bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2016-09-26

Browse source
This commit is contained in:
Offensive Security 2016-09-26 05:05:50 +00:00
parent 102574cb3e
commit a387f0befc
1 changed files with 50 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

100
files.csv
View file

@ -4,7 +4,7 @@ id,file,description,date,author,platform,type,port
3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (Redhat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0
4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0
5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139
6,platforms/php/webapps/6.php,"WordPress 2.0.2 - (cache) Remote Shell Injection",2006-05-25,rgod,php,webapps,0
6,platforms/php/webapps/6.php,"WordPress 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,php,webapps,0
7,platforms/linux/remote/7.pl,"Samba 2.2.x - Remote Root Buffer Overflow",2003-04-07,"H D Moore",linux,remote,139
8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow",2003-04-08,zillion,linux,remote,0
9,platforms/windows/dos/9.c,"Apache 2.x - Memory Leak Exploit",2003-04-09,"Matthew Murphy",windows,dos,0
@ -488,7 +488,7 @@ id,file,description,date,author,platform,type,port
630,platforms/php/webapps/630.pl,"UBB.Threads 6.2.x < 6.3x - One Char Brute Force Exploit",2004-11-15,RusH,php,webapps,0
631,platforms/php/webapps/631.txt,"vBulletin - LAST.php SQL Injection",2004-11-15,anonymous,php,webapps,0
634,platforms/windows/dos/634.pl,"Secure Network Messenger 1.4.2 - Denial of Service",2004-11-15,ClearScreen,windows,dos,0
635,platforms/php/webapps/635.txt,"miniBB - 'user' Input Validation Hole",2004-11-16,anonymous,php,webapps,0
635,platforms/php/webapps/635.txt,"miniBB - 'user' Input Validation Hole",2004-11-16,anonymous,php,webapps,0
636,platforms/windows/remote/636.c,"MiniShare 1.4.1 - Remote Buffer Overflow (2)",2004-11-16,NoPh0BiA,windows,remote,80
637,platforms/windows/remote/637.c,"MailCarrier 2.51 - Remote Buffer Overflow",2004-11-16,NoPh0BiA,windows,remote,25
638,platforms/windows/remote/638.py,"SLMail 5.5 - POP3 PASS Buffer Overflow",2004-11-18,muts,windows,remote,110
@ -1600,7 +1600,7 @@ id,file,description,date,author,platform,type,port
1886,platforms/php/webapps/1886.txt,"OpenEMR 2.8.1 - (fileroot) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0
1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News 1.0 - (post.php) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0
1888,platforms/php/webapps/1888.txt,"Back-End CMS 0.7.2.1 - (jpcache.php) Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0
1889,platforms/hardware/remote/1889.txt,"D-Link (DWL Series) Access-Point 2.10na - Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0
1889,platforms/hardware/remote/1889.txt,"D-Link (DWL Series) Access-Point 2.10na - Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0
1890,platforms/php/webapps/1890.txt,"CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0
1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion",2006-06-08,Kacper,php,webapps,0
1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution",2006-06-08,K-sPecial,php,webapps,0
@ -2785,7 +2785,7 @@ id,file,description,date,author,platform,type,port
3106,platforms/php/webapps/3106.txt,"uniForum 4 - 'wbsearch.aspx' SQL Injection",2007-01-09,ajann,php,webapps,0
3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21
3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion",2007-01-09,DeltahackingTEAM,php,webapps,0
3109,platforms/php/webapps/3109.php,"WordPress 2.0.6 - wp-trackback.php SQL Injection",2007-01-10,rgod,php,webapps,0
3109,platforms/php/webapps/3109.php,"WordPress 2.0.6 - 'wp-trackback.php' SQL Injection",2007-01-10,rgod,php,webapps,0
3110,platforms/osx/dos/3110.rb,"Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0
3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (.WMF) CreateBrushIndirect Denial of Service",2007-01-13,cyanid-E,windows,dos,0
3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer - Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0
@ -3318,7 +3318,7 @@ id,file,description,date,author,platform,type,port
3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution",2007-04-03,DarkFig,php,webapps,0
3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0
3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog 2.52 - (postid) Blind SQL Injection",2007-04-03,ajann,php,webapps,0
3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) SQL Injection",2007-04-03,"Sumit Siddharth",php,webapps,0
3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - 'xmlrpc' SQL Injection",2007-04-03,"Sumit Siddharth",php,webapps,0
3657,platforms/php/webapps/3657.txt,"MySpeach 3.0.7 - Remote / Local File Inclusion",2007-04-03,Xst3nZ,php,webapps,0
3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion",2007-04-04,frog-m@n,php,webapps,0
3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion",2007-04-04,kezzap66345,php,webapps,0
@ -3618,7 +3618,7 @@ id,file,description,date,author,platform,type,port
3957,platforms/php/webapps/3957.php,"Alstrasoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0
3958,platforms/php/webapps/3958.php,"Alstrasoft Template Seller Pro 3.25 - Admin Password Change",2007-05-20,BlackHawk,php,webapps,0
3959,platforms/php/webapps/3959.php,"Alstrasoft Template Seller Pro 3.25 - Remote Code Execution",2007-05-20,BlackHawk,php,webapps,0
