09-24,"Justin C. Klein Keane",php,webapps,0 +32415,platforms/php/webapps/32415.txt,"Drupal Ajax Checklist 5.x-1.0 Module - Multiple SQL Injections",2008-09-24,"Justin C. Klein Keane",php,webapps,0 32512,platforms/unix/remote/32512.rb,"FreePBX - config.php Remote Code Execution",2014-03-25,Metasploit,unix,remote,0 32413,platforms/php/webapps/32413.txt,"InterTech WCMS - 'etemplate.php' SQL Injection",2008-09-23,"GeNiUs IrAQI",php,webapps,0 32412,platforms/asp/webapps/32412.txt,"Omnicom Content Platform - 'browser.asp' Parameter Directory Traversal",2008-09-23,AlbaniaN-[H],asp,webapps,0 -32411,platforms/php/webapps/32411.txt,"Datalife Engine CMS 7.2 - 'admin.php' Cross-Site Scripting",2008-09-23,"Hadi Kiamarsi",php,webapps,0 +32411,platforms/php/webapps/32411.txt,"Datalife Engine CMS 7.2 - 'admin.php' Cross-site Scripting",2008-09-23,"Hadi Kiamarsi",php,webapps,0 32410,platforms/php/webapps/32410.txt,"6rbScript - 'cat.php' SQL Injection",2008-09-22,"Karar Alshami",php,webapps,0 -32389,platforms/php/webapps/32389.txt,"Quick Cart 3.1 - 'admin.php' Cross-Site Scripting",2008-09-17,"John Cobb",php,webapps,0 -32409,platforms/php/webapps/32409.txt,"Achievo 1.3.2 - 'atknodetype' Parameter Cross-Site Scripting",2008-09-20,"Rohit Bansal",php,webapps,0 +32389,platforms/php/webapps/32389.txt,"Quick Cart 3.1 - 'admin.php' Cross-site Scripting",2008-09-17,"John Cobb",php,webapps,0 +32409,platforms/php/webapps/32409.txt,"Achievo 1.3.2 - 'atknodetype' Parameter Cross-site Scripting",2008-09-20,"Rohit Bansal",php,webapps,0 32408,platforms/php/webapps/32408.txt,"BlueCUBE CMS - 'tienda.php' SQL Injection",2008-09-21,r45c4l,php,webapps,0 32407,platforms/php/webapps/32407.txt,"BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 32406,platforms/php/webapps/32406.txt,"xt:Commerce 3.04 - XTCsid Parameter Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 32405,platforms/php/webapps/32405.txt,"xt:Commerce 3.04 - advanced_search_result.php keywords Parameter XSS",2008-09-22,"David Vieira-Kurz",php,webapps,0 -32404,platforms/php/webapps/32404.html,"fuzzylime (cms) 3.0 - 'usercheck.php' Cross-Site Scripting",2008-09-22,"Fabian Fingerle",php,webapps,0 +32404,platforms/php/webapps/32404.html,"fuzzylime (cms) 3.0 - 'usercheck.php' Cross-site Scripting",2008-09-22,"Fabian Fingerle",php,webapps,0 32403,platforms/php/webapps/32403.txt,"MapCal 0.1 - 'id' Parameter SQL Injection",2008-09-22,0x90,php,webapps,0 32402,platforms/php/webapps/32402.txt,"UNAK-CMS - Cookie Authentication Bypass",2008-09-22,Ciph3r,php,webapps,0 32401,platforms/asp/webapps/32401.txt,"rgb72 WCMS 1.0 - 'index.php' SQL Injection",2008-09-22,"CWH Underground",asp,webapps,0 32400,platforms/multiple/dos/32400.html,"Foxmail Email Client 6.5 - 'mailto' Buffer Overflow",2008-09-22,sebug,multiple,dos,0 -35491,platforms/php/webapps/35491.txt,"PBBoard CMS - Stored XSS",2014-12-08,"Manish Tanwar",php,webapps,0 +35491,platforms/php/webapps/35491.txt,"PBBoard CMS - Persistent Cross-site Scripting",2014-12-08,"Manish Tanwar",php,webapps,0 32399,platforms/unix/remote/32399.txt,"Multiple Vendor FTP Server - Long Command Handling Security",2008-09-20,"Maksymilian Arciemowicz",unix,remote,0 -32398,platforms/php/webapps/32398.txt,"eXtrovert software Thyme 1.3 - 'add_calendars.php' Cross-Site Scripting",2008-09-21,"DigiTrust Group",php,webapps,0 -32397,platforms/php/webapps/32397.txt,"PHP Pro Bid 5.2.4/6.04 - Multiple SQL Injection",2008-09-19,"Jan Van Niekerk",php,webapps,0 -32396,platforms/php/webapps/32396.txt,"Parallels H-Sphere 3.0/3.1 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-19,t0fx,php,webapps,0 +32398,platforms/php/webapps/32398.txt,"eXtrovert software Thyme 1.3 - 'add_calendars.php' Cross-site Scripting",2008-09-21,"DigiTrust Group",php,webapps,0 +32397,platforms/php/webapps/32397.txt,"PHP Pro Bid 5.2.4/6.04 - Multiple SQL Injections",2008-09-19,"Jan Van Niekerk",php,webapps,0 +32396,platforms/php/webapps/32396.txt,"Parallels H-Sphere 3.0/3.1 - 'login.php' Multiple Cross-site Scripting Vulnerabilities",2008-09-19,t0fx,php,webapps,0 32395,platforms/php/webapps/32395.txt,"HyperStop WebHost Directory 1.2 - Database Disclosure",2008-09-19,r45c4l,php,webapps,0 -32394,platforms/asp/webapps/32394.txt,"Sama Educational Management System - 'Error.asp' Cross-Site Scripting",2008-09-18,Lagon666,asp,webapps,0 +32394,platforms/asp/webapps/32394.txt,"Sama Educational Management System - 'Error.asp' Cross-site Scripting",2008-09-18,Lagon666,asp,webapps,0 32393,platforms/solaris/remote/32393.txt,"Sun Solaris 9/10 Text Editors - Command Execution",2008-09-17,"Eli the Bearded",solaris,remote,0 32392,platforms/php/webapps/32392.pl,"Add a link 4 - Security Bypass / SQL Injection",2008-09-17,JosS,php,webapps,0 -32391,platforms/hardware/remote/32391.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 +32391,platforms/hardware/remote/32391.html,"Cisco 871 Integrated Services Router - Cross-site Request Forgery (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 33141,platforms/php/remote/33141.rb,"AlienVault OSSIM - SQL Injection / Remote Code Execution",2014-05-02,Metasploit,php,remote,443 -32390,platforms/hardware/remote/32390.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 -31913,platforms/windows/dos/31913.pl,"Music AlarmClock 2.1.0 - (.m3u) Crash PoC",2014-02-26,"Gabor Seljan",windows,dos,0 +32390,platforms/hardware/remote/32390.html,"Cisco 871 Integrated Services Router - Cross-site Request Forgery (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 +31913,platforms/windows/dos/31913.pl,"Music AlarmClock 2.1.0 - '.m3u' Crash PoC",2014-02-26,"Gabor Seljan",windows,dos,0 32388,platforms/php/webapps/32388.txt,"Cars & Vehicle - 'page.php' SQL Injection",2008-09-17,"Hussin X",php,webapps,0 32705,platforms/windows/dos/32705.py,"EagleGet 1.1.8.1 - Denial of Service",2014-04-06,"Interference Security",windows,dos,0 32277,platforms/linux/remote/32277.txt,"Nginx 1.4.0 (64-bit) - (Generic Linux) Remote Exploit",2014-03-15,sorbo,linux,remote,0 @@ -27516,7 +27516,7 @@ id,file,description,date,author,platform,type,port 30580,platforms/linux/dos/30580.txt,"KMPlayer 2.9.3.1214 - Multiple Remote Denial of Service Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 30581,platforms/php/webapps/30581.txt,"CS-Guestbook 0.1 - Login Credentials Information Disclosure",2007-09-12,Cr@zy_King,php,webapps,0 30582,platforms/windows/remote/30582.html,"WinSCP 4.0.3 - URL Protocol Handler Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 -30583,platforms/php/webapps/30583.txt,"Php-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting",2007-09-14,root@hanicker.it,php,webapps,0 +30583,platforms/php/webapps/30583.txt,"Php-Stats 0.1.9.2 - Tracking.php Cross-site Scripting",2007-09-14,root@hanicker.it,php,webapps,0 30584,platforms/linux/dos/30584.py,"Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass",2007-09-14,"Luca Carettoni",linux,dos,0 30585,platforms/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera Web Interface - axis-cgi/admin/restart.cgi CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 30586,platforms/cgi/webapps/30586.txt,"Axis Communications 207W Network Camera Web Interface - axis-cgi/admin/pwdgrp.cgi Multiple Parameter CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 @@ -27529,17 +27529,17 @@ id,file,description,date,author,platform,type,port 30593,platforms/windows/dos/30593.txt,"Microsoft MFC Library - CFileFind::FindFile Buffer Overflow",2007-09-14,"Jonathan Sarba",windows,dos,0 30594,platforms/php/webapps/30594.txt,"Coppermine Photo Gallery 1.4.x - mode.php referer Parameter XSS",2007-09-17,L4teral,php,webapps,0 30595,platforms/php/webapps/30595.txt,"Coppermine Photo Gallery 1.4.x - viewlog.php log Parameter Local File Inclusion",2007-09-17,L4teral,php,webapps,0 -30596,platforms/php/webapps/30596.txt,"b1gMail 6.3.1 - hilfe.php Cross-Site Scripting",2007-09-17,malibu.r,php,webapps,0 -30597,platforms/cgi/webapps/30597.txt,"LevelOne WBR3404TX Broadband Router - RC Parameter Cross-Site Scripting Vulnerabilities",2007-09-19,azizov,cgi,webapps,0 +30596,platforms/php/webapps/30596.txt,"b1gMail 6.3.1 - hilfe.php Cross-site Scripting",2007-09-17,malibu.r,php,webapps,0 +30597,platforms/cgi/webapps/30597.txt,"LevelOne WBR3404TX Broadband Router - RC Parameter Cross-site Scripting Vulnerabilities",2007-09-19,azizov,cgi,webapps,0 30598,platforms/cgi/webapps/30598.txt,"WebBatch - webbatch.exe URL XSS",2007-09-20,Doz,cgi,webapps,0 30599,platforms/cgi/webapps/30599.txt,"WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0 30600,platforms/windows/remote/30600.html,"Xunlei Web Thunder 5.6.9.344 - ActiveX Control DownURL2 Method Remote Buffer Overflow",2007-09-20,7jdg,windows,remote,0 -30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0 -30602,platforms/php/webapps/30602.html,"WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 +30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Multiple Cross-site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0 +30602,platforms/php/webapps/30602.html,"WordPress 2.0 - wp-register.php Multiple Cross-site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 30603,platforms/php/webapps/30603.html,"Xcms 1.1/1.7 - Password Parameter Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 30604,platforms/linux/local/30604.c,"Linux Kernel 2.6.x - Ptrace Local Privilege Escalation",2007-09-21,"Wojciech Purczynski",linux,local,0 30605,platforms/linux/local/30605.c,"Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure",2007-09-21,Karimo_DM,linux,local,0 -30606,platforms/cgi/webapps/30606.txt,"Urchin 5.7.x - session.cgi Cross-Site Scripting",2007-09-24,pagvac,cgi,webapps,0 +30606,platforms/cgi/webapps/30606.txt,"Urchin 5.7.x - session.cgi Cross-site Scripting",2007-09-24,pagvac,cgi,webapps,0 30607,platforms/php/webapps/30607.txt,"bcoos 1.0.10 - Arcade Module Index.php SQL Injection",2007-09-24,"nights shadow",php,webapps,0 30608,platforms/jsp/webapps/30608.txt,"JSPWiki 2.5.139 - NewGroup.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 30609,platforms/jsp/webapps/30609.txt,"JSPWiki 2.5.139 - Edit.jsp edittime Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 @@ -27547,16 +27547,16 @@ id,file,description,date,author,platform,type,port 30611,platforms/jsp/webapps/30611.txt,"JSPWiki 2.5.139 - UserPreferences.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 30612,platforms/jsp/webapps/30612.txt,"JSPWiki 2.5.139 - Login.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 30613,platforms/jsp/webapps/30613.txt,"JSPWiki 2.5.139 - Diff.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30614,platforms/php/webapps/30614.txt,"PHP-Nuke Dance Music Module - Index.php Local File Inclusion",2007-09-25,waraxe,php,webapps,0 +30614,platforms/php/webapps/30614.txt,"PHP-Nuke Dance Music Module - 'index.php' Local File Inclusion",2007-09-25,waraxe,php,webapps,0 30615,platforms/php/webapps/30615.txt,"SimpGB 1.46.2 - admin/ Default URI l_username Parameter XSS",2007-09-25,netVigilance,php,webapps,0 30616,platforms/php/webapps/30616.txt,"SimpGB 1.46.2 - admin/emoticonlist.php l_emoticonlist Parameter XSS",2007-09-25,netVigilance,php,webapps,0 30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 - admin/layout2b.php l_username Parameter XSS",2007-09-25,"Jesper Jurcenoks",php,webapps,0 30618,platforms/php/webapps/30618.txt,"SimpNews 2.41.3 - comment.php backurl Parameter XSS",2007-09-25,"Jesper Jurcenoks",php,webapps,0 30619,platforms/windows/dos/30619.txt,"Microsoft Windows Explorer - .PNG Image Local Denial Of Service",2007-07-26,"Xavier Roche",windows,dos,0 30620,platforms/linux/local/30620.txt,"Xen 3.0.3 - pygrub TOOLS/PYGRUB/SRC/GRUBCONF.PY Local Command Injection",2007-09-22,"Joris van Rantwijk",linux,local,0 -30621,platforms/asp/webapps/30621.txt,"Novus 1.0 - Buscar.ASP Cross-Site Scripting",2007-09-27,Zutr4,asp,webapps,0 +30621,platforms/asp/webapps/30621.txt,"Novus 1.0 - Buscar.ASP Cross-site Scripting",2007-09-27,Zutr4,asp,webapps,0 30622,platforms/windows/remote/30622.html,"Microsoft Internet Explorer 5.0.1 - File Upload",2007-09-27,"Ronald van den Heetkamp",windows,remote,0 -30623,platforms/php/webapps/30623.pl,"MD-Pro 1.0.76 - Index.php Firefox ID SQL Injection",2007-09-29,"unidentified1_ is",php,webapps,0 +30623,platforms/php/webapps/30623.pl,"MD-Pro 1.0.76 - 'index.php' Firefox ID SQL Injection",2007-09-29,"unidentified1_ is",php,webapps,0 30624,platforms/asp/webapps/30624.txt,"Netkamp Emlak Scripti - Multiple Input Validation Vulnerabilities",2007-10-01,GeFORC3,asp,webapps,0 30625,platforms/asp/webapps/30625.txt,"Ohesa Emlak Portal 1.0 - satilik.asp Kategori Parameter SQL Injection",2007-10-01,GeFORC3,asp,webapps,0 30626,platforms/asp/webapps/30626.txt,"Ohesa Emlak Portal 1.0 - detay.asp Emlak Parameter SQL Injection",2007-10-01,GeFORC3,asp,webapps,0 @@ -27564,40 +27564,40 @@ id,file,description,date,author,platform,type,port 30628,platforms/windows/dos/30628.txt,"FSD 2.052/3.000 - servinterface.cc servinterface::sendmulticast Function PIcallsign Command Remote Overflow",2007-10-01,"Luigi Auriemma",windows,dos,0 30629,platforms/asp/webapps/30629.txt,"ASP Product Catalog 1.0 - Default.ASP SQL Injection",2007-10-01,joseph.giron13,asp,webapps,0 30630,platforms/multiple/remote/30630.c,"id Software Doom 3 Engine - Console String Visualization Format String",2007-10-02,"Luigi Auriemma",multiple,remote,0 -30631,platforms/multiple/remote/30631.txt,"Google Mini Search Appliance 3.4.14 - IE Parameter Cross-Site Scripting",2007-09-20,Websecurity,multiple,remote,0 -30632,platforms/php/webapps/30632.txt,"DRBGuestbook 1.1.13 - Index.php Cross-Site Scripting",2007-10-03,Gokhan,php,webapps,0 -30633,platforms/php/webapps/30633.txt,"Uebimiau 2.7.x - Index.php Cross-Site Scripting",2007-10-03,"Ivan Sanches",php,webapps,0 +30631,platforms/multiple/remote/30631.txt,"Google Mini Search Appliance 3.4.14 - IE Parameter Cross-site Scripting",2007-09-20,Websecurity,multiple,remote,0 +30632,platforms/php/webapps/30632.txt,"DRBGuestbook 1.1.13 - 'index.php' Cross-site Scripting",2007-10-03,Gokhan,php,webapps,0 +30633,platforms/php/webapps/30633.txt,"Uebimiau 2.7.x - 'index.php' Cross-site Scripting",2007-10-03,"Ivan Sanches",php,webapps,0 30634,platforms/php/webapps/30634.txt,"Content Builder 0.7.5 - postComment.php Remote File Inclusion",2007-10-03,"Mehrad Ansari Targhi",php,webapps,0 30635,platforms/windows/remote/30635.pl,"Microsoft Windows 2000/2003 - Recursive DNS Spoofing (1)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30636,platforms/windows/remote/30636.pl,"Microsoft Windows 2000/2003 - Recursive DNS Spoofing (2)",2007-11-13,"Alla Berzroutchko",windows,remote,0 -30637,platforms/php/webapps/30637.js,"Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery",2007-10-04,"David Kierznowski",php,webapps,0 -30638,platforms/php/webapps/30638.txt,"GForge 3.1/4.5/4.6 - Verify.php Cross-Site Scripting",2007-10-04,"Jose Sanchez",php,webapps,0 +30637,platforms/php/webapps/30637.js,"Google FeedBurner FeedSmith 2.2 - Cross-site Request Forgery",2007-10-04,"David Kierznowski",php,webapps,0 +30638,platforms/php/webapps/30638.txt,"GForge 3.1/4.5/4.6 - Verify.php Cross-site Scripting",2007-10-04,"Jose Sanchez",php,webapps,0 30968,platforms/php/webapps/30968.txt,"MODx 0.9.6.1 - 'htcmime.php' Source Code Information Disclosure",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 30639,platforms/cgi/webapps/30639.txt,"Cart32 6.x - GetImage Arbitrary File Download",2007-10-04,"Paul Craig",cgi,webapps,0 -30640,platforms/php/webapps/30640.txt,"Stuffed Guys Stuffed Tracker - Multiple Cross-Site Scripting Vulnerabilities",2007-10-04,"Aria-Security Team",php,webapps,0 +30640,platforms/php/webapps/30640.txt,"Stuffed Guys Stuffed Tracker - Multiple Cross-site Scripting Vulnerabilities",2007-10-04,"Aria-Security Team",php,webapps,0 30641,platforms/php/webapps/30641.txt,"AfterLogic MailBee WebMail Pro 3.x - login.php mode Parameter XSS",2007-10-05,"Ivan Sanchez",php,webapps,0 30642,platforms/php/webapps/30642.txt,"AfterLogic MailBee WebMail Pro 3.x - default.asp mode2 Parameter XSS",2007-10-05,"Ivan Sanchez",php,webapps,0 30643,platforms/multiple/remote/30643.txt,"DropTeam 1.3.3 - Multiple Remote Vulnerabilities",2007-10-05,"Luigi Auriemma",multiple,remote,0 30644,platforms/multiple/dos/30644.txt,"Dawn of Time 1.69 MUD Server - Multiple Format String Vulnerabilities",2007-10-05,"Luigi Auriemma",multiple,dos,0 30645,platforms/windows/remote/30645.txt,"Microsoft Windows - URI Handler Command Execution",2007-10-05,"Billy Rios",windows,remote,0 30646,platforms/linux/dos/30646.txt,"Nagios Plugins 1.4.2/1.4.9 - Location Header Remote Buffer Overflow",2007-07-16,"Nobuhiro Ban",linux,dos,0 -30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 - News_page.php Cross-Site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 +30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 - News_page.php Cross-site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 30648,platforms/linux/dos/30648.txt,"AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer Overflow",2007-10-08,Erik,linux,dos,0 -30649,platforms/cgi/webapps/30649.txt,"NetWin DNews - Dnewsweb.EXE Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 +30649,platforms/cgi/webapps/30649.txt,"NetWin DNews - Dnewsweb.EXE Multiple Cross-site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 30650,platforms/hardware/remote/30650.txt,"Linksys SPA941 - SIP From Field HTML Injection",2007-10-09,"Radu State",hardware,remote,0 30651,platforms/php/webapps/30651.txt,"Webmaster-Tips.net Joomla! RSS Feed Reader 1.0 - Remote File Inclusion",2007-10-10,Cyber-Crime,php,webapps,0 30652,platforms/hardware/remote/30652.txt,"Cisco IOS 12.3 - LPD Remote Buffer Overflow",2007-10-10,"Andy Davis",hardware,remote,0 -30653,platforms/php/webapps/30653.txt,"phpMyAdmin 2.11.1 - Setup.php Cross-Site Scripting",2007-10-09,"Omer Singer",php,webapps,0 -30654,platforms/php/webapps/30654.txt,"ActiveKB NX 2.6 - Index.php Cross-Site Scripting",2007-10-11,durito,php,webapps,0 -30655,platforms/php/webapps/30655.txt,"Joomla! 1.0.13 - Search Component SearchWord Cross-Site Scripting",2007-10-11,MustLive,php,webapps,0 -30656,platforms/php/webapps/30656.txt,"boastMachine 2.8 - Index.php Local File Inclusion",2007-10-11,iNs,php,webapps,0 -30657,platforms/php/webapps/30657.txt,"UMI CMS - Index.php Cross-Site Scripting",2007-10-11,anonymous,php,webapps,0 +30653,platforms/php/webapps/30653.txt,"phpMyAdmin 2.11.1 - Setup.php Cross-site Scripting",2007-10-09,"Omer Singer",php,webapps,0 +30654,platforms/php/webapps/30654.txt,"ActiveKB NX 2.6 - 'index.php' Cross-site Scripting",2007-10-11,durito,php,webapps,0 +30655,platforms/php/webapps/30655.txt,"Joomla! 1.0.13 - Search Component SearchWord Cross-site Scripting",2007-10-11,MustLive,php,webapps,0 +30656,platforms/php/webapps/30656.txt,"boastMachine 2.8 - 'index.php' Local File Inclusion",2007-10-11,iNs,php,webapps,0 +30657,platforms/php/webapps/30657.txt,"UMI CMS - 'index.php' Cross-site Scripting",2007-10-11,anonymous,php,webapps,0 30658,platforms/php/webapps/30658.txt,"CRS Manager - Multiple Remote File Inclusion",2007-10-11,iNs,php,webapps,0 -30659,platforms/php/webapps/30659.txt,"Nucleus CMS 3.0.1 - Index.php Cross-Site Scripting",2007-10-11,MustLive,php,webapps,0 +30659,platforms/php/webapps/30659.txt,"Nucleus CMS 3.0.1 - 'index.php' Cross-site Scripting",2007-10-11,MustLive,php,webapps,0 30660,platforms/php/webapps/30660.txt,"Scott Manktelow Design Stride 1.0 - Courses Detail.php Multiple SQL Injection",2007-10-11,durito,php,webapps,0 30661,platforms/cgi/webapps/30661.txt,"Google Urchin 5.7.3 - Report.CGI Authorization Bypass",2007-10-11,MustLive,cgi,webapps,0 30662,platforms/php/webapps/30662.txt,"Scott Manktelow Design Stride 1.0 - Content Management System Main.php SQL Injection",2007-10-11,durito,php,webapps,0 -30663,platforms/php/webapps/30663.txt,"Linkliste 1.2 - Index.php Multiple Remote File Inclusion",2007-10-11,iNs,php,webapps,0 +30663,platforms/php/webapps/30663.txt,"Linkliste 1.2 - 'index.php' Multiple Remote File Inclusion",2007-10-11,iNs,php,webapps,0 30664,platforms/php/webapps/30664.txt,"Scott Manktelow Design Stride 1.0 - Merchant Shop.php SQL Injection",2007-10-11,durito,php,webapps,0 30665,platforms/hardware/webapps/30665.txt,"Nisuta NS-WIR150NE / NS-WIR300N Wireless Routers - Remote Management Web Interface Authentication Bypass",2014-01-03,"Amplia Security Advisories",hardware,webapps,0 30666,platforms/multiple/local/30666.txt,"ACE Stream Media 2.1 - (acestream://) Format String Exploit PoC",2014-01-03,LiquidWorm,multiple,local,0 @@ -27611,8 +27611,8 @@ id,file,description,date,author,platform,type,port 31530,platforms/php/webapps/31530.txt,"Joomla! and Mambo Download3000 Component 1.0 - 'id' Parameter SQL Injection",2008-03-23,S@BUN,php,webapps,0 31531,platforms/php/webapps/31531.pl,"Bomba Haber 2.0 - 'haberoku.php' SQL Injection",2008-03-25,cOndemned,php,webapps,0 30672,platforms/windows/dos/30672.txt,"Live for Speed - Skin Name Buffer Overflow",2007-10-13,"Luigi Auriemma",windows,dos,0 -30673,platforms/hardware/remote/30673.txt,"NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting",2007-10-15,SkyOut,hardware,remote,0 -30674,platforms/java/webapps/30674.txt,"Stringbeans Portal 3.2 Projects Script - Cross-Site Scripting",2007-10-15,JosS,java,webapps,0 +30673,platforms/hardware/remote/30673.txt,"NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-site Scripting",2007-10-15,SkyOut,hardware,remote,0 +30674,platforms/java/webapps/30674.txt,"Stringbeans Portal 3.2 Projects Script - Cross-site Scripting",2007-10-15,JosS,java,webapps,0 30675,platforms/jsp/webapps/30675.txt,"InnovaPortal - tc/contents/home001.jsp contentid Parameter XSS",2007-10-15,JosS,jsp,webapps,0 30676,platforms/jsp/webapps/30676.txt,"InnovaPortal - msg.jsp msg Parameter XSS",2007-10-15,JosS,jsp,webapps,0 30677,platforms/linux/remote/30677.pl,"Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection",2007-10-16,"Humberto J. Abdelnur",linux,remote,0 @@ -27623,25 +27623,25 @@ id,file,description,date,author,platform,type,port 30682,platforms/php/webapps/30682.txt,"SiteBar 3.3.8 - translator.php dir Parameter Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 30684,platforms/php/webapps/30684.txt,"SiteBar 3.3.8 - integrator.php lang Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 -30685,platforms/php/webapps/30685.txt,"SiteBar 3.3.8 - index.php target Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 +30685,platforms/php/webapps/30685.txt,"SiteBar 3.3.8 - 'index.php' target Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 30686,platforms/php/webapps/30686.txt,"SiteBar 3.3.8 - command.php Modify User Action uid Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 -30804,platforms/php/webapps/30804.txt,"VBTube 1.1 - Search Cross-Site Scripting",2007-11-24,Crackers_Child,php,webapps,0 +30804,platforms/php/webapps/30804.txt,"VBTube 1.1 - Search Cross-site Scripting",2007-11-24,Crackers_Child,php,webapps,0 30805,platforms/windows/dos/30805.html,"RichFX Basic Player 1.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-25,"Elazar Broad",windows,dos,0 30688,platforms/hardware/dos/30688.py,"Motorola SBG6580 Cable Modem & Wireless Router - DoS Reboot",2014-01-04,nicx0,hardware,dos,0 30689,platforms/php/webapps/30689.php,"Taboada Macronews 1.0 - SQLi Exploit",2014-01-04,Jefrey,php,webapps,0 -31027,platforms/php/webapps/31027.txt,"pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,fuzion,php,webapps,0 +31027,platforms/php/webapps/31027.txt,"pMachine Pro 2.4.1 - Multiple Cross-site Scripting Vulnerabilities",2008-01-14,fuzion,php,webapps,0 31028,platforms/php/webapps/31028.txt,"Article Dashboard - 'admin/login.php' Multiple SQL Injection",2008-01-15,Xcross87,php,webapps,0 31029,platforms/php/webapps/31029.pl,"Peter's Math Anti-Spam for WordPress 0.1.6 Plugin - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 -30691,platforms/php/webapps/30691.txt,"Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 +30691,platforms/php/webapps/30691.txt,"Alacate-Lucent OmniVista 4760 - Multiple Cross-site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 -30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 -30694,platforms/php/webapps/30694.txt,"SocketMail 2.2.1 - Lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 -30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 - rnote.php Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 -30696,platforms/asp/webapps/30696.txt,"SearchSimon Lite 1.0 - Filename.ASP Cross-Site Scripting",2007-10-20,"Aria-Security Team",asp,webapps,0 -30697,platforms/php/webapps/30697.txt,"ReloadCMS 1.2.5 - Index.php Local File Inclusion",2007-10-20,sekuru,php,webapps,0 +30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 +30694,platforms/php/webapps/30694.txt,"SocketMail 2.2.1 - Lostpwd.php Cross-site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 +30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 - rnote.php Multiple Cross-site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 +30696,platforms/asp/webapps/30696.txt,"SearchSimon Lite 1.0 - Filename.ASP Cross-site Scripting",2007-10-20,"Aria-Security Team",asp,webapps,0 +30697,platforms/php/webapps/30697.txt,"ReloadCMS 1.2.5 - 'index.php' Local File Inclusion",2007-10-20,sekuru,php,webapps,0 30698,platforms/php/webapps/30698.txt,"Flatnuke3 - File Manager Module Unauthorized Access",2007-10-22,KiNgOfThEwOrLd,php,webapps,0 -30699,platforms/php/webapps/30699.txt,"Hackish 1.1 - Blocco.php Cross-Site Scripting",2007-10-22,Matrix86,php,webapps,0 -30700,platforms/php/webapps/30700.txt,"DMCMS 0.7 - Index.php SQL Injection",2007-10-22,"Aria-Security Team",php,webapps,0 +30699,platforms/php/webapps/30699.txt,"Hackish 1.1 - Blocco.php Cross-site Scripting",2007-10-22,Matrix86,php,webapps,0 +30700,platforms/php/webapps/30700.txt,"DMCMS 0.7 - 'index.php' SQL Injection",2007-10-22,"Aria-Security Team",php,webapps,0 30701,platforms/php/webapps/30701.txt,"Jeebles Technology Jeebles Directory 2.9.60 - Download.php Local File Inclusion",2007-10-22,hack2prison,php,webapps,0 30702,platforms/multiple/dos/30702.html,"Mozilla Firefox 2.0.0.7 - Malformed XBL Constructor Remote Denial of Service",2007-10-22,"Soroush Dalili",multiple,dos,0 30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting - Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 @@ -27654,77 +27654,77 @@ id,file,description,date,author,platform,type,port 30712,platforms/php/webapps/30712.txt,"Multi-Forums - Directory.php Multiple SQL Injection",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 30713,platforms/multiple/dos/30713.html,"Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial Of Service",2007-10-26,"The Hacker Webzine",multiple,dos,0 30714,platforms/unix/dos/30714.pl,"IBM Lotus Domino 7.0.2 - IMAP4 LSUB Buffer Overflow",2007-10-27,"Manuel Santamarina Suarez",unix,dos,0 -30715,platforms/php/webapps/30715.txt,"WordPress 2.3 - Edit-Post-Rows.php Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 -30716,platforms/php/webapps/30716.txt,"Smart-Shop - index.php Multiple Parameter XSS",2007-10-29,Doz,php,webapps,0 -30717,platforms/php/webapps/30717.txt,"Omnistar Live - KB.php Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 -30718,platforms/php/webapps/30718.txt,"Saxon 5.4 - Menu.php Cross-Site Scripting",2007-10-29,netVigilance,php,webapps,0 +30715,platforms/php/webapps/30715.txt,"WordPress 2.3 - Edit-Post-Rows.php Cross-site Scripting",2007-10-29,waraxe,php,webapps,0 +30716,platforms/php/webapps/30716.txt,"Smart-Shop - 'index.php' Multiple Parameter XSS",2007-10-29,Doz,php,webapps,0 +30717,platforms/php/webapps/30717.txt,"Omnistar Live - KB.php Cross-site Scripting",2007-10-29,Doz,php,webapps,0 +30718,platforms/php/webapps/30718.txt,"Saxon 5.4 - Menu.php Cross-site Scripting",2007-10-29,netVigilance,php,webapps,0 30719,platforms/php/webapps/30719.txt,"Saxon 5.4 - Example.php SQL Injection",2007-10-29,netVigilance,php,webapps,0 30720,platforms/windows/remote/30720.html,"GlobalLink 2.7.0.8 - ConnectAndEnterRoom ActiveX Control Stack Buffer Overflow",2007-10-29,anonymous,windows,remote,0 -30806,platforms/php/webapps/30806.txt,"PHPSlideShow 0.9.9 - Directory Parameter Cross-Site Scripting",2007-11-26,"Jose Luis Gongora Fernandez",php,webapps,0 +30806,platforms/php/webapps/30806.txt,"PHPSlideShow 0.9.9 - Directory Parameter Cross-site Scripting",2007-11-26,"Jose Luis Gongora Fernandez",php,webapps,0 30807,platforms/asp/webapps/30807.txt,"GOUAE DWD Realty - Password Parameters SQL Injection",2007-11-26,"Aria-Security Team",asp,webapps,0 30808,platforms/cgi/webapps/30808.txt,"GWExtranet 3.0 - Scp.DLL Multiple HTML Injection Vulnerabilities",2007-11-26,Doz,cgi,webapps,0 30723,platforms/hardware/webapps/30723.php,"Seagate BlackArmor - Root Exploit",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30724,platforms/linux/dos/30724.txt,"Perdition 1.17 - IMAPD __STR_VWRITE Remote Format String",2007-10-31,"Bernhard Mueller",linux,dos,0 30725,platforms/hardware/webapps/30725.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 -30726,platforms/hardware/webapps/30726.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 -30727,platforms/hardware/webapps/30727.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 +30726,platforms/hardware/webapps/30726.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Cross-site Request Forgery",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 +30727,platforms/hardware/webapps/30727.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-site Scripting Vulnerabilities",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30728,platforms/linux/remote/30728.txt,"Yarssr 0.2.2 - GUI.PM Remote Code Injection",2007-10-31,"Duncan Gilmore",linux,remote,0 -30729,platforms/multiple/remote/30729.txt,"Blue Coat ProxySG Management Console - URI Handler Multiple Cross-Site Scripting Vulnerabilities",2007-10-29,"Adrian Pastor",multiple,remote,0 +30729,platforms/multiple/remote/30729.txt,"Blue Coat ProxySG Management Console - URI Handler Multiple Cross-site Scripting Vulnerabilities",2007-10-29,"Adrian Pastor",multiple,remote,0 30730,platforms/windows/remote/30730.txt,"SonicWALL SSL VPN 1.3 3 WebCacheCleaner - ActiveX FileDelete Method Traversal Arbitrary File Deletion",2007-11-01,"Will Dormann",windows,remote,0 -30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 - Index.php Local File Inclusion",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 +30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 - 'index.php' Local File Inclusion",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 30732,platforms/php/webapps/30732.txt,"CONTENTCustomizer 3.1 - Dialog.php Information Disclosure",2007-11-01,d3hydr8,php,webapps,0 -30733,platforms/php/webapps/30733.txt,"phpMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 -30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 - Admin/Index.php Cross-Site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 -30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 - Index.php Local File Inclusion",2007-11-03,joseph.giron13,php,webapps,0 +30733,platforms/php/webapps/30733.txt,"phpMyAdmin 2.11.1 - Server_Status.php Cross-site Scripting",2007-10-17,"Omer Singer",php,webapps,0 +30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 - Admin/Index.php Cross-site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 +30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 - 'index.php' Local File Inclusion",2007-11-03,joseph.giron13,php,webapps,0 30736,platforms/linux/remote/30736.txt,"GNU Emacs 22.1 - Local Variable Handling Code Execution",2007-11-02,"Drake Wilson",linux,remote,0 30737,platforms/php/webapps/30737.txt,"Galmeta Post 0.2 - Upload_Config.php Remote File Inclusion",2007-11-05,"arfis project",php,webapps,0 30738,platforms/php/webapps/30738.txt,"E-Vendejo 0.2 - Articles.php SQL Injection",2007-11-05,r00t,php,webapps,0 -30739,platforms/php/webapps/30739.txt,"JLMForo System - Buscado.php Cross-Site Scripting",2007-11-05,"Jose Luis Gongora Fernandez",php,webapps,0 +30739,platforms/php/webapps/30739.txt,"JLMForo System - Buscado.php Cross-site Scripting",2007-11-05,"Jose Luis Gongora Fernandez",php,webapps,0 30740,platforms/hardware/remote/30740.html,"BT Home Hub 6.2.2.6 - Login Procedure Authentication Bypass",2007-11-05,"David Smith",hardware,remote,0 -30741,platforms/php/webapps/30741.txt,"easyGB 2.1.1 - Index.php Local File Inclusion",2007-11-05,"BorN To K!LL",php,webapps,0 +30741,platforms/php/webapps/30741.txt,"easyGB 2.1.1 - 'index.php' Local File Inclusion",2007-11-05,"BorN To K!LL",php,webapps,0 30742,platforms/multiple/remote/30742.txt,"OpenBase 10.0.x - Buffer Overflow / Remote Command Execution",2007-11-05,"Kevin Finisterre",multiple,remote,0 30743,platforms/asp/webapps/30743.txt,"i-Gallery 3.4 - igallery.ASP Remote Information Disclosure",2007-11-05,hackerbinhphuoc,asp,webapps,0 30744,platforms/linux/dos/30744.txt,"MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service",2007-11-05,"Joe Gallo",linux,dos,0 30745,platforms/php/webapps/30745.html,"Weblord.it MS-TopSites - Unauthorized Access / HTML Injection",2007-11-06,0x90,php,webapps,0 -30746,platforms/php/webapps/30746.txt,"Computer Associates SiteMinder - Web Agent Smpwservices.FCC Cross-Site Scripting",2007-11-07,"Giuseppe Gottardi",php,webapps,0 +30746,platforms/php/webapps/30746.txt,"Computer Associates SiteMinder - Web Agent Smpwservices.FCC Cross-site Scripting",2007-11-07,"Giuseppe Gottardi",php,webapps,0 30747,platforms/asp/webapps/30747.txt,"Rapid Classified - AgencyCatResult.ASP SQL Injection",2007-11-08,The-0utl4w,asp,webapps,0 30748,platforms/php/webapps/30748.txt,"Xoops 2.0.17 1 Mylinks Module - Brokenlink.php SQL Injection",2007-11-09,root@hanicker.it,php,webapps,0 30749,platforms/windows/dos/30749.html,"Microsoft Office 2003 - Web Component Memory Access Violation Denial of Service",2007-11-12,"Elazar Broad",windows,dos,0 30750,platforms/php/webapps/30750.pl,"PHP-Nuke Advertising Module 0.9 - Modules.php SQL Injection",2007-11-12,0x90,php,webapps,0 -30751,platforms/php/webapps/30751.html,"Miro Broadcast Machine 0.9.9 - Login.php Cross-Site Scripting",2007-11-12,"Hanno Boeck",php,webapps,0 -30752,platforms/php/webapps/30752.txt,"Eggblog 3.1 - Rss.php Cross-Site Scripting",2007-11-12,"Mesut Timur",php,webapps,0 -30753,platforms/php/dos/30753.txt,"AutoIndex PHP Script 2.2.2/2.2.3 - Index.php Denial of Service",2007-11-12,L4teral,php,dos,0 -30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 - PHP_SELF Index.php Cross-Site Scripting",2007-08-27,L4teral,php,webapps,0 -30755,platforms/hardware/remote/30755.txt,"F5 FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-12,"Jan Fry",hardware,remote,0 +30751,platforms/php/webapps/30751.html,"Miro Broadcast Machine 0.9.9 - Login.php Cross-site Scripting",2007-11-12,"Hanno Boeck",php,webapps,0 +30752,platforms/php/webapps/30752.txt,"Eggblog 3.1 - Rss.php Cross-site Scripting",2007-11-12,"Mesut Timur",php,webapps,0 +30753,platforms/php/dos/30753.txt,"AutoIndex PHP Script 2.2.2/2.2.3 - 'index.php' Denial of Service",2007-11-12,L4teral,php,dos,0 +30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 - PHP_SELF Index.php Cross-site Scripting",2007-08-27,L4teral,php,webapps,0 +30755,platforms/hardware/remote/30755.txt,"F5 FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-site Scripting",2007-11-12,"Jan Fry",hardware,remote,0 30756,platforms/windows/dos/30756.html,"Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities",2007-11-12,"Elazar Broad",windows,dos,0 30757,platforms/php/webapps/30757.txt,"X7 Chat 2.0.4 - sources/frame.php room Parameter XSS",2007-11-12,ShAy6oOoN,php,webapps,0 30758,platforms/php/webapps/30758.txt,"X7 Chat 2.0.4 - upgradev1.php INSTALL_X7CHATVERSION Parameter XSS",2007-11-12,ShAy6oOoN,php,webapps,0 -30759,platforms/cgi/webapps/30759.txt,"VTLS Web Gateway 48.1 - Searchtype Parameter Cross-Site Scripting",2007-11-13,"Jesus Olmos Gonzalez",cgi,webapps,0 +30759,platforms/cgi/webapps/30759.txt,"VTLS Web Gateway 48.1 - Searchtype Parameter Cross-site Scripting",2007-11-13,"Jesus Olmos Gonzalez",cgi,webapps,0 30760,platforms/php/dos/30760.txt,"PHP 5.2.5 - Multiple GetText Functions Denial Of Service Vulnerabilities",2007-11-13,"laurent gaffie",php,dos,0 30761,platforms/windows/dos/30761.html,"WebEx GPCContainer - Memory Access Violation Multiple Denial of Service Vulnerabilities",2007-11-13,"Elazar Broad",windows,dos,0 -30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 WordPress Plugin - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 +30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 WordPress Plugin - Cross-site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 30763,platforms/linux/dos/30763.php,"KDE Konqueror 3.5.6 - Cookie Handling Denial of Service",2007-11-14,"laurent gaffie",linux,dos,0 30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 30765,platforms/osx/local/30765.c,"Apple Mac OS X 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 30766,platforms/linux/dos/30766.c,"GNU TAR 1.15.91 / CPIO 2.5.90 - safer_name_suffix Remote Denial of Service",2007-11-14,"Dmitry V. Levin",linux,dos,0 30767,platforms/windows/dos/30767.html,"Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow",2007-06-25,"Azizov E",windows,dos,0 30768,platforms/multiple/remote/30768.txt,"IBM WebSphere Application Server 5.1.1 - WebContainer HTTP Request Header Security Weakness",2007-11-15,anonymous,multiple,remote,0 -30769,platforms/php/webapps/30769.txt,"Nuked-Klan 1.7.5 - File Parameter News Module Cross-Site Scripting",2007-11-15,Bl@ckM@mba,php,webapps,0 +30769,platforms/php/webapps/30769.txt,"Nuked-Klan 1.7.5 - File Parameter News Module Cross-site Scripting",2007-11-15,Bl@ckM@mba,php,webapps,0 30770,platforms/cgi/webapps/30770.txt,"AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities",2007-11-14,"MC Iglo",cgi,webapps,0 30771,platforms/multiple/remote/30771.txt,"Aruba MC-800 Mobility Controller - Screens Directory HTML Injection",2007-11-15,"Jan Fry",multiple,remote,0 30772,platforms/windows/remote/30772.html,"ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-15,"Elazar Broad",windows,remote,0 30773,platforms/windows/dos/30773.txt,"Microsoft Jet Database Engine - .MDB File Parsing Remote Buffer Overflow",2007-11-16,cocoruder,windows,dos,0 -30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 +30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - Login.ASP Multiple SQL Injection",2007-11-17,"Aria-Security Team",asp,webapps,0 30776,platforms/linux/dos/30776.txt,"LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial Of Service",2007-11-19,"Luigi Auriemma",linux,dos,0 -30777,platforms/cgi/webapps/30777.txt,"Citrix NetScaler 8.0 build 47.8 - Generic_API_Call.PL Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 +30777,platforms/cgi/webapps/30777.txt,"Citrix NetScaler 8.0 build 47.8 - Generic_API_Call.PL Cross-site Scripting",2007-11-19,nnposter,cgi,webapps,0 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - Details.ASP SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30779,platforms/multiple/dos/30779.txt,"Rigs of Rods 0.33d - Long Vehicle Name Buffer Overflow",2007-11-19,"Luigi Auriemma",multiple,dos,0 30780,platforms/linux/local/30780.txt,"ISPmanager 4.2.15 - Responder Local Privilege Escalation",2007-11-20,"Andrew Christensen",linux,local,0 30781,platforms/osx/remote/30781.txt,"Apple Mac OS X 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 31026,platforms/hardware/remote/31026.pl,"Fortinet Fortigate - CRLF Characters URL Filtering Bypass",2008-01-14,Danux,hardware,remote,0 30974,platforms/multiple/dos/30974.txt,"Asterisk 1.x - BYE Message Remote Denial of Service",2008-01-02,greyvoip,multiple,dos,0 -30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 +30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'Search.php' Multiple Unspecified SQL Injection",2008-01-03,The:Paradox,php,webapps,0 30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - wp-admin/post.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,80 @@ -27732,14 +27732,14 @@ id,file,description,date,author,platform,type,port 30788,platforms/windows/local/30788.rb,"IcoFX - Stack Buffer Overflow",2014-01-07,Metasploit,windows,local,0 30789,platforms/windows/local/30789.rb,"IBM Forms Viewer - Unicode Buffer Overflow",2014-01-07,Metasploit,windows,local,0 30790,platforms/php/webapps/30790.txt,"Cubic CMS - Multiple Vulnerabilities",2014-01-07,"Eugenio Delfa",php,webapps,80 -30811,platforms/php/webapps/30811.txt,"SimpleGallery 0.1.3 - Index.php Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 +30811,platforms/php/webapps/30811.txt,"SimpleGallery 0.1.3 - 'index.php' Cross-site Scripting",2007-11-26,JosS,php,webapps,0 30812,platforms/windows/dos/30812.html,"RealMedia RealPlayer 10.5/11 - Ierpplug.DLL PlayerProperty ActiveX Control Buffer Overflow",2007-11-26,"Elazar Broad",windows,dos,0 -30813,platforms/php/webapps/30813.txt,"FMDeluxe 2.1 - Index.php Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 +30813,platforms/php/webapps/30813.txt,"FMDeluxe 2.1 - 'index.php' Cross-site Scripting",2007-11-26,JosS,php,webapps,0 30814,platforms/multiple/dos/30814.txt,"Skype 3.6.216 - Voicemail URI Handler Remote Denial of Service",2007-11-26,"Critical Security",multiple,dos,0 -30815,platforms/php/webapps/30815.txt,"Tilde 4.0 - Aarstal Parameter Cross-Site Scripting",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 +30815,platforms/php/webapps/30815.txt,"Tilde 4.0 - Aarstal Parameter Cross-site Scripting",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 30816,platforms/windows/remote/30816.py,"Autonomy KeyView Lotus 1-2-3 - File Multiple Buffer Overflow Vulnerabilities",2007-11-26,Sebastian,windows,remote,0 -30817,platforms/php/webapps/30817.html,"Liferay Portal 4.3.1 - Forgot-Password Cross-Site Scripting",2007-11-27,"Joshua Morin",php,webapps,0 -30818,platforms/cgi/webapps/30818.txt,"ht://Dig 3.2 - Htsearch Cross-Site Scripting",2007-11-27,"Michael Skibbe",cgi,webapps,0 +30817,platforms/php/webapps/30817.html,"Liferay Portal 4.3.1 - Forgot-Password Cross-site Scripting",2007-11-27,"Joshua Morin",php,webapps,0 +30818,platforms/cgi/webapps/30818.txt,"ht://Dig 3.2 - Htsearch Cross-site Scripting",2007-11-27,"Michael Skibbe",cgi,webapps,0 30819,platforms/windows/remote/30819.c,"Tencent QQ 2006 LaunchP2PShare - Multiple Stack Buffer Overflow Vulnerabilities",2007-11-27,axis,windows,remote,0 30820,platforms/php/webapps/30820.txt,"p.mapper 3.2 beta3 - incphp/globals.php _SESSION[PM_INCPHP] Parameter Remote File Inclusion",2007-11-27,ShAy6oOoN,php,webapps,0 30821,platforms/php/webapps/30821.txt,"p.mapper 3.2 beta3 - plugins/export/mc_table.php _SESSION[PM_INCPHP] Parameter Remote File Inclusion",2007-11-27,ShAy6oOoN,php,webapps,0 @@ -27754,9 +27754,9 @@ id,file,description,date,author,platform,type,port 30830,platforms/php/webapps/30830.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30831,platforms/php/webapps/30831.txt,"Ossigeno CMS 2.2_pre1 - ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30832,platforms/windows/dos/30832.html,"Yahoo! Toolbar 1.4.1 Helper - Class ActiveX Control Remote Buffer Overflow Denial of Service",2007-11-29,"Elazar Broad",windows,dos,0 -30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 -30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 -30835,platforms/unix/remote/30835.sh,"Apache HTTP Server 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness",2007-11-30,"Adrian Pastor",unix,remote,0 +30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 +30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 +30835,platforms/unix/remote/30835.sh,"Apache HTTP Server 2.2.4 - 413 Error HTTP Request Method Cross-site Scripting Weakness",2007-11-30,"Adrian Pastor",unix,remote,0 30836,platforms/php/webapps/30836.txt,"bcoos 1.0.10 - Adresses/Ratefile.php SQL Injection",2007-11-30,Lostmon,php,webapps,0 30837,platforms/linux/dos/30837.txt,"QEMU 0.9 - Translation Block Local Denial of Service",2007-11-30,TeLeMan,linux,dos,0 30838,platforms/multiple/remote/30838.html,"Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering",2007-12-01,"Carl Hardwick",multiple,remote,0 @@ -27769,39 +27769,39 @@ id,file,description,date,author,platform,type,port 30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 - getpath.aspx Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 30846,platforms/php/webapps/30846.txt,"phpMyChat 0.14.5 - chat/deluser.php3 LIMIT Parameter XSS",2007-12-04,beenudel1986,php,webapps,0 30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 - chat/users_popupL.php3 Multiple Parameter XSS",2007-12-04,beenudel1986,php,webapps,0 -30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content - index.php view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 -30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component - index.php Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 +30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content - 'index.php' view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 +30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component - 'index.php' Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30850,platforms/multiple/remote/30850.txt,"Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload",2007-12-05,"Luigi Auriemma",multiple,remote,0 30851,platforms/php/webapps/30851.txt,"VisualShapers ezContents 1.4.5 - File Disclosure",2007-12-05,p4imi0,php,webapps,0 -30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 - PHP_SELF Trigger_Error Function Cross-Site Scripting",2007-12-06,imei,php,webapps,0 -30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 - Compose.php Cross-Site Scripting",2007-12-06,Manu,php,webapps,0 +30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 - PHP_SELF Trigger_Error Function Cross-site Scripting",2007-12-06,imei,php,webapps,0 +30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 - Compose.php Cross-site Scripting",2007-12-06,Manu,php,webapps,0 30854,platforms/php/webapps/30854.sh,"wwwstats 3.21 - Clickstats.php Multiple HTML Injection Vulnerabilities",2007-12-15,"Jesus Olmos Gonzalez",php,webapps,0 -30855,platforms/asp/webapps/30855.txt,"WebDoc 3.0 - Multiple SQL Injection",2007-12-07,Chrysalid,asp,webapps,0 +30855,platforms/asp/webapps/30855.txt,"WebDoc 3.0 - Multiple SQL Injections",2007-12-07,Chrysalid,asp,webapps,0 30856,platforms/multiple/dos/30856.txt,"Easy File Sharing Web Server 1.3x - Directory Traversal / Multiple Information Disclosure Vulnerabilities",2007-12-07,"Luigi Auriemma",multiple,dos,0 30857,platforms/php/webapps/30857.txt,"webSPELL 4.1.2 - usergallery.php galleryID Parameter XSS",2007-12-10,Brainhead,php,webapps,0 30858,platforms/php/webapps/30858.txt,"webSPELL 4.1.2 - calendar.php Multiple Parameter XSS",2007-12-10,Brainhead,php,webapps,0 30859,platforms/php/webapps/30859.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation And Input Validation",2007-12-10,"Tomas Kuliavas",php,webapps,0 -30860,platforms/asp/webapps/30860.txt,"bttlxe Forum 2.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2007-12-10,Mormoroth,asp,webapps,0 +30860,platforms/asp/webapps/30860.txt,"bttlxe Forum 2.0 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2007-12-10,Mormoroth,asp,webapps,0 30861,platforms/php/webapps/30861.txt,"E-Xoops 1.0.5/1.0.8 - mylinks/ratelink.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30862,platforms/php/webapps/30862.txt,"E-Xoops 1.0.5/1.0.8 - adresses/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30863,platforms/php/webapps/30863.txt,"E-Xoops 1.0.5/1.0.8 - mydownloads/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30864,platforms/php/webapps/30864.txt,"E-Xoops 1.0.5/1.0.8 - mysections/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 -30884,platforms/php/webapps/30884.txt,"XOOPS 2.2.5 - register.php Cross-Site Scripting",2007-11-12,"Omer Singer",php,webapps,0 +30884,platforms/php/webapps/30884.txt,"XOOPS 2.2.5 - register.php Cross-site Scripting",2007-11-12,"Omer Singer",php,webapps,0 30885,platforms/multiple/dos/30885.txt,"QK SMTP Server - Malformed Commands Multiple Remote Denial of Service Vulnerabilities",2007-12-13,"Juan Pablo Lopez Yacubian",multiple,dos,0 30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module - SQL Injection",2007-12-13,"Sw33t h4cK3r",php,webapps,0 30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 - Windows Installations Local File Inclusion",2007-12-15,"Michael Brooks",php,webapps,0 30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 30889,platforms/php/webapps/30889.txt,"WordPress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusion",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 -30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0 -30892,platforms/php/webapps/30892.txt,"Neuron News 1.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2007-12-17,"hadihadi & black.shadowes",php,webapps,0 +30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 - Multiple Cross-site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0 +30892,platforms/php/webapps/30892.txt,"Neuron News 1.0 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2007-12-17,"hadihadi & black.shadowes",php,webapps,0 30893,platforms/php/webapps/30893.txt,"PHP Security Framework - Multiple Input Validation Vulnerabilities",2007-12-17,DarkFig,php,webapps,0 30894,platforms/linux/dos/30894.txt,"PeerCast 0.12 - HandshakeHTTP Multiple Buffer Overflow Vulnerabilities",2007-12-17,"Luigi Auriemma",linux,dos,0 30895,platforms/linux/dos/30895.pl,"Perl Net::DNS 0.48/0.59/0.60 - DNS Response Remote Denial of Service",2007-12-17,beSTORM,linux,dos,0 30896,platforms/multiple/dos/30896.txt,"Appian Business Process Management Suite 5.6 - Remote Denial of Service",2007-12-17,"Chris Castaldo",multiple,dos,0 30897,platforms/windows/remote/30897.html,"iMesh 7 - 'IMWebControl' ActiveX Control Code Execution",2007-12-17,rgod,windows,remote,0 30898,platforms/linux/dos/30898.pl,"Common UNIX Printing System 1.2/1.3 SNMP - 'asn1_get_string()' Remote Buffer Overflow",2007-11-06,wei_wang,linux,dos,0 -30899,platforms/php/webapps/30899.txt,"Mambo 4.6.2 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-12-18,"Beenu Arora",php,webapps,0 +30899,platforms/php/webapps/30899.txt,"Mambo 4.6.2 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2007-12-18,"Beenu Arora",php,webapps,0 30901,platforms/windows/remote/30901.txt,"Apache HTTP Server 2.2.6 Windows - Share PHP File Extension Mapping Information Disclosure",2007-12-19,"Maciej Piotr Falkiewicz",windows,remote,0 30902,platforms/linux/dos/30902.c,"Linux Kernel 2.6.22 - IPv6 Hop-By-Hop Header Remote Denial of Service",2007-12-19,"Clemens Kurtenbach",linux,dos,0 30903,platforms/multiple/dos/30903.c,"id3lib ID3 Tags - Buffer Overflow",2007-12-19,"Luigi Auriemma",multiple,dos,0 @@ -27814,7 +27814,7 @@ id,file,description,date,author,platform,type,port 30911,platforms/php/webapps/30911.txt,"PHPJabbers Appointment Scheduler 2.0 - Multiple Vulnerabilities",2014-01-14,"HackXBack ",php,webapps,80 30912,platforms/php/webapps/30912.txt,"PHPJabbers Car Rental Script - Multiple Vulnerabilities",2014-01-14,"HackXBack ",php,webapps,80 30913,platforms/php/webapps/30913.txt,"PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities",2014-01-14,"HackXBack ",php,webapps,80 -30914,platforms/hardware/webapps/30914.txt,"Conceptronic Wireless Pan & Tilt Network Camera - CSRF",2014-01-14,"Felipe Molina",hardware,webapps,80 +30914,platforms/hardware/webapps/30914.txt,"Conceptronic Wireless Pan & Tilt Network Camera - Cross-site Request Forgery",2014-01-14,"Felipe Molina",hardware,webapps,80 30915,platforms/hardware/remote/30915.rb,"SerComm Device - Remote Code Execution",2014-01-14,Metasploit,hardware,remote,32764 30916,platforms/php/webapps/30916.txt,"Burden 1.8 - Authentication Bypass",2014-01-14,"High-Tech Bridge SA",php,webapps,80 30917,platforms/php/webapps/30917.txt,"Horizon QCMS 4.0 - Multiple Vulnerabilities",2014-01-14,"High-Tech Bridge SA",php,webapps,80 @@ -27831,14 +27831,14 @@ id,file,description,date,author,platform,type,port 30927,platforms/php/webapps/30927.txt,"Agares Media ThemeSiteScript 1.0 - 'loadadminpage' Parameter Remote File Inclusion",2007-12-24,Koller,php,webapps,0 30928,platforms/php/remote/30928.php,"PDFlib 7.0.2 - Multiple Remote Buffer Overflow Vulnerabilities",2007-12-24,poplix,php,remote,0 30929,platforms/php/webapps/30929.txt,"Logaholic - update.php page Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 -30930,platforms/php/webapps/30930.txt,"Logaholic - index.php parameter Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 -30931,platforms/php/webapps/30931.txt,"Logaholic - index.php conf Parameter XSS",2007-12-24,malibu.r,php,webapps,0 +30930,platforms/php/webapps/30930.txt,"Logaholic - 'index.php' parameter Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 +30931,platforms/php/webapps/30931.txt,"Logaholic - 'index.php' conf Parameter XSS",2007-12-24,malibu.r,php,webapps,0 30932,platforms/php/webapps/30932.txt,"Logaholic - profiles.php newconfname Parameter XSS",2007-12-24,malibu.r,php,webapps,0 30933,platforms/multiple/remote/30933.php,"Zoom Player 3.30/5/6 - Crafted .ZPL File Error Message Arbitrary Code Execution",2007-12-24,"Luigi Auriemma",multiple,remote,0 30934,platforms/windows/dos/30934.txt,"Total Player 3.0 - .M3U File Denial of Service",2007-12-25,"David G.M.",windows,dos,0 30935,platforms/hardware/remote/30935.txt,"ZyXEL P-330W - Multiple Vulnerabilities",2007-12-25,santa_clause,hardware,remote,0 30936,platforms/windows/dos/30936.html,"AOL Picture Editor 'YGPPicEdit.dll' ActiveX Control 9.5.1.8 - Multiple Buffer Overflow Vulnerabilities",2007-12-25,"Elazar Broad",windows,dos,0 -30937,platforms/php/webapps/30937.txt,"Limbo CMS 1.0.4 - 'com_option' Parameter Cross-Site Scripting",2007-12-25,"Omer Singer",php,webapps,0 +30937,platforms/php/webapps/30937.txt,"Limbo CMS 1.0.4 - 'com_option' Parameter Cross-site Scripting",2007-12-25,"Omer Singer",php,webapps,0 30938,platforms/asp/webapps/30938.txt,"Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injection",2007-12-24,bypass,asp,webapps,0 30939,platforms/windows/remote/30939.txt,"ImgSvr 0.6.21 - Error Message Remote Script Execution",2007-12-26,anonymous,windows,remote,0 30940,platforms/asp/webapps/30940.txt,"IPortalX - forum/login_user.asp Multiple Parameter XSS",2007-12-27,Doz,asp,webapps,0 @@ -27846,8 +27846,8 @@ id,file,description,date,author,platform,type,port 30942,platforms/linux/dos/30942.c,"Extended Module Player (xmp) 2.5.1 - 'oxm.c' And 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities",2007-12-27,"Luigi Auriemma",linux,dos,0 30943,platforms/multiple/dos/30943.txt,"Libnemesi 0.6.4-rc1 - Multiple Remote Buffer Overflow Vulnerabilities",2007-12-27,"Luigi Auriemma",multiple,dos,0 30944,platforms/multiple/remote/30944.txt,"Feng 0.1.15 - Multiple Remote Buffer Overflow and Denial of Service Vulnerabilities",2007-12-27,"Luigi Auriemma",multiple,remote,0 -30945,platforms/php/webapps/30945.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting",2007-12-28,"Juan Galiana Lara",php,webapps,0 -30946,platforms/php/webapps/30946.txt,"Collabtive 1.1 - (managetimetracker.php id param) SQL Injection",2014-01-15,"Yogesh Phadtare",php,webapps,80 +30945,platforms/php/webapps/30945.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-site Scripting",2007-12-28,"Juan Galiana Lara",php,webapps,0 +30946,platforms/php/webapps/30946.txt,"Collabtive 1.1 - (managetimetracker.php id parameter) SQL Injection",2014-01-15,"Yogesh Phadtare",php,webapps,80 30947,platforms/php/webapps/30947.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' SQL Injection",2007-12-28,"Juan Galiana Lara",php,webapps,0 30948,platforms/php/webapps/30948.txt,"OpenBiblio 0.x - staff_del_confirm.php Multiple Parameter XSS",2007-12-28,"Juan Galiana Lara",php,webapps,0 30949,platforms/php/webapps/30949.txt,"OpenBiblio 0.x - theme_del_confirm.php name Parameter XSS",2007-12-28,"Juan Galiana Lara",php,webapps,0 @@ -27859,30 +27859,30 @@ id,file,description,date,author,platform,type,port 30955,platforms/php/webapps/30955.txt,"PHPJabbers Vacation Rental Script 3.0 - Multiple Vulnerabilities",2014-01-15,"HackXBack ",php,webapps,80 30957,platforms/php/webapps/30957.txt,"PHCDownload 1.1 - search.php string Parameter SQL Injection",2007-12-29,Lostmon,php,webapps,0 30958,platforms/php/webapps/30958.txt,"PHCDownload 1.1 - search.php string Parameter XSS",2007-12-29,Lostmon,php,webapps,0 -30959,platforms/php/webapps/30959.txt,"Makale Scripti - Cross-Site Scripting",2007-12-29,GeFORC3,php,webapps,0 +30959,platforms/php/webapps/30959.txt,"Makale Scripti - Cross-site Scripting",2007-12-29,GeFORC3,php,webapps,0 30960,platforms/php/webapps/30960.pl,"CustomCMS 3.1 - 'vars.php' SQL Injection",2007-12-29,Pr0metheuS,php,webapps,0 30961,platforms/php/webapps/30961.txt,"MatPo.de Kontakt Formular 1.4 - 'function.php' Remote File Inclusion",2007-12-30,bd0rk,php,webapps,0 -30962,platforms/php/webapps/30962.txt,"MilliScripts - 'dir.php' Cross-Site Scripting",2007-12-31,"Jose Luis Gangora Fernandez",php,webapps,0 +30962,platforms/php/webapps/30962.txt,"MilliScripts - 'dir.php' Cross-site Scripting",2007-12-31,"Jose Luis Gangora Fernandez",php,webapps,0 30963,platforms/asp/webapps/30963.txt,"InstantSoftwares Dating Site - Login SQL Injection",2007-12-31,"Aria-Security Team",asp,webapps,0 30964,platforms/php/webapps/30964.txt,"LiveCart 1.0.1 - user/remindPassword return Parameter XSS",2007-12-31,Doz,php,webapps,0 30965,platforms/php/webapps/30965.txt,"LiveCart 1.0.1 - category q Parameter XSS",2007-12-31,Doz,php,webapps,0 30966,platforms/php/webapps/30966.txt,"LiveCart 1.0.1 - order return Parameter XSS",2007-12-31,Doz,php,webapps,0 30967,platforms/php/webapps/30967.txt,"LiveCart 1.0.1 - user/remindComplete email Parameter XSS",2007-12-31,Doz,php,webapps,0 30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - wp-admin/edit.php backup Parameter XSS",2008-01-03,3APA3A,php,webapps,0 -30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 -30981,platforms/php/webapps/30981.txt,"PRO-Search 0.17 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 +30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 - Multiple Cross-site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 +30981,platforms/php/webapps/30981.txt,"PRO-Search 0.17 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30982,platforms/php/webapps/30982.html,"Nucleus CMS 3.0.1 - 'myid' Parameter SQL Injection Weakness",2008-01-03,MustLive,php,webapps,0 -30983,platforms/php/webapps/30983.txt,"ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting",2008-01-03,MustLive,php,webapps,0 -30984,platforms/php/webapps/30984.txt,"eTicket 1.5.5 - 'newticket.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-03,"Omer Singer",php,webapps,0 +30983,platforms/php/webapps/30983.txt,"ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-site Scripting",2008-01-03,MustLive,php,webapps,0 +30984,platforms/php/webapps/30984.txt,"eTicket 1.5.5 - 'newticket.php' Multiple Cross-site Scripting Vulnerabilities",2007-01-03,"Omer Singer",php,webapps,0 30985,platforms/linux/dos/30985.txt,"libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Vulnerabilities",2007-12-30,"Devon Miller",linux,dos,0 31083,platforms/php/webapps/31083.txt,"Nilson's Blogger 0.11 - 'comments.php' Local File Inclusion",2008-01-31,muuratsalo,php,webapps,0 30987,platforms/php/webapps/30987.txt,"netRisk 1.9.7 - 'index.php' Remote File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 -30988,platforms/php/webapps/30988.txt,"Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 +30988,platforms/php/webapps/30988.txt,"Rotabanner Local 2/3 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30989,platforms/multiple/dos/30989.txt,"Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial Of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 30990,platforms/multiple/dos/30990.txt,"Foxit WAC Server 2.0 Build 3503 - Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 30991,platforms/multiple/dos/30991.txt,"Pragma TelnetServer 7.0.4.589 - NULL-Pointer Dereference Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 30992,platforms/php/webapps/30992.txt,"Strawberry 1.1.1 - 'html.php' Remote Code Execution",2008-01-07,"Eugene Minaev",php,webapps,0 -30993,platforms/asp/webapps/30993.txt,"Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-07,Doz,asp,webapps,0 +30993,platforms/asp/webapps/30993.txt,"Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-site Scripting Vulnerabilities",2008-01-07,Doz,asp,webapps,0 30994,platforms/php/webapps/30994.html,"eTicket 1.5.5.2 - admin.php CSRF",2008-01-07,L4teral,php,webapps,0 30995,platforms/php/webapps/30995.txt,"eTicket 1.5.5.2 - view.php s Parameter XSS",2008-01-07,L4teral,php,webapps,0 30996,platforms/php/webapps/30996.txt,"eTicket 1.5.5.2 - search.php Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 @@ -27890,46 +27890,46 @@ id,file,description,date,author,platform,type,port 30998,platforms/linux/remote/30998.py,"SynCE 0.92 - 'vdccm' Daemon Remote Command Injection",2008-01-07,"Alfredo Ortega",linux,remote,0 30999,platforms/windows/local/30999.txt,"Creative Ensoniq PCI ES1371 WDM Driver 5.1.3612 - Local Privilege Escalation",2008-01-07,"Ruben Santamarta ",windows,local,0 31000,platforms/php/webapps/31000.txt,"SysHotel On Line System - 'index.php' Local File Inclusion",2008-01-08,p4imi0,php,webapps,0 -31001,platforms/php/webapps/31001.txt,"IceWarp Mail Server 9.1.1 - 'admin/index.html' Cross-Site Scripting",2008-01-08,Ekin0x,php,webapps,0 +31001,platforms/php/webapps/31001.txt,"IceWarp Mail Server 9.1.1 - 'admin/index.html' Cross-site Scripting",2008-01-08,Ekin0x,php,webapps,0 31002,platforms/linux/dos/31002.txt,"xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow",2008-01-09,"Luigi Auriemma",linux,dos,0 31003,platforms/php/webapps/31003.txt,"Omegasoft Insel 7 - Authentication Bypass and User Enumeration Weakness",2008-01-09,MC.Iglo,php,webapps,0 31004,platforms/jsp/webapps/31004.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/login.jsp Multiple Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 31005,platforms/jsp/webapps/31005.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/account/findForSelect.jsp resultsForm Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 31006,platforms/jsp/webapps/31006.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/help/index.jsp helpUrl Variable Remote Frame Injection",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 31007,platforms/jsp/webapps/31007.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/user/main.jsp activeControl Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 -31008,platforms/php/webapps/31008.txt,"Joomla-SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-09,Doz,php,webapps,0 +31008,platforms/php/webapps/31008.txt,"Joomla-SMF Forum 1.1.4 - Multiple Cross-site Scripting Vulnerabilities",2008-01-09,Doz,php,webapps,0 31009,platforms/php/webapps/31009.txt,"ID-Commerce 2.0 - 'liste.php' SQL Injection",2008-01-10,consultant.securite,php,webapps,0 31010,platforms/multiple/remote/31010.sql,"Oracle Database 10 g - XML DB XDB.XDB_PITRIG_PKG Package PITRIG_TRUNCATE Function Overflow",2008-01-10,sh2kerr,multiple,remote,0 31011,platforms/php/webapps/31011.txt,"Members Area System 1.7 - 'view_func.php' Remote File Inclusion",2008-01-11,ShipNX,php,webapps,0 -31082,platforms/php/webapps/31082.txt,"Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting",2008-01-31,"Tomasz Kuczynski",php,webapps,0 -31013,platforms/hardware/remote/31013.txt,"2Wire Routers - Cross-Site Request Forgery",2008-01-15,hkm,hardware,remote,0 +31082,platforms/php/webapps/31082.txt,"Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-site Scripting",2008-01-31,"Tomasz Kuczynski",php,webapps,0 +31013,platforms/hardware/remote/31013.txt,"2Wire Routers - Cross-site Request Forgery",2008-01-15,hkm,hardware,remote,0 31014,platforms/windows/dos/31014.py,"haneWIN DNS Server 1.5.3 - Denial of Service",2014-01-17,sajith,windows,dos,53 31015,platforms/php/webapps/31015.txt,"bloofox CMS 0.5.0 - Multiple Vulnerabilities",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,80 -31017,platforms/asp/webapps/31017.php,"SmarterMail Enterprise and Standard 11.x - Stored XSS",2014-01-17,"Saeed reza Zamanian",asp,webapps,80 +31017,platforms/asp/webapps/31017.php,"SmarterMail Enterprise and Standard 11.x - Persistent Cross-site Scripting",2014-01-17,"Saeed reza Zamanian",asp,webapps,80 31018,platforms/linux/dos/31018.txt,"GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities",2008-01-11,"Sam Hocevar",linux,dos,0 -31020,platforms/php/webapps/31020.txt,"Moodle 1.8.3 - 'install.php' Cross-Site Scripting",2008-01-12,"Hanno Bock",php,webapps,0 +31020,platforms/php/webapps/31020.txt,"Moodle 1.8.3 - 'install.php' Cross-site Scripting",2008-01-12,"Hanno Bock",php,webapps,0 31021,platforms/osx/dos/31021.html,"Apple Safari 2.0.4 - KHTML WebKit Remote Denial of Service",2008-01-12,"David Barroso",osx,dos,0 -31022,platforms/php/webapps/31022.txt,"PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting",2008-01-13,"Christophe VG",php,webapps,0 +31022,platforms/php/webapps/31022.txt,"PHP Running Management 1.0.2 - 'index.php' Cross-site Scripting",2008-01-13,"Christophe VG",php,webapps,0 31023,platforms/windows/remote/31023.html,"Qvod Player 2.1.5 - 'QvodInsert.dll' ActiveX Control Remote Buffer Overflow",2008-01-11,anonymous,windows,remote,0 31031,platforms/hardware/remote/31031.txt,"8E6 R3000 Internet Filter 2.0.5.33 - URI Security Bypass",2008-01-16,nnposter,hardware,remote,0 31032,platforms/windows/remote/31032.txt,"BitTorrent 6.0 / uTorrent 1.6/1.7 - Peers Window Remote Code Execution",2008-01-16,"Luigi Auriemma",windows,remote,0 31033,platforms/hardware/webapps/31033.py,"ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP)",2014-01-19,"Jacob Holcomb",hardware,webapps,80 31034,platforms/php/webapps/31034.txt,"MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection",2008-01-16,waraxe,php,webapps,0 -31035,platforms/php/webapps/31035.txt,"Clever Copy 3.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2008-01-17,hadihadi,php,webapps,0 +31035,platforms/php/webapps/31035.txt,"Clever Copy 3.0 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2008-01-17,hadihadi,php,webapps,0 31036,platforms/windows/local/31036.txt,"CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities",2008-01-17,"Sebastian Gottschalk",windows,local,0 31037,platforms/php/webapps/31037.txt,"phpAutoVideo 2.21 - sidebar.php loadpage Parameter Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 -31038,platforms/php/webapps/31038.txt,"phpAutoVideo 2.21 - index.php cat Parameter XSS",2008-01-18,"H-T Team",php,webapps,0 +31038,platforms/php/webapps/31038.txt,"phpAutoVideo 2.21 - 'index.php' cat Parameter XSS",2008-01-18,"H-T Team",php,webapps,0 31039,platforms/windows/remote/31039.txt,"BitDefender Products - Update Server HTTP Daemon Directory Traversal",2008-01-19,"Oliver Karow",windows,remote,0 31040,platforms/windows/remote/31040.html,"Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow",2008-01-20,rgod,windows,remote,0 31041,platforms/php/webapps/31041.txt,"bloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities",2008-01-20,"AmnPardaz ",php,webapps,0 -31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b - 'upload.asp' Cross-Site Scripting",2008-01-21,Doz,asp,webapps,0 -31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router - Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 -31044,platforms/php/webapps/31044.txt,"singapore 0.10.1 Modern Template - 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 +31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b - 'upload.asp' Cross-site Scripting",2008-01-21,Doz,asp,webapps,0 +31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router - Cross-site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 +31044,platforms/php/webapps/31044.txt,"singapore 0.10.1 Modern Template - 'gallery' Parameter Cross-site Scripting",2008-01-21,trew,php,webapps,0 31045,platforms/php/webapps/31045.txt,"Small Axe Weblog 0.3.1 - 'ffile' Parameter Remote File Inclusion",2008-01-21,anonymous,php,webapps,0 31046,platforms/windows/remote/31046.cpp,"GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Buffer Overflow",2008-01-09,Knell,windows,remote,0 -31047,platforms/multiple/remote/31047.txt,"Novemberborn sIFR 2.0.2/3 - 'txt' Parameter Cross-Site Scripting",2008-01-22,"Jan Fry",multiple,remote,0 +31047,platforms/multiple/remote/31047.txt,"Novemberborn sIFR 2.0.2/3 - 'txt' Parameter Cross-site Scripting",2008-01-22,"Jan Fry",multiple,remote,0 31048,platforms/php/webapps/31048.txt,"PacerCMS 0.6 - 'id' Parameter Multiple SQL Injection",2008-01-22,RawSecurity.org,php,webapps,0 -31049,platforms/php/webapps/31049.txt,"DeluxeBB 1.1 - 'attachments_header.php' Cross-Site Scripting",2008-01-22,NBBN,php,webapps,0 +31049,platforms/php/webapps/31049.txt,"DeluxeBB 1.1 - 'attachments_header.php' Cross-site Scripting",2008-01-22,NBBN,php,webapps,0 31050,platforms/multiple/remote/31050.php,"Firebird 2.0.3 Relational Database - 'protocol.cpp' XDR Protocol Remote Memory Corruption",2008-01-28,"Damian Frizza",multiple,remote,0 31051,platforms/linux/remote/31051.txt,"Mozilla Firefox 2.0 - chrome:// URI JavaScript File Request Information Disclosure",2008-01-19,"Gerry Eisenhaur",linux,remote,0 31052,platforms/linux/remote/31052.java,"Apache 2.2.6 - 'mod_negotiation' HTML Injection and HTTP Response Splitting",2008-01-22,"Stefano Di Paola",linux,remote,0 @@ -27940,45 +27940,45 @@ id,file,description,date,author,platform,type,port 31057,platforms/osx/dos/31057.html,"Apple iPhone Mobile Safari - Memory Exhaustion Remote Denial of Service",2008-01-24,fuzion,osx,dos,0 31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts - 'user_login.asp' Multiple SQL Injection Vulnerabilities",2008-01-25,milad_sa2007,asp,webapps,0 31059,platforms/asp/webapps/31059.txt,"E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities",2008-01-25,milad_sa2007,asp,webapps,0 -31060,platforms/php/webapps/31060.txt,"Drake CMS 0.4.9 - 'index.php' Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 +31060,platforms/php/webapps/31060.txt,"Drake CMS 0.4.9 - 'index.php' Cross-site Scripting",2008-01-25,"Omer Singer",php,webapps,0 31061,platforms/php/webapps/31061.txt,"Trixbox 2.4.2 - user/index.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 31062,platforms/php/webapps/31062.txt,"Trixbox 2.4.2 - maint/index.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 31063,platforms/php/webapps/31063.txt,"WebCalendar 1.1.6 - pref.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 31064,platforms/php/webapps/31064.txt,"WebCalendar 1.1.6 - search.php adv Parameter XSS",2008-01-25,"Omer Singer",php,webapps,0 -31065,platforms/php/webapps/31065.txt,"F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting",2008-01-26,nnposter,php,webapps,0 -31066,platforms/php/webapps/31066.txt,"Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting",2008-01-28,"AmnPardaz ",php,webapps,0 +31065,platforms/php/webapps/31065.txt,"F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-site Scripting",2008-01-26,nnposter,php,webapps,0 +31066,platforms/php/webapps/31066.txt,"Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-site Scripting",2008-01-28,"AmnPardaz ",php,webapps,0 31067,platforms/php/webapps/31067.txt,"ClanSphere 2007.4.4 - 'install.php' Local File Inclusion",2008-01-28,p4imi0,php,webapps,0 31068,platforms/php/webapps/31068.txt,"Mambo MOStlyCE Module 2.4 Image Manager Utility - Arbitrary File Upload",2008-01-28,"AmnPardaz ",php,webapps,0 -31069,platforms/php/webapps/31069.txt,"eTicket 1.5.6-RC4 - 'index.php' Cross-Site Scripting",2008-01-28,jekil,php,webapps,0 +31069,platforms/php/webapps/31069.txt,"eTicket 1.5.6-RC4 - 'index.php' Cross-site Scripting",2008-01-28,jekil,php,webapps,0 31070,platforms/asp/webapps/31070.txt,"ASPired2Protect Login Page - SQL Injection",2008-01-28,T_L_O_T_D,asp,webapps,0 31071,platforms/cgi/webapps/31071.txt,"VB Marketing - 'tseekdir.cgi' Local File Inclusion",2008-01-28,"Sw33t h4cK3r",cgi,webapps,0 31072,platforms/windows/remote/31072.html,"Symantec Backup Exec System Recovery Manager 7.0 - FileUpload Class Unauthorized File Upload",2007-01-05,titon,windows,remote,0 -31073,platforms/java/webapps/31073.html,"SunGard Banner Student 7.3 - 'add1' Parameter Cross-Site Scripting",2008-01-29,"Brendan M. Hickey",java,webapps,0 -31074,platforms/php/webapps/31074.txt,"Nucleus CMS 3.22 - 'action.php' Cross-Site Scripting",2008-01-20,"Alexandr Polyakov",php,webapps,0 -31075,platforms/php/webapps/31075.txt,"AmpJuke 0.7 - 'index.php' Cross-Site Scripting",2008-01-29,ShaFuck31,php,webapps,0 +31073,platforms/java/webapps/31073.html,"SunGard Banner Student 7.3 - 'add1' Parameter Cross-site Scripting",2008-01-29,"Brendan M. Hickey",java,webapps,0 +31074,platforms/php/webapps/31074.txt,"Nucleus CMS 3.22 - 'action.php' Cross-site Scripting",2008-01-20,"Alexandr Polyakov",php,webapps,0 +31075,platforms/php/webapps/31075.txt,"AmpJuke 0.7 - 'index.php' Cross-site Scripting",2008-01-29,ShaFuck31,php,webapps,0 31076,platforms/linux/remote/31076.py,"MPlayer 1.0rc2 - 'demux_mov.c' Remote Code Execution",2008-02-04,"Felipe Manzano",linux,remote,0 31077,platforms/php/webapps/31077.txt,"Mambo/Joomla 'com_buslicense' Component - 'aid' Parameter SQL Injection",2008-01-30,S@BUN,php,webapps,0 31078,platforms/hardware/remote/31078.txt,"2Wire Routers 'H04_POST' - Access Validation",2008-01-30,"Oligarchy Oligarchy",hardware,remote,0 -31079,platforms/php/webapps/31079.txt,"webSPELL 4.1.2 - 'whoisonline.php' Cross-Site Scripting",2008-01-30,NBBN,php,webapps,0 +31079,platforms/php/webapps/31079.txt,"webSPELL 4.1.2 - 'whoisonline.php' Cross-site Scripting",2008-01-30,NBBN,php,webapps,0 31080,platforms/php/webapps/31080.txt,"YeSiL KoRiDoR Ziyaretçi Defteri - 'index.php' SQL Injection",2008-01-30,ShaFuck31,php,webapps,0 -31081,platforms/cgi/webapps/31081.txt,"OpenBSD 4.1 - bgplg 'cmd' Parameter Cross-Site Scripting",2007-10-10,"Anton Karpov",cgi,webapps,0 +31081,platforms/cgi/webapps/31081.txt,"OpenBSD 4.1 - bgplg 'cmd' Parameter Cross-site Scripting",2007-10-10,"Anton Karpov",cgi,webapps,0 31084,platforms/php/webapps/31084.txt,"Archimede Net 2000 - 'E-Guest_show.php' SQL Injection",2008-02-01,"Sw33t h4cK3r",php,webapps,0 31085,platforms/php/webapps/31085.txt,"Doodle4Gift - Multiple Vulnerabilities",2014-01-20,Dr.NaNo,php,webapps,80 -31086,platforms/php/webapps/31086.php,"AfterLogic Pro and Lite 7.1.1.1 - Stored XSS",2014-01-20,"Saeed reza Zamanian",php,webapps,80 -31087,platforms/hardware/webapps/31087.txt,"Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS",2014-01-20,"Rakesh S",hardware,webapps,80 +31086,platforms/php/webapps/31086.php,"AfterLogic Pro and Lite 7.1.1.1 - Persistent Cross-site Scripting",2014-01-20,"Saeed reza Zamanian",php,webapps,80 +31087,platforms/hardware/webapps/31087.txt,"Teracom Modem T2-B-Gawv1.4U10Y-BI - Persistent Cross-site Scripting",2014-01-20,"Rakesh S",hardware,webapps,80 31088,platforms/hardware/webapps/31088.py,"BLUE COM Router 5360/52018 - Password Reset Exploit",2014-01-20,KAI,hardware,webapps,80 31090,platforms/windows/local/31090.txt,"MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()",2014-01-20,"Jean-Jamil Khalife",windows,local,0 -31091,platforms/php/webapps/31091.txt,"Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting",2008-02-02,Crackers_Child,php,webapps,0 +31091,platforms/php/webapps/31091.txt,"Domain Trader 2.0 - 'catalog.php' Cross-site Scripting",2008-02-02,Crackers_Child,php,webapps,0 31092,platforms/php/webapps/31092.txt,"WP-Footnotes 2.2 WordPress Plugin - Multiple Remote Vulnerabilities",2008-02-02,NBBN,php,webapps,0 31093,platforms/php/webapps/31093.txt,"ITechClassifieds - ViewCat.php CatID Parameter SQL Injection",2008-02-02,Crackers_Child,php,webapps,0 31094,platforms/php/webapps/31094.txt,"ITechClassifieds - ViewCat.php CatID Parameter XSS",2008-02-02,Crackers_Child,php,webapps,0 -31095,platforms/novell/remote/31095.txt,"Novell GroupWise 5.57e/6.5.7/7.0 WebAccess - Multiple Cross-Site Scripting Vulnerabilities",2008-01-31,"Frederic Loudet",novell,remote,0 +31095,platforms/novell/remote/31095.txt,"Novell GroupWise 5.57e/6.5.7/7.0 WebAccess - Multiple Cross-site Scripting Vulnerabilities",2008-01-31,"Frederic Loudet",novell,remote,0 31096,platforms/php/webapps/31096.txt,"WordPress Plugin ShiftThis Newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 -31097,platforms/php/webapps/31097.txt,"CruxCMS 3.0 - 'search.php' Cross-Site Scripting",2008-02-04,Psiczn,php,webapps,0 +31097,platforms/php/webapps/31097.txt,"CruxCMS 3.0 - 'search.php' Cross-site Scripting",2008-02-04,Psiczn,php,webapps,0 31098,platforms/php/webapps/31098.txt,"Simple OS CMS 0.1c_beta - 'login.php' SQL Injection",2008-02-04,Psiczn,php,webapps,0 31099,platforms/php/webapps/31099.txt,"Codice CMS - 'login.php' SQL Injection",2008-02-04,Psiczn,php,webapps,0 31100,platforms/multiple/dos/31100.txt,"Anon Proxy Server 0.100/0.102 - Remote Authentication Buffer Overflow",2008-02-04,L4teral,multiple,dos,0 -31101,platforms/php/webapps/31101.txt,"HispaH Youtube Clone - 'load_message.php' Cross-Site Scripting",2008-02-04,Smasher,php,webapps,0 +31101,platforms/php/webapps/31101.txt,"HispaH Youtube Clone - 'load_message.php' Cross-site Scripting",2008-02-04,Smasher,php,webapps,0 31102,platforms/hardware/dos/31102.c,"MikroTik RouterOS 3.0 - SNMP SET Denial of Service",2008-02-04,ShadOS,hardware,dos,0 31103,platforms/asp/webapps/31103.txt,"AstroSoft HelpDesk - operator/article/article_search_results.asp txtSearch Parameter XSS",2008-02-04,"Alexandr Polyakov",asp,webapps,0 31104,platforms/asp/webapps/31104.txt,"AstroSoft HelpDesk - operator/article/article_attachment.asp Attach_Id Parameter XSS",2008-02-04,"Alexandr Polyakov",asp,webapps,0 @@ -27989,30 +27989,30 @@ id,file,description,date,author,platform,type,port 31109,platforms/php/webapps/31109.txt,"Portail Web Php 2.5.1 - modules/conf_modules.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 31110,platforms/php/webapps/31110.txt,"Portail Web Php 2.5.1 - system/login.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 31111,platforms/php/webapps/31111.txt,"Download Management 1.00 for PHP-Fusion - Multiple Local File Inclusion",2008-02-05,Psiczn,php,webapps,0 -31112,platforms/php/webapps/31112.txt,"DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities",2008-02-04,Lostmon,php,webapps,0 +31112,platforms/php/webapps/31112.txt,"DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-site Scripting Vulnerabilities",2008-02-04,Lostmon,php,webapps,0 31113,platforms/windows/remote/31113.html,"GlobalLink 2.6.1.2 - 'HanGamePlugincn18.dll' ActiveX Control Multiple Buffer Overflow Vulnerabilities",2008-02-05,anonymous,windows,remote,0 31114,platforms/windows/dos/31114.txt,"Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution / Security Vulnerabilities",2008-02-06,"Paul Craig",windows,dos,0 -31115,platforms/php/webapps/31115.txt,"MyNews 1.6.x - 'hash' Parameter Cross-Site Scripting",2008-02-06,SkyOut,php,webapps,0 -31116,platforms/php/webapps/31116.txt,"Pagetool 1.07 - 'search_term' Parameter Cross-Site Scripting",2008-02-06,Phanter-Root,php,webapps,0 +31115,platforms/php/webapps/31115.txt,"MyNews 1.6.x - 'hash' Parameter Cross-site Scripting",2008-02-06,SkyOut,php,webapps,0 +31116,platforms/php/webapps/31116.txt,"Pagetool 1.07 - 'search_term' Parameter Cross-site Scripting",2008-02-06,Phanter-Root,php,webapps,0 31117,platforms/asp/webapps/31117.txt,"WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 31118,platforms/windows/remote/31118.c,"Microsoft Works 8.0 - File Converter Field Length Remote Code Execution",2008-02-06,"Luigi Auriemma",windows,remote,0 31119,platforms/multiple/remote/31119.txt,"TinTin++ / WinTin++ 1.97.9 - '#chat' Command Multiple Security Vulnerabilities",2008-02-06,"Luigi Auriemma",multiple,remote,0 -31120,platforms/php/webapps/31120.txt,"MODx 0.9.6 - index.php Multiple Parameter XSS",2008-02-07,"Alexandr Polyakov",php,webapps,0 +31120,platforms/php/webapps/31120.txt,"MODx 0.9.6 - 'index.php' Multiple Parameter XSS",2008-02-07,"Alexandr Polyakov",php,webapps,0 31121,platforms/php/webapps/31121.txt,"Joomla! and Mambo com_sermon 0.2 Component - 'gid' Parameter SQL Injection",2008-02-07,S@BUN,php,webapps,0 31122,platforms/windows/dos/31122.txt,"Ipswitch Instant Messaging 2.0.8.1 - Multiple Security Vulnerabilities",2008-02-07,"Luigi Auriemma",windows,dos,0 31123,platforms/php/webapps/31123.txt,"PowerScripts PowerNews 2.5.6 - 'subpage' Parameter Multiple Local File Inclusion",2008-02-08,"Alexandr Polyakov",php,webapps,0 -31124,platforms/php/webapps/31124.txt,"Calimero.CMS 3.3 - 'id' Parameter Cross-Site Scripting",2008-02-08,Psiczn,php,webapps,0 +31124,platforms/php/webapps/31124.txt,"Calimero.CMS 3.3 - 'id' Parameter Cross-site Scripting",2008-02-08,Psiczn,php,webapps,0 31125,platforms/php/webapps/31125.txt,"Joovili 2.1 - 'members_help.php' Remote File Inclusion",2008-02-08,Cr@zy_King,php,webapps,0 -31126,platforms/php/webapps/31126.txt,"Serendipity Freetag-plugin 2.95 - 'style' parameter Cross-Site Scripting",2008-02-08,"Alexander Brachmann",php,webapps,0 +31126,platforms/php/webapps/31126.txt,"Serendipity Freetag-plugin 2.95 - 'style' parameter Cross-site Scripting",2008-02-08,"Alexander Brachmann",php,webapps,0 31127,platforms/linux/remote/31127.txt,"Mozilla Firefox 2.0.9 - 'view-source:' Scheme Information Disclosure",2008-02-08,"Ronald van den Heetkamp",linux,remote,0 31128,platforms/multiple/dos/31128.txt,"Multiple IEA Software Products - HTTP POST Request Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 31129,platforms/php/webapps/31129.txt,"Managed Workplace Service Center 4.x/5.x/6.x - Installation Information Disclosure",2008-02-08,"Brook Powers",php,webapps,0 31130,platforms/multiple/remote/31130.txt,"Apache Tomcat 6.0.15 - Cookie Quote Handling Remote Information Disclosure",2008-02-09,"John Kew",multiple,remote,0 -31131,platforms/php/webapps/31131.txt,"PK-Designs PKs Movie Database 3.0.3 - 'index.php' SQL Injection / Cross-Site Scripting",2008-02-09,Houssamix,php,webapps,0 +31131,platforms/php/webapps/31131.txt,"PK-Designs PKs Movie Database 3.0.3 - 'index.php' SQL Injection / Cross-site Scripting",2008-02-09,Houssamix,php,webapps,0 31132,platforms/hardware/remote/31132.txt,"Group Logic ExtremeZ-IP File and Print Servers 5.1.2 x15 - Multiple Vulnerabilities",2008-02-10,"Luigi Auriemma",hardware,remote,0 -31133,platforms/hardware/remote/31133.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Cross-Site Request Forgery",2008-02-11,nnposter,hardware,remote,0 +31133,platforms/hardware/remote/31133.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Cross-site Request Forgery",2008-02-11,nnposter,hardware,remote,0 31134,platforms/php/webapps/31134.txt,"VWar 1.5 - 'calendar.php' SQL Injection",2008-02-11,Pouya_Server,php,webapps,0 -31135,platforms/php/webapps/31135.txt,"Rapid-Source Rapid-Recipe Component - Multiple SQL Injection",2008-02-11,breaker_unit,php,webapps,0 +31135,platforms/php/webapps/31135.txt,"Rapid-Source Rapid-Recipe Component - Multiple SQL Injections",2008-02-11,breaker_unit,php,webapps,0 31136,platforms/multiple/dos/31136.txt,"cyan soft - Multiple Applications Format String and Denial of Service",2008-02-11,"Luigi Auriemma",multiple,dos,0 31137,platforms/php/webapps/31137.txt,"Joomla! and Mambo com_comments Component 0.5.8.5g - 'id' Parameter SQL Injection",2008-02-11,CheebaHawk215,php,webapps,0 31138,platforms/windows/dos/31138.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) NPSpcSVR.exe License Command Remote Overflow",2008-02-11,"Luigi Auriemma",windows,dos,0 @@ -28030,7 +28030,7 @@ id,file,description,date,author,platform,type,port 31150,platforms/multiple/dos/31150.txt,"RPM Remote Print Manager 4.5.1 - Service Remote Buffer Overflow",2008-02-11,"Luigi Auriemma",multiple,dos,0 31151,platforms/linux/local/31151.c,"GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Based Buffer Overflow",2008-02-12,forensec,linux,local,0 31152,platforms/php/webapps/31152.txt,"artmedic weblog - artmedic_print.php date Parameter XSS",2008-02-12,muuratsalo,php,webapps,0 -31153,platforms/php/webapps/31153.txt,"artmedic weblog - index.php jahrneu Parameter XSS",2008-02-12,muuratsalo,php,webapps,0 +31153,platforms/php/webapps/31153.txt,"artmedic weblog - 'index.php' jahrneu Parameter XSS",2008-02-12,muuratsalo,php,webapps,0 31154,platforms/php/webapps/31154.txt,"Counter Strike Portals - 'download' SQL Injection",2008-02-12,S@BUN,php,webapps,0 31155,platforms/php/webapps/31155.txt,"Joomla! and Mambo com_iomezun Component - 'id' Parameter SQL Injection",2008-02-12,S@BUN,php,webapps,0 31156,platforms/php/webapps/31156.txt,"Cacti 0.8.7 - graph_view.php graph_list Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 @@ -28047,17 +28047,17 @@ id,file,description,date,author,platform,type,port 31258,platforms/ios/webapps/31258.txt,"SimplyShare 1.4 iOS - Multiple Vulnerabilities",2014-01-29,Vulnerability-Lab,ios,webapps,0 31168,platforms/windows/dos/31168.pl,"NCH Software Express Burn Plus 4.68 - (.EBP) Project File Buffer Overflow",2014-01-24,LiquidWorm,windows,dos,0 31334,platforms/php/webapps/31334.txt,"Mitra Informatika Solusindo Cart - 'p' Parameter SQL Injection",2008-03-04,bius,php,webapps,0 -31335,platforms/php/webapps/31335.txt,"MG2 - 'list' Parameter Cross-Site Scripting",2008-03-04,"Jose Carlos Norte",php,webapps,0 -31336,platforms/php/webapps/31336.txt,"Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting",2008-03-05,ZoRLu,php,webapps,0 -31700,platforms/php/webapps/31700.txt,"e107 CMS 0.7 - Multiple Cross-Site Scripting Vulnerabilities",2008-04-24,ZoRLu,php,webapps,0 -31701,platforms/php/webapps/31701.txt,"Digital Hive 2.0 - 'base.php' Parameter Cross-Site Scripting",2008-04-24,ZoRLu,php,webapps,0 +31335,platforms/php/webapps/31335.txt,"MG2 - 'list' Parameter Cross-site Scripting",2008-03-04,"Jose Carlos Norte",php,webapps,0 +31336,platforms/php/webapps/31336.txt,"Podcast Generator 0.96.2 - 'set_permissions.php' Cross-site Scripting",2008-03-05,ZoRLu,php,webapps,0 +31700,platforms/php/webapps/31700.txt,"e107 CMS 0.7 - Multiple Cross-site Scripting Vulnerabilities",2008-04-24,ZoRLu,php,webapps,0 +31701,platforms/php/webapps/31701.txt,"Digital Hive 2.0 - 'base.php' Parameter Cross-site Scripting",2008-04-24,ZoRLu,php,webapps,0 31683,platforms/hardware/remote/31683.php,"Linksys E-series - Unauthenticated Remote Code Execution Exploit",2014-02-16,Rew,hardware,remote,0 31173,platforms/php/webapps/31173.txt,"pChart 2.1.3 - Multiple Vulnerabilities",2014-01-24,"Balazs Makany",php,webapps,80 -31174,platforms/php/webapps/31174.txt,"Joomla Komento Extension 1.7.2 - Stored XSS",2014-01-24,"High-Tech Bridge SA",php,webapps,80 -31175,platforms/php/webapps/31175.txt,"Joomla JV Comment Extension 3.0.2 - (index.php id param) SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80 -31176,platforms/windows/dos/31176.html,"MW6 Technologies Aztec ActiveX (Data param) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 -31177,platforms/windows/dos/31177.html,"MW6 Technologies DataMatrix - ActiveX (Data param) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 -31178,platforms/windows/dos/31178.html,"MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 +31174,platforms/php/webapps/31174.txt,"Joomla Komento Extension 1.7.2 - Persistent Cross-site Scripting",2014-01-24,"High-Tech Bridge SA",php,webapps,80 +31175,platforms/php/webapps/31175.txt,"Joomla JV Comment Extension 3.0.2 - (index.php id parameter) SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80 +31176,platforms/windows/dos/31176.html,"MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 +31177,platforms/windows/dos/31177.html,"MW6 Technologies DataMatrix - ActiveX (Data parameter) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 +31178,platforms/windows/dos/31178.html,"MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 31179,platforms/windows/remote/31179.html,"Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow",2014-01-24,"Trustwave's SpiderLabs",windows,remote,0 31180,platforms/hardware/webapps/31180.txt,"Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities",2014-01-24,"Trustwave's SpiderLabs",hardware,webapps,10001 31181,platforms/windows/remote/31181.rb,"HP Data Protector - Backup Client Service Directory Traversal",2014-01-24,Metasploit,windows,remote,5555 @@ -28088,7 +28088,7 @@ id,file,description,date,author,platform,type,port 31201,platforms/php/webapps/31201.txt,"artmedic webdesign weblog - Multiple Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 31202,platforms/php/webapps/31202.txt,"PlutoStatus Locator 1.0pre alpha - 'index.php' Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 31203,platforms/multiple/dos/31203.txt,"Mozilla Firefox 2.0.0.12 - IFrame Recursion Remote Denial of Service",2008-02-15,"Carl Hardwick",multiple,dos,0 -31204,platforms/windows/remote/31204.txt,"Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities",2008-02-15,"Leon Juranic",windows,remote,0 +31204,platforms/windows/remote/31204.txt,"Sophos Email Appliance 2.1 - Web Interface Multiple Cross-site Scripting Vulnerabilities",2008-02-15,"Leon Juranic",windows,remote,0 31205,platforms/windows/dos/31205.txt,"Sami FTP Server 2.0.x - Multiple Commands Remote Denial Of Service Vulnerabilities",2008-02-15,Cod3rZ,windows,dos,0 31206,platforms/php/webapps/31206.txt,"Joomla! and Mambo 'com_smslist' Component - 'listid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31207,platforms/php/webapps/31207.txt,"Joomla! and Mambo 'com_activities' Component - 'id' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 @@ -28111,21 +28111,21 @@ id,file,description,date,author,platform,type,port 32246,platforms/php/webapps/32246.txt,"Nortel Networks SRG V16 - admin_modules.php module Parameter Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 32247,platforms/php/webapps/32247.txt,"Nortel Networks SRG V16 - modules.php module Parameter Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 31220,platforms/linux/dos/31220.py,"MP3Info 0.8.5a - Buffer Overflow",2014-01-27,jsacco,linux,dos,0 -31221,platforms/windows/webapps/31221.txt,"Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI)",2014-01-27,"David Um",windows,webapps,0 +31221,platforms/windows/webapps/31221.txt,"Ability Mail Server 2013 - Password Reset CSRF from Persistent Cross-site Scripting (Web UI)",2014-01-27,"David Um",windows,webapps,0 31222,platforms/windows/dos/31222.py,"Oracle Outside In MDB - File Parsing Stack Based Buffer Overflow PoC",2014-01-27,Citadelo,windows,dos,0 31223,platforms/multiple/dos/31223.txt,"Mozilla Thunderbird 17.0.6 - Input Validation Filter Bypass",2014-01-27,Vulnerability-Lab,multiple,dos,0 31224,platforms/php/webapps/31224.txt,"Joomla! and Mambo com_profile Component - 'oid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 -31225,platforms/php/webapps/31225.html,"RunCMS 1.6.1 - 'admin.php' Cross-Site Scripting",2008-02-18,NBBN,php,webapps,0 +31225,platforms/php/webapps/31225.html,"RunCMS 1.6.1 - 'admin.php' Cross-site Scripting",2008-02-18,NBBN,php,webapps,0 31226,platforms/php/webapps/31226.txt,"Joomla! and Mambo com_detail Component - 'id' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0 31227,platforms/php/webapps/31227.txt,"Yellow Swordfish Simple Forum 1.x - 'sf-profile.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 31228,platforms/php/webapps/31228.txt,"WordPress Recipes Blog Plugin 'id' Parameter - SQL Injection",2008-02-18,S@BUN,php,webapps,0 -31229,platforms/php/webapps/31229.txt,"ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2008-02-18,L4teral,php,webapps,0 +31229,platforms/php/webapps/31229.txt,"ProjectPier 0.8 - Multiple HTML Injection / Cross-site Scripting Vulnerabilities",2008-02-18,L4teral,php,webapps,0 31230,platforms/php/webapps/31230.txt,"WordPress wp-people Plugin 2.0 - 'wp-people-popup.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 31231,platforms/windows/remote/31231.txt,"SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal",2008-02-19,"Luigi Auriemma",windows,remote,0 31232,platforms/multiple/dos/31232.txt,"Foxit WAC Remote Access Server 2.0 Build 3503 - Heap Buffer Overflow",2008-02-16,"Luigi Auriemma",multiple,dos,0 31233,platforms/multiple/webapps/31233.txt,"WebcamXP 3.72.440/4.05.280 beta - /pocketpc camnum Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 31234,platforms/multiple/webapps/31234.txt,"WebcamXP 3.72.440/4.05.280 beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 -31235,platforms/php/webapps/31235.txt,"Jinzora 2.7.5 - index.php Multiple Parameter XSS",2008-02-19,"Alexandr Polyakov",php,webapps,0 +31235,platforms/php/webapps/31235.txt,"Jinzora 2.7.5 - 'index.php' Multiple Parameter XSS",2008-02-19,"Alexandr Polyakov",php,webapps,0 31236,platforms/php/webapps/31236.txt,"Jinzora 2.7.5 - ajax_request.php Multiple Parameter XSS",2008-02-19,"Alexandr Polyakov",php,webapps,0 31237,platforms/php/webapps/31237.txt,"Jinzora 2.7.5 - slim.php Multiple Parameter XSS",2008-02-19,"Alexandr Polyakov",php,webapps,0 31238,platforms/php/webapps/31238.txt,"Jinzora 2.7.5 - popup.php Multiple Parameter XSS",2008-02-19,"Alexandr Polyakov",php,webapps,0 @@ -28162,14 +28162,14 @@ id,file,description,date,author,platform,type,port 31276,platforms/asp/webapps/31276.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - Labels.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31277,platforms/php/webapps/31277.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - ClassList.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 31278,platforms/php/webapps/31278.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - GradebookStuScores.asp GrdBk Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 -31279,platforms/multiple/remote/31279.txt,"IBM Lotus Quickr QuickPlace Server 8.0 - Calendar 'Count' Parameter Cross-Site Scripting",2008-02-21,"Nir Goldshlager AVNE",multiple,remote,0 +31279,platforms/multiple/remote/31279.txt,"IBM Lotus Quickr QuickPlace Server 8.0 - Calendar 'Count' Parameter Cross-site Scripting",2008-02-21,"Nir Goldshlager AVNE",multiple,remote,0 31280,platforms/php/webapps/31280.txt,"Joomla! and Mambo Referenzen Component - 'id' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31281,platforms/php/webapps/31281.txt,"PHP-Nuke Classifieds Module - 'Details' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31282,platforms/php/webapps/31282.txt,"XOOPS Tiny Event 1.01 - 'print' Option SQL Injection",2008-02-21,S@BUN,php,webapps,0 31283,platforms/php/webapps/31283.txt,"PHP-Nuke Downloads Module - 'sid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31284,platforms/php/webapps/31284.txt,"XOOPS 'prayerlist' Module - 'cid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31285,platforms/multiple/dos/31285.txt,"Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities",2008-02-21,"Luigi Auriemma",multiple,dos,0 -31286,platforms/asp/webapps/31286.txt,"Citrix MetaFrame Web Manager - 'login.asp' Cross-Site Scripting",2008-02-22,Handrix,asp,webapps,0 +31286,platforms/asp/webapps/31286.txt,"Citrix MetaFrame Web Manager - 'login.asp' Cross-site Scripting",2008-02-22,Handrix,asp,webapps,0 31287,platforms/php/webapps/31287.txt,"PHP-Nuke Recipe Module 1.3 - 'recipeid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31288,platforms/php/webapps/31288.txt,"Joomla! and Mambo 'com_hello_world' Component - 'id' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31289,platforms/php/webapps/31289.txt,"PHP-Nuke Gallery 1.3 Module - 'artid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 @@ -28181,39 +28181,39 @@ id,file,description,date,author,platform,type,port 31295,platforms/php/webapps/31295.txt,"Joomla! and Mambo 'com_wines' 1.0 Component - 'id' Parameter SQL Injection",2008-02-25,S@BUN,php,webapps,0 31296,platforms/php/webapps/31296.txt,"Galore Simple Shop 3.1 - 'section' Parameter SQL Injection",2008-02-25,S@BUN,php,webapps,0 31297,platforms/php/webapps/31297.txt,"PHP-Nuke Sell Module - 'cid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 -31298,platforms/hardware/remote/31298.txt,"Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-Site Scripting",2008-02-25,nnposter,hardware,remote,0 -31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-Site Scripting",2008-02-25,nnposter,jsp,webapps,0 +31298,platforms/hardware/remote/31298.txt,"Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-site Scripting",2008-02-25,nnposter,hardware,remote,0 +31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-site Scripting",2008-02-25,nnposter,jsp,webapps,0 31300,platforms/windows/dos/31300.txt,"SurgeMail and WebMail 3.0 - 'Page' Command Remote Format String",2008-02-25,"Luigi Auriemma",windows,dos,0 31301,platforms/windows/dos/31301.txt,"SurgeMail 3.0 - Real CGI executables Remote Buffer Overflow",2008-02-25,"Luigi Auriemma",windows,dos,0 31302,platforms/windows/dos/31302.txt,"SurgeFTP 2.3a2 - 'Content-Length' Parameter NULL Pointer Denial Of Service",2008-02-25,"Luigi Auriemma",windows,dos,0 31303,platforms/php/webapps/31303.txt,"Joomla! and Mambo 'com_inter' Component - 'id' Parameter SQL Injection",2008-02-25,The-0utl4w,php,webapps,0 -31304,platforms/php/webapps/31304.txt,"Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-Site Scripting",2008-02-21,"Omer Singer",php,webapps,0 +31304,platforms/php/webapps/31304.txt,"Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-site Scripting",2008-02-21,"Omer Singer",php,webapps,0 31308,platforms/android/dos/31308.html,"Android Web Browser - BMP File Integer Overflow",2008-03-04,"Alfredo Ortega",android,dos,0 31309,platforms/linux/remote/31309.c,"Ghostscript 8.0.1/8.15 - zseticcspace() Function Buffer Overflow",2008-02-27,"Will Drewry",linux,remote,0 31310,platforms/windows/dos/31310.txt,"Trend Micro OfficeScan - Buffer Overflow and Denial of Service",2008-02-27,"Luigi Auriemma",windows,dos,0 -31311,platforms/hardware/remote/31311.txt,"Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross-Site Scripting",2008-02-28,"Richard Brain",hardware,remote,0 +31311,platforms/hardware/remote/31311.txt,"Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross-site Scripting",2008-02-28,"Richard Brain",hardware,remote,0 31312,platforms/php/webapps/31312.txt,"Barryvan Compo Manager 0.3 - 'main.php' Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 31313,platforms/cgi/webapps/31313.txt,"Juniper Networks Secure Access 2000 Web - Root Path Disclosure",2008-02-28,"Richard Brain",cgi,webapps,0 -31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - 'username' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 -31315,platforms/php/webapps/31315.txt,"XRms 1.99.2 - CRM 'msg' Parameter Cross-Site Scripting",2008-02-28,vijayv,php,webapps,0 -31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 +31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - 'username' Parameter Multiple Cross-site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 +31315,platforms/php/webapps/31315.txt,"XRms 1.99.2 - CRM 'msg' Parameter Cross-site Scripting",2008-02-28,vijayv,php,webapps,0 +31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 - color_picker.php Multiple Cross-site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 31317,platforms/php/webapps/31317.txt,"netOffice Dwins 1.3 - Authentication Bypass and Arbitrary File Upload",2008-02-29,RawSecurity.org,php,webapps,0 -31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 - index.php Local File Inclusion",2008-02-29,JosS,php,webapps,0 -31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts gallery 0.x - index.php Cross-Site Scripting",2008-02-29,ZoRLu,php,webapps,0 +31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 - 'index.php' Local File Inclusion",2008-02-29,JosS,php,webapps,0 +31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts gallery 0.x - 'index.php' Cross-site Scripting",2008-02-29,ZoRLu,php,webapps,0 31320,platforms/php/webapps/31320.txt,"phpMyTourney 2 - tourney/index.php Remote File Inclusion",2008-02-29,"HACKERS PAL",php,webapps,0 31321,platforms/php/webapps/31321.txt,"Heathco Software h2desk - Multiple Information Disclosure Vulnerabilities",2008-03-01,joseph.giron13,php,webapps,0 31322,platforms/php/webapps/31322.txt,"PHP-Nuke Johannes Hass 'gaestebuch 2.2 Module - 'id' Parameter SQL Injection",2008-03-01,TurkishWarriorr,php,webapps,0 31323,platforms/windows/dos/31323.c,"ADI Convergence Galaxy FTP Server Password - Remote Denial of Service",2008-03-01,"Maks M",windows,dos,0 31324,platforms/php/webapps/31324.txt,"KC Wiki 1.0 - minimal/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 31325,platforms/php/webapps/31325.txt,"KC Wiki 1.0 - simplest/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 -31326,platforms/php/webapps/31326.txt,"Flyspray 0.9.9 - Information Disclosure/HTML Injection/Cross-Site Scripting",2008-03-03,"Digital Security Research Group",php,webapps,0 +31326,platforms/php/webapps/31326.txt,"Flyspray 0.9.9 - Information Disclosure/HTML Injection/Cross-site Scripting",2008-03-03,"Digital Security Research Group",php,webapps,0 31327,platforms/multiple/dos/31327.txt,"Borland StarTeam 2008 10.0.57 - Multiple Remote Vulnerabilities",2008-03-03,"Luigi Auriemma",multiple,dos,0 31328,platforms/php/webapps/31328.txt,"TorrentTrader 1.08 - 'msg' Parameter HTML Injection",2008-03-03,Dominus,php,webapps,0 31329,platforms/multiple/webapps/31329.txt,"MediaWiki 1.22.1 PdfHandler - Remote Code Execution Exploit",2014-02-01,@u0x,multiple,webapps,0 31337,platforms/php/webapps/31337.txt,"WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection",2007-06-25,Lupton,php,webapps,0 31338,platforms/windows/dos/31338.txt,"Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities",2008-03-05,"Luigi Auriemma",windows,dos,0 31339,platforms/php/webapps/31339.txt,"PHP-Nuke Yellow_Pages Module - 'cid' Parameter SQL Injection",2008-03-05,ZoRLu,php,webapps,0 -31340,platforms/hardware/remote/31340.html,"Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-Site Scripting",2008-03-06,"Henri Lindberg",hardware,remote,0 +31340,platforms/hardware/remote/31340.html,"Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-site Scripting",2008-03-06,"Henri Lindberg",hardware,remote,0 31341,platforms/php/webapps/31341.txt,"Yap Blog 1.1 - 'index.php' Remote File Inclusion",2008-03-06,THE_MILLER,php,webapps,0 31342,platforms/hardware/remote/31342.txt,"Airspan ProST WiMAX Device - Web Interface Authentication Bypass",2008-03-06,"Francis Lacoste-Cordeau",hardware,remote,0 31343,platforms/multiple/dos/31343.txt,"Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow",2008-03-06,"Chris Evans",multiple,dos,0 @@ -28234,16 +28234,16 @@ id,file,description,date,author,platform,type,port 31359,platforms/windows/remote/31359.html,"Microsoft Internet Explorer 7.0 - Combined JavaScript and XML Remote Information Disclosure",2008-03-07,"Ronald van den Heetkamp",windows,remote,0 31360,platforms/windows/dos/31360.txt,"MailEnable 3.13 - IMAP Service Multiple Remote Vulnerabilities",2008-03-07,"Luigi Auriemma",windows,dos,0 31361,platforms/windows/dos/31361.txt,"Microsoft Office 2000/2003/2004/XP - File Memory Corruption",2008-03-07,anonymous,windows,dos,0 -31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting",2008-03-07,NetJackal,multiple,remote,0 +31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 - 404 Error Page Cross-site Scripting",2008-03-07,NetJackal,multiple,remote,0 31363,platforms/windows/dos/31363.txt,"Panda Internet Security/Antivirus+Firewall 2008 - CPoint.sys Memory Corruption",2008-03-08,"Tobias Klein",windows,dos,0 31364,platforms/hardware/remote/31364.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection",2008-03-08,nnposter,hardware,remote,0 31365,platforms/php/webapps/31365.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath Parameter XSS",2008-03-08,nnposter,php,webapps,0 31366,platforms/php/webapps/31366.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath.0 Parameter Arbitrary File Access",2008-03-08,nnposter,php,webapps,0 -31367,platforms/php/webapps/31367.txt,"Batchelor Media BM Classifieds - Multiple SQL Injection",2008-03-09,xcorpitx,php,webapps,0 +31367,platforms/php/webapps/31367.txt,"Batchelor Media BM Classifieds - Multiple SQL Injections",2008-03-09,xcorpitx,php,webapps,0 31368,platforms/php/webapps/31368.txt,"PHP-Nuke 4nAlbum Module 0.92 - 'pid' Parameter SQL Injection",2008-03-10,meloulisi,php,webapps,0 31369,platforms/php/webapps/31369.txt,"Gallarific - search.php query Parameter XSS",2008-03-10,ZoRLu,php,webapps,0 31370,platforms/php/webapps/31370.txt,"Gallarific - Multiple Script Direct Request Authentication Bypass",2008-03-10,ZoRLu,php,webapps,0 -31371,platforms/php/webapps/31371.txt,"EasyImageCatalogue 1.31 - index.php Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31371,platforms/php/webapps/31371.txt,"EasyImageCatalogue 1.31 - 'index.php' Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31372,platforms/php/webapps/31372.txt,"EasyImageCatalogue 1.31 - thumber.php dir Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31373,platforms/php/webapps/31373.txt,"EasyImageCatalogue 1.31 - describe.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31374,platforms/php/webapps/31374.txt,"EasyImageCatalogue 1.31 - addcomment.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 @@ -28257,40 +28257,40 @@ id,file,description,date,author,platform,type,port 31382,platforms/php/webapps/31382.txt,"Joomla! and Mambo 'ensenanzas' Component - 'id' Parameter SQL Injection",2008-03-11,The-0utl4w,php,webapps,0 31383,platforms/php/webapps/31383.txt,"PHP-Nuke NukeC30 3.0 Module - 'id_catg' Parameter SQL Injection",2008-03-11,Houssamix,php,webapps,0 31384,platforms/php/webapps/31384.txt,"PHP-Nuke zClassifieds Module - 'cat' Parameter SQL Injection",2008-03-11,Lovebug,php,webapps,0 -31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - (.m3u) SEH Buffer Overflow ASLR+DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 +31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - '.m3u' SEH Buffer Overflow ASLR+DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 31387,platforms/php/webapps/31387.txt,"Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Inclusion",2008-03-12,muuratsalo,php,webapps,0 31388,platforms/php/webapps/31388.txt,"Travelsized CMS 0.4.1 - 'index.php' Multiple Local File Inclusion",2008-03-12,muuratsalo,php,webapps,0 31389,platforms/php/webapps/31389.txt,"Chris LaPointe Download Center 1.2 - login Action Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31390,platforms/php/webapps/31390.txt,"Chris LaPointe Download Center 1.2 - browse Action category Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31391,platforms/php/webapps/31391.txt,"Chris LaPointe Download Center 1.2 - search_results Action search Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31392,platforms/php/webapps/31392.txt,"MAXdev My eGallery Module 3.04 - For Xoops 'gid' Parameter SQL Injection",2008-03-12,S@BUN,php,webapps,0 -31393,platforms/php/webapps/31393.txt,"Jeebles Directory 2.9.60 - Multiple Cross-Site Scripting Vulnerabilities",2008-03-12,ZoRLu,php,webapps,0 +31393,platforms/php/webapps/31393.txt,"Jeebles Directory 2.9.60 - Multiple Cross-site Scripting Vulnerabilities",2008-03-12,ZoRLu,php,webapps,0 31394,platforms/windows/dos/31394.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSuserCGI.exe' Multiple Remote Vulnerabilities",2008-03-12,felix,windows,dos,0 31395,platforms/windows/remote/31395.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSUserCGI.exe Help Facility XSS",2008-03-12,felix,windows,remote,0 31396,platforms/linux/remote/31396.txt,"Lighttpd 1.4.x - mod_userdir Information Disclosure",2008-03-12,julien.cayzac,linux,remote,0 31696,platforms/windows/dos/31696.txt,"Computer Associates eTrust Secure Content Manager 8.0 - 'eCSqdmn' Remote Denial of Service",2008-04-22,"Luigi Auriemma",windows,dos,0 -31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 - 'addevent.php' Cross-Site Scripting",2008-04-23,"Aria-Security Team",php,webapps,0 -31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 +31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 - 'addevent.php' Cross-site Scripting",2008-04-23,"Aria-Security Team",php,webapps,0 +31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-site Scripting",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI Redirection",2008-04-23,"Richard Brain",windows,remote,0 31461,platforms/windows/dos/31461.txt,"Publish-It 3.6d - Buffer Overflow",2014-02-06,"Core Security",windows,dos,0 31399,platforms/windows/dos/31399.txt,"McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String",2008-03-12,"Luigi Auriemma",windows,dos,0 31400,platforms/php/webapps/31400.txt,"XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection",2008-03-12,S@BUN,php,webapps,0 31401,platforms/php/webapps/31401.txt,"Acyhost - 'index.php' Remote File Inclusion",2008-03-12,U238,php,webapps,0 -31402,platforms/php/webapps/31402.txt,"eWeather - 'chart' Parameter Cross-Site Scripting",2008-03-12,NetJackal,php,webapps,0 +31402,platforms/php/webapps/31402.txt,"eWeather - 'chart' Parameter Cross-site Scripting",2008-03-12,NetJackal,php,webapps,0 31403,platforms/unix/dos/31403.txt,"ZABBIX 1.1x/1.4.x - File Checksum Request Denial of Service",2008-03-13,"Milen Rangelov",unix,dos,0 31404,platforms/asp/webapps/31404.txt,"Virtual Support Office XP 2 - 'MyIssuesView.asp' SQL Injection",2008-03-13,The-0utl4w,asp,webapps,0 31405,platforms/windows/remote/31405.c,"XnView 1.92.1 - Command-Line Arguments Buffer Overflow",2014-02-05,"Sylvain THUAL",windows,remote,0 -31406,platforms/php/webapps/31406.txt,"SNewsCMS 2.x - 'search.php' Cross-Site Scripting",2008-03-17,medprostuda.ru,php,webapps,0 +31406,platforms/php/webapps/31406.txt,"SNewsCMS 2.x - 'search.php' Cross-site Scripting",2008-03-17,medprostuda.ru,php,webapps,0 31407,platforms/windows/remote/31407.txt,"MG-SOFT Net Inspector 6.5.0.826 - Multiple Remote Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 -31408,platforms/php/webapps/31408.txt,"Cfnetgs 0.24 - 'index.php' Cross-Site Scripting",2008-03-17,ZoRLu,php,webapps,0 +31408,platforms/php/webapps/31408.txt,"Cfnetgs 0.24 - 'index.php' Cross-site Scripting",2008-03-17,ZoRLu,php,webapps,0 31409,platforms/windows/remote/31409.txt,"BootManage TFTP Server 1.99 - 'filename' Remote Buffer Overflow",2008-03-17,"Luigi Auriemma",windows,remote,0 31410,platforms/php/webapps/31410.txt,"Joomla! and Mambo 'com_guide' Component - 'category' Parameter SQL Injection",2008-03-17,The-0utl4w,php,webapps,0 -31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting",2008-03-17,quentin.berdugo,cgi,webapps,0 +31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-site Scripting",2008-03-17,quentin.berdugo,cgi,webapps,0 31412,platforms/osx/remote/31412.txt,"Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 -31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-Site Scripting",2008-03-17,Berezniski,asp,webapps,0 -31414,platforms/php/webapps/31414.txt,"phpstats 0.1_alpha - 'phpstats.php' Cross-Site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 -31415,platforms/php/webapps/31415.txt,"eForum 0.4 - 'busca.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 -31416,platforms/php/webapps/31416.txt,"webSPELL 4.1.2 - 'index.php' Cross-Site Scripting",2008-03-18,n3w7u,php,webapps,0 +31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-site Scripting",2008-03-17,Berezniski,asp,webapps,0 +31414,platforms/php/webapps/31414.txt,"phpstats 0.1_alpha - 'phpstats.php' Cross-site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 +31415,platforms/php/webapps/31415.txt,"eForum 0.4 - 'busca.php' Multiple Cross-site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 +31416,platforms/php/webapps/31416.txt,"webSPELL 4.1.2 - 'index.php' Cross-site Scripting",2008-03-18,n3w7u,php,webapps,0 31418,platforms/php/webapps/31418.txt,"Job Site 1.0 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31419,platforms/php/webapps/31419.txt,"TopicsViewer 3.0 Beta 1 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31420,platforms/php/webapps/31420.txt,"Eventy Online Scheduler 1.8 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 @@ -28308,16 +28308,16 @@ id,file,description,date,author,platform,type,port 31434,platforms/java/remote/31434.rb,"Apache Struts - Developer Mode OGNL Execution",2014-02-05,Metasploit,java,remote,8080 31435,platforms/php/webapps/31435.py,"Joomla JomSocial Component 2.6 - Code Execution Exploit",2014-02-05,"Matias Fontanini",php,webapps,80 31436,platforms/php/webapps/31436.txt,"Pandora Fms 5.0RC1 - Remote Command Injection",2014-02-05,xistence,php,webapps,80 -31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 - Multiple Parameters Multiple Cross-Site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 +31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 - Multiple Parameters Multiple Cross-site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 31439,platforms/php/webapps/31439.txt,"cPanel 11.18.3 - List Directories and Folders Information Disclosure",2008-03-18,Linux_Drox,php,webapps,0 31440,platforms/linux/dos/31440.txt,"Asterisk 1.4.x - RTP Codec Payload Handling Multiple Buffer Overflow Vulnerabilities",2008-03-18,"Mu Security research",linux,dos,0 31441,platforms/php/webapps/31441.txt,"MyBlog 1.x - SQL Injection / Remote File Inclusion",2008-03-19,Cod3rZ,php,webapps,0 31442,platforms/asp/webapps/31442.txt,"Iatek PortalApp 4.0 - 'links.asp' SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 -31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 - 'index.php' Cross-Site Scripting",2008-03-19,sasquatch,php,webapps,0 +31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 - 'index.php' Cross-site Scripting",2008-03-19,sasquatch,php,webapps,0 31444,platforms/linux/dos/31444.txt,"MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service",2007-12-05,"Masaaki HIROSE",linux,dos,0 31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - manager/fileManager.jsp dir Variable Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 -31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 +31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross-site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 31448,platforms/php/webapps/31448.txt,"Joomla! and Mambo Datsogallery 1.3.1 Component - 'id' Parameter SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 31449,platforms/php/webapps/31449.txt,"W-Agora 4.0 - add_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 31450,platforms/php/webapps/31450.txt,"W-Agora 4.0 - create_forum.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 @@ -28333,11 +28333,11 @@ id,file,description,date,author,platform,type,port 31460,platforms/windows/local/31460.txt,"Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation",2014-02-06,LiquidWorm,windows,local,0 31469,platforms/php/webapps/31469.txt,"ooComments 1.0 - classes/class_admin.php PathToComment Parameter Remote File Inclusion",2008-03-22,ZoRLu,php,webapps,0 31470,platforms/php/webapps/31470.txt,"ooComments 1.0 - classes/class_comments.php PathToComment Parameter Remote File Inclusion",2008-03-22,ZoRLu,php,webapps,0 -31471,platforms/php/webapps/31471.txt,"TinyPortal 0.8.6/1.0.3 - 'index.php' Cross-Site Scripting",2008-03-22,Y433r,php,webapps,0 -31472,platforms/php/webapps/31472.txt,"cPanel 11.18.3/11.21 - 'manpage.html' Cross-Site Scripting",2008-03-22,Linux_Drox,php,webapps,0 +31471,platforms/php/webapps/31471.txt,"TinyPortal 0.8.6/1.0.3 - 'index.php' Cross-site Scripting",2008-03-22,Y433r,php,webapps,0 +31472,platforms/php/webapps/31472.txt,"cPanel 11.18.3/11.21 - 'manpage.html' Cross-site Scripting",2008-03-22,Linux_Drox,php,webapps,0 31473,platforms/osx/remote/31473.html,"Apple Safari 3.1 - Window.setTimeout Variant Content Spoofing",2008-03-22,"Juan Pablo Lopez Yacubian",osx,remote,0 31474,platforms/windows/remote/31474.py,"Mitsubishi Electric GB-50A - Multiple Remote Authentication Bypass Vulnerabilities",2008-03-22,"Chris Withers",windows,remote,0 -31475,platforms/jsp/webapps/31475.txt,"Alkacon OpenCMS 7.0.3 - 'users_list.jsp' Multiple Cross-Site Scripting Vulnerabilities",2008-03-24,nnposter,jsp,webapps,0 +31475,platforms/jsp/webapps/31475.txt,"Alkacon OpenCMS 7.0.3 - 'users_list.jsp' Multiple Cross-site Scripting Vulnerabilities",2008-03-24,nnposter,jsp,webapps,0 31476,platforms/php/webapps/31476.txt,"Efestech E-Kontor - 'id' Parameter SQL Injection",2008-03-24,RMx,php,webapps,0 31477,platforms/multiple/dos/31477.txt,"snircd 1.3.4 And ircu 2.10.12.12 - 'set_user_mode' Remote Denial of Service",2008-03-24,"Chris Porter",multiple,dos,0 31478,platforms/hardware/dos/31478.txt,"Linksys SPA-2102 Phone Adapter Packet Handling - Denial of Service",2008-03-24,sipherr,hardware,dos,0 @@ -28377,16 +28377,16 @@ id,file,description,date,author,platform,type,port 31512,platforms/php/webapps/31512.txt,"Quick Classifieds 1.0 - include/adminHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31513,platforms/php/webapps/31513.txt,"Quick Classifieds 1.0 - include/usersHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31514,platforms/php/webapps/31514.txt,"Quick Classifieds 1.0 - style/default.scheme.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - (geo_zones.php zID param) SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 +31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - (geo_zones.php zID parameter) SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 31516,platforms/php/webapps/31516.txt,"Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities",2014-02-07,"Stefan Schurtz",php,webapps,80 -31517,platforms/php/webapps/31517.txt,"CTERA 3.2.29.0 / 3.2.42.0 - Stored XSS",2014-02-07,"Luigi Vezzoso",php,webapps,80 +31517,platforms/php/webapps/31517.txt,"CTERA 3.2.29.0 / 3.2.42.0 - Persistent Cross-site Scripting",2014-02-07,"Luigi Vezzoso",php,webapps,80 31518,platforms/linux/remote/31518.rb,"Pandora Fms - Remote Code Execution",2014-02-07,Metasploit,linux,remote,8023 31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface - Code Execution",2014-02-07,Metasploit,hardware,remote,0 31520,platforms/php/webapps/31520.txt,"AuraCMS 2.3 - Multiple Vulnerabilities",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31521,platforms/php/webapps/31521.txt,"doorGets CMS 5.2 - SQL Injection",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31522,platforms/windows/dos/31522.py,"OneHTTPD 0.8 - Crash PoC",2014-02-08,"Mahmod Mahajna (Mahy)",windows,dos,80 31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - (.pui) SEH Buffer Overflow",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 -31525,platforms/php/webapps/31525.txt,"MyBB Extended Useradmininfo Plugin 1.2.1 - Cross-Site Scripting",2014-02-09,"Fikri Fadzil",php,webapps,80 +31525,platforms/php/webapps/31525.txt,"MyBB Extended Useradmininfo Plugin 1.2.1 - Cross-site Scripting",2014-02-09,"Fikri Fadzil",php,webapps,80 31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hardcoded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80 31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection",2008-03-25,U238,php,webapps,0 31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0 @@ -28421,12 +28421,12 @@ id,file,description,date,author,platform,type,port 31561,platforms/php/webapps/31561.txt,"Cuteflow Bin 1.5 - pages/showuser.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 31562,platforms/windows/remote/31562.txt,"2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal",2008-03-29,"Luigi Auriemma",windows,remote,0 31563,platforms/windows/dos/31563.txt,"SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service and Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0 -31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-site Scripting",2008-03-31,ZoRLu,php,webapps,0 31565,platforms/php/webapps/31565.txt,"@lex Guestbook 4.0.5 - setup.php language_setup Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 -31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - index.php test Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 -31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 -31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - CSRF",2014-02-11,killall-9,hardware,webapps,80 +31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - 'index.php' test Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 +31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-site Scripting / Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 +31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - Cross-site Request Forgery",2014-02-11,killall-9,hardware,webapps,80 31570,platforms/php/webapps/31570.txt,"WordPress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 31571,platforms/php/webapps/31571.txt,"WordPress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus - (rmdp) 1.5/1.7 Module for XOOPS search.php key Parameter XSS",2008-08-09,Lostmon,php,webapps,0 @@ -28438,7 +28438,7 @@ id,file,description,date,author,platform,type,port 31577,platforms/unix/remote/31577.rb,"Kloxo - SQL Injection / Remote Code Execution",2014-02-11,Metasploit,unix,remote,7778 31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80 31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal",2014-02-11,"Fara Rustein",windows,webapps,0 -31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_guestbook.php' Cross-site Scripting",2008-03-31,ZoRLu,php,webapps,0 31581,platforms/php/webapps/31581.txt,"PhpGKit 0.9 - 'connexion.php' Remote File Inclusion",2008-03-31,ZoRLu,php,webapps,0 31582,platforms/asp/webapps/31582.txt,"EfesTECH Video 5.0 - 'catID' Parameter SQL Injection",2008-03-31,RMx,asp,webapps,0 31583,platforms/windows/remote/31583.txt,"Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure",2008-03-31,"Alexander Klink",windows,remote,0 @@ -28447,44 +28447,44 @@ id,file,description,date,author,platform,type,port 31587,platforms/php/webapps/31587.txt,"EasySite 2.0 - browser.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 31588,platforms/php/webapps/31588.txt,"EasySite 2.0 - image_editor.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 31589,platforms/php/webapps/31589.txt,"EasySite 2.0 - skin_chooser.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 -31590,platforms/php/webapps/31590.txt,"DivXDB 2002 0.94b - Multiple Cross-Site Scripting Vulnerabilities",2008-04-02,ZoRLu,php,webapps,0 +31590,platforms/php/webapps/31590.txt,"DivXDB 2002 0.94b - Multiple Cross-site Scripting Vulnerabilities",2008-04-02,ZoRLu,php,webapps,0 31591,platforms/linux/remote/31591.txt,"LANDesk Management Suite 8.80.1.1 - PXE TFTP Service Directory Traversal",2008-04-02,"Luigi Auriemma",linux,remote,0 31592,platforms/windows/dos/31592.txt,"Microsoft Internet Explorer 8 Beta 1 - XDR Prototype Hijacking Denial of Service",2008-04-02,"The Hacker Webzine",windows,dos,0 31593,platforms/windows/dos/31593.txt,"Microsoft Internet Explorer 8 Beta 1 - 'ieframe.dll' Script Injection",2008-04-02,"The Hacker Webzine",windows,dos,0 31594,platforms/linux/dos/31594.html,"Opera Web Browser 9.26 - Multiple Security Vulnerabilities",2008-04-03,"Michal Zalewski",linux,dos,0 31595,platforms/php/webapps/31595.txt,"Joomla! and Mambo Joomlearn Lms Component - 'cat' Parameter SQL Injection",2008-04-03,The-0utl4w,php,webapps,0 31596,platforms/php/webapps/31596.txt,"mcGallery 1.1 - admin.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31597,platforms/php/webapps/31597.txt,"mcGallery 1.1 - index.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31597,platforms/php/webapps/31597.txt,"mcGallery 1.1 - 'index.php' lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 31598,platforms/php/webapps/31598.txt,"mcGallery 1.1 - sess.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 31599,platforms/php/webapps/31599.txt,"mcGallery 1.1 - stats.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 31600,platforms/php/webapps/31600.txt,"mcGallery 1.1 - detail.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 31601,platforms/php/webapps/31601.txt,"mcGallery 1.1 - resize.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 31602,platforms/php/webapps/31602.txt,"mcGallery 1.1 - show.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31603,platforms/php/webapps/31603.html,"Parallels Virtuozzo Containers 3.0.0-25.4/4.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery",2008-04-03,poplix,php,webapps,0 -31604,platforms/php/webapps/31604.html,"Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-Site Request Forgery",2008-04-03,poplix,php,webapps,0 -31605,platforms/php/webapps/31605.txt,"Poplar Gedcom Viewer 2.0 - Search Page Multiple Cross-Site Scripting Vulnerabilities",2008-04-04,ZoRLu,php,webapps,0 -31606,platforms/php/webapps/31606.txt,"Glossaire 2.0 - 'glossaire.php' Cross-Site Scripting",2008-04-04,ZoRLu,php,webapps,0 +31603,platforms/php/webapps/31603.html,"Parallels Virtuozzo Containers 3.0.0-25.4/4.0.0-365.6 VZPP Interface File Manger - Cross-site Request Forgery",2008-04-03,poplix,php,webapps,0 +31604,platforms/php/webapps/31604.html,"Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-site Request Forgery",2008-04-03,poplix,php,webapps,0 +31605,platforms/php/webapps/31605.txt,"Poplar Gedcom Viewer 2.0 - Search Page Multiple Cross-site Scripting Vulnerabilities",2008-04-04,ZoRLu,php,webapps,0 +31606,platforms/php/webapps/31606.txt,"Glossaire 2.0 - 'glossaire.php' Cross-site Scripting",2008-04-04,ZoRLu,php,webapps,0 31607,platforms/windows/dos/31607.py,"SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial Of Service",2008-04-04,ryujin,windows,dos,0 -31608,platforms/php/webapps/31608.txt,"KwsPHP 1.0 ConcoursPhoto Module - 'VIEW' Parameter Cross-Site Scripting",2008-04-04,"H-T Team",php,webapps,0 +31608,platforms/php/webapps/31608.txt,"KwsPHP 1.0 ConcoursPhoto Module - 'VIEW' Parameter Cross-site Scripting",2008-04-04,"H-T Team",php,webapps,0 31609,platforms/php/webapps/31609.txt,"Nuke ET 3.4 - 'mensaje' Parameter HTML Injection",2008-04-04,"Jose Luis Zayas",php,webapps,0 31610,platforms/php/webapps/31610.txt,"RobotStats 0.1 - graph.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 31611,platforms/php/webapps/31611.txt,"RobotStats 0.1 - robotstats.inc.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 31613,platforms/osx/remote/31613.ics,"Apple iCal 3.0.1 - 'COUNT' Parameter Integer Overflow",2008-04-21,"Core Security Technologies",osx,remote,0 -31614,platforms/php/webapps/31614.txt,"Tiny Portal 1.0 - 'shouts' Cross-Site Scripting",2008-04-04,Y433r,php,webapps,0 +31614,platforms/php/webapps/31614.txt,"Tiny Portal 1.0 - 'shouts' Cross-site Scripting",2008-04-04,Y433r,php,webapps,0 31615,platforms/multiple/dos/31615.rb,"Apache Commons FileUpload and Apache Tomcat - Denial-of-Service",2014-02-12,"Trustwave's SpiderLabs",multiple,dos,0 31616,platforms/php/webapps/31616.txt,"Web Server Creator 0.1 - 'langfile' Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 31617,platforms/hardware/webapps/31617.txt,"NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",hardware,webapps,0 31618,platforms/ios/webapps/31618.txt,"jDisk (stickto) 2.0.3 iOS - Multiple Vulnerabilities",2014-02-12,Vulnerability-Lab,ios,webapps,0 31619,platforms/osx/dos/31619.ics,"Apple iCal 3.0.1 - 'TRIGGER' Parameter Denial of Service",2008-04-21,"Rodrigo Carvalho",osx,dos,0 31620,platforms/osx/dos/31620.ics,"Apple iCal 3.0.1 - 'ATTACH' Parameter Denial Of Service",2008-04-21,"Core Security Technologies",osx,dos,0 -31621,platforms/java/webapps/31621.txt,"Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting",2008-04-07,syniack,java,webapps,0 -31622,platforms/php/webapps/31622.txt,"URLStreet 1.0 - 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-07,ZoRLu,php,webapps,0 +31621,platforms/java/webapps/31621.txt,"Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-site Scripting",2008-04-07,syniack,java,webapps,0 +31622,platforms/php/webapps/31622.txt,"URLStreet 1.0 - 'seeurl.php' Multiple Cross-site Scripting Vulnerabilities",2008-04-07,ZoRLu,php,webapps,0 31623,platforms/php/webapps/31623.txt,"Wikepage Opus 13 2007.2 - 'index.php' Multiple Directory Traversal Vulnerabilities",2008-04-07,A.nosrati,php,webapps,0 31624,platforms/windows/remote/31624.txt,"Microsoft Internet Explorer 7.0 - Header Handling 'res://' Information Disclosure",2008-04-07,"The Hacker Webzine",windows,remote,0 31625,platforms/php/webapps/31625.txt,"Prozilla Gaming Directory 1.0 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 31626,platforms/php/webapps/31626.txt,"Prozilla Software Index 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 31627,platforms/unix/dos/31627.c,"LICQ 1.3.5 - File Descriptor Remote Denial of Service",2008-04-08,"Milen Rangelov",unix,dos,0 -31628,platforms/php/webapps/31628.txt,"Swiki 1.5 - HTML Injection / Cross-Site Scripting",2008-04-08,"Brad Antoniewicz",php,webapps,0 +31628,platforms/php/webapps/31628.txt,"Swiki 1.5 - HTML Injection / Cross-site Scripting",2008-04-08,"Brad Antoniewicz",php,webapps,0 31629,platforms/windows/dos/31629.txt,"HP OpenView Network Node Manager 7.x - 'ovspmd' Buffer Overflow",2008-04-08,"Luigi Auriemma",windows,dos,0 31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 31631,platforms/php/webapps/31631.txt,"Pragmatic Utopia PU Arcade 2.2 - 'gid' Parameter SQL Injection",2008-04-09,MantiS,php,webapps,0 @@ -28497,7 +28497,7 @@ id,file,description,date,author,platform,type,port 31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 31639,platforms/php/webapps/31639.txt,"Trillian 3.1.9 - DTD File XML Parser Buffer Overflow",2008-04-11,david130490,php,webapps,0 31640,platforms/php/webapps/31640.txt,"osCommerce Poll Booth 2.0 AddOn - 'pollbooth.php' SQL Injection",2008-04-13,S@BUN,php,webapps,0 -31641,platforms/java/webapps/31641.txt,"Business Objects Infoview - 'cms' Parameter Cross-Site Scripting",2008-04-14,"Sebastien gioria",java,webapps,0 +31641,platforms/java/webapps/31641.txt,"Business Objects Infoview - 'cms' Parameter Cross-site Scripting",2008-04-14,"Sebastien gioria",java,webapps,0 31643,platforms/windows/local/31643.rb,"Easy CD-DA Recorder - (.pls) Buffer Overflow",2014-02-13,Metasploit,windows,local,0 31644,platforms/asp/webapps/31644.txt,"Cezanne 6.5.1/7 - CFLookUP.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31645,platforms/asp/webapps/31645.txt,"Cezanne 6.5.1/7 - CznCustomContainer.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 @@ -28505,16 +28505,16 @@ id,file,description,date,author,platform,type,port 31647,platforms/multiple/webapps/31647.txt,"CA 2E Web Option 8.1.2 - Authentication Bypass",2014-02-13,"Mike Emery",multiple,webapps,0 31648,platforms/asp/webapps/31648.txt,"Cezanne 7 - CFLookup.asp FUNID Parameter SQL Injection",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31649,platforms/asp/webapps/31649.txt,"Cezanne 7 - CznCommon/CznCustomContainer.asp FUNID Parameter SQL Injection",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 -31650,platforms/asp/webapps/31650.txt,"Cezanne Software 6.5.1/7 - 'CFLogon.asp' Cross-Site Scripting",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 +31650,platforms/asp/webapps/31650.txt,"Cezanne Software 6.5.1/7 - 'CFLogon.asp' Cross-site Scripting",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31651,platforms/php/webapps/31651.txt,"amfphp 1.2 - browser/methodTable.php class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 31652,platforms/php/webapps/31652.txt,"amfphp 1.2 - browser/code.php Multiple Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 31653,platforms/php/webapps/31653.txt,"amfphp 1.2 - browser/details class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 31654,platforms/php/webapps/31654.txt,"W2B Online Banking - 'ilang' Parameter Remote File Inclusion",2008-04-15,THuM4N,php,webapps,0 31655,platforms/php/webapps/31655.txt,"Istant-Replay - 'read.php' Remote File Inclusion",2008-04-15,THuGM4N,php,webapps,0 31656,platforms/windows/dos/31656.txt,"ICQ 6 - 'Personal Status Manager' Remote Buffer Overflow",2008-04-16,"Leon Juranic",windows,dos,0 -31657,platforms/php/webapps/31657.txt,"Blogator-script 0.95 - 'bs_auth.php' Cross-Site Scripting",2008-04-16,ZoRLu,php,webapps,0 -31658,platforms/php/webapps/31658.txt,"MyBoard 1.0.12 - 'rep.php' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 -31659,platforms/php/webapps/31659.txt,"Php-Stats 0.1.9.1 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-17,ZoRLu,php,webapps,0 +31657,platforms/php/webapps/31657.txt,"Blogator-script 0.95 - 'bs_auth.php' Cross-site Scripting",2008-04-16,ZoRLu,php,webapps,0 +31658,platforms/php/webapps/31658.txt,"MyBoard 1.0.12 - 'rep.php' Cross-site Scripting",2008-04-17,ZoRLu,php,webapps,0 +31659,platforms/php/webapps/31659.txt,"Php-Stats 0.1.9.1 - 'admin.php' Multiple Cross-site Scripting Vulnerabilities",2008-04-17,ZoRLu,php,webapps,0 31660,platforms/php/webapps/31660.txt,"EsContacts 1.0 - add_groupe.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 31661,platforms/php/webapps/31661.txt,"EsContacts 1.0 - contacts.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 31662,platforms/php/webapps/31662.txt,"EsContacts 1.0 - groupes.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 @@ -28523,19 +28523,19 @@ id,file,description,date,author,platform,type,port 31665,platforms/php/webapps/31665.txt,"EsContacts 1.0 - search.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 31666,platforms/asp/webapps/31666.txt,"CoBaLT 2.0 - 'adminler.asp' SQL Injection",2008-04-17,U238,asp,webapps,0 31667,platforms/windows/local/31667.txt,"Microsoft Windows SeImpersonatePrivilege - Local Privilege Escalation",2008-04-17,"Cesar Cerrudo",windows,local,0 -31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 - Multiple SQL Injection",2008-04-18,ZoRLu,php,webapps,0 -31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-Site Scripting",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 +31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 - Multiple SQL Injections",2008-04-18,ZoRLu,php,webapps,0 +31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-site Scripting",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 31670,platforms/php/webapps/31670.txt,"WordPress 2.3.3 - 'cat' Parameter Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 - admin.php Administrator Account Creation CSRF",2008-04-18,"Michael Brooks",php,webapps,0 -31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 beta 2 - Cross-Site Request Forgery",2008-04-18,th3.r00k,php,webapps,0 -31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery",2008-04-18,th3.r00k,multiple,webapps,0 +31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 beta 2 - Cross-site Request Forgery",2008-04-18,th3.r00k,php,webapps,0 +31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 - Cross-site Request Forgery",2008-04-18,th3.r00k,multiple,webapps,0 31674,platforms/php/webapps/31674.txt,"XOOPS Recette 2.2 - 'detail.php' SQL Injection",2008-04-19,S@BUN,php,webapps,0 31675,platforms/php/webapps/31675.txt,"Chimaera Project Aterr 0.9.1 - Multiple Local File Inclusion",2008-04-19,KnocKout,php,webapps,0 31676,platforms/php/webapps/31676.txt,"Host Directory PRO - Cookie Security Bypass",2008-04-20,Crackers_Child,php,webapps,0 -31677,platforms/php/webapps/31677.txt,"Advanced Electron Forum 1.0.6 - 'beg' Parameter Cross-Site Scripting",2008-04-21,ZoRLu,php,webapps,0 +31677,platforms/php/webapps/31677.txt,"Advanced Electron Forum 1.0.6 - 'beg' Parameter Cross-site Scripting",2008-04-21,ZoRLu,php,webapps,0 31678,platforms/php/webapps/31678.txt,"SMF 1.1.4 - Audio CAPTCHA Security Bypass",2008-04-21,"Michael Brooks",php,webapps,0 31679,platforms/php/webapps/31679.txt,"PortailPHP 2.0 - 'mod_search' Remote File Inclusion",2008-04-21,ZoRLu,php,webapps,0 -31714,platforms/php/webapps/31714.txt,"C-News 1.0.1 - 'install.php' Cross-Site Scripting",2008-04-30,ZoRLu,php,webapps,0 +31714,platforms/php/webapps/31714.txt,"C-News 1.0.1 - 'install.php' Cross-site Scripting",2008-04-30,ZoRLu,php,webapps,0 31715,platforms/multiple/remote/31715.pl,"Castle Rock Computing SNMPc 7.0.19 - Community String Stack Based Buffer Overflow",2008-11-11,"raveen Darshanam",multiple,remote,0 31681,platforms/php/webapps/31681.py,"XOOPS 2.0.14 Article Module - 'article.php' SQL Injection",2008-04-21,Cr@zy_King,php,webapps,0 31682,platforms/php/webapps/31682.txt,"S9Y Serendipity 1.3 - Referer HTTP Header XSS",2008-04-22,"Hanno Boeck",php,webapps,0 @@ -28543,36 +28543,36 @@ id,file,description,date,author,platform,type,port 31686,platforms/multiple/webapps/31686.py,"Dexter (CasinoLoader) Panel - SQL Injection",2014-02-16,bwall,multiple,webapps,80 31688,platforms/windows/local/31688.pl,"ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)",2014-02-16,"Mike Czumak",windows,local,0 31689,platforms/windows/remote/31689.py,"HP Data Protector - EXEC_BAR Remote Command Execution",2014-02-16,"Chris Graham",windows,remote,5555 -31690,platforms/hardware/webapps/31690.txt,"Trendchip HG520 ADSL2+ Wireless Modem - CSRF",2014-02-16,"Dhruv Shah",hardware,webapps,80 +31690,platforms/hardware/webapps/31690.txt,"Trendchip HG520 ADSL2+ Wireless Modem - Cross-site Request Forgery",2014-02-16,"Dhruv Shah",hardware,webapps,80 31691,platforms/ios/webapps/31691.txt,"Office Assistant Pro 2.2.2 iOS - File Include",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31692,platforms/ios/webapps/31692.txt,"mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31693,platforms/ios/webapps/31693.txt,"File Hub 1.9.1 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31694,platforms/windows/remote/31694.py,"Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID Buffer Overflow",2014-02-16,"Muhammad EL Harmeel",windows,remote,0 31695,platforms/php/remote/31695.rb,"Dexter (CasinoLoader) - SQL Injection",2014-02-16,Metasploit,php,remote,0 31702,platforms/php/webapps/31702.txt,"PHP-Nuke DownloadsPlus Module - Arbitrary File Upload",2008-04-24,ZoRLu,php,webapps,0 -31703,platforms/php/webapps/31703.txt,"Pixel Motion Blog - 'list_article.php' Cross-Site Scripting",2008-04-24,ZoRLu,php,webapps,0 +31703,platforms/php/webapps/31703.txt,"Pixel Motion Blog - 'list_article.php' Cross-site Scripting",2008-04-24,ZoRLu,php,webapps,0 31704,platforms/php/webapps/31704.txt,"PHCDownload 1.1 - admin/index.php hash Parameter SQL Injection",2008-04-24,ZoRLu,php,webapps,0 31705,platforms/php/webapps/31705.txt,"PHCDownload 1.1 - upload/install/index.php step Parameter XSS",2008-04-24,ZoRLu,php,webapps,0 31706,platforms/unix/remote/31706.txt,"IBM Lotus Expeditor 6.1 - URI Handler Command Execution",2008-04-24,"Thomas Pollet",unix,remote,0 31707,platforms/windows/dos/31707.txt,"Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service",2008-04-24,"Luigi Auriemma",windows,dos,0 31708,platforms/php/webapps/31708.txt,"Joomla Visites 1.1 - Component mosConfig_absolute_path Remote File Inclusion",2008-04-26,NoGe,php,webapps,0 -31709,platforms/php/webapps/31709.txt,"Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting and Local File Inclusion",2008-04-26,"Khashayar Fereidani",php,webapps,0 +31709,platforms/php/webapps/31709.txt,"Siteman 2.0.x2 - 'module' Parameter Cross-site Scripting and Local File Inclusion",2008-04-26,"Khashayar Fereidani",php,webapps,0 31710,platforms/novell/dos/31710.txt,"Novell GroupWise 7.0 - HTML Injection / Denial of Service",2008-04-26,"Juan Pablo Lopez Yacubian",novell,dos,0 31711,platforms/windows/dos/31711.html,"Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service",2008-04-26,"Juan Pablo Lopez Yacubian",windows,dos,0 -31712,platforms/php/webapps/31712.txt,"miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting",2008-04-28,"Khashayar Fereidani",php,webapps,0 +31712,platforms/php/webapps/31712.txt,"miniBB 2.2 - 'bb_admin.php' Cross-site Scripting",2008-04-28,"Khashayar Fereidani",php,webapps,0 31713,platforms/linux/dos/31713.py,"PeerCast 0.1218 - 'getAuthUserPass' Multiple Buffer Overflow Vulnerabilities",2008-04-29,"Nico Golde",linux,dos,0 31716,platforms/php/webapps/31716.txt,"VWar 1.6.1 R2 - Multiple Remote Vulnerabilities",2008-05-01,"Darren McDonald",php,webapps,0 -31717,platforms/php/webapps/31717.txt,"MJGUEST 6.7 - QT 'mjguest.php' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 -31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 - 'username' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 +31717,platforms/php/webapps/31717.txt,"MJGUEST 6.7 - QT 'mjguest.php' Cross-site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 +31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 - 'username' Cross-site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 31719,platforms/php/webapps/31719.pl,"KnowledgeQuest 2.6 - Administration Multiple Authentication Bypass Vulnerabilities",2008-05-02,Cod3rZ,php,webapps,0 -31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 +31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 31721,platforms/php/webapps/31721.txt,"EJ3 BlackBook 1.0 - footer.php Multiple Parameter XSS",2008-05-02,"Khashayar Fereidani",php,webapps,0 31722,platforms/php/webapps/31722.txt,"EJ3 BlackBook 1.0 - header.php Multiple Parameter XSS",2008-05-02,"Khashayar Fereidani",php,webapps,0 31723,platforms/php/webapps/31723.txt,"Alumni 1.0.8/1.0.9 - info.php id Parameter SQL Injection",2008-05-02,hadihadi,php,webapps,0 -31724,platforms/php/webapps/31724.txt,"Alumni 1.0.8/1.0.9 - index.php year Parameter XSS",2008-05-02,hadihadi,php,webapps,0 -31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 - index.php keyword Parameter SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 -31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 - index.php keyword Parameter XSS",2008-05-02,"Ivan Sanchez",php,webapps,0 -31727,platforms/php/webapps/31727.txt,"ChiCoMaS 2.0.4 - 'index.php' Cross-Site Scripting",2008-05-02,"Hadi Kiamarsi",php,webapps,0 +31724,platforms/php/webapps/31724.txt,"Alumni 1.0.8/1.0.9 - 'index.php' year Parameter XSS",2008-05-02,hadihadi,php,webapps,0 +31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 - 'index.php' keyword Parameter SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 +31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 - 'index.php' keyword Parameter XSS",2008-05-02,"Ivan Sanchez",php,webapps,0 +31727,platforms/php/webapps/31727.txt,"ChiCoMaS 2.0.4 - 'index.php' Cross-site Scripting",2008-05-02,"Hadi Kiamarsi",php,webapps,0 31728,platforms/multiple/dos/31728.txt,"Call of Duty 4 1.5 - Malformed 'stats' command Denial of Service",2008-05-02,"Luigi Auriemma",multiple,dos,0 31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.0.1 - 'upload.php' Arbitrary File Upload",2008-05-03,"Hadi Kiamarsi",php,webapps,0 31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL - php/prenom.php Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 @@ -28581,36 +28581,36 @@ id,file,description,date,author,platform,type,port 31733,platforms/ios/webapps/31733.txt,"My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities",2014-02-18,Vulnerability-Lab,ios,webapps,50496 32240,platforms/php/webapps/32240.txt,"Freeway 1.4.1 - Multiple Input Validation Vulnerabilities",2008-08-13,"Digital Security Research Group",php,webapps,0 31734,platforms/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",php,webapps,80 -31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 - (index.php cID param) SQL Injection",2014-02-18,killall-9,php,webapps,80 +31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 - (index.php cID parameter) SQL Injection",2014-02-18,killall-9,php,webapps,80 31736,platforms/windows/remote/31736.py,"Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow",2014-02-18,Sumit,windows,remote,80 31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports - Remote Code Execution",2014-02-18,Metasploit,windows,remote,0 -31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address param) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 +31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address parameter) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 - 'index.php' Multiple SQL Injection",2008-05-05,ZoRLu,php,webapps,0 -31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 - 'admin.php' Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 -31741,platforms/php/webapps/31741.txt,"Maian Uploader 4.0 - index.php keywords Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 +31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 - 'admin.php' Cross-site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 +31741,platforms/php/webapps/31741.txt,"Maian Uploader 4.0 - 'index.php' keywords Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 31742,platforms/php/webapps/31742.txt,"Maian Uploader 4.0 - admin/index.php keywords Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 31743,platforms/php/webapps/31743.txt,"Maian Uploader 4.0 - admin/inc/header.php Multiple Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 -31744,platforms/php/webapps/31744.txt,"osCommerce 2.1/2.2 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-05,"David Sopas Ferreira",php,webapps,0 +31744,platforms/php/webapps/31744.txt,"osCommerce 2.1/2.2 - Multiple Cross-site Scripting Vulnerabilities",2008-05-05,"David Sopas Ferreira",php,webapps,0 31745,platforms/php/webapps/31745.txt,"BatmanPorTaL - uyeadmin.