3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0
3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - 'admin-ajax.php' SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0
3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant - 'LTRVR14e.dll' Remote File Overwrite",2007-05-21,shinnai,windows,remote,0
3962,platforms/php/webapps/3962.txt,"Ol BookMarks Manager 0.7.4 - (root) Remote File Inclusion",2007-05-21,"ThE TiGeR",php,webapps,0
3963,platforms/php/webapps/3963.txt,"TutorialCMS 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0
@ -3696,7 +3696,7 @@ id,file,description,date,author,platform,type,port
4036,platforms/php/webapps/4036.php,"PBLang 4.67.16.a - Remote Code Execution",2007-06-06,Silentz,php,webapps,0
4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - index.php 'epi' SQL Injection (2)",2007-06-06,Silentz,php,webapps,0
4038,platforms/multiple/dos/4038.pl,"DRDoS - Distributed Reflection Denial of Service",2007-06-06,whoppix,multiple,dos,0
4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) SQL Injection",2007-06-06,Slappter,php,webapps,0
4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - 'xmlrpc.php' SQL Injection",2007-06-06,Slappter,php,webapps,0
4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - SQL Injection",2007-06-06,kerem125,asp,webapps,0
4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion",2007-06-07,GoLd_M,php,webapps,0
4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow",2007-06-07,Excepti0n,windows,remote,0
@ -3766,7 +3766,7 @@ id,file,description,date,author,platform,type,port
4110,platforms/windows/remote/4110.html,"Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0
4111,platforms/php/webapps/4111.txt,"PHPSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0
4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion",2007-06-26,g00ns,php,webapps,0
4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - (wp-app.php) Arbitrary File Upload",2007-06-26,"Alexander Concha",php,webapps,0
4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - 'wp-app.php' Arbitrary File Upload",2007-06-26,"Alexander Concha",php,webapps,0
4114,platforms/php/webapps/4114.txt,"Elkagroup Image Gallery 1.0 - SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0
4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - 'lang' Local File Inclusion",2007-06-27,Katatafish,php,webapps,0
4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0
@ -6319,7 +6319,7 @@ id,file,description,date,author,platform,type,port
6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion",2008-10-13,JosS,php,webapps,0
6745,platforms/php/webapps/6745.txt,"ParsBlogger - 'links.asp id' SQL Injection",2008-10-13,"Hussin X",php,webapps,0
6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0
6747,platforms/php/webapps/6747.php,"WP Comment Remix 1.4.3 - SQL Injection",2008-10-14,g30rg3_x,php,webapps,0
6747,platforms/php/webapps/6747.php,"WordPress Plugin WP Comment Remix 1.4.3 - SQL Injection",2008-10-14,g30rg3_x,php,webapps,0
6748,platforms/php/webapps/6748.txt,"XOOPS Module xhresim - 'index.php no' SQL Injection",2008-10-14,EcHoLL,php,webapps,0
6749,platforms/php/webapps/6749.php,"Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities",2008-10-14,"Charles Fol",php,webapps,0
6750,platforms/hardware/remote/6750.txt,"Telecom Italia Alice Pirelli routers - Backdoor from internal LAN/WAN",2008-10-14,"saxdax & drpepperONE",hardware,remote,0
@ -9459,7 +9459,7 @@ id,file,description,date,author,platform,type,port
10084,platforms/windows/local/10084.txt,"Quick Heal 10.00 SP1 - Privilege Escalation",2009-10-13,"Maxim A. Kulakov",windows,local,0
10085,platforms/jsp/webapps/10085.txt,"toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities",2009-11-07,"Alberto Trivero",jsp,webapps,0
10086,platforms/multiple/remote/10086.txt,"WebKit - 'Document()' Function Remote Information Disclosure",2009-11-12,"Chris Evans",multiple,remote,0
10088,platforms/php/webapps/10088.txt,"WordPress 2.0 < 2.7.1 - admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0
10088,platforms/php/webapps/10088.txt,"WordPress 2.0 < 2.7.1 - 'admin.php' Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0
10089,platforms/php/webapps/10089.txt,"WordPress 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0
10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0
10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote Denial of Service",2009-10-06,"Francis Provencher",windows,dos,515
@ -9561,7 +9561,7 @@ id,file,description,date,author,platform,type,port
10253,platforms/asp/webapps/10253.txt,"Eshopbuilde CMS - SQL Injection",2009-11-30,Isfahan,asp,webapps,0
10254,platforms/asp/webapps/10254.txt,"Xxasp 3.3.2 - SQL Injection",2009-11-30,Secu_lab_ir,asp,webapps,0
10255,platforms/bsd/local/10255.txt,"FreeBSD 8.0 Run-Time Link-Editor (rtld) - Privilege Escalation",2009-11-30,kingcope,bsd,local,0
10256,platforms/php/webapps/10256.txt,"WP-Polls 2.x - Incorrect Flood Filter",2009-11-30,Jbyte,php,webapps,0
10256,platforms/php/webapps/10256.txt,"WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter",2009-11-30,Jbyte,php,webapps,0
10257,platforms/windows/dos/10257.py,"XM Easy Professional FTP Server 5.8.0 - Denial of Service",2009-11-30,"Mert SARICA",windows,dos,21
10258,platforms/windows/remote/10258.pl,"Golden FTP Server 4.30 - File Deletion",2009-12-01,sharpe,windows,remote,21
10259,platforms/php/webapps/10259.txt,"Ciamos CMS 0.9.5 - (module_path) Remote File Inclusion",2009-12-01,"cr4wl3r ",php,webapps,0
@ -9751,7 +9751,7 @@ id,file,description,date,author,platform,type,port
10485,platforms/php/webapps/10485.txt,"Drupal Module Sections - Cross-Site Scripting",2009-12-16,"Justin C. Klein Keane",php,webapps,0
14034,platforms/windows/dos/14034.pl,"Wincalc 2 - '.num' Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0
10487,platforms/linux/local/10487.txt,"VideoCache 1.9.2 - 'vccleaner' Privilege Escalation",2009-12-16,"Dominick LaTrappe",linux,local,0
10488,platforms/php/webapps/10488.txt,"WP-Forum 2.3 - SQL Injection / Blind SQL Injection",2009-12-16,"Juan Galiana Lara",php,webapps,0
10488,platforms/php/webapps/10488.txt,"WordPress Plugin WP-Forum 2.3 - SQL Injection / Blind SQL Injection",2009-12-16,"Juan Galiana Lara",php,webapps,0
10489,platforms/windows/dos/10489.txt,"Google Picasa 3.5 - Local Denial of Service Buffer Overflow",2009-12-16,Connection,windows,dos,0
10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0
10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
@ -13625,7 +13625,7 @@ id,file,description,date,author,platform,type,port
15681,platforms/asp/webapps/15681.txt,"ASPSiteWare JobPost 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0
15682,platforms/asp/webapps/15682.txt,"ASPSiteWare ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0
15683,platforms/asp/webapps/15683.txt,"ASPSiteWare Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0
15684,platforms/php/webapps/15684.txt,"WordPress - do_trackbacks() function SQL Injection",2010-12-05,M4g,php,webapps,0
15684,platforms/php/webapps/15684.txt,"WordPress - 'do_trackbacks()' function SQL Injection",2010-12-05,M4g,php,webapps,0
15685,platforms/php/webapps/15685.html,"PHPKF Forum 1.80 - profil_degistir.php Cross-Site Request Forgery",2010-12-05,FreWaL,php,webapps,0
15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0
15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0
@ -14703,7 +14703,7 @@ id,file,description,date,author,platform,type,port
16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers - rev Parameter Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0
16893,platforms/cgi/webapps/16893.rb,"Barracuda - IMG.pl Remote Command Execution (Metasploit)",2010-04-30,Metasploit,cgi,webapps,0
16894,platforms/php/webapps/16894.rb,"TWiki Search Function - Arbitrary Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0
16895,platforms/php/webapps/16895.rb,"WordPress 1.5.1.3 - cache_lastpostdate Arbitrary Code Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0
16895,platforms/php/webapps/16895.rb,"WordPress 1.5.1.3 - 'cache_lastpostdate' Arbitrary Code Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0
16896,platforms/php/webapps/16896.rb,"vBulletin - misc.php Template Name Arbitrary Code Execution (Metasploit)",2010-07-25,Metasploit,php,webapps,0
16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Inclusion (Metasploit)",2010-11-24,Metasploit,php,webapps,0
16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0
@ -14981,7 +14981,7 @@ id,file,description,date,author,platform,type,port
17204,platforms/php/webapps/17204.txt,"DynMedia Pro Web CMS 4.0 - Local File Disclosure",2011-04-22,Mbah_Semar,php,webapps,0
17205,platforms/php/webapps/17205.txt,"4Images 1.7.9 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0
17206,platforms/php/webapps/17206.txt,"Realmarketing CMS - Multiple SQL Injections",2011-04-22,^Xecuti0N3r,php,webapps,0
17207,platforms/php/webapps/17207.txt,"WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0
17207,platforms/php/webapps/17207.txt,"WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0
17211,platforms/php/webapps/17211.txt,"mySeatXT 0.1781 - SQL Injection",2011-04-25,"AutoSec Tools",php,webapps,0
17212,platforms/php/webapps/17212.txt,"OrangeHRM 2.6.3 - (PluginController.php) Local File Inclusion",2011-04-25,"AutoSec Tools",php,webapps,0
17213,platforms/php/webapps/17213.txt,"phpmychat plus 1.93 - Multiple Vulnerabilities",2011-04-25,"AutoSec Tools",php,webapps,0
@ -15429,7 +15429,7 @@ id,file,description,date,author,platform,type,port
17753,platforms/php/webapps/17753.txt,"FileBox - File Hosting & Sharing Script 1.5 - SQL Injection",2011-08-30,SubhashDasyam,php,webapps,0
17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)",2011-08-30,sickness,windows,local,0
17755,platforms/php/webapps/17755.txt,"WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio Gallery Playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
17756,platforms/php/webapps/17756.txt,"WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
17757,platforms/php/webapps/17757.txt,"WordPress Plugin yolink Search 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
17758,platforms/php/webapps/17758.txt,"WordPress Plugin PureHTML 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
17759,platforms/php/webapps/17759.txt,"WordPress Plugin Couponer 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
@ -20467,7 +20467,7 @@ id,file,description,date,author,platform,type,port
23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 - PostThreadMessage() Arbitrary Process Killing",2003-10-02,"Brett Moore",windows,local,0