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 31746,platforms/php/webapps/31746.txt,"BatmanPorTaL - profil.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 31747,platforms/php/webapps/31747.pl,"iGaming CMS 1.5 - 'poll_vote.php' SQL Injection",2008-05-05,Cod3rZ,php,webapps,0 31748,platforms/windows/dos/31748.txt,"Yahoo! Assistant 3.6 - 'yNotifier.dll' ActiveX Control Memory Corruption",2008-05-06,Sowhat,windows,dos,0 31749,platforms/php/webapps/31749.py,"RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection",2008-05-06,The:Paradox,php,webapps,0 31750,platforms/php/webapps/31750.txt,"QTO File Manager 1.0 - 'qtofm.php' Arbitrary File Upload",2008-05-06,"CrAzY CrAcKeR",php,webapps,0 -31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 - 'query' Parameter Cross-Site Scripting",2008-05-06,"Christian Holler",php,webapps,0 +31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 - 'query' Parameter Cross-site Scripting",2008-05-06,"Christian Holler",php,webapps,0 31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Inclusion",2008-05-07,Matrix86,php,webapps,0 -31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 +31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 - Multiple Cross-site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter XSS",2008-05-08,Portcullis,cgi,webapps,0 31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String Javascript Splicing XSS",2008-05-08,Portcullis,cgi,webapps,0 -31756,platforms/multiple/remote/31756.txt,"SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 -31757,platforms/multiple/remote/31757.txt,"ZyWALL 100 HTTP Referer Header - Cross-Site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 +31756,platforms/multiple/remote/31756.txt,"SonicWALL Email Security 6.1.1 - Error Page Cross-site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 +31757,platforms/multiple/remote/31757.txt,"ZyWALL 100 HTTP Referer Header - Cross-site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 31758,platforms/hardware/remote/31758.py,"WRT120N 1.0.0.7 - Stack Overflow",2014-02-19,"Craig Heffner",hardware,remote,80 31759,platforms/windows/remote/31759.txt,"Microsoft Internet Explorer 2.0 - UTF-7 HTTP Response Handling Weakness",2008-05-08,"Yaniv Miron",windows,remote,0 31760,platforms/windows/webapps/31760.txt,"Lotus Sametime 8.5.1 - Password Disclosure",2014-02-19,"Adriano Marcio Monteiro",windows,webapps,5081 31761,platforms/linux/dos/31761.txt,"Embedthis Goahead Webserver 3.1.3-0 - Multiple Vulnerabilities",2014-02-19,"Maksymilian Motyl",linux,dos,80 31762,platforms/windows/dos/31762.py,"Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",windows,dos,55555 31763,platforms/windows/dos/31763.py,"SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service",2014-02-19,"Mohamed Shetta",windows,dos,30000 -31764,platforms/hardware/webapps/31764.txt,"Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF",2014-02-19,"Dhruv Shah",hardware,webapps,80 +31764,platforms/hardware/webapps/31764.txt,"Dlink DIR-615 Hardware vE4 Firmware v5.10 - Cross-site Request Forgery",2014-02-19,"Dhruv Shah",hardware,webapps,80 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent XSS",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS) Stack Buffer Overflow",2014-02-19,Metasploit,windows,local,0 31767,platforms/multiple/remote/31767.rb,"MediaWiki - Thumb.php Remote Command Execution",2014-02-19,Metasploit,multiple,remote,80 @@ -28620,27 +28620,27 @@ id,file,description,date,author,platform,type,port 31771,platforms/php/webapps/31771.txt,"cPanel 11.x - scripts2/knowlegebase issue Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 31772,platforms/php/webapps/31772.txt,"cPanel 11.x - scripts2/changeip user Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 31773,platforms/php/webapps/31773.txt,"cPanel 11.x - scripts2/listaccts search Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 -31774,platforms/php/webapps/31774.txt,"BlogPHP 2.0 - index.php Multiple Parameter XSS",2008-05-10,"David Sopas Ferreira",php,webapps,0 +31774,platforms/php/webapps/31774.txt,"BlogPHP 2.0 - 'index.php' Multiple Parameter XSS",2008-05-10,"David Sopas Ferreira",php,webapps,0 31775,platforms/php/webapps/31775.txt,"OtherLogic - 'vocourse.php' SQL Injection",2008-05-10,Breeeeh,php,webapps,0 31776,platforms/php/webapps/31776.txt,"WordPress WP Photo Album Plugin - 'photo' Parameter SQL Injection",2008-05-09,THE_MILLER,php,webapps,0 31777,platforms/php/webapps/31777.txt,"AJ Classifieds - 'index.php' SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -31778,platforms/php/webapps/31778.txt,"phpInstantGallery 2.0 - index.php gallery Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 +31778,platforms/php/webapps/31778.txt,"phpInstantGallery 2.0 - 'index.php' gallery Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 31779,platforms/php/webapps/31779.txt,"phpInstantGallery 2.0 - image.php Multiple Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 -31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 - 'index.php' Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 +31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 - 'index.php' Cross-site Scripting",2008-05-12,ZoRLu,php,webapps,0 31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection",2008-05-12,SkyOut,php,webapps,0 31782,platforms/php/webapps/31782.txt,"Claroline 1.7.5 - Multiple Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31783,platforms/php/webapps/31783.txt,"Fusebox 5.5.1 - 'fusebox5.php' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31784,platforms/php/webapps/31784.txt,"PhpMyAgenda 2.1 - 'infoevent.php3' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31785,platforms/multiple/dos/31785.txt,"Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities",2008-05-13,"Tyler Reguly",multiple,dos,0 -31786,platforms/asp/webapps/31786.txt,"Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting",2008-05-13,"Brad Antoniewicz",asp,webapps,0 +31786,platforms/asp/webapps/31786.txt,"Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-site Scripting",2008-05-13,"Brad Antoniewicz",asp,webapps,0 31787,platforms/php/webapps/31787.txt,"Kalptaru Infotech Automated Link Exchange Portal - 'linking.page.php' SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 31788,platforms/windows/remote/31788.py,"VideoCharge Studio 2.12.3.685 - GetHttpResponse() MITM Remote Code Execution Exploit",2014-02-20,"Julien Ahrens",windows,remote,0 31789,platforms/windows/remote/31789.py,"PCMAN FTP 2.07 - Buffer Overflow Exploit",2014-02-20,Sumit,windows,remote,21 31790,platforms/hardware/webapps/31790.txt,"Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities",2014-02-20,Vulnerability-Lab,hardware,webapps,0 31791,platforms/windows/dos/31791.py,"Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow",2014-02-20,"Mohamed Shetta",windows,dos,55555 31792,platforms/php/webapps/31792.txt,"Stark CRM 1.0 - Multiple Vulnerabilities",2014-02-20,LiquidWorm,php,webapps,80 -31793,platforms/php/webapps/31793.txt,"Horde Turba 3.1.7 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-14,"Ivan Javier Sanchez",php,webapps,0 -31794,platforms/php/webapps/31794.txt,"PicsEngine 1.0 - 'index.php' Cross-Site Scripting",2008-05-14,ZoRLu,php,webapps,0 +31793,platforms/php/webapps/31793.txt,"Horde Turba 3.1.7 - Multiple Cross-site Scripting Vulnerabilities",2008-05-14,"Ivan Javier Sanchez",php,webapps,0 +31794,platforms/php/webapps/31794.txt,"PicsEngine 1.0 - 'index.php' Cross-site Scripting",2008-05-14,ZoRLu,php,webapps,0 31795,platforms/php/webapps/31795.txt,"Links Pile - 'link.php' SQL Injection",2008-08-14,HaCkeR_EgY,php,webapps,0 31796,platforms/php/webapps/31796.txt,"Internet Photoshow - 'login_admin' Parameter Unauthorized Access",2008-05-14,t0pP8uZz,php,webapps,0 31797,platforms/asp/webapps/31797.txt,"Philboard 0.5 - W1L3D4_foruma_yeni_konu_ac.asp forumid Parameter SQL Injection",2008-05-14,U238,asp,webapps,0 @@ -28649,20 +28649,20 @@ id,file,description,date,author,platform,type,port 31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart 3.5.1 - 'index.php' SQL Injection",2008-05-15,irvian,php,webapps,0 31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - glossaire.php id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - glossaire.php id Parameter XSS",2008-05-16,ZoRLu,php,webapps,0 -31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 +31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross-site Scripting",2008-05-16,ZoRLu,php,webapps,0 31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Inclusion",2008-05-16,ZoRLu,php,webapps,0 31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection",2008-05-17,Lovebug,php,webapps,0 31806,platforms/php/webapps/31806.txt,"bcoos 1.0.13 - 'file' Parameter Local File Inclusion",2008-05-19,Lostmon,php,webapps,0 31807,platforms/php/webapps/31807.txt,"cPanel 11.21 - 'wwwact' Remote Privilege Escalation",2008-05-19,"Ali Jasbi",php,webapps,0 -31808,platforms/php/webapps/31808.txt,"AppServ Open Project 2.5.10 - 'appservlang' Parameter Cross-Site Scripting",2008-05-20,"CWH Underground",php,webapps,0 -31809,platforms/php/webapps/31809.txt,"Starsgames Control Panel 4.6.2 - 'index.php' Cross-Site Scripting",2008-05-20,"CWH Underground",php,webapps,0 +31808,platforms/php/webapps/31808.txt,"AppServ Open Project 2.5.10 - 'appservlang' Parameter Cross-site Scripting",2008-05-20,"CWH Underground",php,webapps,0 +31809,platforms/php/webapps/31809.txt,"Starsgames Control Panel 4.6.2 - 'index.php' Cross-site Scripting",2008-05-20,"CWH Underground",php,webapps,0 31810,platforms/php/webapps/31810.txt,"Web Slider 0.6 - 'slide' Parameter SQL Injection",2008-05-20,"fahn zichler",php,webapps,0 -31811,platforms/asp/webapps/31811.txt,"Site Tanitimlari Scripti - Multiple SQL Injection",2008-05-20,"fahn zichler",asp,webapps,0 +31811,platforms/asp/webapps/31811.txt,"Site Tanitimlari Scripti - Multiple SQL Injections",2008-05-20,"fahn zichler",asp,webapps,0 31812,platforms/asp/webapps/31812.txt,"DizaynPlus Nobetci Eczane Takip 1.0 - 'ayrinti.asp' Parameter SQL Injection",2008-05-20,U238,asp,webapps,0 31813,platforms/php/webapps/31813.txt,"eCMS 0.4.2 - Multiple Security Vulnerabilities",2008-05-20,hadihadi,php,webapps,0 31814,platforms/windows/remote/31814.py,"Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit",2014-02-22,"OJ Reeves",windows,remote,0 31815,platforms/linux/dos/31815.html,"libxslt XSL 1.1.23 - File Processing Buffer Overflow",2008-05-21,"Anthony de Almeida Lopes",linux,dos,0 -31816,platforms/java/webapps/31816.txt,"SAP Web Application Server 7.0 - '/sap/bc/gui/sap/its/webgui/' Cross-Site Scripting",2008-05-21,DSecRG,java,webapps,0 +31816,platforms/java/webapps/31816.txt,"SAP Web Application Server 7.0 - '/sap/bc/gui/sap/its/webgui/' Cross-site Scripting",2008-05-21,DSecRG,java,webapps,0 31817,platforms/multiple/dos/31817.html,"Mozilla Firefox 2.0.0.14 - JSframe Heap Corruption Denial of Service",2008-05-21,0x000000,multiple,dos,0 31818,platforms/windows/dos/31818.sh,"vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1)",2008-05-21,"Martin Nagy",windows,dos,0 31819,platforms/windows/dos/31819.pl,"vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2)",2008-05-21,"Praveen Darshanam",windows,dos,0 @@ -28671,23 +28671,23 @@ id,file,description,date,author,platform,type,port 31822,platforms/php/webapps/31822.txt,"phpFreeForum 1.0 rc2 - part/menu.php Multiple Parameter XSS",2008-05-22,tan_prathan,php,webapps,0 31823,platforms/php/webapps/31823.txt,"phpSQLiteCMS 1 RC2 - cms/includes/header.inc.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 31824,platforms/php/webapps/31824.txt,"phpSQLiteCMS 1 RC2 - cms/includes/login.inc.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31825,platforms/php/webapps/31825.txt,"BMForum 5.6 - index.php outpused Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 +31825,platforms/php/webapps/31825.txt,"BMForum 5.6 - 'index.php' outpused Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 31826,platforms/php/webapps/31826.txt,"BMForum 5.6 - newtem/footer/bsd01footer.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 31827,platforms/php/webapps/31827.txt,"BMForum 5.6 - newtem/header/bsd01header.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31828,platforms/hardware/remote/31828.txt,"Barracuda Spam Firewall 3.5.11 - 'ldap_test.cgi' Cross-Site Scripting",2008-05-22,"Information Risk Management Plc",hardware,remote,0 +31828,platforms/hardware/remote/31828.txt,"Barracuda Spam Firewall 3.5.11 - 'ldap_test.cgi' Cross-site Scripting",2008-05-22,"Information Risk Management Plc",hardware,remote,0 31829,platforms/php/webapps/31829.txt,"AbleDating 2.4 - search_results.php keyword Parameter SQL Injection",2008-05-22,"Ali Jasbi",php,webapps,0 31830,platforms/php/webapps/31830.txt,"AbleDating 2.4 - search_results.php keyword Parameter XSS",2008-05-22,"Ali Jasbi",php,webapps,0 31831,platforms/windows/remote/31831.py,"SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write",2014-02-22,"Mohamed Shetta",windows,remote,30000 -32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0 +32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 - 'register.php' Multiple Cross-site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 -31834,platforms/php/webapps/31834.txt,"WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 -31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 +31834,platforms/php/webapps/31834.txt,"WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track parameter) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 +31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin - 'wp-uploadfile.php' SQL Injection",2008-05-24,eserg.ru,php,webapps,0 31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection",2008-05-24,"Ali Jasbi",php,webapps,0 31838,platforms/php/webapps/31838.txt,"Horde Multiple Product - workweek.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 31839,platforms/php/webapps/31839.txt,"Horde Multiple Product - week.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 31840,platforms/php/webapps/31840.txt,"Horde Multiple Product - day.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 -31841,platforms/php/webapps/31841.txt,"miniCWB 2.1.1 - 'connector.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-26,"CWH Underground",php,webapps,0 +31841,platforms/php/webapps/31841.txt,"miniCWB 2.1.1 - 'connector.php' Multiple Cross-site Scripting Vulnerabilities",2008-05-26,"CWH Underground",php,webapps,0 31842,platforms/php/webapps/31842.txt,"AbleSpace 1.0 - 'adv_cat.php' SQL Injection",2008-05-26,Jasbi,php,webapps,0 31843,platforms/asp/webapps/31843.txt,"Excuse Online - 'pwd.asp' SQL Injection",2008-05-26,Unohope,asp,webapps,0 31844,platforms/php/webapps/31844.txt,"phpFix 2.0 - fix/browse.php kind Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 @@ -28701,17 +28701,17 @@ id,file,description,date,author,platform,type,port 31852,platforms/asp/webapps/31852.txt,"Campus Bulletin Board 3.4 - post3/book.asp review Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0 31853,platforms/windows/remote/31853.py,"Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution Exploit",2014-02-23,"Chris Graham",windows,remote,0 31854,platforms/asp/webapps/31854.html,"The Campus Request Repairs System 1.2 - 'sentout.asp' Unauthorized Access",2008-05-26,Unohope,asp,webapps,0 -31855,platforms/php/webapps/31855.txt,"Tr Script News 2.1 - 'news.php' Cross-Site Scripting",2008-05-27,ZoRLu,php,webapps,0 +31855,platforms/php/webapps/31855.txt,"Tr Script News 2.1 - 'news.php' Cross-site Scripting",2008-05-27,ZoRLu,php,webapps,0 31856,platforms/windows/dos/31856.html,"CA Internet Security Suite - 'UmxEventCli.dll' ActiveX Control Arbitrary File Overwrite",2008-05-28,Nine:Situations:Group,windows,dos,0 31857,platforms/php/webapps/31857.txt,"Joomla! and Mambo Artists Component - 'idgalery' Parameter SQL Injection",2008-05-28,Cr@zy_King,php,webapps,0 -31858,platforms/php/webapps/31858.txt,"Calcium 3.10/4.0.4 - 'Calcium40.pl' Cross-Site Scripting",2008-05-28,"Marvin Simkin",php,webapps,0 +31858,platforms/php/webapps/31858.txt,"Calcium 3.10/4.0.4 - 'Calcium40.pl' Cross-site Scripting",2008-05-28,"Marvin Simkin",php,webapps,0 31859,platforms/asp/webapps/31859.txt,"JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injection",2008-05-29,"Ugurcan Engin",asp,webapps,0 31860,platforms/asp/webapps/31860.txt,"Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injection",2008-05-29,"Ugurcan Engin",asp,webapps,0 31861,platforms/asp/webapps/31861.txt,"dvbbs 8.2 - 'login.asp' Multiple SQL Injection",2008-05-29,hackerbinhphuoc,asp,webapps,0 31862,platforms/hardware/remote/31862.txt,"Xerox DocuShare 6 - dsdn/dsweb/SearchResults URI XSS",2008-05-29,Doz,hardware,remote,0 31863,platforms/hardware/remote/31863.txt,"Xerox DocuShare 6 - dsdn/dsweb/Services/User URI XSS",2008-05-29,Doz,hardware,remote,0 31864,platforms/hardware/remote/31864.txt,"Xerox DocuShare 6 - docushare/dsweb/ServicesLib/Group URI XSS",2008-05-29,Doz,hardware,remote,0 -31865,platforms/asp/webapps/31865.txt,"DotNetNuke 4.8.3 - 'Default.aspx' Cross-Site Scripting",2008-05-30,"AmnPardaz Security Research Team",asp,webapps,0 +31865,platforms/asp/webapps/31865.txt,"DotNetNuke 4.8.3 - 'Default.aspx' Cross-site Scripting",2008-05-30,"AmnPardaz Security Research Team",asp,webapps,0 31866,platforms/php/webapps/31866.txt,"TorrentTrader Classic 1.x - 'scrape.php' SQL Injection",2008-05-31,"Charles Vaughn",php,webapps,0 31867,platforms/php/webapps/31867.php,"CMS Easyway - 'mid' Parameter SQL Injection",2008-05-30,Lidloses_Auge,php,webapps,0 31868,platforms/php/webapps/31868.txt,"OtomiGenX 2.2 - 'userAccount' Parameter SQL Injection",2008-06-02,hadihadi,php,webapps,0 @@ -28726,27 +28726,27 @@ id,file,description,date,author,platform,type,port 31877,platforms/windows/dos/31877.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'RegistryString' Buffer Overflow",2008-06-04,"Dennis Rand",windows,dos,0 31878,platforms/windows/dos/31878.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Creation",2008-06-03,"Dennis Rand",windows,dos,0 31879,platforms/windows/dos/31879.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Delete",2008-06-03,"Dennis Rand",windows,dos,0 -31880,platforms/php/webapps/31880.txt,"WyMIEN PHP 1.0 - 'index.php' Cross-Site Scripting",2008-06-04,ZoRLu,php,webapps,0 -31881,platforms/php/webapps/31881.txt,"PHP Address Book 3.1.5 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 -31882,platforms/php/webapps/31882.txt,"SamTodo 1.1 - 'tid' Parameter Cross-Site Scripting",2008-06-05,"David Sopas Ferreira",php,webapps,0 -31883,platforms/php/webapps/31883.txt,"SamTodo 1.1 - 'completed' Parameter Cross-Site Scripting",2008-06-05,"David Sopas Ferreira",php,webapps,0 +31880,platforms/php/webapps/31880.txt,"WyMIEN PHP 1.0 - 'index.php' Cross-site Scripting",2008-06-04,ZoRLu,php,webapps,0 +31881,platforms/php/webapps/31881.txt,"PHP Address Book 3.1.5 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 +31882,platforms/php/webapps/31882.txt,"SamTodo 1.1 - 'tid' Parameter Cross-site Scripting",2008-06-05,"David Sopas Ferreira",php,webapps,0 +31883,platforms/php/webapps/31883.txt,"SamTodo 1.1 - 'completed' Parameter Cross-site Scripting",2008-06-05,"David Sopas Ferreira",php,webapps,0 31884,platforms/hardware/dos/31884.txt,"Linksys WRH54G 1.1.3 - Wireless-G Router Malformed HTTP Request Denial of Service",2008-06-05,dubingyao,hardware,dos,0 31885,platforms/hardware/remote/31885.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter XSS",2008-06-05,nnposter,hardware,remote,0 31886,platforms/hardware/remote/31886.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter XSS",2008-06-05,nnposter,hardware,remote,0 31887,platforms/linux/remote/31887.txt,"ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal",2008-06-06,"Tan Chew Keong",linux,remote,0 -31888,platforms/php/webapps/31888.txt,"SchoolCenter 7.5 - Multiple Cross-Site Scripting Vulnerabilities",2008-06-06,Doz,php,webapps,0 +31888,platforms/php/webapps/31888.txt,"SchoolCenter 7.5 - Multiple Cross-site Scripting Vulnerabilities",2008-06-06,Doz,php,webapps,0 31889,platforms/novell/dos/31889.pl,"Novell GroupWise Messenger 2.0 - Client Buffer Overflow",2008-07-02,"Francisco Amato",novell,dos,0 31890,platforms/multiple/remote/31890.txt,"Diigo Toolbar and Diigolet Comment Feature - HTML Injection / Information Disclosure",2008-06-20,"Ferruh Mavituna",multiple,remote,0 31891,platforms/asp/webapps/31891.txt,"Real Estate Website 1.0 - 'location.asp' Multiple Input Validation Vulnerabilities",2008-06-09,JosS,asp,webapps,0 -31892,platforms/cgi/webapps/31892.txt,"Tornado Knowledge Retrieval System 4.2 - 'p' Parameter Cross-Site Scripting",2008-06-10,Unohope,cgi,webapps,0 -31893,platforms/php/webapps/31893.txt,"Hot Links SQL-PHP - Multiple Cross-Site Scripting Vulnerabilities",2008-06-10,sl4xUz,php,webapps,0 +31892,platforms/cgi/webapps/31892.txt,"Tornado Knowledge Retrieval System 4.2 - 'p' Parameter Cross-site Scripting",2008-06-10,Unohope,cgi,webapps,0 +31893,platforms/php/webapps/31893.txt,"Hot Links SQL-PHP - Multiple Cross-site Scripting Vulnerabilities",2008-06-10,sl4xUz,php,webapps,0 31894,platforms/hardware/webapps/31894.txt,"Technicolor TC7200 - Credentials Disclosure",2014-02-25,"Jeroen - IT Nerdbox",hardware,webapps,80 31895,platforms/windows/local/31895.txt,"Notepad++ CCompletion Plugin 1.19 - Stack Buffer Overflow",2014-02-25,tishion,windows,local,0 31896,platforms/ios/webapps/31896.txt,"WiFiles HD 1.3 iOS - File Inclusion",2014-02-25,Vulnerability-Lab,ios,webapps,8080 31898,platforms/php/webapps/31898.txt,"Sendy 1.1.8.4 - SQL Injection",2014-02-25,Hurley,php,webapps,80 31899,platforms/windows/dos/31899.txt,"VLC 2.1.3 - (.avs) Crash PoC",2014-02-25,kw4,windows,dos,0 31900,platforms/ios/webapps/31900.txt,"Private Camera Pro 5.0 iOS - Multiple Vulnerabilities",2014-02-25,Vulnerability-Lab,ios,webapps,0 -31901,platforms/multiple/remote/31901.txt,"Sun Glassfish 2.1 - 'name' Parameter Cross-Site Scripting",2008-06-10,"Eduardo Neves",multiple,remote,0 +31901,platforms/multiple/remote/31901.txt,"Sun Glassfish 2.1 - 'name' Parameter Cross-site Scripting",2008-06-10,"Eduardo Neves",multiple,remote,0 31902,platforms/php/webapps/31902.txt,"Noticia Portal - 'detalle_noticia.php' SQL Injection",2008-06-10,t@nzo0n,php,webapps,0 31903,platforms/linux/remote/31903.asm,"NASM 2.0 - 'ppscan()' Off-By-One Buffer Overflow",2008-06-21,"Philipp Thomas",linux,remote,0 31904,platforms/php/webapps/31904.txt,"PHPEasyData 1.5.4 - annuaire.php annuaire Parameter SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 @@ -28755,12 +28755,12 @@ id,file,description,date,author,platform,type,port 31907,platforms/php/webapps/31907.txt,"PHPEasyData 1.5.4 - annuaire.php Multiple Parameter XSS",2008-06-11,"Sylvain THUAL",php,webapps,0 31908,platforms/php/webapps/31908.txt,"Flat Calendar 1.1 - Multiple Administrative Scripts Authentication Bypass Vulnerabilities",2008-06-11,Crackers_Child,php,webapps,0 31909,platforms/windows/remote/31909.html,"XChat 2.8.7b - 'ircs://' URI Command Execution",2008-06-13,securfrog,windows,remote,0 -31910,platforms/php/webapps/31910.txt,"vBulletin 3.6.10/3.7.1 - 'redirect' Parameter Cross-Site Scripting",2008-06-13,anonymous,php,webapps,0 +31910,platforms/php/webapps/31910.txt,"vBulletin 3.6.10/3.7.1 - 'redirect' Parameter Cross-site Scripting",2008-06-13,anonymous,php,webapps,0 31911,platforms/linux/local/31911.txt,"Vim 7.x - Vim Script Multiple Command Execution Vulnerabilities",2008-06-14,"Jan Minar",linux,local,0 31912,platforms/multiple/remote/31912.txt,"GSC Client 1.00 2067 - Privilege Escalation",2008-06-14,"Michael Gray",multiple,remote,0 31914,platforms/windows/dos/31914.pl,"Gold MP4 Player 3.3 - Buffer Overflow PoC (SEH)",2014-02-26,"Gabor Seljan",windows,dos,0 31915,platforms/linux/dos/31915.py,"GoAhead Web Server 3.1.x - Denial of Service",2014-02-26,"Alaeddine MESBAHI",linux,dos,80 -31916,platforms/php/webapps/31916.txt,"Piwigo 2.6.1 - CSRF",2014-02-26,killall-9,php,webapps,80 +31916,platforms/php/webapps/31916.txt,"Piwigo 2.6.1 - Cross-site Request Forgery",2014-02-26,killall-9,php,webapps,80 31918,platforms/multiple/remote/31918.txt,"Crysis 1.21 - 'keyexchange' Packet Information Disclosure",2008-06-15,"Luigi Auriemma",multiple,remote,0 31919,platforms/multiple/dos/31919.c,"S.T.A.L.K.E.R. 1.0.06 - Remote Denial of Service",2008-06-15,"Luigi Auriemma",multiple,dos,0 31920,platforms/multiple/remote/31920.txt,"Glub Tech Secure FTP 2.5.15 - 'LIST' Command Directory Traversal",2008-06-13,"Tan Chew Keong",multiple,remote,0 @@ -28772,24 +28772,24 @@ id,file,description,date,author,platform,type,port 31926,platforms/multiple/remote/31926.txt,"GlassFish Application Server resourceNode/jdbcResourceNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 31927,platforms/multiple/remote/31927.txt,"GlassFish Application Server applications/lifecycleModulesNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 31928,platforms/multiple/remote/31928.txt,"GlassFish Application Server - resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31929,platforms/php/webapps/31929.txt,"SimpleNotes - Multiple Cross-Site Scripting Vulnerabilities",2008-06-16,sl4xUz,php,webapps,0 +31929,platforms/php/webapps/31929.txt,"SimpleNotes - Multiple Cross-site Scripting Vulnerabilities",2008-06-16,sl4xUz,php,webapps,0 31930,platforms/windows/local/31930.txt,"No-IP DUC Client for Windows - Local Information Disclosure",2008-06-16,"Charalambous Glafkos",windows,local,0 31931,platforms/multiple/dos/31931.txt,"Crysis 1.21 - HTTP/XML-RPC Service Remote Denial of Service",2008-06-16,"Luigi Auriemma",multiple,dos,0 31932,platforms/multiple/dos/31932.txt,"Skulltag 0.97 d2-RC3 - Malformed Packet Denial of Service",2008-06-16,"Luigi Auriemma",multiple,dos,0 -31933,platforms/php/webapps/31933.txt,"OpenDocMan 1.x - 'out.php' Cross-Site Scripting",2008-06-17,"Sergi Rosello",php,webapps,0 +31933,platforms/php/webapps/31933.txt,"OpenDocMan 1.x - 'out.php' Cross-site Scripting",2008-06-17,"Sergi Rosello",php,webapps,0 31934,platforms/windows/dos/31934.txt,"Microsoft Word 2000/2002 - Bulleted List Handling Remote Memory Corruption",2008-06-17,"Ivan Sanchez",windows,dos,0 31935,platforms/php/webapps/31935.txt,"Basic-CMS - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 31936,platforms/multiple/remote/31936.txt,"UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal",2008-06-17,"Tan Chew Keong",multiple,remote,0 31937,platforms/php/local/31937.txt,"PHP 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 31938,platforms/php/webapps/31938.txt,"KEIL Software photokorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 -31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 - Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 +31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 - Moderation Control Panel 'redirect' Parameter Cross-site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 31940,platforms/osx/local/31940.txt,"Apple Mac OS X 10.x - AppleScript ARDAgent Shell Local Privilege Escalation",2008-06-19,anonymous,osx,local,0 31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 - 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 -31943,platforms/php/webapps/31943.html,"GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload",2008-06-20,"AmnPardaz ",php,webapps,0 +31943,platforms/php/webapps/31943.html,"GL-SH Deaf Forum 6.5.5 - Cross-site Scripting / Arbitrary File Upload",2008-06-20,"AmnPardaz ",php,webapps,0 32214,platforms/php/webapps/32214.pl,"FreePBX 2.11.0 - Remote Command Execution",2014-03-12,@0x00string,php,webapps,80 31944,platforms/php/webapps/31944.txt,"PHPAuction - 'profile.php' SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 -31945,platforms/php/webapps/31945.txt,"PEGames - Multiple Cross-Site Scripting Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 +31945,platforms/php/webapps/31945.txt,"PEGames - Multiple Cross-site Scripting Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 31946,platforms/php/webapps/31946.txt,"IDMOS 1.0 - 'site_absolute_path' Parameter Multiple Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 31947,platforms/php/webapps/31947.txt,"EXP Shop 1.0 Joomla! 'com_expshop' Component - SQL Injection",2008-06-22,His0k4,php,webapps,0 31948,platforms/php/webapps/31948.txt,"Open Digital Assets Repository System 1.0.2 - Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 @@ -28811,14 +28811,14 @@ id,file,description,date,author,platform,type,port 31964,platforms/windows/dos/31964.txt,"5th street - 'dx8render.dll' Format String",2008-06-25,superkhung,windows,dos,0 31965,platforms/linux/dos/31965.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)",2008-06-25,"Alexei Dobryanov",linux,dos,0 31966,platforms/linux/dos/31966.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)",2008-06-25,"Alexei Dobryanov",linux,dos,0 -31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - 'PARAMS' Parameter Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 +31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - 'PARAMS' Parameter Cross-site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 -32135,platforms/php/webapps/32135.txt,"common solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 +32135,platforms/php/webapps/32135.txt,"common solutions csphonebook 1.02 - 'index.php' Cross-site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 -32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Parameter Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 +32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Parameter Cross-site Scripting",2008-07-11,syniack,php,webapps,0 32048,platforms/osx/remote/32048.html,"Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80 -31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - (get_all_created_by_user.php id param) SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - (get_all_created_by_user.php id parameter) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31972,platforms/windows/local/31972.py,"Gold MP4 Player 3.3 - Buffer Overflow Exploit (SEH)",2014-02-28,metacom,windows,local,0 32094,platforms/cgi/webapps/32094.pl,"HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay",2008-07-21,Perforin,cgi,webapps,0 32095,platforms/linux/dos/32095.pl,"Asterisk 1.6 IAX - 'POKE' Requests Remote Denial of Service",2008-07-21,"Blake Cornell",linux,dos,0 @@ -28829,19 +28829,19 @@ id,file,description,date,author,platform,type,port 31978,platforms/php/webapps/31978.txt,"The Rat CMS - viewarticle2.php id Parameter SQL Injection",2008-06-26,"CWH Underground",php,webapps,0 31979,platforms/linux/dos/31979.html,"GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 31980,platforms/windows/remote/31980.html,"UUSee 2008 - UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download",2008-06-26,Symantec,windows,remote,0 -31981,platforms/php/webapps/31981.txt,"PolyPager 0.9.51/1.0 - 'nr' Parameter Cross-Site Scripting",2008-06-26,"CWH Underground",php,webapps,0 +31981,platforms/php/webapps/31981.txt,"PolyPager 0.9.51/1.0 - 'nr' Parameter Cross-site Scripting",2008-06-26,"CWH Underground",php,webapps,0 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 32134,platforms/php/webapps/32134.txt,"H0tturk Panel - 'gizli.php' Remote File Inclusion",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 -31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy param) SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy parameter) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 31991,platforms/windows/local/31991.rb,"VCDGear 3.50 - (.cue) Stack Buffer Overflow Exploit",2014-02-28,Provensec,windows,local,0 31992,platforms/windows/webapps/31992.txt,"Oracle Demantra 12.2.1 - Arbitrary File Disclosure",2014-03-01,Portcullis,windows,webapps,0 31993,platforms/windows/webapps/31993.txt,"Oracle Demantra 12.2.1 - SQL Injection",2014-03-01,Portcullis,windows,webapps,8080 -31994,platforms/windows/webapps/31994.txt,"Oracle Demantra 12.2.1 - Stored XSS",2014-03-01,Portcullis,windows,webapps,8080 +31994,platforms/windows/webapps/31994.txt,"Oracle Demantra 12.2.1 - Persistent Cross-site Scripting",2014-03-01,Portcullis,windows,webapps,8080 31995,platforms/windows/webapps/31995.txt,"Oracle Demantra 12.2.1 - Database Credentials Disclosure",2014-03-01,Portcullis,windows,webapps,8080 31996,platforms/windows/remote/31996.txt,"Microsoft Internet Explorer 7/8 Beta 1 - Frame Location Cross Domain Security Bypass",2008-06-27,"Eduardo Vela",windows,remote,0 31997,platforms/windows/remote/31997.txt,"AceFTP 3.80.3 - 'LIST' Command Directory Traversal",2008-06-27,"Tan Chew Keong",windows,remote,0 @@ -28851,12 +28851,12 @@ id,file,description,date,author,platform,type,port 32001,platforms/php/webapps/32001.txt,"RSS-aggregator 1.0 - admin/fonctions/supprimer_flux.php IdFlux Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 32002,platforms/php/webapps/32002.txt,"RSS-aggregator 1.0 - admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 32003,platforms/php/webapps/32003.txt,"RSS-aggregator 1.0 - admin/fonctions/ Direct Request Administrator Authentication Bypass",2008-06-30,"CWH Underground",php,webapps,0 -32004,platforms/php/webapps/32004.txt,"FaName 1.0 - index.php Multiple Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 +32004,platforms/php/webapps/32004.txt,"FaName 1.0 - 'index.php' Multiple Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32005,platforms/php/webapps/32005.txt,"FaName 1.0 - page.php name Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32006,platforms/multiple/dos/32006.txt,"Wireshark 1.0.0 - Multiple DoS",2008-06-30,"Noam Rathus",multiple,dos,0 32131,platforms/php/webapps/32131.txt,"ClipSharePro 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 32009,platforms/unix/dos/32009.txt,"QNX Neutrino RTOS 6.3 - 'phgrafx' Local Buffer Overflow",2008-07-01,"Filipe Balestra",unix,dos,0 -32010,platforms/php/webapps/32010.txt,"Joomla! and Mambo 'com_is' 1.0.1 Component - Multiple SQL Injection",2008-07-02,"H-T Team",php,webapps,0 +32010,platforms/php/webapps/32010.txt,"Joomla! and Mambo 'com_is' 1.0.1 Component - Multiple SQL Injections",2008-07-02,"H-T Team",php,webapps,0 32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Inclusion",2008-07-07,ahmadbady,php,webapps,0 32012,platforms/linux/remote/32012.txt,"Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities",2008-07-07,"Jan Minar",linux,remote,0 32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 - Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 @@ -28866,9 +28866,9 @@ id,file,description,date,author,platform,type,port 32017,platforms/php/webapps/32017.html,"VBulletin 3.7.1 - admincp/faq.php Injection adminlog.php XSS",2008-07-08,"Jessica Hope",php,webapps,0 32018,platforms/linux/dos/32018.txt,"Multiple Vendors Unspecified SVG File Processing - Denial of Service",2008-07-08,"Kristian Hermansen",linux,dos,0 32019,platforms/linux/dos/32019.txt,"FFmpeg libavformat - 'psxstr.c' STR Data Heap Based Buffer Overflow",2008-07-09,astrange,linux,dos,0 -32020,platforms/php/webapps/32020.txt,"PageFusion 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 -32021,platforms/php/webapps/32021.txt,"Xomol CMS 1.2 - 'index.php' HTML Injection / Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 -32022,platforms/php/webapps/32022.txt,"TGS Content Management 0.3.2r2 - index.php Multiple Parameter XSS",2008-07-09,"Julian Rodriguez",php,webapps,0 +32020,platforms/php/webapps/32020.txt,"PageFusion 1.5 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 +32021,platforms/php/webapps/32021.txt,"Xomol CMS 1.2 - 'index.php' HTML Injection / Cross-site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 +32022,platforms/php/webapps/32022.txt,"TGS Content Management 0.3.2r2 - 'index.php' Multiple Parameter XSS",2008-07-09,"Julian Rodriguez",php,webapps,0 32023,platforms/php/webapps/32023.txt,"TGS Content Management 0.3.2r2 - login.php Multiple Parameter XSS",2008-07-09,"Julian Rodriguez",php,webapps,0 32024,platforms/php/webapps/32024.txt,"V-webmail 1.6.4 - includes/pear/Mail/RFC822.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32025,platforms/php/webapps/32025.txt,"V-webmail 1.6.4 - includes/pear/Net/Socket.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 @@ -28883,11 +28883,11 @@ id,file,description,date,author,platform,type,port 32034,platforms/php/webapps/32034.txt,"V-webmail 1.6.4 - includes/cachedConfig.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32035,platforms/php/webapps/32035.txt,"V-webmail 1.6.4 - includes/prepend.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32036,platforms/php/webapps/32036.txt,"V-webmail 1.6.4 - includes/email.list.search.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Stored XSS / SQL Injection",2014-03-03,LiquidWorm,php,webapps,0 +32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Persistent Cross-site Scripting / SQL Injection",2014-03-03,LiquidWorm,php,webapps,0 32038,platforms/php/webapps/32038.txt,"SpagoBI 4.0 - Persistent XSS",2014-03-03,"Christian Catalano",php,webapps,0 32039,platforms/php/webapps/32039.txt,"SpagoBI 4.0 - Persistent HTML Script Insertion",2014-03-03,"Christian Catalano",php,webapps,0 32040,platforms/php/webapps/32040.txt,"SpagoBI 4.0 - Arbitrary XSS File Upload",2014-03-03,"Christian Catalano",php,webapps,0 -32041,platforms/windows/local/32041.pl,"ALLPlayer 5.8.1 - (.m3u) Buffer Overflow (SEH)",2014-03-03,"Gabor Seljan",windows,local,0 +32041,platforms/windows/local/32041.pl,"ALLPlayer 5.8.1 - '.m3u' Buffer Overflow (SEH)",2014-03-03,"Gabor Seljan",windows,local,0 32132,platforms/windows/remote/32132.py,"GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution",2014-03-09,"Julien Ahrens",windows,remote,0 32283,platforms/php/webapps/32283.txt,"Scripts4Profit DXShopCart 4.30 - 'pid' Parameter SQL Injection",2008-08-21,"Hussin X",php,webapps,0 32284,platforms/php/webapps/32284.txt,"Simasy CMS - 'id' Parameter SQL Injection",2008-08-21,r45c4l,php,webapps,0 @@ -28895,7 +28895,7 @@ id,file,description,date,author,platform,type,port 32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - SEH Buffer Overflow",2014-03-04,"Daniel la calavera",windows,local,0 32051,platforms/php/webapps/32051.php,"Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection",2008-07-14,RMx,php,webapps,0 32052,platforms/windows/remote/32052.html,"Sina DLoader Class - ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download",2008-07-14,Symantec,windows,remote,0 -32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 +32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 32054,platforms/windows/dos/32054.py,"MediaMonkey 3.0.3 - URI Handling Multiple Denial of Service Vulnerabilities",2008-07-16,Shinnok,windows,dos,0 32055,platforms/multiple/local/32055.txt,"Netrw Vim Script - 's:BrowserMaps()' Command Execution",2008-07-16,"Jan Minar",multiple,local,0 32056,platforms/windows/dos/32056.py,"BitComet 1.02 - URI Handling Remote Denial of Service",2008-07-16,Shinnok,windows,dos,0 @@ -28917,7 +28917,7 @@ id,file,description,date,author,platform,type,port 32074,platforms/windows/local/32074.rb,"ALLPlayer - .M3U Buffer Overflow",2014-03-05,Metasploit,windows,local,0 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent XSS",2014-03-05,"High-Tech Bridge SA",php,webapps,80 -32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'username' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 +32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'username' Parameter Cross-site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 32078,platforms/php/webapps/32078.php,"Community CMS 0.1 - 'include.php' Remote File Inclusion",2008-07-17,N3TR00T3R,php,webapps,0 32079,platforms/php/webapps/32079.txt,"CreaCMS - edition_article/edition_article.php cfg[document_uri] Parameter Remote File Inclusion",2008-07-18,Ciph3r,php,webapps,0 32080,platforms/php/webapps/32080.txt,"CreaCMS - fonctions/get_liste_langue.php cfg[base_uri_admin] Parameter Remote File Inclusion",2008-07-18,Ciph3r,php,webapps,0 @@ -28925,23 +28925,23 @@ id,file,description,date,author,platform,type,port 32082,platforms/php/webapps/32082.txt,"Def_Blog 1.0.3 - comaddok.php article Parameter SQL Injection",2008-07-18,"CWH Underground",php,webapps,0 32083,platforms/php/webapps/32083.txt,"Def_Blog 1.0.3 - comlook.php article Parameter SQL Injection",2008-07-18,"CWH Underground",php,webapps,0 32084,platforms/multiple/remote/32084.txt,"SmbClientParser 2.7 - Perl Module Remote Command Execution",2008-07-18,"Jesus Olmos Gonzalez",multiple,remote,0 -32085,platforms/php/webapps/32085.txt,"phpFreeChat 1.1 - 'demo21_with_hardocded_urls.php' Cross-Site Scripting",2008-07-18,ahmadbady,php,webapps,0 +32085,platforms/php/webapps/32085.txt,"phpFreeChat 1.1 - 'demo21_with_hardocded_urls.php' Cross-site Scripting",2008-07-18,ahmadbady,php,webapps,0 32086,platforms/multiple/dos/32086.c,"SWAT 4 - Multiple Denial Of Service Vulnerabilities",2008-07-20,"Luigi Auriemma",multiple,dos,0 -32087,platforms/php/webapps/32087.txt,"EasyBookMarker 4.0 - 'ajaxp_backend.php' Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 -32088,platforms/php/webapps/32088.pl,"EasyDynamicPages 3.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0 -32089,platforms/php/webapps/32089.pl,"EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection / Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 -32090,platforms/php/webapps/32090.txt,"Maran PHP Blog - 'comments.php' Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 +32087,platforms/php/webapps/32087.txt,"EasyBookMarker 4.0 - 'ajaxp_backend.php' Cross-site Scripting",2008-07-21,Dr.Crash,php,webapps,0 +32088,platforms/php/webapps/32088.pl,"EasyDynamicPages 3.0 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0 +32089,platforms/php/webapps/32089.pl,"EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection / Cross-site Scripting",2008-07-21,Dr.Crash,php,webapps,0 +32090,platforms/php/webapps/32090.txt,"Maran PHP Blog - 'comments.php' Cross-site Scripting",2008-07-21,Dr.Crash,php,webapps,0 32091,platforms/php/webapps/32091.txt,"MyBlog 0.9.8 - Multiple Remote Information Disclosure Vulnerabilities",2008-07-21,"AmnPardaz Security Research Team",php,webapps,0 32092,platforms/php/webapps/32092.txt,"Flip 3.0 - 'config.php' Remote File Inclusion",2008-07-21,Cru3l.b0y,php,webapps,0 32093,platforms/php/webapps/32093.txt,"phpKF - 'forum_duzen.php' SQL Injection",2008-07-21,U238,php,webapps,0 -32096,platforms/php/webapps/32096.pl,"EasyE-Cards 3.10 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0 +32096,platforms/php/webapps/32096.pl,"EasyE-Cards 3.10 - (SQL Injection / Cross-site Scripting) Multiple Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0 32097,platforms/php/webapps/32097.txt,"Xoops 2.0.18 - modules/system/admin.php fct Parameter Traversal Local File Inclusion",2008-07-21,Ciph3r,php,webapps,0 32098,platforms/php/webapps/32098.txt,"Xoops 2.0.18 - modules/system/admin.php fct Parameter XSS",2008-07-21,Ciph3r,php,webapps,0 32099,platforms/php/webapps/32099.txt,"RunCMS 1.6.1 - votepolls.php bbPath[path] Parameter Remote File Inclusion",2008-07-21,Ciph3r,php,webapps,0 32100,platforms/php/webapps/32100.txt,"RunCMS 1.6.1 - config.php bbPath[root_theme] Parameter Remote File Inclusion",2008-07-21,Ciph3r,php,webapps,0 32101,platforms/php/webapps/32101.txt,"eSyndiCat 1.6 - 'admin_lng' Cookie Parameter Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 32102,platforms/php/webapps/32102.txt,"AlphAdmin CMS 1.0.5_03 - 'aa_login' Cookie Parameter Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 -32103,platforms/php/webapps/32103.txt,"VisualPic 0.3.1 - Cross-Site Scripting",2008-07-21,Ciph3r,php,webapps,0 +32103,platforms/php/webapps/32103.txt,"VisualPic 0.3.1 - Cross-site Scripting",2008-07-21,Ciph3r,php,webapps,0 32104,platforms/multiple/dos/32104.txt,"ZDaemon 1.8 - NULL Pointer Remote Denial of Service",2008-07-21,"Luigi Auriemma",multiple,dos,0 32105,platforms/windows/dos/32105.pl,"PowerDVD 8.0 - (.m3u / .pls) Multiple Buffer Overflow Vulnerabilities",2008-07-22,LiquidWorm,windows,dos,0 32106,platforms/php/webapps/32106.txt,"Claroline 1.8 - learnPath/calendar/myagenda.php Query String XSS",2008-07-22,DSecRG,php,webapps,0 @@ -28960,21 +28960,21 @@ id,file,description,date,author,platform,type,port 32119,platforms/asp/webapps/32119.txt,"Web Wiz Forum 9.5 - admin_group_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 32120,platforms/asp/webapps/32120.txt,"Web Wiz Forum 9.5 - admin_category_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 32121,platforms/php/webapps/32121.php,"Jamroom 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities",2008-07-28,"James Bercegay",php,webapps,0 -32122,platforms/php/webapps/32122.txt,"Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting",2008-07-28,"Fabian Fingerle",php,webapps,0 +32122,platforms/php/webapps/32122.txt,"Owl Intranet Engine 0.95 - 'register.php' Cross-site Scripting",2008-07-28,"Fabian Fingerle",php,webapps,0 32123,platforms/php/webapps/32123.txt,"miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion",2008-07-29,"Ghost Hacker",php,webapps,0 32124,platforms/windows/remote/32124.txt,"Eyeball MessengerSDK 'CoVideoWindow.ocx' 5.0.907 - ActiveX Control Remote Buffer Overflow",2008-07-29,"Edi Strosar",windows,remote,0 32125,platforms/multiple/dos/32125.txt,"Unreal Tournament 2004 - NULL Pointer Remote Denial of Service",2008-07-30,"Luigi Auriemma",multiple,dos,0 32126,platforms/php/webapps/32126.txt,"ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection",2008-05-11,Portcullis,php,webapps,0 32127,platforms/multiple/dos/32127.txt,"Unreal Tournament 3 - Denial Of Service / Memory Corruption",2008-07-30,"Luigi Auriemma",multiple,dos,0 -32128,platforms/php/webapps/32128.txt,"MJGUEST 6.8 - 'guestbook.js.php' Cross-Site Scripting",2008-07-30,DSecRG,php,webapps,0 +32128,platforms/php/webapps/32128.txt,"MJGUEST 6.8 - 'guestbook.js.php' Cross-site Scripting",2008-07-30,DSecRG,php,webapps,0 32129,platforms/windows/remote/32129.cpp,"BlazeVideo HDTV Player 3.5 - .PLF File Stack Buffer Overflow",2008-07-30,"fl0 fl0w",windows,remote,0 32130,platforms/php/webapps/32130.txt,"DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities",2008-07-30,Dr.Crash,php,webapps,0 32136,platforms/osx/dos/32136.html,"Apple Mac OS X 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 32137,platforms/multiple/remote/32137.txt,"Apache Tomcat 6.0.16 - 'RequestDispatcher' Information Disclosure",2008-08-01,"Stefano Di Paola",multiple,remote,0 -32138,platforms/multiple/remote/32138.txt,"Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 -32139,platforms/php/webapps/32139.txt,"freeForum 1.7 - 'acuparam' Parameter Cross-Site Scripting",2008-08-01,ahmadbady,php,webapps,0 +32138,platforms/multiple/remote/32138.txt,"Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 +32139,platforms/php/webapps/32139.txt,"freeForum 1.7 - 'acuparam' Parameter Cross-site Scripting",2008-08-01,ahmadbady,php,webapps,0 32140,platforms/php/webapps/32140.txt,"PHP-Nuke Book Catalog Module 1.0 - 'catid' Parameter SQL Injection",2008-08-01,"H4ckCity Security Team",php,webapps,0 -32141,platforms/php/webapps/32141.txt,"Homes 4 Sale - 'results.php' Cross-Site Scripting",2008-08-04,"Ghost Hacker",php,webapps,0 +32141,platforms/php/webapps/32141.txt,"Homes 4 Sale - 'results.php' Cross-site Scripting",2008-08-04,"Ghost Hacker",php,webapps,0 32142,platforms/php/webapps/32142.php,"Pligg 9.9.5 - 'CAPTCHA' Registration Automation Security Bypass Weakness",2008-08-02,"Micheal Brooks",php,webapps,0 32143,platforms/php/webapps/32143.txt,"Keld PHP-MySQL News Script 0.7.1 - 'login.php' SQL Injection",2008-08-04,crimsoN_Loyd9,php,webapps,0 32144,platforms/php/webapps/32144.txt,"Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter XSS",2008-08-04,sl4xUz,php,webapps,0 @@ -28993,15 +28993,15 @@ id,file,description,date,author,platform,type,port 32157,platforms/asp/webapps/32157.txt,"Kentico CMS 7.0.75 - User Information Disclosure",2014-03-10,"Charlie Campbell and Lyndon Mendoza",asp,webapps,80 32158,platforms/windows/local/32158.txt,"iCAM Workstation Control 4.8.0.0 - Authentication Bypass",2014-03-10,StealthHydra,windows,local,0 32161,platforms/hardware/webapps/32161.txt,"Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities",2014-03-10,"SEC Consult",hardware,webapps,80 -32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - (upload.php filename param) Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 +32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - (upload.php filename parameter) Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 - pdmwService.exe Arbitrary File Write",2014-03-10,Metasploit,windows,remote,30000 32164,platforms/windows/remote/32164.rb,"HP Data Protector - Backup Client Service Remote Code Execution",2014-03-10,Metasploit,windows,remote,5555 32165,platforms/linux/remote/32165.txt,"XAMPP Linux 1.6 - ming.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 32166,platforms/linux/remote/32166.txt,"XAMPP Linux 1.6 - iart.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 32167,platforms/multiple/remote/32167.txt,"8E6 Technologies R3000 - Host Header Internet Filter Security Bypass",2008-08-05,nnposter,multiple,remote,0 -32168,platforms/php/webapps/32168.txt,"Pluck 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-05,"Khashayar Fereidani",php,webapps,0 -32169,platforms/php/webapps/32169.txt,"Crafty Syntax Live Help 2.14.6 - 'livehelp_js.php' Cross-Site Scripting",2008-08-05,CoRSaNTuRK,php,webapps,0 -32170,platforms/php/webapps/32170.txt,"Softbiz Image Gallery - index.php Multiple Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 +32168,platforms/php/webapps/32168.txt,"Pluck 4.5.2 - Multiple Cross-site Scripting Vulnerabilities",2008-08-05,"Khashayar Fereidani",php,webapps,0 +32169,platforms/php/webapps/32169.txt,"Crafty Syntax Live Help 2.14.6 - 'livehelp_js.php' Cross-site Scripting",2008-08-05,CoRSaNTuRK,php,webapps,0 +32170,platforms/php/webapps/32170.txt,"Softbiz Image Gallery - 'index.php' Multiple Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 32171,platforms/php/webapps/32171.txt,"Softbiz Image Gallery - images.php Multiple Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 32172,platforms/php/webapps/32172.txt,"Softbiz Image Gallery - suggest_image.php Multiple Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 32173,platforms/php/webapps/32173.txt,"Softbiz Image Gallery - image_desc.php latest Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 @@ -29017,23 +29017,23 @@ id,file,description,date,author,platform,type,port 32183,platforms/php/webapps/32183.txt,"phpKF-Portal 1.10 - anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion",2008-08-06,KnocKout,php,webapps,0 32184,platforms/asp/webapps/32184.txt,"KAPhotoservice - order.asp page Parameter XSS",2008-08-06,by_casper41,asp,webapps,0 32185,platforms/asp/webapps/32185.txt,"KAPhotoservice - search.asp filename Parameter XSS",2008-08-06,by_casper41,asp,webapps,0 -32186,platforms/php/webapps/32186.txt,"Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 +32186,platforms/php/webapps/32186.txt,"Quate CMS 0.3.4 - Multiple Cross-site Scripting Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 32187,platforms/php/webapps/32187.txt,"com_utchat component Mambo and Joomla! Component 0.2 - Multiple Remote File Inclusion",2008-08-06,by_casper41,php,webapps,0 32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products - Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 32189,platforms/multiple/remote/32189.py,"DD-WRT - Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 -32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting",2008-08-06,Lostmon,php,webapps,0 +32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-site Scripting",2008-08-06,Lostmon,php,webapps,0 32191,platforms/php/webapps/32191.txt,"PHP-Nuke Kleinanzeigen Module - 'lid' Parameter SQL Injection",2008-08-06,Lovebug,php,webapps,0 32192,platforms/multiple/dos/32192.txt,"Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities",2008-08-06,"Luigi Auriemma",multiple,dos,0 32193,platforms/multiple/dos/32193.txt,"OpenVms 8.3 Finger Service - Stack Based Buffer Overflow",2008-08-07,"Shaun Colley",multiple,dos,0 32194,platforms/multiple/dos/32194.txt,"NoticeWare Email Server 4.6 - NG LOGIN Messages Denial Of Service",2008-08-06,Antunes,multiple,dos,0 32195,platforms/multiple/dos/32195.txt,"Qbik WinGate 6.2.2 - LIST Command Remote Denial of Service",2008-08-08,Antunes,multiple,dos,0 -32196,platforms/php/webapps/32196.txt,"RMSOFT MiniShop 1.0 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-09,Lostmon,php,webapps,0 +32196,platforms/php/webapps/32196.txt,"RMSOFT MiniShop 1.0 - 'search.php' Multiple Cross-site Scripting Vulnerabilities",2008-08-09,Lostmon,php,webapps,0 32197,platforms/windows/remote/32197.pl,"Maxthon Browser 1.x - Content-Type Buffer Overflow",2008-08-09,DATA_SNIPER,windows,remote,0 32198,platforms/php/webapps/32198.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - friends.php uid Parameter XSS",2008-08-09,Lostmon,php,webapps,0 32199,platforms/php/webapps/32199.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - seutubo.php uid Parameter XSS",2008-08-09,Lostmon,php,webapps,0 32200,platforms/php/webapps/32200.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - album.php uid Parameter XSS",2008-08-09,Lostmon,php,webapps,0 32201,platforms/php/webapps/32201.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - scrapbook.php uid Parameter XSS",2008-08-09,Lostmon,php,webapps,0 -32202,platforms/php/webapps/32202.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - index.php uid Parameter XSS",2008-08-09,Lostmon,php,webapps,0 +32202,platforms/php/webapps/32202.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'index.php' uid Parameter XSS",2008-08-09,Lostmon,php,webapps,0 32203,platforms/php/webapps/32203.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - tribes.php uid Parameter XSS",2008-08-09,Lostmon,php,webapps,0 32204,platforms/hardware/webapps/32204.txt,"ZyXEL Router P-660HN-T1A - Login Bypass",2014-03-12,"Michael Grifalconi",hardware,webapps,0 32205,platforms/windows/local/32205.txt,"Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege Escalation",2014-03-12,LiquidWorm,windows,local,0 @@ -29044,47 +29044,47 @@ id,file,description,date,author,platform,type,port 32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 - BKBCopyD.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20111 32211,platforms/php/webapps/32211.txt,"LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities",2014-03-12,"TUNISIAN CYBER",php,webapps,80 32212,platforms/asp/webapps/32212.txt,"Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection",2014-03-12,Portcullis,asp,webapps,80 -32213,platforms/php/webapps/32213.txt,"Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file param) Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 +32213,platforms/php/webapps/32213.txt,"Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file parameter) Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 32217,platforms/php/webapps/32217.txt,"Linkspider 1.08 - Multiple Remote File Inclusion",2008-08-08,"Rohit Bansal",php,webapps,0 -32218,platforms/php/webapps/32218.txt,"Domain Group Network GooCMS 1.02 - 'index.php' Cross-Site Scripting",2008-08-11,ahmadbaby,php,webapps,0 +32218,platforms/php/webapps/32218.txt,"Domain Group Network GooCMS 1.02 - 'index.php' Cross-site Scripting",2008-08-11,ahmadbaby,php,webapps,0 32219,platforms/php/webapps/32219.txt,"Kayako SupportSuite 3.x - visitor/index.php sessionid Parameter XSS",2008-08-11,"James Bercegay",php,webapps,0 -32220,platforms/php/webapps/32220.txt,"Kayako SupportSuite 3.x - index.php filter Parameter XSS",2008-08-11,"James Bercegay",php,webapps,0 +32220,platforms/php/webapps/32220.txt,"Kayako SupportSuite 3.x - 'index.php' filter Parameter XSS",2008-08-11,"James Bercegay",php,webapps,0 32221,platforms/php/webapps/32221.txt,"Kayako SupportSuite 3.x - staff/index.php customfieldlinkid Parameter SQL Injection",2008-08-11,"James Bercegay",php,webapps,0 32222,platforms/multiple/dos/32222.rb,"Ruby 1.9 - WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS",2008-08-11,"Keita Yamaguchi",multiple,dos,0 32223,platforms/multiple/remote/32223.rb,"Ruby 1.9 dl - Module DL.dlopen Arbitrary Library Access",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32224,platforms/multiple/remote/32224.rb,"Ruby 1.9 - Safe Level Multiple Function Restriction Bypass",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32225,platforms/linux/remote/32225.txt,"Vim 'mch_expand_wildcards()' - Heap Based Buffer Overflow",2005-01-29,"Brian Hirt",linux,remote,0 32226,platforms/php/webapps/32226.txt,"Datafeed Studio - 'patch.php' Remote File Inclusion",2008-08-12,"Bug Researchers Group",php,webapps,0 -32227,platforms/php/webapps/32227.txt,"Datafeed Studio 1.6.2 - 'search.php' Cross-Site Scripting",2008-08-12,"Bug Researchers Group",php,webapps,0 +32227,platforms/php/webapps/32227.txt,"Datafeed Studio 1.6.2 - 'search.php' Cross-site Scripting",2008-08-12,"Bug Researchers Group",php,webapps,0 32228,platforms/linux/remote/32228.xml,"Bugzilla 3.1.4 - '--attach_path' Directory Traversal",2008-08-12,"ilja van sprundel",linux,remote,0 32229,platforms/windows/dos/32229.txt,"hMailServer 4.4.1 - IMAP Command Remote Denial of Service",2008-08-12,Antunes,windows,dos,0 -32230,platforms/php/webapps/32230.txt,"IDevSpot PhpLinkExchange 1.01/1.02 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-12,sl4xUz,php,webapps,0 +32230,platforms/php/webapps/32230.txt,"IDevSpot PhpLinkExchange 1.01/1.02 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2008-08-12,sl4xUz,php,webapps,0 32231,platforms/php/webapps/32231.txt,"Meet#Web 0.8 - modules.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 32232,platforms/php/webapps/32232.txt,"Meet#Web 0.8 - ManagerResource.class.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 32233,platforms/php/webapps/32233.txt,"Meet#Web 0.8 - ManagerRightsResource.class.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 32234,platforms/php/webapps/32234.txt,"Meet#Web 0.8 - RegForm.class.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 32235,platforms/php/webapps/32235.txt,"Meet#Web 0.8 - RegResource.class.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 32236,platforms/php/webapps/32236.txt,"Meet#Web 0.8 - RegRightsResource.class.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 -32237,platforms/hardware/webapps/32237.txt,"Ubee EVW3200 - Multiple Persistent Cross-Site Scripting",2014-03-13,"Jeroen - IT Nerdbox",hardware,webapps,0 -32238,platforms/hardware/webapps/32238.txt,"Ubee EVW3200 - Cross-Site Request Forgery",2014-03-13,"Jeroen - IT Nerdbox",hardware,webapps,0 +32237,platforms/hardware/webapps/32237.txt,"Ubee EVW3200 - Multiple Persistent Cross-site Scripting",2014-03-13,"Jeroen - IT Nerdbox",hardware,webapps,0 +32238,platforms/hardware/webapps/32238.txt,"Ubee EVW3200 - Cross-site Request Forgery",2014-03-13,"Jeroen - IT Nerdbox",hardware,webapps,0 32286,platforms/linux/remote/32286.txt,"Fujitsu Web-Based Admin View 2.1.2 - Directory Traversal",2008-08-21,"Deniz Cevik",linux,remote,0 32239,platforms/php/webapps/32239.txt,"Trixbox - SQL Injection",2014-03-13,Sc4nX,php,webapps,0 32248,platforms/linux/dos/32248.txt,"Yelp 2.23.1 - Invalid URI Format String",2008-08-13,"Aaron Grattafiori",linux,dos,0 -32249,platforms/jsp/webapps/32249.txt,"Openfire 3.5.2 - 'login.jsp' Cross-Site Scripting",2008-08-14,"Daniel Henninger",jsp,webapps,0 +32249,platforms/jsp/webapps/32249.txt,"Openfire 3.5.2 - 'login.jsp' Cross-site Scripting",2008-08-14,"Daniel Henninger",jsp,webapps,0 32250,platforms/php/webapps/32250.py,"mUnky 0.01 - 'index.php' Remote Code Execution",2008-08-15,"Khashayar Fereidani",php,webapps,0 32251,platforms/php/webapps/32251.txt,"PHPizabi 0.848b C1 HP3 - 'id' Parameter Local File Inclusion",2008-08-15,Lostmon,php,webapps,0 32252,platforms/php/webapps/32252.txt,"Mambo Open Source 4.6.2 - administrator/popups/index3pop.php mosConfig_sitename Parameter XSS",2008-08-15,"Khashayar Fereidani",php,webapps,0 32253,platforms/php/webapps/32253.txt,"Mambo Open Source 4.6.2 - mambots/editors/mostlyce/ php/connector.php Query String XSS",2008-08-15,"Khashayar Fereidani",php,webapps,0 -32254,platforms/php/webapps/32254.txt,"FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting",2008-08-15,Dr.Crash,php,webapps,0 +32254,platforms/php/webapps/32254.txt,"FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-site Scripting",2008-08-15,Dr.Crash,php,webapps,0 32255,platforms/asp/webapps/32255.txt,"FipsCMS 2.1 - 'forum/neu.asp' SQL Injection",2008-08-15,U238,asp,webapps,0 32256,platforms/windows/dos/32256.py,"Ipswitch 8.0 - WS_FTP Client Format String",2008-08-17,securfrog,windows,dos,0 32257,platforms/php/webapps/32257.txt,"PromoProducts - 'view_product.php' Multiple SQL Injection",2008-08-15,baltazar,php,webapps,0 -32258,platforms/cgi/webapps/32258.txt,"AWStats 6.8 - 'awstats.pl' Cross-Site Scripting",2008-08-18,"Morgan Todd",cgi,webapps,0 +32258,platforms/cgi/webapps/32258.txt,"AWStats 6.8 - 'awstats.pl' Cross-site Scripting",2008-08-18,"Morgan Todd",cgi,webapps,0 32259,platforms/php/webapps/32259.txt,"Freeway 1.4.1.171 - english/account.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 32261,platforms/windows/local/32261.rb,"MicroP 0.1.1.1600 - (.mppl) Local Stack Based Buffer Overflow",2014-03-14,"Necmettin COSKUN",windows,local,0 -32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 - '$newpm[title]' Parameter Cross-Site Scripting",2008-08-20,"Core Security",php,webapps,0 -32263,platforms/php/webapps/32263.txt,"Trixbox - (endpoint_aastra.php mac param) Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 +32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 - '$newpm[title]' Parameter Cross-site Scripting",2008-08-20,"Core Security",php,webapps,0 +32263,platforms/php/webapps/32263.txt,"Trixbox - (endpoint_aastra.php mac parameter) Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - french/account_newsletters.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32265,platforms/php/webapps/32265.txt,"Freeway 1.4.1.171 - includes/modules/faqdesk/faqdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 - includes/modules/newsdesk/newsdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 @@ -29093,48 +29093,48 @@ id,file,description,date,author,platform,type,port 32269,platforms/php/webapps/32269.txt,"Freeway 1.4.1.171 - templates/Freeway/boxes/whos_online.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32270,platforms/php/webapps/32270.txt,"Freeway 1.4.1.171 - templates/Freeway/mainpage_modules/mainpage.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32271,platforms/php/webapps/32271.txt,"NewsHOWLER 1.03 - Cookie Data SQL Injection",2008-08-18,"Khashayar Fereidani",php,webapps,0 -32272,platforms/php/webapps/32272.txt,"Ovidentia 6.6.5 - 'index.php' Cross-Site Scripting",2008-08-18,"ThE dE@Th",php,webapps,0 +32272,platforms/php/webapps/32272.txt,"Ovidentia 6.6.5 - 'index.php' Cross-site Scripting",2008-08-18,"ThE dE@Th",php,webapps,0 32368,platforms/jsp/webapps/32368.txt,"McAfee Asset Manager 6.6 - Multiple Vulnerabilities",2014-03-19,"Brandon Perry",jsp,webapps,80 -32274,platforms/php/webapps/32274.txt,"Synology DSM 4.3-3827 - (article.php) Blind SQL Injection",2014-03-14,"Michael Wisniewski",php,webapps,80 -32275,platforms/php/webapps/32275.txt,"itMedia - Multiple SQL Injection",2008-08-18,baltazar,php,webapps,0 +32274,platforms/php/webapps/32274.txt,"Synology DSM 4.3-3827 - 'article.php' Blind SQL Injection",2014-03-14,"Michael Wisniewski",php,webapps,80 +32275,platforms/php/webapps/32275.txt,"itMedia - Multiple SQL Injections",2008-08-18,baltazar,php,webapps,0 32332,platforms/windows/dos/32332.txt,"Free Download Manager - Stack-based Buffer Overflow",2014-03-17,"Julien Ahrens",windows,dos,80 32278,platforms/asp/webapps/32278.txt,"K Web CMS - 'sayfala.asp' SQL Injection",2008-08-18,baltazar,asp,webapps,0 -32279,platforms/php/webapps/32279.txt,"Vanilla 1.1.4 - HTML Injection / Cross-Site Scripting",2008-08-19,"James Bercegay",php,webapps,0 +32279,platforms/php/webapps/32279.txt,"Vanilla 1.1.4 - HTML Injection / Cross-site Scripting",2008-08-19,"James Bercegay",php,webapps,0 32280,platforms/php/webapps/32280.txt,"YourFreeWorld Ad-Exchange Script - 'id' Parameter SQL Injection",2008-08-20,"Hussin X",php,webapps,0 32281,platforms/php/webapps/32281.cs,"Folder Lock 5.9.5 - Weak Password Encryption Local Information Disclosure",2008-06-19,"Charalambous Glafkos",php,webapps,0 32287,platforms/php/webapps/32287.txt,"FAR-PHP 1.0 - 'index.php' Local File Inclusion",2008-08-21,"Beenu Arora",php,webapps,0 -32288,platforms/php/webapps/32288.txt,"TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities",2008-08-21,Doz,php,webapps,0 +32288,platforms/php/webapps/32288.txt,"TimeTrex Time 2.2 and Attendance Module - Multiple Cross-site Scripting Vulnerabilities",2008-08-21,Doz,php,webapps,0 32289,platforms/linux/remote/32289.txt,"Vim 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities",2008-08-19,"Ben Schmidt",linux,remote,0 -32290,platforms/php/webapps/32290.txt,"Accellion File Transfer - Multiple Cross-Site Scripting Vulnerabilities",2008-08-22,"Eric Beaulieu",php,webapps,0 -32291,platforms/php/webapps/32291.txt,"PicturesPro Photo Cart 3.9 - Search Cross-Site Scripting",2008-08-22,"Tyler Trioxide",php,webapps,0 +32290,platforms/php/webapps/32290.txt,"Accellion File Transfer - Multiple Cross-site Scripting Vulnerabilities",2008-08-22,"Eric Beaulieu",php,webapps,0 +32291,platforms/php/webapps/32291.txt,"PicturesPro Photo Cart 3.9 - Search Cross-site Scripting",2008-08-22,"Tyler Trioxide",php,webapps,0 32292,platforms/linux/dos/32292.rb,"Ruby 1.9 - REXML Remote Denial Of Service",2008-08-23,"Luka Treiber",linux,dos,0 32293,platforms/php/webapps/32293.txt,"One-News - Multiple Input Validation Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 32294,platforms/windows/dos/32294.html,"Microsoft Windows Media Services 'nskey.dll' 4.1 - ActiveX Control Remote Buffer Overflow",2008-08-22,"Jeremy Brown",windows,dos,0 32295,platforms/php/webapps/32295.txt,"PHP-Ultimate Webboard 2.0 - 'admindel.php' Multiple Input Validation Vulnerabilities",2008-08-25,t0pP8uZz,php,webapps,0 -32296,platforms/php/webapps/32296.txt,"Bluemoon inc. PopnupBlog 3.30 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-25,Lostmon,php,webapps,0 -32297,platforms/asp/webapps/32297.txt,"Smart Survey 1.0 - 'surveyresults.asp' Cross-Site Scripting",2008-08-26,"Bug Researchers Group",asp,webapps,0 -32298,platforms/php/webapps/32298.txt,"HPSystem Management Homepage (SMH) 2.1.12 - 'message.php' Cross-Site Scripting",2008-08-26,"Luca Carettoni",php,webapps,0 -32299,platforms/php/webapps/32299.txt,"MatterDaddy Market 1.1 - 'admin/login.php' Cross-Site Scripting",2008-08-26,"Sam Georgiou",php,webapps,0 -32300,platforms/asp/webapps/32300.txt,"Educe ASP Search Engine 1.5.6 - 'search.asp' Cross-Site Scripting",2008-08-26,JoCk3r,asp,webapps,0 +32296,platforms/php/webapps/32296.txt,"Bluemoon inc. PopnupBlog 3.30 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2008-08-25,Lostmon,php,webapps,0 +32297,platforms/asp/webapps/32297.txt,"Smart Survey 1.0 - 'surveyresults.asp' Cross-site Scripting",2008-08-26,"Bug Researchers Group",asp,webapps,0 +32298,platforms/php/webapps/32298.txt,"HPSystem Management Homepage (SMH) 2.1.12 - 'message.php' Cross-site Scripting",2008-08-26,"Luca Carettoni",php,webapps,0 +32299,platforms/php/webapps/32299.txt,"MatterDaddy Market 1.1 - 'admin/login.php' Cross-site Scripting",2008-08-26,"Sam Georgiou",php,webapps,0 +32300,platforms/asp/webapps/32300.txt,"Educe ASP Search Engine 1.5.6 - 'search.asp' Cross-site Scripting",2008-08-26,JoCk3r,asp,webapps,0 32301,platforms/windows/remote/32301.py,"Kyocera Mita Scanner File Utility 3.3.0.1 - File Transfer Directory Traversal",2008-08-26,"Seth Fogie",windows,remote,0 -32302,platforms/php/webapps/32302.txt,"AbleSpace 1.0 - 'adv_cat.php' Cross-Site Scripting",2008-08-27,"Bug Researchers Group",php,webapps,0 +32302,platforms/php/webapps/32302.txt,"AbleSpace 1.0 - 'adv_cat.php' Cross-site Scripting",2008-08-27,"Bug Researchers Group",php,webapps,0 32303,platforms/linux/remote/32303.txt,"Mono 2.0 - 'System.Web' HTTP Header Injection",2008-08-20,"Juraj Skripsky",linux,remote,0 32304,platforms/linux/dos/32304.txt,"Red Hat 8/9 - Directory Server Crafted Search Pattern Denial of Service",2008-08-27,"Ulf Weltman",linux,dos,0 32305,platforms/hardware/dos/32305.txt,"Dreambox - Web Interface URI Remote Denial of Service",2008-08-29,"Marc Ruef",hardware,dos,0 -32306,platforms/php/webapps/32306.txt,"dotProject 2.1.2 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2008-08-29,C1c4Tr1Z,php,webapps,0 -32307,platforms/php/webapps/32307.txt,"vtiger CRM 5.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-01,"Fabian Fingerle",php,webapps,0 -32308,platforms/php/webapps/32308.txt,"GenPortal - 'buscarCat.php' Cross-Site Scripting",2008-09-01,sl4xUz,php,webapps,0 +32306,platforms/php/webapps/32306.txt,"dotProject 2.1.2 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2008-08-29,C1c4Tr1Z,php,webapps,0 +32307,platforms/php/webapps/32307.txt,"vtiger CRM 5.0.4 - Multiple Cross-site Scripting Vulnerabilities",2008-09-01,"Fabian Fingerle",php,webapps,0 +32308,platforms/php/webapps/32308.txt,"GenPortal - 'buscarCat.php' Cross-site Scripting",2008-09-01,sl4xUz,php,webapps,0 32309,platforms/php/webapps/32309.txt,"Full PHP Emlak Script - 'landsee.php' SQL Injection",2008-08-29,"Hussin X",php,webapps,0 32310,platforms/multiple/dos/32310.txt,"Softalk Mail Server 8.5.1 - 'APPEND' Command Remote Denial of Service",2008-09-02,Antunes,multiple,dos,0 32311,platforms/multiple/dos/32311.html,"Google Chrome 0.2.149 - Malformed 'title' Tag Remote Denial of Service",2008-09-02,Exodus,multiple,dos,0 -32312,platforms/php/webapps/32312.txt,"IDevSpot BizDirectory 2.04 - 'page' Parameter Cross-Site Scripting",2008-09-02,Am!r,php,webapps,0 +32312,platforms/php/webapps/32312.txt,"IDevSpot BizDirectory 2.04 - 'page' Parameter Cross-site Scripting",2008-09-02,Am!r,php,webapps,0 32313,platforms/php/webapps/32313.txt,"OpenDB 1.0.6 - user_admin.php user_id Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0 32314,platforms/php/webapps/32314.txt,"OpenDB 1.0.6 - listings.php title Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0 32315,platforms/php/webapps/32315.txt,"OpenDB 1.0.6 - user_profile.php redirect_url Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0 32316,platforms/php/webapps/32316.txt,"eliteCMS 1.0 - 'page' Parameter SQL Injection",2008-09-03,e.wiZz!,php,webapps,0 -32317,platforms/php/webapps/32317.txt,"@Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-Site Scripting",2008-09-03,C1c4Tr1Z,php,webapps,0 +32317,platforms/php/webapps/32317.txt,"@Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-site Scripting",2008-09-03,C1c4Tr1Z,php,webapps,0 32318,platforms/php/webapps/32318.txt,"XRms 1.99.2 - login.php target Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 -32319,platforms/php/webapps/32319.txt,"OpenSupports 2.x - Auth Bypass / CSRF",2014-03-17,"TN CYB3R",php,webapps,0 +32319,platforms/php/webapps/32319.txt,"OpenSupports 2.x - Auth Bypass / Cross-site Request Forgery",2014-03-17,"TN CYB3R",php,webapps,0 32320,platforms/php/webapps/32320.txt,"XRms 1.99.2 - activities/some.php title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32321,platforms/php/webapps/32321.txt,"XRms 1.99.2 - companies/some.php company_name Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32322,platforms/php/webapps/32322.txt,"XRms 1.99.2 - contacts/some.php last_name Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 @@ -29147,13 +29147,13 @@ id,file,description,date,author,platform,type,port 32330,platforms/php/webapps/32330.txt,"OpenSupports 2.0 - Blind SQL Injection",2014-03-17,indoushka,php,webapps,0 32331,platforms/php/webapps/32331.txt,"Joomla AJAX Shoutbox 1.6 - SQL Injection",2014-03-17,"Ibrahim Raafat",php,webapps,0 32333,platforms/ios/dos/32333.txt,"iOS 7 - Kernel Mode Memory Corruption",2014-03-17,"Andy Davis",ios,dos,0 -32334,platforms/php/webapps/32334.txt,"Celerondude Uploader 6.1 - 'account.php' Cross-Site Scripting",2008-09-03,Xc0re,php,webapps,0 +32334,platforms/php/webapps/32334.txt,"Celerondude Uploader 6.1 - 'account.php' Cross-site Scripting",2008-09-03,Xc0re,php,webapps,0 32335,platforms/multiple/dos/32335.js,"Google Chrome 0.2.149 - Malformed 'view-source' HTTP Header Remote Denial of Service",2008-09-05,"Juan Pablo Lopez Yacubian",multiple,dos,0 32336,platforms/hardware/remote/32336.txt,"D-Link DIR-100 1.12 - Security Bypass",2008-09-08,"Marc Ruef",hardware,remote,0 -32337,platforms/php/webapps/32337.txt,"Silentum LoginSys 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-06,"Maximiliano Soler",php,webapps,0 -32338,platforms/php/webapps/32338.txt,"phpAdultSite CMS - 'results_per_page' Parameter Cross-Site Scripting",2008-09-07,"David Sopas",php,webapps,0 +32337,platforms/php/webapps/32337.txt,"Silentum LoginSys 1.0 - Multiple Cross-site Scripting Vulnerabilities",2008-09-06,"Maximiliano Soler",php,webapps,0 +32338,platforms/php/webapps/32338.txt,"phpAdultSite CMS - 'results_per_page' Parameter Cross-site Scripting",2008-09-07,"David Sopas",php,webapps,0 32339,platforms/windows/remote/32339.txt,"Microsoft Organization Chart 2 - Remote Code Execution",2008-09-08,"Ivan Sanchez",windows,remote,0 -32340,platforms/php/webapps/32340.txt,"Gallery 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-08,sl4xUz,php,webapps,0 +32340,platforms/php/webapps/32340.txt,"Gallery 2.0 - Multiple Cross-site Scripting Vulnerabilities",2008-09-08,sl4xUz,php,webapps,0 32341,platforms/hardware/dos/32341.html,"Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service",2008-09-12,"Nicolas Economou",hardware,dos,0 32342,platforms/php/webapps/32342.txt,"eXtrovert software Thyme 1.3 - 'pick_users.php' SQL Injection",2008-09-08,"Omer Singer",php,webapps,0 32343,platforms/php/local/32343.php,"PHP 5.2.5 - Multiple Functions 'safe_mode_exec_dir' and 'open_basedir' Restriction Bypass Vulnerabilities",2008-09-08,Ciph3r,php,local,0 @@ -29162,23 +29162,23 @@ id,file,description,date,author,platform,type,port 32346,platforms/php/webapps/32346.txt,"E-Php B2B Trading Marketplace Script - 'listings.php' SQL Injection",2008-09-07,r45c4l,php,webapps,0 32347,platforms/php/webapps/32347.txt,"UBB.threads 7.3.1 - 'Forum[]' Array SQL Injection",2008-09-02,"James Bercegay",php,webapps,0 32348,platforms/linux/dos/32348.txt,"MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service",2008-03-28,"Kay Roepke",linux,dos,0 -32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 +32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 - mDNSResponder NULL Pointer Dereference Denial of Service",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 - 'index.php' Multiple Local File Inclusion",2008-09-10,SirGod,php,webapps,0 32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script - 'applynow.php' SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 -32353,platforms/php/webapps/32353.txt,"Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 -32354,platforms/php/webapps/32354.txt,"Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 +32353,platforms/php/webapps/32353.txt,"Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 +32354,platforms/php/webapps/32354.txt,"Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 32355,platforms/php/webapps/32355.txt,"Hot Links SQL-PHP - 'news.php' SQL Injection",2008-09-10,r45c4l,php,webapps,0 32356,platforms/windows/dos/32356.txt,"ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow",2008-09-11,"Juan Pablo Lopez Yacubian",windows,dos,0 32367,platforms/unix/remote/32367.rb,"Quantum vmPRO - Backdoor Command",2014-03-19,Metasploit,unix,remote,22 32358,platforms/windows/local/32358.pl,"MP3Info 0.8.5a - SEH Buffer Overflow Exploit",2014-03-19,"Ayman Sagy",windows,local,0 -32359,platforms/php/remote/32359.txt,"SePortal 2.5 - SQL Injection",2014-03-19,jsass,php,remote,0 +32359,platforms/php/remote/32359.txt,"SePortal 2.5 - SQL Injection (2)",2014-03-19,jsass,php,remote,0 32360,platforms/php/webapps/32360.txt,"Nooms 1.1 - smileys.php page_id Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 32361,platforms/php/webapps/32361.txt,"Nooms 1.1 - search.php q Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 32362,platforms/multiple/dos/32362.txt,"Unreal Engine 3 - Failed Memory Allocation Remote Denial of Service",2008-09-12,"Luigi Auriemma",multiple,dos,0 32363,platforms/multiple/remote/32363.txt,"Epic Games Unreal Engine 436 - Multiple Format String Vulnerabilities",2008-09-11,"Luigi Auriemma",multiple,remote,0 -32364,platforms/php/webapps/32364.txt,"Dynamic MP3 Lister 2.0.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-12,Xylitol,php,webapps,0 -32365,platforms/php/webapps/32365.txt,"Paranews 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-12,Xylitol,php,webapps,0 +32364,platforms/php/webapps/32364.txt,"Dynamic MP3 Lister 2.0.1 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2008-09-12,Xylitol,php,webapps,0 +32365,platforms/php/webapps/32365.txt,"Paranews 3.4 - Multiple Cross-site Scripting Vulnerabilities",2008-09-12,Xylitol,php,webapps,0 32366,platforms/php/webapps/32366.txt,"QuicO - 'photo.php' SQL Injection",2008-09-12,"Beenu Arora",php,webapps,0 32369,platforms/hardware/webapps/32369.txt,"Array Networks vxAG 9.2.0.34 and vAPV 8.3.2.17 - Multiple Vulnerabilities",2014-03-19,xistence,hardware,webapps,0 32370,platforms/hardware/local/32370.txt,"Quantum vmPRO 3.1.2 - Privilege Escalation",2014-03-19,xistence,hardware,local,0 @@ -29190,12 +29190,12 @@ id,file,description,date,author,platform,type,port 32382,platforms/multiple/remote/32382.txt,"Accellion File Transfer Appliance Error Report Message - Open Email Relay",2008-09-15,"Eric Beaulieu",multiple,remote,0 32383,platforms/php/webapps/32383.txt,"phpMyAdmin 3.2 - 'server_databases.php' Remote Command Execution",2008-09-15,"Norman Hippert",php,webapps,0 32384,platforms/linux/dos/32384.txt,"Linux Kernel 2.6.x - 'add_to_page_cache_lru()' Local Denial of Service",2007-07-20,"Jens Axboe",linux,dos,0 -32385,platforms/hardware/webapps/32385.txt,"Dlink DIR-600L Hardware Version AX Firmware 1.00 - CSRF",2014-03-20,"Dhruv Shah",hardware,webapps,0 +32385,platforms/hardware/webapps/32385.txt,"Dlink DIR-600L Hardware Version AX Firmware 1.00 - Cross-site Request Forgery",2014-03-20,"Dhruv Shah",hardware,webapps,0 32386,platforms/multiple/dos/32386.txt,"Unreal Engine - 'UnChan.cpp' Failed Assertion Remote Denial of Service",2008-09-16,"Luigi Auriemma",multiple,dos,0 32418,platforms/php/webapps/32418.txt,"EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection",2008-09-25,"David Sopas",php,webapps,0 32419,platforms/php/webapps/32419.pl,"Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion",2008-09-25,Pepelux,php,webapps,0 32420,platforms/windows/dos/32420.c,"Mass Downloader - Malformed Executable Denial Of Service",2008-09-25,Ciph3r,windows,dos,0 -32421,platforms/php/webapps/32421.html,"FlatPress 0.804 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 +32421,platforms/php/webapps/32421.html,"FlatPress 0.804 - Multiple Cross-site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 32422,platforms/php/webapps/32422.txt,"Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access",2008-09-25,StAkeR,php,webapps,0 32423,platforms/jsp/webapps/32423.txt,"OpenNms 1.5.x - j_acegi_security_check j_username Parameter XSS",2008-09-25,d2d,jsp,webapps,0 32424,platforms/jsp/webapps/32424.txt,"OpenNms 1.5.x - notification/list.jsp username Parameter XSS",2008-09-25,d2d,jsp,webapps,0 @@ -29204,11 +29204,11 @@ id,file,description,date,author,platform,type,port 32427,platforms/php/webapps/32427.txt,"Barcode Generator 2.0 - 'LSTable.php' Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 32428,platforms/windows/dos/32428.txt,"ZoneAlarm 8.0.20 - HTTP Proxy Remote Denial of Service",2008-09-26,quakerdoomer,windows,dos,0 32429,platforms/windows/remote/32429.html,"Novell ZENworks Desktop Management 6.5 - ActiveX Control 'CanUninstall()' Buffer Overflow",2008-09-27,Satan_HackerS,windows,remote,0 -32430,platforms/cgi/webapps/32430.txt,"WhoDomLite 1.1.3 - 'wholite.cgi' Cross-Site Scripting",2008-09-27,"Ghost Hacker",cgi,webapps,0 -32431,platforms/php/webapps/32431.txt,"Lyrics Script - 'search_results.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 -32432,platforms/php/webapps/32432.txt,"Clickbank Portal - 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 -32433,platforms/php/webapps/32433.txt,"Membership Script - Multiple Cross-Site Scripting Vulnerabilities",2008-09-27,"Ghost Hacker",php,webapps,0 -32434,platforms/php/webapps/32434.txt,"Recipe Script - 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 +32430,platforms/cgi/webapps/32430.txt,"WhoDomLite 1.1.3 - 'wholite.cgi' Cross-site Scripting",2008-09-27,"Ghost Hacker",cgi,webapps,0 +32431,platforms/php/webapps/32431.txt,"Lyrics Script - 'search_results.php' Cross-site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 +32432,platforms/php/webapps/32432.txt,"Clickbank Portal - 'search.php' Cross-site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 +32433,platforms/php/webapps/32433.txt,"Membership Script - Multiple Cross-site Scripting Vulnerabilities",2008-09-27,"Ghost Hacker",php,webapps,0 +32434,platforms/php/webapps/32434.txt,"Recipe Script - 'search.php' Cross-site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 32435,platforms/windows/dos/32435.c,"Immunity Debugger 1.85 - Stack Overflow (PoC)",2014-03-22,"Veysel HATAS",windows,dos,0 32437,platforms/php/webapps/32437.txt,"LifeSize UVC 1.2.6 - Authenticated RCE",2014-03-22,"Brandon Perry",php,webapps,0 32438,platforms/windows/remote/32438.rb,"Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012)",2014-03-22,Metasploit,windows,remote,0 @@ -29216,23 +29216,23 @@ id,file,description,date,author,platform,type,port 32440,platforms/hardware/remote/32440.rb,"Array Networks vAPV and vxAG - Private Key Privilege Escalation Code Execution",2014-03-22,Metasploit,hardware,remote,22 32441,platforms/php/webapps/32441.txt,"PHPJabbers Post Comments 3.0 - Cookie Authentication Bypass",2008-09-29,Crackers_Child,php,webapps,0 32442,platforms/windows/remote/32442.c,"Nokia PC Suite 7.0 - Remote Buffer Overflow",2008-09-29,Ciph3r,windows,remote,0 -32443,platforms/php/webapps/32443.txt,"CAcert - 'analyse.php' Cross-Site Scripting",2008-09-29,"Alexander Klink",php,webapps,0 -32444,platforms/php/webapps/32444.txt,"WordPress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 +32443,platforms/php/webapps/32443.txt,"CAcert - 'analyse.php' Cross-site Scripting",2008-09-29,"Alexander Klink",php,webapps,0 +32444,platforms/php/webapps/32444.txt,"WordPress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 32445,platforms/linux/remote/32445.txt,"MySQL 5 - Command Line Client HTML Special Characters HTML Injection",2008-09-30,"Thomas Henlich",linux,remote,0 32446,platforms/linux/local/32446.txt,"Xen 3.3 - XenStore Domain Configuration Data Unsafe Storage",2008-09-30,"Pascal Bouchareine",linux,local,0 32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar - 'v' Parameter Remote File Inclusion",2008-09-30,Lo$er,php,webapps,0 -32448,platforms/java/webapps/32448.txt,"Celoxis - Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,teuquooch1seero,java,webapps,0 -32449,platforms/php/webapps/32449.txt,"H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,C1c4Tr1Z,php,webapps,0 -32450,platforms/php/webapps/32450.txt,"WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,"Omer Singer",php,webapps,0 +32448,platforms/java/webapps/32448.txt,"Celoxis - Multiple Cross-site Scripting Vulnerabilities",2008-10-01,teuquooch1seero,java,webapps,0 +32449,platforms/php/webapps/32449.txt,"H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-site Scripting Vulnerabilities",2008-10-01,C1c4Tr1Z,php,webapps,0 +32450,platforms/php/webapps/32450.txt,"WikyBlog 1.7.1 - Multiple Cross-site Scripting Vulnerabilities",2008-10-01,"Omer Singer",php,webapps,0 32451,platforms/linux/dos/32451.txt,"Fedora 8/9 Linux Kernel - 'utrace_control' NULL Pointer Dereference Denial of Service",2008-10-02,"Michael Simms",linux,dos,0 32452,platforms/linux/dos/32452.txt,"Adobe Flash Player 9/10 - SWF Version Null Pointer Dereference Denial of Service",2008-10-02,"Matthew Dempsky",linux,dos,0 -32453,platforms/php/webapps/32453.txt,"Dreamcost HostAdmin 3.1 - 'index.php' Cross-Site Scripting",2008-10-02,Am!r,php,webapps,0 +32453,platforms/php/webapps/32453.txt,"Dreamcost HostAdmin 3.1 - 'index.php' Cross-site Scripting",2008-10-02,Am!r,php,webapps,0 32454,platforms/unix/dos/32454.xml,"libxml2 - Denial of Service",2008-10-02,"Christian Weiske",unix,dos,0 -32455,platforms/php/webapps/32455.pl,"Website Directory - 'index.php' Cross-Site Scripting",2008-10-03,"Ghost Hacker",php,webapps,0 +32455,platforms/php/webapps/32455.pl,"Website Directory - 'index.php' Cross-site Scripting",2008-10-03,"Ghost Hacker",php,webapps,0 32456,platforms/windows/remote/32456.txt,"RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Command Directory Traversal",2008-10-03,dmnt,windows,remote,0 32457,platforms/windows/remote/32457.txt,"XAMPP for Windows 1.6.8 - 'cds.php' SQL Injection",2008-10-03,"Jaykishan Nirmal",windows,remote,0 32458,platforms/multiple/remote/32458.txt,"OpenNms 1.5.x - HTTP Response Splitting",2008-10-05,"BugSec LTD",multiple,remote,0 -32459,platforms/java/webapps/32459.txt,"VeriSign Kontiki Delivery Management System 5.0 - 'action' Parameter Cross-Site Scripting",2008-10-05,"Mazin Faour",java,webapps,0 +32459,platforms/java/webapps/32459.txt,"VeriSign Kontiki Delivery Management System 5.0 - 'action' Parameter Cross-site Scripting",2008-10-05,"Mazin Faour",java,webapps,0 32460,platforms/windows/remote/32460.txt,"XAMPP for Windows 1.6.8 - 'phonebook.php' SQL Injection",2008-10-06,"Jaykishan Nirmal",windows,remote,0 32461,platforms/php/webapps/32461.txt,"AmpJuke 0.7.5 - 'index.php' SQL Injection",2008-10-03,S_DLA_S,php,webapps,0 32462,platforms/php/webapps/32462.txt,"Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass",2008-10-06,WHK,php,webapps,0 @@ -29247,7 +29247,7 @@ id,file,description,date,author,platform,type,port 32471,platforms/linux/dos/32471.txt,"KDE Konqueror 3.5.9 - JavaScript 'load' Function Denial of Service",2008-10-10,"Jeremy Brown",linux,dos,0 32472,platforms/hardware/dos/32472.txt,"Nokia Web Browser for S60 - Infinite Array Sort Denial of Service",2008-10-10,"Luca Carettoni",hardware,dos,0 32473,platforms/php/webapps/32473.txt,"com_jeux Joomla! Component - 'id' Parameter SQL Injection",2008-10-11,H!tm@N,php,webapps,0 -32474,platforms/php/webapps/32474.txt,"EEB-CMS 0.95 - 'index.php' Cross-Site Scripting",2008-10-11,d3v1l,php,webapps,0 +32474,platforms/php/webapps/32474.txt,"EEB-CMS 0.95 - 'index.php' Cross-site Scripting",2008-10-11,d3v1l,php,webapps,0 32475,platforms/multiple/remote/32475.sql,"Oracle Database Server 11.1 - 'CREATE ANY DIRECTORY' Privilege Escalation",2008-10-13,"Paul M. Wright",multiple,remote,0 32564,platforms/multiple/remote/32564.txt,"XWork 2.0.x - 'ParameterInterceptor' Class OGNL Security Bypass",2008-11-04,"Meder Kydyraliev",multiple,remote,0 32477,platforms/windows/dos/32477.py,"Windows Media Player 11.0.5721.5230 - Memory Corruption PoC",2014-03-24,"TUNISIAN CYBER",windows,dos,0 @@ -29266,7 +29266,7 @@ id,file,description,date,author,platform,type,port 32489,platforms/windows/remote/32489.txt,"Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' URI Redirection",2008-10-15,"Martin Suess",windows,remote,0 32490,platforms/php/webapps/32490.txt,"SweetCMS 1.5.2 - 'index.php' SQL Injection",2008-10-14,Dapirates,php,webapps,0 32491,platforms/windows/remote/32491.html,"Hummingbird HostExplorer 6.2/8.0 - ActiveX Control 'PlainTextPassword()' Buffer Overflow",2008-10-16,"Thomas Pollet",windows,remote,0 -32492,platforms/php/webapps/32492.txt,"Habari 0.5.1 - 'habari_username' Parameter Cross-Site Scripting",2008-10-16,faithlove,php,webapps,0 +32492,platforms/php/webapps/32492.txt,"Habari 0.5.1 - 'habari_username' Parameter Cross-site Scripting",2008-10-16,faithlove,php,webapps,0 32493,platforms/windows/remote/32493.html,"Hummingbird Deployment Wizard 10 - 'DeployRun.dll' ActiveX Control Multiple Security Vulnerabilities",2008-10-17,shinnai,windows,remote,0 32494,platforms/php/webapps/32494.txt,"FlashChat - 'connection.php' Role Filter Security Bypass",2008-10-17,eLiSiA,php,webapps,0 32495,platforms/php/webapps/32495.txt,"Jetbox CMS 2.1 - admin/cms/images.php orderby Parameter SQL Injection",2008-10-20,"Omer Singer",php,webapps,0 @@ -29276,54 +29276,54 @@ id,file,description,date,author,platform,type,port 32499,platforms/php/webapps/32499.txt,"phPhotoGallery 0.92 - 'index.php' SQL Injection",2008-10-21,KnocKout,php,webapps,0 32500,platforms/asp/webapps/32500.txt,"Bahar Download Script 2.0 - 'aspkat.asp' SQL Injection",2008-10-21,"CyberGrup Lojistik",asp,webapps,0 32501,platforms/multiple/local/32501.txt,"NXP Semiconductors MIFARE Classic Smartcard - Multiple Security Weaknesses",2008-10-21,"Flavio D. Garcia",multiple,local,0 -32502,platforms/php/webapps/32502.txt,"GetSimple CMS 3.3.1 - Persistent Cross-Site Scripting",2014-03-25,"Jeroen - IT Nerdbox",php,webapps,0 +32502,platforms/php/webapps/32502.txt,"GetSimple CMS 3.3.1 - Persistent Cross-site Scripting",2014-03-25,"Jeroen - IT Nerdbox",php,webapps,0 32503,platforms/php/webapps/32503.txt,"Cart Engine 3.0.0 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 32504,platforms/php/webapps/32504.txt,"Cart Engine 3.0.0 - (task.php) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 32505,platforms/php/webapps/32505.txt,"Cart Engine 3.0.0 - Database Backup Disclosure Exploit",2014-03-25,LiquidWorm,php,webapps,0 32506,platforms/php/webapps/32506.txt,"Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure",2014-03-25,LiquidWorm,php,webapps,0 32507,platforms/php/webapps/32507.txt,"Kemana Directory 1.5.6 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 -32508,platforms/php/webapps/32508.txt,"Kemana Directory 1.5.6 - (run param) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 +32508,platforms/php/webapps/32508.txt,"Kemana Directory 1.5.6 - (run parameter) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 32509,platforms/php/webapps/32509.txt,"Kemana Directory 1.5.6 - Database Backup Disclosure Exploit",2014-03-25,LiquidWorm,php,webapps,0 32510,platforms/php/webapps/32510.txt,"Kemana Directory 1.5.6 - (qvc_init()) Cookie Poisoning CAPTCHA Bypass Exploit",2014-03-25,LiquidWorm,php,webapps,0 32511,platforms/php/webapps/32511.txt,"qEngine CMS 6.0.0 - Multiple Vulnerabilities",2014-03-25,LiquidWorm,php,webapps,80 32513,platforms/windows/dos/32513.py,"Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 32514,platforms/windows/dos/32514.py,"Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 32515,platforms/linux/remote/32515.rb,"Katello (Red Hat Satellite) - users/update_roles Missing Authorization",2014-03-26,Metasploit,linux,remote,443 -32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - (xhr.php i param) SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 +32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - (xhr.php i parameter) SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 32517,platforms/windows/remote/32517.html,"Mozilla Firefox 3 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 32518,platforms/windows/remote/32518.html,"Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 32521,platforms/php/webapps/32521.txt,"Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusion",2008-10-23,BoZKuRTSeRDaR,php,webapps,0 32522,platforms/windows/dos/32522.py,"VirusChaser 8.0 - Stack Buffer Overflow",2014-03-26,wh1ant,windows,dos,0 32523,platforms/php/webapps/32523.txt,"UC Gateway Investment SiteEngine 5.0 - 'api.php' URI Redirection",2008-10-23,xuanmumu,php,webapps,0 32524,platforms/php/webapps/32524.txt,"UC Gateway Investment SiteEngine 5.0 - 'announcements.php' SQL Injection",2008-10-23,xuanmumu,php,webapps,0 -32525,platforms/php/webapps/32525.txt,"Jetbox CMS 2.1 - 'liste' Parameter Cross-Site Scripting",2008-10-23,"Omer Singer",php,webapps,0 -32526,platforms/php/webapps/32526.txt,"ClipShare Pro 4.0 - 'fullscreen.php' Cross-Site Scripting",2008-10-23,ShockShadow,php,webapps,0 -32527,platforms/php/webapps/32527.txt,"Adam Wright HTMLTidy 0.5 - 'html-tidy-logic.php' Cross-Site Scripting",2008-10-23,ShockShadow,php,webapps,0 -32528,platforms/php/webapps/32528.txt,"iPeGuestbook 1.7/2.0 - 'pg' Parameter Cross-Site Scripting",2008-10-24,"Ghost Hacker",php,webapps,0 +32525,platforms/php/webapps/32525.txt,"Jetbox CMS 2.1 - 'liste' Parameter Cross-site Scripting",2008-10-23,"Omer Singer",php,webapps,0 +32526,platforms/php/webapps/32526.txt,"ClipShare Pro 4.0 - 'fullscreen.php' Cross-site Scripting",2008-10-23,ShockShadow,php,webapps,0 +32527,platforms/php/webapps/32527.txt,"Adam Wright HTMLTidy 0.5 - 'html-tidy-logic.php' Cross-site Scripting",2008-10-23,ShockShadow,php,webapps,0 +32528,platforms/php/webapps/32528.txt,"iPeGuestbook 1.7/2.0 - 'pg' Parameter Cross-site Scripting",2008-10-24,"Ghost Hacker",php,webapps,0 32529,platforms/multiple/remote/32529.java,"Sun Java Web Start 1.0/1.2 - Remote Command Execution",2008-10-25,"Varun Srivastava",multiple,remote,0 32530,platforms/linux/remote/32530.txt,"Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution",2008-11-03,"Piotr Engelking",linux,remote,0 -32531,platforms/php/webapps/32531.txt,"phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting",2008-10-27,"Hadi Kiamarsi",php,webapps,0 +32531,platforms/php/webapps/32531.txt,"phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-site Scripting",2008-10-27,"Hadi Kiamarsi",php,webapps,0 32532,platforms/php/webapps/32532.txt,"bcoos 1.0.13 - 'include/common.php' Remote File Inclusion",2008-10-27,Cru3l.b0y,php,webapps,0 32533,platforms/php/webapps/32533.txt,"Tandis CMS 2.5 - 'index.php' Multiple SQL Injection",2008-10-27,G4N0K,php,webapps,0 32534,platforms/unix/dos/32534.py,"Python 2.5.2 - 'Imageop' Module Argument Validation Buffer Overflow",2008-10-27,"Chris Evans",unix,dos,0 -32535,platforms/php/webapps/32535.txt,"MyBB 1.4.2 - 'moderation.php' Cross-Site Scripting",2008-10-27,Kellanved,php,webapps,0 +32535,platforms/php/webapps/32535.txt,"MyBB 1.4.2 - 'moderation.php' Cross-site Scripting",2008-10-27,Kellanved,php,webapps,0 32536,platforms/php/webapps/32536.txt,"bcoos 1.0.13 - 'modules/banners/click.php' SQL Injection",2008-10-27,DeltahackingTEAM,php,webapps,0 32537,platforms/php/webapps/32537.txt,"All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection",2008-10-27,ExSploiters,php,webapps,0 -32538,platforms/php/webapps/32538.txt,"PHP-Nuke Nuke League Module - 'tid' Parameter Cross-Site Scripting",2008-10-28,Ehsan_Hp200,php,webapps,0 +32538,platforms/php/webapps/32538.txt,"PHP-Nuke Nuke League Module - 'tid' Parameter Cross-site Scripting",2008-10-28,Ehsan_Hp200,php,webapps,0 32539,platforms/php/webapps/32539.html,"Microsoft Internet Explorer 6.0 - '&NBSP;' Address Bar URI Spoofing",2008-10-27,"Amit Klein",php,webapps,0 32540,platforms/php/webapps/32540.pl,"H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass Vulnerabilities",2008-10-28,StAkeR,php,webapps,0 32541,platforms/php/webapps/32541.txt,"H&H Solutions WebSoccer 2.80 - 'id' SQL Injection",2008-10-28,d3v1l,php,webapps,0 32542,platforms/php/webapps/32542.txt,"Elkagroup Image Gallery 1.0 - 'view.php' SQL Injection",2008-10-28,G4N0K,php,webapps,0 -32543,platforms/php/webapps/32543.txt,"KKE Info Media Kmita Catalogue 2 - 'search.php' Cross-Site Scripting",2008-10-28,cize0f,php,webapps,0 -32544,platforms/php/webapps/32544.txt,"KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities",2008-10-29,cize0f,php,webapps,0 +32543,platforms/php/webapps/32543.txt,"KKE Info Media Kmita Catalogue 2 - 'search.php' Cross-site Scripting",2008-10-28,cize0f,php,webapps,0 +32544,platforms/php/webapps/32544.txt,"KKE Info Media Kmita Gallery - Multiple Cross-site Scripting Vulnerabilities",2008-10-29,cize0f,php,webapps,0 32545,platforms/hardware/webapps/32545.txt,"Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell",2014-03-26,"Groundworks Technologies",hardware,webapps,80 32546,platforms/php/webapps/32546.py,"IBM Tealeaf CX 8.8 - Remote OS Command Injection",2014-03-26,drone,php,webapps,0 -32547,platforms/php/webapps/32547.txt,"Extrakt Framework 0.7 - 'index.php' Cross-Site Scripting",2008-10-29,ShockShadow,php,webapps,0 -32548,platforms/linux/remote/32548.html,"Opera Web Browser 9.x - History Search and Links Panel Cross-Site Scripting",2008-10-30,"Stefano Di Paola",linux,remote,0 -32549,platforms/asp/webapps/32549.txt,"Dorsa CMS - 'Default_.aspx' Cross-Site Scripting",2008-10-29,Pouya_Server,asp,webapps,0 +32547,platforms/php/webapps/32547.txt,"Extrakt Framework 0.7 - 'index.php' Cross-site Scripting",2008-10-29,ShockShadow,php,webapps,0 +32548,platforms/linux/remote/32548.html,"Opera Web Browser 9.x - History Search and Links Panel Cross-site Scripting",2008-10-30,"Stefano Di Paola",linux,remote,0 +32549,platforms/asp/webapps/32549.txt,"Dorsa CMS - 'Default_.aspx' Cross-site Scripting",2008-10-29,Pouya_Server,asp,webapps,0 32550,platforms/windows/dos/32550.html,"Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service",2008-10-30,suN8Hclf,windows,dos,0 32551,platforms/linux/dos/32551.txt,"Dovecot 1.1.x - Invalid Message Address Parsing Denial of Service",2008-10-30,anonymous,linux,dos,0 -32552,platforms/hardware/remote/32552.txt,"SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting",2008-10-30,pagvac,hardware,remote,0 +32552,platforms/hardware/remote/32552.txt,"SonicWALL - Content Filtering Blocked Site Error Page Cross-site Scripting",2008-10-30,pagvac,hardware,remote,0 32553,platforms/php/webapps/32553.txt,"phpWebSite 0.9.3 - 'links.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32554,platforms/php/webapps/32554.txt,"SpitFire Photo Pro - 'pages.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32555,platforms/windows/remote/32555.html,"Opera Web Browser 9.62 - History Search Input Validation",2008-10-31,NeoCoderz,windows,remote,0 @@ -29335,17 +29335,17 @@ id,file,description,date,author,platform,type,port 32561,platforms/php/webapps/32561.txt,"LinEx - Password Reset",2014-03-27,"N B Sri Harsha",php,webapps,80 32562,platforms/php/webapps/32562.txt,"Joomla Kunena Component 3.0.4 - Persistent XSS",2014-03-27,Qoppa,php,webapps,80 32565,platforms/multiple/remote/32565.txt,"Struts 2.0.11 - Multiple Directory Traversal Vulnerabilities",2008-11-04,"Csaba Barta",multiple,remote,0 -32566,platforms/php/webapps/32566.txt,"firmCHANNEL Indoor & Outdoor Digital Signage 3.24 - Cross-Site Scripting",2008-11-04,"Brad Antoniewicz",php,webapps,0 -32567,platforms/php/webapps/32567.txt,"DHCart 3.84 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2008-11-04,Lostmon,php,webapps,0 +32566,platforms/php/webapps/32566.txt,"firmCHANNEL Indoor & Outdoor Digital Signage 3.24 - Cross-site Scripting",2008-11-04,"Brad Antoniewicz",php,webapps,0 +32567,platforms/php/webapps/32567.txt,"DHCart 3.84 - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2008-11-04,Lostmon,php,webapps,0 32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki - Remote Command Execution (Metasploit)",2014-03-28,"SecPod Research",windows,remote,80 32569,platforms/ios/webapps/32569.txt,"iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities",2014-03-28,Vulnerability-Lab,ios,webapps,8888 32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork - 'path' Parameter Remote File Inclusion",2008-11-06,DeltahackingTEAM,php,webapps,0 -32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 - SQL Injection / Cross-Site Scripting",2008-11-07,G4N0K,php,webapps,0 +32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 - SQL Injection / Cross-site Scripting",2008-11-07,G4N0K,php,webapps,0 32572,platforms/windows/dos/32572.txt,"Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow",2008-11-07,alex,windows,dos,0 32573,platforms/windows/dos/32573.txt,"Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service",2008-11-09,killprog.org,windows,dos,0 -32574,platforms/java/webapps/32574.txt,"MoinMoin 1.5.8/1.9 - Cross-Site Scripting / Information Disclosure",2008-11-09,"Xia Shing Zee",java,webapps,0 +32574,platforms/java/webapps/32574.txt,"MoinMoin 1.5.8/1.9 - Cross-site Scripting / Information Disclosure",2008-11-09,"Xia Shing Zee",java,webapps,0 32575,platforms/php/webapps/32575.txt,"Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass",2008-11-08,G4N0K,php,webapps,0 -32576,platforms/multiple/webapps/32576.txt,"IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting And HTML Injection Vulnerabilities",2008-11-10,"Francesco Bianchino",multiple,webapps,0 +32576,platforms/multiple/webapps/32576.txt,"IBM Tivoli Netcool Service Quality Manager - Cross-site Scripting And HTML Injection Vulnerabilities",2008-11-10,"Francesco Bianchino",multiple,webapps,0 32577,platforms/asp/webapps/32577.txt,"Dizi Portali - 'film.asp' SQL Injection",2008-11-10,"Kaan KAMIS",asp,webapps,0 32578,platforms/windows/remote/32578.py,"Yosemite Backup 8.70 - 'DtbClsLogin()' Remote Buffer Overflow",2008-11-11,"Abdul-Aziz Hariri",windows,remote,0 32579,platforms/jsp/webapps/32579.html,"Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities",2008-11-11,"Richard Brain",jsp,webapps,0 @@ -29356,31 +29356,31 @@ id,file,description,date,author,platform,type,port 32585,platforms/windows/local/32585.py,"AudioCoder 0.8.29 - Memory Corruption (SEH)",2014-03-30,sajith,windows,local,0 32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server - Username Enumeration Weakness",2008-11-14,"Bernardo Damele",windows,remote,0 32587,platforms/windows/dos/32587.txt,"VeryPDF PDFView - ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,windows,dos,0 -32588,platforms/php/webapps/32588.txt,"BoutikOne CMS - 'search_query' Parameter Cross-Site Scripting",2008-11-17,d3v1l,php,webapps,0 -32621,platforms/php/remote/32621.rb,"SePortal SQLi - Remote Code Execution",2014-03-31,Metasploit,php,remote,80 -32589,platforms/php/webapps/32589.html,"Kimson CMS - 'id' Parameter Cross-Site Scripting",2008-11-18,md.r00t,php,webapps,0 +32588,platforms/php/webapps/32588.txt,"BoutikOne CMS - 'search_query' Parameter Cross-site Scripting",2008-11-17,d3v1l,php,webapps,0 +32621,platforms/php/remote/32621.rb,"SePortal - SQLi / Remote Code Execution",2014-03-31,Metasploit,php,remote,80 +32589,platforms/php/webapps/32589.html,"Kimson CMS - 'id' Parameter Cross-site Scripting",2008-11-18,md.r00t,php,webapps,0 32590,platforms/windows/local/32590.c,"Microsoft Windows Vista - 'iphlpapi.dll' Local Kernel Buffer Overflow",2008-11-19,"Marius Wachtler",windows,local,0 32591,platforms/hardware/remote/32591.txt,"3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Security Vulnerabilities",2008-11-19,"Adrian Pastor",hardware,remote,0 32592,platforms/php/webapps/32592.txt,"Easyedit CMS - subcategory.php intSubCategoryID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32593,platforms/php/webapps/32593.txt,"Easyedit CMS - page.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32594,platforms/php/webapps/32594.txt,"Easyedit CMS - news.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 -32595,platforms/php/webapps/32595.txt,"Softbiz Classifieds Script - Cross-Site Scripting",2008-11-20,"Vahid Ezraeil",php,webapps,0 +32595,platforms/php/webapps/32595.txt,"Softbiz Classifieds Script - Cross-site Scripting",2008-11-20,"Vahid Ezraeil",php,webapps,0 32596,platforms/multiple/dos/32596.txt,"GeSHi 1.0.x - XML Parsing Remote Denial Of Service",2008-11-20,"Christian Hoffmann",multiple,dos,0 32597,platforms/php/webapps/32597.txt,"Pilot Group PG Roommate - SQL Injection",2008-11-23,ZoRLu,php,webapps,0 -32598,platforms/php/webapps/32598.txt,"COms - 'dynamic.php' Cross-Site Scripting",2008-11-24,Pouya_Server,php,webapps,0 -32599,platforms/hardware/remote/32599.txt,"Linksys WRT160N - 'apply.cgi' Cross-Site Scripting",2008-11-27,"David Gil",hardware,remote,0 -32600,platforms/php/webapps/32600.txt,"AssoCIateD 1.4.4 - 'menu' Parameter Cross-Site Scripting",2008-11-27,"CWH Underground",php,webapps,0 -32601,platforms/asp/webapps/32601.txt,"Ocean12 FAQ Manager Pro - 'Keyword' Parameter Cross-Site Scripting",2008-11-29,"Charalambous Glafkos",asp,webapps,0 +32598,platforms/php/webapps/32598.txt,"COms - 'dynamic.php' Cross-site Scripting",2008-11-24,Pouya_Server,php,webapps,0 +32599,platforms/hardware/remote/32599.txt,"Linksys WRT160N - 'apply.cgi' Cross-site Scripting",2008-11-27,"David Gil",hardware,remote,0 +32600,platforms/php/webapps/32600.txt,"AssoCIateD 1.4.4 - 'menu' Parameter Cross-site Scripting",2008-11-27,"CWH Underground",php,webapps,0 +32601,platforms/asp/webapps/32601.txt,"Ocean12 FAQ Manager Pro - 'Keyword' Parameter Cross-site Scripting",2008-11-29,"Charalambous Glafkos",asp,webapps,0 32602,platforms/asp/webapps/32602.txt,"Multiple Ocean12 Products - 'Admin_ID' Parameter SQL Injection",2008-11-29,"Charalambous Glafkos",asp,webapps,0 32603,platforms/asp/webapps/32603.txt,"Ocean12 Mailing LisManager Gold 2.04 - 'Email' Parameter SQL Injection",2008-11-29,"Charalambous Glafkos",asp,webapps,0 -32604,platforms/asp/webapps/32604.txt,"ParsBlogger - 'blog.asp' Cross-Site Scripting",2008-11-29,Pouya_Server,asp,webapps,0 -32605,platforms/php/webapps/32605.txt,"Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities",2008-11-29,Pouya_Server,php,webapps,0 -32606,platforms/php/webapps/32606.txt,"Basic CMS - 'q' Parameter Cross-Site Scripting",2008-11-29,Pouya_Server,php,webapps,0 +32604,platforms/asp/webapps/32604.txt,"ParsBlogger - 'blog.asp' Cross-site Scripting",2008-11-29,Pouya_Server,asp,webapps,0 +32605,platforms/php/webapps/32605.txt,"Venalsur Booking Centre 2.01 - Multiple Cross-site Scripting Vulnerabilities",2008-11-29,Pouya_Server,php,webapps,0 +32606,platforms/php/webapps/32606.txt,"Basic CMS - 'q' Parameter Cross-site Scripting",2008-11-29,Pouya_Server,php,webapps,0 32607,platforms/php/webapps/32607.txt,"RakhiSoftware Shopping Cart - product.php Multiple Parameter XSS",2008-11-28,"Charalambous Glafkos",php,webapps,0 32608,platforms/php/webapps/32608.txt,"RakhiSoftware Shopping Cart - PHPSESSID Cookie Manipulation Path Disclosure",2008-11-28,"Charalambous Glafkos",php,webapps,0 32609,platforms/asp/webapps/32609.txt,"Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 -32610,platforms/asp/webapps/32610.txt,"Pre Classified Listings 1.0 - 'signup.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 -32611,platforms/asp/webapps/32611.txt,"CodeToad ASP Shopping Cart Script - Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 +32610,platforms/asp/webapps/32610.txt,"Pre Classified Listings 1.0 - 'signup.asp' Cross-site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 +32611,platforms/asp/webapps/32611.txt,"CodeToad ASP Shopping Cart Script - Cross-site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 32612,platforms/php/webapps/32612.txt,"Softbiz Classifieds Script - showcategory.php radio Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 32613,platforms/php/webapps/32613.txt,"Softbiz Classifieds Script - advertisers/signinform.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 32614,platforms/php/webapps/32614.txt,"Softbiz Classifieds Script - gallery.php radio Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 @@ -29398,8 +29398,8 @@ id,file,description,date,author,platform,type,port 32627,platforms/php/webapps/32627.txt,"ASP Forum Script - new_message.asp forum_id Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 32628,platforms/asp/webapps/32628.txt,"ASP Forum Script - messages.asp forum_id Parameter XSS",2008-12-01,Pouya_Server,asp,webapps,0 32629,platforms/asp/webapps/32629.txt,"ASP Forum Script - default.asp Query String XSS",2008-12-01,Pouya_Server,asp,webapps,0 -32630,platforms/asp/webapps/32630.txt,"Pre ASP Job Board - 'emp_login.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 -32631,platforms/multiple/webapps/32631.txt,"IBM Rational ClearCase 7/8 - Cross-Site Scripting",2008-12-01,IBM,multiple,webapps,0 +32630,platforms/asp/webapps/32630.txt,"Pre ASP Job Board - 'emp_login.asp' Cross-site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 +32631,platforms/multiple/webapps/32631.txt,"IBM Rational ClearCase 7/8 - Cross-site Scripting",2008-12-01,IBM,multiple,webapps,0 32632,platforms/php/webapps/32632.php,"Fantastico - 'index.php' Local File Inclusion",2008-12-02,Super-Crystal,php,webapps,0 32633,platforms/php/webapps/32633.txt,"Z1Exchange 1.0 - showads.php id Parameter SQL Injection",2008-12-02,Pouya_Server,php,webapps,0 32634,platforms/php/webapps/32634.txt,"Z1Exchange 1.0 - showads.php id Parameter XSS",2008-12-02,Pouya_Server,php,webapps,0 @@ -29407,37 +29407,37 @@ id,file,description,date,author,platform,type,port 32636,platforms/php/webapps/32636.txt,"Orkut Clone - profile_social.php id Parameter SQL Injection",2008-12-02,d3b4g,php,webapps,0 32637,platforms/php/webapps/32637.txt,"Orkut Clone - profile_social.php id Parameter XSS",2008-12-02,d3b4g,php,webapps,0 32638,platforms/php/webapps/32638.txt,"Horde Webmail 5.1 - Open Redirect",2014-04-01,"felipe andrian",php,webapps,0 -32639,platforms/php/webapps/32639.txt,"yappa-ng - index.php album Parameter XSS",2008-12-03,Pouya_Server,php,webapps,0 +32639,platforms/php/webapps/32639.txt,"yappa-ng - 'index.php' album Parameter XSS",2008-12-03,Pouya_Server,php,webapps,0 32640,platforms/php/webapps/32640.txt,"yappa-ng - Query String XSS",2008-12-03,Pouya_Server,php,webapps,0 -32641,platforms/php/webapps/32641.txt,"RevSense 1.0 - SQL Injection / Cross-Site Scripting",2008-12-04,Pouya_Server,php,webapps,0 +32641,platforms/php/webapps/32641.txt,"RevSense 1.0 - SQL Injection / Cross-site Scripting",2008-12-04,Pouya_Server,php,webapps,0 32642,platforms/php/webapps/32642.txt,"PHPSTREET Webboard 1.0 - 'show.php' SQL Injection",2008-12-04,"CWH Underground",php,webapps,0 32643,platforms/windows/remote/32643.txt,"PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure",2014-04-01,"Jason Ostrom",windows,remote,5060 32644,platforms/php/webapps/32644.txt,"AlienVault 4.5.0 - Authenticated SQL Injection (Metasploit)",2014-04-01,"Brandon Perry",php,webapps,443 32645,platforms/php/webapps/32645.txt,"TWiki 4.x - SEARCH Variable Remote Command Execution",2008-12-06,"Troy Bollinge",php,webapps,0 -32646,platforms/php/webapps/32646.txt,"TWiki 4.x - URLPARAM Variable Cross-Site Scripting",2008-12-06,"Marc Schoenefeld",php,webapps,0 +32646,platforms/php/webapps/32646.txt,"TWiki 4.x - URLPARAM Variable Cross-site Scripting",2008-12-06,"Marc Schoenefeld",php,webapps,0 32647,platforms/php/webapps/32647.txt,"PrestaShop 1.1 - admin/login.php PATH_INFO Parameter XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32648,platforms/php/webapps/32648.txt,"PrestaShop 1.1 - order.php PATH_INFO Parameter XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 -32649,platforms/php/webapps/32649.txt,"PhPepperShop 1.4 - index.php URL XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 +32649,platforms/php/webapps/32649.txt,"PhPepperShop 1.4 - 'index.php' URL XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32650,platforms/php/webapps/32650.txt,"PhPepperShop 1.4 - shop/kontakt.php URL XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32651,platforms/php/webapps/32651.txt,"PhPepperShop 1.4 - shop/Admin/shop_kunden_mgmt.php URL XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32652,platforms/php/webapps/32652.txt,"PhPepperShop 1.4 - shop/Admin/SHOP_KONFIGURATION.php URL XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32653,platforms/asp/webapps/32653.txt,"dotnetindex Professional Download Assistant 0.1 - SQL Injection",2008-12-09,ZoRLu,asp,webapps,0 -32654,platforms/windows/remote/32654.txt,"Microsoft Internet Explorer 8 - CSS 'expression' Property Cross-Site Scripting Filter Bypass Weakness",2008-12-11,"Rafel Ivgi",windows,remote,0 +32654,platforms/windows/remote/32654.txt,"Microsoft Internet Explorer 8 - CSS 'expression' Property Cross-site Scripting Filter Bypass Weakness",2008-12-11,"Rafel Ivgi",windows,remote,0 32655,platforms/jsp/webapps/32655.txt,"Multiple Ad Server Solutions Products - 'logon_processing.jsp' SQL Injection",2008-12-11,"3d D3v!L",jsp,webapps,0 -32656,platforms/php/webapps/32656.txt,"Octeth Oempro 3.5.5 - Multiple SQL Injection",2008-12-01,"security curmudgeon",php,webapps,0 +32656,platforms/php/webapps/32656.txt,"Octeth Oempro 3.5.5 - Multiple SQL Injections",2008-12-01,"security curmudgeon",php,webapps,0 32657,platforms/windows/dos/32657.py,"Nokia N70 and N73 - Malformed OBEX Name Header Remote Denial of Service",2008-12-12,NCNIPC,windows,dos,0 32658,platforms/asp/webapps/32658.txt,"ASP-DEV XM Events Diary - 'cat' Parameter SQL Injection",2008-12-13,Pouya_Server,asp,webapps,0 32763,platforms/windows/dos/32763.html,"Microsoft Internet Explorer 7.0 - HTML Form Value Denial of Service",2009-01-28,"Juan Pablo Lopez Yacubian",windows,dos,0 32660,platforms/asp/webapps/32660.txt,"CIS Manager CMS - SQL Injection",2014-04-02,"felipe andrian",asp,webapps,0 32661,platforms/windows/remote/32661.html,"Evans FTP - 'EvansFTP.ocx' ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities",2008-12-14,Bl@ckbe@rD,windows,remote,0 -32662,platforms/php/webapps/32662.py,"WebPhotoPro - Multiple SQL Injection",2008-12-14,baltazar,php,webapps,0 +32662,platforms/php/webapps/32662.py,"WebPhotoPro - Multiple SQL Injections",2008-12-14,baltazar,php,webapps,0 32663,platforms/php/webapps/32663.txt,"Injader 2.1.1 - SQL Injection / HTML Injection",2008-12-15,anonymous,php,webapps,0 32664,platforms/ios/webapps/32664.txt,"iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities",2014-04-02,Vulnerability-Lab,ios,webapps,8080 -32665,platforms/php/webapps/32665.txt,"Kloxo 6.1.18 Stable - CSRF",2014-04-02,"Necmettin COSKUN",php,webapps,7778 -32666,platforms/php/webapps/32666.txt,"Kloxo-MR 6.5.0 - CSRF",2014-04-02,"Necmettin COSKUN",php,webapps,7778 +32665,platforms/php/webapps/32665.txt,"Kloxo 6.1.18 Stable - Cross-site Request Forgery",2014-04-02,"Necmettin COSKUN",php,webapps,7778 +32666,platforms/php/webapps/32666.txt,"Kloxo-MR 6.5.0 - Cross-site Request Forgery",2014-04-02,"Necmettin COSKUN",php,webapps,7778 32667,platforms/hardware/webapps/32667.pdf,"NetPilot/Soho Blue Router 6.1.15 - Privilege Escalation",2014-04-02,"Richard Davy",hardware,webapps,80 32668,platforms/php/webapps/32668.txt,"CMS Made Simple 1.11.10 - Multiple XSS Vulnerabilities",2014-04-03,"Blessen Thomas",php,webapps,0 -32669,platforms/php/webapps/32669.txt,"phpcksec 0.2 - 'phpcksec.php' Cross-Site Scripting",2008-12-17,ahmadbady,php,webapps,0 +32669,platforms/php/webapps/32669.txt,"phpcksec 0.2 - 'phpcksec.php' Cross-site Scripting",2008-12-17,ahmadbady,php,webapps,0 32670,platforms/php/webapps/32670.txt,"Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects",2014-04-03,"Giuseppe D'Amore",php,webapps,0 32671,platforms/php/webapps/32671.txt,"DO-CMS 3.0 - 'p' Parameter Multiple SQL Injection",2008-12-18,"crash over",php,webapps,0 32672,platforms/php/webapps/32672.txt,"EasySiteNetwork Jokes Complete Website - 'joke.php' SQL Injection",2008-12-18,Ehsan_Hp200,php,webapps,0 @@ -29445,9 +29445,9 @@ id,file,description,date,author,platform,type,port 32674,platforms/multiple/remote/32674.cpp,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (2)",2008-12-05,"Jack Lloyd",multiple,remote,0 32675,platforms/linux/dos/32675.py,"QEMU 0.9 / KVM 36/79 - VNC Server Remote Denial of Service",2008-12-22,"Alfredo Ortega",linux,dos,0 32676,platforms/php/webapps/32676.txt,"PECL Alternative PHP Cache Local 3 - HTML Injection",2008-12-19,"Moritz Naumann",php,webapps,0 -32677,platforms/jsp/webapps/32677.txt,"Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 -32678,platforms/jsp/webapps/32678.txt,"Openfire 3.6.2 - 'user-properties.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 -32679,platforms/jsp/webapps/32679.txt,"Openfire 3.6.2 - 'log.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 +32677,platforms/jsp/webapps/32677.txt,"Openfire 3.6.2 - 'group-summary.jsp' Cross-site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 +32678,platforms/jsp/webapps/32678.txt,"Openfire 3.6.2 - 'user-properties.jsp' Cross-site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 +32679,platforms/jsp/webapps/32679.txt,"Openfire 3.6.2 - 'log.jsp' Cross-site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 32680,platforms/jsp/webapps/32680.txt,"Openfire 3.6.2 - 'log.jsp' Directory Traversal",2009-01-08,"Federico Muttis",jsp,webapps,0 32681,platforms/hardware/remote/32681.txt,"COMTREND CT-536 and HG-536 Routers - Multiple Remote Vulnerabilities",2008-12-22,"Daniel Fernandez Bleda",hardware,remote,0 32682,platforms/linux/dos/32682.c,"Linux Kernel 2.6.x - 'qdisc_run()' Local Denial of Service",2008-12-23,"Herbert Xu",linux,dos,0 @@ -29464,12 +29464,12 @@ id,file,description,date,author,platform,type,port 32693,platforms/php/local/32693.php,"suPHP 0.7 - 'suPHP_ConfigPath' Safe Mode Restriction-Bypass",2008-12-31,Mr.SaFa7,php,local,0 32694,platforms/osx/dos/32694.pl,"Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (1)",2009-01-01,"Jeremy Brown",osx,dos,0 32695,platforms/osx/dos/32695.php,"Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (2)",2009-01-01,Pr0T3cT10n,osx,dos,0 -32696,platforms/linux/dos/32696.txt,"KDE Konqueror 4.1 - Multiple Cross-Site Scripting / Denial of Service Vulnerabilities",2009-01-02,athos,linux,dos,0 +32696,platforms/linux/dos/32696.txt,"KDE Konqueror 4.1 - Multiple Cross-site Scripting / Denial of Service Vulnerabilities",2009-01-02,athos,linux,dos,0 32697,platforms/linux/dos/32697.pl,"aMSN - (.ctt) Remote Denial of Service",2009-01-03,Hakxer,linux,dos,0 32698,platforms/php/webapps/32698.txt,"SolucionXpressPro - 'main.php' SQL Injection",2009-01-05,Ehsan_Hp200,php,webapps,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure",2009-01-05,"Aditya K Sood",windows,remote,0 32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,Metasploit,linux,local,0 -32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - CSRF",2014-04-04,"High-Tech Bridge SA",php,webapps,80 +32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - Cross-site Request Forgery",2014-04-04,"High-Tech Bridge SA",php,webapps,80 32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2(build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent",2014-04-05,Vulnerability-Lab,ios,webapps,0 32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS)",2014-04-05,LiquidWorm,windows,dos,0 @@ -29481,12 +29481,12 @@ id,file,description,date,author,platform,type,port 32711,platforms/windows/remote/32711.txt,"Multiple CA Service Management Products - Unspecified Remote Command Execution",2009-01-07,"Michel Arboi",windows,remote,0 32712,platforms/multiple/dos/32712.txt,"IBM WebSphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service",2009-01-08,Erik,multiple,dos,0 32713,platforms/php/webapps/32713.txt,"tadbook2 Module for XOOPS - 'open_book.php' SQL Injection",2009-01-07,stylextra,php,webapps,0 -32714,platforms/php/webapps/32714.txt,"Visuplay CMS - Multiple SQL Injection",2009-01-12,"Joseph Giron",php,webapps,0 +32714,platforms/php/webapps/32714.txt,"Visuplay CMS - Multiple SQL Injections",2009-01-12,"Joseph Giron",php,webapps,0 32715,platforms/php/dos/32715.php,"PHP 5.2.8 - 'popen()' Function Buffer Overflow",2009-01-12,e.wiZz!,php,dos,0 32716,platforms/asp/webapps/32716.html,"Comersus Cart 6 - User Email and User Password Unauthorized Access",2009-01-12,ajann,asp,webapps,0 -32718,platforms/php/webapps/32718.txt,"Ovidentia 6.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-01-12,"Ivan Sanchez",php,webapps,0 +32718,platforms/php/webapps/32718.txt,"Ovidentia 6.7.5 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2009-01-12,"Ivan Sanchez",php,webapps,0 32721,platforms/php/webapps/32721.txt,"XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities",2014-04-07,hackerDesk,php,webapps,0 -32723,platforms/hardware/remote/32723.txt,"Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-01-14,"Adrian Pastor",hardware,remote,0 +32723,platforms/hardware/remote/32723.txt,"Cisco IOS 12.x - HTTP Server Multiple Cross-site Scripting Vulnerabilities",2009-01-14,"Adrian Pastor",hardware,remote,0 32724,platforms/php/webapps/32724.txt,"Dark Age CMS 2.0 - 'login.php' SQL Injection",2009-01-14,darkjoker,php,webapps,0 32725,platforms/windows/remote/32725.rb,"JIRA Issues Collector - Directory Traversal",2014-04-07,Metasploit,windows,remote,8080 32726,platforms/linux/dos/32726.txt,"Ganglia gmetad 3.0.6 - 'process_path()' Remote Stack Buffer Overflow",2009-01-15,"Spike Spiegel",linux,dos,0 @@ -29497,7 +29497,7 @@ id,file,description,date,author,platform,type,port 32731,platforms/asp/webapps/32731.txt,"Active Bids - search.asp search Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 32732,platforms/php/webapps/32732.txt,"Masir Camp 3.0 - 'SearchKeywords' Parameter SQL Injection",2009-01-15,Pouya_Server,php,webapps,0 32733,platforms/php/webapps/32733.txt,"w3bcms - 'admin/index.php' SQL Injection",2009-01-15,Pouya_Server,php,webapps,0 -32734,platforms/cgi/webapps/32734.txt,"LemonLDAP:NG 0.9.3.1 - User Enumeration Weakness and Cross-Site Scripting",2009-01-16,"clément Oudot",cgi,webapps,0 +32734,platforms/cgi/webapps/32734.txt,"LemonLDAP:NG 0.9.3.1 - User Enumeration Weakness and Cross-site Scripting",2009-01-16,"clément Oudot",cgi,webapps,0 32735,platforms/asp/webapps/32735.txt,"Blog Manager - inc_webblogmanager.asp ItemID Parameter SQL Injection",2009-01-16,Pouya_Server,asp,webapps,0 32736,platforms/asp/webapps/32736.txt,"Blog Manager - inc_webblogmanager.asp CategoryID Parameter XSS",2009-01-16,Pouya_Server,asp,webapps,0 32737,platforms/windows/local/32737.pl,"BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP",2014-04-08,"Deepak Rathore",windows,local,0 @@ -29507,11 +29507,11 @@ id,file,description,date,author,platform,type,port 32742,platforms/jsp/webapps/32742.txt,"Apache Jackrabbit 1.4/1.5 Content Repository (JCR) - swr.jsp q Parameter XSS",2009-01-20,"Red Hat",jsp,webapps,0 32743,platforms/hardware/remote/32743.txt,"Halon Security Router (SR) 3.2-winter-r1 - Multiple Security Vulnerabilities",2014-04-08,"Juan Manuel Garcia",hardware,remote,0 32745,platforms/multiple/remote/32745.py,"OpenSSL TLS Heartbeat Extension - Memory Disclosure",2014-04-08,"Jared Stafford",multiple,remote,443 -32746,platforms/cgi/webapps/32746.txt,"MoinMoin 1.8 - 'AttachFile.py' Cross-Site Scripting",2009-01-20,SecureState,cgi,webapps,0 +32746,platforms/cgi/webapps/32746.txt,"MoinMoin 1.8 - 'AttachFile.py' Cross-site Scripting",2009-01-20,SecureState,cgi,webapps,0 32747,platforms/php/webapps/32747.txt,"PHP-Nuke Downloads Module - 'url' Parameter SQL Injection",2009-01-23,"Sina Yazdanmehr",php,webapps,0 -32748,platforms/asp/webapps/32748.txt,"BBSXP 5.13 - 'error.asp' Cross-Site Scripting",2009-01-23,arashps0,asp,webapps,0 +32748,platforms/asp/webapps/32748.txt,"BBSXP 5.13 - 'error.asp' Cross-site Scripting",2009-01-23,arashps0,asp,webapps,0 32749,platforms/linux/dos/32749.txt,"Pidgin 2.4.2 - 'msn_slplink_process_msg()' Denial of Service",2009-01-26,"Juan Pablo Lopez Yacubian",linux,dos,0 -32750,platforms/asp/webapps/32750.txt,"OBLOG - 'err.asp' Cross-Site Scripting",2009-01-23,arash.setayeshi,asp,webapps,0 +32750,platforms/asp/webapps/32750.txt,"OBLOG - 'err.asp' Cross-site Scripting",2009-01-23,arash.setayeshi,asp,webapps,0 32751,platforms/linux/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",linux,local,0 32752,platforms/windows/local/32752.rb,"WinRAR - Filename Spoofing",2014-04-08,Metasploit,windows,local,0 32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm - Unauthenticated Command Injection",2014-04-08,Metasploit,hardware,remote,0 @@ -29530,13 +29530,13 @@ id,file,description,date,author,platform,type,port 32767,platforms/php/webapps/32767.txt,"QuickCMS 5.4 - Multiple Vulnerabilities",2014-04-09,"Shpend Kurtishaj",php,webapps,0 32768,platforms/cgi/webapps/32768.pl,"PerlSoft Gästebuch 1.7b - 'admincenter.cgi' Remote Command Execution",2009-01-29,Perforin,cgi,webapps,0 32769,platforms/php/dos/32769.php,"PHP 5.2.5 - 'mbstring.func_overload' Webserver Denial Of Service",2009-01-30,strategma,php,dos,0 -32770,platforms/php/webapps/32770.txt,"E-Php B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities",2009-01-30,SaiedHacker,php,webapps,0 +32770,platforms/php/webapps/32770.txt,"E-Php B2B Trading Marketplace Script - Multiple Cross-site Scripting Vulnerabilities",2009-01-30,SaiedHacker,php,webapps,0 32771,platforms/windows/local/32771.txt,"Multiple Kaspersky Products 'klim5.sys' - Local Privilege Escalation",2009-02-02,"Ruben Santamarta ",windows,local,0 -32772,platforms/windows/dos/32772.py,"Nokia Multimedia Player 1.1 - (.m3u) Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 +32772,platforms/windows/dos/32772.py,"Nokia Multimedia Player 1.1 - '.m3u' Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 32773,platforms/php/webapps/32773.txt,"Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection",2009-02-03,Xianur0,php,webapps,0 32774,platforms/multiple/dos/32774.txt,"QIP 2005 - Malformed Rich Text Message Remote Denial of Service",2009-02-04,ShineShadow,multiple,dos,0 32775,platforms/linux/dos/32775.txt,"Linux Kernel 2.6.x - 'make_indexed_dir()' Local Denial of Service",2009-02-16,"Sami Liedes",linux,dos,0 -32776,platforms/hardware/remote/32776.txt,"Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities",2009-02-04,Zloss,hardware,remote,0 +32776,platforms/hardware/remote/32776.txt,"Cisco IOS 12.4(23) HTTP Server - Multiple Cross-site Scripting Vulnerabilities",2009-02-04,Zloss,hardware,remote,0 32777,platforms/php/webapps/32777.html,"MetaBBS 0.11 - Administration Settings Authentication Bypass",2009-02-04,make0day,php,webapps,0 32778,platforms/windows/local/32778.pl,"Password Door 8.4 - Local Buffer Overflow",2009-02-05,b3hz4d,windows,local,0 32779,platforms/php/webapps/32779.txt,"Ilch CMS 1.1 - 'HTTP_X_FORWARDED_FOR' SQL Injection",2009-02-06,Gizmore,php,webapps,0 @@ -29549,18 +29549,18 @@ id,file,description,date,author,platform,type,port 33129,platforms/hardware/webapps/33129.html,"Beetel 450TC2 Router - Admin Password CSRF",2014-04-30,"shyamkumar somana",hardware,webapps,80 33198,platforms/php/webapps/33198.txt,"68 Classifieds 4.1 - login.php goto Parameter XSS",2009-07-27,Moudi,php,webapps,0 32789,platforms/unix/remote/32789.rb,"Sophos Web Protection Appliance Interface - Authenticated Arbitrary Command Execution",2014-04-10,Metasploit,unix,remote,443 -32790,platforms/php/webapps/32790.txt,"XCloner Standalone 3.5 - CSRF",2014-04-10,"High-Tech Bridge SA",php,webapps,80 +32790,platforms/php/webapps/32790.txt,"XCloner Standalone 3.5 - Cross-site Request Forgery",2014-04-10,"High-Tech Bridge SA",php,webapps,80 32791,platforms/multiple/remote/32791.c,"Heartbleed OpenSSL - Information Leak Exploit (1)",2014-04-10,prdelka,multiple,remote,443 32792,platforms/php/webapps/32792.txt,"Orbit Open Ad Server 1.1.0 - SQL Injection",2014-04-10,"High-Tech Bridge SA",php,webapps,80 32793,platforms/windows/local/32793.rb,"Microsoft Word - RTF Object Confusion (MS14-017)",2014-04-10,Metasploit,windows,local,0 32794,platforms/php/remote/32794.rb,"Vtiger - Install Unauthenticated Remote Command Execution",2014-04-10,Metasploit,php,remote,80 -32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server - Multiple Cross-Site Scripting Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0 +32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server - Multiple Cross-site Scripting Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0 32796,platforms/linux/remote/32796.txt,"Swann DVR4 SecuraNet - Directory Traversal",2009-02-10,"Terry Froy",linux,remote,0 32797,platforms/asp/webapps/32797.txt,"Banking@Home 2.1 - 'Login.asp' Multiple SQL Injection",2009-02-10,"Francesco Bianchino",asp,webapps,0 32798,platforms/multiple/remote/32798.pl,"ProFTPD 1.3 - 'mod_sql' Username SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 32800,platforms/linux/dos/32800.txt,"Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities",2009-02-12,Romario,linux,dos,0 -32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 +32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Parameter Cross-site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 32802,platforms/php/webapps/32802.txt,"ClipBucket 1.7 - 'dwnld.php' Directory Traversal",2009-02-16,JIKO,php,webapps,0 32803,platforms/php/webapps/32803.txt,"A4Desk Event Calendar - 'eventid' Parameter SQL Injection",2008-10-01,r45c4l,php,webapps,0 32804,platforms/php/webapps/32804.txt,"lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Parameter Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 @@ -29575,10 +29575,10 @@ id,file,description,date,author,platform,type,port 32815,platforms/linux/dos/32815.c,"Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness",2009-02-25,"Chris Evans",linux,dos,0 32816,platforms/php/webapps/32816.txt,"Orooj CMS - 'news.php' SQL Injection",2009-02-25,Cru3l.b0y,php,webapps,0 32817,platforms/osx/dos/32817.txt,"Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial Of Service",2009-02-25,Trancer,osx,dos,0 -32818,platforms/java/webapps/32818.txt,"JOnAS 4.10.3 - 'select' Parameter Error Page Cross-Site Scripting",2009-02-25,"Digital Security Research Group",java,webapps,0 +32818,platforms/java/webapps/32818.txt,"JOnAS 4.10.3 - 'select' Parameter Error Page Cross-site Scripting",2009-02-25,"Digital Security Research Group",java,webapps,0 32819,platforms/php/webapps/32819.txt,"Parsi PHP CMS 2.0 - 'index.php' SQL Injection",2009-02-26,Cru3l.b0y,php,webapps,0 32820,platforms/linux/local/32820.txt,"OpenSC 0.11.x - PKCS#11 Implementation Unauthorized Access",2009-02-26,"Andreas Jellinghaus",linux,local,0 -32821,platforms/java/webapps/32821.html,"APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting",2009-02-26,"Digital Security Research Group",java,webapps,0 +32821,platforms/java/webapps/32821.html,"APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-site Scripting",2009-02-26,"Digital Security Research Group",java,webapps,0 32904,platforms/windows/remote/32904.rb,"Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012)",2014-04-16,Metasploit,windows,remote,0 32823,platforms/php/webapps/32823.txt,"Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities",2009-02-27,Corwin,php,webapps,0 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 @@ -29586,21 +29586,21 @@ id,file,description,date,author,platform,type,port 32826,platforms/windows/remote/32826.html,"iDefense COMRaider - ActiveX Control 'write()' Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 32813,platforms/osx/local/32813.c,"Apple Mac OS X Lion Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit",2014-04-11,"Kenzley Alphonse",osx,local,0 32827,platforms/php/webapps/32827.txt,"Afian - 'includer.php' Directory Traversal",2009-03-02,vnbrain.net,php,webapps,0 -32828,platforms/php/webapps/32828.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-03-02,Isfahan,php,webapps,0 +32828,platforms/php/webapps/32828.