23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion",2003-10-03,"random nut",windows,remote,0
23212,platforms/hardware/remote/23212.txt,"Cisco LEAP - Password Disclosure",2003-10-03,"Cisco Security",hardware,remote,0
23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - Blog.header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0
23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - 'Blog.header.php' SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0
23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.cgi Cross-Site Scripting",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0
23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service",2003-10-03,"Nick Johnson",windows,dos,0
23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 - Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0
@ -21829,12 +21829,12 @@ id,file,description,date,author,platform,type,port
24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex Guestbook 3.12 - Remote PHP File Inclusion",2004-09-27,"Himeur Nourredine",php,webapps,0
24639,platforms/windows/dos/24639.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (1)",2004-09-28,"securma massine",windows,dos,0
24640,platforms/windows/dos/24640.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (2)",2004-09-28,"Sebastien Tricaud",windows,dos,0
24641,platforms/php/webapps/24641.txt,"WordPress 1.2 - wp-login.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24642,platforms/php/webapps/24642.txt,"WordPress 1.2 - admin-header.php redirect_url Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24643,platforms/php/webapps/24643.txt,"WordPress 1.2 - bookmarklet.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24644,platforms/php/webapps/24644.txt,"WordPress 1.2 - categories.php cat_ID Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24645,platforms/php/webapps/24645.txt,"WordPress 1.2 - edit.php s Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24646,platforms/php/webapps/24646.txt,"WordPress 1.2 - edit-comments.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24641,platforms/php/webapps/24641.txt,"WordPress 1.2 - 'wp-login.php' Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24642,platforms/php/webapps/24642.txt,"WordPress 1.2 - 'admin-header.php' redirect_url Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24643,platforms/php/webapps/24643.txt,"WordPress 1.2 - 'bookmarklet.php' Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24644,platforms/php/webapps/24644.txt,"WordPress 1.2 - 'categories.php' cat_ID Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24645,platforms/php/webapps/24645.txt,"WordPress 1.2 - 'edit.php' s Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24646,platforms/php/webapps/24646.txt,"WordPress 1.2 - 'edit-comments.php' Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0
24647,platforms/php/webapps/24647.txt,"parachat 5.5 - Directory Traversal",2004-09-28,"Donato Ferrante",php,webapps,0
24648,platforms/php/webapps/24648.txt,"W-Agora 4.1.6 - a redir_url.php key Parameter SQL Injection",2004-09-30,"Alexander Antipov",php,webapps,0
24649,platforms/php/webapps/24649.txt,"W-Agora 4.1.6 - a forgot_password.php userid Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0
@ -21855,7 +21855,7 @@ id,file,description,date,author,platform,type,port
24664,platforms/php/webapps/24664.txt,"DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities",2004-10-06,"Alexander Antipov",php,webapps,0
24665,platforms/php/webapps/24665.txt,"DCP-Portal 3.7/4.x/5.x - calendar.php HTTP Response Splitting",2004-10-06,"Alexander Antipov",php,webapps,0
24666,platforms/asp/webapps/24666.txt,"Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access",2004-10-06,anonymous,asp,webapps,0
24667,platforms/php/webapps/24667.txt,"WordPress 1.2 - wp-login.php HTTP Response Splitting",2004-10-07,"Chaotic Evil",php,webapps,0
24667,platforms/php/webapps/24667.txt,"WordPress 1.2 - 'wp-login.php' HTTP Response Splitting",2004-10-07,"Chaotic Evil",php,webapps,0
24668,platforms/multiple/dos/24668.txt,"Jera Technology Flash Messaging Server 5.2 - Remote Denial of Service",2004-10-07,"Luigi Auriemma",multiple,dos,0
24669,platforms/linux/remote/24669.txt,"MySQL 3.x/4.x - ALTER TABLE/RENAME Forces Old Permission Checks",2004-10-08,"Oleksandr Byelkin",linux,remote,0
24670,platforms/asp/webapps/24670.txt,"Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities",2004-10-11,"Positive Technologies",asp,webapps,0
@ -22164,12 +22164,12 @@ id,file,description,date,author,platform,type,port
24985,platforms/php/remote/24985.txt,"PHP 4/5 - addslashes() Null Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0
24986,platforms/cgi/webapps/24986.txt,"IkonBoard 3.x - Multiple SQL Injections",2004-12-16,anonymous,cgi,webapps,0
24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0