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-site Scripting Vulnerabilities",2009-03-02,Isfahan,php,webapps,0 32829,platforms/linux/local/32829.c,"Linux Kernel 2.6.x - 'seccomp' System Call Security Bypass",2009-03-02,"Chris Evans",linux,local,0 32830,platforms/php/webapps/32830.txt,"CubeCart 5.2.8 - Session Fixation",2014-04-13,absane,php,webapps,0 -32831,platforms/php/webapps/32831.txt,"Microweber CMS 0.93 - CSRF",2014-04-13,sajith,php,webapps,0 +32831,platforms/php/webapps/32831.txt,"Microweber CMS 0.93 - Cross-site Request Forgery",2014-04-13,sajith,php,webapps,0 32832,platforms/windows/remote/32832.c,"NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow",2009-03-02,"AbdulAziz Hariri",windows,remote,0 -32833,platforms/asp/webapps/32833.txt,"Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting",2009-03-02,DJR,asp,webapps,0 +32833,platforms/asp/webapps/32833.txt,"Blogsa 1.0 - 'Widgets.aspx' Cross-site Scripting",2009-03-02,DJR,asp,webapps,0 32834,platforms/linux/remote/32834.txt,"cURL/libcURL 7.19.3 - HTTP 'Location:' Redirect Security Bypass",2009-03-03,"David Kierznowski",linux,remote,0 -32835,platforms/php/webapps/32835.txt,"NovaBoard 1.0 - HTML Injection / Cross-Site Scripting",2009-03-03,"Jose Luis Zayas",php,webapps,0 +32835,platforms/php/webapps/32835.txt,"NovaBoard 1.0 - HTML Injection / Cross-site Scripting",2009-03-03,"Jose Luis Zayas",php,webapps,0 32836,platforms/multiple/dos/32836.html,"Mozilla Firefox 2.0.x - Nested 'window.print()' Denial of Service",2009-03-03,b3hz4d,multiple,dos,0 32837,platforms/linux/remote/32837.py,"Wesnoth 1.x - PythonAI Remote Code Execution",2009-02-25,Wesnoth,linux,remote,0 32838,platforms/linux/dos/32838.txt,"MySQL 6.0.9 - XPath Expression Remote Denial Of Service",2009-02-14,"Shane Bester",linux,dos,0 -32839,platforms/multiple/remote/32839.txt,"IBM WebSphere Application Server 6.1/7.0 - Administrative Console Cross-Site Scripting",2009-02-26,IBM,multiple,remote,0 +32839,platforms/multiple/remote/32839.txt,"IBM WebSphere Application Server 6.1/7.0 - Administrative Console Cross-site Scripting",2009-02-26,IBM,multiple,remote,0 32840,platforms/php/webapps/32840.txt,"Amoot Web Directory - Password Field SQL Injection",2009-03-05,Pouya_Server,php,webapps,0 32841,platforms/php/webapps/32841.txt,"CMSCart 1.04 - 'maindatafunctions.php' SQL Injection",2009-02-28,"John Martinelli",php,webapps,0 -32842,platforms/php/webapps/32842.txt,"UMI CMS 2.7 - 'fields_filter' Parameter Cross-Site Scripting",2009-03-06,"Dmitriy Evteev",php,webapps,0 +32842,platforms/php/webapps/32842.txt,"UMI CMS 2.7 - 'fields_filter' Parameter Cross-site Scripting",2009-03-06,"Dmitriy Evteev",php,webapps,0 32843,platforms/php/webapps/32843.txt,"TinX CMS 3.5 - 'rss.php' SQL Injection",2009-03-06,"Dmitriy Evteev",php,webapps,0 32844,platforms/php/webapps/32844.txt,"PHORTAIL 1.2.1 - 'poster.php' Multiple HTML Injection Vulnerabilities",2009-03-09,"Jonathan Salwan",php,webapps,0 32845,platforms/windows/local/32845.pl,"IBM Director 5.20 - CIM Server Privilege Escalation",2009-03-10,"Bernhard Mueller",windows,local,0 @@ -29610,19 +29610,19 @@ id,file,description,date,author,platform,type,port 32849,platforms/linux/dos/32849.txt,"PostgreSQL 8.3.6 - Conversion Encoding Remote Denial of Service",2009-03-11,"Afonin Denis",linux,dos,0 32850,platforms/windows/local/32850.txt,"Multiple SlySoft Products - Driver IOCTL Request Multiple Local Buffer Overflow Vulnerabilities",2009-03-12,"Nikita Tarakanov",windows,local,0 32851,platforms/windows/remote/32851.html,"Microsoft Internet Explorer 10 - CMarkup Use-After-Free (MS14-012)",2014-04-14,"Jean-Jamil Khalife",windows,remote,0 -32852,platforms/php/webapps/32852.txt,"TikiWiki 2.2/3.0 - 'tiki-galleries.php' Cross-Site Scripting",2009-03-12,iliz,php,webapps,0 -32853,platforms/php/webapps/32853.txt,"TikiWiki 2.2/3.0 - 'tiki-list_file_gallery.php' Cross-Site Scripting",2009-03-12,iliz,php,webapps,0 -32854,platforms/php/webapps/32854.txt,"TikiWiki 2.2/3.0 - 'tiki-listpages.php' Cross-Site Scripting",2009-03-12,iliz,php,webapps,0 +32852,platforms/php/webapps/32852.txt,"TikiWiki 2.2/3.0 - 'tiki-galleries.php' Cross-site Scripting",2009-03-12,iliz,php,webapps,0 +32853,platforms/php/webapps/32853.txt,"TikiWiki 2.2/3.0 - 'tiki-list_file_gallery.php' Cross-site Scripting",2009-03-12,iliz,php,webapps,0 +32854,platforms/php/webapps/32854.txt,"TikiWiki 2.2/3.0 - 'tiki-listpages.php' Cross-site Scripting",2009-03-12,iliz,php,webapps,0 32887,platforms/php/webapps/32887.txt,"osCommerce 2.2/3.0 - 'oscid' Session Fixation",2009-04-02,laurent.desaulniers,php,webapps,0 32856,platforms/linux/dos/32856.txt,"MPlayer - Malformed AAC File Handling DoS",2008-10-07,"Hanno Bock",linux,dos,0 32857,platforms/linux/dos/32857.txt,"MPlayer - Malformed OGM File Handling DoS",2008-10-07,"Hanno Bock",linux,dos,0 -32858,platforms/java/webapps/32858.txt,"Sun Java System Messenger Express 6.3-0.15 - 'error' Parameter Cross-Site Scripting",2009-03-17,syniack,java,webapps,0 +32858,platforms/java/webapps/32858.txt,"Sun Java System Messenger Express 6.3-0.15 - 'error' Parameter Cross-site Scripting",2009-03-17,syniack,java,webapps,0 32859,platforms/hardware/webapps/32859.txt,"Sagem Fast 3304-V2 - Authentication Bypass",2014-04-14,"Yassin Aboukir",hardware,webapps,0 32860,platforms/java/dos/32860.txt,"Sun Java System Calendar Server 6.3 - Duplicate URI Request Denial of Service",2009-03-31,"SCS team",java,dos,0 32861,platforms/php/webapps/32861.txt,"WordPress Theme LineNity 1.20 - Local File Inclusion",2014-04-14,"felipe andrian",php,webapps,0 -32862,platforms/java/webapps/32862.txt,"Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting",2009-03-31,"SCS team",java,webapps,0 -32863,platforms/java/webapps/32863.txt,"Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 -32864,platforms/java/webapps/32864.txt,"Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 +32862,platforms/java/webapps/32862.txt,"Sun Java System Calendar Server 6 - 'command.shtml' Cross-site Scripting",2009-03-31,"SCS team",java,webapps,0 +32863,platforms/java/webapps/32863.txt,"Sun Java System Communications Express 6.3 - 'search.xml' Cross-site Scripting",2009-05-20,"SCS team",java,webapps,0 +32864,platforms/java/webapps/32864.txt,"Sun Java System Communications Express 6.3 - 'UWCMain' Cross-site Scripting",2009-05-20,"SCS team",java,webapps,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Include Web",2014-04-14,Vulnerability-Lab,ios,webapps,0 32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 @@ -29632,28 +29632,28 @@ id,file,description,date,author,platform,type,port 32871,platforms/php/webapps/32871.txt,"ExpressionEngine 1.6 - Avtaar Name HTML Injection",2009-03-22,"Adam Baldwin",php,webapps,0 32872,platforms/php/webapps/32872.txt,"PHPizabi 0.8 - 'notepad_body' Parameter SQL Injection",2009-03-24,Nine:Situations:Group::bookoo,php,webapps,0 32873,platforms/php/webapps/32873.txt,"PHPCMS2008 - 'ask/search_ajax.php' SQL Injection",2009-03-17,anonymous,php,webapps,0 -32874,platforms/asp/webapps/32874.txt,"BlogEngine.NET 1.4 - 'search.aspx' Cross-Site Scripting",2009-04-01,sk,asp,webapps,0 +32874,platforms/asp/webapps/32874.txt,"BlogEngine.NET 1.4 - 'search.aspx' Cross-site Scripting",2009-04-01,sk,asp,webapps,0 32875,platforms/php/webapps/32875.txt,"Comparison Engine Power 1.0 - 'product.comparision.php' SQL Injection",2009-03-25,SirGod,php,webapps,0 32876,platforms/novell/remote/32876.txt,"Novell NetStorage 2.0.1/3.1.5 - Multiple Remote Vulnerabilities",2009-03-26,"Bugs NotHugs",novell,remote,0 32877,platforms/multiple/remote/32877.txt,"Xlight FTP Server 3.2 - 'user' SQL Injection",2009-03-19,fla,multiple,remote,0 -32878,platforms/hardware/remote/32878.txt,"Cisco ASA Appliance 7.x/8.0 WebVPN - Cross-Site Scripting",2009-03-31,"Bugs NotHugs",hardware,remote,0 -32879,platforms/windows/remote/32879.html,"SAP MaxDB 7.4/7.6 - 'webdbm' Multiple Cross-Site Scripting Vulnerabilities",2009-03-31,"Digital Security Research Group",windows,remote,0 -32880,platforms/php/webapps/32880.txt,"Turnkey eBook Store 1.1 - 'keywords' Parameter Cross-Site Scripting",2009-03-31,TEAMELITE,php,webapps,0 +32878,platforms/hardware/remote/32878.txt,"Cisco ASA Appliance 7.x/8.0 WebVPN - Cross-site Scripting",2009-03-31,"Bugs NotHugs",hardware,remote,0 +32879,platforms/windows/remote/32879.html,"SAP MaxDB 7.4/7.6 - 'webdbm' Multiple Cross-site Scripting Vulnerabilities",2009-03-31,"Digital Security Research Group",windows,remote,0 +32880,platforms/php/webapps/32880.txt,"Turnkey eBook Store 1.1 - 'keywords' Parameter Cross-site Scripting",2009-03-31,TEAMELITE,php,webapps,0 32881,platforms/windows/dos/32881.py,"QtWeb Browser 2.0 - Malformed HTML File Remote Denial of Service",2009-04-01,LiquidWorm,windows,dos,0 -32882,platforms/asp/webapps/32882.txt,"SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-Site Scripting",2009-04-02,"Bugs NotHugs",asp,webapps,0 +32882,platforms/asp/webapps/32882.txt,"SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-site Scripting",2009-04-02,"Bugs NotHugs",asp,webapps,0 32883,platforms/hardware/webapps/32883.txt,"NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities",2014-04-15,"Santhosh Kumar",hardware,webapps,8080 32884,platforms/android/local/32884.txt,"Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution",2014-04-15,"Yorick Koster",android,local,0 32885,platforms/unix/remote/32885.rb,"Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE (Metasploit)",2014-04-15,"Brandon Perry",unix,remote,443 32886,platforms/hardware/webapps/32886.txt,"Xerox DocuShare - SQL Injection",2014-04-15,"Brandon Perry",hardware,webapps,8080 -32888,platforms/asp/webapps/32888.txt,"Asbru Web Content Management 6.5/6.6.9 - SQL Injection / Cross-Site Scripting",2009-04-02,"Patrick Webster",asp,webapps,0 +32888,platforms/asp/webapps/32888.txt,"Asbru Web Content Management 6.5/6.6.9 - SQL Injection / Cross-site Scripting",2009-04-02,"Patrick Webster",asp,webapps,0 32889,platforms/php/webapps/32889.txt,"4CMS - SQL Injection / Local File Inclusion",2009-04-02,k1ll3r_null,php,webapps,0 32891,platforms/windows/local/32891.txt,"Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32892,platforms/windows/local/32892.txt,"Microsoft Windows XP/2003 - RPCSS Service Isolation Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32893,platforms/windows/local/32893.txt,"Microsoft Windows VISTA/2008 - Thread Pool ACL Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32894,platforms/multiple/webapps/32894.txt,"IBM BladeCenter Advanced Management Module 1.42 - Login username XSS",2009-04-09,"Henri Lindberg",multiple,webapps,0 32895,platforms/multiple/webapps/32895.txt,"IBM BladeCenter Advanced Management Module 1.42 - private/file_management.ssi PATH Parameter XSS",2009-04-09,"Henri Lindberg",multiple,webapps,0 -32896,platforms/multiple/webapps/32896.html,"IBM BladeCenter Advanced Management Module 1.42 - CSRF",2009-04-09,"Henri Lindberg",multiple,webapps,0 -32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection",2009-04-09,"Usman Saeed",java,webapps,0 +32896,platforms/multiple/webapps/32896.html,"IBM BladeCenter Advanced Management Module 1.42 - Cross-site Request Forgery",2009-04-09,"Henri Lindberg",multiple,webapps,0 +32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager - Cross-site Scripting / HTML Injection",2009-04-09,"Usman Saeed",java,webapps,0 32898,platforms/asp/webapps/32898.txt,"XIGLA Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection",2009-04-09,"ThE g0bL!N",asp,webapps,0 32899,platforms/windows/dos/32899.py,"Jzip - SEH Unicode Buffer Overflow (Denial of Service)",2014-04-16,"motaz reda",windows,dos,0 32901,platforms/php/local/32901.php,"PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass",2009-04-10,"Maksymilian Arciemowicz",php,local,0 @@ -29661,9 +29661,9 @@ id,file,description,date,author,platform,type,port 32903,platforms/asp/webapps/32903.txt,"People-Trak - Login SQL Injection",2009-04-13,Mormoroth.net,asp,webapps,0 32905,platforms/php/webapps/32905.txt,"LinPHA 1.3.2/1.3.3 - login.php XSS",2009-04-09,"Gerendi Sandor Attila",php,webapps,0 32906,platforms/php/webapps/32906.txt,"LinPHA 1.3.2/1.3.3 - new_images.php XSS",2009-04-09,"Gerendi Sandor Attila",php,webapps,0 -32907,platforms/cgi/webapps/32907.txt,"Banshee 1.4.2 DAAP Extension - 'apps/web/vs_diag.cgi' Cross-Site Scripting",2009-04-13,"Anthony de Almeida Lopes",cgi,webapps,0 -32908,platforms/multiple/webapps/32908.txt,"IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-Site Scripting",2009-04-14,"Abdul-Aziz Hariri",multiple,webapps,0 -32909,platforms/java/webapps/32909.txt,"Novell Teaming 1.0 - User Enumeration Weakness / Multiple Cross-Site Scripting Vulnerabilities",2009-04-15,"Michael Kirchner",java,webapps,0 +32907,platforms/cgi/webapps/32907.txt,"Banshee 1.4.2 DAAP Extension - 'apps/web/vs_diag.cgi' Cross-site Scripting",2009-04-13,"Anthony de Almeida Lopes",cgi,webapps,0 +32908,platforms/multiple/webapps/32908.txt,"IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-site Scripting",2009-04-14,"Abdul-Aziz Hariri",multiple,webapps,0 +32909,platforms/java/webapps/32909.txt,"Novell Teaming 1.0 - User Enumeration Weakness / Multiple Cross-site Scripting Vulnerabilities",2009-04-15,"Michael Kirchner",java,webapps,0 32910,platforms/php/webapps/32910.txt,"Phorum 5.2 - admin/badwords.php curr Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 32911,platforms/php/webapps/32911.txt,"Phorum 5.2 - admin/banlist.php curr Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 32912,platforms/php/webapps/32912.txt,"Phorum 5.2 - admin/users.php Multiple Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 @@ -29679,13 +29679,13 @@ id,file,description,date,author,platform,type,port 32924,platforms/php/webapps/32924.txt,"razorCMS 0.3RC2 - Multiple Vulnerabilities",2009-04-16,"Jeremi Gosney",php,webapps,0 32925,platforms/multiple/remote/32925.txt,"NRPE 2.15 - Remote Command Execution",2014-04-18,"Dawid Golunski",multiple,remote,0 32926,platforms/linux/dos/32926.c,"Linux group_info refcounter - Overflow Memory Corruption",2014-04-18,"Thomas Pollet",linux,dos,0 -32927,platforms/java/webapps/32927.txt,"BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-Site Scripting",2009-04-16,"Ken Millar",java,webapps,0 +32927,platforms/java/webapps/32927.txt,"BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-site Scripting",2009-04-16,"Ken Millar",java,webapps,0 32928,platforms/php/webapps/32928.txt,"Malleo 1.2.3 - 'admin.php' Local File Inclusion",2009-04-17,Drosophila,php,webapps,0 -32929,platforms/linux/remote/32929.txt,"Red Hat Stronghold Web Server 2.3 - Cross-Site Scripting",2009-04-20,"Xia Shing Zee",linux,remote,0 +32929,platforms/linux/remote/32929.txt,"Red Hat Stronghold Web Server 2.3 - Cross-site Scripting",2009-04-20,"Xia Shing Zee",linux,remote,0 32930,platforms/php/webapps/32930.txt,"CMSimple 4.4/4.4.2 - Remote File Inclusion",2014-04-18,NoGe,php,webapps,80 32931,platforms/hardware/remote/32931.html,"Linksys WRT54GC 1.5.7 - (Firmware) 'administration.cgi' Access Validation",2009-04-20,"Gabriel Lima",hardware,remote,0 -32932,platforms/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Parameter Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 -32933,platforms/php/webapps/32933.txt,"Online Contact Manager 3.0 - index.php showGroup Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 +32932,platforms/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Parameter Cross-site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 +32933,platforms/php/webapps/32933.txt,"Online Contact Manager 3.0 - 'index.php' showGroup Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32934,platforms/php/webapps/32934.txt,"Online Contact Manager 3.0 - view.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32935,platforms/php/webapps/32935.txt,"Online Contact Manager 3.0 - email.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32936,platforms/php/webapps/32936.txt,"Online Contact Manager 3.0 - edit.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 @@ -29695,8 +29695,8 @@ id,file,description,date,author,platform,type,port 32940,platforms/java/webapps/32940.txt,"Sun Java System Delegated Administrator 6.x - HTTP Response Splitting",2009-04-21,"SCS team",java,webapps,0 32941,platforms/php/webapps/32941.txt,"PTCeffect 4.6 - LFI / SQL Injection",2014-04-19,"walid naceri",php,webapps,0 32942,platforms/linux/remote/32942.txt,"Mozilla - Multiple Products Server Refresh Header XSS",2009-04-22,"Olli Pettay",linux,remote,0 -32943,platforms/hardware/webapps/32943.txt,"Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF",2014-04-20,"Rakesh S",hardware,webapps,0 -32944,platforms/multiple/remote/32944.txt,"SAP cFolders - Cross-Site Scripting / HTML Injection",2009-04-21,"Digital Security Research Group",multiple,remote,0 +32943,platforms/hardware/webapps/32943.txt,"Teracom Modem T2-B-Gawv1.4U10Y-BI - Cross-site Request Forgery",2014-04-20,"Rakesh S",hardware,webapps,0 +32944,platforms/multiple/remote/32944.txt,"SAP cFolders - Cross-site Scripting / HTML Injection",2009-04-21,"Digital Security Research Group",multiple,remote,0 32945,platforms/multiple/remote/32945.txt,"010 Editor 3.0.4 - File Parsing Multiple Buffer Overflow Vulnerabilities",2009-04-21,"Le Duc Anh",multiple,remote,0 32946,platforms/freebsd/local/32946.c,"FreeBSD 7.1 libc - Berkley DB Interface Uninitialized Memory Local Information Disclosure",2009-01-15,"Jaakko Heinonen",freebsd,local,0 32947,platforms/linux/local/32947.txt,"DirectAdmin 1.33.3 - '/CMD_DB' Backup Action Insecure Temporary File Creation",2009-04-22,anonymous,linux,local,0 @@ -29707,25 +29707,25 @@ id,file,description,date,author,platform,type,port 32952,platforms/php/webapps/32952.txt,"CS Whois Lookup - 'ip' Parameter Remote Command Execution",2009-04-23,SirGod,php,webapps,0 32953,platforms/asp/webapps/32953.vbs,"PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection",2009-04-24,anonymous,asp,webapps,0 32954,platforms/hardware/remote/32954.txt,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G - 'adm/file.cgi' Multiple Directory Traversal Vulnerabilities",2009-04-23,pagvac,hardware,remote,0 -32955,platforms/hardware/remote/32955.js,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G - Multiple Cross-Site Scripting Vulnerabilities",2009-04-25,pagvac,hardware,remote,0 +32955,platforms/hardware/remote/32955.js,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G - Multiple Cross-site Scripting Vulnerabilities",2009-04-25,pagvac,hardware,remote,0 32956,platforms/windows/dos/32956.py,"RealNetworks RealPlayer Gold 10.0 MP3 - File Handling Remote Denial of Service",2009-04-27,"Abdul-Aziz Hariri",windows,dos,0 32957,platforms/windows/remote/32957.txt,"DWebPro 6.8.26 - Directory Traversal / Arbitrary File Disclosure",2009-04-27,"Alfons Luja",windows,remote,0 -32958,platforms/php/webapps/32958.txt,"MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0 +32958,platforms/php/webapps/32958.txt,"MataChat - 'input.php' Multiple Cross-site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0 32959,platforms/windows/remote/32959.rb,"Adobe Flash Player - Regular Expression Heap Overflow",2014-04-21,Metasploit,windows,remote,0 33337,platforms/osx/dos/33337.c,"Apple Mac OS X 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 32960,platforms/php/webapps/32960.txt,"Invision Power Board 3.0 - Multiple HTML-Injection and Information Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 32961,platforms/linux/dos/32961.html,"Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption",2009-04-27,"Marc Gueury",linux,dos,0 32962,platforms/cgi/remote/32962.txt,"LevelOne AMG-2000 2.00.00 - Security Bypass",2009-04-29,J.Greil,cgi,remote,0 -32963,platforms/php/webapps/32963.txt,"Coppermine Photo Gallery 1.4.21 - 'css' Parameter Cross-Site Scripting",2009-04-29,"Gerendi Sandor Attila",php,webapps,0 +32963,platforms/php/webapps/32963.txt,"Coppermine Photo Gallery 1.4.21 - 'css' Parameter Cross-site Scripting",2009-04-29,"Gerendi Sandor Attila",php,webapps,0 32964,platforms/linux/dos/32964.c,"GnuTLS 2.6.x - libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS",2009-04-30,"Miroslav Kratochvil",linux,dos,0 32965,platforms/linux/remote/32965.c,"GnuTLS 2.6.x - libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing",2009-04-30,"Miroslav Kratochvil",linux,remote,0 32966,platforms/php/webapps/32966.txt,"MyBB 1.4.5 - Multiple Security Vulnerabilities",2009-05-03,"Jacques Copeau",php,webapps,0 32967,platforms/multiple/remote/32967.txt,"Openfire 3.x - jabber:iq:auth 'passwd_change' Remote Password Change",2009-05-04,"Daryl Herzmann",multiple,remote,0 -32968,platforms/php/webapps/32968.sh,"IceWarp Merak Mail Server 9.4.1 Groupware Component - Multiple SQL Injection",2009-05-05,"RedTeam Pentesting",php,webapps,0 -32969,platforms/php/webapps/32969.txt,"IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Function Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 +32968,platforms/php/webapps/32968.sh,"IceWarp Merak Mail Server 9.4.1 Groupware Component - Multiple SQL Injections",2009-05-05,"RedTeam Pentesting",php,webapps,0 +32969,platforms/php/webapps/32969.txt,"IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Function Cross-site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 33077,platforms/linux/dos/33077.c,"MySQL 5.0.75 - 'sql_parse.cc' Multiple Format String Vulnerabilities",2009-06-08,kingcope,linux,dos,0 32971,platforms/multiple/remote/32971.txt,"Glassfish Enterprise Server 2.1 - Admin Console /applications/applications.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 -33577,platforms/multiple/remote/33577.txt,"XAMPP 1.6.x - Multiple Cross-Site Scripting Vulnerabilities",2009-06-10,MustLive,multiple,remote,0 +33577,platforms/multiple/remote/33577.txt,"XAMPP 1.6.x - Multiple Cross-site Scripting Vulnerabilities",2009-06-10,MustLive,multiple,remote,0 33352,platforms/windows/remote/33352.py,"Easy File Sharing Web Server 6.8 - Stack Buffer Overflow",2014-05-14,superkojiman,windows,remote,80 32973,platforms/hardware/webapps/32973.txt,"Sixnet Sixview 2.4.1 - Web Console Directory Traversal",2014-04-22,"daniel svartman",hardware,webapps,0 32978,platforms/multiple/remote/32978.txt,"Glassfish Enterprise Server 2.1 - Admin Console /sysnet/registration.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 @@ -29737,44 +29737,44 @@ id,file,description,date,author,platform,type,port 32980,platforms/multiple/remote/32980.txt,"Glassfish Enterprise Server 2.1 - Admin Console /configuration/auditModuleEdit.jsf name Parameter XSS",2009-05-05,DSecRG,multiple,remote,0 32981,platforms/multiple/remote/32981.txt,"Glassfish Enterprise Server 2.1 - Admin Console /resourceNode/jdbcResourceEdit.jsf name Parameter XSS",2009-05-05,DSecRG,multiple,remote,0 34148,platforms/multiple/webapps/34148.txt,"Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent",2014-07-23,Vulnerability-Lab,multiple,webapps,0 -32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - (sorter.php sorter_value param) SQL Injection",2014-04-22,chapp,php,webapps,80 -32985,platforms/php/webapps/32985.xml,"IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 +32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - (sorter.php sorter_value parameter) SQL Injection",2014-04-22,chapp,php,webapps,80 +32985,platforms/php/webapps/32985.xml,"IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 32986,platforms/php/webapps/32986.py,"IceWarp Merak Mail Server 9.4.1 - 'Forgot Password' Input Validation",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 -32987,platforms/multiple/remote/32987.txt,"Woodstock 4.2 404 - Error Page Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32988,platforms/php/webapps/32988.txt,"VerliAdmin 0.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-05-05,TEAMELITE,php,webapps,0 -32989,platforms/php/webapps/32989.txt,"Verlihub Control Panel 1.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-06,TEAMELITE,php,webapps,0 +32987,platforms/multiple/remote/32987.txt,"Woodstock 4.2 404 - Error Page Cross-site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32988,platforms/php/webapps/32988.txt,"VerliAdmin 0.3 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2009-05-05,TEAMELITE,php,webapps,0 +32989,platforms/php/webapps/32989.txt,"Verlihub Control Panel 1.7 - Multiple Cross-site Scripting Vulnerabilities",2009-05-06,TEAMELITE,php,webapps,0 32990,platforms/hardware/webapps/32990.pl,"HP Laser Jet - JavaScript Persistent XSS via PJL Directory Traversal",2014-04-23,@0x00string,hardware,webapps,0 -32991,platforms/php/webapps/32991.txt,"Claroline 1.8.11 - 'claroline/linker/notfound.php' Cross-Site Scripting",2009-05-08,"Gerendi Sandor Attila",php,webapps,0 -32992,platforms/php/webapps/32992.txt,"MagpieRSS 0.72 - Cross-Site Scripting / HTML Injection",2009-05-08,"Justin Klein Keane",php,webapps,0 +32991,platforms/php/webapps/32991.txt,"Claroline 1.8.11 - 'claroline/linker/notfound.php' Cross-site Scripting",2009-05-08,"Gerendi Sandor Attila",php,webapps,0 +32992,platforms/php/webapps/32992.txt,"MagpieRSS 0.72 - Cross-site Scripting / HTML Injection",2009-05-08,"Justin Klein Keane",php,webapps,0 32993,platforms/php/webapps/32993.txt,"Dacio's Image Gallery 1.6 - Multiple Remote Vulnerabilities",2009-05-11,ahmadbady,php,webapps,0 32994,platforms/multiple/remote/32994.xml,"Apple Safari 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities",2009-05-12,"Billy Rios",multiple,remote,0 32995,platforms/linux/dos/32995.txt,"Sendmail 8.12.x - 'X-header' Remote Heap Buffer Overflow",2009-05-27,"Simple Nomad",linux,dos,0 32996,platforms/multiple/remote/32996.txt,"Nortel Contact Center Manager - Administration Password Disclosure",2009-05-14,"Bernhard Muller",multiple,remote,0 32999,platforms/php/webapps/32999.py,"Bonefire 0.7.1 - Reinstall Admin Account Exploit",2014-04-24,"Mehmet Ince",php,webapps,0 -33057,platforms/php/webapps/33057.txt,"Aardvark Topsites PHP 5.2 - 'index.php' Cross-Site Scripting",2009-05-26,anonymous,php,webapps,0 -33000,platforms/php/webapps/33000.txt,"Cacti 0.8.7 - 'data_input.php' Cross-Site Scripting",2009-05-15,fgeek,php,webapps,0 -33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site scripting / Remote Command Execution",2009-05-20,inking,php,webapps,0 +33057,platforms/php/webapps/33057.txt,"Aardvark Topsites PHP 5.2 - 'index.php' Cross-site Scripting",2009-05-26,anonymous,php,webapps,0 +33000,platforms/php/webapps/33000.txt,"Cacti 0.8.7 - 'data_input.php' Cross-site Scripting",2009-05-15,fgeek,php,webapps,0 +33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-site Scripting / Remote Command Execution",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 - Web Application Firewall Security Bypass",2009-05-20,EnableSecurity,php,webapps,0 33003,platforms/php/webapps/33003.txt,"WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 -33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - (dompdf.php read param) Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 +33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - (dompdf.php read parameter) Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 33007,platforms/multiple/remote/33007.txt,"Novell GroupWise 8.0 WebAccess - Multiple Security Vulnerabilities",2009-05-21,"Gregory Duchemin",multiple,remote,0 -33008,platforms/php/webapps/33008.txt,"LxBlog - Multiple Cross-Site Scripting / SQL Injection",2009-05-22,Securitylab.ir,php,webapps,0 -33009,platforms/asp/webapps/33009.txt,"DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting",2009-05-22,"ben hawkes",asp,webapps,0 +33008,platforms/php/webapps/33008.txt,"LxBlog - Multiple Cross-site Scripting / SQL Injection",2009-05-22,Securitylab.ir,php,webapps,0 +33009,platforms/asp/webapps/33009.txt,"DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-site Scripting",2009-05-22,"ben hawkes",asp,webapps,0 33010,platforms/hardware/remote/33010.txt,"SonicWALL Global VPN Client 4.0 - Log File Remote Format String",2009-05-26,lofi42,hardware,remote,0 33011,platforms/php/webapps/33011.txt,"PHP-Nuke 8.0 - 'main/tracking/userLog.php' SQL Injection",2009-05-27,"Gerendi Sandor Attila",php,webapps,0 33012,platforms/windows/local/33012.c,"Microsoft Windows 2000/XP/2003 - Desktop Wall Paper System Parameter Local Privilege Escalation",2009-02-02,Arkon,windows,local,0 -33013,platforms/php/webapps/33013.txt,"Lussumo Vanilla 1.1.5/1.1.7 - 'updatecheck.php' Cross-Site Scripting",2009-05-15,"Gerendi Sandor Attila",php,webapps,0 -33014,platforms/php/webapps/33014.txt,"Achievo 1.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-28,MaXe,php,webapps,0 +33013,platforms/php/webapps/33013.txt,"Lussumo Vanilla 1.1.5/1.1.7 - 'updatecheck.php' Cross-site Scripting",2009-05-15,"Gerendi Sandor Attila",php,webapps,0 +33014,platforms/php/webapps/33014.txt,"Achievo 1.3.4 - Multiple Cross-site Scripting Vulnerabilities",2009-05-28,MaXe,php,webapps,0 33015,platforms/linux/dos/33015.c,"Linux Kernel 2.6.x - 'splice(2)' Double Lock Local Denial of Service",2009-05-29,"Miklos Szeredi",linux,dos,0 33016,platforms/hardware/remote/33016.txt,"SonicWALL SSL-VPN - 'cgi-bin/welcome/VirtualOffice' Remote Format String",2009-05-29,"Patrick Webster",hardware,remote,0 33017,platforms/linux/dos/33017.txt,"Adobe Acrobat 9.1.3 - Stack Exhaustion Denial of Service",2009-05-29,"Saint Patrick",linux,dos,0 33018,platforms/windows/dos/33018.txt,"cFos Personal Net 3.09 - Remote Heap Memory Corruption Denial of Service",2014-04-25,LiquidWorm,windows,dos,0 33019,platforms/multiple/webapps/33019.txt,"miSecureMessages 4.0.1 - Session Management / Authentication Bypass",2014-04-25,"Jared Bird",multiple,webapps,0 33020,platforms/linux/dos/33020.py,"CUPS 1.3.9 - 'cups/ipp.c' NULL Pointer Dereference Denial Of Service",2009-06-02,"Anibal Sacco",linux,dos,0 -33021,platforms/php/webapps/33021.txt,"PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting",2009-06-02,"Schap Security",php,webapps,0 -33022,platforms/php/webapps/33022.txt,"Joomla! < 1.5.11 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2009-06-03,"Airton Torres",php,webapps,0 +33021,platforms/php/webapps/33021.txt,"PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-site Scripting",2009-06-02,"Schap Security",php,webapps,0 +33022,platforms/php/webapps/33022.txt,"Joomla! < 1.5.11 - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2009-06-03,"Airton Torres",php,webapps,0 33023,platforms/multiple/remote/33023.txt,"Apache Tomcat 6.0.18 - Form Authentication Existing/Non-Existing Username Enumeration Weakness",2009-06-03,"D. Matscheko",multiple,remote,0 33024,platforms/windows/remote/33024.txt,"Microsoft Internet Explorer 5.0.1 - Cached Content Cross Domain Information Disclosure",2009-06-09,"Jorge Luis Alvarez Medina",windows,remote,0 33025,platforms/windows/remote/33025.txt,"LogMeIn 4.0.784 - 'cfgadvanced.html' HTTP Header Injection",2009-06-05,Inferno,windows,remote,0 @@ -29789,7 +29789,7 @@ id,file,description,date,author,platform,type,port 33035,platforms/windows/remote/33035.txt,"Microsoft Windows Media Player 11 - ScriptCommand Multiple Information Disclosure Vulnerabilities",2009-05-12,"Rosario Valotta",windows,remote,0 33036,platforms/linux/dos/33036.txt,"Git 1.6.3 - Parameter Processing Remote Denial Of Service",2009-05-05,"Shawn O. Pearce",linux,dos,0 33037,platforms/multiple/dos/33037.html,"Apple QuickTime 7.4.1 - NULL Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 -33038,platforms/php/webapps/33038.txt,"Webmedia Explorer 5.0.9/5.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-15,intern0t,php,webapps,0 +33038,platforms/php/webapps/33038.txt,"Webmedia Explorer 5.0.9/5.10 - Multiple Cross-site Scripting Vulnerabilities",2009-05-15,intern0t,php,webapps,0 33039,platforms/linux/remote/33039.txt,"Mozilla Firefox 3.0.10 / SeaMonkey 1.1.16 - Address Bar URI Spoofing",2009-05-11,"Pavel Cvrcek",linux,remote,0 33040,platforms/linux/dos/33040.txt,"GUPnP 0.12.7 - Message Handling Denial Of Service",2009-05-03,"Zeeshan Ali",linux,dos,0 33041,platforms/linux/dos/33041.txt,"Irssi 0.8.13 - 'WALLOPS' Message Off By One Heap Memory Corruption",2009-05-15,nemo,linux,dos,0 @@ -29799,26 +29799,26 @@ id,file,description,date,author,platform,type,port 33045,platforms/hardware/remote/33045.html,"Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass (2)",2009-05-17,"Collin Mulliner",hardware,remote,0 33046,platforms/hardware/remote/33046.html,"Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass (3)",2009-05-17,"Collin Mulliner",hardware,remote,0 33047,platforms/multiple/remote/33047.html,"WebKit - 'parent/top' Cross Domain Scripting",2009-05-19,"Gareth Hayes",multiple,remote,0 -33048,platforms/java/webapps/33048.txt,"DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting",2009-05-19,r0t,java,webapps,0 +33048,platforms/java/webapps/33048.txt,"DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-site Scripting",2009-05-19,r0t,java,webapps,0 33049,platforms/linux/dos/33049.txt,"LibTIFF 3.8.2 - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-05-21,wololo,linux,dos,0 33050,platforms/windows/remote/33050.html,"Microsoft Internet Explorer 7/8 - HTML Attribute JavaScript URI Security Bypass",2009-05-22,80vul,windows,remote,0 33051,platforms/cgi/remote/33051.txt,"Nagios 3.0.6 - 'statuswml.cgi' Remote Arbitrary Shell Command Injection",2009-05-22,Paul,cgi,remote,0 33052,platforms/php/webapps/33052.txt,"Basic Analysis And Security Engine 1.2.4 - 'readRoleCookie()' Authentication Bypass",2009-05-23,"Tim Medin",php,webapps,0 33053,platforms/linux/remote/33053.txt,"Samba 3.3.5 - Format String / Security Bypass",2009-05-19,"Jeremy Allison",linux,remote,0 33054,platforms/hardware/remote/33054.txt,"Cisco Adaptive Security Appliance 8.x - Web VPN FTP or CIFS Authentication Form Phishing",2009-05-24,"David Byrne",hardware,remote,0 -33055,platforms/hardware/remote/33055.html,"Cisco ASA Appliance 8.x - WebVPN DOM Wrapper Cross-Site Scripting",2009-05-24,"Trustwave's SpiderLabs",hardware,remote,0 +33055,platforms/hardware/remote/33055.html,"Cisco ASA Appliance 8.x - WebVPN DOM Wrapper Cross-site Scripting",2009-05-24,"Trustwave's SpiderLabs",hardware,remote,0 33056,platforms/windows/dos/33056.pl,"Symantec Endpoint Protection Manager 12.1.x - SEH Overflow PoC",2014-04-27,st3n,windows,dos,0 33058,platforms/multiple/dos/33058.txt,"Multiple BSD Distributions - 'gdtoa/misc.c' Memory Corruption",2009-05-26,"Maksymilian Arciemowicz",multiple,dos,0 33059,platforms/windows/dos/33059.smpl,"BaoFeng Storm 3.9.62 - .Playlist File Buffer Overflow",2009-05-28,Jambalaya,windows,dos,0 -33060,platforms/php/webapps/33060.txt,"phpMyAdmin 3.3.0 - 'db' Parameter Cross-Site Scripting",2009-05-30,r0t,php,webapps,0 -33061,platforms/php/webapps/33061.php,"Joomla! 1.5.x - Cross-Site Scripting / Information Disclosure",2009-06-01,"Juan Galiana Lara",php,webapps,0 +33060,platforms/php/webapps/33060.txt,"phpMyAdmin 3.3.0 - 'db' Parameter Cross-site Scripting",2009-05-30,r0t,php,webapps,0 +33061,platforms/php/webapps/33061.php,"Joomla! 1.5.x - Cross-site Scripting / Information Disclosure",2009-06-01,"Juan Galiana Lara",php,webapps,0 33062,platforms/windows/dos/33062.txt,"Apple Safari 4 - 'reload()' Denial of Service",2009-06-02,SkyOut,windows,dos,0 -33063,platforms/windows/remote/33063.txt,"Microsoft Internet Explorer 6.0 - 'javascript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,windows,remote,0 -33064,platforms/multiple/remote/33064.txt,"Google Chrome 0.3.154 - 'javascript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,multiple,remote,0 -33065,platforms/php/webapps/33065.txt,"Horde 3.1 - 'Passwd' Module Cross-Site Scripting",2009-06-05,anonymous,php,webapps,0 +33063,platforms/windows/remote/33063.txt,"Microsoft Internet Explorer 6.0 - 'javascript:' URI in 'Refresh' Header Cross-site Scripting",2009-06-03,MustLive,windows,remote,0 +33064,platforms/multiple/remote/33064.txt,"Google Chrome 0.3.154 - 'javascript:' URI in 'Refresh' Header Cross-site Scripting",2009-06-03,MustLive,multiple,remote,0 +33065,platforms/php/webapps/33065.txt,"Horde 3.1 - 'Passwd' Module Cross-site Scripting",2009-06-05,anonymous,php,webapps,0 33066,platforms/windows/remote/33066.html,"Avax Vector 1.3 - 'avPreview.ocx' ActiveX Control Buffer Overflow",2009-06-06,Satan_HackerS,windows,remote,0 33067,platforms/multiple/remote/33067.txt,"Winds3D Viewer 3 - 'GetURL()' Arbitrary File Download",2009-06-08,"Diego Juarez",multiple,remote,0 -33068,platforms/php/webapps/33068.txt,"ClanSphere 2009 - 'text' Parameter Cross-Site Scripting",2009-06-06,"599eme Man",php,webapps,0 +33068,platforms/php/webapps/33068.txt,"ClanSphere 2009 - 'text' Parameter Cross-site Scripting",2009-06-06,"599eme Man",php,webapps,0 33069,platforms/windows/local/33069.rb,"Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,Metasploit,windows,local,0 33070,platforms/php/webapps/33070.py,"ApPHP MicroBlog 1.0.1 - Remote Command Execution Exploit",2014-04-28,LOTFREE,php,webapps,80 33071,platforms/windows/remote/33071.txt,"McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities",2014-04-28,st3n,windows,remote,0 @@ -29827,13 +29827,13 @@ id,file,description,date,author,platform,type,port 33075,platforms/php/webapps/33075.txt,"GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection",2014-04-28,Esac,php,webapps,80 33076,platforms/php/webapps/33076.txt,"WordPress iMember360 Plugin 3.8.012 < 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 33078,platforms/multiple/remote/33078.txt,"HP ProCurve Threat Management Services - zl ST.1.0.090213 Module CRL Security Bypass",2009-06-13,anonymous,multiple,remote,0 -33079,platforms/multiple/remote/33079.txt,"Oracle Weblogic Server 10.3 - 'console-help.portal' Cross-Site Scripting",2009-06-14,"Alexandr Polyakov",multiple,remote,0 +33079,platforms/multiple/remote/33079.txt,"Oracle Weblogic Server 10.3 - 'console-help.portal' Cross-site Scripting",2009-06-14,"Alexandr Polyakov",multiple,remote,0 33080,platforms/multiple/dos/33080.txt,"Oracle 11.1 - Database Network Foundation Heap Memory Corruption",2009-06-14,"Dennis Yurichev",multiple,dos,0 33081,platforms/multiple/remote/33081.cpp,"Oracle 9i/10g Database - Remote Network Authentication",2009-06-14,"Dennis Yurichev",multiple,remote,0 -33082,platforms/multiple/remote/33082.txt,"Oracle 10g Secure Enterprise Search - 'search_p_groups' Parameter Cross-Site Scripting",2009-06-14,"Alexandr Polyakov",multiple,remote,0 +33082,platforms/multiple/remote/33082.txt,"Oracle 10g Secure Enterprise Search - 'search_p_groups' Parameter Cross-site Scripting",2009-06-14,"Alexandr Polyakov",multiple,remote,0 33083,platforms/multiple/dos/33083.txt,"Oracle 9i/10g Database - TNS Command Remote Denial of Service",2009-06-14,"Dennis Yurichev",multiple,dos,0 33084,platforms/multiple/remote/33084.txt,"Oracle 9i/10g Database - Network Foundation Remote",2009-06-14,"Dennis Yurichev",multiple,remote,0 -33085,platforms/php/webapps/33085.txt,"Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting",2009-06-14,Moudi,php,webapps,0 +33085,platforms/php/webapps/33085.txt,"Scriptsez Easy Image Downloader - 'id' Parameter Cross-site Scripting",2009-06-14,Moudi,php,webapps,0 33086,platforms/multiple/dos/33086.txt,"America's Army 3.0.4 - Invalid Query Remote Denial of Service",2009-06-06,"Luigi Auriemma",multiple,dos,0 33087,platforms/php/webapps/33087.txt,"PHPLive! 3.2.2 - 'request.php' SQL Injection",2009-06-16,boom3rang,php,webapps,0 33088,platforms/linux/dos/33088.txt,"Linux Kernel 2.6.30 - 'tun_chr_pool()' NULL Pointer Dereference",2009-06-17,"Christian Borntraeger",linux,dos,0 @@ -29846,7 +29846,7 @@ id,file,description,date,author,platform,type,port 33348,platforms/windows/dos/33348.pl,"TFTPD32 4.5 / TFTPD64 4.5 - DoS PoC",2014-05-14,"Martinez FrostCard",windows,dos,0 33578,platforms/multiple/remote/33578.txt,"XAMPP 1.6.x - 'showcode.php' Local File Inclusion",2009-07-16,MustLive,multiple,remote,0 33579,platforms/multiple/dos/33579.txt,"Ingres Database 9.3 - Heap Buffer Overflow",2010-01-29,"Evgeny Legerov",multiple,dos,0 -33580,platforms/hardware/remote/33580.txt,"Comtrend CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting",2010-01-29,Yoyahack,hardware,remote,0 +33580,platforms/hardware/remote/33580.txt,"Comtrend CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-site Scripting",2010-01-29,Yoyahack,hardware,remote,0 33095,platforms/windows/remote/33095.rb,"Adobe Flash Player - Type Confusion Remote Code Execution",2014-04-29,Metasploit,windows,remote,0 33096,platforms/multiple/dos/33096.txt,"Crysis 1.21/1.5 - HTTP/XML-RPC Service Access Violation Remote Denial of Service",2009-06-20,"Luigi Auriemma",multiple,dos,0 33097,platforms/php/webapps/33097.txt,"Programs Rating - rate.php id Parameter XSS",2009-06-20,Moudi,php,webapps,0 @@ -29862,13 +29862,13 @@ id,file,description,date,author,platform,type,port 33107,platforms/php/webapps/33107.txt,"PG MatchMaking - browse_men.php show Parameter XSS",2009-06-24,Moudi,php,webapps,0 33108,platforms/php/webapps/33108.txt,"PG MatchMaking - search.php show Parameter XSS",2009-06-24,Moudi,php,webapps,0 33109,platforms/php/webapps/33109.txt,"PG MatchMaking - services.php show Parameter XSS",2009-06-24,Moudi,php,webapps,0 -33110,platforms/php/webapps/33110.txt,"XZeroScripts XZero Community Classifieds 4.97.8 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-24,Moudi,php,webapps,0 +33110,platforms/php/webapps/33110.txt,"XZeroScripts XZero Community Classifieds 4.97.8 - Multiple Cross-site Scripting Vulnerabilities",2009-06-24,Moudi,php,webapps,0 33111,platforms/php/webapps/33111.txt,"AIOCP 1.4 - 'cp_html2txt.php' Remote File Inclusion",2009-06-27,"Hadi Kiamarsi",php,webapps,0 33112,platforms/php/webapps/33112.txt,"PG Roommate Finder Solution - quick_search.php part Parameter XSS",2009-06-27,Moudi,php,webapps,0 33113,platforms/php/webapps/33113.txt,"PG Roommate Finder Solution - viewprofile.php part Parameter XSS",2009-06-27,Moudi,php,webapps,0 -33114,platforms/php/webapps/33114.txt,"Almond Classifieds Component for Joomla! 7.5 - Cross-Site Scripting / SQL Injection",2009-06-27,Moudi,php,webapps,0 -33115,platforms/php/webapps/33115.txt,"AlmondSoft Multiple Classifieds Products - index.php replid Parameter SQL Injection",2009-06-27,Moudi,php,webapps,0 -33116,platforms/php/webapps/33116.txt,"AlmondSoft Multiple Classifieds Products - index.php Multiple Parameter XSS",2009-06-27,Moudi,php,webapps,0 +33114,platforms/php/webapps/33114.txt,"Almond Classifieds Component for Joomla! 7.5 - Cross-site Scripting / SQL Injection",2009-06-27,Moudi,php,webapps,0 +33115,platforms/php/webapps/33115.txt,"AlmondSoft Multiple Classifieds Products - 'index.php' replid Parameter SQL Injection",2009-06-27,Moudi,php,webapps,0 +33116,platforms/php/webapps/33116.txt,"AlmondSoft Multiple Classifieds Products - 'index.php' Multiple Parameter XSS",2009-06-27,Moudi,php,webapps,0 33117,platforms/php/webapps/33117.txt,"AlmondSoft Classifieds Pro - gmap.php addr Parameter XSS",2009-06-27,Moudi,php,webapps,0 33118,platforms/multiple/remote/33118.html,"Apple Safari 4.0.1 - Error Page Address Bar URI Spoofing",2009-06-27,"Juan Pablo Lopez Yacubian",multiple,remote,0 33119,platforms/php/webapps/33119.txt,"Pilot Group eTraining - courses_login.php cat_id Parameter XSS",2009-06-24,Moudi,php,webapps,0 @@ -29876,35 +29876,35 @@ id,file,description,date,author,platform,type,port 33121,platforms/php/webapps/33121.txt,"Pilot Group eTraining - lessons_login.php Multiple Parameter XSS",2009-06-24,Moudi,php,webapps,0 33122,platforms/php/webapps/33122.txt,"Joomla! 'com_user' Component - 'view' Parameter URI Redirection",2009-06-27,"599eme Man",php,webapps,0 33123,platforms/multiple/remote/33123.html,"Google Chrome 2.0.172 - 'About:blank' Address Bar URI Spoofing 'About:blank' Address Bar URI Spoofing",2009-06-28,Lostmon,multiple,remote,0 -33124,platforms/multiple/remote/33124.txt,"Google Chrome 2.0.172 - 'chrome://history/' URI Cross-Site Scripting",2009-06-28,"Karn Ganeshen",multiple,remote,0 +33124,platforms/multiple/remote/33124.txt,"Google Chrome 2.0.172 - 'chrome://history/' URI Cross-site Scripting",2009-06-28,"Karn Ganeshen",multiple,remote,0 33125,platforms/php/webapps/33125.txt,"Joomla! Permis 1.0 ('com_groups') Component - 'id' Parameter SQL Injection",2009-06-28,Prince_Pwn3r,php,webapps,0 -33126,platforms/php/webapps/33126.txt,"Matterdaddy Market 1.x - 'index.php' Cross-Site Scripting",2009-06-28,Moudi,php,webapps,0 -33127,platforms/php/webapps/33127.txt,"Miniweb 2.0 Site Builder Module - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,Moudi,php,webapps,0 +33126,platforms/php/webapps/33126.txt,"Matterdaddy Market 1.x - 'index.php' Cross-site Scripting",2009-06-28,Moudi,php,webapps,0 +33127,platforms/php/webapps/33127.txt,"Miniweb 2.0 Site Builder Module - Multiple Cross-site Scripting Vulnerabilities",2009-06-29,Moudi,php,webapps,0 40080,platforms/php/webapps/40080.txt,"Tiki Wiki CMS 15.0 - Arbitrary File Download",2016-07-11,"Kacper Szurek",php,webapps,80 40081,platforms/cgi/webapps/40081.py,"Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass",2016-07-11,"Gregory Smiley",cgi,webapps,80 40082,platforms/php/webapps/40082.txt,"WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS",2016-07-11,"David Vaartjes",php,webapps,80 33197,platforms/php/webapps/33197.txt,"68 Classifieds 4.1 - category.php cat Parameter XSS",2009-07-27,Moudi,php,webapps,0 -33130,platforms/php/webapps/33130.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (1)",2009-06-30,"Ivan Sanchez",php,webapps,0 -33131,platforms/php/webapps/33131.txt,"XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-06-30,"Sense of Security",php,webapps,0 +33130,platforms/php/webapps/33130.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-site Scripting Vulnerabilities (1)",2009-06-30,"Ivan Sanchez",php,webapps,0 +33131,platforms/php/webapps/33131.txt,"XOOPS 2.3.3 - 'op' Parameter Multiple Cross-site Scripting Vulnerabilities",2009-06-30,"Sense of Security",php,webapps,0 33132,platforms/php/webapps/33132.txt,"Softbiz Dating Script 1.0 - 'cat_products.php' SQL Injection",2009-07-30,MizoZ,php,webapps,0 33133,platforms/multiple/dos/33133.txt,"Adobe Flash Player 10.0.22 and AIR - URI Parsing Heap Buffer Overflow",2009-07-30,iDefense,multiple,dos,0 33134,platforms/linux/dos/33134.txt,"Adobe Flash Player 10.0.22 and AIR - 'intf_count' Integer Overflow",2009-07-30,"Roee Hay",linux,dos,0 33136,platforms/hardware/webapps/33136.txt,"Fritz!Box - Remote Command Execution Exploit",2014-05-01,0x4148,hardware,webapps,0 -33340,platforms/php/webapps/33340.txt,"CuteNews 1.4.6 - index.php Multiple Parameter XSS",2009-11-10,"Andrew Horton",php,webapps,0 -33138,platforms/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Stored XSS",2014-05-01,"Dolev Farhi",hardware,webapps,0 +33340,platforms/php/webapps/33340.txt,"CuteNews 1.4.6 - 'index.php' Multiple Parameter XSS",2009-11-10,"Andrew Horton",php,webapps,0 +33138,platforms/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-site Scripting",2014-05-01,"Dolev Farhi",hardware,webapps,0 33584,platforms/multiple/dos/33584.txt,"IBM DB2 - 'kuddb2' Remote Denial of Service",2010-01-31,"Evgeny Legerov",multiple,dos,0 33142,platforms/multiple/remote/33142.rb,"Apache Struts - ClassLoader Manipulation Remote Code Execution",2014-05-02,Metasploit,multiple,remote,8080 33143,platforms/hardware/remote/33143.rb,"F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (Metasploit)",2014-05-02,"Brandon Perry",hardware,remote,443 -33144,platforms/php/webapps/33144.txt,"Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,mark99,php,webapps,0 +33144,platforms/php/webapps/33144.txt,"Censura < 2.1.1 - Multiple Cross-site Scripting Vulnerabilities",2009-06-29,mark99,php,webapps,0 33145,platforms/linux/local/33145.c,"PHP Fuzzer Framework - Default Location Insecure Temporary File Creation",2009-08-03,"Melissa Elliott",linux,local,0 33146,platforms/php/webapps/33146.txt,"CS-Cart 2.0.5 - 'reward_points.post.php' SQL Injection",2009-08-04,"Ryan Dewhurst",php,webapps,0 -33147,platforms/php/webapps/33147.txt,"AJ Auction Pro 3.0 - 'txtkeyword' Parameter Cross-Site Scripting",2009-08-05,"599eme Man",php,webapps,0 +33147,platforms/php/webapps/33147.txt,"AJ Auction Pro 3.0 - 'txtkeyword' Parameter Cross-site Scripting",2009-08-05,"599eme Man",php,webapps,0 33148,platforms/linux/dos/33148.c,"Linux Kernel 2.6.x - 'posix-timers.c' NULL Pointer Dereference Denial of Service",2009-08-06,"Hiroshi Shimamoto",linux,dos,0 33149,platforms/php/webapps/33149.txt,"Alkacon OpenCMS 7.x - Multiple Input Validation Vulnerabilities",2009-08-06,"Katie French",php,webapps,0 -33346,platforms/jsp/webapps/33346.txt,"McAfee Network Security Manager 5.1.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-11-06,"Daniel King",jsp,webapps,0 -33152,platforms/php/webapps/33152.txt,"PhotoPost PHP 3.3.1 - 'cat' Parameter Cross-Site Scripting / SQL Injection",2009-08-07,"599eme Man",php,webapps,0 -33153,platforms/php/webapps/33153.txt,"SupportPRO SupportDesk 3.0 - 'shownews.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 -33154,platforms/php/webapps/33154.txt,"SQLiteManager 1.2 - 'main.php' Cross-Site Scripting",2009-08-10,"Hadi Kiamarsi",php,webapps,0 +33346,platforms/jsp/webapps/33346.txt,"McAfee Network Security Manager 5.1.7 - Multiple Cross-site Scripting Vulnerabilities",2009-11-06,"Daniel King",jsp,webapps,0 +33152,platforms/php/webapps/33152.txt,"PhotoPost PHP 3.3.1 - 'cat' Parameter Cross-site Scripting / SQL Injection",2009-08-07,"599eme Man",php,webapps,0 +33153,platforms/php/webapps/33153.txt,"SupportPRO SupportDesk 3.0 - 'shownews.php' Cross-site Scripting",2009-08-10,Moudi,php,webapps,0 +33154,platforms/php/webapps/33154.txt,"SQLiteManager 1.2 - 'main.php' Cross-site Scripting",2009-08-10,"Hadi Kiamarsi",php,webapps,0 33155,platforms/php/webapps/33155.txt,"ViArt CMS - forums.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 33156,platforms/php/webapps/33156.txt,"Crime24 Stealer Panel 1.0 - Multiple Vulnerabilities",2014-05-03,"Daisuke Dan",php,webapps,0 33157,platforms/php/webapps/33157.txt,"ViArt CMS - forum.php forum_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 @@ -29928,10 +29928,10 @@ id,file,description,date,author,platform,type,port 33175,platforms/windows/dos/33175.txt,"Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (3)",2007-02-07,trevordixon,windows,dos,0 33176,platforms/linux/dos/33176.rb,"ntop 3.3.10 - HTTP Basic Authentication NULL Pointer Dereference Denial Of Service",2009-08-18,"Brad Antoniewicz",linux,dos,0 33177,platforms/hardware/remote/33177.txt,"NetGear WNR2000 - Multiple Information Disclosure Vulnerabilities",2009-08-18,"Jean Trolleur",hardware,remote,0 -33178,platforms/php/webapps/33178.txt,"Computer Associates SiteMinder - '%00' Cross-Site Scripting Protection Security Bypass",2009-06-08,"Arshan Dabirsiaghi",php,webapps,0 -33254,platforms/java/webapps/33254.txt,"IBM Lotus Connections 2.0.1 - 'simpleSearch.do' Cross-Site Scripting",2009-09-23,IBM,java,webapps,0 -33180,platforms/multiple/webapps/33180.txt,"Adobe Flex SDK 3.x - 'index.template.html' Cross-Site Scripting",2009-08-19,"Adam Bixby",multiple,webapps,0 -33181,platforms/java/webapps/33181.txt,"Computer Associates SiteMinder - Unicode Cross-Site Scripting Protection Security Bypass",2009-06-08,"Arshan Dabirsiaghi",java,webapps,0 +33178,platforms/php/webapps/33178.txt,"Computer Associates SiteMinder - '%00' Cross-site Scripting Protection Security Bypass",2009-06-08,"Arshan Dabirsiaghi",php,webapps,0 +33254,platforms/java/webapps/33254.txt,"IBM Lotus Connections 2.0.1 - 'simpleSearch.do' Cross-site Scripting",2009-09-23,IBM,java,webapps,0 +33180,platforms/multiple/webapps/33180.txt,"Adobe Flex SDK 3.x - 'index.template.html' Cross-site Scripting",2009-08-19,"Adam Bixby",multiple,webapps,0 +33181,platforms/java/webapps/33181.txt,"Computer Associates SiteMinder - Unicode Cross-site Scripting Protection Security Bypass",2009-06-08,"Arshan Dabirsiaghi",java,webapps,0 33182,platforms/multiple/dos/33182.txt,"Live For Speed S2 - Duplicate Join Packet Remote Denial of Service",2009-08-23,"Luigi Auriemma",multiple,dos,0 33183,platforms/novell/dos/33183.html,"Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)",2009-08-25,"Francis Provencher",novell,dos,0 33184,platforms/novell/dos/33184.html,"Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)",2009-08-25,"Francis Provencher",novell,dos,0 @@ -29952,7 +29952,7 @@ id,file,description,date,author,platform,type,port 33203,platforms/multiple/remote/33203.txt,"GreenSQL Firewall 0.9.x - WHERE Clause Secuity Bypass",2009-09-02,"Johannes Dahse",multiple,remote,0 33204,platforms/php/webapps/33204.txt,"phpAuction 3.2 - 'lan' Parameter Remote File Inclusion",2009-09-09,"Beenu Arora",php,webapps,0 33205,platforms/windows/dos/33205.pl,"Nokia Multimedia Player 1.1 - Remote Denial of Service",2009-09-01,"opt!x hacker",windows,dos,0 -33206,platforms/php/webapps/33206.txt,"MKPortal 1.x - Multiple Modules Cross-Site Scripting Vulnerabilities",2009-08-31,Inj3ct0r,php,webapps,0 +33206,platforms/php/webapps/33206.txt,"MKPortal 1.x - Multiple Modules Cross-site Scripting Vulnerabilities",2009-08-31,Inj3ct0r,php,webapps,0 33207,platforms/windows/remote/33207.txt,"SmartVMD 1.3 - ActiveX Control 'VideoMovementDetection.dll' Buffer Overflow",2009-09-01,"optix hacker",windows,remote,0 33208,platforms/php/webapps/33208.txt,"MKPortal 1.x - Multiple BBCode HTML Injection Vulnerabilities",2009-08-31,Inj3ct0r,php,webapps,0 33209,platforms/jsp/webapps/33209.txt,"Adobe RoboHelp Server 8 - Authentication Bypass",2009-09-03,Intevydis,jsp,webapps,0 @@ -29972,8 +29972,8 @@ id,file,description,date,author,platform,type,port 33223,platforms/linux/dos/33223.txt,"Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote DoS",2009-09-15,"Buildbot Builder",linux,dos,0 33224,platforms/linux/dos/33224.txt,"Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote DoS",2009-09-15,"Buildbot Builder",linux,dos,0 33225,platforms/windows/dos/33225.html,"EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution",2009-09-15,"Francis Provencher",windows,dos,0 -33226,platforms/php/webapps/33226.txt,"Mega File Hosting Script 1.2 - 'emaillinks.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 -33227,platforms/php/webapps/33227.txt,"TuttoPHP Morris Guestbook - 'view.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 +33226,platforms/php/webapps/33226.txt,"Mega File Hosting Script 1.2 - 'emaillinks.php' Cross-site Scripting",2009-09-16,Moudi,php,webapps,0 +33227,platforms/php/webapps/33227.txt,"TuttoPHP Morris Guestbook - 'view.php' Cross-site Scripting",2009-09-16,Moudi,php,webapps,0 33228,platforms/linux/dos/33228.txt,"Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow",2009-09-16,"Xiao Guangrong",linux,dos,0 33229,platforms/bsd/local/33229.c,"NetBSD 5.0.1 - 'IRET' General Protection Fault Handling Local Privilege Escalation",2009-09-16,"Tavis Ormandy",bsd,local,0 33230,platforms/linux/dos/33230.txt,"GNU glibc 2.x - 'strfmon()' Function Integer Overflow Weakness",2009-09-17,"Maksymilian Arciemowicz",linux,dos,0 @@ -29991,17 +29991,17 @@ id,file,description,date,author,platform,type,port 33242,platforms/php/webapps/33242.txt,"Vastal I-Tech Agent Zone - SQL Injection",2009-09-23,OoN_Boy,php,webapps,0 33345,platforms/php/webapps/33345.txt,"CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass",2009-11-10,"Andrew Horton",php,webapps,0 33343,platforms/php/webapps/33343.txt,"CuteNews 1.4.6 - register.php result Parameter XSS",2009-11-10,"Andrew Horton",php,webapps,0 -33344,platforms/php/webapps/33344.txt,"CuteNews 1.4.6 - index.php New User Creation CSRF",2009-11-10,"Andrew Horton",php,webapps,0 -33709,platforms/php/webapps/33709.txt,"Natychmiast CMS - Multiple Cross-Site Scripting / SQL Injection",2010-03-05,"Maciej Gojny",php,webapps,0 +33344,platforms/php/webapps/33344.txt,"CuteNews 1.4.6 - 'index.php' New User Creation CSRF",2009-11-10,"Andrew Horton",php,webapps,0 +33709,platforms/php/webapps/33709.txt,"Natychmiast CMS - Multiple Cross-site Scripting / SQL Injection",2010-03-05,"Maciej Gojny",php,webapps,0 33710,platforms/windows/dos/33710.txt,"J. River Media Jukebox 12 - (.mp3) Remote Heap Buffer Overflow",2010-03-04,"Gjoko Krstic",windows,dos,0 33255,platforms/linux/local/33255.txt,"Xen 3.x - pygrub Local Authentication Bypass",2009-09-25,"Jan Lieskovsky",linux,local,0 33247,platforms/hardware/webapps/33247.txt,"OpenFiler 2.99.1 - Arbitrary Code Execution",2014-05-08,"Dolev Farhi",hardware,webapps,0 33248,platforms/hardware/webapps/33248.txt,"OpenFiler 2.99.1 - Multiple persistent XSS Vulnerabilities",2014-05-08,"Dolev Farhi",hardware,webapps,0 33249,platforms/php/webapps/33249.txt,"Collabtive 1.2 - SQL Injection",2014-05-08,"Deepak Rathore",php,webapps,0 -33250,platforms/php/webapps/33250.txt,"Collabtive 1.2 - Stored XSS",2014-05-08,"Deepak Rathore",php,webapps,0 +33250,platforms/php/webapps/33250.txt,"Collabtive 1.2 - Persistent Cross-site Scripting",2014-05-08,"Deepak Rathore",php,webapps,0 33251,platforms/multiple/dos/33251.txt,"Python - Interpreter Heap Memory Corruption (PoC)",2014-05-08,"Debasish Mandal",multiple,dos,0 -33252,platforms/php/webapps/33252.txt,"Cobbler 2.4.x < 2.6.x - LFI",2014-05-08,"Dolev Farhi",php,webapps,0 -33256,platforms/php/webapps/33256.txt,"e107 0.7.x - ('CAPTCHA' Security Bypass / Cross-Site Scripting) Multiple Vulnerabilities",2009-09-28,MustLive,php,webapps,0 +33252,platforms/php/webapps/33252.txt,"Cobbler 2.4.x < 2.6.x - Local File Inclusion",2014-05-08,"Dolev Farhi",php,webapps,0 +33256,platforms/php/webapps/33256.txt,"e107 0.7.x - ('CAPTCHA' Security Bypass / Cross-site Scripting) Multiple Vulnerabilities",2009-09-28,MustLive,php,webapps,0 33257,platforms/hardware/remote/33257.txt,"Juniper Junos 8.5/9.0 J - Web Interface Default URI PATH_INFO Parameter XSS",2009-09-22,"Amir Azam",hardware,remote,0 33258,platforms/hardware/remote/33258.txt,"Juniper Junos 8.5/9.0 J-Web Interface - /diagnose Multiple Parameter XSS",2009-09-22,"Amir Azam",hardware,remote,0 33259,platforms/hardware/remote/33259.txt,"Juniper Junos 8.5/9.0 J-Web Interface - /configuration Multiple Parameter XSS",2009-09-22,"Amir Azam",hardware,remote,0 @@ -30011,8 +30011,8 @@ id,file,description,date,author,platform,type,port 33263,platforms/windows/remote/33263.html,"EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities",2009-10-01,"Giuseppe Fuggiano",windows,remote,0 33265,platforms/hardware/remote/33265.js,"Palm WebOS 1.0/1.1 - Email Arbitrary Script Injection",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 33266,platforms/php/webapps/33266.txt,"Joomla! CB Resume Builder - 'group_id' Parameter SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 -33267,platforms/php/webapps/33267.txt,"X-Cart Email Subscription - 'email' Parameter Cross-Site Scripting",2009-10-06,"Paulo Santos",php,webapps,0 -33268,platforms/asp/webapps/33268.html,"AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,"Sébastien Duquette",asp,webapps,0 +33267,platforms/php/webapps/33267.txt,"X-Cart Email Subscription - 'email' Parameter Cross-site Scripting",2009-10-06,"Paulo Santos",php,webapps,0 +33268,platforms/asp/webapps/33268.html,"AfterLogic WebMail Pro 4.7.10 - Multiple Cross-site Scripting Vulnerabilities",2009-10-06,"Sébastien Duquette",asp,webapps,0 33269,platforms/linux/dos/33269.txt,"Dopewars Server 1.5.12 - 'REQUESTJET' Message Remote Denial of Service",2009-10-15,"Doug Prostko",linux,dos,0 33270,platforms/windows/remote/33270.txt,"Microsoft Internet Explorer 5.0.1 - 'deflate' HTTP Content Encoding Remote Code Execution",2009-10-13,Skylined,windows,remote,0 33271,platforms/windows/dos/33271.py,"VMware Player and Workstation 6.5.3 - 'vmware-authd' Remote Denial of Service",2009-10-07,shinnai,windows,dos,0 @@ -30023,23 +30023,23 @@ id,file,description,date,author,platform,type,port 33645,platforms/windows/remote/33645.py,"httpdx 1.5 - 'MKD' Command Directory Traversal",2010-02-15,fb1h2s,windows,remote,0 33342,platforms/php/webapps/33342.txt,"CuteNews 1.4.6 - search.php Multiple Parameter XSS",2009-11-10,"Andrew Horton",php,webapps,0 33280,platforms/hardware/dos/33280.txt,"Palm WebOS 1.0/1.1 - 'LunaSysMgr' Service Denial of Service",2009-10-13,"Townsend Ladd Harris",hardware,dos,0 -33281,platforms/php/webapps/33281.txt,"Achievo 1.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2009-10-13,"Ryan Dewhurst",php,webapps,0 -33282,platforms/php/webapps/33282.txt,"Dream Poll 3.1 - 'index.php' Cross-Site Scripting / SQL Injection",2009-10-13,infosecstuff,php,webapps,0 +33281,platforms/php/webapps/33281.txt,"Achievo 1.x - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2009-10-13,"Ryan Dewhurst",php,webapps,0 +33282,platforms/php/webapps/33282.txt,"Dream Poll 3.1 - 'index.php' Cross-site Scripting / SQL Injection",2009-10-13,infosecstuff,php,webapps,0 33283,platforms/linux/dos/33283.txt,"Adobe Reader 9.1.3 and Acrobat - COM Objects Memory Corruption Remote Code Execution",2009-10-13,Skylined,linux,dos,0 -33284,platforms/multiple/webapps/33284.txt,"Pentaho BI 1.x - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities",2009-10-14,euronymous,multiple,webapps,0 +33284,platforms/multiple/webapps/33284.txt,"Pentaho BI 1.x - Multiple Cross-site Scripting / Information Disclosure Vulnerabilities",2009-10-14,euronymous,multiple,webapps,0 33317,platforms/php/webapps/33317.txt,"AlienVault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)",2014-05-12,"Chris Hebert",php,webapps,443 -33286,platforms/java/webapps/33286.txt,"Eclipse BIRT 2.2.1 - 'run?__report' Parameter Cross-Site Scripting",2009-10-14,"Michele Orru",java,webapps,0 -33287,platforms/php/webapps/33287.txt,"bloofoxCMS 0.3.5 - 'search' Parameter Cross-Site Scripting",2009-10-15,"drunken danish rednecks",php,webapps,0 -33288,platforms/php/webapps/33288.txt,"Zainu 1.0 - 'searchSongKeyword' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 +33286,platforms/java/webapps/33286.txt,"Eclipse BIRT 2.2.1 - 'run?__report' Parameter Cross-site Scripting",2009-10-14,"Michele Orru",java,webapps,0 +33287,platforms/php/webapps/33287.txt,"bloofoxCMS 0.3.5 - 'search' Parameter Cross-site Scripting",2009-10-15,"drunken danish rednecks",php,webapps,0 +33288,platforms/php/webapps/33288.txt,"Zainu 1.0 - 'searchSongKeyword' Parameter Cross-site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 33289,platforms/linux/dos/33289.txt,"Linux Kernel 2.6.x - '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service",2009-08-28,"Alistair Strachan",linux,dos,0 33290,platforms/php/webapps/33290.txt,"Snitz Forums 2000 3.4.7 - pop_send_to_friend.asp url Parameter XSS",2009-10-15,"Andrea Fabrizi",php,webapps,0 33291,platforms/php/webapps/33291.txt,"Snitz Forums 2000 3.4.7 - Sound Tag Onload Attribute XSS",2009-10-15,"Andrea Fabrizi",php,webapps,0 33292,platforms/jsp/webapps/33292.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS",2009-10-15,IBM,jsp,webapps,0 33293,platforms/jsp/webapps/33293.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/basic/searchView.jsp Multiple Parameter XSS",2009-10-15,IBM,jsp,webapps,0 -33294,platforms/php/webapps/33294.txt,"TBmnetCMS 1.0 - 'content' Parameter Cross-Site Scripting",2009-10-19,"drunken danish rednecks",php,webapps,0 +33294,platforms/php/webapps/33294.txt,"TBmnetCMS 1.0 - 'content' Parameter Cross-site Scripting",2009-10-19,"drunken danish rednecks",php,webapps,0 33295,platforms/php/webapps/33295.txt,"OpenDocMan 1.2.5 - add.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 33296,platforms/php/webapps/33296.txt,"OpenDocMan 1.2.5 - toBePublished.php Multiple Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 -33297,platforms/php/webapps/33297.txt,"OpenDocMan 1.2.5 - index.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 +33297,platforms/php/webapps/33297.txt,"OpenDocMan 1.2.5 - 'index.php' last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 33298,platforms/php/webapps/33298.txt,"OpenDocMan 1.2.5 - admin.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 33299,platforms/php/webapps/33299.txt,"OpenDocMan 1.2.5 - category.php XSS",2009-10-21,"Amol Naik",php,webapps,0 33300,platforms/php/webapps/33300.txt,"OpenDocMan 1.2.5 - department.php XSS",2009-10-21,"Amol Naik",php,webapps,0 @@ -30051,7 +30051,7 @@ id,file,description,date,author,platform,type,port 33306,platforms/linux/dos/33306.txt,"Snort 2.8.5 - Multiple Denial Of Service Vulnerabilities",2009-10-22,"laurent gaffie",linux,dos,0 33307,platforms/php/webapps/33307.php,"RunCMS - 'forum' Parameter SQL Injection",2009-10-26,Nine:Situations:Group::bookoo,php,webapps,0 33308,platforms/php/webapps/33308.txt,"Sahana 0.6.2 - 'mod' Parameter Local File Disclosure",2009-10-27,"Greg Miernicki",php,webapps,0 -33309,platforms/php/webapps/33309.txt,"TFTgallery 0.13 - 'album' Parameter Cross-Site Scripting",2009-10-26,blake,php,webapps,0 +33309,platforms/php/webapps/33309.txt,"TFTgallery 0.13 - 'album' Parameter Cross-site Scripting",2009-10-26,blake,php,webapps,0 33310,platforms/multiple/remote/33310.nse,"VMware Server 2.0.1 / ESXi Server 3.5 - Directory Traversal",2009-10-27,"Justin Morehouse",multiple,remote,0 33311,platforms/linux/remote/33311.txt,"KDE 4.3.2 - Multiple Input Validation Vulnerabilities",2009-10-27,"Tim Brown",linux,remote,0 33312,platforms/linux/dos/33312.txt,"Mozilla Firefox 3.5.3 - Floating Point Conversion Heap Overflow",2009-10-27,"Alin Rad Pop",linux,dos,0 @@ -30061,7 +30061,7 @@ id,file,description,date,author,platform,type,port 33316,platforms/multiple/remote/33316.java,"Sun Java SE November 2009 - Multiple Security Vulnerabilities (2)",2009-10-29,Tometzky,multiple,remote,0 33318,platforms/bsd/dos/33318.txt,"OpenBSD 4.6 / NetBSD 5.0.1 - 'printf(1)' Format String Parsing Denial of Service",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 33319,platforms/bsd/dos/33319.txt,"Multiple BSD Distributions - 'printf(3)' Memory Corruption",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 -33320,platforms/php/webapps/33320.txt,"TFTgallery 0.13 - 'sample' Parameter Cross-Site Scripting",2009-11-02,blake,php,webapps,0 +33320,platforms/php/webapps/33320.txt,"TFTgallery 0.13 - 'sample' Parameter Cross-site Scripting",2009-11-02,blake,php,webapps,0 33321,platforms/linux/local/33321.c,"Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Local Privilege Escalation (1)",2009-11-03,"teach & xipe",linux,local,0 33322,platforms/linux/local/33322.c,"Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation (2)",2009-11-03,"teach & xipe",linux,local,0 33591,platforms/linux/dos/33591.sh,"lighttpd 1.4/1.5 - Slow Request Handling Remote Denial Of Service",2010-02-02,"Li Ming",linux,dos,0 @@ -30091,96 +30091,96 @@ id,file,description,date,author,platform,type,port 33362,platforms/php/webapps/33362.txt,"CubeCart 3.0.4/4.3.6 - 'productId' Parameter SQL Injection",2009-11-19,"Sangte Amtham",php,webapps,0 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0 -33365,platforms/php/webapps/33365.txt,"WordPress WP-PHPList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 -33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0 -33367,platforms/php/webapps/33367.txt,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 -33368,platforms/php/webapps/33368.html,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 +33365,platforms/php/webapps/33365.txt,"WordPress WP-PHPList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-site Scripting",2009-11-29,MustLive,php,webapps,0 +33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-site Scripting",2009-11-15,MustLive,php,webapps,0 +33367,platforms/php/webapps/33367.txt,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 +33368,platforms/php/webapps/33368.html,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 33370,platforms/multiple/webapps/33370.html,"ElasticSearch - Remote Code Execution",2014-05-15,"Jeff Geiger",multiple,webapps,0 -33371,platforms/php/webapps/33371.txt,"WordPress WP-Cumulus Plugin 1.x - 'tagcloud.swf' Cross-Site Scripting",2009-11-09,MustLive,php,webapps,0 +33371,platforms/php/webapps/33371.txt,"WordPress WP-Cumulus Plugin 1.x - 'tagcloud.swf' Cross-site Scripting",2009-11-09,MustLive,php,webapps,0 33372,platforms/php/webapps/33372.html,"Fuctweb CapCC Plugin 1.0 for WordPress CAPTCHA - Security Bypass",2009-11-13,MustLive,php,webapps,0 -33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 WordPress Plugin - Multiple Cross-Site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 +33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 WordPress Plugin - Multiple Cross-site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 33374,platforms/php/webapps/33374.txt,"Cacti 0.8.x - graph.php Multiple Parameter XSS",2009-11-21,"Moritz Naumann",php,webapps,0 -33375,platforms/php/webapps/33375.txt,"Quick.Cart 3.4 / Quick.CMS 2.4 - Delete Function Cross-Site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0 +33375,platforms/php/webapps/33375.txt,"Quick.Cart 3.4 / Quick.CMS 2.4 - Delete Function Cross-site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0 33376,platforms/php/webapps/33376.pl,"klinza professional CMS 5.0.1 - 'menulast.php' Local File Inclusion",2009-11-24,klinza,php,webapps,0 -33377,platforms/php/webapps/33377.txt,"Joomla! ProofReader 1.0 RC9 Component - Cross-Site Scripting",2009-11-16,MustLive,php,webapps,0 -33378,platforms/php/webapps/33378.txt,"Joomla! 1.5.x - 404 Error Page Cross-Site Scripting",2009-11-23,MustLive,php,webapps,0 -33379,platforms/multiple/remote/33379.txt,"Apache Tomcat 3.2 - 404 Error Page Cross-Site Scripting",2009-09-02,MustLive,multiple,remote,0 -33380,platforms/php/webapps/33380.txt,"Power Phlogger 2.2.x - Cross-Site Scripting",2008-02-16,MustLive,php,webapps,0 +33377,platforms/php/webapps/33377.txt,"Joomla! ProofReader 1.0 RC9 Component - Cross-site Scripting",2009-11-16,MustLive,php,webapps,0 +33378,platforms/php/webapps/33378.txt,"Joomla! 1.5.x - 404 Error Page Cross-site Scripting",2009-11-23,MustLive,php,webapps,0 +33379,platforms/multiple/remote/33379.txt,"Apache Tomcat 3.2 - 404 Error Page Cross-site Scripting",2009-09-02,MustLive,multiple,remote,0 +33380,platforms/php/webapps/33380.txt,"Power Phlogger 2.2.x - Cross-site Scripting",2008-02-16,MustLive,php,webapps,0 33381,platforms/php/webapps/33381.txt,"Content Module 0.5 for XOOPS - 'id' Parameter SQL Injection",2009-11-30,s4r4d0,php,webapps,0 -33382,platforms/php/webapps/33382.txt,"SmartMedia Module 0.85 Beta for XOOPS - 'categoryid' Parameter Cross-Site Scripting",2009-11-30,SoldierOfAllah,php,webapps,0 +33382,platforms/php/webapps/33382.txt,"SmartMedia Module 0.85 Beta for XOOPS - 'categoryid' Parameter Cross-site Scripting",2009-11-30,SoldierOfAllah,php,webapps,0 33383,platforms/php/webapps/33383.txt,"Elxis - 'filename' Parameter Directory Traversal",2009-11-30,"cr4wl3r ",php,webapps,0 33384,platforms/windows/dos/33384.py,"Wireshark 1.10.7 - DoS PoC",2014-05-16,"Osanda Malith",windows,dos,0 -33385,platforms/php/webapps/33385.txt,"phpMyFAQ < 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2009-12-01,"Amol Naik",php,webapps,0 +33385,platforms/php/webapps/33385.txt,"phpMyFAQ < 2.5.4 - Multiple Cross-site Scripting Vulnerabilities",2009-12-01,"Amol Naik",php,webapps,0 33386,platforms/multiple/dos/33386.html,"Mozilla Firefox 29.0 - Null Pointer Dereference",2014-05-16,Mr.XHat,multiple,dos,0 33387,platforms/linux/local/33387.txt,"check_dhcp - Nagios Plugins 2.0.1 - Arbitrary Option File Read",2014-05-16,"Dawid Golunski",linux,local,0 33388,platforms/linux/remote/33388.f,"Xfig and Transfig 3.2.5 - .fig Buffer Overflow",2009-12-03,pedamachephepto,linux,remote,0 33389,platforms/php/webapps/33389.txt,"EGroupware 1.8.006 - Multiple Vulnerabilities",2014-05-16,"High-Tech Bridge SA",php,webapps,80 -33390,platforms/php/webapps/33390.txt,"Yoast Google Analytics for WordPress Plugin 3.2.4 - 404 Error Page Cross-Site Scripting",2009-12-04,intern0t,php,webapps,0 -33391,platforms/php/webapps/33391.txt,"YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting",2009-12-07,"aBo MoHaMeD",php,webapps,0 -33392,platforms/php/webapps/33392.txt,"YOOtheme Warp5 Joomla! Component - 'yt_color' Parameter Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 -33393,platforms/php/webapps/33393.txt,"Joomla! You!Hostit! 1.0.1 Template - Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 -33394,platforms/php/webapps/33394.txt,"Invision Power Board 3.0.3 - (.txt) MIME-Type Cross-Site Scripting",2009-12-09,Xacker,php,webapps,0 +33390,platforms/php/webapps/33390.txt,"Yoast Google Analytics for WordPress Plugin 3.2.4 - 404 Error Page Cross-site Scripting",2009-12-04,intern0t,php,webapps,0 +33391,platforms/php/webapps/33391.txt,"YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-site Scripting",2009-12-07,"aBo MoHaMeD",php,webapps,0 +33392,platforms/php/webapps/33392.txt,"YOOtheme Warp5 Joomla! Component - 'yt_color' Parameter Cross-site Scripting",2009-12-04,andresg888,php,webapps,0 +33393,platforms/php/webapps/33393.txt,"Joomla! You!Hostit! 1.0.1 Template - Cross-site Scripting",2009-12-04,andresg888,php,webapps,0 +33394,platforms/php/webapps/33394.txt,"Invision Power Board 3.0.3 - (.txt) MIME-Type Cross-site Scripting",2009-12-09,Xacker,php,webapps,0 33395,platforms/linux/local/33395.txt,"Linux Kernel 2.6.x - Ext4 'move extents' ioctl Local Privilege Escalation",2009-11-09,"Akira Fujita",linux,local,0 -33396,platforms/php/webapps/33396.txt,"Zeeways ZeeJobsite - 'basic_search_result.php' Cross-Site Scripting",2009-12-10,bi0,php,webapps,0 +33396,platforms/php/webapps/33396.txt,"Zeeways ZeeJobsite - 'basic_search_result.php' Cross-site Scripting",2009-12-10,bi0,php,webapps,0 33397,platforms/linux/dos/33397.txt,"MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query DoS",2009-11-23,"Shane Bester",linux,dos,0 33398,platforms/linux/dos/33398.txt,"MySQL 6.0.9 - GeomFromWKB() Function First Argument Geometry Value Handling DoS",2009-11-23,"Shane Bester",linux,dos,0 33399,platforms/multiple/remote/33399.txt,"Oracle E-Business Suite 11i - Multiple Remote Vulnerabilities",2009-12-14,Hacktics,multiple,remote,0 -33400,platforms/php/webapps/33400.txt,"Ez Cart - 'sid' Parameter Cross-Site Scripting",2009-12-14,anti-gov,php,webapps,0 -33435,platforms/php/webapps/33435.txt,"ClarkConnect Linux 5.0 - 'proxy.php' Cross-Site Scripting",2009-12-22,"Edgard Chammas",php,webapps,0 +33400,platforms/php/webapps/33400.txt,"Ez Cart - 'sid' Parameter Cross-site Scripting",2009-12-14,anti-gov,php,webapps,0 +33435,platforms/php/webapps/33435.txt,"ClarkConnect Linux 5.0 - 'proxy.php' Cross-site Scripting",2009-12-22,"Edgard Chammas",php,webapps,0 33436,platforms/php/webapps/33436.txt,"PHP-Calendar 1.1 - update08.php configfile Parameter Traversal Local File Inclusion",2009-12-21,"Juan Galiana Lara",php,webapps,0 33437,platforms/php/webapps/33437.txt,"PHP-Calendar 1.1 - update10.php configfile Parameter Traversal Local File Inclusion",2009-12-21,"Juan Galiana Lara",php,webapps,0 -33438,platforms/multiple/webapps/33438.txt,"webMathematica 3 - 'MSP' Script Cross-Site Scripting",2009-12-23,"Floyd Fuh",multiple,webapps,0 -33439,platforms/php/webapps/33439.txt,"MyBB 1.4.10 - 'myps.php' Cross-Site Scripting",2009-12-24,"Steven Abbagnaro",php,webapps,0 +33438,platforms/multiple/webapps/33438.txt,"webMathematica 3 - 'MSP' Script Cross-site Scripting",2009-12-23,"Floyd Fuh",multiple,webapps,0 +33439,platforms/php/webapps/33439.txt,"MyBB 1.4.10 - 'myps.php' Cross-site Scripting",2009-12-24,"Steven Abbagnaro",php,webapps,0 33440,platforms/php/webapps/33440.txt,"Joomla! iF Portfolio Nexus - 'controller' Parameter Remote File Inclusion",2009-12-29,F10riX,php,webapps,0 -33441,platforms/php/webapps/33441.txt,"Joomla! Joomulus Component 2.0 - 'tagcloud.swf' Cross-Site Scripting",2009-12-28,MustLive,php,webapps,0 +33441,platforms/php/webapps/33441.txt,"Joomla! Joomulus Component 2.0 - 'tagcloud.swf' Cross-site Scripting",2009-12-28,MustLive,php,webapps,0 33442,platforms/php/webapps/33442.txt,"FreePBX 2.5.2 - admin/config.php tech Parameter XSS",2009-12-28,Global-Evolution,php,webapps,0 33443,platforms/php/webapps/33443.txt,"FreePBX 2.5.2 - Zap Channel Addition Description Parameter XSS",2009-12-28,Global-Evolution,php,webapps,0 33444,platforms/php/webapps/33444.txt,"DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion",2009-12-28,Securitylab.ir,php,webapps,0 -33445,platforms/php/webapps/33445.txt,"phpInstantGallery 1.1 - 'admin.php' Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -33446,platforms/php/webapps/33446.txt,"Barbo91 - 'upload.php' Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +33445,platforms/php/webapps/33445.txt,"phpInstantGallery 1.1 - 'admin.php' Cross-site Scripting",2009-12-26,indoushka,php,webapps,0 +33446,platforms/php/webapps/33446.txt,"Barbo91 - 'upload.php' Cross-site Scripting",2009-12-25,indoushka,php,webapps,0 33447,platforms/php/webapps/33447.php,"FreeWebshop 2.2.9 R2 - Multiple Remote Vulnerabilities",2009-12-29,"Akita Software Security",php,webapps,0 -33448,platforms/php/webapps/33448.txt,"AzDGDatingMedium 1.9.3 - 'l' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-29,indoushka,php,webapps,0 -33449,platforms/php/webapps/33449.txt,"Conkurent PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass",2009-12-31,indoushka,php,webapps,0 -33450,platforms/php/webapps/33450.txt,"SendStudio 4.0.1 - Cross-Site Scripting / Security Bypass",2009-12-31,indoushka,php,webapps,0 -33451,platforms/php/webapps/33451.txt,"BosClassifieds 1.20 - 'recent.php' Cross-Site Scripting",2009-12-31,indoushka,php,webapps,0 -33452,platforms/php/webapps/33452.txt,"Imagevue r16 - 'amount' Parameter Cross-Site Scripting",2009-12-31,indoushka,php,webapps,0 +33448,platforms/php/webapps/33448.txt,"AzDGDatingMedium 1.9.3 - 'l' Parameter Multiple Cross-site Scripting Vulnerabilities",2009-12-29,indoushka,php,webapps,0 +33449,platforms/php/webapps/33449.txt,"Conkurent PHPMyCart 1.3 - Cross-site Scripting / Authentication Bypass",2009-12-31,indoushka,php,webapps,0 +33450,platforms/php/webapps/33450.txt,"SendStudio 4.0.1 - Cross-site Scripting / Security Bypass",2009-12-31,indoushka,php,webapps,0 +33451,platforms/php/webapps/33451.txt,"BosClassifieds 1.20 - 'recent.php' Cross-site Scripting",2009-12-31,indoushka,php,webapps,0 +33452,platforms/php/webapps/33452.txt,"Imagevue r16 - 'amount' Parameter Cross-site Scripting",2009-12-31,indoushka,php,webapps,0 33453,platforms/windows/remote/33453.py,"Easy File Management Web Server 5.3 - Stack Buffer Overflow",2014-05-21,superkojiman,windows,remote,0 33454,platforms/windows/remote/33454.py,"Easy Address Book Web Server 1.6 - Stack Buffer Overflow",2014-05-21,superkojiman,windows,remote,0 33455,platforms/hardware/webapps/33455.txt,"Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities",2014-05-21,"Samandeep Singh",hardware,webapps,0 -33456,platforms/php/webapps/33456.txt,"Stardevelop Live Help 2.6 - 'SERVER' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-31,indoushka,php,webapps,0 -33457,platforms/php/webapps/33457.txt,"Photokorn 1.542 - Cross-Site Scripting / Remote File Inclusion",2009-12-31,indoushka,php,webapps,0 -33458,platforms/php/webapps/33458.txt,"Discuz! 1.0 - 'referer' Parameter Cross-Site Scripting",2009-12-31,indoushka,php,webapps,0 -33459,platforms/php/webapps/33459.txt,"DieselPay 1.6 - Cross-Site Scripting / Directory Traversal",2009-12-31,indoushka,php,webapps,0 -33460,platforms/php/webapps/33460.txt,"Reamday Enterprises Magic News Plus 1.0.2 - Cross-Site Scripting",2010-01-01,indoushka,php,webapps,0 -33461,platforms/php/webapps/33461.txt,"PHPCart 3.1.2 - 'search.php' Cross-Site Scripting",2010-01-01,indoushka,php,webapps,0 -33462,platforms/php/webapps/33462.txt,"VirtuaSystems VirtuaNews Pro 1.0.4 - 'admin.php' Cross-Site Scripting",2010-01-01,indoushka,php,webapps,0 -33463,platforms/php/webapps/33463.txt,"VisionGate 1.6 - 'login.php' Cross-Site Scripting",2010-01-01,indoushka,php,webapps,0 -33464,platforms/php/webapps/33464.txt,"Discuz! 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-03,indoushka,php,webapps,0 -33465,platforms/php/webapps/33465.txt,"SLAED CMS 2.0 - 'stop' Parameter Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0 -33466,platforms/php/webapps/33466.txt,"pL-PHP 0.9 - 'index.php' Cross-Site Scripting",2010-01-04,indoushka,php,webapps,0 -33467,platforms/php/webapps/33467.txt,"WMNews - 'admin/wmnews.php' Cross-Site Scripting",2010-01-04,indoushka,php,webapps,0 -33468,platforms/php/webapps/33468.txt,"MercuryBoard 1.1.5 - 'index.php' Cross-Site Scripting",2010-01-04,indoushka,php,webapps,0 -33469,platforms/php/webapps/33469.txt,"LXR 0.9.x - Cross Referencer Multiple Cross-Site Scripting Vulnerabilities",2010-01-05,"Dan Rosenberg",php,webapps,0 +33456,platforms/php/webapps/33456.txt,"Stardevelop Live Help 2.6 - 'SERVER' Parameter Multiple Cross-site Scripting Vulnerabilities",2009-12-31,indoushka,php,webapps,0 +33457,platforms/php/webapps/33457.txt,"Photokorn 1.542 - Cross-site Scripting / Remote File Inclusion",2009-12-31,indoushka,php,webapps,0 +33458,platforms/php/webapps/33458.txt,"Discuz! 1.0 - 'referer' Parameter Cross-site Scripting",2009-12-31,indoushka,php,webapps,0 +33459,platforms/php/webapps/33459.txt,"DieselPay 1.6 - Cross-site Scripting / Directory Traversal",2009-12-31,indoushka,php,webapps,0 +33460,platforms/php/webapps/33460.txt,"Reamday Enterprises Magic News Plus 1.0.2 - Cross-site Scripting",2010-01-01,indoushka,php,webapps,0 +33461,platforms/php/webapps/33461.txt,"PHPCart 3.1.2 - 'search.php' Cross-site Scripting",2010-01-01,indoushka,php,webapps,0 +33462,platforms/php/webapps/33462.txt,"VirtuaSystems VirtuaNews Pro 1.0.4 - 'admin.php' Cross-site Scripting",2010-01-01,indoushka,php,webapps,0 +33463,platforms/php/webapps/33463.txt,"VisionGate 1.6 - 'login.php' Cross-site Scripting",2010-01-01,indoushka,php,webapps,0 +33464,platforms/php/webapps/33464.txt,"Discuz! 2.0 - Multiple Cross-site Scripting Vulnerabilities",2010-01-03,indoushka,php,webapps,0 +33465,platforms/php/webapps/33465.txt,"SLAED CMS 2.0 - 'stop' Parameter Cross-site Scripting",2010-01-03,indoushka,php,webapps,0 +33466,platforms/php/webapps/33466.txt,"pL-PHP 0.9 - 'index.php' Cross-site Scripting",2010-01-04,indoushka,php,webapps,0 +33467,platforms/php/webapps/33467.txt,"WMNews - 'admin/wmnews.php' Cross-site Scripting",2010-01-04,indoushka,php,webapps,0 +33468,platforms/php/webapps/33468.txt,"MercuryBoard 1.1.5 - 'index.php' Cross-site Scripting",2010-01-04,indoushka,php,webapps,0 +33469,platforms/php/webapps/33469.txt,"LXR 0.9.x - Cross Referencer Multiple Cross-site Scripting Vulnerabilities",2010-01-05,"Dan Rosenberg",php,webapps,0 33470,platforms/php/webapps/33470.txt,"LineWeb 1.0.5 - Multiple Remote Vulnerabilities",2010-01-05,"Ignacio Garrido",php,webapps,0 -33471,platforms/hardware/remote/33471.txt,"D-LINK DKVM-IP8 - 'auth.asp' Cross-Site Scripting",2010-01-06,POPCORN,hardware,remote,0 +33471,platforms/hardware/remote/33471.txt,"D-LINK DKVM-IP8 - 'auth.asp' Cross-site Scripting",2010-01-06,POPCORN,hardware,remote,0 33472,platforms/multiple/dos/33472.py,"Sun Java System Web Server 6.1/7.0 - HTTP 'TRACE' Heap Buffer Overflow",2010-01-06,"Evgeny Legerov",multiple,dos,0 -33473,platforms/php/webapps/33473.txt,"RoundCube Webmail 0.2 - Cross-Site Scripting",2010-01-06,"j4ck and Globus",php,webapps,0 +33473,platforms/php/webapps/33473.txt,"RoundCube Webmail 0.2 - Cross-site Scripting",2010-01-06,"j4ck and Globus",php,webapps,0 33474,platforms/php/webapps/33474.txt,"Joomla! DM Orders Component - 'id' Parameter SQL Injection",2010-01-07,NoGe,php,webapps,0 -33475,platforms/php/webapps/33475.txt,"dotProject 2.1.3 - Multiple SQL Injection / HTML Injection Vulnerabilities",2010-01-07,"Justin C. Klein Keane",php,webapps,0 +33475,platforms/php/webapps/33475.txt,"dotProject 2.1.3 - Multiple SQL Injections / HTML Injection Vulnerabilities",2010-01-07,"Justin C. Klein Keane",php,webapps,0 33478,platforms/php/webapps/33478.txt,"Joomla! Jobads - 'type' Parameter SQL Injection",2010-01-08,N0KT4,php,webapps,0 33479,platforms/osx/dos/33479.c,"Mac OS X 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 33480,platforms/linux/dos/33480.txt,"MATLAB R2009b - 'dtoa' Implementation Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",linux,dos,0 -33481,platforms/asp/webapps/33481.txt,"DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting",2010-01-09,Cyber_945,asp,webapps,0 -33482,platforms/php/webapps/33482.txt,"DigitalHive - 'mt' Parameter Cross-Site Scripting",2010-01-10,"ViRuSMaN ",php,webapps,0 +33481,platforms/asp/webapps/33481.txt,"DevWorx BlogWorx 1.0 - 'forum.asp' Cross-site Scripting",2010-01-09,Cyber_945,asp,webapps,0 +33482,platforms/php/webapps/33482.txt,"DigitalHive - 'mt' Parameter Cross-site Scripting",2010-01-10,"ViRuSMaN ",php,webapps,0 33483,platforms/multiple/dos/33483.py,"Sun Java System Directory Server 7.0 - 'core_get_proxyauth_dn' Denial of Service",2010-01-10,Intevydis,multiple,dos,0 -33484,platforms/php/webapps/33484.txt,"DeltaScripts PHP Links 1.0 - 'email' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 -33485,platforms/php/webapps/33485.txt,"Jamit Job Board - 'post_id' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 -33486,platforms/php/webapps/33486.txt,"@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 -33487,platforms/php/webapps/33487.txt,"PhPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting",2010-01-12,Crux,php,webapps,0 -33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Variable Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 +33484,platforms/php/webapps/33484.txt,"DeltaScripts PHP Links 1.0 - 'email' Parameter Cross-site Scripting",2010-01-11,Crux,php,webapps,0 +33485,platforms/php/webapps/33485.txt,"Jamit Job Board - 'post_id' Parameter Cross-site Scripting",2010-01-11,Crux,php,webapps,0 +33486,platforms/php/webapps/33486.txt,"@lex Guestbook 5.0 - Multiple Cross-site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 +33487,platforms/php/webapps/33487.txt,"PhPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-site Scripting",2010-01-12,Crux,php,webapps,0 +33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Variable Multiple Cross-site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 33489,platforms/multiple/remote/33489.txt,"Ruby 1.9.1 - WEBrick Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33490,platforms/multiple/remote/33490.txt,"nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33493,platforms/multiple/webapps/33493.txt,"Mayan-EDms web-based document management OS system - Multiple Stored XSS",2014-05-24,"Dolev Farhi",multiple,webapps,0 +33493,platforms/multiple/webapps/33493.txt,"Mayan-EDms web-based document management OS system - Multiple Persistent Cross-site Scripting",2014-05-24,"Dolev Farhi",multiple,webapps,0 33494,platforms/cgi/webapps/33494.txt,"Web Terra 1.1 - books.cgi Remote Command Execution",2014-05-24,"felipe andrian",cgi,webapps,0 33495,platforms/windows/dos/33495.py,"Core FTP Server 1.2 build 535 32-bit - Crash PoC",2014-05-24,"Kaczinski Ramirez",windows,dos,0 33581,platforms/linux/dos/33581.txt,"Hybserv2 - ':help' Command Denial Of Service",2010-01-29,"Julien Cristau",linux,dos,0 @@ -30194,48 +30194,48 @@ id,file,description,date,author,platform,type,port 33502,platforms/windows/remote/33502.txt,"Yaws 1.55 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,windows,remote,0 33503,platforms/multiple/remote/33503.txt,"Orion Application Server 2.0.7 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33504,platforms/multiple/remote/33504.txt,"Boa Webserver 0.94.x - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33505,platforms/php/webapps/33505.txt,"Docmint 1.0/2.1 - 'id' Parameter Cross-Site Scripting",2010-01-12,Red-D3v1L,php,webapps,0 +33505,platforms/php/webapps/33505.txt,"Docmint 1.0/2.1 - 'id' Parameter Cross-site Scripting",2010-01-12,Red-D3v1L,php,webapps,0 33506,platforms/multiple/dos/33506.py,"Oracle Database - Remote Listener Memory Corruption",2010-01-12,"Dennis Yurichev",multiple,dos,0 -33507,platforms/php/webapps/33507.txt,"Simple PHP Blog 0.5.x - 'search.php' Cross-Site Scripting",2010-01-12,Sora,php,webapps,0 +33507,platforms/php/webapps/33507.txt,"Simple PHP Blog 0.5.x - 'search.php' Cross-site Scripting",2010-01-12,Sora,php,webapps,0 33508,platforms/linux/local/33508.txt,"GNU Bash 4.0 - 'ls' Control Character Command Injection",2010-01-13,"Eric Piel",linux,local,0 -33509,platforms/php/webapps/33509.txt,"Joomla! 'com_tienda' Component - 'categoria' Parameter Cross-Site Scripting",2010-01-13,FL0RiX,php,webapps,0 -33510,platforms/php/webapps/33510.txt,"Tribisur - 'cat' Parameter Cross-Site Scripting",2010-01-13,"ViRuSMaN ",php,webapps,0 -33511,platforms/multiple/webapps/33511.txt,"Zenoss 2.3.3 - Multiple SQL Injection",2010-01-14,"nGenuity Information Services",multiple,webapps,0 -33514,platforms/php/webapps/33514.txt,"Videos Tube 1.0 - Multiple SQL Injection",2014-05-26,"Mustafa ALTINKAYNAK",php,webapps,80 -33646,platforms/php/webapps/33646.txt,"Joomla MS Comment Component 0.8.0b - Security Bypass / Cross-Site Scripting Vulnerabilities",2009-12-31,"Jeff Channell",php,webapps,0 +33509,platforms/php/webapps/33509.txt,"Joomla! 'com_tienda' Component - 'categoria' Parameter Cross-site Scripting",2010-01-13,FL0RiX,php,webapps,0 +33510,platforms/php/webapps/33510.txt,"Tribisur - 'cat' Parameter Cross-site Scripting",2010-01-13,"ViRuSMaN ",php,webapps,0 +33511,platforms/multiple/webapps/33511.txt,"Zenoss 2.3.3 - Multiple SQL Injections",2010-01-14,"nGenuity Information Services",multiple,webapps,0 +33514,platforms/php/webapps/33514.txt,"Videos Tube 1.0 - Multiple SQL Injections",2014-05-26,"Mustafa ALTINKAYNAK",php,webapps,80 +33646,platforms/php/webapps/33646.txt,"Joomla MS Comment Component 0.8.0b - Security Bypass / Cross-site Scripting Vulnerabilities",2009-12-31,"Jeff Channell",php,webapps,0 33516,platforms/linux/local/33516.c,"Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Local Privilege Escalation",2014-05-26,"Matthew Daley",linux,local,0 -33518,platforms/hardware/webapps/33518.txt,"ZyXEL P-660HW-T1 3 Wireless Router - CSRF",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 +33518,platforms/hardware/webapps/33518.txt,"ZyXEL P-660HW-T1 3 Wireless Router - Cross-site Request Forgery",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0 33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80 33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming - Arbitrary File Upload",2014-05-26,Metasploit,multiple,remote,9855 33611,platforms/windows/remote/33611.txt,"GeFest Web Home Server 1.0 - Remote Directory Traversal",2010-02-08,Markot,windows,remote,0 33572,platforms/unix/local/33572.txt,"IBM DB2 - 'REPEAT()' Heap Buffer Overflow",2010-01-27,"Evgeny Legerov",unix,local,0 -33574,platforms/php/webapps/33574.txt,"Discuz! 6.0 - 'tid' Parameter Cross-Site Scripting",2010-01-27,s4r4d0,php,webapps,0 -33575,platforms/cfm/webapps/33575.txt,"CommonSpot Server - 'utilities/longproc.cfm' Cross-Site Scripting",2010-01-28,"Richard Brain",cfm,webapps,0 +33574,platforms/php/webapps/33574.txt,"Discuz! 6.0 - 'tid' Parameter Cross-site Scripting",2010-01-27,s4r4d0,php,webapps,0 +33575,platforms/cfm/webapps/33575.txt,"CommonSpot Server - 'utilities/longproc.cfm' Cross-site Scripting",2010-01-28,"Richard Brain",cfm,webapps,0 33576,platforms/linux/local/33576.txt,"Battery Life Toolkit 1.0.9 - 'bltk_sudo' Local Privilege Escalation",2010-01-28,"Matthew Garrett",linux,local,0 33589,platforms/linux/local/33589.c,"Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Root Exploit (3)",2014-05-31,"Vitaly Nikolenko",linux,local,0 33523,platforms/linux/local/33523.c,"Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation",2009-12-16,"Tavis Ormandy",linux,local,0 33524,platforms/linux/dos/33524.txt,"OpenOffice 3.1 - (.csv) Remote Denial of Service",2010-01-14,"Hellcode Research",linux,dos,0 33525,platforms/php/remote/33525.txt,"Zend Framework 1.9.6 - Multiple Input Validation Vulnerabilities / Security Bypass Weakness",2010-01-14,"draic Brady",php,remote,0 -33526,platforms/php/webapps/33526.txt,"Technology for Solutions 1.0 - 'id' Parameter Cross-Site Scripting",2010-01-14,PaL-D3v1L,php,webapps,0 +33526,platforms/php/webapps/33526.txt,"Technology for Solutions 1.0 - 'id' Parameter Cross-site Scripting",2010-01-14,PaL-D3v1L,php,webapps,0 33527,platforms/unix/dos/33527.py,"IBM Tivoli Directory Server 6.2 - 'ibmdiradm' Null Pointer Dereference Denial of Service",2006-04-01,Intevydis,unix,dos,0 -33528,platforms/php/webapps/33528.txt,"Xforum 1.4 - 'nbpageliste' Parameter Cross-Site Scripting",2010-01-14,"ViRuSMaN ",php,webapps,0 -33529,platforms/php/webapps/33529.txt,"Joomla! 'com_marketplace' Component 1.2 - 'catid' Parameter Cross-Site Scripting",2010-01-14,"ViRuSMaN ",php,webapps,0 +33528,platforms/php/webapps/33528.txt,"Xforum 1.4 - 'nbpageliste' Parameter Cross-site Scripting",2010-01-14,"ViRuSMaN ",php,webapps,0 +33529,platforms/php/webapps/33529.txt,"Joomla! 'com_marketplace' Component 1.2 - 'catid' Parameter Cross-site Scripting",2010-01-14,"ViRuSMaN ",php,webapps,0 33530,platforms/php/webapps/33530.txt,"LetoDms 1.4.x - 'lang' Parameter Local File Inclusion",2010-01-15,"D. Fabian",php,webapps,0 33531,platforms/multiple/dos/33531.py,"Zeus Web Server 4.x - 'SSL2_CLIENT_HELLO' Remote Buffer Overflow",2010-01-15,Intevydis,multiple,dos,0 33532,platforms/multiple/dos/33532.txt,"Oracle Internet Directory 10.1.2.0.2 - 'oidldapd' Remote Memory Corruption",2006-11-10,Intevydis,multiple,dos,0 33533,platforms/windows/dos/33533.html,"Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow",2010-01-18,karak0rsan,windows,dos,0 -33534,platforms/php/webapps/33534.txt,"TestLink 1.8.5 - 'order_by_login_dir' Parameter Cross-Site Scripting",2010-01-18,"Prashant Khandelwal",php,webapps,0 +33534,platforms/php/webapps/33534.txt,"TestLink 1.8.5 - 'order_by_login_dir' Parameter Cross-site Scripting",2010-01-18,"Prashant Khandelwal",php,webapps,0 33535,platforms/linux/remote/33535.txt,"SystemTap 1.0 - 'stat-server' Remote Arbitrary Command Injection",2010-01-15,"Frank Ch. Eigler",linux,remote,0 -33536,platforms/multiple/remote/33536.txt,"Zenoss 2.3.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-01-18,"Adam Baldwin",multiple,remote,0 +33536,platforms/multiple/remote/33536.txt,"Zenoss 2.3.3 - Multiple Cross-site Request Forgery Vulnerabilities",2010-01-18,"Adam Baldwin",multiple,remote,0 33538,platforms/windows/remote/33538.py,"Easy File Sharing FTP Server 3.5 - Stack Buffer Overflow",2014-05-27,superkojiman,windows,remote,21 33636,platforms/php/webapps/33636.sh,"Interspire Knowledge Manager 5 - 'callback.snipshot.php' Arbitrary File Creation",2010-02-03,"Cory Marsh",php,webapps,0 33637,platforms/php/webapps/33637.txt,"Webee Comments Component 1.1/1.2 for Joomla! - index2.php articleId SQL Injection",2009-11-15,"Jeff Channell",php,webapps,0 33638,platforms/php/webapps/33638.txt,"Webee Comments Component 1.1/1.2 for Joomla! - Multiple BBCode Tags XSS",2009-11-15,"Jeff Channell",php,webapps,0 33639,platforms/php/webapps/33639.txt,"Joomla! EasyBook 2.0.0rc4 Component - Multiple HTML Injection Vulnerabilities",2009-09-17,"Jeff Channell",php,webapps,0 -33640,platforms/windows/dos/33640.py,"AIMP 2.8.3 - (.m3u) Remote Stack Buffer Overflow",2010-02-12,Molotov,windows,dos,0 +33640,platforms/windows/dos/33640.py,"AIMP 2.8.3 - '.m3u' Remote Stack Buffer Overflow",2010-02-12,Molotov,windows,dos,0 33634,platforms/php/webapps/33634.txt,"CommodityRentals CD Rental Software - 'index.php' SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 -33540,platforms/windows/remote/33540.txt,"SurgeFTP 2.x - 'surgeftpmgr.cgi' Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,indoushka,windows,remote,0 +33540,platforms/windows/remote/33540.txt,"SurgeFTP 2.x - 'surgeftpmgr.cgi' Multiple Cross-site Scripting Vulnerabilities",2010-01-18,indoushka,windows,remote,0 33541,platforms/php/webapps/33541.txt,"DataLife Engine 8.3 - engine/inc/include/init.php selected_language Parameter Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 33542,platforms/php/webapps/33542.txt,"DataLife Engine 8.3 - engine/inc/help.php config[langs] Parameter Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 33543,platforms/php/webapps/33543.txt,"DataLife Engine 8.3 - engine/ajax/pm.php config[lang] Parameter Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 @@ -30243,7 +30243,7 @@ id,file,description,date,author,platform,type,port 33545,platforms/php/webapps/33545.txt,"Jokes Complete Website - joke.php id Parameter XSS",2010-01-18,indoushka,php,webapps,0 33546,platforms/php/webapps/33546.txt,"Jokes Complete Website - results.php searchingred Parameter XSS",2010-01-18,indoushka,php,webapps,0 33547,platforms/php/webapps/33547.pl,"vBulletin 4.0.1 - 'misc.php' SQL Injection",2010-01-18,indoushka,php,webapps,0 -33548,platforms/php/webapps/33548.txt,"THELIA 1.4.2.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,EsSandRe,php,webapps,0 +33548,platforms/php/webapps/33548.txt,"THELIA 1.4.2.1 - Multiple Cross-site Scripting Vulnerabilities",2010-01-18,EsSandRe,php,webapps,0 33549,platforms/linux/dos/33549.txt,"OpenOffice 3.1 - (.slk) NULL Pointer Dereference Remote Denial of Service",2010-01-19,"Hellcode Research",linux,dos,0 33550,platforms/php/webapps/33550.txt,"VisualShapers ezContents 2.0.3 - Authentication Bypass / Multiple SQL Injection",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 33551,platforms/php/webapps/33551.txt,"PHPMySpace Gold 8.0 - 'gid' Parameter SQL Injection",2010-01-20,Ctacok,php,webapps,0 @@ -30259,21 +30259,21 @@ id,file,description,date,author,platform,type,port 33561,platforms/php/webapps/33561.txt,"OpenX 2.6.1 - SQL Injection",2010-01-22,AndySoon,php,webapps,0 33562,platforms/multiple/remote/33562.html,"Google Chrome 3.0 - Style Sheet Redirection Information Disclosure",2010-01-22,"Cesar Cerrudo",multiple,remote,0 33563,platforms/windows/remote/33563.txt,"Apple Safari 4.0.4 - Style Sheet Redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",windows,remote,0 -33564,platforms/jsp/webapps/33564.txt,"Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities",2009-10-24,aScii,jsp,webapps,0 -33565,platforms/php/webapps/33565.txt,"PunBB 1.3 - 'viewtopic.php' Cross-Site Scripting",2010-01-24,s4r4d0,php,webapps,0 -33566,platforms/php/webapps/33566.txt,"Joomla! 3D Cloud 'tagcloud.swf' - Cross-Site Scripting",2010-01-26,MustLive,php,webapps,0 -33567,platforms/hardware/remote/33567.txt,"Cisco Secure Desktop 3.x - 'translation' Cross-Site Scripting",2010-01-26,"Matias Pablo Brutti",hardware,remote,0 +33564,platforms/jsp/webapps/33564.txt,"Jetty 6.1.x - JSP Snoop Page Multiple Cross-site Scripting Vulnerabilities",2009-10-24,aScii,jsp,webapps,0 +33565,platforms/php/webapps/33565.txt,"PunBB 1.3 - 'viewtopic.php' Cross-site Scripting",2010-01-24,s4r4d0,php,webapps,0 +33566,platforms/php/webapps/33566.txt,"Joomla! 3D Cloud 'tagcloud.swf' - Cross-site Scripting",2010-01-26,MustLive,php,webapps,0 +33567,platforms/hardware/remote/33567.txt,"Cisco Secure Desktop 3.x - 'translation' Cross-site Scripting",2010-01-26,"Matias Pablo Brutti",hardware,remote,0 33568,platforms/hardware/remote/33568.txt,"Novatel Wireless MiFi 2352 - Password Information Disclosure",2010-01-17,"Alejandro Ramos",hardware,remote,0 -33569,platforms/multiple/remote/33569.txt,"HP System Management Homepage 3.0.2 - 'servercert' Parameter Cross-Site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 -33570,platforms/multiple/remote/33570.txt,"SAP BusinessObjects 12 - URI Redirection / Cross-Site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 +33569,platforms/multiple/remote/33569.txt,"HP System Management Homepage 3.0.2 - 'servercert' Parameter Cross-site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 +33570,platforms/multiple/remote/33570.txt,"SAP BusinessObjects 12 - URI Redirection / Cross-site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 33571,platforms/linux/dos/33571.txt,"PostgreSQL - 'bitsubstr' Buffer Overflow",2010-01-27,Intevydis,linux,dos,0 33585,platforms/linux/dos/33585.txt,"Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service",2010-02-01,"Mathias Krause",linux,dos,0 33586,platforms/php/webapps/33586.txt,"Joomla! 'com_gambling' Component - 'gamblingEvent' Parameter SQL Injection",2010-02-01,md.r00t,php,webapps,0 33587,platforms/windows/dos/33587.html,"Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero",2014-05-30,"Pawel Wylecial",windows,dos,0 33588,platforms/java/remote/33588.rb,"ElasticSearch Dynamic Script - Arbitrary Java Execution",2014-05-30,Metasploit,java,remote,9200 33595,platforms/php/webapps/33595.txt,"Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities",2010-02-04,"Cory Marsh",php,webapps,0 -33596,platforms/jsp/webapps/33596.txt,"KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-04,"Nahuel Grisolia",jsp,webapps,0 -33597,platforms/php/webapps/33597.txt,"Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-Site Scripting",2010-02-04,s4r4d0,php,webapps,0 +33596,platforms/jsp/webapps/33596.txt,"KnowGate hipergate 4.0.12 - Multiple Cross-site Scripting Vulnerabilities",2010-02-04,"Nahuel Grisolia",jsp,webapps,0 +33597,platforms/php/webapps/33597.txt,"Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-site Scripting",2010-02-04,s4r4d0,php,webapps,0 33598,platforms/linux/remote/33598.rb,"Samba 3.4.5 - Symlink Directory Traversal (Metasploit)",2010-02-04,kingcope,linux,remote,0 33599,platforms/linux/remote/33599.txt,"Samba 3.4.5 - Symlink Directory Traversal",2010-02-04,kingcope,linux,remote,0 33600,platforms/multiple/remote/33600.rb,"Oracle 10g - Multiple Remote Privilege Escalation Vulnerabilities",2010-02-05,"David Litchfield",multiple,remote,0 @@ -30282,7 +30282,7 @@ id,file,description,date,author,platform,type,port 33603,platforms/php/webapps/33603.html,"LANDesk Management Gateway 4.x - Multiple Security Vulnerabilities",2010-02-05,"Aureliano Calvo",php,webapps,0 33604,platforms/linux/local/33604.sh,"SystemTap 1.0/1.1 - '__get_argv()' and '__get_compat_argv()' Local Memory Corruption",2010-02-05,"Josh Stone",linux,local,0 33605,platforms/php/webapps/33605.php,"ASCET Interactive Huski CMS - 'i' Parameter Local File Inclusion",2010-02-05,Wireghoul,php,webapps,0 -33606,platforms/php/webapps/33606.txt,"ASCET Interactive Huski Retail - Multiple SQL Injection",2010-02-05,Wireghoul,php,webapps,0 +33606,platforms/php/webapps/33606.txt,"ASCET Interactive Huski Retail - Multiple SQL Injections",2010-02-05,Wireghoul,php,webapps,0 33607,platforms/multiple/dos/33607.html,"Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service",2010-02-07,"599eme Man",multiple,dos,0 33608,platforms/windows/dos/33608.html,"Apple Safari 4.0.4 - Remote Denial Of Service",2010-02-07,"599eme Man",windows,dos,0 33610,platforms/windows/remote/33610.py,"Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)",2014-06-01,"Julien Ahrens",windows,remote,80 @@ -30291,13 +30291,13 @@ id,file,description,date,author,platform,type,port 33615,platforms/multiple/remote/33615.txt,"JDownloader - 'JDExternInterface.java' Remote Code Execution",2010-02-08,apoc,multiple,remote,0 33616,platforms/multiple/remote/33616.txt,"Mongoose 2.8 - Space String Remote File Disclosure",2010-02-08,"Pouya Daneshmand",multiple,remote,0 33617,platforms/php/webapps/33617.txt,"Aflam Online 1.0 - 'index.php' SQL Injection",2010-02-08,alnjm33,php,webapps,0 -33618,platforms/php/webapps/33618.txt,"Zen Time Tracking 2.2 - Multiple SQL Injection",2010-02-08,"cr4wl3r ",php,webapps,0 -33619,platforms/php/webapps/33619.txt,"VideoDB 3.0.3 - 'login.php' Cross-Site Scripting",2010-02-08,vr,php,webapps,0 +33618,platforms/php/webapps/33618.txt,"Zen Time Tracking 2.2 - Multiple SQL Injections",2010-02-08,"cr4wl3r ",php,webapps,0 +33619,platforms/php/webapps/33619.txt,"VideoDB 3.0.3 - 'login.php' Cross-site Scripting",2010-02-08,vr,php,webapps,0 33620,platforms/linux/remote/33620.txt,"Helix Player 11.0.2 - Encoded URI Processing Buffer Overflow",2007-07-03,gwright,linux,remote,0 33621,platforms/php/webapps/33621.txt,"vBulletin Adsense Component - 'viewpage.php' SQL Injection",2010-02-09,JIKO,php,webapps,0 33622,platforms/linux/remote/33622.txt,"Accellion File Transfer - Appliance web_client_user_guide.html lang Parameter Traversal Arbitrary File Access",2010-02-10,"Tim Brown",linux,remote,0 33623,platforms/linux/local/33623.txt,"Accellion Secure File Transfer Appliance - Multiple Command Restriction Weakness Local Privilege Escalation",2010-02-10,"Tim Brown",linux,local,0 -33624,platforms/php/webapps/33624.txt,"vBulletin 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 +33624,platforms/php/webapps/33624.txt,"vBulletin 3.5.4 - Multiple Cross-site Scripting Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 33625,platforms/php/dos/33625.php,"PHP 5.3.1 - 'session_save_path()' 'safe_mode' Restriction-Bypass",2010-02-11,"Grzegorz Stachowiak",php,dos,0 33626,platforms/php/webapps/33626.txt,"PHPBTTracker+ 2.2 - SQL Injection",2014-06-03,"BackBox Linux Team",php,webapps,80 33627,platforms/ios/webapps/33627.txt,"NG WifiTransfer Pro 1.1 - Local File Inclusion",2014-06-03,Vulnerability-Lab,ios,webapps,8080 @@ -30307,112 +30307,112 @@ id,file,description,date,author,platform,type,port 33631,platforms/ios/webapps/33631.txt,"AllReader 1.0 iOS - Multiple Vulnerabilities",2014-06-03,Vulnerability-Lab,ios,webapps,8080 33632,platforms/ios/webapps/33632.txt,"Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities",2014-06-03,Vulnerability-Lab,ios,webapps,8080 33633,platforms/windows/webapps/33633.txt,"IPSwitch IMail Server WEB client 12.4 - persistent XSS",2014-06-03,Peru,windows,webapps,0 -33644,platforms/php/webapps/33644.txt,"Basic-CMS - 'nav_id' Parameter Cross-Site Scripting",2010-02-12,Red-D3v1L,php,webapps,0 +33644,platforms/php/webapps/33644.txt,"Basic-CMS - 'nav_id' Parameter Cross-site Scripting",2010-02-12,Red-D3v1L,php,webapps,0 33641,platforms/php/webapps/33641.txt,"Joomla! F!BB Component 1.5.96 RC - SQL Injection / HTML Injection",2009-09-17,"Jeff Channell",php,webapps,0 33642,platforms/windows/remote/33642.html,"Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow",2010-02-17,"Alexander Polyakov",windows,remote,0 -33643,platforms/php/webapps/33643.txt,"CMS Made Simple 1.6.6 - Local File Inclusion / Cross-Site Scripting",2010-02-12,"Beenu Arora",php,webapps,0 -33647,platforms/asp/webapps/33647.txt,"Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-16,"Roel Schouten",asp,webapps,0 -33648,platforms/hardware/remote/33648.txt,"Huawei HG510 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-16,"Ivan Markovic",hardware,remote,0 -33649,platforms/php/webapps/33649.txt,"BGSvetionik BGS CMS - 'search' Parameter Cross-Site Scripting",2010-02-16,hacker@sr.gov.yu,php,webapps,0 -33650,platforms/php/webapps/33650.txt,"Extreme Mobster - 'login' Parameter Cross-Site Scripting",2010-02-16,indoushka,php,webapps,0 -33651,platforms/php/webapps/33651.txt,"EziScript Google Page Rank 1.1 - Cross-Site Scripting",2010-02-16,sarabande,php,webapps,0 +33643,platforms/php/webapps/33643.txt,"CMS Made Simple 1.6.6 - Local File Inclusion / Cross-site Scripting",2010-02-12,"Beenu Arora",php,webapps,0 +33647,platforms/asp/webapps/33647.txt,"Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-site Scripting Vulnerabilities",2010-02-16,"Roel Schouten",asp,webapps,0 +33648,platforms/hardware/remote/33648.txt,"Huawei HG510 - Multiple Cross-site Request Forgery Vulnerabilities",2010-02-16,"Ivan Markovic",hardware,remote,0 +33649,platforms/php/webapps/33649.txt,"BGSvetionik BGS CMS - 'search' Parameter Cross-site Scripting",2010-02-16,hacker@sr.gov.yu,php,webapps,0 +33650,platforms/php/webapps/33650.txt,"Extreme Mobster - 'login' Parameter Cross-site Scripting",2010-02-16,indoushka,php,webapps,0 +33651,platforms/php/webapps/33651.txt,"EziScript Google Page Rank 1.1 - Cross-site Scripting",2010-02-16,sarabande,php,webapps,0 33652,platforms/php/webapps/33652.txt,"New-CMS 1.08 - Multiple Local File Inclusion and HTML-Injection Vulnerabilities",2010-02-18,"Alberto Fontanella",php,webapps,0 -33653,platforms/multiple/remote/33653.txt,"PortWise SSL VPN 4.6 - 'reloadFrame' Parameter Cross-Site Scripting",2010-02-18,"George Christopoulos",multiple,remote,0 +33653,platforms/multiple/remote/33653.txt,"PortWise SSL VPN 4.6 - 'reloadFrame' Parameter Cross-site Scripting",2010-02-18,"George Christopoulos",multiple,remote,0 33654,platforms/php/webapps/33654.py,"Madness Pro 1.14 - Persistent XSS",2014-06-06,bwall,php,webapps,0 33655,platforms/php/webapps/33655.py,"Madness Pro 1.14 - SQL Injection",2014-06-06,bwall,php,webapps,0 33656,platforms/php/webapps/33656.txt,"XlentProjects SphereCMS 1.1 - 'archive.php' SQL Injection",2010-02-18,"AmnPardaz Security Research Team",php,webapps,0 -33657,platforms/php/webapps/33657.txt,"Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-Site Scripting",2010-02-18,thebluegenius,php,webapps,0 -33658,platforms/php/webapps/33658.txt,"Social Web CMS 2 - 'index.php' Cross-Site Scripting",2010-02-19,GoLdeN-z3r0,php,webapps,0 -33659,platforms/php/webapps/33659.txt,"Joomla! 'com_recipe' Component - Multiple SQL Injection",2010-02-20,FL0RiX,php,webapps,0 -33660,platforms/php/webapps/33660.txt,"vBulletin 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-20,indoushka,php,webapps,0 +33657,platforms/php/webapps/33657.txt,"Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-site Scripting",2010-02-18,thebluegenius,php,webapps,0 +33658,platforms/php/webapps/33658.txt,"Social Web CMS 2 - 'index.php' Cross-site Scripting",2010-02-19,GoLdeN-z3r0,php,webapps,0 +33659,platforms/php/webapps/33659.txt,"Joomla! 'com_recipe' Component - Multiple SQL Injections",2010-02-20,FL0RiX,php,webapps,0 +33660,platforms/php/webapps/33660.txt,"vBulletin 4.0.2 - Multiple Cross-site Scripting Vulnerabilities",2010-02-20,indoushka,php,webapps,0 33661,platforms/php/webapps/33661.txt,"Galerie Dezign-Box - Multiple Input Validation Vulnerabilities",2010-02-22,indoushka,php,webapps,0 -33662,platforms/windows/remote/33662.txt,"WampServer 2.0i - lang Parameter Cross-Site Scripting",2010-02-22,"Gjoko Krstic",windows,remote,0 +33662,platforms/windows/remote/33662.txt,"WampServer 2.0i - lang Parameter Cross-site Scripting",2010-02-22,"Gjoko Krstic",windows,remote,0 33663,platforms/multiple/remote/33663.txt,"IBM WebSphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection",2010-02-19,"Sjoerd Resink",multiple,remote,0 33664,platforms/multiple/remote/33664.html,"Mozilla Firefox 3.5.8 - Style Sheet Redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",multiple,remote,0 -33665,platforms/php/webapps/33665.txt,"Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting",2010-02-23,"pratul agrawal",php,webapps,0 +33665,platforms/php/webapps/33665.txt,"Softbiz Jobs - 'sbad_type' Parameter Cross-site Scripting",2010-02-23,"pratul agrawal",php,webapps,0 33713,platforms/windows/dos/33713.py,"Core FTP LE 2.2 - Heap Overflow PoC",2014-06-11,"Gabor Seljan",windows,dos,0 -33675,platforms/jsp/webapps/33675.txt,"Multiple IBM Products - Login Page Cross-Site Scripting",2010-02-25,"Oren Hafif",jsp,webapps,0 +33675,platforms/jsp/webapps/33675.txt,"Multiple IBM Products - Login Page Cross-site Scripting",2010-02-25,"Oren Hafif",jsp,webapps,0 33676,platforms/php/webapps/33676.txt,"Newbie CMS 0.0.2 - Insecure Cookie Authentication Bypass",2010-02-25,JIKO,php,webapps,0 33677,platforms/php/dos/33677.txt,"PHP 5.3.1 - LCG Entropy Security",2010-02-26,Rasmus,php,dos,0 -33678,platforms/jsp/webapps/33678.txt,"ARISg 5.0 - 'wflogin.jsp' Cross-Site Scripting",2010-02-26,"Yaniv Miron",jsp,webapps,0 +33678,platforms/jsp/webapps/33678.txt,"ARISg 5.0 - 'wflogin.jsp' Cross-site Scripting",2010-02-26,"Yaniv Miron",jsp,webapps,0 33672,platforms/linux/dos/33672.txt,"Kojoney 0.0.4.1 - 'urllib.urlopen()' Remote Denial of Service",2010-02-24,Nicob,linux,dos,0 33673,platforms/php/webapps/33673.pl,"HD FLV Player Component for Joomla! - 'id' Parameter SQL Injection",2010-02-24,kaMtiEz,php,webapps,0 33674,platforms/php/webapps/33674.txt,"OpenInferno OI.Blogs 1.0 - Multiple Local File Inclusion",2010-02-24,JIKO,php,webapps,0 -33679,platforms/php/webapps/33679.txt,"TRUC 0.11 - 'login_reset_password_page.php' Cross-Site Scripting",2010-02-28,snakespc,php,webapps,0 +33679,platforms/php/webapps/33679.txt,"TRUC 0.11 - 'login_reset_password_page.php' Cross-site Scripting",2010-02-28,snakespc,php,webapps,0 33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Inclusion",2010-02-28,"cr4wl3r ",php,webapps,0 33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 - Installation Script Unauthorized Access",2010-02-27,indoushka,php,webapps,0 -33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - 'loyalty_enu/start.swe' Cross-Site Scripting",2010-03-01,Lament,multiple,remote,0 +33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - 'loyalty_enu/start.swe' Cross-site Scripting",2010-03-01,Lament,multiple,remote,0 33683,platforms/php/webapps/33683.txt,"Article Friendly - 'filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 33684,platforms/php/webapps/33684.txt,"Blax Blog 0.1 - 'girisyap.php' SQL Injection",2010-03-01,"cr4wl3r ",php,webapps,0 33685,platforms/php/webapps/33685.html,"DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Parameter Authentication Bypass",2010-03-01,"Wolves Security Team",php,webapps,0 -33686,platforms/multiple/remote/33686.txt,"IBM Lotus Domino 7.0.2 - 'readme.nsf' Cross-Site Scripting",2010-03-02,"Nahuel Grisolia",multiple,remote,0 -33687,platforms/java/webapps/33687.txt,"Sparta Systems TrackWise EQms - Multiple Cross-Site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",java,webapps,0 -33688,platforms/php/webapps/33688.txt,"Discuz! 6.0 - 'uid' Parameter Cross-Site Scripting",2010-03-02,"lis cker",php,webapps,0 +33686,platforms/multiple/remote/33686.txt,"IBM Lotus Domino 7.0.2 - 'readme.nsf' Cross-site Scripting",2010-03-02,"Nahuel Grisolia",multiple,remote,0 +33687,platforms/java/webapps/33687.txt,"Sparta Systems TrackWise EQms - Multiple Cross-site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",java,webapps,0 +33688,platforms/php/webapps/33688.txt,"Discuz! 6.0 - 'uid' Parameter Cross-site Scripting",2010-03-02,"lis cker",php,webapps,0 33689,platforms/multiple/remote/33689.as,"Adobe Flash Player 10.1.51 - Local File Access Information Disclosure",2010-03-03,"lis cker",multiple,remote,0 33690,platforms/php/webapps/33690.txt,"DosyaYukle Scripti 1.0 - Remote File Upload",2010-03-03,indoushka,php,webapps,0 -33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation - 'error_msg_parameter' Cross-Site Scripting",2010-03-04,thebluegenius,jsp,webapps,0 +33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation - 'error_msg_parameter' Cross-site Scripting",2010-03-04,thebluegenius,jsp,webapps,0 33707,platforms/windows/dos/33707.txt,"Orb Networks 2.54.18 - Orb Direct Show Filter MP3 File Divide-By-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 33708,platforms/bsd/dos/33708.c,"FreeBSD 8.0 and OpenBSD 4.x - 'ftpd' NULL Pointer Dereference Denial Of Service",2010-03-05,kingcope,bsd,dos,0 33705,platforms/windows/remote/33705.txt,"Authentium Command On Demand ActiveX Control - Multiple Buffer Overflow Vulnerabilities",2010-03-04,"Nikolas Sotiriu",windows,remote,0 33706,platforms/php/webapps/33706.txt,"Drupal < 6.16 / 5.22 - Multiple Security Vulnerabilities",2010-03-04,"David Rothstein",php,webapps,0 -33704,platforms/asp/webapps/33704.txt,"BBSXP 2008 - 'ShowPost.asp' Cross-Site Scripting",2010-03-04,Liscker,asp,webapps,0 -33697,platforms/php/webapps/33697.txt,"eFront 3.6.14.4 (surname param) - Persistent XSS",2014-06-09,"shyamkumar somana",php,webapps,80 +33704,platforms/asp/webapps/33704.txt,"BBSXP 2008 - 'ShowPost.asp' Cross-site Scripting",2010-03-04,Liscker,asp,webapps,0 +33697,platforms/php/webapps/33697.txt,"eFront 3.6.14.4 (surname parameter) - Persistent XSS",2014-06-09,"shyamkumar somana",php,webapps,80 33699,platforms/php/webapps/33699.txt,"WebTitan 4.01 (Build 68) - Multiple Vulnerabilities",2014-06-09,"SEC Consult",php,webapps,80 33700,platforms/asp/webapps/33700.txt,"DevExpress ASPxFileManager 10.2 < 13.2.8 - Directory Traversal",2014-06-09,"RedTeam Pentesting",asp,webapps,80 -33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - (zero_view_article.php article_id param) SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 -33714,platforms/php/webapps/33714.txt,"SHOUTcast DNAS 2.2.1 - Stored XSS",2014-06-11,rob222,php,webapps,0 -33715,platforms/asp/webapps/33715.txt,"Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting",2010-03-05,hacker@sr.gov.yu,asp,webapps,0 +33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - (zero_view_article.php article_id parameter) SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 +33714,platforms/php/webapps/33714.txt,"SHOUTcast DNAS 2.2.1 - Persistent Cross-site Scripting",2014-06-11,rob222,php,webapps,0 +33715,platforms/asp/webapps/33715.txt,"Spectrum Software WebManager CMS - 'pojam' Parameter Cross-site Scripting",2010-03-05,hacker@sr.gov.yu,asp,webapps,0 33716,platforms/php/webapps/33716.txt,"Saskia's Shopsystem - 'id' Parameter Local File Inclusion",2010-03-05,"cr4wl3r ",php,webapps,0 -33717,platforms/multiple/webapps/33717.txt,"Six Apart Vox - 'search' Page Cross-Site Scripting",2010-03-05,Phenom,multiple,webapps,0 +33717,platforms/multiple/webapps/33717.txt,"Six Apart Vox - 'search' Page Cross-site Scripting",2010-03-05,Phenom,multiple,webapps,0 33838,platforms/windows/dos/33838.py,"Mocha W32 LPD 1.9 - Remote Buffer Overflow",2010-04-15,mr_me,windows,dos,0 33711,platforms/windows/dos/33711.txt,"BS.Player 2.51 - (.mp3) Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,dos,0 33712,platforms/windows/remote/33712.txt,"VLC Media Player 1.0.x - Bookmark Creation Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,remote,0 33718,platforms/php/webapps/33718.txt,"phpCOIN 1.2.1 - 'mod' Parameter Local File Inclusion",2010-03-06,_mlk_,php,webapps,0 33719,platforms/windows/dos/33719.py,"Microsoft Windows XP/Vista - (.ani) 'tagBITMAPINFOHEADER' Denial of Service",2010-03-08,Skylined,windows,dos,0 33720,platforms/asp/webapps/33720.txt,"Pre E-Learning Portal - 'search_result.asp' SQL Injection",2010-03-08,NoGe,asp,webapps,0 -33721,platforms/asp/webapps/33721.txt,"Max Network Technology BBSMAX 4.2 - 'post.aspx' Cross-Site Scripting",2010-03-08,Liscker,asp,webapps,0 -33722,platforms/asp/webapps/33722.txt,"ASPCode CMS 1.5.8 - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities",2010-03-08,"Alberto Fontanella",asp,webapps,0 +33721,platforms/asp/webapps/33721.txt,"Max Network Technology BBSMAX 4.2 - 'post.aspx' Cross-site Scripting",2010-03-08,Liscker,asp,webapps,0 +33722,platforms/asp/webapps/33722.txt,"ASPCode CMS 1.5.8 - 'default.asp' Multiple Cross-site Scripting Vulnerabilities",2010-03-08,"Alberto Fontanella",asp,webapps,0 33723,platforms/php/webapps/33723.html,"KDPics 1.18 - 'admin/index.php' Authentication Bypass",2010-03-08,snakespc,php,webapps,0 33724,platforms/php/webapps/33724.txt,"OpenCart 1.3.2 - 'page' Parameter SQL Injection",2010-03-07,"Andrés Gómez",php,webapps,0 33725,platforms/aix/local/33725.txt,"IBM AIX 6.1.8 libodm - Arbitrary File Write",2014-06-12,Portcullis,aix,local,0 33726,platforms/php/webapps/33726.txt,"TikiWik < 4.2 - Multiple Vulnerabilities",2010-03-09,"Mateusz Drygas",php,webapps,0 33727,platforms/php/webapps/33727.txt,"wh-em.com upload 7.0 - Insecure Cookie Authentication Bypass",2010-02-16,indoushka,php,webapps,0 -33728,platforms/asp/webapps/33728.txt,"IBM ENOVIA SmarTeam - 'LoginPage.aspx' Cross-Site Scripting",2010-03-09,Lament,asp,webapps,0 +33728,platforms/asp/webapps/33728.txt,"IBM ENOVIA SmarTeam - 'LoginPage.aspx' Cross-site Scripting",2010-03-09,Lament,asp,webapps,0 33729,platforms/multiple/dos/33729.txt,"PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial Of Service",2014-06-13,"Bernt Marius Johnsen",multiple,dos,0 -33730,platforms/asp/webapps/33730.txt,"Max Network Technology BBSMAX 4.2 - 'threadid' Parameter Cross-Site Scripting",2010-03-10,Liscker,asp,webapps,0 +33730,platforms/asp/webapps/33730.txt,"Max Network Technology BBSMAX 4.2 - 'threadid' Parameter Cross-site Scripting",2010-03-10,Liscker,asp,webapps,0 33731,platforms/multiple/webapps/33731.txt,"Friendly Technologies TR-069 ACS 2.8.9 - Login SQL Injection",2010-03-10,"Yaniv Miron",multiple,webapps,0 33732,platforms/php/webapps/33732.txt,"60cycleCMS - 'select.php' Multiple HTML Injection Vulnerabilities",2010-03-10,"pratul agrawal",php,webapps,0 33733,platforms/windows/dos/33733.pl,"httpdx 1.5.3 - .PNG File Handling Remote Denial of Service",2010-03-10,"Jonathan Salwan",windows,dos,0 -33734,platforms/php/webapps/33734.txt,"DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting",2010-03-10,ITSecTeam,php,webapps,0 +33734,platforms/php/webapps/33734.txt,"DDL CMS 2.1 - 'blacklist.php' Cross-site Scripting",2010-03-10,ITSecTeam,php,webapps,0 33735,platforms/multiple/dos/33735.txt,"SUPERAntiSpyware 4.34.1000 and SuperAdBlocker 4.6.1000 - Multiple Vulnerabilities",2010-03-10,"Luka Milkovic",multiple,dos,0 33736,platforms/aix/webapps/33736.php,"Plesk 10.4.4/11.0.9 - SSO XXE/XSS Injection Exploit",2014-06-13,"BLacK ZeRo",aix,webapps,0 33737,platforms/hardware/dos/33737.py,"ZTE and TP-Link RomPager - Denial of Service",2014-06-13,"Osanda Malith",hardware,dos,0 -33760,platforms/multiple/webapps/33760.txt,"Multiple Products - 'banner.swf' Cross-Site Scripting",2010-03-15,MustLive,multiple,webapps,0 +33760,platforms/multiple/webapps/33760.txt,"Multiple Products - 'banner.swf' Cross-site Scripting",2010-03-15,MustLive,multiple,webapps,0 33761,platforms/asp/webapps/33761.txt,"Pars CMS - 'RP' Parameter Multiple SQL Injection",2010-03-15,Isfahan,asp,webapps,0 33739,platforms/hardware/remote/33739.txt,"Yealink VoIP Phone SIP-T38G - Default Credentials",2014-06-13,Mr.Un1k0d3r,hardware,remote,0 33740,platforms/hardware/remote/33740.txt,"Yealink VoIP Phone SIP-T38G - Local File Inclusion",2014-06-13,Mr.Un1k0d3r,hardware,remote,0 33741,platforms/hardware/remote/33741.txt,"Yealink VoIP Phone SIP-T38G - Remote Command Execution",2014-06-13,Mr.Un1k0d3r,hardware,remote,0 33742,platforms/hardware/remote/33742.txt,"Yealink VoIP Phone SIP-T38G - Privileges Escalation",2014-06-13,Mr.Un1k0d3r,hardware,remote,0 33743,platforms/php/webapps/33743.py,"ZeroCMS 1.0 - zero_transact_user.php Handling Privilege Escalation",2014-06-13,"Tiago Carvalho",php,webapps,0 -33759,platforms/multiple/webapps/33759.txt,"DirectAdmin 1.33.6 - 'CMD_DB_VIEW' Cross-Site Scripting",2010-03-14,r0t,multiple,webapps,0 +33759,platforms/multiple/webapps/33759.txt,"DirectAdmin 1.33.6 - 'CMD_DB_VIEW' Cross-site Scripting",2010-03-14,r0t,multiple,webapps,0 33748,platforms/php/webapps/33748.txt,"AneCMS 1.0 - 'index.php' Multiple HTML Injection Vulnerabilities",2010-03-11,"pratul agrawal",php,webapps,0 -33749,platforms/php/webapps/33749.txt,"ARTIS ABTON CMS - Multiple SQL Injection",2010-03-11,MustLive,php,webapps,0 +33749,platforms/php/webapps/33749.txt,"ARTIS ABTON CMS - Multiple SQL Injections",2010-03-11,MustLive,php,webapps,0 33750,platforms/windows/remote/33750.txt,"Microsoft Windows XP/2000 - Help File Relative Path Remote Command Execution",2010-03-06,Secumania,windows,remote,0 33751,platforms/php/webapps/33751.txt,"CodeIgniter 1.0 - 'BASEPATH' Multiple Remote File Inclusion",2010-03-11,eidelweiss,php,webapps,0 33752,platforms/linux/remote/33752.html,"WebKit 1.2.x - Right-to-Left Displayed Text Handling Memory Corruption",2010-03-11,wushi,linux,remote,0 33753,platforms/php/webapps/33753.txt,"Easynet4u Forum Host - 'topic.php' SQL Injection",2010-03-12,Pr0T3cT10n,php,webapps,0 -33754,platforms/php/webapps/33754.txt,"pMyAdmin 3.3.5.1 - 'db_create.php' Cross-Site Scripting",2010-03-12,Liscker,php,webapps,0 +33754,platforms/php/webapps/33754.txt,"pMyAdmin 3.3.5.1 - 'db_create.php' Cross-site Scripting",2010-03-12,Liscker,php,webapps,0 33755,platforms/php/dos/33755.php,"PHP 5.3.2 xmlrpc Extension - Multiple Remote Denial of Service Vulnerabilities",2010-03-12,"Auke van Slooten",php,dos,0 33756,platforms/php/webapps/33756.txt,"Joomla! 'com_seek' Component - 'id' Parameter SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0 -33757,platforms/php/webapps/33757.txt,"Joomla! 'com_d-greinar' Component - 'maintree' Parameter Cross-Site Scripting",2010-03-13,"DevilZ TM",php,webapps,0 +33757,platforms/php/webapps/33757.txt,"Joomla! 'com_d-greinar' Component - 'maintree' Parameter Cross-site Scripting",2010-03-13,"DevilZ TM",php,webapps,0 33758,platforms/asp/webapps/33758.txt,"Zigurrat Farsi CMS - 'manager/textbox.asp' SQL Injection",2010-03-15,Isfahan,asp,webapps,0 -33762,platforms/php/webapps/33762.txt,"Andromeda 1.9.2 - 's' Parameter Cross-Site Scripting / Session Fixation",2010-03-15,indoushka,php,webapps,0 +33762,platforms/php/webapps/33762.txt,"Andromeda 1.9.2 - 's' Parameter Cross-site Scripting / Session Fixation",2010-03-15,indoushka,php,webapps,0 33763,platforms/php/webapps/33763.txt,"Domain Verkaus & Auktions Portal - 'index.php' SQL Injection",2010-03-15,"Easy Laster",php,webapps,0 33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit 1.4.1 - dijit\tests\_testCommon.js theme Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 33765,platforms/multiple/webapps/33765.txt,"Dojo Toolkit 1.4.1 - doh\runner.html Multiple Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 33766,platforms/php/webapps/33766.txt,"Joomla! 'com_as' Component - 'catid' Parameter SQL Injection",2010-03-16,N2n-Hacker,php,webapps,0 33767,platforms/novell/remote/33767.rb,"Novell eDirectory 8.8.5 - DHost Weak Session Cookie Session Hijacking",2010-03-14,Metasploit,novell,remote,0 -33787,platforms/php/webapps/33787.txt,"RepairShop2 - index.php Prod Parameter XSS",2010-03-23,kaMtiEz,php,webapps,0 +33787,platforms/php/webapps/33787.txt,"RepairShop2 - 'index.php' Prod Parameter XSS",2010-03-23,kaMtiEz,php,webapps,0 33769,platforms/php/webapps/33769.txt,"eFront 3.5.5 - 'langname' Parameter Local File Inclusion",2010-03-17,7Safe,php,webapps,0 33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0 33771,platforms/php/webapps/33771.txt,"Joomla! 'com_alert' Component - 'q_item' Parameter SQL Injection",2010-03-17,N2n-Hacker,php,webapps,0 @@ -30420,22 +30420,22 @@ id,file,description,date,author,platform,type,port 33773,platforms/php/webapps/33773.txt,"tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injection",2010-03-18,blake,php,webapps,0 33774,platforms/multiple/remote/33774.txt,"IBM Lotus Notes 6.5.6 - 'names.nsf' Open Redirection",2010-03-19,Lament,multiple,remote,0 33775,platforms/windows/dos/33775.py,"Xilisoft Video Converter Wizard - (.yuv) Stack Buffer Overflow",2010-03-19,ITSecTeam,windows,dos,0 -33776,platforms/php/webapps/33776.txt,"Kempt SiteDone 2.0 - 'detail.php' Cross-Site Scripting / SQL Injection",2010-03-18,d3v1l,php,webapps,0 -33777,platforms/php/webapps/33777.txt,"PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-03-19,Liscker,php,webapps,0 +33776,platforms/php/webapps/33776.txt,"Kempt SiteDone 2.0 - 'detail.php' Cross-site Scripting / SQL Injection",2010-03-18,d3v1l,php,webapps,0 +33777,platforms/php/webapps/33777.txt,"PHPWind 6.0 - Multiple Cross-site Scripting Vulnerabilities",2010-03-19,Liscker,php,webapps,0 33778,platforms/windows/dos/33778.pl,"Remote Help HTTP 0.0.7 - GET Request Format String Denial Of Service",2010-03-20,Rick2600,windows,dos,0 33779,platforms/jsp/webapps/33779.txt,"agXchange ESM - 'ucschcancelproc.jsp' Open Redirection",2010-03-22,Lament,jsp,webapps,0 -33780,platforms/multiple/remote/33780.txt,"IBM Lotus Notes 6.5.x - 'names.nsf' Cross-Site Scripting",2010-03-19,Lament,multiple,remote,0 +33780,platforms/multiple/remote/33780.txt,"IBM Lotus Notes 6.5.x - 'names.nsf' Cross-site Scripting",2010-03-19,Lament,multiple,remote,0 33781,platforms/php/webapps/33781.txt,"Lussumo Vanilla 1.1.10 - 'definitions.php' Multiple Remote File Inclusion",2010-03-23,eidelweiss,php,webapps,0 33782,platforms/php/webapps/33782.txt,"PHPKIT 1.6.x - 'b-day.php' Addon SQL Injection",2010-03-22,n3w7u,php,webapps,0 -33783,platforms/linux/remote/33783.txt,"Astaro Security Linux 5 - 'index.fpl' Cross-Site Scripting",2010-03-23,"Vincent Hautot",linux,remote,0 -33784,platforms/php/webapps/33784.txt,"vBulletin 4.0.2 - Search Cross-Site Scripting",2010-03-19,5ubzer0,php,webapps,0 -33785,platforms/jsp/webapps/33785.txt,"agXchange ESM - 'ucquerydetails.jsp' Cross-Site Scripting",2010-03-23,Lament,jsp,webapps,0 +33783,platforms/linux/remote/33783.txt,"Astaro Security Linux 5 - 'index.fpl' Cross-site Scripting",2010-03-23,"Vincent Hautot",linux,remote,0 +33784,platforms/php/webapps/33784.txt,"vBulletin 4.0.2 - Search Cross-site Scripting",2010-03-19,5ubzer0,php,webapps,0 +33785,platforms/jsp/webapps/33785.txt,"agXchange ESM - 'ucquerydetails.jsp' Cross-site Scripting",2010-03-23,Lament,jsp,webapps,0 33786,platforms/multiple/remote/33786.txt,"Cafu 9.06 - Multiple Remote Vulnerabilities",2010-03-23,"Luigi Auriemma",multiple,remote,0 33788,platforms/php/webapps/33788.pl,"phpAuthent 0.2.1 - 'useradd.php' Multiple HTML Injection Vulnerabilities",2010-03-23,Yoyahack,php,webapps,0 33789,platforms/multiple/remote/33789.rb,"Java - Debug Wire Protocol Remote Code Execution",2014-06-17,Metasploit,multiple,remote,8000 33790,platforms/windows/remote/33790.rb,"Easy File Management Web Server - Stack Buffer Overflow",2014-06-17,Metasploit,windows,remote,80 33791,platforms/arm/local/33791.rb,"Adobe Reader for Android - addJavascriptInterface Exploit",2014-06-17,Metasploit,arm,local,0 -33792,platforms/hardware/webapps/33792.txt,"Motorola SBG901 Wireless Modem - CSRF",2014-06-17,"Blessen Thomas",hardware,webapps,0 +33792,platforms/hardware/webapps/33792.txt,"Motorola SBG901 Wireless Modem - Cross-site Request Forgery",2014-06-17,"Blessen Thomas",hardware,webapps,0 33793,platforms/php/webapps/33793.txt,"Kasseler CMS News Module - 'id' Parameter SQL Injection",2010-03-23,Palyo34,php,webapps,0 33794,platforms/php/webapps/33794.txt,"Multiple SpringSource Products - Multiple HTML Injection Vulnerabilities",2010-03-23,"Aaron Kulick",php,webapps,0 33795,platforms/php/webapps/33795.txt,"Joomla! 'com_aml_2' Component - 'art' Parameter SQL Injection",2010-03-23,Metropolis,php,webapps,0 @@ -30450,7 +30450,7 @@ id,file,description,date,author,platform,type,port 33804,platforms/windows/dos/33804.pl,"Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow",2014-06-18,LiquidWorm,windows,dos,0 33805,platforms/linux/remote/33805.pl,"AlienVault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution",2014-06-18,"Alfredo Ramirez",linux,remote,0 34141,platforms/php/webapps/34141.txt,"AneCMS 1.x - 'modules/blog/index.php' SQL Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 -33976,platforms/php/webapps/33976.html,"Saurus CMS 4.7 - 'edit.php' Cross-Site Scripting",2010-05-11,"High-Tech Bridge SA",php,webapps,0 +33976,platforms/php/webapps/33976.html,"Saurus CMS 4.7 - 'edit.php' Cross-site Scripting",2010-05-11,"High-Tech Bridge SA",php,webapps,0 33807,platforms/multiple/remote/33807.rb,"Rocket Servergraph Admin Center - fileRequestor Remote Code Execution",2014-06-18,Metasploit,multiple,remote,8888 33808,platforms/linux/local/33808.c,"Docker 0.11 - VMM-Container Breakout",2014-06-18,"Sebastian Krahmer",linux,local,0 33809,platforms/php/webapps/33809.txt,"Cacti Superlinks Plugin 1.4-2 - SQL Injection",2014-06-18,Napsterakos,php,webapps,0 @@ -30458,8 +30458,8 @@ id,file,description,date,author,platform,type,port 33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33812,platforms/php/webapps/33812.txt,"Joomla! 'com_weblinks' Component - 'id' Parameter SQL Injection",2010-03-29,"Pouya Daneshmand",php,webapps,0 33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for WordPress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0 -33814,platforms/php/webapps/33814.txt,"Piwik 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0 -33815,platforms/php/webapps/33815.txt,"OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Parameter Cross-Site Scripting",2010-03-31,"CONIX Security",php,webapps,0 +33814,platforms/php/webapps/33814.txt,"Piwik 0.5.5 - 'form_url' Parameter Cross-site Scripting",2010-03-31,garwga,php,webapps,0 +33815,platforms/php/webapps/33815.txt,"OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Parameter Cross-site Scripting",2010-03-31,"CONIX Security",php,webapps,0 33816,platforms/multiple/remote/33816.pl,"Miranda IM 0.8.16 - Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 33817,platforms/windows/remote/33817.rb,"Ericom AccessNow Server - Buffer Overflow",2014-06-19,Metasploit,windows,remote,8080 33818,platforms/php/webapps/33818.txt,"web2Project 3.1 - Multiple Vulnerabilities",2014-06-19,"High-Tech Bridge SA",php,webapps,80 @@ -30468,13 +30468,13 @@ id,file,description,date,author,platform,type,port 33821,platforms/php/webapps/33821.html,"n-cms-equipe 1.1c.Debug - Multiple Local File Inclusion",2010-02-24,ITSecTeam,php,webapps,0 33822,platforms/hardware/webapps/33822.sh,"D-link DSL-2760U-E1 - Persistent XSS",2014-06-21,"Yuval tisf Nativ",hardware,webapps,0 33852,platforms/windows/remote/33852.txt,"HTTP 1.1 - GET Request Directory Traversal",2010-06-20,chr1x,windows,remote,0 -33853,platforms/php/webapps/33853.txt,"Kleophatra CMS 0.1.1 - 'module' Parameter Cross-Site Scripting",2010-04-19,anT!-Tr0J4n,php,webapps,0 +33853,platforms/php/webapps/33853.txt,"Kleophatra CMS 0.1.1 - 'module' Parameter Cross-site Scripting",2010-04-19,anT!-Tr0J4n,php,webapps,0 33824,platforms/linux/local/33824.c,"Linux Kernel 3.13 - Local Privilege Escalation PoC (gid)",2014-06-21,"Vitaly Nikolenko",linux,local,0 -33825,platforms/asp/webapps/33825.txt,"Ziggurat Farsi CMS - 'id' Parameter Unspecified Cross-Site Scripting",2010-04-15,"Pouya Daneshmand",asp,webapps,0 +33825,platforms/asp/webapps/33825.txt,"Ziggurat Farsi CMS - 'id' Parameter Unspecified Cross-site Scripting",2010-04-15,"Pouya Daneshmand",asp,webapps,0 33826,platforms/linux/remote/33826.txt,"TCPDF 4.5.036/4.9.5 - 'params' Attribute Remote Code Execution Weakness",2010-04-08,apoc,linux,remote,0 -33827,platforms/php/webapps/33827.txt,"Istgah For Centerhost - 'view_ad.php' Cross-Site Scripting",2010-04-07,indoushka,php,webapps,0 +33827,platforms/php/webapps/33827.txt,"Istgah For Centerhost - 'view_ad.php' Cross-site Scripting",2010-04-07,indoushka,php,webapps,0 33829,platforms/windows/remote/33829.c,"WinSoftMagic Photo Editor - .PNG File Buffer Overflow",2010-04-09,eidelweiss,windows,remote,0 -33830,platforms/php/webapps/33830.txt,"Lunar CMS 3.3 - CSRF / Stored XSS",2014-06-21,LiquidWorm,php,webapps,0 +33830,platforms/php/webapps/33830.txt,"Lunar CMS 3.3 - CSRF / Persistent Cross-site Scripting",2014-06-21,LiquidWorm,php,webapps,0 33832,platforms/php/webapps/33832.txt,"TANDBERG Video Communication Server 4.2.1/4.3.0 - Multiple Remote Vulnerabilities",2010-04-12,"Jon Hart",php,webapps,0 33833,platforms/php/webapps/33833.txt,"Blog System 1.x - Multiple Input Validation Vulnerabilities",2010-04-12,"cp77fk4r ",php,webapps,0 33834,platforms/php/webapps/33834.txt,"Vana CMS - 'filename' Parameter Remote File Download",2010-04-13,"Pouya Daneshmand",php,webapps,0 @@ -30485,8 +30485,8 @@ id,file,description,date,author,platform,type,port 33841,platforms/windows/remote/33841.txt,"HTTP File Server 2.2 - Security Bypass / Denial of Service",2010-04-19,"Luigi Auriemma",windows,remote,0 33880,platforms/windows/remote/33880.rb,"Cogent DataHub - Command Injection",2014-06-25,Metasploit,windows,remote,0 33857,platforms/php/webapps/33857.txt,"e107 0.7.x - 'e107_admin/banner.php' SQL Injection",2010-04-21,"High-Tech Bridge SA",php,webapps,0 -33997,platforms/php/webapps/33997.txt,"NPDS Revolution 10.02 - 'download.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 -33998,platforms/php/webapps/33998.html,"JoomlaTune JComments 2.1 Joomla! Component - 'ComntrNam' Parameter Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 +33997,platforms/php/webapps/33997.txt,"NPDS Revolution 10.02 - 'download.php' Cross-site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 +33998,platforms/php/webapps/33998.html,"JoomlaTune JComments 2.1 Joomla! Component - 'ComntrNam' Parameter Cross-site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 33847,platforms/multiple/remote/33847.txt,"netkar-PRO 1.1 - Remote Stack Buffer Overflow",2010-04-13,"Luigi Auriemma",multiple,remote,0 33848,platforms/windows/remote/33848.py,"WinMount 3.3.401 - .ZIP File Remote Buffer Overflow",2010-04-19,lilf,windows,remote,0 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 @@ -30495,16 +30495,16 @@ id,file,description,date,author,platform,type,port 33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution (0Day)",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 - Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 -33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-Site Scripting",2010-04-20,"Edgard Chammas",php,webapps,0 -33881,platforms/php/webapps/33881.txt,"PowerEasy 2006 - 'ComeUrl' Parameter Cross-Site Scripting",2010-04-24,Liscker,php,webapps,0 +33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-site Scripting",2010-04-20,"Edgard Chammas",php,webapps,0 +33881,platforms/php/webapps/33881.txt,"PowerEasy 2006 - 'ComeUrl' Parameter Cross-site Scripting",2010-04-24,Liscker,php,webapps,0 33855,platforms/linux/remote/33855.txt,"MIT Kerberos 5 - 'src/kdc/do_tgs_req.c' Ticket Renewal Double Free Memory Corruption",2010-04-20,"Joel Johnson",linux,remote,0 33856,platforms/php/webapps/33856.txt,"Viennabux Beta! - 'cat' Parameter SQL Injection",2010-04-09,"Easy Laster",php,webapps,0 -33858,platforms/php/webapps/33858.txt,"DBSite wb CMS - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-04-21,The_Exploited,php,webapps,0 +33858,platforms/php/webapps/33858.txt,"DBSite wb CMS - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2010-04-21,The_Exploited,php,webapps,0 34143,platforms/windows/remote/34143.txt,"XnView 1.97.4 - MBM File Remote Heap Buffer Overflow",2010-06-14,"Mauro Olea",windows,remote,0 -34144,platforms/php/webapps/34144.txt,"Joomla! 'com_easygb' Component - 'Itemid' Parameter Cross-Site Scripting",2010-06-08,"L0rd CrusAd3r",php,webapps,0 +34144,platforms/php/webapps/34144.txt,"Joomla! 'com_easygb' Component - 'Itemid' Parameter Cross-site Scripting",2010-06-08,"L0rd CrusAd3r",php,webapps,0 34145,platforms/unix/dos/34145.txt,"Python 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 -34146,platforms/php/webapps/34146.txt,"Sell@Site PHP Online Jobs Login - Multiple SQL Injection",2010-06-15,"L0rd CrusAd3r",php,webapps,0 -34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'username' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 +34146,platforms/php/webapps/34146.txt,"Sell@Site PHP Online Jobs Login - Multiple SQL Injections",2010-06-15,"L0rd CrusAd3r",php,webapps,0 +34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'username' Parameter Cross-site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 33862,platforms/hardware/remote/33862.rb,"D-Link - authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 33863,platforms/hardware/remote/33863.rb,"D-Link - hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,Metasploit,hardware,remote,80 33865,platforms/linux/remote/33865.rb,"AlienVault OSSIM - av-centerd Command Injection",2014-06-24,Metasploit,linux,remote,40007 @@ -30512,7 +30512,7 @@ id,file,description,date,author,platform,type,port 33867,platforms/php/webapps/33867.txt,"Lunar CMS 3.3 - Unauthenticated Remote Command Execution Exploit",2014-06-25,LiquidWorm,php,webapps,0 34142,platforms/php/webapps/34142.txt,"MODx 1.0.3 - 'index.php' Multiple SQL Injection",2010-06-14,"High-Tech Bridge SA",php,webapps,0 33869,platforms/hardware/remote/33869.txt,"Huawei EchoLife HG520 3.10.18.5-1.0.5.0 - Remote Information Disclosure",2010-04-22,hkm,hardware,remote,0 -33870,platforms/php/webapps/33870.txt,"FlashCard 2.6.5 - 'id' Parameter Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 +33870,platforms/php/webapps/33870.txt,"FlashCard 2.6.5 - 'id' Parameter Cross-site Scripting",2010-04-22,Valentin,php,webapps,0 33871,platforms/multiple/remote/33871.txt,"Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities",2010-04-08,"cp77fk4r ",multiple,remote,0 33873,platforms/multiple/remote/33873.txt,"HP System Management Homepage - 'RedirectUrl' Parameter URI Redirection",2010-04-25,"Aung Khant",multiple,remote,0 33874,platforms/php/webapps/33874.txt,"Ektron CMS400.NET 7.5.2 - Multiple Security Vulnerabilities",2010-04-26,"Richard Moore",php,webapps,0 @@ -30522,13 +30522,13 @@ id,file,description,date,author,platform,type,port 33878,platforms/multiple/remote/33878.c,"NovaSTOR NovaNET 12.0 - Remote SYSTEM Exploit",2007-09-25,mu-b,multiple,remote,0 33879,platforms/multiple/dos/33879.c,"NovaSTOR NovaNET/NovaBACKUP 13.0 - Remote DoS",2007-10-02,mu-b,multiple,dos,0 33882,platforms/php/webapps/33882.txt,"Cyber CMS - 'faq.php' SQL Injection",2009-11-26,hc0de,php,webapps,0 -33883,platforms/php/webapps/33883.txt,"Kasseler CMS 2.0.5 - 'index.php' Cross-Site Scripting",2010-04-26,indoushka,php,webapps,0 +33883,platforms/php/webapps/33883.txt,"Kasseler CMS 2.0.5 - 'index.php' Cross-site Scripting",2010-04-26,indoushka,php,webapps,0 33884,platforms/php/webapps/33884.txt,"Zikula Application Framework 1.2.2 - ZLanguage.php lang Parameter XSS",2010-04-13,"High-Tech Bridge SA",php,webapps,0 -33885,platforms/php/webapps/33885.txt,"Zikula Application Framework 1.2.2 - index.php func Parameter XSS",2010-04-13,"High-Tech Bridge SA",php,webapps,0 +33885,platforms/php/webapps/33885.txt,"Zikula Application Framework 1.2.2 - 'index.php' func Parameter XSS",2010-04-13,"High-Tech Bridge SA",php,webapps,0 33886,platforms/linux/dos/33886.txt,"Linux Kernel 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption",2010-04-27,"Toshiyuki Okajima",linux,dos,0 33887,platforms/cgi/webapps/33887.txt,"Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities",2014-06-27,"Onur Alanbel (BGA)",cgi,webapps,0 -33888,platforms/php/webapps/33888.txt,"ProArcadeScript - 'search.php' Cross-Site Scripting",2010-04-27,Sid3^effects,php,webapps,0 -33889,platforms/php/webapps/33889.txt,"SmartBlog 1.3 - SQL Injection / Cross-Site Scripting",2010-04-27,indoushka,php,webapps,0 +33888,platforms/php/webapps/33888.txt,"ProArcadeScript - 'search.php' Cross-site Scripting",2010-04-27,Sid3^effects,php,webapps,0 +33889,platforms/php/webapps/33889.txt,"SmartBlog 1.3 - SQL Injection / Cross-site Scripting",2010-04-27,indoushka,php,webapps,0 33890,platforms/windows/remote/33890.txt,"OneHTTPD 0.6 - Directory Traversal",2010-04-27,"John Leitch",windows,remote,0 33891,platforms/java/remote/33891.rb,"HP AutoPass License Server - File Upload",2014-06-27,Metasploit,java,remote,5814 33892,platforms/windows/local/33892.rb,".NET Deployment Service - IE Sandbox Escape (MS14-009)",2014-06-27,Metasploit,windows,local,0 @@ -30538,13 +30538,13 @@ id,file,description,date,author,platform,type,port 40097,platforms/multiple/dos/40097.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (3)",2016-07-13,COSIG,multiple,dos,0 40098,platforms/multiple/dos/40098.