24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/templates.php file Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24990,platforms/php/webapps/24990.txt,"WordPress 1.2.1/1.2.2 - link-add.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24991,platforms/php/webapps/24991.txt,"WordPress 1.2.1/1.2.2 - link-categories.php cat_id Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24992,platforms/php/webapps/24992.txt,"WordPress 1.2.1/1.2.2 - link-manager.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24993,platforms/php/webapps/24993.txt,"WordPress 1.2.1/1.2.2 - moderation.php item_approved Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - '/wp-admin/post.ph'p content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - '/wp-admin/templates.php' file Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24990,platforms/php/webapps/24990.txt,"WordPress 1.2.1/1.2.2 - 'link-add.php' Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24991,platforms/php/webapps/24991.txt,"WordPress 1.2.1/1.2.2 - 'link-categories.php' cat_id Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24992,platforms/php/webapps/24992.txt,"WordPress 1.2.1/1.2.2 - 'link-manager.php' Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24993,platforms/php/webapps/24993.txt,"WordPress 1.2.1/1.2.2 - 'moderation.php' item_approved Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0
24994,platforms/php/webapps/24994.txt,"MediaWiki 1.3.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0
24995,platforms/multiple/remote/24995.txt,"DXFScope 0.2 - Remote Client-Side Buffer Overflow",2004-12-16,"Ariel Berkman",multiple,remote,0
24996,platforms/windows/remote/24996.rb,"SAP ConfigServlet - Remote Unauthenticated Payload Execution (Metasploit)",2013-04-25,"Andras Kabai",windows,remote,0
@ -22856,7 +22856,7 @@ id,file,description,date,author,platform,type,port
25679,platforms/php/webapps/25679.txt,"JGS-Portal 3.0.1/3.0.2 - jgs_portal_sponsor.php id Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0
25680,platforms/windows/dos/25680.txt,"War Times - Remote Game Server Denial of Service",2005-05-17,"Luigi Auriemma",windows,dos,0
25681,platforms/php/webapps/25681.php,"Fusionphp Fusion News 3.3/3.6 - X-Forworded-For PHP Script Code Injection",2005-05-24,"Network security team",php,webapps,0
25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - post.php Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0
25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - 'post.php' Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0
25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0
25684,platforms/hardware/remote/25684.html,"D-Link DSL Router - Remote Authentication Bypass",2005-05-19,"Francesco Orro",hardware,remote,0
25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 - API MimeMessage Infromation Disclosure",2005-05-19,"Ricky Latt",jsp,webapps,0
@ -26065,7 +26065,7 @@ id,file,description,date,author,platform,type,port
28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0
28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0
28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0
28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - functions.php Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0
28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - 'functions.php' Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0
28981,platforms/multiple/remote/28981.txt,"IBM Websphere 6.0 - Faultactor Cross-Site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0
28982,platforms/php/webapps/28982.txt,"cPanel 10 - seldir.html dir Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0
28983,platforms/php/webapps/28983.txt,"cPanel 10 - newuser.html Multiple Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0
@ -26417,7 +26417,7 @@ id,file,description,date,author,platform,type,port
29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0
29473,platforms/linux/dos/29473.txt,"Squid Proxy 2.5/2.6 - FTP URI Remote Denial of Service",2007-01-16,"David Duncan Ross Palmer",linux,dos,0
29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 - File Mailer Login SQL Injection",2007-01-16,CorryL,php,webapps,0
29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0
29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - 'template.php' HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0
29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - FolderManager.aspx Directory Traversal",2006-12-27,KAPDA,asp,webapps,0
29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0
29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 - content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0
@ -26638,7 +26638,7 @@ id,file,description,date,author,platform,type,port
29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Bypass",2007-02-26,"Hasadya Raed",php,webapps,0
29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 - main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0
29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0
29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0
29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - 'post.php' Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0
29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service",2007-02-27,"Steve Grubb",linux,dos,0
29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0
29685,platforms/windows/remote/29685.txt,"Nullsoft SHOUTcast 1.9.7 - Logfile HTML Injection",2007-02-27,SaMuschie,windows,remote,0
@ -26699,7 +26699,7 @@ id,file,description,date,author,platform,type,port
29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 - P Parameter Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0
29596,platforms/asp/webapps/29596.txt,"EWay 4 - Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0
29597,platforms/asp/webapps/29597.txt,"Community Server - SearchResults.aspx Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0
29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.php Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0
29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - 'Templates.php' Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0
29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 - error.php Cross-Site Scripting",2007-02-13,Spiked,php,webapps,0
29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter Cross-Site Scripting",2007-02-13,ShaFuck31,asp,webapps,0
29601,platforms/asp/webapps/29601.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter SQL Injection",2007-02-13,ShaFuck31,asp,webapps,0
@ -26798,7 +26798,7 @@ id,file,description,date,author,platform,type,port
29699,platforms/novell/remote/29699.txt,"Novell Access Management SSLVPN Server - Security Bypass",2007-03-02,anonymous,novell,remote,0
29700,platforms/php/webapps/29700.txt,"Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities",2007-03-02,Samenspender,php,webapps,0
29701,platforms/php/webapps/29701.txt,"WordPress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0
29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - wp-includes/theme.php iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0
29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - 'wp-includes/theme.php' iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0
29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection",2007-02-26,CorryL,php,webapps,0
29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0
29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - register.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0
@ -26936,7 +26936,7 @@ id,file,description,date,author,platform,type,port
30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0
30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting",2007-06-08,"Secunia Research",hardware,remote,0
30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI - Okul Portal Haber_Oku.asp SQL Injection",2007-06-08,ertuqrul,asp,webapps,0
30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0
30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - 'Request_URI' Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0
30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x - Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0
30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System - vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0
30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 - User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0
@ -27312,7 +27312,7 @@ id,file,description,date,author,platform,type,port
30322,platforms/windows/remote/30322.rb,"Lighttpd 1.4.15 - Multiple Code Execution / Denial of Service / Information Disclosure Vulnerabilities",2007-04-16,"Abhisek Datta",windows,remote,0
30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 - install/upgrade-0-2-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0
30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 - install/upgrade-0-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0
30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - wp-admin/page-new.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0
30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - 'wp-admin/page-new.php' popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0
30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0
30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti - index.asp SQL Injection",2007-07-23,GeFORC3,asp,webapps,0
30329,platforms/php/webapps/30329.sh,"Gitlab 6.0 - Persistent Cross-Site Scripting",2013-12-16,hellok,php,webapps,0
@ -27597,7 +27597,7 @@ id,file,description,date,author,platform,type,port
30599,platforms/cgi/webapps/30599.txt,"WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0
30600,platforms/windows/remote/30600.html,"Xunlei Web Thunder 5.6.9.344 - ActiveX Control DownURL2 Method Remote Buffer Overflow",2007-09-20,7jdg,windows,remote,0
30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0
30602,platforms/php/webapps/30602.html,"WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0
30602,platforms/php/webapps/30602.html,"WordPress 2.0 - 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0
30603,platforms/php/webapps/30603.html,"XCMS 1.1/1.7 - Password Parameter Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0
30604,platforms/linux/local/30604.c,"Linux Kernel 2.6.x - Ptrace Privilege Escalation",2007-09-21,"Wojciech Purczynski",linux,local,0
30605,platforms/linux/local/30605.c,"Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure",2007-09-21,Karimo_DM,linux,local,0
@ -27788,7 +27788,7 @@ id,file,description,date,author,platform,type,port
30974,platforms/multiple/dos/30974.txt,"Asterisk 1.x - BYE Message Remote Denial of Service",2008-01-02,greyvoip,multiple,dos,0
30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0
30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injection",2008-01-03,The:Paradox,php,webapps,0
30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - wp-admin/post.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0
30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - 'wp-admin/post.php' popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0
30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,80