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (4)",2016-07-13,COSIG,multiple,dos,0 33896,platforms/php/webapps/33896.txt,"WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 -33897,platforms/multiple/webapps/33897.txt,"Endeca Latitude 2.2.2 - CSRF",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 +33897,platforms/multiple/webapps/33897.txt,"Endeca Latitude 2.2.2 - Cross-site Request Forgery",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 33899,platforms/linux/local/33899.txt,"Chkrootkit 0.49 - Local Root",2014-06-28,"Thomas Stangner",linux,local,0 -33900,platforms/windows/remote/33900.pl,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow",2010-04-26,Madjix,windows,remote,0 -33901,platforms/windows/remote/33901.rb,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow (Metasploit)",2010-04-26,blake,windows,remote,0 +33900,platforms/windows/remote/33900.pl,"Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow",2010-04-26,Madjix,windows,remote,0 +33901,platforms/windows/remote/33901.rb,"Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow (Metasploit)",2010-04-26,blake,windows,remote,0 34102,platforms/linux/dos/34102.py,"ACME micro_httpd - Denial of Service",2014-07-18,"Yuval tisf Nativ",linux,dos,80 33904,platforms/linux/local/33904.txt,"check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit",2014-06-28,"Dawid Golunski",linux,local,0 -33905,platforms/multiple/remote/33905.txt,"Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting",2010-04-28,"arun kethipelly",multiple,remote,0 +33905,platforms/multiple/remote/33905.txt,"Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-site Scripting",2010-04-28,"arun kethipelly",multiple,remote,0 33906,platforms/php/webapps/33906.txt,"velBox 1.2 - Insecure Cookie Authentication Bypass",2010-04-28,indoushka,php,webapps,0 33907,platforms/multiple/remote/33907.txt,"ZKSoftware 'ZK5000' - Remote Information Disclosure",2010-03-20,fb1h2s,multiple,remote,0 33908,platforms/php/webapps/33908.txt,"Your Articles Directory - Login Option SQL Injection",2010-04-29,Sid3^effects,php,webapps,0 @@ -30556,41 +30556,41 @@ id,file,description,date,author,platform,type,port 33964,platforms/windows/remote/33964.txt,"X-Motor Racing 1.26 - Buffer Overflow / Multiple Denial of Service Vulnerabilities",2010-05-06,"Luigi Auriemma",windows,remote,0 33965,platforms/linux/dos/33965.txt,"Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial Of Service",2010-01-27,"RedTeam Pentesting GmbH",linux,dos,0 33966,platforms/linux/dos/33966.rb,"Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial Of Service",2010-01-27,"RedTeam Pentesting GmbH",linux,dos,0 -33967,platforms/php/webapps/33967.txt,"Chipmunk Newsletter 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-20,b0telh0,php,webapps,0 +33967,platforms/php/webapps/33967.txt,"Chipmunk Newsletter 2.0 - Multiple Cross-site Scripting Vulnerabilities",2010-01-20,b0telh0,php,webapps,0 33968,platforms/windows/dos/33968.pl,"Xitami 5.0 - '/AUX' Request Remote Denial Of Service",2010-05-10,"Usman Saeed",windows,dos,0 33969,platforms/php/webapps/33969.txt,"eFront 3.x - 'ask_chat.php' SQL Injection",2010-05-09,"Stefan Esser",php,webapps,0 -33970,platforms/php/webapps/33970.txt,"EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 +33970,platforms/php/webapps/33970.txt,"EasyPublish CMS 23.04.2010 - URI Cross-site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 33971,platforms/windows/remote/33971.c,"Rebellion Aliens vs Predator 2.22 - Multiple Memory Corruption Vulnerabilities",2010-05-07,"Luigi Auriemma",windows,remote,0 33913,platforms/php/webapps/33913.html,"osCommerce 3.0a5 - Local File Inclusion / HTML Injection",2010-04-30,"Jordi Chancel",php,webapps,0 33914,platforms/php/webapps/33914.txt,"4xcms - 'login.php' Multiple SQL Injection",2010-03-21,"cr4wl3r ",php,webapps,0 33915,platforms/php/webapps/33915.txt,"Campsite 3.x - 'article_id' Parameter SQL Injection",2010-04-30,"Stefan Esser",php,webapps,0 -33916,platforms/cfm/webapps/33916.txt,"Mango Blog 1.4.1 - 'archives.cfm/search' Cross-Site Scripting",2010-05-03,MustLive,cfm,webapps,0 +33916,platforms/cfm/webapps/33916.txt,"Mango Blog 1.4.1 - 'archives.cfm/search' Cross-site Scripting",2010-05-03,MustLive,cfm,webapps,0 33917,platforms/php/webapps/33917.txt,"Billwerx RC5.2.2 PL2 - 'primary_number' Parameter SQL Injection",2010-05-02,indoushka,php,webapps,0 33918,platforms/php/webapps/33918.txt,"CF Image Hosting Script 1.1 - 'upload.php' Arbitrary File Upload",2010-05-01,The.Morpheus,php,webapps,0 -33919,platforms/php/webapps/33919.txt,"NolaPro Enterprise 4.0.5538 - Cross-Site Scripting / SQL Injection",2010-05-01,ekse,php,webapps,0 +33919,platforms/php/webapps/33919.txt,"NolaPro Enterprise 4.0.5538 - Cross-site Scripting / SQL Injection",2010-05-01,ekse,php,webapps,0 33920,platforms/php/remote/33920.php,"PHP 5.3 - 'php_dechunk()' HTTP Chunked Encoding Integer Overflow",2010-05-02,"Stefan Esser",php,remote,0 -33921,platforms/php/webapps/33921.txt,"IslamSound - Multiple SQL Injection",2010-05-03,JIKO,php,webapps,0 +33921,platforms/php/webapps/33921.txt,"IslamSound - Multiple SQL Injections",2010-05-03,JIKO,php,webapps,0 33922,platforms/php/webapps/33922.txt,"CH-CMS.ch 2 - Multiple Arbitrary File Upload Vulnerabilities",2010-03-15,EL-KAHINA,php,webapps,0 33923,platforms/asp/webapps/33923.txt,"SamaGraph CMS - 'inside.aspx' SQL Injection",2010-03-11,K053,asp,webapps,0 33924,platforms/windows/dos/33924.py,"RealVNC 4.1.3 - 'ClientCutText' Message Remote Denial of Service",2010-05-02,"John Leitch",windows,dos,0 -33925,platforms/php/webapps/33925.txt,"ecoCMS 18.4.2010 - 'admin.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 +33925,platforms/php/webapps/33925.txt,"ecoCMS 18.4.2010 - 'admin.php' Cross-site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 33926,platforms/windows/dos/33926.py,"ddrLPD 1.0 - Remote Denial of Service",2010-04-29,"Bisphemol A",windows,dos,0 33927,platforms/php/webapps/33927.txt,"eZoneScripts Apartment Search Script - 'listtest.php' SQL Injection",2010-02-09,JIKO,php,webapps,0 33988,platforms/php/remote/33988.txt,"PHP 5.x (5.3.x 5.3.2) - 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities",2010-05-14,"Stefan Esser",php,remote,0 33989,platforms/windows/remote/33989.rb,"Oracle Event Processing FileUploadServlet - Arbitrary File Upload",2014-07-07,Metasploit,windows,remote,9002 33929,platforms/multiple/remote/33929.py,"Gitlist 0.4.0 - Remote Code Execution",2014-06-30,drone,multiple,remote,0 33953,platforms/php/webapps/33953.txt,"Zurmo CRM - Persistent XSS",2014-07-02,Provensec,php,webapps,80 -33959,platforms/asp/webapps/33959.txt,"Multiple Consona Products - 'n6plugindestructor.asp' Cross-Site Scripting",2010-05-07,"Ruben Santamarta ",asp,webapps,0 +33959,platforms/asp/webapps/33959.txt,"Multiple Consona Products - 'n6plugindestructor.asp' Cross-site Scripting",2010-05-07,"Ruben Santamarta ",asp,webapps,0 33954,platforms/php/webapps/33954.txt,"Kerio Control 8.3.1 - Blind SQL Injection",2014-07-02,"Khashayar Fereidani",php,webapps,4081 -33933,platforms/php/webapps/33933.txt,"ThinkPHP 2.0 - 'index.php' Cross-Site Scripting",2010-02-09,zx,php,webapps,0 +33933,platforms/php/webapps/33933.txt,"ThinkPHP 2.0 - 'index.php' Cross-site Scripting",2010-02-09,zx,php,webapps,0 33934,platforms/php/webapps/33934.txt,"eZoneScripts - Multiple Scripts Insecure Cookie Authentication Bypass",2009-02-09,JIKO,php,webapps,0 33935,platforms/windows/remote/33935.txt,"rbot 0.9.14 - '!react' Command Unauthorized Access",2010-02-24,nks,windows,remote,0 33958,platforms/cgi/webapps/33958.txt,"Digital Factory Publique! 2.3 - 'sid' Parameter SQL Injection",2010-05-06,"Christophe de la Fuente",cgi,webapps,0 -33957,platforms/php/webapps/33957.txt,"kloNews 2.0 - 'cat.php' Cross-Site Scripting",2010-01-20,"cr4wl3r ",php,webapps,0 -33937,platforms/multiple/webapps/33937.txt,"TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting",2010-05-05,MustLive,multiple,webapps,0 -33938,platforms/hardware/remote/33938.txt,"Sterlite SAM300 AX Router - 'Stat_Radio' Parameter Cross-Site Scripting",2010-02-04,"Karn Ganeshen",hardware,remote,0 -33939,platforms/java/webapps/33939.txt,"ShopEx Single 4.5.1 - 'errinfo' Parameter Cross-Site Scripting",2010-02-06,"cp77fk4r ",java,webapps,0 -33940,platforms/multiple/remote/33940.txt,"VMware View 3.1.x - URL Processing Cross-Site Scripting",2010-05-05,"Alexey Sintsov",multiple,remote,0 +33957,platforms/php/webapps/33957.txt,"kloNews 2.0 - 'cat.php' Cross-site Scripting",2010-01-20,"cr4wl3r ",php,webapps,0 +33937,platforms/multiple/webapps/33937.txt,"TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-site Scripting",2010-05-05,MustLive,multiple,webapps,0 +33938,platforms/hardware/remote/33938.txt,"Sterlite SAM300 AX Router - 'Stat_Radio' Parameter Cross-site Scripting",2010-02-04,"Karn Ganeshen",hardware,remote,0 +33939,platforms/java/webapps/33939.txt,"ShopEx Single 4.5.1 - 'errinfo' Parameter Cross-site Scripting",2010-02-06,"cp77fk4r ",java,webapps,0 +33940,platforms/multiple/remote/33940.txt,"VMware View 3.1.x - URL Processing Cross-site Scripting",2010-05-05,"Alexey Sintsov",multiple,remote,0 33941,platforms/windows/remote/33941.html,"TVUPlayer 2.4.4.9beta1 - 'PlayerOcx.ocx' ActiveX Control Arbitrary File Overwrite",2010-02-03,"Evdokimov Dmitriy",windows,remote,0 33942,platforms/jsp/webapps/33942.txt,"IBM Algorithmics RICOS 4.5.0 < 4.7.0 - Multiple Vulnerabilities",2014-07-01,"SEC Consult",jsp,webapps,80 33943,platforms/aix/dos/33943.txt,"Flussonic Media Server 4.1.25 < 4.3.3 - Aribtrary File Disclosure",2014-07-01,"BGA Security",aix,dos,8080 @@ -30603,61 +30603,61 @@ id,file,description,date,author,platform,type,port 33950,platforms/php/webapps/33950.txt,"HAWHAW - 'newsread.php' SQL Injection",2010-01-31,s4r4d0,php,webapps,0 33951,platforms/windows/dos/33951.txt,"Baidu Spark Browser 26.5.9999.3511 - Remote Stack Overflow (DoS)",2014-07-02,LiquidWorm,windows,dos,0 34103,platforms/cgi/webapps/34103.txt,"Barracuda Networks Message Archiver 650 - Persistent XSS",2014-07-18,Vulnerability-Lab,cgi,webapps,3378 -33972,platforms/php/webapps/33972.txt,"Advanced Poll 2.0 - 'mysql_host' Parameter Cross-Site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 +33972,platforms/php/webapps/33972.txt,"Advanced Poll 2.0 - 'mysql_host' Parameter Cross-site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 33973,platforms/windows/dos/33973.pl,"Hyplay 1.2.0326.1 - (.asx) Remote Denial of Service",2010-05-10,"Steve James",windows,dos,0 33974,platforms/windows/remote/33974.txt,"Mereo 1.9.1 - Directory Traversal",2010-05-09,"John Leitch",windows,remote,0 33975,platforms/php/webapps/33975.html,"Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injection",2010-05-11,"High-Tech Bridge SA",php,webapps,0 33977,platforms/windows/dos/33977.txt,"Torque Game Engine - Multiple Denial Of Service Vulnerabilities",2010-05-09,"Luigi Auriemma",windows,dos,0 33978,platforms/php/webapps/33978.txt,"TomatoCMS 2.0.x - SQL Injection",2010-05-12,"Russ McRee",php,webapps,0 -33979,platforms/php/webapps/33979.txt,"C99Shell 1.0 pre-release build 16 - 'Ch99.php' Cross-Site Scripting",2010-05-19,indoushka,php,webapps,0 +33979,platforms/php/webapps/33979.txt,"C99Shell 1.0 pre-release build 16 - 'Ch99.php' Cross-site Scripting",2010-05-19,indoushka,php,webapps,0 33980,platforms/windows/remote/33980.txt,"Best Way GEM Engine - Multiple Vulnerabilities",2009-10-12,"Luigi Auriemma",windows,remote,0 33981,platforms/windows/remote/33981.txt,"GameCore 2.5 - 'GameID' Integer Overflow",2010-05-13,"Luigi Auriemma",windows,remote,0 33982,platforms/php/webapps/33982.txt,"NPDS Revolution 10.02 - 'download.php' SQL Injection",2010-05-13,"High-Tech Bridge SA",php,webapps,0 33983,platforms/php/webapps/33983.txt,"Frog CMS 0.9.5 - Arbitrary File Upload",2014-07-06,"Javid Hussain",php,webapps,0 -33985,platforms/php/webapps/33985.txt,"NPDS Revolution 10.02 - 'topic' Parameter Cross-Site Scripting",2010-05-13,"High-Tech Bridge SA",php,webapps,0 +33985,platforms/php/webapps/33985.txt,"NPDS Revolution 10.02 - 'topic' Parameter Cross-site Scripting",2010-05-13,"High-Tech Bridge SA",php,webapps,0 33986,platforms/php/webapps/33986.txt,"PHP File Uploader - Remote File Upload",2010-01-03,indoushka,php,webapps,0 -33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0 -34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 +33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-site Scripting",2010-01-03,indoushka,php,webapps,0 +34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,Metasploit,multiple,remote,80 33991,platforms/php/remote/33991.rb,"WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80 -33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injection",2010-05-17,podatnik386,asp,webapps,0 -33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting",2010-05-14,Mr.ThieF,php,webapps,0 +33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injections",2010-05-17,podatnik386,asp,webapps,0 +33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-site Scripting",2010-05-14,Mr.ThieF,php,webapps,0 33994,platforms/php/webapps/33994.txt,"PonVFTP - Insecure Cookie Authentication Bypass",2010-05-17,SkuLL-HackeR,php,webapps,0 33995,platforms/multiple/webapps/33995.txt,"Blaze Apps 1.x - SQL Injection / HTML Injection",2010-01-19,"AmnPardaz Security Research Team",multiple,webapps,0 33996,platforms/ios/webapps/33996.txt,"Photo Org WonderApplications 8.3 iOS - File Include",2014-07-07,Vulnerability-Lab,ios,webapps,0 -33999,platforms/php/webapps/33999.txt,"Mobile Chat 2.0.2 - 'chatsmileys.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 -34000,platforms/multiple/webapps/34000.txt,"Serialsystem 1.0.4 BETA - 'list' Parameter Cross-Site Scripting",2010-01-18,indoushka,multiple,webapps,0 +33999,platforms/php/webapps/33999.txt,"Mobile Chat 2.0.2 - 'chatsmileys.php' Cross-site Scripting",2010-01-18,indoushka,php,webapps,0 +34000,platforms/multiple/webapps/34000.txt,"Serialsystem 1.0.4 BETA - 'list' Parameter Cross-site Scripting",2010-01-18,indoushka,multiple,webapps,0 34001,platforms/linux/local/34001.c,"Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass",2010-05-18,"Dan Rosenberg",linux,local,0 34002,platforms/windows/remote/34002.c,"TeamViewer 5.0.8232 - Remote Buffer Overflow",2010-05-18,"fl0 fl0w",windows,remote,0 -34003,platforms/php/webapps/34003.txt,"Percha Image Attach 1.1 Component for Joomla! - index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34004,platforms/php/webapps/34004.txt,"Percha Fields Attach 1.0 Component for Joomla! - index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34005,platforms/php/webapps/34005.txt,"Percha Downloads Attach 1.1 Component for Joomla! - index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34006,platforms/php/webapps/34006.txt,"Percha Gallery Component 1.6 Beta for Joomla! - index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34003,platforms/php/webapps/34003.txt,"Percha Image Attach 1.1 Component for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34004,platforms/php/webapps/34004.txt,"Percha Fields Attach 1.0 Component for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34005,platforms/php/webapps/34005.txt,"Percha Downloads Attach 1.1 Component for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34006,platforms/php/webapps/34006.txt,"Percha Gallery Component 1.6 Beta for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 34007,platforms/php/webapps/34007.txt,"Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities",2014-07-08,"Deepak Rathore",php,webapps,0 -34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! - index.php controller Parameter Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! - 'index.php' controller Parameter Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 - BKFSim_vhfd.exe Buffer Overflow",2014-07-08,Metasploit,windows,remote,20010 34010,platforms/win_x86/dos/34010.html,"Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035)",2014-07-08,"Drozdova Liudmila",win_x86,dos,0 -34011,platforms/php/webapps/34011.txt,"Shopzilla Affiliate Script PHP - 'search.php' Cross-Site Scripting",2010-05-19,"Andrea Bocchetti",php,webapps,0 -34012,platforms/php/webapps/34012.txt,"Caucho Resin Professional 3.1.5 - 'resin-admin/digest.php' Multiple Cross-Site Scripting Vulnerabilities",2010-05-19,xuanmumu,php,webapps,0 +34011,platforms/php/webapps/34011.txt,"Shopzilla Affiliate Script PHP - 'search.php' Cross-site Scripting",2010-05-19,"Andrea Bocchetti",php,webapps,0 +34012,platforms/php/webapps/34012.txt,"Caucho Resin Professional 3.1.5 - 'resin-admin/digest.php' Multiple Cross-site Scripting Vulnerabilities",2010-05-19,xuanmumu,php,webapps,0 34013,platforms/windows/remote/34013.txt,"McAfee Email Gateway 6.7.1 - 'systemWebAdminConfig.do' Remote Security Bypass",2010-05-19,"Nahuel Grisolia",windows,remote,0 34014,platforms/php/webapps/34014.txt,"Web 2.0 Social Network Freunde Community System - 'user.php' SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 -34015,platforms/php/webapps/34015.txt,"SoftDirec 1.05 - 'delete_confirm.php' Cross-Site Scripting",2010-05-19,indoushka,php,webapps,0 +34015,platforms/php/webapps/34015.txt,"SoftDirec 1.05 - 'delete_confirm.php' Cross-site Scripting",2010-05-19,indoushka,php,webapps,0 34016,platforms/php/webapps/34016.txt,"Snipe Gallery 3.1 - gallery.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 34017,platforms/php/webapps/34017.txt,"Snipe Gallery 3.1 - image.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 34018,platforms/hardware/remote/34018.txt,"U.S.Robotics USR5463 0.06 - Firmware setup_ddns.exe HTML Injection",2010-05-20,SH4V,hardware,remote,0 34021,platforms/php/webapps/34021.txt,"Joomla! 'com_horses' Component - 'id' Parameter SQL Injection",2010-05-19,"Kernel Security Group",php,webapps,0 -34022,platforms/php/webapps/34022.txt,"StivaSoft Stiva SHOPPING CART 1.0 - 'demo.php' Cross-Site Scripting",2010-01-13,PaL-D3v1L,php,webapps,0 -34023,platforms/php/webapps/34023.txt,"Lisk CMS 4.4 - 'id' Parameter Multiple Cross-Site Scripting / SQL Injection",2010-05-20,"High-Tech Bridge SA",php,webapps,0 -34024,platforms/php/webapps/34024.txt,"Triburom - 'forum.php' Cross-Site Scripting",2010-01-15,"ViRuSMaN ",php,webapps,0 +34022,platforms/php/webapps/34022.txt,"StivaSoft Stiva SHOPPING CART 1.0 - 'demo.php' Cross-site Scripting",2010-01-13,PaL-D3v1L,php,webapps,0 +34023,platforms/php/webapps/34023.txt,"Lisk CMS 4.4 - 'id' Parameter Multiple Cross-site Scripting / SQL Injection",2010-05-20,"High-Tech Bridge SA",php,webapps,0 +34024,platforms/php/webapps/34024.txt,"Triburom - 'forum.php' Cross-site Scripting",2010-01-15,"ViRuSMaN ",php,webapps,0 34030,platforms/lin_x86/webapps/34030.txt,"Infoblox 6.8.2.11 - OS Command Injection",2014-07-10,"Nate Kettlewell",lin_x86,webapps,0 34025,platforms/php/webapps/34025.txt,"C99.php Shell - Authentication Bypass",2014-07-10,Mandat0ry,php,webapps,0 34026,platforms/linux/remote/34026.py,"OpenVAS Manager 4.0 - Authentication Bypass PoC",2014-07-10,EccE,linux,remote,0 34027,platforms/solaris/dos/34027.txt,"Sun Solaris 10 - Nested Directory Tree Local Denial of Service",2010-05-21,"Maksymilian Arciemowicz",solaris,dos,0 34028,platforms/solaris/dos/34028.txt,"Sun Solaris 10 - 'in.ftpd' Long Command Handling Security",2010-05-21,"Maksymilian Arciemowicz",solaris,dos,0 -34029,platforms/php/webapps/34029.txt,"Specialized Data Systems Parent Connect 2010.04.11 - Multiple SQL Injection",2010-05-21,epixoip,php,webapps,0 -34031,platforms/php/webapps/34031.txt,"gpEasy CMS 1.6.2 - 'editing_files.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 -34032,platforms/php/webapps/34032.txt,"NPDS Revolution 10.02 - 'admin.php' Cross-Site Request Forgery",2010-05-20,"High-Tech Bridge SA",php,webapps,0 -34033,platforms/hardware/remote/34033.html,"Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass and Cross-Site Request Forgery Vulnerabilities",2010-05-24,"Dan Rosenberg",hardware,remote,0 +34029,platforms/php/webapps/34029.txt,"Specialized Data Systems Parent Connect 2010.04.11 - Multiple SQL Injections",2010-05-21,epixoip,php,webapps,0 +34031,platforms/php/webapps/34031.txt,"gpEasy CMS 1.6.2 - 'editing_files.php' Cross-site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 +34032,platforms/php/webapps/34032.txt,"NPDS Revolution 10.02 - 'admin.php' Cross-site Request Forgery",2010-05-20,"High-Tech Bridge SA",php,webapps,0 +34033,platforms/hardware/remote/34033.html,"Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass and Cross-site Request Forgery Vulnerabilities",2010-05-24,"Dan Rosenberg",hardware,remote,0 34034,platforms/asp/webapps/34034.txt,"cyberhost - 'default.asp' SQL Injection",2010-05-22,redst0rm,asp,webapps,0 34035,platforms/php/webapps/34035.sjs,"OpenForum 2.2 b005 - 'saveAsAttachment()' Method Arbitrary File Creation",2010-05-23,"John Leitch",php,webapps,0 34062,platforms/php/webapps/34062.txt,"Shopizer 1.1.5 - Multiple Vulnerabilities",2014-07-14,"SEC Consult",php,webapps,80 @@ -30665,23 +30665,23 @@ id,file,description,date,author,platform,type,port 34038,platforms/php/webapps/34038.txt,"Aerohive HiveOS 5.1r5 < 6.1r5 - Multiple Vulnerabilities",2014-07-12,DearBytes,php,webapps,0 34189,platforms/php/webapps/34189.txt,"Sphider 1.3.6 - Multiple Vulnerabilities",2014-07-28,"Mike Manzotti",php,webapps,80 34040,platforms/php/webapps/34040.txt,"razorCMS 1.0 - 'admin/index.php' HTML Injection",2010-05-24,"High-Tech Bridge SA",php,webapps,0 -34041,platforms/php/webapps/34041.txt,"GetSimple CMS 2.01 - 'components.php' Cross-Site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 -34042,platforms/php/webapps/34042.txt,"RuubikCMS 1.0.3 - 'index.php' Cross-Site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 +34041,platforms/php/webapps/34041.txt,"GetSimple CMS 2.01 - 'components.php' Cross-site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 +34042,platforms/php/webapps/34042.txt,"RuubikCMS 1.0.3 - 'index.php' Cross-site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 34043,platforms/php/webapps/34043.txt,"360 Web Manager 3.0 - 'webpages-form-led-edit.php' SQL Injection",2010-05-24,"High-Tech Bridge SA",php,webapps,0 -34044,platforms/php/webapps/34044.txt,"md5 Encryption Decryption PHP Script - 'index.php' Cross-Site Scripting",2010-05-26,indoushka,php,webapps,0 +34044,platforms/php/webapps/34044.txt,"md5 Encryption Decryption PHP Script - 'index.php' Cross-site Scripting",2010-05-26,indoushka,php,webapps,0 34045,platforms/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' Parameter SQL Injection",2010-05-27,"sniper ip",php,webapps,0 -34046,platforms/php/webapps/34046.txt,"BackLinkSpider 1.3.1774 - Multiple Cross-Site Scripting Vulnerabilities",2010-05-27,"sniper ip",php,webapps,0 -34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 - (build 144) Cross-Site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 -34048,platforms/multiple/remote/34048.html,"Brekeke PBX 2.4.4.8 - 'pbx/gate' Cross-Site Request Forgery",2010-05-26,"John Leitch",multiple,remote,0 -34049,platforms/php/webapps/34049.txt,"Layout CMS 1.0 - SQL Injection / Cross-Site Scripting",2010-01-12,Red-D3v1L,php,webapps,0 +34046,platforms/php/webapps/34046.txt,"BackLinkSpider 1.3.1774 - Multiple Cross-site Scripting Vulnerabilities",2010-05-27,"sniper ip",php,webapps,0 +34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 - (build 144) Cross-site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 +34048,platforms/multiple/remote/34048.html,"Brekeke PBX 2.4.4.8 - 'pbx/gate' Cross-site Request Forgery",2010-05-26,"John Leitch",multiple,remote,0 +34049,platforms/php/webapps/34049.txt,"Layout CMS 1.0 - SQL Injection / Cross-site Scripting",2010-01-12,Red-D3v1L,php,webapps,0 34050,platforms/windows/remote/34050.py,"Home FTP Server 1.10.2.143 - Directory Traversal",2010-05-27,"John Leitch",windows,remote,0 34051,platforms/windows/dos/34051.py,"Core FTP Server 1.0.343 - Directory Traversal",2010-05-28,"John Leitch",windows,dos,0 34052,platforms/php/webapps/34052.py,"osCommerce Visitor Web Stats AddOn - 'Accept-Language' Header SQL Injection",2010-05-28,"Christopher Schramm",php,webapps,0 34053,platforms/php/webapps/34053.txt,"ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injection",2010-05-28,"High-Tech Bridge SA",php,webapps,0 34054,platforms/php/webapps/34054.txt,"GR Board 1.8.6 - 'page.php' Remote File Inclusion",2010-05-30,eidelweiss,php,webapps,0 -34055,platforms/php/webapps/34055.txt,"CMScout 2.08 - Cross-Site Scripting",2010-05-28,XroGuE,php,webapps,0 -34056,platforms/php/webapps/34056.txt,"Joomla! 1.5.x - Multiple Modules 'search' Parameter Cross-Site Scripting Vulnerabilities",2010-05-28,"Riyaz Ahemed Walikar",php,webapps,0 -34057,platforms/php/webapps/34057.txt,"wsCMS - 'news.php' Cross-Site Scripting",2010-05-31,cyberlog,php,webapps,0 +34055,platforms/php/webapps/34055.txt,"CMScout 2.08 - Cross-site Scripting",2010-05-28,XroGuE,php,webapps,0 +34056,platforms/php/webapps/34056.txt,"Joomla! 1.5.x - Multiple Modules 'search' Parameter Cross-site Scripting Vulnerabilities",2010-05-28,"Riyaz Ahemed Walikar",php,webapps,0 +34057,platforms/php/webapps/34057.txt,"wsCMS - 'news.php' Cross-site Scripting",2010-05-31,cyberlog,php,webapps,0 34058,platforms/multiple/dos/34058.txt,"DM Database Server - 'SP_DEL_BAK_EXPIRED' Memory Corruption",2010-05-31,"Shennan Wang HuaweiSymantec SRT",multiple,dos,0 34059,platforms/windows/remote/34059.py,"Kolibri WebServer 2.0 - GET Request SEH Exploit",2014-07-14,"Revin Hadi Saputra",windows,remote,0 34060,platforms/lin_x86/shellcode/34060.c,"Linux/x86 - Socket Re-use Shellcode (50 bytes)",2014-07-14,ZadYree,lin_x86,shellcode,0 @@ -30689,68 +30689,68 @@ id,file,description,date,author,platform,type,port 34064,platforms/hardware/remote/34064.rb,"D-Link HNAP - Request Remote Buffer Overflow",2014-07-14,Metasploit,hardware,remote,80 34065,platforms/hardware/remote/34065.rb,"D-Link - Unauthenticated UPnP M-SEARCH Multicast Command Injection",2014-07-14,Metasploit,hardware,remote,1900 34066,platforms/windows/remote/34066.py,"HP Data Protector Manager 8.10 - Remote Command Execution",2014-07-14,Polunchis,windows,remote,0 -34067,platforms/php/webapps/34067.txt,"Smart Statistics 1.0 - 'smart_statistics_admin.php' Cross-Site Scripting",2010-01-10,R3d-D3V!L,php,webapps,0 -34068,platforms/php/webapps/34068.html,"CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery",2010-01-01,"Truong Thao Nguyen",php,webapps,0 +34067,platforms/php/webapps/34067.txt,"Smart Statistics 1.0 - 'smart_statistics_admin.php' Cross-site Scripting",2010-01-10,R3d-D3V!L,php,webapps,0 +34068,platforms/php/webapps/34068.html,"CMS Made Simple 1.x - Cross-site Scripting / Cross-site Request Forgery",2010-01-01,"Truong Thao Nguyen",php,webapps,0 34069,platforms/windows/dos/34069.html,"Microsoft Internet Explorer 8 - CSS 'expression' Remote Denial of Service",2010-01-01,MustLive,windows,dos,0 -34070,platforms/php/webapps/34070.txt,"Datetopia Match Agency BiZ - Multiple Cross-Site Scripting Vulnerabilities",2010-01-07,R3d-D3V!L,php,webapps,0 +34070,platforms/php/webapps/34070.txt,"Datetopia Match Agency BiZ - Multiple Cross-site Scripting Vulnerabilities",2010-01-07,R3d-D3V!L,php,webapps,0 34071,platforms/php/webapps/34071.txt,"Joomla! 'com_sar_news' Component - 'id' Parameter SQL Injection",2010-06-02,LynX,php,webapps,0 -34072,platforms/php/webapps/34072.txt,"Hexjector 1.0.7.2 - 'hexjector.php' Cross-Site Scripting",2010-06-01,hexon,php,webapps,0 +34072,platforms/php/webapps/34072.txt,"Hexjector 1.0.7.2 - 'hexjector.php' Cross-site Scripting",2010-06-01,hexon,php,webapps,0 34073,platforms/php/webapps/34073.py,"TCExam 10.1.7 - 'admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload",2010-06-02,"John Leitch",php,webapps,0 34136,platforms/multiple/remote/34136.txt,"Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion",2010-06-21,"Pouya Daneshmand",multiple,remote,0 -34114,platforms/php/webapps/34114.txt,"Joomla! JReservation Component - Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 +34114,platforms/php/webapps/34114.txt,"Joomla! JReservation Component - Cross-site Scripting",2010-06-09,Sid3^effects,php,webapps,0 34086,platforms/linux/webapps/34086.txt,"Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities",2014-07-16,"SEC Consult",linux,webapps,443 34087,platforms/php/webapps/34087.txt,"Joomla Youtube Gallery Component - SQL Injection",2014-07-16,"Pham Van Khanh",php,webapps,80 -34153,platforms/php/webapps/34153.txt,"2DayBiz ybiz Network Community Script - SQL Injection / Cross-Site Scripting",2010-06-16,Sid3^effects,php,webapps,0 -34138,platforms/php/webapps/34138.txt,"VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting",2010-06-14,Sid3^effects,php,webapps,0 +34153,platforms/php/webapps/34153.txt,"2DayBiz ybiz Network Community Script - SQL Injection / Cross-site Scripting",2010-06-16,Sid3^effects,php,webapps,0 +34138,platforms/php/webapps/34138.txt,"VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-site Scripting",2010-06-14,Sid3^effects,php,webapps,0 34077,platforms/php/webapps/34077.txt,"TPO Duyuru Scripti - Insecure Cookie Authentication Bypass",2010-06-02,Septemb0x,php,webapps,0 -34078,platforms/php/webapps/34078.txt,"PHP City Portal 1.3 - 'cms_data.php' Cross-Site Scripting",2010-06-02,Red-D3v1L,php,webapps,0 -34079,platforms/php/webapps/34079.txt,"Sniggabo CMS 2.21 - 'search.php' Cross-Site Scripting",2010-01-06,Sora,php,webapps,0 -34080,platforms/cgi/webapps/34080.txt,"MoinMoin 1.x - 'PageEditor.py' Cross-Site Scripting",2010-06-03,anonymous,cgi,webapps,0 -34081,platforms/php/webapps/34081.txt,"KubeLabs PHPDug 2.0 - 'upcoming.php' Cross-Site Scripting",2010-01-06,indoushka,php,webapps,0 -34082,platforms/php/webapps/34082.txt,"Obsession-Design Image-Gallery 1.1 - 'display.php' Cross-Site Scripting",2010-01-02,kaMtiEz,php,webapps,0 -34083,platforms/php/webapps/34083.txt,"Western Digital My Book World Edition 1.1.16 - 'lang' Parameter Cross-Site Scripting",2009-12-30,emgent,php,webapps,0 +34078,platforms/php/webapps/34078.txt,"PHP City Portal 1.3 - 'cms_data.php' Cross-site Scripting",2010-06-02,Red-D3v1L,php,webapps,0 +34079,platforms/php/webapps/34079.txt,"Sniggabo CMS 2.21 - 'search.php' Cross-site Scripting",2010-01-06,Sora,php,webapps,0 +34080,platforms/cgi/webapps/34080.txt,"MoinMoin 1.x - 'PageEditor.py' Cross-site Scripting",2010-06-03,anonymous,cgi,webapps,0 +34081,platforms/php/webapps/34081.txt,"KubeLabs PHPDug 2.0 - 'upcoming.php' Cross-site Scripting",2010-01-06,indoushka,php,webapps,0 +34082,platforms/php/webapps/34082.txt,"Obsession-Design Image-Gallery 1.1 - 'display.php' Cross-site Scripting",2010-01-02,kaMtiEz,php,webapps,0 +34083,platforms/php/webapps/34083.txt,"Western Digital My Book World Edition 1.1.16 - 'lang' Parameter Cross-site Scripting",2009-12-30,emgent,php,webapps,0 34084,platforms/php/webapps/34084.txt,"L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities",2010-01-06,"Ignacio Garrido",php,webapps,0 -34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting",2010-06-04,MustLive,php,webapps,0 -34137,platforms/php/webapps/34137.txt,"Joomla! 'com_videowhisper_2wvc' Component - Cross-Site Scripting",2010-06-10,Sid3^effects,php,webapps,0 +34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-site Scripting",2010-06-04,MustLive,php,webapps,0 +34137,platforms/php/webapps/34137.txt,"Joomla! 'com_videowhisper_2wvc' Component - Cross-site Scripting",2010-06-10,Sid3^effects,php,webapps,0 34088,platforms/android/remote/34088.html,"Boat Browser 8.0 / 8.0.1 - Remote Code Execution",2014-07-16,c0otlass,android,remote,0 34089,platforms/php/webapps/34089.txt,"Bilboplanet 2.0 - Multiple XSS Vulnerabilities",2014-07-16,"Vivek N",php,webapps,80 34090,platforms/multiple/dos/34090.py,"Node Browserify 4.2.0 - Remote Code Execution",2014-07-16,"Cal Leeming",multiple,dos,0 -34091,platforms/php/webapps/34091.txt,"Pay Per Minute Video Chat Script 2.x - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 +34091,platforms/php/webapps/34091.txt,"Pay Per Minute Video Chat Script 2.x - SQL Injection / Multiple Cross-site Scripting Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 34092,platforms/jsp/webapps/34092.txt,"JForum 2.1.8 - 'bookmarks' Module Multiple HTML Injection Vulnerabilities",2010-06-06,"Adam Baldwin",jsp,webapps,0 34093,platforms/windows/dos/34093.txt,"EA Battlefield 2 1.41 and Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities",2010-06-07,"Francis Lavoie-Renaud",windows,dos,0 34094,platforms/windows/dos/34094.pl,"Aqua Real Screensaver - (.ar) Buffer Overflow",2010-01-15,R3d-D3V!L,windows,dos,0 34095,platforms/php/webapps/34095.txt,"PonVFTP - 'login.php' SQL Injection",2010-01-15,S2K9,php,webapps,0 34096,platforms/php/webapps/34096.txt,"CuteSITE CMS 1.x - manage/add_user.php user_id Parameter SQL Injection",2010-06-06,"High-Tech Bridge SA",php,webapps,0 34097,platforms/php/webapps/34097.txt,"CuteSITE CMS 1.x - manage/main.php fld_path Parameter XSS",2010-06-06,"High-Tech Bridge SA",php,webapps,0 -34154,platforms/php/webapps/34154.txt,"Software Index - 'signinform.php' Cross-Site Scripting",2010-06-27,indoushka,php,webapps,0 -34155,platforms/php/webapps/34155.txt,"Ceica-GW - 'login.php' Cross-Site Scripting",2010-06-27,indoushka,php,webapps,0 +34154,platforms/php/webapps/34154.txt,"Software Index - 'signinform.php' Cross-site Scripting",2010-06-27,indoushka,php,webapps,0 +34155,platforms/php/webapps/34155.txt,"Ceica-GW - 'login.php' Cross-site Scripting",2010-06-27,indoushka,php,webapps,0 34156,platforms/windows/remote/34156.pl,"TurboFTP Server 1.20.745 - Directory Traversal",2010-06-17,leinakesi,windows,remote,0 -34157,platforms/php/webapps/34157.txt,"Firebook - Multiple Cross-Site Scripting and Directory Traversal Vulnerabilities",2010-06-17,MustLive,php,webapps,0 -34115,platforms/windows/remote/34115.txt,"McAfee Unified Threat Management Firewall 4.0.6 - 'page' Parameter Cross-Site Scripting",2010-06-07,"Adam Baldwin",windows,remote,0 +34157,platforms/php/webapps/34157.txt,"Firebook - Multiple Cross-site Scripting and Directory Traversal Vulnerabilities",2010-06-17,MustLive,php,webapps,0 +34115,platforms/windows/remote/34115.txt,"McAfee Unified Threat Management Firewall 4.0.6 - 'page' Parameter Cross-site Scripting",2010-06-07,"Adam Baldwin",windows,remote,0 34116,platforms/php/webapps/34116.txt,"Bits Video Script 2.05 Gold Beta - showcasesearch.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 34117,platforms/php/webapps/34117.txt,"Bits Video Script 2.05 Gold Beta - showcase2search.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 -34118,platforms/php/webapps/34118.txt,"Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,indoushka,php,webapps,0 +34118,platforms/php/webapps/34118.txt,"Hitmaaan Gallery 1.3 - Multiple Cross-site Scripting Vulnerabilities",2010-01-18,indoushka,php,webapps,0 34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 - addvideo.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 - register.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 -34121,platforms/php/webapps/34121.txt,"Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 +34121,platforms/php/webapps/34121.txt,"Bits Video Script 2.04/2.05 - 'search.php' Cross-site Scripting",2010-01-18,indoushka,php,webapps,0 34340,platforms/multiple/dos/34340.txt,"Unreal Engine - 'ReceivedRawBunch()' Denial Of Service",2010-07-15,"Luigi Auriemma",multiple,dos,0 34341,platforms/php/webapps/34341.txt,"WX-Guestbook 1.1.208 - SQL Injection / HTML Injection",2009-09-21,learn3r,php,webapps,0 -34342,platforms/php/webapps/34342.txt,"Ez Poll Hoster - Multiple Cross-Site Scripting Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 -34100,platforms/php/webapps/34100.txt,"Omeka 2.2 - CSRF / Stored XSS",2014-07-17,LiquidWorm,php,webapps,80 +34342,platforms/php/webapps/34342.txt,"Ez Poll Hoster - Multiple Cross-site Scripting Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 +34100,platforms/php/webapps/34100.txt,"Omeka 2.2 - CSRF / Persistent Cross-site Scripting",2014-07-17,LiquidWorm,php,webapps,80 34139,platforms/php/webapps/34139.txt,"Yamamah Photo Gallery 1.00 - 'download.php' Local File Disclosure",2010-06-13,mat,php,webapps,0 34140,platforms/php/webapps/34140.txt,"AneCMS 1.x - 'modules/blog/index.php' HTML Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 34113,platforms/php/webapps/34113.py,"SilverStripe CMS 2.4 - File Renaming Security Bypass",2010-06-09,"John Leitch",php,webapps,0 34105,platforms/php/webapps/34105.txt,"WordPress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager - 'target' Parameter Local File Inclusion",2010-06-07,"AnTi SeCuRe",php,webapps,0 -34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-Site Scripting",2010-06-07,"High-Tech Bridge SA",php,webapps,0 -34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting",2009-01-08,"Patrick Webster",java,webapps,0 +34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-site Scripting",2010-06-07,"High-Tech Bridge SA",php,webapps,0 +34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-site Scripting",2009-01-08,"Patrick Webster",java,webapps,0 34109,platforms/php/webapps/34109.html,"log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion",2010-06-03,"High-Tech Bridge SA",php,webapps,0 -34110,platforms/php/webapps/34110.txt,"PG Auto Pro - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 +34110,platforms/php/webapps/34110.txt,"PG Auto Pro - SQL Injection / Cross-site Scripting",2010-06-09,Sid3^effects,php,webapps,0 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 -34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34124,platforms/php/webapps/34124.txt,"WordPress WP BackupPlus - Database And Files Backup Download (0Day)",2014-07-20,pSyCh0_3D,php,webapps,0 34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)",2014-07-21,"Brandon Perry",linux,webapps,80 -34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center - 'sysinfo/sysinfomain.htm' Cross-Site Scripting Weakness",2010-06-10,"Tavis Ormandy",windows,remote,0 +34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center - 'sysinfo/sysinfomain.htm' Cross-site Scripting Weakness",2010-06-10,"Tavis Ormandy",windows,remote,0 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection",2010-06-10,SwEET-DeViL,php,webapps,0 34128,platforms/hardware/webapps/34128.py,"MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities",2014-07-21,"Ajin Abraham",hardware,webapps,80 34129,platforms/windows/dos/34129.txt,"World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow",2014-07-21,"Alireza Chegini",windows,dos,0 @@ -30769,37 +30769,37 @@ id,file,description,date,author,platform,type,port 34162,platforms/windows/dos/34162.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH)",2014-07-24,"Gabor Seljan",windows,dos,0 34163,platforms/hardware/webapps/34163.txt,"Lian Li NAS - Multiple Vulnerabilities",2014-07-24,pws,hardware,webapps,0 34164,platforms/linux/dos/34164.pl,"Make 3.81 - Heap Overflow PoC",2014-07-24,HyP,linux,dos,0 -34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (64-bit) - Stored XSS",2014-07-25,"Dolev Farhi",multiple,webapps,0 +34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (64-bit) - Persistent Cross-site Scripting",2014-07-25,"Dolev Farhi",multiple,webapps,0 34166,platforms/php/webapps/34166.txt,"KubeSupport - 'lang' Parameter SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 34167,platforms/win_x86/local/34167.rb,"MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-25,Metasploit,win_x86,local,0 34168,platforms/php/webapps/34168.py,"Pligg 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80 34169,platforms/php/webapps/34169.txt,"Moodle 2.7 - Persistent XSS",2014-07-27,"Osanda Malith",php,webapps,0 -34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-Site Scripting",2014-07-27,"Mayuresh Dani",php,webapps,0 +34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-site Scripting",2014-07-27,"Mayuresh Dani",php,webapps,0 34363,platforms/multiple/remote/34363.rb,"Firefox - toString console.time Privileged Javascript Injection",2014-08-19,Metasploit,multiple,remote,0 34172,platforms/hardware/dos/34172.txt,"Sagem Fast 3304-V1 - Denial Of Service",2014-07-27,Z3ro0ne,hardware,dos,0 -34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - LFI",2014-07-27,"black hat",php,webapps,0 +34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - Local File Inclusion",2014-07-27,"black hat",php,webapps,0 34174,platforms/windows/remote/34174.txt,"Enemy Territory: Quake Wars 1.5.12642.33243 - Buffer Overflow",2010-08-18,"Luigi Auriemma",windows,remote,0 34175,platforms/php/webapps/34175.txt,"SaffaTunes CMS - 'news.php' Multiple SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 -34176,platforms/php/webapps/34176.html,"osCmax 2.0 - 'articles.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 -34177,platforms/php/webapps/34177.txt,"Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 +34176,platforms/php/webapps/34176.html,"osCmax 2.0 - 'articles.php' Cross-site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 +34177,platforms/php/webapps/34177.txt,"Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 34178,platforms/windows/remote/34178.txt,"id Software id Tech 4 Engine - 'idGameLocal::GetGameStateObject()' Remote Code Execution",2010-07-21,"Luigi Auriemma",windows,remote,0 -34179,platforms/jsp/webapps/34179.txt,"IBM WebSphere ILOG JRules 6.7 - Cross-Site Scripting",2010-06-21,IBM,jsp,webapps,0 +34179,platforms/jsp/webapps/34179.txt,"IBM WebSphere ILOG JRules 6.7 - Cross-site Scripting",2010-06-21,IBM,jsp,webapps,0 34180,platforms/asp/webapps/34180.txt,"webConductor - 'default.asp' SQL Injection",2010-06-22,"Th3 RDX",asp,webapps,0 34181,platforms/php/webapps/34181.txt,"SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities",2010-06-22,"cp77fk4r ",php,webapps,0 -34182,platforms/hardware/remote/34182.txt,"Linksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-Site Scripting",2010-06-23,"Cristofaro Mune",hardware,remote,0 -34183,platforms/php/webapps/34183.txt,"Jamroom 4.0.2/4.1.x - 'forum.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 +34182,platforms/hardware/remote/34182.txt,"Linksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-site Scripting",2010-06-23,"Cristofaro Mune",hardware,remote,0 +34183,platforms/php/webapps/34183.txt,"Jamroom 4.0.2/4.1.x - 'forum.php' Cross-site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 34184,platforms/hardware/remote/34184.txt,"Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities",2010-06-14,"Ivan Huertas",hardware,remote,0 34185,platforms/php/webapps/34185.txt,"Pre Projects Multi-Vendor Shopping Malls - 'products.php' SQL Injection",2010-06-23,CoBRa_21,php,webapps,0 34186,platforms/multiple/remote/34186.txt,"Apache Axis2 1.x - '/axis2/axis2-admin' Session Fixation",2010-06-23,"Tiago Ferreira Barbosa",multiple,remote,0 -34187,platforms/hardware/webapps/34187.txt,"Ubiquiti UbiFi / mFi / AirVision - CSRF",2014-07-28,"Seth Art",hardware,webapps,80 +34187,platforms/hardware/webapps/34187.txt,"Ubiquiti UbiFi / mFi / AirVision - Cross-site Request Forgery",2014-07-28,"Seth Art",hardware,webapps,80 34190,platforms/php/webapps/34190.txt,"Oxwall 1.7.0 - Multiple CSRF / HTML Injection Vulnerabilities",2014-07-28,LiquidWorm,php,webapps,80 34191,platforms/php/remote/34191.py,"Oxwall 1.7.0 - Remote Code Execution Exploit",2014-07-28,LiquidWorm,php,remote,80 34192,platforms/linux/remote/34192.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - XSLT Integer Overflow",2010-06-22,"Martin Barbella",linux,remote,0 -34194,platforms/asp/webapps/34194.txt,"Lois Software WebDB 2.0A Script - Multiple SQL Injection",2010-06-24,"High-Tech Bridge SA",asp,webapps,0 -34195,platforms/php/webapps/34195.txt,"WordPress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 +34194,platforms/asp/webapps/34194.txt,"Lois Software WebDB 2.0A Script - Multiple SQL Injections",2010-06-24,"High-Tech Bridge SA",asp,webapps,0 +34195,platforms/php/webapps/34195.txt,"WordPress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-site Scripting",2010-05-05,MustLive,php,webapps,0 34196,platforms/ios/webapps/34196.txt,"WiFi HD 7.3.0 iOS - Multiple Vulnerabilities",2014-07-29,Vulnerability-Lab,ios,webapps,0 34197,platforms/php/webapps/34197.txt,"AbleSpace 1.0 - 'news.php' SQL Injection",2010-06-25,JaMbA,php,webapps,0 -34198,platforms/php/webapps/34198.txt,"Limny 2.1 - 'q' Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 +34198,platforms/php/webapps/34198.txt,"Limny 2.1 - 'q' Parameter Cross-site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34200,platforms/hardware/remote/34200.txt,"Cisco Adaptive Security Response - HTTP Response Splitting",2010-06-25,"Daniel King",hardware,remote,0 34201,platforms/linux/remote/34201.txt,"feh 1.7 - '--wget-timestamp' Remote Code Execution",2010-06-25,anonymous,linux,remote,0 34203,platforms/hardware/dos/34203.txt,"Dlink DWR-113 Rev. Ax - CSRF Denial of Service",2014-07-30,"Blessen Thomas",hardware,dos,0 @@ -30814,62 +30814,62 @@ id,file,description,date,author,platform,type,port 34212,platforms/php/webapps/34212.html,"OneCMS 2.6.1 - admin/admin.php Short1 Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34213,platforms/php/webapps/34213.txt,"PHP Bible Search - bible.php chapter Parameter SQL Injection",2010-06-29,"L0rd CrusAd3r",php,webapps,0 34214,platforms/php/webapps/34214.txt,"PHP Bible Search - bible.php chapter Parameter XSS",2010-06-29,"L0rd CrusAd3r",php,webapps,0 -34215,platforms/php/webapps/34215.txt,"MySpace Clone 2010 - SQL Injection / Cross-Site Scripting",2010-06-28,"L0rd CrusAd3r",php,webapps,0 +34215,platforms/php/webapps/34215.txt,"MySpace Clone 2010 - SQL Injection / Cross-site Scripting",2010-06-28,"L0rd CrusAd3r",php,webapps,0 34216,platforms/php/webapps/34216.txt,"eBay Clone Script 2010 - 'showcategory.php' SQL Injection",2010-06-28,"L0rd CrusAd3r",php,webapps,0 34217,platforms/php/webapps/34217.txt,"Clix'N'Cash Clone 2010 - 'index.php' SQL Injection",2010-06-28,"L0rd CrusAd3r",php,webapps,0 34218,platforms/php/webapps/34218.txt,"V-EVA Classified Script 5.1 - 'classified_img.php' SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 34219,platforms/php/webapps/34219.txt,"CANDID - image/view.php image_id Parameter SQL Injection",2010-06-29,"L0rd CrusAd3r",php,webapps,0 34220,platforms/php/webapps/34220.txt,"CANDID - image/view.php image_id Parameter XSS",2010-06-29,"L0rd CrusAd3r",php,webapps,0 -34221,platforms/asp/webapps/34221.txt,"Iatek PortalApp 3.3/4.0 - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities",2010-06-29,"High-Tech Bridge SA",asp,webapps,0 -34222,platforms/php/webapps/34222.html,"Grafik CMS - 'admin.php' SQL Injection / Cross-Site Scripting",2010-06-29,"High-Tech Bridge SA",php,webapps,0 +34221,platforms/asp/webapps/34221.txt,"Iatek PortalApp 3.3/4.0 - 'login.asp' Multiple Cross-site Scripting Vulnerabilities",2010-06-29,"High-Tech Bridge SA",asp,webapps,0 +34222,platforms/php/webapps/34222.html,"Grafik CMS - 'admin.php' SQL Injection / Cross-site Scripting",2010-06-29,"High-Tech Bridge SA",php,webapps,0 34223,platforms/cgi/webapps/34223.txt,"Miyabi CGI Tools 1.02 - 'index.pl' Remote Command Execution",2010-06-29,"Marshall Whittaker",cgi,webapps,0 -34224,platforms/multiple/webapps/34224.txt,"Kryn.cms 6.0 - Cross-Site Request Forgery / HTML Injection",2010-06-29,TurboBorland,multiple,webapps,0 +34224,platforms/multiple/webapps/34224.txt,"Kryn.cms 6.0 - Cross-site Request Forgery / HTML Injection",2010-06-29,TurboBorland,multiple,webapps,0 34225,platforms/php/webapps/34225.txt,"TornadoStore 1.4.3 - SQL Injection / HTML Injection",2010-06-29,"Lucas Apa",php,webapps,0 34226,platforms/php/webapps/34226.txt,"System CMS Contentia - 'news.php' SQL Injection",2010-06-30,GlaDiaT0R,php,webapps,0 34227,platforms/windows/dos/34227.txt,"Qt 4.6.3 - Remote Denial of Service",2010-06-29,"Luigi Auriemma",windows,dos,0 34228,platforms/linux/dos/34228.txt,"Mumble Murmur 1.2 - Denial of Service",2010-06-29,"Luigi Auriemma",linux,dos,0 -34229,platforms/php/webapps/34229.txt,"ArcademSX 2.904 - 'cat' Parameter Cross-Site Scripting",2010-06-29,"Th3 RDX",php,webapps,0 -34230,platforms/windows/remote/34230.txt,"Freewebscriptz Online Games Login - Multiple SQL Injection",2009-12-31,"Hussin X",windows,remote,0 -34231,platforms/php/webapps/34231.txt,"LiveZilla 3.1.8.3 - Multiple Cross-Site Scripting Vulnerabilities",2009-12-30,MaXe,php,webapps,0 -34232,platforms/php/webapps/34232.txt,"DPScms - 'q' Parameter SQL Injection / Cross-Site Scripting",2010-07-01,Ariko-Security,php,webapps,0 +34229,platforms/php/webapps/34229.txt,"ArcademSX 2.904 - 'cat' Parameter Cross-site Scripting",2010-06-29,"Th3 RDX",php,webapps,0 +34230,platforms/windows/remote/34230.txt,"Freewebscriptz Online Games Login - Multiple SQL Injections",2009-12-31,"Hussin X",windows,remote,0 +34231,platforms/php/webapps/34231.txt,"LiveZilla 3.1.8.3 - Multiple Cross-site Scripting Vulnerabilities",2009-12-30,MaXe,php,webapps,0 +34232,platforms/php/webapps/34232.txt,"DPScms - 'q' Parameter SQL Injection / Cross-site Scripting",2010-07-01,Ariko-Security,php,webapps,0 34233,platforms/windows/dos/34233.py,"Sumatra PDF 1.1 - Denial Of Service",2010-07-01,"Azim Poonawala",windows,dos,0 -34234,platforms/php/webapps/34234.txt,"Flatnux 2010-06.09 - 'find' Parameter Cross-Site Scripting",2010-07-01,ITSecTeam,php,webapps,0 -34235,platforms/php/webapps/34235.txt,"Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection",2010-07-01,"John Leitch",php,webapps,0 +34234,platforms/php/webapps/34234.txt,"Flatnux 2010-06.09 - 'find' Parameter Cross-site Scripting",2010-07-01,ITSecTeam,php,webapps,0 +34235,platforms/php/webapps/34235.txt,"Wiki Web Help 0.2.7 - Cross-site Scripting / HTML Injection",2010-07-01,"John Leitch",php,webapps,0 34236,platforms/php/webapps/34236.txt,"ReCMS - 'users_lang' Parameter Directory Traversal",2010-07-01,Locu,php,webapps,0 -34237,platforms/multiple/webapps/34237.txt,"Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting",2010-07-02,"Marcos Garcia and Maximiliano Soler",multiple,webapps,0 +34237,platforms/multiple/webapps/34237.txt,"Xplico 0.5.7 - 'add.ctp' Cross-site Scripting",2010-07-02,"Marcos Garcia and Maximiliano Soler",multiple,webapps,0 34238,platforms/php/webapps/34238.txt,"Sphider Search Engine - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80 34239,platforms/php/webapps/34239.txt,"Status2k Server Monitoring Software - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80 34240,platforms/ios/webapps/34240.txt,"TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34241,platforms/linux/webapps/34241.txt,"ISPConfig 3.0.54p1 - Authenticated Admin Local Root",2014-08-02,mra,linux,webapps,8080 -34336,platforms/php/webapps/34336.html,"WordPress Disqus 2.7.5 Plugin - Admin Stored CSRF / XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 -34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 -34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 - HTML Injection / Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34336,platforms/php/webapps/34336.html,"WordPress Disqus 2.7.5 Plugin - Admin PersistentCSRF / XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 +34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 - HTML Injection / Cross-site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34362,platforms/linux/remote/34362.rb,"Gitlab-shell - Code Execution",2014-08-19,Metasploit,linux,remote,443 34245,platforms/php/webapps/34245.txt,"ArticleFR 11.06.2014 - (data.php) Privilege Escalation",2014-08-02,"High-Tech Bridge SA",php,webapps,80 -34246,platforms/php/webapps/34246.txt,"AL-Caricatier 2.5 - 'comment.php' Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +34246,platforms/php/webapps/34246.txt,"AL-Caricatier 2.5 - 'comment.php' Cross-site Scripting",2009-12-25,indoushka,php,webapps,0 34248,platforms/multiple/dos/34248.txt,"EDItran Communications Platform (editcp) 4.1 - Remote Buffer Overflow",2010-07-05,"Pedro Andujar",multiple,dos,0 34249,platforms/linux/dos/34249.txt,"Freeciv 2.2.1 - Multiple Remote Denial Of Service Vulnerabilities",2010-07-03,"Luigi Auriemma",linux,dos,0 34250,platforms/php/webapps/34250.txt,"Miniwork Studio Canteen 1.0 Component for Joomla! - SQL Injection / Local File Inclusion",2010-07-05,Drosophila,php,webapps,0 34251,platforms/windows/dos/34251.txt,"Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial Of Service Vulnerabilities",2010-07-05,"Luigi Auriemma",windows,dos,0 -34252,platforms/php/webapps/34252.txt,"i-Net Solution Matrimonial Script 2.0.3 - 'alert.php' Cross-Site Scripting",2010-07-06,"Andrea Bocchetti",php,webapps,0 -34253,platforms/php/webapps/34253.txt,"Orbis CMS 1.0.2 - 'editor-body.php' Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 +34252,platforms/php/webapps/34252.txt,"i-Net Solution Matrimonial Script 2.0.3 - 'alert.php' Cross-site Scripting",2010-07-06,"Andrea Bocchetti",php,webapps,0 +34253,platforms/php/webapps/34253.txt,"Orbis CMS 1.0.2 - 'editor-body.php' Cross-site Scripting",2010-07-05,"John Leitch",php,webapps,0 34254,platforms/hardware/webapps/34254.txt,"TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution",2014-08-03,"Christoph Kuhl",hardware,webapps,0 -34255,platforms/php/webapps/34255.html,"cPanel 11.25 - Cross-Site Request Forgery",2010-07-03,G0D-F4Th3r,php,webapps,0 -34256,platforms/php/webapps/34256.py,"SocialABC NetworX 1.0.3 - Arbitrary File Upload / Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 -34257,platforms/php/webapps/34257.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (2)",2010-07-06,"Ivan Sanchez",php,webapps,0 -34258,platforms/php/webapps/34258.txt,"NewsOffice 2.0.18 - 'news_show.php' Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 -34259,platforms/php/webapps/34259.txt,"Bitweaver 2.7 - 'fImg' Parameter Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 -34260,platforms/php/webapps/34260.txt,"odCMS 1.07 - 'archive.php' Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 +34255,platforms/php/webapps/34255.html,"cPanel 11.25 - Cross-site Request Forgery",2010-07-03,G0D-F4Th3r,php,webapps,0 +34256,platforms/php/webapps/34256.py,"SocialABC NetworX 1.0.3 - Arbitrary File Upload / Cross-site Scripting",2010-07-05,"John Leitch",php,webapps,0 +34257,platforms/php/webapps/34257.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-site Scripting Vulnerabilities (2)",2010-07-06,"Ivan Sanchez",php,webapps,0 +34258,platforms/php/webapps/34258.txt,"NewsOffice 2.0.18 - 'news_show.php' Cross-site Scripting",2010-07-05,"John Leitch",php,webapps,0 +34259,platforms/php/webapps/34259.txt,"Bitweaver 2.7 - 'fImg' Parameter Cross-site Scripting",2010-07-05,"John Leitch",php,webapps,0 +34260,platforms/php/webapps/34260.txt,"odCMS 1.07 - 'archive.php' Cross-site Scripting",2010-07-05,"John Leitch",php,webapps,0 34261,platforms/multiple/dos/34261.txt,"Unreal Engine 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow",2010-07-06,"Luigi Auriemma",multiple,dos,0 34262,platforms/lin_x86/shellcode/34262.c,"Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh shellcode (378 bytes)",2014-08-04,"Ali Razmjoo",lin_x86,shellcode,0 34263,platforms/ios/webapps/34263.txt,"Video WiFi Transfer 1.01 - Directory Traversal",2014-08-04,Vulnerability-Lab,ios,webapps,8080 34264,platforms/ios/webapps/34264.txt,"FreeDisk 1.01 iOS - Multiple Vulnerabilities",2014-08-04,Vulnerability-Lab,ios,webapps,8080 -34265,platforms/php/webapps/34265.txt,"Exponent CMS 0.97 - 'slideshow.js.php' Cross-Site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 -34266,platforms/php/webapps/34266.txt,"RunCMS 2.1 - 'check.php' Cross-Site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 +34265,platforms/php/webapps/34265.txt,"Exponent CMS 0.97 - 'slideshow.js.php' Cross-site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 +34266,platforms/php/webapps/34266.txt,"RunCMS 2.1 - 'check.php' Cross-site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 34267,platforms/linux/local/34267.sh,"Altair Engineering PBS Pro 10.x - 'pbs_mom' Insecure Temporary File Creation",2010-07-07,"Bartlomiej Balcerek",linux,local,0 -34268,platforms/php/webapps/34268.txt,"Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 -34269,platforms/php/webapps/34269.txt,"Pligg 1.0.4 - 'install1.php' Cross-Site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 +34268,platforms/php/webapps/34268.txt,"Worxware DCP-Portal 7.0 - Multiple Cross-site Scripting Vulnerabilities",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 +34269,platforms/php/webapps/34269.txt,"Pligg 1.0.4 - 'install1.php' Cross-site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 34270,platforms/multiple/dos/34270.txt,"Ubisoft Ghost Recon Advanced Warfighter - Integer Overflow and Array Indexing Overflow",2010-07-07,"Luigi Auriemma",multiple,dos,0 34271,platforms/multiple/remote/34271.txt,"id Software id Tech 4 Engine - 'key' Packet Remote Code Execution",2010-07-05,"Luigi Auriemma",multiple,remote,0 34272,platforms/windows/local/34272.py,"Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow Privilege Escalation",2014-08-05,"ryujin & sickness",windows,local,0 @@ -30878,60 +30878,60 @@ id,file,description,date,author,platform,type,port 34279,platforms/linux/dos/34279.txt,"LibTIFF 3.9.4 - Unknown Tag Second Pass Processing Remote Denial of Service",2010-06-14,"Tom Lane",linux,dos,0 34275,platforms/php/webapps/34275.txt,"Pro Chat Rooms 8.2.0 - Multiple Vulnerabilities",2014-08-06,"Mike Manzotti",php,webapps,80 34528,platforms/multiple/dos/34528.py,"Adobe Acrobat and Reader 9.3.4 - 'AcroForm.api' Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 -34277,platforms/php/webapps/34277.txt,"Feng Office - Stored XSS",2014-08-06,"Juan Sacco",php,webapps,0 +34277,platforms/php/webapps/34277.txt,"Feng Office - Persistent Cross-site Scripting",2014-08-06,"Juan Sacco",php,webapps,0 34527,platforms/windows/webapps/34527.c,"Acunetix Web Vulnerability Scanner - DLL Loading Arbitrary Code Execution",2010-08-25,Kolor,windows,webapps,0 -34280,platforms/php/webapps/34280.txt,"PHPFABER CMS 2.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-04,prodigy,php,webapps,0 +34280,platforms/php/webapps/34280.txt,"PHPFABER CMS 2.0.5 - Multiple Cross-site Scripting Vulnerabilities",2010-07-04,prodigy,php,webapps,0 34281,platforms/windows/dos/34281.py,"MP3 Cutter 1.8 MP3 - File Processing Remote Denial of Service",2010-07-09,"Prashant Uniyal",windows,dos,0 -34282,platforms/php/webapps/34282.txt,"Real Estate Manager 1.0.1 - 'index.php' Cross-Site Scripting",2010-07-09,bi0,php,webapps,0 -34283,platforms/php/webapps/34283.txt,"Model Agency Manager - 'search_process.php' Cross-Site Scripting",2009-12-13,bi0,php,webapps,0 -34284,platforms/php/webapps/34284.txt,"osCSS 1.2.2 - 'page' Parameter Cross-Site Scripting",2010-07-08,"High-Tech Bridge SA",php,webapps,0 -34285,platforms/php/webapps/34285.txt,"Articlems 2.0 - 'c[]' Parameter Cross-Site Scripting",2010-12-13,Packetdeath,php,webapps,0 -34286,platforms/php/webapps/34286.txt,"SimpNews 2.47.3 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-09,MustLive,php,webapps,0 +34282,platforms/php/webapps/34282.txt,"Real Estate Manager 1.0.1 - 'index.php' Cross-site Scripting",2010-07-09,bi0,php,webapps,0 +34283,platforms/php/webapps/34283.txt,"Model Agency Manager - 'search_process.php' Cross-site Scripting",2009-12-13,bi0,php,webapps,0 +34284,platforms/php/webapps/34284.txt,"osCSS 1.2.2 - 'page' Parameter Cross-site Scripting",2010-07-08,"High-Tech Bridge SA",php,webapps,0 +34285,platforms/php/webapps/34285.txt,"Articlems 2.0 - 'c[]' Parameter Cross-site Scripting",2010-12-13,Packetdeath,php,webapps,0 +34286,platforms/php/webapps/34286.txt,"SimpNews 2.47.3 - Multiple Cross-site Scripting Vulnerabilities",2010-07-09,MustLive,php,webapps,0 34287,platforms/php/webapps/34287.txt,"Yappa 3.1.2 - 'yappa.php' Multiple Remote Command Execution Vulnerabilities",2010-07-09,"Sn!pEr.S!Te Hacker",php,webapps,0 34288,platforms/php/webapps/34288.txt,"pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injection",2009-12-22,"Hadi Kiamarsi",php,webapps,0 34289,platforms/php/webapps/34289.txt,"Web Cocoon simpleCMS - 'show.php' SQL Injection",2009-12-21,anonymous,php,webapps,0 -34290,platforms/java/webapps/34290.txt,"Mac's CMS 1.1.4 - 'searchString' Parameter Cross-Site Scripting",2010-07-11,10n1z3d,java,webapps,0 +34290,platforms/java/webapps/34290.txt,"Mac's CMS 1.1.4 - 'searchString' Parameter Cross-site Scripting",2010-07-11,10n1z3d,java,webapps,0 34291,platforms/php/webapps/34291.txt,"Joomla! Rapid-Recipe Component - HTML Injection",2010-07-10,Sid3^effects,php,webapps,0 -34292,platforms/php/webapps/34292.txt,"eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 -34293,platforms/java/webapps/34293.txt,"dotDefender 4.02 - 'clave' Parameter Cross-Site Scripting",2010-07-12,"David K",java,webapps,0 -34294,platforms/php/webapps/34294.txt,"FireStats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-09,"Jelmer de Hen",php,webapps,0 -34295,platforms/php/webapps/34295.txt,"RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting",2010-07-11,"John Leitch",php,webapps,0 -34296,platforms/php/webapps/34296.txt,"CSSTidy 1.3 - 'css_optimiser.php' Cross-Site Scripting",2010-07-11,"John Leitch",php,webapps,0 -34297,platforms/multiple/remote/34297.txt,"dotDefender - Cross-Site Scripting Security Bypass",2010-07-09,SH4V,multiple,remote,0 +34292,platforms/php/webapps/34292.txt,"eliteCMS 1.01 - Multiple Cross-site Scripting Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 +34293,platforms/java/webapps/34293.txt,"dotDefender 4.02 - 'clave' Parameter Cross-site Scripting",2010-07-12,"David K",java,webapps,0 +34294,platforms/php/webapps/34294.txt,"FireStats 1.6.5 - Multiple Cross-site Scripting Vulnerabilities",2010-07-09,"Jelmer de Hen",php,webapps,0 +34295,platforms/php/webapps/34295.txt,"RunCMS 2.1 - 'magpie_debug.php' Cross-site Scripting",2010-07-11,"John Leitch",php,webapps,0 +34296,platforms/php/webapps/34296.txt,"CSSTidy 1.3 - 'css_optimiser.php' Cross-site Scripting",2010-07-11,"John Leitch",php,webapps,0 +34297,platforms/multiple/remote/34297.txt,"dotDefender - Cross-site Scripting Security Bypass",2010-07-09,SH4V,multiple,remote,0 34298,platforms/php/webapps/34298.py,"CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload",2010-07-11,"John Leitch",php,webapps,0 34299,platforms/php/webapps/34299.py,"CMS Made Simple 1.8 - 'default_cms_lang' Parameter Local File Inclusion",2010-07-11,"John Leitch",php,webapps,0 34300,platforms/php/webapps/34300.py,"CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload",2010-07-11,"John Leitch",php,webapps,0 34301,platforms/multiple/remote/34301.txt,"Asterisk Recording Interface 0.7.15/0.10 - Multiple Vulnerabilities",2010-07-12,TurboBorland,multiple,remote,0 -34302,platforms/php/webapps/34302.txt,"Diem 5.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-13,"High-Tech Bridge SA",php,webapps,0 +34302,platforms/php/webapps/34302.txt,"Diem 5.1.2 - Multiple Cross-site Scripting Vulnerabilities",2010-07-13,"High-Tech Bridge SA",php,webapps,0 34303,platforms/ios/webapps/34303.txt,"PhotoSync Wifi & Bluetooth 1.0 - File Include",2014-08-09,Vulnerability-Lab,ios,webapps,8000 34305,platforms/ios/webapps/34305.txt,"Easy FTP Pro 4.2 iOS - Command Injection",2014-08-09,Vulnerability-Lab,ios,webapps,8080 34306,platforms/hardware/dos/34306.txt,"SHARP MX Series - Denial of Service",2014-08-09,pws,hardware,dos,23 34307,platforms/hardware/dos/34307.txt,"Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm",2014-08-09,"Matt O'Connor",hardware,dos,0 34308,platforms/php/webapps/34308.txt,"TomatoCart 1.x - SQL Injection",2014-08-09,Breaking.Technology,php,webapps,80 34309,platforms/solaris/dos/34309.txt,"Oracle Solaris - 'rdist' Local Privilege Escalation",2010-07-13,"Monarch Rich",solaris,dos,0 -34310,platforms/multiple/remote/34310.txt,"Oracle Business Process Management 10.3.2 - Cross-Site Scripting",2010-07-13,Markot,multiple,remote,0 +34310,platforms/multiple/remote/34310.txt,"Oracle Business Process Management 10.3.2 - Cross-site Scripting",2010-07-13,Markot,multiple,remote,0 34311,platforms/solaris/local/34311.sh,"Oracle Solaris 8/9/10 - 'flar' Insecure Temporary File Creation",2010-07-12,"Frank Stuart",solaris,local,0 34312,platforms/multiple/remote/34312.txt,"Oracle WebLogic Server 10.3.3 - Encoded URL Remote",2010-07-13,"Timothy D. Morgan",multiple,remote,0 34313,platforms/solaris/local/34313.txt,"Oracle Solaris - 'nfslogd' Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 34314,platforms/solaris/local/34314.sh,"Oracle Solaris Management Console - WBEM Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 -34315,platforms/php/webapps/34315.txt,"The Next Generation of Genealogy Sitebuilding - 'searchform.php' Cross-Site Scripting",2009-12-14,bi0,php,webapps,0 -34316,platforms/hardware/remote/34316.txt,"Juniper Networks SA2000 SSL VPN Appliance - 'welcome.cgi' Cross-Site Scripting",2010-06-09,"Richard Brain",hardware,remote,0 -34317,platforms/php/webapps/34317.txt,"WS Interactive Automne 4.0 - '228-recherche.php' Cross-Site Scripting",2009-12-13,loneferret,php,webapps,0 -34318,platforms/php/webapps/34318.txt,"Zeecareers 2.0 - Cross-Site Scripting / Authentication Bypass",2009-12-13,bi0,php,webapps,0 -34319,platforms/php/webapps/34319.txt,"Ez Cart - 'index.php' Cross-Site Scripting",2009-12-14,anti-gov,php,webapps,0 +34315,platforms/php/webapps/34315.txt,"The Next Generation of Genealogy Sitebuilding - 'searchform.php' Cross-site Scripting",2009-12-14,bi0,php,webapps,0 +34316,platforms/hardware/remote/34316.txt,"Juniper Networks SA2000 SSL VPN Appliance - 'welcome.cgi' Cross-site Scripting",2010-06-09,"Richard Brain",hardware,remote,0 +34317,platforms/php/webapps/34317.txt,"WS Interactive Automne 4.0 - '228-recherche.php' Cross-site Scripting",2009-12-13,loneferret,php,webapps,0 +34318,platforms/php/webapps/34318.txt,"Zeecareers 2.0 - Cross-site Scripting / Authentication Bypass",2009-12-13,bi0,php,webapps,0 +34319,platforms/php/webapps/34319.txt,"Ez Cart - 'index.php' Cross-site Scripting",2009-12-14,anti-gov,php,webapps,0 34320,platforms/php/webapps/34320.txt,"GetSimple CMS 2.01 - admin/template/error_checking.php Multiple Parameter XSS",2010-07-15,Leonard,php,webapps,0 -34321,platforms/php/webapps/34321.txt,"Spitfire 1.0.381 - Cross-Site Scripting / Cross-Site Request Forgery",2010-07-15,"Nijel the Destroyer",php,webapps,0 -34322,platforms/php/webapps/34322.txt,"phpwcms 1.4.5 - 'phpwcms.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 -34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 -34324,platforms/php/webapps/34324.txt,"FestOS 2.3 - 'contents' Parameter Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34321,platforms/php/webapps/34321.txt,"Spitfire 1.0.381 - Cross-site Scripting / Cross-site Request Forgery",2010-07-15,"Nijel the Destroyer",php,webapps,0 +34322,platforms/php/webapps/34322.txt,"phpwcms 1.4.5 - 'phpwcms.php' Cross-site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34324,platforms/php/webapps/34324.txt,"FestOS 2.3 - 'contents' Parameter Cross-site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34499,platforms/php/webapps/34499.txt,"ViArt Helpdesk - products_search.php search_category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34335,platforms/linux/remote/34335.rb,"VMTurbo Operations Manager 4.6 - vmtadmin.cgi Remote Command Execution",2014-08-14,Metasploit,linux,remote,80 34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox - 3D Acceleration Virtual Machine Escape",2014-08-14,Metasploit,win_x86-64,remote,0 34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation",2014-08-13,Metasploit,windows,local,0 34331,platforms/windows/local/34331.py,"BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie Manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 -34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET - Multiple SQL Injection",2009-12-17,bi0,asp,webapps,0 -34345,platforms/java/webapps/34345.txt,"jCore - 'search' Parameter Cross-Site Scripting",2009-12-17,loneferret,java,webapps,0 +34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET - Multiple SQL Injections",2009-12-17,bi0,asp,webapps,0 +34345,platforms/java/webapps/34345.txt,"jCore - 'search' Parameter Cross-site Scripting",2009-12-17,loneferret,java,webapps,0 34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload",2014-09-09,Metasploit,windows,remote,8020 34347,platforms/cgi/webapps/34347.txt,"iOffice 0.1 - 'parametre' Parameter Remote Command Execution",2010-07-18,"Marshall Whittaker",cgi,webapps,0 34348,platforms/linux/dos/34348.txt,"OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities",2010-07-19,"Ilkka Mattila",linux,dos,0 @@ -30943,79 +30943,79 @@ id,file,description,date,author,platform,type,port 34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 - 'main.php' Multiple Local File Inclusion",2009-12-14,Packetdeath,php,webapps,0 34355,platforms/windows/dos/34355.txt,"Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities",2010-07-18,"Luigi Auriemma",windows,dos,0 34356,platforms/linux/dos/34356.txt,"gif2png 2.5.2 - Remote Buffer Overflow",2009-12-12,"Razuel Akaharnath",linux,dos,0 -34357,platforms/php/webapps/34357.txt,"ScriptsEz Ez FAQ Maker 1.0 - Cross-Site Scripting / Cross-Site Request Forgery",2009-12-15,"Milos Zivanovic ",php,webapps,0 +34357,platforms/php/webapps/34357.txt,"ScriptsEz Ez FAQ Maker 1.0 - Cross-site Scripting / Cross-site Request Forgery",2009-12-15,"Milos Zivanovic ",php,webapps,0 34358,platforms/linux/remote/34358.txt,"Mozilla Firefox and SeaMonkey Plugin Parameters - Buffer Overflow",2010-07-20,J23,linux,remote,0 -34359,platforms/windows/dos/34359.html,"Microsoft Outlook Web Access for Exchange Server 2003 - Cross-Site Request Forgery",2010-07-20,anonymous,windows,dos,0 +34359,platforms/windows/dos/34359.html,"Microsoft Outlook Web Access for Exchange Server 2003 - Cross-site Request Forgery",2010-07-20,anonymous,windows,dos,0 34360,platforms/multiple/dos/34360.txt,"Monolith Lithtech Game Engine - Memory Corruption",2010-07-21,"Luigi Auriemma",multiple,dos,0 34361,platforms/hardware/webapps/34361.txt,"Tenda A5s Router 3.02.05_CN - Authentication Bypass",2014-08-18,zixian,hardware,webapps,80 34364,platforms/linux/dos/34364.html,"Qt 4.6.3 - 'QTextEngine::LayoutData::reallocate()' Memory Corruption",2010-07-13,D4rk357,linux,dos,0 -34365,platforms/php/webapps/34365.txt,"Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-22,"High-Tech Bridge SA",php,webapps,0 -34366,platforms/php/webapps/34366.txt,"Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-Site Scripting",2009-11-02,"Vladimir Vorontsov",php,webapps,0 -34367,platforms/php/webapps/34367.txt,"Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-28,"Andrew Paterson",php,webapps,0 +34365,platforms/php/webapps/34365.txt,"Claus Muus Spitfire 1.0.336 - Multiple Cross-site Scripting Vulnerabilities",2010-07-22,"High-Tech Bridge SA",php,webapps,0 +34366,platforms/php/webapps/34366.txt,"Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-site Scripting",2009-11-02,"Vladimir Vorontsov",php,webapps,0 +34367,platforms/php/webapps/34367.txt,"Piwigo 2.0 - 'comments.php' Multiple Cross-site Scripting Vulnerabilities",2009-10-28,"Andrew Paterson",php,webapps,0 34368,platforms/windows/dos/34368.c,"Mthree Development MP3 to WAV Decoder - (.mp3) Remote Buffer Overflow",2009-10-31,4m!n,windows,dos,0 34369,platforms/multiple/remote/34369.txt,"IBM Java - UTF8 Byte Sequences Security Bypass",2010-07-23,IBM,multiple,remote,0 -34370,platforms/jsp/webapps/34370.txt,"SAP Netweaver 6.4/7.0 - 'wsnavigator' Cross-Site Scripting",2010-07-23,"Alexandr Polyakov",jsp,webapps,0 -34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities",2009-11-01,"Davide Canali",multiple,remote,0 -34373,platforms/php/webapps/34373.txt,"MC Content Manager 10.1 - SQL Injection / Cross-Site Scripting",2010-07-25,MustLive,php,webapps,0 +34370,platforms/jsp/webapps/34370.txt,"SAP Netweaver 6.4/7.0 - 'wsnavigator' Cross-site Scripting",2010-07-23,"Alexandr Polyakov",jsp,webapps,0 +34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-site Scripting / HTML Injection Vulnerabilities",2009-11-01,"Davide Canali",multiple,remote,0 +34373,platforms/php/webapps/34373.txt,"MC Content Manager 10.1 - SQL Injection / Cross-site Scripting",2010-07-25,MustLive,php,webapps,0 34374,platforms/php/webapps/34374.txt,"Joomla! FreiChat Component 1.0/2.x - Unspecified HTML Injection",2010-07-26,nag_sunny,php,webapps,0 34375,platforms/linux/dos/34375.txt,"sSMTP 2.62 - 'standardize()' Buffer Overflow",2010-07-26,"Brendan Boerner",linux,dos,0 -34376,platforms/asp/webapps/34376.txt,"e-Courier CMS - 'UserGUID' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,BugsNotHugs,asp,webapps,0 +34376,platforms/asp/webapps/34376.txt,"e-Courier CMS - 'UserGUID' Parameter Multiple Cross-site Scripting Vulnerabilities",2009-10-06,BugsNotHugs,asp,webapps,0 34377,platforms/php/webapps/34377.txt,"Portili Personal and Team Wiki 1.14 - Multiple Security Vulnerabilities",2010-10-04,Abysssec,php,webapps,0 -34378,platforms/php/webapps/34378.txt,"Clixint Technologies DPI - Cross-Site Scripting",2009-12-04,anonymous,php,webapps,0 +34378,platforms/php/webapps/34378.txt,"Clixint Technologies DPI - Cross-site Scripting",2009-12-04,anonymous,php,webapps,0 34379,platforms/php/webapps/34379.html,"SyndeoCMS 2.9 - Multiple HTML Injection Vulnerabilities",2010-07-26,"High-Tech Bridge SA",php,webapps,0 -34380,platforms/asp/webapps/34380.txt,"Active Business Directory 2 - 'searchadvance.asp' Cross-Site Scripting",2009-12-22,"Andrea Bocchetti",asp,webapps,0 +34380,platforms/asp/webapps/34380.txt,"Active Business Directory 2 - 'searchadvance.asp' Cross-site Scripting",2009-12-22,"Andrea Bocchetti",asp,webapps,0 34381,platforms/php/webapps/34381.txt,"MyBB 1.8 Beta 3 - Multiple Vulnerabilities",2014-08-21,"DemoLisH B3yaZ",php,webapps,0 34466,platforms/php/webapps/34466.txt,"CMS Source - Multiple Input Validation Vulnerabilities",2010-08-13,"High-Tech Bridge SA",php,webapps,0 34465,platforms/hardware/remote/34465.txt,"F5 Big-IP - Unauthenticated rsync Access",2014-08-29,Security-Assessment.com,hardware,remote,22 34383,platforms/php/webapps/34383.txt,"Social Media - 'index.php' Local File Inclusion",2010-07-27,"Harri Johansson",php,webapps,0 -34384,platforms/jsp/webapps/34384.txt,"Jira 4.0.1 - Cross-Site Scripting / Information Disclosure",2010-07-28,MaXe,jsp,webapps,0 +34384,platforms/jsp/webapps/34384.txt,"Jira 4.0.1 - Cross-site Scripting / Information Disclosure",2010-07-28,MaXe,jsp,webapps,0 34385,platforms/linux/remote/34385.txt,"KVIrc 4.0 - '\r' Carriage Return in DCC Handshake Remote Command Execution",2010-07-28,unic0rn,linux,remote,0 -34386,platforms/php/webapps/34386.txt,"Cetera eCommerce - Multiple SQL Injection",2010-07-28,MustLive,php,webapps,0 -34387,platforms/php/webapps/34387.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2010-07-28,MustLive,php,webapps,0 -34388,platforms/php/webapps/34388.txt,"SPIP 2.1 - 'var_login' Parameter Cross-Site Scripting",2010-07-28,dotsafe.fr,php,webapps,0 -34389,platforms/php/webapps/34389.txt,"Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection",2010-07-27,Matt,php,webapps,0 +34386,platforms/php/webapps/34386.txt,"Cetera eCommerce - Multiple SQL Injections",2010-07-28,MustLive,php,webapps,0 +34387,platforms/php/webapps/34387.txt,"Cetera eCommerce - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2010-07-28,MustLive,php,webapps,0 +34388,platforms/php/webapps/34388.txt,"SPIP 2.1 - 'var_login' Parameter Cross-site Scripting",2010-07-28,dotsafe.fr,php,webapps,0 +34389,platforms/php/webapps/34389.txt,"Impact Software Ad Peeps - Cross-site Scripting / HTML Injection",2010-07-27,Matt,php,webapps,0 34390,platforms/php/remote/34390.rb,"HybridAuth - install.php PHP Code Execution",2014-08-21,Metasploit,php,remote,80 -34391,platforms/php/webapps/34391.txt,"Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities",2010-07-30,"High-Tech Bridge SA",php,webapps,0 -34392,platforms/php/webapps/34392.txt,"MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-02,"Juan Manuel Garcia",php,webapps,0 +34391,platforms/php/webapps/34391.txt,"Sourcefabric Campsite - Multiple Cross-site Scripting Vulnerabilities",2010-07-30,"High-Tech Bridge SA",php,webapps,0 +34392,platforms/php/webapps/34392.txt,"MyIT CRM - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2010-08-02,"Juan Manuel Garcia",php,webapps,0 34393,platforms/php/webapps/34393.txt,"Joomla! 'com_jigsaw' Component - 'controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0 34394,platforms/hardware/dos/34394.pl,"D-Link WBR-2310 1.0.4 - Web Server HTTP GET Request Remote Buffer Overflow",2010-08-03,"Rodrigo Escobar",hardware,dos,0 34395,platforms/windows/dos/34395.pl,"PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial Of Service",2010-08-03,"Rodrigo Escobar",windows,dos,0 -34396,platforms/php/webapps/34396.txt,"FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-03,"Juan Manuel Garcia",php,webapps,0 -34397,platforms/asp/webapps/34397.txt,"Activedition - 'activedition/aelogin.asp' Multiple Cross-Site Scripting Vulnerabilities",2009-09-25,"Richard Brain",asp,webapps,0 +34396,platforms/php/webapps/34396.txt,"FuseTalk 3.2/4.0 - Multiple Cross-site Scripting Vulnerabilities",2010-07-03,"Juan Manuel Garcia",php,webapps,0 +34397,platforms/asp/webapps/34397.txt,"Activedition - 'activedition/aelogin.asp' Multiple Cross-site Scripting Vulnerabilities",2009-09-25,"Richard Brain",asp,webapps,0 34497,platforms/php/webapps/34497.txt,"ViArt Helpdesk - reviews.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34498,platforms/php/webapps/34498.txt,"ViArt Helpdesk - forum.php forum_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34399,platforms/ios/remote/34399.txt,"Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities",2014-08-24,"Samandeep Singh",ios,remote,0 -34400,platforms/php/webapps/34400.txt,"RaidenTunes - 'music_out.php' Cross-Site Scripting",2014-08-03,LiquidWorm,php,webapps,0 +34400,platforms/php/webapps/34400.txt,"RaidenTunes - 'music_out.php' Cross-site Scripting",2014-08-03,LiquidWorm,php,webapps,0 34401,platforms/php/webapps/34401.txt,"PHP168 Template Editor - 'filename' Parameter Directory Traversal",2009-10-04,esnra,php,webapps,0 -34402,platforms/php/webapps/34402.txt,"OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting",2009-10-08,kl3ryk,php,webapps,0 +34402,platforms/php/webapps/34402.txt,"OpenSolution Quick.Cart - Local File Inclusion / Cross-site Scripting",2009-10-08,kl3ryk,php,webapps,0 34403,platforms/windows/dos/34403.pl,"Quick 'n Easy FTP Server 3.9.1 - USER Command Remote Buffer Overflow",2010-07-22,demonalex,windows,dos,0 34404,platforms/windows/dos/34404.pl,"K-Meleon 1.x - URI Handling Multiple Denial of Service Vulnerabilities",2010-08-04,Lostmon,windows,dos,0 -34405,platforms/php/webapps/34405.txt,"PHP Stock Management System 1.02 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-08-25,"Ragha Deepthi K R",php,webapps,0 -34408,platforms/multiple/webapps/34408.txt,"Innovaphone PBX Admin-GUI - CSRF",2014-08-25,"Rainer Giedat",multiple,webapps,80 +34405,platforms/php/webapps/34405.txt,"PHP Stock Management System 1.02 - Multiple Persistent Cross-site Scripting Vulnerabilities",2014-08-25,"Ragha Deepthi K R",php,webapps,0 +34408,platforms/multiple/webapps/34408.txt,"Innovaphone PBX Admin-GUI - Cross-site Request Forgery",2014-08-25,"Rainer Giedat",multiple,webapps,80 34409,platforms/multiple/webapps/34409.rb,"ManageEngine Password Manager - MetadataServlet.dat SQL Injection (Metasploit)",2014-08-25,"Pedro Ribeiro",multiple,webapps,8020 34410,platforms/php/webapps/34410.txt,"PHPFinance 0.6 - 'group.php' SQL Injection / HTML Injection",2010-08-05,skskilL,php,webapps,0 -34411,platforms/asp/webapps/34411.txt,"DT Centrepiece 4.5 - Cross-Site Scripting / Security Bypass",2010-08-05,"High-Tech Bridge SA",asp,webapps,0 +34411,platforms/asp/webapps/34411.txt,"DT Centrepiece 4.5 - Cross-site Scripting / Security Bypass",2010-08-05,"High-Tech Bridge SA",asp,webapps,0 34412,platforms/php/webapps/34412.txt,"Hulihan Applications BXR 0.6.8 - SQL Injection / HTML Injection",2010-08-05,"High-Tech Bridge SA",php,webapps,0 34413,platforms/php/webapps/34413.txt,"DiamondList - /user/main/update_settings setting[site_title] Parameter XSS",2010-08-05,"High-Tech Bridge SA",php,webapps,0 34414,platforms/php/webapps/34414.txt,"DiamondList - /user/main/update_category category[description] Parameter XSS",2010-08-05,"High-Tech Bridge SA",php,webapps,0 34415,platforms/php/webapps/34415.txt,"Hulihan Applications Amethyst 0.1.5 - Multiple HTML Injection Vulnerabilities",2010-08-05,"High-Tech Bridge SA",php,webapps,0 34416,platforms/php/webapps/34416.txt,"Muraus Open Blog - Multiple HTML Injection Vulnerabilities",2010-08-05,"High-Tech Bridge SA",php,webapps,0 -34417,platforms/php/webapps/34417.txt,"Prado Portal 1.2 - 'page' Parameter Cross-Site Scripting",2010-08-06,"High-Tech Bridge SA",php,webapps,0 -34418,platforms/php/webapps/34418.txt,"Dataface 1.0 - 'admin.php' Cross-Site Scripting",2010-08-06,MustLive,php,webapps,0 +34417,platforms/php/webapps/34417.txt,"Prado Portal 1.2 - 'page' Parameter Cross-site Scripting",2010-08-06,"High-Tech Bridge SA",php,webapps,0 +34418,platforms/php/webapps/34418.txt,"Dataface 1.0 - 'admin.php' Cross-site Scripting",2010-08-06,MustLive,php,webapps,0 34419,platforms/multiple/webapps/34419.txt,"ntopng 1.2.0 - XSS Injection",2014-08-26,"Steffen Bauch",multiple,webapps,0 34420,platforms/cgi/webapps/34420.txt,"VTLS Virtua InfoStation.cgi - SQL Injection",2014-08-26,"José Tozo",cgi,webapps,80 34421,platforms/linux/local/34421.c,"glibc - Off-by-One NUL Byte gconv_translit_find Exploit",2014-08-27,"taviso and scarybeasts",linux,local,0 -34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 - (search.php cat param) SQL Injection",2014-09-03,D35m0nd142,php,webapps,80 +34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 - (search.php cat parameter) SQL Injection",2014-09-03,D35m0nd142,php,webapps,80 34426,platforms/linux/remote/34426.txt,"uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection",2010-08-05,Chuzz,linux,remote,0 34427,platforms/linux/dos/34427.txt,"OpenSSL - 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption",2010-08-07,"Georgi Guninski",linux,dos,0 34424,platforms/php/webapps/34424.txt,"WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities",2014-08-27,"Mike Manzotti",php,webapps,0 -34428,platforms/windows/dos/34428.py,"Quintessential Media Player 5.0.121 - (.m3u) Buffer Overflow",2010-08-09,"Abhishek Lyall",windows,dos,0 -34429,platforms/asp/webapps/34429.txt,"Allinta CMS 22.07.2010 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2010-08-09,"High-Tech Bridge SA",asp,webapps,0 +34428,platforms/windows/dos/34428.py,"Quintessential Media Player 5.0.121 - '.m3u' Buffer Overflow",2010-08-09,"Abhishek Lyall",windows,dos,0 +34429,platforms/asp/webapps/34429.txt,"Allinta CMS 22.07.2010 - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2010-08-09,"High-Tech Bridge SA",asp,webapps,0 34430,platforms/php/webapps/34430.txt,"Preation Eden Platform 27.7.2010 - Multiple HTML Injection Vulnerabilities",2010-08-09,"High-Tech Bridge SA",php,webapps,0 -34431,platforms/linux/remote/34431.html,"Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-07,"Adam Baldwin",linux,remote,0 -34432,platforms/php/webapps/34432.txt,"Wowd - 'index.html' Multiple Cross-Site Scripting Vulnerabilities",2009-10-29,Lostmon,php,webapps,0 -34433,platforms/php/webapps/34433.txt,"Simple Directory Listing 2.1 - 'SDL2.php' Cross-Site Scripting",2010-10-22,"Amol Naik",php,webapps,0 -34456,platforms/php/webapps/34456.txt,"JBoard - Multiple Cross-Site Scripting / SQL Injection",2009-08-31,Inj3ct0r,php,webapps,0 +34431,platforms/linux/remote/34431.html,"Nagios XI - Multiple Cross-site Request Forgery Vulnerabilities",2010-08-07,"Adam Baldwin",linux,remote,0 +34432,platforms/php/webapps/34432.txt,"Wowd - 'index.html' Multiple Cross-site Scripting Vulnerabilities",2009-10-29,Lostmon,php,webapps,0 +34433,platforms/php/webapps/34433.txt,"Simple Directory Listing 2.1 - 'SDL2.php' Cross-site Scripting",2010-10-22,"Amol Naik",php,webapps,0 +34456,platforms/php/webapps/34456.txt,"JBoard - Multiple Cross-site Scripting / SQL Injection",2009-08-31,Inj3ct0r,php,webapps,0 34436,platforms/php/webapps/34436.txt,"WordPress ShortCode Plugin 0.2.3 - Local File Inclusion",2014-08-28,"Mehdi Karout and Christian Galeone",php,webapps,0 34437,platforms/windows/remote/34437.txt,"Portable Document Format - Specification Signature Collision",2010-08-11,"Florian Zumbiehl",windows,remote,0 34438,platforms/php/webapps/34438.txt,"MybbCentral TagCloud 2.0 - 'Topic' Field HTML Injection",2010-08-11,3ethicalhackers.com,php,webapps,0 @@ -31023,8 +31023,8 @@ id,file,description,date,author,platform,type,port 34440,platforms/jsp/webapps/34440.txt,"Computer Associates Oneview Monitor 6.0 - 'doSave.jsp' Remote Code Execution",2010-08-12,"Giorgio Fedon",jsp,webapps,0 34441,platforms/php/webapps/34441.txt,"JForum 2.08 - BBCode Color Tag HTML Injection",2010-05-13,"Giorgio Fedon",php,webapps,0 34442,platforms/windows/dos/34442.html,"Kylinsoft InstantGet 2.08 - ActiveX Control 'ShowBar' Method Buffer Overflow",2009-09-19,the_Edit0r,windows,dos,0 -34443,platforms/php/webapps/34443.txt,"PaoLink 1.0 - 'scrivi.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 -34444,platforms/php/webapps/34444.txt,"RSSMediaScript - 'index.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 +34443,platforms/php/webapps/34443.txt,"PaoLink 1.0 - 'scrivi.php' Cross-site Scripting",2009-09-16,Moudi,php,webapps,0 +34444,platforms/php/webapps/34444.txt,"RSSMediaScript - 'index.php' Cross-site Scripting",2009-09-16,Moudi,php,webapps,0 34445,platforms/php/webapps/34445.txt,"LiveStreet 0.2 - Comment Topic Header XSS",2009-08-31,Inj3ct0r,php,webapps,0 34446,platforms/php/webapps/34446.txt,"LiveStreet 0.2 - include/ajax/blogInfo.php asd Parameter XSS",2009-08-31,Inj3ct0r,php,webapps,0 34447,platforms/php/webapps/34447.py,"Plogger 1.0-RC1 - Authenticated Arbitrary File Upload",2014-08-28,b0z,php,webapps,80 @@ -31033,7 +31033,7 @@ id,file,description,date,author,platform,type,port 34450,platforms/php/webapps/34450.py,"ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 34451,platforms/php/webapps/34451.py,"PhpWiki - Remote Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 34452,platforms/php/webapps/34452.py,"XRms - Blind SQL Injection / Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 -34453,platforms/php/webapps/34453.txt,"PaoBacheca 2.1 - index.php URI XSS",2009-09-16,Moudi,php,webapps,0 +34453,platforms/php/webapps/34453.txt,"PaoBacheca 2.1 - 'index.php' URI XSS",2009-09-16,Moudi,php,webapps,0 34454,platforms/php/webapps/34454.txt,"PaoBacheca 2.1 - scrivi.php URI XSS",2009-09-16,Moudi,php,webapps,0 34455,platforms/php/webapps/34455.txt,"Rock Band CMS 0.10 - 'news.php' Multiple SQL Injection",2010-08-12,Affix,php,webapps,0 34457,platforms/multiple/dos/34457.txt,"Sniper Elite 1.0 - NULL Pointer Dereference Denial Of Service",2009-08-14,"Luigi Auriemma",multiple,dos,0 @@ -31044,49 +31044,49 @@ id,file,description,date,author,platform,type,port 34462,platforms/windows/remote/34462.txt,"Microsoft Windows Kerberos - 'Pass The Ticket' Replay Security Bypass",2010-08-13,"Emmanuel Bouillon",windows,remote,0 34463,platforms/windows/dos/34463.py,"HTML Help Workshop 1.4 - (SEH) Buffer Overflow",2014-08-29,"Moroccan Kingdom (MKD)",windows,dos,0 34464,platforms/php/webapps/34464.txt,"SyntaxCMS - 'rows_per_page' Parameter SQL Injection",2010-08-10,"High-Tech Bridge SA",php,webapps,0 -34467,platforms/php/webapps/34467.txt,"Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting",2010-08-13,"High-Tech Bridge SA",php,webapps,0 -34468,platforms/php/webapps/34468.html,"Mystic 0.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 -34469,platforms/php/webapps/34469.html,"Onyx - Multiple Cross-Site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 +34467,platforms/php/webapps/34467.txt,"Edit-X PHP CMS - 'search_text' Parameter Cross-site Scripting",2010-08-13,"High-Tech Bridge SA",php,webapps,0 +34468,platforms/php/webapps/34468.html,"Mystic 0.1.4 - Multiple Cross-site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 +34469,platforms/php/webapps/34469.html,"Onyx - Multiple Cross-site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 34470,platforms/php/webapps/34470.txt,"Beex - news.php navaction Parameter XSS",2009-09-01,Moudi,php,webapps,0 34471,platforms/php/webapps/34471.txt,"Beex - partneralle.php navaction Parameter XSS",2009-09-01,Moudi,php,webapps,0 -34472,platforms/php/webapps/34472.txt,"PHPMass Real Estate - 'view_map.php' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 +34472,platforms/php/webapps/34472.txt,"PHPMass Real Estate - 'view_map.php' Cross-site Scripting",2009-09-01,Moudi,php,webapps,0 34473,platforms/php/webapps/34473.txt,"Property Watch - email.php videoid Parameter XSS",2009-09-01,Moudi,php,webapps,0 34474,platforms/php/webapps/34474.txt,"Property Watch - login.php redirect Parameter XSS",2009-09-01,Moudi,php,webapps,0 34475,platforms/php/webapps/34475.txt,"Joomla! 'com_weblinks' Component - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0 -34476,platforms/php/webapps/34476.txt,"Zomplog 3.9 - 'message' Parameter Multiple Cross-Site Scripting Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0 +34476,platforms/php/webapps/34476.txt,"Zomplog 3.9 - 'message' Parameter Multiple Cross-site Scripting Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0 34477,platforms/php/webapps/34477.txt,"Joomla! 'com_fireboard' Component - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0 34478,platforms/windows/remote/34478.html,"Microsoft Internet Explorer 8 - 'toStaticHTML()' HTML Sanitization Bypass Weakness",2010-08-16,"Mario Heiderich",windows,remote,0 -34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0 +34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-site Scripting / Cross-site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0 34480,platforms/windows/dos/34480.py,"Xilisoft Video Converter 3.1.8.0720b - (.ogg) Buffer Overflow",2010-08-16,"Praveen Darshanam",windows,dos,0 34481,platforms/php/webapps/34481.txt,"123 Flash Chat - Multiple Security Vulnerabilities",2010-08-16,Lincoln,php,webapps,0 -34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 -34483,platforms/php/webapps/34483.txt,"Nasim Guest Book - 'page' Parameter Cross-Site Scripting",2010-08-10,Moudi,php,webapps,0 -34484,platforms/php/webapps/34484.txt,"Joomla! 'com_dirfrm' Component - Multiple SQL Injection",2010-08-18,Hieuneo,php,webapps,0 -34485,platforms/php/webapps/34485.txt,"FreeSchool - 'key_words' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 +34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-site Scripting",2009-08-10,Moudi,php,webapps,0 +34483,platforms/php/webapps/34483.txt,"Nasim Guest Book - 'page' Parameter Cross-site Scripting",2010-08-10,Moudi,php,webapps,0 +34484,platforms/php/webapps/34484.txt,"Joomla! 'com_dirfrm' Component - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0 +34485,platforms/php/webapps/34485.txt,"FreeSchool - 'key_words' Parameter Cross-site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 34486,platforms/php/webapps/34486.txt,"PHPCMS2008 - 'download.php' Information Disclosure",2009-10-19,Securitylab.ir,php,webapps,0 34487,platforms/php/webapps/34487.txt,"Facil Helpdesk - kbase/kbase.php URI XSS",2009-08-07,Moudi,php,webapps,0 34489,platforms/windows/local/34489.py,"HTML Help Workshop 1.4 - Local Buffer Overflow Exploit (SEH)",2014-08-31,mr.pr0n,windows,local,0 -34492,platforms/asp/webapps/34492.txt,"Online Work Order Suite Lite Edition - Multiple Cross-Site Scripting Vulnerabilities",2009-08-10,Moudi,asp,webapps,0 +34492,platforms/asp/webapps/34492.txt,"Online Work Order Suite Lite Edition - Multiple Cross-site Scripting Vulnerabilities",2009-08-10,Moudi,asp,webapps,0 34493,platforms/php/webapps/34493.txt,"PPScript - 'shop.htm' SQL Injection",2009-08-03,MizoZ,php,webapps,0 34494,platforms/php/webapps/34494.txt,"ViArt Helpdesk - products.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34495,platforms/php/webapps/34495.txt,"ViArt Helpdesk - article.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34496,platforms/php/webapps/34496.txt,"ViArt Helpdesk - product_details.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34500,platforms/multiple/remote/34500.html,"Flock Browser 3.0.0 - Malformed Bookmark HTML Injection",2010-08-19,Lostmon,multiple,remote,0 -34501,platforms/php/webapps/34501.txt,"Hitron Soft Answer Me - 'answers.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 +34501,platforms/php/webapps/34501.txt,"Hitron Soft Answer Me - 'answers.php' Cross-site Scripting",2009-08-10,Moudi,php,webapps,0 34502,platforms/windows/dos/34502.py,"Serveez 0.1.7 - 'If-Modified-Since' Header Stack Buffer Overflow",2009-08-09,"lvac lvac",windows,dos,0 34503,platforms/php/webapps/34503.txt,"Syntax Highlighter 3.0.83 - 'index.html' HTML Injection",2010-08-19,indoushka,php,webapps,0 34504,platforms/php/webapps/34504.txt,"Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter XSS",2010-08-19,"Marc Schoenefeld",php,webapps,0 34505,platforms/php/dos/34505.txt,"MySQL 5.1.48 - 'TEMPORARY InnoDB' Tables Denial Of Service",2010-08-19,"Boris Reisig",php,dos,0 34506,platforms/linux/dos/34506.txt,"MySQL 5.1.48 - 'EXPLAIN' Denial Of Service",2010-08-20,"Bjorn Munch",linux,dos,0 -34507,platforms/linux/remote/34507.txt,"Nagios XI - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-19,"Adam Baldwin",linux,remote,0 +34507,platforms/linux/remote/34507.txt,"Nagios XI - 'login.php' Multiple Cross-site Scripting Vulnerabilities",2010-08-19,"Adam Baldwin",linux,remote,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 34510,platforms/linux/dos/34510.txt,"OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 -34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - (admin-ajax.php img param) Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 +34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - (admin-ajax.php img parameter) Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 -34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Stored XSS",2014-09-01,"Prakhar Prasad",multiple,webapps,0 +34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Persistent Cross-site Scripting",2014-09-01,"Prakhar Prasad",multiple,webapps,0 34514,platforms/php/webapps/34514.txt,"WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 34517,platforms/windows/remote/34517.rb,"Wing FTP Server - Authenticated Command Execution",2014-09-01,Metasploit,windows,remote,5466 -34518,platforms/jsp/webapps/34518.txt,"ManageEngine Desktop Central - Arbitrary File Upload / RCE",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 +34518,platforms/jsp/webapps/34518.txt,"ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 35592,platforms/windows/dos/35592.py,"jetAudio 8.1.3 Basic (mp3) - Crash PoC",2014-12-23,"Drozdova Liudmila",windows,dos,0 34520,platforms/linux/dos/34520.txt,"Oracle MySQL 5.1.48 - 'HANDLER' interface Denial Of Service",2010-08-20,"Matthias Leich",linux,dos,0 @@ -31094,19 +31094,19 @@ id,file,description,date,author,platform,type,port 34522,platforms/linux/dos/34522.txt,"Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service",2010-07-09,"Elena Stepanova",linux,dos,0 34523,platforms/multiple/remote/34523.txt,"Nagios XI - 'users.php' SQL Injection",2010-08-24,"Adam Baldwin",multiple,remote,0 34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 Plugin - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 -34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Stored XSS (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 +34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Persistent Cross-site Scripting (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker 3.4 - SQLInjection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution",2010-08-25,storm,windows,remote,0 34684,platforms/php/webapps/34684.pl,"Joomla Spain Component - 'nv' Parameter SQL Injection",2010-09-20,FL0RiX,php,webapps,0 34530,platforms/windows/dos/34530.py,"Crystal Player 1.98 - (.mls) Buffer Overflow",2010-08-20,"Praveen Darshanam",windows,dos,0 -34531,platforms/php/webapps/34531.txt,"BlastChat Client 3.3 - Cross-Site Scripting",2010-08-25,"Aung Khant",php,webapps,0 -34533,platforms/php/webapps/34533.txt,"Auto CMS 1.6 - 'autocms.php' Cross-Site Scripting",2010-08-23,"High-Tech Bridge SA",php,webapps,0 +34531,platforms/php/webapps/34531.txt,"BlastChat Client 3.3 - Cross-site Scripting",2010-08-25,"Aung Khant",php,webapps,0 +34533,platforms/php/webapps/34533.txt,"Auto CMS 1.6 - 'autocms.php' Cross-site Scripting",2010-08-23,"High-Tech Bridge SA",php,webapps,0 34534,platforms/php/webapps/34534.txt,"TCMS - Multiple Input Validation Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34535,platforms/php/webapps/34535.txt,"Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 -34536,platforms/php/webapps/34536.txt,"CompuCMS - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 +34536,platforms/php/webapps/34536.txt,"CompuCMS - Multiple SQL Injections / Cross-site Scripting Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34537,platforms/linux/local/34537.txt,"EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses",2010-08-26,"Micha Riser",linux,local,0 34538,platforms/php/webapps/34538.txt,"WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access",2014-09-05,Hannaichi,php,webapps,80 -34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Stored XSS",2014-09-05,"Fikri Fadzil",php,webapps,80 +34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Persistent Cross-site Scripting",2014-09-05,"Fikri Fadzil",php,webapps,80 34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit (Python)",2014-09-05,"Robert Kugler",windows,dos,0 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus - Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0 34542,platforms/windows/remote/34542.c,"UltraVNC 1.0.8.2 - DLL Loading Arbitrary Code Execution",2010-08-30,"Ivan Markovic",windows,remote,0 @@ -31121,22 +31121,22 @@ id,file,description,date,author,platform,type,port 34551,platforms/php/webapps/34551.txt,"IP Board 3.x - CSRF Token hjiacking",2014-09-07,"Piotr S.",php,webapps,0 34552,platforms/php/webapps/34552.txt,"LoadedCommerce7 - Systemic Query Factory",2014-09-07,Breaking.Technology,php,webapps,0 34553,platforms/php/webapps/34553.txt,"WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection",2014-09-07,Att4ck3r.ir,php,webapps,0 -34555,platforms/php/webapps/34555.txt,"PhpOnlineChat 3.0 - XSS",2014-09-07,"N0 Feel",php,webapps,0 +34555,platforms/php/webapps/34555.txt,"PhpOnlineChat 3.0 - Cross-site Scripting",2014-09-07,"N0 Feel",php,webapps,0 34604,platforms/php/webapps/34604.php,"BlueCMS 1.6 - 'X-Forwarded-For' Header SQL Injection",2010-09-06,cnryan,php,webapps,0 34558,platforms/php/webapps/34558.txt,"Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 34559,platforms/php/webapps/34559.txt,"Rumba XML 2.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 -34560,platforms/php/webapps/34560.html,"ArtGK CMS - Cross-Site Scripting / HTML Injection",2010-09-01,"High-Tech Bridge SA",php,webapps,0 +34560,platforms/php/webapps/34560.html,"ArtGK CMS - Cross-site Scripting / HTML Injection",2010-09-01,"High-Tech Bridge SA",php,webapps,0 34561,platforms/php/webapps/34561.txt,"KingCMS 0.6 - 'CONFIG[AdminPath]' Parameter Remote File Inclusion",2009-09-07,Securitylab.ir,php,webapps,0 -34562,platforms/php/webapps/34562.txt,"AdaptBB 1.0 - 'q' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 -34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 +34562,platforms/php/webapps/34562.txt,"AdaptBB 1.0 - 'q' Parameter Cross-site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 +34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro - 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 -34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme - (view-pdf.php file param) Arbitrary File Download",2014-09-08,alieye,php,webapps,80 +34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 +34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme - (view-pdf.php file parameter) Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 -34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF",2014-09-08,"Fikri Fadzil",php,webapps,0 +34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - Cross-site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 34580,platforms/php/webapps/34580.txt,"phpMyFAQ 2.8.X - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 -34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.X - Persistent Cross-Site Scripting",2014-09-08,smash,php,webapps,80 +34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.X - Persistent Cross-site Scripting",2014-09-08,smash,php,webapps,80 34924,platforms/windows/webapps/34924.txt,"BMC Track-It! - Multiple Vulnerabilities",2014-10-09,"Pedro Ribeiro",windows,webapps,0 34582,platforms/php/webapps/34582.txt,"osCommerce 2.3.4 - Multiple vulnerabilities",2014-09-08,smash,php,webapps,80 34583,platforms/hardware/webapps/34583.txt,"TP-LINK Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities",2014-09-08,smash,hardware,webapps,80 @@ -31150,64 +31150,64 @@ id,file,description,date,author,platform,type,port 34593,platforms/php/webapps/34593.txt,"Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities",2014-09-09,alieye,php,webapps,0 34595,platforms/linux/remote/34595.py,"ALCASAR 2.8 - Remote Root Code Execution",2014-09-09,eF,linux,remote,80 34603,platforms/windows/dos/34603.py,"Adobe Acrobat and Reader 9.3.4 - 'acroform_PlugInMain' Memory Corruption",2010-09-06,ITSecTeam,windows,dos,0 -34596,platforms/php/webapps/34596.txt,"Pligg CMS 1.0.4 - SQL Injection / Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34597,platforms/php/webapps/34597.txt,"Datetopia Buy Dating Site - Cross-Site Scripting",2010-09-10,Moudi,php,webapps,0 +34596,platforms/php/webapps/34596.txt,"Pligg CMS 1.0.4 - SQL Injection / Cross-site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 +34597,platforms/php/webapps/34597.txt,"Datetopia Buy Dating Site - Cross-site Scripting",2010-09-10,Moudi,php,webapps,0 34598,platforms/php/webapps/34598.txt,"SZNews 2.7 - 'printnews.php3' Remote File Inclusion",2009-09-11,"kurdish hackers team",php,webapps,0 34599,platforms/php/webapps/34599.txt,"tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 34600,platforms/php/webapps/34600.txt,"Match Agency BiZ - edit_profile.php important Parameter XSS",2009-09-11,Moudi,php,webapps,0 34601,platforms/php/webapps/34601.txt,"Match Agency BiZ - report.php pid Parameter XSS",2009-09-11,Moudi,php,webapps,0 34602,platforms/windows/dos/34602.html,"Microsoft Internet Explorer 7/8 - CSS Handling Cross Domain Information Disclosure",2010-09-06,"Chris Evans",windows,dos,0 -34605,platforms/php/webapps/34605.txt,"Horde Application Framework 3.3.8 - 'icon_browser.php' Cross-Site Scripting",2010-09-06,"Moritz Naumann",php,webapps,0 -34606,platforms/php/webapps/34606.txt,"Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting",2009-09-02,Moudi,php,webapps,0 +34605,platforms/php/webapps/34605.txt,"Horde Application Framework 3.3.8 - 'icon_browser.php' Cross-site Scripting",2010-09-06,"Moritz Naumann",php,webapps,0 +34606,platforms/php/webapps/34606.txt,"Webformatique Reservation Manager 2.4 - 'index.php' Cross-site Scripting",2009-09-02,Moudi,php,webapps,0 34607,platforms/php/webapps/34607.txt,"TBDev 2.0 - Remote File Inclusion and SQL Injection",2010-09-02,Inj3ct0r,php,webapps,0 34608,platforms/php/webapps/34608.txt,"HeffnerCMS 1.22 - 'index.php' Local File Inclusion",2010-09-06,"MiND C0re",php,webapps,0 -34609,platforms/php/webapps/34609.txt,"MySource Matrix - 'char_map.php' Multiple Cross-Site Scripting Vulnerabilities",2010-09-06,"Gjoko Krstic",php,webapps,0 +34609,platforms/php/webapps/34609.txt,"MySource Matrix - 'char_map.php' Multiple Cross-site Scripting Vulnerabilities",2010-09-06,"Gjoko Krstic",php,webapps,0 34610,platforms/php/webapps/34610.txt,"zenphoto 1.3 - zp-core/full-image.php a Parameter SQL Injection",2010-09-07,"Bogdan Calin",php,webapps,0 34611,platforms/php/webapps/34611.txt,"Zenphoto 1.3 - zp-core/admin.php Multiple Parameter XSS",2010-09-07,"Bogdan Calin",php,webapps,0 -34805,platforms/php/webapps/34805.txt,"StatsCode - Multiple Cross-Site Scripting Vulnerabilities",2009-07-09,"599eme Man",php,webapps,0 -34806,platforms/php/webapps/34806.txt,"JNM Guestbook 3.0 - 'index.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 -34807,platforms/php/webapps/34807.txt,"JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-Site Scripting",2009-07-08,Moudi,php,webapps,0 +34805,platforms/php/webapps/34805.txt,"StatsCode - Multiple Cross-site Scripting Vulnerabilities",2009-07-09,"599eme Man",php,webapps,0 +34806,platforms/php/webapps/34806.txt,"JNM Guestbook 3.0 - 'index.php' Cross-site Scripting",2009-07-09,Moudi,php,webapps,0 +34807,platforms/php/webapps/34807.txt,"JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-site Scripting",2009-07-08,Moudi,php,webapps,0 34808,platforms/php/webapps/34808.txt,"Rapidsendit Clone Script - 'admin.php' Insecure Cookie Authentication Bypass",2009-07-08,NoGe,php,webapps,0 -34614,platforms/asp/webapps/34614.txt,"SmarterTools SmarterStats 5.3.3819 - 'frmHelp.aspx' Cross-Site Scripting",2010-09-09,"David Hoyt",asp,webapps,0 -34683,platforms/php/webapps/34683.txt,"e-soft24 Article Directory Script - 'q' Parameter Cross-Site Scripting",2009-08-30,"599eme Man",php,webapps,0 -34616,platforms/php/webapps/34616.txt,"Elkagroup Elkapax - 'q' Parameter Cross-Site Scripting",2009-08-13,Isfahan,php,webapps,0 +34614,platforms/asp/webapps/34614.txt,"SmarterTools SmarterStats 5.3.3819 - 'frmHelp.aspx' Cross-site Scripting",2010-09-09,"David Hoyt",asp,webapps,0 +34683,platforms/php/webapps/34683.txt,"e-soft24 Article Directory Script - 'q' Parameter Cross-site Scripting",2009-08-30,"599eme Man",php,webapps,0 +34616,platforms/php/webapps/34616.txt,"Elkagroup Elkapax - 'q' Parameter Cross-site Scripting",2009-08-13,Isfahan,php,webapps,0 34617,platforms/php/webapps/34617.txt,"Waverider Systems Perlshop - Multiple Input Validation Vulnerabilities",2009-08-06,Shadow,php,webapps,0 -34618,platforms/php/webapps/34618.txt,"Omnistar Recruiting - 'resume_register.php' Cross-Site Scripting",2009-09-06,MizoZ,php,webapps,0 +34618,platforms/php/webapps/34618.txt,"Omnistar Recruiting - 'resume_register.php' Cross-site Scripting",2009-09-06,MizoZ,php,webapps,0 34619,platforms/php/webapps/34619.txt,"PaysiteReviewCMS 1.1 - search.php q Parameter XSS",2010-09-14,"Valentin Hoebel",php,webapps,0 34620,platforms/php/webapps/34620.txt,"PaysiteReviewCMS - image.php image Parameter XSS",2010-09-14,"Valentin Hoebel",php,webapps,0 34621,platforms/unix/remote/34621.c,"Mozilla Firefox 3.6.8 - 'Math.random()' Cross Domain Information Disclosure",2010-09-14,"Amit Klein",unix,remote,0 34622,platforms/windows/remote/34622.txt,"Axigen Webmail 1.0.1 - Directory Traversal",2010-09-15,"Bogdan Calin",windows,remote,0 34751,platforms/hardware/webapps/34751.pl,"ZyXEL Prestig P-660HNU-T1 - ISP Credentials Disclosure",2014-09-24,"Sebastián Magof",hardware,webapps,80 -34624,platforms/php/webapps/34624.txt,"OroCRM - Stored XSS",2014-09-11,Provensec,php,webapps,80 -34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 - (index.php contacts_id param)SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 +34624,platforms/php/webapps/34624.txt,"OroCRM - Persistent Cross-site Scripting",2014-09-11,Provensec,php,webapps,80 +34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 - (index.php contacts_id parameter)SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 34626,platforms/ios/webapps/34626.txt,"Photorange 1.0 iOS - File Inclusion",2014-09-11,Vulnerability-Lab,ios,webapps,9900 34627,platforms/ios/webapps/34627.txt,"ChatSecure IM 2.2.4 iOS - Persistent XSS",2014-09-11,Vulnerability-Lab,ios,webapps,0 -34628,platforms/php/webapps/34628.txt,"Santafox 2.0.2 - 'search' Parameter Cross-Site Scripting",2010-09-06,"High-Tech Bridge SA",php,webapps,0 -34629,platforms/php/webapps/34629.txt,"AContent 1.0 - Cross-Site Scripting / HTML Injection",2010-09-15,"High-Tech Bridge SA",php,webapps,0 -34630,platforms/php/webapps/34630.txt,"AChecker 1.0 - 'uri' Parameter Cross-Site Scripting",2010-09-15,"High-Tech Bridge SA",php,webapps,0 -34631,platforms/php/webapps/34631.txt,"ATutor 1.0 - Multiple 'cid' Parameter Cross-Site Scripting Vulnerabilities",2010-09-15,"High-Tech Bridge SA",php,webapps,0 +34628,platforms/php/webapps/34628.txt,"Santafox 2.0.2 - 'search' Parameter Cross-site Scripting",2010-09-06,"High-Tech Bridge SA",php,webapps,0 +34629,platforms/php/webapps/34629.txt,"AContent 1.0 - Cross-site Scripting / HTML Injection",2010-09-15,"High-Tech Bridge SA",php,webapps,0 +34630,platforms/php/webapps/34630.txt,"AChecker 1.0 - 'uri' Parameter Cross-site Scripting",2010-09-15,"High-Tech Bridge SA",php,webapps,0 +34631,platforms/php/webapps/34631.txt,"ATutor 1.0 - Multiple 'cid' Parameter Cross-site Scripting Vulnerabilities",2010-09-15,"High-Tech Bridge SA",php,webapps,0 34632,platforms/php/webapps/34632.txt,"Multi Website 1.5 - 'search' Parameter HTML Injection",2009-08-06,"599eme Man",php,webapps,0 -34633,platforms/php/webapps/34633.txt,"Spiceworks - 'query' Parameter Cross-Site Scripting",2009-08-08,"Adam Baldwin",php,webapps,0 -34634,platforms/php/webapps/34634.txt,"Multple I-Escorts Products - 'escorts_search.php' Cross-Site Scripting",2010-09-15,"599eme Man",php,webapps,0 +34633,platforms/php/webapps/34633.txt,"Spiceworks - 'query' Parameter Cross-site Scripting",2009-08-08,"Adam Baldwin",php,webapps,0 +34634,platforms/php/webapps/34634.txt,"Multple I-Escorts Products - 'escorts_search.php' Cross-site Scripting",2010-09-15,"599eme Man",php,webapps,0 34635,platforms/php/webapps/34635.txt,"Willscript Auction Website Script - 'category.php' SQL Injection",2009-08-06,"599eme Man",php,webapps,0 34636,platforms/php/webapps/34636.txt,"NWS-Classifieds - 'cmd' Parameter Local File Inclusion",2010-09-15,"John Leitch",php,webapps,0 34639,platforms/php/webapps/34639.txt,"CMScout IBrowser TinyMCE Plugin 2.3.4.3 - Local File Inclusion",2010-09-15,"John Leitch",php,webapps,0 -34640,platforms/php/webapps/34640.txt,"Mollify 1.6 - 'index.php' Cross-Site Scripting",2010-09-15,"John Leitch",php,webapps,0 +34640,platforms/php/webapps/34640.txt,"Mollify 1.6 - 'index.php' Cross-site Scripting",2010-09-15,"John Leitch",php,webapps,0 34641,platforms/php/webapps/34641.py,"chillyCMS 2.3.4.3 - Arbitrary File Upload",2010-09-15,"John Leitch",php,webapps,0 -34642,platforms/php/webapps/34642.txt,"AJ Auction Pro OOPD 3.0 - 'txtkeyword' Parameter Cross-Site Scripting",2009-08-06,"599eme Man",php,webapps,0 +34642,platforms/php/webapps/34642.txt,"AJ Auction Pro OOPD 3.0 - 'txtkeyword' Parameter Cross-site Scripting",2009-08-06,"599eme Man",php,webapps,0 34643,platforms/php/webapps/34643.txt,"Silurus Classifieds - category.php ID Parameter XSS",2009-08-06,Moudi,php,webapps,0 34644,platforms/php/webapps/34644.txt,"Silurus Classifieds - wcategory.php ID Parameter XSS",2009-08-06,Moudi,php,webapps,0 34645,platforms/php/webapps/34645.txt,"Silurus Classifieds - search.php keywords Parameter XSS",2009-08-06,Moudi,php,webapps,0 -34646,platforms/php/webapps/34646.txt,"Blog Ink (Blink) - Multiple SQL Injection",2009-08-03,Drosophila,php,webapps,0 +34646,platforms/php/webapps/34646.txt,"Blog Ink (Blink) - Multiple SQL Injections",2009-08-03,Drosophila,php,webapps,0 34647,platforms/windows/remote/34647.txt,"Ammyy Admin 3.5 - RCE (Metasploit)",2014-09-13,scriptjunkie,windows,remote,0 34648,platforms/windows/local/34648.txt,"Comodo Internet Security - HIPS/Sandbox Escape PoC",2014-09-13,"Joxean Koret",windows,local,0 -34649,platforms/php/webapps/34649.txt,"Netautor Professional 5.5 - 'login2.php' Cross-Site Scripting",2010-09-17,"Gjoko Krstic",php,webapps,0 -34650,platforms/php/webapps/34650.txt,"e-Soft24 Flash Games Script 1.0 - Cross-Site Scripting",2009-08-30,"599eme Man",php,webapps,0 -34651,platforms/php/webapps/34651.txt,"e-Soft24 Jokes Portal Script Seo 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2009-08-30,"599eme Man",php,webapps,0 -34652,platforms/php/webapps/34652.txt,"e-Soft24 PTC Script 1.2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2009-08-30,"599eme Man",php,webapps,0 -34653,platforms/php/webapps/34653.txt,"e107 0.7.23 - Multiple SQL Injection",2010-09-17,"High-Tech Bridge SA",php,webapps,0 +34649,platforms/php/webapps/34649.txt,"Netautor Professional 5.5 - 'login2.php' Cross-site Scripting",2010-09-17,"Gjoko Krstic",php,webapps,0 +34650,platforms/php/webapps/34650.txt,"e-Soft24 Flash Games Script 1.0 - Cross-site Scripting",2009-08-30,"599eme Man",php,webapps,0 +34651,platforms/php/webapps/34651.txt,"e-Soft24 Jokes Portal Script Seo 1.0 - Multiple Cross-site Scripting Vulnerabilities",2009-08-30,"599eme Man",php,webapps,0 +34652,platforms/php/webapps/34652.txt,"e-Soft24 PTC Script 1.2 - 'login.php' Multiple Cross-site Scripting Vulnerabilities",2009-08-30,"599eme Man",php,webapps,0 +34653,platforms/php/webapps/34653.txt,"e107 0.7.23 - Multiple SQL Injections",2010-09-17,"High-Tech Bridge SA",php,webapps,0 34654,platforms/windows/remote/34654.c,"SWiSH Max3 - DLL Loading Arbitrary Code Execution",2010-09-20,anT!-Tr0J4n,windows,remote,0 -34655,platforms/php/webapps/34655.txt,"Open Classifieds - Multiple Cross-Site Scripting Vulnerabilities",2009-08-28,Moudi,php,webapps,0 +34655,platforms/php/webapps/34655.txt,"Open Classifieds - Multiple Cross-site Scripting Vulnerabilities",2009-08-28,Moudi,php,webapps,0 34656,platforms/php/webapps/34656.txt,"x10 MP3 Automatic Search Engine 1.6.5 - includes/video_ad.php pic_id Parameter XSS",2009-08-29,Moudi,php,webapps,0 34657,platforms/php/webapps/34657.txt,"x10 MP3 Automatic Search Engine 1.6.5 - linkvideos_listing.php category Parameter XSS",2009-08-29,Moudi,php,webapps,0 34658,platforms/php/webapps/34658.txt,"x10 MP3 Automatic Search Engine 1.6.5b - templates/header1.php id Parameter XSS",2009-08-29,Moudi,php,webapps,0 @@ -31223,7 +31223,7 @@ id,file,description,date,author,platform,type,port 34669,platforms/multiple/remote/34669.rb,"Railo - Remote File Inclusion",2014-09-15,Metasploit,multiple,remote,80 34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer - Arbitrary File Upload",2014-09-15,Metasploit,multiple,remote,8400 34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager - Authentication Bypass",2014-09-15,Metasploit,java,remote,9000 -34672,platforms/linux/webapps/34672.txt,"CacheGuard-OS 5.7.7 - CSRF",2014-09-15,"William Costa",linux,webapps,8090 +34672,platforms/linux/webapps/34672.txt,"CacheGuard-OS 5.7.7 - Cross-site Request Forgery",2014-09-15,"William Costa",linux,webapps,8090 34673,platforms/php/webapps/34673.txt,"Tukanas Classifieds 1.0 - 'index.php' SQL Injection",2009-08-28,Moudi,php,webapps,0 34674,platforms/php/webapps/34674.txt,"WebStatCaffe - stat/mostvisitpage.php nodayshow Parameter XSS",2009-08-29,Moudi,php,webapps,0 34675,platforms/php/webapps/34675.txt,"WebStatCaffe - stat/visitorduration.php nodayshow Parameter XSS",2009-08-29,Moudi,php,webapps,0 @@ -31237,68 +31237,68 @@ id,file,description,date,author,platform,type,port 34685,platforms/windows/remote/34685.py,"Basic Web Server 1.0 - Directory Traversal / Denial of Service",2010-09-19,"John Leitch",windows,remote,0 34686,platforms/windows/remote/34686.txt,"YelloSoft Pinky 1.0 - Directory Traversal",2010-09-16,"John Leitch",windows,remote,0 34687,platforms/asp/webapps/34687.txt,"Smart ASP Survey - 'catid' SQL Injection",2009-08-27,Moudi,asp,webapps,0 -34688,platforms/php/webapps/34688.txt,"Basilic 1.5.13 - 'index.php' Cross-Site Scripting",2009-07-27,PLATEN,php,webapps,0 -34689,platforms/php/webapps/34689.txt,"Smart Magician Blog 1.0 - Multiple SQL Injection",2009-08-27,Evil-Cod3r,php,webapps,0 -34690,platforms/php/webapps/34690.txt,"@Mail 6.1.9 - 'MailType' Parameter Cross-Site Scripting",2010-09-21,"Vicente Aguilera Diaz",php,webapps,0 +34688,platforms/php/webapps/34688.txt,"Basilic 1.5.13 - 'index.php' Cross-site Scripting",2009-07-27,PLATEN,php,webapps,0 +34689,platforms/php/webapps/34689.txt,"Smart Magician Blog 1.0 - Multiple SQL Injections",2009-08-27,Evil-Cod3r,php,webapps,0 +34690,platforms/php/webapps/34690.txt,"@Mail 6.1.9 - 'MailType' Parameter Cross-site Scripting",2010-09-21,"Vicente Aguilera Diaz",php,webapps,0 34691,platforms/multiple/remote/34691.txt,"CollabNet Subversion Edge Log Parser - HTML Injection",2010-09-21,"Sumit Kumar Soni",multiple,remote,0 -34692,platforms/php/webapps/34692.txt,"WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting",2009-07-27,u.f.,php,webapps,0 -34693,platforms/php/webapps/34693.txt,"Free Arcade Script 1.0 - 'search' Field Cross-Site Scripting",2009-08-27,"599eme Man",php,webapps,0 -34694,platforms/php/webapps/34694.txt,"ClipBucket 1.7.1 - Multiple SQL Injection",2009-07-24,Qabandi,php,webapps,0 +34692,platforms/php/webapps/34692.txt,"WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-site Scripting",2009-07-27,u.f.,php,webapps,0 +34693,platforms/php/webapps/34693.txt,"Free Arcade Script 1.0 - 'search' Field Cross-site Scripting",2009-08-27,"599eme Man",php,webapps,0 +34694,platforms/php/webapps/34694.txt,"ClipBucket 1.7.1 - Multiple SQL Injections",2009-07-24,Qabandi,php,webapps,0 34695,platforms/windows/remote/34695.c,"GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34696,platforms/windows/remote/34696.c,"Easy Office Recovery - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34697,platforms/windows/remote/34697.c,"Sothink SWF Decompiler - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34698,platforms/windows/dos/34698.txt,"Microsoft Excel 2002 - Memory Corruption",2010-09-23,Abysssec,windows,dos,0 -34699,platforms/php/webapps/34699.txt,"OpenText LiveLink 9.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-09-23,"Alejandro Ramos",php,webapps,0 -34700,platforms/php/webapps/34700.txt,"WebShop Hun 1.062s - 'index.php' Local File Inclusion / Cross-Site Scripting",2009-07-24,u.f.,php,webapps,0 -34701,platforms/php/webapps/34701.txt,"SkaLinks 1.5 - 'cat' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-07-24,Moudi,php,webapps,0 -34702,platforms/php/webapps/34702.txt,"TurnkeySetup Net Marketing 6.0 - 'faqs.php' Cross-Site Scripting",2009-07-24,Moudi,php,webapps,0 -34703,platforms/php/webapps/34703.txt,"Million Dollar Pixel Ads - Cross-Site Scripting / SQL Injection",2009-07-24,Moudi,php,webapps,0 -34704,platforms/php/webapps/34704.txt,"MyDLstore Pixel Ad Script - 'payment.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 +34699,platforms/php/webapps/34699.txt,"OpenText LiveLink 9.7.1 - Multiple Cross-site Scripting Vulnerabilities",2010-09-23,"Alejandro Ramos",php,webapps,0 +34700,platforms/php/webapps/34700.txt,"WebShop Hun 1.062s - 'index.php' Local File Inclusion / Cross-site Scripting",2009-07-24,u.f.,php,webapps,0 +34701,platforms/php/webapps/34701.txt,"SkaLinks 1.5 - 'cat' Parameter Multiple Cross-site Scripting Vulnerabilities",2009-07-24,Moudi,php,webapps,0 +34702,platforms/php/webapps/34702.txt,"TurnkeySetup Net Marketing 6.0 - 'faqs.php' Cross-site Scripting",2009-07-24,Moudi,php,webapps,0 +34703,platforms/php/webapps/34703.txt,"Million Dollar Pixel Ads - Cross-site Scripting / SQL Injection",2009-07-24,Moudi,php,webapps,0 +34704,platforms/php/webapps/34704.txt,"MyDLstore Pixel Ad Script - 'payment.php' Cross-site Scripting",2009-07-21,Moudi,php,webapps,0 34705,platforms/php/webapps/34705.txt,"APBook 1.3 - Admin Login Multiple SQL Injection",2009-07-21,n3w7u,php,webapps,0 34706,platforms/php/webapps/34706.txt,"MyDLstore Meta Search Engine Script 1.0 - 'url' Parameter Remote File Inclusion",2009-07-21,Moudi,php,webapps,0 -34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links - 'index.php' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 +34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links - 'index.php' Cross-site Scripting",2009-08-17,Moudi,php,webapps,0 34708,platforms/php/webapps/34708.pl,"Joomla! 'com_tax' Component - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0 -34709,platforms/php/webapps/34709.txt,"Astrology - 'celebrities.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script - index.php Multiple Parameter XSS",2009-08-21,"599eme Man",php,webapps,0 -34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - index.php cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0 -34712,platforms/php/webapps/34712.txt,"FreeWebScriptz HUBScript - 'single_winner1.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34709,platforms/php/webapps/34709.txt,"Astrology - 'celebrities.php' Cross-site Scripting",2009-07-20,Moudi,php,webapps,0 +34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script - 'index.php' Multiple Parameter XSS",2009-08-21,"599eme Man",php,webapps,0 +34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - 'index.php' cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0 +34712,platforms/php/webapps/34712.txt,"FreeWebScriptz HUBScript - 'single_winner1.php' Cross-site Scripting",2009-07-20,Moudi,php,webapps,0 34713,platforms/php/webapps/34713.txt,"Freelancers - placebid.php id Parameter XSS",2009-08-17,Moudi,php,webapps,0 34714,platforms/php/webapps/34714.txt,"Freelancers - post_resume.php jobid Parameter XSS",2009-08-17,Moudi,php,webapps,0 -34715,platforms/php/webapps/34715.txt,"AdQuick - 'account.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34803,platforms/php/webapps/34803.txt,"Online Guestbook Pro 5.1 - 'ogp_show.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 -34804,platforms/php/webapps/34804.txt,"Rentventory - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-07-07,"599eme Man",php,webapps,0 +34715,platforms/php/webapps/34715.txt,"AdQuick - 'account.php' Cross-site Scripting",2009-07-20,Moudi,php,webapps,0 +34803,platforms/php/webapps/34803.txt,"Online Guestbook Pro 5.1 - 'ogp_show.php' Cross-site Scripting",2009-07-09,Moudi,php,webapps,0 +34804,platforms/php/webapps/34804.txt,"Rentventory - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2009-07-07,"599eme Man",php,webapps,0 34717,platforms/php/webapps/34717.txt,"vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection",2014-09-20,Dave,php,webapps,0 -34718,platforms/php/webapps/34718.txt,"M/Monit 3.3.2 - CSRF",2014-09-20,"Dolev Farhi",php,webapps,0 +34718,platforms/php/webapps/34718.txt,"M/Monit 3.3.2 - Cross-site Request Forgery",2014-09-20,"Dolev Farhi",php,webapps,0 34821,platforms/windows/remote/34821.txt,"InstallShield 2009 15.0.0.53 Premier - 'ISWiAutomation15.dll' ActiveX Arbitrary File Overwrite",2009-09-15,the_Edit0r,windows,remote,0 34822,platforms/windows/local/34822.c,"Microsoft Windows - Local Procedure Call (LPC) Local Privilege Escalation",2010-09-07,yuange,windows,local,0 34823,platforms/windows/remote/34823.c,"Dupehunter Professional 9.0.0.3911 - 'Fwpuclnt.dll' DLL Loading Arbitrary Code Execution",2010-10-08,anT!-Tr0J4n,windows,remote,0 -34824,platforms/php/webapps/34824.txt,"Lantern CMS - '11-login.asp' Cross-Site Scripting",2010-10-08,"High-Tech Bridge SA",php,webapps,0 +34824,platforms/php/webapps/34824.txt,"Lantern CMS - '11-login.asp' Cross-site Scripting",2010-10-08,"High-Tech Bridge SA",php,webapps,0 34825,platforms/php/webapps/34825.html,"Curverider Elgg 1.0 - Templates HTML Injection",2009-06-22,lorddemon,php,webapps,0 -34826,platforms/php/webapps/34826.html,"OPEN IT OverLook 5 - 'title.php' Cross-Site Scripting",2010-10-08,"Anatolia Security",php,webapps,0 +34826,platforms/php/webapps/34826.html,"OPEN IT OverLook 5 - 'title.php' Cross-site Scripting",2010-10-08,"Anatolia Security",php,webapps,0 34720,platforms/windows/dos/34720.pl,"Fast Image Resizer 098 - Local Crash PoC",2014-09-20,"niko sec",windows,dos,0 -34721,platforms/php/webapps/34721.txt,"Livefyre LiveComments Plugin - Stored XSS",2014-09-20,"Brij Kishore Mishra",php,webapps,0 -34722,platforms/php/webapps/34722.txt,"ClassApps SelectSurvey.net - Multiple SQL Injection",2014-09-20,BillV-Lists,php,webapps,0 +34721,platforms/php/webapps/34721.txt,"Livefyre LiveComments Plugin - Persistent Cross-site Scripting",2014-09-20,"Brij Kishore Mishra",php,webapps,0 +34722,platforms/php/webapps/34722.txt,"ClassApps SelectSurvey.net - Multiple SQL Injections",2014-09-20,BillV-Lists,php,webapps,0 34730,platforms/php/webapps/34730.txt,"DragDropCart - assets/js/ddcart.php sid Parameter XSS",2009-07-20,Moudi,php,webapps,0 34731,platforms/php/webapps/34731.txt,"DragDropCart - includes/ajax/getstate.php prefix Parameter XSS",2009-07-20,Moudi,php,webapps,0 -34732,platforms/php/webapps/34732.txt,"DragDropCart - index.php search Parameter XSS",2009-07-20,Moudi,php,webapps,0 +34732,platforms/php/webapps/34732.txt,"DragDropCart - 'index.php' search Parameter XSS",2009-07-20,Moudi,php,webapps,0 34733,platforms/php/webapps/34733.txt,"DragDropCart - search.php search Parameter XSS",2009-07-20,Moudi,php,webapps,0 34734,platforms/php/webapps/34734.txt,"DragDropCart - login.php redirect Parameter XSS",2009-07-20,Moudi,php,webapps,0 34735,platforms/php/webapps/34735.txt,"DragDropCart - productdetail.php product Parameter XSS",2009-07-20,Moudi,php,webapps,0 34729,platforms/windows/dos/34729.py,"Seafile-server 3.1.5 - Remote DoS",2014-09-20,"nop nop",windows,dos,0 -34736,platforms/php/webapps/34736.txt,"EZArticles - 'articles.php' Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 -34737,platforms/php/webapps/34737.txt,"EZodiak - 'index.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34738,platforms/php/webapps/34738.txt,"GejoSoft Image Hosting Community - Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34736,platforms/php/webapps/34736.txt,"EZArticles - 'articles.php' Cross-site Scripting",2009-08-20,Moudi,php,webapps,0 +34737,platforms/php/webapps/34737.txt,"EZodiak - 'index.php' Cross-site Scripting",2009-07-20,Moudi,php,webapps,0 +34738,platforms/php/webapps/34738.txt,"GejoSoft Image Hosting Community - Cross-site Scripting",2009-07-20,Moudi,php,webapps,0 34923,platforms/linux/local/34923.c,"Linux Kernel < 3.16.1 - Remount FUSE Local Root Exploit",2014-10-09,"Andy Lutomirski",linux,local,0 34740,platforms/php/webapps/34740.txt,"MyWeight 1.0 - user_addfood.php date Parameter XSS",2009-07-20,Moudi,php,webapps,0 34741,platforms/php/webapps/34741.txt,"MyWeight 1.0 - user_forgot_pwd_form.php info Parameter XSS",2009-07-20,Moudi,php,webapps,0 34742,platforms/php/webapps/34742.txt,"MyWeight 1.0 - user_login.php Multiple Parameter XSS",2009-07-20,Moudi,php,webapps,0 -34743,platforms/php/webapps/34743.txt,"Proxy List Script - 'index.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34743,platforms/php/webapps/34743.txt,"Proxy List Script - 'index.php' Cross-site Scripting",2009-07-20,Moudi,php,webapps,0 34744,platforms/php/webapps/34744.txt,"YourFreeWorld Ultra Classifieds - listads.php Multiple Parameter XSS",2009-07-20,Moudi,php,webapps,0 34745,platforms/php/webapps/34745.txt,"YourFreeWorld Ultra Classifieds - subclass.php cname Parameter XSS",2009-07-20,Moudi,php,webapps,0 -34746,platforms/php/webapps/34746.txt,"Web TV - 'chn' Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34746,platforms/php/webapps/34746.txt,"Web TV - 'chn' Parameter Cross-site Scripting",2009-07-20,Moudi,php,webapps,0 34747,platforms/php/webapps/34747.txt,"LittleSite 0.1 - 'file' Parameter Local File Inclusion",2014-09-23,Eolas_Gadai,php,webapps,0 34748,platforms/php/webapps/34748.txt,"Classified Linktrader Script - 'addlink.php' SQL Injection",2009-07-21,Moudi,php,webapps,0 -34749,platforms/php/webapps/34749.txt,"CJ Dynamic Poll Pro 2.0 - 'admin_index.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 +34749,platforms/php/webapps/34749.txt,"CJ Dynamic Poll Pro 2.0 - 'admin_index.php' Cross-site Scripting",2009-07-21,Moudi,php,webapps,0 34752,platforms/windows/dos/34752.c,"WS10 Data Server - SCADA Exploit Overflow PoC",2014-09-24,"Pedro Sánchez",windows,dos,0 34753,platforms/asp/webapps/34753.py,"Onlineon E-Ticaret - Database Disclosure Exploit",2014-09-24,ZoRLu,asp,webapps,80 34754,platforms/php/webapps/34754.py,"Joomla Face Gallery 1.0 - Multiple vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 @@ -31307,96 +31307,96 @@ id,file,description,date,author,platform,type,port 34757,platforms/windows/remote/34757.rb,"Advantech WebAccess - dvs.ocx GetColor Buffer Overflow",2014-09-24,Metasploit,windows,remote,0 34758,platforms/php/webapps/34758.txt,"Glype 1.4.9 - Cookie Injection Path Traversal LFI",2014-09-24,Securify,php,webapps,80 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 -34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Stored XSS",2014-09-24,"Kenneth F. Belva",php,webapps,80 +34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Persistent Cross-site Scripting",2014-09-24,"Kenneth F. Belva",php,webapps,80 34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With Shortcode 3.1.1 Plugin - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 -34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 - (index.php file param) Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 +34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 - (index.php file parameter) Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (Shellshock)",2014-09-25,"Stephane Chazelas",linux,remote,0 34766,platforms/linux/remote/34766.php,"Bash - Environment Variables Code Injection Exploit (Shellshock)",2014-09-25,"Prakhar Prasad & Subho Halder",linux,remote,80 34767,platforms/windows/dos/34767.py,"BS.Player 2.56 - (.m3u / .pls) File Processing Multiple Remote Denial of Service Vulnerabilities",2010-09-26,modpr0be,windows,dos,0 34768,platforms/windows/remote/34768.c,"VirIT eXplorer 6.7.43 - 'tg-scan.dll' DLL Loading Arbitrary Code Execution",2010-09-27,anT!-Tr0J4n,windows,remote,0 -34769,platforms/php/webapps/34769.txt,"MySITE - SQL Injection / Cross-Site Scripting",2010-09-27,MustLive,php,webapps,0 -34770,platforms/php/webapps/34770.txt,"PHP Scripts Now Hangman - index.php n Parameter SQL Injection",2009-07-21,Moudi,php,webapps,0 -34771,platforms/php/webapps/34771.txt,"PHP Scripts Now Hangman - index.php letters Parameter XSS",2009-07-21,Moudi,php,webapps,0 -34772,platforms/php/webapps/34772.txt,"Honest Traffic - 'msg' Parameter Cross-Site Scripting",2009-07-17,Moudi,php,webapps,0 +34769,platforms/php/webapps/34769.txt,"MySITE - SQL Injection / Cross-site Scripting",2010-09-27,MustLive,php,webapps,0 +34770,platforms/php/webapps/34770.txt,"PHP Scripts Now Hangman - 'index.php' n Parameter SQL Injection",2009-07-21,Moudi,php,webapps,0 +34771,platforms/php/webapps/34771.txt,"PHP Scripts Now Hangman - 'index.php' letters Parameter XSS",2009-07-21,Moudi,php,webapps,0 +34772,platforms/php/webapps/34772.txt,"Honest Traffic - 'msg' Parameter Cross-site Scripting",2009-07-17,Moudi,php,webapps,0 34773,platforms/php/webapps/34773.txt,"Horde IMP Webmail 4.3.7 - 'fetchmailprefs.php' HTML Injection",2010-09-27,"Moritz Naumann",php,webapps,0 34774,platforms/php/webapps/34774.txt,"Hotscripts Type PHP Clone Script - feedback.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 -34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script - index.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 +34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script - 'index.php' msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script - lostpassword.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34777,platforms/cgi/remote/34777.rb,"GNU Bash - Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",cgi,remote,0 34778,platforms/lin_x86/shellcode/34778.c,"Linux/x86 - Add map in /etc/hosts file (google.com 127.1.1.1) shellcode (77 bytes)",2014-09-25,"Javier Tejedor",lin_x86,shellcode,0 34779,platforms/hardware/webapps/34779.pl,"Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure",2014-09-25,"Sebastián Magof",hardware,webapps,80 -34783,platforms/php/webapps/34783.txt,"Scriptsez Ultimate Poll - 'demo_page.php' Cross-Site Scripting",2009-07-16,Moudi,php,webapps,0 +34783,platforms/php/webapps/34783.txt,"Scriptsez Ultimate Poll - 'demo_page.php' Cross-site Scripting",2009-07-16,Moudi,php,webapps,0 34784,platforms/php/webapps/34784.txt,"Micro CMS 1.0 - 'name' Field HTML Injection",2010-09-28,"Veerendra G.G",php,webapps,0 -34785,platforms/php/webapps/34785.txt,"phpMyFAQ 2.6.x - 'index.php' Cross-Site Scripting",2010-09-28,"Yam Mesicka",php,webapps,0 -34786,platforms/php/webapps/34786.txt,"eCardMAX - Multiple Cross-Site Scripting Vulnerabilities",2009-07-14,Moudi,php,webapps,0 +34785,platforms/php/webapps/34785.txt,"phpMyFAQ 2.6.x - 'index.php' Cross-site Scripting",2010-09-28,"Yam Mesicka",php,webapps,0 +34786,platforms/php/webapps/34786.txt,"eCardMAX - Multiple Cross-site Scripting Vulnerabilities",2009-07-14,Moudi,php,webapps,0 34787,platforms/php/webapps/34787.txt,"MODx 2.0.2-pl - manager/index.php modahsh Parameter XSS",2010-09-29,"John Leitch",php,webapps,0 34788,platforms/php/webapps/34788.txt,"MODx manager - /controllers/default/resource/tvs.php class_key Parameter Traversal Local File Inclusion",2010-09-29,"John Leitch",php,webapps,0 -34789,platforms/php/webapps/34789.html,"GetSimple CMS 2.01 - 'admin/changedata.php' Cross-Site Scripting",2010-09-29,"High-Tech Bridge SA",php,webapps,0 +34789,platforms/php/webapps/34789.html,"GetSimple CMS 2.01 - 'admin/changedata.php' Cross-site Scripting",2010-09-29,"High-Tech Bridge SA",php,webapps,0 34790,platforms/php/webapps/34790.txt,"Pluck 4.6.3 - 'cont1' Parameter HTML Injection",2010-09-29,"High-Tech Bridge SA",php,webapps,0 34791,platforms/php/webapps/34791.txt,"Swinger Club Portal - start.php id Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 34792,platforms/php/webapps/34792.txt,"Swinger Club Portal - start.php go Parameter Remote File Inclusion",2009-07-07,Moudi,php,webapps,0 34793,platforms/php/webapps/34793.txt,"Top Paidmailer - 'home.php' Remote File Inclusion",2009-07-13,Moudi,php,webapps,0 34794,platforms/cgi/webapps/34794.txt,"Intellicom Netbiter webSCADA Products - 'read.cgi' Multiple Remote Security Vulnerabilities",2010-10-01,"Eugene Salov",cgi,webapps,0 -34795,platforms/php/webapps/34795.txt,"WebAsyst Shop-Script - 'index.php' Cross-Site Scripting",2009-07-09,Vrs-hCk,php,webapps,0 +34795,platforms/php/webapps/34795.txt,"WebAsyst Shop-Script - 'index.php' Cross-site Scripting",2009-07-09,Vrs-hCk,php,webapps,0 34796,platforms/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation",2010-08-03,"Libing Song",multiple,remote,0 -34797,platforms/php/webapps/34797.txt,"SurgeMail SurgeWeb 4.3e - Cross-Site Scripting",2010-10-04,"Kerem Kocaer",php,webapps,0 +34797,platforms/php/webapps/34797.txt,"SurgeMail SurgeWeb 4.3e - Cross-site Scripting",2010-10-04,"Kerem Kocaer",php,webapps,0 34782,platforms/php/webapps/34782.txt,"NetArt Media Car Portal 2.0 - 'car' Parameter SQL Injection",2010-09-27,RoAd_KiLlEr,php,webapps,0 34781,platforms/php/webapps/34781.txt,"WordPress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 34798,platforms/php/webapps/34798.txt,"ITS SCADA Username - SQL Injection",2010-10-04,"Eugene Salov",php,webapps,0 34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include",2014-09-29,Vulnerability-Lab,ios,webapps,0 -34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 +34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 34802,platforms/hardware/remote/34802.html,"Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure",2010-10-04,"599eme Man",hardware,remote,0 34809,platforms/php/webapps/34809.txt,"Tausch Ticket Script 3 - suchauftraege_user.php userid Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 34810,platforms/php/webapps/34810.txt,"Tausch Ticket Script 3 - vote.php descr Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 -34811,platforms/php/webapps/34811.txt,"Linea21 1.2.1 - 'search' Parameter Cross-Site Scripting",2009-07-08,"599eme Man",php,webapps,0 -34812,platforms/php/webapps/34812.html,"Docebo 3.6 - 'description' Parameter Cross-Site Scripting",2010-10-04,"High-Tech Bridge SA",php,webapps,0 +34811,platforms/php/webapps/34811.txt,"Linea21 1.2.1 - 'search' Parameter Cross-site Scripting",2009-07-08,"599eme Man",php,webapps,0 +34812,platforms/php/webapps/34812.html,"Docebo 3.6 - 'description' Parameter Cross-site Scripting",2010-10-04,"High-Tech Bridge SA",php,webapps,0 34813,platforms/php/webapps/34813.txt,"Elxis 2009.2 rev2631 - SQL Injection",2010-10-05,"High-Tech Bridge SA",php,webapps,0 -34814,platforms/php/webapps/34814.txt,"SquirrelMail Virtual Keyboard Plugin - 'vkeyboard.php' Cross-Site Scripting",2010-10-05,"Moritz Naumann",php,webapps,0 +34814,platforms/php/webapps/34814.txt,"SquirrelMail Virtual Keyboard Plugin - 'vkeyboard.php' Cross-site Scripting",2010-10-05,"Moritz Naumann",php,webapps,0 34815,platforms/windows/remote/34815.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.0 Bypass) (MS12-037)",2014-09-29,"ryujin & sickness",windows,remote,0 34820,platforms/php/webapps/34820.pl,"Joomla Club Manager Component - 'cm_id' Parameter SQL Injection",2010-10-06,FL0RiX,php,webapps,0 34817,platforms/windows/webapps/34817.rb,"Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)",2014-09-29,"Nate Power",windows,webapps,0 -34818,platforms/php/webapps/34818.html,"OpenFiler 2.99.1 - CSRF",2014-09-29,"Dolev Farhi",php,webapps,446 +34818,platforms/php/webapps/34818.html,"OpenFiler 2.99.1 - Cross-site Request Forgery",2014-09-29,"Dolev Farhi",php,webapps,446 34975,platforms/php/webapps/34975.txt,"SEO Tools Plugin for WordPress 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0 -34976,platforms/php/webapps/34976.txt,"WordPress Vodpod Video Gallery 3.1.5 Plugin - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34976,platforms/php/webapps/34976.txt,"WordPress Vodpod Video Gallery 3.1.5 Plugin - 'vodpod_gallery_thumbs.php' Cross-site Scripting",2010-11-08,"John Leitch",php,webapps,0 34977,platforms/php/webapps/34977.txt,"WordPress jRSS Widget Plugin 1.1.1 - 'url' Parameter Information Disclosure",2010-11-08,"John Leitch",php,webapps,0 34827,platforms/php/webapps/34827.txt,"Recipe Script 5.0 - 'First Name' HTML Injection",2009-06-15,"ThE g0bL!N",php,webapps,0 -34828,platforms/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",php,webapps,0 +34828,platforms/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-site Scripting",2010-10-06,"High-Tech Bridge SA",php,webapps,0 34829,platforms/windows/remote/34829.c,"Adobe Dreamweaver CS4 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0 34830,platforms/windows/remote/34830.c,"IsoBuster 2.7 - 'wnaspi32.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0 34831,platforms/windows/remote/34831.c,"NetStumbler 0.4 - 'mfc71esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0 34832,platforms/windows/remote/34832.c,"Microsoft Visio 2007 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0 -34833,platforms/php/webapps/34833.txt,"Joomla! and Mambo 'com_trade' Component - 'PID' Parameter Cross-Site Scripting",2010-10-11,FL0RiX,php,webapps,0 -34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-Site Scripting",2010-10-12,"Alexander Polyakov",jsp,webapps,0 +34833,platforms/php/webapps/34833.txt,"Joomla! and Mambo 'com_trade' Component - 'PID' Parameter Cross-site Scripting",2010-10-11,FL0RiX,php,webapps,0 +34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-site Scripting",2010-10-12,"Alexander Polyakov",jsp,webapps,0 34835,platforms/windows/remote/34835.py,"e2eSoft VCam - DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 34836,platforms/windows/remote/34836.py,"Notepad++ 5.8.2 - 'libtidy.dll' DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 34837,platforms/php/webapps/34837.txt,"Joomla! 'com_jstore' Component - 'controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0 34838,platforms/windows/remote/34838.c,"Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution",2010-10-13,anT!-Tr0J4n,windows,remote,0 34839,platforms/cgi/webapps/34839.py,"IPFire - Cgi Web Interface Authenticated Bash Environment Variable Code Injection Exploit",2014-10-01,"Claudio Viviani",cgi,webapps,0 34840,platforms/php/webapps/34840.txt,"Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 -34841,platforms/php/webapps/34841.txt,"PluXml 5.0.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 +34841,platforms/php/webapps/34841.txt,"PluXml 5.0.1 - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 34842,platforms/php/webapps/34842.txt,"TWiki 5.0 - bin/view rev Parameter XSS",2010-10-14,"DOUHINE Davy",php,webapps,0 34843,platforms/php/webapps/34843.txt,"TWiki 5.0 - bin/login Multiple Parameter XSS",2010-10-14,"DOUHINE Davy",php,webapps,0 34844,platforms/windows/remote/34844.c,"STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-15,anT!-Tr0J4n,windows,remote,0 -34845,platforms/php/webapps/34845.txt,"PHP Photo Vote 1.3F - 'page' Parameter Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 +34845,platforms/php/webapps/34845.txt,"PHP Photo Vote 1.3F - 'page' Parameter Cross-site Scripting",2009-08-07,Moudi,php,webapps,0 34846,platforms/windows/remote/34846.txt,"httpdx 1.4.5 - dot Character Remote File Disclosure",2009-10-09,Dr_IDE,windows,remote,0 -34847,platforms/php/webapps/34847.txt,"PHP Easy Shopping Cart 3.1R - 'subitems.php' Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 +34847,platforms/php/webapps/34847.txt,"PHP Easy Shopping Cart 3.1R - 'subitems.php' Cross-site Scripting",2009-08-07,Moudi,php,webapps,0 34848,platforms/windows/remote/34848.c,"1CLICK DVD Converter 2.1.7.1 - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2010-10-15,anT!-Tr0J4n,windows,remote,0 34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 - 'req' Parameter Local File Inclusion / Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 -34850,platforms/php/webapps/34850.txt,"eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0 -34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 - (joblogs.php jobid param) SQL Injection",2014-10-02,wishnusakti,php,webapps,80 +34850,platforms/php/webapps/34850.txt,"eXV2 CMS - Multiple Cross-site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0 +34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 - (joblogs.php jobid parameter) SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0 34854,platforms/php/webapps/34854.txt,"Wordpress All In One WP Security & Firewall 3.8.3 Plugin - Persistent XSS",2014-10-02,Vulnerability-Lab,php,webapps,80 -34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 - (.bmp) Buffer Overflow",2010-10-19,anT!-Tr0J4n,windows,dos,0 +34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 - '.bmp' Buffer Overflow",2010-10-19,anT!-Tr0J4n,windows,dos,0 34856,platforms/windows/remote/34856.py,"Kolibri Webserver 2.0 - Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass",2014-10-02,tekwizz123,windows,remote,80 34857,platforms/windows/dos/34857.txt,"TeamSpeak Client 3.0.14 - Buffer Overflow",2014-10-02,"SpyEye and Christian Galeon",windows,dos,0 -34858,platforms/php/webapps/34858.txt,"RBS Change Complet Open Source 3.6.8 - CSRF",2014-10-02,"Krusty Hack",php,webapps,80 +34858,platforms/php/webapps/34858.txt,"RBS Change Complet Open Source 3.6.8 - Cross-site Request Forgery",2014-10-02,"Krusty Hack",php,webapps,80 34860,platforms/linux/remote/34860.py,"GNU bash 4.3.11 - Environment Variable dhclient Exploit",2014-10-02,@0x00string,linux,remote,0 34861,platforms/php/webapps/34861.txt,"PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution",2014-10-02,Portcullis,php,webapps,80 34862,platforms/linux/remote/34862.rb,"Pure-FTPd - External Authentication Bash Environment Variable Code Injection",2014-10-02,Metasploit,linux,remote,21 -34863,platforms/php/webapps/34863.txt,"TestLink 1.9.11 - Multiple SQL Injection",2014-10-02,Portcullis,php,webapps,80 +34863,platforms/php/webapps/34863.txt,"TestLink 1.9.11 - Multiple SQL Injections",2014-10-02,Portcullis,php,webapps,80 34864,platforms/asp/webapps/34864.txt,"Epicor Enterprise 7.4 - Multiple Vulnerabilities",2014-10-02,"Fara Rustein",asp,webapps,443 34865,platforms/multiple/webapps/34865.txt,"Moab < 7.2.9 - Authorization Bypass",2014-10-02,"MWR InfoSecurity",multiple,webapps,0 34866,platforms/linux/remote/34866.rb,"HP Network Node Manager I - PMD Buffer Overflow",2014-10-02,Metasploit,linux,remote,7426 @@ -31404,38 +31404,38 @@ id,file,description,date,author,platform,type,port 34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34869,platforms/windows/remote/34869.c,"Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34870,platforms/windows/remote/34870.html,"VLC Media Player 1.1.4 Mozilla Multimedia Plugin - Remote Code Execution",2010-10-19,shinnai,windows,remote,0 -34871,platforms/php/webapps/34871.txt,"eCardMAX FormXP - 'survey_result.php' Cross-Site Scripting",2009-07-15,Moudi,php,webapps,0 +34871,platforms/php/webapps/34871.txt,"eCardMAX FormXP - 'survey_result.php' Cross-site Scripting",2009-07-15,Moudi,php,webapps,0 34872,platforms/windows/dos/34872.py,"MASS PLAYER 2.1 - File Processing Remote Denial of Service",2010-10-19,Sweet,windows,dos,0 34873,platforms/php/webapps/34873.txt,"Wap-motor - 'image' Parameter Directory Traversal",2009-08-27,Inj3ct0r,php,webapps,0 -34874,platforms/php/webapps/34874.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,MaXe,php,webapps,0 +34874,platforms/php/webapps/34874.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Multiple Cross-site Scripting Vulnerabilities",2009-10-15,MaXe,php,webapps,0 34875,platforms/php/webapps/34875.txt,"QuarkMail - 'tf' Parameter Directory Traversal",2009-08-28,Securitylab.ir,php,webapps,0 -34876,platforms/php/webapps/34876.txt,"E-Gold Game Series: Pirates of The Caribbean - Multiple SQL Injection",2009-08-27,Moudi,php,webapps,0 -34877,platforms/php/webapps/34877.txt,"DigiOz Guestbook 1.7.2 - 'search.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 -34878,platforms/php/webapps/34878.txt,"StandAloneArcade 1.1 - 'gamelist.php' Cross-Site Scripting",2009-08-27,Moudi,php,webapps,0 +34876,platforms/php/webapps/34876.txt,"E-Gold Game Series: Pirates of The Caribbean - Multiple SQL Injections",2009-08-27,Moudi,php,webapps,0 +34877,platforms/php/webapps/34877.txt,"DigiOz Guestbook 1.7.2 - 'search.php' Cross-site Scripting",2009-08-26,Moudi,php,webapps,0 +34878,platforms/php/webapps/34878.txt,"StandAloneArcade 1.1 - 'gamelist.php' Cross-site Scripting",2009-08-27,Moudi,php,webapps,0 34879,platforms/linux/remote/34879.txt,"OpenVPN 2.2.29 - Remote Exploit (Shellshock)",2014-10-04,"hobbily plunt",linux,remote,0 34881,platforms/linux/remote/34881.html,"Mozilla Firefox SeaMonkey 3.6.10 / Thunderbird 3.1.4 - 'document.write' Memory Corruption",2010-10-19,"Alexander Miller",linux,remote,0 -34882,platforms/php/webapps/34882.html,"sNews 1.7 - 'snews.php' Cross-Site Scripting / HTML Injection",2010-10-19,"High-Tech Bridge SA",php,webapps,0 +34882,platforms/php/webapps/34882.html,"sNews 1.7 - 'snews.php' Cross-site Scripting / HTML Injection",2010-10-19,"High-Tech Bridge SA",php,webapps,0 34883,platforms/php/webapps/34883.txt,"4Site CMS 2.6 - 'cat' Parameter SQL Injection",2010-10-19,"High-Tech Bridge SA",php,webapps,0 -34884,platforms/php/webapps/34884.txt,"JCE-Tech SearchFeed Script - 'index.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 +34884,platforms/php/webapps/34884.txt,"JCE-Tech SearchFeed Script - 'index.php' Cross-site Scripting",2009-08-26,Moudi,php,webapps,0 34885,platforms/php/webapps/34885.txt,"Auction RSS Content Script - rss.php id Parameter XSS",2009-08-26,Moudi,php,webapps,0 34886,platforms/php/webapps/34886.txt,"Auction RSS Content Script - search.php id Parameter XSS",2009-08-26,Moudi,php,webapps,0 -34887,platforms/php/webapps/34887.txt,"JCE-Tech PHP Video Script - 'index.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 -34888,platforms/php/webapps/34888.txt,"UloKI PHP Forum 2.1 - 'search.php' Cross-Site Scripting",2009-08-19,Moudi,php,webapps,0 +34887,platforms/php/webapps/34887.txt,"JCE-Tech PHP Video Script - 'index.php' Cross-site Scripting",2009-08-26,Moudi,php,webapps,0 +34888,platforms/php/webapps/34888.txt,"UloKI PHP Forum 2.1 - 'search.php' Cross-site Scripting",2009-08-19,Moudi,php,webapps,0 34889,platforms/windows/dos/34889.vcf,"Microsoft Windows Mobile - Overly Long vCard Name Field Denial of Service",2010-10-21,SecurityArchitect.Org,windows,dos,0 -34890,platforms/php/webapps/34890.txt,"Wiccle Web Builder 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-10-21,"Veerendra G.G",php,webapps,0 +34890,platforms/php/webapps/34890.txt,"Wiccle Web Builder 2.0 - Multiple Cross-site Scripting Vulnerabilities",2010-10-21,"Veerendra G.G",php,webapps,0 34891,platforms/php/webapps/34891.txt,"Micro CMS 1.0 - 'name' Parameter HTML Injection",2010-10-21,"SecPod Research",php,webapps,0 -34892,platforms/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Parameter Cross-Site Scripting",2010-10-21,"Antu Sanadi",php,webapps,0 +34892,platforms/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Parameter Cross-site Scripting",2010-10-21,"Antu Sanadi",php,webapps,0 34893,platforms/php/webapps/34893.txt,"PHP Scripts Now Multiple Products - bios.php rank Parameter XSS",2009-07-20,"599eme Man",php,webapps,0 34894,platforms/php/webapps/34894.txt,"PHP Scripts Now Multiple Products - bios.php rank Parameter SQL Injection",2009-07-20,"599eme Man",php,webapps,0 34895,platforms/cgi/webapps/34895.rb,"Bash CGI - RCE Shellshock Exploit (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 34896,platforms/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)",2014-10-06,"Phil Blank",linux,remote,0 34922,platforms/php/webapps/34922.txt,"Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 -35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injection",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 +35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 35024,platforms/php/webapps/35024.txt,"Joomla Catalogue Component - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0 34900,platforms/linux/remote/34900.py,"Apache mod_cgi - Remote Exploit (Shellshock)",2014-10-06,"Federico Galatolo",linux,remote,0 34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - /riddles/results.php searchquery Parameter XSS",2009-08-20,Moudi,php,webapps,0 34903,platforms/php/webapps/34903.txt,"PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection",2009-08-20,Moudi,php,webapps,0 -34904,platforms/php/webapps/34904.txt,"Radvision Scopia - 'entry/index.jsp' Cross-Site Scripting",2009-08-24,"Francesco Bianchino",php,webapps,0 +34904,platforms/php/webapps/34904.txt,"Radvision Scopia - 'entry/index.jsp' Cross-site Scripting",2009-08-24,"Francesco Bianchino",php,webapps,0 34905,platforms/php/webapps/34905.txt,"W-Agora 4.2.1 - search.php3 bn Parameter Traversal Local File Inclusion",2010-10-22,MustLive,php,webapps,0 34906,platforms/php/webapps/34906.txt,"W-Agora 4.2.1 - search.php bn Parameter XSS",2010-10-22,MustLive,php,webapps,0 34907,platforms/multiple/webapps/34907.txt,"IBM Tivoli Access Manager for e-business - ivt/ivtserver parm1 Parameter XSS",2010-10-22,IBM,multiple,webapps,0 @@ -31457,26 +31457,26 @@ id,file,description,date,author,platform,type,port 34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer - Remote Command Execution",2014-10-09,Metasploit,windows,remote,80 34927,platforms/unix/remote/34927.rb,"F5 iControl - Remote Root Command Execution",2014-10-09,Metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 -34929,platforms/multiple/webapps/34929.txt,"Nessus Web UI 2.3.3 - Stored XSS",2014-10-09,"Frank Lycops",multiple,webapps,0 -34930,platforms/php/webapps/34930.txt,"Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-Site Scripting",2009-06-03,intern0t,php,webapps,0 -34931,platforms/windows/remote/34931.c,"Microsoft Windows VISTA - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution",2010-10-25,"Tyler Borland",windows,remote,0 +34929,platforms/multiple/webapps/34929.txt,"Nessus Web UI 2.3.3 - Persistent Cross-site Scripting",2014-10-09,"Frank Lycops",multiple,webapps,0 +34930,platforms/php/webapps/34930.txt,"Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-site Scripting",2009-06-03,intern0t,php,webapps,0 +34931,platforms/windows/remote/34931.c,"Microsoft Windows Vista- 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution",2010-10-25,"Tyler Borland",windows,remote,0 34932,platforms/linux/remote/34932.html,"NitroView ESM - 'ess.pm' Remote Command Execution",2010-10-26,s_n,linux,remote,0 -34933,platforms/php/webapps/34933.txt,"FlatNux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-03,intern0t,php,webapps,0 +34933,platforms/php/webapps/34933.txt,"FlatNux 2009-03-27 - Multiple Cross-site Scripting Vulnerabilities",2009-06-03,intern0t,php,webapps,0 34934,platforms/php/webapps/34934.pl,"Joomla! Projects 'com_projects' Component - SQL Injection / Local File Inclusion",2010-10-27,jos_ali_joe,php,webapps,0 34935,platforms/php/webapps/34935.txt,"LES PACKS - 'ID' Parameter SQL Injection",2010-10-27,Cru3l.b0y,php,webapps,0 34936,platforms/asp/webapps/34936.txt,"i-Gallery 3.4/4.1 - 'streamfile.asp' Multiple Directory Traversal Vulnerabilities",2009-06-03,"Stefano Angaran",asp,webapps,0 -34937,platforms/php/webapps/34937.txt,"Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2010-10-28,Justanotherhacker.com,php,webapps,0 +34937,platforms/php/webapps/34937.txt,"Feindura CMS Groupware - Multiple Local File Inclusion / Cross-site Scripting Vulnerabilities",2010-10-28,Justanotherhacker.com,php,webapps,0 34938,platforms/windows/dos/34938.txt,"Teamspeak 2.0.32.60 - Memory Corruption",2010-10-28,"Jokaim and nSense",windows,dos,0 -34939,platforms/php/webapps/34939.txt,"W-Agora 4.1.5 - Local File Inclusion / Cross-Site Scripting",2010-10-27,MustLive,php,webapps,0 +34939,platforms/php/webapps/34939.txt,"W-Agora 4.1.5 - Local File Inclusion / Cross-site Scripting",2010-10-27,MustLive,php,webapps,0 34940,platforms/php/webapps/34940.txt,"212cafe WebBoard 2.90 beta - 'view.php' Directory Traversal",2009-05-29,MrDoug,php,webapps,0 -34941,platforms/php/webapps/34941.txt,"Intergo Arcade Trade Script 1.0 - 'q' Parameter Cross-Site Scripting",2009-05-25,SmOk3,php,webapps,0 -34942,platforms/php/webapps/34942.txt,"Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"dave b",php,webapps,0 +34941,platforms/php/webapps/34941.txt,"Intergo Arcade Trade Script 1.0 - 'q' Parameter Cross-site Scripting",2009-05-25,SmOk3,php,webapps,0 +34942,platforms/php/webapps/34942.txt,"Elastix 2.0.2 - Multiple Cross-site Scripting Vulnerabilities",2010-11-01,"dave b",php,webapps,0 34943,platforms/windows/remote/34943.txt,"Project Jug 1.0.0 - Directory Traversal",2010-11-01,"John Leitch",windows,remote,0 34944,platforms/php/webapps/34944.txt,"SmartOptimizer - Null Character Remote Information Disclosure",2010-11-01,"Francois Harvey",php,webapps,0 34945,platforms/multiple/remote/34945.txt,"Home File Share Server 0.7.2 32 - Directory Traversal",2010-11-01,"John Leitch",multiple,remote,0 -34946,platforms/php/webapps/34946.txt,"cformsII 11.5/13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"Wagner Elias",php,webapps,0 -34947,platforms/php/webapps/34947.txt,"CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection",2010-10-30,MustLive,php,webapps,0 -34948,platforms/asp/webapps/34948.txt,"Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-Site Scripting",2010-11-01,ITSecTeam,asp,webapps,0 +34946,platforms/php/webapps/34946.txt,"cformsII 11.5/13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-site Scripting Vulnerabilities",2010-11-01,"Wagner Elias",php,webapps,0 +34947,platforms/php/webapps/34947.txt,"CMS WebManager-Pro 7.4.3 - Cross-site Scripting / SQL Injection",2010-10-30,MustLive,php,webapps,0 +34948,platforms/asp/webapps/34948.txt,"Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-site Scripting",2010-11-01,ITSecTeam,asp,webapps,0 34949,platforms/multiple/remote/34949.py,"BroadWorks - Call Detail Record Security Bypass",2010-11-02,"Nick Freeman",multiple,remote,0 34950,platforms/php/remote/34950.php,"PHP 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation",2009-05-11,root@80sec.com,php,remote,0 34951,platforms/php/webapps/34951.txt,"Online Work Order Suite - Login SQL Injection",2010-11-02,VSN,php,webapps,0 @@ -31488,7 +31488,7 @@ id,file,description,date,author,platform,type,port 34957,platforms/ios/webapps/34957.txt,"PayPal Inc BB #85 MB iOS 4.6 - Auth Bypass",2014-10-14,Vulnerability-Lab,ios,webapps,0 35022,platforms/php/webapps/35022.txt,"4homepages 4images 1.7.x - 'categories.php' Parameter SQL Injection",2010-11-29,"Ahmed Atif",php,webapps,0 34958,platforms/php/webapps/34958.py,"Croogo 2.0.0 - Arbitrary PHP Code Execution Exploit",2014-10-14,LiquidWorm,php,webapps,0 -34959,platforms/php/webapps/34959.txt,"Croogo 2.0.0 - Multiple Stored XSS Vulnerabilities",2014-10-14,LiquidWorm,php,webapps,0 +34959,platforms/php/webapps/34959.txt,"Croogo 2.0.0 - Multiple Persistent Cross-site Scripting Vulnerabilities",2014-10-14,LiquidWorm,php,webapps,0 34978,platforms/windows/remote/34978.c,"Silo 2.1.1 - 'wintab32.dll' DLL Loading Arbitrary Code Execution",2010-11-08,"Gjoko Krstic",windows,remote,0 34979,platforms/php/remote/34979.php,"PHP 5.3.x - 'mb_strcut()' Function Information Disclosure",2010-11-07,"Mateusz Kocielski",php,remote,0 34980,platforms/novell/dos/34980.py,"Novell GroupWise 8.0 - Multiple Remote Vulnerabilities",2010-11-08,"Francis Provencher",novell,dos,0 @@ -31498,55 +31498,55 @@ id,file,description,date,author,platform,type,port 34966,platforms/windows/local/34966.txt,"Telefonica O2 Connection Manager 3.4 - Local Privilege Escalation",2014-10-14,LiquidWorm,windows,local,0 34967,platforms/windows/local/34967.txt,"Telefonica O2 Connection Manager 8.7 - Service Trusted Path Privilege Escalation",2014-10-14,LiquidWorm,windows,local,0 34968,platforms/php/webapps/34968.txt,"YourMembers Plugin - Blind SQL Injection",2014-10-14,TranDinhTien,php,webapps,0 -34969,platforms/hardware/webapps/34969.html,"Tenda A32 Router - CSRF",2014-10-14,zixian,hardware,webapps,0 +34969,platforms/hardware/webapps/34969.html,"Tenda A32 Router - Cross-site Request Forgery",2014-10-14,zixian,hardware,webapps,0 34970,platforms/php/webapps/34970.py,"SEO Control Panel 3.6.0 - Authenticated SQL Injection",2014-10-14,"Tiago Carvalho",php,webapps,0 -34971,platforms/asp/webapps/34971.txt,"Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting",2010-11-05,"Wesley Kerfoot",asp,webapps,0 +34971,platforms/asp/webapps/34971.txt,"Angel Learning Management System 7.3 - 'pdaview.asp' Cross-site Scripting",2010-11-05,"Wesley Kerfoot",asp,webapps,0 34972,platforms/php/webapps/34972.txt,"Joomla! AutoArticles 3000 - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0 -34973,platforms/php/webapps/34973.txt,"WordPress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34974,platforms/php/webapps/34974.txt,"WordPress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34973,platforms/php/webapps/34973.txt,"WordPress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34974,platforms/php/webapps/34974.txt,"WordPress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-site Scripting",2010-11-08,"John Leitch",php,webapps,0 34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 -34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 +34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 34995,platforms/php/webapps/34995.txt,"Simea CMS - 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 34984,platforms/php/webapps/34984.py,"Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (1)",2014-10-16,fyukyuk,php,webapps,0 -34985,platforms/php/remote/34985.txt,"pfSense 2 Beta 4 - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-05,"dave b",php,remote,0 +34985,platforms/php/remote/34985.txt,"pfSense 2 Beta 4 - 'graph.php' Multiple Cross-site Scripting Vulnerabilities",2010-11-05,"dave b",php,remote,0 34986,platforms/hardware/remote/34986.txt,"D-Link DIR-300 - Multiple Security Bypass Vulnerabilities",2010-11-09,"Karol Celia",hardware,remote,0 34987,platforms/linux/local/34987.c,"Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure",2010-11-09,"Dan Rosenberg",linux,local,0 -34988,platforms/php/webapps/34988.txt,"PHPShop 2.1 EE - 'name_new' Parameter Cross-Site Scripting",2010-11-10,MustLive,php,webapps,0 +34988,platforms/php/webapps/34988.txt,"PHPShop 2.1 EE - 'name_new' Parameter Cross-site Scripting",2010-11-10,MustLive,php,webapps,0 34989,platforms/php/webapps/34989.txt,"WeBid 0.85P1 - Multiple Input Validation Vulnerabilities",2010-11-10,"John Leitch",php,webapps,0 -34990,platforms/php/webapps/34990.txt,"Ricoh Web Image Monitor 2.03 - Cross-Site Scripting",2010-11-09,thelightcosine,php,webapps,0 +34990,platforms/php/webapps/34990.txt,"Ricoh Web Image Monitor 2.03 - Cross-site Scripting",2010-11-09,thelightcosine,php,webapps,0 34996,platforms/php/webapps/34996.txt,"Raised Eyebrow CMS - 'venue.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 34992,platforms/php/webapps/34992.txt,"Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (2)",2014-10-17,"Claudio Viviani",php,webapps,0 34993,platforms/php/webapps/34993.php,"Drupal Core 7.32 - SQL Injection (PHP)",2014-10-17,"Dustin Dörr",php,webapps,0 -34997,platforms/windows/remote/34997.txt,"DServe - Multiple Cross-Site Scripting Vulnerabilities",2010-11-16,Axiell,windows,remote,0 +34997,platforms/windows/remote/34997.txt,"DServe - Multiple Cross-site Scripting Vulnerabilities",2010-11-16,Axiell,windows,remote,0 34998,platforms/linux/remote/34998.txt,"Eclipse 3.6.1 - Help Server help/index.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0 34999,platforms/linux/remote/34999.txt,"Eclipse 3.6.1 - Help Server help/advanced/content.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0 35000,platforms/windows/dos/35000.txt,"SAP Netweaver Enqueue Server - Denial of Service",2014-10-17,"Core Security",windows,dos,3200 -35001,platforms/windows/remote/35001.txt,"SAP NetWeaver 7.0 - SQL Monitor Multiple Cross-Site Scripting Vulnerabilities",2010-11-17,a.polyakov,windows,remote,0 +35001,platforms/windows/remote/35001.txt,"SAP NetWeaver 7.0 - SQL Monitor Multiple Cross-site Scripting Vulnerabilities",2010-11-17,a.polyakov,windows,remote,0 35002,platforms/windows/remote/35002.html,"VLC Media Player 1.1.x - Calling Convention Remote Buffer Overflow",2010-11-02,shinnai,windows,remote,0 -35003,platforms/multiple/remote/35003.txt,"IBM OmniFind - 'command' Parameter Cross-Site Scripting",2010-11-09,"Fatih Kilic",multiple,remote,0 -35004,platforms/php/webapps/35004.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (1)",2010-11-18,"High-Tech Bridge SA",php,webapps,0 +35003,platforms/multiple/remote/35003.txt,"IBM OmniFind - 'command' Parameter Cross-site Scripting",2010-11-09,"Fatih Kilic",multiple,remote,0 +35004,platforms/php/webapps/35004.txt,"CompactCMS 1.4.1 - Multiple Cross-site Scripting Vulnerabilities (1)",2010-11-18,"High-Tech Bridge SA",php,webapps,0 35005,platforms/windows/remote/35005.html,"WebKit - Insufficient Entropy Random Number Generator Weakness (1)",2010-11-18,"Amit Klein",windows,remote,0 35006,platforms/windows/remote/35006.html,"WebKit - Insufficient Entropy Random Number Generator Weakness (2)",2010-11-18,"Amit Klein",windows,remote,0 35007,platforms/windows/remote/35007.c,"Native Instruments Multiple Products - DLL Loading Arbitrary Code Execution",2010-11-19,"Gjoko Krstic",windows,remote,0 35008,platforms/cgi/webapps/35008.txt,"Hot Links SQL 3.2 - 'report.cgi' SQL Injection",2010-11-22,"Aliaksandr Hartsuyeu",cgi,webapps,0 35009,platforms/php/webapps/35009.txt,"AuraCMS 1.62 - 'pdf.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 35010,platforms/osx/local/35010.c,"Apple iOS 4.0.2 - Networking Packet Filter Rules Local Privilege Escalation",2010-11-22,Apple,osx,local,0 -35011,platforms/linux/remote/35011.txt,"Apache Tomcat 7.0.4 - 'sort' and 'orderBy' Parameters Cross-Site Scripting",2010-11-22,"Adam Muntner",linux,remote,0 -35012,platforms/multiple/webapps/35012.txt,"ZyXEL P-660R-T1 V2 - 'HomeCurrent_Date' Parameter Cross-Site Scripting",2010-11-23,"Usman Saeed",multiple,webapps,0 +35011,platforms/linux/remote/35011.txt,"Apache Tomcat 7.0.4 - 'sort' and 'orderBy' Parameters Cross-site Scripting",2010-11-22,"Adam Muntner",linux,remote,0 +35012,platforms/multiple/webapps/35012.txt,"ZyXEL P-660R-T1 V2 - 'HomeCurrent_Date' Parameter Cross-site Scripting",2010-11-23,"Usman Saeed",multiple,webapps,0 35014,platforms/hardware/remote/35014.txt,"D-Link DIR-300 - WiFi Key Security Bypass",2010-11-24,"Gaurav Saha",hardware,remote,0 -35015,platforms/cgi/webapps/35015.txt,"SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting",2010-11-24,"Aliaksandr Hartsuyeu",cgi,webapps,0 +35015,platforms/cgi/webapps/35015.txt,"SimpLISTic SQL 2.0 - 'email.cgi' Cross-site Scripting",2010-11-24,"Aliaksandr Hartsuyeu",cgi,webapps,0 35016,platforms/php/webapps/35016.txt,"Easy Banner 2009.05.18 - member.php Multiple Parameter SQL Injection Authentication Bypass",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 -35017,platforms/php/webapps/35017.txt,"Easy Banner 2009.05.18 - index.php Multiple Parameter XSS",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 +35017,platforms/php/webapps/35017.txt,"Easy Banner 2009.05.18 - 'index.php' Multiple Parameter XSS",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35018,platforms/linux/remote/35018.c,"Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow",2014-10-20,"Nick Sampanis",linux,remote,0 35019,platforms/windows/local/35019.py,"Windows - OLE Package Manager SandWorm Exploit",2014-10-20,"Vlad Ovtchinikov",windows,local,0 35020,platforms/win_x86/local/35020.rb,"Microsoft Windows - OLE Package Manager Code Execution (MS14-060)",2014-10-20,Metasploit,win_x86,local,0 35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation",2014-10-20,Metasploit,linux,local,0 -35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 +35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 35026,platforms/php/webapps/35026.txt,"Joomla Store Directory - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0 35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 - Admin Login Multiple SQL Injection",2010-11-26,ali_err0r,php,webapps,0 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' Parameter SQL Injection",2010-11-26,KnocKout,php,webapps,0 35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService - Arbitrary File Upload",2014-10-21,Metasploit,windows,remote,0 -35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 +35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 35033,platforms/php/remote/35033.rb,"Joomla Akeeba Kickstart - Unserialize Remote Code Execution",2014-10-21,Metasploit,php,remote,80 35034,platforms/multiple/remote/35034.rb,"HP Data Protector - EXEC_INTEGUTIL Remote Code Execution",2014-10-21,Metasploit,multiple,remote,5555 35035,platforms/cgi/webapps/35035.txt,"Awstats 6.x - Apache Tomcat Configuration File Remote Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0 @@ -31556,10 +31556,10 @@ id,file,description,date,author,platform,type,port 35039,platforms/windows/webapps/35039.rb,"DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)",2014-10-22,"Glafkos Charalambous ",windows,webapps,0 35040,platforms/windows/local/35040.txt,"iBackup 10.0.0.32 - Local Privilege Escalation",2014-10-22,"Glafkos Charalambous ",windows,local,0 35041,platforms/php/webapps/35041.py,"Feng Office 1.7.4 - Arbitrary File Upload",2014-10-23,"AutoSec Tools",php,webapps,0 -35042,platforms/php/webapps/35042.txt,"Feng Office 1.7.4 - Cross-Site Scripting",2014-10-23,"AutoSec Tools",php,webapps,0 -35043,platforms/php/webapps/35043.txt,"Contenido CMS 4.8.12 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 +35042,platforms/php/webapps/35042.txt,"Feng Office 1.7.4 - Cross-site Scripting",2014-10-23,"AutoSec Tools",php,webapps,0 +35043,platforms/php/webapps/35043.txt,"Contenido CMS 4.8.12 - Multiple Cross-site Scripting Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 35044,platforms/php/webapps/35044.txt,"Alguest 1.1 - Multiple Cookie Authentication Bypass Vulnerabilities",2010-12-03,"Aliaksandr Hartsuyeu",php,webapps,0 -35045,platforms/asp/webapps/35045.txt,"DotNetNuke 5.5.1 - 'InstallWizard.aspx' Cross-Site Scripting",2010-12-03,"Richard Brain",asp,webapps,0 +35045,platforms/asp/webapps/35045.txt,"DotNetNuke 5.5.1 - 'InstallWizard.aspx' Cross-site Scripting",2010-12-03,"Richard Brain",asp,webapps,0 35046,platforms/php/webapps/35046.txt,"Axway Secure Transport 5.1 SP2 - Arbitrary File Upload via CSRF",2014-10-23,"Emmanuel Law",php,webapps,0 35047,platforms/hardware/webapps/35047.txt,"Dell SonicWall Gms 7.2.x - Code Injection",2014-10-23,Vulnerability-Lab,hardware,webapps,0 35048,platforms/asp/webapps/35048.txt,"Techno Dreams Articles & Papers Package 2.0 - 'ArticlesTablelist.asp' SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 @@ -31567,7 +31567,7 @@ id,file,description,date,author,platform,type,port 35050,platforms/php/webapps/35050.txt,"Alguest 1.1 - 'start' Parameter SQL Injection",2010-12-06,"Aliaksandr Hartsuyeu",php,webapps,0 35051,platforms/windows/remote/35051.txt,"Freefloat FTP Server - Directory Traversal",2010-12-06,Pr0T3cT10n,windows,remote,0 35052,platforms/php/webapps/35052.txt,"Magento Server MAGMI Plugin - Remote File Inclusion",2014-10-25,"Parvinder Bhasin",php,webapps,0 -35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 +35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 35055,platforms/windows/remote/35055.py,"Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 35056,platforms/hardware/webapps/35056.txt,"Dell EqualLogic Storage - Directory Traversal",2014-10-25,"XLabs Security",hardware,webapps,0 35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) Plugin - Shell Upload",2014-10-25,"Claudio Viviani",php,webapps,0 @@ -31583,9 +31583,9 @@ id,file,description,date,author,platform,type,port 35062,platforms/multiple/remote/35062.txt,"RDM Embedded Lock Manager < 9.x - 'lm_tcp' Service Buffer Overflow",2010-12-07,"Luigi Auriemma",multiple,remote,0 35063,platforms/php/webapps/35063.txt,"Zimplit CMS - zimplit.php file Parameter XSS",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35064,platforms/php/webapps/35064.txt,"Zimplit CMS - English_manual_version_2.php client Parameter XSS",2010-12-07,"High-Tech Bridge SA",php,webapps,0 -35065,platforms/asp/webapps/35065.txt,"SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-07,x0skel,asp,webapps,0 -35066,platforms/php/webapps/35066.txt,"WordPress Processing Embed Plugin 0.5 - 'pluginurl' Parameter Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 -35067,platforms/php/webapps/35067.txt,"WordPress Safe Search Plugin 'v1' Parameter - Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 +35065,platforms/asp/webapps/35065.txt,"SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-site Scripting Vulnerabilities",2010-12-07,x0skel,asp,webapps,0 +35066,platforms/php/webapps/35066.txt,"WordPress Processing Embed Plugin 0.5 - 'pluginurl' Parameter Cross-site Scripting",2010-12-08,"John Leitch",php,webapps,0 +35067,platforms/php/webapps/35067.txt,"WordPress Safe Search Plugin 'v1' Parameter - Cross-site Scripting",2010-12-08,"John Leitch",php,webapps,0 35068,platforms/hardware/remote/35068.txt,"pfSense - pkg_edit.php id Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35069,platforms/hardware/remote/35069.txt,"pfSense - pkg.php xml Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35070,platforms/hardware/remote/35070.txt,"pfSense - status_graph.php if Parameter XSS",2010-11-08,"dave b",hardware,remote,0 @@ -31602,19 +31602,19 @@ id,file,description,date,author,platform,type,port 35081,platforms/linux/dos/35081.txt,"Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash",2014-10-27,"Michal Zalewski",linux,dos,0 35082,platforms/ios/webapps/35082.txt,"WebDisk+ 2.1 iOS - Code Execution",2014-10-27,Vulnerability-Lab,ios,webapps,1861 35083,platforms/ios/webapps/35083.txt,"Folder Plus 2.5.1 iOS - Persistent XSS",2014-10-27,Vulnerability-Lab,ios,webapps,0 -35084,platforms/php/webapps/35084.txt,"WordPress Twitter Feed Plugin 'url' Parameter - Cross-Site Scripting",2010-12-07,"John Leitch",php,webapps,0 -35085,platforms/cgi/webapps/35085.txt,"WWWThread 5.0.8 Pro - 'showflat.pl' Cross-Site Scripting",2010-12-09,"Aliaksandr Hartsuyeu",cgi,webapps,0 +35084,platforms/php/webapps/35084.txt,"WordPress Twitter Feed Plugin 'url' Parameter - Cross-site Scripting",2010-12-07,"John Leitch",php,webapps,0 +35085,platforms/cgi/webapps/35085.txt,"WWWThread 5.0.8 Pro - 'showflat.pl' Cross-site Scripting",2010-12-09,"Aliaksandr Hartsuyeu",cgi,webapps,0 35086,platforms/multiple/dos/35086.rb,"Allegro RomPager 4.07 - UPnP HTTP Request Remote Denial of Service",2010-12-08,"Ricky-Lee Birtles",multiple,dos,0 35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion",2010-12-09,"Marcin Ressel",php,webapps,0 35088,platforms/php/webapps/35088.txt,"PHP State - 'id' Parameter SQL Injection",2010-12-09,jos_ali_joe,php,webapps,0 35089,platforms/php/webapps/35089.txt,"Joomla Jeformcr - 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0 35090,platforms/php/webapps/35090.txt,"JExtensions Property Finder Component for Joomla! - 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0 -35091,platforms/php/webapps/35091.txt,"ManageEngine EventLog Analyzer 6.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,"Rob Kraus",php,webapps,0 -35092,platforms/multiple/remote/35092.html,"Helix Server 14.0.1.571 - Administration Interface Cross-Site Request Forgery",2010-12-10,"John Leitch",multiple,remote,0 -35093,platforms/cgi/webapps/35093.txt,"BizDir 05.10 - 'f_srch' Parameter Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",cgi,webapps,0 -35094,platforms/php/webapps/35094.txt,"slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 +35091,platforms/php/webapps/35091.txt,"ManageEngine EventLog Analyzer 6.1 - Multiple Cross-site Scripting Vulnerabilities",2010-12-10,"Rob Kraus",php,webapps,0 +35092,platforms/multiple/remote/35092.html,"Helix Server 14.0.1.571 - Administration Interface Cross-site Request Forgery",2010-12-10,"John Leitch",multiple,remote,0 +35093,platforms/cgi/webapps/35093.txt,"BizDir 05.10 - 'f_srch' Parameter Cross-site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",cgi,webapps,0 +35094,platforms/php/webapps/35094.txt,"slickMsg 0.7-alpha - 'top.php' Cross-site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35095,platforms/linux/remote/35095.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Multiple HTML Injection Vulnerabilities",2010-12-09,"Yosuke Hasegawa",linux,remote,0 -35096,platforms/php/webapps/35096.txt,"Joomla! 'com_mailto' Component - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0 +35096,platforms/php/webapps/35096.txt,"Joomla! 'com_mailto' Component - Multiple Cross-site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0 35097,platforms/php/webapps/35097.txt,"Joomla Redirect Component 1.5.19 - 'com_redirect' Local File Inclusion",2010-12-13,jos_ali_joe,php,webapps,0 35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80 @@ -31625,48 +31625,48 @@ id,file,description,date,author,platform,type,port 35103,platforms/hardware/remote/35103.txt,"Konke Smart Plug K - Authentication Bypass",2014-10-29,gamehacker,hardware,remote,0 35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) Buffer Overflow/DoS EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0 35209,platforms/jsp/webapps/35209.txt,"ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities",2014-11-10,"Pedro Ribeiro",jsp,webapps,0 -35106,platforms/php/webapps/35106.txt,"Cetera eCommerce - 'banner.php' Cross-Site Scripting",2010-12-11,MustLive,php,webapps,0 -35107,platforms/cfm/webapps/35107.txt,"Mura CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-12-13,"Richard Brain",cfm,webapps,0 -35108,platforms/php/webapps/35108.txt,"MyBB 1.4.10 - 'tags.php' Cross-Site Scripting",2010-12-12,TEAMELITE,php,webapps,0 -35109,platforms/php/webapps/35109.txt,"PHP TopSites 2.1 - 'rate.php' Cross-Site Scripting / SQL Injection",2010-12-13,"c0de Hunters",php,webapps,0 -35110,platforms/php/webapps/35110.txt,"BlogCFC 5.9.6.001 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-14,"Richard Brain",php,webapps,0 -35111,platforms/php/webapps/35111.txt,"slickMsg - Cross-Site Scripting / HTML Injection",2010-12-15,"Aliaksandr Hartsuyeu",php,webapps,0 +35106,platforms/php/webapps/35106.txt,"Cetera eCommerce - 'banner.php' Cross-site Scripting",2010-12-11,MustLive,php,webapps,0 +35107,platforms/cfm/webapps/35107.txt,"Mura CMS - Multiple Cross-site Scripting Vulnerabilities",2010-12-13,"Richard Brain",cfm,webapps,0 +35108,platforms/php/webapps/35108.txt,"MyBB 1.4.10 - 'tags.php' Cross-site Scripting",2010-12-12,TEAMELITE,php,webapps,0 +35109,platforms/php/webapps/35109.txt,"PHP TopSites 2.1 - 'rate.php' Cross-site Scripting / SQL Injection",2010-12-13,"c0de Hunters",php,webapps,0 +35110,platforms/php/webapps/35110.txt,"BlogCFC 5.9.6.001 - Multiple Cross-site Scripting Vulnerabilities",2010-12-14,"Richard Brain",php,webapps,0 +35111,platforms/php/webapps/35111.txt,"slickMsg - Cross-site Scripting / HTML Injection",2010-12-15,"Aliaksandr Hartsuyeu",php,webapps,0 35112,platforms/linux/local/35112.sh,"IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation",2014-10-29,"Robert Jaroszuk",linux,local,0 35113,platforms/php/webapps/35113.php,"MAARCH 1.4 - Arbitrary File Upload",2014-10-29,"Adrien Thierry",php,webapps,80 35114,platforms/php/webapps/35114.txt,"MAARCH 1.4 - SQL Injection",2014-10-29,"Adrien Thierry",php,webapps,80 35115,platforms/linux/remote/35115.rb,"CUPS Filter - Bash Environment Variable Code Injection",2014-10-29,Metasploit,linux,remote,631 -35116,platforms/php/webapps/35116.txt,"HP Insight Diagnostics Online Edition 8.4 - 'search.php' Cross-Site Scripting",2010-12-15,"Richard Brain",php,webapps,0 -35117,platforms/php/webapps/35117.txt,"BLOG:CMS 4.2.1 e - Multiple HTML Injection / Cross-Site Scripting",2010-12-15,"High-Tech Bridge SA",php,webapps,0 +35116,platforms/php/webapps/35116.txt,"HP Insight Diagnostics Online Edition 8.4 - 'search.php' Cross-site Scripting",2010-12-15,"Richard Brain",php,webapps,0 +35117,platforms/php/webapps/35117.txt,"BLOG:CMS 4.2.1 e - Multiple HTML Injection / Cross-site Scripting",2010-12-15,"High-Tech Bridge SA",php,webapps,0 35118,platforms/php/webapps/35118.txt,"phpRS - 'model-kits.php' SQL Injection",2010-12-16,KnocKout,php,webapps,0 35119,platforms/windows/remote/35119.txt,"Alt-N WebAdmin 3.3.3 - Remote Source Code Information Disclosure",2010-12-17,wsn1983,windows,remote,0 -35120,platforms/php/webapps/35120.txt,"Radius Manager 3.6 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-17,"Rodrigo Rubira Branco",php,webapps,0 -35121,platforms/php/webapps/35121.txt,"Social Share - Multiple Cross-Site Scripting Vulnerabilities",2010-12-17,"Aliaksandr Hartsuyeu",php,webapps,0 +35120,platforms/php/webapps/35120.txt,"Radius Manager 3.6 - Multiple Cross-site Scripting Vulnerabilities",2010-12-17,"Rodrigo Rubira Branco",php,webapps,0 +35121,platforms/php/webapps/35121.txt,"Social Share - Multiple Cross-site Scripting Vulnerabilities",2010-12-17,"Aliaksandr Hartsuyeu",php,webapps,0 35122,platforms/php/webapps/35122.txt,"Social Share - 'postid' Parameter SQL Injection",2010-12-20,"Aliaksandr Hartsuyeu",php,webapps,0 35123,platforms/php/webapps/35123.txt,"Mafya Oyun Scrpti - 'profil.php' SQL Injection",2010-12-20,"DeadLy DeMon",php,webapps,0 -35124,platforms/php/webapps/35124.txt,"FreeNAS 0.7.2.5543 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-12-21,db.pub.mail,php,webapps,0 -35125,platforms/php/webapps/35125.txt,"Openfiler - 'device' Parameter Cross-Site Scripting",2010-12-21,db.pub.mail,php,webapps,0 -35126,platforms/php/webapps/35126.txt,"Habari 0.6.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 -35128,platforms/hardware/webapps/35128.txt,"ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Stored XSS",2014-10-31,"Ravi Rajput",hardware,webapps,0 +35124,platforms/php/webapps/35124.txt,"FreeNAS 0.7.2.5543 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2010-12-21,db.pub.mail,php,webapps,0 +35125,platforms/php/webapps/35125.txt,"Openfiler - 'device' Parameter Cross-site Scripting",2010-12-21,db.pub.mail,php,webapps,0 +35126,platforms/php/webapps/35126.txt,"Habari 0.6.5 - Multiple Cross-site Scripting Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 +35128,platforms/hardware/webapps/35128.txt,"ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Persistent Cross-site Scripting",2014-10-31,"Ravi Rajput",hardware,webapps,0 35129,platforms/php/webapps/35129.txt,"Who's Who Script - CSRF Exploit (Add Admin Account)",2014-10-31,"ZoRLu Bugrahan",php,webapps,0 -35130,platforms/windows/remote/35130.txt,"Calibre 0.7.34 - Cross-Site Scripting / Directory Traversal",2010-12-21,waraxe,windows,remote,0 +35130,platforms/windows/remote/35130.txt,"Calibre 0.7.34 - Cross-site Scripting / Directory Traversal",2010-12-21,waraxe,windows,remote,0 35131,platforms/php/webapps/35131.txt,"Social Share - 'username' Parameter SQL Injection",2010-12-21,"Aliaksandr Hartsuyeu",php,webapps,0 35132,platforms/linux/remote/35132.txt,"Mitel Audio and Web Conferencing (AWC) - Remote Arbitrary Shell Command Injection",2010-12-21,"Jan Fry",linux,remote,0 35133,platforms/php/webapps/35133.txt,"Mediatricks Viva Thumbs Plugin for WordPress - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0 35134,platforms/php/webapps/35134.txt,"ImpressCMS 1.2.x - 'quicksearch_ContentContent' Parameter HTML Injection",2010-12-21,"High-Tech Bridge SA",php,webapps,0 35135,platforms/php/webapps/35135.txt,"Classified Component for Joomla! - SQL Injection",2010-12-22,R4dc0re,php,webapps,0 -35136,platforms/php/webapps/35136.txt,"WordPress Accept Signups Plugin 0.1 - 'email' Parameter Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 +35136,platforms/php/webapps/35136.txt,"WordPress Accept Signups Plugin 0.1 - 'email' Parameter Cross-site Scripting",2010-12-22,clshack,php,webapps,0 35137,platforms/php/webapps/35137.txt,"Social Share - 'vote.php' HTTP Response Splitting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 -35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - XSS",2014-11-02,evi1m0,php,webapps,0 +35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - Cross-site Scripting",2014-11-02,evi1m0,php,webapps,0 35212,platforms/php/webapps/35212.txt,"XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 35140,platforms/php/webapps/35140.txt,"MyBB 1.6 - search.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35141,platforms/php/webapps/35141.txt,"MyBB 1.6 - private.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 -35142,platforms/php/webapps/35142.txt,"Social Share - 'search' Parameter Cross-Site Scripting",2010-12-23,"Aliaksandr Hartsuyeu",php,webapps,0 +35142,platforms/php/webapps/35142.txt,"Social Share - 'search' Parameter Cross-site Scripting",2010-12-23,"Aliaksandr Hartsuyeu",php,webapps,0 35143,platforms/php/webapps/35143.txt,"HotWeb Scripts HotWeb Rentals - 'PageId' Parameter SQL Injection",2010-12-28,"non customers",php,webapps,0 -35144,platforms/multiple/remote/35144.txt,"Appweb Web Server 3.2.2-1 - Cross-Site Scripting",2010-12-23,"Gjoko Krstic",multiple,remote,0 +35144,platforms/multiple/remote/35144.txt,"Appweb Web Server 3.2.2-1 - Cross-site Scripting",2010-12-23,"Gjoko Krstic",multiple,remote,0 35145,platforms/php/webapps/35145.txt,"Pligg CMS 1.1.3 - 'range' Parameter SQL Injection",2010-12-27,Dr.NeT,php,webapps,0 35146,platforms/php/webapps/35146.txt,"PHP < 5.6.2 - Bypass disable_functions Exploit (Shellshock)",2014-11-03,"Ryan King (Starfall)",php,webapps,0 35148,platforms/linux/remote/35148.txt,"IBM Tivoli Access Manager 6.1.1 for e-business - Directory Traversal",2010-12-24,anonymous,linux,remote,0 -35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0 +35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0 35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Pre-Auth SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443 35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) - 'Patch' DLM",2014-11-03,Metasploit,hardware,remote,9100 35153,platforms/osx/dos/35153.c,"Mac OS X Mavericks - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 @@ -31675,20 +31675,20 @@ id,file,description,date,author,platform,type,port 35156,platforms/php/webapps/35156.txt,"Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter XSS",2010-12-28,waraxe,php,webapps,0 35157,platforms/php/webapps/35157.html,"Coppermine Photo Gallery 1.5.10 - searchnew.php picfile_* Parameter XSS",2010-12-28,waraxe,php,webapps,0 35158,platforms/windows/dos/35158.py,"Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial Of Service",2010-12-27,JohnLeitch,windows,dos,0 -35159,platforms/php/webapps/35159.txt,"Modx CMS 2.2.14 - CSRF Bypass / Reflected XSS / Stored XSS",2014-11-05,"Narendra Bhati",php,webapps,0 -35160,platforms/php/webapps/35160.txt,"Mouse Media Script 1.6 - Stored XSS",2014-11-05,"Halil Dalabasmaz",php,webapps,0 +35159,platforms/php/webapps/35159.txt,"Modx CMS 2.2.14 - CSRF Bypass / Reflected XSS / Persistent Cross-site Scripting",2014-11-05,"Narendra Bhati",php,webapps,0 +35160,platforms/php/webapps/35160.txt,"Mouse Media Script 1.6 - Persistent Cross-site Scripting",2014-11-05,"Halil Dalabasmaz",php,webapps,0 35161,platforms/linux/local/35161.c,"Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Local Root (2)",2012-01-12,zx2c4,linux,local,0 35162,platforms/linux/dos/35162.cob,"GIMP 2.6.7 - Multiple File Plugins Remote Stack Buffer Overflow Vulnerabilities",2010-12-31,"non customers",linux,dos,0 35163,platforms/windows/dos/35163.c,"ImgBurn 2.4 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-01-01,d3c0der,windows,dos,0 35164,platforms/php/dos/35164.php,"PHP 5.3.2 - 'zend_strtod()' Function Floating-Point Value Denial of Service",2011-01-03,"Rick Regan",php,dos,0 35165,platforms/php/webapps/35165.txt,"WikLink 0.1.3 - 'getURL.php' SQL Injection",2011-01-05,"Aliaksandr Hartsuyeu",php,webapps,0 35166,platforms/windows/remote/35166.c,"Ace Video Workshop 1.2.0.0 - 'ir50_lcs.dll' DLL Loading Arbitrary Code Execution",2011-01-03,d3c0der,windows,remote,0 -35167,platforms/php/webapps/35167.txt,"Joomla 1.0.x - 'ordering' Parameter Cross-Site Scripting",2011-01-06,"Aung Khant",php,webapps,0 +35167,platforms/php/webapps/35167.txt,"Joomla 1.0.x - 'ordering' Parameter Cross-site Scripting",2011-01-06,"Aung Khant",php,webapps,0 35168,platforms/asp/webapps/35168.txt,"BlogEngine.NET 1.6 - Directory Traversal / Information Disclosure",2011-01-05,"Deniz Cevik",asp,webapps,0 -35169,platforms/jsp/webapps/35169.txt,"Openfire 3.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-05,"Walikar Riyaz Ahemed Dawalmalik",jsp,webapps,0 +35169,platforms/jsp/webapps/35169.txt,"Openfire 3.6.4 - Multiple Cross-site Scripting Vulnerabilities",2011-01-05,"Walikar Riyaz Ahemed Dawalmalik",jsp,webapps,0 35170,platforms/hardware/remote/35170.txt,"Lexmark X651de - Printer Ready Message Value HTML Injection",2011-01-06,"dave b",hardware,remote,0 35171,platforms/windows/remote/35171.c,"Quick Notes Plus 5.0 47 - Multiple DLL Loading Arbitrary Code Execution",2011-01-05,d3c0der,windows,remote,0 -35172,platforms/php/webapps/35172.txt,"PHP MicroCMS 1.0.1 - 'page_text' Parameter Cross-Site Scripting",2011-01-06,"High-Tech Bridge SA",php,webapps,0 +35172,platforms/php/webapps/35172.txt,"PHP MicroCMS 1.0.1 - 'page_text' Parameter Cross-site Scripting",2011-01-06,"High-Tech Bridge SA",php,webapps,0 35173,platforms/linux/dos/35173.txt,"MINIX 3.3.0 - Local Denial of Service PoC",2014-11-06,nitr0us,linux,dos,0 35177,platforms/windows/local/35177.py,"i-FTP 2.20 - Buffer Overflow SEH Exploit",2014-11-06,metacom,windows,local,0 35178,platforms/windows/dos/35178.py,"i.Hex 0.98 - Local Crash PoC",2014-11-06,metacom,windows,dos,0 @@ -31698,9 +31698,9 @@ id,file,description,date,author,platform,type,port 35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 - lib/message.php preg_replace() PHP Code Execution",2014-11-06,Metasploit,php,remote,80 35184,platforms/hardware/remote/35184.py,"Belkin n750 - jump login Parameter Buffer Overflow",2014-11-06,"Marco Vaz",hardware,remote,8080 -35185,platforms/php/webapps/35185.txt,"WonderCMS 0.3.3 - 'editText.php' Cross-Site Scripting",2011-01-04,"High-Tech Bridge SA",php,webapps,0 -35186,platforms/php/webapps/35186.txt,"WikLink 0.1.3 - Multiple SQL Injection",2011-01-10,"Aliaksandr Hartsuyeu",php,webapps,0 -35187,platforms/php/webapps/35187.txt,"Joostina 1.3 - 'index.php' Cross-Site Scripting",2011-01-08,MustLive,php,webapps,0 +35185,platforms/php/webapps/35185.txt,"WonderCMS 0.3.3 - 'editText.php' Cross-site Scripting",2011-01-04,"High-Tech Bridge SA",php,webapps,0 +35186,platforms/php/webapps/35186.txt,"WikLink 0.1.3 - Multiple SQL Injections",2011-01-10,"Aliaksandr Hartsuyeu",php,webapps,0 +35187,platforms/php/webapps/35187.txt,"Joostina 1.3 - 'index.php' Cross-site Scripting",2011-01-08,MustLive,php,webapps,0 35188,platforms/windows/remote/35188.py,"SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow",2011-01-10,"John Leitch",windows,remote,0 35189,platforms/windows/local/35189.c,"SafeGuard PrivateDisk 2.0/2.3 - 'privatediskm.sys' Multiple Local Security Bypass Vulnerabilities",2008-03-05,mu-b,windows,local,0 35190,platforms/windows/remote/35190.html,"Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities",2011-01-10,wsn1983,windows,remote,0 @@ -31717,16 +31717,16 @@ id,file,description,date,author,platform,type,port 35206,platforms/php/webapps/35206.txt,"PHP-Fusion 7.02.07 - SQL Injection",2014-11-10,"XLabs Security",php,webapps,0 35313,platforms/php/webapps/35313.txt,"WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0 -35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0 -35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0 +35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0 +35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-site Scripting",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0 35295,platforms/php/webapps/35295.txt,"Joomla Component - 'com_frontenduseraccess' Local File Inclusion",2011-02-01,wishnusakti,php,webapps,0 -35296,platforms/php/webapps/35296.txt,"eSyndiCat Directory Software 2.2/2.3 - 'preview' Parameter Cross-Site Scripting",2011-01-30,"Avram Marius",php,webapps,0 -35297,platforms/php/webapps/35297.txt,"Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 -35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion",2011-02-01,"Yam Mesicka",php,webapps,0 -35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - (picture.php rate param) SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 +35296,platforms/php/webapps/35296.txt,"eSyndiCat Directory Software 2.2/2.3 - 'preview' Parameter Cross-site Scripting",2011-01-30,"Avram Marius",php,webapps,0 +35297,platforms/php/webapps/35297.txt,"Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 +35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-site Scripting / Local File Inclusion",2011-02-01,"Yam Mesicka",php,webapps,0 +35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - (picture.php rate parameter) SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 35216,platforms/windows/local/35216.py,"Microsoft Office 2007 / 2010 - OLE Arbitrary Command Execution",2014-11-12,"Abhishek Lyall",windows,local,0 35217,platforms/windows/dos/35217.txt,"CorelDRAW X7 CDR File - (CdrTxt.dll) Off-By-One Stack Corruption",2014-11-12,LiquidWorm,windows,dos,0 -35218,platforms/php/webapps/35218.txt,"WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS",2014-11-12,"Halil Dalabasmaz",php,webapps,80 +35218,platforms/php/webapps/35218.txt,"WordPress SupportEzzy Ticket System Plugin 1.2.5 - Persistent Cross-site Scripting",2014-11-12,"Halil Dalabasmaz",php,webapps,80 35219,platforms/multiple/webapps/35219.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (1)",2014-11-13,"Onur Alanbel (BGA)",multiple,webapps,0 35220,platforms/multiple/webapps/35220.txt,"Joomla HD FLV Player < 2.1.0.1 - SQL Injection",2014-11-13,"Claudio Viviani",multiple,webapps,0 35222,platforms/jsp/webapps/35222.txt,"F5 BIG-IP 10.1.0 - Directory Traversal",2014-11-13,"Anastasios Monachos",jsp,webapps,0 @@ -31735,12 +31735,12 @@ id,file,description,date,author,platform,type,port 35225,platforms/windows/remote/35225.c,"Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (1)",2011-01-14,D.Elser,windows,remote,0 35226,platforms/windows/remote/35226.py,"Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (2)",2011-01-14,D.Elser,windows,remote,0 35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched - 'elimina' Parameter SQL Injection",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0 -35228,platforms/php/webapps/35228.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2)",2011-01-15,NLSecurity,php,webapps,0 +35228,platforms/php/webapps/35228.txt,"CompactCMS 1.4.1 - Multiple Cross-site Scripting Vulnerabilities (2)",2011-01-15,NLSecurity,php,webapps,0 35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)",2014-11-13,yuange,windows,remote,0 35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 35231,platforms/php/webapps/35231.txt,"Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection",2011-01-16,ShivX,php,webapps,0 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing - 'pangoft2-render.c' Heap Corruption",2011-01-18,"Dan Rosenberg",linux,remote,0 -35233,platforms/multiple/webapps/35233.txt,"B-Cumulus - 'tagcloud' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 +35233,platforms/multiple/webapps/35233.txt,"B-Cumulus - 'tagcloud' Parameter Multiple Cross-site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 35234,platforms/linux/local/35234.py,"OSSEC 2.8 - hosts.deny Privilege Escalation",2014-11-14,skynet-13,linux,local,0 35235,platforms/windows/local/35235.rb,"Microsoft Windows - OLE Package Manager Code Execution Through Python (MS14-064)",2014-11-14,Metasploit,windows,local,0 35236,platforms/windows/local/35236.rb,"Microsoft Windows - OLE Package Manager Code Execution (MS14-064)",2014-11-14,Metasploit,windows,local,0 @@ -31748,41 +31748,41 @@ id,file,description,date,author,platform,type,port 35238,platforms/multiple/webapps/35238.txt,"Gogs (users and repos q pararm) - SQL Injection",2014-11-14,"Timo Schmid",multiple,webapps,0 35239,platforms/php/webapps/35239.txt,"PHPCMS 2008 V2 - 'data.php' SQL Injection",2011-01-17,R3d-D3V!L,php,webapps,0 35240,platforms/linux/dos/35240.c,"acpid 1.0.x - Multiple Local Denial of Service Vulnerabilities",2011-01-19,"Vasiliy Kulikov",linux,dos,0 -35241,platforms/windows/remote/35241.pl,"ESTsoft ALZip 8.12.0.3 - (.zip) Buffer Overflow",2011-01-19,"C4SS!0 G0M3S",windows,remote,0 +35241,platforms/windows/remote/35241.pl,"ESTsoft ALZip 8.12.0.3 - '.zip' Buffer Overflow",2011-01-19,"C4SS!0 G0M3S",windows,remote,0 35242,platforms/multiple/remote/35242.txt,"Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp searchWord Parameter XSS",2008-04-24,Rob,multiple,remote,0 35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS",2008-04-24,Rob,multiple,remote,0 35244,platforms/windows/dos/35244.py,"Golden FTP Server 4.70 - Malformed Message Denial Of Service",2011-01-19,"Craig Freyman",windows,dos,0 35245,platforms/php/webapps/35245.txt,"PHPAuctions - 'viewfaqs.php' SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0 35246,platforms/php/webapps/35246.py,"Joomla HD FLV Player < 2.1.0.1 - Arbitrary File Download",2014-11-15,"Claudio Viviani",php,webapps,0 -35248,platforms/multiple/webapps/35248.txt,"clientResponse Client Management 4.1 - XSS",2014-11-15,"Halil Dalabasmaz",multiple,webapps,0 +35248,platforms/multiple/webapps/35248.txt,"clientResponse Client Management 4.1 - Cross-site Scripting",2014-11-15,"Halil Dalabasmaz",multiple,webapps,0 35293,platforms/php/webapps/35293.txt,"VirtueMart eCommerce Component 1.1.6 for Joomla! - SQL Injection",2011-01-31,"Andrea Fabrizi",php,webapps,0 -35288,platforms/php/webapps/35288.txt,"WordPress oQey-Gallery Plugin 0.2 - 'tbpv_domain' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 -35289,platforms/php/webapps/35289.txt,"WordPress FCChat Widget Plugin 2.1.7 - 'path' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35290,platforms/php/webapps/35290.txt,"SimpGB 1.49.2 - 'guestbook.php' Multiple Cross-Site Scripting Vulnerabilities",2011-01-26,MustLive,php,webapps,0 +35288,platforms/php/webapps/35288.txt,"WordPress oQey-Gallery Plugin 0.2 - 'tbpv_domain' Parameter Cross-site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35289,platforms/php/webapps/35289.txt,"WordPress FCChat Widget Plugin 2.1.7 - 'path' Parameter Cross-site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35290,platforms/php/webapps/35290.txt,"SimpGB 1.49.2 - 'guestbook.php' Multiple Cross-site Scripting Vulnerabilities",2011-01-26,MustLive,php,webapps,0 35251,platforms/php/webapps/35251.txt,"Pixie CMS 1.0.4 - 'admin/index.php' SQL Injection",2011-01-20,"High-Tech Bridge SA",php,webapps,0 35252,platforms/multiple/remote/35252.php,"libxml2 2.6.x - 'XMLWriter::writeAttribute()' Memory Leak Information Disclosure",2011-01-24,"Kees Cook",multiple,remote,0 -35253,platforms/php/webapps/35253.txt,"web@all 1.1 - 'url' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35254,platforms/php/webapps/35254.txt,"PivotX 2.2.2 - 'module_image.php' Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35255,platforms/php/webapps/35255.txt,"WordPress Uploader Plugin 1.0 - 'num' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35253,platforms/php/webapps/35253.txt,"web@all 1.1 - 'url' Parameter Cross-site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35254,platforms/php/webapps/35254.txt,"PivotX 2.2.2 - 'module_image.php' Cross-site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35255,platforms/php/webapps/35255.txt,"WordPress Uploader Plugin 1.0 - 'num' Parameter Cross-site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 35273,platforms/windows/remote/35273.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.1 Bypass) (MS12-037)",2014-11-17,"ryujin & sickness",windows,remote,0 35256,platforms/cfm/webapps/35256.txt,"ActiveWeb Professional 3.0 - Arbitrary File Upload",2011-01-25,StenoPlasma,cfm,webapps,0 -35257,platforms/php/webapps/35257.txt,"WordPress Videox7 UGC Plugin 2.5.3.2 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35258,platforms/php/webapps/35258.txt,"WordPress Audio Plugin 0.5.1 - 'showfile' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35257,platforms/php/webapps/35257.txt,"WordPress Videox7 UGC Plugin 2.5.3.2 - 'listid' Parameter Cross-site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35258,platforms/php/webapps/35258.txt,"WordPress Audio Plugin 0.5.1 - 'showfile' Parameter Cross-site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 35259,platforms/php/webapps/35259.txt,"PivotX 2.2 - pivotx/includes/blogroll.php color Parameter XSS",2011-01-25,"High-Tech Bridge SA",php,webapps,0 35260,platforms/php/webapps/35260.txt,"PivotX 2.2 - pivotx/includes/timwrapper.php src Parameter XSS",2011-01-25,"High-Tech Bridge SA",php,webapps,0 -35261,platforms/php/webapps/35261.txt,"RSS Feed Reader WordPress Plugin 0.1 - 'rss_url' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 -35262,platforms/php/webapps/35262.txt,"WordPress WP Featured Post with Thumbnail Plugin 3.0 - 'src' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35261,platforms/php/webapps/35261.txt,"RSS Feed Reader WordPress Plugin 0.1 - 'rss_url' Parameter Cross-site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35262,platforms/php/webapps/35262.txt,"WordPress WP Featured Post with Thumbnail Plugin 3.0 - 'src' Parameter Cross-site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 35263,platforms/php/webapps/35263.txt,"WordPress WP Publication Archive Plugin 2.0.1 - 'file' Parameter Information Disclosure",2011-01-23,"AutoSec Tools",php,webapps,0 -35264,platforms/php/webapps/35264.txt,"WordPress Featured Content Plugin 0.0.1 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35264,platforms/php/webapps/35264.txt,"WordPress Featured Content Plugin 0.0.1 - 'listid' Parameter Cross-site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35265,platforms/php/webapps/35265.php,"WordPress Recip.ly 1.1.7 Plugin - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 -35266,platforms/php/webapps/35266.txt,"MyBB Forums 1.8.2 - Stored XSS",2014-11-17,"Avinash Thapa",php,webapps,0 +35266,platforms/php/webapps/35266.txt,"MyBB Forums 1.8.2 - Persistent Cross-site Scripting",2014-11-17,"Avinash Thapa",php,webapps,0 35272,platforms/hardware/webapps/35272.txt,"ZTE ZXHN H108L - Authentication Bypass (1)",2014-11-17,"Project Zero Labs",hardware,webapps,0 35271,platforms/php/webapps/35271.txt,"Maarch LetterBox 2.8 - Insecure Cookies (Login Bypass)",2014-11-17,"ZoRLu Bugrahan",php,webapps,0 35284,platforms/multiple/remote/35284.pl,"Opera Web Browser 11.00 - 'option' HTML Element Integer Overflow",2011-01-25,"C4SS!0 G0M3S",multiple,remote,0 -35285,platforms/php/webapps/35285.txt,"WordPress Feature Slideshow Plugin 1.0.6 - 'src' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 -35286,platforms/php/webapps/35286.txt,"WordPress BezahlCode Generator Plugin 1.0 - 'gen_name' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35287,platforms/php/webapps/35287.txt,"Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 -35274,platforms/php/webapps/35274.txt,"PHPFox - Stored XSS",2014-11-17,spyk2r,php,webapps,80 +35285,platforms/php/webapps/35285.txt,"WordPress Feature Slideshow Plugin 1.0.6 - 'src' Parameter Cross-site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35286,platforms/php/webapps/35286.txt,"WordPress BezahlCode Generator Plugin 1.0 - 'gen_name' Parameter Cross-site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35287,platforms/php/webapps/35287.txt,"Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35274,platforms/php/webapps/35274.txt,"PHPFox - Persistent Cross-site Scripting",2014-11-17,spyk2r,php,webapps,80 35275,platforms/xml/webapps/35275.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (2)",2014-11-17,"BGA Security",xml,webapps,80 35276,platforms/hardware/webapps/35276.txt,"ZTE ZXHN H108L - Authentication Bypass (2)",2014-11-17,"Project Zero Labs",hardware,webapps,80 35277,platforms/php/webapps/35277.txt,"WebsiteBaker 2.8.3 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80 @@ -31790,47 +31790,47 @@ id,file,description,date,author,platform,type,port 35279,platforms/osx/dos/35279.html,"Safari 8.0 / OS X 10.10 - Crash PoC",2014-11-17,w3bd3vil,osx,dos,0 35280,platforms/windows/remote/35280.txt,".NET Remoting Services - Remote Command Execution",2014-11-17,"James Forshaw",windows,remote,0 35294,platforms/php/webapps/35294.txt,"Joomla! 'com_clan_members' Component - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0 -35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser - RCE",2014-11-18,Metasploit,android,remote,0 +35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser - Remote Code Execution",2014-11-18,Metasploit,android,remote,0 35283,platforms/php/remote/35283.rb,"MantisBT XmlImportExport Plugin - PHP Code Injection",2014-11-18,Metasploit,php,remote,80 -35300,platforms/php/webapps/35300.txt,"WordPress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 -35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - CSRF Add Admin Exploit",2014-11-19,LiquidWorm,php,webapps,80 +35300,platforms/php/webapps/35300.txt,"WordPress TagNinja Plugin 1.0 - 'id' Parameter Cross-site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 +35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - CSRF (Add Admin) Exploit",2014-11-19,LiquidWorm,php,webapps,80 35302,platforms/linux/dos/35302.c,"MINIX 3.3.0 - Remote TCP/IP Stack DoS",2014-11-19,nitr0us,linux,dos,31337 35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 - Path Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 35304,platforms/multiple/dos/35304.txt,"Oracle Java - Floating-Point Value Denial of Service",2011-02-01,"Konstantin Preisser",multiple,dos,0 35305,platforms/php/webapps/35305.txt,"ACollab - 't' Parameter SQL Injection",2011-02-01,"AutoSec Tools",php,webapps,0 -35306,platforms/php/webapps/35306.txt,"TCExam 11.1.16 - 'user_password' Parameter Cross-Site Scripting",2011-02-02,"AutoSec Tools",php,webapps,0 +35306,platforms/php/webapps/35306.txt,"TCExam 11.1.16 - 'user_password' Parameter Cross-site Scripting",2011-02-02,"AutoSec Tools",php,webapps,0 35307,platforms/php/webapps/35307.py,"All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection",2011-01-31,"AutoSec Tools",php,webapps,0 35308,platforms/windows/remote/35308.html,"Microsoft Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)",2014-11-20,"GradiusX & b33f",windows,remote,0 35309,platforms/php/webapps/35309.txt,"Betsy 4.0 - 'page' Parameter Local File Inclusion",2011-02-02,MizoZ,php,webapps,0 -35310,platforms/asp/webapps/35310.txt,"Web Wiz Forums 9.5 - Multiple SQL Injection",2011-03-23,eXeSoul,asp,webapps,0 +35310,platforms/asp/webapps/35310.txt,"Web Wiz Forums 9.5 - Multiple SQL Injections",2011-03-23,eXeSoul,asp,webapps,0 35311,platforms/php/webapps/35311.txt,"Octeth Oempro 3.6.4 - SQL Injection / Information Disclosure",2011-02-03,"Ignacio Garrido",php,webapps,0 -35312,platforms/php/webapps/35312.txt,"Firebook - 'index.html' Cross-Site Scripting",2011-02-03,MustLive,php,webapps,0 -35567,platforms/php/webapps/35567.txt,"Eleanor CMS - Cross-Site Scripting / Multiple SQL Injection",2011-04-05,"High-Tech Bridge SA",php,webapps,0 +35312,platforms/php/webapps/35312.txt,"Firebook - 'index.html' Cross-site Scripting",2011-02-03,MustLive,php,webapps,0 +35567,platforms/php/webapps/35567.txt,"Eleanor CMS - Cross-site Scripting / Multiple SQL Injection",2011-04-05,"High-Tech Bridge SA",php,webapps,0 35568,platforms/php/webapps/35568.txt,"UseBB 1.0.11 - 'admin.php' Local File Inclusion",2011-04-05,"High-Tech Bridge SA",php,webapps,0 35314,platforms/linux/remote/35314.txt,"Wireshark 1.4.3 - (.pcap) Memory Corruption",2011-02-03,"Huzaifa Sidhpurwala",linux,remote,0 35315,platforms/php/webapps/35315.txt,"Escortservice 1.0 - 'custid' Parameter SQL Injection",2011-02-07,NoNameMT,php,webapps,0 35316,platforms/multiple/remote/35316.sh,"SMC Networks SMCD3G Session Management - Authentication Bypass",2011-02-04,"Zack Fasel and Matthew Jakubowski",multiple,remote,0 35317,platforms/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products - Information Disclosure Vulnerabilities",2011-02-07,Rapid7,hardware,remote,0 35318,platforms/windows/remote/35318.c,"Cain & Abel 2.7.3 - 'dagc.dll' DLL Loading Arbitrary Code Execution",2011-02-07,d3c0der,windows,remote,0 -35319,platforms/php/webapps/35319.txt,"WebAsyst Shop-Script - Cross-Site Scripting / HTML Injection",2011-02-08,"High-Tech Bridge SA",php,webapps,0 -35320,platforms/php/webapps/35320.txt,"ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 -35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - CSRF",2014-11-26,"High-Tech Bridge SA",php,webapps,80 +35319,platforms/php/webapps/35319.txt,"WebAsyst Shop-Script - Cross-site Scripting / HTML Injection",2011-02-08,"High-Tech Bridge SA",php,webapps,0 +35320,platforms/php/webapps/35320.txt,"ViArt Shop 4.0.5 - Multiple Cross-site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 +35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - Cross-site Request Forgery",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35322,platforms/windows/local/35322.txt,"Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation",2014-11-22,LiquidWorm,windows,local,0 35323,platforms/php/webapps/35323.md,"MyBB 1.8.2 - unset_globals() Function Bypass and Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 35324,platforms/php/webapps/35324.txt,"WordPress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - Win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 35380,platforms/php/remote/35380.rb,"Pandora Fms - SQLi Remote Code Execution",2014-11-26,Metasploit,php,remote,80 -35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 -35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 -35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-Site Scripting",2011-02-09,MustLive,php,webapps,0 +35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 +35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 +35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-site Scripting",2011-02-09,MustLive,php,webapps,0 35330,platforms/php/webapps/35330.txt,"ManageEngine ADSelfService Plus 4.4 - POST Request Manipulation Security Question Weakness",2011-02-10,"Core Security",php,webapps,0 35331,platforms/php/webapps/35331.txt,"ManageEngine ADSelfService Plus 4.4 - EmployeeSearch.cc Multiple Parameter XSS",2011-02-10,"Core Security",php,webapps,0 -35332,platforms/php/webapps/35332.txt,"Dolphin 7.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-10,"AutoSec Tools",php,webapps,0 +35332,platforms/php/webapps/35332.txt,"Dolphin 7.0.4 - Multiple Cross-site Scripting Vulnerabilities",2011-02-10,"AutoSec Tools",php,webapps,0 35333,platforms/php/webapps/35333.py,"webERP 4.0.1 - 'InputSerialItemsFile.php' Arbitrary File Upload",2011-02-10,"AutoSec Tools",php,webapps,0 35334,platforms/php/webapps/35334.txt,"RunCMS 2.2.2 - 'register.php' SQL Injection",2011-02-10,"High-Tech Bridge SA",php,webapps,0 35335,platforms/php/webapps/35335.html,"Drupal CAPTCHA Module - Security Bypass",2011-02-11,anonymous,php,webapps,0 -35336,platforms/php/webapps/35336.txt,"TaskFreak 0.6.4 - index.php Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 +35336,platforms/php/webapps/35336.txt,"TaskFreak 0.6.4 - 'index.php' Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 35337,platforms/php/webapps/35337.txt,"TaskFreak 0.6.4 - print_list.php Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 35338,platforms/php/webapps/35338.txt,"TaskFreak 0.6.4 - rss.php HTTP Referer Header XSS",2011-02-12,LiquidWorm,php,webapps,0 35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - DoS (Resource Consumption)",2014-11-24,CovertCodes,multiple,dos,0 @@ -31838,14 +31838,14 @@ id,file,description,date,author,platform,type,port 35341,platforms/php/webapps/35341.py,"WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload",2014-11-24,"Claudio Viviani",php,webapps,0 35342,platforms/aix/dos/35342.txt,"RobotStats 1.0 - HTML Injection",2014-11-24,"ZoRLu Bugrahan",aix,dos,0 35343,platforms/php/webapps/35343.txt,"Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection",2011-02-09,jonieske,php,webapps,0 -35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot param) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 +35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot parameter) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 35345,platforms/hardware/dos/35345.txt,"TP-Link TL-WR740N - Denial Of Service",2014-11-24,LiquidWorm,hardware,dos,0 35346,platforms/php/webapps/35346.txt,"DukaPress 2.5.2 - Path Traversal",2014-11-24,"Kacper Szurek",php,webapps,0 -35347,platforms/php/webapps/35347.txt,"Dokeos 1.8.6 2 - 'style' Parameter Cross-Site Scripting",2011-02-12,"AutoSec Tools",php,webapps,0 -35348,platforms/php/webapps/35348.txt,"MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,LiquidWorm,php,webapps,0 -35349,platforms/php/webapps/35349.txt,"Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 -35350,platforms/php/webapps/35350.txt,"Wikipad 1.6.0 - Cross-Site Scripting / HTML Injection / Information Disclosure",2011-02-15,"High-Tech Bridge SA",php,webapps,0 -35351,platforms/php/webapps/35351.txt,"Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 +35347,platforms/php/webapps/35347.txt,"Dokeos 1.8.6 2 - 'style' Parameter Cross-site Scripting",2011-02-12,"AutoSec Tools",php,webapps,0 +35348,platforms/php/webapps/35348.txt,"MG2 0.5.1 - Multiple Cross-site Scripting Vulnerabilities",2011-02-15,LiquidWorm,php,webapps,0 +35349,platforms/php/webapps/35349.txt,"Gollos 2.8 - Multiple Cross-site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 +35350,platforms/php/webapps/35350.txt,"Wikipad 1.6.0 - Cross-site Scripting / HTML Injection / Information Disclosure",2011-02-15,"High-Tech Bridge SA",php,webapps,0 +35351,platforms/php/webapps/35351.txt,"Photopad 1.2 - Multiple Cross-site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 35352,platforms/multiple/remote/35352.rb,"Ruby on Rails 3.0.5 - 'WEBrick::HTTPRequest' Module HTTP Header Injection",2011-02-16,"Jimmy Bandit",multiple,remote,0 35353,platforms/php/webapps/35353.txt,"GetSimple CMS 2.03 - 'admin/upload-ajax.php' Remote Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0 35354,platforms/php/dos/35354.txt,"PHP 5.3.5 - 'grapheme_extract()' NULL Pointer Dereference Denial Of Service",2011-02-17,"Maksymilian Arciemowicz",php,dos,0 @@ -31855,19 +31855,19 @@ id,file,description,date,author,platform,type,port 35359,platforms/multiple/dos/35359.txt,"tcpdump 4.6.2 - Geonet Decoder Denial of Service",2014-11-24,"Steffen Bauch",multiple,dos,0 35360,platforms/php/webapps/35360.txt,"WSN Guest 1.24 - 'wsnuser' Cookie Parameter SQL Injection",2011-02-18,"Aliaksandr Hartsuyeu",php,webapps,0 35361,platforms/php/webapps/35361.txt,"Escort Directory CMS - SQL Injection",2011-02-19,NoNameMT,php,webapps,0 -35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 -35363,platforms/windows/dos/35363.txt,"TRENDnet SecurView Wireless Network Camera TV-IP422WN - (UltraCamX.ocx) Stack BoF",2014-11-25,LiquidWorm,windows,dos,0 +35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion / Cross-site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 +35363,platforms/windows/dos/35363.txt,"TRENDnet SecurView Wireless Network Camera TV-IP422WN - (UltraCamX.ocx) Stack Buffer Overflow",2014-11-25,LiquidWorm,windows,dos,0 35364,platforms/multiple/remote/35364.txt,"IBM Lotus Sametime - stconf.nsf/WebMessage messageString Parameter XSS",2011-02-21,"Dave Daly",multiple,remote,0 -35365,platforms/php/webapps/35365.py,"phpMyRecipes 1.2.2 - (dosearch.php words_exact param) SQL Injection",2014-11-25,bard,php,webapps,80 +35365,platforms/php/webapps/35365.py,"phpMyRecipes 1.2.2 - (dosearch.php words_exact parameter) SQL Injection",2014-11-25,bard,php,webapps,80 35366,platforms/multiple/remote/35366.txt,"IBM Lotus Sametime - stconf.nsf XSS",2011-02-21,"Dave Daly",multiple,remote,0 -35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Stored XSS",2014-11-25,"Halil Dalabasmaz",php,webapps,80 +35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Persistent Cross-site Scripting",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel 3.14.5 (RHEL / CentOS 7) - 'libfutex' Local Root Exploit",2014-11-25,"Kaiqu Chen",linux,local,0 35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 -35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 -35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting",2011-02-22,andrew,php,webapps,0 -35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting",2011-02-22,"Aung Khant",php,webapps,0 +35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 +35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-site Scripting",2011-02-22,andrew,php,webapps,0 +35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-site Scripting",2011-02-22,"Aung Khant",php,webapps,0 35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Inclusion",2011-02-16,"AutoSec Tools",php,webapps,0 35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 @@ -31877,35 +31877,35 @@ id,file,description,date,author,platform,type,port 35384,platforms/cgi/webapps/35384.rb,"Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)",2014-11-26,"Brandon Perry",cgi,webapps,80 35385,platforms/php/webapps/35385.pl,"WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit",2014-11-26,"Simo Ben Youssef",php,webapps,80 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Local Privilege Escalation",2011-02-24,"Dominik George",linux,remote,0 -35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-Site Scripting",2011-02-25,"Aung Khant",php,webapps,0 +35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-site Scripting",2011-02-25,"Aung Khant",php,webapps,0 35395,platforms/windows/local/35395.txt,"CCH Wolters Kluwer PFX Engagement 7.1 - Local Privilege Escalation",2014-11-28,"Information Paradox",windows,local,0 35391,platforms/php/webapps/35391.txt,"glFusion 1.1.x/1.2.1 - 'users.php' SQL Injection",2011-02-25,H3X,php,webapps,0 -35392,platforms/php/webapps/35392.txt,"WordPress IGIT Posts Slider Widget Plugin 1.0 - 'src' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 -35393,platforms/php/webapps/35393.txt,"WordPress ComicPress Manager Plugin 1.4.9 - 'lang' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 -35394,platforms/php/webapps/35394.txt,"WordPress YT-Audio Plugin 1.7 - 'v' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35392,platforms/php/webapps/35392.txt,"WordPress IGIT Posts Slider Widget Plugin 1.0 - 'src' Parameter Cross-site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35393,platforms/php/webapps/35393.txt,"WordPress ComicPress Manager Plugin 1.4.9 - 'lang' Parameter Cross-site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35394,platforms/php/webapps/35394.txt,"WordPress YT-Audio Plugin 1.7 - 'v' Parameter Cross-site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 35396,platforms/php/webapps/35396.txt,"xEpan 1.0.4 - Multiple Vulnerabilities",2014-11-28,"Parikesit , Kurawa",php,webapps,0 -35397,platforms/php/webapps/35397.txt,"Drupal Cumulus Module 5.X-1.1/6.X-1.4 - 'tagcloud' Parameter Cross-Site Scripting",2011-02-23,MustLive,php,webapps,0 +35397,platforms/php/webapps/35397.txt,"Drupal Cumulus Module 5.X-1.1/6.X-1.4 - 'tagcloud' Parameter Cross-site Scripting",2011-02-23,MustLive,php,webapps,0 35398,platforms/multiple/remote/35398.pl,"KMPlayer 2.9.3.1214 - (.ksf) Remote Buffer Overflow",2011-02-28,KedAns-Dz,multiple,remote,0 35399,platforms/windows/remote/35399.pl,"DivX Player 6.x - (.dps) Remote Buffer Overflow",2011-02-28,KedAns-Dz,windows,remote,0 35400,platforms/php/webapps/35400.txt,"BackWPup Plugin 1.4 for WordPress - Multiple Information Disclosure Vulnerabilities",2011-02-28,"Danilo Massa",php,webapps,0 -35401,platforms/php/webapps/35401.txt,"SnapProof - 'retPageID' Parameter Cross-Site Scripting",2011-02-28,"difficult 511",php,webapps,0 -35402,platforms/php/webapps/35402.txt,"Forritun - Multiple SQL Injection",2011-03-02,eXeSoul,php,webapps,0 +35401,platforms/php/webapps/35401.txt,"SnapProof - 'retPageID' Parameter Cross-site Scripting",2011-02-28,"difficult 511",php,webapps,0 +35402,platforms/php/webapps/35402.txt,"Forritun - Multiple SQL Injections",2011-03-02,eXeSoul,php,webapps,0 35403,platforms/linux/dos/35403.c,"Linux Kernel 2.6.x - epoll Nested Structures Local DoS",2011-03-02,"Nelson Elhage",linux,dos,0 35404,platforms/linux/dos/35404.c,"Linux Kernel 2.6.x - fs/eventpoll.c epoll Data Structure File Descriptor Local DoS",2011-03-02,"Nelson Elhage",linux,dos,0 -35405,platforms/php/webapps/35405.txt,"VidiScript - 'vp' Parameter Cross-Site Scripting",2011-03-02,NassRawI,php,webapps,0 -35406,platforms/php/webapps/35406.txt,"Support Incident Tracker (SiT!) 3.62 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 -35407,platforms/php/webapps/35407.txt,"phpWebSite 1.7.1 - 'local' Parameter Cross-Site Scripting",2011-03-03,"AutoSec Tools",php,webapps,0 -35408,platforms/php/webapps/35408.txt,"xtcModified 1.05 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2011-03-03,"High-Tech Bridge SA",php,webapps,0 -35409,platforms/php/webapps/35409.txt,"Pragyan CMS 3.0 Beta - Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"High-Tech Bridge SA",php,webapps,0 +35405,platforms/php/webapps/35405.txt,"VidiScript - 'vp' Parameter Cross-site Scripting",2011-03-02,NassRawI,php,webapps,0 +35406,platforms/php/webapps/35406.txt,"Support Incident Tracker (SiT!) 3.62 - Multiple Cross-site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 +35407,platforms/php/webapps/35407.txt,"phpWebSite 1.7.1 - 'local' Parameter Cross-site Scripting",2011-03-03,"AutoSec Tools",php,webapps,0 +35408,platforms/php/webapps/35408.txt,"xtcModified 1.05 - Multiple HTML Injection / Cross-site Scripting Vulnerabilities",2011-03-03,"High-Tech Bridge SA",php,webapps,0 +35409,platforms/php/webapps/35409.txt,"Pragyan CMS 3.0 Beta - Multiple Cross-site Scripting Vulnerabilities",2011-03-03,"High-Tech Bridge SA",php,webapps,0 35410,platforms/windows/remote/35410.py,"InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion",2011-03-04,"AutoSec Tools",windows,remote,0 35411,platforms/asp/webapps/35411.txt,"Kodak InSite 5.5.2 - Troubleshooting/DiagnosticReport.asp HeaderWarning Parameter XSS",2011-03-07,Dionach,asp,webapps,0 35412,platforms/asp/webapps/35412.txt,"Kodak InSite 5.5.2 - Pages/login.aspx Language Parameter XSS",2011-03-07,Dionach,asp,webapps,0 35413,platforms/php/dos/35413.php,"WordPress 4.0 - Denial of Service",2014-12-01,SECURELI.com,php,dos,80 35414,platforms/php/dos/35414.txt,"WordPress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35415,platforms/php/dos/35415.txt,"Drupal < 7.34 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 -35416,platforms/php/webapps/35416.txt,"Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 +35416,platforms/php/webapps/35416.txt,"Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 35417,platforms/php/webapps/35417.php,"WS Interactive Automne 4.1 - 'admin/upload-controler.php' Remote Arbitrary File Upload",2011-03-08,"AutoSec Tools",php,webapps,0 -35418,platforms/php/webapps/35418.txt,"Inline Gallery WordPress Plugin 0.3.9 - 'do' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35418,platforms/php/webapps/35418.txt,"Inline Gallery WordPress Plugin 0.3.9 - 'do' Parameter Cross-site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 35419,platforms/hardware/webapps/35419.txt,"Prolink PRN2001 - Multiple Vulnerabilities",2014-12-02,"Herman Groeneveld",hardware,webapps,0 35420,platforms/hardware/webapps/35420.txt,"IPUX Cube Type CS303C IP Camera - (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,webapps,0 35421,platforms/hardware/webapps/35421.txt,"IPUX CL5452/CL5132 IP Camera - (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,webapps,0 @@ -31915,17 +31915,17 @@ id,file,description,date,author,platform,type,port 36125,platforms/php/webapps/36125.txt,"Piwigo 2.7.3 - SQL Injection",2015-02-19,"Sven Schleier",php,webapps,80 35427,platforms/bsd/remote/35427.py,"tnftp - clientside BSD Exploit",2014-12-02,dash,bsd,remote,0 35428,platforms/php/webapps/35428.txt,"SQL Buddy 1.3.3 - Remote Code Execution",2014-12-02,"Fady Mohammed Osman",php,webapps,0 -35429,platforms/php/webapps/35429.txt,"PhotoSmash Galleries WordPress Plugin 1.0.x - 'action' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 -35430,platforms/php/webapps/35430.txt,"1 Flash Gallery WordPress Plugin 0.2.5 - Cross-Site Scripting / SQL Injection",2011-03-08,"High-Tech Bridge SA",php,webapps,0 -35431,platforms/php/webapps/35431.txt,"RuubikCMS 1.0.3 - 'head.php' Cross-Site Scripting",2011-03-08,"Khashayar Fereidani",php,webapps,0 +35429,platforms/php/webapps/35429.txt,"PhotoSmash Galleries WordPress Plugin 1.0.x - 'action' Parameter Cross-site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35430,platforms/php/webapps/35430.txt,"1 Flash Gallery WordPress Plugin 0.2.5 - Cross-site Scripting / SQL Injection",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35431,platforms/php/webapps/35431.txt,"RuubikCMS 1.0.3 - 'head.php' Cross-site Scripting",2011-03-08,"Khashayar Fereidani",php,webapps,0 35432,platforms/linux/dos/35432.txt,"Wireshark 1.4.3 - NTLMSSP NULL Pointer Dereference Denial Of Service",2011-03-01,"Buildbot Builder",linux,dos,0 -35433,platforms/osx/remote/35433.pl,"Apple QuickTime 7.5 - (.m3u) Remote Stack Buffer Overflow",2011-03-09,KedAns-Dz,osx,remote,0 +35433,platforms/osx/remote/35433.pl,"Apple QuickTime 7.5 - '.m3u' Remote Stack Buffer Overflow",2011-03-09,KedAns-Dz,osx,remote,0 35434,platforms/windows/remote/35434.txt,"WebKit 1.2.x - Local Webpage Cross Domain Information Disclosure",2011-03-09,"Aaron Sigel",windows,remote,0 -35435,platforms/php/webapps/35435.txt,"Lazyest Gallery WordPress Plugin 1.0.26 - 'image' Parameter Cross-Site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 +35435,platforms/php/webapps/35435.txt,"Lazyest Gallery WordPress Plugin 1.0.26 - 'image' Parameter Cross-site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 35436,platforms/php/webapps/35436.txt,"Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities",2011-03-10,"John Leitch",php,webapps,0 35437,platforms/multiple/dos/35437.pl,"Air Contacts Lite - HTTP Packet Denial Of Service",2011-02-09,"Rodrigo Escobar",multiple,dos,0 -35438,platforms/cgi/webapps/35438.txt,"CosmoShop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 -35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS",2014-12-02,"Kacper Szurek",php,webapps,80 +35438,platforms/cgi/webapps/35438.txt,"CosmoShop 10.05.00 - Multiple Cross-site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 +35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - Cross-site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80 35440,platforms/osx/local/35440.rb,"Mac OS X - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 35441,platforms/multiple/remote/35441.rb,"Tincd - Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,Metasploit,multiple,remote,655 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 @@ -31947,7 +31947,7 @@ id,file,description,date,author,platform,type,port 35459,platforms/php/webapps/35459.txt,"WordPress Cart66 Lite Ecommerce 1.5.1.17 Plugin - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 35564,platforms/php/webapps/35564.txt,"DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-03,LiquidWorm,php,webapps,0 -35565,platforms/php/webapps/35565.txt,"Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection",2011-04-04,"kurdish hackers team",php,webapps,0 +35565,platforms/php/webapps/35565.txt,"Anantasoft Gazelle CMS 1.0 - Cross-site Scripting / SQL Injection",2011-04-04,"kurdish hackers team",php,webapps,0 35462,platforms/hardware/webapps/35462.txt,"Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities",2014-12-04,Crash,hardware,webapps,80 35463,platforms/cgi/webapps/35463.txt,"Advertise With Pleasure! (AWP) 6.6 - SQL Injection",2014-12-04,"Robert Cooper",cgi,webapps,80 35464,platforms/multiple/remote/35464.txt,"Trend Micro WebReputation API 10.5 - URI Security Bypass",2011-03-14,"DcLabs Security Research Group",multiple,remote,0 @@ -31955,18 +31955,18 @@ id,file,description,date,author,platform,type,port 35466,platforms/linux/remote/35466.sh,"nostromo nhttpd 1.9.3 - Directory Traversal Remote Command Execution",2011-03-05,"RedTeam Pentesting GmbH",linux,remote,0 35467,platforms/php/webapps/35467.txt,"SugarCRM 6.1.1 - Information Disclosure",2011-03-15,"RedTeam Pentesting GmbH",php,webapps,0 35468,platforms/windows/remote/35468.pl,"Monkey's Audio - (.ape) Buffer Overflow",2011-03-16,KedAns-Dz,windows,remote,0 -35469,platforms/php/webapps/35469.txt,"Wikiwig 5.01 - Cross-Site Scripting / HTML Injection",2011-03-10,"AutoSec Tools",php,webapps,0 +35469,platforms/php/webapps/35469.txt,"Wikiwig 5.01 - Cross-site Scripting / HTML Injection",2011-03-10,"AutoSec Tools",php,webapps,0 35470,platforms/php/webapps/35470.txt,"AplikaMedia CMS - 'page_info.php' SQL Injection",2011-03-16,H3X,php,webapps,0 35472,platforms/lin_x86-64/local/35472.txt,"Offset2lib - Bypassing Full ASLR On 64 bit Linux",2014-12-05,"Packet Storm",lin_x86-64,local,0 35473,platforms/php/webapps/35473.txt,"PBBoard CMS 3.0.1 - SQL Injection",2014-12-05,"Tran Dinh Tien",php,webapps,80 -35475,platforms/php/webapps/35475.txt,"WordPress Sodahead Polls Plugin 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"High-Tech Bridge SA",php,webapps,0 -35476,platforms/php/webapps/35476.txt,"WordPress Rating-Widget Plugin 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"Todor Donev",php,webapps,0 -35477,platforms/php/webapps/35477.txt,"XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-03-18,"Aung Khant",php,webapps,0 +35475,platforms/php/webapps/35475.txt,"WordPress Sodahead Polls Plugin 2.0.2 - Multiple Cross-site Scripting Vulnerabilities",2011-03-17,"High-Tech Bridge SA",php,webapps,0 +35476,platforms/php/webapps/35476.txt,"WordPress Rating-Widget Plugin 1.3.1 - Multiple Cross-site Scripting Vulnerabilities",2011-03-17,"Todor Donev",php,webapps,0 +35477,platforms/php/webapps/35477.txt,"XOOPS 2.x - Multiple Cross-site Scripting Vulnerabilities",2011-03-18,"Aung Khant",php,webapps,0 35478,platforms/linux/dos/35478.txt,"MHonArc 2.6.16 - Tag Nesting Remote Denial of Service",2010-12-21,anonymous,linux,dos,0 35479,platforms/php/webapps/35479.txt,"Web Poll Pro 1.0.3 - 'error' Parameter HTML Injection",2011-03-19,Hector.x90,php,webapps,0 -35480,platforms/php/webapps/35480.txt,"Online store php script - Multiple Cross-Site Scripting / SQL Injection",2011-03-21,"kurdish hackers team",php,webapps,0 -35481,platforms/php/webapps/35481.txt,"NewsPortal 0.37 - 'post.php' Cross-Site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 -35482,platforms/php/webapps/35482.txt,"PluggedOut Blog 1.9.9 - 'year' Parameter Cross-Site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 +35480,platforms/php/webapps/35480.txt,"Online store php script - Multiple Cross-site Scripting / SQL Injection",2011-03-21,"kurdish hackers team",php,webapps,0 +35481,platforms/php/webapps/35481.txt,"NewsPortal 0.37 - 'post.php' Cross-site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 +35482,platforms/php/webapps/35482.txt,"PluggedOut Blog 1.9.9 - 'year' Parameter Cross-site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 35483,platforms/php/dos/35483.txt,"PHP 5.3.x - 'Intl' Extension 'NumberFormatter::setSymbol()' Function Denial of Service",2011-03-10,thoger,php,dos,0 35484,platforms/php/dos/35484.php,"PHP 5.3.x - 'Zip' Extension 'stream_get_contents()' Function Denial of Service",2011-03-10,paulgao,php,dos,0 35485,platforms/php/dos/35485.php,"PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Function Denial of Service",2011-03-10,TorokAlpar,php,dos,0 @@ -31977,44 +31977,44 @@ id,file,description,date,author,platform,type,port 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection",2014-12-08,BarrabravaZ,php,webapps,0 35493,platforms/php/webapps/35493.txt,"WordPress Ajax Store Locator 1.2 Plugin - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 -35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injection",2014-12-10,Portcullis,php,webapps,80 +35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injections",2014-12-10,Portcullis,php,webapps,80 35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA WebAccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 -35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 -35497,platforms/php/webapps/35497.txt,"GrapeCity Data Dynamics Reports 1.6.2084.14 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,Dionach,php,webapps,0 -35498,platforms/php/webapps/35498.txt,"Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection",2011-03-24,"High-Tech Bridge SA",php,webapps,0 -35499,platforms/php/webapps/35499.txt,"netjukebox 4.01B/5.25 - 'skin' Parameter Cross-Site Scripting",2011-03-24,"AutoSec Tools",php,webapps,0 +35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 +35497,platforms/php/webapps/35497.txt,"GrapeCity Data Dynamics Reports 1.6.2084.14 - Multiple Cross-site Scripting Vulnerabilities",2011-03-24,Dionach,php,webapps,0 +35498,platforms/php/webapps/35498.txt,"Ripe Website Manager 1.1 - Cross-site Scripting / Multiple SQL Injection",2011-03-24,"High-Tech Bridge SA",php,webapps,0 +35499,platforms/php/webapps/35499.txt,"netjukebox 4.01B/5.25 - 'skin' Parameter Cross-site Scripting",2011-03-24,"AutoSec Tools",php,webapps,0 35500,platforms/php/webapps/35500.txt,"Family Connections 2.3.2 - 'subject' Parameter HTML Injection",2011-03-25,"Zero Science Lab",php,webapps,0 35501,platforms/multiple/remote/35501.pl,"RealPlayer 11 - (.rmp) Remote Buffer Overflow",2011-03-27,KedAns-Dz,multiple,remote,0 35502,platforms/windows/dos/35502.pl,"eXPert PDF Batch Creator 7.0.880.0 - Denial of Service",2011-03-27,KedAns-Dz,windows,dos,0 35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - (.gni) SEH Buffer Overflow",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection",2011-04-27,"Alberto Revelli",jsp,webapps,0 -35673,platforms/php/webapps/35673.txt,"WordPress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 -35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 -35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 -35676,platforms/cgi/webapps/35676.txt,"BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",cgi,webapps,0 +35673,platforms/php/webapps/35673.txt,"WordPress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 +35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 +35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 +35676,platforms/cgi/webapps/35676.txt,"BackupPC 3.x - 'index.cgi' Multiple Cross-site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",cgi,webapps,0 35505,platforms/php/webapps/35505.txt,"WordPress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 35506,platforms/php/webapps/35506.pl,"Flat Calendar 1.1 - HTML Injection Exploit",2014-12-09,"ZoRLu Bugrahan",php,webapps,0 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 -35508,platforms/php/webapps/35508.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection",2011-03-27,MustLive,php,webapps,0 +35508,platforms/php/webapps/35508.txt,"Cetera eCommerce - Multiple Cross-site Scripting / SQL Injection",2011-03-27,MustLive,php,webapps,0 35509,platforms/windows/remote/35509.pl,"FLVPlayer4Free 2.9 - (.fp4f) Remote Buffer Overflow",2011-03-27,KedAns-Dz,windows,remote,0 35510,platforms/php/webapps/35510.txt,"Humhub 0.10.0-rc.1 - SQL Injection",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 35511,platforms/php/webapps/35511.txt,"Humhub 0.10.0-rc.1 - Multiple Persistent XSS vulnerabilities",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 -35558,platforms/php/webapps/35558.txt,"PHP-Fusion - 'articles.php' Cross-Site Scripting",2011-04-02,KedAns-Dz,php,webapps,0 +35558,platforms/php/webapps/35558.txt,"PHP-Fusion - 'articles.php' Cross-site Scripting",2011-04-02,KedAns-Dz,php,webapps,0 35559,platforms/php/webapps/35559.txt,"MyBB 1.4/1.6 - Multiple Security Vulnerabilities",2011-04-04,MustLive,php,webapps,0 35513,platforms/linux/remote/35513.py,"Apache James Server 2.3.2 - Remote Command Execution",2014-12-10,"Jakub Palaczynski",linux,remote,4555 -35514,platforms/php/webapps/35514.txt,"OrangeHRM 2.6.2 - 'jobVacancy.php' Cross-Site Scripting",2011-03-27,"AutoSec Tools",php,webapps,0 -35515,platforms/php/webapps/35515.txt,"Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities",2011-03-28,antisnatchor,php,webapps,0 +35514,platforms/php/webapps/35514.txt,"OrangeHRM 2.6.2 - 'jobVacancy.php' Cross-site Scripting",2011-03-27,"AutoSec Tools",php,webapps,0 +35515,platforms/php/webapps/35515.txt,"Alkacon OpenCMS 7.5.x - Multiple Cross-site Scripting Vulnerabilities",2011-03-28,antisnatchor,php,webapps,0 35516,platforms/php/webapps/35516.txt,"webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Parameter Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 -35517,platforms/php/webapps/35517.txt,"pppBLOG 0.3 - 'search.php' Cross-Site Scripting",2011-03-28,"kurdish hackers team",php,webapps,0 +35517,platforms/php/webapps/35517.txt,"pppBLOG 0.3 - 'search.php' Cross-site Scripting",2011-03-28,"kurdish hackers team",php,webapps,0 35557,platforms/php/webapps/35557.txt,"PHP-Fusion - 'article_id' Parameter SQL Injection",2011-04-04,KedAns-Dz,php,webapps,0 35519,platforms/lin_x86/shellcode/35519.txt,"Linux/x86 - rmdir shellcode (37 bytes)",2014-12-11,kw4,lin_x86,shellcode,0 35520,platforms/php/webapps/35520.txt,"Claroline 1.10 - Multiple HTML Injection Vulnerabilities",2011-03-28,"AutoSec Tools",php,webapps,0 -35521,platforms/php/webapps/35521.txt,"osCSS 2.1 - Cross-Site Scripting / Multiple Local File Inclusion",2011-03-29,"AutoSec Tools",php,webapps,0 -35522,platforms/php/webapps/35522.txt,"Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting",2011-03-29,"High-Tech Bridge SA",php,webapps,0 -35523,platforms/php/webapps/35523.txt,"Tracks 1.7.2 - URI Cross-Site Scripting",2011-03-29,"Mesut Timur",php,webapps,0 -35524,platforms/php/webapps/35524.txt,"XOOPS - 'view_photos.php' Cross-Site Scripting",2011-03-29,KedAns-Dz,php,webapps,0 +35521,platforms/php/webapps/35521.txt,"osCSS 2.1 - Cross-site Scripting / Multiple Local File Inclusion",2011-03-29,"AutoSec Tools",php,webapps,0 +35522,platforms/php/webapps/35522.txt,"Spitfire 1.0.3x - 'cms_username' Cross-site Scripting",2011-03-29,"High-Tech Bridge SA",php,webapps,0 +35523,platforms/php/webapps/35523.txt,"Tracks 1.7.2 - URI Cross-site Scripting",2011-03-29,"Mesut Timur",php,webapps,0 +35524,platforms/php/webapps/35524.txt,"XOOPS - 'view_photos.php' Cross-site Scripting",2011-03-29,KedAns-Dz,php,webapps,0 35525,platforms/php/webapps/35525.txt,"GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injection",2011-03-30,"kurdish hackers team",php,webapps,0 -35526,platforms/php/webapps/35526.txt,"YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 +35526,platforms/php/webapps/35526.txt,"YaCOMAS 0.3.6 OpenCMS - Multiple Cross-site Scripting Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 35528,platforms/php/webapps/35528.txt,"GLPI 0.85 - Blind SQL Injection",2014-12-15,"Kacper Szurek",php,webapps,0 35529,platforms/windows/webapps/35529.txt,"Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass Exploit",2014-12-15,LiquidWorm,windows,webapps,0 35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit DoS (.m3u)",2014-12-15,s-dz,windows,dos,0 @@ -32023,10 +32023,10 @@ id,file,description,date,author,platform,type,port 35533,platforms/php/webapps/35533.py,"WordPress Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35535,platforms/php/webapps/35535.php,"PHPads 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 -35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - DoS",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 +35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - Denial of Service",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 35560,platforms/windows/remote/35560.txt,"RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities",2011-04-03,rgod,windows,remote,0 -35561,platforms/php/webapps/35561.txt,"WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-Site Scripting",2011-04-04,"John Leitch",php,webapps,0 -35562,platforms/php/webapps/35562.txt,"Placester WordPress Plugin 0.1 - 'ajax_action' Parameter Cross-Site Scripting",2011-04-03,"John Leitch",php,webapps,0 +35561,platforms/php/webapps/35561.txt,"WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-site Scripting",2011-04-04,"John Leitch",php,webapps,0 +35562,platforms/php/webapps/35562.txt,"Placester WordPress Plugin 0.1 - 'ajax_action' Parameter Cross-site Scripting",2011-04-03,"John Leitch",php,webapps,0 35563,platforms/windows/remote/35563.pl,"EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download",2011-04-03,KedAns-Dz,windows,remote,0 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution",2014-12-17,Chako,hardware,webapps,0 @@ -32035,20 +32035,20 @@ id,file,description,date,author,platform,type,port 35545,platforms/php/remote/35545.rb,"Tuleap - PHP Unserialize Code Execution",2014-12-15,Metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection",2011-03-30,RoAd_KiLlEr,php,webapps,0 35550,platforms/php/webapps/35550.txt,"Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities",2011-03-31,"High-Tech Bridge SA",php,webapps,0 -35551,platforms/php/webapps/35551.txt,"CMS Papoo 6.0.0 Rev. 4701 - Stored XSS",2014-12-16,"Steffen Rösemann",php,webapps,80 +35551,platforms/php/webapps/35551.txt,"CMS Papoo 6.0.0 Rev. 4701 - Persistent Cross-site Scripting",2014-12-16,"Steffen Rösemann",php,webapps,80 35552,platforms/windows/dos/35552.py,"MoviePlay 4.82 - (.avi) Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 35553,platforms/windows/dos/35553.pl,"Microsoft Windows Media Player 11.0.5721.5145 - (.avi) Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 35554,platforms/linux/remote/35554.txt,"Perl 5.x - 'lc()' and 'uc()' Functions TAINT Mode Protection Security Bypass Weakness",2011-03-30,mmartinec,linux,remote,0 -35555,platforms/php/webapps/35555.txt,"AWCM 2.x - 'search.php' Cross-Site Scripting",2011-04-01,"Antu Sanadi",php,webapps,0 +35555,platforms/php/webapps/35555.txt,"AWCM 2.x - 'search.php' Cross-site Scripting",2011-04-01,"Antu Sanadi",php,webapps,0 35569,platforms/php/webapps/35569.txt,"XOOPS 2.5 - 'banners.php' Multiple Local File Inclusion",2011-04-04,KedAns-Dz,php,webapps,0 -35570,platforms/multiple/remote/35570.txt,"python-feedparser 5.0 - 'feedparser/feedparser.py' Cross-Site Scripting",2011-04-05,fazalmajid,multiple,remote,0 -35571,platforms/php/webapps/35571.txt,"TextPattern 4.2 - 'index.php' Cross-Site Scripting",2011-04-06,"kurdish hackers team",php,webapps,0 -35572,platforms/php/webapps/35572.txt,"Redmine 1.0.1/1.1.1 - 'projects/hg-hellowword/news/' Cross-Site Scripting",2011-04-06,"Mesut Timur",php,webapps,0 +35570,platforms/multiple/remote/35570.txt,"python-feedparser 5.0 - 'feedparser/feedparser.py' Cross-site Scripting",2011-04-05,fazalmajid,multiple,remote,0 +35571,platforms/php/webapps/35571.txt,"TextPattern 4.2 - 'index.php' Cross-site Scripting",2011-04-06,"kurdish hackers team",php,webapps,0 +35572,platforms/php/webapps/35572.txt,"Redmine 1.0.1/1.1.1 - 'projects/hg-hellowword/news/' Cross-site Scripting",2011-04-06,"Mesut Timur",php,webapps,0 35573,platforms/windows/remote/35573.txt,"Microsoft Excel - Buffer Overflow",2011-04-12,"Rodrigo Rubira Branco",windows,remote,0 35574,platforms/php/webapps/35574.txt,"vtiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Inclusion",2011-04-08,"John Leitch",php,webapps,0 35575,platforms/php/webapps/35575.txt,"PrestaShop 1.3.6 - 'cms.php' Remote File Inclusion",2011-04-08,KedAns-Dz,php,webapps,0 -35576,platforms/asp/webapps/35576.txt,"Omer Portal 3.220060425 - 'arama_islem.asp' Cross-Site Scripting",2011-04-07,"kurdish hackers team",asp,webapps,0 -35577,platforms/php/webapps/35577.txt,"vtiger CRM 5.2.1 - 'vtigerservice.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 +35576,platforms/asp/webapps/35576.txt,"Omer Portal 3.220060425 - 'arama_islem.asp' Cross-site Scripting",2011-04-07,"kurdish hackers team",asp,webapps,0 +35577,platforms/php/webapps/35577.txt,"vtiger CRM 5.2.1 - 'vtigerservice.php' Cross-site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 35578,platforms/php/webapps/35578.sh,"Cacti Superlinks Plugin 1.4-2 - RCE (LFI) via SQL Injection",2014-12-19,Wireghoul,php,webapps,0 35579,platforms/php/webapps/35579.txt,"miniBB 3.1 - Blind SQL Injection",2014-12-19,"Kacper Szurek",php,webapps,80 35580,platforms/linux/dos/35580.rb,"Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities",2014-12-19,"Nick Sampanis",linux,dos,0 @@ -32062,12 +32062,12 @@ id,file,description,date,author,platform,type,port 35588,platforms/php/remote/35588.rb,"Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE (Metasploit)",2014-12-22,"Patrick Webster",php,remote,9000 35589,platforms/windows/dos/35589.py,"NotePad++ 6.6.9 - Buffer Overflow",2014-12-22,TaurusOmar,windows,dos,0 35590,platforms/windows/local/35590.txt,"BitRaider Streaming Client 1.3.3.4098 - Local Privilege Escalation",2014-12-23,LiquidWorm,windows,local,0 -35591,platforms/php/webapps/35591.txt,"phpMyRecipes 1.2.2 - (browse.php category param) SQL injection",2014-12-23,"Manish Tanwar",php,webapps,80 +35591,platforms/php/webapps/35591.txt,"phpMyRecipes 1.2.2 - (browse.php category parameter) SQL injection",2014-12-23,"Manish Tanwar",php,webapps,80 35593,platforms/windows/webapps/35593.txt,"SysAid Server - Arbitrary File Disclosure",2014-12-23,"Bernhard Mueller",windows,webapps,0 35594,platforms/jsp/webapps/35594.txt,"NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities",2014-12-23,"SEC Consult",jsp,webapps,8443 35595,platforms/linux/local/35595.txt,"GParted 0.14.1 - OS Command Execution",2014-12-23,"SEC Consult",linux,local,0 -35596,platforms/php/webapps/35596.txt,"eGroupware 1.8.1 - 'test.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 -35597,platforms/hardware/remote/35597.txt,"Fiberhome HG-110 - Cross-Site Scripting / Directory Traversal",2011-04-08,Zerial,hardware,remote,0 +35596,platforms/php/webapps/35596.txt,"eGroupware 1.8.1 - 'test.php' Cross-site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 +35597,platforms/hardware/remote/35597.txt,"Fiberhome HG-110 - Cross-site Scripting / Directory Traversal",2011-04-08,Zerial,hardware,remote,0 35598,platforms/php/webapps/35598.txt,"1024cms 1.1.0 beta - Multiple Input Validation Vulnerabilities",2011-04-08,"QSecure and Demetris Papapetrou",php,webapps,0 35599,platforms/asp/webapps/35599.txt,"Dimac CMS 1.3 XS - 'default.asp' SQL Injection",2011-04-11,KedAns-Dz,asp,webapps,0 35600,platforms/linux/dos/35600.c,"Linux Kernel 2.6.x - 'inotify_init1()' Double Free Local Denial of Service",2011-04-11,anonymous,linux,dos,0 @@ -32079,100 +32079,100 @@ id,file,description,date,author,platform,type,port 35606,platforms/linux/remote/35606.txt,"MIT Kerberos 5 - kadmind Change Password Feature Remote Code Execution",2011-04-11,"Felipe Ortega",linux,remote,0 35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local File Inclusion / Remote File Inclusion",2011-04-12,"Dr Trojan",php,webapps,0 35608,platforms/php/webapps/35608.txt,"WordPress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 -35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0 -35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 -35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injection",2011-04-12,"High-Tech Bridge SA",php,webapps,0 +35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-site Scripting Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0 +35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 +35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injections",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35612,platforms/windows/remote/35612.pl,"Winamp 5.6.1 - (.m3u8) Remote Buffer Overflow",2011-04-12,KedAns-Dz,windows,remote,0 35613,platforms/multiple/dos/35613.py,"TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption Denial Of Service",2011-04-13,waKKu,multiple,dos,0 35614,platforms/windows/remote/35614.c,"EC Software Help & Manual 5.5.1 Build 1296 - 'ijl15.dll' DLL Loading Arbitrary Code Execution",2011-04-14,LiquidWorm,windows,remote,0 35615,platforms/php/webapps/35615.txt,"PhpAlbum.net 0.4.1-14_fix06 - 'var3' Parameter Remote Command Execution",2011-04-14,"High-Tech Bridge SA",php,webapps,0 35616,platforms/php/webapps/35616.txt,"Agahi Advertisement CMS 4.0 - 'view_ad.php' SQL Injection",2011-04-15,"Sepehr Security Team",php,webapps,0 -35617,platforms/php/webapps/35617.txt,"Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-Site Scripting",2011-04-14,d3c0der,php,webapps,0 +35617,platforms/php/webapps/35617.txt,"Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-site Scripting",2011-04-14,d3c0der,php,webapps,0 35618,platforms/php/webapps/35618.txt,"RunCMS 'partners' Module - 'id' Parameter SQL Injection",2011-04-15,KedAns-Dz,php,webapps,0 35619,platforms/php/webapps/35619.txt,"PhoenixCMS 1.7 - Local File Inclusion / SQL Injection",2011-04-15,KedAns-Dz,php,webapps,0 -35620,platforms/hardware/remote/35620.txt,"Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-Site Scripting",2011-04-15,"Edgard Chammas",hardware,remote,0 +35620,platforms/hardware/remote/35620.txt,"Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-site Scripting",2011-04-15,"Edgard Chammas",hardware,remote,0 35621,platforms/php/webapps/35621.txt,"4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection",2011-04-16,KedAns-Dz,php,webapps,0 35622,platforms/windows/dos/35622.txt,"Wickr Desktop 2.2.1 Windows - Denial of Service",2014-12-27,Vulnerability-Lab,windows,dos,0 35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 / 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0 -35624,platforms/php/webapps/35624.txt,"PHPLIST 3.0.6 & 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 +35624,platforms/php/webapps/35624.txt,"PHPLIST 3.0.6 / 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Post-Auth SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 35626,platforms/php/webapps/35626.txt,"Easy File Sharing Webserver 6.8 - Persistent XSS",2014-12-27,"Sick Psycko",php,webapps,0 35629,platforms/php/webapps/35629.txt,"chillyCMS 1.2.1 - Multiple Remote File Inclusion",2011-04-16,KedAns-Dz,php,webapps,0 35630,platforms/php/webapps/35630.txt,"Joomla Component - 'com_phocadownload' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 35631,platforms/php/webapps/35631.txt,"CRESUS - 'recette_detail.php' SQL Injection",2011-04-19,"GrayHatz Security Group",php,webapps,0 35632,platforms/php/webapps/35632.txt,"XOOPS 2.5 - 'imagemanager.php' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 -35633,platforms/php/webapps/35633.txt,"Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injection",2011-04-19,eXeSoul,php,webapps,0 +35633,platforms/php/webapps/35633.txt,"Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injections",2011-04-19,eXeSoul,php,webapps,0 35634,platforms/php/webapps/35634.txt,"WordPress WP-StarsRateBox Plugin 1.1 - 'j' Parameter SQL Injection",2011-04-19,"High-Tech Bridge SA",php,webapps,0 -35635,platforms/php/webapps/35635.txt,"Dalbum 1.43 - 'editini.php' Cross-Site Scripting",2011-04-19,"High-Tech Bridge SA",php,webapps,0 -35636,platforms/php/webapps/35636.txt,"ChatLakTurk php Botlu Video - 'ara.php' Cross-Site Scripting",2011-04-19,"kurdish hackers team",php,webapps,0 +35635,platforms/php/webapps/35635.txt,"Dalbum 1.43 - 'editini.php' Cross-site Scripting",2011-04-19,"High-Tech Bridge SA",php,webapps,0 +35636,platforms/php/webapps/35636.txt,"ChatLakTurk php Botlu Video - 'ara.php' Cross-site Scripting",2011-04-19,"kurdish hackers team",php,webapps,0 35637,platforms/android/remote/35637.py,"WhatsApp 2.11.476 - Remote Reboot/Crash App Android",2014-12-28,"Daniel Godoy",android,remote,0 35638,platforms/multiple/remote/35638.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu.maf jdeowpBackButtonProtect Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35639,platforms/multiple/remote/35639.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_Menu.mafService e1.namespace Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35640,platforms/multiple/remote/35640.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_OCL.mafService e1.namespace Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35641,platforms/multiple/remote/35641.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/MafletClose.mafService RENDER_MAFLET Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35642,platforms/multiple/remote/35642.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 -35643,platforms/php/webapps/35643.txt,"webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities",2011-04-19,"High-Tech Bridge SA",php,webapps,0 -35659,platforms/php/webapps/35659.txt,"Social Microblogging PRO 1.5 - Stored XSS",2014-12-31,"Halil Dalabasmaz",php,webapps,80 +35643,platforms/php/webapps/35643.txt,"webSPELL 4.2.2a - Multiple Cross-site Scripting Vulnerabilities",2011-04-19,"High-Tech Bridge SA",php,webapps,0 +35659,platforms/php/webapps/35659.txt,"Social Microblogging PRO 1.5 - Persistent Cross-site Scripting",2014-12-31,"Halil Dalabasmaz",php,webapps,80 35644,platforms/linux/remote/35644.txt,"Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities",2011-04-19,QSecure,linux,remote,0 -35645,platforms/php/webapps/35645.txt,"Automagick Tube Script 1.4.4 - 'module' Parameter Cross-Site Scripting",2011-04-20,Kurd-Team,php,webapps,0 +35645,platforms/php/webapps/35645.txt,"Automagick Tube Script 1.4.4 - 'module' Parameter Cross-site Scripting",2011-04-20,Kurd-Team,php,webapps,0 35647,platforms/php/webapps/35647.txt,"SyCtel Design - 'menu' Parameter Multiple Local File Inclusion",2011-04-21,"Ashiyane Digital Security Team",php,webapps,0 -35648,platforms/php/webapps/35648.txt,"Zenphoto 1.4.0.3 - '_zp_themeroot' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-04-21,"High-Tech Bridge SA",php,webapps,0 -35649,platforms/php/webapps/35649.txt,"todoyu 2.0.8 - 'lang' Parameter Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 +35648,platforms/php/webapps/35648.txt,"Zenphoto 1.4.0.3 - '_zp_themeroot' Parameter Multiple Cross-site Scripting Vulnerabilities",2011-04-21,"High-Tech Bridge SA",php,webapps,0 +35649,platforms/php/webapps/35649.txt,"todoyu 2.0.8 - 'lang' Parameter Cross-site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 35650,platforms/php/webapps/35650.py,"LightNEasy 3.2.3 - 'userhandle' Cookie Parameter SQL Injection",2011-04-21,"AutoSec Tools",php,webapps,0 -35651,platforms/php/webapps/35651.txt,"Dolibarr 3.0 - Local File Inclusion / Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 +35651,platforms/php/webapps/35651.txt,"Dolibarr 3.0 - Local File Inclusion / Cross-site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Auth RCE",2014-12-30,drone,windows,remote,0 -35657,platforms/php/webapps/35657.php,"Sermon Browser WordPress Plugin 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 -35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Parameter Cross-Site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0 +35657,platforms/php/webapps/35657.php,"Sermon Browser WordPress Plugin 0.43 - Cross-site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 +35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Parameter Cross-site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0 35656,platforms/windows/dos/35656.pl,"eXPert PDF 7.0.880.0 - (.pj) Heab-based Buffer Overflow",2011-04-25,KedAns-Dz,windows,dos,0 35662,platforms/php/webapps/35662.txt,"Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 -35664,platforms/php/webapps/35664.txt,"PHPList 2.10.x - 'email' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 -35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x - 'html_output' Parameter Cross-Site Scripting",2011-04-26,KedAns-Dz,php,webapps,0 +35664,platforms/php/webapps/35664.txt,"PHPList 2.10.x - 'email' Parameter Cross-site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x - 'html_output' Parameter Cross-site Scripting",2011-04-26,KedAns-Dz,php,webapps,0 35660,platforms/php/remote/35660.rb,"ProjectSend - Arbitrary File Upload",2014-12-31,Metasploit,php,remote,80 35661,platforms/windows/local/35661.txt,"Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl)",2015-01-01,"Google Security Research",windows,local,0 35654,platforms/windows/dos/35654.py,"AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service",2011-04-25,"Antu Sanadi",windows,dos,0 -35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 - 'do' Parameter Cross-site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35653,platforms/php/webapps/35653.txt,"Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection",2011-04-22,KedAns-Dz,php,webapps,0 -35665,platforms/php/webapps/35665.txt,"PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35665,platforms/php/webapps/35665.txt,"PHP F1 Max's Photo Album - 'showimage.php' Cross-site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35666,platforms/php/webapps/35666.txt,"Football Website Manager 1.1 - SQL Injection / Multiple HTML Injection Vulnerabilities",2011-04-26,RoAd_KiLlEr,php,webapps,0 35667,platforms/php/webapps/35667.txt,"Joostina - Multiple Components SQL Injection",2011-04-27,KedAns-Dz,php,webapps,0 35668,platforms/php/webapps/35668.txt,"up.time Software 5 - Administration Interface Remote Authentication Bypass",2011-04-27,"James Burton",php,webapps,0 35670,platforms/php/webapps/35670.txt,"Absolut Engine 1.73 - Multiple Vulnerabilities",2015-01-01,"Steffen Rösemann",php,webapps,80 35671,platforms/windows/local/35671.rb,"i-FTP Schedule - Buffer Overflow",2015-01-01,Metasploit,windows,local,0 35677,platforms/php/webapps/35677.txt,"eyeOS 1.9.0.2 - Image File Handling HTML Injection",2011-04-25,"Alberto Ortega",php,webapps,0 -35678,platforms/php/webapps/35678.txt,"phpGraphy 0.9.13 b - 'theme_dir' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 -35679,platforms/php/webapps/35679.txt,"e107 2 Bootstrap CMS - XSS",2015-01-03,"Ahmet Agar / 0x97",php,webapps,0 +35678,platforms/php/webapps/35678.txt,"phpGraphy 0.9.13 b - 'theme_dir' Parameter Cross-site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 +35679,platforms/php/webapps/35679.txt,"e107 2 Bootstrap CMS - Cross-site Scripting",2015-01-03,"Ahmet Agar / 0x97",php,webapps,0 35680,platforms/php/webapps/35680.txt,"ClanSphere 2011.0 - Local File Inclusion / Arbitrary File Upload",2011-04-28,KedAns-Dz,php,webapps,0 35681,platforms/linux/local/35681.txt,"OProfile 0.9.6 - 'opcontrol' Utility 'set_event()' Local Privilege Escalation",2011-04-29,"Stephane Chauveau",linux,local,0 -35682,platforms/php/webapps/35682.txt,"Tine 2.0 - 'vbook.php' Cross-Site Scripting",2011-04-30,"AutoSec Tools",php,webapps,0 -35683,platforms/java/webapps/35683.txt,"LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-Site Scripting",2011-05-02,"Patrick Webster",java,webapps,0 -35684,platforms/php/webapps/35684.txt,"LDAP Account Manager 3.4.0 - selfserviceSaveOk Parameter Cross-Site Scripting",2011-05-02,"AutoSec Tools",php,webapps,0 +35682,platforms/php/webapps/35682.txt,"Tine 2.0 - 'vbook.php' Cross-site Scripting",2011-04-30,"AutoSec Tools",php,webapps,0 +35683,platforms/java/webapps/35683.txt,"LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-site Scripting",2011-05-02,"Patrick Webster",java,webapps,0 +35684,platforms/php/webapps/35684.txt,"LDAP Account Manager 3.4.0 - selfserviceSaveOk Parameter Cross-site Scripting",2011-05-02,"AutoSec Tools",php,webapps,0 35685,platforms/multiple/remote/35685.txt,"Asterisk 1.8.x - SIP INVITE Request User Enumeration Weakness",2011-05-02,"Francesco Tornieri",multiple,remote,0 -35686,platforms/windows/remote/35686.pl,"OpenMyZip 0.1 - (.zip) Buffer Overflow",2011-05-02,"C4SS!0 G0M3S",windows,remote,0 +35686,platforms/windows/remote/35686.pl,"OpenMyZip 0.1 - '.zip' Buffer Overflow",2011-05-02,"C4SS!0 G0M3S",windows,remote,0 35688,platforms/hardware/remote/35688.py,"ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution",2015-01-04,"Friedrich Postelstorfer",hardware,remote,0 -35699,platforms/php/webapps/35699.txt,"E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 -35700,platforms/php/webapps/35700.txt,"YaPIG 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-03,"High-Tech Bridge SA",php,webapps,0 -35697,platforms/php/webapps/35697.txt,"Web Auction 0.3.6 - 'lang' Parameter Cross-Site Scripting",2011-05-03,"AutoSec Tools",php,webapps,0 -35698,platforms/cgi/webapps/35698.txt,"Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-Site Scripting",2011-05-03,"Karan Khosla",cgi,webapps,0 +35699,platforms/php/webapps/35699.txt,"E2 Photo Gallery 0.9 - 'index.php' Cross-site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 +35700,platforms/php/webapps/35700.txt,"YaPIG 0.95 - Multiple Cross-site Scripting Vulnerabilities",2011-05-03,"High-Tech Bridge SA",php,webapps,0 +35697,platforms/php/webapps/35697.txt,"Web Auction 0.3.6 - 'lang' Parameter Cross-site Scripting",2011-05-03,"AutoSec Tools",php,webapps,0 +35698,platforms/cgi/webapps/35698.txt,"Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-site Scripting",2011-05-03,"Karan Khosla",cgi,webapps,0 35694,platforms/windows/remote/35694.txt,"SkinCrafter3 vs2005 3.8.1.0 - Multiple ActiveX Buffer Overflows",2015-01-05,metacom,windows,remote,0 35691,platforms/php/webapps/35691.txt,"Crea8Social 2.0 - XSS Change Interface",2015-01-04,"Yudhistira B W",php,webapps,0 35713,platforms/php/webapps/35713.txt,"FestOS 2.3c - 'upload.php' Arbitrary File Upload",2011-05-08,KedAns-Dz,php,webapps,0 35714,platforms/windows/remote/35714.pl,"BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow",2011-05-09,KedAns-Dz,windows,remote,0 35712,platforms/windows/local/35712.rb,"BulletProof FTP Client - BPS Buffer Overflow",2015-01-06,Metasploit,windows,local,0 -35701,platforms/php/webapps/35701.txt,"SelectaPix 1.4.1 - 'uploadername' Parameter Cross-Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 -35702,platforms/php/webapps/35702.txt,"Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting",2011-05-03,Hector.x90,php,webapps,0 +35701,platforms/php/webapps/35701.txt,"SelectaPix 1.4.1 - 'uploadername' Parameter Cross-site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 +35702,platforms/php/webapps/35702.txt,"Multiple GoT.MY Products - 'theme_dir' Parameter Cross-site Scripting",2011-05-03,Hector.x90,php,webapps,0 35703,platforms/multiple/remote/35703.py,"sipdroid 2.2 - SIP INVITE Response User Enumeration Weakness",2011-05-04,"Anibal Vaz Marques",multiple,remote,0 -35704,platforms/php/webapps/35704.txt,"WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 -35705,platforms/php/webapps/35705.txt,"PHP Directory Listing Script 3.1 - 'index.php' Cross-Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 -35706,platforms/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0 -35707,platforms/jsp/webapps/35707.txt,"BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure",2011-05-05,"Richard Brain",jsp,webapps,0 -35708,platforms/php/webapps/35708.txt,"PHPDug 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-05,"High-Tech Bridge SA",php,webapps,0 +35704,platforms/php/webapps/35704.txt,"WP Ajax Calendar 1.0 - 'example.php' Cross-site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 +35705,platforms/php/webapps/35705.txt,"PHP Directory Listing Script 3.1 - 'index.php' Cross-site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 +35706,platforms/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-site Scripting Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0 +35707,platforms/jsp/webapps/35707.txt,"BMC Dashboards 7.6.01 - Cross-site Scripting / Information Disclosure",2011-05-05,"Richard Brain",jsp,webapps,0 +35708,platforms/php/webapps/35708.txt,"PHPDug 2.0 - Multiple Cross-site Scripting Vulnerabilities",2011-05-05,"High-Tech Bridge SA",php,webapps,0 35709,platforms/php/webapps/35709.txt,"e107 0.7.25 - 'news.php' SQL Injection",2011-05-07,KedAns-Dz,php,webapps,0 35710,platforms/php/webapps/35710.py,"AdaptCMS 3.0.3 - Multiple Vulnerabilities",2015-01-06,LiquidWorm,php,webapps,80 35711,platforms/android/local/35711.c,"Nexus 5 Android 5.0 - Local Root Exploit",2015-01-06,retme,android,local,0 -35715,platforms/php/webapps/35715.txt,"encoder 0.4.10 - 'edit.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 -35716,platforms/php/webapps/35716.html,"Ampache 3.5.4 - 'login.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 +35715,platforms/php/webapps/35715.txt,"encoder 0.4.10 - 'edit.php' Cross-site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 +35716,platforms/php/webapps/35716.html,"Ampache 3.5.4 - 'login.php' Cross-site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35717,platforms/php/webapps/35717.txt,"Exponent CMS 2.0.0 beta 1.1 - Local File Inclusion / Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 -35718,platforms/php/webapps/35718.txt,"Gelsheet 1.02 - 'index.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 +35718,platforms/php/webapps/35718.txt,"Gelsheet 1.02 - 'index.php' Cross-site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35719,platforms/php/webapps/35719.py,"phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 35720,platforms/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",php,webapps,80 35721,platforms/hardware/webapps/35721.txt,"Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure",2015-01-07,"Eduardo Novella",hardware,webapps,80 @@ -32182,40 +32182,40 @@ id,file,description,date,author,platform,type,port 35725,platforms/multiple/dos/35725.pl,"Perl 5.10 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-05-03,"Jonathan Brossard",multiple,dos,0 35726,platforms/php/webapps/35726.py,"GetSimple 3.0 - 'set' Parameter Local File Inclusion",2011-05-07,"AutoSec Tools",php,webapps,0 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design - 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 -35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 +35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere - SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0 35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 Plugin - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 35731,platforms/php/remote/35731.rb,"Pandora 3.1 - Auth Bypass / Arbitrary File Upload",2015-01-08,Metasploit,php,remote,80 35732,platforms/multiple/local/35732.py,"Ntpdc 4.2.6p3 - Local Buffer Overflow",2015-01-08,drone,multiple,local,0 35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS",2015-01-09,Technidev,php,webapps,80 35734,platforms/php/webapps/35734.txt,"ZAPms 1.22 - 'nick' Parameter SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 -35735,platforms/multiple/remote/35735.txt,"Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross-Site Scripting",2011-05-10,"Dr. Marian Ventuneac",multiple,remote,0 -35736,platforms/php/webapps/35736.txt,"poMMo Aardvark PR16.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-10,"High-Tech Bridge SA",php,webapps,0 -35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 - Multiple Cross-Site Scripting and SQL Injection",2011-05-10,"High-Tech Bridge SA",php,webapps,0 +35735,platforms/multiple/remote/35735.txt,"Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross-site Scripting",2011-05-10,"Dr. Marian Ventuneac",multiple,remote,0 +35736,platforms/php/webapps/35736.txt,"poMMo Aardvark PR16.1 - Multiple Cross-site Scripting Vulnerabilities",2011-05-10,"High-Tech Bridge SA",php,webapps,0 +35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 - Multiple Cross-site Scripting and SQL Injection",2011-05-10,"High-Tech Bridge SA",php,webapps,0 35738,platforms/linux/dos/35738.php,"Apache 1.4/2.2.x - APR 'apr_fnmatch()' Denial of Service",2011-05-12,"Maksymilian Arciemowicz",linux,dos,0 -35739,platforms/php/webapps/35739.txt,"Argyle Social - Multiple Cross-Site Scripting Vulnerabilities",2011-05-12,"High-Tech Bridge SA",php,webapps,0 +35739,platforms/php/webapps/35739.txt,"Argyle Social - Multiple Cross-site Scripting Vulnerabilities",2011-05-12,"High-Tech Bridge SA",php,webapps,0 35740,platforms/windows/remote/35740.txt,"Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution",2011-03-04,"Brian Mancini",windows,remote,0 35741,platforms/windows/local/35741.pl,"Palringo 2.8.1 - Stack Buffer Overflow (PoC)",2015-01-10,Mr.ALmfL9,windows,local,0 35742,platforms/osx/local/35742.c,"OS X 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 -35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0 +35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-site Scripting",2011-05-13,MustLive,multiple,webapps,0 35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 - '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0 35745,platforms/php/webapps/35745.txt,"Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0 35746,platforms/linux/local/35746.sh,"RedStar 3.0 Desktop - Privilege Escalation (Enable sudo)",2015-01-11,"prdelka & ‏sfan55",linux,local,0 35747,platforms/hardware/webapps/35747.pl,"D-Link DSL-2730B Modem - XSS Injection Stored Exploit Wlsecrefresh.wl & Wlsecurity.wl",2015-01-11,"XLabs Security",hardware,webapps,0 35748,platforms/linux/local/35748.txt,"RedStar 2.0 Desktop - Privilege Escalation (World-writeable rc.sysinit)",2015-01-11,prdelka,linux,local,0 35749,platforms/linux/local/35749.txt,"RedStar 3.0 Desktop - (Software Manager swmng.app) Privilege Escalation",2015-01-11,RichardG,linux,local,0 -35758,platforms/asp/webapps/35758.txt,"Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-16,"Richard Brain",asp,webapps,0 +35758,platforms/asp/webapps/35758.txt,"Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-site Scripting Vulnerabilities",2011-05-16,"Richard Brain",asp,webapps,0 35750,platforms/hardware/webapps/35750.pl,"D-Link DSL-2730B Modem - XSS Injection Stored Exploit DnsProxy.cmd",2015-01-11,"XLabs Security",hardware,webapps,0 35751,platforms/hardware/webapps/35751.pl,"D-Link DSL-2730B Modem - XSS Injection Stored Exploit Lancfg2get.cgi",2015-01-11,"XLabs Security",hardware,webapps,0 35752,platforms/php/webapps/35752.txt,"Mambo - 'com_docman' 1.3.0 Component Multiple SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0 35753,platforms/multiple/dos/35753.pl,"Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial Of Service",2011-05-16,Knud,multiple,dos,0 -35754,platforms/php/webapps/35754.txt,"allocPSA 1.7.4 - 'login/login.php' Cross-Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 -35755,platforms/php/webapps/35755.txt,"DocMGR 1.1.2 - 'history.php' Cross-Site Scripting",2011-05-12,"AutoSec Tools",php,webapps,0 -35756,platforms/php/webapps/35756.txt,"openQRM 4.8 - 'source_tab' Parameter Cross-Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 +35754,platforms/php/webapps/35754.txt,"allocPSA 1.7.4 - 'login/login.php' Cross-site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 +35755,platforms/php/webapps/35755.txt,"DocMGR 1.1.2 - 'history.php' Cross-site Scripting",2011-05-12,"AutoSec Tools",php,webapps,0 +35756,platforms/php/webapps/35756.txt,"openQRM 4.8 - 'source_tab' Parameter Cross-site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 35757,platforms/php/webapps/35757.txt,"eFront 3.6.9 - 'scripts.php' Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0 -35759,platforms/php/webapps/35759.txt,"eFront 3.6.9 - 'submitScore.php' Cross-Site Scripting",2011-05-16,"John Leitch",php,webapps,0 -35760,platforms/php/webapps/35760.txt,"PHP Calendar Basic 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-17,"High-Tech Bridge SA",php,webapps,0 -35761,platforms/php/webapps/35761.txt,"TWiki 5.0.1 - 'origurl' Parameter Cross-Site Scripting",2011-05-18,"Mesut Timur",php,webapps,0 +35759,platforms/php/webapps/35759.txt,"eFront 3.6.9 - 'submitScore.php' Cross-site Scripting",2011-05-16,"John Leitch",php,webapps,0 +35760,platforms/php/webapps/35760.txt,"PHP Calendar Basic 2.3 - Multiple Cross-site Scripting Vulnerabilities",2011-05-17,"High-Tech Bridge SA",php,webapps,0 +35761,platforms/php/webapps/35761.txt,"TWiki 5.0.1 - 'origurl' Parameter Cross-site Scripting",2011-05-18,"Mesut Timur",php,webapps,0 35762,platforms/hardware/remote/35762.txt,"Cisco Unified Operations Manager 8.5 - iptm/advancedfind.do extn Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 35763,platforms/hardware/remote/35763.txt,"Cisco Unified Operations Manager 8.5 - iptm/ddv.do deviceInstanceName Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 35764,platforms/hardware/remote/35764.txt,"Cisco Unified Operations Manager 8.5 - iptm/eventmon Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 @@ -32233,65 +32233,65 @@ id,file,description,date,author,platform,type,port 35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise - Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 Plugin - Shell Upload",2015-01-13,Metasploit,php,remote,80 -35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework 3.1.1 Help Servlet - Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 -35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager 8.5 - Common Services Device Center Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 +35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework 3.1.1 Help Servlet - Cross-site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 +35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager 8.5 - Common Services Device Center Cross-site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35781,platforms/java/webapps/35781.txt,"CiscoWorks Common Services 3.1.1 - Auditing Directory Traversal",2011-05-18,"Sense of Security",java,webapps,0 -35782,platforms/php/webapps/35782.txt,"Room Juice 0.3.3 - 'display.php' Cross-Site Scripting",2011-05-19,"AutoSec Tools",php,webapps,0 +35782,platforms/php/webapps/35782.txt,"Room Juice 0.3.3 - 'display.php' Cross-site Scripting",2011-05-19,"AutoSec Tools",php,webapps,0 35783,platforms/php/webapps/35783.html,"Andy's PHP Knowledgebase 0.95.4 - 'step5.php' Remote PHP Code Execution",2011-05-19,"AutoSec Tools",php,webapps,0 35784,platforms/linux/remote/35784.php,"Zend Framework 1.11.4 - 'PDO_MySql' Security Bypass",2011-05-19,"Anthony Ferrara",linux,remote,0 35785,platforms/linux/remote/35785.txt,"klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution",2011-05-18,"maximilian attems",linux,remote,0 -35787,platforms/php/webapps/35787.txt,"LimeSurvey 1.85+ - 'admin.php' Cross-Site Scripting",2011-05-19,"Juan Manuel Garcia",php,webapps,0 +35787,platforms/php/webapps/35787.txt,"LimeSurvey 1.85+ - 'admin.php' Cross-site Scripting",2011-05-19,"Juan Manuel Garcia",php,webapps,0 35788,platforms/php/webapps/35788.txt,"Joomla! 'com_maplocator' Component - 'cid' Parameter SQL Injection",2011-05-23,FL0RiX,php,webapps,0 -35789,platforms/php/webapps/35789.txt,"phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-24,"High-Tech Bridge SA",php,webapps,0 +35789,platforms/php/webapps/35789.txt,"phpScheduleIt 1.2.12 - Multiple Cross-site Scripting Vulnerabilities",2011-05-24,"High-Tech Bridge SA",php,webapps,0 35790,platforms/multiple/remote/35790.py,"Lumension Security Lumension Device Control 4.x - Memory Corruption",2011-05-24,"Andy Davis",multiple,remote,0 -35791,platforms/php/webapps/35791.txt,"Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting",2011-05-24,"High-Tech Bridge SA",php,webapps,0 -35792,platforms/multiple/remote/35792.txt,"Gadu-Gadu Instant Messenger 6.0 - File Transfer Cross-Site Scripting",2011-05-24,"Kacper Szczesniak",multiple,remote,0 +35791,platforms/php/webapps/35791.txt,"Ajax Chat 1.0 - 'ajax-chat.php' Cross-site Scripting",2011-05-24,"High-Tech Bridge SA",php,webapps,0 +35792,platforms/multiple/remote/35792.txt,"Gadu-Gadu Instant Messenger 6.0 - File Transfer Cross-site Scripting",2011-05-24,"Kacper Szczesniak",multiple,remote,0 35793,platforms/win_x86/shellcode/35793.txt,"Windows x86 - Obfuscated Shellcode Add Administrator _ALI_ & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)",2015-01-13,"Ali Razmjoo",win_x86,shellcode,0 35794,platforms/win_x86-64/shellcode/35794.txt,"Windows x64 - Obfuscated Shellcode Add Administrator _ALI_ & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)",2015-01-13,"Ali Razmjoo",win_x86-64,shellcode,0 -35803,platforms/php/webapps/35803.txt,"Cotonti 0.9.2 - Multiple SQL Injection",2011-05-30,KedAns-Dz,php,webapps,0 +35803,platforms/php/webapps/35803.txt,"Cotonti 0.9.2 - Multiple SQL Injections",2011-05-30,KedAns-Dz,php,webapps,0 35804,platforms/windows/dos/35804.txt,"NetVault: SmartDisk 1.2 - 'libnvbasics.dll' Remote Denial of Service",2011-05-28,"Luigi Auriemma",windows,dos,0 35796,platforms/php/webapps/35796.txt,"MidiCMS Website Builder - Local File Inclusion / Arbitrary File Upload",2011-05-25,KedAns-Dz,php,webapps,0 35797,platforms/php/webapps/35797.txt,"Joomla! 