30787,platforms/php/remote/30787.rb,"vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload (Metasploit)",2014-01-07,Metasploit,php,remote,80
30788,platforms/windows/local/30788.rb,"IcoFX - Stack Buffer Overflow (Metasploit)",2014-01-07,Metasploit,windows,local,0
@ -27930,7 +27930,7 @@ id,file,description,date,author,platform,type,port
30965,platforms/php/webapps/30965.txt,"LiveCart 1.0.1 - category q Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0
30966,platforms/php/webapps/30966.txt,"LiveCart 1.0.1 - order return Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0
30967,platforms/php/webapps/30967.txt,"LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0
30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - wp-admin/edit.php backup Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0
30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - 'wp-admin/edit.php' backup Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0
30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0
30981,platforms/php/webapps/30981.txt,"PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0
30982,platforms/php/webapps/30982.html,"Nucleus CMS 3.0.1 - 'myid' Parameter SQL Injection",2008-01-03,MustLive,php,webapps,0
@ -32104,7 +32104,7 @@ id,file,description,date,author,platform,type,port
35535,platforms/php/webapps/35535.php,"PHPads 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0
35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - Denial of Service",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0
35560,platforms/windows/remote/35560.txt,"RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities",2011-04-03,rgod,windows,remote,0
35561,platforms/php/webapps/35561.txt,"WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-Site Scripting",2011-04-04,"John Leitch",php,webapps,0
35561,platforms/php/webapps/35561.txt,"WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-Site Scripting",2011-04-04,"John Leitch",php,webapps,0
35562,platforms/php/webapps/35562.txt,"WordPress Plugin Placester 0.1 - 'ajax_action' Parameter Cross-Site Scripting",2011-04-03,"John Leitch",php,webapps,0
35563,platforms/windows/remote/35563.pl,"EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download",2011-04-03,KedAns-Dz,windows,remote,0
35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0
@ -32240,7 +32240,7 @@ id,file,description,date,author,platform,type,port
35701,platforms/php/webapps/35701.txt,"SelectaPix 1.4.1 - 'uploadername' Parameter Cross-Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0
35702,platforms/php/webapps/35702.txt,"Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting",2011-05-03,Hector.x90,php,webapps,0
35703,platforms/multiple/remote/35703.py,"sipdroid 2.2 - SIP INVITE Response User Enumeration",2011-05-04,"Anibal Vaz Marques",multiple,remote,0
35704,platforms/php/webapps/35704.txt,"WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0
35704,platforms/php/webapps/35704.txt,"WordPress Plugin WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0
35705,platforms/php/webapps/35705.txt,"PHP Directory Listing Script 3.1 - 'index.php' Cross-Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0
35706,platforms/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0
35707,platforms/jsp/webapps/35707.txt,"BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure",2011-05-05,"Richard Brain",jsp,webapps,0
@ -32854,7 +32854,7 @@ id,file,description,date,author,platform,type,port
36349,platforms/php/webapps/36349.txt,"AdaptCMS 2.0 - SQL Injection",2011-11-24,X-Cisadane,php,webapps,0
36350,platforms/php/webapps/36350.txt,"Balitbang CMS 3.3 - 'index.php' hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0
36351,platforms/php/webapps/36351.txt,"alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0
36352,platforms/linux/remote/36352.txt,"Apache 7.0.x 'mod_proxy'- Reverse Proxy Security Bypass",2011-11-24,"Prutha Parikh",linux,remote,0
36352,platforms/linux/remote/36352.txt,"Apache 7.0.x 'mod_proxy'- Reverse Proxy Security Bypass",2011-11-24,"Prutha Parikh",linux,remote,0
36353,platforms/jsp/webapps/36353.txt,"HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0
36354,platforms/jsp/webapps/36354.txt,"HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0
36355,platforms/jsp/webapps/36355.txt,"HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0
@ -32984,7 +32984,7 @@ id,file,description,date,author,platform,type,port
36487,platforms/php/webapps/36487.txt,"WordPress Plugin Comment Rating 2.9.20 - 'path' Parameter Cross-Site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0
36488,platforms/php/webapps/36488.txt,"WordPress Plugin WHOIS 1.4.2 3 - 'domain' Parameter Cross-Site Scripting",2012-01-03,Atmon3r,php,webapps,0
36489,platforms/php/webapps/36489.txt,"TextPattern 4.4.1 - 'ddb' Parameter Cross-Site Scripting",2012-01-04,"Jonathan Claudius",php,webapps,0
36490,platforms/php/webapps/36490.py,"WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)",2015-03-25,"Claudio Viviani",php,webapps,0
36490,platforms/php/webapps/36490.py,"WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)",2015-03-25,"Claudio Viviani",php,webapps,0
36491,platforms/windows/remote/36491.txt,"Adobe Flash Player - Arbitrary Code Execution",2015-03-25,SecurityObscurity,windows,remote,0
36492,platforms/php/webapps/36492.txt,"GraphicsClone Script - 'term' Parameter Cross-Site Scripting",2012-01-04,Mr.PaPaRoSSe,php,webapps,0
36493,platforms/php/webapps/36493.txt,"Orchard 1.3.9 - 'ReturnUrl' Parameter URI redirection",2012-01-04,"Mesut Timur",php,webapps,0
@ -33218,7 +33218,7 @@ id,file,description,date,author,platform,type,port
36730,platforms/php/webapps/36730.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ipaddr.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0
36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0
36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0
36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0
36733,platforms/php/webapps/36733.txt,"WordPress Plugin'WP Mobile Edition 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0
36735,platforms/php/webapps/36735.txt,"WordPress Plugin Duplicator 0.5.14 - SQL Injection / Cross-Site Request Forgery",2015-04-13,"Claudio Viviani",php,webapps,0
36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0
36738,platforms/php/webapps/36738.txt,"WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (1)",2015-04-13,"Claudio Viviani",php,webapps,0
@ -33694,7 +33694,7 @@ id,file,description,date,author,platform,type,port
37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0
37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0
37243,platforms/php/webapps/37243.txt,"WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80
37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0
37244,platforms/php/webapps/37244.txt,"WordPress Plugin WP Mobile Edition - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0
37245,platforms/php/webapps/37245.txt,"Pasworld - detail.php Blind SQL Injection",2015-06-08,"Sebastian khan",php,webapps,0
37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 - Cross-Site Request Forgery (Change Admin Password)",2015-06-12,"David Shanahan",php,webapps,80
37249,platforms/linux/dos/37249.py,"Libmimedir - '.VCF' Memory Corruption (PoC)",2015-06-10,"Jeremy Brown",linux,dos,0
@ -35116,7 +35116,7 @@ id,file,description,date,author,platform,type,port
38771,platforms/windows/dos/38771.py,"ShareKM - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0
38773,platforms/hardware/webapps/38773.txt,"ZTE ZXHN H108N R1A / ZXV10 W300 Routers - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,0
38781,platforms/php/webapps/38781.txt,"Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection",2013-10-02,"Yu-Chi Ding",php,webapps,0
38803,platforms/php/webapps/38803.txt,"WP-Client 3.8.7 - Persistent Cross-Site Scripting",2015-11-24,"Pier-Luc Maltais",php,webapps,80
38803,platforms/php/webapps/38803.txt,"WordPress Plugin WP-Client 3.8.7 - Persistent Cross-Site Scripting",2015-11-24,"Pier-Luc Maltais",php,webapps,80
38782,platforms/php/webapps/38782.php,"WordPress Plugin SEO Watcher - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0
38775,platforms/linux/local/38775.rb,"Chkrootkit - Privilege Escalation (Metasploit)",2015-11-20,Metasploit,linux,local,0
38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0
@ -35445,7 +35445,7 @@ id,file,description,date,author,platform,type,port
39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0
39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP_ Denial of Service 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0
39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0
39122,platforms/windows/local/39122.py,"KiTTY Portable 0.65.0.2p (Windows 8.1 / Windows 10) - Local kitty.ini Overflow",2015-12-29,"Guillaume Kaddouch",windows,local,0
39122,platforms/windows/local/39122.py,"KiTTY Portable 0.65.0.2p (Windows 8.1 / Windows 10) - Local kitty.ini Overflow",2015-12-29,"Guillaume Kaddouch",windows,local,0
39124,platforms/php/webapps/39124.txt,"MeiuPic - 'ctl' Parameter Local File Inclusion",2014-03-10,Dr.3v1l,php,webapps,0
39125,platforms/windows/dos/39125.html,"Kaspersky Internet Security - Remote Denial of Service",2014-03-20,CXsecurity,windows,dos,0
39126,platforms/php/webapps/39126.txt,"BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal",2014-03-19,"Hossein Hezami",php,webapps,0
@ -35526,7 +35526,7 @@ id,file,description,date,author,platform,type,port
39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-Site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0
39200,platforms/php/webapps/39200.txt,"PHP-Nuke 'Submit_News' Component - SQL Injection",2014-05-24,"ali ahmady",php,webapps,0
39373,platforms/osx/dos/39373.c,"Apple Mac OSX - Kernel no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0
39202,platforms/php/webapps/39202.txt,"WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities",2016-01-08,"Rahul Pratap Singh",php,webapps,0
39202,platforms/php/webapps/39202.txt,"WordPress Plugin WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities",2016-01-08,"Rahul Pratap Singh",php,webapps,0
39203,platforms/lin_x86-64/shellcode/39203.c,"Linux/x86-64 - Egghunter Shellcode (18 bytes)",2016-01-08,"Sathish kumar",lin_x86-64,shellcode,0
39204,platforms/lin_x86/shellcode/39204.c,"Linux/x86 - Egg-hunter Shellcode (13 bytes)",2016-01-08,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0
39205,platforms/multiple/remote/39205.txt,"Castor Library - XML External Entity Information Disclosure",2014-05-27,"Ron Gutierrez",multiple,remote,0

Can't render this file because it is too large.