'com_shop' Component - SQL Injection",2011-05-25,"ThunDEr HeaD",php,webapps,0 -35798,platforms/php/webapps/35798.txt,"Kryn.cms 0.9 - '_kurl' Parameter Cross-Site Scripting",2011-05-25,"AutoSec Tools",php,webapps,0 +35798,platforms/php/webapps/35798.txt,"Kryn.cms 0.9 - '_kurl' Parameter Cross-site Scripting",2011-05-25,"AutoSec Tools",php,webapps,0 35799,platforms/linux/remote/35799.txt,"Vordel Gateway 6.0.3 - Directory Traversal",2011-05-25,"Brian W. Gary",linux,remote,0 35800,platforms/hardware/remote/35800.txt,"RXS-3211 IP Camera - UDP Packet Password Information Disclosure",2011-05-25,"Spare Clock Cycles",hardware,remote,0 35801,platforms/linux/remote/35801.txt,"Asterisk 1.8.4.1 - SIP 'REGISTER' Request User Enumeration Weakness",2011-05-26,"Francesco Tornieri",linux,remote,0 -35802,platforms/cgi/webapps/35802.txt,"Blackboard Learn 8.0 - 'keywordraw' Parameter Cross-Site Scripting",2011-05-25,"Matt Jezorek",cgi,webapps,0 +35802,platforms/cgi/webapps/35802.txt,"Blackboard Learn 8.0 - 'keywordraw' Parameter Cross-site Scripting",2011-05-25,"Matt Jezorek",cgi,webapps,0 35805,platforms/multiple/remote/35805.txt,"Gadu-Gadu 10.5 - Remote Code Execution",2011-05-28,"Kacper Szczesniak",multiple,remote,0 35806,platforms/windows/remote/35806.c,"Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow",2011-05-27,"Kevin R.V",windows,remote,0 -35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 - 'userContextMenu_parameter' Parameter Cross-Site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 -35808,platforms/php/webapps/35808.txt,"Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting",2011-05-31,"Stefan Schurtz",php,webapps,0 +35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 - 'userContextMenu_parameter' Parameter Cross-site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 +35808,platforms/php/webapps/35808.txt,"Serendipity Freetag-plugin 3.21 - 'index.php' Cross-site Scripting",2011-05-31,"Stefan Schurtz",php,webapps,0 35809,platforms/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,windows,remote,0 35810,platforms/linux/remote/35810.txt,"libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities",2011-05-31,"Chris Evans",linux,remote,0 35811,platforms/windows/local/35811.txt,"Windows < 8.1 (32/64 bit) - Privilege Escalation (User Profile Service) (MS15-003)",2015-01-18,"Google Security Research",windows,local,0 35812,platforms/windows/local/35812.py,"T-Mobile Internet Manager - SEH Buffer Overflow",2015-01-18,metacom,windows,local,0 35813,platforms/windows/local/35813.py,"Congstar Internet Manager - SEH Buffer Overflow",2015-01-18,metacom,windows,local,0 -35814,platforms/php/webapps/35814.txt,"TEDE Simplificado 1.01/S2.04 - Multiple SQL Injection",2011-06-01,KnocKout,php,webapps,0 +35814,platforms/php/webapps/35814.txt,"TEDE Simplificado 1.01/S2.04 - Multiple SQL Injections",2011-06-01,KnocKout,php,webapps,0 35815,platforms/php/webapps/35815.pl,"PikaCMS - Multiple Local File Disclosure Vulnerabilities",2011-06-01,KnocKout,php,webapps,0 -35816,platforms/php/webapps/35816.txt,"ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injection",2011-06-01,"High-Tech Bridge SA",php,webapps,0 +35816,platforms/php/webapps/35816.txt,"ARSC Really Simple Chat 3.3-rc2 - Cross-site Scripting / Multiple SQL Injection",2011-06-01,"High-Tech Bridge SA",php,webapps,0 35817,platforms/hardware/remote/35817.txt,"NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities",2011-06-01,"Juerd Waalboer",hardware,remote,0 -35818,platforms/multiple/remote/35818.txt,"Nagios 3.2.3 - 'expand' Parameter Cross-Site Scripting",2011-06-01,"Stefan Schurtz",multiple,remote,0 +35818,platforms/multiple/remote/35818.txt,"Nagios 3.2.3 - 'expand' Parameter Cross-site Scripting",2011-06-01,"Stefan Schurtz",multiple,remote,0 35819,platforms/php/webapps/35819.txt,"Ushahidi 2.0.1 - 'range' Parameter SQL Injection",2011-06-02,"Gjoko Krstic",php,webapps,0 35820,platforms/linux/dos/35820.c,"Linux Kernel 2.6.x - KSM Local Denial of Service",2011-06-02,"Andrea Righi",linux,dos,0 35821,platforms/windows/local/35821.txt,"Sim Editor 6.6 - Stack Based Buffer Overflow",2015-01-16,"Osanda Malith",windows,local,0 35822,platforms/windows/remote/35822.html,"Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution",2015-01-19,"Praveen Darshanam",windows,remote,0 35823,platforms/php/webapps/35823.txt,"WordPress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 -35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross-Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 +35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross-site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35984,platforms/php/webapps/35984.txt,"Joomla! Virtual Money 1.5 - 'com_virtualmoney' Component SQL Injection",2011-07-25,FL0RiX,php,webapps,0 35826,platforms/php/webapps/35826.txt,"Joomla CCBoard - SQL Injection / Arbitrary File Upload",2011-06-06,KedAns-Dz,php,webapps,0 35827,platforms/windows/dos/35827.py,"JetAudio 8.1.3 - (Corrupted mp4) Crash POC",2014-12-12,"Drozdova Liudmila",windows,dos,0 35828,platforms/windows/dos/35828.py,"Winamp 5.666 build 3516 - (Corrupted flv) Crash POC",2014-12-12,"Drozdova Liudmila",windows,dos,0 -35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 -35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0 +35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 +35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes - 'test.php' Cross-site Scripting",2011-06-06,MustLive,php,webapps,0 35831,platforms/php/webapps/35831.txt,"PopScript - 'index.php' Multiple Input Validation Vulnerabilities",2011-06-06,NassRawI,php,webapps,0 -35832,platforms/php/webapps/35832.txt,"Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting",2011-06-06,"Patrick Webster",php,webapps,0 +35832,platforms/php/webapps/35832.txt,"Squiz Matrix 4 - 'colour_picker.php' Cross-site Scripting",2011-06-06,"Patrick Webster",php,webapps,0 35833,platforms/php/webapps/35833.txt,"Xataface 1.x - 'action' Parameter Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 -35834,platforms/php/webapps/35834.txt,"BLOG:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-07,"Stefan Schurtz",php,webapps,0 +35834,platforms/php/webapps/35834.txt,"BLOG:CMS 4.2 - Multiple Cross-site Scripting Vulnerabilities",2011-06-07,"Stefan Schurtz",php,webapps,0 35835,platforms/php/webapps/35835.txt,"WordPress GD Star Rating Plugin 'votes' Parameter - SQL Injection",2011-06-08,anonymous,php,webapps,0 35836,platforms/linux/remote/35836.pl,"Perl Data::FormValidator 4.66 Module - 'results()' Security Bypass",2011-06-08,dst,linux,remote,0 -35837,platforms/php/webapps/35837.html,"The Pacer Edition CMS 2.1 - 'email' Parameter Cross-Site Scripting",2011-06-07,LiquidWorm,php,webapps,0 +35837,platforms/php/webapps/35837.html,"The Pacer Edition CMS 2.1 - 'email' Parameter Cross-site Scripting",2011-06-07,LiquidWorm,php,webapps,0 35838,platforms/php/webapps/35838.txt,"Tolinet Agencia - 'id' Parameter SQL Injection",2011-06-10,"Andrea Bocchetti",php,webapps,0 35839,platforms/php/webapps/35839.txt,"Joomla Minitek FAQ Book 1.3 - 'id' Parameter SQL Injection",2011-06-13,kaMtiEz,php,webapps,0 35840,platforms/php/webapps/35840.txt,"RedaxScript 2.1.0 - Privilege Escalation",2015-01-20,"shyamkumar somana",php,webapps,80 @@ -32317,21 +32317,21 @@ id,file,description,date,author,platform,type,port 35858,platforms/php/webapps/35858.txt,"ArticleFR CMS 3.0.5 - Arbitrary File Upload",2015-01-21,TranDinhTien,php,webapps,0 35859,platforms/hardware/dos/35859.py,"Zhone GPON 2520 R4.0.2.566b - Crash PoC",2015-01-21,"Kaczinski Ramirez",hardware,dos,0 35860,platforms/php/webapps/35860.txt,"vBulletin vBSSO Single Sign-On 1.4.14 - SQL Injection",2015-01-20,Technidev,php,webapps,80 -35861,platforms/php/webapps/35861.txt,"vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities",2011-06-14,Mr.ThieF,php,webapps,0 -35862,platforms/php/webapps/35862.txt,"miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 +35861,platforms/php/webapps/35861.txt,"vBTube 1.2.9 - 'vBTube.php' Multiple Cross-site Scripting Vulnerabilities",2011-06-14,Mr.ThieF,php,webapps,0 +35862,platforms/php/webapps/35862.txt,"miniblog 1.0 - Multiple Cross-site Scripting Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 35863,platforms/php/webapps/35863.php,"myBloggie 2.1.6 - HTML-injection and SQL Injection",2011-06-15,"Robin Verton",php,webapps,0 35864,platforms/windows/remote/35864.txt,"Sunway ForceControl 6.1 - Multiple Heap Based Buffer Overflow Vulnerabilities",2011-06-17,"Dillon Beresford",windows,remote,0 -35865,platforms/php/webapps/35865.txt,"Nibbleblog - Multiple SQL Injection",2011-06-19,KedAns-Dz,php,webapps,0 -35866,platforms/php/webapps/35866.txt,"Immophp 1.1.1 - Cross-Site Scripting / SQL Injection",2011-06-18,KedAns-Dz,php,webapps,0 -35867,platforms/php/webapps/35867.txt,"Taha Portal 3.2 - 'sitemap.php' Cross-Site Scripting",2011-06-18,Bl4ck.Viper,php,webapps,0 +35865,platforms/php/webapps/35865.txt,"Nibbleblog - Multiple SQL Injections",2011-06-19,KedAns-Dz,php,webapps,0 +35866,platforms/php/webapps/35866.txt,"Immophp 1.1.1 - Cross-site Scripting / SQL Injection",2011-06-18,KedAns-Dz,php,webapps,0 +35867,platforms/php/webapps/35867.txt,"Taha Portal 3.2 - 'sitemap.php' Cross-site Scripting",2011-06-18,Bl4ck.Viper,php,webapps,0 35868,platforms/linux_mips/shellcode/35868.c,"Linux/MIPS - execve /bin/sh shellcode (36 bytes)",2015-01-22,Sanguine,linux_mips,shellcode,0 35869,platforms/windows/dos/35869.txt,"Crystal Player 1.99 - Memory Corruption",2015-01-21,"Kapil Soni",windows,dos,0 35870,platforms/windows/dos/35870.rb,"Exif Pilot 4.7.2 - SEH Based Buffer Overflow",2015-01-22,"Osanda Malith",windows,dos,0 -35871,platforms/php/webapps/35871.txt,"Sitemagic CMS 2010.04.17 - 'SMExt' Parameter Cross-Site Scripting",2011-06-21,"Gjoko Krstic",php,webapps,0 +35871,platforms/php/webapps/35871.txt,"Sitemagic CMS 2010.04.17 - 'SMExt' Parameter Cross-site Scripting",2011-06-21,"Gjoko Krstic",php,webapps,0 35872,platforms/asp/webapps/35872.txt,"H3C ER5100 - Authentication Bypass",2011-06-22,128bit,asp,webapps,0 35873,platforms/windows/dos/35873.txt,"Wireshark 1.4.5 - 'bytes_repr_len()' NULL Pointer Dereference Denial Of Service",2011-06-17,rouli,windows,dos,0 -35874,platforms/php/webapps/35874.txt,"Eshop Manager - Multiple SQL Injection",2011-06-22,"Number 7",php,webapps,0 -35875,platforms/php/webapps/35875.txt,"FanUpdate 3.0 - 'pageTitle' Parameter Cross-Site Scripting",2011-06-22,"High-Tech Bridge SA",php,webapps,0 +35874,platforms/php/webapps/35874.txt,"Eshop Manager - Multiple SQL Injections",2011-06-22,"Number 7",php,webapps,0 +35875,platforms/php/webapps/35875.txt,"FanUpdate 3.0 - 'pageTitle' Parameter Cross-site Scripting",2011-06-22,"High-Tech Bridge SA",php,webapps,0 35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 - 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 35877,platforms/php/webapps/35877.txt,"Sitemagic CMS - 'SMTpl' Parameter Directory Traversal",2011-06-23,"Andrea Bocchetti",php,webapps,0 35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection / Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 @@ -32340,7 +32340,7 @@ id,file,description,date,author,platform,type,port 35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution",2011-06-24,"Zer0 Thunder",windows,remote,0 35882,platforms/php/webapps/35882.txt,"Nodesforum - '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0 35883,platforms/php/webapps/35883.txt,"Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0 -35884,platforms/php/webapps/35884.txt,"Mambo CMS 4.6.x - Multiple Cross-Site Scripting Vulnerabilities",2011-06-27,"Aung Khant",php,webapps,0 +35884,platforms/php/webapps/35884.txt,"Mambo CMS 4.6.x - Multiple Cross-site Scripting Vulnerabilities",2011-06-27,"Aung Khant",php,webapps,0 35885,platforms/windows/remote/35885.txt,"Ubisoft CoGSManager ActiveX Control 1.0.0.23 - 'Initialize()' Method Stack Buffer Overflow",2011-06-27,"Luigi Auriemma",windows,remote,0 35886,platforms/windows/remote/35886.txt,"Sybase Advantage Server 10.0.0.3 - 'ADS' Process Off By One Buffer Overflow",2011-06-27,"Luigi Auriemma",windows,remote,0 35887,platforms/hardware/remote/35887.txt,"Cisco Ironport Appliances - Privilege Escalation",2015-01-22,"Glafkos Charalambous ",hardware,remote,0 @@ -32349,17 +32349,17 @@ id,file,description,date,author,platform,type,port 35890,platforms/jsp/webapps/35890.txt,"ManageEngine ServiceDesk Plus 9.0 - SQL Injection",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,0 35891,platforms/jsp/webapps/35891.txt,"ManageEngine ServiceDesk Plus 9.0 - User Enumeration",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,8080 35892,platforms/multiple/remote/35892.txt,"MySQLDriverCS 4.0.1 - SQL Injection",2011-06-27,"Qihan Luo",multiple,remote,0 -35893,platforms/php/webapps/35893.txt,"WordPress Pretty Link Lite Plugin 1.4.56 - Multiple SQL Injection",2011-06-27,MaKyOtOx,php,webapps,0 -35894,platforms/php/webapps/35894.txt,"Joomla! CMS 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"Aung Khant",php,webapps,0 +35893,platforms/php/webapps/35893.txt,"WordPress Pretty Link Lite Plugin 1.4.56 - Multiple SQL Injections",2011-06-27,MaKyOtOx,php,webapps,0 +35894,platforms/php/webapps/35894.txt,"Joomla! CMS 1.6.3 - Multiple Cross-site Scripting Vulnerabilities",2011-06-28,"Aung Khant",php,webapps,0 35895,platforms/windows/dos/35895.txt,"RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - NULL Pointer Dereference Denial Of Service",2011-06-28,"Luigi Auriemma",windows,dos,0 -35896,platforms/php/webapps/35896.txt,"FlatPress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 +35896,platforms/php/webapps/35896.txt,"FlatPress 0.1010.1 - Multiple Cross-site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 35897,platforms/windows/remote/35897.html,"CygniCon CyViewer - ActiveX Control 'SaveData()' Insecure Method",2011-06-28,"High-Tech Bridge SA",windows,remote,0 35898,platforms/multiple/remote/35898.php,"Atlassian JIRA 3.13.5 - File Download Security Bypass",2011-06-28,"Ignacio Garrido",multiple,remote,0 35899,platforms/php/webapps/35899.txt,"Mangallam CMS - SQL Injection Web",2015-01-26,Vulnerability-Lab,php,webapps,0 35900,platforms/cgi/webapps/35900.txt,"Barracuda Networks Cloud Series - Filter Bypass",2015-01-26,Vulnerability-Lab,cgi,webapps,0 35901,platforms/windows/local/35901.txt,"VLC Player 2.1.5 - DEP Access Violation",2015-01-26,"Veysel HATAS",windows,local,0 35902,platforms/windows/local/35902.txt,"VLC Player 2.1.5 - Write Access Violation",2015-01-26,"Veysel HATAS",windows,local,0 -35980,platforms/multiple/webapps/35980.html,"ManageEngine Desktop Central 9 Build 90087 - CSRF",2015-02-03,"Mohamed Idris",multiple,webapps,8020 +35980,platforms/multiple/webapps/35980.html,"ManageEngine Desktop Central 9 Build 90087 - Cross-site Request Forgery",2015-02-03,"Mohamed Idris",multiple,webapps,8020 35904,platforms/jsp/webapps/35904.txt,"ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management",2015-01-26,"Rewterz - Research Group",jsp,webapps,0 35905,platforms/windows/local/35905.c,"Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP",2015-01-26,"Parvez Anwar",windows,local,0 35906,platforms/php/webapps/35906.txt,"PHP Webquest 2.6 - SQL Injection",2015-01-26,"jordan root",php,webapps,0 @@ -32372,7 +32372,7 @@ id,file,description,date,author,platform,type,port 35983,platforms/windows/local/35983.rb,"Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004)",2015-02-03,Metasploit,windows,local,0 35988,platforms/php/webapps/35988.txt,"Support Incident Tracker (SiT!) 3.63 p1 - tasks.php selected[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35989,platforms/php/webapps/35989.txt,"MBoard 1.3 - 'url' Parameter URI Redirection",2011-07-27,"High-Tech Bridge SA",php,webapps,0 -35990,platforms/php/webapps/35990.txt,"PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-27,"High-Tech Bridge SA",php,webapps,0 +35990,platforms/php/webapps/35990.txt,"PHPJunkYard GBook 1.6/1.7 - Multiple Cross-site Scripting Vulnerabilities",2011-07-27,"High-Tech Bridge SA",php,webapps,0 35991,platforms/php/webapps/35991.txt,"Pragyan CMS 3.0 - SQL Injection",2015-02-04,"Steffen Rösemann",php,webapps,80 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 @@ -32380,17 +32380,17 @@ id,file,description,date,author,platform,type,port 35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit",2015-01-27,"Todor Donev",hardware,remote,0 35918,platforms/multiple/remote/35918.c,"IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution",2011-06-30,"Tim Brown",multiple,remote,0 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 - Multiple 'libc/net' Functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 -35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-04,"Stefan Schurtz",php,webapps,0 +35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 - Multiple Cross-site Scripting Vulnerabilities",2011-07-04,"Stefan Schurtz",php,webapps,0 35921,platforms/windows/remote/35921.html,"iMesh 10.0 - 'IMWebControl.dll' ActiveX Control Buffer Overflow",2011-07-04,KedAns-Dz,windows,remote,0 35922,platforms/php/webapps/35922.txt,"Joomla! 'com_jr_tfb' Component - 'controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0 -35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0 +35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0 35924,platforms/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass Exploit",2015-01-28,"Jeremy Brown",windows,remote,0 35925,platforms/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway - Multiple Security Vulnerabilities",2011-07-05,"Zsolt Imre",hardware,remote,0 35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0 -35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0 +35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0 35928,platforms/windows/remote/35928.html,"Pro Softnet IDrive Online Backup 3.4.0 - ActiveX SaveToFile() Arbitrary File Overwrite",2011-07-06,"High-Tech Bridge SA",windows,remote,0 35929,platforms/php/webapps/35929.txt,"Joomla! 'com_voj' Component - SQL Injection",2011-07-08,CoBRa_21,php,webapps,0 -35930,platforms/php/webapps/35930.txt,"Prontus CMS - 'page' Parameter Cross-Site Scripting",2011-07-11,Zerial,php,webapps,0 +35930,platforms/php/webapps/35930.txt,"Prontus CMS - 'page' Parameter Cross-site Scripting",2011-07-11,Zerial,php,webapps,0 35931,platforms/php/webapps/35931.txt,"ICMusic 1.2 - 'music_id' Parameter SQL Injection",2011-07-11,kaMtiEz,php,webapps,0 35932,platforms/hardware/remote/35932.c,"VSAT Sailor 900 - Remote Exploit",2015-01-29,"Nicholas Lemonias",hardware,remote,0 35933,platforms/hardware/webapps/35933.txt,"ManageEngine Firewall Analyzer 8.0 - Directory Traversal / XSS",2015-01-29,"Sepahan TelCom IT Group",hardware,webapps,0 @@ -32398,10 +32398,10 @@ id,file,description,date,author,platform,type,port 35935,platforms/windows/local/35935.py,"UniPDF 1.1 - Crash PoC (SEH overwritten)",2015-01-29,bonze,windows,local,0 35936,platforms/windows/local/35936.py,"Microsoft Windows Server 2003 SP2 - Privilege Escalation",2015-01-29,KoreLogic,windows,local,0 35938,platforms/freebsd/dos/35938.txt,"FreeBSD Kernel - Multiple Vulnerabilities",2015-01-29,"Core Security",freebsd,dos,0 -35939,platforms/hardware/dos/35939.txt,"Alice Modem 1111 - 'rulename' Parameter Cross-Site Scripting / Denial of Service",2011-07-12,"Moritz Naumann",hardware,dos,0 +35939,platforms/hardware/dos/35939.txt,"Alice Modem 1111 - 'rulename' Parameter Cross-site Scripting / Denial of Service",2011-07-12,"Moritz Naumann",hardware,dos,0 35940,platforms/php/webapps/35940.txt,"Sphider 1.3.x - Admin Panel Multiple SQL Injection",2011-07-12,"Karthik R",php,webapps,0 -35941,platforms/multiple/webapps/35941.txt,"Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting",2011-07-12,"Szymon Gruszecki",multiple,webapps,0 -35942,platforms/php/webapps/35942.txt,"TCExam 11.2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-07-13,"Gjoko Krstic",php,webapps,0 +35941,platforms/multiple/webapps/35941.txt,"Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-site Scripting",2011-07-12,"Szymon Gruszecki",multiple,webapps,0 +35942,platforms/php/webapps/35942.txt,"TCExam 11.2.x - Multiple Cross-site Scripting Vulnerabilities",2011-07-13,"Gjoko Krstic",php,webapps,0 35943,platforms/php/webapps/35943.txt,"Chyrp 2.x - admin/help.php Multiple Parameter XSS",2011-07-13,Wireghoul,php,webapps,0 35944,platforms/php/webapps/35944.txt,"Chyrp 2.x - includes/javascript.php action Parameter XSS",2011-07-13,Wireghoul,php,webapps,0 35945,platforms/php/webapps/35945.txt,"Chyrp 2.x - URI action Parameter Traversal Local File Inclusion",2011-07-29,Wireghoul,php,webapps,0 @@ -32423,78 +32423,78 @@ id,file,description,date,author,platform,type,port 35962,platforms/windows/local/35962.c,"Trend Micro Multiple Products 8.0.1133 - Privilege Escalation",2015-01-31,"Parvez Anwar",windows,local,0 35987,platforms/php/webapps/35987.txt,"Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35964,platforms/windows/local/35964.c,"Symantec Altiris Agent 6.9 (Build 648) - Privilege Escalation",2015-02-01,"Parvez Anwar",windows,local,0 -35965,platforms/php/webapps/35965.txt,"Joomla! 'com_resman' Component - Cross-Site Scripting",2011-07-15,SOLVER,php,webapps,0 +35965,platforms/php/webapps/35965.txt,"Joomla! 'com_resman' Component - Cross-site Scripting",2011-07-15,SOLVER,php,webapps,0 35966,platforms/php/webapps/35966.txt,"Joomla! 'com_newssearch' Component - SQL Injection",2011-07-15,"Robert Cooper",php,webapps,0 35967,platforms/php/webapps/35967.txt,"AJ Classifieds 'listingid' Parameter - SQL Injection",2011-07-15,Lazmania61,php,webapps,0 -35968,platforms/php/webapps/35968.txt,"BlueSoft Multiple Products - Multiple SQL Injection",2011-07-18,Lazmania61,php,webapps,0 +35968,platforms/php/webapps/35968.txt,"BlueSoft Multiple Products - Multiple SQL Injections",2011-07-18,Lazmania61,php,webapps,0 35969,platforms/php/webapps/35969.txt,"BlueSoft Social Networking CMS - SQL Injection",2011-07-17,Lazmania61,php,webapps,0 -35970,platforms/hardware/remote/35970.txt,"Iskratel SI2000 Callisto 821+ - Cross-Site Request Forgery / HTML Injection",2011-07-18,MustLive,hardware,remote,0 +35970,platforms/hardware/remote/35970.txt,"Iskratel SI2000 Callisto 821+ - Cross-site Request Forgery / HTML Injection",2011-07-18,MustLive,hardware,remote,0 35971,platforms/php/webapps/35971.txt,"WordPress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 -35972,platforms/php/webapps/35972.txt,"Sefrengo CMS 1.6.1 - Multiple SQL Injection",2015-02-02,"ITAS Team",php,webapps,0 -35973,platforms/php/webapps/35973.txt,"Joomla! 1.6.5 and Prior - Multiple Cross-Site Scripting Vulnerabilities",2011-07-20,"YGN Ethical Hacker Group",php,webapps,0 -35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross-Site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 -35975,platforms/php/webapps/35975.txt,"Cyberoam UTM - Multiple Cross-Site Scripting Vulnerabilities",2011-07-20,"Patrick Webster",php,webapps,0 +35972,platforms/php/webapps/35972.txt,"Sefrengo CMS 1.6.1 - Multiple SQL Injections",2015-02-02,"ITAS Team",php,webapps,0 +35973,platforms/php/webapps/35973.txt,"Joomla! 1.6.5 and Prior - Multiple Cross-site Scripting Vulnerabilities",2011-07-20,"YGN Ethical Hacker Group",php,webapps,0 +35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross-site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 +35975,platforms/php/webapps/35975.txt,"Cyberoam UTM - Multiple Cross-site Scripting Vulnerabilities",2011-07-20,"Patrick Webster",php,webapps,0 35976,platforms/php/webapps/35976.txt,"Synergy Software - 'id' Parameter SQL Injection",2011-07-21,Ehsan_Hp200,php,webapps,0 35977,platforms/php/webapps/35977.txt,"Godly Forums - 'id' Parameter SQL Injection",2011-07-25,3spi0n,php,webapps,0 -35978,platforms/php/webapps/35978.txt,"Online Grades 3.2.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-25,"Gjoko Krstic",php,webapps,0 +35978,platforms/php/webapps/35978.txt,"Online Grades 3.2.5 - Multiple Cross-site Scripting Vulnerabilities",2011-07-25,"Gjoko Krstic",php,webapps,0 35979,platforms/php/webapps/35979.txt,"Willscript Recipes Website Script Silver Edition - 'viewRecipe.php' SQL Injection",2011-07-25,Lazmania61,php,webapps,0 36040,platforms/php/webapps/36040.txt,"Chamilo LMS 1.9.8 - Blind SQL Injection",2015-02-09,"Kacper Szurek",php,webapps,80 36000,platforms/php/webapps/36000.txt,"HP Network Automation 9.10 - SQL Injection",2011-07-28,anonymous,php,webapps,0 36001,platforms/asp/webapps/36001.txt,"Sitecore CMS 6.4.1 - 'url' Parameter URI Redirection",2011-07-28,"Tom Neaves",asp,webapps,0 36002,platforms/jsp/webapps/36002.txt,"IBM Tivoli Service Automation Manager 7.2.4 - Remote Code Execution",2014-12-12,"Jakub Palaczynski",jsp,webapps,0 -36003,platforms/php/webapps/36003.txt,"Curverider Elgg 1.7.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-01,"Aung Khant",php,webapps,0 +36003,platforms/php/webapps/36003.txt,"Curverider Elgg 1.7.9 - Multiple Cross-site Scripting Vulnerabilities",2011-08-01,"Aung Khant",php,webapps,0 36004,platforms/multiple/remote/36004.txt,"Skype 5.3 - 'Mobile Phone' Field HTML Injection",2011-08-01,noptrix,multiple,remote,0 36005,platforms/php/webapps/36005.txt,"MyBB MyTabs Plugin - 'tab' Parameter SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 36006,platforms/multiple/remote/36006.java,"Open Handset Alliance Android 2.3.4/3.1 - Browser Sandbox Security Bypass",2011-08-02,"Roee Hay",multiple,remote,0 36007,platforms/multiple/dos/36007.txt,"AzeoTech DAQFactory - Denial of Service",2011-06-24,"Knud Erik Hojgaard",multiple,dos,0 36008,platforms/php/webapps/36008.txt,"Gilnet News - 'read_more.php' SQL Injection",2011-07-11,Err0R,php,webapps,0 -36009,platforms/php/webapps/36009.txt,"mt LinkDatenbank - 'b' Parameter Cross-Site Scripting",2011-08-03,Err0R,php,webapps,0 -36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL - 'sayfa.asp' Cross-Site Scripting",2011-08-03,Err0R,asp,webapps,0 +36009,platforms/php/webapps/36009.txt,"mt LinkDatenbank - 'b' Parameter Cross-site Scripting",2011-08-03,Err0R,php,webapps,0 +36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL - 'sayfa.asp' Cross-site Scripting",2011-08-03,Err0R,asp,webapps,0 36011,platforms/asp/webapps/36011.txt,"Ataccan E-ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 36012,platforms/php/webapps/36012.txt,"Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36013,platforms/multiple/remote/36013.txt,"foomatic-gui python-foomatic 0.7.9.4 - 'pysmb.py' Remote Arbitrary Shell Command Execution",2011-08-03,daveb,multiple,remote,0 36014,platforms/hardware/remote/36014.pl,"LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure exploit",2015-02-07,"Todor Donev",hardware,remote,0 36015,platforms/php/webapps/36015.txt,"Joomla! 'com_community' Component - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36016,platforms/multiple/remote/36016.txt,"Xpdf 3.02-13 - 'zxpdf' Security Bypass",2011-08-04,"Chung-chieh Shan",multiple,remote,0 -36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0 -36018,platforms/php/webapps/36018.txt,"WordPress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 -36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting",2011-08-04,PontoSec,asp,webapps,0 -36020,platforms/windows/remote/36020.txt,"Microsoft Visual Studio Report Viewer 2005 Control - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Adam Bixby",windows,remote,0 +36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0 +36018,platforms/php/webapps/36018.txt,"WordPress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross-site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 +36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 - 'TagSelector.aspx' Cross-site Scripting",2011-08-04,PontoSec,asp,webapps,0 +36020,platforms/windows/remote/36020.txt,"Microsoft Visual Studio Report Viewer 2005 Control - Multiple Cross-site Scripting Vulnerabilities",2011-08-09,"Adam Bixby",windows,remote,0 36041,platforms/php/webapps/36041.txt,"Fork CMS 3.8.5 - SQL Injection",2015-02-09,"Sven Schleier",php,webapps,80 36022,platforms/windows/dos/36022.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow PoC (1)",2015-02-09,"Samandeep Singh",windows,dos,0 36023,platforms/php/webapps/36023.txt,"Redaxscript CMS 2.2.0 - SQL Injection",2015-02-09,"ITAS Team",php,webapps,0 36024,platforms/linux/dos/36024.txt,"Chemtool 1.6.14 - Memory Corruption",2015-02-08,"Pablo González",linux,dos,0 36059,platforms/php/webapps/36059.txt,"Exponent CMS 2.3.1 - Multiple XSS Vulnerabilities",2015-02-12,"Mayuresh Dani",php,webapps,80 36026,platforms/php/webapps/36026.txt,"u5CMS 3.9.3 - (deletefile.php) Arbitrary File Deletion",2015-02-09,LiquidWorm,php,webapps,0 -36027,platforms/php/webapps/36027.txt,"u5CMS 3.9.3 - Multiple SQL Injection",2015-02-09,LiquidWorm,php,webapps,0 +36027,platforms/php/webapps/36027.txt,"u5CMS 3.9.3 - Multiple SQL Injections",2015-02-09,LiquidWorm,php,webapps,0 36028,platforms/php/webapps/36028.txt,"u5CMS 3.9.3 - (thumb.php) Local File Inclusion",2015-02-09,LiquidWorm,php,webapps,0 -36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Stored XSS / Reflected XSS Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 +36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Persistent Cross-site Scripting / Reflected XSS Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 36031,platforms/php/webapps/36031.txt,"StaMPi - Local File Inclusion",2015-02-09,"e . V . E . L",php,webapps,0 36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 Plugin - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 -36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 -36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross-Site Scripting",2011-08-08,darkTR,php,webapps,0 -36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 +36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script - Multiple Cross-site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 +36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross-site Scripting",2011-08-08,darkTR,php,webapps,0 +36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange - 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site - 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 - NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 -36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 +36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross-site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart Plugin - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 -36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 -36046,platforms/php/webapps/36046.txt,"phpWebSite - 'page_id' Parameter Cross-Site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 +36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 - Multiple Cross-site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 +36046,platforms/php/webapps/36046.txt,"phpWebSite - 'page_id' Parameter Cross-site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 36047,platforms/php/webapps/36047.txt,"awiki 20100125 - Multiple Local File Inclusion",2011-08-15,muuratsalo,php,webapps,0 36048,platforms/php/webapps/36048.txt,"PHPList 2.10.x - Security Bypass / Information Disclosure",2011-08-15,"Davide Canali",php,webapps,0 36049,platforms/windows/remote/36049.html,"StudioLine Photo Basic 3.70.34.0 - 'NMSDVDXU.dll' ActiveX Control Arbitrary File Overwrite",2011-08-17,"High-Tech Bridge SA",windows,remote,0 -36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 -36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 +36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 +36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36052,platforms/windows/local/36052.c,"SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation",2015-02-11,"Parvez Anwar",windows,local,0 36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow (2)",2015-02-11,"dogo h@ck",windows,local,0 36054,platforms/php/webapps/36054.txt,"WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection",2015-02-11,Vulnerability-Lab,php,webapps,8080 36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow (Metasploit)",2015-02-11,Metasploit,windows,remote,9256 -36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Stored XSS",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 +36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Persistent Cross-site Scripting",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 36070,platforms/php/dos/36070.txt,"PHP Prior to 5.3.7 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-08-19,"Maksymilian Arciemowicz",php,dos,0 36061,platforms/php/webapps/36061.php,"WordPress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 36062,platforms/windows/local/36062.txt,"Realtek 11n Wireless LAN utility - Privilege Escalation",2015-02-13,"Humberto Cabrera",windows,local,0 @@ -32502,34 +32502,34 @@ id,file,description,date,author,platform,type,port 36064,platforms/asp/webapps/36064.txt,"Code Widgets DataBound Index Style Menu - 'category.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 36065,platforms/asp/webapps/36065.txt,"Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 36066,platforms/asp/webapps/36066.txt,"Code Widgets Multiple Question - Multiple Choice Online Questionaire SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 -36067,platforms/cfm/webapps/36067.txt,"Adobe ColdFusion - 'probe.cfm' Cross-Site Scripting",2011-08-18,G.R0b1n,cfm,webapps,0 -36068,platforms/php/webapps/36068.txt,"MantisBT 1.1.8 - Cross-Site Scripting and SQL Injection",2011-08-18,Net.Edit0r,php,webapps,0 +36067,platforms/cfm/webapps/36067.txt,"Adobe ColdFusion - 'probe.cfm' Cross-site Scripting",2011-08-18,G.R0b1n,cfm,webapps,0 +36068,platforms/php/webapps/36068.txt,"MantisBT 1.1.8 - Cross-site Scripting and SQL Injection",2011-08-18,Net.Edit0r,php,webapps,0 36071,platforms/windows/dos/36071.py,"Xlight FTP Server 3.7 - Remote Buffer Overflow",2011-08-19,KedAns-Dz,windows,dos,0 -36072,platforms/php/webapps/36072.txt,"OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting",2011-08-21,mr.pr0n,php,webapps,0 -36073,platforms/php/webapps/36073.txt,"Pandora FMS 3.x - 'index.php' Cross-Site Scripting",2011-08-22,"mehdi boukazoula",php,webapps,0 +36072,platforms/php/webapps/36072.txt,"OneFileCMS 1.1.1 - 'onefilecms.php' Cross-site Scripting",2011-08-21,mr.pr0n,php,webapps,0 +36073,platforms/php/webapps/36073.txt,"Pandora FMS 3.x - 'index.php' Cross-site Scripting",2011-08-22,"mehdi boukazoula",php,webapps,0 36074,platforms/php/webapps/36074.txt,"TotalShopUK 1.7.2 - 'index.php' SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 36075,platforms/windows/remote/36075.py,"Freefloat FTP Server - 'ALLO' Command Remote Buffer Overflow",2011-08-20,Black.Spook,windows,remote,0 -36076,platforms/php/webapps/36076.txt,"Concrete 5.4.1 1 - 'rcID' Parameter Cross-Site Scripting",2011-08-22,"Aung Khant",php,webapps,0 -36077,platforms/php/webapps/36077.txt,"Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-23,"Yassin Aboukir",php,webapps,0 +36076,platforms/php/webapps/36076.txt,"Concrete 5.4.1 1 - 'rcID' Parameter Cross-site Scripting",2011-08-22,"Aung Khant",php,webapps,0 +36077,platforms/php/webapps/36077.txt,"Open Classifieds 1.7.2 - Multiple Cross-site Scripting Vulnerabilities",2011-08-23,"Yassin Aboukir",php,webapps,0 36078,platforms/windows/remote/36078.py,"PCMan FTP Server 2.0.7 - Buffer Overflow MKD Command",2015-02-14,R-73eN,windows,remote,0 36079,platforms/php/webapps/36079.txt,"CommodityRentals Real Estate Script - 'txtsearch' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36080,platforms/php/webapps/36080.txt,"Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36081,platforms/php/webapps/36081.txt,"VicBlog - 'tag' Parameter SQL Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 -36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 -36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 +36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 +36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 36085,platforms/php/webapps/36085.txt,"phpWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection / XSS",2015-02-16,"Kacper Szurek",php,webapps,0 -36087,platforms/php/webapps/36087.txt,"WordPress Fancybox 3.0.2 Plugin - Stored XSS",2015-02-16,NULLpOint7r,php,webapps,0 +36087,platforms/php/webapps/36087.txt,"WordPress Fancybox 3.0.2 Plugin - Persistent Cross-site Scripting",2015-02-16,NULLpOint7r,php,webapps,0 36089,platforms/php/webapps/36089.txt,"eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities",2015-02-16,"Brandon Perry",php,webapps,80 36090,platforms/php/webapps/36090.txt,"ClickCMS - Denial of Service / CAPTCHA Bypass",2011-08-29,MustLive,php,webapps,0 -36091,platforms/php/webapps/36091.txt,"IBM Open Admin Tool 2.71 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-30,"Sumit Kumar Soni",php,webapps,0 +36091,platforms/php/webapps/36091.txt,"IBM Open Admin Tool 2.71 - Multiple Cross-site Scripting Vulnerabilities",2011-08-30,"Sumit Kumar Soni",php,webapps,0 36092,platforms/windows/dos/36092.pl,"MapServer 6.0 - .Map File Double Free Remote Denial of Service",2011-08-30,rouault,windows,dos,0 36093,platforms/php/webapps/36093.txt,"CS-Cart 2.2.1 - 'products.php' SQL Injection",2011-08-30,Net.Edit0r,php,webapps,0 36094,platforms/php/webapps/36094.txt,"TinyWebGallery 1.8.4 - Local File Inclusion and SQL Injection",2011-08-31,KedAns-Dz,php,webapps,0 36095,platforms/php/webapps/36095.txt,"Serendipity 1.5.1 - 'research_display.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 36096,platforms/php/webapps/36096.txt,"Web Professional - 'default.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 -36097,platforms/php/webapps/36097.txt,"Mambo CMS N-Skyrslur - Cross-Site Scripting",2011-09-02,CoBRa_21,php,webapps,0 +36097,platforms/php/webapps/36097.txt,"Mambo CMS N-Skyrslur - Cross-site Scripting",2011-09-02,CoBRa_21,php,webapps,0 36098,platforms/php/webapps/36098.html,"Guppy CMS 5.0.9 / 5.00.10 - Authentication Bypass/Change Email",2015-02-17,"Brandon Murphy",php,webapps,80 36099,platforms/php/webapps/36099.html,"GuppY CMS 5.0.9 & 5.00.10 - Multiple CSRF Vulnerabilities",2015-02-17,"Brandon Murphy",php,webapps,80 36100,platforms/windows/remote/36100.rb,"X360 VideoPlayer - ActiveX Control Buffer Overflow",2015-02-17,Metasploit,windows,remote,0 @@ -32542,96 +32542,96 @@ id,file,description,date,author,platform,type,port 36107,platforms/php/webapps/36107.txt,"KaiBB 2.0.1 - SQL Injection / Arbitrary File Upload",2011-09-02,KedAns-Dz,php,webapps,0 36108,platforms/php/webapps/36108.txt,"Mambo CMS N-Frettir Component - SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36109,platforms/php/webapps/36109.txt,"Mambo CMS N-Myndir Component - SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 -36110,platforms/php/webapps/36110.txt,"ACal 2.2.6 - 'calendar.php' Cross-Site Scripting",2011-09-02,T0xic,php,webapps,0 +36110,platforms/php/webapps/36110.txt,"ACal 2.2.6 - 'calendar.php' Cross-site Scripting",2011-09-02,T0xic,php,webapps,0 36111,platforms/windows/remote/36111.py,"Cerberus FTP Server 4.0.9.8 - Remote Buffer Overflow",2011-09-05,KedAns-Dz,windows,remote,0 36112,platforms/php/webapps/36112.txt,"Duplicator 0.5.8 - Privilege Escalation",2015-02-18,"Kacper Szurek",php,webapps,80 -36113,platforms/php/webapps/36113.txt,"YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting",2011-09-05,R3d-D3V!L,php,webapps,0 +36113,platforms/php/webapps/36113.txt,"YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-site Scripting",2011-09-05,R3d-D3V!L,php,webapps,0 36114,platforms/php/webapps/36114.txt,"EasyGallery 5 - 'index.php' Multiple SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 36115,platforms/windows/remote/36115.txt,"Apple QuickTime 7.6.9 - 'QuickTimePlayer.dll' ActiveX Buffer Overflow",2011-09-06,"Ivan Sanchez",windows,remote,0 -36116,platforms/asp/webapps/36116.txt,"Kisanji - 'gr' Parameter Cross-Site Scripting",2011-09-06,Bl4ck.Viper,asp,webapps,0 -36117,platforms/php/webapps/36117.txt,"GeoClassifieds Lite 2.0.x - Multiple Cross-Site Scripting / SQL Injection",2011-09-06,"Yassin Aboukir",php,webapps,0 +36116,platforms/asp/webapps/36116.txt,"Kisanji - 'gr' Parameter Cross-site Scripting",2011-09-06,Bl4ck.Viper,asp,webapps,0 +36117,platforms/php/webapps/36117.txt,"GeoClassifieds Lite 2.0.x - Multiple Cross-site Scripting / SQL Injection",2011-09-06,"Yassin Aboukir",php,webapps,0 36124,platforms/php/remote/36124.txt,"jQuery - jui_filter_rules PHP Code Execution",2015-02-19,"Timo Schmid",php,remote,80 -36121,platforms/php/webapps/36121.txt,"Zikula Application Framework 1.2.7/1.3 - 'themename' Parameter Cross-Site Scripting",2011-09-05,"High-Tech Bridge SA",php,webapps,0 -36122,platforms/php/webapps/36122.txt,"SkaDate - 'blogs.php' Cross-Site Scripting",2011-09-08,sonyy,php,webapps,0 +36121,platforms/php/webapps/36121.txt,"Zikula Application Framework 1.2.7/1.3 - 'themename' Parameter Cross-site Scripting",2011-09-05,"High-Tech Bridge SA",php,webapps,0 +36122,platforms/php/webapps/36122.txt,"SkaDate - 'blogs.php' Cross-site Scripting",2011-09-08,sonyy,php,webapps,0 36123,platforms/php/webapps/36123.txt,"In-link 2.3.4/5.1.3 RC1 - 'cat' Parameter SQL Injection",2011-09-08,SubhashDasyam,php,webapps,0 36126,platforms/multiple/webapps/36126.txt,"CrushFTP 7.2.0 - Multiple Vulnerabilities",2015-02-19,"Rehan Ahmed",multiple,webapps,8080 36127,platforms/php/webapps/36127.txt,"Piwigo 2.7.3 - Multiple Vulnerabilities",2015-02-19,"Steffen Rösemann",php,webapps,80 36128,platforms/windows/dos/36128.txt,"Wireshark 1.6.1 - Malformed Packet Trace File Remote Denial of Service",2011-09-08,Wireshark,windows,dos,0 36129,platforms/php/webapps/36129.txt,"Pluck 4.7 - Multiple Local File Inclusion and File Disclosure Vulnerabilities",2011-09-08,Bl4k3,php,webapps,0 36130,platforms/multiple/remote/36130.txt,"Spring Security - HTTP Header Injection",2011-09-09,"David Mas",multiple,remote,0 -36131,platforms/php/webapps/36131.txt,"Papoo CMS Light 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-12,"Stefan Schurtz",php,webapps,0 +36131,platforms/php/webapps/36131.txt,"Papoo CMS Light 4.0 - Multiple Cross-site Scripting Vulnerabilities",2011-09-12,"Stefan Schurtz",php,webapps,0 36132,platforms/xml/webapps/36132.txt,"Pentaho < 4.5.0 - User Console XML Injection",2015-02-20,"K.d Long",xml,webapps,0 36411,platforms/win_x86/shellcode/36411.txt,"Windows XP x86-64 - Download & execute shellcode (Generator)",2015-03-16,"Ali Razmjoo",win_x86,shellcode,0 -36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross-Site Scripting",2011-09-12,"Gustavo Roberto",asp,webapps,0 +36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross-site Scripting",2011-09-12,"Gustavo Roberto",asp,webapps,0 36134,platforms/asp/webapps/36134.txt,"Microsoft SharePoint 2007/2010 - 'Source' Parameter Multiple URI Open Redirection Vulnerabilities",2011-09-14,"Irene Abezgauz",asp,webapps,0 36135,platforms/php/webapps/36135.txt,"WordPress Auctions Plugin 1.8.8 - 'wpa_id' Parameter SQL Injection",2011-09-14,sherl0ck_,php,webapps,0 36136,platforms/php/webapps/36136.txt,"StarDevelop LiveHelp 2.0 - 'index.php' Local File Inclusion",2011-09-15,KedAns-Dz,php,webapps,0 -36137,platforms/php/webapps/36137.txt,"PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-16,"Piotr Duszynski",php,webapps,0 +36137,platforms/php/webapps/36137.txt,"PunBB 1.3.5 - Multiple Cross-site Scripting Vulnerabilities",2011-09-16,"Piotr Duszynski",php,webapps,0 36138,platforms/asp/webapps/36138.txt,"ASP Basit Haber Script 1.0 - 'id' Parameter SQL Injection",2011-09-18,m3rciL3Ss,asp,webapps,0 -36139,platforms/asp/webapps/36139.txt,"Ay Computer Multiple Products - Multiple SQL Injection",2011-09-17,m3rciL3Ss,asp,webapps,0 -36140,platforms/php/webapps/36140.txt,"Toko LiteCMS 1.5.2 - HTTP Response Splitting / Cross-Site Scripting",2011-09-19,"Gjoko Krstic",php,webapps,0 -36141,platforms/asp/webapps/36141.txt,"Aspgwy Access 1.0 - 'matchword' Parameter Cross-Site Scripting",2011-09-19,"kurdish hackers team",asp,webapps,0 -36142,platforms/php/webapps/36142.txt,"net4visions Multiple Products - 'dir' parameters Multiple Cross-Site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 +36139,platforms/asp/webapps/36139.txt,"Ay Computer Multiple Products - Multiple SQL Injections",2011-09-17,m3rciL3Ss,asp,webapps,0 +36140,platforms/php/webapps/36140.txt,"Toko LiteCMS 1.5.2 - HTTP Response Splitting / Cross-site Scripting",2011-09-19,"Gjoko Krstic",php,webapps,0 +36141,platforms/asp/webapps/36141.txt,"Aspgwy Access 1.0 - 'matchword' Parameter Cross-site Scripting",2011-09-19,"kurdish hackers team",asp,webapps,0 +36142,platforms/php/webapps/36142.txt,"net4visions Multiple Products - 'dir' parameters Multiple Cross-site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 36143,platforms/osx/local/36143.txt,"Apple Mac OS X Lion - Directory Services Security Bypass",2011-09-19,"Defence in Depth",osx,local,0 -36144,platforms/php/webapps/36144.txt,"Card sharj 1.0 - Multiple SQL Injection",2011-09-19,Net.Edit0r,php,webapps,0 +36144,platforms/php/webapps/36144.txt,"Card sharj 1.0 - Multiple SQL Injections",2011-09-19,Net.Edit0r,php,webapps,0 36145,platforms/windows/remote/36145.py,"IBM Lotus Domino 8.5.2 - 'NSFComputeEvaluateExt()' Function Remote Stack Buffer Overflow",2011-09-20,rmallof,windows,remote,0 -36146,platforms/asp/webapps/36146.txt,"i-Gallery 3.4 - 'd' Parameter Cross-Site Scripting",2011-09-21,Kurd-Team,asp,webapps,0 +36146,platforms/asp/webapps/36146.txt,"i-Gallery 3.4 - 'd' Parameter Cross-site Scripting",2011-09-21,Kurd-Team,asp,webapps,0 36147,platforms/php/webapps/36147.txt,"Free Help Desk 1.1b - Multiple Input Validation Vulnerabilities",2011-09-06,"High-Tech Bridge SA",php,webapps,0 -36148,platforms/php/webapps/36148.txt,"phpRS 2.8.1 - Multiple SQL Injection / Cross-Site Scripting",2011-09-18,iM4n,php,webapps,0 -36149,platforms/php/webapps/36149.txt,"OneCMS 2.6.4 - Multiple SQL Injection",2011-09-21,"kurdish hackers team",php,webapps,0 +36148,platforms/php/webapps/36148.txt,"phpRS 2.8.1 - Multiple SQL Injections / Cross-site Scripting",2011-09-18,iM4n,php,webapps,0 +36149,platforms/php/webapps/36149.txt,"OneCMS 2.6.4 - Multiple SQL Injections",2011-09-21,"kurdish hackers team",php,webapps,0 36150,platforms/php/webapps/36150.txt,"Zyncro 3.0.1.20 - Multiple HTML Injection Vulnerabilities",2011-09-22,"Ferran Pichel Llaquet",php,webapps,0 36151,platforms/php/webapps/36151.txt,"Zyncro 3.0.1.20 - Social Network Message Menu SQL Injection",2011-09-22,"Ferran Pichel Llaquet",php,webapps,0 36152,platforms/windows/dos/36152.html,"Samsung iPOLiS 1.12.2 - iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue PoC",2015-02-22,"Praveen Darshanam",windows,dos,0 36169,platforms/multiple/remote/36169.rb,"HP Client - Automation Command Injection",2015-02-24,Metasploit,multiple,remote,3465 -36154,platforms/php/webapps/36154.txt,"Beehive Forum 1.4.4 - Stored XSS",2015-02-23,"Halil Dalabasmaz",php,webapps,0 +36154,platforms/php/webapps/36154.txt,"Beehive Forum 1.4.4 - Persistent Cross-site Scripting",2015-02-23,"Halil Dalabasmaz",php,webapps,0 36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 - Unrestricted File Upload Exploit",2015-02-23,"CWH Underground",php,webapps,80 36156,platforms/php/webapps/36156.txt,"Clipbucket 2.7 RC3 0.9 - Blind SQL Injection",2015-02-23,"CWH Underground",php,webapps,80 36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit)",2015-02-23,"Pablo González",php,webapps,80 36158,platforms/php/dos/36158.txt,"PHP DateTime - Use-After-Free",2015-02-23,"Taoguang Chen",php,dos,0 36159,platforms/php/webapps/36159.txt,"Zeuscart v.4 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 -36161,platforms/php/webapps/36161.txt,"WordPress Easy Social Icons Plugin 1.2.2 - CSRF",2015-02-23,"Eric Flokstra",php,webapps,80 +36161,platforms/php/webapps/36161.txt,"WordPress Easy Social Icons Plugin 1.2.2 - Cross-site Request Forgery",2015-02-23,"Eric Flokstra",php,webapps,80 36162,platforms/php/webapps/36162.txt,"TWiki 5.0.2 - bin/view/Main/Jump newtopic Parameter XSS",2011-09-22,"Mesut Timur",php,webapps,0 36163,platforms/php/webapps/36163.txt,"TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI XSS",2011-09-22,"Mesut Timur",php,webapps,0 -36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 +36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing - Remote Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10 / WordPress 3.1.x / DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 -36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0 -36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 -36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 - 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0 +36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0 +36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 +36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 - 'browse.php' Cross-site Scripting",2011-09-26,Amir,php,webapps,0 36171,platforms/php/webapps/36171.txt,"Joomla! 'com_biitatemplateshop' Component - 'groups' Parameter SQL Injection",2011-09-26,"BHG Security Group",php,webapps,0 -36172,platforms/cfm/webapps/36172.txt,"Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-27,MustLive,cfm,webapps,0 +36172,platforms/cfm/webapps/36172.txt,"Adobe ColdFusion 7 - Multiple Cross-site Scripting Vulnerabilities",2011-09-27,MustLive,cfm,webapps,0 36173,platforms/php/webapps/36173.txt,"Vanira CMS - 'vtpidshow' Parameter SQL Injection",2011-09-27,"kurdish hackers team",php,webapps,0 36174,platforms/windows/remote/36174.txt,"ServersCheck Monitoring Software 8.8.x - Multiple Remote Security Vulnerabilities",2011-09-27,Vulnerability-Lab,windows,remote,0 -36175,platforms/php/webapps/36175.txt,"Traq 2.2 - Multiple SQL Injection / Cross-Site Scripting",2011-09-28,"High-Tech Bridge SA",php,webapps,0 -36176,platforms/php/webapps/36176.txt,"Joomla! 1.7.0 and Prior - Multiple Cross-Site Scripting Vulnerabilities",2011-09-29,"Aung Khant",php,webapps,0 -36177,platforms/php/webapps/36177.txt,"Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-29,"Stefan Schurtz",php,webapps,0 -36178,platforms/php/webapps/36178.txt,"WordPress Atahualpa Theme 3.6.7 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36179,platforms/php/webapps/36179.txt,"WordPress Hybrid Theme 0.9 - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36180,platforms/php/webapps/36180.txt,"WordPress F8 Lite Theme 4.2.1 - 's' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36181,platforms/php/webapps/36181.txt,"WordPress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36182,platforms/php/webapps/36182.txt,"WordPress EvoLve Theme 1.2.5 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36183,platforms/php/webapps/36183.txt,"WordPress Cover WP Theme 1.6.5 - 's' Parameter Cross-Site Scripting",2011-09-24,jabdah,php,webapps,0 -36184,platforms/php/webapps/36184.txt,"WordPress Web Minimalist Theme 1.1 - 'index.php' Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36185,platforms/php/webapps/36185.txt,"WordPress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36186,platforms/php/webapps/36186.txt,"WordPress Morning Coffee Theme 3.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 -36187,platforms/php/webapps/36187.txt,"WordPress Black-LetterHead Theme 1.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36175,platforms/php/webapps/36175.txt,"Traq 2.2 - Multiple SQL Injections / Cross-site Scripting",2011-09-28,"High-Tech Bridge SA",php,webapps,0 +36176,platforms/php/webapps/36176.txt,"Joomla! 1.7.0 and Prior - Multiple Cross-site Scripting Vulnerabilities",2011-09-29,"Aung Khant",php,webapps,0 +36177,platforms/php/webapps/36177.txt,"Bitweaver 2.8.1 - Multiple Cross-site Scripting Vulnerabilities",2011-09-29,"Stefan Schurtz",php,webapps,0 +36178,platforms/php/webapps/36178.txt,"WordPress Atahualpa Theme 3.6.7 - 's' Parameter Cross-site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36179,platforms/php/webapps/36179.txt,"WordPress Hybrid Theme 0.9 - 'cpage' Parameter Cross-site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36180,platforms/php/webapps/36180.txt,"WordPress F8 Lite Theme 4.2.1 - 's' Parameter Cross-site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36181,platforms/php/webapps/36181.txt,"WordPress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross-site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36182,platforms/php/webapps/36182.txt,"WordPress EvoLve Theme 1.2.5 - 's' Parameter Cross-site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36183,platforms/php/webapps/36183.txt,"WordPress Cover WP Theme 1.6.5 - 's' Parameter Cross-site Scripting",2011-09-24,jabdah,php,webapps,0 +36184,platforms/php/webapps/36184.txt,"WordPress Web Minimalist Theme 1.1 - 'index.php' Cross-site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36185,platforms/php/webapps/36185.txt,"WordPress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross-site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36186,platforms/php/webapps/36186.txt,"WordPress Morning Coffee Theme 3.5 - 'index.php' Cross-site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36187,platforms/php/webapps/36187.txt,"WordPress Black-LetterHead Theme 1.5 - 'index.php' Cross-site Scripting",2011-09-30,SiteWatch,php,webapps,0 36188,platforms/windows/local/36188.txt,"Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities",2015-02-26,LiquidWorm,windows,local,0 36189,platforms/windows/local/36189.txt,"Ubisoft Uplay 5.0 - Insecure File Permissions Local Privilege Escalation",2015-02-26,LiquidWorm,windows,local,0 36190,platforms/linux/dos/36190.txt,"SQLite3 3.8.6 - Controlled Memory Corruption PoC",2015-02-26,"Andras Kabai",linux,dos,0 -36191,platforms/php/webapps/36191.txt,"WordPress RedLine Theme 1.65 - 's' Parameter Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36191,platforms/php/webapps/36191.txt,"WordPress RedLine Theme 1.65 - 's' Parameter Cross-site Scripting",2011-09-30,SiteWatch,php,webapps,0 36192,platforms/php/webapps/36192.txt,"A2CMS - 'index.php' Local File Disclosure",2011-09-28,St493r,php,webapps,0 36193,platforms/php/webapps/36193.txt,"WordPress WP Bannerize 2.8.7 Plugin - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 - 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0 -36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-site Scripting",2011-09-24,SiteWatch,php,webapps,0 36196,platforms/php/webapps/36196.txt,"SonicWall Viewpoint 6.0 - 'scheduleID' Parameter SQL Injection",2011-10-02,Rem0ve,php,webapps,0 36197,platforms/php/webapps/36197.txt,"ezCourses - admin.asp Security Bypass",2011-10-01,J.O,php,webapps,0 36198,platforms/multiple/dos/36198.pl,"Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial Of Service",2011-10-01,"Usman Saeed",multiple,dos,0 36199,platforms/linux/remote/36199.txt,"Perl 5.x - Digest Module 'Digest->new()' Code Injection",2011-10-02,anonymous,linux,remote,0 36200,platforms/php/webapps/36200.txt,"Netvolution 2.5.8 - 'referer' Header SQL Injection",2011-10-03,"Patroklos Argyroudis",php,webapps,0 -36201,platforms/php/webapps/36201.txt,"Phorum 5.2.18 - 'admin/index.php' Cross-Site Scripting",2011-10-03,"Stefan Schurtz",php,webapps,0 +36201,platforms/php/webapps/36201.txt,"Phorum 5.2.18 - 'admin/index.php' Cross-site Scripting",2011-10-03,"Stefan Schurtz",php,webapps,0 36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution (0Day)",2015-03-01,"OJ Reeves",hardware,webapps,80 -36203,platforms/php/webapps/36203.txt,"vtiger CRM 5.2.1 - index.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 +36203,platforms/php/webapps/36203.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36204,platforms/php/webapps/36204.txt,"vtiger CRM 5.2.1 - phprint.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36205,platforms/hardware/remote/36205.txt,"SonicWALL - SessId Cookie Brute-force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0 36206,platforms/windows/remote/36206.rb,"Persistent Systems Client Automation - Command Injection RCE (Metasploit)",2015-02-27,"Ben Turner",windows,remote,3465 @@ -32642,8 +32642,8 @@ id,file,description,date,author,platform,type,port 36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection",2015-03-04,Metasploit,linux,remote,443 36211,platforms/windows/dos/36211.txt,"Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service",2011-04-11,"Luigi Auriemma",windows,dos,0 36244,platforms/php/webapps/36244.txt,"Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection",2011-10-19,"Yuri Goltsev",php,webapps,0 -36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 - 'cat' Parameter Cross-Site Scripting",2011-10-20,"Eyup CELIK",php,webapps,0 -36213,platforms/php/webapps/36213.txt,"Active CMS 1.2 - 'mod' Parameter Cross-Site Scripting",2011-10-06,"Stefan Schurtz",php,webapps,0 +36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 - 'cat' Parameter Cross-site Scripting",2011-10-20,"Eyup CELIK",php,webapps,0 +36213,platforms/php/webapps/36213.txt,"Active CMS 1.2 - 'mod' Parameter Cross-site Scripting",2011-10-06,"Stefan Schurtz",php,webapps,0 36214,platforms/php/webapps/36214.txt,"BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure",2011-10-07,"cr4wl3r ",php,webapps,0 36215,platforms/php/webapps/36215.txt,"Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0 36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 - Multiple Remote File Inclusion",2011-10-10,indoushka,php,webapps,0 @@ -32654,39 +32654,39 @@ id,file,description,date,author,platform,type,port 36221,platforms/php/webapps/36221.txt,"Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36222,platforms/php/webapps/36222.txt,"Joomla! 'com_shop' Component - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Inclusion",2011-10-11,indoushka,php,webapps,0 -36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure",2011-10-10,"labs insight",php,webapps,0 -36225,platforms/php/webapps/36225.txt,"Contao CMS 2.10.1 - Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 -36226,platforms/php/webapps/36226.txt,"SilverStripe 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 +36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross-site Scripting / Information Disclosure",2011-10-10,"labs insight",php,webapps,0 +36225,platforms/php/webapps/36225.txt,"Contao CMS 2.10.1 - Cross-site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 +36226,platforms/php/webapps/36226.txt,"SilverStripe 2.4.5 - Multiple Cross-site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 36227,platforms/php/webapps/36227.txt,"Joomla! Sgicatalog Component 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0 -36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 +36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 - Multiple Cross-site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0 36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Shell Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 -36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 +36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross-site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 36234,platforms/multiple/dos/36234.txt,"G-WAN 2.10.6 - Buffer Overflow / Denial of Service",2011-10-13,"Fredrik Widlund",multiple,dos,0 36235,platforms/windows/remote/36235.txt,"PROMOTIC 8.1.3 - Multiple Security Vulnerabilities",2011-10-14,"Luigi Auriemma",windows,remote,0 36236,platforms/php/webapps/36236.txt,"Xenon - 'id' Parameter Multiple SQL Injection",2011-10-14,m3rciL3Ss,php,webapps,0 -36237,platforms/php/webapps/36237.txt,"asgbookphp 1.9 - 'index.php' Cross-Site Scripting",2011-10-17,indoushka,php,webapps,0 +36237,platforms/php/webapps/36237.txt,"asgbookphp 1.9 - 'index.php' Cross-site Scripting",2011-10-17,indoushka,php,webapps,0 36238,platforms/multiple/remote/36238.txt,"Multiple Toshiba e-Studio Devices - Security Bypass",2011-10-17,"Deral Heiland PercX",multiple,remote,0 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 - Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0 -36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross-Site Scripting / SQL Injection",2011-10-18,"Stefan Schurtz",php,webapps,0 -36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - LFI",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 +36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross-site Scripting / SQL Injection",2011-10-18,"Stefan Schurtz",php,webapps,0 +36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - Local File Inclusion",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 36242,platforms/php/webapps/36242.txt,"WordPress Theme Photocrati 4.x.x - SQL Injection / XSS",2015-03-03,ayastar,php,webapps,0 36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar 1.1.4 Plugin - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 -36246,platforms/multiple/remote/36246.txt,"Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 +36246,platforms/multiple/remote/36246.txt,"Splunk 4.1.6 - 'segment' Parameter Cross-site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 36247,platforms/multiple/dos/36247.txt,"Splunk 4.1.6 Web component - Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 36248,platforms/php/webapps/36248.txt,"osCommerce - Remote File Upload / File Disclosure",2011-10-20,indoushka,php,webapps,0 -36249,platforms/php/webapps/36249.txt,"Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-20,"High-Tech Bridge SA",php,webapps,0 +36249,platforms/php/webapps/36249.txt,"Tine 2.0 - Multiple Cross-site Scripting Vulnerabilities",2011-10-20,"High-Tech Bridge SA",php,webapps,0 36250,platforms/windows/remote/36250.html,"Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method",2011-10-24,rgod,windows,remote,0 36251,platforms/php/webapps/36251.txt,"PHPMoAdmin - Unauthorized Remote Code Execution (0Day)",2015-03-03,@u0x,php,webapps,80 36252,platforms/php/webapps/36252.txt,"e107 0.7.24 - 'cmd' Parameter Remote Command Execution",2011-10-24,"Matt Bergin",php,webapps,0 -36253,platforms/php/webapps/36253.txt,"InverseFlow 2.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-24,"Amir Expl0its",php,webapps,0 +36253,platforms/php/webapps/36253.txt,"InverseFlow 2.4 - Multiple Cross-site Scripting Vulnerabilities",2011-10-24,"Amir Expl0its",php,webapps,0 36254,platforms/php/webapps/36254.txt,"Alsbtain Bulletin 1.5/1.6 - Multiple Local File Inclusion",2011-10-25,"Null H4ck3r",php,webapps,0 -36255,platforms/php/webapps/36255.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2011-10-26,LiquidWorm,php,webapps,0 +36255,platforms/php/webapps/36255.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2011-10-26,LiquidWorm,php,webapps,0 36256,platforms/hardware/remote/36256.txt,"Multiple Cisco Products - 'file' Parameter Directory Traversal",2011-10-26,"Sandro Gauci",hardware,remote,0 36257,platforms/linux/local/36257.txt,"Trendmicro IWSS 3.1 - Local Privilege Escalation",2011-10-26,"Buguroo Offensive Security",linux,local,0 -36258,platforms/windows/remote/36258.txt,"XAMPP 1.7.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-26,Sangteamtham,windows,remote,0 +36258,platforms/windows/remote/36258.txt,"XAMPP 1.7.4 - Multiple Cross-site Scripting Vulnerabilities",2011-10-26,Sangteamtham,windows,remote,0 36259,platforms/php/webapps/36259.txt,"eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection",2011-10-28,"Vulnerability Research Laboratory",php,webapps,0 36260,platforms/windows/dos/36260.txt,"Opera Web Browser 11.52 - Escape Sequence Stack Buffer Overflow Denial of Service",2011-10-28,"Marcel Bernhardt",windows,dos,0 36264,platforms/php/remote/36264.rb,"Seagate Business NAS - Unauthenticated Remote Command Execution",2015-03-04,Metasploit,php,remote,80 @@ -32695,35 +32695,35 @@ id,file,description,date,author,platform,type,port 36267,platforms/linux/dos/36267.c,"Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 36268,platforms/linux/dos/36268.c,"Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 -36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting",2011-10-28,"599eme Man",php,webapps,0 +36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-site Scripting",2011-10-28,"599eme Man",php,webapps,0 36271,platforms/osx/dos/36271.py,"Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 -36272,platforms/php/webapps/36272.txt,"Domain Shop - 'index.php' Cross-Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 +36272,platforms/php/webapps/36272.txt,"Domain Shop - 'index.php' Cross-site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 - Multiple Remote File Inclusion",2011-11-01,indoushka,php,webapps,0 36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 -36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 +36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 - Cross-site Scripting / Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 36276,platforms/linux_mips/shellcode/36276.c,"Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 -36277,platforms/php/webapps/36277.txt,"IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting",2011-11-01,Isfahan,php,webapps,0 -36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 -36282,platforms/php/webapps/36282.txt,"eFront 3.6.x - Multiple Cross-Site Scripting and SQL Injection",2011-11-02,"High-Tech Bridge SA",php,webapps,0 -36283,platforms/php/webapps/36283.txt,"Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting",2011-11-03,"Stefan Schurtz",php,webapps,0 +36277,platforms/php/webapps/36277.txt,"IBSng B1.34(T96) - 'str' Parameter Cross-site Scripting",2011-11-01,Isfahan,php,webapps,0 +36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 - Multiple Cross-site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 +36282,platforms/php/webapps/36282.txt,"eFront 3.6.x - Multiple Cross-site Scripting and SQL Injection",2011-11-02,"High-Tech Bridge SA",php,webapps,0 +36283,platforms/php/webapps/36283.txt,"Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-site Scripting",2011-11-03,"Stefan Schurtz",php,webapps,0 36280,platforms/php/webapps/36280.txt,"Symphony 2.2.3 - symphony/publish/images filter Parameter XSS",2011-11-01,"Mesut Timur",php,webapps,0 36281,platforms/php/webapps/36281.txt,"Symphony 2.2.3 - symphony/publish/comments filter Parameter SQL Injection",2011-11-01,"Mesut Timur",php,webapps,0 -36284,platforms/asp/webapps/36284.txt,"CmyDocument - Multiple Cross-Site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 +36284,platforms/asp/webapps/36284.txt,"CmyDocument - Multiple Cross-site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 36285,platforms/windows/dos/36285.c,"Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow",2011-11-08,anonymous,windows,dos,0 36286,platforms/hardware/remote/36286.txt,"DreamBox DM800 - 'file' Parameter Local File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0 -36287,platforms/php/webapps/36287.txt,"WordPress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 +36287,platforms/php/webapps/36287.txt,"WordPress Bonus Theme 1.0 - 's' Parameter Cross-site Scripting",2011-11-04,3spi0n,php,webapps,0 36288,platforms/multiple/dos/36288.php,"Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service",2011-11-04,"Maksymilian Arciemowicz",multiple,dos,0 -36289,platforms/php/webapps/36289.txt,"SmartJobBoard - 'keywords' Parameter Cross-Site Scripting",2011-11-07,Mr.PaPaRoSSe,php,webapps,0 +36289,platforms/php/webapps/36289.txt,"SmartJobBoard - 'keywords' Parameter Cross-site Scripting",2011-11-07,Mr.PaPaRoSSe,php,webapps,0 36290,platforms/php/webapps/36290.txt,"Admin Bot - 'news.php' SQL Injection",2011-11-07,baltazar,php,webapps,0 -36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross-Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 +36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross-site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 36292,platforms/java/webapps/36292.txt,"Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal",2011-11-07,Buherátor,java,webapps,0 36293,platforms/php/webapps/36293.txt,"Centreon 2.3.1 - 'command_name' Parameter Remote Command Execution",2011-11-04,"Christophe de la Fuente",php,webapps,0 36294,platforms/linux/local/36294.c,"Linux Kernel 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure Weakness",2011-11-07,"Vasiliy Kulikov",linux,local,0 36295,platforms/php/webapps/36295.txt,"PBCS Technology - 'articlenav.php' SQL Injection",2011-11-08,Kalashinkov3,php,webapps,0 36296,platforms/bsd/local/36296.pl,"OpenPAM - 'pam_start()' Local Privilege Escalation",2011-11-09,IKCE,bsd,local,0 -36297,platforms/php/webapps/36297.txt,"AShop - Open-Redirection / Cross-Site Scripting",2011-11-09,"Infoserve Security Team",php,webapps,0 -36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross-Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 -36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 +36297,platforms/php/webapps/36297.txt,"AShop - Open-Redirection / Cross-site Scripting",2011-11-09,"Infoserve Security Team",php,webapps,0 +36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross-site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 +36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 Plugin - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 36302,platforms/php/webapps/36302.txt,"Joomla Content Component - 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0 @@ -32738,18 +32738,18 @@ id,file,description,date,author,platform,type,port 36311,platforms/lin_x86-64/local/36311.txt,"Rowhammer - NaCl Sandbox Escape PoC",2015-03-09,"Google Security Research",lin_x86-64,local,0 36314,platforms/php/webapps/36314.txt,"webERP 4.3.8 - reportwriter/ReportMaker.php reportid Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 36315,platforms/php/webapps/36315.txt,"webERP 4.3.8 - reportwriter/FormMaker.php ReportID Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 -36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 - Cross-Site Scripting",2011-11-17,"James webb",php,webapps,0 -36317,platforms/php/webapps/36317.txt,"WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross-Site Scripting",2011-11-17,Am!r,php,webapps,0 +36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 - Cross-site Scripting",2011-11-17,"James webb",php,webapps,0 +36317,platforms/php/webapps/36317.txt,"WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross-site Scripting",2011-11-17,Am!r,php,webapps,0 36318,platforms/windows/remote/36318.txt,"Jetty Web Server - Directory Traversal",2011-11-18,"Alexey Sintsov",windows,remote,0 -36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 +36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross-site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 36320,platforms/php/webapps/36320.txt,"Codoforum 2.5.1 - Arbitrary File Download",2015-03-10,"Kacper Szurek",php,webapps,80 36321,platforms/php/webapps/36321.txt,"GeniXCMS 0.0.1 - Multiple Vulnerabilities",2015-03-10,LiquidWorm,php,webapps,80 36322,platforms/php/webapps/36322.txt,"Digital Attic Foundation CMS - 'id' Parameter SQL Injection",2011-11-20,tempe_mendoan,php,webapps,0 -36323,platforms/php/webapps/36323.txt,"WordPress Alert Before Your Post Plugin - 'name' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 -36324,platforms/php/webapps/36324.txt,"WordPress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 -36325,platforms/php/webapps/36325.txt,"WordPress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 -36326,platforms/php/webapps/36326.txt,"WordPress Lanoba Social Plugin 1.0 - 'action' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 -36327,platforms/windows/local/36327.txt,"Microsoft Windows XP/7 Kernel - 'Win32k.sys' Keyboard Layout Local Privilege Escalation",2011-11-22,instruder,windows,local,0 +36323,platforms/php/webapps/36323.txt,"WordPress Alert Before Your Post Plugin - 'name' Parameter Cross-site Scripting",2011-11-21,Am!r,php,webapps,0 +36324,platforms/php/webapps/36324.txt,"WordPress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-site Scripting",2011-11-21,Amir,php,webapps,0 +36325,platforms/php/webapps/36325.txt,"WordPress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-site Scripting",2011-11-21,Am!r,php,webapps,0 +36326,platforms/php/webapps/36326.txt,"WordPress Lanoba Social Plugin 1.0 - 'action' Parameter Cross-site Scripting",2011-11-21,Amir,php,webapps,0 +36327,platforms/windows/local/36327.txt,"Microsoft Windows XP/7 - Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation",2011-11-22,instruder,windows,local,0 36328,platforms/php/webapps/36328.txt,"TA.CMS - (TeachArabia) index.php id Parameter SQL Injection",2011-11-22,CoBRa_21,php,webapps,0 36329,platforms/php/webapps/36329.txt,"TA.CMS - (TeachArabia) lang Parameter Traversal Local File Inclusion",2011-11-22,CoBRa_21,php,webapps,0 36330,platforms/php/webapps/36330.txt,"Dolibarr 3.1 ERP/CRM - Multiple Script URI XSS",2011-11-23,"High-Tech Bridge SA",php,webapps,0 @@ -32760,20 +32760,20 @@ id,file,description,date,author,platform,type,port 36335,platforms/windows/dos/36335.txt,"Foxit Products GIF Conversion - Memory Corruption (DataSubBlock)",2015-03-11,"Francis Provencher",windows,dos,0 36336,platforms/windows/dos/36336.txt,"Microsoft Windows - Text Services Memory Corruption (MS15-020)",2015-03-11,"Francis Provencher",windows,dos,0 36337,platforms/linux/remote/36337.py,"ElasticSearch - Unauthenticated Remote Code Execution",2015-03-11,"Xiphos Research Ltd",linux,remote,9200 -36338,platforms/php/webapps/36338.txt,"WordPress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 -36339,platforms/php/webapps/36339.txt,"WordPress Featurific For WordPress Plugin 1.6.2 - 'snum' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 -36340,platforms/php/webapps/36340.txt,"WordPress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 +36338,platforms/php/webapps/36338.txt,"WordPress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross-site Scripting",2011-11-23,Amir,php,webapps,0 +36339,platforms/php/webapps/36339.txt,"WordPress Featurific For WordPress Plugin 1.6.2 - 'snum' Parameter Cross-site Scripting",2011-11-23,Amir,php,webapps,0 +36340,platforms/php/webapps/36340.txt,"WordPress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross-site Scripting",2011-11-23,Amir,php,webapps,0 36341,platforms/php/webapps/36341.txt,"PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS",2011-11-23,Prestashop,php,webapps,0 40008,platforms/php/webapps/40008.txt,"Getsimple CMS 3.3.10 - Arbitrary File Upload",2016-06-23,s0nk3y,php,webapps,80 36342,platforms/php/webapps/36342.txt,"PrestaShop 1.4.4.1 - modules/mondialrelay/googlemap.php Multiple Parameter XSS",2011-11-23,Prestashop,php,webapps,0 36343,platforms/php/webapps/36343.txt,"PrestaShop 1.4.4.1 - /modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition Parameter XSS",2011-11-23,Prestashop,php,webapps,0 36344,platforms/php/webapps/36344.txt,"PrestaShop 1.4.4.1 - /admin/ajaxfilemanager/ajax_save_text.php Multiple Parameter XSS",2011-11-23,Prestashop,php,webapps,0 36345,platforms/php/webapps/36345.txt,"Prestashop 1.4.4.1 - 'displayImage.php' HTTP Response Splitting",2011-11-23,RGouveia,php,webapps,0 -36346,platforms/php/webapps/36346.txt,"Zen Cart CMS 1.3.9h - Multiple Cross-Site Scripting Vulnerabilities",2011-11-23,RPinto,php,webapps,0 -36347,platforms/php/webapps/36347.txt,"Hastymail2 - 'rs' Parameter Cross-Site Scripting",2011-11-22,HTrovao,php,webapps,0 +36346,platforms/php/webapps/36346.txt,"Zen Cart CMS 1.3.9h - Multiple Cross-site Scripting Vulnerabilities",2011-11-23,RPinto,php,webapps,0 +36347,platforms/php/webapps/36347.txt,"Hastymail2 - 'rs' Parameter Cross-site Scripting",2011-11-22,HTrovao,php,webapps,0 36348,platforms/php/webapps/36348.txt,"Pro Clan Manager 0.4.2 - SQL Injection",2011-11-23,anonymous,php,webapps,0 36349,platforms/php/webapps/36349.txt,"AdaptCMS 2.0 - SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 -36350,platforms/php/webapps/36350.txt,"Balitbang CMS 3.3 - index.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 +36350,platforms/php/webapps/36350.txt,"Balitbang CMS 3.3 - 'index.php' hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 36351,platforms/php/webapps/36351.txt,"alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 36352,platforms/linux/remote/36352.txt,"Apache HTTP Server 7.0.x - 'mod_proxy' Reverse Proxy Security Bypass",2011-11-24,"Prutha Parikh",linux,remote,0 36353,platforms/jsp/webapps/36353.txt,"HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 @@ -32781,20 +32781,20 @@ id,file,description,date,author,platform,type,port 36355,platforms/jsp/webapps/36355.txt,"HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 36356,platforms/jsp/webapps/36356.txt,"HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 36357,platforms/jsp/webapps/36357.txt,"HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 -36358,platforms/php/webapps/36358.html,"CS-Cart 4.2.4 - CSRF",2015-03-11,"Luis Santana",php,webapps,0 +36358,platforms/php/webapps/36358.html,"CS-Cart 4.2.4 - Cross-site Request Forgery",2015-03-11,"Luis Santana",php,webapps,0 36359,platforms/lin_x86-64/shellcode/36359.c,"Linux/x86-64 - Reads Data From /etc/passwd To /tmp/outfile shellcode (118 bytes)",2014-03-27,"Chris Higgins",lin_x86-64,shellcode,0 36360,platforms/windows/remote/36360.rb,"Adobe Flash Player - ByteArray UncompressViaZlibVariant Use-After-Free",2015-03-12,Metasploit,windows,remote,0 36361,platforms/windows/dos/36361.py,"Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service",2011-11-25,"Houssam Sahli",windows,dos,0 -36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0 -36363,platforms/php/webapps/36363.txt,"WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 +36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 - Multiple Cross-site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0 +36363,platforms/php/webapps/36363.txt,"WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-site Scripting",2011-11-28,Amir,php,webapps,0 36364,platforms/php/webapps/36364.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - /admin/admin_pages.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 -36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Stored XSS",2015-03-13,"ITAS Team",php,webapps,0 +36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Persistent Cross-site Scripting",2015-03-13,"ITAS Team",php,webapps,0 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass Via HTTP Header Pollution",2015-03-12,"BGA Security",xml,webapps,0 36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 -36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - LFI",2015-03-12,"TUNISIAN CYBER",php,webapps,0 +36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - Local File Inclusion",2015-03-12,"TUNISIAN CYBER",php,webapps,0 36372,platforms/php/webapps/36372.txt,"WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload",2015-03-04,CrashBandicot,php,webapps,0 36373,platforms/php/webapps/36373.txt,"Joomla Simple Photo Gallery 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 @@ -32802,44 +32802,44 @@ id,file,description,date,author,platform,type,port 36376,platforms/windows/remote/36376.txt,"Oxide WebServer - Directory Traversal",2011-11-29,demonalex,windows,remote,0 36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 - HTTP POST Request NULL Pointer Content-Length Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0 36378,platforms/multiple/dos/36378.txt,"CoDeSys 3.4 - NULL Pointer Invalid HTTP Request Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0 -36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - index.php Multiple Parameter XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 +36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - 'index.php' Multiple Parameter XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php URI XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 -36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 +36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 - Cross-site Scripting",2011-11-30,Am!r,php,webapps,0 +36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin - 'facebook.php' Cross-site Scripting",2011-11-30,Am!r,php,webapps,0 36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36385,platforms/php/webapps/36385.txt,"Joomla Simple Photo Gallery 1.0 - SQL injection",2015-03-16,"Moneer Masoud",php,webapps,0 36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Auth Bypass",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0 36405,platforms/windows/dos/36405.txt,"Serv-U 11.1.0.3 - Denial of Service / Security Bypass",2011-12-05,"Luigi Auriemma",windows,dos,0 36388,platforms/linux/local/36388.py,"Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash PoC",2015-03-16,"Avinash Thapa",linux,local,0 -36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 - index.php task Parameter XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0 +36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 - 'index.php' task Parameter XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0 36390,platforms/windows/local/36390.txt,"Foxit Reader 7.0.6.1126 - Unquoted Service Path Elevation Of Privilege",2015-03-16,LiquidWorm,windows,local,0 36391,platforms/lin_x86/shellcode/36391.c,"Linux/x86 - ROT13 encoded execve(_/bin/sh_) shellcode (68 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36392,platforms/windows/dos/36392.txt,"Intel Network Adapter Diagnostic Driver - IOCTL Handling",2015-03-14,"Glafkos Charalambous ",windows,dos,0 36393,platforms/lin_x86/shellcode/36393.c,"Linux/x86 - chmod 0777 /etc/shadow obfuscated shellcode (84 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36394,platforms/lin_x86/shellcode/36394.c,"Linux/x86 - Obfuscated map google.com to 127.1.1.1 shellcode (98 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36395,platforms/lin_x86/shellcode/36395.c,"Linux/x86 - Obfuscated execve(_/bin/sh_) shellcode (40 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 -36481,platforms/php/webapps/36481.txt,"WordPress TheCartPress Plugin 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 +36481,platforms/php/webapps/36481.txt,"WordPress TheCartPress Plugin 1.6 - 'OptionsPostsList.php' Cross-site Scripting",2011-12-31,6Scan,php,webapps,0 36397,platforms/lin_x86/shellcode/36397.c,"Linux/x86 - Reverse TCP Shell shellcode (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 - administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0 -36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 +36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 36412,platforms/windows/remote/36412.rb,"IPass Control Pipe - Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 Plugin - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 -36401,platforms/php/webapps/36401.txt,"AtMail 1.04 - 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 -36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross-Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 +36401,platforms/php/webapps/36401.txt,"AtMail 1.04 - 'func' Parameter Multiple Cross-site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 +36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross-site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 36403,platforms/windows/dos/36403.html,"HP Device Access Manager for HP ProtectTools 5.0/6.0 - Heap Memory Corruption",2011-12-02,"High-Tech Bridge SA",windows,dos,0 36404,platforms/linux/dos/36404.c,"GNU glibc - Timezone Parsing Remote Integer Overflow",2009-06-01,dividead,linux,dos,0 36414,platforms/php/webapps/36414.txt,"WordPress WPML 3.1.9 Plugin - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80 36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass",2015-03-16,Metasploit,java,remote,9200 -36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 - 'err' Parameter Cross-Site Scripting",2012-01-01,Net.Edit0r,php,webapps,0 -36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 Plugin - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 -36484,platforms/php/webapps/36484.txt,"PHPB2B 4.1 - 'q' Parameter Cross-Site Scripting",2011-01-01,"H4ckCity Security Team",php,webapps,0 -36485,platforms/php/webapps/36485.txt,"FuseTalk Forums 3.2 - 'windowed' Parameter Cross-Site Scripting",2012-01-02,sonyy,php,webapps,0 +36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 - 'err' Parameter Cross-site Scripting",2012-01-01,Net.Edit0r,php,webapps,0 +36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 Plugin - 's' Parameter Cross-site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 +36484,platforms/php/webapps/36484.txt,"PHPB2B 4.1 - 'q' Parameter Cross-site Scripting",2011-01-01,"H4ckCity Security Team",php,webapps,0 +36485,platforms/php/webapps/36485.txt,"FuseTalk Forums 3.2 - 'windowed' Parameter Cross-site Scripting",2012-01-02,sonyy,php,webapps,0 36486,platforms/php/webapps/36486.txt,"Tienda Virtual - 'art_detalle.php' SQL Injection",2012-01-03,"Arturo Zamora",php,webapps,0 36417,platforms/windows/local/36417.txt,"Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation",2015-03-17,LiquidWorm,windows,local,0 -36418,platforms/php/webapps/36418.txt,"Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting",2015-03-17,LiquidWorm,php,webapps,0 +36418,platforms/php/webapps/36418.txt,"Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-site Scripting",2015-03-17,LiquidWorm,php,webapps,0 36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 - Initial User Creation CSRF (Metasploit)",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790 36420,platforms/windows/remote/36420.rb,"Adobe Flash Player - PCRE Regex",2015-03-17,Metasploit,windows,remote,0 36421,platforms/linux/remote/36421.rb,"Exim GHOST - (glibc gethostbyname) Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",linux,remote,25 @@ -32851,13 +32851,13 @@ id,file,description,date,author,platform,type,port 36425,platforms/linux/dos/36425.txt,"Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service",2011-12-06,"Serge Hallyn",linux,dos,0 36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 - Session Tampering Security Bypass",2011-12-07,"Hisato Killing",multiple,remote,0 36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 - Remote Denial of Service",2011-12-07,"Luigi Auriemma",windows,dos,0 -36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras - Cross-Site Scripting",2011-12-07,"Matt Metzger",hardware,remote,0 +36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras - Cross-site Scripting",2011-12-07,"Matt Metzger",hardware,remote,0 36429,platforms/hardware/remote/36429.txt,"HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI XSS",2011-12-08,"Silent Dream",hardware,remote,0 36430,platforms/linux/local/36430.sh,"HP Application Lifestyle Management 11 - 'GetInstalledPackages' Local Privilege Escalation",2011-12-08,anonymous,linux,local,0 36431,platforms/windows/dos/36431.pl,"FastStone Image Viewer 5.3 - (.tga) Crash PoC",2015-03-19,"ITDefensor Vulnerability Research Team",windows,dos,0 -36432,platforms/php/webapps/36432.txt,"Pet Listing - 'preview.php' Cross-Site Scripting",2011-12-09,Mr.PaPaRoSSe,php,webapps,0 +36432,platforms/php/webapps/36432.txt,"Pet Listing - 'preview.php' Cross-site Scripting",2011-12-09,Mr.PaPaRoSSe,php,webapps,0 36433,platforms/windows/dos/36433.txt,"Yahoo! CD Player - ActiveX Control 'open()' Method Stack Buffer Overflow",2011-04-20,shinnai,windows,dos,0 -36434,platforms/php/webapps/36434.txt,"WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-Site Scripting",2011-12-12,Am!r,php,webapps,0 +36434,platforms/php/webapps/36434.txt,"WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-site Scripting",2011-12-12,Am!r,php,webapps,0 36435,platforms/php/webapps/36435.txt,"Chamilo LMS 1.9.10 - Multiple Vulnerabilities",2015-03-19,"Rehan Ahmed",php,webapps,80 36436,platforms/java/webapps/36436.txt,"EMC M&R (Watch4net) - Credential Disclosure",2015-03-19,"Han Sahin",java,webapps,0 36437,platforms/windows/local/36437.rb,"Publish-It - PUI Buffer Overflow (SEH)",2015-03-19,Metasploit,windows,local,0 @@ -32867,20 +32867,20 @@ id,file,description,date,author,platform,type,port 36441,platforms/xml/webapps/36441.txt,"Citrix Command Center - Credential Disclosure",2015-03-19,"Han Sahin",xml,webapps,8443 36442,platforms/linux/webapps/36442.txt,"Citrix NITRO SDK - Command Injection",2015-03-19,"Han Sahin",linux,webapps,0 36443,platforms/windows/dos/36443.txt,"Opera Web Browser Prior to 11.60 - Multiple Denial of Service and Unspecified Vulnerabilities",2011-12-12,anonymous,windows,dos,0 -36444,platforms/php/webapps/36444.txt,"WordPress flash-album-gallery Plugin - 'flagshow.php' Cross-Site Scripting",2011-12-13,Am!r,php,webapps,0 -36445,platforms/php/webapps/36445.txt,"WordPress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting",2011-12-31,Am!r,php,webapps,0 -36446,platforms/php/webapps/36446.txt,"Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-16,"Avram Marius",php,webapps,0 -36447,platforms/php/webapps/36447.txt,"Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-14,"Avram Marius",php,webapps,0 +36444,platforms/php/webapps/36444.txt,"WordPress flash-album-gallery Plugin - 'flagshow.php' Cross-site Scripting",2011-12-13,Am!r,php,webapps,0 +36445,platforms/php/webapps/36445.txt,"WordPress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross-site Scripting",2011-12-31,Am!r,php,webapps,0 +36446,platforms/php/webapps/36446.txt,"Fork CMS 3.1.5 - Multiple Cross-site Scripting Vulnerabilities",2011-12-16,"Avram Marius",php,webapps,0 +36447,platforms/php/webapps/36447.txt,"Pulse Pro 1.7.2 - Multiple Cross-site Scripting Vulnerabilities",2011-12-14,"Avram Marius",php,webapps,0 36448,platforms/php/webapps/36448.txt,"BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0 36449,platforms/php/webapps/36449.txt,"BrowserCRM 5.100.1 - modules/Documents/index.php contact_id Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0 36450,platforms/php/webapps/36450.txt,"BrowserCRM 5.100.1 - Multiple Script URI XSS",2011-12-14,"High-Tech Bridge SA",php,webapps,0 36451,platforms/php/webapps/36451.txt,"BrowserCRM 5.100.1 - license/index.php framed Parameter XSS",2011-12-14,"High-Tech Bridge SA",php,webapps,0 36452,platforms/php/webapps/36452.txt,"BrowserCRM 5.100.1 - licence/view.php framed Parameter XSS",2011-12-14,"High-Tech Bridge SA",php,webapps,0 36453,platforms/php/webapps/36453.txt,"BrowserCRM 5.100.1 - pub/clients.php login[] Parameter XSS",2011-12-14,"High-Tech Bridge SA",php,webapps,0 -36454,platforms/php/webapps/36454.txt,"BrowserCRM 5.100.1 - index.php login[] Parameter XSS",2011-12-14,"High-Tech Bridge SA",php,webapps,0 -36455,platforms/multiple/remote/36455.txt,"Nagios XI - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2011-12-14,anonymous,multiple,remote,0 +36454,platforms/php/webapps/36454.txt,"BrowserCRM 5.100.1 - 'index.php' login[] Parameter XSS",2011-12-14,"High-Tech Bridge SA",php,webapps,0 +36455,platforms/multiple/remote/36455.txt,"Nagios XI - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2011-12-14,anonymous,multiple,remote,0 36456,platforms/php/webapps/36456.txt,"Owl Intranet Engine 1.00 - 'userid' Parameter Authentication Bypass",2011-12-15,"RedTeam Pentesting GmbH",php,webapps,0 -36457,platforms/cgi/webapps/36457.txt,"Websense 7.6 - Triton Report Management Interface Cross-Site Scripting",2011-12-15,"Ben Williams",cgi,webapps,0 +36457,platforms/cgi/webapps/36457.txt,"Websense 7.6 - Triton Report Management Interface Cross-site Scripting",2011-12-15,"Ben Williams",cgi,webapps,0 36458,platforms/cgi/webapps/36458.txt,"Websense 7.6 Triton - 'ws_irpt.exe' Remote Command Execution",2011-12-15,"Ben Williams",cgi,webapps,0 36459,platforms/cgi/webapps/36459.txt,"Websense 7.6 Products - 'favorites.exe' Authentication Bypass",2011-12-15,"Ben Williams",cgi,webapps,0 36460,platforms/php/webapps/36460.txt,"Flirt-Projekt 4.8 - 'rub' Parameter SQL Injection",2011-12-17,Lazmania61,php,webapps,0 @@ -32890,31 +32890,31 @@ id,file,description,date,author,platform,type,port 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection",2015-03-22,"Manish Tanwar",php,webapps,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 Plugin - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 -36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting",2011-12-19,G13,php,webapps,0 +36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-site Scripting",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 -36471,platforms/php/webapps/36471.txt,"PHPShop CMS 3.4 - Multiple Cross-Site Scripting and SQL Injection",2011-12-20,"High-Tech Bridge SA",php,webapps,0 +36471,platforms/php/webapps/36471.txt,"PHPShop CMS 3.4 - Multiple Cross-site Scripting and SQL Injection",2011-12-20,"High-Tech Bridge SA",php,webapps,0 36472,platforms/php/webapps/36472.txt,"Joomla! 'com_caproductprices' Component - 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36473,platforms/php/webapps/36473.txt,"Cyberoam UTM 10 - 'tableid' Parameter SQL Injection",2011-12-20,"Benjamin Kunz Mejri",php,webapps,0 -36474,platforms/php/webapps/36474.txt,"epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-21,"High-Tech Bridge SA",php,webapps,0 -36475,platforms/hardware/remote/36475.txt,"Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection",2011-12-21,Vulnerability-Lab,hardware,remote,0 +36474,platforms/php/webapps/36474.txt,"epesi BIM 1.2 rev 8154 - Multiple Cross-site Scripting Vulnerabilities",2011-12-21,"High-Tech Bridge SA",php,webapps,0 +36475,platforms/hardware/remote/36475.txt,"Barracuda Control Center 620 - Cross-site Scripting / HTML Injection",2011-12-21,Vulnerability-Lab,hardware,remote,0 36476,platforms/windows/local/36476.txt,"Kaspersky Internet Security/Anti-Virus - '.cfg' File Memory Corruption",2011-12-21,"Vulnerability Research Laboratory",windows,local,0 36477,platforms/windows/remote/36477.py,"Bsplayer 2.68 - HTTP Response Exploit (Universal)",2015-03-24,"Fady Mohammed Osman",windows,remote,0 36478,platforms/php/webapps/36478.php,"WordPress Plugin InBoundio Marketing 1.0 - Shell Upload",2015-03-24,KedAns-Dz,php,webapps,0 36506,platforms/php/webapps/36506.txt,"pfSense 2.2 - Multiple Vulnerabilities",2015-03-26,"High-Tech Bridge SA",php,webapps,0 -36487,platforms/php/webapps/36487.txt,"WordPress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross-Site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0 -36488,platforms/php/webapps/36488.txt,"WordPress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross-Site Scripting",2012-01-03,Atmon3r,php,webapps,0 -36489,platforms/php/webapps/36489.txt,"TextPattern 4.4.1 - 'ddb' Parameter Cross-Site Scripting",2012-01-04,"Jonathan Claudius",php,webapps,0 +36487,platforms/php/webapps/36487.txt,"WordPress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross-site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0 +36488,platforms/php/webapps/36488.txt,"WordPress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross-site Scripting",2012-01-03,Atmon3r,php,webapps,0 +36489,platforms/php/webapps/36489.txt,"TextPattern 4.4.1 - 'ddb' Parameter Cross-site Scripting",2012-01-04,"Jonathan Claudius",php,webapps,0 36490,platforms/php/webapps/36490.py,"WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)",2015-03-25,"Claudio Viviani",php,webapps,0 36491,platforms/windows/remote/36491.txt,"Adobe Flash Player - Arbitrary Code Execution",2015-03-25,SecurityObscurity,windows,remote,0 -36492,platforms/php/webapps/36492.txt,"GraphicsClone Script - 'term' parameter Cross-Site Scripting",2012-01-04,Mr.PaPaRoSSe,php,webapps,0 +36492,platforms/php/webapps/36492.txt,"GraphicsClone Script - 'term' parameter Cross-site Scripting",2012-01-04,Mr.PaPaRoSSe,php,webapps,0 36493,platforms/php/webapps/36493.txt,"Orchard 1.3.9 - 'ReturnUrl' Parameter URI Redirection",2012-01-04,"Mesut Timur",php,webapps,0 -36494,platforms/php/webapps/36494.txt,"Limny 3.0.1 - 'login.php' Script Cross-Site Scripting",2012-01-04,"Gjoko Krstic",php,webapps,0 +36494,platforms/php/webapps/36494.txt,"Limny 3.0.1 - 'login.php' Script Cross-site Scripting",2012-01-04,"Gjoko Krstic",php,webapps,0 36495,platforms/php/webapps/36495.txt,"Pligg CMS 1.1.2 - 'status' Parameter SQL Injection",2011-12-29,SiteWatch,php,webapps,0 -36496,platforms/php/webapps/36496.txt,"Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross-Site Scripting",2011-12-29,SiteWatch,php,webapps,0 -36497,platforms/php/webapps/36497.txt,"UBB.threads 7.5.6 - 'Username' Field Cross-Site Scripting",2012-01-04,sonyy,php,webapps,0 -36498,platforms/php/webapps/36498.txt,"Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-01-05,SiteWatch,php,webapps,0 -36499,platforms/php/webapps/36499.txt,"StatIt 4 - 'statistik.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-04,sonyy,php,webapps,0 +36496,platforms/php/webapps/36496.txt,"Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross-site Scripting",2011-12-29,SiteWatch,php,webapps,0 +36497,platforms/php/webapps/36497.txt,"UBB.threads 7.5.6 - 'Username' Field Cross-site Scripting",2012-01-04,sonyy,php,webapps,0 +36498,platforms/php/webapps/36498.txt,"Yaws 1.88 - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2012-01-05,SiteWatch,php,webapps,0 +36499,platforms/php/webapps/36499.txt,"StatIt 4 - 'statistik.php' Multiple Cross-site Scripting Vulnerabilities",2012-01-04,sonyy,php,webapps,0 36500,platforms/windows/remote/36500.txt,"HServer 0.1.1 - Directory Traversal",2012-01-05,demonalex,windows,remote,0 36501,platforms/windows/local/36501.py,"Mini-stream Ripper 2.7.7.100 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 36502,platforms/windows/local/36502.py,"RM Downloader 2.7.5.400 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 @@ -32922,14 +32922,14 @@ id,file,description,date,author,platform,type,port 36504,platforms/hardware/remote/36504.rb,"QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)",2015-03-26,"Patrick Pellegrino",hardware,remote,0 36505,platforms/windows/remote/36505.txt,"WebGate eDVR Manager - Stack Buffer Overflow",2015-03-26,"Praveen Darshanam",windows,remote,0 36507,platforms/windows/remote/36507.txt,"Microsoft AntiXSS 3/4.0 Library Sanitization Module - Security Bypass",2012-01-10,"Adi Cohen",windows,remote,0 -36508,platforms/php/webapps/36508.txt,"VertrigoServ 2.25 - 'extensions.php' Script Cross-Site Scripting",2012-01-05,"Stefan Schurtz",php,webapps,0 +36508,platforms/php/webapps/36508.txt,"VertrigoServ 2.25 - 'extensions.php' Script Cross-site Scripting",2012-01-05,"Stefan Schurtz",php,webapps,0 36509,platforms/php/webapps/36509.txt,"SQLiteManager 1.2.4 - main.php dbsel Parameter XSS",2012-01-05,"Stefan Schurtz",php,webapps,0 -36510,platforms/php/webapps/36510.txt,"SQLiteManager 1.2.4 - index.php Multiple Parameter XSS",2012-01-05,"Stefan Schurtz",php,webapps,0 +36510,platforms/php/webapps/36510.txt,"SQLiteManager 1.2.4 - 'index.php' Multiple Parameter XSS",2012-01-05,"Stefan Schurtz",php,webapps,0 36511,platforms/hardware/remote/36511.txt,"Astaro Security Gateway 8.1 - HTML Injection",2012-12-27,"Vulnerability Research Laboratory",hardware,remote,0 36512,platforms/php/webapps/36512.txt,"eFront 3.6.10 - 'download' Parameter Directory Traversal",2012-01-06,"Chokri B.A",php,webapps,0 36513,platforms/windows/remote/36513.txt,"IpTools 0.1.4 - Tiny TCP/IP servers Directory Traversal",2012-01-06,demonalex,windows,remote,0 36514,platforms/windows/remote/36514.pl,"IPtools 0.1.4 - Remote Command Server Buffer Overflow",2012-01-06,demonalex,windows,remote,0 -36515,platforms/asp/webapps/36515.txt,"DIGIT CMS 1.0.7 - Cross-Site Scripting and SQL Injection",2012-01-07,"BHG Security Center",asp,webapps,0 +36515,platforms/asp/webapps/36515.txt,"DIGIT CMS 1.0.7 - Cross-site Scripting and SQL Injection",2012-01-07,"BHG Security Center",asp,webapps,0 36516,platforms/windows/remote/36516.py,"Acunetix 9.5 - OLE Automation Array Remote Code Execution",2015-03-27,"Naser Farhadi",windows,remote,0 36517,platforms/windows/remote/36517.html,"WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36518,platforms/windows/remote/36518.html,"WebGate Control Center 4.8.7 - GetThumbnail Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 @@ -32952,21 +32952,21 @@ id,file,description,date,author,platform,type,port 36535,platforms/php/webapps/36535.txt,"MARINET CMS - galleryphoto.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36536,platforms/php/webapps/36536.txt,"MARINET CMS - gallery.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36537,platforms/multiple/remote/36537.txt,"SonicWall AntiSpam & EMail 7.3.1 - Multiple Security vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0 -36538,platforms/php/webapps/36538.txt,"Gregarius 0.6.1 - Multiple SQL Injection / Cross-Site Scripting",2012-01-09,sonyy,php,webapps,0 -36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 - 'users.php' Cross-Site Scripting",2012-01-09,Am!r,php,webapps,0 +36538,platforms/php/webapps/36538.txt,"Gregarius 0.6.1 - Multiple SQL Injections / Cross-site Scripting",2012-01-09,sonyy,php,webapps,0 +36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 - 'users.php' Cross-site Scripting",2012-01-09,Am!r,php,webapps,0 36540,platforms/php/webapps/36540.txt,"WordPress Age Verification plugin 0.4 - 'redirect_to' Parameter URI Redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 -36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 - 'downloads.php' Cross-Site Scripting",2012-01-10,Am!r,php,webapps,0 +36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 - 'downloads.php' Cross-site Scripting",2012-01-10,Am!r,php,webapps,0 36542,platforms/windows/remote/36542.txt,"ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow and Remote Code Execution Vulnerabilities",2012-01-11,"Luigi Auriemma",windows,remote,0 -36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0 +36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x - Multiple Cross-site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0 36544,platforms/php/webapps/36544.txt,"Kayako SupportSuite 3.x - Multiple Vulnerabilities",2012-01-11,"Yuri Goltsev",php,webapps,0 36545,platforms/linux/dos/36545.txt,"Linux Kernel 3.1.8 - KVM Local Denial of Service",2011-12-29,"Stephan Sattler",linux,dos,0 36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double Free Remote Memory Corruption",2012-01-12,NCNIPC,windows,remote,0 -36547,platforms/asp/webapps/36547.txt,"MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 +36547,platforms/asp/webapps/36547.txt,"MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 36548,platforms/java/webapps/36548.txt,"Contus Job Portal - 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0 36549,platforms/php/webapps/36549.txt,"Joomla! HD Video Share Component 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 -36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting",2012-01-16,Atmon3r,php,webapps,0 -36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 -36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 +36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross-site Scripting",2012-01-16,Atmon3r,php,webapps,0 +36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website - 'ringtones.php' Multiple Cross-site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 +36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider Revolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 36747,platforms/linux/local/36747.c,"abrt (Fedora 21) - Race Condition Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 @@ -32975,11 +32975,11 @@ id,file,description,date,author,platform,type,port 36561,platforms/php/webapps/36561.txt,"Joomla Contact Form Maker 1.0.1 Component - SQL injection",2015-03-30,"TUNISIAN CYBER",php,webapps,0 36562,platforms/linux/remote/36562.txt,"Apache Spark Cluster 1.3.x - Arbitrary Code Execution",2015-03-30,"Akhil Das",linux,remote,0 36564,platforms/linux/local/36564.txt,"Fedora 21 setroubleshootd 3.2.22 - Local Root PoC",2015-03-30,"Sebastian Krahmer",linux,local,0 -36565,platforms/php/webapps/36565.txt,"ATutor 2.0.3 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 -36566,platforms/php/webapps/36566.txt,"Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 -36567,platforms/php/webapps/36567.txt,"phpVideoPro 0.8.x/0.9.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 -36568,platforms/php/webapps/36568.txt,"Giveaway Manager - 'members.php' Cross-Site Scripting",2012-01-16,Am!r,php,webapps,0 -36569,platforms/php/webapps/36569.txt,"Annuaire PHP - 'sites_inscription.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-16,Atmon3r,php,webapps,0 +36565,platforms/php/webapps/36565.txt,"ATutor 2.0.3 - Multiple Cross-site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 +36566,platforms/php/webapps/36566.txt,"Beehive Forum 101 - Multiple Cross-site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 +36567,platforms/php/webapps/36567.txt,"phpVideoPro 0.8.x/0.9.7 - Multiple Cross-site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 +36568,platforms/php/webapps/36568.txt,"Giveaway Manager - 'members.php' Cross-site Scripting",2012-01-16,Am!r,php,webapps,0 +36569,platforms/php/webapps/36569.txt,"Annuaire PHP - 'sites_inscription.php' Multiple Cross-site Scripting Vulnerabilities",2012-01-16,Atmon3r,php,webapps,0 36570,platforms/multiple/dos/36570.txt,"Rockwell Automation FactoryTalk Activation Server - Multiple Denial of Service Vulnerabilities",2012-01-17,"Luigi Auriemma",multiple,dos,0 36571,platforms/linux/local/36571.sh,"OverlayFS inode Security Checks - 'inode.c' Local Security Bypass",2012-01-17,"Gary Poster",linux,local,0 36572,platforms/php/webapps/36572.txt,"Toner Cart - 'show_series_ink.php' SQL Injection",2012-01-18,Lazmania61,php,webapps,0 @@ -32992,27 +32992,27 @@ id,file,description,date,author,platform,type,port 36579,platforms/windows/remote/36579.rb,"Adobe Flash Player - ByteArray With Workers Use-After-Free",2015-03-31,Metasploit,windows,remote,0 36580,platforms/windows/webapps/36580.rb,"Palo Alto Traps Server 3.1.2.1546 - Persistent XSS",2015-03-31,"Michael Hendrickx",windows,webapps,0 36581,platforms/php/webapps/36581.txt,"Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities",2015-03-31,Mahendra,php,webapps,80 -36582,platforms/php/webapps/36582.txt,"OneOrZero AIMS - 'index.php' Cross-Site Scripting",2012-01-18,"High-Tech Bridge SA",php,webapps,0 +36582,platforms/php/webapps/36582.txt,"OneOrZero AIMS - 'index.php' Cross-site Scripting",2012-01-18,"High-Tech Bridge SA",php,webapps,0 36583,platforms/php/webapps/36583.txt,"PostNuke pnAddressbook Module - 'id' Parameter SQL Injection",2012-01-19,"Robert Cooper",php,webapps,0 36584,platforms/php/webapps/36584.txt,"Vastal EzineShop - 'view_mags.php' SQL Injection",2012-01-19,Lazmania61,php,webapps,0 36585,platforms/asp/webapps/36585.txt,"Snitz Forums 2000 - 'TOPIC_ID' Parameter SQL Injection",2012-01-20,snup,asp,webapps,0 -36586,platforms/php/webapps/36586.txt,"Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-01-20,"Alexander Fuchs",php,webapps,0 +36586,platforms/php/webapps/36586.txt,"Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-site Scripting and HTML Injection Vulnerabilities",2012-01-20,"Alexander Fuchs",php,webapps,0 36587,platforms/windows/remote/36587.py,"Savant Web Server 3.1 - Remote Buffer Overflow",2012-01-21,red-dragon,windows,remote,0 -36588,platforms/asp/webapps/36588.txt,"Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-21,"Avram Marius",asp,webapps,0 +36588,platforms/asp/webapps/36588.txt,"Acidcat ASP CMS 3.5 - Multiple Cross-site Scripting Vulnerabilities",2012-01-21,"Avram Marius",asp,webapps,0 36589,platforms/php/webapps/36589.txt,"Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0 36590,platforms/php/webapps/36590.txt,"Tribiq CMS - 'index.php' SQL Injection",2012-01-21,"Skote Vahshat",php,webapps,0 36591,platforms/php/webapps/36591.txt,"Joomla! Full 'com_full' Component - 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36592,platforms/php/webapps/36592.txt,"Joomla 'com_sanpham' Component - Multiple SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36592,platforms/php/webapps/36592.txt,"Joomla 'com_sanpham' Component - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0 36593,platforms/php/webapps/36593.txt,"Joomla! 'com_xball' Component - 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0 36594,platforms/php/webapps/36594.txt,"Joomla! 'com_boss' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36595,platforms/php/webapps/36595.txt,"Joomla 'com_car' Component - Multiple SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36595,platforms/php/webapps/36595.txt,"Joomla 'com_car' Component - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0 36596,platforms/php/webapps/36596.txt,"Joomla! 'com_some' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0 36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 36601,platforms/php/webapps/36601.txt,"Joomla Spider Random Article Component - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 -36620,platforms/php/webapps/36620.txt,"WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross-Site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 +36620,platforms/php/webapps/36620.txt,"WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross-site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 36602,platforms/windows/remote/36602.html,"Webgate WESP SDK 1.2 - ChangePassword Stack Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36603,platforms/windows/remote/36603.html,"WebGate eDVR Manager 2.6.4 - AudioOnlySiteChannel Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36604,platforms/windows/remote/36604.html,"WebGate WinRDS 2.0.8 - PlaySiteAllChannel Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 @@ -33022,7 +33022,7 @@ id,file,description,date,author,platform,type,port 36610,platforms/php/webapps/36610.txt,"WordPress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities",2015-04-02,Divya,php,webapps,80 36611,platforms/php/webapps/36611.txt,"Multiple UpThemes WordPress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 36612,platforms/php/webapps/36612.txt,"WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 -36613,platforms/php/webapps/36613.txt,"WordPress Simple Ads Manager Plugin - Multiple SQL Injection",2015-04-02,"ITAS Team",php,webapps,80 +36613,platforms/php/webapps/36613.txt,"WordPress Simple Ads Manager Plugin - Multiple SQL Injections",2015-04-02,"ITAS Team",php,webapps,80 36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 Plugin - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager Plugin - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 36616,platforms/php/webapps/36616.txt,"phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection",2015-04-02,@u0x,php,webapps,80 @@ -33033,14 +33033,14 @@ id,file,description,date,author,platform,type,port 36622,platforms/windows/dos/36622.pl,"UltraPlayer 2.112 Malformed - '.avi' File Denial of Service",2012-01-24,KedAns-Dz,windows,dos,0 36623,platforms/php/webapps/36623.txt,"Ultimate Locator - 'radius' Parameter SQL Injection",2012-01-24,"Robert Cooper",php,webapps,0 36624,platforms/php/webapps/36624.txt,"Joomla! 'com_jesubmit' Component - 'index.php' Arbitrary File Upload",2012-01-24,"Robert Cooper",php,webapps,0 -36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 - index.php sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0 -36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 - index.php getParam() Function Multiple Parameter XSS",2012-01-25,"High-Tech Bridge SA",php,webapps,0 -36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross-Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 +36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 - 'index.php' sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0 +36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 - 'index.php' getParam() Function Multiple Parameter XSS",2012-01-25,"High-Tech Bridge SA",php,webapps,0 +36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross-site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 -36630,platforms/php/webapps/36630.txt,"Joomla 'com_products' Component - Multiple SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 -36631,platforms/php/webapps/36631.txt,"WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 -36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross-Site Scripting",2012-01-26,sonyy,php,webapps,0 +36630,platforms/php/webapps/36630.txt,"Joomla 'com_products' Component - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0 +36631,platforms/php/webapps/36631.txt,"WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross-site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 +36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross-site Scripting",2012-01-26,sonyy,php,webapps,0 36633,platforms/linux/dos/36633.txt,"Wireshark - Buffer Underflow / Denial of Service",2012-01-10,"Laurent Butti",linux,dos,0 36634,platforms/php/webapps/36634.txt,"Joomla! 'com_visa' Component - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 36635,platforms/php/webapps/36635.txt,"Joomla! 'com_firmy' Component - 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 @@ -33049,39 +33049,39 @@ id,file,description,date,author,platform,type,port 36639,platforms/php/webapps/36639.txt,"Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 36640,platforms/php/webapps/36640.txt,"WordPress Work The Flow File Upload 2.5.2 Plugin - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0 -36642,platforms/php/webapps/36642.txt,"Joomla! 'com_bbs' Component - Multiple SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 +36642,platforms/php/webapps/36642.txt,"Joomla! 'com_bbs' Component - Multiple SQL Injections",2012-01-30,the_cyber_nuxbie,php,webapps,0 36643,platforms/php/webapps/36643.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter SQL Injection",2012-01-31,RandomStorm,php,webapps,0 36644,platforms/php/webapps/36644.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter XSS",2012-01-31,RandomStorm,php,webapps,0 36645,platforms/php/webapps/36645.txt,"4Images 1.7.10 - admin/index.php redirect Parameter Arbitrary Site Redirect",2012-01-31,RandomStorm,php,webapps,0 36646,platforms/php/webapps/36646.txt,"Joomla! 'com_cmotour' Component - 'id' Parameter SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 -36647,platforms/php/webapps/36647.txt,"Lead Capture - 'login.php' Script Cross-Site Scripting",2012-01-21,HashoR,php,webapps,0 +36647,platforms/php/webapps/36647.txt,"Lead Capture - 'login.php' Script Cross-site Scripting",2012-01-21,HashoR,php,webapps,0 36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 - interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 - interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 - contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36652,platforms/multiple/remote/36652.py,"w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution PoC Exploit",2015-04-06,"Jay Turla",multiple,remote,6667 36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 - File Upload and Execute",2015-04-06,Metasploit,jsp,remote,8080 -36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 -36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 -36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0 +36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-site Scripting",2012-02-01,andsarmiento,php,webapps,0 +36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-site Scripting",2012-02-01,andsarmiento,php,webapps,0 +36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0 36657,platforms/php/webapps/36657.txt,"Joomla! 'com_bnf' Component - 'seccion_id' Parameter SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0 -36658,platforms/php/webapps/36658.txt,"iknSupport 'search' Module - Cross-Site Scripting",2012-02-02,"Red Security TEAM",php,webapps,0 -36659,platforms/php/webapps/36659.txt,"Joomla! Currency Converter Component - 'from' Parameter Cross-Site Scripting",2012-02-02,"BHG Security Center",php,webapps,0 -36660,platforms/php/webapps/36660.txt,"project-open 3.4.x - 'account-closed.tcl' Cross-Site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0 +36658,platforms/php/webapps/36658.txt,"iknSupport 'search' Module - Cross-site Scripting",2012-02-02,"Red Security TEAM",php,webapps,0 +36659,platforms/php/webapps/36659.txt,"Joomla! Currency Converter Component - 'from' Parameter Cross-site Scripting",2012-02-02,"BHG Security Center",php,webapps,0 +36660,platforms/php/webapps/36660.txt,"project-open 3.4.x - 'account-closed.tcl' Cross-site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0 36661,platforms/php/webapps/36661.txt,"PHP-Fusion 7.2.4 - 'weblink_id' Parameter SQL Injection",2012-02-03,Am!r,php,webapps,0 36662,platforms/windows/dos/36662.txt,"Edraw Diagram Component 5 - ActiveX Control 'LicenseName()' Method Buffer Overflow",2012-02-06,"Senator of Pirates",windows,dos,0 36663,platforms/linux/remote/36663.txt,"Apache HTTP Server 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass",2012-02-06,"Tomas Hoger",linux,remote,0 36664,platforms/php/webapps/36664.txt,"Vespa 0.8.6 - 'getid3.php' Local File Inclusion",2012-02-06,T0x!c,php,webapps,0 -36665,platforms/php/webapps/36665.txt,"Simple Groupware 0.742 - 'export' Parameter Cross-Site Scripting",2012-02-07,"Infoserve Security Team",php,webapps,0 +36665,platforms/php/webapps/36665.txt,"Simple Groupware 0.742 - 'export' Parameter Cross-site Scripting",2012-02-07,"Infoserve Security Team",php,webapps,0 36666,platforms/java/webapps/36666.txt,"ManageEngine ADManager Plus 5.2 Build 5210 - DomainConfig.do operation Parameter XSS",2012-02-07,LiquidWorm,java,webapps,0 36667,platforms/java/webapps/36667.txt,"ManageEngine ADManager Plus 5.2 Build 5210 - jsp/AddDC.jsp domainName Parameter XSS",2012-02-07,LiquidWorm,java,webapps,0 -36668,platforms/php/webapps/36668.txt,"eFront 3.6.10 - 'administrator.php' Cross-Site Scripting",2012-02-07,"Chokri B.A",php,webapps,0 +36668,platforms/php/webapps/36668.txt,"eFront 3.6.10 - 'administrator.php' Cross-site Scripting",2012-02-07,"Chokri B.A",php,webapps,0 36669,platforms/linux/dos/36669.txt,"Apache APR - Hash Collision Denial Of Service",2012-01-05,"Moritz Muehlenhoff",linux,dos,0 36670,platforms/hardware/remote/36670.txt,"D-Link ShareCenter Products - Multiple Remote Code Execution Vulnerabilities",2012-02-08,"Roberto Paleari",hardware,remote,0 36671,platforms/php/webapps/36671.txt,"WordPress All In One WP Security & Firewall 3.9.0 Plugin - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 36672,platforms/lin_x86/shellcode/36672.asm,"Linux/x86 - Egg-hunter shellcode (20 bytes)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 36673,platforms/lin_x86/shellcode/36673.py,"Linux/x86 - Typewriter Shellcode (Generator)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 -36674,platforms/php/webapps/36674.txt,"Shareaholic 7.6.0.3 - XSS",2015-04-08,"Kacper Szurek",php,webapps,80 +36674,platforms/php/webapps/36674.txt,"Shareaholic 7.6.0.3 - Cross-site Scripting",2015-04-08,"Kacper Szurek",php,webapps,80 36675,platforms/php/webapps/36675.txt,"Balero CMS 0.7.2 - Multiple Blind SQL Injection",2015-04-08,LiquidWorm,php,webapps,80 36676,platforms/php/webapps/36676.html,"Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 36677,platforms/php/webapps/36677.txt,"WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 @@ -33095,14 +33095,14 @@ id,file,description,date,author,platform,type,port 36685,platforms/php/webapps/36685.txt,"CubeCart 3.0.20 - Multiple Script redir Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36686,platforms/php/webapps/36686.txt,"CubeCart 3.0.20 - admin/login.php goto Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36687,platforms/php/webapps/36687.txt,"CubeCart 3.0.20 - switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 -36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross-Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 +36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross-site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post-Auth Remote Root exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 -36693,platforms/php/webapps/36693.txt,"RabbitWiki - 'title' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0 +36693,platforms/php/webapps/36693.txt,"RabbitWiki - 'title' Parameter Cross-site Scripting",2012-02-10,sonyy,php,webapps,0 36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 - SQL Injection / Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0 -36695,platforms/php/webapps/36695.txt,"Zimbra - 'view' Parameter Cross-Site Scripting",2012-02-13,sonyy,php,webapps,0 +36695,platforms/php/webapps/36695.txt,"Zimbra - 'view' Parameter Cross-site Scripting",2012-02-13,sonyy,php,webapps,0 36696,platforms/php/webapps/36696.txt,"Nova CMS - administrator/modules/moduleslist.php id Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36697,platforms/php/webapps/36697.txt,"Nova CMS - optimizer/index.php fileType Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36698,platforms/php/webapps/36698.txt,"Nova CMS - includes/function/gets.php filename Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 @@ -33140,7 +33140,7 @@ id,file,description,date,author,platform,type,port 36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 -36735,platforms/php/webapps/36735.txt,"WordPress Duplicator 0.5.14 Plugin - SQL Injection / CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 +36735,platforms/php/webapps/36735.txt,"WordPress Duplicator 0.5.14 Plugin - SQL Injection / Cross-site Request Forgery",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Shell Upload",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt (Ubuntu / Fedora) - Local Root Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 @@ -33157,7 +33157,7 @@ id,file,description,date,author,platform,type,port 36750,platforms/lin_x86/shellcode/36750.c,"Linux/x86 - setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) shellcode (49 bytes)",2015-04-14,"Febriyanto Nugroho",lin_x86,shellcode,0 36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_user.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36756,platforms/windows/remote/36756.html,"Samsung iPOLiS - ReadConfigValue Remote Code Execution",2015-04-14,"Praveen Darshanam",windows,remote,0 -36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - index.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36758,platforms/php/webapps/36758.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36759,platforms/php/webapps/36759.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0 @@ -33166,13 +33166,13 @@ id,file,description,date,author,platform,type,port 36764,platforms/php/webapps/36764.txt,"SMW+ 1.5.6 - 'target' Parameter HTML Injection",2012-02-13,sonyy,php,webapps,0 36765,platforms/php/webapps/36765.txt,"Powie pFile 1.02 - pfile/kommentar.php filecat Parameter XSS",2012-02-13,indoushka,php,webapps,0 36766,platforms/php/webapps/36766.txt,"Powie pFile 1.02 - pfile/file.php id Parameter SQL Injection",2012-02-13,indoushka,php,webapps,0 -36767,platforms/hardware/remote/36767.html,"D-Link DAP-1150 1.2.94 - Cross-Site Request Forgery",2012-02-13,MustLive,hardware,remote,0 -36768,platforms/php/webapps/36768.txt,"ProWiki - 'id' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0 +36767,platforms/hardware/remote/36767.html,"D-Link DAP-1150 1.2.94 - Cross-site Request Forgery",2012-02-13,MustLive,hardware,remote,0 +36768,platforms/php/webapps/36768.txt,"ProWiki - 'id' Parameter Cross-site Scripting",2012-02-10,sonyy,php,webapps,0 36769,platforms/php/webapps/36769.txt,"STHS v2 Web Portal - prospects.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36770,platforms/php/webapps/36770.txt,"STHS v2 Web Portal - prospect.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36771,platforms/php/webapps/36771.txt,"STHS v2 Web Portal - team.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36772,platforms/cgi/webapps/36772.txt,"EditWrxLite CMS - 'wrx.cgi' Remote Command Execution",2012-02-13,chippy1337,cgi,webapps,0 -36773,platforms/windows/dos/36773.c,"Microsoft Window - HTTP.sys PoC (MS15-034)",2015-04-15,rhcp011235,windows,dos,0 +36773,platforms/windows/dos/36773.c,"Microsoft Windows - HTTP.sys PoC (MS15-034)",2015-04-15,rhcp011235,windows,dos,0 36774,platforms/php/webapps/36774.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download Exploit",2015-04-15,"Necmettin COSKUN",php,webapps,0 36807,platforms/php/webapps/36807.txt,"GoAutoDial 3.3-1406088000 - Multiple Vulnerabilities",2015-04-21,"Chris McCurley",php,webapps,80 36776,platforms/windows/dos/36776.py,"MS Windows (HTTP.sys) - HTTP Request Parsing DoS (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 @@ -33182,16 +33182,16 @@ id,file,description,date,author,platform,type,port 36780,platforms/win_x86/shellcode/36780.c,"Win32/XP SP3 - Restart computer shellcode (57 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 36781,platforms/lin_x86/shellcode/36781.py,"Linux/x86 - custom execve-shellcode Encoder/Decoder",2015-04-17,"Konstantinos Alexiou",lin_x86,shellcode,0 36782,platforms/linux/local/36782.sh,"Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit",2015-04-17,"Ricardo F. Teixeira",linux,local,0 -36784,platforms/php/webapps/36784.txt,"11in1 CMS 1.2.1 - index.php class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 +36784,platforms/php/webapps/36784.txt,"11in1 CMS 1.2.1 - 'index.php' class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36785,platforms/php/webapps/36785.txt,"11in1 CMS 1.2.1 - admin/index.php class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36786,platforms/php/webapps/36786.txt,"11in1 CMS 1.2.1 - Admin Password Manipulation CSRF",2012-02-15,"High-Tech Bridge SA",php,webapps,0 -36787,platforms/php/webapps/36787.txt,"LEPTON 1.1.3 - Cross-Site Scripting",2012-02-15,"High-Tech Bridge SA",php,webapps,0 +36787,platforms/php/webapps/36787.txt,"LEPTON 1.1.3 - Cross-site Scripting",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36788,platforms/windows/dos/36788.txt,"Oracle - Outside-In DOCX File Parsing Memory Corruption",2015-04-17,"Francis Provencher",windows,dos,0 36789,platforms/php/dos/36789.php,"PHP 5.3.8 - Remote Denial Of Service",2011-12-18,anonymous,php,dos,0 -36790,platforms/php/webapps/36790.txt,"Tube Ace - 'q' Parameter Cross-Site Scripting",2012-02-16,"Daniel Godoy",php,webapps,0 +36790,platforms/php/webapps/36790.txt,"Tube Ace - 'q' Parameter Cross-site Scripting",2012-02-16,"Daniel Godoy",php,webapps,0 36791,platforms/php/webapps/36791.txt,"CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injection",2012-02-16,tempe_mendoan,php,webapps,0 36792,platforms/php/webapps/36792.txt,"Pandora FMS 4.0.1 - 'sec2' Parameter Local File Inclusion",2012-02-17,"Ucha Gobejishvili",php,webapps,0 -36793,platforms/php/webapps/36793.txt,"ButorWiki 3.0 - 'service' Parameter Cross-Site Scripting",2012-02-17,sonyy,php,webapps,0 +36793,platforms/php/webapps/36793.txt,"ButorWiki 3.0 - 'service' Parameter Cross-site Scripting",2012-02-17,sonyy,php,webapps,0 36795,platforms/ios/webapps/36795.txt,"Wifi Drive Pro 1.2 iOS - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 36796,platforms/ios/webapps/36796.txt,"Photo Manager Pro 4.4.0 iOS - File Include",2015-04-21,Vulnerability-Lab,ios,webapps,0 36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 @@ -33214,8 +33214,8 @@ id,file,description,date,author,platform,type,port 36848,platforms/php/webapps/36848.txt,"Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection",2012-02-18,sonyy,php,webapps,0 36849,platforms/php/webapps/36849.txt,"VOXTRONIC Voxlog Professional 3.7.x - get.php v Parameter Arbitrary File Access",2012-02-20,"J. Greil",php,webapps,0 36850,platforms/php/webapps/36850.txt,"VOXTRONIC Voxlog Professional 3.7.x - userlogdetail.php idclient Parameter SQL Injection",2012-02-20,"J. Greil",php,webapps,0 -36851,platforms/php/webapps/36851.txt,"F*EX 20100208/20111129-2 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-20,muuratsalo,php,webapps,0 -36852,platforms/php/webapps/36852.txt,"TestLink - Multiple SQL Injection",2012-02-20,"Juan M. Natal",php,webapps,0 +36851,platforms/php/webapps/36851.txt,"F*EX 20100208/20111129-2 - Multiple Cross-site Scripting Vulnerabilities",2012-02-20,muuratsalo,php,webapps,0 +36852,platforms/php/webapps/36852.txt,"TestLink - Multiple SQL Injections",2012-02-20,"Juan M. Natal",php,webapps,0 36818,platforms/php/webapps/36818.php,"Wolf CMS 0.8.2 - Arbitrary File Upload Exploit",2015-04-22,"CWH Underground",php,webapps,80 36819,platforms/windows/local/36819.pl,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow (3)",2015-04-22,"Tomislav Paskalev",windows,local,0 36820,platforms/linux/local/36820.txt,"usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Local Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 @@ -33235,11 +33235,11 @@ id,file,description,date,author,platform,type,port 36835,platforms/php/webapps/36835.txt,"Joomla Xcomp 'com_xcomp' Component - Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution PoC",2015-04-27,"Jay Turla",multiple,remote,0 36837,platforms/windows/local/36837.rb,"iTunes 10.6.1.7 - '.PLS' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0 -36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Stored XSS",2015-04-27,klikki,php,webapps,0 +36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Persistent Cross-site Scripting",2015-04-27,klikki,php,webapps,0 36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 - Stack Overflow RCE for AirTies RT Series (MIPS)",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0 36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash PoC",2015-04-27,"Avinash Thapa",windows,local,0 -36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x / < 3.2.x / < 3.3.x - Stored Cross-Site Scripting",2015-04-27,"Adam Ziaja",php,webapps,0 +36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x / < 3.2.x / < 3.3.x - Persistent Cross-site Scripting",2015-04-27,"Adam Ziaja",php,webapps,0 36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 - 'DOC' Parameter Directory Traversal",2009-04-17,MustLive,cgi,webapps,0 36995,platforms/hardware/remote/36995.txt,"F5 FirePass 7.0 - SQL Injection",2012-03-14,anonymous,hardware,remote,0 37169,platforms/linux/remote/37169.rb,"Realtek SDK - Miniigd UPnP SOAP Command Execution",2015-06-01,Metasploit,linux,remote,52869 @@ -33255,42 +33255,42 @@ id,file,description,date,author,platform,type,port 36860,platforms/php/webapps/36860.txt,"WordPress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80 -36863,platforms/php/webapps/36863.txt,"Joomla Machine Component - Multiple SQL Injection",2012-02-20,the_cyber_nuxbie,php,webapps,0 +36863,platforms/php/webapps/36863.txt,"Joomla Machine Component - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0 36864,platforms/hardware/remote/36864.txt,"Xavi 7968 ADSL Router - Multiple Function CSRF",2012-02-21,Busindre,hardware,remote,0 36865,platforms/hardware/remote/36865.txt,"Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter XSS",2012-02-21,Busindre,hardware,remote,0 36866,platforms/hardware/remote/36866.txt,"Xavi 7968 ADSL Router - webconfig/wan/confirm.html/confirm pvcName Parameter XSS",2012-02-21,Busindre,hardware,remote,0 -36867,platforms/php/webapps/36867.txt,"CPG Dragonfly CMS 9.3.3.0 - Multiple Multiple Cross-Site Scripting Vulnerabilities",2012-02-21,Ariko-Security,php,webapps,0 +36867,platforms/php/webapps/36867.txt,"CPG Dragonfly CMS 9.3.3.0 - Multiple Multiple Cross-site Scripting Vulnerabilities",2012-02-21,Ariko-Security,php,webapps,0 36868,platforms/hardware/dos/36868.pl,"Mercury MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerabilities",2012-02-21,demonalex,hardware,dos,0 36869,platforms/multiple/dos/36869.txt,"IBM solidDB 6.5.0.8 - 'SELECT' Statement 'WHERE' Condition Denial of Service",2012-02-09,IBM,multiple,dos,0 -36870,platforms/php/webapps/36870.txt,"ContentLion Alpha 1.3 - 'login.php' Cross-Site Scripting",2012-02-22,"Stefan Schurtz",php,webapps,0 +36870,platforms/php/webapps/36870.txt,"ContentLion Alpha 1.3 - 'login.php' Cross-site Scripting",2012-02-22,"Stefan Schurtz",php,webapps,0 36873,platforms/php/webapps/36873.txt,"Dolibarr 3.2 Alpha - Multiple Directory Traversal Vulnerabilities",2012-02-22,"Benjamin Kunz Mejri",php,webapps,0 36874,platforms/php/webapps/36874.txt,"Chyrp 2.1.1 - 'ajax.php' HTML Injection",2012-02-22,"High-Tech Bridge SA",php,webapps,0 36875,platforms/php/webapps/36875.txt,"Chyrp 2.1.2 - includes/error.php body Parameter XSS",2012-02-22,"High-Tech Bridge SA",php,webapps,0 -36876,platforms/php/webapps/36876.txt,"Oxwall 1.1.1 - 'plugin' Parameter Cross-Site Scripting",2012-02-22,Ariko-Security,php,webapps,0 -36877,platforms/hardware/remote/36877.html,"Multiple D-Link DCS Products - 'security.cgi' Cross-Site Request Forgery",2012-02-23,"Rigan Iimrigan",hardware,remote,0 +36876,platforms/php/webapps/36876.txt,"Oxwall 1.1.1 - 'plugin' Parameter Cross-site Scripting",2012-02-22,Ariko-Security,php,webapps,0 +36877,platforms/hardware/remote/36877.html,"Multiple D-Link DCS Products - 'security.cgi' Cross-site Request Forgery",2012-02-23,"Rigan Iimrigan",hardware,remote,0 36878,platforms/php/webapps/36878.txt,"Mobile Mp3 Search Script 2.0 - 'dl.php' HTTP Response Splitting",2012-02-23,"Corrado Liotta",php,webapps,0 36880,platforms/windows/remote/36880.rb,"Adobe Flash Player - UncompressViaZlibVariant Uninitialized Memory",2015-05-01,Metasploit,windows,remote,0 36881,platforms/multiple/dos/36881.txt,"TestDisk 6.14 - Check_OS2MB Stack Buffer Overflow",2015-05-01,Security-Assessment.com,multiple,dos,0 36882,platforms/php/webapps/36882.txt,"MyJobList 0.1.3 - 'eid' Parameter SQL Injection",2012-02-26,"Red Security TEAM",php,webapps,0 -36883,platforms/php/webapps/36883.txt,"Webglimpse 2.x - Multiple Cross-Site Scripting Vulnerabilities",2012-02-26,MustLive,php,webapps,0 +36883,platforms/php/webapps/36883.txt,"Webglimpse 2.x - Multiple Cross-site Scripting Vulnerabilities",2012-02-26,MustLive,php,webapps,0 36884,platforms/linux/remote/36884.py,"libpurple 2.8.10 - OTR Information Disclosure",2012-02-25,"Dimitris Glynos",linux,remote,0 -36885,platforms/php/webapps/36885.txt,"Bontq - 'user/' URI Cross-Site Scripting",2012-02-27,sonyy,php,webapps,0 +36885,platforms/php/webapps/36885.txt,"Bontq - 'user/' URI Cross-site Scripting",2012-02-27,sonyy,php,webapps,0 36886,platforms/php/webapps/36886.txt,"OSQA's CMS - Multiple HTML Injection Vulnerabilities",2012-02-27,"Ucha Gobejishvili",php,webapps,0 36887,platforms/linux/local/36887.py,"GNOME NetworkManager 0.x - Local Arbitrary File Access",2012-02-29,Ludwig,linux,local,0 36888,platforms/php/webapps/36888.html,"Dotclear 2.4.1.2 - /admin/auth.php login_data Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36889,platforms/php/webapps/36889.txt,"Dotclear 2.4.1.2 - /admin/blogs.php nb Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36890,platforms/php/webapps/36890.txt,"Dotclear 2.4.1.2 - /admin/comments.php Multiple Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36891,platforms/php/webapps/36891.txt,"Dotclear 2.4.1.2 - /admin/plugin.php page Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36892,platforms/php/webapps/36892.html,"Traidnt Topics Viewer 2.0 - 'main.php' Cross-Site Request Forgery",2012-02-29,"Green Hornet",php,webapps,0 +36892,platforms/php/webapps/36892.html,"Traidnt Topics Viewer 2.0 - 'main.php' Cross-site Request Forgery",2012-02-29,"Green Hornet",php,webapps,0 36893,platforms/php/webapps/36893.txt,"Fork CMS 3.x - private/en/locale/index name Parameter XSS",2012-02-28,anonymous,php,webapps,0 36894,platforms/php/webapps/36894.txt,"Fork CMS 3.x - backend/modules/error/actions/index.php parse() Function Multiple Parameter Error Display XSS",2012-02-28,anonymous,php,webapps,0 -36895,platforms/php/webapps/36895.txt,"starCMS - 'q' Parameter URI Cross-Site Scripting",2012-03-02,Am!r,php,webapps,0 +36895,platforms/php/webapps/36895.txt,"starCMS - 'q' Parameter URI Cross-site Scripting",2012-03-02,Am!r,php,webapps,0 36896,platforms/windows/dos/36896.pl,"Splash PRO 1.12.1 - '.avi' File Denial of Service",2012-03-03,"Senator of Pirates",windows,dos,0 36897,platforms/php/webapps/36897.txt,"LastGuru ASP GuestBook - 'View.asp' SQL Injection",2012-03-04,demonalex,php,webapps,0 36898,platforms/php/webapps/36898.txt,"Etano 1.20/1.22 - search.php Multiple Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 36899,platforms/php/webapps/36899.txt,"Etano 1.20/1.22 - photo_search.php Multiple Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 36900,platforms/php/webapps/36900.txt,"Etano 1.20/1.22 - photo_view.php return Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 -36914,platforms/php/webapps/36914.txt,"Fork CMS 3.2.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-03-06,"Gjoko Krstic",php,webapps,0 +36914,platforms/php/webapps/36914.txt,"Fork CMS 3.2.x - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2012-03-06,"Gjoko Krstic",php,webapps,0 36915,platforms/windows/remote/36915.txt,"NetDecision 4.6.1 - Multiple Directory Traversal Vulnerabilities",2012-03-07,"Luigi Auriemma",windows,remote,0 36916,platforms/php/webapps/36916.txt,"Exponent CMS 2.0 - 'src' Parameter SQL Injection",2012-03-07,"Rob Miller",php,webapps,0 36917,platforms/php/webapps/36917.txt,"OSClass 2.3.x - Directory Traversal / Arbitrary File Upload",2012-03-07,"Filippo Cavallarin",php,webapps,0 @@ -33308,20 +33308,20 @@ id,file,description,date,author,platform,type,port 36906,platforms/linux/dos/36906.txt,"Apache Xerces-C XML Parser < 3.1.2 - DoS POC",2015-05-04,beford,linux,dos,0 36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent XSS / CSRF / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 36908,platforms/lin_x86/shellcode/36908.c,"Linux/x86 - exit(0) shellcode (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 -36965,platforms/php/webapps/36965.txt,"Omnistar Live - Cross-Site Scripting / SQL Injection",2012-03-13,sonyy,php,webapps,0 +36965,platforms/php/webapps/36965.txt,"Omnistar Live - Cross-site Scripting / SQL Injection",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 - Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 36967,platforms/php/webapps/36967.txt,"Max's Guestbook 1.0 - Multiple Remote Vulnerabilities",2012-03-14,n0tch,php,webapps,0 36968,platforms/php/webapps/36968.txt,"Max's PHP Photo Album 1.0 - 'id' Parameter Local File Inclusion",2012-03-14,n0tch,php,webapps,0 36969,platforms/windows/dos/36969.txt,"Citrix 11.6.1 - Licensing Administration Console Denial of Service",2012-03-15,Rune,windows,dos,0 36970,platforms/php/webapps/36970.txt,"JPM Article Script 6 - 'page2' Parameter SQL Injection",2012-03-16,"Vulnerability Research Laboratory",php,webapps,0 -36971,platforms/java/webapps/36971.txt,"JavaBB 0.99 - 'userId' Parameter Cross-Site Scripting",2012-03-18,sonyy,java,webapps,0 +36971,platforms/java/webapps/36971.txt,"JavaBB 0.99 - 'userId' Parameter Cross-site Scripting",2012-03-18,sonyy,java,webapps,0 36972,platforms/windows/dos/36972.py,"TYPSoft FTP Server 1.1 - 'APPE' Command Remote Buffer Overflow",2012-03-19,"brock haun",windows,dos,0 36924,platforms/ios/webapps/36924.txt,"PDF Converter & Editor 2.1 iOS - File Include",2015-05-06,Vulnerability-Lab,ios,webapps,0 36925,platforms/php/webapps/36925.py,"elFinder 2 - Remote Command Execution (Via File Creation)",2015-05-06,"TUNISIAN CYBER",php,webapps,0 36926,platforms/php/webapps/36926.txt,"LeKommerce - 'id' Parameter SQL Injection",2012-03-08,Mazt0r,php,webapps,0 36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 - setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 36928,platforms/windows/local/36928.py,"Macro Toolworks 7.5 - Local Buffer Overflow",2012-03-08,"Julien Ahrens",windows,local,0 -36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 +36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 - Multiple Cross-site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 36930,platforms/multiple/webapps/36930.txt,"WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 36931,platforms/hardware/remote/36931.txt,"Barracuda CudaTel Communication Server 2.0.029.1 - Multiple HTML Injection Vulnerabilities",2012-03-08,"Benjamin Kunz Mejri",hardware,remote,0 36932,platforms/windows/remote/36932.py,"RealVNC 4.1.0 / 4.1.1 - Authentication Bypass Exploit",2012-05-13,fdiskyou,windows,remote,5900 @@ -33329,14 +33329,14 @@ id,file,description,date,author,platform,type,port 36934,platforms/asp/webapps/36934.txt,"SAP Business Objects InfoVew System - listing.aspx searchText Parameter XSS",2012-03-08,vulns@dionach.com,asp,webapps,0 36935,platforms/asp/webapps/36935.txt,"SAP Business Objects InfoView System - /help/helpredir.aspx guide Parameter XSS",2012-03-08,vulns@dionach.com,asp,webapps,0 36936,platforms/asp/webapps/36936.txt,"SAP Business Objects InfoView System - /webi/webi_modify.aspx id Parameter XSS",2012-03-08,vulns@dionach.com,asp,webapps,0 -36937,platforms/php/webapps/36937.html,"phpMyVisites 2.4 - phpmv2/index.php Multiple Cross-Site Scripting Vulnerabilities",2012-03-09,AkaStep,php,webapps,0 -36938,platforms/php/webapps/36938.txt,"singapore 0.10.1 - 'gallery' Parameter Cross-Site Scripting",2012-03-11,T0xic,php,webapps,0 -36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Parameter Cross-Site Scripting",2012-03-11,MustLive,java,webapps,0 -36940,platforms/cgi/webapps/36940.txt,"Dell SonicWALL Secure Remote Access (SRA) Appliance - Cross-Site Request Forgery",2015-05-07,"Veit Hailperin",cgi,webapps,443 -36941,platforms/xml/webapps/36941.txt,"IBM WebSphere Portal - Stored Cross-Site Scripting",2015-05-07,"Filippo Roncari",xml,webapps,0 +36937,platforms/php/webapps/36937.html,"phpMyVisites 2.4 - phpmv2/index.php Multiple Cross-site Scripting Vulnerabilities",2012-03-09,AkaStep,php,webapps,0 +36938,platforms/php/webapps/36938.txt,"singapore 0.10.1 - 'gallery' Parameter Cross-site Scripting",2012-03-11,T0xic,php,webapps,0 +36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Parameter Cross-site Scripting",2012-03-11,MustLive,java,webapps,0 +36940,platforms/cgi/webapps/36940.txt,"Dell SonicWALL Secure Remote Access (SRA) Appliance - Cross-site Request Forgery",2015-05-07,"Veit Hailperin",cgi,webapps,443 +36941,platforms/xml/webapps/36941.txt,"IBM WebSphere Portal - Persistent Cross-site Scripting",2015-05-07,"Filippo Roncari",xml,webapps,0 36942,platforms/php/webapps/36942.txt,"WordPress Freshmail Plugin 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 36943,platforms/ios/webapps/36943.txt,"Album Streamer 2.0 iOS - Directory Traversal",2015-05-07,Vulnerability-Lab,ios,webapps,0 -36944,platforms/php/webapps/36944.txt,"Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross-Site Scripting",2012-03-12,"Simon Ganiere",php,webapps,0 +36944,platforms/php/webapps/36944.txt,"Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross-site Scripting",2012-03-12,"Simon Ganiere",php,webapps,0 36945,platforms/hardware/remote/36945.txt,"TP-LINK TL-WR740N 111130 - 'ping_addr' Parameter HTML Injection",2012-03-12,l20ot,hardware,remote,0 36946,platforms/php/webapps/36946.txt,"Wikidforum 2.10 - Advanced Search - Multiple Field SQL Injection",2012-03-12,"Stefan Schurtz",php,webapps,0 36947,platforms/php/webapps/36947.txt,"Wikidforum 2.10 - Search Field XSS",2012-03-12,"Stefan Schurtz",php,webapps,0 @@ -33346,14 +33346,14 @@ id,file,description,date,author,platform,type,port 36951,platforms/php/webapps/36951.txt,"SynaMan 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 Plugin - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 36953,platforms/php/webapps/36953.txt,"SynTail 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - CSRF",2015-05-08,Evex,php,webapps,80 +36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - Cross-site Request Forgery",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper - URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player - domainMemory ByteArray Use-After-Free",2015-05-08,Metasploit,windows,remote,0 36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80 -36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 -36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 -36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - CSRF",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 -36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - Cross-site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - Cross-site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - Cross-site Request Forgery",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 +36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - Cross-site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36962,platforms/windows/remote/36962.rb,"Adobe Flash Player - NetConnection Type Confusion",2015-05-08,Metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management - Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 @@ -33368,55 +33368,55 @@ id,file,description,date,author,platform,type,port 36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 37186,platforms/php/webapps/37186.txt,"VFront 0.99.2 - CSRF / Persistent XSS",2015-06-03,hyp3rlinx,php,webapps,0 36984,platforms/windows/remote/36984.py,"i.FTP 2.21 - Time Field SEH Exploit",2015-05-11,"Revin Hadi Saputra",windows,remote,0 -37006,platforms/java/webapps/37006.txt,"Minify 2.1.x - 'g' Parameter Cross-Site Scripting",2012-03-21,"Ayoub Aboukir",java,webapps,0 +37006,platforms/java/webapps/37006.txt,"Minify 2.1.x - 'g' Parameter Cross-site Scripting",2012-03-21,"Ayoub Aboukir",java,webapps,0 36986,platforms/php/webapps/36986.txt,"Pluck 4.7 - Directory Traversal",2015-05-11,Wadeek,php,webapps,0 -36987,platforms/hardware/webapps/36987.pl,"D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Stored XSS",2015-05-11,"XLabs Security",hardware,webapps,0 -36988,platforms/hardware/webapps/36988.pl,"D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Stored XSS",2015-05-11,"XLabs Security",hardware,webapps,0 -36989,platforms/php/webapps/36989.txt,"eFront 3.6.15 - Multiple SQL Injection",2015-05-11,"Filippo Roncari",php,webapps,0 +36987,platforms/hardware/webapps/36987.pl,"D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Persistent Cross-site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 +36988,platforms/hardware/webapps/36988.pl,"D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Persistent Cross-site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 +36989,platforms/php/webapps/36989.txt,"eFront 3.6.15 - Multiple SQL Injections",2015-05-11,"Filippo Roncari",php,webapps,0 36990,platforms/php/webapps/36990.txt,"eFront 3.6.15 - Path Traversal",2015-05-11,"Filippo Roncari",php,webapps,0 36991,platforms/php/webapps/36991.txt,"eFront 3.6.15 - PHP Object Injection",2015-05-11,"Filippo Roncari",php,webapps,0 36992,platforms/php/webapps/36992.txt,"Wing FTP Server Admin 4.4.5 - CSRF Add Arbitrary User",2015-05-11,hyp3rlinx,php,webapps,0 36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Path Traversal",2015-05-11,hyp3rlinx,php,webapps,0 36996,platforms/unix/remote/36996.rb,"SixApart MovableType - Storable Perl Code Execution",2015-05-12,Metasploit,unix,remote,80 -36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross-Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 +36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross-site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 36998,platforms/php/webapps/36998.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php Multiple Parameter XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 -36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - index.php authors[][url] Parameter XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 +36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - 'index.php' authors[][url] Parameter XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php param Parameter Multiple Function Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 37003,platforms/php/webapps/37003.txt,"WordPress Booking Calendar Contact Form 1.0.2 Plugin - Multiple vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 37004,platforms/php/webapps/37004.txt,"PHPCollab 2.5 - (deletetopics.php) SQL Injection",2015-05-13,Wadeek,php,webapps,0 37007,platforms/linux/remote/37007.txt,"AtMail 1.04 - Multiple Security Vulnerabilities",2012-03-22,"Yury Maryshev",linux,remote,0 -37008,platforms/php/webapps/37008.txt,"Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting",2012-03-24,3spi0n,php,webapps,0 +37008,platforms/php/webapps/37008.txt,"Event Calendar PHP - 'cal_year' Parameter Cross-site Scripting",2012-03-24,3spi0n,php,webapps,0 37009,platforms/java/webapps/37009.xml,"Apache Struts 2.0 - 'XSLTResult.java' Remote Arbitrary File Upload",2012-03-23,voidloafer,java,webapps,0 -37010,platforms/php/webapps/37010.txt,"Zumset.com FbiLike 1.00 - 'id' Parameter Cross-Site Scripting",2012-03-25,Crim3R,php,webapps,0 +37010,platforms/php/webapps/37010.txt,"Zumset.com FbiLike 1.00 - 'id' Parameter Cross-site Scripting",2012-03-25,Crim3R,php,webapps,0 37011,platforms/php/webapps/37011.txt,"Geeklog 1.8.1 - 'index.php' SQL Injection",2012-03-27,HELLBOY,php,webapps,0 37012,platforms/php/webapps/37012.txt,"NextBBS 0.6 - ajaxserver.php Multiple Function SQL Injection",2012-03-27,waraxe,php,webapps,0 -37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 - index.php do Parameter XSS",2012-03-27,waraxe,php,webapps,0 +37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 - 'index.php' do Parameter XSS",2012-03-27,waraxe,php,webapps,0 37014,platforms/windows/dos/37014.py,"iFTP 2.21 - Buffer OverFlow Crash PoC",2015-05-14,"dogo h@ck",windows,dos,0 -37015,platforms/asp/webapps/37015.txt,"Matthew1471 BlogX - Multiple Cross-Site Scripting Vulnerabilities",2012-03-27,demonalex,asp,webapps,0 -37016,platforms/php/webapps/37016.txt,"WordPress Integrator 1.32 - 'redirect_to' Parameter Cross-Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 -37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 - 'searchText' Parameter Cross-Site Scripting",2012-03-28,sonyy,php,webapps,0 -37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - index.php conditions[usergroup][] Parameter SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 -37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - index.php conditions[usergroup][] Parameter XSS",2013-03-27,"Aditya Modha",php,webapps,0 +37015,platforms/asp/webapps/37015.txt,"Matthew1471 BlogX - Multiple Cross-site Scripting Vulnerabilities",2012-03-27,demonalex,asp,webapps,0 +37016,platforms/php/webapps/37016.txt,"WordPress Integrator 1.32 - 'redirect_to' Parameter Cross-site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 +37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 - 'searchText' Parameter Cross-site Scripting",2012-03-28,sonyy,php,webapps,0 +37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 +37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter XSS",2013-03-27,"Aditya Modha",php,webapps,0 37020,platforms/windows/remote/37020.html,"Apple Safari 5.1.5 For Windows - 'window.open()' URI Spoofing",2012-03-28,Lostmon,windows,remote,0 37021,platforms/php/webapps/37021.txt,"TomatoCart 1.2.0 Alpha 2 - 'json.php' Local File Inclusion",2012-03-28,"Canberk BOLAT",php,webapps,0 37022,platforms/php/webapps/37022.txt,"ocPortal 7.1.5 - code_editor.php Multiple Parameter XSS",2012-03-28,"High-Tech Bridge",php,webapps,0 37023,platforms/php/webapps/37023.txt,"EasyPHP - 'main.php' SQL Injection",2012-03-29,"Skote Vahshat",php,webapps,0 -37024,platforms/php/webapps/37024.txt,"eZ Publish 4.x - 'ezjscore' Module Cross-Site Scripting",2012-03-29,"Yann MICHARD",php,webapps,0 +37024,platforms/php/webapps/37024.txt,"eZ Publish 4.x - 'ezjscore' Module Cross-site Scripting",2012-03-29,"Yann MICHARD",php,webapps,0 37025,platforms/php/webapps/37025.txt,"PHP Designer 2007 - Personal Multiple SQL Injection",2012-03-30,MR.XpR,php,webapps,0 37026,platforms/php/webapps/37026.txt,"e107 1.0 - 'view' Parameter SQL Injection",2012-03-30,Am!r,php,webapps,0 -37027,platforms/php/webapps/37027.txt,"Simple Machines Forum (SMF) 2.0.2 - index.php scheduled Parameter XSS",2012-03-29,Am!r,php,webapps,0 -37028,platforms/php/webapps/37028.txt,"JamWiki 1.1.5 - 'num' Parameter Cross-Site Scripting",2012-03-30,"Sooraj K.S",php,webapps,0 +37027,platforms/php/webapps/37027.txt,"Simple Machines Forum (SMF) 2.0.2 - 'index.php' scheduled Parameter XSS",2012-03-29,Am!r,php,webapps,0 +37028,platforms/php/webapps/37028.txt,"JamWiki 1.1.5 - 'num' Parameter Cross-site Scripting",2012-03-30,"Sooraj K.S",php,webapps,0 37029,platforms/java/webapps/37029.txt,"ManageEngine Firewall Analyzer 7.2 - fw/index2.do Multiple Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37030,platforms/java/webapps/37030.txt,"ManageEngine Firewall Analyzer 7.2 - fw/createAnomaly.do subTab Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37031,platforms/java/webapps/37031.txt,"ManageEngine Firewall Analyzer 7.2 - fw/mindex.do url Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37032,platforms/java/webapps/37032.txt,"ManageEngine Firewall Analyzer 7.2 - fw/syslogViewer.do port Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 -37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross-Site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 +37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross-site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 37034,platforms/php/webapps/37034.txt,"FlatnuX CMS - controlcenter.php contents/Files Action dir Parameter Traversal Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37035,platforms/php/webapps/37035.html,"FlatnuX CMS - Admin User Creation CSRF",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37036,platforms/linux/dos/37036.txt,"Flock 2.6.1 - Denial of Service",2012-03-31,r45c4l,linux,dos,0 -37037,platforms/hardware/remote/37037.txt,"Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-Site Scripting",2012-04-03,b.saleh,hardware,remote,0 +37037,platforms/hardware/remote/37037.txt,"Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-site Scripting",2012-04-03,b.saleh,hardware,remote,0 37038,platforms/php/webapps/37038.txt,"osCMax 2.5 - admin/login.php username Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37039,platforms/php/webapps/37039.txt,"osCMax 2.5 - admin/htaccess.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37040,platforms/php/webapps/37040.txt,"osCMax 2.5 - admin/xsell.php search Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 @@ -33438,7 +33438,7 @@ id,file,description,date,author,platform,type,port 37056,platforms/windows/local/37056.py,"BulletProof FTP Client 2010 - Buffer Overflow (DEP Bypass)",2015-05-18,"Gabor Seljan",windows,local,0 37057,platforms/ios/webapps/37057.txt,"Wireless Photo Transfer 3.0 iOS - File Inclusion",2015-05-18,Vulnerability-Lab,ios,webapps,80 37058,platforms/multiple/webapps/37058.txt,"OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities",2015-05-18,Vulnerability-Lab,multiple,webapps,8080 -37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 - CSRF",2015-05-18,"Akash S. Chavan",windows,webapps,0 +37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 - Cross-site Request Forgery",2015-05-18,"Akash S. Chavan",windows,webapps,0 37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 37062,platforms/php/webapps/37062.txt,"VBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 37063,platforms/php/webapps/37063.txt,"WordPress TagGator Plugin - 'tagid' Parameter SQL Injection",2012-04-05,Am!r,php,webapps,0 @@ -33447,33 +33447,33 @@ id,file,description,date,author,platform,type,port 37067,platforms/php/webapps/37067.txt,"WordPress FeedWordPress Plugin 2015.0426 - SQL Injection",2015-05-20,"Adrián M. F.",php,webapps,80 37068,platforms/windows/dos/37068.py,"ZOC SSH Client - Buffer Overflow (SEH)",2015-05-20,"Dolev Farhi",windows,dos,0 37069,platforms/lin_x86/shellcode/37069.c,"Linux/x86 - execve _/bin/sh_ shellcode (26 bytes)",2015-05-20,"Reza Behzadpour",lin_x86,shellcode,0 -37070,platforms/php/webapps/37070.txt,"WordPress Uploadify Integration Plugin 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0 +37070,platforms/php/webapps/37070.txt,"WordPress Uploadify Integration Plugin 0.9.6 - Multiple Cross-site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0 37071,platforms/php/webapps/37071.txt,"CitrusDB 2.4.1 - Local File Inclusion / SQL Injection",2012-04-09,wacky,php,webapps,0 -37072,platforms/php/webapps/37072.txt,"Matterdaddy Market 1.1 - Multiple SQL Injection",2012-04-10,"Chokri B.A",php,webapps,0 -37073,platforms/php/webapps/37073.html,"BGS CMS 2.2.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-04-11,LiquidWorm,php,webapps,0 +37072,platforms/php/webapps/37072.txt,"Matterdaddy Market 1.1 - Multiple SQL Injections",2012-04-10,"Chokri B.A",php,webapps,0 +37073,platforms/php/webapps/37073.html,"BGS CMS 2.2.1 - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2012-04-11,LiquidWorm,php,webapps,0 37074,platforms/php/webapps/37074.txt,"WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities",2015-05-21,"Panagiotis Vagenas",php,webapps,0 37152,platforms/jsp/webapps/37152.txt,"JSPMyAdmin 1.1 - Multiple Vulnerabilities",2015-05-29,hyp3rlinx,jsp,webapps,80 37075,platforms/php/webapps/37075.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget-form.php title Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37076,platforms/php/webapps/37076.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - box_publish_button.php button_value Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37077,platforms/php/webapps/37077.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - save_successful.php msg Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget.php Multiple Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 - Multiple SQL Injection",2015-05-21,"Filippo Roncari",php,webapps,80 +37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 - Multiple SQL Injections",2015-05-21,"Filippo Roncari",php,webapps,80 37080,platforms/php/webapps/37080.txt,"WordPress WP Symposium Plugin 15.1 - SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 -37082,platforms/php/webapps/37082.txt,"Bioly 1.3 - 'index.php' Cross-Site Scripting / SQL Injection",2012-04-16,T0xic,php,webapps,0 -37083,platforms/php/webapps/37083.txt,"Joomla! Beatz Plugin 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Aung Khant",php,webapps,0 +37082,platforms/php/webapps/37082.txt,"Bioly 1.3 - 'index.php' Cross-site Scripting / SQL Injection",2012-04-16,T0xic,php,webapps,0 +37083,platforms/php/webapps/37083.txt,"Joomla! Beatz Plugin 1.1 - Multiple Cross-site Scripting Vulnerabilities",2012-04-16,"Aung Khant",php,webapps,0 37084,platforms/cgi/webapps/37084.txt,"Munin 2.0~rc4-1 - Remote Command Injection",2012-04-13,"Helmut Grohne",cgi,webapps,0 37085,platforms/php/webapps/37085.txt,"Seditio CMS 165 - 'plug.php' SQL Injection",2012-04-15,AkaStep,php,webapps,0 -37086,platforms/php/webapps/37086.txt,"WordPress Yahoo Answer Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 +37086,platforms/php/webapps/37086.txt,"WordPress Yahoo Answer Plugin - Multiple Cross-site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 - 'login' Field HTML Injection",2012-04-17,"Marcos Garcia",php,webapps,0 37088,platforms/linux/local/37088.c,"Apport (Ubuntu 14.04/14.10/15.04) - Local Root Race Condition",2015-05-23,rebel,linux,local,0 37089,platforms/linux/local/37089.txt,"Fuse 2.9.3-15 - Local Privilege Escalation",2015-05-23,"Tavis Ormandy",linux,local,0 37090,platforms/php/webapps/37090.txt,"Joomla! JA T3 Framework Component - Directory Traversal",2012-04-17,indoushka,php,webapps,0 -37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 - 'UserName' Parameter Cross-Site Scripting",2012-04-17,"Aung Khant",php,webapps,0 +37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 - 'UserName' Parameter Cross-site Scripting",2012-04-17,"Aung Khant",php,webapps,0 37092,platforms/php/webapps/37092.txt,"XOOPS 2.5.4 - /modules/pm/pmlite.php to_userid Parameter XSS",2012-04-18,"High-Tech Bridge SA",php,webapps,0 37093,platforms/php/webapps/37093.txt,"XOOPS 2.5.4 - /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter XSS",2012-04-18,"High-Tech Bridge SA",php,webapps,0 -37094,platforms/php/webapps/37094.txt,"ownCloud 3.0.0 - index.php redirect_url Parameter Arbitrary Site Redirect",2012-04-18,"Tobias Glemser",php,webapps,0 -37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 - 'username' Parameter Cross-Site Scripting",2012-04-20,sonyy,php,webapps,0 +37094,platforms/php/webapps/37094.txt,"ownCloud 3.0.0 - 'index.php' redirect_url Parameter Arbitrary Site Redirect",2012-04-18,"Tobias Glemser",php,webapps,0 +37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 - 'username' Parameter Cross-site Scripting",2012-04-20,sonyy,php,webapps,0 37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 - 'id' Parameter Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 @@ -33483,27 +33483,27 @@ id,file,description,date,author,platform,type,port 37100,platforms/php/webapps/37100.txt,"Waylu CMS - 'products_xx.php' SQL Injection / HTML Injection",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 37102,platforms/php/webapps/37102.txt,"Joomla! Video Gallery component - Local File Inclusion / SQL Injection",2012-04-24,KedAns-Dz,php,webapps,0 -37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 -37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 -37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 +37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 +37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 +37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross-site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 - Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 37107,platforms/php/webapps/37107.txt,"WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 37110,platforms/java/webapps/37110.py,"Apache Jackrabbit - WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080 37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 Plugin - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 -37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 - Stored XSS",2015-05-26,woodspeed,php,webapps,80 +37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 - Persistent Cross-site Scripting",2015-05-26,woodspeed,php,webapps,80 37113,platforms/php/webapps/37113.txt,"Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80 37114,platforms/jsp/webapps/37114.txt,"Sendio ESP - Information Disclosure",2015-05-26,"Core Security",jsp,webapps,80 37115,platforms/perl/webapps/37115.txt,"Clickheat 1.13+ - Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 37116,platforms/php/webapps/37116.py,"SilverStripe 2.4.7 - install.php PHP Code Injection",2012-04-27,"Mehmet Ince",php,webapps,0 37117,platforms/perl/webapps/37117.txt,"Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities",2012-04-29,"Chokri Ben Achor",perl,webapps,0 -37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 - 'encode' Parameter Cross-Site Scripting",2012-04-27,farbodmahini,php,webapps,0 +37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 - 'encode' Parameter Cross-site Scripting",2012-04-27,farbodmahini,php,webapps,0 37119,platforms/asp/webapps/37119.txt,"XM Forum - 'id' Parameter Multiple SQL Injection",2012-04-27,"Farbod Mahini",asp,webapps,0 37120,platforms/php/webapps/37120.txt,"Uiga FanClub - 'p' Parameter SQL Injection",2012-04-27,"Farbod Mahini",php,webapps,0 -37121,platforms/asp/webapps/37121.txt,"BBSXP CMS - Multiple SQL Injection",2012-04-27,"Farbod Mahini",asp,webapps,0 +37121,platforms/asp/webapps/37121.txt,"BBSXP CMS - Multiple SQL Injections",2012-04-27,"Farbod Mahini",asp,webapps,0 37122,platforms/php/webapps/37122.txt,"Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' Parameter SQL Injection",2012-04-28,eidelweiss,php,webapps,0 -37123,platforms/php/webapps/37123.txt,"WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting",2012-04-30,Am!r,php,webapps,0 +37123,platforms/php/webapps/37123.txt,"WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-site Scripting",2012-04-30,Am!r,php,webapps,0 37124,platforms/windows/dos/37124.txt,"Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow PoC",2015-05-26,LiquidWorm,windows,dos,0 37125,platforms/php/webapps/37125.txt,"MySQLDumper 1.24.4 - restore.php filename Parameter XSS",2012-04-27,AkaStep,php,webapps,0 37126,platforms/perl/webapps/37126.txt,"MySQLDumper 1.24.4 - install.php language Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,perl,webapps,0 @@ -33512,98 +33512,98 @@ id,file,description,date,author,platform,type,port 37129,platforms/php/webapps/37129.txt,"MySQLDumper 1.24.4 - filemanagement.php f Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,php,webapps,0 37130,platforms/php/webapps/37130.txt,"MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosure",2012-04-27,AkaStep,php,webapps,0 37131,platforms/php/webapps/37131.txt,"MySQLDumper 1.24.4 - main.php Multiple Function CSRF",2012-04-27,AkaStep,php,webapps,0 -37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 - Stored XSS",2015-05-27,"Panagiotis Vagenas",php,webapps,80 -37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 - index.php page Parameter XSS",2012-04-27,AkaStep,php,webapps,0 +37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 - Persistent Cross-site Scripting",2015-05-27,"Panagiotis Vagenas",php,webapps,80 +37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 - 'index.php' page Parameter XSS",2012-04-27,AkaStep,php,webapps,0 37134,platforms/php/webapps/37134.php,"MySQLDumper 1.24.4 - 'menu.php' Remote PHP Code Execution",2012-04-27,AkaStep,php,webapps,0 -37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 +37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A - Cross-site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 37136,platforms/php/webapps/37136.txt,"Trombinoscope 3.x - 'photo.php' Server SQL Injection",2012-05-07,"Ramdan Yantu",php,webapps,0 37137,platforms/php/webapps/37137.txt,"Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection",2012-05-06,phocean,php,webapps,0 -37138,platforms/php/webapps/37138.txt,"Ramui Forum Script - 'query' Parameter Cross-Site Scripting",2012-05-07,3spi0n,php,webapps,0 +37138,platforms/php/webapps/37138.txt,"Ramui Forum Script - 'query' Parameter Cross-site Scripting",2012-05-07,3spi0n,php,webapps,0 37139,platforms/php/webapps/37139.txt,"JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass",2012-05-07,L3b-r1'z,php,webapps,0 37140,platforms/php/webapps/37140.html,"PHP Enter 4.1.2 - 'banners.php' PHP Code Injection",2012-05-08,L3b-r1'z,php,webapps,0 -37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL Wireless Router - Cross-Site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0 +37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL Wireless Router - Cross-site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0 37142,platforms/php/webapps/37142.txt,"OrangeHRM 2.7 RC - plugins/ajaxCalls/haltResumeHsp.php hspSummaryId Parameter SQL Injection",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37143,platforms/php/webapps/37143.txt,"OrangeHRM 2.7 RC - plugins/ajaxCalls/haltResumeHsp.php newHspStatus Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37144,platforms/php/webapps/37144.txt,"OrangeHRM 2.7 RC - templates/hrfunct/emppop.php sortOrder1 Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 -37145,platforms/php/webapps/37145.txt,"OrangeHRM 2.7 RC - index.php uri Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 -37146,platforms/php/webapps/37146.txt,"PivotX 2.3.2 - 'ajaxhelper.php' Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 +37145,platforms/php/webapps/37145.txt,"OrangeHRM 2.7 RC - 'index.php' uri Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 +37146,platforms/php/webapps/37146.txt,"PivotX 2.3.2 - 'ajaxhelper.php' Cross-site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37147,platforms/php/webapps/37147.txt,"Chevereto 1.91 - Upload/engine.php v Parameter XSS",2012-05-10,AkaStep,php,webapps,0 37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 - Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0 37149,platforms/windows/dos/37149.py,"Private Shell SSH Client 3.3 - Crash PoC",2015-05-29,3unnym00n,windows,dos,22 -37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 - (SEH) BOF",2015-06-04,"Zahid Adeel",windows,local,0 +37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 - (SEH) Buffer Overflow",2015-06-04,"Zahid Adeel",windows,local,0 37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 - Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 37170,platforms/hardware/remote/37170.rb,"Airties - login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80 -37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0 +37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-site Scripting",2012-05-13,d3v1l,php,webapps,0 37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 - admin/theme.php err Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37157,platforms/php/webapps/37157.txt,"GetSimple CMS 3.1 - admin/pages.php error Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 - admin/index.php Multiple Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 - admin/upload.php path Parameter XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service",2012-05-14,demonalex,windows,dos,0 -37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer OverFlow PoC",2015-06-01,metacom,windows,remote,0 37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 37167,platforms/linux/local/37167.c,"PonyOS 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 37168,platforms/linux/local/37168.txt,"PonyOS 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 37171,platforms/hardware/remote/37171.rb,"D-Link Devices - HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 -37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager - Stored XSS",2015-06-01,"Cristiano Maruti",hardware,webapps,0 -37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37175,platforms/php/webapps/37175.txt,"Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37176,platforms/php/webapps/37176.txt,"PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37177,platforms/php/webapps/37177.txt,"CataBlog WordPress Plugin 1.6 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37178,platforms/php/webapps/37178.txt,"2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37179,platforms/php/webapps/37179.txt,"iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37180,platforms/php/webapps/37180.txt,"WordPress Newsletter Manager Plugin 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager - Persistent Cross-site Scripting",2015-06-01,"Cristiano Maruti",hardware,webapps,0 +37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37175,platforms/php/webapps/37175.txt,"Download Manager 2.2.2 - 'cid' Parameter Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37176,platforms/php/webapps/37176.txt,"PDF & Print Button Joliprint 1.3.0 - Multiple Cross-site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37177,platforms/php/webapps/37177.txt,"CataBlog WordPress Plugin 1.6 - 'admin.php' Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37178,platforms/php/webapps/37178.txt,"2 Click Social Media Buttons 0.32.2 - Multiple Cross-site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37179,platforms/php/webapps/37179.txt,"iFrame Admin Pages 0.1 - 'main_page.php' Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37180,platforms/php/webapps/37180.txt,"WordPress Newsletter Manager Plugin 1.0 - Multiple Cross-site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37184,platforms/hardware/remote/37184.py,"Seagate Central 2014.0410.0026-F - Remote Root Exploit",2015-06-03,"Jeremy Brown",hardware,remote,0 37185,platforms/hardware/webapps/37185.py,"Seagate Central 2014.0410.0026-F - Remote Facebook Access Token Exploit",2015-06-03,"Jeremy Brown",hardware,webapps,0 -37182,platforms/php/webapps/37182.txt,"WordPress LeagueManager 3.9.11 Plugin - SQLi",2015-06-02,javabudd,php,webapps,0 +37182,platforms/php/webapps/37182.txt,"WordPress LeagueManager 3.9.11 Plugin - SQL Injection",2015-06-02,javabudd,php,webapps,0 37183,platforms/linux/local/37183.c,"PonyOS 3.0 - tty ioctl() Local Kernel Exploit",2015-06-02,"Hacker Fantastic",linux,local,0 37187,platforms/windows/dos/37187.py,"Jildi FTP Client - Buffer Overflow PoC",2015-06-03,metacom,windows,dos,21 37188,platforms/windows/dos/37188.txt,"WebDrive 12.2 (B4172) - Buffer Overflow",2015-06-03,Vulnerability-Lab,windows,dos,0 -37189,platforms/php/webapps/37189.txt,"Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37190,platforms/php/webapps/37190.txt,"LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37189,platforms/php/webapps/37189.txt,"Media Library Categories - Multiple Cross-site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37190,platforms/php/webapps/37190.txt,"LeagueManager 3.7 - Multiple Cross-site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37191,platforms/php/webapps/37191.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress - leaflet_layer.php id Parameter XSS",2012-05-15,"Heine Pedersen",php,webapps,0 37192,platforms/php/webapps/37192.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress - leaflet_marker.php id Parameter XSS",2012-05-15,"Heine Pedersen",php,webapps,0 -37193,platforms/php/webapps/37193.txt,"GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37194,platforms/php/webapps/37194.txt,"Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37193,platforms/php/webapps/37193.txt,"GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37194,platforms/php/webapps/37194.txt,"Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37195,platforms/php/webapps/37195.txt,"WP Forum Server Plugin 1.7.3 for WordPress - fs-admin/fs-admin.php Multiple Parameter XSS",2012-05-15,"Heine Pedersen",php,webapps,0 -37196,platforms/php/webapps/37196.txt,"Pretty Link Lite WordPress Plugin 1.5.2 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37196,platforms/php/webapps/37196.txt,"Pretty Link Lite WordPress Plugin 1.5.2 - SQL Injection / Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37198,platforms/multiple/remote/37198.rb,"JDownloader 2 Beta - Directory Traversal",2015-06-04,PizzaHatHacker,multiple,remote,0 37199,platforms/hardware/dos/37199.txt,"ZTE AC 3633R USB Modem - Multiple Vulnerabilities",2015-06-04,Vishnu,hardware,dos,0 37200,platforms/php/webapps/37200.txt,"WordPress zM Ajax Login & Register Plugin 1.0.9 - Local File Inclusion",2015-06-04,"Panagiotis Vagenas",php,webapps,80 -37201,platforms/php/webapps/37201.txt,"WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 Plugin - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 Plugin - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37205,platforms/php/webapps/37205.txt,"LongTail JW Player - 'debug' Parameter Cross-Site Scripting",2012-05-16,gainover,php,webapps,0 +37201,platforms/php/webapps/37201.txt,"WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 - 'admin.php' Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 Plugin - 'width' Parameter Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 Plugin - Cross-site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37205,platforms/php/webapps/37205.txt,"LongTail JW Player - 'debug' Parameter Cross-site Scripting",2012-05-16,gainover,php,webapps,0 37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 - demo/phpThumb.demo.showpic.php title Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 - demo/phpThumb.demo.random.php dir Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 -37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a - 'onlyDB' Parameter Cross-Site Scripting",2012-05-16,LiquidWorm,php,webapps,0 +37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a - 'onlyDB' Parameter Cross-site Scripting",2012-05-16,LiquidWorm,php,webapps,0 37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 Plugin - File Include",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal and Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 37214,platforms/hardware/webapps/37214.txt,"Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change",2015-06-06,"Todor Donev",hardware,webapps,0 37252,platforms/php/webapps/37252.txt,"WordPress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 -37216,platforms/php/webapps/37216.txt,"Unijimpe Captcha - 'captchademo.php' Cross-Site Scripting",2012-05-16,"Daniel Godoy",php,webapps,0 -37217,platforms/php/webapps/37217.txt,"Artiphp 5.5.0 Neo - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 +37216,platforms/php/webapps/37216.txt,"Unijimpe Captcha - 'captchademo.php' Cross-site Scripting",2012-05-16,"Daniel Godoy",php,webapps,0 +37217,platforms/php/webapps/37217.txt,"Artiphp 5.5.0 Neo - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 37218,platforms/jsp/dos/37218.txt,"Atlassian Tempo 6.4.3 / JIRA 5.0 0 / Gliffy 3.7.0 - XML Parsing Denial of Service",2012-05-17,anonymous,jsp,dos,0 -37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0 -37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 - Cross-Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 +37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 - Multiple Cross-site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0 +37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 - Cross-site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - /admin/file_manager/file_upload_submit.asp Multiple Parameter File Upload ASP Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - /admin/file_manager/browse.asp path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 -37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross-Site Scripting",2012-05-21,MustLive,php,webapps,0 +37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross-site Scripting",2012-05-21,MustLive,php,webapps,0 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Security Vulnerabilities",2012-05-20,AkaStep,php,webapps,0 37226,platforms/php/webapps/37226.txt,"concrete5 FlashUploader - Arbitrary SWF File Upload",2012-05-20,AkaStep,php,webapps,0 37227,platforms/php/webapps/37227.txt,"concrete5 - index.php/tools/required/files/replace searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37228,platforms/php/webapps/37228.txt,"concrete5 - index.php/tools/required/files/add_to searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37229,platforms/php/webapps/37229.txt,"concrete5 - index.php/tools/required/files/permissions searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37230,platforms/php/webapps/37230.txt,"concrete5 - index.php/tools/required/dashboard/sitemap_data.php Multiple Parameter XSS",2012-05-20,AkaStep,php,webapps,0 -37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - index.php id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 +37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'index.php' id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS - 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0 37353,platforms/php/webapps/37353.php,"Nmedia WordPress Member Conversation Plugin 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 @@ -33615,7 +33615,7 @@ id,file,description,date,author,platform,type,port 37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 -37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - LFI",2015-06-08,"Ali Khalil",php,webapps,0 +37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld - detail.php Blind Sql Injection",2015-06-08,"Sebastian khan",php,webapps,0 37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 - Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 37249,platforms/linux/dos/37249.py,"Libmimedir - .VCF Memory Corruption PoC",2015-06-10,"Jeremy Brown",linux,dos,0 @@ -33629,8 +33629,8 @@ id,file,description,date,author,platform,type,port 37304,platforms/php/webapps/37304.txt,"BlackCat CMS 1.1.1 - Arbitrary File Download",2015-06-17,d4rkr0id,php,webapps,80 37305,platforms/php/webapps/37305.txt,"Plogger Photo Gallery - SQL Injection",2012-05-22,"Eyup CELIK",php,webapps,0 37306,platforms/linux/dos/37306.txt,"Mosh - Remote Denial of Service",2012-05-22,"Timo Juhani Lindfors",linux,dos,0 -37307,platforms/php/webapps/37307.txt,"phphq.Net phAlbum 1.5.1 - 'index.php' Cross-Site Scripting",2012-05-21,"Eyup CELIK",php,webapps,0 -37308,platforms/php/webapps/37308.txt,"RuubikCMS 1.1.x - Cross-Site Scripting / Information Disclosure / Directory Traversal",2012-05-23,AkaStep,php,webapps,0 +37307,platforms/php/webapps/37307.txt,"phphq.Net phAlbum 1.5.1 - 'index.php' Cross-site Scripting",2012-05-21,"Eyup CELIK",php,webapps,0 +37308,platforms/php/webapps/37308.txt,"RuubikCMS 1.1.x - Cross-site Scripting / Information Disclosure / Directory Traversal",2012-05-23,AkaStep,php,webapps,0 37309,platforms/php/webapps/37309.txt,"phpCollab 2.5 - Database Backup Information Disclosure",2012-05-23,"team ' and 1=1--",php,webapps,0 37310,platforms/php/webapps/37310.txt,"Ajaxmint Gallery 1.0 - Local File Inclusion",2012-05-23,AkaStep,php,webapps,0 37311,platforms/php/webapps/37311.txt,"Pligg CMS 1.x - module.php Multiple Parameter XSS",2012-05-23,"High-Tech Bridge SA",php,webapps,0 @@ -33638,16 +33638,16 @@ id,file,description,date,author,platform,type,port 37313,platforms/php/webapps/37313.txt,"pragmaMx 1.12.1 - includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php img_url Parameter XSS",2012-05-23,"High-Tech Bridge SA",php,webapps,0 37314,platforms/php/webapps/37314.txt,"Yellow Duck Framework 2.0 Beta1 - Local File Disclosure",2012-05-23,L3b-r1'z,php,webapps,0 37315,platforms/php/webapps/37315.txt,"phpCollab 2.5 - uploadfile.php Crafted Request Arbitrary Non-PHP File Upload",2012-05-24,"team ' and 1=1--",php,webapps,0 -37257,platforms/php/webapps/37257.txt,"FiverrScript - CSRF (Add New Admin)",2015-06-10,"Mahmoud Gamal",php,webapps,80 +37257,platforms/php/webapps/37257.txt,"FiverrScript - Cross-site Request Forgery (Add New Admin)",2015-06-10,"Mahmoud Gamal",php,webapps,80 37258,platforms/hardware/webapps/37258.py,"GeoVision (GeoHttpServer) Webcams - Remote File Disclosure Exploit",2015-06-10,"Viktor Minin",hardware,webapps,0 37259,platforms/php/webapps/37259.txt,"ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",php,webapps,443 37260,platforms/jsp/webapps/37260.txt,"Bonita BPM 6.5.1 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",jsp,webapps,8080 -37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - CSRF",2015-06-10,"RedTeam Pentesting",hardware,webapps,80 +37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - Cross-site Request Forgery",2015-06-10,"RedTeam Pentesting",hardware,webapps,80 37262,platforms/linux/remote/37262.rb,"ProFTPD 1.3.5 - Mod_Copy Command Execution",2015-06-10,Metasploit,linux,remote,0 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80 -37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF",2015-06-10,"Nitin Venkatesh",php,webapps,80 +37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - Cross-site Request Forgery",2015-06-10,"Nitin Venkatesh",php,webapps,80 37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0 -37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 - (.m3u) Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 +37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 - '.m3u' Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 37268,platforms/windows/dos/37268.py,"GoldWave 6.1.2 - Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 37292,platforms/linux/local/37292.c,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Root Shell",2015-06-16,rebel,linux,local,0 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,php,webapps,80 @@ -33661,7 +33661,7 @@ id,file,description,date,author,platform,type,port 37280,platforms/php/webapps/37280.txt,"concrete5 - index.php/tools/required/sitemap_search_selector Multiple Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37281,platforms/php/webapps/37281.txt,"concrete5 - index.php/tools/required/files/import Multiple Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37282,platforms/php/webapps/37282.txt,"concrete5 - index.php/tools/required/files/bulk_properties searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 -37283,platforms/php/webapps/37283.txt,"AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload",2012-05-20,"Eyup CELIK",php,webapps,0 +37283,platforms/php/webapps/37283.txt,"AZ Photo Album - Cross-site Scripting / Arbitrary File Upload",2012-05-20,"Eyup CELIK",php,webapps,0 37316,platforms/php/webapps/37316.txt,"phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access",2012-05-24,"team ' and 1=1--",php,webapps,0 37285,platforms/lin_x86/shellcode/37285.txt,"Linux/x86 - chmod() 777 /etc/shadow & exit() shellcode (33 bytes)",2015-06-15,B3mB4m,lin_x86,shellcode,0 37286,platforms/windows/dos/37286.py,"Filezilla 3.11.0.2 - SFTP Module Denial of Service",2015-06-15,3unnym00n,windows,dos,0 @@ -33672,10 +33672,10 @@ id,file,description,date,author,platform,type,port 37291,platforms/windows/dos/37291.py,"Putty 0.64 - Denial of Service",2015-06-15,3unnym00n,windows,dos,0 37293,platforms/linux/local/37293.txt,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Privilege Escalation (Access /etc/shadow)",2015-06-16,rebel,linux,local,0 37561,platforms/multiple/dos/37561.pl,"UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service",2015-07-10,"Todor Donev",multiple,dos,1900 -37329,platforms/php/webapps/37329.txt,"Nilehoster Topics Viewer 2.3 - Multiple SQL Injection and Local File Inclusion",2012-05-27,n4ss1m,php,webapps,0 +37329,platforms/php/webapps/37329.txt,"Nilehoster Topics Viewer 2.3 - Multiple SQL Injections and Local File Inclusion",2012-05-27,n4ss1m,php,webapps,0 37330,platforms/php/webapps/37330.txt,"Yamamah Photo Gallery 1.1 - Database Information Disclosure",2012-05-28,L3b-r1'z,php,webapps,0 37331,platforms/php/webapps/37331.py,"WHMCS - 'boleto_bb.php' SQL Injection",2012-05-29,dex,php,webapps,0 -37296,platforms/php/webapps/37296.txt,"Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF",2015-06-16,"Jerold Hoong",php,webapps,0 +37296,platforms/php/webapps/37296.txt,"Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - Cross-site Request Forgery",2015-06-16,"Jerold Hoong",php,webapps,0 37297,platforms/lin_x86/shellcode/37297.txt,"Linux/x86 - /etc/passwd Reader shellcode (58 bytes)",2015-06-16,B3mB4m,lin_x86,shellcode,0 37317,platforms/php/webapps/37317.txt,"AzDGDatingMedium 1.9.3 - Multiple Remote Vulnerabilities",2012-05-27,AkaStep,php,webapps,0 37318,platforms/php/webapps/37318.txt,"PHPList 2.10.9 - 'Sajax.php' PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 @@ -33696,17 +33696,17 @@ id,file,description,date,author,platform,type,port 37357,platforms/php/webapps/37357.php,"WordPress VideoWhisper Video Presentation Plugin 3.17 - 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37337,platforms/php/webapps/37337.txt,"WHMCompleteSolution (WHMCS) 5.0 - Multiple Application Function CSRF",2012-05-31,"Shadman Tanjim",php,webapps,0 37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution - (WHMCS) 5.0 knowledgebase.php search Parameter XSS",2012-05-31,"Shadman Tanjim",php,webapps,0 -37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross-Site Scripting",2012-06-01,Aboud-el,php,webapps,0 +37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross-site Scripting",2012-06-01,Aboud-el,php,webapps,0 37340,platforms/php/webapps/37340.html,"TinyCMS 1.3 - File Upload CSRF",2012-06-03,KedAns-Dz,php,webapps,0 -37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 - index.php page Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 +37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 - 'index.php' page Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37342,platforms/php/webapps/37342.txt,"TinyCMS 1.3 - admin/admin.php do Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37816,platforms/multiple/webapps/37816.txt,"Cisco Unified Communications Manager - Multiple Vulnerabilities",2015-08-18,"Bernhard Mueller",multiple,webapps,0 37815,platforms/php/webapps/37815.txt,"vBulletin < 4.2.2 - Memcache Remote Code Execution",2015-08-18,"Joshua Rogers",php,webapps,80 -39249,platforms/php/webapps/39249.txt,"WeBid - Multiple Cross-Site Scripting And LDAP Injection Vulnerabilities",2014-07-10,"Govind Singh",php,webapps,0 +39249,platforms/php/webapps/39249.txt,"WeBid - Multiple Cross-site Scripting And LDAP Injection Vulnerabilities",2014-07-10,"Govind Singh",php,webapps,0 37343,platforms/windows/dos/37343.py,"Seagate Dashboard 4.0.21.0 - Crash PoC",2015-06-23,HexTitan,windows,dos,0 37344,platforms/windows/local/37344.py,"KMPlayer 3.9.1.136 - Capture Unicode Buffer Overflow (ASLR Bypass)",2015-06-23,"Naser Farhadi",windows,local,0 37440,platforms/php/webapps/37440.txt,"Watchguard XCS 10.0 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,php,webapps,0 -37360,platforms/php/webapps/37360.txt,"GeniXCMS 0.0.3 - XSS",2015-06-24,hyp3rlinx,php,webapps,80 +37360,platforms/php/webapps/37360.txt,"GeniXCMS 0.0.3 - Cross-site Scripting",2015-06-24,hyp3rlinx,php,webapps,80 37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 - .GIF Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)",2015-06-23,"Francis Provencher",windows,dos,0 37347,platforms/windows/dos/37347.txt,"Photoshop CC2014 and Bridge CC 2014 - .Gif Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 37348,platforms/windows/dos/37348.txt,"Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 @@ -33721,7 +33721,7 @@ id,file,description,date,author,platform,type,port 37369,platforms/php/webapps/37369.txt,"Vesta Control Panel 0.9.8 - OS Command Injection",2015-06-24,"High-Tech Bridge SA",php,webapps,0 37370,platforms/php/webapps/37370.php,"WordPress FCChat Widget Plugin 2.2.x - 'Upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37371,platforms/php/webapps/37371.php,"WordPress Picturesurf Gallery Plugin - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 -37372,platforms/java/webapps/37372.html,"BMC Identity Management - Cross-Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 +37372,platforms/java/webapps/37372.html,"BMC Identity Management - Cross-site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 37373,platforms/php/webapps/37373.php,"WordPress Contus Video Gallery Plugin - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37374,platforms/php/webapps/37374.txt,"Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0 37375,platforms/php/webapps/37375.php,"Joomla! Joomsport Component - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0 @@ -33742,60 +33742,60 @@ id,file,description,date,author,platform,type,port 37391,platforms/lin_x86/shellcode/37391.asm,"Linux/x86 - chmod('/etc/gshadow') shellcode (37 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 37392,platforms/lin_x86/shellcode/37392.asm,"Linux/x86 - chmod('/etc/shadow'_'0777') shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 37393,platforms/lin_x86/shellcode/37393.asm,"Linux/x86 - exec('/bin/dash') shellcode (45 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 -37394,platforms/multiple/webapps/37394.txt,"Thycotic Secret Server 8.8.000004 - Stored XSS",2015-06-26,"Marco Delai",multiple,webapps,0 -37395,platforms/windows/webapps/37395.txt,"ManageEngine Asset Explorer 6.1 - Stored XSS",2015-06-26,"Suraj Krishnaswami",windows,webapps,0 -37396,platforms/windows/remote/37396.txt,"XAMPP for Windows 1.7.7 - Multiple Cross-Site Scripting / SQL Injection",2012-06-13,Sangteamtham,windows,remote,0 -37397,platforms/php/webapps/37397.html,"SPIP 2.x - Multiple Cross-Site Scripting Vulnerabilities",2012-06-13,anonymous,php,webapps,0 +37394,platforms/multiple/webapps/37394.txt,"Thycotic Secret Server 8.8.000004 - Persistent Cross-site Scripting",2015-06-26,"Marco Delai",multiple,webapps,0 +37395,platforms/windows/webapps/37395.txt,"ManageEngine Asset Explorer 6.1 - Persistent Cross-site Scripting",2015-06-26,"Suraj Krishnaswami",windows,webapps,0 +37396,platforms/windows/remote/37396.txt,"XAMPP for Windows 1.7.7 - Multiple Cross-site Scripting / SQL Injection",2012-06-13,Sangteamtham,windows,remote,0 +37397,platforms/php/webapps/37397.html,"SPIP 2.x - Multiple Cross-site Scripting Vulnerabilities",2012-06-13,anonymous,php,webapps,0 37398,platforms/php/webapps/37398.php,"Zimplit CMS 3.0 - Local File Inclusion / Arbitrary File Upload",2012-06-13,KedAns-Dz,php,webapps,0 37399,platforms/php/webapps/37399.php,"WordPress Evarisk Plugin - 'uploadPhotoApres.php' Arbitrary File Upload",2012-01-14,"Sammy FORGIT",php,webapps,0 37400,platforms/windows/remote/37400.php,"Havij - OLE Automation Array Remote Code Execution",2015-06-27,"Mohammad Reza Espargham",windows,remote,0 37401,platforms/lin_x86-64/shellcode/37401.asm,"Linux/x86-64 - Encoded execve shellcode (57 bytes)",2015-06-27,"Bill Borskey",lin_x86-64,shellcode,0 -37429,platforms/hardware/remote/37429.txt,"Juniper Networks Mobility System Software - 'aaa/wba_login.html' Cross-Site Scripting",2012-06-14,"Craig Lambert",hardware,remote,0 +37429,platforms/hardware/remote/37429.txt,"Juniper Networks Mobility System Software - 'aaa/wba_login.html' Cross-site Scripting",2012-06-14,"Craig Lambert",hardware,remote,0 37403,platforms/php/webapps/37403.php,"WordPress Invit0r Plugin - 'ofc_upload_image.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 -37404,platforms/php/webapps/37404.txt,"MediaWiki 1.x - 'uselang' Parameter Cross-Site Scripting",2012-06-17,anonymous,php,webapps,0 +37404,platforms/php/webapps/37404.txt,"MediaWiki 1.x - 'uselang' Parameter Cross-site Scripting",2012-06-17,anonymous,php,webapps,0 37405,platforms/hardware/remote/37405.py,"Edimax IC-3030iWn - UDP Packet Password Information Disclosure",2012-06-14,y3dips,hardware,remote,0 37406,platforms/php/webapps/37406.php,"WordPress Zingiri Web Shop Plugin 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 37407,platforms/php/webapps/37407.txt,"ADICO - 'index.php' Script SQL Injection",2012-06-15,"Ibrahim El-Sayed",php,webapps,0 -37408,platforms/php/webapps/37408.txt,"Simple Forum PHP - Multiple SQL Injection",2012-06-14,"Vulnerability Research Laboratory",php,webapps,0 +37408,platforms/php/webapps/37408.txt,"Simple Forum PHP - Multiple SQL Injections",2012-06-14,"Vulnerability Research Laboratory",php,webapps,0 37409,platforms/php/webapps/37409.txt,"NetArt Media Jobs Portal - SQL Injection",2012-06-14,"Ibrahim El-Sayed",php,webapps,0 37410,platforms/php/webapps/37410.php,"Joomla! hwdVideoShare Component - 'flash_upload.php' Arbitrary File Upload",2012-06-17,"Sammy FORGIT",php,webapps,0 37411,platforms/php/webapps/37411.txt,"WordPress Organizer Plugin - Multiple Security Vulnerabilities",2012-06-15,MustLive,php,webapps,0 37412,platforms/php/webapps/37412.php,"Joomla! Maian Media Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0 37413,platforms/php/webapps/37413.txt,"Joomla JCal Pro Calendar Component - SQL Injection",2012-06-15,"Taurus Omar",php,webapps,0 -37414,platforms/php/webapps/37414.txt,"Simple Document Management System 1.1.5 - Multiple SQL Injection",2012-06-16,JosS,php,webapps,0 +37414,platforms/php/webapps/37414.txt,"Simple Document Management System 1.1.5 - Multiple SQL Injections",2012-06-16,JosS,php,webapps,0 37415,platforms/php/webapps/37415.txt,"Webify Multiple Products - Multiple HTML Injection / Local File Inclusion",2012-06-16,snup,php,webapps,0 -37416,platforms/java/webapps/37416.txt,"Squiz CMS - Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 +37416,platforms/java/webapps/37416.txt,"Squiz CMS - Multiple Cross-site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 37417,platforms/php/webapps/37417.php,"WordPress Multiple Themes - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 37418,platforms/php/webapps/37418.php,"WordPress LB Mixed Slideshow Plugin - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom Plugin - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 37420,platforms/php/webapps/37420.txt,"VANA CMS - 'index.php' Script SQL Injection",2012-06-18,"Black Hat Group",php,webapps,0 -37565,platforms/php/webapps/37565.txt,"Mahara 1.4.1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0 +37565,platforms/php/webapps/37565.txt,"Mahara 1.4.1 - Multiple Cross-site Scripting and HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0 37566,platforms/php/dos/37566.php,"PHP 5.4.3 - PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0 -37497,platforms/php/webapps/37497.txt,"Flogr - 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities",2012-07-09,Nafsh,php,webapps,0 +37497,platforms/php/webapps/37497.txt,"Flogr - 'tag' Parameter Multiple Cross-site Scripting Vulnerabilities",2012-07-09,Nafsh,php,webapps,0 37423,platforms/php/webapps/37423.txt,"DedeCMS < 5.7-sp1 - Remote File Inclusion",2015-06-29,zise,php,webapps,0 37424,platforms/hardware/webapps/37424.py,"Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure",2015-06-29,"Fady Mohammed Osman",hardware,webapps,0 37425,platforms/hardware/webapps/37425.py,"Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Change",2015-06-29,"Fady Mohammed Osman",hardware,webapps,0 37426,platforms/cgi/remote/37426.py,"Endian Firewall < 3.0.0 - OS Command Injection (Python PoC)",2015-06-29,"Ben Lincoln",cgi,remote,0 37427,platforms/lin_x86-64/shellcode/37427.txt,"Linux/x86-64 - encoded execve shellcode (57 bytes)",2015-06-29,"Bill Borskey",lin_x86-64,shellcode,0 37428,platforms/cgi/remote/37428.txt,"Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)",2015-06-29,"Ben Lincoln",cgi,remote,0 -37430,platforms/php/webapps/37430.txt,"CMS Balitbang - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2012-06-19,TheCyberNuxbie,php,webapps,0 +37430,platforms/php/webapps/37430.txt,"CMS Balitbang - Multiple HTML Injection / Cross-site Scripting Vulnerabilities",2012-06-19,TheCyberNuxbie,php,webapps,0 37431,platforms/php/webapps/37431.php,"e107 Hupsi_fancybox Plugin - 'uploadify.php' Arbitrary File Upload",2012-06-19,"Sammy FORGIT",php,webapps,0 37432,platforms/php/webapps/37432.txt,"e107 Image Gallery Plugin - 'name' Parameter Remote File Disclosure",2012-06-19,"Sammy FORGIT",php,webapps,0 -37433,platforms/php/webapps/37433.txt,"AdaptCMS 2.0.2 - 'index.php' Script Cross-Site Scripting",2012-06-19,indoushka,php,webapps,0 +37433,platforms/php/webapps/37433.txt,"AdaptCMS 2.0.2 - 'index.php' Script Cross-site Scripting",2012-06-19,indoushka,php,webapps,0 37434,platforms/php/webapps/37434.txt,"e107 FileDownload Plugin - Arbitrary File Upload / Remote File Disclosure",2012-06-19,"Sammy FORGIT",php,webapps,0 -37435,platforms/php/webapps/37435.txt,"web@all - Cross-Site Scripting",2012-06-20,"High-Tech Bridge",php,webapps,0 -37436,platforms/php/webapps/37436.txt,"Commentics - 'index.php' Cross-Site Scripting",2012-06-20,"Jean Pascal Pereira",php,webapps,0 +37435,platforms/php/webapps/37435.txt,"web@all - Cross-site Scripting",2012-06-20,"High-Tech Bridge",php,webapps,0 +37436,platforms/php/webapps/37436.txt,"Commentics - 'index.php' Cross-site Scripting",2012-06-20,"Jean Pascal Pereira",php,webapps,0 37564,platforms/hardware/remote/37564.txt,"Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities",2012-08-02,"Benjamin Kunz Mejri",hardware,remote,0 37437,platforms/php/webapps/37437.txt,"Coppermine Photo Gallery - 'index.php' Script SQL Injection",2012-06-20,"Taurus Omar",php,webapps,0 -37438,platforms/php/webapps/37438.txt,"Adiscan LogAnalyzer 3.4.3 - Cross-Site Scripting",2012-06-21,"Sooraj K.S",php,webapps,0 +37438,platforms/php/webapps/37438.txt,"Adiscan LogAnalyzer 3.4.3 - Cross-site Scripting",2012-06-21,"Sooraj K.S",php,webapps,0 37439,platforms/php/webapps/37439.txt,"Novius 5.0.1 - Multiple Vulnerabilities",2015-06-30,hyp3rlinx,php,webapps,80 37441,platforms/jsp/webapps/37441.txt,"WedgeOS 4.0.4 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,jsp,webapps,0 37442,platforms/linux/webapps/37442.txt,"CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion",2015-06-30,otr,linux,webapps,4434 37443,platforms/php/webapps/37443.txt,"Joomla! 'com_szallasok' Component - 'id' Parameter SQL Injection",2012-06-21,CoBRa_21,php,webapps,0 37444,platforms/php/webapps/37444.txt,"Cotonti - 'admin.php' SQL Injection",2012-06-22,AkaStep,php,webapps,0 -37445,platforms/php/webapps/37445.txt,"CMS Lokomedia - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-06-22,the_cyber_nuxbie,php,webapps,0 +37445,platforms/php/webapps/37445.txt,"CMS Lokomedia - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2012-06-22,the_cyber_nuxbie,php,webapps,0 37446,platforms/php/webapps/37446.txt,"Fiyo CMS 2.0_1.9.1 - SQL Injection",2015-06-30,cfreer,php,webapps,80 -37447,platforms/asp/webapps/37447.txt,"C2Box 4.0.0(r19171) - CSRF",2015-06-30,"Wissam Bashour",asp,webapps,0 +37447,platforms/asp/webapps/37447.txt,"C2Box 4.0.0(r19171) - Cross-site Request Forgery",2015-06-30,"Wissam Bashour",asp,webapps,0 37448,platforms/multiple/remote/37448.rb,"Adobe Flash Player - Drawing Fill Shader Memory Corruption",2015-06-30,Metasploit,multiple,remote,0 37449,platforms/hardware/webapps/37449.txt,"Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities",2015-06-30,"SEC Consult",hardware,webapps,0 37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script - 'uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 @@ -33803,9 +33803,9 @@ id,file,description,date,author,platform,type,port 37452,platforms/php/webapps/37452.txt,"WordPress Flip Book Plugin - 'php.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37453,platforms/php/webapps/37453.php,"Drupal Drag & Drop Gallery - 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0 -37499,platforms/php/webapps/37499.txt,"Phonalisa - Multiple HTML-Injection Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0 +37499,platforms/php/webapps/37499.txt,"Phonalisa - Multiple HTML-Injection Cross-site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0 37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 - (firefox) Use-After-Free PoC",2015-07-01,"Marcin Ressel",windows,dos,0 -37457,platforms/php/webapps/37457.html,"FCKEditor Core - (Editor 'spellchecker.php') Cross-Site Scripting",2012-06-25,"Emilio Pinna",php,webapps,0 +37457,platforms/php/webapps/37457.html,"FCKEditor Core - (Editor 'spellchecker.php' ) Cross-site Scripting",2012-06-25,"Emilio Pinna",php,webapps,0 37458,platforms/windows/dos/37458.pl,"Winamp 5.13 - '.m3u' File Exception Handling Remote Denial of Service",2012-06-25,Dark-Puzzle,windows,dos,0 37459,platforms/php/webapps/37459.txt,"Umapresence - Local File Inclusion / Arbitrary File Deletion",2012-06-25,"Sammy FORGIT",php,webapps,0 37460,platforms/php/webapps/37460.txt,"Schoolhos CMS - HTML Injection",2012-06-27,the_cyber_nuxbie,php,webapps,0 @@ -33814,29 +33814,29 @@ id,file,description,date,author,platform,type,port 37463,platforms/windows/dos/37463.pl,"Real Networks RealPlayer - '.avi' File Divide-By-Zero Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 37464,platforms/php/webapps/37464.txt,"WordPress Albo Pretorio Online 3.2 Plugin - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 37466,platforms/php/webapps/37466.php,"PHP-Fusion Advanced MP3 Player Infusion - 'upload.php' Arbitrary File Upload",2012-06-28,"Sammy FORGIT",php,webapps,0 -37467,platforms/jsp/webapps/37467.txt,"TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities",2012-06-28,"Rehan Ahmed",jsp,webapps,0 +37467,platforms/jsp/webapps/37467.txt,"TEMENOS T24 - Multiple Cross-site Scripting Vulnerabilities",2012-06-28,"Rehan Ahmed",jsp,webapps,0 37468,platforms/php/webapps/37468.php,"JAKCMS PRO 2.2.6 - 'uploader.php' Arbitrary File Upload",2012-06-29,"Sammy FORGIT",php,webapps,0 37469,platforms/php/webapps/37469.txt,"LIOOSYS CMS - SQL Injection / Information Disclosure",2012-06-29,MustLive,php,webapps,0 -37470,platforms/multiple/webapps/37470.txt,"SWFUpload - 'movieName' Parameter Cross-Site Scripting",2012-06-29,"Nathan Partlan",multiple,webapps,0 +37470,platforms/multiple/webapps/37470.txt,"SWFUpload - 'movieName' Parameter Cross-site Scripting",2012-06-29,"Nathan Partlan",multiple,webapps,0 37471,platforms/windows/dos/37471.pl,"Zoom Player - '.avi' File Divide-By-Zero Denial of Service",2012-07-02,Dark-Puzzle,windows,dos,0 37472,platforms/php/webapps/37472.php,"GetSimple CMS Items Manager Plugin - 'php.php' Arbitrary File Upload",2012-07-02,"Sammy FORGIT",php,webapps,0 -37473,platforms/php/webapps/37473.txt,"Joomla 2.5.x - Language Switcher ModuleMultiple Cross-Site Scripting Vulnerabilities",2012-07-02,"Stefan Schurtz",php,webapps,0 +37473,platforms/php/webapps/37473.txt,"Joomla 2.5.x - Language Switcher ModuleMultiple Cross-site Scripting Vulnerabilities",2012-07-02,"Stefan Schurtz",php,webapps,0 37474,platforms/php/webapps/37474.txt,"CuteNews 2.0.3 - Arbitrary File Upload",2015-07-03,T0x!c,php,webapps,80 -37498,platforms/php/webapps/37498.txt,"Kajona - 'getAllPassedParams()' Function Multiple Cross-Site Scripting Vulnerabilities",2012-07-11,"High-Tech Bridge SA",php,webapps,0 -37476,platforms/php/webapps/37476.txt,"php MBB - Cross-Site Scripting / SQL Injection",2012-07-03,TheCyberNuxbie,php,webapps,0 +37498,platforms/php/webapps/37498.txt,"Kajona - 'getAllPassedParams()' Function Multiple Cross-site Scripting Vulnerabilities",2012-07-11,"High-Tech Bridge SA",php,webapps,0 +37476,platforms/php/webapps/37476.txt,"php MBB - Cross-site Scripting / SQL Injection",2012-07-03,TheCyberNuxbie,php,webapps,0 37477,platforms/linux/dos/37477.txt,"gnome-terminal (vte) VteTerminal - Escape Sequence Parsing Remote DoS",2012-07-03,"Kevin Fenzi",linux,dos,0 37478,platforms/multiple/dos/37478.txt,"plow - '.plowrc' File Buffer Overflow",2012-07-03,"Jean Pascal Pereira",multiple,dos,0 37479,platforms/php/webapps/37479.txt,"Classified Ads Script PHP - 'admin.php' Multiple SQL Injection",2012-07-04,snup,php,webapps,0 37480,platforms/windows/dos/37480.pl,"Solar FTP Server - Denial of Service",2012-07-05,coolkaveh,windows,dos,0 -37481,platforms/php/webapps/37481.txt,"WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37482,platforms/php/webapps/37482.txt,"WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 -37483,platforms/php/webapps/37483.txt,"WordPress church_admin Plugin - 'id' parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin - Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat Plugin - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 +37481,platforms/php/webapps/37481.txt,"WordPress SocialFit Plugin - 'msg' Parameter Cross-site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37482,platforms/php/webapps/37482.txt,"WordPress custom tables Plugin - 'key' Parameter Cross-site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 +37483,platforms/php/webapps/37483.txt,"WordPress church_admin Plugin - 'id' parameter Cross-site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin - Cross-site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat Plugin - 'url' Parameter Cross-site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 37486,platforms/php/webapps/37486.txt,"sflog! - 'section' Parameter Local File Inclusion",2012-07-06,dun,php,webapps,0 37487,platforms/multiple/dos/37487.txt,"Apache Sling - Denial Of Service",2012-07-06,IOactive,multiple,dos,0 37488,platforms/asp/webapps/37488.txt,"WebsitePanel - 'ReturnUrl' Parameter URI Redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0 -37489,platforms/php/webapps/37489.txt,"MGB - Multiple Cross-Site Scripting / SQL Injection",2012-07-09,"Stefan Schurtz",php,webapps,0 +37489,platforms/php/webapps/37489.txt,"MGB - Multiple Cross-site Scripting / SQL Injection",2012-07-09,"Stefan Schurtz",php,webapps,0 37546,platforms/linux/dos/37546.pl,"File Roller v3.4.1 - DoS PoC",2015-07-09,Arsyntex,linux,dos,0 37563,platforms/php/webapps/37563.html,"WordPress G-Lock Double Opt-in Manager Plugin - SQL Injection",2012-08-01,BEASTIAN,php,webapps,0 37492,platforms/ios/webapps/37492.txt,"WK UDID 1.0.1 iOS - Command Inject",2015-07-05,Vulnerability-Lab,ios,webapps,0 @@ -33844,14 +33844,14 @@ id,file,description,date,author,platform,type,port 37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux/x86 - /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 -37500,platforms/php/webapps/37500.txt,"Funeral Script PHP - Cross-Site Scripting / SQL Injection",2012-06-17,snup,php,webapps,0 +37500,platforms/php/webapps/37500.txt,"Funeral Script PHP - Cross-site Scripting / SQL Injection",2012-06-17,snup,php,webapps,0 37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin - Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 -37502,platforms/php/webapps/37502.txt,"Elite Bulletin Board - Multiple SQL Injection",2012-07-15,ToXiC,php,webapps,0 +37502,platforms/php/webapps/37502.txt,"Elite Bulletin Board - Multiple SQL Injections",2012-07-15,ToXiC,php,webapps,0 37503,platforms/php/webapps/37503.txt,"Event Calender PHP - Multiple Input Validation Vulnerabilities",2012-07-16,snup,php,webapps,0 37504,platforms/android/webapps/37504.py,"AirDroid - Unauthenticated Arbitrary File Upload",2015-07-06,"Parsa Adib",android,webapps,8888 37505,platforms/php/webapps/37505.txt,"Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities",2012-07-16,"Benjamin Kunz Mejri",php,webapps,0 37506,platforms/php/webapps/37506.php,"WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion",2012-07-16,"Sammy FORGIT",php,webapps,0 -37507,platforms/php/webapps/37507.txt,"web@all - 'name' Parameter Cross-Site Scripting",2012-07-16,"Sammy FORGIT",php,webapps,0 +37507,platforms/php/webapps/37507.txt,"web@all - 'name' Parameter Cross-site Scripting",2012-07-16,"Sammy FORGIT",php,webapps,0 37508,platforms/php/webapps/37508.txt,"Rama Zeiten CMS - 'download.php' Remote File Disclosure",2012-07-16,"Sammy FORGIT",php,webapps,0 37509,platforms/php/webapps/37509.txt,"EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities",2012-07-16,"Sammy FORGIT",php,webapps,0 37510,platforms/windows/remote/37510.c,"Google Chrome 19.0.1084.52 - 'metro_driver.dll' DLL Loading Arbitrary Code Execution",2012-06-26,"Moshe Zioni",windows,remote,0 @@ -33877,41 +33877,41 @@ id,file,description,date,author,platform,type,port 37530,platforms/php/webapps/37530.txt,"WordPress WP e-Commerce Shop Styling Plugin 2.5 - Arbitrary File Download",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37531,platforms/hardware/webapps/37531.txt,"Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities",2015-07-08,"David Jorm",hardware,webapps,0 37532,platforms/hardware/webapps/37532.txt,"AirLive Multiple Products - OS Command Injection",2015-07-08,"Core Security",hardware,webapps,8080 -37533,platforms/asp/webapps/37533.txt,"Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS",2015-07-08,"Paris Zoumpouloglou",asp,webapps,80 +37533,platforms/asp/webapps/37533.txt,"Orchard CMS 1.7.3/1.8.2/1.9.0 - Persistent Cross-site Scripting",2015-07-08,"Paris Zoumpouloglou",asp,webapps,80 37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow",2015-07-08,Metasploit,multiple,remote,0 37537,platforms/php/webapps/37537.txt,"phpProfiles - Multiple Security Vulnerabilities",2012-07-24,L0n3ly-H34rT,php,webapps,0 37538,platforms/linux/dos/37538.py,"ISC DHCP 4.x - Multiple Denial of Service Vulnerabilities",2012-07-25,"Markus Hietava",linux,dos,0 -37539,platforms/php/webapps/37539.txt,"REDAXO - 'subpage' Parameter Cross-Site Scripting",2012-07-25,"High-Tech Bridge SA",php,webapps,0 +37539,platforms/php/webapps/37539.txt,"REDAXO - 'subpage' Parameter Cross-site Scripting",2012-07-25,"High-Tech Bridge SA",php,webapps,0 37540,platforms/php/webapps/37540.txt,"Joomla Odudeprofile component - 'profession' Parameter SQL Injection",2012-07-25,"Daniel Barragan",php,webapps,0 37541,platforms/php/webapps/37541.txt,"tekno.Portal 0.1b - 'anket.php' SQL Injection",2012-07-25,Socket_0x03,php,webapps,0 37542,platforms/windows/remote/37542.html,"BarCodeWiz 'BarcodeWiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow",2012-07-25,coolkaveh,windows,remote,0 37543,platforms/linux/local/37543.c,"Linux Kernel 2.6.x - 'rds_recvmsg()' Function Local Information Disclosure",2012-07-26,"Jay Fenlason",linux,local,0 37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 - 'redirect' Parameter URI Redirection",2012-07-29,"Aung Khant",php,webapps,0 -37547,platforms/php/webapps/37547.txt,"Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities",2012-07-30,"Mario Ceballos",php,webapps,0 +37547,platforms/php/webapps/37547.txt,"Scrutinizer 9.0.1.19899 - Multiple Cross-site Scripting Vulnerabilities",2012-07-30,"Mario Ceballos",php,webapps,0 37548,platforms/php/webapps/37548.txt,"Scrutinizer 9.0.1.19899 - Arbitrary File Upload",2012-07-30,"Mario Ceballos",php,webapps,0 37549,platforms/cgi/webapps/37549.txt,"Scrutinizer 9.0.1.19899 - HTTP Authentication Bypass",2012-07-30,"Mario Ceballos",cgi,webapps,0 37550,platforms/jsp/webapps/37550.txt,"DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities",2012-07-31,"Raymond Rizk",jsp,webapps,0 -37551,platforms/php/webapps/37551.txt,"phpBB - Multiple SQL Injection",2012-07-28,HauntIT,php,webapps,0 -37552,platforms/php/webapps/37552.txt,"JW Player - 'playerready' Parameter Cross-Site Scripting",2012-07-29,MustLive,php,webapps,0 +37551,platforms/php/webapps/37551.txt,"phpBB - Multiple SQL Injections",2012-07-28,HauntIT,php,webapps,0 +37552,platforms/php/webapps/37552.txt,"JW Player - 'playerready' Parameter Cross-site Scripting",2012-07-29,MustLive,php,webapps,0 37553,platforms/php/webapps/37553.txt,"eNdonesia - 'cid' Parameter SQL Injection",2012-07-29,Crim3R,php,webapps,0 37554,platforms/php/webapps/37554.txt,"Limny - 'index.php' Multiple SQL Injection",2012-07-31,L0n3ly-H34rT,php,webapps,0 -37555,platforms/java/webapps/37555.txt,"ManageEngine Applications Manager - Multiple SQL Injection",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 -37556,platforms/php/webapps/37556.txt,"Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 -37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager - Multiple Cross-Site Scripting and SQL Injection",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 +37555,platforms/java/webapps/37555.txt,"ManageEngine Applications Manager - Multiple SQL Injections",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 +37556,platforms/php/webapps/37556.txt,"Distimo Monitor - Multiple Cross-site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 +37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager - Multiple Cross-site Scripting and SQL Injection",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 37558,platforms/windows/dos/37558.txt,"Notepad++ 6.7.3 - Crash PoC",2015-07-10,"Rahul Pratap Singh",windows,dos,0 37559,platforms/php/webapps/37559.txt,"WordPress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37560,platforms/php/webapps/37560.txt,"WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37562,platforms/multiple/dos/37562.pl,"NTPD - MON_GETLIST Query Amplification Denial of Service",2015-07-10,"Todor Donev",multiple,dos,123 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b - 'link.php' SQL Injection",2012-08-01,Socket_0x03,php,webapps,0 37568,platforms/windows/dos/37568.pl,"VLC Media Player - '.3gp' File Divide-By-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0 -37569,platforms/multiple/webapps/37569.txt,"ntop - 'arbfile' Parameter Cross-Site Scripting",2012-08-03,"Marcos Garcia",multiple,webapps,0 +37569,platforms/multiple/webapps/37569.txt,"ntop - 'arbfile' Parameter Cross-site Scripting",2012-08-03,"Marcos Garcia",multiple,webapps,0 37570,platforms/multiple/webapps/37570.py,"Zenoss 3.2.1 - Remote Post-Authentication Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0 37571,platforms/multiple/webapps/37571.txt,"Zenoss 3.2.1 - Multiple Security Vulnerabilities",2012-07-30,"Brendan Coles",multiple,webapps,0 -37572,platforms/php/webapps/37572.txt,"Elefant CMS - 'id' Parameter Cross-Site Scripting",2012-08-03,PuN!Sh3r,php,webapps,0 -37573,platforms/multiple/webapps/37573.txt,"Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-08-06,"Benjamin Kunz Mejri",multiple,webapps,0 -37575,platforms/php/webapps/37575.txt,"Joomla! 'com_photo' module - Multiple SQL Injection",2012-08-06,"Chokri Ben Achor",php,webapps,0 +37572,platforms/php/webapps/37572.txt,"Elefant CMS - 'id' Parameter Cross-site Scripting",2012-08-03,PuN!Sh3r,php,webapps,0 +37573,platforms/multiple/webapps/37573.txt,"Worksforweb iAuto - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2012-08-06,"Benjamin Kunz Mejri",multiple,webapps,0 +37575,platforms/php/webapps/37575.txt,"Joomla! 'com_photo' module - Multiple SQL Injections",2012-08-06,"Chokri Ben Achor",php,webapps,0 37576,platforms/linux/remote/37576.cpp,"Alligra Calligra - Heap Based Buffer Overflow",2012-08-07,"Charlie Miller",linux,remote,0 -37577,platforms/asp/webapps/37577.txt,"PolarisCMS - 'WebForm_OnSubmit()' Function Cross-Site Scripting",2012-08-05,"Gjoko Krstic",asp,webapps,0 +37577,platforms/asp/webapps/37577.txt,"PolarisCMS - 'WebForm_OnSubmit()' Function Cross-site Scripting",2012-08-05,"Gjoko Krstic",asp,webapps,0 37578,platforms/php/webapps/37578.txt,"Open Constructor - users/users.php keyword Parameter XSS",2012-08-04,"Lorenzo Cantoni",php,webapps,0 37579,platforms/php/webapps/37579.txt,"Open Constructor - data/file/edit.php result Parameter XSS",2012-08-04,"Lorenzo Cantoni",php,webapps,0 37580,platforms/php/webapps/37580.txt,"Open Constructor - confirm.php q Parameter XSS",2012-08-04,"Lorenzo Cantoni",php,webapps,0 @@ -33923,8 +33923,8 @@ id,file,description,date,author,platform,type,port 37586,platforms/php/webapps/37586.php,"PBBoard - Authentication Bypass",2012-08-07,i-Hmx,php,webapps,0 37587,platforms/php/webapps/37587.txt,"GetSimple - 'path' Parameter Local File Inclusion",2012-08-07,PuN!Sh3r,php,webapps,0 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 -37589,platforms/java/webapps/37589.txt,"ConcourseSuite - Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 -37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 +37589,platforms/java/webapps/37589.txt,"ConcourseSuite - Multiple Cross-site Scripting and Cross-site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 +37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 - 'unconfirmed' Parameter Cross-site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37591,platforms/php/webapps/37591.php,"AraDown - 'id' Parameter SQL Injection",2012-08-08,G-B,php,webapps,0 37592,platforms/php/webapps/37592.php,"FreiChat 9.6 - SQL Injection",2015-07-13,"Kacper Szurek",php,webapps,80 37593,platforms/windows/dos/37593.py,"Full Player 8.2.1 - Memory Corruption PoC",2015-07-13,"SATHISH ARTHAR",windows,dos,0 @@ -33939,7 +33939,7 @@ id,file,description,date,author,platform,type,port 37602,platforms/php/webapps/37602.txt,"ZenPhoto 1.4.8 - Multiple Vulnerabilities",2015-07-13,"Tim Coen",php,webapps,80 37603,platforms/php/webapps/37603.txt,"WordPress CP Contact Form with Paypal Plugin 1.1.5 - Multiple Vulnerabilities",2015-07-13,"Nitin Venkatesh",php,webapps,80 37604,platforms/php/webapps/37604.txt,"SO Planning 1.32 - Multiple Vulnerabilities",2015-07-13,"Huy-Ngoc DAU",php,webapps,80 -37622,platforms/php/webapps/37622.txt,"WordPress Download Manager Free 2.7.94 & Pro 4 Plugin - Authenticated Stored XSS",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 +37622,platforms/php/webapps/37622.txt,"WordPress Download Manager Free 2.7.94 & Pro 4 Plugin - Authenticated Persistent Cross-site Scripting",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 37607,platforms/windows/dos/37607.py,"Internet Download Manager - (.ief) Crash PoC",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37608,platforms/windows/dos/37608.py,"Internet Download Manager - (Find Download) Crash PoC",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37609,platforms/xml/webapps/37609.txt,"Pimcore CMS Build 3450 - Directory Traversal",2015-07-14,Portcullis,xml,webapps,0 @@ -33947,48 +33947,48 @@ id,file,description,date,author,platform,type,port 37611,platforms/windows/remote/37611.php,"Impero Education Pro - SYSTEM Remote Command Execution",2015-07-14,slipstream,windows,remote,0 37612,platforms/windows/dos/37612.py,"ZOC Terminal Emulator 7 - (Quick Connection) Crash PoC",2015-07-14,"SATHISH ARTHAR",windows,dos,0 37613,platforms/php/webapps/37613.txt,"PHPList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 -37614,platforms/php/webapps/37614.txt,"PBBoard - index.php Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 +37614,platforms/php/webapps/37614.txt,"PBBoard - 'index.php' Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard - admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 37617,platforms/php/webapps/37617.txt,"dirLIST - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 37664,platforms/win_x86/shellcode/37664.c,"Win32/XP SP3 (TR) - MessageBox shellcode (24 bytes)",2015-07-21,B3mB4m,win_x86,shellcode,0 37620,platforms/php/webapps/37620.txt,"Joomla DOCman Component - Multiple Vulnerabilities",2015-07-15,"Hugo Santiago",php,webapps,80 37623,platforms/hardware/webapps/37623.txt,"15 TOTOLINK Router Models - Multiple RCE Vulnerabilities",2015-07-16,"Pierre Kim",hardware,webapps,0 -37624,platforms/hardware/webapps/37624.txt,"4 TOTOLINK Router Models - CSRF / XSS",2015-07-16,"Pierre Kim",hardware,webapps,0 +37624,platforms/hardware/webapps/37624.txt,"4 TOTOLINK Router Models - CSRF/XSS",2015-07-16,"Pierre Kim",hardware,webapps,0 37625,platforms/hardware/webapps/37625.txt,"4 TOTOLINK Router Models - Backdoor Credentials",2015-07-16,"Pierre Kim",hardware,webapps,0 37626,platforms/hardware/webapps/37626.txt,"8 TOTOLINK Router Models - Backdoor and RCE",2015-07-16,"Pierre Kim",hardware,webapps,0 37628,platforms/hardware/remote/37628.rb,"D-Link - Cookie Command Execution",2015-07-17,Metasploit,hardware,remote,0 -37629,platforms/php/webapps/37629.txt,"WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF",2015-07-17,"Tom Adams",php,webapps,80 -37630,platforms/php/webapps/37630.txt,"Hotel Booking Portal 0.1 - Multiple SQL Injection / Cross-Site Scripting",2012-08-09,"Yakir Wizman",php,webapps,0 +37629,platforms/php/webapps/37629.txt,"WordPress BuddyPress Activity Plus Plugin 1.5 - Cross-site Request Forgery",2015-07-17,"Tom Adams",php,webapps,80 +37630,platforms/php/webapps/37630.txt,"Hotel Booking Portal 0.1 - Multiple SQL Injections / Cross-site Scripting",2012-08-09,"Yakir Wizman",php,webapps,0 37631,platforms/linux/local/37631.c,"GNU glibc - Multiple Local Stack Buffer Overflow Vulnerabilities",2012-08-13,"Joseph S. Myer",linux,local,0 -37632,platforms/php/webapps/37632.txt,"Total Shop UK eCommerce CodeIgniter - Multiple Cross-Site Scripting Vulnerabilities",2012-08-13,"Chris Cooper",php,webapps,0 -37633,platforms/php/webapps/37633.txt,"mIRC - 'projects.php' Cross-Site Scripting",2012-08-10,TayfunBasoglu,php,webapps,0 +37632,platforms/php/webapps/37632.txt,"Total Shop UK eCommerce CodeIgniter - Multiple Cross-site Scripting Vulnerabilities",2012-08-13,"Chris Cooper",php,webapps,0 +37633,platforms/php/webapps/37633.txt,"mIRC - 'projects.php' Cross-site Scripting",2012-08-10,TayfunBasoglu,php,webapps,0 37634,platforms/php/webapps/37634.txt,"MindTouch DekiWiki - Multiple Remote File Inclusion / Local File Inclusion",2012-08-11,L0n3ly-H34rT,php,webapps,0 37635,platforms/php/webapps/37635.txt,"GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host - Local File Inclusion",2012-08-10,L0n3ly-H34rT,php,webapps,0 -37636,platforms/php/webapps/37636.txt,"ShopperPress WordPress Theme - SQL Injection / Cross-Site Scripting",2012-08-02,"Benjamin Kunz Mejri",php,webapps,0 +37636,platforms/php/webapps/37636.txt,"ShopperPress WordPress Theme - SQL Injection / Cross-site Scripting",2012-08-02,"Benjamin Kunz Mejri",php,webapps,0 37637,platforms/php/webapps/37637.pl,"Elastix 2.2.0 - 'graph.php' Local File Inclusion",2012-08-17,cheki,php,webapps,0 -37638,platforms/cgi/webapps/37638.txt,"LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting",2012-08-17,"Jose Carlos de Arriba",cgi,webapps,0 +37638,platforms/cgi/webapps/37638.txt,"LISTSERV 16 - 'SHOWTPL' Parameter Cross-site Scripting",2012-08-17,"Jose Carlos de Arriba",cgi,webapps,0 37639,platforms/multiple/dos/37639.html,"Mozilla Firefox - Remote Denial of Service",2012-08-17,"Jean Pascal Pereira",multiple,dos,0 37640,platforms/windows/dos/37640.pl,"Divx Player - Denial of Service",2012-08-20,Dark-Puzzle,windows,dos,0 -37641,platforms/php/webapps/37641.txt,"JPM Article Blog Script 6 - 'tid' Parameter Cross-Site Scripting",2012-08-21,Mr.0c3aN,php,webapps,0 -37642,platforms/php/webapps/37642.txt,"SaltOS - 'download.php' Cross-Site Scripting",2012-08-18,"Stefan Schurtz",php,webapps,0 +37641,platforms/php/webapps/37641.txt,"JPM Article Blog Script 6 - 'tid' Parameter Cross-site Scripting",2012-08-21,Mr.0c3aN,php,webapps,0 +37642,platforms/php/webapps/37642.txt,"SaltOS - 'download.php' Cross-site Scripting",2012-08-18,"Stefan Schurtz",php,webapps,0 37643,platforms/php/webapps/37643.txt,"IBM Rational ClearQuest 8.0 - Multiple Security Vulnerabilities",2012-08-27,anonymous,php,webapps,0 -37644,platforms/php/webapps/37644.txt,"Jara 1.6 - Multiple SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0 -37645,platforms/php/webapps/37645.txt,"OrderSys 1.6.4 - Multiple SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0 -37646,platforms/php/webapps/37646.txt,"Banana Dance - Cross-Site Scripting / SQL Injection",2012-08-22,"Canberk BOLAT",php,webapps,0 +37644,platforms/php/webapps/37644.txt,"Jara 1.6 - Multiple SQL Injections / Multiple Cross-site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0 +37645,platforms/php/webapps/37645.txt,"OrderSys 1.6.4 - Multiple SQL Injections / Multiple Cross-site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0 +37646,platforms/php/webapps/37646.txt,"Banana Dance - Cross-site Scripting / SQL Injection",2012-08-22,"Canberk BOLAT",php,webapps,0 37647,platforms/multiple/remote/37647.txt,"Apache Struts2 - Skill Name Remote Code Execution",2012-08-23,kxlzx,multiple,remote,0 37648,platforms/php/webapps/37648.txt,"Joomla! CiviCRM Component - Multiple Arbitrary File Upload Vulnerabilities",2012-08-22,Crim3R,php,webapps,0 -37649,platforms/php/webapps/37649.html,"SiNG cms - 'password.php' Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 +37649,platforms/php/webapps/37649.html,"SiNG cms - 'password.php' Cross-site Scripting",2012-08-23,LiquidWorm,php,webapps,0 37650,platforms/php/webapps/37650.txt,"1024 CMS 2.1.1 - 'p' Parameter SQL Injection",2012-08-22,kallimero,php,webapps,0 37651,platforms/php/webapps/37651.html,"Monstra - Multiple HTML Injection Vulnerabilities",2012-08-23,LiquidWorm,php,webapps,0 -37652,platforms/php/webapps/37652.txt,"KindEditor - 'name' Parameter Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 +37652,platforms/php/webapps/37652.txt,"KindEditor - 'name' Parameter Cross-site Scripting",2012-08-23,LiquidWorm,php,webapps,0 37653,platforms/php/webapps/37653.txt,"WordPress Rich Widget Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37654,platforms/php/webapps/37654.txt,"WordPress Monsters Editor for WP Super Edit Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37655,platforms/windows/remote/37655.c,"Adobe Pixel Bender Toolkit2 - 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities",2012-08-23,coolkaveh,windows,remote,0 37656,platforms/php/webapps/37656.txt,"PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion",2012-08-23,"Corrado Liotta",php,webapps,0 37657,platforms/windows/local/37657.txt,"Microsoft Word - Local Machine Zone Remote Code Execution",2015-07-20,"Eduardo Braun Prado",windows,local,0 37688,platforms/php/remote/37688.txt,"PHP - 'header()' HTTP Header Injection",2011-10-06,"Mr. Tokumaru",php,remote,0 -37659,platforms/php/webapps/37659.txt,"phpVibe < 4.20 - Stored XSS",2015-07-20,"Filippos Mastrogiannis",php,webapps,0 +37659,platforms/php/webapps/37659.txt,"phpVibe < 4.20 - Persistent Cross-site Scripting",2015-07-20,"Filippos Mastrogiannis",php,webapps,0 37660,platforms/ios/dos/37660.txt,"Image Transfer IOS - Remote Crash Proof Of Concept",2015-07-20,"Mohammad Reza Espargham",ios,dos,0 37662,platforms/multiple/webapps/37662.txt,"Airdroid iOS / Android / Win 3.1.3 - Persistent",2015-07-20,Vulnerability-Lab,multiple,webapps,0 37663,platforms/linux/dos/37663.txt,"TcpDump - rpki_rtr_pdu_print Out-of-Bounds Denial of Service",2015-07-20,"Luke Arntson",linux,dos,0 @@ -33997,33 +33997,33 @@ id,file,description,date,author,platform,type,port 37668,platforms/windows/remote/37668.php,"Internet Download Manager - OLE Automation Array Remote Code Execution",2015-07-21,"Mohammad Reza Espargham",windows,remote,0 37669,platforms/windows/dos/37669.pl,"Counter-Strike 1.6 - 'GameInfo' Query Reflection DoS PoC",2015-07-22,"Todor Donev",windows,dos,0 37670,platforms/osx/local/37670.sh,"OS X 10.10 - DYLD_PRINT_TO_FILE Local Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0 -37671,platforms/multiple/remote/37671.txt,"Websense Content Gateway - Multiple Cross-Site Scripting Vulnerabilities",2012-08-23,"Steven Sim Kok Leong",multiple,remote,0 -37672,platforms/php/webapps/37672.txt,"JW Player - 'logo.link' Parameter Cross-Site Scripting",2012-08-29,MustLive,php,webapps,0 +37671,platforms/multiple/remote/37671.txt,"Websense Content Gateway - Multiple Cross-site Scripting Vulnerabilities",2012-08-23,"Steven Sim Kok Leong",multiple,remote,0 +37672,platforms/php/webapps/37672.txt,"JW Player - 'logo.link' Parameter Cross-site Scripting",2012-08-29,MustLive,php,webapps,0 37673,platforms/windows/dos/37673.html,"Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service",2012-08-24,coolkaveh,windows,dos,0 37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component - 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0 -37676,platforms/asp/webapps/37676.txt,"Power-eCommerce - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 -37677,platforms/php/webapps/37677.txt,"WordPress Finder Plugin - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 -37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 -37679,platforms/php/webapps/37679.txt,"LibGuides - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 -37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host - 'users.php' Cross-Site Scripting",2012-08-25,Explo!ter,php,webapps,0 +37676,platforms/asp/webapps/37676.txt,"Power-eCommerce - Multiple Cross-site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 +37677,platforms/php/webapps/37677.txt,"WordPress Finder Plugin - 'order' Parameter Cross-site Scripting",2012-08-25,Crim3R,php,webapps,0 +37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums - Multiple Cross-site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 +37679,platforms/php/webapps/37679.txt,"LibGuides - Multiple Cross-site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 +37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host - 'users.php' Cross-site Scripting",2012-08-25,Explo!ter,php,webapps,0 37681,platforms/php/webapps/37681.txt,"WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure",2012-08-28,"Jan Van Niekerk",php,webapps,0 37682,platforms/php/webapps/37682.txt,"WordPress Simple:Press Forum Plugin - Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 -37683,platforms/php/webapps/37683.txt,"Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 -37684,platforms/php/webapps/37684.html,"PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 +37683,platforms/php/webapps/37683.txt,"Phorum 5.2.18 - Multiple Cross-site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 +37684,platforms/php/webapps/37684.html,"PrestaShop 1.4.7 - Multiple Cross-site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 37685,platforms/xml/dos/37685.txt,"squidGuard 1.4 - Long URL Handling Remote Denial of Service",2012-08-30,"Stefan Bauer",xml,dos,0 -37686,platforms/multiple/webapps/37686.txt,"Hawkeye-G 3.0.1.4912 - CSRF",2015-07-24,hyp3rlinx,multiple,webapps,0 -37687,platforms/php/webapps/37687.txt,"TomatoCart - 'example_form.ajax.php' Cross-Site Scripting",2012-08-30,HauntIT,php,webapps,0 +37686,platforms/multiple/webapps/37686.txt,"Hawkeye-G 3.0.1.4912 - Cross-site Request Forgery",2015-07-24,hyp3rlinx,multiple,webapps,0 +37687,platforms/php/webapps/37687.txt,"TomatoCart - 'example_form.ajax.php' Cross-site Scripting",2012-08-30,HauntIT,php,webapps,0 37689,platforms/asp/webapps/37689.txt,"XM Forum - 'search.asp' SQL Injection",2012-08-30,Crim3R,asp,webapps,0 -37690,platforms/php/webapps/37690.txt,"Crowbar - 'file' Parameter Multiple Cross-Site Scripting Vulnerabilities",2012-08-30,"Matthias Weckbecker",php,webapps,0 +37690,platforms/php/webapps/37690.txt,"Crowbar - 'file' Parameter Multiple Cross-site Scripting Vulnerabilities",2012-08-30,"Matthias Weckbecker",php,webapps,0 37691,platforms/php/webapps/37691.txt,"SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities",2012-08-31,"Brendan Coles",php,webapps,0 37692,platforms/multiple/dos/37692.pl,"aMSN - Remote Denial of Service",2006-01-01,"Braulio Miguel Suarez Urquijo",multiple,dos,0 37693,platforms/php/webapps/37693.txt,"Sitemax Maestro - SQL Injection / Local File Inclusion",2012-09-03,AkaStep,php,webapps,0 37694,platforms/php/webapps/37694.txt,"Wiki Web Help - 'configpath' Parameter Remote File Inclusion",2012-08-04,L0n3ly-H34rT,php,webapps,0 -37695,platforms/php/webapps/37695.txt,"Sciretech Multiple Products - Multiple SQL Injection",2012-09-04,AkaStep,php,webapps,0 -37696,platforms/asp/webapps/37696.txt,"Cm3 CMS - 'search.asp' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,Crim3R,asp,webapps,0 -37697,platforms/php/webapps/37697.txt,"phpFox 3.0.1 - 'ajax.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-04,Crim3R,php,webapps,0 -37698,platforms/php/webapps/37698.txt,"Kayako Fusion - 'download.php' Cross-Site Scripting",2012-09-05,"High-Tech Bridge",php,webapps,0 +37695,platforms/php/webapps/37695.txt,"Sciretech Multiple Products - Multiple SQL Injections",2012-09-04,AkaStep,php,webapps,0 +37696,platforms/asp/webapps/37696.txt,"Cm3 CMS - 'search.asp' Multiple Cross-site Scripting Vulnerabilities",2012-09-05,Crim3R,asp,webapps,0 +37697,platforms/php/webapps/37697.txt,"phpFox 3.0.1 - 'ajax.php' Multiple Cross-site Scripting Vulnerabilities",2012-09-04,Crim3R,php,webapps,0 +37698,platforms/php/webapps/37698.txt,"Kayako Fusion - 'download.php' Cross-site Scripting",2012-09-05,"High-Tech Bridge",php,webapps,0 37699,platforms/windows/local/37699.py,"Foxit Reader - .PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution",2015-07-27,"Sascha Schirra",windows,local,0 37700,platforms/multiple/webapps/37700.txt,"Hawkeye-G 3.0.1.4912 - Persistent XSS / Information Leakage",2015-07-27,hyp3rlinx,multiple,webapps,0 37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0 @@ -34038,10 +34038,10 @@ id,file,description,date,author,platform,type,port 37709,platforms/php/webapps/37709.txt,"phpFileManager 0.9.8 - Remote Command Execution",2015-07-28,hyp3rlinx,php,webapps,0 37710,platforms/linux/local/37710.txt,"Sudo 1.8.14 - Unauthorized Privilege",2015-07-28,"daniel svartman",linux,local,0 37711,platforms/windows/dos/37711.py,"Classic FTP 2.36 - CWD Reconnection DoS",2015-07-28,St0rn,windows,dos,0 -37712,platforms/php/webapps/37712.txt,"phpFileManager 0.9.8 - CSRF",2015-07-29,hyp3rlinx,php,webapps,80 +37712,platforms/php/webapps/37712.txt,"phpFileManager 0.9.8 - Cross-site Request Forgery",2015-07-29,hyp3rlinx,php,webapps,80 37713,platforms/php/webapps/37713.txt,"2Moons - Multiple Vulnerabilities",2015-07-29,bRpsd,php,webapps,80 37714,platforms/php/webapps/37714.txt,"JoomShopping - Blind SQL Injection",2015-07-29,Mormoroth,php,webapps,80 -37715,platforms/php/webapps/37715.txt,"Tendoo CMS 1.3 - XSS",2015-07-29,"Arash Khazaei",php,webapps,80 +37715,platforms/php/webapps/37715.txt,"Tendoo CMS 1.3 - Cross-site Scripting",2015-07-29,"Arash Khazaei",php,webapps,80 37716,platforms/windows/local/37716.c,"Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution",2015-07-29,"John AAkerblom",windows,local,0 37717,platforms/windows/dos/37717.pl,"KMPlayer 3.9.x - .srt Crash PoC",2015-07-31,"Peyman Motevalli Manesh",windows,dos,0 37718,platforms/windows/dos/37718.py,"T-Mobile Internet Manager - Contact Name Crash PoC",2015-07-31,"SATHISH ARTHAR",windows,dos,0 @@ -34056,10 +34056,10 @@ id,file,description,date,author,platform,type,port 37727,platforms/windows/dos/37727.py,"Python IDLE 2.7.8 - Crash PoC",2015-08-07,"Hadi Zomorodi Monavar",windows,dos,0 37728,platforms/php/dos/37728.py,"OSSEC WUI 0.8 - Denial of Service",2015-08-07,"Milad Saber",php,dos,0 37729,platforms/windows/remote/37729.py,"Filezilla Client 2.2.X - SEH Buffer Overflow Exploit",2015-08-07,ly0n,windows,remote,0 -37730,platforms/windows/local/37730.py,"Tomabo MP4 Player 3.11.3 - (.m3u) SEH Buffer Overflow",2015-08-07,"Saeid Atabaki",windows,local,0 +37730,platforms/windows/local/37730.py,"Tomabo MP4 Player 3.11.3 - '.m3u' SEH Buffer Overflow",2015-08-07,"Saeid Atabaki",windows,local,0 37731,platforms/windows/remote/37731.py,"PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow",2015-08-07,"Jay Turla",windows,remote,21 37732,platforms/win_x86/local/37732.c,"Windows XP SP3 x86 / 2003 SP2 x86 - NDProxy Privilege Escalation (MS14-002)",2015-08-07,"Tomislav Paskalev",win_x86,local,0 -37734,platforms/php/webapps/37734.html,"Microweber 1.0.3 - Stored XSS And CSRF Add Admin Exploit",2015-08-07,LiquidWorm,php,webapps,80 +37734,platforms/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-site Scripting And CSRF Add Admin Exploit",2015-08-07,LiquidWorm,php,webapps,80 37735,platforms/php/webapps/37735.txt,"Microweber 1.0.3 - File Upload Filter Bypass Remote PHP Code Execution",2015-08-07,LiquidWorm,php,webapps,80 37747,platforms/windows/dos/37747.py,"Havij Pro - Crash POC",2015-08-10,i_7e1,windows,dos,0 37753,platforms/php/webapps/37753.txt,"WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 @@ -34076,8 +34076,8 @@ id,file,description,date,author,platform,type,port 37746,platforms/windows/remote/37746.py,"Netsparker 2.3.x - Remote Code Execution",2015-08-09,"Hesam Bazvand",windows,remote,0 37754,platforms/php/webapps/37754.txt,"WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37755,platforms/windows/local/37755.c,"Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)",2015-08-12,"Tomislav Paskalev",windows,local,0 -37947,platforms/multiple/remote/37947.txt,"LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting",2012-03-12,K1P0D,multiple,remote,0 -37948,platforms/php/webapps/37948.txt,"WordPress Slideshow Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 +37947,platforms/multiple/remote/37947.txt,"LiteSpeed Web Server - 'gtitle' parameter Cross-site Scripting",2012-03-12,K1P0D,multiple,remote,0 +37948,platforms/php/webapps/37948.txt,"WordPress Slideshow Plugin - Multiple Cross-site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 37949,platforms/linux/remote/37949.txt,"ModSecurity - POST Parameters Security Bypass",2012-10-17,"Bernhard Mueller",linux,remote,0 37950,platforms/php/webapps/37950.txt,"jCore - /admin/index.php path Parameter XSS",2012-10-17,"High-Tech Bridge",php,webapps,0 37951,platforms/windows/remote/37951.py,"Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 @@ -34085,10 +34085,10 @@ id,file,description,date,author,platform,type,port 37758,platforms/win_x86/shellcode/37758.c,"Windows x86 - user32!MessageBox _Hello World!_ Null Free Shellcode (199 bytes)",2015-08-12,noviceflux,win_x86,shellcode,0 37759,platforms/linux/dos/37759.py,"NeuroServer 0.7.4 - (EEG TCP/IP Transceiver) Remote DoS",2015-08-12,nitr0us,linux,dos,0 37760,platforms/windows/local/37760.rb,"PDF Shaper 3.5 - Buffer Overflow (Metasploit)",2015-08-12,metacom,windows,local,0 -37761,platforms/ios/webapps/37761.txt,"Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting",2015-08-12,"Taurus Omar",ios,webapps,0 +37761,platforms/ios/webapps/37761.txt,"Printer Pro 5.4.3 IOS - Persistent Cross-site Scripting",2015-08-12,"Taurus Omar",ios,webapps,0 37762,platforms/lin_x86/shellcode/37762.py,"Linux/x86 - /bin/sh ROL/ROR Encoded Shellcode",2015-08-12,"Anastasios Monachos",lin_x86,shellcode,0 37763,platforms/windows/dos/37763.txt,"NetServe FTP Client 1.0 - Local DOS (Overflow)",2015-08-12,Un_N0n,windows,dos,0 -37764,platforms/windows/dos/37764.html,"Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)",2015-08-12,"Blue Frost Security GmbH",windows,dos,0 +37764,platforms/windows/dos/37764.html,"Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)",2015-08-12,"Blue Frost Security GmbH",windows,dos,0 37765,platforms/multiple/webapps/37765.txt,"Zend Framework 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM",2015-08-13,"Dawid Golunski",multiple,webapps,0 37766,platforms/multiple/dos/37766.py,"Google Chrome 43.0 - Certificate MIME Handling Integer Overflow",2015-08-13,"Paulos Yibelo",multiple,dos,0 37767,platforms/multiple/webapps/37767.txt,"Joomla Event Manager 2.1.4 - Multiple Vulnerabilities",2015-08-13,"Martino Sani",multiple,webapps,0 @@ -34103,19 +34103,19 @@ id,file,description,date,author,platform,type,port 37776,platforms/windows/dos/37776.py,"Ability FTP Server 2.1.4 - Admin Panel AUTHCODE Command Remote DoS",2015-08-15,St0rn,windows,dos,0 37777,platforms/linux/dos/37777.txt,"NetKit FTP Client (Ubuntu 14.04) - Crash/DoS PoC",2015-08-15,"TUNISIAN CYBER",linux,dos,0 37778,platforms/hardware/webapps/37778.txt,"Security IP Camera Star Vision DVR - Authentication Bypass",2015-08-15,"Meisam Monsef",hardware,webapps,0 -37779,platforms/php/webapps/37779.txt,"Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,"High-Tech Bridge",php,webapps,0 +37779,platforms/php/webapps/37779.txt,"Flogr - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2012-09-05,"High-Tech Bridge",php,webapps,0 37780,platforms/windows/local/37780.c,"ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution",2012-09-04,"Moshe Zioni",windows,local,0 -37781,platforms/php/webapps/37781.txt,"ExtCalendar 2.0 - Multiple SQL Injection and HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 +37781,platforms/php/webapps/37781.txt,"ExtCalendar 2.0 - Multiple SQL Injections and HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 37782,platforms/php/webapps/37782.txt,"web@all - Local File Inclusion / Multiple Arbitrary File Upload Vulnerabilities",2012-09-06,KedAns-Dz,php,webapps,0 37783,platforms/linux/dos/37783.c,"GNU glibc - 'strcoll()' Routine Integer Overflow",2012-09-07,"Jan iankko Lieskovsky",linux,dos,0 37784,platforms/php/webapps/37784.txt,"Pinterestclones - Security Bypass and HTML Injection Vulnerabilities",2012-09-08,DaOne,php,webapps,0 -37785,platforms/php/webapps/37785.txt,"VICIDIAL Call Center Suite - Multiple SQL Injection",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 -37786,platforms/php/webapps/37786.txt,"DeltaScripts PHP Links - Multiple SQL Injection",2012-09-10,L0n3ly-H34rT,php,webapps,0 -37787,platforms/php/webapps/37787.txt,"WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting",2012-08-30,"Chris Cooper",php,webapps,0 +37785,platforms/php/webapps/37785.txt,"VICIDIAL Call Center Suite - Multiple SQL Injections",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 +37786,platforms/php/webapps/37786.txt,"DeltaScripts PHP Links - Multiple SQL Injections",2012-09-10,L0n3ly-H34rT,php,webapps,0 +37787,platforms/php/webapps/37787.txt,"WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-site Scripting",2012-08-30,"Chris Cooper",php,webapps,0 37788,platforms/linux/remote/37788.py,"libguac - Remote Buffer Overflow",2012-09-11,"Michael Jumper",linux,remote,0 -37789,platforms/php/webapps/37789.txt,"Openfiler 2.3 - Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities",2012-09-06,"Brendan Coles",php,webapps,0 +37789,platforms/php/webapps/37789.txt,"Openfiler 2.3 - Multiple Cross-site Scripting and Information Disclosure Vulnerabilities",2012-09-06,"Brendan Coles",php,webapps,0 37790,platforms/php/webapps/37790.txt,"FBDj - 'id' Parameter SQL Injection",2012-09-11,"TUNISIAN CYBER",php,webapps,0 -37791,platforms/multiple/webapps/37791.txt,"Atlassian Confluence 3.4.x - Error Page Cross-Site Scripting",2012-09-12,"D. Niedermaier",multiple,webapps,0 +37791,platforms/multiple/webapps/37791.txt,"Atlassian Confluence 3.4.x - Error Page Cross-site Scripting",2012-09-12,"D. Niedermaier",multiple,webapps,0 37792,platforms/android/remote/37792.txt,"Google Chrome for Android - com.android.browser.application_id Intent Extra Data XSS",2012-09-12,"Artem Chaykin",android,remote,0 37793,platforms/android/remote/37793.txt,"Google Chrome for Android - Multiple file:: URL Handler Local Downloaded Content Disclosure",2012-09-12,"Artem Chaykin",android,remote,0 37794,platforms/android/remote/37794.txt,"Google Chrome for Android - Local Application Handling Cookie Theft Weakness",2012-09-12,"Artem Chaykin",android,remote,0 @@ -34124,7 +34124,7 @@ id,file,description,date,author,platform,type,port 37941,platforms/php/webapps/37941.txt,"SenseSites CommonSense CMS - special.php id Parameter SQL Injection",2012-01-06,"H4ckCity Security Team",php,webapps,0 37942,platforms/php/webapps/37942.txt,"SenseSites CommonSense CMS - article.php id Parameter SQL Injection",2012-01-06,"H4ckCity Security Team",php,webapps,0 37943,platforms/php/webapps/37943.txt,"WebTitan - 'logs-x.php' Directory Traversal",2012-10-20,"Richard Conner",php,webapps,0 -37944,platforms/php/webapps/37944.txt,"vBSEO - 'u' parameter Cross-Site Scripting",2012-06-16,MegaMan,php,webapps,0 +37944,platforms/php/webapps/37944.txt,"vBSEO - 'u' parameter Cross-site Scripting",2012-06-16,MegaMan,php,webapps,0 37945,platforms/php/webapps/37945.txt,"SilverStripe 2.4.x - 'BackURL' Parameter URI Redirection",2012-10-15,"Aung Khant",php,webapps,0 37946,platforms/php/webapps/37946.txt,"WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion",2012-10-15,"Charlie Eriksen",php,webapps,0 38001,platforms/windows/dos/38001.py,"freeSSHd 1.3.1 - Denial of Service",2015-08-28,3unnym00n,windows,dos,22 @@ -34134,9 +34134,9 @@ id,file,description,date,author,platform,type,port 37801,platforms/hardware/webapps/37801.sh,"Sagemcom F@ST 3864 V2 - Get Admin Password",2015-08-17,"Cade Bull",hardware,webapps,0 37802,platforms/jsp/webapps/37802.html,"IFOBS - 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities",2012-09-15,MustLive,jsp,webapps,0 37803,platforms/hardware/remote/37803.txt,"CoSoSys Endpoint Protector - Predictable Password Generation",2012-09-17,"Christopher Campbell",hardware,remote,0 -37804,platforms/php/webapps/37804.txt,"minimal Gallery - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-17,ayastar,php,webapps,0 +37804,platforms/php/webapps/37804.txt,"minimal Gallery - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2012-09-17,ayastar,php,webapps,0 37805,platforms/php/webapps/37805.txt,"TAGWORX.CMS - 'cid' Parameter SQL Injection",2012-09-18,Crim3R,php,webapps,0 -37806,platforms/cgi/webapps/37806.txt,"AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities",2012-09-18,"Benjamin Kunz Mejri",cgi,webapps,0 +37806,platforms/cgi/webapps/37806.txt,"AxisInternet VoIP Manager - Multiple Cross-site Scripting Vulnerabilities",2012-09-18,"Benjamin Kunz Mejri",cgi,webapps,0 37807,platforms/php/webapps/37807.txt,"VBulletin 4.1.12 - 'blog_plugin_useradmin.php' SQL Injection",2012-09-18,Am!r,php,webapps,0 37808,platforms/windows/remote/37808.py,"Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow",2015-08-18,"Tracy Turben",windows,remote,0 37809,platforms/php/webapps/37809.php,"Nuts CMS - Remote PHP Code Injection / Execution",2015-08-17,"Yakir Wizman",php,webapps,80 @@ -34145,27 +34145,27 @@ id,file,description,date,author,platform,type,port 37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager - Authentication Bypass and Code Execution",2015-08-18,Metasploit,win_x86,remote,8443 37813,platforms/windows/local/37813.rb,"VideoCharge Studio - Buffer Overflow (SEH)",2015-08-18,Metasploit,windows,local,0 37814,platforms/python/remote/37814.rb,"Werkzeug - Debug Shell Command Execution",2015-08-18,Metasploit,python,remote,0 -37817,platforms/php/webapps/37817.txt,"PHPfileNavigator 2.3.3 - XSS",2015-08-18,hyp3rlinx,php,webapps,80 -37818,platforms/php/webapps/37818.txt,"PHPfileNavigator 2.3.3 - CSRF",2015-08-18,hyp3rlinx,php,webapps,80 +37817,platforms/php/webapps/37817.txt,"PHPfileNavigator 2.3.3 - Cross-site Scripting",2015-08-18,hyp3rlinx,php,webapps,80 +37818,platforms/php/webapps/37818.txt,"PHPfileNavigator 2.3.3 - Cross-site Request Forgery",2015-08-18,hyp3rlinx,php,webapps,80 37819,platforms/php/webapps/37819.txt,"PHPfileNavigator 2.3.3 - Privilege Escalation",2015-08-18,hyp3rlinx,php,webapps,80 -37820,platforms/php/webapps/37820.txt,"CodoForum 3.3.1 - Multiple SQL Injection",2015-08-18,"Curesec Research Team",php,webapps,80 +37820,platforms/php/webapps/37820.txt,"CodoForum 3.3.1 - Multiple SQL Injections",2015-08-18,"Curesec Research Team",php,webapps,80 37821,platforms/php/webapps/37821.txt,"BigTree CMS 4.2.3 - Authenticated SQL Injection",2015-08-18,"Curesec Research Team",php,webapps,80 37822,platforms/php/webapps/37822.txt,"WordPress WP Symposium Plugin 15.1 - Blind SQL Injection",2015-08-18,dxw,php,webapps,80 -37827,platforms/php/webapps/37827.txt,"WordPress Purity Theme - Multiple Cross-Site Scripting Vulnerabilities",2012-09-07,"Matan Azugi",php,webapps,0 -37828,platforms/php/webapps/37828.txt,"Poweradmin - 'index.php' Cross-Site Scripting",2012-09-20,Siavash,php,webapps,0 -37829,platforms/php/webapps/37829.txt,"WordPress MF Gig Calendar Plugin - Cross-Site Scripting",2012-09-20,"Chris Cooper",php,webapps,0 +37827,platforms/php/webapps/37827.txt,"WordPress Purity Theme - Multiple Cross-site Scripting Vulnerabilities",2012-09-07,"Matan Azugi",php,webapps,0 +37828,platforms/php/webapps/37828.txt,"Poweradmin - 'index.php' Cross-site Scripting",2012-09-20,Siavash,php,webapps,0 +37829,platforms/php/webapps/37829.txt,"WordPress MF Gig Calendar Plugin - Cross-site Scripting",2012-09-20,"Chris Cooper",php,webapps,0 37830,platforms/cgi/webapps/37830.txt,"ZEN Load Balancer - Multiple Security Vulnerabilities",2012-09-24,"Brendan Coles",cgi,webapps,0 37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure",2012-10-09,"Brad Spengler",linux,local,0 37938,platforms/php/webapps/37938.txt,"OpenX - /www/admin/plugin-index.php parent Parameter XSS",2012-10-10,"High-Tech Bridge",php,webapps,0 37939,platforms/php/webapps/37939.txt,"FileContral - Local File Inclusion / Local File Disclosure",2012-08-11,"Ashiyane Digital Security Team",php,webapps,0 -38066,platforms/php/webapps/38066.txt,"WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 +38066,platforms/php/webapps/38066.txt,"WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 38067,platforms/hardware/webapps/38067.py,"Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass",2015-09-02,Orwelllabs,hardware,webapps,80 -37833,platforms/php/webapps/37833.txt,"YCommerce - Multiple SQL Injection",2012-09-21,"Ricardo Almeida",php,webapps,0 +37833,platforms/php/webapps/37833.txt,"YCommerce - Multiple SQL Injections",2012-09-21,"Ricardo Almeida",php,webapps,0 37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0 -37835,platforms/php/webapps/37835.html,"WordPress 3.4.2 - Cross-Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 -37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 -37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin - Cross-Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 -37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0 +37835,platforms/php/webapps/37835.html,"WordPress 3.4.2 - Cross-site Request Forgery",2012-09-22,AkaStep,php,webapps,0 +37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin - 'tid' Parameter Cross-site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 +37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin - Cross-site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 +37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-site Scripting",2011-12-30,farbodmahini,php,webapps,0 37839,platforms/linux/dos/37839.txt,"Flash - PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution",2015-08-19,"Google Security Research",linux,dos,0 37840,platforms/windows/remote/37840.txt,"Flash Broker-Based - Sandbox Escape via Forward Slash Instead of Backslash",2015-08-19,KeenTeam,windows,remote,0 37841,platforms/windows/remote/37841.txt,"Flash Broker-Based - Sandbox Escape via Unexpected Directory Lock",2015-08-19,KeenTeam,windows,remote,0 @@ -34219,21 +34219,21 @@ id,file,description,date,author,platform,type,port 37889,platforms/linux/remote/37889.txt,"YingZhiPython - Directory Traversal / Arbitrary File Upload",2012-09-26,"Larry Cashdollar",linux,remote,0 37890,platforms/windows/local/37890.py,"Multiple ChiefPDF Software 2.0 - Buffer Overflow",2015-08-20,metacom,windows,local,0 37891,platforms/xml/webapps/37891.txt,"Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities",2015-08-20,"Itzik Chen",xml,webapps,4343 -37892,platforms/asp/webapps/37892.txt,"Vifi Radio v1 - CSRF",2015-08-20,KnocKout,asp,webapps,80 +37892,platforms/asp/webapps/37892.txt,"Vifi Radio v1 - Cross-site Request Forgery",2015-08-20,KnocKout,asp,webapps,80 37893,platforms/windows/dos/37893.py,"Valhala Honeypot 1.8 - Stack-Based Buffer Overflow",2015-08-20,Un_N0n,windows,dos,21 37894,platforms/php/webapps/37894.html,"Pligg CMS 2.0.2 - Arbitrary Code Execution",2015-08-20,"Arash Khazaei",php,webapps,80 37895,platforms/win_x86-64/shellcode/37895.asm,"Windows 2003 x64 - Token Stealing shellcode (59 bytes)",2015-08-20,"Fitzl Csaba",win_x86-64,shellcode,0 -37896,platforms/php/webapps/37896.txt,"WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 +37896,platforms/php/webapps/37896.txt,"WordPress ABC Test Plugin - 'id' Parameter Cross-site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 37897,platforms/linux/dos/37897.html,"Midori Browser 0.3.2 - Denial of Service",2012-09-27,"Ryuzaki Lawlet",linux,dos,0 37898,platforms/linux/local/37898.py,"Reaver Pro - Local Privilege Escalation",2012-09-30,infodox,linux,local,0 37899,platforms/php/webapps/37899.txt,"Switchvox - Multiple HTML Injection Vulnerabilities",2012-10-02,"Ibrahim El-Sayed",php,webapps,0 37900,platforms/multiple/remote/37900.txt,"IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities",2012-09-28,MustLive,multiple,remote,0 37901,platforms/php/webapps/37901.txt,"AlamFifa CMS - 'user_name_cookie' Parameter SQL Injection",2012-09-30,L0n3ly-H34rT,php,webapps,0 -37902,platforms/php/webapps/37902.php,"WordPress Akismet Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 -37903,platforms/php/webapps/37903.txt,"Zenphoto - 'admin-news-articles.php' Cross-Site Scripting",2012-10-02,"Scott Herbert",php,webapps,0 -37904,platforms/php/webapps/37904.txt,"Omnistar Mailer - Multiple SQL Injection / HTML Injection Vulnerabilities",2012-10-01,"Vulnerability Laboratory",php,webapps,0 +37902,platforms/php/webapps/37902.php,"WordPress Akismet Plugin - Multiple Cross-site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 +37903,platforms/php/webapps/37903.txt,"Zenphoto - 'admin-news-articles.php' Cross-site Scripting",2012-10-02,"Scott Herbert",php,webapps,0 +37904,platforms/php/webapps/37904.txt,"Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities",2012-10-01,"Vulnerability Laboratory",php,webapps,0 37905,platforms/windows/dos/37905.rb,"PowerTCP WebServer for - ActiveX Denial of Service",2012-09-28,catatonicprime,windows,dos,0 -37906,platforms/php/webapps/37906.txt,"WordPress Googmonify Plugin 0.8.1 - XSS/CSRF",2015-08-21,"Ehsan Hosseini",php,webapps,80 +37906,platforms/php/webapps/37906.txt,"WordPress Googmonify Plugin 0.8.1 - XSS / Cross-site Request Forgery",2015-08-21,"Ehsan Hosseini",php,webapps,80 37907,platforms/php/webapps/37907.txt,"WordPress MDC Private Message Plugin 1.0.0 - Persistent XSS",2015-08-21,"Chris Kellum",php,webapps,80 37908,platforms/windows/dos/37908.py,"Konica Minolta FTP Utility 1.0 - Remote DoS PoC",2015-08-21,"Shankar Damodaran",windows,dos,21 37909,platforms/windows/dos/37909.txt,"Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage",2015-08-21,"Google Security Research",windows,dos,0 @@ -34262,11 +34262,11 @@ id,file,description,date,author,platform,type,port 37932,platforms/php/webapps/37932.txt,"Netsweeper 4.0.8 - Arbitrary File Upload and Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 37933,platforms/php/webapps/37933.txt,"Netsweeper 4.0.8 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37934,platforms/php/webapps/37934.txt,"WordPress Shopp Plugin - Multiple Security Vulnerabilities",2012-10-05,T0x!c,php,webapps,0 -37935,platforms/php/webapps/37935.txt,"Interspire Email Marketer - (Cross-Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities",2012-10-08,"Ibrahim El-Sayed",php,webapps,0 +37935,platforms/php/webapps/37935.txt,"Interspire Email Marketer - (Cross-site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities",2012-10-08,"Ibrahim El-Sayed",php,webapps,0 37936,platforms/php/webapps/37936.txt,"Open Realty - 'select_users_lang' Parameter Local File Inclusion",2012-10-06,L0n3ly-H34rT,php,webapps,0 37952,platforms/windows/remote/37952.py,"Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 37954,platforms/windows/dos/37954.py,"Mock SMTP Server 1.0 - Remote Crash PoC",2015-08-24,"Shankar Damodaran",windows,dos,25 -37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - CSRF Add Admin Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 +37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - CSRF (Add Admin) Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - (.gas) Crash POC",2015-08-24,Un_N0n,windows,dos,0 37958,platforms/multiple/remote/37958.rb,"Firefox - PDF.js Privileged Javascript Injection",2015-08-24,Metasploit,multiple,remote,0 @@ -34279,17 +34279,17 @@ id,file,description,date,author,platform,type,port 37965,platforms/hardware/webapps/37965.txt,"Keeper IP Camera 3.2.2.10 - Authentication Bypass",2015-08-25,"RAT - ThiefKing",hardware,webapps,0 37966,platforms/windows/dos/37966.txt,"Microsoft Office 2007 - OneTableDocumentStream Invalid Object",2015-08-25,"Google Security Research",windows,dos,0 37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 -37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross-Site Scripting",2012-10-19,Netsparker,php,webapps,0 +37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross-site Scripting",2012-10-19,Netsparker,php,webapps,0 37969,platforms/hardware/remote/37969.txt,"FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 -37970,platforms/php/webapps/37970.html,"WordPress Wordfence Security Plugin - Cross-Site Scripting",2012-10-18,MustLive,php,webapps,0 +37970,platforms/php/webapps/37970.html,"WordPress Wordfence Security Plugin - Cross-site Scripting",2012-10-18,MustLive,php,webapps,0 37971,platforms/php/webapps/37971.html,"WHMCS 4.5.2 - 'googlecheckout.php' SQL Injection",2012-10-22,"Starware Security Team",php,webapps,0 -37973,platforms/php/webapps/37973.txt,"SMF - 'view' Parameter Cross-Site Scripting",2012-10-23,Am!r,php,webapps,0 -37974,platforms/php/webapps/37974.txt,"Inventory - Multiple Cross-Site Scripting / SQL Injection",2012-10-26,G13,php,webapps,0 +37973,platforms/php/webapps/37973.txt,"SMF - 'view' Parameter Cross-site Scripting",2012-10-23,Am!r,php,webapps,0 +37974,platforms/php/webapps/37974.txt,"Inventory - Multiple Cross-site Scripting / SQL Injection",2012-10-26,G13,php,webapps,0 37975,platforms/linux/local/37975.py,"ZSNES 1.51 - Buffer Overflow",2015-08-26,"Juan Sacco",linux,local,0 37976,platforms/windows/dos/37976.py,"VLC Media Player 2.2.1 - m3u8/m3u Crash PoC",2015-08-26,"Naser Farhadi",windows,dos,0 37977,platforms/xml/webapps/37977.py,"Magento eCommerce - Remote Code Execution",2015-08-26,"Manish Tanwar",xml,webapps,0 -37978,platforms/php/webapps/37978.txt,"Gramophone - 'rs' Parameter Cross-Site Scripting",2012-10-25,G13,php,webapps,0 -37979,platforms/php/webapps/37979.txt,"VicBlog - Multiple SQL Injection",2012-10-26,Geek,php,webapps,0 +37978,platforms/php/webapps/37978.txt,"Gramophone - 'rs' Parameter Cross-site Scripting",2012-10-25,G13,php,webapps,0 +37979,platforms/php/webapps/37979.txt,"VicBlog - Multiple SQL Injections",2012-10-26,Geek,php,webapps,0 37980,platforms/windows/dos/37980.pl,"Microsoft Office Excel - Denial of Service",2012-10-11,"Jean Pascal Pereira",windows,dos,0 37981,platforms/windows/dos/37981.pl,"Microsoft Paint 5.1 - '.bmp' Denial of Service",2012-10-27,coolkaveh,windows,dos,0 37982,platforms/hardware/remote/37982.pl,"TP-LINK TL-WR841N Router - Local File Inclusion",2012-10-29,"Matan Azugi",hardware,remote,0 @@ -34299,27 +34299,27 @@ id,file,description,date,author,platform,type,port 37986,platforms/windows/dos/37986.txt,"Xion Audio Player 1.5 build 155 - Stack Based Buffer Overflow",2015-08-27,Un_N0n,windows,dos,0 37987,platforms/linux/local/37987.py,"FENIX 0.92 - Buffer Overflow",2015-08-27,"Juan Sacco",linux,local,0 37988,platforms/linux/local/37988.py,"BSIGN 0.4.5 - Buffer Overflow",2015-08-27,"Juan Sacco",linux,local,0 -37989,platforms/php/webapps/37989.txt,"IP.Board 4.X - Stored XSS",2015-08-27,snop,php,webapps,0 +37989,platforms/php/webapps/37989.txt,"IP.Board 4.X - Persistent Cross-site Scripting",2015-08-27,snop,php,webapps,0 37990,platforms/multiple/dos/37990.txt,"QEMU - Programmable Interrupt Timer Controller Heap Overflow",2015-08-27,"Google Security Research",multiple,dos,0 -37991,platforms/php/webapps/37991.txt,"WANem - Multiple Cross-Site Scripting Vulnerabilities",2012-10-16,"Brendan Coles",php,webapps,0 -37992,platforms/php/webapps/37992.txt,"CorePlayer - 'callback' Parameter Cross-Site Scripting",2012-10-28,MustLive,php,webapps,0 +37991,platforms/php/webapps/37991.txt,"WANem - Multiple Cross-site Scripting Vulnerabilities",2012-10-16,"Brendan Coles",php,webapps,0 +37992,platforms/php/webapps/37992.txt,"CorePlayer - 'callback' Parameter Cross-site Scripting",2012-10-28,MustLive,php,webapps,0 37993,platforms/php/webapps/37993.txt,"Joomla! 'com_quiz' Component - SQL Injection",2012-10-30,"Daniel Barragan",php,webapps,0 -37994,platforms/php/webapps/37994.txt,"NetCat CMS - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 -37995,platforms/asp/webapps/37995.txt,"SolarWinds Orion IP Address Manager - (IPAM) 'search.aspx' Cross-Site Scripting",2012-10-31,"Anthony Trummer",asp,webapps,0 +37994,platforms/php/webapps/37994.txt,"NetCat CMS - Multiple Cross-site Scripting Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 +37995,platforms/asp/webapps/37995.txt,"SolarWinds Orion IP Address Manager - (IPAM) 'search.aspx' Cross-site Scripting",2012-10-31,"Anthony Trummer",asp,webapps,0 37996,platforms/windows/remote/37996.txt,"Axigen Mail Server - 'fileName' Parameter Directory Traversal",2012-10-31,"Zhao Liang",windows,remote,0 37997,platforms/ios/dos/37997.txt,"Photo Transfer (2) 1.0 iOS - Denial of Service",2015-08-28,Vulnerability-Lab,ios,dos,3030 37998,platforms/php/webapps/37998.txt,"WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 -37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross-Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 +37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross-site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload To Command Execution",2015-08-28,"Narendra Bhati",php,webapps,80 38002,platforms/php/webapps/38002.txt,"Pluck CMS 4.7.3 - Multiple Vulnerabilities",2015-08-28,smash,php,webapps,80 38003,platforms/windows/remote/38003.py,"PCMan FTP Server 2.0.7 - GET Command Buffer Overflow",2015-08-29,Koby,windows,remote,21 38004,platforms/hardware/webapps/38004.txt,"Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure",2015-08-29,"Shad Malloy",hardware,webapps,80 38005,platforms/windows/remote/38005.asp,"MS SQL Server 2000/2005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit",2015-08-29,ylbhz,windows,remote,0 -38006,platforms/php/webapps/38006.txt,"bloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Canberk BOLAT",php,webapps,0 +38006,platforms/php/webapps/38006.txt,"bloofoxCMS 0.3.5 - Multiple Cross-site Scripting Vulnerabilities",2012-10-31,"Canberk BOLAT",php,webapps,0 38007,platforms/php/webapps/38007.txt,"DCForum - auth_user_file.txt File Multiple Information Disclosure Vulnerabilities",2012-11-02,r45c4l,php,webapps,0 38008,platforms/php/webapps/38008.txt,"Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection",2012-11-03,"Andrea Bocchetti",php,webapps,0 38009,platforms/php/webapps/38009.txt,"AWAuctionScript CMS - Multiple Remote Vulnerabilities",2012-11-04,X-Cisadane,php,webapps,0 -38010,platforms/php/webapps/38010.txt,"VeriCentre - Multiple SQL Injection",2012-11-06,"Cory Eubanks",php,webapps,0 +38010,platforms/php/webapps/38010.txt,"VeriCentre - Multiple SQL Injections",2012-11-06,"Cory Eubanks",php,webapps,0 38011,platforms/php/webapps/38011.txt,"OrangeHRM - 'sortField' Parameter SQL Injection",2012-11-07,"High-Tech Bridge",php,webapps,0 38012,platforms/php/webapps/38012.txt,"WordPress FLV Player Plugin - 'id' Parameter SQL Injection",2012-11-07,"Ashiyane Digital Security Team",php,webapps,0 38013,platforms/windows/remote/38013.py,"PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow",2015-08-29,Koby,windows,remote,21 @@ -34333,7 +34333,7 @@ id,file,description,date,author,platform,type,port 38021,platforms/multiple/dos/38021.pl,"Media Player Classic 1.5 - (MPC) WebServer Request Handling Remote DoS",2012-11-16,X-Cisadane,multiple,dos,0 38022,platforms/php/webapps/38022.txt,"WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38023,platforms/php/webapps/38023.txt,"WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 -38024,platforms/php/webapps/38024.txt,"WebKit Cross-Site Scripting Filter - 'XSSAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 +38024,platforms/php/webapps/38024.txt,"WebKit Cross-site Scripting Filter - 'XSSAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 38025,platforms/php/webapps/38025.txt,"Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities",2012-11-19,HaCkeR_EgY,php,webapps,0 38026,platforms/php/webapps/38026.txt,"Friends in War The FAQ Manager - 'question' Parameter SQL Injection",2012-11-16,unsuprise,php,webapps,0 38027,platforms/php/webapps/38027.txt,"PhpWiki 1.5.4 - Multiple Vulnerabilities",2015-08-31,smash,php,webapps,80 @@ -34345,21 +34345,21 @@ id,file,description,date,author,platform,type,port 38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 38036,platforms/osx/local/38036.rb,"Apple OS X Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 -38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 - Cross-Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 +38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 - Cross-site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 - Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 38039,platforms/php/webapps/38039.txt,"openSIS - 'modname' Parameter Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 38040,platforms/php/webapps/38040.txt,"ATutor - 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 38041,platforms/php/webapps/38041.txt,"WordPress Madebymilk Theme - 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 -38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x - index.php Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0 -38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x - index.php Multiple Parameter XSS",2012-11-21,"High-Tech Bridge",php,webapps,0 +38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0 +38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter XSS",2012-11-21,"High-Tech Bridge",php,webapps,0 38044,platforms/php/webapps/38044.txt,"Feng Office - Security Bypass and HTML Injection Vulnerabilities",2012-11-21,Ur0b0r0x,php,webapps,0 -38045,platforms/php/webapps/38045.html,"XiVO - Cross-Site Request Forgery",2012-11-21,"Francis Provencher",php,webapps,0 +38045,platforms/php/webapps/38045.html,"XiVO - Cross-site Request Forgery",2012-11-21,"Francis Provencher",php,webapps,0 38046,platforms/php/webapps/38046.txt,"WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 38047,platforms/php/webapps/38047.txt,"WordPress Webplayer Plugin - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 38048,platforms/php/webapps/38048.txt,"WordPress Plg Novana Plugin - 'id' Parameter SQL Injection",2012-11-22,sil3nt,php,webapps,0 38049,platforms/multiple/remote/38049.txt,"Greenstone - Multiple Security Vulnerabilities",2012-11-23,AkaStep,multiple,remote,0 38050,platforms/php/webapps/38050.txt,"WordPress Zarzadzonie Kontem Plugin - 'ajaxfilemanager.php' Script Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 -38051,platforms/php/webapps/38051.txt,"Bedita 3.5.1 - XSS",2015-09-01,"Sébastien Morin",php,webapps,80 +38051,platforms/php/webapps/38051.txt,"Bedita 3.5.1 - Cross-site Scripting",2015-09-01,"Sébastien Morin",php,webapps,80 38052,platforms/windows/dos/38052.py,"Ricoh DC (SR10) 1.1.0.8 - Denial of Service",2015-09-01,j2x6,windows,dos,21 38053,platforms/windows/dos/38053.txt,"Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow",2015-09-01,Un_N0n,windows,dos,0 38054,platforms/windows/dos/38054.txt,"SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC",2015-09-01,KoreLogic,windows,dos,0 @@ -34378,22 +34378,22 @@ id,file,description,date,author,platform,type,port 38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - Path Traversal",2015-09-02,HaHwul,php,webapps,80 38072,platforms/windows/dos/38072.py,"SphereFTP Server 2.0 - Crash PoC",2015-09-02,"Meisam Monsef",windows,dos,21 38073,platforms/hardware/webapps/38073.html,"GPON Home Router FTP G-93RG1 - CSRF Command Execution",2015-09-02,"Phan Thanh Duy",hardware,webapps,80 -38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - CSRF",2015-09-02,"High-Tech Bridge SA",php,webapps,80 +38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - Cross-site Request Forgery",2015-09-02,"High-Tech Bridge SA",php,webapps,80 38075,platforms/system_z/shellcode/38075.txt,"Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes)",2015-09-02,"Bigendian Smalls",system_z,shellcode,0 38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator 2.0.1 Plugin - Multiple CSRF Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 38076,platforms/php/webapps/38076.txt,"BigDump 0.29b and 0.32b - Multiple Vulnerabilities",2012-11-28,Ur0b0r0x,php,webapps,0 38077,platforms/php/webapps/38077.txt,"WordPress Toolbox Theme - 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0 -38078,platforms/php/webapps/38078.py,"Elastix - 'page' Parameter Cross-Site Scripting",2012-11-29,cheki,php,webapps,0 -38099,platforms/php/webapps/38099.txt,"TinyMCPUK - 'test' Parameter Cross-Site Scripting",2012-12-01,eidelweiss,php,webapps,0 +38078,platforms/php/webapps/38078.py,"Elastix - 'page' Parameter Cross-site Scripting",2012-11-29,cheki,php,webapps,0 +38099,platforms/php/webapps/38099.txt,"TinyMCPUK - 'test' Parameter Cross-site Scripting",2012-12-01,eidelweiss,php,webapps,0 38080,platforms/hardware/webapps/38080.txt,"Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities",2015-09-04,Vulnerability-Lab,hardware,webapps,0 -38081,platforms/hardware/webapps/38081.txt,"HooToo Tripmate HT-TM01 2.000.022 - CSRF",2015-09-04,"Ken Smith",hardware,webapps,80 +38081,platforms/hardware/webapps/38081.txt,"HooToo Tripmate HT-TM01 2.000.022 - Cross-site Request Forgery",2015-09-04,"Ken Smith",hardware,webapps,80 38085,platforms/win_x86-64/dos/38085.pl,"ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC",2015-09-06,"Robbie Corley",win_x86-64,dos,0 38087,platforms/windows/local/38087.pl,"AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow",2015-09-06,"Robbie Corley",windows,local,0 38088,platforms/lin_x86/shellcode/38088.c,"Linux/x86 - execve(/bin/bash) shellcode (31 bytes)",2015-09-06,"Ajith Kp",lin_x86,shellcode,0 38089,platforms/osx/local/38089.txt,"Disconnect.me Mac OS X Client 2.0 - Local Privilege Escalation",2015-09-06,"Kristian Erik Hermansen",osx,local,0 38090,platforms/php/webapps/38090.txt,"FireEye Appliance - Unauthorized File Disclosure",2015-09-06,"Kristian Erik Hermansen",php,webapps,443 38091,platforms/php/webapps/38091.php,"Elastix < 2.5 - PHP Code Injection Exploit",2015-09-06,i-Hmx,php,webapps,0 -38100,platforms/hardware/remote/38100.txt,"Multiple Fortinet FortiWeb Appliances - Multiple Cross-Site Scripting Vulnerabilities",2012-12-01,"Benjamin Kunz Mejri",hardware,remote,0 +38100,platforms/hardware/remote/38100.txt,"Multiple Fortinet FortiWeb Appliances - Multiple Cross-site Scripting Vulnerabilities",2012-12-01,"Benjamin Kunz Mejri",hardware,remote,0 38101,platforms/php/webapps/38101.txt,"WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 38102,platforms/php/webapps/38102.txt,"WordPress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 38103,platforms/php/webapps/38103.txt,"Sourcefabric Newscoop - 'f_email' Parameter SQL Injection",2012-12-04,AkaStep,php,webapps,0 @@ -34404,7 +34404,7 @@ id,file,description,date,author,platform,type,port 38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy - Password Change Command Injection",2015-09-07,Metasploit,linux,remote,10443 38097,platforms/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",hardware,webapps,80 38098,platforms/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,jsp,webapps,8081 -38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 Theme - XSS",2015-09-08,Outlasted,php,webapps,80 +38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 Theme - Cross-site Scripting",2015-09-08,Outlasted,php,webapps,80 38108,platforms/windows/dos/38108.txt,"Advantech WebAccess 8.0 / 3.4.3 ActiveX - Multiple Vulnerabilities",2015-09-08,"Praveen Darshanam",windows,dos,0 38109,platforms/linux/remote/38109.pl,"Oracle MySQL / MariaDB - Insecure Salt Generation Security Bypass Weakness",2012-12-06,kingcope,linux,remote,0 38110,platforms/php/webapps/38110.txt,"DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities",2015-09-08,"Ashiyane Digital Security Team",php,webapps,0 @@ -34415,7 +34415,7 @@ id,file,description,date,author,platform,type,port 38115,platforms/php/webapps/38115.txt,"SimpleInvoices invoices Module - Unspecified Customer Field XSS",2012-12-10,tommccredie,php,webapps,0 38116,platforms/lin_x86/shellcode/38116.c,"Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) shellcode (75 bytes)",2015-09-09,"Ajith Kp",lin_x86,shellcode,0 38118,platforms/xml/webapps/38118.txt,"Qlikview 11.20 SR11 - Blind XXE Injection",2015-09-09,"Alex Haynes",xml,webapps,0 -38119,platforms/php/webapps/38119.html,"Auto-Exchanger 5.1.0 - CSRF",2015-09-09,"Aryan Bayaninejad",php,webapps,0 +38119,platforms/php/webapps/38119.html,"Auto-Exchanger 5.1.0 - Cross-site Request Forgery",2015-09-09,"Aryan Bayaninejad",php,webapps,0 38120,platforms/php/dos/38120.txt,"PHP - SplDoublyLinkedList unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38121,platforms/php/dos/38121.txt,"PHP GMP unserialize() - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38122,platforms/php/dos/38122.txt,"PHP - SplObjectStorage unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 @@ -34426,8 +34426,8 @@ id,file,description,date,author,platform,type,port 38127,platforms/php/webapps/38127.php,"php - cgimode fpm writeprocmemfile bypass disable function demo",2015-09-10,ylbhz,php,webapps,0 38128,platforms/cgi/webapps/38128.txt,"Synology Video Station 1.5-0757 - Multiple Vulnerabilities",2015-09-10,"Han Sahin",cgi,webapps,5000 38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0 -38130,platforms/java/webapps/38130.txt,"N-able N-central - Cross-Site Request Forgery",2012-12-13,"Cartel Informatique Security Research Labs",java,webapps,0 -38131,platforms/php/webapps/38131.txt,"PHP Address Book - 'group' Parameter Cross-Site Scripting",2012-12-13,"Kenneth F. Belva",php,webapps,0 +38130,platforms/java/webapps/38130.txt,"N-able N-central - Cross-site Request Forgery",2012-12-13,"Cartel Informatique Security Research Labs",java,webapps,0 +38131,platforms/php/webapps/38131.txt,"PHP Address Book - 'group' Parameter Cross-site Scripting",2012-12-13,"Kenneth F. Belva",php,webapps,0 38132,platforms/linux/dos/38132.py,"Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service",2012-12-13,"Pascal Junod",linux,dos,0 38133,platforms/php/webapps/38133.txt,"RokBox Plugin for WordPress - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter XSS",2012-12-17,MustLive,php,webapps,0 38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 @@ -34437,7 +34437,7 @@ id,file,description,date,author,platform,type,port 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition - Remote Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 38141,platforms/php/webapps/38141.txt,"Hero Framework - search q Parameter XSS",2012-12-24,"Stefan Schurtz",php,webapps,0 38142,platforms/php/webapps/38142.txt,"Hero Framework - users/login username Parameter XSS",2012-12-24,"Stefan Schurtz",php,webapps,0 -38143,platforms/php/webapps/38143.txt,"cPanel - 'account' Parameter Cross-Site Scripting",2012-12-24,"Rafay Baloch",php,webapps,0 +38143,platforms/php/webapps/38143.txt,"cPanel - 'account' Parameter Cross-site Scripting",2012-12-24,"Rafay Baloch",php,webapps,0 38144,platforms/php/webapps/38144.txt,"City Reviewer - 'search.php' Script SQL Injection",2012-12-22,3spi0n,php,webapps,0 38145,platforms/linux/dos/38145.txt,"OpenLDAP 2.4.42 - ber_get_next Denial of Service",2015-09-11,"Denis Andzakovic",linux,dos,389 38146,platforms/windows/dos/38146.html,"Microsoft Internet Explorer 11 - Stack Underflow Crash PoC",2015-09-11,Mjx,windows,dos,0 @@ -34450,8 +34450,8 @@ id,file,description,date,author,platform,type,port 38152,platforms/php/webapps/38152.txt,"MotoCMS - admin/data/users.xml Access Restriction Weakness Information Disclosure",2013-01-08,AkaStep,php,webapps,0 38153,platforms/php/webapps/38153.txt,"cPanel WebHost Manager (WHM) - /webmail/x3/mail/clientconf.html acct Parameter XSS",2012-12-27,"Christy Philip Mathew",php,webapps,0 38154,platforms/php/webapps/38154.txt,"cPanel - detailbw.html Multiple Parameter XSS",2012-12-27,"Christy Philip Mathew",php,webapps,0 -38155,platforms/php/webapps/38155.txt,"WHM - 'filtername' Parameter Cross-Site Scripting",2012-12-27,"Rafay Baloch",php,webapps,0 -38156,platforms/php/webapps/38156.txt,"cPanel - 'dir' Parameter Cross-Site Scripting",2012-12-26,"Rafay Baloch",php,webapps,0 +38155,platforms/php/webapps/38155.txt,"WHM - 'filtername' Parameter Cross-site Scripting",2012-12-27,"Rafay Baloch",php,webapps,0 +38156,platforms/php/webapps/38156.txt,"cPanel - 'dir' Parameter Cross-site Scripting",2012-12-26,"Rafay Baloch",php,webapps,0 38157,platforms/php/webapps/38157.txt,"WordPress Xerte Online Plugin - 'save.php' Arbitrary File Upload",2013-01-02,"Sammy FORGIT",php,webapps,0 38158,platforms/php/webapps/38158.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 38159,platforms/php/webapps/38159.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 @@ -34466,11 +34466,11 @@ id,file,description,date,author,platform,type,port 38168,platforms/php/webapps/38168.txt,"TomatoCart - 'json.php' Security Bypass",2013-01-04,"Aung Khant",php,webapps,0 38169,platforms/php/webapps/38169.txt,"Havalite CMS - 'comment' Parameter HTML Injection",2013-01-06,"Henri Salo",php,webapps,0 38170,platforms/android/remote/38170.txt,"Facebook for Android - 'LoginActivity' Information Disclosure",2013-01-07,"Takeshi Terada",android,remote,0 -38171,platforms/php/webapps/38171.txt,"Joomla! Incapsula Component - Multiple Cross-Site Scripting Vulnerabilities",2013-01-08,"Gjoko Krstic",php,webapps,0 -38178,platforms/php/webapps/38178.txt,"WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting",2013-01-08,Am!r,php,webapps,0 +38171,platforms/php/webapps/38171.txt,"Joomla! Incapsula Component - Multiple Cross-site Scripting Vulnerabilities",2013-01-08,"Gjoko Krstic",php,webapps,0 +38178,platforms/php/webapps/38178.txt,"WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-site Scripting",2013-01-08,Am!r,php,webapps,0 38173,platforms/multiple/webapps/38173.txt,"ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution",2015-09-14,xistence,multiple,webapps,0 38174,platforms/multiple/webapps/38174.txt,"ManageEngine OpManager 11.5 - Multiple Vulnerabilities",2015-09-14,xistence,multiple,webapps,0 -38179,platforms/multiple/remote/38179.txt,"Dell OpenManage Server Administrator - Cross-Site Scripting",2013-01-09,"Tenable NS",multiple,remote,0 +38179,platforms/multiple/remote/38179.txt,"Dell OpenManage Server Administrator - Cross-site Scripting",2013-01-09,"Tenable NS",multiple,remote,0 38180,platforms/php/webapps/38180.txt,"TinyBrowser - /tiny_mce/plugins/tinybrowser/edit.php type Parameter XSS",2013-01-09,MustLive,php,webapps,0 38176,platforms/php/webapps/38176.txt,"EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities",2015-09-14,"Felipe Molina",php,webapps,0 38177,platforms/windows/dos/38177.txt,"IKEView.exe R60 - Stack Buffer Overflow",2015-09-14,hyp3rlinx,windows,dos,0 @@ -34485,7 +34485,7 @@ id,file,description,date,author,platform,type,port 38189,platforms/jsp/webapps/38189.txt,"Openfire 3.10.2 - Remote File Inclusion",2015-09-15,hyp3rlinx,jsp,webapps,0 38190,platforms/jsp/webapps/38190.txt,"Openfire 3.10.2 - Privilege Escalation",2015-09-15,hyp3rlinx,jsp,webapps,80 38191,platforms/jsp/webapps/38191.txt,"Openfire 3.10.2 - Multiple XSS Vulnerabilities",2015-09-15,hyp3rlinx,jsp,webapps,80 -38192,platforms/jsp/webapps/38192.txt,"Openfire 3.10.2 - CSRF",2015-09-15,hyp3rlinx,jsp,webapps,80 +38192,platforms/jsp/webapps/38192.txt,"Openfire 3.10.2 - Cross-site Request Forgery",2015-09-15,hyp3rlinx,jsp,webapps,80 38194,platforms/android/shellcode/38194.c,"Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes)",2015-09-15,"Steven Padilla",android,shellcode,0 38195,platforms/windows/remote/38195.rb,"Microsoft Windows Media Center - MCL (MS15-100)",2015-09-15,Metasploit,windows,remote,0 38196,platforms/php/remote/38196.rb,"CMS Bolt - File Upload",2015-09-15,Metasploit,php,remote,80 @@ -34497,7 +34497,7 @@ id,file,description,date,author,platform,type,port 38202,platforms/windows/local/38202.txt,"Windows - CreateObjectTask SettingsSyncDiagnostics Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38205,platforms/multiple/dos/38205.py,"BT Home Hub - 'uuid' field Buffer Overflow",2013-01-08,"Zachary Cutlip",multiple,dos,0 38206,platforms/windows/remote/38206.html,"Samsung Kies - Remote Buffer Overflow",2013-01-09,"High-Tech Bridge",windows,remote,0 -38207,platforms/php/webapps/38207.txt,"Quick.Cms/Quick.Cart - Cross-Site Scripting",2013-01-09,"High-Tech Bridge",php,webapps,0 +38207,platforms/php/webapps/38207.txt,"Quick.Cms/Quick.Cart - Cross-site Scripting",2013-01-09,"High-Tech Bridge",php,webapps,0 38208,platforms/multiple/dos/38208.py,"Colloquy - Remote Denial of Service",2013-01-09,Aph3x,multiple,dos,0 38209,platforms/php/webapps/38209.txt,"WordPress Gallery Plugin - 'filename_1' Parameter Remote Arbitrary File Access",2013-01-10,Beni_Vanda,php,webapps,0 38210,platforms/php/webapps/38210.txt,"Kirby CMS 2.1.0 - CSRF Content Upload and PHP Script Execution",2015-09-22,"Dawid Golunski",php,webapps,0 @@ -34513,20 +34513,20 @@ id,file,description,date,author,platform,type,port 38220,platforms/windows/local/38220.py,"IKEView R60 - Buffer Overflow Local Exploit (SEH)",2015-09-17,VIKRAMADITYA,windows,local,0 38221,platforms/java/remote/38221.rb,"ManageEngine OpManager - Remote Code Execution",2015-09-17,Metasploit,java,remote,0 38222,platforms/win_x86-64/local/38222.rb,"Microsoft Windows - Font Driver Buffer Overflow (MS15-078)",2015-09-17,Metasploit,win_x86-64,local,0 -38223,platforms/php/webapps/38223.txt,"ZeusCart 4.0 - CSRF",2015-09-17,"Curesec Research Team",php,webapps,80 +38223,platforms/php/webapps/38223.txt,"ZeusCart 4.0 - Cross-site Request Forgery",2015-09-17,"Curesec Research Team",php,webapps,80 38224,platforms/php/webapps/38224.txt,"ZeusCart 4.0 - SQL Injection",2015-09-17,"Curesec Research Team",php,webapps,80 38225,platforms/windows/dos/38225.txt,"VBox Satellite Express 2.3.17.3 - Arbitrary Write",2015-09-17,KoreLogic,windows,dos,0 38226,platforms/android/remote/38226.py,"Android libstagefright - Integer Overflow Remote Code Execution",2015-09-17,"Google Security Research",android,remote,0 38227,platforms/windows/remote/38227.txt,"Microsoft Lync 2010 4.0.7577.0 - User-Agent Header Handling Remote Arbitrary Command Execution",2013-01-11,"Christopher Emerson",windows,remote,0 38228,platforms/php/webapps/38228.txt,"phpLiteAdmin - 'table' Parameter SQL Injection",2013-01-15,KedAns-Dz,php,webapps,0 38229,platforms/php/webapps/38229.txt,"IP.Gallery - 'img' Parameter SQL Injection",2013-01-17,"Ashiyane Digital Security Team",php,webapps,0 -38230,platforms/multiple/remote/38230.txt,"Apache OFBiz 10.4.x - Multiple Cross-Site Scripting Vulnerabilities",2013-01-18,"Juan Caillava",multiple,remote,0 -38231,platforms/php/webapps/38231.txt,"Scripts Genie Classified Ultra - SQL Injection / Cross-Site Scripting",2013-01-20,3spi0n,php,webapps,0 +38230,platforms/multiple/remote/38230.txt,"Apache OFBiz 10.4.x - Multiple Cross-site Scripting Vulnerabilities",2013-01-18,"Juan Caillava",multiple,remote,0 +38231,platforms/php/webapps/38231.txt,"Scripts Genie Classified Ultra - SQL Injection / Cross-site Scripting",2013-01-20,3spi0n,php,webapps,0 38232,platforms/linux/local/38232.txt,"GNU Coreutils 'sort' Text Utility - Buffer Overflow",2013-01-21,anonymous,linux,local,0 38233,platforms/hardware/remote/38233.txt,"F5 Networks BIG-IP - XML External Entity Injection",2013-01-21,anonymous,hardware,remote,0 38234,platforms/php/webapps/38234.txt,"DigiLIBE - Execution-After-Redirect Information Disclosure",2013-01-22,"Robert Gilbert",php,webapps,0 -38235,platforms/jsp/webapps/38235.txt,"Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities",2013-01-22,"Christy Philip Mathew",jsp,webapps,0 -38236,platforms/php/webapps/38236.txt,"gpEasy CMS - 'section' Parameter Cross-Site Scripting",2013-01-23,"High-Tech Bridge SA",php,webapps,0 +38235,platforms/jsp/webapps/38235.txt,"Perforce P4Web - Multiple Cross-site Scripting Vulnerabilities",2013-01-22,"Christy Philip Mathew",jsp,webapps,0 +38236,platforms/php/webapps/38236.txt,"gpEasy CMS - 'section' Parameter Cross-site Scripting",2013-01-23,"High-Tech Bridge SA",php,webapps,0 38237,platforms/php/webapps/38237.txt,"WordPress Chocolate WP Theme - Multiple Security Vulnerabilities",2013-01-23,"Eugene Dokukin",php,webapps,0 38238,platforms/php/webapps/38238.txt,"PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injection",2013-01-25,AkaStep,php,webapps,0 38239,platforms/lin_x86-64/shellcode/38239.asm,"Linux/x86-64 - execve Shellcode (22 bytes)",2015-09-18,d4sh&r,lin_x86-64,shellcode,0 @@ -34540,7 +34540,7 @@ id,file,description,date,author,platform,type,port 38248,platforms/multiple/remote/38248.txt,"Multiple Hunt CCTV - Information Disclosure",2013-01-29,"Alejandro Ramos",multiple,remote,0 38249,platforms/multiple/dos/38249.txt,"MiniUPnP - Multiple Denial of Service Vulnerabilities",2012-01-28,Rapid7,multiple,dos,0 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0 -38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0 +38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-site Scripting",2013-01-24,hiphop,php,webapps,0 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21 38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Post-Auth CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 38255,platforms/php/webapps/38255.txt,"Kirby CMS 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80 @@ -34580,45 +34580,45 @@ id,file,description,date,author,platform,type,port 38292,platforms/php/webapps/38292.txt,"refbase 0.9.6 - Multiple Vulnerabilities",2015-09-23,"Mohab Ali",php,webapps,0 38294,platforms/php/webapps/38294.txt,"ezStats2 - 'style.php' Local File Inclusion",2013-02-06,L0n3ly-H34rT,php,webapps,0 38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter XSS",2013-02-06,L0n3ly-H34rT,php,webapps,0 -38296,platforms/php/webapps/38296.txt,"WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 -38297,platforms/php/webapps/38297.txt,"WordPress Wysija Newsletters Plugin - Multiple SQL Injection",2013-02-06,"High-Tech Bridge",php,webapps,0 +38296,platforms/php/webapps/38296.txt,"WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 +38297,platforms/php/webapps/38297.txt,"WordPress Wysija Newsletters Plugin - Multiple SQL Injections",2013-02-06,"High-Tech Bridge",php,webapps,0 38298,platforms/linux/local/38298.txt,"xNBD - '/tmp/xnbd.log' Insecure Temporary File Handling",2013-02-06,"Sebastian Pipping",linux,local,0 38299,platforms/windows/local/38299.c,"Symantec Encryption Desktop 10 - Local Buffer Overflow Privilege Escalation",2012-02-25,"Nikita Tarakanov",windows,local,0 -38300,platforms/php/webapps/38300.txt,"WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting",2013-01-31,hiphop,php,webapps,0 -38301,platforms/php/webapps/38301.txt,"WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 +38300,platforms/php/webapps/38300.txt,"WordPress Audio Player Plugin - 'playerID' Parameter Cross-site Scripting",2013-01-31,hiphop,php,webapps,0 +38301,platforms/php/webapps/38301.txt,"WordPress Pinboard Theme - 'tab' Parameter Cross-site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 38302,platforms/multiple/remote/38302.rb,"w3tw0rk / Pitbul IRC Bot - Remote Code Execution",2015-09-23,Metasploit,multiple,remote,6667 38303,platforms/osx/local/38303.c,"Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script",2015-09-23,"Yorick Koster",osx,local,0 38304,platforms/php/webapps/38304.py,"SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit",2015-09-24,"Filippo Roncari",php,webapps,0 38447,platforms/multiple/local/38447.pl,"libsndfile 1.0.25 - Heap Overflow",2015-10-13,"Marco Romano",multiple,local,0 38307,platforms/win_x86/dos/38307.txt,"Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 -38308,platforms/hardware/remote/38308.txt,"TP-LINK TL-WR2543ND Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 -38309,platforms/php/webapps/38309.txt,"osCommerce - Cross-Site Request Forgery",2013-02-12,"Jakub Galczyk",php,webapps,0 +38308,platforms/hardware/remote/38308.txt,"TP-LINK TL-WR2543ND Admin Panel - Multiple Cross-site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 +38309,platforms/php/webapps/38309.txt,"osCommerce - Cross-site Request Forgery",2013-02-12,"Jakub Galczyk",php,webapps,0 38310,platforms/android/remote/38310.c,"Android 2.3.5 - PowerVR SGX Driver Information Disclosure",2011-11-03,"Geremy Condra",android,remote,0 38311,platforms/php/webapps/38311.txt,"BlackNova Traders - 'news.php' SQL Injection",2013-02-12,ITTIHACK,php,webapps,0 -38312,platforms/php/webapps/38312.txt,"AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2013-02-14,LiquidWorm,php,webapps,0 +38312,platforms/php/webapps/38312.txt,"AbanteCart - 'index.php' Multiple Cross-site Scripting Vulnerabilities",2013-02-14,LiquidWorm,php,webapps,0 38313,platforms/multiple/remote/38313.html,"Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities",2013-02-14,"Benjamin Kunz Mejri",multiple,remote,0 38314,platforms/php/webapps/38314.txt,"WordPress NextGEN Gallery Plugin - Path Disclosure",2013-02-14,"Henrique Montenegro",php,webapps,0 -38315,platforms/php/webapps/38315.txt,"Sonar - Multiple Cross-Site Scripting Vulnerabilities",2013-02-12,DevilTeam,php,webapps,0 +38315,platforms/php/webapps/38315.txt,"Sonar - Multiple Cross-site Scripting Vulnerabilities",2013-02-12,DevilTeam,php,webapps,0 38316,platforms/cgi/webapps/38316.txt,"FortiManager 5.2.2 - Persistent XSS",2015-09-25,hyp3rlinx,cgi,webapps,0 38317,platforms/windows/dos/38317.txt,"FreshFTP 5.52 - .qfl Crash PoC",2015-09-25,Un_N0n,windows,dos,0 -38318,platforms/asp/webapps/38318.txt,"MIMEsweeper For SMTP - Multiple Cross-Site Scripting Vulnerabilities",2013-02-18,"Anastasios Monachos",asp,webapps,0 +38318,platforms/asp/webapps/38318.txt,"MIMEsweeper For SMTP - Multiple Cross-site Scripting Vulnerabilities",2013-02-18,"Anastasios Monachos",asp,webapps,0 38319,platforms/windows/local/38319.py,"WinRar 5.21 - SFX OLE Command Execution",2015-09-25,R-73eN,windows,local,0 -38320,platforms/php/webapps/38320.txt,"Squirrelcart - 'table' Parameter Cross-Site Scripting",2013-02-19,"Gjoko Krstic",php,webapps,0 -38321,platforms/php/webapps/38321.txt,"X2Engine 4.2 - CSRF",2015-09-25,Portcullis,php,webapps,80 -38322,platforms/php/webapps/38322.txt,"CKEditor - 'posteddata.php' Cross-Site Scripting",2013-02-19,AkaStep,php,webapps,0 +38320,platforms/php/webapps/38320.txt,"Squirrelcart - 'table' Parameter Cross-site Scripting",2013-02-19,"Gjoko Krstic",php,webapps,0 +38321,platforms/php/webapps/38321.txt,"X2Engine 4.2 - Cross-site Request Forgery",2015-09-25,Portcullis,php,webapps,80 +38322,platforms/php/webapps/38322.txt,"CKEditor - 'posteddata.php' Cross-site Scripting",2013-02-19,AkaStep,php,webapps,0 38323,platforms/php/webapps/38323.txt,"X2Engine 4.2 - Arbitrary File Upload",2015-09-25,Portcullis,php,webapps,80 -38324,platforms/php/webapps/38324.txt,"WordPress Pretty Link Plugin - Cross-Site Scripting",2013-02-20,hiphop,php,webapps,0 -38325,platforms/windows/remote/38325.txt,"Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery",2013-02-18,QSecure,windows,remote,0 +38324,platforms/php/webapps/38324.txt,"WordPress Pretty Link Plugin - Cross-site Scripting",2013-02-20,hiphop,php,webapps,0 +38325,platforms/windows/remote/38325.txt,"Alt-N MDaemon WorldClient And WebAdmin - Cross-site Request Forgery",2013-02-18,QSecure,windows,remote,0 38326,platforms/php/webapps/38326.txt,"Zenphoto - 'index.php' SQL Injection",2013-02-20,HosseinNsn,php,webapps,0 -38327,platforms/php/webapps/38327.txt,"PHPmyGallery 1.5 - Local File Disclosure / Cross-Site Scripting",2013-02-21,TheMirkin,php,webapps,0 -38328,platforms/php/webapps/38328.txt,"OpenEMR - 'site' Parameter Cross-Site Scripting",2013-02-21,"Gjoko Krstic",php,webapps,0 -38329,platforms/php/webapps/38329.txt,"ZeroClipboard 1.9.x - 'id' Parameter Cross-Site Scripting",2013-02-20,MustLive,php,webapps,0 +38327,platforms/php/webapps/38327.txt,"PHPmyGallery 1.5 - Local File Disclosure / Cross-site Scripting",2013-02-21,TheMirkin,php,webapps,0 +38328,platforms/php/webapps/38328.txt,"OpenEMR - 'site' Parameter Cross-site Scripting",2013-02-21,"Gjoko Krstic",php,webapps,0 +38329,platforms/php/webapps/38329.txt,"ZeroClipboard 1.9.x - 'id' Parameter Cross-site Scripting",2013-02-20,MustLive,php,webapps,0 38330,platforms/windows/remote/38330.txt,"Photodex ProShow Producer - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-02-23,"Julien Ahrens",windows,remote,0 -38331,platforms/php/webapps/38331.txt,"WordPress Smart Flv Plugin - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 -38332,platforms/php/webapps/38332.txt,"Batavi - 'index.php' Cross-Site Scripting",2013-03-01,Dognaedis,php,webapps,0 +38331,platforms/php/webapps/38331.txt,"WordPress Smart Flv Plugin - 'jwplayer.swf' Multiple Cross-site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 +38332,platforms/php/webapps/38332.txt,"Batavi - 'index.php' Cross-site Scripting",2013-03-01,Dognaedis,php,webapps,0 38333,platforms/php/webapps/38333.txt,"phpMyRecipes - Multiple HTML Injection Vulnerabilities",2013-02-25,PDS,php,webapps,0 -38334,platforms/jsp/webapps/38334.txt,"JForum - 'jforum.page' Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,ZeroDayLab,jsp,webapps,0 -38335,platforms/php/webapps/38335.txt,"Geeklog - Cross-Site Scripting",2013-02-27,"High-Tech Bridge",php,webapps,0 +38334,platforms/jsp/webapps/38334.txt,"JForum - 'jforum.page' Multiple Cross-site Scripting Vulnerabilities",2013-02-26,ZeroDayLab,jsp,webapps,0 +38335,platforms/php/webapps/38335.txt,"Geeklog - Cross-site Scripting",2013-02-27,"High-Tech Bridge",php,webapps,0 38336,platforms/windows/dos/38336.py,"Git-1.9.5 - ssh-agent.exe Buffer Overflow",2015-09-28,hyp3rlinx,windows,dos,0 38337,platforms/ios/dos/38337.txt,"Telegram 3.2 - Input Length Handling Crash PoC",2015-09-28,"Mohammad Reza Espargham",ios,dos,0 38338,platforms/jsp/webapps/38338.txt,"Mango Automation 2.6.0 - Multiple Vulnerabilities",2015-09-28,LiquidWorm,jsp,webapps,80 @@ -34638,11 +34638,11 @@ id,file,description,date,author,platform,type,port 38352,platforms/windows/remote/38352.rb,"ManageEngine EventLog Analyzer - Remote Code Execution",2015-09-29,Metasploit,windows,remote,8400 38353,platforms/linux/local/38353.txt,"Apport 2.19 (Ubuntu 15.04) - Local Privilege Escalation",2015-09-29,halfdog,linux,local,0 38354,platforms/php/webapps/38354.txt,"Plogger - Multiple Input Validation Vulnerabilities",2013-03-02,"Saadat Ullah",php,webapps,0 -38355,platforms/php/webapps/38355.txt,"WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting",2013-03-01,CodeV,php,webapps,0 +38355,platforms/php/webapps/38355.txt,"WordPress Uploader Plugin - 'blog' Parameter Cross-site Scripting",2013-03-01,CodeV,php,webapps,0 38356,platforms/hardware/remote/38356.txt,"Foscam < 11.37.2.49 - Directory Traversal",2013-03-01,"Frederic Basse",hardware,remote,0 38357,platforms/linux/local/38357.c,"rpi-update - Insecure Temporary File Handling and Security Bypass Vulnerabilities",2013-02-28,Technion,linux,local,0 -38358,platforms/java/webapps/38358.txt,"HP Intelligent Management Center - 'topoContent.jsf' Cross-Site Scripting",2013-03-04,"Julien Ahrens",java,webapps,0 -38359,platforms/php/webapps/38359.txt,"WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 +38358,platforms/java/webapps/38358.txt,"HP Intelligent Management Center - 'topoContent.jsf' Cross-site Scripting",2013-03-04,"Julien Ahrens",java,webapps,0 +38359,platforms/php/webapps/38359.txt,"WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 38360,platforms/osx/local/38360.txt,"Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit",2015-09-30,cenobyte,osx,local,0 38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel - Remote Code Execution",2015-10-05,Metasploit,multiple,remote,0 38401,platforms/windows/remote/38401.rb,"Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload",2015-10-05,Metasploit,windows,remote,0 @@ -34651,19 +34651,19 @@ id,file,description,date,author,platform,type,port 38364,platforms/multiple/dos/38364.txt,"Varnish Cache - Multiple Denial of Service Vulnerabilities",2013-03-05,tytusromekiatomek,multiple,dos,0 38365,platforms/linux/dos/38365.txt,"Squid - 'httpMakeVaryMark()' Function Remote Denial of Service",2013-03-05,tytusromekiatomek,linux,dos,0 38366,platforms/multiple/webapps/38366.py,"Verax NMS - Multiple Method Authentication Bypass",2013-02-06,"Andrew Brooks",multiple,webapps,0 -38367,platforms/php/webapps/38367.txt,"Your Own Classifieds - Cross-Site Scripting",2013-03-08,"Rafay Baloch",php,webapps,0 -38368,platforms/multiple/remote/38368.txt,"McAfee Vulnerability Manager - 'cert_cn' Parameter Cross-Site Scripting",2013-03-08,"Asheesh Anaconda",multiple,remote,0 +38367,platforms/php/webapps/38367.txt,"Your Own Classifieds - Cross-site Scripting",2013-03-08,"Rafay Baloch",php,webapps,0 +38368,platforms/multiple/remote/38368.txt,"McAfee Vulnerability Manager - 'cert_cn' Parameter Cross-site Scripting",2013-03-08,"Asheesh Anaconda",multiple,remote,0 38369,platforms/hardware/webapps/38369.txt,"Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection",2015-10-01,neom22,hardware,webapps,0 38370,platforms/hardware/remote/38370.txt,"PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities",2015-10-01,"Karn Ganeshen",hardware,remote,0 38371,platforms/osx/local/38371.py,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 -38372,platforms/php/webapps/38372.html,"Question2Answer - Cross-Site Request Forgery",2013-03-01,MustLive,php,webapps,0 +38372,platforms/php/webapps/38372.html,"Question2Answer - Cross-site Request Forgery",2013-03-01,MustLive,php,webapps,0 38373,platforms/php/webapps/38373.txt,"WordPress Terillion Reviews Plugin Profile Id - HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 -38374,platforms/php/webapps/38374.txt,"SWFUpload - Multiple Content Spoofing And Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 -38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Parameter Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 -38376,platforms/php/webapps/38376.txt,"WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting",2013-03-11,hiphop,php,webapps,0 +38374,platforms/php/webapps/38374.txt,"SWFUpload - Multiple Content Spoofing And Cross-site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 +38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Parameter Cross-site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 +38376,platforms/php/webapps/38376.txt,"WordPress podPress Plugin - 'playerID' Parameter Cross-site Scripting",2013-03-11,hiphop,php,webapps,0 38377,platforms/php/webapps/38377.txt,"Privoxy Proxy - Authentication Information Disclosure Vulnerabilities",2013-03-11,"Chris John Riley",php,webapps,0 38379,platforms/windows/webapps/38379.txt,"FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities",2015-10-02,hyp3rlinx,windows,webapps,0 -38380,platforms/windows/webapps/38380.txt,"FTGate 7 - CSRF",2015-10-02,hyp3rlinx,windows,webapps,0 +38380,platforms/windows/webapps/38380.txt,"FTGate 7 - Cross-site Request Forgery",2015-10-02,hyp3rlinx,windows,webapps,0 38381,platforms/windows/local/38381.py,"WinRar < 5.30 beta 4 - Settings Import Command Execution",2015-10-02,R-73eN,windows,local,0 38382,platforms/windows/local/38382.py,"ASX to MP3 Converter 1.82.50 - .asx Stack Overflow",2015-10-02,ex_ptr,windows,local,0 38383,platforms/linux/webapps/38383.py,"ElasticSearch 1.6.0 - Arbitrary File Download",2015-10-02,"Pedro Andujar",linux,webapps,9200 @@ -34674,29 +34674,29 @@ id,file,description,date,author,platform,type,port 38388,platforms/windows/remote/38388.txt,"QlikView - '.qvw' File Remote Integer Overflow",2013-03-13,"A. Antukh",windows,remote,0 38389,platforms/hardware/remote/38389.txt,"Cisco Video Surveillance Operations Manager - Multiple Security Vulnerabilities",2013-03-13,b.saleh,hardware,remote,0 38390,platforms/linux/local/38390.c,"Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation",2013-03-13,"Sebastian Krahmer",linux,local,0 -38391,platforms/php/webapps/38391.txt,"Petite Annonce - Cross-Site Scripting",2013-03-14,Metropolis,php,webapps,0 +38391,platforms/php/webapps/38391.txt,"Petite Annonce - Cross-site Scripting",2013-03-14,Metropolis,php,webapps,0 38392,platforms/linux/dos/38392.txt,"MySQL / MariaDB - Geometry Query Denial Of Service",2013-03-07,"Alyssa Milburn",linux,dos,0 -38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 +38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin - Cross-site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 38394,platforms/windows/remote/38394.py,"BlazeVideo HDTV Player Standard - '.PLF' File Remote Buffer Overflow",2013-03-19,metacom,windows,remote,0 38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus 9.1 build 9110 - Path Traversal",2015-10-05,xistence,jsp,webapps,8080 38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 - 'returnTo' Parameter Open Redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 -38537,platforms/php/webapps/38537.txt,"WordPress ADIF Log Search Widget Plugin - 'logbook_search.php' Cross-Site Scripting",2013-05-27,k3170makan,php,webapps,0 +38537,platforms/php/webapps/38537.txt,"WordPress ADIF Log Search Widget Plugin - 'logbook_search.php' Cross-site Scripting",2013-05-27,k3170makan,php,webapps,0 38399,platforms/windows/dos/38399.py,"LanSpy 2.0.0.155 - Buffer Overflow",2015-10-05,hyp3rlinx,windows,dos,0 -38400,platforms/php/webapps/38400.txt,"AlienVault OSSIM 4.3 - CSRF",2015-10-05,"MohamadReza Mohajerani",php,webapps,0 +38400,platforms/php/webapps/38400.txt,"AlienVault OSSIM 4.3 - Cross-site Request Forgery",2015-10-05,"MohamadReza Mohajerani",php,webapps,0 38403,platforms/win_x86/local/38403.txt,"Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation",2015-10-05,"Google Security Research",win_x86,local,0 38404,platforms/windows/dos/38404.py,"LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow",2015-10-06,hyp3rlinx,windows,dos,0 38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack-Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0 38406,platforms/php/webapps/38406.txt,"PHP-Fusion v7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0 38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - RCE Through File Upload Filter Bypass",2015-10-06,"Raffaele Forte",php,webapps,0 -38408,platforms/php/webapps/38408.txt,"Jaow CMS - 'add_ons' Parameter Cross-Site Scripting",2013-03-23,Metropolis,php,webapps,0 +38408,platforms/php/webapps/38408.txt,"Jaow CMS - 'add_ons' Parameter Cross-site Scripting",2013-03-23,Metropolis,php,webapps,0 38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N - Unauthenticated Config Download",2015-10-06,"Todor Donev",hardware,webapps,0 38410,platforms/php/webapps/38410.txt,"WordPress Banners Lite Plugin - 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0 -38411,platforms/python/webapps/38411.txt,"Zope Management Interface 4.3.7 - CSRF",2015-10-07,hyp3rlinx,python,webapps,0 -38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 -38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 -38414,platforms/php/webapps/38414.txt,"WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 -38415,platforms/asp/webapps/38415.txt,"C2 WebResource - 'File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 -38416,platforms/php/webapps/38416.txt,"e107 - 'content_preset.php' Cross-Site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 +38411,platforms/python/webapps/38411.txt,"Zope Management Interface 4.3.7 - Cross-site Request Forgery",2015-10-07,hyp3rlinx,python,webapps,0 +38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 +38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory - Multiple Cross-site Scripting Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 +38414,platforms/php/webapps/38414.txt,"WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 +38415,platforms/asp/webapps/38415.txt,"C2 WebResource - 'File' Parameter Cross-site Scripting",2013-04-03,anonymous,asp,webapps,0 +38416,platforms/php/webapps/38416.txt,"e107 - 'content_preset.php' Cross-site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 38417,platforms/php/webapps/38417.txt,"Symphony - 'sort' Parameter SQL Injection",2013-04-03,"High-Tech Bridge",php,webapps,0 38418,platforms/php/webapps/38418.txt,"FUDforum - Multiple Remote PHP Code Injection Vulnerabilities",2013-04-03,"High-Tech Bridge",php,webapps,0 38419,platforms/windows/dos/38419.txt,"SmallFTPD - Unspecified Denial of Service",2013-04-03,AkaStep,windows,dos,0 @@ -34716,13 +34716,13 @@ id,file,description,date,author,platform,type,port 38433,platforms/php/webapps/38433.txt,"PHP Address Book - /addressbook/register/user_add_save.php email Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38434,platforms/php/webapps/38434.txt,"PHP Address Book - /addressbook/register/checklogin.php username Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38435,platforms/php/webapps/38435.txt,"PHP Address Book - /addressbook/register/admin_index.php q Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38436,platforms/php/webapps/38436.txt,"Zimbra - 'aspell.php' Cross-Site Scripting",2013-04-05,"Michael Scherer",php,webapps,0 -38437,platforms/hardware/remote/38437.txt,"Multiple Foscam IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-04-09,shekyan,hardware,remote,0 +38436,platforms/php/webapps/38436.txt,"Zimbra - 'aspell.php' Cross-site Scripting",2013-04-05,"Michael Scherer",php,webapps,0 +38437,platforms/hardware/remote/38437.txt,"Multiple Foscam IP Cameras - Multiple Cross-site Request Forgery Vulnerabilities",2013-04-09,shekyan,hardware,remote,0 38438,platforms/php/webapps/38438.txt,"EasyPHP - 'index.php' Authentication Bypass and Remote PHP Code Injection",2013-04-09,KedAns-Dz,php,webapps,0 -38439,platforms/php/webapps/38439.txt,"WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 -38440,platforms/php/webapps/38440.txt,"phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities",2013-04-09,waraxe,php,webapps,0 +38439,platforms/php/webapps/38439.txt,"WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 +38440,platforms/php/webapps/38440.txt,"phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-site Scripting Vulnerabilities",2013-04-09,waraxe,php,webapps,0 38441,platforms/php/webapps/38441.txt,"WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection",2013-04-10,"Ashiyane Digital Security Team",php,webapps,0 -38442,platforms/php/dos/38442.txt,"PHPMyLicense 3.0.0 < 3.1.4 - DoS",2015-10-11,"Aria Akhavan Rezayat",php,dos,0 +38442,platforms/php/dos/38442.txt,"PHPMyLicense 3.0.0 < 3.1.4 - Denial of Service",2015-10-11,"Aria Akhavan Rezayat",php,dos,0 38443,platforms/php/webapps/38443.txt,"Liferay 6.1.0 CE - Privilege Escalation",2015-10-11,"Massimo De Luca",php,webapps,0 38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 - 3.11.12 (.m3u) Denial of service (Crush application)",2015-10-11,"mohammed Mohammed",win_x86,dos,0 38445,platforms/php/webapps/38445.txt,"Joomla Real Estate Manager Component 3.7 - SQL injection",2015-10-11,"Omer Ramić",php,webapps,0 @@ -34740,7 +34740,7 @@ id,file,description,date,author,platform,type,port 38459,platforms/php/webapps/38459.txt,"Request Tracker - 'ShowPending' Parameter SQL Injection",2013-04-11,cheki,php,webapps,0 38452,platforms/windows/local/38452.txt,"CDex Genre 1.79 - Stack Buffer Overflow",2015-10-13,Un_N0n,windows,local,0 38453,platforms/hardware/remote/38453.txt,"ZHONE < S3.0.501 - Multiple Vulnerabilities",2015-10-13,"Lyon Yang",hardware,remote,0 -38460,platforms/jsp/webapps/38460.txt,"jPlayer - 'Jplayer.swf' Script Cross-Site Scripting",2013-03-29,"Malte Batram",jsp,webapps,0 +38460,platforms/jsp/webapps/38460.txt,"jPlayer - 'Jplayer.swf' Script Cross-site Scripting",2013-03-29,"Malte Batram",jsp,webapps,0 38461,platforms/java/webapps/38461.txt,"Hero Framework - /users/login username Parameter XSS",2013-04-10,"High-Tech Bridge",java,webapps,0 38462,platforms/java/webapps/38462.txt,"Hero Framework - /users/forgot_password error Parameter XSS",2013-04-10,"High-Tech Bridge",java,webapps,0 38463,platforms/multiple/webapps/38463.txt,"Aibolit - Information Disclosure",2013-04-13,MustLive,multiple,webapps,0 @@ -34754,9 +34754,9 @@ id,file,description,date,author,platform,type,port 38473,platforms/linux/local/38473.py,"Linux 3.17 - noexec File Permission Bypass (Python ctypes and memfd_create)",2015-10-15,soyer,linux,local,0 38474,platforms/windows/local/38474.txt,"Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)",2015-10-15,"Google Security Research",windows,local,0 38478,platforms/php/webapps/38478.txt,"Sosci Survey - Multiple Security Vulnerabilities",2013-04-17,"T. Lazauninkas",php,webapps,0 -38479,platforms/asp/webapps/38479.txt,"Matrix42 Service Store - 'default.aspx' Cross-Site Scripting",2013-03-06,43zsec,asp,webapps,0 +38479,platforms/asp/webapps/38479.txt,"Matrix42 Service Store - 'default.aspx' Cross-site Scripting",2013-03-06,43zsec,asp,webapps,0 38480,platforms/php/webapps/38480.txt,"Fork CMS - 'file' Parameter Local File Inclusion",2013-04-18,"Rafay Baloch",php,webapps,0 -38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L - Cross-Site Request Forgery",2013-04-19,"Jacob Holcomb",hardware,remote,0 +38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L - Cross-site Request Forgery",2013-04-19,"Jacob Holcomb",hardware,remote,0 38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Path Disclosure",2013-04-19,ITTIHACK,php,webapps,0 38483,platforms/hardware/dos/38483.txt,"TP-LINK TL-WR741N / TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 38484,platforms/php/webapps/38484.rb,"WordPress Ajax Load More Plugin < 2.8.2 - File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 @@ -34767,10 +34767,10 @@ id,file,description,date,author,platform,type,port 38489,platforms/php/remote/38489.rb,"Nibbleblog - File Upload",2015-10-19,Metasploit,php,remote,0 38490,platforms/multiple/dos/38490.txt,"Adobe Flash IExternalizable.writeExternal - Type Confusion",2015-10-19,"Google Security Research",multiple,dos,0 38491,platforms/php/webapps/38491.php,"SMF - 'index.php' HTML injection / Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0 -38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router - Cross-Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 +38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router - Cross-site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 38493,platforms/hardware/dos/38493.txt,"Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities",2013-04-23,"Carl Benedict",hardware,dos,0 38494,platforms/php/webapps/38494.txt,"WordPress WP Super Cache Plugin - Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 -38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router - Cross-Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 +38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router - Cross-site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple CSRF / Persistent XSS Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0 38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0 38498,platforms/windows/dos/38498.py,"Elecard MPEG Player - '.m3u' File Buffer Overflow",2013-04-27,metacom,windows,dos,0 @@ -34783,27 +34783,27 @@ id,file,description,date,author,platform,type,port 38505,platforms/php/remote/38505.rb,"Zpanel - Remote Unauthenticated RCE",2015-10-21,Metasploit,php,remote,0 38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter XSS",2013-05-07,"M. Heinzl",php,webapps,0 38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter XSS",2013-05-07,"M. Heinzl",php,webapps,0 -38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 -38509,platforms/php/webapps/38509.txt,"Securimage - 'example_form.php' Cross-Site Scripting",2013-05-10,"Gjoko Krstic",php,webapps,0 -38510,platforms/php/webapps/38510.txt,"WordPress Securimage-WP Plugin - 'siwp_test.php' Cross-Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 +38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 +38509,platforms/php/webapps/38509.txt,"Securimage - 'example_form.php' Cross-site Scripting",2013-05-10,"Gjoko Krstic",php,webapps,0 +38510,platforms/php/webapps/38510.txt,"WordPress Securimage-WP Plugin - 'siwp_test.php' Cross-site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 38511,platforms/php/webapps/38511.txt,"Gallery Server Pro - Arbitrary File Upload",2013-05-14,"Drew Calcott",php,webapps,0 38512,platforms/windows/remote/38512.php,"The World Browser 3.0 Final - Remote Code Execution",2015-10-22,"Ehsan Noreddini",windows,remote,0 38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - RFI to RCE Exploit",2015-10-22,Scurippio,windows,remote,0 38514,platforms/hardware/webapps/38514.py,"Beckhoff CX9020 CPU Module - Remote Code Execution Exploit",2015-10-22,Photubias,hardware,webapps,0 38515,platforms/php/webapps/38515.txt,"WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download",2013-05-15,ByEge,php,webapps,0 -38516,platforms/php/webapps/38516.txt,"Open Flash Chart - 'get-data' Parameter Cross-Site Scripting",2013-05-14,"Deepankar Arora",php,webapps,0 -38517,platforms/php/webapps/38517.html,"WordPress Mail On Update Plugin - Cross-Site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 -38518,platforms/php/webapps/38518.txt,"Jojo CMS - 'search' Parameter Cross-Site Scripting",2013-05-15,"High-Tech Bridge SA",php,webapps,0 +38516,platforms/php/webapps/38516.txt,"Open Flash Chart - 'get-data' Parameter Cross-site Scripting",2013-05-14,"Deepankar Arora",php,webapps,0 +38517,platforms/php/webapps/38517.html,"WordPress Mail On Update Plugin - Cross-site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 +38518,platforms/php/webapps/38518.txt,"Jojo CMS - 'search' Parameter Cross-site Scripting",2013-05-15,"High-Tech Bridge SA",php,webapps,0 38519,platforms/php/webapps/38519.txt,"Jojo CMS - 'X-Forwarded-For' HTTP header SQL Injection",2013-05-15,"High-Tech Bridge SA",php,webapps,0 -38520,platforms/php/webapps/38520.html,"WordPress WP Cleanfix Plugin - Cross-Site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 +38520,platforms/php/webapps/38520.html,"WordPress WP Cleanfix Plugin - Cross-site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 38521,platforms/multiple/remote/38521.c,"Python RRDtool Module - Function Format String",2013-05-18,"Thomas Pollet",multiple,remote,0 38522,platforms/linux/remote/38522.txt,"Acme thttpd HTTP Server - Directory Traversal",2013-05-19,Metropolis,linux,remote,0 -38523,platforms/php/webapps/38523.txt,"Weyal CMS - Multiple SQL Injection",2013-05-23,XroGuE,php,webapps,0 +38523,platforms/php/webapps/38523.txt,"Weyal CMS - Multiple SQL Injections",2013-05-23,XroGuE,php,webapps,0 38524,platforms/php/webapps/38524.pl,"Matterdaddy Market - Multiple Security Vulnerabilities",2013-05-24,KedAns-Dz,php,webapps,0 38525,platforms/php/webapps/38525.txt,"Subrion 3.X.X - Multiple Vulnerabilities",2015-10-23,bRpsd,php,webapps,0 38526,platforms/windows/remote/38526.py,"Easy File Sharing Web Server 7.2 - Remote SEH Based Overflow",2015-10-23,Audit0r,windows,remote,0 -38527,platforms/php/webapps/38527.txt,"Realtyna RPL Joomla Extension 8.9.2 - Multiple SQL Injection",2015-10-23,"Bikramaditya Guha",php,webapps,0 -38528,platforms/php/webapps/38528.txt,"Realtyna RPL Joomla Extension 8.9.2 - Persistent XSS / CSRF",2015-10-23,"Bikramaditya Guha",php,webapps,0 +38527,platforms/php/webapps/38527.txt,"Realtyna RPL Joomla Extension 8.9.2 - Multiple SQL Injections",2015-10-23,"Bikramaditya Guha",php,webapps,0 +38528,platforms/php/webapps/38528.txt,"Realtyna RPL Joomla Extension 8.9.2 - Persistent XSS / Cross-site Request Forgery",2015-10-23,"Bikramaditya Guha",php,webapps,0 38572,platforms/php/webapps/38572.txt,"PHP Server Monitor 3.1.1 - Multiple CSRF Vulnerabilities",2015-10-30,hyp3rlinx,php,webapps,0 38532,platforms/windows/local/38532.py,"Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR + DEP bypass)",2015-10-25,g00dv1n,windows,local,0 38533,platforms/windows/local/38533.c,"Windows 10 - pcap Driver Local Privilege Escalation",2015-10-26,Rootkitsmm,windows,local,0 @@ -34811,12 +34811,12 @@ id,file,description,date,author,platform,type,port 38535,platforms/osx/remote/38535.rb,"Safari - User-Assisted Applescript Exec Attack",2015-10-26,Metasploit,osx,remote,0 38538,platforms/multiple/dos/38538.py,"Code::Blocks - Denial of Service",2013-05-29,ariarat,multiple,dos,0 38644,platforms/windows/remote/38644.txt,"Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 -38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - CSRF",2015-11-06,hyp3rlinx,jsp,webapps,0 +38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - Cross-site Request Forgery",2015-11-06,hyp3rlinx,jsp,webapps,0 38540,platforms/osx/local/38540.rb,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 38541,platforms/php/remote/38541.rb,"Th3 MMA - mma.php Backdoor Arbitrary File Upload",2015-10-27,Metasploit,php,remote,80 38543,platforms/php/webapps/38543.txt,"php4dvd - 'config.php' PHP Code Injection",2012-05-31,"CWH Underground",php,webapps,0 -38544,platforms/php/webapps/38544.txt,"Elastix - Multiple Cross-Site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 -38545,platforms/php/webapps/38545.txt,"Telaen 2.7.x - Cross-Site Scripting",2013-06-04,"Manuel García Cárdenas",php,webapps,0 +38544,platforms/php/webapps/38544.txt,"Elastix - Multiple Cross-site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 +38545,platforms/php/webapps/38545.txt,"Telaen 2.7.x - Cross-site Scripting",2013-06-04,"Manuel García Cárdenas",php,webapps,0 38546,platforms/php/webapps/38546.txt,"Telaen 2.7.x - Open Redirection",2013-06-04,"Manuel García Cárdenas",php,webapps,0 38547,platforms/php/webapps/38547.txt,"CMS Gratis Indonesia - 'config.php' PHP Code Injection",2013-06-04,"CWH Underground",php,webapps,0 38548,platforms/php/webapps/38548.txt,"Telaen - Information Disclosure",2013-06-03,"Manuel García Cárdenas",php,webapps,0 @@ -34831,14 +34831,14 @@ id,file,description,date,author,platform,type,port 38558,platforms/android/dos/38558.txt,"Samsung - SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness",2015-10-28,"Google Security Research",android,dos,0 38559,platforms/linux/local/38559.txt,"Linux Kernel 3.3.5 - 'b43' Wireless Driver Local Privilege Escalation",2013-06-07,"Kees Cook",linux,local,0 38560,platforms/php/webapps/38560.txt,"Caucho Resin - /resin-admin/ URI XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 -38561,platforms/php/webapps/38561.txt,"Caucho Resin - index.php logout Parameter XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 +38561,platforms/php/webapps/38561.txt,"Caucho Resin - 'index.php' logout Parameter XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 38562,platforms/php/webapps/38562.txt,"HP Insight Diagnostics - Remote Code Injection",2013-06-10,"Markus Wulftange",php,webapps,0 38563,platforms/php/webapps/38563.txt,"HP Insight Diagnostics - Local File Inclusion",2013-06-10,"Markus Wulftange",php,webapps,0 38564,platforms/windows/dos/38564.py,"Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash PoC",2015-10-29,"Luis Martínez",windows,dos,0 38565,platforms/php/webapps/38565.txt,"Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 38566,platforms/hardware/dos/38566.py,"NetUSB - Kernel Stack Buffer Overflow",2015-10-29,"Adrián Ruiz Bermudo",hardware,dos,0 38567,platforms/php/webapps/38567.txt,"Max Forum - Multiple Security Vulnerabilities",2013-06-09,"CWH Underground",php,webapps,0 -38568,platforms/php/webapps/38568.txt,"WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting",2013-06-09,Darksnipper,php,webapps,0 +38568,platforms/php/webapps/38568.txt,"WordPress Ambience Theme - 'src' Parameter Cross-site Scripting",2013-06-09,Darksnipper,php,webapps,0 38569,platforms/php/webapps/38569.txt,"Lokboard - 'index_4.php' PHP Code Injection",2013-06-10,"CWH Underground",php,webapps,0 38570,platforms/php/webapps/38570.txt,"ScriptCase - 'scelta_categoria.php' SQL Injection",2013-06-10,"Hossein Hezami",php,webapps,0 38571,platforms/php/webapps/38571.txt,"mkCMS - 'index.php' Arbitrary PHP Code Execution",2013-06-11,"CWH Underground",php,webapps,0 @@ -34846,14 +34846,14 @@ id,file,description,date,author,platform,type,port 38574,platforms/php/webapps/38574.html,"PHP Server Monitor 3.1.1 - CSRF Privilege Escalation",2015-10-30,hyp3rlinx,php,webapps,0 38575,platforms/hardware/webapps/38575.txt,"Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution",2015-10-30,"Dolev Farhi",hardware,webapps,0 38576,platforms/aix/local/38576.sh,"AIX 7.1 - lquerylv Local Privilege Escalation",2015-10-30,"S2 Crew",aix,local,0 -38577,platforms/php/webapps/38577.txt,"Pligg CMS 2.0.2 - Multiple SQL Injection",2015-10-30,"Curesec Research Team",php,webapps,0 +38577,platforms/php/webapps/38577.txt,"Pligg CMS 2.0.2 - Multiple SQL Injections",2015-10-30,"Curesec Research Team",php,webapps,0 38578,platforms/php/webapps/38578.txt,"Pligg CMS 2.0.2 - Directory Traversal",2015-10-30,"Curesec Research Team",php,webapps,0 38579,platforms/php/webapps/38579.txt,"Pligg CMS 2.0.2 - CSRF Code Execution",2015-10-30,"Curesec Research Team",php,webapps,0 38580,platforms/windows/dos/38580.txt,"Windows - NtCreateLowBoxToken Handle Capture Local DoS/Elevation of Privilege (MS15-111)",2015-10-30,"Google Security Research",windows,dos,0 -38581,platforms/php/webapps/38581.txt,"Oxwall 1.7.4 - CSRF",2015-10-30,"High-Tech Bridge SA",php,webapps,0 -38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras - Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 -38583,platforms/hardware/remote/38583.html,"Sony CH / DH Series IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0 -38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras - Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 +38581,platforms/php/webapps/38581.txt,"Oxwall 1.7.4 - Cross-site Request Forgery",2015-10-30,"High-Tech Bridge SA",php,webapps,0 +38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras - Cross-site Request Forgery",2013-06-12,Castillo,hardware,remote,0 +38583,platforms/hardware/remote/38583.html,"Sony CH / DH Series IP Cameras - Multiple Cross-site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0 +38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras - Cross-site Request Forgery",2013-06-12,Castillo,hardware,remote,0 38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery Plugin - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 38586,platforms/android/remote/38586.txt,"TaxiMonger for Android - 'name' Parameter HTML Injection",2013-06-15,"Ismail Kaleem",android,remote,0 38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin - Security Bypass",2013-06-14,felipensp,multiple,remote,0 @@ -34865,7 +34865,7 @@ id,file,description,date,author,platform,type,port 38593,platforms/cgi/webapps/38593.txt,"FtpLocate - HTML Injection",2013-06-24,Chako,cgi,webapps,0 38594,platforms/php/webapps/38594.txt,"Barnraiser Prairie - 'get_file.php' Directory Traversal",2013-06-25,prairie,php,webapps,0 38595,platforms/multiple/dos/38595.txt,"Oracle VM VirtualBox 4.0 - 'tracepath' Local Denial of Service",2013-06-26,"Thomas Dreibholz",multiple,dos,0 -38596,platforms/php/webapps/38596.txt,"Xaraya - Multiple Cross-Site Scripting Vulnerabilities",2013-06-26,"High-Tech Bridge",php,webapps,0 +38596,platforms/php/webapps/38596.txt,"Xaraya - Multiple Cross-site Scripting Vulnerabilities",2013-06-26,"High-Tech Bridge",php,webapps,0 38597,platforms/multiple/remote/38597.txt,"Motion - Multiple Remote Security Vulnerabilities",2013-06-26,xistence,multiple,remote,0 38598,platforms/php/webapps/38598.txt,"ZamFoo - 'date' Parameter Remote Command Injection",2013-06-15,localhost.re,php,webapps,0 38599,platforms/win_x86/remote/38599.py,"Symantec pcAnywhere 12.5.0 Windows x86 - Remote Code Execution",2015-11-02,"Tomislav Paskalev",win_x86,remote,0 @@ -34874,10 +34874,10 @@ id,file,description,date,author,platform,type,port 38602,platforms/windows/webapps/38602.txt,"actiTIME 2015.2 - Multiple Vulnerabilities",2015-11-02,LiquidWorm,windows,webapps,0 38603,platforms/windows/local/38603.py,"TCPing 2.1.0 - Buffer Overflow",2015-11-02,hyp3rlinx,windows,local,0 38604,platforms/hardware/remote/38604.txt,"Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-06-28,"Benjamin Kunz Mejri",hardware,remote,0 -38605,platforms/php/webapps/38605.txt,"Nameko - 'nameko.php' Cross-Site Scripting",2013-06-29,"Andrea Menin",php,webapps,0 +38605,platforms/php/webapps/38605.txt,"Nameko - 'nameko.php' Cross-site Scripting",2013-06-29,"Andrea Menin",php,webapps,0 38606,platforms/php/webapps/38606.txt,"WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection",2013-06-29,"IeDb ir",php,webapps,0 38607,platforms/php/webapps/38607.txt,"Atomy Maxsite - 'index.php' Arbitrary File Upload",2013-06-30,Iranian_Dark_Coders_Team,php,webapps,0 -38608,platforms/php/webapps/38608.txt,"Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 +38608,platforms/php/webapps/38608.txt,"Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38609,platforms/windows/local/38609.py,"Gold MP4 Player - .swf Local Exploit",2015-11-03,"Vivek Mahajan",windows,local,0 38610,platforms/android/dos/38610.txt,"Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash",2015-11-03,"Google Security Research",android,dos,0 38611,platforms/android/dos/38611.txt,"Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption",2015-11-03,"Google Security Research",android,dos,0 @@ -34892,26 +34892,26 @@ id,file,description,date,author,platform,type,port 38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices - Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 38630,platforms/php/webapps/38630.html,"phpVibe - Information Disclosure / Remote File Inclusion",2013-07-06,indoushka,php,webapps,0 38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 -38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 +38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38622,platforms/linux/dos/38622.txt,"libvirt - 'virConnectListAllInterfaces' Method Denial of Service",2013-07-01,"Daniel P. Berrange",linux,dos,0 38623,platforms/multiple/dos/38623.html,"RealNetworks RealPlayer - Denial of Service",2013-07-02,"Akshaysinh Vaghela",multiple,dos,0 38624,platforms/php/webapps/38624.txt,"WordPress WP Feed Plugin - 'nid' Parameter SQL Injection",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 -38625,platforms/php/webapps/38625.txt,"WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 +38625,platforms/php/webapps/38625.txt,"WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-site Scripting",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 38626,platforms/multiple/dos/38626.py,"FileCOPA FTP Server - Remote Denial of Service",2013-07-01,Chako,multiple,dos,0 38627,platforms/android/remote/38627.sh,"Google Android - 'APK' code Remote Security Bypass",2013-07-03,"Bluebox Security",android,remote,0 38628,platforms/php/webapps/38628.txt,"HostBill - 'cpupdate.php' Authentication Bypass",2013-05-29,localhost.re,php,webapps,0 38629,platforms/php/webapps/38629.txt,"vBulletin 5.1.x - Pre-Auth Remote Code Execution Exploit (0Day)",2015-11-05,hhjj,php,webapps,0 -38642,platforms/php/webapps/38642.txt,"Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting",2013-07-12,"Omar Kurt",php,webapps,0 +38642,platforms/php/webapps/38642.txt,"Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-site Scripting",2013-07-12,"Omar Kurt",php,webapps,0 38633,platforms/multiple/remote/38633.pl,"Intelligent Platform Management Interface - Information Disclosure",2013-07-02,"Dan Farmer",multiple,remote,0 38634,platforms/ios/remote/38634.txt,"Air Drive Plus - Multiple Input Vallidation Vulnerabilities",2013-07-09,"Benjamin Kunz Mejri",ios,remote,0 38635,platforms/php/webapps/38635.txt,"iVote - 'details.php' SQL Injection",2013-07-10,"Ashiyane Digital Security Team",php,webapps,0 38636,platforms/multiple/remote/38636.txt,"Cryptocat 2.0.21 Chrome Extension - 'img/keygen.gif' File Information Disclosure",2012-11-07,"Mario Heiderich",multiple,remote,0 38637,platforms/multiple/remote/38637.txt,"Cryptocat 2.0.22 - Arbitrary Script Injection",2012-11-07,"Mario Heiderich",multiple,remote,0 -38638,platforms/php/webapps/38638.txt,"Mintboard - Multiple Cross-Site Scripting Vulnerabilities",2013-07-10,"Canberk BOLAT",php,webapps,0 -38639,platforms/php/webapps/38639.txt,"miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2013-07-11,Netsparker,php,webapps,0 +38638,platforms/php/webapps/38638.txt,"Mintboard - Multiple Cross-site Scripting Vulnerabilities",2013-07-10,"Canberk BOLAT",php,webapps,0 +38639,platforms/php/webapps/38639.txt,"miniBB - SQL Injection / Multiple Cross-site Scripting Vulnerabilities",2013-07-11,Netsparker,php,webapps,0 38640,platforms/multiple/webapps/38640.rb,"OpenSSL - Alternative Chains Certificate Forgery",2015-11-05,"Ramon de C Valle",multiple,webapps,0 38641,platforms/multiple/webapps/38641.rb,"JSSE - SKIP-TLS Exploit",2015-11-05,"Ramon de C Valle",multiple,webapps,0 -38643,platforms/php/webapps/38643.txt,"WordPress Pie Register Plugin - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities",2013-07-12,gravitylover,php,webapps,0 +38643,platforms/php/webapps/38643.txt,"WordPress Pie Register Plugin - 'wp-login.php' Multiple Cross-site Scripting Vulnerabilities",2013-07-12,gravitylover,php,webapps,0 38646,platforms/jsp/webapps/38646.txt,"NXFilter 3.0.3 - Multiple XSS Vulnerabilities",2015-11-06,hyp3rlinx,jsp,webapps,0 38648,platforms/php/webapps/38648.txt,"WordPress My Calendar Plugin 2.4.10 - Multiple Vulnerabilities",2015-11-06,Mysticism,php,webapps,0 38649,platforms/php/webapps/38649.txt,"Google AdWords API PHP client library 6.2.0 - Arbitrary PHP Code Execution",2015-11-07,"Dawid Golunski",php,webapps,0 @@ -34920,13 +34920,13 @@ id,file,description,date,author,platform,type,port 38652,platforms/php/webapps/38652.txt,"Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)",2015-11-07,"Dawid Golunski",php,webapps,0 38653,platforms/asp/webapps/38653.txt,"Corda Highwire - 'Highwire.ashx' File Path Disclosure",2013-07-12,"Adam Willard",asp,webapps,0 38654,platforms/php/webapps/38654.txt,"OpenEMR 4.1 - 'note' Parameter HTML Injection",2013-07-12,"Nate Drier",php,webapps,0 -38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector - 'redirector.corda' Cross-Site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 -38656,platforms/php/webapps/38656.html,"PrestaShop - Multiple Cross-Site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 -38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Stored XSS",2015-11-09,Nu11By73,hardware,webapps,0 +38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector - 'redirector.corda' Cross-site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 +38656,platforms/php/webapps/38656.html,"PrestaShop - Multiple Cross-site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 +38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Persistent Cross-site Scripting",2015-11-09,Nu11By73,hardware,webapps,0 39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 -38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - CSRF",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 +38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - Cross-site Request Forgery",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 38664,platforms/java/webapps/38664.py,"Jenkins 1.633 - Unauthenticated Credential Recovery",2015-11-10,"The Repo",java,webapps,0 @@ -34936,32 +34936,32 @@ id,file,description,date,author,platform,type,port 38668,platforms/windows/local/38668.c,"Cisco WebEx One-Click Client Password Encryption - Information Disclosure",2013-07-09,"Brad Antoniewicz",windows,local,0 38669,platforms/multiple/remote/38669.txt,"MongoDB - 'conn' Mongo Object Remote Code Execution",2013-06-04,"SCRT Security",multiple,remote,0 38684,platforms/php/webapps/38684.txt,"R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities",2015-11-12,LiquidWorm,php,webapps,0 -38671,platforms/hardware/remote/38671.txt,"Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities",2013-07-17,"Benjamin Kunz Mejri",hardware,remote,0 +38671,platforms/hardware/remote/38671.txt,"Barracuda CudaTel - Multiple Cross-site Scripting Vulnerabilities",2013-07-17,"Benjamin Kunz Mejri",hardware,remote,0 38672,platforms/windows/local/38672.txt,"YardRadius - Multiple Local Format String Vulnerabilities",2013-06-30,"Hamid Zamani",windows,local,0 38673,platforms/php/webapps/38673.txt,"Collabtive - Multiple Security Vulnerabilities",2013-07-22,"Enrico Cinquini",php,webapps,0 -38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 -38675,platforms/php/webapps/38675.html,"Magnolia CMS - Multiple Cross-Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 -38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin - Cross-Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 +38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin - 'cID' Parameter Cross-site Scripting",2013-07-22,"IeDb ir",php,webapps,0 +38675,platforms/php/webapps/38675.html,"Magnolia CMS - Multiple Cross-site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 +38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin - Cross-site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 38677,platforms/php/webapps/38677.txt,"VBulletin 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 38678,platforms/php/webapps/38678.txt,"WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 -38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 +38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) - Multiple Cross-site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 38680,platforms/linux/remote/38680.html,"xmonad XMonad.Hooks.DynamicLog Module - Multiple Remote Command Injection Vulnerabilities",2013-07-26,"Joachim Breitner",linux,remote,0 38681,platforms/linux/dos/38681.py,"FBZX 2.10 - Local Stack-Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,dos,0 38682,platforms/php/webapps/38682.txt,"Jahia xCM - /engines/manager.jsp site Parameter XSS",2013-07-31,"High-Tech Bridge",php,webapps,0 38683,platforms/php/webapps/38683.txt,"Jahia xCM - /administration/ Multiple Parameter XSS",2013-07-31,"High-Tech Bridge",php,webapps,0 38685,platforms/linux/dos/38685.py,"TACK 1.07 - Local Stack-Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,dos,0 -38824,platforms/hardware/remote/38824.html,"Fortinet FortiAnalyzer - Cross-Site Request Forgery",2013-10-12,"William Costa",hardware,remote,0 +38824,platforms/hardware/remote/38824.html,"Fortinet FortiAnalyzer - Cross-site Request Forgery",2013-10-12,"William Costa",hardware,remote,0 38687,platforms/windows/dos/38687.py,"Sam Spade 1.14 - S-Lang Command Field SEH Overflow",2015-11-12,"Nipun Jaswal",windows,dos,0 38688,platforms/php/webapps/38688.txt,"b374k Web Shell - CSRF Command Injection",2015-11-13,hyp3rlinx,php,webapps,0 38689,platforms/php/webapps/38689.txt,"SilverStripe - 'MemberLoginForm.php' Information Disclosure",2013-08-01,"Fara Rustein",php,webapps,0 -38691,platforms/cgi/webapps/38691.txt,"Kwok Information Server - Multiple SQL Injection",2013-08-07,"Yogesh Phadtare",cgi,webapps,0 -38692,platforms/hardware/remote/38692.txt,"AlgoSec Firewall Analyzer - Cross-Site Scripting",2013-08-16,"Asheesh kumar Mani Tripathi",hardware,remote,0 +38691,platforms/cgi/webapps/38691.txt,"Kwok Information Server - Multiple SQL Injections",2013-08-07,"Yogesh Phadtare",cgi,webapps,0 +38692,platforms/hardware/remote/38692.txt,"AlgoSec Firewall Analyzer - Cross-site Scripting",2013-08-16,"Asheesh kumar Mani Tripathi",hardware,remote,0 38693,platforms/php/webapps/38693.txt,"Advanced Guestbook - 'addentry.php' Arbitrary Shell Upload",2013-08-08,"Ashiyane Digital Security Team",php,webapps,0 38694,platforms/windows/remote/38694.txt,"HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-08-11,Iranian_Dark_Coders_Team,windows,remote,0 38695,platforms/php/webapps/38695.txt,"CakePHP - AssetDispatcher Class Local File Inclusion",2013-08-13,"Takeshi Terada",php,webapps,0 -38696,platforms/asp/webapps/38696.txt,"DotNetNuke 6.1.x - Cross-Site Scripting",2013-08-13,"Sajjad Pourali",asp,webapps,0 +38696,platforms/asp/webapps/38696.txt,"DotNetNuke 6.1.x - Cross-site Scripting",2013-08-13,"Sajjad Pourali",asp,webapps,0 38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 - 'view' Parameter Local File Inclusion",2013-08-15,ICheer_No0M,php,webapps,0 -38698,platforms/php/webapps/38698.html,"CF Image Host 1.65 - CSRF",2015-11-16,hyp3rlinx,php,webapps,0 +38698,platforms/php/webapps/38698.html,"CF Image Host 1.65 - Cross-site Request Forgery",2015-11-16,hyp3rlinx,php,webapps,0 38699,platforms/php/webapps/38699.txt,"CF Image Host 1.65 - PHP Command Injection",2015-11-16,hyp3rlinx,php,webapps,0 38700,platforms/windows/local/38700.pl,"TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow Exploit",2015-11-16,LiquidWorm,windows,local,0 38701,platforms/windows/dos/38701.txt,"TECO SG2 FBD Client 3.51 - .gfb SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 @@ -34970,12 +34970,12 @@ id,file,description,date,author,platform,type,port 38704,platforms/windows/local/38704.pl,"TECO JN5 L510-DriveLink 1.482 - .lf5 SEH Overwrite Buffer Overflow Exploit",2015-11-16,LiquidWorm,windows,local,0 38705,platforms/windows/dos/38705.py,"Sam Spade 1.14 - Browse URL Buffer Overflow PoC",2015-11-16,"Nipun Jaswal",windows,dos,0 38706,platforms/multiple/webapps/38706.txt,"VLC Web Interface 2.2.1 - Metadata Title XSS",2015-11-16,"Andrea Sindoni",multiple,webapps,0 -38707,platforms/hardware/webapps/38707.txt,"D-link Wireless Router DIR-816L - CSRF",2015-11-16,"Bhadresh Patel",hardware,webapps,0 +38707,platforms/hardware/webapps/38707.txt,"D-link Wireless Router DIR-816L - Cross-site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0 38708,platforms/lin_x86-64/shellcode/38708.asm,"Linux/x86-64 - egghunter shellcode (24 bytes)",2015-11-16,d4sh&r,lin_x86-64,shellcode,0 38709,platforms/php/webapps/38709.txt,"MCImageManager - Multiple Security Vulnerabilities",2013-07-16,MustLive,php,webapps,0 38710,platforms/windows/dos/38710.py,"foobar2000 1.3.9 - (.pls; .m3u; .m3u8) Local Crash PoC",2015-11-16,"Antonio Z.",windows,dos,0 38711,platforms/windows/dos/38711.py,"foobar2000 1.3.9 - (.asx) Local Crash PoC",2015-11-16,"Antonio Z.",windows,dos,0 -38712,platforms/php/webapps/38712.txt,"Bo-Blog 2.1.1 - Cross-Site Scripting / SQL Injection",2013-08-20,"Ashiyane Digital Security Team",php,webapps,0 +38712,platforms/php/webapps/38712.txt,"Bo-Blog 2.1.1 - Cross-site Scripting / SQL Injection",2013-08-20,"Ashiyane Digital Security Team",php,webapps,0 38713,platforms/windows/dos/38713.txt,"Windows Kernel - win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 38714,platforms/windows/dos/38714.txt,"Windows Kernel - win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 38715,platforms/hardware/remote/38715.txt,"D-Link DIR-815 / DIR-850L - SSDP Command Injection",2015-11-16,"Samuel Huntley",hardware,remote,1900 @@ -34990,9 +34990,9 @@ id,file,description,date,author,platform,type,port 38724,platforms/hardware/remote/38724.txt,"D-Link DIR-601 - Command Injection",2015-11-16,"Samuel Huntley",hardware,remote,80 38725,platforms/hardware/remote/38725.txt,"D-Link DIR-880L - Multiple Buffer Overflow Vulnerabilities",2015-11-16,"Samuel Huntley",hardware,remote,80 38726,platforms/hardware/remote/38726.txt,"D-Link DGL5500 - HNAP Buffer Overflow",2015-11-16,"Samuel Huntley",hardware,remote,80 -38727,platforms/php/webapps/38727.txt,"AlegroCart 1.2.8 - Multiple SQL Injection",2015-11-16,"Curesec Research Team",php,webapps,80 +38727,platforms/php/webapps/38727.txt,"AlegroCart 1.2.8 - Multiple SQL Injections",2015-11-16,"Curesec Research Team",php,webapps,80 38728,platforms/php/webapps/38728.txt,"AlegroCart 1.2.8 - LFI/RFI",2015-11-16,"Curesec Research Team",php,webapps,80 -38729,platforms/php/webapps/38729.txt,"ClipperCMS 1.3.0 - Multiple SQL Injection",2015-11-16,"Curesec Research Team",php,webapps,80 +38729,platforms/php/webapps/38729.txt,"ClipperCMS 1.3.0 - Multiple SQL Injections",2015-11-16,"Curesec Research Team",php,webapps,80 38730,platforms/php/remote/38730.py,"ClipperCMS 1.3.0 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 38731,platforms/php/remote/38731.py,"XCart 5.2.6 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 - post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 @@ -35006,16 +35006,16 @@ id,file,description,date,author,platform,type,port 38740,platforms/php/webapps/38740.txt,"cm3 Acora CMS - 'top.aspx' Information Disclosure",2013-08-26,"Pedro Andujar",php,webapps,0 38741,platforms/linux/remote/38741.txt,"Nmap - Arbitrary File Write",2013-08-06,"Piotr Duszynski",linux,remote,0 38742,platforms/windows/remote/38742.txt,"Aloaha PDF Suite - Stack Based Buffer Overflow",2013-08-28,"Marcos Accossatto",windows,remote,0 -38744,platforms/php/webapps/38744.txt,"appRain CMF - Multiple Cross-Site Request Forgery Vulnerabilities",2013-08-29,"Yashar shahinzadeh",php,webapps,0 +38744,platforms/php/webapps/38744.txt,"appRain CMF - Multiple Cross-site Request Forgery Vulnerabilities",2013-08-29,"Yashar shahinzadeh",php,webapps,0 38745,platforms/php/webapps/38745.txt,"Xibo - 'layout' Parameter HTML Injection",2013-08-21,"Jacob Holcomb",php,webapps,0 -38746,platforms/php/webapps/38746.html,"Xibo - Cross-Site Request Forgery",2013-08-21,"Jacob Holcomb",php,webapps,0 +38746,platforms/php/webapps/38746.html,"Xibo - Cross-site Request Forgery",2013-08-21,"Jacob Holcomb",php,webapps,0 38747,platforms/windows/dos/38747.py,"Pwstore - Denial of Service",2013-04-16,"Josep Pi Rodriguez",windows,dos,0 38748,platforms/php/webapps/38748.txt,"dBlog CMS - 'm' Parameter SQL Injection",2013-09-03,ACC3SS,php,webapps,0 38749,platforms/asp/webapps/38749.txt,"Flo CMS - 'archivem' Parameter SQL Injection",2013-09-03,ACC3SS,asp,webapps,0 38750,platforms/php/webapps/38750.txt,"WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 38751,platforms/windows/local/38751.txt,"IBM i Access 7.1 - Buffer Overflow Code Execution",2015-11-18,hyp3rlinx,windows,local,0 38752,platforms/windows/local/38752.c,"Watchguard Server Center - Local Privilege Escalation",2013-09-08,"Julien Ahrens",windows,local,0 -38753,platforms/php/webapps/38753.html,"WordPress Event Easy Calendar Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 +38753,platforms/php/webapps/38753.html,"WordPress Event Easy Calendar Plugin - Multiple Cross-site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 38754,platforms/php/webapps/38754.txt,"eTransfer Lite - 'file name' Parameter HTML Injection",2013-09-10,"Benjamin Kunz Mejri",php,webapps,0 38755,platforms/php/webapps/38755.txt,"WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection",2013-09-13,"Ashiyane Digital Security Team",php,webapps,0 38756,platforms/php/webapps/38756.txt,"WordPress RokNewsPager Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-18,MustLive,php,webapps,0 @@ -35024,10 +35024,10 @@ id,file,description,date,author,platform,type,port 38759,platforms/windows/dos/38759.py,"SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow",2015-11-19,"Luis Martínez",windows,dos,0 38760,platforms/windows/dos/38760.py,"SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow",2015-11-19,"Luis Martínez",windows,dos,0 38761,platforms/windows/dos/38761.py,"Sam Spade 1.14 - Decode URL Buffer Overflow Crash PoC",2015-11-19,"Vivek Mahajan",windows,dos,0 -38762,platforms/windows/webapps/38762.txt,"Netwin SurgeFTP Sever 23d6 - Stored Cross-Site Scripting",2015-11-19,Un_N0n,windows,webapps,0 +38762,platforms/windows/webapps/38762.txt,"Netwin SurgeFTP Sever 23d6 - Persistent Cross-site Scripting",2015-11-19,Un_N0n,windows,webapps,0 38763,platforms/lin_x86/dos/38763.txt,"Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow",2015-11-19,"Google Security Research",lin_x86,dos,0 38764,platforms/hardware/remote/38764.rb,"F5 iControl - iCall::Script Root Command Execution",2015-11-19,Metasploit,hardware,remote,443 -38765,platforms/php/webapps/38765.txt,"Horde Groupware 5.2.10 - CSRF",2015-11-19,"High-Tech Bridge SA",php,webapps,80 +38765,platforms/php/webapps/38765.txt,"Horde Groupware 5.2.10 - Cross-site Request Forgery",2015-11-19,"High-Tech Bridge SA",php,webapps,80 38766,platforms/multiple/remote/38766.java,"Mozilla Firefox 9.0.1 - Same Origin Policy Security Bypass",2013-09-17,"Takeshi Terada",multiple,remote,0 38767,platforms/php/webapps/38767.txt,"WordPress RokIntroScroller Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 38768,platforms/php/webapps/38768.txt,"WordPress RokMicroNews Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 @@ -35036,7 +35036,7 @@ id,file,description,date,author,platform,type,port 38771,platforms/windows/dos/38771.py,"ShareKM - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 38773,platforms/hardware/webapps/38773.txt,"ZTE ZXHN H108N R1A / ZXV10 W300 Routers - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,0 38781,platforms/php/webapps/38781.txt,"AlienVault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection",2013-10-02,"Yu-Chi Ding",php,webapps,0 -38803,platforms/php/webapps/38803.txt,"WP-Client 3.8.7 - Stored XSS",2015-11-24,"Pier-Luc Maltais",php,webapps,80 +38803,platforms/php/webapps/38803.txt,"WP-Client 3.8.7 - Persistent Cross-site Scripting",2015-11-24,"Pier-Luc Maltais",php,webapps,80 38782,platforms/php/webapps/38782.php,"WordPress SEO Watcher Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0 38775,platforms/linux/local/38775.rb,"Chkrootkit - Local Privilege Escalation",2015-11-20,Metasploit,linux,local,0 38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0 @@ -35066,7 +35066,7 @@ id,file,description,date,author,platform,type,port 38802,platforms/multiple/remote/38802.txt,"Oracle Glassfish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access",2013-10-15,"Alex Kouzemtchenko",multiple,remote,0 38804,platforms/hardware/remote/38804.py,"Multiple Level One Enterprise Access Point Devices - 'backupCfg.cgi' Security Bypass",2013-10-15,"Richard Weinberger",hardware,remote,0 38805,platforms/multiple/remote/38805.txt,"SAP Sybase Adaptive Server Enterprise - XML External Entity Information Disclosure",2015-11-25,"Igor Bulatenko",multiple,remote,0 -38806,platforms/cgi/webapps/38806.txt,"Bugzilla - 'editflagtypes.cgi' Multiple Cross-Site Scripting Vulnerabilities",2013-10-09,"Mateusz Goik",cgi,webapps,0 +38806,platforms/cgi/webapps/38806.txt,"Bugzilla - 'editflagtypes.cgi' Multiple Cross-site Scripting Vulnerabilities",2013-10-09,"Mateusz Goik",cgi,webapps,0 38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 - Tabular Reports Unspecified XSS",2013-10-09,"Mateusz Goik",cgi,webapps,0 38808,platforms/php/webapps/38808.txt,"WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 38809,platforms/php/remote/38809.php,"PHP Point Of Sale - 'ofc_upload_image.php' Remote Code Execution",2013-10-18,Gabby,php,remote,0 @@ -35076,10 +35076,10 @@ id,file,description,date,author,platform,type,port 38813,platforms/multiple/remote/38813.txt,"Apache Shindig - XML External Entity Information Disclosure",2013-10-21,"Kousuke Ebihara",multiple,remote,0 38814,platforms/php/webapps/38814.php,"Joomla! Maian15 Component - 'name' Parameter Arbitrary Shell Upload",2013-10-20,SultanHaikal,php,webapps,0 38815,platforms/lin_x86-64/shellcode/38815.c,"Linux/x86-64 - Polymorphic execve Shellcode (31 bytes)",2015-11-25,d4sh&r,lin_x86-64,shellcode,0 -38816,platforms/jsp/webapps/38816.html,"JReport - 'dealSchedules.jsp' Cross-Site Request Forgery",2013-10-25,"Poonam Singh",jsp,webapps,0 +38816,platforms/jsp/webapps/38816.html,"JReport - 'dealSchedules.jsp' Cross-site Request Forgery",2013-10-25,"Poonam Singh",jsp,webapps,0 38817,platforms/linux/local/38817.txt,"Poppler 0.14.3 - '/utils/pdfseparate.cc' Local Format String",2013-10-26,"Daniel Kahn Gillmor",linux,local,0 38818,platforms/multiple/remote/38818.xml,"Openbravo ERP - XML External Entity Information Disclosure",2013-10-30,"Tod Beardsley",multiple,remote,0 -38819,platforms/php/webapps/38819.txt,"Course Registration Management System - Cross-Site Scripting / SQL Injection",2013-10-21,"Omar Kurt",php,webapps,0 +38819,platforms/php/webapps/38819.txt,"Course Registration Management System - Cross-site Scripting / SQL Injection",2013-10-21,"Omar Kurt",php,webapps,0 38820,platforms/php/webapps/38820.php,"WordPress This Way Theme - 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 38821,platforms/android/remote/38821.py,"Google Android - Signature Verification Security Bypass",2013-11-04,"Jay Freeman",android,remote,0 38822,platforms/windows/webapps/38822.rb,"Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection (Metasploit)",2015-11-28,hland,windows,webapps,8080 @@ -35095,19 +35095,19 @@ id,file,description,date,author,platform,type,port 38833,platforms/linux/webapps/38833.txt,"Kodi 15 - Arbitrary File Aaccess (Web Interface)",2015-12-01,"Machiel Pronk",linux,webapps,0 38840,platforms/hardware/webapps/38840.txt,"Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities",2015-12-01,"Rahul Pratap Singh",hardware,webapps,80 38841,platforms/php/webapps/38841.txt,"Zenphoto 1.4.10 - Local File Inclusion",2015-12-01,hyp3rlinx,php,webapps,80 -38842,platforms/php/webapps/38842.txt,"Testa OTMS - Multiple SQL Injection",2013-11-13,"Ashiyane Digital Security Team",php,webapps,0 +38842,platforms/php/webapps/38842.txt,"Testa OTMS - Multiple SQL Injections",2013-11-13,"Ashiyane Digital Security Team",php,webapps,0 38843,platforms/php/webapps/38843.txt,"TomatoCart - 'install/rpc.php' Local File Inclusion",2013-11-18,Esac,php,webapps,0 38835,platforms/multiple/local/38835.py,"Centos 7.1/Fedora 22 - abrt Local Root",2015-12-01,rebel,multiple,local,0 38836,platforms/multiple/webapps/38836.txt,"ntop-ng 2.0.151021 - Privilege Escalation",2015-12-01,"Dolev Farhi",multiple,webapps,0 38837,platforms/php/webapps/38837.txt,"IP.Board 4.1.4.x - Persistent XSS",2015-12-01,"Mehdi Alouache",php,webapps,0 -38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin - Cross-Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 +38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin - Cross-site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 38846,platforms/multiple/remote/38846.txt,"nginx 1.1.17 - URI Processing Security Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Local Privilege Escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 38848,platforms/php/webapps/38848.php,"WordPress Suco Themes - 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock)",2015-12-02,Metasploit,cgi,remote,0 38850,platforms/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics - Remote Code Injection",2013-11-22,"Eduardo Gonzalez",hardware,remote,0 -38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router - Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 +38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router - Cross-site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 38852,platforms/php/webapps/38852.pl,"phpThumb - 'phpThumb.php' Arbitrary File Upload",2013-12-01,DevilScreaM,php,webapps,0 38853,platforms/hardware/remote/38853.sh,"Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure",2013-12-02,tytusromekiatomek,hardware,remote,0 38854,platforms/linux/dos/38854.sh,"Net-SNMP - SNMPD AgentX Subagent Timeout Denial of Service",2012-09-05,"Ken Farnen",linux,dos,0 @@ -35135,7 +35135,7 @@ id,file,description,date,author,platform,type,port 38876,platforms/php/webapps/38876.txt,"C2C Forward Auction Creator 2.0 - /auction/asp/list.asp pa Parameter SQL Injection",2013-12-16,R3d-D3V!L,php,webapps,0 38877,platforms/php/webapps/38877.txt,"C2C Forward Auction Creator - /auction/casp/admin.asp SQL Injection Admin Authentication Bypass",2013-12-16,R3d-D3V!L,php,webapps,0 38878,platforms/windows/dos/38878.txt,"WinAsm Studio 5.1.8.8 - Buffer Overflow Crash PoC",2015-12-06,Un_N0n,windows,dos,0 -38879,platforms/asp/webapps/38879.txt,"Etoshop B2B Vertical Marketplace Creator - Multiple SQL Injection",2013-12-14,R3d-D3V!L,asp,webapps,0 +38879,platforms/asp/webapps/38879.txt,"Etoshop B2B Vertical Marketplace Creator - Multiple SQL Injections",2013-12-14,R3d-D3V!L,asp,webapps,0 38880,platforms/php/webapps/38880.txt,"Veno File Manager - 'q' Parameter Arbitrary File Download",2013-12-11,"Daniel Godoy",php,webapps,0 38881,platforms/php/webapps/38881.html,"Piwigo - admin.php User Creation CSRF",2013-12-17,sajith,php,webapps,0 38882,platforms/cgi/webapps/38882.txt,"Icinga - cgi/config.c process_cgivars Function Off-by-one Read Remote DoS",2013-12-16,"DTAG Group Information Security",cgi,webapps,0 @@ -35152,7 +35152,7 @@ id,file,description,date,author,platform,type,port 38895,platforms/php/webapps/38895.txt,"SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities",2015-12-08,HaHwul,php,webapps,80 38896,platforms/xml/webapps/38896.py,"OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit",2015-12-08,LiquidWorm,xml,webapps,0 38897,platforms/xml/webapps/38897.txt,"OpenMRS 2.3 (1.11.4) - Expression Language Injection",2015-12-08,LiquidWorm,xml,webapps,0 -38898,platforms/xml/webapps/38898.txt,"OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities",2015-12-08,LiquidWorm,xml,webapps,0 +38898,platforms/xml/webapps/38898.txt,"OpenMRS 2.3 (1.11.4) - Multiple Cross-site Scripting Vulnerabilities",2015-12-08,LiquidWorm,xml,webapps,0 38899,platforms/xml/webapps/38899.txt,"OpenMRS 2.3 (1.11.4) - Local File Disclosure",2015-12-08,LiquidWorm,xml,webapps,0 38900,platforms/php/remote/38900.rb,"phpFileManager 0.9.8 - Remote Code Execution",2015-12-08,Metasploit,php,remote,80 38901,platforms/php/webapps/38901.txt,"PHP Utility Belt - Remote Code Execution",2015-12-08,WICS,php,webapps,80 @@ -35169,18 +35169,18 @@ id,file,description,date,author,platform,type,port 38912,platforms/windows/remote/38912.txt,"Microsoft Windows Media Center - .Link File Incorrectly Resolved Reference",2015-12-09,"Core Security",windows,remote,0 38913,platforms/hardware/webapps/38913.txt,"WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 38914,platforms/hardware/webapps/38914.txt,"WIMAX MT711x - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 -38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - XSS / CSRF",2015-12-09,Mysticism,php,webapps,80 -38916,platforms/windows/dos/38916.html,"IE 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 +38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - XSS / Cross-site Request Forgery",2015-12-09,Mysticism,php,webapps,80 +38916,platforms/windows/dos/38916.html,"Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 38917,platforms/osx/dos/38917.txt,"MacOS X 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object - els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 -38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module - Cross-Site Request Forgery",2013-12-26,arno,php,webapps,0 +38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module - Cross-site Request Forgery",2013-12-26,arno,php,webapps,0 38920,platforms/php/webapps/38920.txt,"AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38921,platforms/php/webapps/38921.txt,"AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38922,platforms/php/webapps/38922.txt,"AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38923,platforms/windows/remote/38923.txt,"Apple Safari For Windows - PhishingAlert Security Bypass Weakness",2013-12-07,Jackmasa,windows,remote,0 -38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0 +38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-site Request Forgery",2013-12-17,MustLive,php,webapps,0 38927,platforms/php/webapps/38927.txt,"iy10 Dizin Scripti - Multiple Vulnerabilities",2015-12-10,KnocKout,php,webapps,80 -38928,platforms/php/webapps/38928.txt,"Gökhan Balbal Script 2.0 - CSRF",2015-12-10,KnocKout,php,webapps,80 +38928,platforms/php/webapps/38928.txt,"Gökhan Balbal Script 2.0 - Cross-site Request Forgery",2015-12-10,KnocKout,php,webapps,80 38929,platforms/hardware/webapps/38929.txt,"Skybox Platform <=7.0.611 - Multiple Vulnerabilities",2015-12-10,"SEC Consult",hardware,webapps,8443 38930,platforms/multiple/dos/38930.txt,"Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption",2015-12-10,"Google Security Research",multiple,dos,0 38931,platforms/multiple/dos/38931.txt,"Avast - OOB Write Decrypting PEncrypt Packed Executables",2015-12-10,"Google Security Research",multiple,dos,0 @@ -35217,14 +35217,14 @@ id,file,description,date,author,platform,type,port 39096,platforms/php/webapps/39096.txt,"i-doit Pro - 'objID' Parameter SQL Injection",2014-02-17,"Stephan Rickauer",php,webapps,0 39097,platforms/linux/remote/39097.txt,"Red Hat Piranha - Remote Security Bypass",2013-12-11,"Andreas Schiermeier",linux,remote,0 39098,platforms/php/webapps/39098.txt,"Joomla! Wire Immogest Component - 'index.php' SQL Injection",2014-02-17,MR.XpR,php,webapps,0 -39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injection",2014-01-13,"Rohan Stelling",php,webapps,0 +39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injections",2014-01-13,"Rohan Stelling",php,webapps,0 38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 - CPU Command Module (Metasploit)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 39095,platforms/php/dos/39095.pl,"MyBB 1.6.12 - 'misc.php' Remote Denial of Service",2014-02-12,Amir,php,dos,0 38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 38969,platforms/multiple/dos/38969.txt,"Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 38970,platforms/multiple/dos/38970.txt,"Adobe Flash - Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter",2015-12-14,"Google Security Research",multiple,dos,0 38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Path Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 -38972,platforms/windows/dos/38972.html,"Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free (MS15-124)",2015-12-14,"Moritz Jodeit",windows,dos,0 +38972,platforms/windows/dos/38972.html,"Microsoft Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free (MS15-124)",2015-12-14,"Moritz Jodeit",windows,dos,0 38973,platforms/multiple/remote/38973.rb,"Legend Perl IRC Bot - Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 38974,platforms/multiple/remote/38974.rb,"Xdh / LinuxNet Perlbot / fBot IRC Bot - Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 38975,platforms/php/webapps/38975.txt,"Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion",2015-12-14,"High-Tech Bridge SA",php,webapps,80 @@ -35242,7 +35242,7 @@ id,file,description,date,author,platform,type,port 38987,platforms/php/webapps/38987.html,"Dredge School Administration System - /DSM/loader.php Admin Account Manipulation CSRF",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38988,platforms/php/webapps/38988.txt,"Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38989,platforms/php/webapps/38989.txt,"Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusion",2015-12-15,bd0rk,php,webapps,80 -38991,platforms/php/webapps/38991.pl,"Ovidentia newsletter Module 2.2 - (admin.php) Remote File Inclusion Exploit",2015-12-16,bd0rk,php,webapps,80 +38991,platforms/php/webapps/38991.pl,"Ovidentia newsletter Module 2.2 - 'admin.php' Remote File Inclusion Exploit",2015-12-16,bd0rk,php,webapps,80 38992,platforms/multiple/dos/38992.txt,"Wireshark - iseries_parse_packet Heap-Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 38993,platforms/multiple/dos/38993.txt,"Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 38994,platforms/multiple/dos/38994.txt,"Wireshark - wmem_alloc Assertion Failure",2015-12-16,"Google Security Research",multiple,dos,0 @@ -35264,8 +35264,8 @@ id,file,description,date,author,platform,type,port 39010,platforms/linux/local/39010.c,"QEMU (Gentoo) - Local Priv Escalation",2015-12-17,zx2c4,linux,local,0 39011,platforms/php/webapps/39011.txt,"UAEPD Shopping Script - /products.php Multiple Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39012,platforms/php/webapps/39012.txt,"UAEPD Shopping Script - /news.php id Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39013,platforms/php/webapps/39013.html,"Built2Go PHP Shopping - Admin Password Cross-Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39014,platforms/php/webapps/39014.txt,"EZGenerator - Local File Disclosure / Cross-Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39013,platforms/php/webapps/39013.html,"Built2Go PHP Shopping - Admin Password Cross-site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39014,platforms/php/webapps/39014.txt,"EZGenerator - Local File Disclosure / Cross-site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39015,platforms/php/webapps/39015.txt,"Atmail Webmail Server - Email Body HTML Injection",2014-01-14,"Zhao Liang",php,webapps,0 39016,platforms/php/webapps/39016.txt,"Joomla! Almond Classifieds Component - Arbitrary File Upload",2014-01-10,DevilScreaM,php,webapps,0 39017,platforms/php/webapps/39017.txt,"Zen Cart 1.5.4 - Local File Inclusion",2015-12-17,"High-Tech Bridge SA",php,webapps,80 @@ -35287,7 +35287,7 @@ id,file,description,date,author,platform,type,port 39033,platforms/php/webapps/39033.py,"Joomla 1.5 < 3.4.5 - Object Injection RCE X-Forwarded-For Header",2015-12-18,"Andrew McNicol",php,webapps,80 39034,platforms/php/webapps/39034.html,"Ovidentia maillist Module 4.0 - Remote File Inclusion Exploit",2015-12-18,bd0rk,php,webapps,80 39035,platforms/win_x86-64/local/39035.txt,"Microsoft Windows 8.1 - win32k Local Privilege Escalation (MS15-010)",2015-12-18,"Jean-Jamil Khalife",win_x86-64,local,0 -39099,platforms/php/webapps/39099.txt,"Rhino - Cross-Site Scripting / Password Reset Security Bypass Vulnerabilities",2014-02-12,Slotleet,php,webapps,0 +39099,platforms/php/webapps/39099.txt,"Rhino - Cross-site Scripting / Password Reset Security Bypass Vulnerabilities",2014-02-12,Slotleet,php,webapps,0 39037,platforms/windows/dos/39037.php,"Apache 2.4.17 - Denial of Service",2015-12-18,rUnViRuS,windows,dos,0 39038,platforms/php/webapps/39038.txt,"PFSense 2.2.5 - Directory Traversal",2015-12-18,R-73eN,php,webapps,0 39039,platforms/multiple/dos/39039.txt,"Google Chrome - Renderer Process to Browser Process Privilege Escalation",2015-12-18,"Google Security Research",multiple,dos,0 @@ -35334,10 +35334,10 @@ id,file,description,date,author,platform,type,port 39081,platforms/php/webapps/39081.txt,"Atmail WebMail - INBOX.Trash mailId Parameter Reflected XSS",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 39082,platforms/multiple/dos/39082.txt,"PHP 7.0.0 - Format String",2015-12-23,"Andrew Kramer",multiple,dos,0 39083,platforms/php/webapps/39083.txt,"Bigware Shop 2.3.01 - Multiple Local File Inclusion",2015-12-23,bd0rk,php,webapps,80 -39084,platforms/php/webapps/39084.txt,"Grawlix 1.0.3 - CSRF",2015-12-23,"Curesec Research Team",php,webapps,80 +39084,platforms/php/webapps/39084.txt,"Grawlix 1.0.3 - Cross-site Request Forgery",2015-12-23,"Curesec Research Team",php,webapps,80 39085,platforms/php/webapps/39085.txt,"Arastta 1.1.5 - SQL Injection",2015-12-23,"Curesec Research Team",php,webapps,80 -39086,platforms/php/webapps/39086.txt,"PhpSocial 2.0.0304_20222226 - CSRF",2015-12-23,"Curesec Research Team",php,webapps,80 -39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b beta - Image Gallery Remote File Inclusion / Cross-Site Scripting",2014-02-05,"TUNISIAN CYBER",php,webapps,0 +39086,platforms/php/webapps/39086.txt,"PhpSocial 2.0.0304_20222226 - Cross-site Request Forgery",2015-12-23,"Curesec Research Team",php,webapps,80 +39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b beta - Image Gallery Remote File Inclusion / Cross-site Scripting",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39088,platforms/php/webapps/39088.txt,"Joomla! Projoom NovaSFH Plugin - 'upload.php' Arbitrary File Upload",2013-12-13,"Yuri Kramarz",php,webapps,0 39089,platforms/hardware/remote/39089.txt,"NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 39090,platforms/php/webapps/39090.php,"WordPress Kiddo Theme - Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 @@ -35350,7 +35350,7 @@ id,file,description,date,author,platform,type,port 39102,platforms/windows/local/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 39103,platforms/windows/dos/39103.txt,"AccessDiver 4.301 - Buffer Overflow",2015-12-26,hyp3rlinx,windows,dos,0 39106,platforms/asp/webapps/39106.txt,"eshtery CMS - 'FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 -39107,platforms/php/webapps/39107.txt,"ATutor - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 +39107,platforms/php/webapps/39107.txt,"ATutor - Multiple Cross-site Scripting / HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 39108,platforms/php/webapps/39108.txt,"POSH 3.1.x - 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 39109,platforms/php/webapps/39109.txt,"WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 39110,platforms/php/webapps/39110.txt,"Cory Jobs Search - 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 @@ -35360,8 +35360,8 @@ id,file,description,date,author,platform,type,port 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 39116,platforms/php/webapps/39116.txt,"GNUboard 4.3x - 'ajax.autosave.php' Multiple SQL Injection",2014-03-19,"Claepo Wang",php,webapps,0 -39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 -39118,platforms/php/webapps/39118.html,"osCmax 2.5 - Cross-Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 +39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x - Multiple Cross-site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 +39118,platforms/php/webapps/39118.html,"osCmax 2.5 - Cross-site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP_ DoS 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0 @@ -35378,15 +35378,15 @@ id,file,description,date,author,platform,type,port 39133,platforms/php/webapps/39133.php,"Simple Ads Manager 2.9.4.116 - SQL Injection",2015-12-30,"Kacper Szurek",php,webapps,80 39134,platforms/linux/local/39134.txt,"DeleGate 9.9.13 - Local Root",2015-12-30,"Larry W. Cashdollar",linux,local,0 39135,platforms/php/webapps/39135.php,"WordPress Felici Theme - 'uploadify.php' Arbitrary File Upload",2014-03-23,"CaFc Versace",php,webapps,0 -39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 - Cross-Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 +39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 - Cross-site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 39137,platforms/cgi/webapps/39137.txt,"Primo Interactive CMS - 'pcm.cgi' Remote Command Execution",2014-03-31,"Felipe Andrian Peixoto",cgi,webapps,0 -39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem - Cross-Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 +39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem - Cross-site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 39139,platforms/php/webapps/39139.txt,"PHPFox - Access Control Security Bypass",2014-04-05,"Wesley Henrique",php,webapps,0 39140,platforms/php/webapps/39140.txt,"Joomla! Inneradmission Component - 'index.php' SQL Injection",2014-04-08,Lazmania61,php,webapps,0 39141,platforms/php/webapps/39141.txt,"eazyCMS - 'index.php' SQL Injection",2014-04-09,Renzi,php,webapps,0 39142,platforms/jsp/webapps/39142.txt,"Xangati /servlet/MGConfigData - Multiple Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 39143,platforms/jsp/webapps/39143.txt,"Xangati - /servlet/Installer file Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 -39144,platforms/windows/dos/39144.html,"Internet Explorer 11.0.9600.18124 EdUtil::GetCommonAncestorElement - Denial of Service",2015-12-31,"Marcin Ressel",windows,dos,0 +39144,platforms/windows/dos/39144.html,"Microsoft Internet Explorer 11.0.9600.18124 EdUtil::GetCommonAncestorElement - Denial of Service",2015-12-31,"Marcin Ressel",windows,dos,0 39145,platforms/cgi/webapps/39145.txt,"Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution",2014-04-14,"Jan Kadijk",cgi,webapps,0 39146,platforms/php/webapps/39146.txt,"Jigowatt PHP Event Calendar - 'day_view.php' SQL Injection",2014-04-14,"Daniel Godoy",php,webapps,0 39147,platforms/osx/local/39147.c,"Apple Mac OS X - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0 @@ -35402,7 +35402,7 @@ id,file,description,date,author,platform,type,port 39155,platforms/linux/remote/39155.txt,"lxml - 'clean_html' Function Security Bypass",2014-04-15,"Maksim Kochkin",linux,remote,0 39156,platforms/cgi/webapps/39156.txt,"ZamFoo - Multiple Remote Command Execution Vulnerabilities",2014-04-02,Al-Shabaab,cgi,webapps,0 39157,platforms/php/webapps/39157.txt,"Puntopy - 'novedad.php' SQL Injection",2014-04-06,"Felipe Andrian Peixoto",php,webapps,0 -39158,platforms/windows/dos/39158.txt,"Advanced Encryption Package Buffer Overflow - DoS",2016-01-03,Vishnu,windows,dos,0 +39158,platforms/windows/dos/39158.txt,"Advanced Encryption Package Buffer Overflow - Denial of Service",2016-01-03,Vishnu,windows,dos,0 39159,platforms/windows/local/39159.py,"FTPShell Client 5.24 - Add to Favorites Buffer Overflow",2016-01-04,INSECT.B,windows,local,0 39160,platforms/lin_x86/shellcode/39160.c,"Linux/x86 - execve _/bin/sh_ shellcode (24 bytes)",2016-01-04,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 39161,platforms/windows/remote/39161.py,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)",2016-01-04,"Avinash Thapa",windows,remote,0 @@ -35420,7 +35420,7 @@ id,file,description,date,author,platform,type,port 39173,platforms/php/webapps/39173.txt,"Caldera - /costview2/jobs.php tr Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 39174,platforms/php/webapps/39174.txt,"Caldera - /costview2/printers.php tr Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 39175,platforms/multiple/remote/39175.py,"AssistMyTeam Team Helpdesk - Multiple Information Disclosure Vulnerabilities",2014-05-05,bhamb,multiple,remote,0 -39176,platforms/php/webapps/39176.html,"TOA - Cross-Site Request Forgery",2014-05-08,"High-Tech Bridge",php,webapps,0 +39176,platforms/php/webapps/39176.html,"TOA - Cross-site Request Forgery",2014-05-08,"High-Tech Bridge",php,webapps,0 39177,platforms/multiple/dos/39177.py,"VLC Media Player - '.wav' File Memory Corruption",2014-05-09,"Aryan Bayaninejad",multiple,dos,0 39178,platforms/php/webapps/39178.txt,"CMS Touch - pages.php Page_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 39179,platforms/php/webapps/39179.txt,"CMS Touch - news.php News_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 @@ -35433,7 +35433,7 @@ id,file,description,date,author,platform,type,port 39186,platforms/multiple/remote/39186.pl,"UPS Web/SNMP-Manager CS121 - Authentication Bypass",2014-05-15,jkmac,multiple,remote,0 39187,platforms/asp/webapps/39187.txt,"CIS Manager - 'email' Parameter SQL Injection",2014-05-16,Edge,asp,webapps,0 39188,platforms/php/webapps/39188.txt,"Glossaire Module for XOOPS - '/modules/glossaire/glossaire-aff.php' SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39189,platforms/php/webapps/39189.txt,"Softmatica SMART iPBX - Multiple SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39189,platforms/php/webapps/39189.txt,"Softmatica SMART iPBX - Multiple SQL Injections",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39190,platforms/php/webapps/39190.php,"WordPress cnhk-slideshow Plugin - Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 39191,platforms/php/webapps/39191.txt,"Clipperz Password Manager - 'backend/php/src/setup/rpc.php' Remote Code Execution",2014-05-20,"Manish Tanwar",php,webapps,0 39192,platforms/hardware/webapps/39192.rb,"D-Link DCS-931L - File Upload",2016-01-07,Metasploit,hardware,webapps,0 @@ -35442,8 +35442,8 @@ id,file,description,date,author,platform,type,port 39195,platforms/hardware/remote/39195.c,"Foscam IP Camera - Predictable Credentials Security Bypass",2014-05-08,"Sergey Shekyan",hardware,remote,0 39196,platforms/linux/remote/39196.py,"Apache 'mod_wsgi' Module - Information Disclosure",2014-05-21,"Buck Golemon",linux,remote,0 39197,platforms/php/webapps/39197.txt,"WordPress Booking System (Booking Calendar) Plugin - 'booking_form_id' SQL Injection",2014-05-21,maodun,php,webapps,0 -39198,platforms/php/webapps/39198.html,"User Cake - Cross-Site Request Forgery",2014-05-25,"Dolev Farhi",php,webapps,0 -39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-Site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0 +39198,platforms/php/webapps/39198.html,"User Cake - Cross-site Request Forgery",2014-05-25,"Dolev Farhi",php,webapps,0 +39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0 39200,platforms/php/webapps/39200.txt,"PHP-Nuke 'Submit_News' Component - SQL Injection",2014-05-24,"ali ahmady",php,webapps,0 39373,platforms/osx/dos/39373.c,"OS X Kernel - no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39202,platforms/php/webapps/39202.txt,"WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities",2016-01-08,"Rahul Pratap Singh",php,webapps,0 @@ -35453,11 +35453,11 @@ id,file,description,date,author,platform,type,port 39206,platforms/php/webapps/39206.txt,"webEdition CMS - 'we_fs.php' SQL Injection",2014-05-28,"RedTeam Pentesting GmbH",php,webapps,0 39207,platforms/linux/local/39207.txt,"dpkg Source Package - Index: pseudo-header Processing Multiple Local Directory Traversal",2014-05-25,"Raphael Geissert",linux,local,0 39208,platforms/windows/dos/39208.c,"Microsoft Windows - Touch Injection API Local Denial of Service",2014-05-22,"Tavis Ormandy",windows,dos,0 -39209,platforms/hardware/remote/39209.txt,"Huawei E303 Router - Cross-Site Request Forgery",2014-05-30,"Benjamin Daniel Mussler",hardware,remote,0 +39209,platforms/hardware/remote/39209.txt,"Huawei E303 Router - Cross-site Request Forgery",2014-05-30,"Benjamin Daniel Mussler",hardware,remote,0 39210,platforms/php/webapps/39210.txt,"Seo Panel - 'file' Parameter Directory Traversal",2014-05-15,"Eric Sesterhenn",php,webapps,0 39211,platforms/php/webapps/39211.txt,"WordPress Infocus Theme - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 -39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 -39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin - Cross-site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin - Cross-site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 39214,platforms/linux/local/39214.c,"Linux Kernel 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure",2014-05-28,"Salva Peiro",linux,local,0 39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command SEH Overflow",2016-01-11,TOMIWA,windows,remote,21 39216,platforms/windows/dos/39216.py,"KeePass Password Safe Classic 1.29 - Crash PoC",2016-01-11,"Mohammad Reza Espargham",windows,dos,0 @@ -35487,7 +35487,7 @@ id,file,description,date,author,platform,type,port 39244,platforms/linux/local/39244.txt,"Amanda 3.3.1 - amstar Command Injection Local Root",2016-01-15,"Hacker Fantastic",linux,local,0 39245,platforms/php/webapps/39245.txt,"Roundcube 1.1.3 - Path Traversal",2016-01-15,"High-Tech Bridge SA",php,webapps,80 39246,platforms/php/webapps/39246.txt,"mcart.xls Bitrix Module 6.5.2 - SQL Injection",2016-01-15,"High-Tech Bridge SA",php,webapps,80 -39250,platforms/php/webapps/39250.txt,"WordPress DZS-VideoGallery Plugin - Cross-Site Scripting / Command Injection",2014-07-13,MustLive,php,webapps,0 +39250,platforms/php/webapps/39250.txt,"WordPress DZS-VideoGallery Plugin - Cross-site Scripting / Command Injection",2014-07-13,MustLive,php,webapps,0 39251,platforms/php/webapps/39251.txt,"WordPress BookX Plugin - 'includes/bookx_export.php' Local File Inclusion",2014-05-28,"Anant Shrivastava",php,webapps,0 39252,platforms/php/webapps/39252.txt,"WordPress WP Rss Poster Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 39253,platforms/php/webapps/39253.txt,"WordPress ENL Newsletter Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 @@ -35498,9 +35498,9 @@ id,file,description,date,author,platform,type,port 39258,platforms/multiple/remote/39258.txt,"Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0 39259,platforms/multiple/remote/39259.txt,"Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0 39260,platforms/windows/local/39260.txt,"WEG SuperDrive G2 12.0.0 - Insecure File Permissions",2016-01-18,LiquidWorm,windows,local,0 -39261,platforms/php/webapps/39261.txt,"Advanced Electron Forum 1.0.9 - CSRF",2016-01-18,hyp3rlinx,php,webapps,80 +39261,platforms/php/webapps/39261.txt,"Advanced Electron Forum 1.0.9 - Cross-site Request Forgery",2016-01-18,hyp3rlinx,php,webapps,80 39262,platforms/php/webapps/39262.txt,"Advanced Electron Forum 1.0.9 - Persistent XSS",2016-01-18,hyp3rlinx,php,webapps,80 -39263,platforms/php/webapps/39263.txt,"Advanced Electron Forum 1.0.9 - RFI / CSRF",2016-01-18,hyp3rlinx,php,webapps,80 +39263,platforms/php/webapps/39263.txt,"Advanced Electron Forum 1.0.9 - RFI / Cross-site Request Forgery",2016-01-18,hyp3rlinx,php,webapps,80 39455,platforms/multiple/remote/39455.txt,"Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers",2016-02-17,LiquidWorm,multiple,remote,0 39371,platforms/osx/dos/39371.c,"OS X - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 39372,platforms/osx/dos/39372.c,"OS X - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 @@ -35527,7 +35527,7 @@ id,file,description,date,author,platform,type,port 39287,platforms/php/webapps/39287.txt,"WordPress WP Content Source Control Plugin - 'download.php' Directory Traversal",2014-08-19,"Henri Salo",php,webapps,0 39288,platforms/multiple/webapps/39288.txt,"ManageEngine Password Manager Pro and ManageEngine IT360 - SQL Injection",2014-08-20,"Pedro Ribeiro",multiple,webapps,0 39289,platforms/php/webapps/39289.txt,"ArticleFR - 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 -39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module - Cross-Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 +39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module - Cross-site Request Forgery",2014-08-22,Vagineer,php,webapps,0 39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 - Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39293,platforms/multiple/remote/39293.pl,"Granding MA300 - Weak Pin Encryption Brute-force Weakness",2014-08-26,"Eric Sesterhenn",multiple,remote,0 @@ -35540,8 +35540,8 @@ id,file,description,date,author,platform,type,port 39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 -39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin - Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 -39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin - Cross-site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 - Error Processing",2016-01-25,ptsecurity,freebsd,dos,0 39306,platforms/php/webapps/39306.html,"pfSense Firewall 2.2.5 - Config File CSRF",2016-01-25,"Aatif Shahdad",php,webapps,443 39375,platforms/osx/dos/39375.c,"OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 @@ -35550,7 +35550,7 @@ id,file,description,date,author,platform,type,port 39310,platforms/windows/local/39310.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39311,platforms/windows/local/39311.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39312,platforms/lin_x86-64/shellcode/39312.c,"Linux/x86-64 - xor/not/div Encoded execve Shellcode (54 bytes)",2016-01-25,"Sathish kumar",lin_x86-64,shellcode,0 -39313,platforms/php/webapps/39313.txt,"Food Order Portal - 'admin_user_delete.php' Cross-Site Request Forgery",2014-09-12,KnocKout,php,webapps,0 +39313,platforms/php/webapps/39313.txt,"Food Order Portal - 'admin_user_delete.php' Cross-site Request Forgery",2014-09-12,KnocKout,php,webapps,0 39314,platforms/hardware/remote/39314.c,"Aztech Modem Routers - Information Disclosure",2014-09-15,"Eric Fajardo",hardware,remote,0 39315,platforms/hardware/dos/39315.pl,"Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service",2014-09-15,"Federick Joe P Fajardo",hardware,dos,0 39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers - Session Hijacking",2014-09-15,"Eric Fajardo",hardware,remote,0 @@ -35617,7 +35617,7 @@ id,file,description,date,author,platform,type,port 39381,platforms/osx/dos/39381.c,"OS X - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 39382,platforms/multiple/webapps/39382.txt,"SAP HANA 1.00.095 - hdbindexserver Memory Corruption",2016-01-28,ERPScan,multiple,webapps,0 39383,platforms/lin_x86-64/shellcode/39383.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic shellcode (1) (122 bytes)",2016-01-29,"Sathish kumar",lin_x86-64,shellcode,0 -39384,platforms/php/webapps/39384.txt,"WordPress Simple Add Pages or Posts Plugin 1.6 - CSRF",2016-01-29,ALIREZA_PROMIS,php,webapps,0 +39384,platforms/php/webapps/39384.txt,"WordPress Simple Add Pages or Posts Plugin 1.6 - Cross-site Request Forgery",2016-01-29,ALIREZA_PROMIS,php,webapps,0 39385,platforms/php/webapps/39385.txt,"ProjectSend r582 - Multiple Vulnerabilities",2016-01-29,"Filippo Cavallarin",php,webapps,80 39387,platforms/php/webapps/39387.py,"iScripts EasyCreate 3.0 - Remote Code Execution Exploit",2016-02-01,"Bikramaditya Guha",php,webapps,80 39388,platforms/lin_x86-64/shellcode/39388.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic shellcode (2) (135 bytes)",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0 @@ -35630,27 +35630,27 @@ id,file,description,date,author,platform,type,port 39396,platforms/windows/dos/39396.txt,"WPS Office < 2016 - .doc OneTableDocumentStream Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 39397,platforms/windows/dos/39397.txt,"WPS Office < 2016 - .ppt drawingContainer Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 39398,platforms/windows/dos/39398.txt,"WPS Office < 2016 - .xls Heap Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 -39399,platforms/multiple/webapps/39399.txt,"Manage Engine Network Configuration Manager Build 11000 - CSRF",2016-02-02,"Kaustubh G. Padwad",multiple,webapps,0 +39399,platforms/multiple/webapps/39399.txt,"Manage Engine Network Configuration Manager Build 11000 - Cross-site Request Forgery",2016-02-02,"Kaustubh G. Padwad",multiple,webapps,0 39400,platforms/windows/dos/39400.pl,"Toshiba Viewer v2 p3console - Local Denial of Service",2016-02-02,JaMbA,windows,dos,0 39401,platforms/multiple/dos/39401.txt,"pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free",2016-02-02,"Google Security Research",multiple,dos,0 39402,platforms/jsp/webapps/39402.txt,"eClinicalWorks (CCMR) - Multiple Vulnerabilities",2016-02-02,"Jerold Hoong",jsp,webapps,80 39403,platforms/windows/dos/39403.py,"Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow",2016-02-03,LiquidWorm,windows,dos,0 -39404,platforms/php/webapps/39404.txt,"Timeclock Software 0.995 - Multiple SQL Injection",2016-02-03,Benetrix,php,webapps,80 +39404,platforms/php/webapps/39404.txt,"Timeclock Software 0.995 - Multiple SQL Injections",2016-02-03,Benetrix,php,webapps,80 39405,platforms/jsp/webapps/39405.py,"Jive Forums 5.5.25 - Directory Traversal",2016-02-03,ZhaoHuAn,jsp,webapps,80 39406,platforms/linux/dos/39406.py,"yTree 1.94-1.1 - Local Buffer Overflow",2016-02-03,"Juan Sacco",linux,dos,0 -39407,platforms/hardware/webapps/39407.txt,"Viprinet Multichannel VPN Router 300 - Stored XSS",2016-02-03,Portcullis,hardware,webapps,0 +39407,platforms/hardware/webapps/39407.txt,"Viprinet Multichannel VPN Router 300 - Persistent Cross-site Scripting",2016-02-03,Portcullis,hardware,webapps,0 39408,platforms/hardware/webapps/39408.txt,"GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 39409,platforms/hardware/webapps/39409.txt,"DLink DVG­N5402SP - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 39410,platforms/php/webapps/39410.txt,"WordPress User Meta Manager Plugin 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",php,webapps,80 39411,platforms/php/webapps/39411.txt,"WordPress User Meta Manager Plugin 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",php,webapps,80 39412,platforms/hardware/webapps/39412.txt,"NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities",2016-02-04,"Pedro Ribeiro",hardware,webapps,0 39413,platforms/php/webapps/39413.txt,"UliCMS v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",php,webapps,80 -39414,platforms/php/webapps/39414.txt,"OpenDocMan 1.3.4 - CSRF",2016-02-04,"Curesec Research Team",php,webapps,80 +39414,platforms/php/webapps/39414.txt,"OpenDocMan 1.3.4 - Cross-site Request Forgery",2016-02-04,"Curesec Research Team",php,webapps,80 39415,platforms/php/webapps/39415.txt,"ATutor 2.2 - Multiple XSS Vulnerabilities",2016-02-04,"Curesec Research Team",php,webapps,80 -39416,platforms/php/webapps/39416.txt,"Symphony CMS 2.6.3 - Multiple SQL Injection",2016-02-04,"Sachin Wagh",php,webapps,80 +39416,platforms/php/webapps/39416.txt,"Symphony CMS 2.6.3 - Multiple SQL Injections",2016-02-04,"Sachin Wagh",php,webapps,80 39417,platforms/windows/local/39417.py,"FTPShell Client 5.24 - (Create NewFolder) Local Buffer Overflow",2016-02-04,"Arash Khazaei",windows,local,0 39418,platforms/java/webapps/39418.txt,"Solr 3.5.0 - Arbitrary Data Deletion",2016-02-08,N37,java,webapps,0 -39419,platforms/multiple/webapps/39419.txt,"dotDefender Firewall 5.00.12865 / 5.13-13282 - CSRF",2016-02-08,hyp3rlinx,multiple,webapps,0 +39419,platforms/multiple/webapps/39419.txt,"dotDefender Firewall 5.00.12865 / 5.13-13282 - Cross-site Request Forgery",2016-02-08,hyp3rlinx,multiple,webapps,0 39420,platforms/php/webapps/39420.txt,"WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure",2016-02-08,"Panagiotis Vagenas",php,webapps,80 39421,platforms/php/webapps/39421.py,"WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation",2016-02-08,"Panagiotis Vagenas",php,webapps,80 39422,platforms/php/webapps/39422.py,"WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 @@ -35679,9 +35679,9 @@ id,file,description,date,author,platform,type,port 39448,platforms/php/webapps/39448.txt,"Tiny Tiny RSS - Blind SQL Injection",2016-02-15,"Kacper Szurek",php,webapps,80 39449,platforms/multiple/webapps/39449.txt,"ManageEngine OPutils 8.0 - Multiple Vulnerabilities",2016-02-16,"Kaustubh G. Padwad",multiple,webapps,0 39450,platforms/multiple/webapps/39450.txt,"ManageEngine Network Configuration Management Build 11000 - Privilege Escalation",2016-02-16,"Kaustubh G. Padwad",multiple,webapps,0 -39451,platforms/php/webapps/39451.txt,"WordPress ALO EasyMail Newsletter Plugin 2.6.01 - CSRF",2016-02-16,"Mohsen Lotfi",php,webapps,80 +39451,platforms/php/webapps/39451.txt,"WordPress ALO EasyMail Newsletter Plugin 2.6.01 - Cross-site Request Forgery",2016-02-16,"Mohsen Lotfi",php,webapps,80 39452,platforms/windows/dos/39452.txt,"CyberCop Scanner Smbgrind 5.5 - Buffer Overflow",2016-02-16,hyp3rlinx,windows,dos,0 -39453,platforms/php/webapps/39453.txt,"phpMyBackupPro 2.5 - Remote Command Execution / CSRF",2016-02-16,hyp3rlinx,php,webapps,0 +39453,platforms/php/webapps/39453.txt,"phpMyBackupPro 2.5 - Remote Command Execution / Cross-site Request Forgery",2016-02-16,hyp3rlinx,php,webapps,0 39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack-Based Buffer Overflow",2016-02-16,"Google Security Research",linux,dos,0 39456,platforms/multiple/webapps/39456.rb,"JMX2 Email Tester - (save_email.php) Web Shell Upload",2016-02-17,HaHwul,multiple,webapps,0 39459,platforms/php/webapps/39459.txt,"Redaxo CMS 5.0.0 - Multiple Vulnerabilities",2016-02-17,"LSE Leading Security Experts GmbH",php,webapps,80 @@ -35695,12 +35695,12 @@ id,file,description,date,author,platform,type,port 39466,platforms/multiple/dos/39466.txt,"Adobe Flash - H264 File Stack Corruption",2016-02-17,"Google Security Research",multiple,dos,0 39467,platforms/multiple/dos/39467.txt,"Adobe Flash - BitmapData.drawWithQuality Heap Overflow",2016-02-17,"Google Security Research",multiple,dos,0 39468,platforms/php/webapps/39468.txt,"Vesta Control Panel 0.9.8-15 - Persistent XSS",2016-02-18,"Necmettin COSKUN",php,webapps,0 -39469,platforms/php/webapps/39469.txt,"DirectAdmin 1.491 - CSRF",2016-02-18,"Necmettin COSKUN",php,webapps,0 +39469,platforms/php/webapps/39469.txt,"DirectAdmin 1.491 - Cross-site Request Forgery",2016-02-18,"Necmettin COSKUN",php,webapps,0 39470,platforms/windows/dos/39470.py,"XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS",2016-02-19,"Pawan Lal",windows,dos,0 39471,platforms/windows/dos/39471.txt,"STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS)",2016-02-19,"Shantanu Khandelwal",windows,dos,0 39472,platforms/windows/dos/39472.txt,"STIMS Cutter 1.1.3.20 - Buffer Overflow DoS",2016-02-19,"Shantanu Khandelwal",windows,dos,0 39473,platforms/php/webapps/39473.txt,"Chamilo LMS IDOR - (messageId) Delete POST Inject",2016-02-19,Vulnerability-Lab,php,webapps,0 -39474,platforms/php/webapps/39474.txt,"Chamilo LMS - Persistent Cross-Site Scripting",2016-02-19,Vulnerability-Lab,php,webapps,0 +39474,platforms/php/webapps/39474.txt,"Chamilo LMS - Persistent Cross-site Scripting",2016-02-19,Vulnerability-Lab,php,webapps,0 39475,platforms/windows/dos/39475.py,"QuickHeal 16.00 - webssx.sys Driver DoS",2016-02-19,"Fitzl Csaba",windows,dos,0 39476,platforms/multiple/dos/39476.txt,"Adobe Flash - SimpleButton Creation Type Confusion",2016-02-19,"Google Security Research",multiple,dos,0 39477,platforms/windows/webapps/39477.txt,"ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities",2016-02-19,"Sachin Wagh",windows,webapps,8500 @@ -35713,7 +35713,7 @@ id,file,description,date,author,platform,type,port 39485,platforms/asp/webapps/39485.txt,"Thru Managed File Transfer Portal 9.0.2 - SQL Injection",2016-02-22,"SySS GmbH",asp,webapps,80 39486,platforms/windows/webapps/39486.txt,"Dell OpenManage Server Administrator 8.2 - Authenticated Directory Traversal",2016-02-23,hantwister,windows,webapps,0 39487,platforms/multiple/dos/39487.py,"libquicktime 1.2.4 - Integer Overflow",2016-02-23,"Marco Romano",multiple,dos,0 -39488,platforms/json/webapps/39488.txt,"Ubiquiti Networks UniFi 3.2.10 - CSRF",2016-02-23,"Julien Ahrens",json,webapps,8443 +39488,platforms/json/webapps/39488.txt,"Ubiquiti Networks UniFi 3.2.10 - Cross-site Request Forgery",2016-02-23,"Julien Ahrens",json,webapps,8443 39489,platforms/php/webapps/39489.py,"WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation",2016-02-24,"Panagiotis Vagenas",php,webapps,80 39490,platforms/multiple/dos/39490.txt,"Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow",2016-02-24,"Google Security Research",multiple,dos,0 39491,platforms/linux/dos/39491.txt,"libxml2 - xmlDictAddString Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 @@ -35725,14 +35725,14 @@ id,file,description,date,author,platform,type,port 39497,platforms/ashx/webapps/39497.txt,"Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities",2016-02-26,LiquidWorm,ashx,webapps,0 39498,platforms/php/webapps/39498.txt,"WordPress Ocim MP3 Plugin - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 39499,platforms/linux/remote/39499.txt,"Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit",2016-02-26,Sysdream,linux,remote,0 -39500,platforms/linux/webapps/39500.txt,"Zimbra 8.0.9 GA - CSRF",2016-02-26,Sysdream,linux,webapps,443 +39500,platforms/linux/webapps/39500.txt,"Zimbra 8.0.9 GA - Cross-site Request Forgery",2016-02-26,Sysdream,linux,webapps,443 39501,platforms/php/webapps/39501.txt,"Centreon 2.5.3 - Remote Command Execution",2016-02-26,Sysdream,php,webapps,0 39502,platforms/linux/dos/39502.py,"GpicView 0.2.5 - Crash PoC",2016-02-26,"David Silveiro",linux,dos,0 39503,platforms/multiple/dos/39503.txt,"Wireshark - print_hex_data_buffer / print_packet Use-After-Free",2016-02-26,"Google Security Research",multiple,dos,0 39504,platforms/android/dos/39504.c,"Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow",2016-02-26,"Google Security Research",android,dos,0 39505,platforms/linux/dos/39505.c,"Linux io_submit L2TP sendmsg - Integer Overflow",2016-02-26,"Google Security Research",linux,dos,0 39506,platforms/php/webapps/39506.txt,"JSN PowerAdmin Joomla! Extension 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 -39507,platforms/php/webapps/39507.txt,"WordPress More Fields 2.1 Plugin - CSRF",2016-02-29,"Aatif Shahdad",php,webapps,80 +39507,platforms/php/webapps/39507.txt,"WordPress More Fields 2.1 Plugin - Cross-site Request Forgery",2016-02-29,"Aatif Shahdad",php,webapps,80 39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - SHFolder.DLL Local Privilege Elevation Exploit",2016-02-29,Laughing_Mantis,windows,local,0 39509,platforms/windows/dos/39509.txt,"Crouzet em4 soft 1.1.04 - .pm4 Integer Division By Zero",2016-03-01,LiquidWorm,windows,dos,0 39510,platforms/windows/local/39510.txt,"Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions",2016-03-01,LiquidWorm,windows,local,0 @@ -35783,7 +35783,7 @@ id,file,description,date,author,platform,type,port 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80 39560,platforms/windows/dos/39560.txt,"Windows Kernel - ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39561,platforms/windows/dos/39561.txt,"Windows Kernel - ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 -39562,platforms/windows/dos/39562.html,"Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)",2016-03-14,"Google Security Research",windows,dos,0 +39562,platforms/windows/dos/39562.html,"Microsoft Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)",2016-03-14,"Google Security Research",windows,dos,0 39564,platforms/perl/webapps/39564.txt,"AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection",2016-03-16,BrianWGray,perl,webapps,443 39565,platforms/windows/dos/39565.txt,"Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow",2016-03-16,LiquidWorm,windows,dos,0 39626,platforms/multiple/webapps/39626.txt,"Liferay Portal 5.1.2 - Persistent XSS",2016-03-28,"Sarim Kiani",multiple,webapps,80 @@ -35804,8 +35804,8 @@ id,file,description,date,author,platform,type,port 39583,platforms/php/webapps/39583.txt,"Xoops 2.5.7.2 - Directory Traversal Bypass",2016-03-21,hyp3rlinx,php,webapps,80 39584,platforms/php/webapps/39584.txt,"WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure",2016-03-21,AMAR^SHG,php,webapps,80 39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit",2016-03-21,"Paul Purcell",windows,remote,80 -39586,platforms/php/webapps/39586.txt,"Dating Pro Genie 2015.7 - CSRF",2016-03-21,"High-Tech Bridge SA",php,webapps,80 -39587,platforms/php/webapps/39587.txt,"iTop 2.2.1 - CSRF",2016-03-21,"High-Tech Bridge SA",php,webapps,80 +39586,platforms/php/webapps/39586.txt,"Dating Pro Genie 2015.7 - Cross-site Request Forgery",2016-03-21,"High-Tech Bridge SA",php,webapps,80 +39587,platforms/php/webapps/39587.txt,"iTop 2.2.1 - Cross-site Request Forgery",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39588,platforms/php/webapps/39588.txt,"ProjectSend r582 - Multiple XSS Vulnerabilities",2016-03-21,"Michael Helwig",php,webapps,80 39589,platforms/php/webapps/39589.txt,"WordPress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80 39590,platforms/php/webapps/39590.txt,"Joomla Easy Youtube Gallery 1.0.2 - SQL Injection",2016-03-22,"Persian Hack Team",php,webapps,80 @@ -35817,7 +35817,7 @@ id,file,description,date,author,platform,type,port 39596,platforms/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,hardware,remote,0 39597,platforms/multiple/webapps/39597.txt,"MiCollab 7.0 - SQL Injection",2016-03-23,"Goran Tuzovic",multiple,webapps,80 39621,platforms/php/webapps/39621.txt,"WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 -39622,platforms/hardware/webapps/39622.txt,"Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF",2016-03-27,hyp3rlinx,hardware,webapps,80 +39622,platforms/hardware/webapps/39622.txt,"Trend Micro Deep Discovery Inspector 3.8/3.7 - Cross-site Request Forgery",2016-03-27,hyp3rlinx,hardware,webapps,80 39599,platforms/windows/remote/39599.txt,"Comodo Antivirus - Forwards Emulated API Calls to the Real API During Scans",2016-03-23,"Google Security Research",windows,remote,0 39600,platforms/windows/dos/39600.txt,"Avira - Heap Underflow Parsing PE Section Headers",2016-03-23,"Google Security Research",windows,dos,0 39601,platforms/windows/dos/39601.txt,"Comodo - PackMan Unpacker Insufficient Parameter Validation",2016-03-23,"Google Security Research",windows,dos,0 @@ -35853,7 +35853,7 @@ id,file,description,date,author,platform,type,port 39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap-Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 - Directory Traversal / Remote Code Execution",2016-03-30,Metasploit,php,remote,80 39640,platforms/android/remote/39640.txt,"Metaphor - Stagefright Exploit with ASLR Bypass",2016-03-30,NorthBit,android,remote,0 -39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - CSRF Add Admin Exploit",2016-03-31,LiquidWorm,hardware,webapps,80 +39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - CSRF (Add Admin) Exploit",2016-03-31,LiquidWorm,hardware,webapps,80 39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - ZIP File path Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 39643,platforms/java/remote/39643.rb,"Apache Jetspeed - Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 @@ -35871,7 +35871,7 @@ id,file,description,date,author,platform,type,port 39656,platforms/multiple/local/39656.py,"Hexchat IRC Client 2.11.0 - Directory Traversal",2016-04-04,PizzaHatHacker,multiple,local,0 39657,platforms/multiple/dos/39657.py,"Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow",2016-04-04,PizzaHatHacker,multiple,dos,0 39659,platforms/hardware/webapps/39659.txt,"PQI Air Pen Express 6W51-0000R2 / 6W51-0000R2XXX - Multiple Vulnerabilities",2016-04-04,Orwelllabs,hardware,webapps,0 -39663,platforms/windows/dos/39663.html,"Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)",2016-04-05,"Google Security Research",windows,dos,0 +39663,platforms/windows/dos/39663.html,"Microsoft Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)",2016-04-05,"Google Security Research",windows,dos,0 39664,platforms/jsp/webapps/39664.txt,"ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities",2016-04-05,S3ba,jsp,webapps,7272 39666,platforms/windows/local/39666.txt,"Windows Kernel - Win32k.sys Privilege Escalation Exploit (MS14-058)",2016-04-05,"MWR InfoSecurity",windows,local,0 39667,platforms/jsp/webapps/39667.txt,"Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities",2016-04-06,LiquidWorm,jsp,webapps,80 @@ -35884,8 +35884,8 @@ id,file,description,date,author,platform,type,port 39674,platforms/windows/local/39674.py,"Express Zip 2.40 - Path Traversal",2016-04-08,R-73eN,windows,local,0 39675,platforms/osx/local/39675.c,"Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation",2016-04-08,"Piotr Bania",osx,local,0 39676,platforms/php/webapps/39676.txt,"op5 7.1.9 - Remote Command Execution",2016-04-08,hyp3rlinx,php,webapps,443 -39677,platforms/hardware/webapps/39677.html,"Hikvision Digital Video Recorder - Cross-Site Request Forgery",2016-04-11,LiquidWorm,hardware,webapps,80 -39678,platforms/php/webapps/39678.txt,"WPN-XM Serverstack 0.8.6 - Cross-Site Request Forgery",2016-04-11,hyp3rlinx,php,webapps,80 +39677,platforms/hardware/webapps/39677.html,"Hikvision Digital Video Recorder - Cross-site Request Forgery",2016-04-11,LiquidWorm,hardware,webapps,80 +39678,platforms/php/webapps/39678.txt,"WPN-XM Serverstack 0.8.6 - Cross-site Request Forgery",2016-04-11,hyp3rlinx,php,webapps,80 39679,platforms/php/webapps/39679.txt,"OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution",2016-04-11,"Naser Farhadi",php,webapps,80 39680,platforms/windows/local/39680.txt,"CAM UnZip 5.1 - Archive Path Traversal",2016-04-11,hyp3rlinx,windows,local,0 39968,platforms/windows/webapps/39968.txt,"Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal",2016-06-16,LiquidWorm,windows,webapps,1947 @@ -35903,8 +35903,8 @@ id,file,description,date,author,platform,type,port 39695,platforms/php/webapps/39695.txt,"pfSense Firewall 2.2.6 - Services CSRF",2016-04-14,"Aatif Shahdad",php,webapps,443 39696,platforms/hardware/webapps/39696.txt,"Brickcom Corporation Network Cameras - Multiple Vulnerabilities",2016-04-14,Orwelllabs,hardware,webapps,80 39697,platforms/php/webapps/39697.txt,"PHPmongoDB 1.0.0 - Multiple Vulnerabilities",2016-04-14,"Ozer Goker",php,webapps,80 -39698,platforms/windows/remote/39698.html,"Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)",2016-04-14,"Ashfaq Ansari",windows,remote,0 -39699,platforms/windows/dos/39699.html,"Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use-After-Free",2016-04-15,"Marcin Ressel",windows,dos,0 +39698,platforms/windows/remote/39698.html,"Microsoft Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)",2016-04-14,"Ashfaq Ansari",windows,remote,0 +39699,platforms/windows/dos/39699.html,"Microsoft Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use-After-Free",2016-04-15,"Marcin Ressel",windows,dos,0 39700,platforms/lin_x86-64/shellcode/39700.c,"Linux/x86-64 - Read /etc/passwd shellcode (65 bytes)",2016-04-15,"Ajith Kp",lin_x86-64,shellcode,0 39701,platforms/cgi/webapps/39701.txt,"AirOS 6.x - Arbitrary File Upload",2016-04-15,93c08539,cgi,webapps,443 39702,platforms/linux/local/39702.rb,"Exim - 'perl_startup' Privilege Escalation",2016-04-15,Metasploit,linux,local,0 @@ -35912,7 +35912,7 @@ id,file,description,date,author,platform,type,port 39704,platforms/php/webapps/39704.txt,"WordPress leenk.me Plugin 2.5.0 - CSRF/XSS",2016-04-18,cor3sm4sh3r,php,webapps,80 39705,platforms/php/webapps/39705.txt,"WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS",2016-04-18,cor3sm4sh3r,php,webapps,80 39706,platforms/hardware/dos/39706.txt,"TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials",2016-04-18,DLY,hardware,dos,0 -39707,platforms/php/webapps/39707.txt,"Webutler CMS 3.2 - Cross-Site Request Forgery",2016-04-18,"Keerati T.",php,webapps,80 +39707,platforms/php/webapps/39707.txt,"Webutler CMS 3.2 - Cross-site Request Forgery",2016-04-18,"Keerati T.",php,webapps,80 39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated File Upload",2016-04-18,Metasploit,multiple,remote,80 39709,platforms/php/webapps/39709.txt,"pfSense Community Edition 2.2.6 - Multiple Vulnerabilities",2016-04-18,Security-Assessment.com,php,webapps,443 39710,platforms/php/webapps/39710.txt,"modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection",2016-04-19,"Felix Maduakor",php,webapps,80 @@ -35934,20 +35934,20 @@ id,file,description,date,author,platform,type,port 39727,platforms/windows/local/39727.txt,"CompuSource Systems - Real Time Home Banking - Local Privilege Escalation",2016-04-25,"Information Paradox",windows,local,0 39728,platforms/lin_x86-64/shellcode/39728.py,"Linux/x86-64 - Bind Shell Shellcode (Generator)",2016-04-25,"Ajith Kp",lin_x86-64,shellcode,0 39729,platforms/win_x86/remote/39729.rb,"PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit)",2016-04-25,"Jonathan Smith",win_x86,remote,21 -39730,platforms/ruby/webapps/39730.txt,"NationBuilder - Multiple Stored XSS Vulnerabilities",2016-04-25,LiquidWorm,ruby,webapps,443 +39730,platforms/ruby/webapps/39730.txt,"NationBuilder - Multiple Persistent Cross-site Scripting Vulnerabilities",2016-04-25,LiquidWorm,ruby,webapps,443 39731,platforms/windows/shellcode/39731.c,"Windows - Primitive Keylogger to File Null Free Shellcode (431 (0x01AF) bytes)",2016-04-25,Fugu,windows,shellcode,0 39733,platforms/linux/dos/39733.py,"Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC",2016-04-25,"David Silveiro",linux,dos,0 39734,platforms/linux/local/39734.py,"Yasr Screen Reader 0.6.9 - Local Buffer Overflow",2016-04-26,"Juan Sacco",linux,local,0 39735,platforms/windows/remote/39735.rb,"Advantech WebAccess Dashboard Viewer - Arbitrary File Upload",2016-04-26,Metasploit,windows,remote,80 39736,platforms/linux/remote/39736.txt,"libgd 2.1.1 - Signedness Heap Overflow",2016-04-26,"Hans Jerry Illikainen",linux,remote,0 39737,platforms/php/webapps/39737.txt,"ImpressCMS 1.3.9 - SQL Injection",2016-04-26,"Manuel García Cárdenas",php,webapps,80 -39738,platforms/multiple/webapps/39738.html,"EMC ViPR SRM - Cross-Site Request Forgery",2016-04-27,"Han Sahin",multiple,webapps,58080 +39738,platforms/multiple/webapps/39738.html,"EMC ViPR SRM - Cross-site Request Forgery",2016-04-27,"Han Sahin",multiple,webapps,58080 39739,platforms/hardware/webapps/39739.py,"Multiple Vendors (RomPager 4.34) - Misfortune Cookie Router Authentication Bypass",2016-04-27,"Milad Doorbash",hardware,webapps,0 39740,platforms/windows/dos/39740.cpp,"Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)",2016-04-27,"Google Security Research",windows,dos,0 39741,platforms/osx/local/39741.txt,"Mach Race OS X - Local Privilege Escalation Exploit",2016-04-27,fG!,osx,local,0 39742,platforms/php/remote/39742.txt,"PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow",2016-04-28,"Hans Jerry Illikainen",php,remote,0 39743,platforms/windows/dos/39743.txt,"Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)",2016-04-28,"Google Security Research",windows,dos,0 -39744,platforms/php/webapps/39744.html,"Observium 0.16.7533 - Cross-Site Request Forgery",2016-04-29,"Dolev Farhi",php,webapps,80 +39744,platforms/php/webapps/39744.html,"Observium 0.16.7533 - Cross-site Request Forgery",2016-04-29,"Dolev Farhi",php,webapps,80 39745,platforms/php/webapps/39745.txt,"Observium 0.16.7533 - Authenticated Arbitrary Command Execution",2016-04-29,"Dolev Farhi",php,webapps,80 39746,platforms/cgi/webapps/39746.txt,"Merit Lilin IP Cameras - Multiple Vulnerabilities",2016-04-29,Orwelllabs,cgi,webapps,80 39747,platforms/linux/dos/39747.py,"Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash",2016-04-29,"David Silveiro",linux,dos,0 @@ -35963,7 +35963,7 @@ id,file,description,date,author,platform,type,port 39758,platforms/lin_x86-64/shellcode/39758.c,"Linux/x86-64 - Bind 1472/TCP shellcode (IPv6) (199 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 39759,platforms/php/webapps/39759.txt,"Alibaba Clone B2B Script - Admin Authentication Bypass",2016-05-04,"Meisam Monsef",php,webapps,80 39760,platforms/php/webapps/39760.txt,"CMS Made Simple < 2.1.3 / < 1.12.1 - Web Server Cache Poisoning",2016-05-04,"Mickaël Walter",php,webapps,80 -39761,platforms/php/webapps/39761.txt,"Acunetix WP Security Plugin 3.0.3 - XSS",2016-05-04,"Johto Robbie",php,webapps,80 +39761,platforms/php/webapps/39761.txt,"Acunetix WP Security Plugin 3.0.3 - Cross-site Scripting",2016-05-04,"Johto Robbie",php,webapps,80 39762,platforms/cgi/webapps/39762.txt,"NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities",2016-05-04,"Bhadresh Patel",cgi,webapps,80 39763,platforms/lin_x86-64/shellcode/39763.c,"Linux/x86-64 - Reverse TCP shellcode (IPv6) (203 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 39764,platforms/linux/local/39764.py,"TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow",2016-05-04,"Juan Sacco",linux,local,0 @@ -36078,18 +36078,18 @@ id,file,description,date,author,platform,type,port 39877,platforms/multiple/dos/39877.txt,"Wireshark - erf_meta_read_tag SIGSEGV",2016-06-01,"Google Security Research",multiple,dos,0 39965,platforms/php/webapps/39965.txt,"Tiki-Wiki CMS Calendar 14.2 / 12.5 LTS / 9.11 LTS / 6.15 - Remote Code Execution",2016-06-16,"Dany Ouellet",php,webapps,80 39879,platforms/php/webapps/39879.txt,"Joomla SecurityCheck Extension 2.8.9 - Multiple Vulnerabilities",2016-06-02,"ADEO Security",php,webapps,80 -39880,platforms/jsp/webapps/39880.txt,"Liferay CE < 6.2 CE GA6 - Stored XSS",2016-06-02,"Fernando Câmara",jsp,webapps,0 +39880,platforms/jsp/webapps/39880.txt,"Liferay CE < 6.2 CE GA6 - Persistent Cross-site Scripting",2016-06-02,"Fernando Câmara",jsp,webapps,0 39881,platforms/php/webapps/39881.txt,"Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload",2016-06-02,"RedTeam Pentesting GmbH",php,webapps,80 39882,platforms/multiple/dos/39882.txt,"Websockify (C Implementation) 0.8.0 - Buffer Overflow",2016-06-02,"RedTeam Pentesting GmbH",multiple,dos,0 -39884,platforms/php/webapps/39884.html,"Dream Gallery 1.0 - CSRF Add Admin Exploit",2016-06-06,"Ali Ghanbari",php,webapps,80 +39884,platforms/php/webapps/39884.html,"Dream Gallery 1.0 - CSRF (Add Admin Exploit)",2016-06-06,"Ali Ghanbari",php,webapps,80 39885,platforms/multiple/shellcode/39885.c,"Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)",2016-06-06,odzhancode,multiple,shellcode,0 39886,platforms/java/webapps/39886.txt,"Apache Continuum 1.4.2 - Multiple Vulnerabilities",2016-06-06,"David Shanahan",java,webapps,0 39887,platforms/cgi/webapps/39887.txt,"Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - ShellShock Exploit",2016-06-06,lastc0de,cgi,webapps,80 39888,platforms/windows/local/39888.txt,"Valve Steam 3.42.16.13 - Local Privilege Escalation",2016-06-06,"Gregory Smiley",windows,local,0 -39889,platforms/php/webapps/39889.html,"ArticleSetup 1.00 - CSRF Change Admin Password",2016-06-06,"Ali Ghanbari",php,webapps,80 +39889,platforms/php/webapps/39889.html,"ArticleSetup 1.00 - CSRF (Change Admin Password)",2016-06-06,"Ali Ghanbari",php,webapps,80 39890,platforms/php/webapps/39890.txt,"Electroweb Online Examination System 1.0 - SQL Injection",2016-06-06,"Ali Ghanbari",php,webapps,80 39891,platforms/php/webapps/39891.txt,"WordPress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload",2016-06-06,"Aaditya Purani",php,webapps,80 -39892,platforms/php/webapps/39892.php,"WordPress Creative Multi-Purpose Theme 9.1.3 - Stored XSS",2016-06-06,wp0Day.com,php,webapps,80 +39892,platforms/php/webapps/39892.php,"WordPress Creative Multi-Purpose Theme 9.1.3 - Persistent Cross-site Scripting",2016-06-06,wp0Day.com,php,webapps,80 39893,platforms/php/webapps/39893.php,"WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection",2016-06-06,wp0Day.com,php,webapps,80 39894,platforms/php/webapps/39894.php,"WordPress Newspaper Theme 6.7.1 - Privilege Escalation",2016-06-06,wp0Day.com,php,webapps,80 39895,platforms/php/webapps/39895.php,"WordPress Uncode Theme 1.3.1 - Arbitrary File Upload",2016-06-06,wp0Day.com,php,webapps,80 @@ -36108,9 +36108,9 @@ id,file,description,date,author,platform,type,port 39908,platforms/windows/local/39908.txt,"Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation",2016-06-10,"Roland C. Redl",windows,local,0 39909,platforms/xml/webapps/39909.rb,"Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit",2016-06-10,hantwister,xml,webapps,0 40047,platforms/php/webapps/40047.txt,"Phoenix Exploit Kit - Remote Code Execution",2016-07-01,CrashBandicot,php,webapps,80 -39911,platforms/php/webapps/39911.html,"Mobiketa 1.0 - CSRF Add Admin Exploit",2016-06-10,"Murat Yilmazlar",php,webapps,80 +39911,platforms/php/webapps/39911.html,"Mobiketa 1.0 - CSRF (Add) Admin Exploit",2016-06-10,"Murat Yilmazlar",php,webapps,80 39912,platforms/php/webapps/39912.html,"miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query",2016-06-10,HaHwul,php,webapps,80 -39913,platforms/php/webapps/39913.txt,"phpMyFAQ 2.9.0 - Stored XSS",2016-06-10,"Kacper Szurek",php,webapps,80 +39913,platforms/php/webapps/39913.txt,"phpMyFAQ 2.9.0 - Persistent Cross-site Scripting",2016-06-10,"Kacper Szurek",php,webapps,80 39914,platforms/win_x86/shellcode/39914.c,"Windows x86 - system(_systeminfo_) Shellcode (224 bytes)",2016-06-10,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 39915,platforms/windows/dos/39915.c,"Armadito Antimalware - Backdoor/Bypass",2016-06-10,Ax.,windows,dos,0 39916,platforms/windows/local/39916.txt,"Riot Games League of Legends - Insecure File Permissions Privilege Escalation",2016-06-10,"Cyril Vallicari",windows,local,0 @@ -36128,7 +36128,7 @@ id,file,description,date,author,platform,type,port 39928,platforms/osx/dos/39928.c,"OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2",2016-06-10,"Google Security Research",osx,dos,0 39929,platforms/multiple/dos/39929.c,"OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient",2016-06-10,"Google Security Research",multiple,dos,0 39930,platforms/osx/dos/39930.c,"OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver",2016-06-10,"Google Security Research",osx,dos,0 -39931,platforms/php/webapps/39931.txt,"FRticket Ticket System - Stored XSS",2016-06-13,"Hamit Abis",php,webapps,80 +39931,platforms/php/webapps/39931.txt,"FRticket Ticket System - Persistent Cross-site Scripting",2016-06-13,"Hamit Abis",php,webapps,80 39932,platforms/php/webapps/39932.html,"Viart Shopping Cart 5.0 - CSRF Shell Upload",2016-06-13,"Ali Ghanbari",php,webapps,80 39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - .m3u Exploit (Universal DEP + ASLR Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0 39934,platforms/php/webapps/39934.txt,"Dream Gallery 2.0 - Admin Panel Authentication Bypass",2016-06-13,"Ali BawazeEer",php,webapps,80 @@ -36145,8 +36145,8 @@ id,file,description,date,author,platform,type,port 39945,platforms/linux/remote/39945.rb,"Apache Continuum - Arbitrary Command Execution",2016-06-14,Metasploit,linux,remote,8080 39946,platforms/php/webapps/39946.php,"WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80 39947,platforms/windows/dos/39947.py,"Oracle Orakill.exe 11.2.0 - Buffer Overflow",2016-06-14,hyp3rlinx,windows,dos,0 -39948,platforms/php/webapps/39948.txt,"Ultrabenosaurus ChatBoard - Stored XSS",2016-06-15,HaHwul,php,webapps,80 -39949,platforms/php/webapps/39949.html,"Ultrabenosaurus ChatBoard - CSRF (Send Message)",2016-06-15,HaHwul,php,webapps,80 +39948,platforms/php/webapps/39948.txt,"Ultrabenosaurus ChatBoard - Persistent Cross-site Scripting",2016-06-15,HaHwul,php,webapps,80 +39949,platforms/php/webapps/39949.html,"Ultrabenosaurus ChatBoard - Cross-site Request Forgery (Send Message)",2016-06-15,HaHwul,php,webapps,80 39950,platforms/php/webapps/39950.txt,"w2wiki - Multiple XSS Vulnerabilities",2016-06-15,HaHwul,php,webapps,80 39951,platforms/hardware/webapps/39951.txt,"Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities",2016-06-15,LiquidWorm,hardware,webapps,80 39952,platforms/php/webapps/39952.txt,"Dokeos 2.2.1 - Blind SQL Injection",2016-06-15,Mormoroth,php,webapps,80 @@ -36161,9 +36161,9 @@ id,file,description,date,author,platform,type,port 39961,platforms/linux/dos/39961.txt,"Google Chrome - GPU Process MailboxManagerImpl Double-Read",2016-06-15,"Google Security Research",linux,dos,0 39962,platforms/hardware/webapps/39962.txt,"ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass",2016-06-16,i-Hmx,hardware,webapps,80 39963,platforms/php/webapps/39963.txt,"Roxy Fileman 1.4.4 - Arbitrary File Upload",2016-06-16,"Tyrell Sassen",php,webapps,80 -39964,platforms/php/webapps/39964.html,"SlimCMS 0.1 - CSRF (Change Admin Password)",2016-06-16,"Avinash Thapa",php,webapps,80 +39964,platforms/php/webapps/39964.html,"SlimCMS 0.1 - Cross-site Request Forgery (Change Admin Password)",2016-06-16,"Avinash Thapa",php,webapps,80 39969,platforms/php/webapps/39969.php,"WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload",2016-06-17,"Abk Khan",php,webapps,80 -39970,platforms/php/webapps/39970.txt,"Vicidial 2.11 - Scripts Stored XSS",2016-06-17,"David Silveiro",php,webapps,80 +39970,platforms/php/webapps/39970.txt,"Vicidial 2.11 - Scripts Persistent Cross-site Scripting",2016-06-17,"David Silveiro",php,webapps,80 39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Remote Command Execution (Shell Upload) on Windows Servers",2016-06-17,"Paolo Massenio",php,webapps,80 39972,platforms/php/webapps/39972.txt,"phpATM 1.32 - Multiple Vulnerabilities",2016-06-17,"Paolo Massenio",php,webapps,80 39973,platforms/linux/remote/39973.rb,"op5 7.1.9 - Configuration Command Execution",2016-06-17,Metasploit,linux,remote,443 @@ -36187,7 +36187,7 @@ id,file,description,date,author,platform,type,port 39991,platforms/windows/dos/39991.txt,"Windows Kernel - ATMFD.DLL NamedEscape 0x250C Pool Corruption (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 39992,platforms/linux/local/39992.txt,"Linux - ecryptfs and /proc/$pid/environ Privilege Escalation",2016-06-21,"Google Security Research",linux,local,0 39993,platforms/win_x86/dos/39993.txt,"Windows - Custom Font Disable Policy Bypass",2016-06-21,"Google Security Research",win_x86,dos,0 -39994,platforms/windows/dos/39994.html,"Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)",2016-06-21,Skylined,windows,dos,0 +39994,platforms/windows/dos/39994.html,"Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)",2016-06-21,Skylined,windows,dos,0 39995,platforms/java/webapps/39995.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - ctcprotocol Servlet XXE",2016-06-21,ERPScan,java,webapps,0 39996,platforms/java/webapps/39996.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal",2016-06-21,ERPScan,java,webapps,0 39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Mutiple Persistent XSS",2016-06-21,"David Silveiro",ruby,webapps,80 @@ -36203,14 +36203,14 @@ id,file,description,date,author,platform,type,port 40012,platforms/php/webapps/40012.txt,"WordPress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload",2016-06-27,"i0akiN SEC-LABORATORY",php,webapps,80 40013,platforms/php/webapps/40013.txt,"OPAC KpwinSQL - SQL Injection",2016-06-27,bRpsd,php,webapps,80 40014,platforms/hardware/dos/40014.txt,"Magnet Networks Tesley CPVA 642 Router - Weak WPA-PSK Passphrase Algorithm",2016-06-27,"Matt O'Connor",hardware,dos,0 -40015,platforms/php/webapps/40015.txt,"Codoforum 3.4 - Stored Cross-Site Scripting",2016-06-27,"Ahmed Sherif",php,webapps,80 +40015,platforms/php/webapps/40015.txt,"Codoforum 3.4 - Persistent Cross-site Scripting",2016-06-27,"Ahmed Sherif",php,webapps,80 40016,platforms/hardware/webapps/40016.txt,"Option CloudGate CG0192-11897 - Multiple Vulnerabilities",2016-06-27,LiquidWorm,hardware,webapps,80 40017,platforms/windows/local/40017.py,"MediaCoder 0.8.43.5830 - .m3u Buffer Overflow SEH Exploit",2016-06-27,"Sibusiso Sishi",windows,local,0 -40018,platforms/windows/local/40018.py,"VUPlayer 2.49 - (.m3u) Buffer Overflow Exploit (Win 7 DEP Bypass)",2016-06-27,secfigo,windows,local,0 +40018,platforms/windows/local/40018.py,"VUPlayer 2.49 - '.m3u' Buffer Overflow Exploit (Win 7 DEP Bypass)",2016-06-27,secfigo,windows,local,0 40019,platforms/php/webapps/40019.txt,"Kagao 3.0 - Multiple Vulnerabilities",2016-06-27,N4TuraL,php,webapps,80 40020,platforms/windows/local/40020.txt,"Panda Security Multiple Products - Privilege Escalation",2016-06-27,Security-Assessment.com,windows,local,0 40021,platforms/php/webapps/40021.php,"MyLittleForum 2.3.5 - PHP Command Injection",2016-06-27,hyp3rlinx,php,webapps,80 -40022,platforms/php/webapps/40022.txt,"iBilling 3.7.0 - Stored XSS / Reflected XSS",2016-06-27,"Bikramaditya Guha",php,webapps,80 +40022,platforms/php/webapps/40022.txt,"iBilling 3.7.0 - Persistent Cross-site Scripting / Reflected XSS",2016-06-27,"Bikramaditya Guha",php,webapps,80 40023,platforms/linux/local/40023.py,"PInfo 0.6.9-5.1 - Local Buffer Overflow",2016-06-27,"Juan Sacco",linux,local,0 40024,platforms/php/webapps/40024.txt,"BigTree CMS 4.2.11 - SQL Injection",2016-06-27,"Mehmet Ince",php,webapps,80 40025,platforms/linux/local/40025.py,"HNB 1.9.18-10 - Local Buffer Overflow",2016-06-27,"Juan Sacco",linux,local,0 @@ -36274,7 +36274,7 @@ id,file,description,date,author,platform,type,port 40113,platforms/linux/remote/40113.txt,"OpenSSHD 7.2p2 - User Enumeration",2016-07-18,"Eddie Harari",linux,remote,22 40114,platforms/php/webapps/40114.py,"vBulletin 5.x/4.x - Post-Auth Persistent XSS in AdminCP/ApiLog via xmlrpc API",2014-10-12,tintinweb,php,webapps,0 40115,platforms/php/webapps/40115.py,"vBulletin 4.x - Post-Auth SQLi in breadcrumbs via xmlrpc API",2014-10-12,tintinweb,php,webapps,0 -40118,platforms/windows/local/40118.txt,"Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0 +40118,platforms/windows/local/40118.txt,"Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0 40119,platforms/linux/remote/40119.md,"DropBearSSHD 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0 40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution and Escalate Privileges",2016-07-17,b0yd,hardware,remote,0 40182,platforms/arm/dos/40182.txt,"Linux ARM/ARM64 - perf_event_open() Arbitrary Memory Read",2016-07-29,"Google Security Research",arm,dos,0 @@ -36336,7 +36336,7 @@ id,file,description,date,author,platform,type,port 40184,platforms/multiple/dos/40184.html,"WebKit - TypedArray.copyWithin Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0 40185,platforms/php/webapps/40185.py,"PhpMyAdmin 4.6.2 - Post-Auth Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80 40189,platforms/php/webapps/40189.txt,"WordPress Booking Calendar Plugin 6.2 - SQL Injection",2016-08-01,"Edwin Molenaar",php,webapps,80 -40190,platforms/php/webapps/40190.txt,"WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80 +40190,platforms/php/webapps/40190.txt,"WordPress WP Live Chat Support Plugin 6.2.03 - Persistent Cross-site Scripting",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80 40191,platforms/php/webapps/40191.txt,"WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) CSRF",2016-08-01,"Yorick Koster",php,webapps,80 40192,platforms/windows/dos/40192.py,"Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC",2016-08-01,"Karn Ganeshen",windows,dos,0 40194,platforms/multiple/dos/40194.txt,"Wireshark 1.12.0-1.12.12 - NDS Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0 @@ -36351,7 +36351,7 @@ id,file,description,date,author,platform,type,port 40203,platforms/linux/local/40203.py,"zFTP Client 20061220 - (Connection Name) Local Buffer Overflow",2016-08-05,"Juan Sacco",linux,local,0 40204,platforms/php/webapps/40204.txt,"PHP Power Browse 1.2 - Directory Traversal",2016-08-05,"Manuel Mancera",php,webapps,80 40205,platforms/cgi/webapps/40205.txt,"Davolink DV-2051 - Multiple Vulnerabilities",2016-08-05,"Eric Flokstra",cgi,webapps,80 -40206,platforms/php/webapps/40206.txt,"WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting",2016-08-05,"Julien Rentrop",php,webapps,80 +40206,platforms/php/webapps/40206.txt,"WordPress Count per Day Plugin 3.5.4 - Persistent Cross-site Scripting",2016-08-05,"Julien Rentrop",php,webapps,80 40207,platforms/hardware/webapps/40207.txt,"NASdeluxe NDL-2400r 2.01.09 - OS Command Injection",2016-08-05,"SySS GmbH",hardware,webapps,80 40208,platforms/windows/dos/40208.py,"Kodi Web Server 16.1 - Denial of Service",2016-08-05,"Guillaume Kaddouch",windows,dos,8080 40209,platforms/php/webapps/40209.py,"NUUO NVRmini 2 3.0.8 - Remote Root Exploit",2016-08-06,LiquidWorm,php,webapps,80 @@ -36386,18 +36386,18 @@ id,file,description,date,author,platform,type,port 40238,platforms/multiple/dos/40238.txt,"Microsoft Office Word 2013/2016 - sprmSdyaTop Denial of Service (MS16-099)",2016-08-16,COSIG,multiple,dos,0 40239,platforms/jsp/webapps/40239.txt,"WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities",2016-08-16,hyp3rlinx,jsp,webapps,0 40240,platforms/jsp/webapps/40240.txt,"WSO2 Carbon 4.4.5 - Local File Inclusion",2016-08-16,hyp3rlinx,jsp,webapps,9443 -40241,platforms/jsp/webapps/40241.txt,"WSO2 Carbon 4.4.5 - Stored XSS",2016-08-16,hyp3rlinx,jsp,webapps,9443 +40241,platforms/jsp/webapps/40241.txt,"WSO2 Carbon 4.4.5 - Persistent Cross-site Scripting",2016-08-16,hyp3rlinx,jsp,webapps,9443 40242,platforms/jsp/webapps/40242.txt,"WSO2 Carbon 4.4.5 - (Denial of Service) CSRF",2016-08-16,hyp3rlinx,jsp,webapps,9443 40243,platforms/osx/dos/40243.html,"Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use-After-Free PoC",2013-04-04,"Google Security Research",osx,dos,0 40245,platforms/win_x86/shellcode/40245.c,"Windows x86 - MessageBoxA Shellcode (242 bytes)",2016-08-16,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 40246,platforms/win_x86/shellcode/40246.c,"Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes)",2016-08-16,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 40247,platforms/php/webapps/40247.txt,"Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal",2016-08-16,hyp3rlinx,php,webapps,80 40248,platforms/php/webapps/40248.txt,"Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection",2016-08-16,hyp3rlinx,php,webapps,80 -40249,platforms/linux/webapps/40249.txt,"Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist",2016-08-16,loneferret,linux,webapps,0 +40249,platforms/linux/webapps/40249.txt,"Pi-Hole Web Interface 2.8.1 - Persistent Cross-site Scripting in Whitelist/Blacklist",2016-08-16,loneferret,linux,webapps,0 40250,platforms/php/webapps/40250.txt,"Nagios Log Server 1.4.1 - Multiple Vulnerabilities",2016-08-16,Security-Assessment.com,php,webapps,0 40251,platforms/php/webapps/40251.txt,"Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities",2016-08-16,Security-Assessment.com,php,webapps,0 40252,platforms/php/webapps/40252.txt,"Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities",2016-08-16,Security-Assessment.com,php,webapps,0 -40253,platforms/windows/dos/40253.html,"Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV",2016-08-16,"Google Security Research",windows,dos,0 +40253,platforms/windows/dos/40253.html,"Microsoft Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV",2016-08-16,"Google Security Research",windows,dos,0 40254,platforms/cgi/webapps/40254.txt,"SIEMENS IP-Camera CVMS2025-IR / CCMS2025 - Credentials Disclosure",2016-08-17,"Yakir Wizman",cgi,webapps,80 40255,platforms/windows/dos/40255.txt,"Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 40256,platforms/windows/dos/40256.txt,"Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 diff --git a/platforms/mips/remote/27133.py b/platforms/linux_mips/remote/27133.py similarity index 100% rename from platforms/mips/remote/27133.py rename to platforms/linux_mips/remote/27133.py